composer parallel install plugin

Last update: May 20, 2022

prestissimo (composer plugin)

Build Status Scrutinizer Code Quality Coverage Status Latest Stable Version Total Downloads License

This is a composer 1.x plugin that downloads packages in parallel to speed up the installation process.

Announcement: Composer 2 is now available!

This plugin is for Composer1; Composer2 is very fast on its own. Uninstall this plugin and update the Composer itself.

Requirements

  • composer >=1.0.0 <2.0
  • PHP >=5.3, (suggest >=5.5, because curl_share_init)
  • ext-curl

Install, Updating & Upgrading

$ composer global require hirak/prestissimo

Uninstall

$ composer global remove hirak/prestissimo

Benchmark Example

288s -> 26s

$ composer create-project laravel/laravel laravel1 --no-progress --profile --prefer-dist

laravel

Config

prestissimo ^0.3.x

Recognize composer's options. You don't need to set any special configuration.

Composer authentication

To avoid Composer asking for authentication it is recommended to follow the procedure on composer's authentication.

For github.com you could also use an auth.json file with an oauth access token placed on the the same level as your composer.json file:

{
    "github-oauth": {
        "github.com": "YOUR_GITHUB_ACCESS_TOKEN"
    }
}

License

MIT License. See the LICENSE file.

GitHub

https://github.com/hirak/prestissimo
Comments
  • 1. not work - nothing changed after install

    Hello! Great idea, thanks for your work, but it not work.

    1. composer global require "hirak/prestissimo:^0.3"
    2. composer update
    3. see just regular composer work, nothing improved, no parralell installing
    Reviewed by errogaht at 2017-03-05 06:14
  • 2. Compatibility with Composer 2.0.0

    Composer 2.0.0 has been released 3 hours ago and prestissimo now can't be installed on the new version https://github.com/composer/composer/releases/tag/2.0.0

    $ composer.phar global require hirak/prestissimo
    ...
    Do not run Composer as root/super user! See https://getcomposer.org/root for details
    
                                                                                                                                           
      [InvalidArgumentException]                                                                                                           
      Package hirak/prestissimo at version  has a PHP requirement incompatible with your PHP version, PHP extensions and Composer version  
    ...
    
    
    Reviewed by shqear93 at 2020-10-24 11:47
  • 3. error with `--no-cache` in composer 1.9

    This may or may not be an actual issue. But composer 1.9 now comes with a --no-cache global option which I tried to use for installing prestissimo in docker so that I don't have to call composer clear-cache afterwards. I understand the 2 are different but I thought perhaps prestissimo won't do anything yet when it's first installed (excuse my lack of understanding of how composer plugins work).

    composer global require --no-cache hirak/prestissimo -v gives

    /app # composer global require --no-cache hirak/prestissimo -v                                                                                                                                                                        Changed current directory to /tmp
    Using version ^0.3.9 for hirak/prestissimo
    ./composer.json has been created
    Loading composer repositories with package information
    Updating dependencies (including require-dev)
    Dependency resolution completed in 0.000 seconds
    Analyzed 75 packages to resolve dependencies
    Analyzed 46 rules to resolve dependencies
    Package operations: 1 install, 0 updates, 0 removals                                                                                                                                                                                  Installs: hirak/prestissimo:0.3.9
      - Installing hirak/prestissimo (0.3.9): Downloading (100%)
     Extracting archivePlugin installation failed, rolling back
      - Removing hirak/prestissimo (0.3.9)
    
    Installation failed, deleting ./composer.json.                                                                                                                                                                                        
    
