只是把包裹推到了包装上:
composer require rokfor/rokfor-slim:dev-master
它正在返回错误
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Installation request for rokfor/rokfor-slim
dev-master -> satisfiable by rokfor/rokfor-slim[dev-master].
- rokfor/rokfor-slim dev-master requires
jlndk/slim-jade ^1.0 -> no matching package found.
如果我正在查看
$ git clone https://github.com/rokfor/rokfor-slim
$ cd rokfor-slim
$ composer install
一切安装得很好。
我想我在这里缺少一些至关重要的东西。是否不允许使用来自vcs存储库的源将包推送到packagist?
composer.json看起来像:
{
"name": "rokfor/rokfor-slim",
"description": "Rokfor CMS: Headless CMS with JSON api",
"keywords": ["rokfor", "slim","framework","view","template","jade"],
"homepage": "http://cloud.rokfor.ch",
"license": "MIT",
"type": "project",
"time": "2016-02-28",
"authors": [
{
"name": "Rokfor",
"homepage": "http://www.rokfor.ch"
}
],
"repositories": [
{
"type": "vcs",
"url": "https://github.com/urshofer/slim-jade"
},
{
"type": "vcs",
"url": "https://github.com/Rokfor/rokfor-php-db"
},
{
"type": "vcs",
"url": "https://github.com/urshofer/slim-auth"
}
],
"require": {
"php": ">=5.5.0",
"slim/slim": "~3.0",
"jlndk/slim-jade": "^1.0",
"rokfor/db": "dev-versioning",
"monolog/monolog": "^1.17",
"slim/csrf": "^0.6.0",
"jeremykendall/slim-auth": "dev-slim-3.x",
"slim/flash": "^0.1.0",
"akrabat/rka-ip-address-middleware": "^0.4.0",
"palanik/corsslim": "dev-slim3",
"erusev/parsedown": "^1.6",
"predis/predis": "^1.0",
"lcobucci/jwt": "^3.1",
"ext-gd": "*"
},
"require-dev": {
"phpunit/phpunit": "*"
},
"minimum-stability": "dev",
"prefer-stable": true
}
答案 0 :(得分:0)
在库中,除了packagist.org上提供的库之外,您不能引用任何其他内容。或者,您指示用户引用其他来源以获取包信息。
仅允许根composer.json
添加vcs和软件包存储库,除了指示用户执行composer require your/lib
之外的其他操作之外,您不能将其作为库影响。这有点令人讨厌,也可能需要考虑安全因素,因为这不仅会为您的个人图书馆打开大门,也会为任何图书馆打开大门。
正如你使用“jlndk / slim-jade”(原作者从他的存储库中发布为0.0.1
),另一位作者重新发布它而不将其添加到packagist或更改lib的名称,添加版本标记1.0
),任何其他包信息源都可能添加更多包信息,即添加更新的恶意版本,例如一个symfony包。