Composer Checker alternatives and similar libraries
Based on the "Dependency Management Extras" category.
Alternatively, view Composer Checker alternatives based on common mentions on social networks and blogs.
-
Satis
Simple static Composer repository generator - For a full private Composer repo use Private Packagist -
Composed
Easily parse your project's Composer configuration, and those of its dependencies, at runtime
InfluxDB - Purpose built for real-time analytics at any scale.
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of Composer Checker or a related project?
README
Composer Checker
A simple tool for various composer related checks and validations.
Usage
$ php bin/composer-checker
Available commands:
help Displays help for a command
list Lists commands
check
check:dist Matching the dist urls in a composer.lock file against some patterns.
check:src Matching the src urls in a composer.lock file against some patterns.
remove
remove:dist Removing dist urls from a composer.lock file.
remove:src Removing src urls from a composer.lock file.
Check: Dist-Urls
This check is intended to validate the dist-urls in a composer.lock file. When using a Satis Mirror for your packages, it might break your ci/deployment when external dist-urls are used in your composer.lock file.
Simply run this command to check against the url "satis.example.com":
$ php bin/composer-checker check:dist -p "satis.example.com" composer.lock
--- Invalid urls found ---
+-----------------+-----------------------------------------------------------------------------------------------+
| Package | Dist-URL |
+-----------------+-----------------------------------------------------------------------------------------------+
| symfony/console | https://api.github.com/repos/symfony/Console/zipball/00848d3e13cf512e77c7498c2b3b0192f61f4b18 |
+-----------------+-----------------------------------------------------------------------------------------------+
The output gives a hint, which packages do not comply with the given url pattern, which is basically just a regex. A positive example with a more complex regex:
$ php bin/composer-checker check:dist -p "^https://api.github.com/repos/(.+)/(.+)/zipball/([a-f0-9]+)$" composer.lock
All urls valid.
It is also possible to enforce to use only "https" dist-urls with a pattern like this:
$ php bin/composer-checker check:dist -p "^https://" composer.lock
Allowing empty or missing dist urls can be done with the --allow-empty
switch.
Check: Source-Urls
Parallel to the dist urls, the source urls can be checked too.
$ php bin/composer-checker check:src -p "[email protected]/foo.git" composer.lock
Allowing empty or missing source urls can be done with the --allow-empty
switch.
Remove: Dist-Urls
This command will remove distribution urls from a given composer.lock
file.
Forcing composer to install all packages from "source".
It is possible to --except
specific patterns like "jquery.com". These urls will not be removed.
php bin/composer-checker remove:dist -e jquery.com composer.lock
Remove: Source-Urls
Working the same as the remove:dist
counterpart. Removing the "source" entries from a given composer.lock
file.
php bin/composer-checker remove:src -e jquery.com composer.lock
This command can be very useful for automated deploying. Because if a package mirror like Satis, holding "dist" copies, is not available, composer will silently fail back to using "source" packages creating a unnoticed dependency between production and the VCS. Removing all the "source" entries from a composer.lock file, will force composer to only use the "dist" urls or stop with a failure.
LICENSE
The license can be found here: [LICENSE](LICENSE)
*Note that all licence references and agreements mentioned in the Composer Checker README section above
are relevant to that project's source code only.