d42ohpaz
commented
4 years ago Pinging @jdreesen to bring him into the conversation, as well as @Ocramius.
Closed d42ohpaz closed 4 years ago
d42ohpaz
commented
4 years ago Pinging @jdreesen to bring him into the conversation, as well as @Ocramius.
Ocramius
commented
4 years ago Users don't need to touch their minimum stability? (Already the case)
d42ohpaz
commented
4 years ago Ok, so at the root level of the dependency chain, you're right; you don't need to touch minimum-stability. However, as is my use case, when you have dependencies that rely on dev-master that's when things change. But, because this package is meant to be a dev requirement, then it shouldn't matter. Ok, that makes sense and thank you for the clarification. :)
In response to #55, I wanted to discuss the possibility of using aliases for dev-master to point to a 1.0.0 branch. The benefit of using a version is that users do not have to lower their minimum stability - which is typically a global setting - while allowing them to receive the most recent commits as if they were using the unbound dev-master version constraint.
It would look something like this:
Then you simply tag master as
v1.0.0(down at the root of commits). Done. Users would then update the version constraint to use^1.0or~1.0and runcomposer update --lock.Additionally, and this would be good to document in the instructions, is that you can inline the alias, such as
"roave/security-advisories": "dev-master as v1.0.x-dev". Though this will generate an IDE warning for users of IntelliJ editors that use the EA Inspections plugin (i.e., possibly an edge case).I'd be happy to submit a PR for it later this evening (it's 3pm -0400 for me right now).