Corrupted composer.json file in Laravel 8 - composer-php

When I tried to remove the package maatwebsite/excel from my project, I damaged something badly. The problem is that I can't track the changes I made. Before I removed maatwebsite/excel from composer.json, I removed phpoffice/phpspreadsheet probably from composer.json. But I can't remember exactly. Because when I check out an older version with git, I can no longer find this entry. Every time I call Composer, it now gives a considerable error message that starts like the following.
In ArrayLoader.php line 44:
Unknown package has no name defined
([{"name":"asm89/stack-cors","version":"v2.0.1","version_normalized":"2.0.1.0","source":{"type":"git","url":"https://github.com/asm89/stack-cors.git","reference":"23f469e81c65e2fb7fc7bce371fbdc363fe32adf"},"dist":{"type":"zip","url":"https://api.github.com/repos/asm89/stack-cors/zipball/23f469e81c65e2fb7fc7bce371fbdc363fe32adf","reference":"23f469e81c65e2fb7fc7bce371fbdc363fe32adf","shasum":">"},"require":{"php":"^7.0","symfony/http->foundation":"~2.7|~3.0|~4.0|~5.0","symfony/http-kernel":"~2.7|~3.0|~4.0|~5.0"},"require-dev":{"phpunit/phpunit":"^6|^7|^8|^9","squizlabs/php_codesniffer":"^3.5"},"time":"2020-05-31T07:17:05+00:00","type":"library","extra":{"branch-alias":{"dev-master": "2.0-dev"}},"installation-source":"dist","autoload":{"psr-4":{"Asm89\Stack\":"src/"}},"notification-url":"https://packagist.org/downloads/","license":["MIT"],"authors":[{"name":" Alexander","email":"iam.asm89#gmail.com"}],"description":"Cross-origin
resource sharing library and stack
middleware","homepage":"https://github.com/asm89/stack-cors","keywords":["cors","stack"],"install-path":"../asm89/stack-cors"},{"name":"bacon/bacon-qr-code","version":"2.0.2","version_normalized":"2.0.2.0","source":{"type":"git","url":"https://github.com/Bacon/BaconQrCode.git","reference":"add6d9ff97336b62f95a3b94f75cea4e085465b2"},"dist":{"type":"zip","url":"https://api.github.com/repos/Bacon/BaconQrCode/zipball/add6d9ff97336b
The error message is 165K in size. Maybe, someone has a tip for me on how to solve this problem?

I managed to solve this by running:
composer.json file in remove recent custom changes otherwise recent change in a check any existing syntax error
Step: 1 remove the vendor folder
rm -rf vendor/
step: 2 remove the composer.lock
rm composer.lock
step: 3 composer update command using composer generates a file called composer.lock and update a folder called vendor
composer update
step: 4 then use this command
composer dump-autoload

Related

composer is not removing entry from composer.lock

I've used following command to remove a package using composer.
composer remove sjparkinson/static-review
Above command removes entry from composer.json file but composer.lock file still contains entry for mentioned library in require section.
What is the proper way to update composer.lock ? Should I update it manually?
Composer does not removing this package, because it is required by another dependency. So even if you don't require it directly, it is still required by your project, so you cannot remove it. You can use composer why some-vendor/some-package command to check what is the reason to keep this package installed:
composer why sjparkinson/static-review
magento/product-community-edition 2.2.4 requires sjparkinson/static-review (~4.1)
If you really want to remove this package, you need to remove magento/product-community-edition too (and every dependency, which depends on this package).
BTW: Editing composer.lock manually is really bad idea, you should never do that.

Remove a package using composer (without updating other packages)

