Composer manages packages using intranet private warehouses

Composer uses an intranet private repository for package management. because Composer has been used for package dependency management for a long time, many public class libraries will be placed on GitHub and reference dependencies between multiple projects. when updating versions, this reduces a lot of costs, but there are still some problems:

• Every update, you need to run the unit test locally. Commit and Push it to Github. it takes effect only after the Composer update;
• Enterprise-level modules cannot be placed on Github;

Official solution

Fortunately, Composer provides a private repository:

{ "repositories": [ { "type": "vcs", "url": "http://svn.example.org/projectA/", "trunk-path": "Trunk", "branches-path": "Branches", "tags-path": "Tags" } ]}

Reference: https://getcomposer.org/doc/05-repositories.md

Because the company uses Subverison to import a private repository using the above method, it actually checks out the specified tags in the form of svn checkout. in this case, the vendor directory will appear. svn Directory, causing the master project to be unable to be submitted, or even fail to be checked out when tags is switched.

Many people in the Composer project issue reflect this problem. The solution is to use svn export instead of svn checkout, and the following plug-ins need to be used:

Https://github.com/LinearSoft/composer-svn-export

New solution

This plug-in requires you to build a packaglist site by yourself. In fact, you only need a packages. json file, but you need a valid https service. Otherwise, the following error will occur:

➜  www.my-project.com composer updateYou are running composer with xdebug enabled. This has a major impact on runtime performance. See https://getcomposer.org/xdebugAdded SvnExport repo: NewPackageLoading composer repositories with package information                                                                                                                                               [Composer\Downloader\TransportException]                                                                                                     The "https://packagist.my-project.dev/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:    error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed                                                            Failed to enable crypto                                                                                                                      failed to open stream: operation failed         

If you do not have such an https service, you can create a packages. json file on gist to achieve the following results:

{ "packages": { "tc/analyse": { "0.9.2": { "name": "tc/analyse", "version": "0.9.2", "source": { "type": "svn", "url": "https://svn.tc.dev/library/analyse", "reference": "/tags/0.9.2" } }, "0.9.3": { "name": "tc/analyse", "version": "0.9.3", "source": { "type": "svn", "url": "https://svn.tc.dev/library/analyse", "reference": "/tags/0.9.3" } }, "dev-master": { "name": "tc/analyse", "version": "dev-master", "source": { "type": "svn", "url": "https://svn.tc.dev/library/analyse", "reference": "/trunk" } } } }}

Fill in the Gist address in composer. json in the main project

{ "require" : { "php" : ">=5.4.0", "tc/analyse" : "0.9.3", "linearsoft/composer-svn-export" : "^0.1.2" }, "extra" : { "svn-export-repositories" : [ { "name" : "TC", "type" : "composer", "url" : "https://gist.githubusercontent.com/lancerhe/379eeee89fd0db8c0c4ca19c6bddas2f/raw/915a720635949c9d4013746845b952f88af358db" } ] }, "minimum-stability" : "stable"}

Run composer update

➜  www.my-project.com composer updateYou are running composer with xdebug enabled. This has a major impact on runtime performance. See https://getcomposer.org/xdebugAdded SvnExport repo: TCLoading composer repositories with package informationUpdating dependencies (including require-dev)  - Updating tapcash/analyse (0.9.2 => 0.9.3)    Exporting /tags/0.9.3Writing lock fileGenerating autoload files