Composer: When checking out specific commit from a repository, requirements are erroneously resolved from composer.json in the topmost commit of the branch
I am trying to require older version of library, which has no tag. Repositories are defined as follows:
"repositories": [
{ "type": "vcs", "url": "https://github.com/nette/nette.git" }
],
"require": {
"nette/nette": "dev-master#b8ca5b82d407453b8cf26ce08a36ee698452d000"
},
The commit is present in the branch dev-master, composer.json is present with no requirements, however on composer install an error is issued suggesting that the package resolves requirements from topmost commit of dev-master branch:
Your requirements could not be resolved to an installable set of packages.
Problem 1
- nette/nette dev-master requires nette/application >=2.3.0 -> no matching package found.
- nette/nette dev-master requires nette/application >=2.3.0 -> no matching package found.
- Installation request for nette/nette dev-master#b8ca5b82d407453b8cf26ce08a36ee698452d000 -> satisfiable by nette/nette[dev-master].
Composer version is 07c644ac229a21df80180598d8bb9aaba232eecb
finwe
All 3 comments
That's because composer does not know about the composer.json file in that specific hash. Packagist only stores the latest composer.json for dev-master. Composer cannot determine what is in the composer.json of that specific commit. It would require a git clone to be able to determine that. For sane reasons this is not supported, see #599. Your only option is creating a lock file with this commit .
alcohol
on 5 Feb 2015
Yup, see the blue note at https://getcomposer.org/doc/04-schema.md#package-links (gotta scroll a bit) for more details.
Seldaek
on 5 Feb 2015
OK, sure, thanks for explanation.
finwe
on 5 Feb 2015
Related issues
ravanscafi
·
3Comments
ktomk
·
3Comments
franz-josef-kaiser
·
3Comments
FabioQ
·
3Comments
GhulamJafar
·
3Comments
Most helpful comment
That's because composer does not know about the composer.json file in that specific hash. Packagist only stores the latest composer.json for dev-master. Composer cannot determine what is in the composer.json of that specific commit. It would require a git clone to be able to determine that. For sane reasons this is not supported, see #599. Your only option is creating a lock file with this commit .