      [ErrorException]
      mkdir(): Not a directory  
    
    Exception trace:                                                                                                                                                                                                                       () at /tmp/vendor/hirak/prestissimo/src/CopyRequest.php:103
    Composer\Util\ErrorHandler::handle() at n/a:n/a                                                                                                                                                                                       mkdir() at /tmp/vendor/hirak/prestissimo/src/CopyRequest.php:103
    Hirak\Prestissimo\CopyRequest->createDir() at /tmp/vendor/hirak/prestissimo/src/CopyRequest.php:89
    Hirak\Prestissimo\CopyRequest->setDestination() at /tmp/vendor/hirak/prestissimo/src/CopyRequest.php:39
    Hirak\Prestissimo\CopyRequest->__construct() at /tmp/vendor/hirak/prestissimo/src/ParallelizedComposerRepository.php:26
    Hirak\Prestissimo\ParallelizedComposerRepository->preloadProviderListings() at /tmp/vendor/hirak/prestissimo/src/ParallelizedComposerRepository.php:39
    Hirak\Prestissimo\ParallelizedComposerRepository->prefetch() at /tmp/vendor/hirak/prestissimo/src/Plugin.php:150
    Hirak\Prestissimo\Plugin->prefetchComposerRepositories() at /tmp/vendor/hirak/prestissimo/src/Plugin.php:82
    Hirak\Prestissimo\Plugin->activate() at phar:///usr/bin/composer/src/Composer/Plugin/PluginManager.php:237
    Composer\Plugin\PluginManager->addPlugin() at phar:///usr/bin/composer/src/Composer/Plugin/PluginManager.php:206
    Composer\Plugin\PluginManager->registerPackage() at phar:///usr/bin/composer/src/Composer/Installer/PluginInstaller.php:62
    Composer\Installer\PluginInstaller->install() at phar:///usr/bin/composer/src/Composer/Installer/InstallationManager.php:173
    Composer\Installer\InstallationManager->install() at phar:///usr/bin/composer/src/Composer/Installer/InstallationManager.php:160
    Composer\Installer\InstallationManager->execute() at phar:///usr/bin/composer/src/Composer/Installer.php:597
    Composer\Installer->doInstall() at phar:///usr/bin/composer/src/Composer/Installer.php:229
    Composer\Installer->run() at phar:///usr/bin/composer/src/Composer/Command/RequireCommand.php:218
    Composer\Command\RequireCommand->doUpdate() at phar:///usr/bin/composer/src/Composer/Command/RequireCommand.php:175
    Composer\Command\RequireCommand->execute() at phar:///usr/bin/composer/vendor/symfony/console/Command/Command.php:245
    Symfony\Component\Console\Command\Command->run() at phar:///usr/bin/composer/vendor/symfony/console/Application.php:835
    Symfony\Component\Console\Application->doRunCommand() at phar:///usr/bin/composer/vendor/symfony/console/Application.php:185
    Symfony\Component\Console\Application->doRun() at phar:///usr/bin/composer/src/Composer/Console/Application.php:267
    Composer\Console\Application->doRun() at phar:///usr/bin/composer/vendor/symfony/console/Application.php:117
    Symfony\Component\Console\Application->run() at phar:///usr/bin/composer/src/Composer/Console/Application.php:106
    Composer\Console\Application->run() at phar:///usr/bin/composer/src/Composer/Command/GlobalCommand.php:101
    Composer\Command\GlobalCommand->run() at phar:///usr/bin/composer/vendor/symfony/console/Application.php:835
    Symfony\Component\Console\Application->doRunCommand() at phar:///usr/bin/composer/vendor/symfony/console/Application.php:185
    Symfony\Component\Console\Application->doRun() at phar:///usr/bin/composer/src/Composer/Console/Application.php:267
    Composer\Console\Application->doRun() at phar:///usr/bin/composer/vendor/symfony/console/Application.php:117
    Symfony\Component\Console\Application->run() at phar:///usr/bin/composer/src/Composer/Console/Application.php:106
    Composer\Console\Application->run() at phar:///usr/bin/composer/bin/composer:61
    require() at /usr/bin/composer:24
    

    Works fine without the --no-cache option. Then trying to install any package with the --no-cache option produces the same error which kind of makes sense as prestissimo relies on a cache directory. I guess a more friendly behavior is to fall back to normal composer if cache is disabled. But it's not a biggie.

    The question is whether the cache directory is a hard requirement for installing prestissimo for the first time?

    Reviewed by sudomabider at 2019-08-25 22:23
  • 4. Http2 support

    adding http2 support, as packagist.org supports it now https://twitter.com/seldaek/status/1022179344091893760

    composer will use repo.packagist.org in the future for package metadata see https://github.com/composer/composer/commit/c5fa3bdde0e042b64e32102c21edb2e12e474746

    Reviewed by staabm at 2018-07-26 06:24
  • 5. Composer has trouble clearing the cache on Travis CI

    Please take a look at this issue https://github.com/travis-ci/travis-ci/issues/5590 for the whole output.

