| 19 May 2023 |
 Jan Tojnar | Pol: looks like the relative paths do not work 🙈
see nix build -L --keep-failed --no-write-lock-file ./tests#non-head-rev in https://github.com/fossar/composition-c4/pull/3 | 20:27:22 |
 Pol | Argh :S | 20:27:53 |
| Pol | What are we going to do with this thing? | 20:28:06 |
| Jan Tojnar | I am leaning towards patching composer | 20:28:34 |
| Jan Tojnar | https://github.com/composer/composer/blob/6111ff5cda367d345bf2cf99b8ca95b56fc7459e/src/Composer/Downloader/PathDownloader.php#L46 | 20:28:35 |
| Pol | Checking | 20:29:32 |
| Pol | Do you think this would fix everything? | 20:29:52 |
| Jan Tojnar | not everything but at least this thing | 20:30:06 |
| Pol | mmh mmh | 20:30:29 |
| Pol | Ok | 20:30:31 |
| Pol | Curious to see how you're going to patch it. | 20:30:51 |
| Jan Tojnar | I was thinking resolving the path relative to repository path | 20:31:03 |
| Jan Tojnar | but thinking about it more, it does not really make much sense since the repository does not have to be a path, does it? | 20:31:31 |
| Pol | There could be different type of repos indeed | 20:32:26 |
| Jan Tojnar | I guess we could do it like napalm does and run http server | 20:33:38 |
| Pol | I have no clue on those things | 20:33:55 |
| Jan Tojnar | Pol: regarding the composer packaging it looks like composer update --lock will require even developer dependencies to be in the repo | 21:19:31 |
| Jan Tojnar | which makes sense, --no-dev should not produce partial lockfile | 21:19:58 |
| Pol | Mmh mmh | 21:20:27 |
| Jan Tojnar | so we cannot support includeDev in the fetchComposerDeps function | 21:20:35 |
| Jan Tojnar | and need to optimize the fetcher instead | 21:20:44 |
| Pol | But we can do `composer update --lock --no-dev` | 21:20:52 |
| Jan Tojnar | we can, but it will still look for dev dependencies so that it can lock them | 21:21:18 |
| Jan Tojnar | it just will not install them | 21:21:31 |
| Jan Tojnar | * it just will skip installing them | 21:21:44 |
| Pol | Right, so, we have to parse lock files and intersect with composer.json.require then ? | 21:22:21 |
| Jan Tojnar | we could have the setup hook patch the sources inside the lockfile, instead of running composer update --lock | 21:23:38 |
| Jan Tojnar | and rely on the fact that the dev dependencies will not be installed with --no-dev so it would not matter that the path would be non-existent | 21:24:19 |
| Jan Tojnar | or we could just optimize the fetcher so that downloading dev dependencies is not pain | 21:25:00 |
| Pol | I prefer to optimize the fetcher | 21:25:21 |
