Github 上 composer/composer 的最新 issue 回應 https://github.com/composer/composer/issues Github 上 composer/composer 的最新 issue 回應 en-us Re: php7.4 support for composer outdated command https://github.com/composer/composer/issues/8346#issuecomment-544467872 > Indeed. Just take a look and the only solution I see would be to override the `ArrayInput` to fix this, as symfony:2.8 will not be fixed (not maintained anymore except for security issues).<br /> <br /> In fact, solution is simplier. See #8386 . https://github.com/composer/composer/issues/8346#issuecomment-544467872 Mon, 21 Oct 2019 19:14:43 +0800 Re: Add an option to composer.json to remove files on production https://github.com/composer/composer/issues/5367#issuecomment-544467385 @stof So why can't we have `baseDirectory` that composer could use, utilizing `git clone --filter`, to install only one folder in the dependency downloaders? https://github.com/composer/composer/issues/5367#issuecomment-544467385 Mon, 21 Oct 2019 19:13:17 +0800 Re: php7.4 support for composer outdated command https://github.com/composer/composer/issues/8346#issuecomment-544456068 Indeed. Just take a look and the only solution I see would be to override the `ArrayInput` to fix this, as symfony:2.8 will not be fixed (not maintained anymore except for security issues). https://github.com/composer/composer/issues/8346#issuecomment-544456068 Mon, 21 Oct 2019 18:37:18 +0800 Re: Add an option to composer.json to remove files on production https://github.com/composer/composer/issues/5367#issuecomment-544435365 It all comes down to value in the end. There is no value here. This discussion itself has already cost more than you would ever gain from it. https://github.com/composer/composer/issues/5367#issuecomment-544435365 Mon, 21 Oct 2019 17:40:16 +0800 Re: Add an option to composer.json to remove files on production https://github.com/composer/composer/issues/5367#issuecomment-544433247 @Danon and supporting gitattributes or no is not something done by composer at all, but by the packaging tool (github respects it for instance when building the download archive, and many packages already uses it) https://github.com/composer/composer/issues/5367#issuecomment-544433247 Mon, 21 Oct 2019 17:34:59 +0800 Re: Add an option to composer.json to remove files on production https://github.com/composer/composer/issues/5367#issuecomment-544430925 @stof There is `git clone --filter` flag, that allows for downloading only a specified directory.<br /> <br /> For dist install, we can handle it with `.gitattributes`, so for dist, composer could still download whole package.<br /> https://github.com/composer/composer/issues/5367#issuecomment-544430925 Mon, 21 Oct 2019 17:29:09 +0800 Re: Add an option to composer.json to remove files on production https://github.com/composer/composer/issues/5367#issuecomment-544428350 > We could set the directory to `src`, and composer would only download that one folder, and ignore the rest. That sounds like an easy feature to implement, right? Certainly simpler than a map of exluded files.<br /> <br /> How do you download only a subfolder ? If you use source install, you cannot do it (well, with SVN you can do it, but most of the packages are using Git today, not SVN, and Git cannot do it). And for dist install, we can only download what the dist archive contains. We cannot magically download a trimmed-down archive (and most open-source packages rely on downloads endpoints of Github and Gitlab for instance, which don't have such sub-folder download endpoints) https://github.com/composer/composer/issues/5367#issuecomment-544428350 Mon, 21 Oct 2019 17:22:27 +0800 Re: Add an option to composer.json to remove files on production https://github.com/composer/composer/issues/5367#issuecomment-544426728 @alcohol Ok, perhaps a map of excluded files is indeed hard to implement, test and maintain, I can agree on that.<br /> <br /> But how about, instead of specifying a map of excluded files, let's specify a `baseDirectory` in composer.json. We could set the directory to `src`, and composer would only download that one folder, and ignore the rest. That sounds like an easy feature to implement, right? Certainly simpler than a map of exluded files. https://github.com/composer/composer/issues/5367#issuecomment-544426728 Mon, 21 Oct 2019 17:18:18 +0800 Re: Added clear cache for windows, fix tests https://github.com/composer/composer/pull/8366#issuecomment-544423281 > will you merge it or no?