-
-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add allow-plugins config. #6
Conversation
Thanks @paul121! Didn't know this was coming... Do we want to consider adding this to https://github.com/farmOS/farmOS/blob/2.x/composer.project.json instead of this repository? Or some here and some there (depending on which packages are explicitly used in each)? That assumes that Did you find that you needed to declare both |
Ah yeah, not sure either.. I imagine it would need to be updated to support that. I could see it either way...
I didn't try that, but it did prompt for each of these plugins, so I imagine we do need to declare it. The GitHub actions log doesn't show this but if you run We could also allow all plugins by setting allow-plugins to Maybe there is more information on best practices somewhere outside the documentation? I didn't have much time to look deeper into this. |
I don't think it answers any of our questions, but here is the 2.2.0 release announcement: https://blog.packagist.com/composer-2-2/ |
Thanks @paul121! I found these two related upstream issues/patches in the Drupal queue, one for the Drupal core
The first one (Drupal core As for the project template itself, I wonder if it would actually be better to omit this and let it be a conscious choice by the end-user to allow? There are two scenarios (I think):
I kind of like the idea of leaving this as an end-user build step. The only people who will be running What do you think? Either way we'll want to test some of my assumptions here before committing to a path... I think we can wait until after farmOS 2.0.0-beta1 for this, since the default for |
Good digging @mstenta! Well the But maybe that composer.json is meant to be used for development as well? The steps to reproduce in that issue were "get core from git and use composer ... install" which seems like a development workflow. But like you say, we actually use
+1 yes I tend to agree with this!
I think our decision will ultimately depend on how this works... and unfortunately it seems this will only work (even with This has already been decided for the 2.2 LTS release, but maybe we can revisit this when 2.3 comes out (presumably it will require allow-plugins to be defined, and be out before July 2022): composer/composer#10314 (comment) If we don't want to define the
|
Ah I see. Well then this would just be kicking the can...
Yea seems like we're coming full circle on this (good to think it all through)! Shall we just merge this PR then? :-) |
Well, maybe not. I like what you said about downstream users of our composer project needing to make these decisions themselves. Instead of merging this here we could add some steps to our |
Sounds like a plan! |
I've opened farmOS/farmOS#467 |
Composer 2.2.0 has a new
allow-plugins
config option that we should define in our composer project: https://getcomposer.org/doc/06-config.md#allow-pluginsI noticed this warning when running
composer install
locally, you can also see it in the github action tests: https://github.com/paul121/farmOS/runs/4635317246?check_suite_focus=true#step:6:1034I've committed the config that is added to the
composer.json
after runningcomposer install
and allowing all the plugins that are prompted.