I have just setup a local repo on my PC, and its working very well.
But the problem is when I am installing a package the composer tool checks the packagist repo first instead of my local repo. I want the local repo to be checked first. How can fix this??.
here is my global config.json
{
"repositories": {
"local": {
"type": "composer",
"url": "http://localhost:9090"
}
}
Any help?
Is Satis running?
Please browse http://localhost:9090 to make that sure.
Satis needs to run properly and must list your packages, before you can work with composer.json (or even move things to config.json).
The basic guide for setting up Satis is over here: https://getcomposer.org/doc/articles/handling-private-packages-with-satis.md#satis .
If you can't get Satis running, post your satis.json.
You could try removing the key local from config.json and add "packagist": false instead (to disable Packagist lookups).
{
"repositories": [
{ "packagist": false },
{
"type": "composer",
"url": "http://localhost:9090"
}
]
}
I think the solution is to combine
- the setting "packagist":false on your projects
- with "require-dependencies": true on your satis config.
This means that all packages you require are not fetched directly by Composer from Packagist (its off), but indirectly via the Satis server.
Satis will contact Packagist and download the packages to your Satis space (local package cache) and Composer grabs them from there.
I cannot disable packagist since I need it for other packages.
When you allow Satis to fetch them, you can disable packagist globally for projects. The directives require-dependencies and require-all might help.
Related
While refactoring legacy code, I try to work on a composer package while at the same time work on a project which uses this package.
Composer allows me to add local path repositories for retrieving the package in-development, and symlinking this package into my project.
<composer.json excerpt>
"repositories": [
{
"type": "path",
"url": "../my-package/",
"options": {
"symlink": true
}
}
],
...
"require": {
"my/package": "#dev"
}
I then do
composer update my/package --prefer-source
Which symlinks just fine. However, when building my project on a CI server, I want the project to retrieve the package from a remote git repository, this is why I added the vcs section to my composer.json.
{
"type": "vcs",
"url": "git#bitbucket.org:my/package.git"
}
However, during building via composer install it still tries to retrieve the package locally, which is not available on the CI server of course. I guess because my composer.lock explicitly says that the package is retrieved from a path.
How can I make it work smoothly, both locally and on the CI server? I seem to lack a decent workflow.
What I tried so far:
adding my/package again as a dev-package, but apparently the composer.json will remove if from the no-dev packages automatically then. Also, I do not know how to tell composer to use the path repository for the dev requirement, and the vcs repository for the no-dev requirement.
After tons of hours searching for a suitable workflow, I found out one. Hope it can help you.
Since repository-dev (like require-dev for repository) doesn't exist and will not exist soon (see this), we need to make two composer.json files. Let's say we call the second one composer-dev.json. I think you should commit both and having both up-to-date. To tell composer to use composer-dev.json, you need to put COMPOSER=composer-dev.json in front of every composer command. To illustrate, see this :
composer.json
{
"repositories":[
{
"type": "vcs",
"url": "{repo}"
}
],
"require": {
"vendor/package": "{version}",
}
}
composer-dev.json
{
"repositories":[
{
"type": "path",
"url": "path/to/your/package",
"options": {
"symlink": true
}
}
],
"require": {
"vendor/package" : "{version}",
}
}
As you can see, the composer.json contains the 'vcs' repository and the composer-dev.json contains the 'path' repository.
To initialise your application and start developing :
COMPOSER=composer-dev.json composer update
Composer created the vendor directory and symlink your package folder to vendor/package. It also created a composer-dev.lock file which you should commit for deployment.
To install new package :
COMPOSER=composer-dev.json composer require vendor/package
Remember that composer.json have to be up-to-date, so you have to put all new lines in it.
To build your application :
COMPOSER=composer-dev.json composer install
Which should throw you :
[RuntimeException]
Source path "path/to/your/package" is not found for package vendor/package
Now you can run :
composer update --no-dev vendor/package
or if you need specific version :
composer update --no-dev vendor/package:{version}
Notice that there is no COMPOSER=composer-dev.json in front of the last command since we are using composer.json in order to use our vcs repository. This last command will also install all missing packages.
I hope it was usefull !
I know that I can use composer update vendor/package but here's my case.
Composer is very slow when updating, I have around 6 packages installed and one local vcs package being loaded from a local folder. When I run composer update even for that specific local package, composer connects to Packagist to look for other updates and this process is very slow, I don't know if it's my computer or my internet. Is there a way I can tell composer to just update the package from local folder when I run composer update local/package without contacting Packagist and running through all the heavy json files it downloads?
Note:
I know how to load a local composer package. It's loading perfectly, it's just that I'm looking for a way to tell composer just to load the local package without contacting Packagist.
"repositories": [
{
"type": "vcs",
"url": "../local/package"
}
],
My problem is that it's slow to contact Packagist. Running composer update local/package -vvv Shows that it still downloads json files from packagist even if it's told to update just local/package.
