Using composer to require private repos

Question

I've probably misunderstood the docs (https://getcomposer.org) but is it possible to optimise the syntax for composer when including private repos. Ultimately; I want to step away from listing every repository and vendor pair when the vendor is the same...

In my projects composer.json I've got:

"repositories": [{
     "type": "vcs",
     "url": "git@bitbucket.org:{vendor}/{repo1}.git"
},{
     "type": "vcs",
     "url": "git@bitbucket.org:{vendor}/{repo2}.git"
},{
     "type": "vcs",
     "url": "git@bitbucket.org:{vendor}/{repo3}.git"
}]
...
"require": {
     "{vendor}/{repo1}": "dev-master",
     "{vendor}/{repo2}": "dev-master",
     "{vendor}/{repo3}": "dev-master"
 }

I figured; as the repositories is an array, then composer would search the repositories for a vendor/repo pair (or something) or if the vendor matches the vendor part of the repository url. It seems syntax heavy for a slight change...

But now I've confused myself by looking at package.json examples :s

Any kicks in the right direction would be great!

Answer 1

A repository does not have to have the same vendor/package name in every branch or tag - the name can change. So adding a repository simply extends the amount of knowledge Composer has about existing packages, while adding package names in require explicitly pinpoints them wherever they may be located.

If you use more than a handful of private repositories, I'd strongly suggest you create a packagist-like repository with either "Packagist", "Satis" or "Toran Proxy". That way you'd only add that one repo to all your composer.json files (not repeating all your private repos all over the place) and the packages you want to use. This greatly reduces the redundancy you feel, because you'd only deal with the package names everywhere, and with the private repository locations in the configuration file of your central repo solution.