I have a project for which I used composer install to download all of the dependancies I need. In order for one of those dependencies to work for my project, I had to make a few small changes to some of its class files.
If I run composer update again for my project, does that mean composer will re-download the original version of that package, therefore overwriting the customizations I previously made?
Yes, if there are updates to the original package, composer will overwrite your changes. I suggest forking the dependency and telling composer to use your fork instead.
{
"require": {
"vendor/the-package": "dev-master"
},
"repositories": [
{
"type": "vcs",
"url": "https://github.com/flyingl123/the-package.git"
}
]
}
You can find more instructions about forking a package in the composer docs.
Related
I frequently come across a composer.json for a specific package that has a minimum-stability key included. An example is reproduced below:
{
"name": "drupal/modulename",
"type": "drupal-module",
"description": "Example.",
"license": "GPL-2.0-or-later",
"minimum-stability": "dev",
}
I understand what this key does when it is present in the site's root composer.json (i.e. it will then disallow installation of packages with a lower stability than stipulated).
But what does "minimum-stability": "dev" do when it is present in a in a package's composer.json?
In the above example, there are no requirements. Will it do anything if there are other packages required?
I am only familiar with the Drupal ecosystem, where I've seen this a lot. I don't think this is significant, since using composer to manage dependencies is used a lot by other PHP frameworks as well.
It does nothing when present in a non-root composer.json.
The docs say:
minimum-stability (root-only)
For packages, it would only have any effect if you were installing the package as as the root project (e.g. by using git clone and then composer install, as opposed to installing it on an existing project with composer require).
When I run composer update, a lot of dependencies and my composer.json get updated. But, my composer.json didn't change, so next time I run composer install, I'll get the outdated ones again.
For instance, I have:
"require": {
"symfony/form": "^4.1",
}
When I run the command It shows:
Updating symfony/dotenv (v4.1.4 => v4.1.5): Loading from cache
But the json line stays the same, and composer install will install the 4.1.4 version.
Is there a way to update the composer.json file when I run composer update?
Thanks in advance!
You should have a composer.lock file after performing composer update. You commit this file to version control and then the next person checks out the code can do composer install to obtain the correct version.
The composer.json file contains the version constraints whereas the composer.lock file contains the specific version.
Take a look at the example you had:
"require": {
"symfony/form": "^4.1",
}
Here the version constraint for the symfony/form package is ^4.1. This means that it will accept any version 4 build from 4.1, but not version 5 or higher. So it could obtain version 4.1.1, or 4.2.13 or anything higher (but below version 5).
https://getcomposer.org/doc/articles/versions.md#caret-version-range-
here are the docs on lock files
https://getcomposer.org/doc/02-libraries.md#lock-file
I am using git to manage my composer packages' versions.
Whenever I update my package to a new version, I create a new tag in git ("v1.0.0")
When I try to update, it downloads from cache.
I also tried removing the package and re-install, but still it would install older version.
this is my composer.json file:
{
"repositories": [{
"type": "composer",
"url": "https://example.com/packages"
}],
"require": {
"ynaxon/counter": "dev-master#v1.0.0"
}
}
My package repository is built via Satis.
Your version is pinned to v1.0.0, thats why Composer always fetches from cache.
When you use tags you can omit dev-master and just use the respective semantic versioning like:
"ynaxon/counter": "^1.0"
Composer will now update your package whenever it finds a new tag in the v1 range.
Also make sure that Satis updates the package correct and that the package is available in Satis.
Lets say I use TYPO3 7.6 Composer installation. Now I run into following problem:
An Extension in the latest version defines in ext_emconf.php a required TYPO3-Version
'typo3' => '6.0.0-6.2.99',
I tested the Extension already in TYPO3 7 without any problems. In a none composer installation I could install the extension via extension manager and answer the warning with "I know what I'm doing" BUT with composer I can not install the Extension!
I mean yes I could
wait for the developer to update...
fork the extension and change the version in ext_emconf.php :-(
or what?
Is there a way to force composer to install this "incompatible" Extension somehow?
Thanks!
It is not possbile to force an install by composer if the requirements are not met. But there are still a few tricks. You can require TYPO3 7LTS and tell composer to threat it as 6.2. But this of course means that other extensions might now be incompatible. This can be acieved in your composer.json by
"require": {
"typo3/cms": "^7.6 as 6.2.31"
}
If the extension has a development branch that is already combatible and only the release is missing you can require the branch instead of a release. If the extension is registered on packagist.org that would be
"require": {
"vendor/extension": "dev-<branchname>"
}
If it is not registered on packagist but has a composer.json file you can add the repository of the extension to your root composer.json to make the branch requireable.
"repositories": [
{"type": "git", "url": "https://github.com/vendor/extension.git"}
]
But the best way is of course to make the extension compatible and if it already is, to ask for an official release that supports TYPO3 7LTS.
Is there a way to tell composer that each time I do a composer update I want him to ignore a specific package?
Have you considered specifying the required version for the package you are trying to ignore? For instance:
"require": {
"some/package": "~1.2"
}
This may get updated, because you are saying any version >=1.2,<2.0, But if you strictly say you want only version 1.0, you should not see any updates to that package:
"require": {
"some/package": "1.2"
}
Actually I don't know if there is any way to tell composer to exclude one specific package from updating but you can tell which packages to update as
composer update <package> <package2>; // or
php composer.phar update <package> <package2>;
For example,
composer update foo/package1 bar/package2; // or
php composer.phar update foo/package1 bar/package2;
Also, I think, if you don't list them in composer.json (remove after installation) by yourself, then they will not be updated unless also specified in the list.
From Composer:
If you only want to install or update one dependency, you can whitelist them:
$ php composer.phar update monolog/monolog [...]
Check this link and also check Composer.
Update : (found on internet but not tested)
To do that, just remove the package from composer.lock
Update: Only availble for composer versions 1.0.0-alpha6 and lower. Using it in version 1.0.0-alpha7 and higher will remove all packages in "require-dev".
I believe currently you can trick composer with some mess if you can afford it in your project. Something like: Put all packages you don't want to update in "require-dev" and run updates with composer update --no-dev
Just be careful of that if you run composer install as i recall they will be removed from your project.
All this trickery is really nasty, so we should wait for official way of doing things like that, personally i update packages explicitly specifying them
To ignore a specific package, you can use provide (if it's part of your own package) or replace. This tells Composer that you wish to provide/replace a specific package, so it won't download it.
Here is the composer.json file example which should work:
{
"require": {
"radic/tmp-underscore-php": "~1.2.0"
},
"replace": {
"patchwork/utf8": "*"
}
}
In this example, the patchwork/utf8 package would be ignored on composer install or update.
To exclude specific version, see: Composer exclude specific versions.