There are multiple ways of speeding the Composer fetch up:
define a custom repo, which points to a local path and install with --prefer-source
"repositories": [
{
"type":"vcs",
"url":"/path/to/your/local/package/packageA"
}
],
"require":{
"package/packageA" : "dev-master"
}
Follow-up trick: if you exactly know the type of the repo, then specify it!
In other words: do not use "type":"vcs" if you can specify "type":"git" or "type":"svn". Composer will skip running through all the repo adapters to figure the correct one out.
you could setup Satis and define only the required packages for your project and their dependencies ("require-dependencies": "true"). This acts as a package proxy in front of packagist. You would simply fetch from the local Satis mirror/proxy.
Give this a try, to disable the default Packagist repository:
{
"repositories": [
{
"packagist": false
}
]
}
I have a private git repository located at username#somedomain.com, that i access with ssh.
I need to include 2 projects from the same server, and i do like this:
"require": {
"proj1": "dev-master",
"proj2": "dev-master",
},
"repositories": [
{
"type": "vcs",
"url": "username#somedomain.com:proj1.git"
},
{
"type": "vcs",
"url": "username#somedomain.com:proj2.git"
}
]
May happen that these repo grow in number. Is there any chance where i can configure something like
"url": "username#somedomain.com"
and let composer resolve where to find the packages?
Please note that i don't want to use satis or any other package manager.
There is only way to handle private projects without direct definding insided composer.json -- use Satis or Toran Proxy.
https://getcomposer.org/doc/articles/handling-private-packages-with-satis.md
Composer allows you to add repositories that will also be scanned for packages in addition to using Packagist.
Note that you didn't specify which package is to be found in these repositories because Composer will scan these for composer.json itself and detect which packages are available (one repository might contain more than one package in different branches!).
Because every repository is independent of each other, you have to mention them all individually.
Also note that Composer only allows to add these repositories on the root level, so you have to repeat every repository that is being used in your dependencies again in the root project, even if that root project does not have a direct dependency to a package that is provided in such a repository.
The way to avoid this is to have a Packagist-like repository that is created via Satis, Toran or a local installation of Packagist itself. I recommend going that way even if you say you don't want to.
I'm trying to load a library I have hosted on BitBucket using composer as explained both in the official documentation and here, but keep receiving the following error:
[Composer\Repository\InvalidRepositoryException]
No valid composer.json was found in any branch or tag of [repository URL], could not load a package from it.
Here is my project composer.json:
{
"name": "Project name",
"require": {
"my-vendor/my-package": "dev-master"
},
"repositories": [
{
"type": "vcs",
"url": [repository URL]
}
]
}
And here is the composer.json in my remote repository (that apparently can't be found):
{
"name": "my-vendor/my-package",
"version": "0.3",
"autoload": {
"psr-0": {
"NS_": "src"
}
}
}
I should mention that both composer.json files are in the root directory as they should be.
Some other things to note:
I've also tried the "non-composer package" approach, whereby I specify the package information in my project composer.json, and omit the composer.json from my remote repository, as outlined in the documentation. This successfully clones the master branch but then results in the following error:
[RuntimeException]
Failed to execute git checkout "master" && git reset --hard "master"
fatal: Not a git repository (or any of the parent directories): .git
However, the package is downloaded to /vendor as expected, so I'm not sure why it's trying to checkout master again.
This is not the way I wish to solve this problem (as I'd rather make use of a composer.json in the remote repository), but it might help identify an issue elsewhere.
Thanks for any help.
EDIT
I've managed to get it working by referencing a package.json over HTTP:
"repositories": [
{
"type": "composer",
"url": "http://localhost/packages.json"
}
]
The packages.json looks like:
{
"packages": {
"vendor/my-package": {
"dev-master": {
"name": "vendor/my-package",
"version": "dev-master",
"source": {
"url": [repository URL],
"type": "git",
"reference": "master"
}
}
}
}
}
Is this the only way to get this working? It seems a bit overkill to host my own packages.json file if I'm only going to be using one or two in-house packages.
Regardless, this is giving me the same Git error as I mentioned previously.
EDIT 2
Forcing an error (invalid SSH passphrase) gives this:
[RuntimeException]
Failed to execute git clone "[repository URL]" "C:\workspace\DFv3\vendor\vendor/my-package" && cd /D "C:\workspace\DFv3\vendor\vendor/my-package" && git remote add composer "[repository URL]" && git fetch composer
So I can clearly see what it's doing here. However, it seems after this command runs it cds into the .git directory and tries running:
git checkout "master" && git reset --hard "master"
Presumably to get rid of the composer instance it pulled. However, it's running this in the wrong directory and I can't figure out why..
I know this is a bit old, but for some that might encounter this issue, this is how it works for me.
Clear the composer cache.
composer clearcache
Rerun the satis build script.
You must not include a version specification in your library's composer.json if it is actually managed by a supported source control system. Currently you are saying that your master branch IS version 0.3 (which is a stable version), but you are trying to include "dev-master" (which is an unstable version). Composer might get confused if that software really is "dev-master" or "version 0.3".
