Composer custom repositories local AND remote - composer-php

We are using custom repositories that are not held on Packagist, and thus need to use composer's "repositories" key:
{
"type": "vcs",
"url": "https://github.com/name/repo"
},
However we also want to develop these locally before pushing them to GitHub
{
"type": "vcs",
"url": "/path/to/repo"
},
{
"type": "vcs",
"url": "https://github.com/name/repo"
}
However if a new user downloads the repo and just wants to use from GitHub (maybe they won't be developing locally) they get a big red error:
[InvalidArgumentException]
No driver found to handle VCS repository /path/to/dir
Is there a way that composer can tolerate this and just move down to the next line where it will find the repo?

That this is possible right now, as far as I know. The defined "/path/to/dir" needs to exist, it needs to be a repo and the repo needs to contain a composer.json file, otherwise Composer will fail.
Sounds like a valid point for a PR to ignore an invalid repository definition but not sure what Jordie thinks of this ;)
As an alternative: You could set-up your own Satis repo and pull the package from there.

Related

Requesting specific tagged version for locally developed composer package

I am developing a package for a Laravel project on my local machine. I have also spun up a Laravel app so I can manually test the package. My package is located at /home/me/packages/me/my-package and a commit (git) has been tagged with '0.1'.
I want to be able to switch between tagged versions and use specific versions in different projects but having issues.
In my main apps composer file, I am requiring the package like so:
...
"require" : {
"me/my-package" : "0.1"
}
...
"repositories" : [
{
"type": "path",
"url": "/home/me/packages/me/my-package"
}
]
This results in an error:
Problem 1
- Root composer.json requires me/my-package 0.1, found me/my-package[dev-main] but it does not match the constraint.
I have also tried:
"require" : {
"me/my-package" : "dev-main#0.1"
}
(This was an idea taken from How to use a specific tag/version with composer and a private git repository?). This goes through without any errors but:
$ composer show | grep me/my-package
me/my-package dev-main My Package
What is the correct way install a specific version of a package when developing it locally?
Probably the only thing why you hit this message is that you have "type": "path" and not "type": "vcs".
This is that Composer will only refer one version and only one version dev-main. The reason is:
If the package [path repository] is a local VCS repository, the version may be inferred by the branch or tag that is currently checked out. (ref)
You have the main branch checked out at /home/me/packages/me/my-package (/home/me/packages/me/my-package/.git/HEAD content is ref: refs/heads/main and /home/me/packages/me/my-package/.git/refs/heads/main points to the git revision) and composer will only take that one.
You should have no problem to make that change from path to vcs given:
You already have a (git) repository at /home/me/packages/me/my-package (looks so by your question)
You know the absolute path on your local system to that repository (again, looks so by your question: /home/me/packages/me/my-package).
Given these two points, Composer is able to obtain the VCS tagged versions from that path. So basically only the change of the "type":
"repositories" : [
{
"type": "vcs",
"url": "/home/me/packages/me/my-package"
}
]
Just take care that "url" contains the absolute path (and there is a git repository at that place). Likely already all set in your case, just saying.
Git is very prominent that's why I mentioned it here, for other types of VCS Composer also has options at hand. The details - also for git etc. - are available here:
VCS - Repositories (getcomposer.org)

Setting up a private composer remote repository in Artifactory

our team is currently in the process of setting up a local Artifactory instance which is suppose to connect to a private remote repository containing ELTS releases of TYPO3.
The official manual specifies, that you have to include the private repository and set up HTTP basic authentication:
Modify composer.json:
"repositories": [
{"type": "composer", "url": "https://elts.typo3.com"}
]
Call composer config --auth http-basic.elts.typo3.com [YOUR-USER-NAME] [AUTH-TOKEN] to add the credentials to the auth.json file.
When performing these steps locally, composer can fetch packages from the private repository without any issues and writes the follwing to composer.lock:
{
"name": "typo3/cms",
"version": "v8.7.34",
"source": {
"type": "git",
"url": "git#github.com:TYPO3GmbH/elts-8.7-release.git",
"reference": "****************redacted****************"
},
"dist": {
"type": "zip",
"url": "https://elts.typo3.com/dist/typo3/cms/typo3-cms-****************redacted****************-zip-******.zip",
"reference": "****************redacted****************",
"shasum": "****************redacted****************"
},
However, when we mirror the same configuration on our Artifactory server (version 7.5.x) clients are unable to fetch packages, as API calls requesting the specific package version result in an HTTP 404 error.
Unfortunately, the Artifactory logs are not of much help either, as they don't explain why the client requests are met with an HTTP 404 error.
This is our current configuration:
It would be greatly appreciated if someone could point us in the right direction!
Thanks!