<br /> <br /> Not me :P https://github.com/composer/composer/pull/8366#issuecomment-544423281 Mon, 21 Oct 2019 17:10:07 +0800 Re: #8364 Add Homepage informations in command composer show https://github.com/composer/composer/pull/8371#issuecomment-544422737 This one was first, but I would personally prefer the solution in #8375 https://github.com/composer/composer/pull/8371#issuecomment-544422737 Mon, 21 Oct 2019 17:08:48 +0800 Re: Add `brew install composer` for macOS install https://github.com/composer/composer/pull/8385#issuecomment-544422108 We do not support brew so there is no need to document this. https://github.com/composer/composer/pull/8385#issuecomment-544422108 Mon, 21 Oct 2019 17:07:10 +0800 Re: Add an option to composer.json to remove files on production https://github.com/composer/composer/issues/5367#issuecomment-544421364 Because it's just that, noise. If your OCD can't handle that, then deal with it in your packaging process. But there is no reason for the Composer team to waste time on building nor maintaining a feature that provides zero actual gain. https://github.com/composer/composer/issues/5367#issuecomment-544421364 Mon, 21 Oct 2019 17:05:04 +0800 Re: php7.4 support for composer outdated command https://github.com/composer/composer/issues/8346#issuecomment-544412436 @cedric-anne <br /> I'm not sure because the fix is for symfony:3.4 and composer uses symfony:2.8 https://github.com/composer/composer/issues/8346#issuecomment-544412436 Mon, 21 Oct 2019 16:41:56 +0800 Re: php7.4 support for composer outdated command https://github.com/composer/composer/issues/8346#issuecomment-544401018 Hi,<br /> <br /> FYI, this has been fixed by https://github.com/symfony/symfony/pull/32806 .<br /> <br /> Regards https://github.com/composer/composer/issues/8346#issuecomment-544401018 Mon, 21 Oct 2019 16:12:27 +0800 Re: Add an option to composer.json to remove files on production https://github.com/composer/composer/issues/5367#issuecomment-544239181 I can see @alcohol stated numerously that he didn't consider this issue a real issue, without 0 explaination to why he thinks so :/ <br /> <br /> The only real argument I found was:<br /> > Composer is a dependency manager. Not a packaging tool.<br /> <br /> Yes, I agree. So why can't dependencies' authors decide what's part of a "dependecy", and what parts are unrelated noice that's required inside VCS for other reasons? https://github.com/composer/composer/issues/5367#issuecomment-544239181 Sun, 20 Oct 2019 18:19:52 +0800 Re: Probably dead code in src/Composer/DependencyResolver/Decisions.php https://github.com/composer/composer/issues/8383#issuecomment-544210110 Oops. Meant to open this as myself. https://github.com/composer/composer/issues/8383#issuecomment-544210110 Sun, 20 Oct 2019 09:01:21 +0800 Re: Question: How to semver patch a patch? e.g. use a specific tag https://github.com/composer/composer/issues/8381#issuecomment-544191263 Edited description to clarify Option 1 is long term with no short term solution. Added 2 more reference materials. https://github.com/composer/composer/issues/8381#issuecomment-544191263 Sun, 20 Oct 2019 03:42:23 +0800 Re: Config option to disable lockfile generation? https://github.com/composer/composer/issues/8354#issuecomment-544190767 Yes, essentially that would be it. Although (if I understand correctly), composer does not actually write the lockfile do disk between the 'update' and the 'install' phase, right? <br /> <br /> In relation to #6822, the way I see it is that this option would currently prevent generating a lockfile on both `install` and `update`. When #6822 is implemented it isn't possible to run `install` without a lockfile anymore. That means the option then only applies to `update`. The absence of a lockfile (even after running `update`) then nicely signals that the package is meant to be used with `update` only, always using the latest versions of dependencies. https://github.com/composer/composer/issues/8354#issuecomment-544190767 Sun, 20 Oct 2019 03:35:40 +0800 Re: Question: How to semver patch a patch? e.g. use a specific tag https://github.com/composer/composer/issues/8381#issuecomment-544185889 I am interested in what the PHP/composer/semver community thinks about which option is most reasonable.<br /> <br /> @phansys your comment sounds like a vote for "Option 1: Claim it's a release management issue." For the sake of argument though, what if these are all fixes instead of features? i.e. `1.0.59` is a PATCH and `1.0.60` is a PATCH, but there is a need for a patch to `1.0.59` that needs released *before* `1.0.60`? Option 1 may still be valid, but doesn't offer a short term solution. Say we're in this situation, how would you solve it? https://github.com/composer/composer/issues/8381#issuecomment-544185889 Sun, 20 Oct 2019 02:38:46 +0800 Re: Bitbucket: clearcache before update https://github.com/composer/composer/issues/8074#issuecomment-544176246 It seems that for private repositories on Bitbucket, this example below works ok:<br /> <br /> ```json<br /> ...<br /> "repositories": [<br /> {<br /> "type": "vcs",<br /> "url": "https://bitbucket.org/user/repository"<br /> }<br /> ],<br /> ...<br /> ```<br /> (and using an OAuth token generated via the Bitbucket user settings page). The `url` could be also `git@bitbucket.org:user/repository` if there is read access on the repository. <br /> <br /> When using the `"type": "git"` like this:<br /> <br /> ```json<br /> ...<br /> "repositories": [<br /> {<br /> "type": "git",<br /> "url": "https://bitbucket.org/user/repository"<br /> }<br /> ],<br /> ...