Skip to content

A simple composer plugin to prevent package versions from being installed and provide a reason.

License

Notifications You must be signed in to change notification settings

hanoii/composer-should-not

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Composer should-not

This plugin removes certain versions from your dependency list preventing them from being installed and provide a reason for doing so.

While the idea of versions constraint is that you can do this on your composer.json that works OK as long as everybody in your team knows what to do when changing or requiring a new version constraint.

This module is meant to provide a fail-safe and document a reason for doing so that if others tries to change the current constraint that will fail and a warning with a reason will be provided.

Installation

Install as usual:

composer require hanoii/composer-should-not

Usage

The configuration of this plugin is through the "extra" property of your composer.json file.

{
    "extra": {
        "should-not": {
            "drupal/block_class": {
                "version": "^3",
                "reason": "Version constraint ^3 should not be installed, it is the a new release of the previous 1.x codebase."
            }
        }
    } 
}

Alternatively, you can also provide an array of reasons:

    "should-not": {
        "twig/twig": {
            "version": "~3.14.1",
            "reasons": [
                "3.14.1: Recurssion issue on drupal https://www.drupal.org/project/drupal/issues/3485956.",
                "3.14.2: Performance issues on drupal https://www.drupal.org/project/drupal/issues/3487031."
            ]
        }
    },

Note

dev versions are always allowed.

Demo

composer-should-not demo animated gif


The provided example configuration is what encouraged the creation of this plugin, see https://www.drupal.org/project/block_class/issues/3468976.

They decided to create a new major version out of an older codebase 🤷, and it has proven to be an issue for us, so with this we can preemptively avoid the module from being upgrade to 3.0. This was fixed with a new 4.0.0 release.

However, other times I wanted something like this for ducumenting why a certain dependency should be locked to a specific version (something that I needed several times in Drupal projects).

About

A simple composer plugin to prevent package versions from being installed and provide a reason.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages