Closed Morgy93 closed 2 years ago
Did you download and have these files present in your setup? So your system will be like
./patches/magento/MDVA-43395_EE_2.4.3-p1_COMPOSER_v1.patch
./patches/magento/MDVA-43443_EE_2.4.2-p2_COMPOSER_v1.patch
./composer.json
./composer.lock
Maybe its thinking they're meant to be remote patches if they do not exist for you locally.
Did you download and have these files present in your setup? So your system will be like
./patches/magento/MDVA-43395_EE_2.4.3-p1_COMPOSER_v1.patch ./patches/magento/MDVA-43443_EE_2.4.2-p2_COMPOSER_v1.patch ./composer.json ./composer.lock
Maybe its thinking they're meant to be remote patches if they do not exist for you locally.
You don't have to. The download happens before the patch file check. This is also confirmed by https://github.com/vaimo/composer-patches/issues/71
And a completely different error would then be thrown:
(The -vvv
then says the file does not exist)
If you have not manually downloaded the patches and created them in those file paths I do not know where your system would get the patch files, you asked for the different config I had this would be the first one to try out.
If you have not manually downloaded the patches and created them in those file paths I do not know where your system would get the patch files, you asked for the different config I had this would be the first one to try out.
Like I wrote before, I checked both cases. It doesn't matter if the patch files are available or not, because the download happens before applying the patch. And if you run the download / use cache then a completely different error is thrown.
Maybe you can check composer config --list
and composer config --global --list
to see if credentials for repo.magento.com are available? Maybe you don't notice the download, because credentials are globally available. And/Or used from cache which can be checked with composer clear-cache
I've never had repo.magento.com credentials on this machine. I couldn't be talking to repo.magento.com if I tried :/
I've never had repo.magento.com credentials on this machine. I couldn't be talking to repo.magento.com if I tried :/
Alright, could you please check the composer.lock
for your magento/framework
entry?
Maybe your url
is different and points directly to some custom repo. E.g.:
{
"name": "magento/framework",
"version": "103.0.3",
"dist": {
"type": "zip",
"url": "https://repo.magento.com/archives/magento/framework/magento-framework-103.0.3.0.zip",
"mirrors": [
{
"url": "https://repo.packagist.com/YOUR-COMPANY/dists/%package%/%version%/r%reference%.%type%",
"preferred": true
}
]
},
Those are the only two things I could imagine happening here. If that's not the case either, I have to wait for official staff to check on this issue. 😁
@Morgy93 that's how it should look yes.
@Morgy93 perhaps you can look also at your vendor/composer/installed.json
, whether the "mirrors" array is in the "dist" section of the "magento/framework" package, like shown above for composer.lock
. (Also could you let me know which version of Composer you are using?)
Sadly I don't have a Private Packagist to test with, but in my initial testing (manually modifying composer.lock and installed.json), I can repeat your case if ... installed.json
does not contain the mirrors section for the package. When I manually add that to installed.json
, it then appears to pick the right place to download from (both with Composer 1 and Composer 2). So, I wonder if perhaps Composer never stores the mirrors section of a package in the installed.json
file?
@Morgy93 perhaps you can look also at your
vendor/composer/installed.json
, whether the "mirrors" array is in the "dist" section of the "magento/framework" package, like shown above forcomposer.lock
. (Also could you let me know which version of Composer you are using?)Sadly I don't have a Private Packagist to test with, but in my initial testing (manually modifying composer.lock and installed.json), I can repeat your case if ...
installed.json
does not contain the mirrors section for the package. When I manually add that toinstalled.json
, it then appears to pick the right place to download from (both with Composer 1 and Composer 2). So, I wonder if perhaps Composer never stores the mirrors section of a package in theinstalled.json
file?
I think we can take a shortcut here. Been on 2.1. before and updated to 2.2. - I did not expect it to make a difference, since there is no requirement for this module, but it seems to work now. 🙄
I'll close this for now and will report back if I encounter any errors. Thanks very much for the help so far!
Composer mirrors are not used on patch install like private packagist
To Reproduce Steps to reproduce the behavior:
composer create-project --repository-url=https://repo.magento.com/ magento/project-community-edition <install-directory-name>
| see: https://devdocs.magento.com/guides/v2.4/install-gde/composer.html#get-the-metapackage)composer.json
and editrepositories
to include your repo e.g.:composer update
to update repos forcomposer.lock
composer.json
again and add a patch e.g.:auth.json
. It should only include the repo.packagist.com credentials.composer clear-cache
so no cache is used for applying the patch. (Else it will work just fine because of the cached files from the download before)composer install
orcomposer patch:apply
Expected It should apply the patch or at least download the package from the private packagist.
Actual It tries to download the package from repo.magento.com (which it should not)
Notes This is probably somewhat related / "caused" by #71