Package Repository Website - try https://packagist.com if you need your own -

Related tags

API php packagist
Overview

Packagist

Package Repository Website for Composer, see the about page on packagist.org for more.

This project is not meant for re-use.

It is open source to make it easy to contribute. We provide no support if you want to run your own, and will do breaking changes without notice.

Check out Private Packagist if you want to host your own packages.

Development

These steps are provided for development purposes only.

Requirements

  • PHP for the web app
  • Symfony CLI to run the web server
  • MySQL for the main data store
  • Redis for some functionality (favorites, download statistics)
  • git / svn / hg depending on which repositories you want to support

Installation

  1. Clone the repository

  2. Create 2 databases:

    • packagist - for the web app
    • packagist_test - for running the tests
  3. Install dependencies:

    composer install
    npm install

    The composer install will prompt you for the database connection details on first install.

  4. Setup the database:

    bin/console doctrine:schema:create
  5. Start the web server:

    symfony serve
  6. Run a CRON job bin/console packagist:run-workers to make sure packages update.

  7. Run npm run build or npm run dev to build (or build&watch) css/js files.

You should now be able to access the site, create a user, etc.

Fixtures

You can get test data by running the fixtures:

bin/console doctrine:fixtures:load

This will create 100 packages from packagist.org, update them from GitHub, populate them with fake download stats, and assign a user named dev (password: dev) as their maintainer.

Comments
  • package not auto-updated

    package not auto-updated

    The following package

    http://packagist.org/packages/midgard/createphp

    is not auto-updated since 2012-07-26 13:57 UTC

    If I look into the github admin settings, everything looks good, and when I click "Test hook" it tells me that the payload is deployed. Could it be that something doesn't work right on the packagist side of things? In my other repos, I have the same configuration and they work fine, it's just this one that gives problems

    Bug 
    opened by flack 70
  • TransportException 404 Not Found for packagist.org urls

    TransportException 404 Not Found for packagist.org urls

    Filing a separate issue following from #470, given this is not related to SlowTimer.

    This still happens on a regular basis in Wikimedia CI pipeline. Is there a way in which we can prevent this issue in a more general way, that hopefully also avoids too much load or storage pressure on your side?

    See https://phabricator.wikimedia.org/P7484$1052 for a recent transcript of a build in which this error occurred.

    For that build, it seems like the failure was printed only 4 seconds after the composer require command.

    01:00:57  DEBUG:quibble.cmd:composer require composer/spdx-licenses=1.4.0 psy/psysh=0.9.6 monolog/monolog=~1.22.1 phpunit/phpunit=4.8.36 \|\| ^6.5 wikimedia/avro=1.8.0 mediawiki/mediawiki-codesniffer=21.0.0 wmde/hamcrest-html-matchers=^0.1.0 seld/jsonlint=1.7.1 wikimedia/testing-access-wrapper=~1.0 jakub-onderka/php-parallel-lint=0.9.2 jetbrains/phpstorm-stubs=dev-master#38ff1a581b297f7901e961b8c923862ea80c3b96 hamcrest/hamcrest-php=^2.0 nmred/kafka-php=0.1.5 justinrainbow/json-schema=~5.2 nikic/php-parser=3.1.3 cache/integration-tests=0.16.0
    --
    01:01:00
    01:01:00    [Composer\Downloader\TransportException]
    01:01:00    The "http://packagist.org/p/provider-latest%2489d14de6aab31e05c38c5a490ca286c3895c7713604e767413aeb3ee5f9d0784.json" file could not be downloaded (HTTP/1.1 404 Not Found)
    01:01:00
    01:01:00  Exception trace:
    01:01:00   () at /srv/composer/vendor/composer/composer/src/Composer/Util/RemoteFilesystem.php:430
    01:01:00   Composer\Util\RemoteFilesystem->get() at /srv/composer/vendor/composer/composer/src/Composer/Util/RemoteFilesystem.php:101
    01:01:00   Composer\Util\RemoteFilesystem->getContents() at 
    

    Also:

    • https://github.com/composer/packagist/issues/470
    • https://github.com/composer/composer/issues/2198
    • https://github.com/composer/composer/issues/2228
    • https://github.com/composer/composer/issues/7021
    • https://github.com/composer/composer/issues/7404
    • https://github.com/composer/composer/issues/7599
    • Downstream: https://phabricator.wikimedia.org/T182266
    opened by Krinkle 57
  • Allow users to delete new packages

    Allow users to delete new packages

    We should allow users to delete new packages (recently created & few installs) so that mistakenly added packages can be removed without danger of projects depending on them already.

