使用Composer时如何处理另一个存储库中的存储库?
[英]How do I handle having a repository inside another repository when using Composer?
问题描述
I have a project and I use Git for doing version control in this project. 
我有一个项目,我使用Git在该项目中进行版本控制。 Within this project I have to add a few libraries as dependencies (more specifically PHPUnit and Guzzle). 在这个项目中,我必须添加一些库作为依赖项(更具体地说是PHPUnit和Guzzle)。 The requirements say that these libraries have to live in a folder of my project and I have to use composer to install/update them. 要求说这些库必须位于我项目的文件夹中,并且我必须使用composer来安装/更新它们。
So I did that and my directory structure looks something like this: 所以我做到了,我的目录结构看起来像这样:
project
|----- .git
|----- libs
|---- guzzle
|---- .git
|---- phpunit
|---- .git
So the guzzle and phpunit folders both have a separate .git folder. 因此, guzzle和phpunit文件夹中都有一个单独的.git文件夹。 This is because, as far as I can tell, composer makes a clone of the master branch from github in order to retrieve the source code of these libraries. 据我所知,这是因为作曲家从github复制了master分支,以便检索这些库的源代码。
So I did a commit+push on a remote repository. 因此,我在远程存储库上进行了一次commit + push。 However, when someone else pulls from that repository, the files contained in the libs/guzzle and libs/phunit folders do not appear in that person's working directory. 然而,当别人从仓库拉,包含在文件libs/guzzle和libs/phunit文件夹不会出现在此人的工作目录。
I'm thinking this is because of the 2 .git folders. 我在想这是因为有2个.git文件夹。
How can I fix this ? 我怎样才能解决这个问题 ? I tried searching the documentation of composer for a way to specify in composer.json to get ONLY the last snapshot so to speak. 我尝试在composer的文档中搜索一种在composer.json指定的方法,以便仅获得最后的快照。 But I couldn't find anything. 但是我什么也找不到。
I also thought about deleting the .git directories, but won't that break everything if I try to do a composer update in a few months ? 我还考虑过删除.git目录,但是如果我尝试在几个月内进行composer update ,那不会破坏一切吗?
Did anyone have this sort of problem in the past ? 过去有人遇到过这种问题吗? How did you solve it ? 您是如何解决的?
2 个解决方案
解决方案1
2 2013-10-21 12:15:28
解决方案2
1 已采纳 2013-10-21 18:32:14
I have some comments and explanations. 我有一些评论和解释。
First, your usage of Composer created git clone artefacts. 首先,您对Composer的使用创建了git clone人工制品。 While this isn't completely bad, it should be avoided because cloning a repo of an active project usually is a lot more data than installing a released version. 尽管这并不十分糟糕,但应避免使用它,因为克隆活动项目的存储库通常比安装已发布的版本多得多的数据。
Try to use --prefer-dist if you can. 如果可以,请尝试使用--prefer-dist 。 This will download ZIP files of the version, not clone from Github. 这将下载该版本的ZIP文件,而不是从Github克隆的文件。 Note that this option is the default for stable versions, which brings me to the next point... 请注意,此选项是稳定版本的默认选项,这将使我进入下一步。
Do use stable versions. 请使用稳定版本。 Do not use dev-master versions if you can avoid it. 如果可以避免,请不要使用dev-master版本。 You mentioned using PHPUnit and Guzzle. 您提到使用PHPUnit和Guzzle。 Both are released in stable versions that you can use. 两者均以可用的稳定版本发布。 Do it. 做吧 There is no benefit with these two libraries to use unstable development versions, unless you absolutely need a feature. 这两个库使用不稳定的开发版本没有任何好处,除非您绝对需要某个功能。 The problem with using an unstable version might not be showing right away. 使用不稳定版本的问题可能不会立即显示。 But think about what would happen half a year from now. 但是考虑一下半年后会发生什么。 Somebody updates your dependencies pointing to dev-master , which now points to whatever happened since then. 有人更新了您的依赖,指向dev-master ,它现在指向此后发生的一切。 PHPUnit or Guzzle might have had a new major release with incompatible changes. PHPUnit或Guzzle可能有一个新的主要版本,具有不兼容的更改。 And now your project breaks unnecessarily. 现在,您的项目不必要地中断了。
Another thing is the requirement to put external libraries in defined folders. 另一件事是要求将外部库放在定义的文件夹中。 It is doable, but it shouldn't really be done. 这是可行的,但实际上不应该这样做。 Composer does work with any folder, but my usual reaction to seeing a composer.json in the top level directory is to expect getting a vendor folder containing the autoload.php . Composer可以使用任何文件夹,但是我通常会在顶级目录中看到composer.json ,这是希望得到一个包含autoload.php的vendor文件夹。 Changing this needs a little bit more of explanation to a new developer who might also expect Composer to work as default as possible. 更改此设置需要向新开发人员提供更多解释,新开发人员也可能希望Composer尽可能使用默认设置。 Because there is no reason to put Composer-managed dependencies anywhere, they are best put where everyone would expect them. 因为没有理由将Composer管理的依赖项放在任何地方,所以最好将它们放在每个人都期望的位置。 Don't change the vendor folder if you don't have to. 无需更改vendor文件夹。
And the last point is: Do commit your composer.lock , but don't commit the vendor folder. 最后一点是: 提交composer.lock ,但不要提交vendor文件夹。 This is because the vendor folder might contain traces of the source control systems used by the external libraries, and these might confuse your projects source control. 这是因为供应商文件夹可能包含外部库使用的源代码管理系统的跟踪,而这些跟踪跟踪可能会使您的项目的源代码管理混乱。 The correct workflow is to commit the composer.lock , and everybody checking out your project has to run composer install to grab these dependencies from the internet. 正确的工作流程是commit composer.lock ,每个签出您的项目的人都必须运行composer install来从互联网上获取这些依赖项。 This also applies to deployment scripts that do the checkout. 这也适用于执行签出的部署脚本。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.