I've currently installed a package "watson/sitemap". Now, I want to remove it without using "composer update" since it will update other packages which I don't want.
Any help would be much appreciated.
UPDATE: Composer 2 is now out, and it seems to be smart enough to handle the recursion. You need only remove the offending package.
I recently needed to do this. Here's a real-world example. This is pretty hacky. You could script this by using Composer's PHP classes or by parsing the composer.lock file, but this is a manual process you can follow.
1. Remove the unwanted package(s)
composer remove --no-update illuminate/mail
composer update illuminate/mail
2. Look for orphaned dependencies
composer show -N | xargs -n 1 composer why | grep "There is no installed package"
Output (something like this):
There is no installed package depending on "erusev/parsedown"
There is no installed package depending on "swiftmailer/swiftmailer"
There is no installed package depending on "tijsverkoyen/css-to-inline-styles"
3. Remove orphaned dependencies
composer update erusev/parsedown swiftmailer/swiftmailer tijsverkoyen/css-to-inline-styles
4. Rinse, repeat
Repeat steps 2 and 3 until you've found all the orphans.
Clarification: If you use the --no-update flag, you won't upgrade packages... however (as of writing, early 2020) it also does not remove orphaned dependencies. You're not telling it not to "upgrade". You're telling it not to update any of the installed (composer.lock) dependencies. Big difference. This is why you have to find them and manually "update" them out of your project.
Right way:
composer remove watson/sitemap --no-update
From CLI Docs:
The remove command removes packages from the composer.json file from
the current directory.
php composer.phar remove vendor/package vendor/package2
After removing the requirements, the modified requirements will be
uninstalled.
Hack way:
Remove the entry from composer.json then run
composer update watson/sitemap
This will remove a package totally from composer.lock and /vendor
I'm not sure this is possible. To restate your question. You have watson/sitemap in your composer.json, you've executed a composer update to download the package and it's dependencies. Now you want to remove the package but leave dependent packages in place?
I'm not sure there's a good way to do this, you'll have to run composer update at some point, which will just download it again. If my interpretation is correct, maybe your solution is to just add the other packages that you need that you don't want removed when you get rid of watson/sitemap, possibly sloppy/paste it's dependencies into your composer.json file?
I use
composer remove package-name --no-update-with-dependencies
Works imho

Laravel/Composer getting "Could not scan for classes inside" for package

I'm adding this package to my composer json and when I run composer update I'm getting this error
Could not scan for classes inside ".../vendor/artdarek/pusherer/src/migrations" which does not appear to be a file nor a folder
This folder doesn't exist in the package, nor is it referenced in an autoload statement in that package composer.json.
When I dig inside my composer.lock file in the pusherer section I see this for some unexplained reason
"classmap": [
"src/migrations"
],
Anybody have any clue what's adding this to my composer.lock file?
Just do composer require artdarek/pusherer without touching your composer.lock or composer.json file and you should be fine.
if you have any problems with your composer.lock file, just delete it and when you run composer require .... from above, it will be recreated.
Looking at the package, it appears that this line was in the 1.0.1 release but removed in the 1.0.2 release. Can you remove it and then re-add using the latest version?

forcing composer to regenerate autoloads when composer.json of a dependency is changed?

My workflow for developing Symfony bundles is the following:
install Symfony
create a git repo for the new bundle, put a composer.json file in there
require the new package in the top-level composer.json, using #dev version
composer update newpackage => the package is downloaded, using git clone
work on the git clone inside vendors, committing and pushing from it
This is all fine and dandy, but seems to break in one specific case:
if I alter the 'autoload' tag of the already-installed package, it seems that Composer has a hard time taking it into account:
I tried 'composer dumpautoload', and it does nothing
I do not want to remove the composer.lock file, as I do not want other packages to be updated to a newer version, I only want to alter the autoload config of that one package
I tried removing by hand vendor/composer/installed.json, and what happened is that Composer re-downloaded all the vendors and wiped any data which happened to be in there at that moment
The same problem manifested itself when I did alter the autoload section of the package on a separate clone, pushed the changes to git and ran 'composer update mypackage' - although that might have been related to packagist not having received the ping from github.
I can of course alter by hand the composer.lock and vendor/composer/installed.json files, but that seems too hackish. It also does not gives the guarantee that user downloading the package the 1st time will see it working.
Try:
./composer.phar dumpautoload -o
It reads the composer.json files and rewrites all the autoload files which pick up the new paths.
dumpautoload uses the package information from vendor/composer/installed.json and not the individual composer.json files. You need to change the autoload info there, too.
The file installed.json is only being update when you run a
composer update

Installing only new packages from composer.json

I'm trying to make composer update only newly added packages to composer.json i.e when I manually add a package dependency to the composer.json file, it should update the composer.lock file only for the new package; the rest of the packages should be at the same version as before. I tried running composer update --lock but I don't think it does what I'm trying to achieve and it took a lot of time to finish. I checked the commands on composer's documentation but can't find one to achieve my wish. Any advice or workaround will be appreciated.
Note: I'm using Laravel Forge, so there is a 2 minutes deployment limit.
In order to install only new packages with composer you should run
composer install
Because composer update will install your new packages but will update and all the other already installed packages.
You can specify the name of the package as an argument to the update command. This will perform a partial update: composer update the-package/you-want-to-update
I think your question is related to your (guessed) current workflow: To add a new package you edit the composer.json file and then run composer update - wishing to only add/update that new file.
If that is true, here is the solution:
composer require new/package will add the newest possible version (taking into account the currently installed packages) of the new package. Benefits: Only one command line, and no fiddling with JSON content.
If you already know which version you want, you could also run composer require new/package:^2.1.25#beta (or whatever version and stability level you want - this example is exaggerating a bit). If this version is incompatible with existing packages, nothing will get installed, everything will get rolled back, and you get an error message.

Resources