    Feature UX Easy pick 
    opened by naderman 52
  • Github integration should move away from services

    Github integration should move away from services

    Github has officially marked the github services feature as deprecated: https://developer.github.com/changes/2018-04-25-github-services-deprecation/

    As of October 2018, it will be impossible to enable it for new repos. As of January 2019, it will stop working for all repos.

    The migration needs to be performed before that time.

    opened by stof 42
  • [RFC][WIP] Redesign of packagist.org

    [RFC][WIP] Redesign of packagist.org

    Hey,

    from start I would say that I love the idea of composer + packagist, also I really love FOSS. I use quite often the packagist.org page, and I must say that I have some parts missing, yet some parts I recognize as not best from UI look (I'm not a designer, just simple user =) so not kill me too fast for those words =)), so I decided to give some of my free time to create this proposal, which is kinda prototype, but IMO it's at least a bit more usable =)

    Let me give some details below, and decide what to do, I mean, should it be official or not? =)

    After some comments from people after showing the sneak peak:

    sneak peak

    I'm showing my work here, to have comments, disscussion, bashing or whatever :panda_face:

    Right now at this PR last version of header is used:

    headers

    Here is really simple TODO list for pages/macros not redesigned:

    • [x] homepage
    • [x] edit profile
    • [x] change password
    • [x] my profile
    • [x] list of packages
    • [x] search page (results - bases on above)
    • [x] my packages (bases on above)
    • [x] my favourite packages (bases on above)
    • [ ] package page (bases on above)
    • [ ] vendor page (bases on above)
    • [x] popular packages (bases on above)
    • [x] explore (bases on above)
    • [x] browse (bases on above)
    • [x] show profile
    • [x] login
    • [x] register
    • [x] remind password
    • [x] error page
    • [x] statistics
    • [x] submit package
    • [x] about
    • [x] feed

    Additional TODO list:

    • [ ] port javascript to new version
    • [ ] clean up images/fonts/css files
    • [x] update to Bootstrap 3

    I could miss something in that list or duplicate, sorry for that =)

    UX 
    opened by stloyd 42
  • Add

    Add "ownership" of a vendor namespace

    Largely recognized (can't wait for the debates on what that is) organizations should be able to own their namespace, so that nobody can submit a package in it. This just to avoid confusion and potential injection of bad code.

    Feature 
    opened by Seldaek 41
  • packagist not detecting version of my package

    packagist not detecting version of my package

    https://packagist.org/packages/jurchiks/numbers2words

    When I initially added the package, the composer.json file did not contain version info and there was no version tag, but the command composer require jurchiks/numbers2words did not work and continues to not work: [InvalidArgumentException] Could not find package jurchiks/numbers2words at any version for your minimum-stability (stable). Check the package spelling or your minimum-stability

    Since adding the package, I have added a github push hook, pushed a "version": "1.0.0" addition to the repository, upped the version to 1.0.2, added a git tag 1.0.0 and deleted the "version" entry in composer.json file. I've tried deleting the version shown on the package page and manually updating it. Nothing helps! It is still detecting only dev-master.

    WTF? What does it want from me?

    opened by jurchiks 39
  • Readme is not shown to guests

    Readme is not shown to guests

    Dear packagist developers

    I believe your website has a bug: when I login into your website, and access my newly published repository: https://packagist.org/packages/vasilevich/currencyconverter the readme is visible just fine: image

    but when I go into icognito mode in my browser same page I see this: image

    why the readme is not shown? and if its a feature and not a bug, its very weird you should atleast warn the user that only as a registered user you can see it.

    Thanks.

    opened by vasilevich 38
  • Sorting of search results

    Sorting of search results

    In order to get better package selection, it would be good to sort results based on downloads, number of stars, forks, any other things that promote package maturity.

    Feature 
    opened by nfx 38
  • Packagist.org does have mirror sites?

    Packagist.org does have mirror sites?

    I live in a country with terrible internet connection and I don't know if this is implemented already on the packagist.org If not then here's my question

    does packgist.org has mirror sites so composer can download updates closer to my location? thanks :)

    Support 
    opened by netorica 37
  • Case Sensitivity Problem with Package names and directories

    Case Sensitivity Problem with Package names and directories

    Package names are now required to be lowercase. But, this wasn't always the case and I have a few packages that have uppercase letters. This is causing an interesting problem.

    Say I have two packages with the names Masterminds/Fortissimo and masterminds/fortissimo-twig. In the vendor directory two directories for masterminds will be created on linux. One with and one without the capital letter. On mac it will just be one directory named Masterminds. Mac seems to be case insensitive. But, generate a phar file and inside that the classes are case sensitive again.