<br /> ```<br /> this warning occurs after an hour or few:<br /> <br /> ```text<br /> Failed to update https://bitbucket.org/user/repository, package information from this repository may be outdated<br /> ``` https://github.com/composer/composer/issues/8074#issuecomment-544176246 Sun, 20 Oct 2019 01:25:47 +0800 Re: Question: How to semver patch a patch? e.g. use a specific tag https://github.com/composer/composer/issues/8381#issuecomment-544141764 How introducing features C, D, E, and F in a *PATCH* version is intended to be compatible with the semantic versioning spec? https://github.com/composer/composer/issues/8381#issuecomment-544141764 Sat, 19 Oct 2019 21:05:47 +0800 Re: composer global require considered harm^H^H^H occasionally inconvenient and confusing https://github.com/composer/composer/issues/5390#issuecomment-544134399 See also the discussion in phive about this topic: https://github.com/phar-io/phive/issues/88 https://github.com/composer/composer/issues/5390#issuecomment-544134399 Sat, 19 Oct 2019 19:44:11 +0800 Re: Added clear cache for windows, fix tests https://github.com/composer/composer/pull/8366#issuecomment-543892199 Sorry for asking, but will you merge it or no? https://github.com/composer/composer/pull/8366#issuecomment-543892199 Sat, 19 Oct 2019 03:07:53 +0800 Re: Unable to install any composer plugin https://github.com/composer/composer/issues/8378#issuecomment-543751529 Ok, this appears to be something local on my dev instance. I spun up a new one and it installed without any issues. https://github.com/composer/composer/issues/8378#issuecomment-543751529 Fri, 18 Oct 2019 21:38:31 +0800 Re: Composer won't accept valid responses to user prompt https://github.com/composer/composer/issues/8365#issuecomment-543610500 We do not officially support OS packaged installations (since we do not offer those nor maintain them). I would strongly suggest using one of our supported and documented installation methods. https://github.com/composer/composer/issues/8365#issuecomment-543610500 Fri, 18 Oct 2019 16:53:52 +0800 Re: Composer won't accept valid responses to user prompt https://github.com/composer/composer/issues/8365#issuecomment-543392899 I guess a reproducible scenario would be to change your local hosts file of `github.com` to go somewhere else, so that it times out.<br /> <br /> A quick search of the code base shows the following:<br /> <br /> ```<br /> ➜ composer git:(master) ack 'Would you like to try reinstalling the package instead'<br /> src/Composer/Downloader/DownloadManager.php<br /> 279: if (!$this->io->askConfirmation(' Would you like to try reinstalling the package instead [<comment>yes</comment>]? ', true)) {<br /> ➜ composer git:(master) ack 'Please answer yes' <br /> src/Composer/Question/StrictConfirmationQuestion.php<br /> 88: throw new InvalidArgumentException('Please answer yes, y, no, or n.');<br /> <br /> tests/Composer/Test/Question/StrictConfirmationQuestionTest.php<br /> 42: * @expectedExceptionMessage Please answer yes, y, no, or n.<br /> ➜ composer git:(master) ack 'Please type' <br /> ```<br /> <br /> Strangely, the last question:<br /> <br /> ```<br /> Please type 'yes' or 'no': yes<br /> ```<br /> <br /> Does not appear to be there, even with all the vendor packages installed.<br /> <br /> Also, I have the following version of composer installed, which was default install from Ubuntu:<br /> <br /> ```<br /> ➜ composer git:(master) composer --version<br /> Composer 1.6.3 2018-01-31 16:28:17<br /> ```<br /> <br /> I am currently checking out the code base at that version to continue the search. https://github.com/composer/composer/issues/8365#issuecomment-543392899 Fri, 18 Oct 2019 06:45:51 +0800 Re: Config option to disable lockfile generation? https://github.com/composer/composer/issues/8354#issuecomment-543248308 Essentially this would be an option to delete the lock file on a composer update run after the automatic install following the update has completed. https://github.com/composer/composer/issues/8354#issuecomment-543248308 Fri, 18 Oct 2019 00:10:26 +0800 Re: Composer doesn't use oauth/http-basic settings for private repos https://github.com/composer/composer/issues/8356#issuecomment-543162612 Running the same scenario with `vcs` does not seem to fix the issue.<br /> Currently the only way of making this work is by changing the `repository` url to the following format: `https://<token>@github.com/<user/org>/<repo>`, which is not possible for anyone storing their `composer.json` on a version control server because it exposes your Personal Access Token...<br /> <br /> How are we supposed to use private vcs(github) repo's inside composer ?<br /> <br /> EDIT: This only seems to fail when using `composer install`, not when using `composer update`. Why would that be the case?<br /> <br /> EDIT: The solution for me was by adding the build machine's public key to my github account. This way i don't need to use the auth feature from composer. https://github.com/composer/composer/issues/8356#issuecomment-543162612 Thu, 17 Oct 2019 20:58:46 +0800 Re: Added clear cache for windows, fix tests https://github.com/composer/composer/pull/8366#issuecomment-543144730 I'm fine with the change, I was just explaining that the bug solving potential should be close to zero if PHP is working as documented. That in itself is always a gamble so indeed fine to change. https://github.com/composer/composer/pull/8366#issuecomment-543144730 Thu, 17 Oct 2019 20:10:26 +0800 Re: Added clear cache for windows, fix tests https://github.com/composer/composer/pull/8366#issuecomment-543108106 Adjusted and rebased https://github.com/composer/composer/pull/8366#issuecomment-543108106 Thu, 17 Oct 2019 18:18:01 +0800