    When I'm using the plugin and Travis CI tries to run the tests I'm getting

      [ErrorException]                                                            
      rmdir(/home/travis/.composer/cache/files/henrikbjorn): Directory not empty  
    

    this error message. This doesn't happen locally for me. The plugin might have some kind of issue similar to https://github.com/composer/composer/issues/690 this but honestly, I don't know what the exact cause is.

    Using version ^0.1.9 for hirak/prestissimo
    ./composer.json has been created
    Loading composer repositories with package information
    Updating dependencies (including require-dev)
      - Installing hirak/prestissimo (0.1.9)
        Downloading: Connecting...    Failed to download hirak/prestissimo from dist: Could not authenticate against github.com
        Now trying to download from source
      - Installing hirak/prestissimo (0.1.9)
        Cloning cf526eee464e93dcb13c8d3521bad2ea0111bbfd
    Writing lock file
    Generating autoload files
    1.02s$ composer install --prefer-source --no-interaction
    You are running composer with xdebug enabled. This has a major impact on runtime performance. See https://getcomposer.org/xdebug
    Loading composer repositories with package information
    Installing dependencies (including require-dev) from lock file
        Prefetch start: total: 67
        1/67:    https://codeload.github.com/dnoegel/php-xdg-base-dir/legacy.zip/265b8593498b997dc2d31e75b89f053b5cc9621a
        2/67:    https://codeload.github.com/JakubOnderka/PHP-Console-Highlighter/legacy.zip/7daa75df45242c8d5b75a22c00a201e7954e4fb5
        3/67:    https://codeload.github.com/symfony/var-dumper/legacy.zip/24bb94807eff00db49374c37ebf56a0304e8aef3
        4/67:    https://codeload.github.com/nikic/PHP-Parser/legacy.zip/c542e5d86a9775abd1021618eb2430278bfc1e01
        5/67:    https://codeload.github.com/myclabs/DeepCopy/legacy.zip/e3abefcd7f106677fd352cd7c187d6c969aa9ddc
        6/67:    https://codeload.github.com/sebastianbergmann/php-file-iterator/legacy.zip/6150bf2c35d3fc379e50c7602b75caceaa39dbf0
        7/67:    https://codeload.github.com/phpspec/prophecy/legacy.zip/4745ded9307786b730d7a60df5cb5a6c43cf95f7
        8/67:    https://codeload.github.com/sebastianbergmann/php-timer/legacy.zip/3e82f4e9fc92665fafd9157568e4dcb01d014e5b
        9/67:    https://codeload.github.com/sebastianbergmann/phpunit/legacy.zip/64c37805098cfe42a1aaf4838b60c654377ec4a9
        10/67:    https://codeload.github.com/bobthecow/psysh/legacy.zip/0f04df0b23663799a8941fae13cd8e6299bde3ed
        11/67:    https://codeload.github.com/sebastianbergmann/php-code-coverage/legacy.zip/92f5c61b5c64159faec5298325ffab0c7e59dcc8
        12/67:    https://codeload.github.com/doctrine/instantiator/legacy.zip/8e884e78f9f0eb1329e445619e04456e64d8051d
        13/67:    https://codeload.github.com/sebastianbergmann/phpunit-mock-objects/legacy.zip/49bc700750196c04dd6bc2c4c99cb632b893836b
        14/67:    https://codeload.github.com/sebastianbergmann/php-text-template/legacy.zip/31f8b717e51d9a2afca6c9f046f5d69fc27c8686
        15/67:    https://codeload.github.com/sebastianbergmann/comparator/legacy.zip/937efb279bd37a375bcadf584dec0726f84dbf22
        16/67:    https://codeload.github.com/sebastianbergmann/environment/legacy.zip/6e7133793a8e5a5714a551a8324337374be209df
        17/67:    https://codeload.github.com/sebastianbergmann/diff/legacy.zip/13edfd8706462032c2f52b4b862974dd46b71c9e
        18/67:    https://codeload.github.com/sebastianbergmann/exporter/legacy.zip/7ae5513327cb536431847bcc0c10edba2701064e
        19/67:    https://codeload.github.com/sebastianbergmann/global-state/legacy.zip/bc37d50fea7d017d3d340f230811c9f1d7280af4
        20/67:    https://codeload.github.com/sebastianbergmann/recursion-context/legacy.zip/913401df809e99e4f47b27cdd781f4a258d58791
        21/67:    https://codeload.github.com/sebastianbergmann/resource-operations/legacy.zip/ce990bb21759f94aeafd30209e8cfcdfa8bc3f52
        22/67:    https://codeload.github.com/sebastianbergmann/version/legacy.zip/c829badbd8fdf16a0bad8aa7fa7971c029f1b9c5
        23/67:    https://codeload.github.com/JakubOnderka/PHP-Console-Color/legacy.zip/e0b393dacf7703fc36a4efc3df1435485197e6c1
        24/67:    https://codeload.github.com/phpDocumentor/ReflectionDocBlock/legacy.zip/d68dbdc53dc358a816f00b300704702b2eaff7b8
        25/67:    https://codeload.github.com/sebastianbergmann/php-token-stream/legacy.zip/3144ae21711fb6cac0b1ab4cbe63b75ce3d4e8da
        26/67:    https://codeload.github.com/php-fig-rectified/psr2r-sniffer/legacy.zip/def642e5364c798695a07b6e051e2837bb0246c0
        27/67:    https://codeload.github.com/jdorn/sql-formatter/legacy.zip/64990d96e0959dff8e059dfcdc1af130728d92bc
        28/67:    https://codeload.github.com/cakephp/debug_kit/legacy.zip/5a1f567a36f854c8d4786757d822a9942bd8f5ea
        29/67:    https://codeload.github.com/cakephp/elastic-search/legacy.zip/e6de018f13569482ac17d9e7a1dbc70ddd1ee391
        30/67:    https://codeload.github.com/UseMuffin/Tags/legacy.zip/1e8767faa6b01a5b554c2375b5b0a7f1f09dc6d4
        31/67:    https://codeload.github.com/UseMuffin/Slug/legacy.zip/678ef1420b9a2c927bf481c28c3d1ec3c4776c5e
        32/67:    https://codeload.github.com/squizlabs/PHP_CodeSniffer/legacy.zip/6731851d6aaf1d0d6c58feff1065227b7fda3ba8
        33/67:    https://codeload.github.com/FriendsOfCake/search/legacy.zip/a67c2ac4cbedde63c52d630bf451cacfed7933d5
        34/67:    https://codeload.github.com/FriendsOfCake/bootstrap-ui/legacy.zip/89f360ab0a30469e1bd19b92ccd8b82232f376a0
    
