New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to treat allow-plugin's warnings as errors? #10912
Comments
if you don't make a choice, the plugin will stay disabled (in interactive mode, it will ask instead). So ot me, there is no errors |
Yeah I can see that there are cases where you may want to be alerted to this, but failing the process seems a bit extreme to me, and also it'd be really hard to implement cleanly I think. IMO this should anyway be caught at dev time when adding a dependency which is or requires a plugin. |
We use composer in deploy flow on remote machine. When composer deploys with some warnings we can't care about it, and our site isn't workable. So, may be some option to composer cli will help to us? |
Well IMO you should really test these things first on local machine or staging at least, then you would discover the issue and could add the plugins. If you aren't able to do that it's probably safer (from a reliability perspective) to set |
from today |
Yes it requires latest Composer as there was a bug, 2.2.15 and 2.3.8 releases fixed it earlier today. |
OK, thank you all. |
The new feature is interesting, but not configurable for remote machines. Sadly. |
May be you can add some event in scripts section? Something like "pre-package-block"? |
Yes that might be an option.. |
This is really necessary in order to catch issues early in CI, otherwise they just go unnoticed. Furthermore, as we face similar problems with uncaught warnings in other commands (#10241), I'd really prefer to have a global |
We have received quite a number of support requests from our customers at Platform.sh because of this time-based backwards-compatibility break. And yes, the key issue here is that |
I think #10920 is a good solution as it fails hard when scripted/non interactive runs happen, thus avoiding any accidents when we cannot prompt the user. Does that seem like a good outcome to everyone? I'll aim to release this tomorrow morning (UTC) |
We were really scratching our heads too, some of our successful deployments started to act up strangely or were broken. Took us a bit to figure out that its due to missing allow-plugins config. We use a fixed composer version for all our deployment processes, and we didnt update the composer binary in that timeframe. Im actually a bit in disbelief you guys added a time based bc break. I expect a versioned binary too keep its behaviour without external modification or updates. Yes i know now that there was a warning message, but many people apparently didnt notice too. At least an exception that would have stopped the deployments would have helped a lot. |
Yes, as I wrote in another issue, we now realized we fucked up. We were focused on the update process at the time, and did not fully realize the consequences of the timebomb changing the aspirationally-stable install-from-lock behavior. Anyway only thing we can do here is try to mitigate the damage, and I'm hoping #10920 will do that. |
https://github.com/composer/composer/releases/tag/2.3.9 and https://github.com/composer/composer/releases/tag/2.2.16 are now out with the fix |
It'd be great to allow a plugin to declare that it's fine to skip it in non interactive mode. |
My
composer.json
:When I run this command:
I get the following output:
And I expected this to happen:
returned code different from 0, because we don't know allowed
composer/installers
or notThe text was updated successfully, but these errors were encountered: