I frequently come across a composer.json for a specific package that has a minimum-stability key included. An example is reproduced below:
{
"name": "drupal/modulename",
"type": "drupal-module",
"description": "Example.",
"license": "GPL-2.0-or-later",
"minimum-stability": "dev",
}
I understand what this key does when it is present in the site's root composer.json (i.e. it will then disallow installation of packages with a lower stability than stipulated).
But what does "minimum-stability": "dev" do when it is present in a in a package's composer.json?
In the above example, there are no requirements. Will it do anything if there are other packages required?
I am only familiar with the Drupal ecosystem, where I've seen this a lot. I don't think this is significant, since using composer to manage dependencies is used a lot by other PHP frameworks as well.
It does nothing when present in a non-root composer.json.
The docs say:
minimum-stability (root-only)
For packages, it would only have any effect if you were installing the package as as the root project (e.g. by using git clone and then composer install, as opposed to installing it on an existing project with composer require).
Related
I am having a hard time thoroughly understanding how the composer.json file works within a Laravel application. I can build Laravel projects, but I am self-taught and have never fully understand what happens in the composer.json file.
For example, I have a current project that has the following within composer.json:
"require": {
"php": "^7.2",
I attempted doing composer require livewire/livewire, but then realized livewire required a newer version of php. I am using XAMPP 3.2.4 and the php version is 7.2.28. So, I backed up my files from my htdocs and database and am downloading a newer version of XAMPP.
I assume I would then change my composer.json file to:
"require": {
"php": "^7.4",
But, I cannot understand what is really happening here. Is this just saying that the server needs to have php version 7.4 or higher on it for the application to work? Or is it placing new files in the vendor directory? Do I need to delete any files out of the vendor directory?
composer is the php packages and dependency manager. to not copy past all what you need for your project you use composer.
when you write a package name in the composer.json require section then composer will fetch it from his sources (The main source of composer is packagist).
About the vendor directory, if you delete it your application will simply don't work, if you are storing the app somewhere (in a repo for example), you provide only the composer.json and then you will have the same vendor with taping 'Composer install'
Good luck
Lets say I use TYPO3 7.6 Composer installation. Now I run into following problem:
An Extension in the latest version defines in ext_emconf.php a required TYPO3-Version
'typo3' => '6.0.0-6.2.99',
I tested the Extension already in TYPO3 7 without any problems. In a none composer installation I could install the extension via extension manager and answer the warning with "I know what I'm doing" BUT with composer I can not install the Extension!
I mean yes I could
wait for the developer to update...
fork the extension and change the version in ext_emconf.php :-(
or what?
Is there a way to force composer to install this "incompatible" Extension somehow?
Thanks!
It is not possbile to force an install by composer if the requirements are not met. But there are still a few tricks. You can require TYPO3 7LTS and tell composer to threat it as 6.2. But this of course means that other extensions might now be incompatible. This can be acieved in your composer.json by
"require": {
"typo3/cms": "^7.6 as 6.2.31"
}
If the extension has a development branch that is already combatible and only the release is missing you can require the branch instead of a release. If the extension is registered on packagist.org that would be
"require": {
"vendor/extension": "dev-<branchname>"
}
If it is not registered on packagist but has a composer.json file you can add the repository of the extension to your root composer.json to make the branch requireable.
"repositories": [
{"type": "git", "url": "https://github.com/vendor/extension.git"}
]
But the best way is of course to make the extension compatible and if it already is, to ask for an official release that supports TYPO3 7LTS.
i am pretty new with composer and i am having a problem with a download.
I install composer and afterwards i want to install a proyect in beta state trough this command:
composer require google/apiclient:^2.0.0#RC
(This would download the google api client libraries with all their dependencies configurated).
I receive an error telling me that the package is not available in a stable-enough version for my minimum stability settings.
I have read a lot comments from people regarding this issue, but it always involves a composer.JSON file in a local project (not an external download from step 1).
My question is, how could i dowload that project? I would first have to set the minimum stability of composer to "dev" instead of "stable", but how can i do this?
This is what I get:
The windows command shell requires to enclose the package and version into double quotes (and it isn't a bad idea in Linux as well):
Doesn't work in Windows:
composer require google/apiclient:^2.0.0#RC
Does work:
composer require "google/apiclient:^2.0.0#RC"
Please don't set "minimum-stability" to "dev", because this is a global setting and will instantly install development versions that you probably don't want, because they are no final release and may be unstable. This would be true for ALL packages you require, and their dependencies.
SOLUTION: I finally solved it this way:
First you need to create an empty composer.json file wherever you want.
Afterwards you do something like this (or literally this, in my case):
{
"name": "Your title",
"minimum-stability": "dev",
"require":
{
"google/apiclient": "2.0.*"
}
}
Afterwards you go to the directory with this file in the cmd (windows console) and type "composer install".
This will solve the problem and install all the libraries with its dependencies. It is not the same as setting the minimum stability to "dev" for all libraries, but it will solve the problem for specific packages.
I have a project for which I used composer install to download all of the dependancies I need. In order for one of those dependencies to work for my project, I had to make a few small changes to some of its class files.
If I run composer update again for my project, does that mean composer will re-download the original version of that package, therefore overwriting the customizations I previously made?
Yes, if there are updates to the original package, composer will overwrite your changes. I suggest forking the dependency and telling composer to use your fork instead.
{
"require": {
"vendor/the-package": "dev-master"
},
"repositories": [
{
"type": "vcs",
"url": "https://github.com/flyingl123/the-package.git"
}
]
}
You can find more instructions about forking a package in the composer docs.
I am using pre-beta release of Laravel 5 for my project.
I found out that the app skeleton of Laravel 5 was changed in the github repo and since it is a development version, that is expected to change quite frequently.
My question is, can I update only the specific dependencies using composer and not the framework itself? So that I don't have to worry about the changing app structure until I am ready to make changes?
Here is how the composer.json dependencies look:
"require": {
"laravel/framework": "~5.0"
},
"require-dev": {
"phpunit/phpunit": "~4.0",
"way/generators": "~3.0",
"fzaninotto/faker": "~1.5#dev"
},
Thank you.
While the composer update package package ... answer is a good one, another thing you might be able to do is change your Laravel require spec to a specific commit. The Composer documentation mentions how to do this, and I've done it myself on a project (though not with laravel, on my own packages which are also in a breaking/dev state).
"require": {
"laravel/framework": "dev-master#49e3c77b518547bb661b1de4fda64a3ae0c5c505",
...
}
I'd hope that, because laravel/framework 'replaces' the various illuminate/* packages, that any reliance on these (as long as the spec is 5.0-esque) that this would work without downloading the illuminate packages twice.
Doing it this way you can lock your laravel/framework (or any package) at a given commit, but still allow the standard composer update to work.
To find out what commit you're already on, if your laravel/framework dependency spec is a dev one then the vendor/laravel/framework/ directory itself should be a git repo, so just do git status in there to get the HEAD ref. Alternatively, look in composer.lock for the laravel/framework entry's source.reference value.
Composer allows you to do specific package upgrades. I used this literally the other night to upgrade a single package to fix a bug, but I didn't want to change anything else.
composer update <package1> <package2> <...>
So in your case
composer update phpunit/phpunit way/generators fzaninotto/faker
It might be more complicated when you have lots of packages - but it is a solution that works.
Yes, you can simply call
composer update vendor/package
without updating your whole project.
It will work for the packages pulled by yourself and for the dependencies
You can't really. If you use Laravel 5 this is a thing you need to deal with, development versions come with this backdraw.