Reputation: 188
Composer multi-level dependency with private repos
I got following propblem:
I have 6 private repositories on bitbucket
- app
- implementation1
- implementation2
- core
- bundle1
- bundle2
App is my main - "root" package. Now the app can have multiple implementations in composer.json along with core package and than core has multiple bundles in its composer.json
The problem is that when I use
composer install
in my core package - it normally downloads bundle1 along with bundle2 inside core/vendor folder.
But when I try to install packages from app - it gives me following error:
Problem 1
- Installation request for company/app-core-bundle dev-master -> satisfiable by company/app-core-bundle[dev-master].
- company/app-core-bundle dev-master requires company/app-bundle1-bundle * -> no matching package found.
The workaround I've found is to specify all repositories in app/composer.json but it's bad solution and it's not what dependencies are used for.
Here are 2 parts of composer.json:
app/composer.json
{ "name": "company/app", "version": "master", "type": "project", "minimum-stability": "dev", "license": "proprietary", "repositories": [ { "type": "git", "url":"[email protected]:username/company-app-core.git" } ], "require": { "php": ">=5.5.9", ... "company/app-core-bundle": "dev-master" } }company-app-core/composer.json
{ "name": "company/app-core-bundle", "version": "master", "type": "symfony-bundle", "minimum-stability": "dev", "license": "proprietary", "repositories": [ { "type": "git", "url":"[email protected]:username/company-app-bundle1.git" }, { "type": "git", "url":"[email protected]:username/company-app-bundle2.git" } ], "require": { "php": ">=5.5", "company/app-bundle1-bundle": "*", "company/app-bundle2-bundle": "*" } }company-app-bundle1/composer.json
{ "name": "company/app-bundle1-bundle", "version": "master", "type": "symfony-bundle", "minimum-stability": "dev", "license": "proprietary", "require": { "php": ">=5.5", ... some other 3rd company bundles like FOS } }
It's a 2 level dependency, my repos have to be private and I don't want to play around with Satis right now.
Thanks for any help. :)
Upvotes: 2
Views: 1372
Answers (2)
Reputation: 73
You need to specify all private packages in root level of composer.json. As was stated already - composer won't do recursive scanning. I strongly suggest using Toran Proxy. This will solve the problem. Satis is also an option, but Toran requires almost no configuration and have very nice GUI :)
Upvotes: 1
Reputation: 70863
There is no better solution for you.
You have to provide the meta data of every repository hosting a package somehow. Composer can find out about the public packages because it knows how to ask packagist.org. For private repos this cannot be done, so someone has to give Composer a pointer where to get the meta data instead.
There are basically two ways: The one you don't want to use is to use an additional instance doing the same thing Packagist does, by either running your own instance of Packagist, or Satis, or Toran Proxy.
The other way is to list each repository individually in ALL composer.json files that would ever need the package hosted there. This clearly is the inferior solution because it means that you constantly have to add ALL repositories you have into ALL repositories' composer.json file, just in case any cross referenced dependencies occur. Additionally it probably slows things down because of the number of server connections involved when collecting the newest data during an update.
There is no silver bullet for you. Composer decided to not scan repositories recursively in order to be able to have acceptable run times. Only the root repository decides where to scan for packages, with using only Packagist being the default (which can be turned off), and additionally scanning either packagist-like instances, or repos.
Satis is still the easiest way to host private repos because it only requires running PHP on the command line, and then make the created files available via static HTTP hosting.
Packagist is a PHP application with dependencies to a database, redis, a cache, a mail server etc. - likely more complicated to set up than Satis.
Toran Proxy also is a PHP application, but without such dependencies (according to the website - I have no experience using it). You'd only need a vhost able to run the main script.
For all of them, you'd have to get the configuration right, add the list of your private repositories for them to scan, and then add the URL of your new Composer information source to all composer.json files in all your private repositories - but this has to be done only one final time, after that this URL stays the same and points to updated meta data of all your repos.
Upvotes: 3
Related Questions
- Composer require runs out of memory. PHP Fatal error: Allowed memory size of 1610612736 bytes exhausted
- How to update a single library with Composer?
- How to develop a composer app with external lib projects?
- How to use a specific tag/version with composer and a private git repository?
- Bundle service - Attempted to load class from namespace
- How can we use a self hosted git repository with composer?
- How to solve the 'package not available in stable-enough version' error of composer?
- Install DoctrineCouchDBBundle on Symfony 2.5.4 with composer
- Composer multi-bundle dependency failing