Commit
- Loading branch information
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| build/* export-ignore | ||
| tests/* export-ignore | ||
| composer.lock export-ignore | ||
| .coveralls export-ignore | ||
| .gitattributes export-ignore | ||
| .gitignore export-ignore | ||
| .scrutinizer.yml export-ignore | ||
| .travis.yml export-ignore | ||
| box.json export-ignore | ||
| build.properties.dev export-ignore | ||
| build.xml export-ignore | ||
| composer.json export-ignore | ||
| composer.lock export-ignore | ||
| LICENSE export-ignore | ||
This comment has been minimized.
Sorry, something went wrong. |
||
10 comments
on commit 3a787de
There was a problem hiding this comment.
Why on earth would you exclude the composer.json? It contains vital information, and assuming it is only ever fetched via packagist and or used internally in composer itself is wrong… Flow e.g. uses it to look at dependencies on it's own, and I'd always assume a composer package I download–whichever way–contains a manifest.
There was a problem hiding this comment.
@kdambekalns tools running locally should rely on the metadata about installed packages (or on the lock file) IMO, as these are the metadata used by composer (if there is a mismatch, which can happen if you use a package repository while the code has a composer.json, the repository wins, not the file in the downloaded code)
There was a problem hiding this comment.
Well despite not being absolutely necessary, I am not against putting it back in the tarball.
In this case, it's an app not a library, so we should maybe put both the composer.json and the composer.lock in the archive ? @stof @kdambekalns
There was a problem hiding this comment.
Would be great to have both in :)
There was a problem hiding this comment.
Well, for me it is definitely a library, but YMMV. Anyway, does no harm at all, so it would be nice to have both in.
There was a problem hiding this comment.
Since composer.json has become the place to store metadata about a repository in general, removing it makes that information unavailable to everyone downloading the archive. E.g. it's the only place mentioning the project website, authors, minimum php version. That in itself should be enough reason to keep it IMO.
There was a problem hiding this comment.
@stof @mikeSimonson: hey, any update on this?
There was a problem hiding this comment.
@aertmann Thanks for the ping.
I will put back the composer.json as it can be usefull if you download the tarball by another means than composer.
As for the composer.lock it should also be remove from the gitattributes but it won't put it in the archive as it isn't tracked by git.
There was a problem hiding this comment.
@mikeSimonson thanks! much appreciated
the license must not be excluded. It would violate the license if you don't ship it