Tilde/Caret versioning range and specifying the stability like ^x.y.*-dev
arfar-x opened this issue · comments
Hello there,
I'm using a private registry named Nexus for my company's internal packages. The scenario is I store different package stability for each version. I.e. for v1.0.0 I have 1.0.0
, 1.0.0-rc
, and 1.0.0-dev
. Additionally, the repository type I have used for this private registry is set as composer
. Therefore, I don't have any of my Git tags and I have to handle the versions by packages names and the URLs.
Here is how I store packages and its works well:
composer archive --format="zip" --file=user-module
curl --user user:pass --upload-file "user-module.zip" https://nexus.domain.com/repository/composer-local/packages/upload/internalvendor/user-module/1.0.0-dev
Here is a detailed information of how my versions are.
>>> composer show internalvendor/user-module -a
name : internalvendor/user-module
descrip. : Authentication and user management module.
keywords :
versions : 1.0.0.3102-rc, * 1.0.0, 1.0.0-rc, 1.0.0-dev, 1.0.1-dev, 1.2.0-dev
type : laravel-module
license : other
homepage :
source : []
dist : [zip] https://nexus.domain.com/repository/composer-local/internalvendor/user-module/1.0.0/internalvendor-user-module-1.0.0.zip f7c5226ad2531454debf07d56c6144a64c433301
path : /var/www/html/modules/User
names : internalvendor/user-module
autoload
psr-4
Modules\User\ => .
requires
laravel/sanctum ^2.15
internalvendor/core-module 1.0.0
internalvendor/product-module 1.0.0
So the question is:
How can I specify the version range to install the latest version of each package with the desired stability ?
I want something like this:
composer require internalvendor/user-module:^1.0-dev
that is expected to install the latest version of package existed on the repository:
1.2.0-dev
or if 1.2.0-dev hadn't existed, install: 1.0.1-dev
And this must perform the same for `-rc` prefixes.
This page: https://getcomposer.org/doc/articles/versions.md#stability-constraints
talks about using @dev
to adjust the stability constraint for an individual package. You can also set minimum-stability
as described here: https://getcomposer.org/doc/04-schema.md#minimum-stability
This page: https://getcomposer.org/doc/articles/versions.md#stability-constraints talks about using
@dev
to adjust the stability constraint for an individual package. You can also setminimum-stability
as described here: https://getcomposer.org/doc/04-schema.md#minimum-stability
Thanks for your response @fredden
I tried setting minimum-stability: dev
in root 'composer.json' where I do require
those internal packages. I reckon the point is in what convention the packages are stored on the registry. When I publish the packages via the above URL, how should it be structured ?
registry-url/internalvendor/user-module/1.0.0@dev
(dev or even rc),
registry-url/internalvendor/user-module/1.0.0-dev
,
registry-url/internalvendor/user-module/dev-1.0.0
, etc.
Which one is the most suitable ? If it's helpful, how does Packagist.org store the packages itself ?
EDITED:
The issue appears when I run:
composer require internalvendor/user-module:^1.0-dev
The command above finds and picks the latest version of package (let's say 1.2.0), but totally ignores -dev
prefix and installs the stable version despite specifying the package's to be '-dev' version.
What is expected to be installed is the version 1.2.0-dev
.
It's also worth mentioning that it works when the version is strictly specified as '1.0.1-dev'. However, it doesn't work with caret or tilde versioning.
@Seldaek Don't you have any idea ? Seems to be a weird one.
@arfar-x I can see that you have closed this issue. Are we to understand that you have found all the answers you were seeking? Please can you post some details here or a link to the documentation where you found the answers? This will help others who might be having a similar issue.
Or perhaps this was closed by mistake, and the issue is not yet solved?
Please can you post some details
The issue is not resolved yet. What details should I provide exactly ? I've already provided information I thought it would be useful.