I have created my own base project which I install in my projects using Composer. It is a gitrepository, stored on Github. Then I create releases and push them to Packagist. I can install the base project, but instead of downloading the package like other packages, it always does a checkout.
Is there another way to use composer to download your packages instead of downloading them?
There are two ways of downloading a package: source and dist.
--prefer-dist is what you are looking for. It will fetch the zip archives from Github, instead of checking the git repository out, which is --prefer-source.
Referencing: https://getcomposer.org/doc/03-cli.md#install
Related
Go has a nice feature where you can go install <x> and it will download, build and install a binary.
For example, on my local windows PC, go install github.com/goreleaser/goreleaser will find the latest release for goreleaser, download, build and install it to my local binaries path.
I am working on a project where we would like to enable go install, but encounter a problem if the github repo name does not match the executable name. The GitHub CLI itself runs into the exact same problem:
Example:
go install github.com/cli/cli#latest
go: downloading github.com/cli/cli v1.14.0
go: github.com/cli/cli#latest: module github.com/cli/cli#latest found (v1.14.0), but does not contain package github.com/cli/cli
Is there a way to resolve this?
Update: I worked out that I could directly reference the package via it's sub directory. In my particular instance this works: go install github.com/OctopusDeploy/cli/cmd/octopus#latest
This is a bit unpleasant, but works correctly. It doesn't work for the github CLI because their go.mod has a replace directive in it :-(
Question: Can this be made nicer? Is there a way to put some sort of alias or configuration file so that go install github.com/OctopusDeploy/cli#latest can be used instead of go install github.com/OctopusDeploy/cli/cmd/octopus#latest ?
Can this be made nicer? Is there a way to put some sort of alias or configuration file so that go install github.com/OctopusDeploy/cli#latest can be used instead of go install github.com/OctopusDeploy/cli/cmd/octopus#latest ?
No. Dead simple.
I know that we can always install a package via command:
composer require packageA
But I don't know if you guys ever have a situation like this:
You want to install a big size package "packageB" that your teammate added to composer.json and your wifi is slow so composer would take very very long to get the packageB. Then you have an idea:
"Maybe I try get the packageB zip from my teammate via flash drive and paste
it into my project."
And you did that, the package works as expected. Wonderful!
But then, you think again:
What if now I want to do the composer update other packages in my
project?
You try:
composer update
and then, what happen is composer will get the package again because you didn't use "composer install" or "composer update" to install packageB so composer doesn't know you have it.
(Sorry for the long explanation).
So my question is:
How do we let composer know that we have the package already so composer don't re-download the package again? Or this is the behavior of composer and I must always use "composer install/update", there is no other way?
And sorry, change to another wifi or find a faster internet connection is really not what I'm looking for. And I also know that we can install the package locally (see here: How to update a single composer package?).
Thanks in advance!
If we don't want to use repositories.
In my knowledge, the only option is to update you composer.json and composer.lock. Friend give you version 1.2 to vendor? Write in exactly version in composer.json and for composer.lock, you will need data from your friend too.
Run install then.
Should check, but not download any file. Still, problem is that all required libraries by this library, could be updated - you can only write down exactly version of them in file.
As default, I think, the didn't predict scenarios for that way.
This is the only solution for you, i know should work.
Composer does use caching heavily to reduce the amount of data to download. However this does not remove the need to download the package at least once.
Basically Composer has two modes to download: --prefer-dist will try to obtain a download URL for an archive file, and --prefer-source will try to obtain a copy of the version control system being used.
Both variants put the result into Composer's cache directory.
Over time you'll collect a couple of archive files locally, which allow for quick switches back and forth between existing version downloads, and newer versions will have to be downloaded once.
Also you can clone a git repository once, and Composer will try to reuse it when updating, by simply fetching new commits and checking out the appropriate tags. This still requires to clone the repository once.
You can work around cloning the repository by manually placing it at the correct spot, either by physically putting it there, or by symlinking the correct vendor directory. You can also make Composer aware of an official copy by adding the local copy as an entry to repositories. This will add this source to the existing collection of packages available from Packagist.
I have used godep and vendored all my dependencies in vendor/ directory. Go build is working fine as well. However how can I be sure that all my dependencies are vendored?
Is there any command that can make sure of that?
My CI service (Travis is the one I use) lets me know. Because my test build will fail if the deps aren't available.
You should be using a CI service anyway, and then you get that benefit for free.
I use govendor to manage the dependencies, which has a status option. Here's some of the commands with govendor:
init Create the "vendor" folder and the "vendor.json" file.
list List and filter existing dependencies and packages.
add Add packages from $GOPATH.
update Update packages from $GOPATH.
remove Remove packages from the vendor folder.
status Lists any packages missing, out-of-date, or modified locally.
fetch Add new or update vendor folder packages from remote repository.
sync Pull packages into vendor folder from remote repository with revisions
from vendor.json file.
migrate Move packages from a legacy tool to the vendor folder with metadata.
Specifically, you'd do govendor status to check if there are missing packages.
If you decide to use govendor, you can get started by doing:
go get github.com/kardianos/govendor
govendor migrate (which will migrate from godeps to govendor)
Also, you mentioned in a comment that your deploying to Heroky, here's some documentation from them on govendor
I use composer to manage packages. But I delete one of files from package (I use composer status -v to check this).
Is it possible to restore changed/deleted files to it base (installed) state via composer (composer install doing nothing in my case) ?
Thanks.
ps. It's look like there no way to restore separate file from repo, after his been changed/deleted. Of course, it's possible to delete entire vendor dir, and reinstall some package totally.
I edit dependant package source code all the time and run into the issue of my local being out of sync with the remove source.
When things get really sideways and nothing works: delete the package providers dir inside the ./vendor (exp: ./vendor/author-name). Then composer will see the package is missing when running composer install. It will re-download the version specified in composer.lock.
If you want the latest version of all the packages when re-installing; composer update is what you want.
I also recommend using -o -vvv to generate the AuoLoader file and provide verbose output.
Me and my team are working on a project that uses Composer for dependency management. There seems to be a difference in how a composer update is handled on several machines (running the same latest build version of Composer), but we can't figure out why.
When my teammate runs a composer update on a dependency it tries to remove a lot of data/nodes from the composer.lock file (like the entire dist and support nodes):
When I run the same update, it tries to re-add all those keys again:
We can't figure out why this is happening. Is this a certain setting?
Update: On further inspection, it appears that the "(dis)appearing" nodes all contain https links, could it have something to do with a (missing) SSL library or something?
It seems that one Composer prefers dist and one prefers source.
Look into ~/.composer/config.json if you defined a preferred install in any of your two composers. Or if you defined different preferred installs in the composer.json.
"config": {
"preferred-install": "dist"
}
You can force composer to use either dist or source with
composer update --prefer-dist
or
composer update --prefer-source
--prefer-source: There are two ways of downloading a package: source and dist. For stable versions composer will use the dist by default. The source is a version control repository. If --prefer-source is enabled, composer will install from source if there is one. This is useful if you want to make a bugfix to a project and get a local git clone of the dependency directly.
--prefer-dist: Reverse of --prefer-source, composer will install from dist if possible. This can speed up installs substantially on build servers and other use cases where you typically do not run updates of the vendors. It is also a way to circumvent problems with git if you do not have a proper setup.