Create stable and development composer.json #121
Comments
ftrotter
added
bug
|
@ftrotter @seanccsmith composer 'require' means that it's required for the application, and 'require-dev' means that it is an additional requirement for development, and would be left out of a production build, like mockery, which helps build tests. I think to achieve what you want, we can create two composer.json files, one for "live production" that would pull official versions of the careset packages from packagist, and a composer-dev.json for local development that would have the repositories listed, and the master branch versions in the 'require' section. We can wrap the commands in one script and call it like 'lore install' or lore install --dev'. |
|
@kchapple that sounds great. The only thing is I guess these new composer files will need to be in LoreCommander (or Eden) rather than Zermelo? |
|
@seanccsmith @ftrotter right. Now that I think about it, it may make more sense just to have different release branches of LoreCommander. 'master' would contain the composer.json that has all the git repositories, and dev-master versions of DURC and Zermelo. And we could cut a 1.0 version of LoreCommander to correspond with 1.0 versions of Zermelo and DURC hosted on packagist. We could follow this pattern for all the packages rather than muck around with different scripts and composer configurations. |
|
@kchapple Would it be easier to maintain the composer.json files separate across two branches, as those are updated and merged? It'd definitely be smoother during "normal" times, but would make version updates on our end a little more fraught. I will follow your lead on this, though. |
|
I’m not sure I understand. Sorry! Maybe we can chat about it tomorrow.
… On Jun 3, 2020, at 4:18 PM, Sean Smith ***@***.***> wrote:
@kchapple Would it be easier to maintain the composer.json files separate across two branches, as those are updated and merged? It'd definitely be smoother during "normal" times, but would make version updates on our end a little more fraught.
I will follow your lead on this, though.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
|
@seanccsmith @ftrotter Commit to fix this is in LoreCommander. Added lore.php which calls either composer-dev.json if passed the --dev flag or composer.json if not. Also put info in the readme: issue in Zermelo (#121) To install the dist release versions of Zermelo/DURC from packagist run:
To install the dev-master versions (latest source code from github) run:
|
|
The dist release installer works beautifully on install and update. When running the dev installer, however, I run into a problem with zermelo blade graph:
It seems to have this *.git.git thing, which I expect is the problem. Looking in composer-dev.json, though, I can't find any difference between the syntax in the require statement for zermelo blade graph vs. anything else. |
|
@ftrotter @seanccsmith I'm not sure what the problem could be here, maybe run composer self-update and see if it was a composer bug that was fixed in the last minor release. So, to provide an overview (and please let me know if you'd like something done differently) I'll explain what I did. 1- zermelo_installer's composer.json specifies all the zermelo* packages as dependencies so that when you require the installer, all of the other zermelo packages are added. I created two branches of careset/zermelo_installer. The master branch (also tagged on master at v1.0) contains a the ">=0.9" version strings for each zermelo*, which means it should pull the latest when you run a composer update. The 'develop' branch contains dev-master in the version string for all zermelo* packages, which will pull the master branches. If you specify preferred-install: "source" AND minimum-stability: "dev" AND add the repositories (as specified in zermelo_installer's README) then when you update or install, composer will clone the repositories and be set for development. 2- To LoreCommander repo, there are two composer.json files. composer.json and composer-dev.json. The compooser.json file has the default minimum-stability of "stable" and preferred-install set to "dist" which means it will prefer to download the dist package from packagist, NOT clone a repository. The composer.json file also requires the careset/zermelo_installer with a version >=1.0, which will subsequently add the release version of zermelo* as stated above. The composer-dev.json file has minimum-stability set to "dev" and preferred-install set to "source". It also includes the "develop" branch of the careset/zermelo_installer so that it pulls in the "master" branches of the other zermelo* packages. 3- I added a script lore.php, which you can run like this:
NOTE Each composer config file has it's own "lock" file. When you run 'composer install', you are installing the based on the lock file if there is one. When you run 'composer update' you are updating the lock file based on the require section of the composer config file, and installing updated components. NOTE Repositories have to be in the project root's composer.json file, the section is ignored in packages. NOTE The stability and preferred-install must be set at the project root comopser.json and is not applied in sub-packages. However, you can specify packages to be specifically installed a certain way: https://getcomposer.org/doc/06-config.md#preferred-install |
|
Running php lore.php --install, with the stable composer.json, works fine. php lore.php --update similarly works fine. When I run php lore.php --install --dev, I get the following error:
I get an identical error when I move the composer-dev.json to composer.json and run php lore.php --install. With composer.json equal to composer-dev.json, I run composer install and get the following error:
|
I have done some work to get the composer.json file in Lore to work in a reasonable way.
Before (and currently in Eden) the composer had a minimum-stability set to 'dev'. This causes a
composer updatecommand to result in replacing all of the stable versions of every php package with the dev-master versions. Obviously this is wrong. The solution is to have a minimum-stability set to 'stable' and to have the libraries that we need to specifically target dev-master (i.e. our internal libraries) to be in the 'require-dev' section of the composer.json file, rather than the 'require' section.
But there is also composer itself in the require-dev and faker and mockery? Why do we need the development version of these files?
Obviously, the composer.json file needs general clean up. But we also need to have two versions of the composer.json, one that is for development against Zermelo/DURC etc, and one that is for the stable deployment of the 1.0+ stable versions of these packages moving forward.
For this purpose I would like to presumptively launch a .9 version of all of the packages that we rely on. And call that stable, so that we can begin using the stable version of the composer.json for our testing moving forward. Doing so will put us into the position of when we find bugs, we need to actually release a new version of the underlying package to push that bug fix out to our stable repos.
This will allow us to install the correct Eden-based version of the stable.composer.json to all of our stable applications based on the DURC+Zermelo+Laravel stack, and ensure that running composer update on our production servers is a safe thing to do from now on... Which means that this ticket is actually a series of smaller tasks
-FT
The text was updated successfully, but these errors were encountered: