-
-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Git inferred data is lost when compiling #460
Comments
As a temporary workaround, one could use the following command in the project directory to patch the package with the proper versions file: $ php -dphar.readonly=0 -- /path/to/package.phar << 'EOF'
<?php
$versions = 'vendor/composer/package-versions-deprecated/src/PackageVersions/Versions.php';
$phar = new Phar($_SERVER['argv'][1]);
$phar[$versions] = file_get_contents($versions);
EOF |
Wouldn't a better solution to migrate towards the Ocramius one? That one at least works fine with Box (since box uses it) |
I'm not using composer/package-versions-deprecated directly. I use jean85/pretty-package-versions which switched from the original library (ocramius/package-versions) to the fork in Unless I did something wrong, when I tried downgrading to @theofidry are you sure that this is because of the underlying versions library? |
Nope. It's however a suspicion since both are very close but one works and the other not. Since you gave a reproducer though, I'll be able to check it more closely |
As far as I can tell, Composer 2 is taking over the installed versions management. |
Hi @morozov, The Composer's By tuning the configuration of box you can disable the call to
{
"dump-autoload": false,
"finder": [
{
"name": "*.php",
"in": "vendor"
}
],
"output": "example.phar"
} And here the result I got:
|
I was not aware it was relying on the |
@villfa, thank you for the research and the suggestion. The version detection indeed works this way but the resulting package now contains the If I install only the needed dependencies via |
The same is about the development dependencies but somehow Box figures out that they don't need to be included. |
Maybe the alternative solution is for Box to include The alternative obviously is to have the version dumper working without git... But that sounds like a lot more work |
That sounds unrealistic. The version of the root package is detected from VCS. |
There is another way to make it work: Box could retrieve the version of the root package by using Composer:
(when the Then Box can add, if not present, the version into the temporary @theofidry what do you think? If this proposal is good enough for you I could make a PR. |
@villfa that could work, but is it really equivalent?
So from there we can reconstruct After a quick look, maybe we are making this more complicated than it needs. We can add the git files to |
I've made some tests to check if my idea was doable and it is not :/
I'm a bit annoyed the solution sounds too git-centric, but I think it should work. |
I share your feeling there but I guess if Composer is being git-centric here there is not much we can do :/ |
…recated which leads to box-project/box#460
…is (#1419) * Update Box to 3.9.0 and remove temporary fix with composer v1 in travis * update box to 3.9.1 which is compatible with composer 2 * replace psalm via phar because it loads composer/package-versions-deprecated which leads to box-project/box#460
Revisiting the issue: Since Composer relies on git and that some potential code do as well, at least when the autoloader is dumped as well, the planned fix is to include |
Bug report
If an application that uses composer/package-versions-deprecated is packaged using Box, the resulting package will contain an invalid root package version. Please see the full reproduction script below.
box.json.dist
Output
The text was updated successfully, but these errors were encountered: