Closed Morgy93 closed 2 years ago
convenient
commented
2 years ago Did you download and have these files present in your setup? So your system will be like
./patches/magento/MDVA-43395_EE_2.4.3-p1_COMPOSER_v1.patch
./patches/magento/MDVA-43443_EE_2.4.2-p2_COMPOSER_v1.patch
./composer.json
./composer.lockMaybe its thinking they're meant to be remote patches if they do not exist for you locally.
Morgy93
commented
2 years ago Did you download and have these files present in your setup? So your system will be like
./patches/magento/MDVA-43395_EE_2.4.3-p1_COMPOSER_v1.patch ./patches/magento/MDVA-43443_EE_2.4.2-p2_COMPOSER_v1.patch ./composer.json ./composer.lockMaybe its thinking they're meant to be remote patches if they do not exist for you locally.
You don't have to. The download happens before the patch file check. This is also confirmed by https://github.com/vaimo/composer-patches/issues/71
And a completely different error would then be thrown:
(The -vvv then says the file does not exist)
convenient
commented
2 years ago If you have not manually downloaded the patches and created them in those file paths I do not know where your system would get the patch files, you asked for the different config I had this would be the first one to try out.
Morgy93
commented
2 years ago If you have not manually downloaded the patches and created them in those file paths I do not know where your system would get the patch files, you asked for the different config I had this would be the first one to try out.
Like I wrote before, I checked both cases. It doesn't matter if the patch files are available or not, because the download happens before applying the patch. And if you run the download / use cache then a completely different error is thrown.
Maybe you can check composer config --list and composer config --global --list to see if credentials for repo.magento.com are available? Maybe you don't notice the download, because credentials are globally available. And/Or used from cache which can be checked with composer clear-cache
convenient
commented
2 years ago I've never had repo.magento.com credentials on this machine. I couldn't be talking to repo.magento.com if I tried :/
Morgy93
commented
2 years ago I've never had repo.magento.com credentials on this machine. I couldn't be talking to repo.magento.com if I tried :/
Alright, could you please check the composer.lock for your magento/framework entry?
Maybe your url is different and points directly to some custom repo. E.g.:
{
"name": "magento/framework",
"version": "103.0.3",
"dist": {
"type": "zip",
"url": "https://repo.magento.com/archives/magento/framework/magento-framework-103.0.3.0.zip",
"mirrors": [
{
"url": "https://repo.packagist.com/YOUR-COMPANY/dists/%package%/%version%/r%reference%.%type%",
"preferred": true
}
]
},Those are the only two things I could imagine happening here. If that's not the case either, I have to wait for official staff to check on this issue. 😁
convenient
commented
2 years ago @Morgy93 that's how it should look yes.
vaimo-wilko
commented
2 years ago @Morgy93 perhaps you can look also at your vendor/composer/installed.json, whether the "mirrors" array is in the "dist" section of the "magento/framework" package, like shown above for composer.lock. (Also could you let me know which version of Composer you are using?)
Sadly I don't have a Private Packagist to test with, but in my initial testing (manually modifying composer.lock and installed.json), I can repeat your case if ... installed.json does not contain the mirrors section for the package. When I manually add that to installed.json, it then appears to pick the right place to download from (both with Composer 1 and Composer 2). So, I wonder if perhaps Composer never stores the mirrors section of a package in the installed.json file?
Morgy93
commented
2 years ago @Morgy93 perhaps you can look also at your
vendor/composer/installed.json, whether the "mirrors" array is in the "dist" section of the "magento/framework" package, like shown above forcomposer.lock. (Also could you let me know which version of Composer you are using?)Sadly I don't have a Private Packagist to test with, but in my initial testing (manually modifying composer.lock and installed.json), I can repeat your case if ...
installed.jsondoes not contain the mirrors section for the package. When I manually add that toinstalled.json, it then appears to pick the right place to download from (both with Composer 1 and Composer 2). So, I wonder if perhaps Composer never stores the mirrors section of a package in theinstalled.jsonfile?
I think we can take a shortcut here. Been on 2.1. before and updated to 2.2. - I did not expect it to make a difference, since there is no requirement for this module, but it seems to work now. 🙄
I'll close this for now and will report back if I encounter any errors. Thanks very much for the help so far!
Composer mirrors are not used on patch install like private packagist
To Reproduce Steps to reproduce the behavior:
composer create-project --repository-url=https://repo.magento.com/ magento/project-community-edition <install-directory-name>| see: https://devdocs.magento.com/guides/v2.4/install-gde/composer.html#get-the-metapackage)composer.jsonand editrepositoriesto include your repo e.g.:composer updateto update repos forcomposer.lockcomposer.jsonagain and add a patch e.g.:auth.json. It should only include the repo.packagist.com credentials.composer clear-cacheso no cache is used for applying the patch. (Else it will work just fine because of the cached files from the download before)composer installorcomposer patch:applyExpected It should apply the patch or at least download the package from the private packagist.
Actual It tries to download the package from repo.magento.com (which it should not)
Notes This is probably somewhat related / "caused" by #71