Open cweagans opened 4 months ago
👋 Thanks for the idea! Please remember that this is an open source project - feature requests may or may not be implemented, and if they are, the timeline is unknown. If you need a guaranteed implementation or timeline, sponsorships are welcome!
Edit: Created a separate issue: https://github.com/cweagans/composer-patches/issues/551
2.0.0-beta2
.
And I was under the impression this feature was entirely removed and it was up to plugins to provide the feature?
We've been using https://github.com/wieni/composer-plugin-patchsets, which worked well for our use-case.
However, I **much** rather see this back in here so I'm happy to see it!
I see it's possible to **exclude** patches from a dependency using `"ignore-dependency-patches"`.
I think it should be inverse, I only allow patches from dependencies I trust.
I think the default option we have now (granting every dependency patch rights by default) can become a potential can of worms to debug.
People will have a much better understanding of why certain conflicts/errors happen if they are responsible to define which dependencies they want to grab patches from, which result in less GitHub issues/questions.
Is it possible to define:
```json
{
"ignore-dependency-patches": ["*"], // don't allow patches from anyone else (should be default I think)
"dependency-patches": ["your-org/drupal-patches"] // list of repositories you trust to apply patches from
}
```
```
The "patches/drupal/core/2264739_mr2851.patch" file could not be downloaded: Failed to open stream: No such file or directory
```
Where
```json
{
"name": "your-org/drupal-patches",
...
"patches": {
"drupal/core": {
"#2264739: Allow multiple field widgets to not use tabledrag": "patches/drupal/core/2264739_mr2851.patch"
}
}
}
```
patches/drupal/core/2264739_mr2851.patch
is a file inside one of the repositories that defined a patch.
🙄 I'm an idiot. That error is why this issue exists. I'll create a separate issue for my previous comment. Sorry
@cweagans if you want I can also take a look at this one. But I'm busy for the next two weeks.
I won't say no :) I'll update here if I beat you to it!
Verification
composer self-update
)composer update cweagans/composer-patches
)Is your feature request related to a problem?
If a dependency defines a patch that is distributed alongside that dependency, it has historically been difficult to actually get that patch to apply to the project.
Describe your proposed solution(s)
If a dependency defines a patch and also distributes that patch alongside the dependency, we should just fix the path so that Composer Patches does the right thing.
Describe alternatives
No response
Additional context
No response