[TASK] Validate the composer.json during the CI build

[oliverklee]

Also update the license in the composer.json to be compatible with Composer 1.6.

[IchHabRecht]

Hi @oliverklee,

Thank you for your pull request, As you can see the validation fails always because the composer,json was reset before but the composer.lock file is still available. Would you mind to explain why you want to integrate the composer validation? As we run composer install on every build, there is some kind of validation already. As we do not commit the composer.lock there is no reason to validate both.

[oliverklee]

The additional benefit is that this also catches non-breaking things (in the composer.json, not the composer.lock, e.g., the obsolete license text.

The --no-check-lock actually should ensure that a non-matching lock file will only create a warning, but not make the build fail. I'll look into this.

[oliverklee]

Rebased and repushed. On my local machine, this works. Let's see whether this is green on Travis as well …

[IchHabRecht]

Hi @oliverklee,

According to the composer documentation as well as a local validation, the license information is perfectly valid as it is right now (GPL-2.0+). Please see example from https://getcomposer.org/doc/04-schema.md#license

[oliverklee]

@IchHabRecht Then it seems that the documentation is not up to date to the latest code changes in Composer 1.6.x. This is the result when I validate the composer.json of the TF master with Composer 1.6.2:

klee@gonzales:~/src/typo3/ext/testing-framework$ composer validate --no-check-all --no-check-lock
./composer.json is valid, but with a few warnings
See https://getcomposer.org/doc/04-schema.md for details on the schema
License "GPL-2.0+" is a deprecated SPDX license identifier, use "GPL-2.0+-only" or "GPL-2.0+-or-later" instead

[oliverklee]

(The surplus plus sign in the recommended license string is a bug that already is fixed in the current Composer master.)

[oliverklee]

@IchHabRecht What's your local Composer version, and what's your output with composer validate --strict --no-check-all --no-check-lock?

[oliverklee]

This is the corresponding change in Composer: https://github.com/composer/composer/blob/master/CHANGELOG.md#160-2018-01-04

(I still need to find out why the build breaks.)

[oliverklee]

It looks like the validation does not play well together with the current workflow in Travis. Hence, abandoning this PR.