      [ErrorException]                                                            
      rmdir(/home/travis/.composer/cache/files/henrikbjorn): Directory not empty  
    
    
      [ErrorException]                                                         
      rmdir(/home/travis/.composer/cache/files/codegyre): Directory not empty  
    
    
      [ErrorException]                                                             
      rmdir(/home/travis/.composer/cache/files/mobiledetect): Directory not empty  
    
    
      [ErrorException]                                                       
      rmdir(/home/travis/.composer/cache/files/ruflin): Directory not empty  
    
    
      [ErrorException]                                                    
      rmdir(/home/travis/.composer/cache/files/psa): Directory not empty  
    
    Reviewed by burzum at 2016-02-08 08:14
  • 6. Yii2 Advanced App Template doesn't install

    First, I've installed Laravel, and prestissimo worked perfectly. Then, I've tried to install Yii2 Advanced App. Composer installed npm and bower packages (via composer-asset-plugin), but then console stopped as seen on screenshot below: image It has already passed 30 minutes, but nothing happend...

    Reviewed by berezuev at 2016-02-01 08:38
  • 7. Undefined property: Hirak\Prestissimo\CurlRemoteFilesystem::$lastHeaders

    [ErrorException] Undefined property: Hirak\Prestissimo\CurlRemoteFilesystem::$lastHeaders

    when running composer update

    composer version fff5074bbf5697a907b2832902d4219801b90bc5

    Reviewed by bazo at 2016-01-26 11:10
  • 8. Use PHPUnit\Framework\TestCase instead of PHPUnit_Framework_TestCase

    I use the PHPUnit\Framework\TestCase notation instead of PHPUnit_Framework_TestCase while extending our TestCases. This will help us migrate to PHPUnit 6, that no longer support snake case class names.

    I just need to bump PHPUnit version to ^4.8.35 and, that support this namespace.

    Reviewed by carusogabriel at 2017-11-04 13:30
  • 9. Support for multi-threaded composer update?

