Add prompt suggesting using --dev when require command is used with dev packages #10960
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ackages which appear to be dev, fixes composer#10939
naderman
requested changes
Jul 21, 2022
| @@ -254,6 +284,7 @@ protected function execute(InputInterface $input, OutputInterface $output) | |||
| return 0; | |||
| } | |||
|
|
|||
| $input->setOption('dev', true); | |||
There was a problem hiding this comment.
Just correctness, in case any new code below would check $input->getOption('dev'), as this effectively switches the mode we're running in.
Co-authored-by: Nils Adermann <naderman@naderman.de>
naderman
approved these changes
Jul 21, 2022
This was referenced Jul 21, 2022
GaryJones
added a commit
to GaryJones/PHPCompatibilityJoomla
that referenced
this pull request
Sep 4, 2022
As per https://getcomposer.org/doc/04-schema.md#keywords by including "static analysis" as a keyword in the `composer.json` file, Composer 2.4.0-RC1 and later will prompt users if the package is installed with `composer require` instead of `composer require --dev`. See composer/composer#10960.
GaryJones
added a commit
to GaryJones/PHPCompatibilityPasswordCompat
that referenced
this pull request
Sep 4, 2022
As per https://getcomposer.org/doc/04-schema.md#keywords by including "static analysis" as a keyword in the `composer.json` file, Composer 2.4.0-RC1 and later will prompt users if the package is installed with `composer require` instead of `composer require --dev`. See composer/composer#10960 for more info.
GaryJones
added a commit
to GaryJones/PHPCompatibilityParagonie
that referenced
this pull request
Sep 4, 2022
As per https://getcomposer.org/doc/04-schema.md#keywords by including "static analysis" as a keyword in the `composer.json` file, Composer 2.4.0-RC1 and later will prompt users if the package is installed with `composer require` instead of `composer require --dev`. See composer/composer#10960 for more info.
GaryJones
added a commit
to GaryJones/PHPCompatibilitySymfony
that referenced
this pull request
Sep 4, 2022
As per https://getcomposer.org/doc/04-schema.md#keywords by including "static analysis" as a keyword in the `composer.json` file, Composer 2.4.0-RC1 and later will prompt users if the package is installed with `composer require` instead of `composer require --dev`. See composer/composer#10960 for more info.
GaryJones
added a commit
to GaryJones/PHPCompatibilityAll
that referenced
this pull request
Sep 4, 2022
As per https://getcomposer.org/doc/04-schema.md#keywords by including "static analysis" as a keyword in the `composer.json` file, Composer 2.4.0-RC1 and later will prompt users if the package is installed with `composer require` instead of `composer require --dev`. See composer/composer#10960 for more info.
GaryJones
added a commit
to GaryJones/PHPCompatibilityMagento
that referenced
this pull request
Sep 4, 2022
As per https://getcomposer.org/doc/04-schema.md#keywords by including "static analysis" as a keyword in the `composer.json` file, Composer 2.4.0-RC1 and later will prompt users if the package is installed with `composer require` instead of `composer require --dev`. See composer/composer#10960 for more info.
GaryJones
added a commit
to GaryJones/PHPCSExtra
that referenced
this pull request
Sep 4, 2022
As per https://getcomposer.org/doc/04-schema.md#keywords by including "static analysis" as a keyword in the `composer.json` file, Composer 2.4.0-RC1 and later will prompt users if the package is installed with `composer require` instead of `composer require --dev`. See composer/composer#10960 for more info.
GaryJones
added a commit
to GaryJones/PHPCSDevTools
that referenced
this pull request
Sep 4, 2022
As per https://getcomposer.org/doc/04-schema.md#keywords by including "dev" and/or "static analysis" as a keyword in the `composer.json` file, Composer 2.4.0-RC1 and later will prompt users if the package is installed with `composer require` instead of `composer require --dev`. See composer/composer#10960 for more info.
GaryJones
added a commit
to GaryJones/PHPCSDevCS
that referenced
this pull request
Sep 4, 2022
As per https://getcomposer.org/doc/04-schema.md#keywords by including "static analysis" as a keyword in the `composer.json` file, Composer 2.4.0-RC1 and later will prompt users if the package is installed with `composer require` instead of `composer require --dev`. See composer/composer#10960 for more info.
