Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Composer, minimum-stability and dependencies of dependencies

Tags:

dependency-management

composer-php

symfony

I'm in quite a pickle with a new project and Symfony 2 dependencies using composer.

First some situation, i install the symfony/framework-standard-edition v2.1.5 using composer. This yields a composer file that has these requirements and no minimum-stability node.

"require": {
  "php": ">=5.3.3",
  "symfony/symfony": "2.1.*",
  "doctrine/orm": ">=2.2.3,<2.4-dev",
  "doctrine/doctrine-bundle": "1.0.*",
  "twig/extensions": "1.0.*@dev",
  "symfony/assetic-bundle": "2.1.*",
  "symfony/swiftmailer-bundle": "2.1.*",
  "symfony/monolog-bundle": "2.1.*",
  "sensio/distribution-bundle": "2.1.*",
  "sensio/framework-extra-bundle": "2.1.*",
  "sensio/generator-bundle": "2.1.*",
  "jms/security-extra-bundle": "1.2.*",
  "jms/di-extra-bundle": "1.1.*",
  "kriswallsmith/assetic": "1.1.*@dev"
},

This works fine, it installs all the latest stable versions, just as it is supposed to.

Next, I add a bundle -> https://packagist.org/packages/kunstmaan/admin-bundle

"require": {
  "php": ">=5.3.3",
  "symfony/symfony": "2.1.*",
  "doctrine/orm": ">=2.2.3,<2.4-dev",
  "doctrine/doctrine-bundle": "1.0.*",
  "twig/extensions": "1.0.*@dev",
  "symfony/assetic-bundle": "2.1.*",
  "symfony/swiftmailer-bundle": "2.1.*",
  "symfony/monolog-bundle": "2.1.*",
  "sensio/distribution-bundle": "2.1.*",
  "sensio/framework-extra-bundle": "2.1.*",
  "sensio/generator-bundle": "2.1.*",
  "jms/security-extra-bundle": "1.2.*",
  "jms/di-extra-bundle": "1.1.*",
  "kriswallsmith/assetic": "1.1.*@dev",
  "kunstmaan/admin-bundle": "dev-master"
},

This bundle depends on "doctrine/doctrine-fixtures-bundle" in "dev-master"(https://packagist.org/packages/doctrine/doctrine-fixtures-bundle)

And that bundle depends on doctrine/data-fixtures with * (https://packagist.org/packages/doctrine/data-fixtures)

Now when i run composer update in the project, it tells me that there is nothing to satisfy the doctrine/data-fixtures dependency. Either a typo in the name, or no "stable" version available since the minimum-stability defaults to stable.

It does want to install the doctrine-fixtures-bundle in "dev" stability, since putting dev-master automatically puts this dependency in "dev" stability. But this does nothing for the deps of this dep, they keep wanting to install as stable since that is my minimum-stability.

At this point i can fix this, by adding doctrine/data-fixtures: dev-master or with @dev to my composer.json in the project.

But since this is only one example (knpmenubundle, fosuserbundle, etc etc) i will have to manually go and add all deps of deps that don't install to my own composer file.

Another solution would be dropping minimum-stability of my project to dev, but at that time all my deps, including the stable ones like Symfony2, will install their dev version and not the tagged release.

like image 668
Roderik Avatar asked Dec 20 '12 10:12

Roderik

People also ask

How do I update composer and all dependencies?

To update dependencies two commands can be used: composer update and composer require . The difference between these two commands is that composer update will try to update a dependency based on the current constraints in composer. json and will only update composer. lock .

What are composer dependencies?

Composer makes information about the environment Composer runs in available as virtual packages. This allows other packages to define dependencies (require, conflict, provide, replace) on different aspects of the platform, like PHP, extensions or system libraries, including version constraints.

How do I fix composer problems?

Try clearing Composer's cache by running composer clear-cache . Ensure you're installing vendors straight from your composer. json via rm -rf vendor && composer update -v when troubleshooting, excluding any possible interferences with existing vendor installations or composer. lock entries.

Why is composer update so slow?

Composer update is very slow if you have a lot of dependencies/packages implemented. You should avoid variable versions and think about using a HHVM as server.

1 Answers

There is only one good way out of this: nag people so that they tag more releases. If you really need to work with unstable stuff then whitelisting it all with requires "@dev" is the best alternative IMO. If you have more unstable than stable, then you can always tag @stable and set the minimum-stability to dev. There is still the lock file to save your ass in most cases ;)

like image 195
Seldaek Avatar answered Oct 23 '22 14:10

Seldaek
Sign in to Comment

Related questions

File upload: How to exclude a MIME type using asserts?
ORM Doctrine ManyToOne on update CASCADE (Symfony)
SQL query with count and group by in Symfony2 QueryBuilder
jQuery datepicker in Symfony2 gives 'This value is not valid.'
In symfony, what is a bag?
issue with file uploading in laravel
Escape HTML code with TWIG Markdown
Doctrine Query builder, count related one to many rows
How to manually authenticate user after Registration with the new Symfony 5 Authenticator?
Symfony2: How to modify a form value before validation
How can I send emails from a Symfony2 service class?
How to reopen Doctrine Entity Manager after DBALException
Symfony2 the template does not support the "bundle" parameter
sonata admin label on breadcrumb
How to pass JSON in POST method with PhpUnit Testing?
Unique Constraint return type mismatch
How to create IP blacklist in Symfony2?
Integrating CKeditor to my symfony2 project
Handle errors in Ajax within Symfony2 controller
Symfony 2 Embedded Form Collection Many to Many

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!