I created a package and here is it's composer.json:
{
"name": "faustuzas/theme-downloader",
"description": "Easy to use bootstrap theme downloader",
"type": "command",
"require": {
"php": ">=5.6.0",
"guzzlehttp/guzzle": "^6.3"
},
"license": "MIT",
"authors": [
{
"name": "Faustas Butkus",
"email": "faustas.butkus#gmail.com"
}
],
"minimum-stability": "stable"
}
but when I try to require it via composer:
composer require faustuzas/theme-downloader
I get this error:
Where is the problem?
There's no need to use "minimum-stability": "stable" because it's set to 'stable' by default. You have one branch and no tags so packagist show your package as dev-master which isn't stable. Try to create new branch e.g. 1.x and add tag e.g. 1.0.0 then composer require again.
Related
I'm making a laravel composer package
The composer.json of the package looks like this
{
"name": "mycomp/livesearch",
"description": "Livewire livesearch package",
"type": "library",
"require": {
"livewire/livewire": "dev-master"
},
"license": "MIT",
"autoload": {
"psr-4": {
"mycomp\\Livesearch\\": "src/"
}
},
"authors": [
{
"name": "parallax",
"email": "parallax4#gmail.com"
}
],
"minimum-stability": "dev",
"prefer-stable": true
}
I've added it locally by adding this to my root composer.json
"repositories": [
{
"type": "path",
"url": "packages/mycomp/*"
}
]
But when I try to install the package using composer require mycomp/livesearch I get:
Could not find a version of package mycomp/livesearch matching your minimum-stability (stable). Require it with an explicit version constraint allowing its desired stability.
Fixed it.
Just had to add
"version": "1.0.0"
To my package's composer.json
Although, from what I've learnt this is a bad idea, and it's best to do version control with a VCS like Git. But for now, before I release the package and put it on github, this would suffice.
I am trying to install the asana library through the composer.
Json:
"asana/asana": "^0.10.0" added to composer.json and {
"name": "asana/asana",
"description": "A PHP client for the Asana API",
"type": "library",
"keywords": ["asana", "client"],
"homepage": "https://github.com/Asana/php-asana",
"license": "MIT",
"require": {
"php": ">=5.4.0",
"nategood/httpful": "~0.2",
"adoy/oauth2": "^1.2.0"
},
"require-dev": {
"instaclick/php-code-sniffer": "dev-master",
"phpunit/phpunit": "^9"
},
"autoload": {
"psr-0": {
"Asana\\": "src/"
}
}
}
to composer.lock but getting error 'Package Asana/asana has no version defined.
'
As suggested by #Jeto you should not edit composer.lock manually. To install the library, you can follow the steps mentioned in official docs here.
Assuming that you are doing a fresh install, follow steps below:
Put "asana/asana" package as a dependency in your composer.json file:
{
"require": {
"asana/asana": "^0.10.0"
}
}
Now run the command composer install
composer.lock file will be automatically updated by Composer when installation succeed.
EDIT:
OR
As mentioned by #Jeto in comments, You can simply do this using a single command: composer require asana/asana:^0.10.0
Just pushed a package to packagist:
composer require rokfor/rokfor-slim:dev-master
It's returning the error
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Installation request for rokfor/rokfor-slim
dev-master -> satisfiable by rokfor/rokfor-slim[dev-master].
- rokfor/rokfor-slim dev-master requires
jlndk/slim-jade ^1.0 -> no matching package found.
If I'm checking out like
$ git clone https://github.com/rokfor/rokfor-slim
$ cd rokfor-slim
$ composer install
Everything installs just fine.
I think I'm missing something crucial here. Is it not allowed to push a package to packagist with a source from a vcs repository?