Cloudfoundry & composer with basic auth protected repositories

I would like to deploy my app onto a Cloudfoundry node. Using composer for dependency management.
Now there is one repository with private packages, which is secured by basic auth (Example https://composer.example.com).
"repositories": [{
"type": "composer",
"url": "https://composer.example.com"
}]
By default, i'm using a auth.json with the needed credentials, and composer would use it.
{
"http-basic": {
"composer.example.com": {
"username": "max",
"password": "mustermann"
}
}
}
But, pushing my app to a Cloudfoundry node, composer gets executed and will fail when it comes to include the private packages.
The 'https://composer.example.com/the/package-1.7.3.zip' URL required authentication. You must be using the interactive console to authenticate
Updating my dependencies locally works like a charm, deploying my app with capistrano for exmple, works as well. But cloudfoundry in some way does not recognize the auth.json.
Any hint or help would be much appreciated.

Cannot install Horde Imap Client with composer

I try to install Horde/Imap_Client, as documented here
In an empty directory, I create a composer.json file with the following content
{
"repositories": [
{
"type": "pear",
"url": "http://pear.horde.org"
}
],
"require": {
"pear-pear.horde.org/Horde_Imap_Client": "*"
}
}
I then download the composer executable and run the installation running the 2 following commands
curl -s http://getcomposer.org/installer | php
php composer.phar install
The download and installation process fails, on both Mac OS X and Ubuntu 14.04. The message I get is
Initializing PEAR repository http://pear.horde.org PEAR repository
from http://pear.horde.org could not be loaded. Your configuration
does not allow connection to http://http://pear.horde.org. See
https://getcomposer.org/doc/06-config.md#secure-http for details.
Installing dependencies (including require-dev) Your requirements
could not be resolved to an installable set of packages.
Problem 1
- The requested package pear-pear.horde.org/horde_imap_client could not be found in any version, there may be a typo in the package
name.
Potential causes:
- A typo in the package name
- The package is not available in a stable-enough version according to your minimum-stability setting see
https://getcomposer.org/doc/04-schema.md#minimum-stability for more
details.
Read https://getcomposer.org/doc/articles/troubleshooting.md for
further common problems.
Is the Horde/Imap_Client deprecated or am I doing something wrong?
How much more verbose do you want the error?
Initializing PEAR repository http://pear.horde.org PEAR repository from http://pear.horde.org could not be loaded. Your configuration does not allow connection to http://http://pear.horde.org. See https://getcomposer.org/doc/06-config.md#secure-http for details.
Composer no longer allows installing packages from insecure sources out of the box. Regrettably the Horde PEAR repository does not support HTTPS at this time, so you can't go that way. The other way however is pretty clear in the documentation, just add this to your composer.json file:
"config": {
"secure-http": false
}
So it looks like this:
{
"repositories": [
{
"type": "pear",
"url": "http://pear.horde.org"
}
],
"require": {
"pear-pear.horde.org/Horde_Imap_Client": "*"
},
"config": {
"secure-http": false
}
}
Please do note that this disables all checks for secure communications completely. So you're opening the doors to install random code on your system via DNS poisoning, MitM attacks, you name them. The fundamental solution is to bug the Horde PEAR repository maintainers to add an SSL certificate to their repo.
Horde recently added support for HTTPS, allowing you to use Composer without the 'secure-http'=false flag.
So you can use the repository:
https://pear.horde.org

How to describe the dependencies?

Used in the project Slim + Slim/Extras + Twig.
I need to use it https://github.com/codeguy/Slim-Extras/pull/87 ,
but at the moment pull-request not accepted.
How do I properly configure the Composer?
So far, so as not to inhibit the development, fix the code in folder vendor, but this is absolutely the wrong approach.
If I understand this correctly, you need to add your own repository.
There might be problem in the same name of branch (origin: master, yours: master). Try changing your branch name if this happens.
"require": {
"slim/extras": "master"
},
"repositories": [
{ "type": "git", "url": "https://github.com/mvader/Slim-Extras.git" }
]

Resources