    I thought the solution would be to update Masterminds/Fortissimo to be masterminds/fortissimo and did just that. Unfortunately, when getting the package from packagist the directory is still created as Masterminds/Fortissimo rather than the lowercase version. If I point composer to the git repo directly this is not an issue.

    So, there appears to be an issue where Packagist is still keeping the uppercase names. This mixed case is creating a problem.

    opened by mattfarina 34
  • [Chore] Upgrade to Symfony 6.2

    [Chore] Upgrade to Symfony 6.2

    Upgrading to Symfony 6.2 with following steps:

    • [x] Bumping Symfony dependencies to ^6.2
    • [x] Bumping Rector to v0.15 and PHPStan to v1.9.2 (to utilize Rector presets)
    • [x] Running Rector with SYMFONY_62 preset
    • [x] Removing sensio/framework-extra-bundle (all used attributes are now part of Symfony core)
    • [x] Removing deprecated security.enable_authenticator_manager config
    • [x] Refactoring ArgumentValueResolvers into ValueResolvers
    • [x] [Minor] Running CS Fixer
    • [x] [Minor] Bump phpstan-doctrine and php-symfony

    See https://github.com/symfony/symfony/blob/6.2/UPGRADE-6.2.md and https://github.com/rectorphp/rector-symfony/blob/main/config/sets/symfony/symfony62.php

    opened by IonBazan 3
  • [FEATURE] Expose Version-README through API

    [FEATURE] Expose Version-README through API

    Background

    I am currently developing a tool that aggregates versions of packages used in an agencies projects. As such, I am using the composer v2 API to periodically look for new versions. This works fine, but having the README in the tool would be nice - that way potential changes in the package could be seen directly when viewing a potential package upgrade in my tool.

    Unfortunately, the v2 API does not seem to provide information about the README - however, the following API-path to READMEs does seem to exist:

    • The v1 API exposes a uid for each version
    • This uid can be used in the /versions/{uid}.json endpoint

    There are 2 problems with this, though:

    1. The v1 API is deprecated
    2. The versions API does not seem to be meant for public consumption

    Proposed Solution I propose the following changes, which should make it easier to fetch the READMEs without introducing big changes:

    • Add the uid property to the v2 API
    • Document the versions API (This also means that the API must be stable in the future, though)

    I have not yet looked at the code that provides these APIs, but my understanding is that at least the v2 metadata is stored in static files, which in turn means that changing their schema requires all files to be regenerated, which may produce a lot of overhead just for this small change.

    opened by j6s 2
  • HTML-Link in error message is escaped

    HTML-Link in error message is escaped

    I just tried to add a new package and received a "Gateway error". After reloading (F5) the package was added but an error message appears which seems to have the link unwanted escaped:

    grafik

    opened by JanSlabon 0
  • Add support for organizations

    Add support for organizations

    As an organization manager, I would like to be able to control who can access my packages so I can give access to new employees and also remove leavers.

    At the moment this has to be done package by package, which can get burdensome if your number of packages grows.

    Ideally, there should be something like "organizations" where organizations admins can manage users belonging to the org. Similar to what GitHub, NPM, etc.. offer.

    This would also be a great way to control vendor namespace ownership. The current approach of "if you are in a single repo, you have access to the whole namespace" is a bit flaky. What if you have an external contributing to a single package?

    Something like SSO would be just awesome, but I consider that more of a paid enterprise feature.

    opened by juanjoDiaz 0
  • Bump twig/twig from 3.4.2 to 3.4.3

    Bump twig/twig from 3.4.2 to 3.4.3

    Bumps twig/twig from 3.4.2 to 3.4.3.

    Changelog

    Sourced from twig/twig's changelog.

    3.4.3 (2022-09-28)

    • Fix a security issue on filesystem loader (possibility to load a template outside a configured directory)
    Commits
    • c38fd6b Prepare the 3.4.3 release
    • 5a858ac Merge branch '2.x' into 3.x
    • ab40267 Prepare the 2.15.3 release
    • fc18c2e Update CHANGELOG
    • 2e8acd9 Merge branch '2.x' into 3.x
    • d6ea14a Merge branch '1.x' into 2.x
    • 35f3035 security #cve- Fix a security issue on filesystem loader (possibility to load...
    • be33323 Merge branch '2.x' into 3.x
    • 9170edf Fix doc CS
    • fab3e0f minor #3744 Adding installation instructions for Symfony (ThomasLandauer)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies php 
    opened by dependabot[bot] 1
example repository training REST API

adalah codebase REST-API dari tugas peserta yang mengikuti training membangun REST API dengan lumen selama 2 minggu. studi kasus nya adalah REST API website marketplace untuk agrobisniss.

Nuris Akbar 6 Sep 4, 2021
A rest api repository with laravel.

