Composer:How to Add a Dependency Without Network Connection

Composer : how to add a dependency without network connection?

Thanks to edmondscommerce's comment I found the solution:

I update my main composer.json file with an artifact respository (and I disable the packagist one):

{
    "name": "user/silex",
    "repositories": [
        {
            "type": "artifact",
            "url": "artifact/"
        }, {
            "packagist": false
        }
    ], "require": {
        "silex/silex": "1.2"
                , "twig/twig": ">=1.8,<2.0-dev"
                , "monolog/monolog": "1.*"
                , "doctrine/dbal": "2.2.*"
                , "symfony/security": "~2.3"
    },
    "autoload": {
        "psr-4": {
            "Portal\\": "src/"
        }
    }
}

Then I put a folder called artifact according to the url put in the composer.json file.

I create into this folder a zip called monolog-monolog-1.8.zip with the library I want to add.

Then just launch a composer update command!

Be carefull, zip's root must contain a composer.json file, and this composer.json file must contain a version!

Cannot make composer install work offline

By default Composer does not disable access to packagist.org when you add custom repos. You can disable it with the following config:

{
    "repositories": [
        {
            "packagist.org": false
        }
    ]
}

Composer: how can I install another dependency without updating old ones?

To install a new package and only that, you have two options:

1. Using the require command, just run:

   composer require new/package
   

   Composer will guess the best version constraint to use, install the package, and add it to composer.lock.

   You can also specify an explicit version constraint by running:

   composer require new/package ~2.5
   

–OR–

2. Using the update command, add the new package manually to composer.json, then run:

   composer update new/package
   

If Composer complains, stating "Your requirements could not be resolved to an installable set of packages.", you can resolve this by passing the flag --with-dependencies. This will whitelist all dependencies of the package you are trying to install/update (but none of your other dependencies).

Regarding the question asker's issues with Laravel and mcrypt: check that it's properly enabled in your CLI php.ini. If php -m doesn't list mcrypt then it's missing.

Important: Don't forget to specify new/package when using composer update! Omitting that argument will cause all dependencies, as well as composer.lock, to be updated.

How to get composer to install older version of a specific dependency within required range?

Since install is meant to read from a lockfile, this option wouldn't make sense for the command.

But for update (and if there is no lockfile, install behaves as update), there is the --prefer-lowest flag (docs).

There is also the option to downgrade a specific package without affecting your composer.json file, by running something like:

composer update --with vendor/package:2.0.1

Mind you, any of these options will modify your lockfile, so after testing you would probably need to git restore composer.lock to go back to the original state.

Commiting a lockfile for a project by mistake should be a biggish issue. Since applications are usually built/deployed by reading the lockfile, a lockfile in an inconsistent state could break things in unexpected places.

But warding of commiting and pushing changes by mistake seems to be excessive, IMO. Developers can make changes to any file, and if they commit those "by mistake", things can break all around.

Expecting a basic "I should look what's changed before staging and commiting" seems a very low bar to me.

How do I install Composer PHP packages without Composer?

The composer.json file lists the dependencies. In your example:

"require": {
    "php": ">=5.5.0",
    "guzzlehttp/guzzle": "^6.0",
    "psr/http-message": "^1.0",
    "psr/log": "^1.0"
},

You must then find the corresponding packages in the packagist site. Repeat the same process for each dependency: find additional dependencies in their corresponding composer.json files and search again.

When you finally have a complete list of the required packages, you only need to install them all one by one. For the most part, it's just a matter of dropping the files somewhere in your project directory. But you must also ensure that PHP can find the needed classes. Since you aren't using Composer's auto-loader, you need to add them to your own custom autoloader. You can figure out the information from the respective composer.json files, e.g.:

"autoload": {
    "psr-4": { "Coinbase\\Wallet\\": "src/" }
},

If you don't use a class auto-loader you'll need to figure out the individual require_once statements. You'll probably need a lot of trial and error because most library authors won't care documenting that.

Also, and just in case there's confusion about this:

• Composer has an official GUI installer for Windows and a copy and paste command-line installation procedure for all platforms.
• Composer can be run locally and its output just uploaded elsewhere. You don't need SSH in your shared hosting.
• The command needed to install a library can be copied and pasted from the package web site—even if the package maintainer didn't care to document it, packagist.org generates it by default.

Composer is not perfect and it doesn't suit all use cases but, when it comes to installing a library that relies on it, it's undoubtedly the best alternative and it's a fairly decent one.

---

I've checked other answers that came after mine. They mostly fall in two categories:

1. Install a library and write a custom download script with it
2. Use an online web based interface for Composer

Unless I'm missing something, none of them address the complaints expressed by the OP:

• Learning curve
• Use of third-party software
• Possibility to develop right on the server (using SSH, I presume)
• Potentially deep dependency tree

---

Related Topics