If you actually are developing new releases for the 0.3.x series in your master branch, you should define a branch alias instead. Add this to your current development branch for versions 0.3.x:
"extra": {
"branch-alias": {
"dev-master": "0.3.x-dev"
}
}
If you want to move on to version 0.4 or 1.0, you'd branch at the "last" state of the 0.3 series with a branch named "0.3.x" and then update the composer.json in the master branch to point dev-master to a new alias (like "dev-master": "0.4.x-dev"). You could also name your old 0.3 branch anyway you like and then add an alias for THAT branch.
Doing this will enable you to require the latest development version of 0.3.x like this:
"require": {
"my-vendor/my-package": "0.3.*#dev"
}
This will pull the latest 0.3 version - which currently would be the latest commit in the master branch because of the defined alias.
The way you are currently set up forces you to explicitly include version 0.3, which is a moving target without making that fact explicitly known.
Giving an explicit version tag should only be done if there is no version control system available that is able to give Composer the version number, i.e. there are no tags available, or the tags do not comply with Composer's requirement for version numbers. Since you seem to be in control of that vcs, it probably is a good idea to make the tags conform to Composers standard instead of making it troublesome to release a new version.
After you fixed this, I do expect your installation to NOT require that package.json file anymore, because that file now repairs the trouble you created with that version declaration. You'd then also not need that composer reference anymore, but can revert back to mentioning the original repository like you did.
If you feel you are using too many private repositories which are all requiring more private repositories, and are sick of mentioning them all in a long list, you could think about using Satis to create such a list of found packages instead of manually creating them.
I had the same error, after deleting folders from vcs everything works fine
sudo rm -R ~/.composer/cache/vcs/*
On Windows (as #Serbu suggested):
Clearing the vcs, repo and files directories under
C:\Users\Me\AppData\Local\Composer\
I've managed to get it working by referencing a package.json over HTTP:
"repositories": [
{
"type": "composer",
"url": "http://localhost/packages.json"
}
]
so the packages.json file looks like:
{
"packages": {
"vendor/my-package": {
"dev-master": {
"name": "vendor/my-package",
"version": "dev-master",
"source": {
"url": [repository URL],
"type": "git",
"reference": "master"
}
}
}
}
}
Also, its seems an autorun registry entry I had for command prompt was interfering with composer running.
See: Requiring a private git Bitbucket repository fails to find valid composer.json.
While this might be considered necromancy, I stumbled across this question yesterday while having an issue just like this (although in my case I was running an Ubuntu Docker container and not Windows as the OP was) and thought I would leave my thoughts and resolution here should anyone else stumble across this.
The Ubuntu repo version of Composer is currently sitting at 1.6.x (at the time of writing, Composer is up to 1.9.1 I believe) and I was getting different errors depending on if I ran composer install with different levels of logging. Without logging, it moaned that it couldn't find a valid composer.json. With logging, it moaned that it couldn't access the repo (despite scanning the tags).
The solution for me was to globally install the latest version of Composer as the Ubuntu repo version was using outdated BitBucket API calls (v1 is deprecated). Once I had updated to a newer version of Composer, the install ran perfectly.
So check your Composer version and install an updated version if possible (a local/project install should work too).
I've just updated composer.json to last version and the problem gone away.
We have our own Satis repository, we can store there our own dependencies. This works fine.
But if a developer uses a package that is not within in our own repository, then Composer will fetch it from GitHub through packagist.org (as a fallback).
But we do not want to be dependent on packagist.org. All dependencies should be downloaded from our own repository.
What we like to know, if its possible that Satis download a package from Packagist, if it is not locally available yet, and then store it and add it to Satis own repository automatically .
This way we do not have to manually add the dependencies to the Satis repository.
Satis now supports this.
Just follow the Satis setup instructions and add the following to your configuration file (which is named satis.json by default). Update prefix-url and require as appropriate.
{
"repositories": [
{ "type": "composer", "url": "https://packagist.org" }
],
"require-dependencies": true,
"require": {
{{your application dependencies from composer.json}}
},
"archive": {
"directory": "dist",
"prefix-url": "{{your server}}",
"skip-dev": true
}
}
Then, you can create your Satis repository like normal:
php bin/satis build <configuration file> <build dir>
Now, your Satis repository will satisfy all of your application's dependencies.
Note: the first run might take a while. Subsequent runs are much faster. Also, note that Satis uses /tmp for its cache. On a small memory system where /tmp is backed by tmpfs, you might need to increase the space /tmp has available if you have a large dependency tree.
You might also want to disable the Packagist repository in your project's composer.json file to enforce that all dependencies come from your Satis repository. To do this, add:
{
"repositories": [
{
"packagist": false
}
]
}
to your project's composer.json.
You can use broker to achieve this for now. Most likely this capability will be added to satis itself down the line.