About Laravel Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experie

kyo 2 Jan 17, 2022
A rest api repository with laravel.

API Back End This is the repository for the TKJ 1 Class 12 Web Back End API system, for detailed info, you can go to the main link of the Front End ap

kyo 2 Jan 17, 2022
Symfony Recipes Repository

Symfony Recipes Symfony recipes allow the automation of Composer packages configuration via the Symfony Flex Composer plugin. This repository contains

Symfony 862 Dec 31, 2022
This plugin lets you to get spawners that when you break them they regenerates themselves!

ItemSpawners This plugin lets you to get spawners that when you break them they regenerates themselves! How to use? For any information: https://githu

Oğuzhan 6 Jan 16, 2022
A Laravel Fractal package for building API responses, giving you the power of Fractal with Laravel's elegancy.

Laravel Responder is a package for building API responses, integrating Fractal into Laravel and Lumen. It can transform your data using transformers,

Alexander Tømmerås 776 Dec 25, 2022
Monorepo of the PoP project, including: a server-side component model in PHP, a GraphQL server, a GraphQL API plugin for WordPress, and a website builder

PoP PoP is a monorepo containing several projects. The GraphQL API for WordPress plugin GraphQL API for WordPress is a forward-looking and powerful Gr

Leonardo Losoviz 265 Jan 7, 2023
Online Book Store is a E-commerce Website and Book Conversion(pdf to audio and Img to txt) and Book Sharing platform.

Online-Book-Store Online Book Store is a E-commerce Website and Book Conversion(pdf to audio and Img to txt) and Book Sharing platform. The main descr

Gokul krishnan 1 May 22, 2022
This project lists all the mandatory steps I recommend to build a Website using Symfony, Twig, Doctrine.

{% raw %} <-- keep this for Jekyll to fully bypass this documents, because of the Twig tags. Symfony Website Checklist ?? Summary~~~~ Elevator pitch P

William Pinaud 6 Aug 31, 2022
Embed the current year's events for a team on a website using TBA Api

Not done yet, but should work please leave any feedback in the discussions tab one problem that can happen is that I update the site and your cache di

Cool_show 1 Oct 27, 2022
Monorepo of the PoP project, including: a server-side component model in PHP, a GraphQL server, a GraphQL API plugin for WordPress, and a website builder

PoP PoP is a monorepo containing several projects. The GraphQL API for WordPress plugin GraphQL API for WordPress is a forward-looking and powerful Gr

Leonardo Losoviz 265 Jan 7, 2023
This PHP library will help you to work with your Pinterest account without using any API account credentials.

Pinterest Bot for PHP A PHP library to help you work with your Pinterest account without API credentials. The Pinterest API is painful: receiving an a

Sergey Zhuk 414 Nov 21, 2022
The NelmioApiDocBundle bundle allows you to generate a decent documentation for your APIs

NelmioApiDocBundle The NelmioApiDocBundle bundle allows you to generate a decent documentation for your APIs. Migrate from 3.x to 4.0 To migrate from

Nelmio 2.1k Jan 6, 2023
Facebook SDK for PHP (v6) - allows you to access the Facebook Platform from your PHP app

Facebook SDK for PHP (v6) This repository contains the open source PHP SDK that allows you to access the Facebook Platform from your PHP app. Installa

null 0 Aug 10, 2022
Laravel package to easily update business KPI monitors for your software or service

Laravel package to easily update business KPI monitors for your software or service. Monitors can be exposed to your user community via mobile app or embedded into your own application.

Heinz Seldte 2 Dec 12, 2022
The 1Password Connect PHP SDK provides your PHP applications access to the 1Password Connect API hosted on your infrastructure and leverage the power of 1Password Secrets Automation

1Password Connect PHP SDK The 1Password Connect PHP SDK provides your PHP applications access to the 1Password Connect API hosted on your infrastructu

Michelangelo van Dam 12 Dec 26, 2022
Laravel A2Reviews Client API lets you build apps, extensions, or plugins to get reviews from the A2reviews APP.

Overview Laravel A2Reviews Client API lets you build apps, extensions or plugins to get reviews from the A2reviews APP. Including adding reviews to a

Be Duc Tai 2 Sep 26, 2021
Laravel api tool kit is a set of tools that will help you to build a fast and well-organized API using laravel best practices.

Laravel API tool kit and best API practices Laravel api tool kit is a set of tools that will help you to build a fast and well-organized API using lar

Ahmed Esa 106 Nov 22, 2022
The maker bundle allows you to generate content elements, front end modules

Contao 4 maker bundle The maker bundle allows you to generate content elements, front end modules, event listener, callbacks and hooks using interacti

Contao 7 Aug 3, 2022