The composer.json looks like:
{
"name": "rokfor/rokfor-slim",
"description": "Rokfor CMS: Headless CMS with JSON api",
"keywords": ["rokfor", "slim","framework","view","template","jade"],
"homepage": "http://cloud.rokfor.ch",
"license": "MIT",
"type": "project",
"time": "2016-02-28",
"authors": [
{
"name": "Rokfor",
"homepage": "http://www.rokfor.ch"
}
],
"repositories": [
{
"type": "vcs",
"url": "https://github.com/urshofer/slim-jade"
},
{
"type": "vcs",
"url": "https://github.com/Rokfor/rokfor-php-db"
},
{
"type": "vcs",
"url": "https://github.com/urshofer/slim-auth"
}
],
"require": {
"php": ">=5.5.0",
"slim/slim": "~3.0",
"jlndk/slim-jade": "^1.0",
"rokfor/db": "dev-versioning",
"monolog/monolog": "^1.17",
"slim/csrf": "^0.6.0",
"jeremykendall/slim-auth": "dev-slim-3.x",
"slim/flash": "^0.1.0",
"akrabat/rka-ip-address-middleware": "^0.4.0",
"palanik/corsslim": "dev-slim3",
"erusev/parsedown": "^1.6",
"predis/predis": "^1.0",
"lcobucci/jwt": "^3.1",
"ext-gd": "*"
},
"require-dev": {
"phpunit/phpunit": "*"
},
"minimum-stability": "dev",
"prefer-stable": true
}
In a library, you cannot reference anything other than libraries that are available on packagist.org. Or you instruct your users to reference an additional source for package information.
Adding vcs and package repositories is only allowed for the root composer.json, which you cannot influence as a library other than instructing your users to do additional things beyond composer require your/lib. Which is kind of annoying, and also may be subject to security considerations, because this will not only open the door for your individual library, but for ANY library as well.
And as you did with "jlndk/slim-jade" (which the original author published from his repository as 0.0.1, and another author re-published it without adding it to packagist or changing the lib's name, adding the version tag 1.0), any additional source of package information can potentially add more package information, i.e. add a newer, malicious version of e.g. a symfony package.
Here is my composer.json:
{
"name": "zendframework/skeleton-application",
"description": "Skeleton Application for ZF2",
"license": "BSD-3-Clause",
"keywords": [
"framework",
"zf2"
],
"homepage": "http://framework.zend.com/",
"require": {
"php": ">=5.5",
"zendframework/zendframework": "~2.5",
"facebook/php-sdk-v4" : "~5.0",
"kbariotis/feedly-api": "dev-master"
}
}
I want to run composer update but I don't want to update ZF2, just other dependencies.
If you want only a specific version to be installed see the documentation for exact If you specify the exact version you require it cannot attempt to upgrade your version of the package which "~2.5" suggests to composer is what you want to happen
So you could use for example
"require": {
"php": ">=5.5",
"zendframework/zendframework": "2.5.3",
"facebook/php-sdk-v4" : "~5.0",
"kbariotis/feedly-api": "dev-master"
}
See the documentation for EXACT
With this you can run composer update and it should not attempt to upgrade the ZF Framework
You need to run
composer update facebook/php-sdk-v4 kbariotis/feedly-api
instead.
I have been trying to create a simple composer package. But I'm stuck with the following issue. Dont know how to resolve this.
[InvalidArgumentException]
Could not find package sarav/sample-package at any version for your minimum-stability (stable). Check the package spelling or your minimum-stability
Package Url : https://packagist.org/packages/sarav/sample-package
I ran the following composer command
composer require sarav/sample-package
My composer contents
{
"name": "sarav/sample-package",
"description": "Sample package",
"type": "Library",
"license": "MIT",
"authors": [
{
"name": "Sarav",
"email": "me#sarav.co"
}
],
"minimum-stability": "dev",
"require": {
"php": ">=5.3.0"
},
"autoload": {
"psr-0": {
"Sarav": "src/"
}
}
}
Your package config looks good to me, but your Git repo doesn't have any tagged versions.
Use git tag v1.0.0 or whatever version is appropriate, then git push origin --tags to update on GitHub.
Alternatively, you can go without tagged versions by specifying the master branch when you require the package, like so:
composer require sarav/sample-package dev-master
You can require any branch in this manner, but the dev- prefix is mandatory.