GaryJones
added a commit
to GaryJones/PHPCompatibility
that referenced
this pull request
Sep 4, 2022
As per https://getcomposer.org/doc/04-schema.md#keywords by including "static analysis" as a keyword in the `composer.json` file, Composer 2.4.0-RC1 and later will prompt users if the package is installed with `composer require` instead of `composer require --dev`. See composer/composer#10960 for more info.
This was referenced Feb 15, 2023
staabm
added a commit
to staabm/annotate-pull-request-from-checkstyle
that referenced
this pull request
Feb 15, 2023
as per composer/composer#10960 this allows composer to warn the user, when installing the tool as a project dependency instead of a dev-dependency
This was referenced Feb 15, 2023
weirdan
added a commit
to weirdan/psalm
that referenced
this pull request
Feb 15, 2023
icanhazstring
added a commit
to composer-unused/composer-unused
that referenced
this pull request
Feb 20, 2023
This tells composer to install composer-unused to require-dev when running composer require without --dev composer/composer#10960
icanhazstring
added a commit
to composer-unused/composer-unused
that referenced
this pull request
Feb 20, 2023
This tells composer to install composer-unused to require-dev when running composer require without --dev composer/composer#10960
staabm
added a commit
to staabm/php-cs-fixer-config-1
that referenced
this pull request
Mar 13, 2023
as per composer/composer#10960 this allows composer to warn the user, when installing the tool as a project dependency instead of a dev-dependency
gharlan
pushed a commit
to redaxo/php-cs-fixer-config
that referenced
this pull request
Mar 13, 2023
as per composer/composer#10960 this allows composer to warn the user, when installing the tool as a project dependency instead of a dev-dependency
reinfi
pushed a commit
to reinfi/composer-unused
that referenced
this pull request
Mar 14, 2023
This tells composer to install composer-unused to require-dev when running composer require without --dev composer/composer#10960
staabm
added a commit
to staabm/bladestan
that referenced
this pull request
Mar 16, 2023
as per composer/composer#10960 this allows composer to warn the user, when installing the tool as a project dependency instead of a dev-dependency
tvbeek
added a commit
to tvbeek/phpmd
that referenced
this pull request
Mar 20, 2023
… as a require-dev package. See: composer/composer#10960
tvbeek
added a commit
to tvbeek/pdepend
that referenced
this pull request
Mar 20, 2023
Keywords to describe pdepend Dev to let composer know the package is mostly a dev dependency, see: composer/composer#10960
AJenbo
pushed a commit
to pdepend/pdepend
that referenced
this pull request
Apr 15, 2023
Keywords to describe pdepend Dev to let composer know the package is mostly a dev dependency, see: composer/composer#10960
dingo-d
pushed a commit
to dingo-d/PHPCSExtra
that referenced
this pull request
May 28, 2023
As per https://getcomposer.org/doc/04-schema.md#keywords by including "static analysis" as a keyword in the `composer.json` file, Composer 2.4.0-RC1 and later will prompt users if the package is installed with `composer require` instead of `composer require --dev`. See composer/composer#10960 for more info.
grogy
pushed a commit
to php-parallel-lint/PHP-Parallel-Lint
that referenced
this pull request
Mar 27, 2024
Since Composer 2.4.0, Composer will prompt users if they are sure they want to install something as `require` instead of `require-dev` if the package contains certain "dev" related keyword, like `static analysis`. This adds the keywords to this package to help users add the package in the most appropriate place. Refs: * https://getcomposer.org/doc/04-schema.md#keywords * composer/composer#10960 Co-authored-by: Markus Staab <maggus.staab@googlemail.com>
jrfnl
added a commit
to php-parallel-lint/PHP-Parallel-Lint
that referenced
this pull request
Mar 27, 2024
Since Composer 2.4.0, Composer will prompt users if they are sure they want to install something as `require` instead of `require-dev` if the package contains certain "dev" related keyword, like `static analysis`. This adds the keywords to this package to help users add the package in the most appropriate place. Refs: * https://getcomposer.org/doc/04-schema.md#keywords * composer/composer#10960 Co-authored-by: Markus Staab <maggus.staab@googlemail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
First suggested in #10939
This implements the idea discussed here tho #10939 (comment)
Currently taking
dev,testing,static analysistags as indicator that a package is meant to be in require-dev, then it does this:IMO
testingandstatic analysisare fairly safe bets.devis almost unused atm, and I took a look at all the top download packages there and only one is arguably not meant to be in require-dev, but they can fix that by removing the tag from the default branch.