search

Ocramius / PackageVersions

:package: Composer addon to efficiently get installed packages' version numbers
MIT License
3.22k stars 67 forks source link

Backport #82 to 1.4 #112

Closed Jean85 closed 4 years ago

Jean85 commented 4 years ago

Due to #110, we discovered that in some cases, other Composer hooks could interfere with this package, triggering it before it's ready at first install.

82 solves this issue already, but it's available in 1.5.0, which requires PHP 7.3. Since this package is used by sentry/sentry (which requires PHP 7.1), I'm backporting #82 to make this fix available to all Sentry users.

Ocramius commented 4 years ago

The 7.4 failure is related to tooling, not this repository. @Jean85 I'm OK with merging this as-is.

Ocramius commented 4 years ago

Seems green - ready to go?

Jean85 commented 4 years ago

Yes it is! :+1:

Ocramius commented 4 years ago

Thanks @Jean85!

arondeparon commented 4 years ago

@Jean85 we're stumbling upon errors after upgrading this library in our latest deployment that is done using the following composer command:

composer install --prefer-dist --no-scripts --no-dev --optimize-autoloader

When we run composer install without --no-scripts everything works fine.

The error that we are seeing is:

Required package "sentry/sentry" is not installed: check your ./vendor/composer/installed.json and/or ./composer.lock files

Ocramius commented 4 years ago

@ArondeParon does this also affect 1.5.x?

arondeparon commented 4 years ago

@Ocramius I don't think so, but cannot verify it because we are on PHP 7.2 for this particular project.

We did some digging around and I think that we found the issue:

The getPackageData() method in 1.5.x looks for installed.json in the following path: __DIR__ . '/../../../../composer/installed.json',

... while 1.4.1 looks for it in getcwd() . '/vendor/composer/installed.json',.

When running composer install --no-scripts, getcwd() will resolve to the public root of the application, which, in our case (Laravel) is the public folder that lives one level deeper that the application root.

This causes the package to look for installed.json in ./public/vendor/composer/installed.json which does not exist.

When using the same path for finding the file as 1.5.x, the issue is resolved: __DIR__ . '/../../../../composer/installed.json',

Ocramius commented 4 years ago

Possibly need to backport https://github.com/Ocramius/PackageVersions/commit/1d32342b8c1eb27353c8887c366147b4c2da673c too - can you send me a PR targeting 1.4.x?

arondeparon commented 4 years ago

@Ocramius done! See https://github.com/Ocramius/PackageVersions/pull/113