    Is there any way to have support for multi-threaded composer update ? With a lot of private GitHub packages, this takes a very long time for us to run and it's also a much more common operation than composer install.

    Reviewed by khromov at 2016-01-27 10:11
  • 10. segmentation fault occurered

    environments:

    • macOS 10.14.5 Mojave
    • php 7.3.6 cli (via brew install php)
    • composer 1.8.5 (via brew install composer)

    output of composer diagnose below:

    Checking platform settings: OK
    Checking git settings: OK
    Checking http connectivity to packagist: OK
    Checking https connectivity to packagist: OK
    Checking github.com rate limit: OK
    Checking disk free space: OK
    Checking pubkeys:
    Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0  87719BA6 8F3BB723 4E5D42D0 84A14642
    Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B  0C708369 153E328C AD90147D AFE50952
    OK
    Checking composer version: OK
    Composer version: 1.8.5
    PHP version: 7.3.6
    PHP binary path: /usr/local/Cellar/php/7.3.6/bin/php
    

    First, flush my composer global packages and settings.

    rm -rf ~/.composer/cache ~/.composer/vendor ~/.composer/composer.*
    

    and try composer global require consolidation/cgr.

    Changed current directory to /Users/hidekuro/.composer
    Using version ^2.0 for consolidation/cgr
    ./composer.json has been created
    Loading composer repositories with package information
    Updating dependencies (including require-dev)
    Package operations: 1 install, 0 updates, 0 removals
      - Installing consolidation/cgr (2.0.5): Downloading (100%)
    Writing lock file
    Generating autoload files
    

    succeed.

    but using hirak/prestissimo will failure with Segmentation fault.

    rm -rf ~/.composer/cache ~/.composer/vendor ~/.composer/composer.*
    composer global require hirak/prestissimo
    composer global require consolidation/cgr
    
    Changed current directory to /Users/hidekuro/.composer
        1/2:	https://packagist.jp/p/provider-latest$c4bd61274f7797a33d4f1efdd0bed5c496f7c212138a18f75ea21c9bb2f72245.json
        2/2:	https://packagist.jp/p/provider-2019-04$5897d9820bb6845de340427c738c2272c77072d89780f7d74b1d248c49bc0c75.json
        Finished: success: 2, skipped: 0, failure: 0, total: 2
    Using version ^2.0 for consolidation/cgr
    ./composer.json has been updated
    Loading composer repositories with package information
    Updating dependencies (including require-dev)
    Segmentation fault: 11
    

    any solutions?

    Reviewed by hidekuro at 2019-06-10 03:42
  • 11. Cache folders permissions

    Would it be possible to change default folder permissions from 0766 to 0775 or even 0770? (at least just 077*)

    Current setup is not working with shared cache folder between users :/

    Thanks!

    Reviewed by mthoretton at 2016-12-09 13:57
  • 12. Bump path-parse from 1.0.6 to 1.0.7

    Bumps path-parse from 1.0.6 to 1.0.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    Reviewed by dependabot[bot] at 2021-08-11 00:00
  • 13. Bump hosted-git-info from 2.7.1 to 2.8.9

    Bumps hosted-git-info from 2.7.1 to 2.8.9.

    Changelog

    Sourced from hosted-git-info's changelog.

    2.8.9 (2021-04-07)

    Bug Fixes

    2.8.8 (2020-02-29)

    Bug Fixes

    • #61 & #65 addressing issues w/ url.URL implmentation which regressed node 6 support (5038b18), closes #66

    2.8.7 (2020-02-26)

    Bug Fixes

    • Do not attempt to use url.URL when unavailable (2d0bb66), closes #61 #62
    • Do not pass scp-style URLs to the WhatWG url.URL (f2cdfcf), closes #60

    2.8.6 (2020-02-25)

    2.8.5 (2019-10-07)

    Bug Fixes

    • updated pathmatch for gitlab (e8325b5), closes #51
    • updated pathmatch for gitlab (ffe056f)

    2.8.4 (2019-08-12)

    ... (truncated)

    Commits
    • 8d4b369 chore(release): 2.8.9
    • 29adfe5 fix: backport regex fix from #76
    • afeaefd chore(release): 2.8.8
    • 5038b18 fix: #61 & #65 addressing issues w/ url.URL implmentation which regressed nod...
    • 7440afa chore(release): 2.8.7
    • 2d0bb66 fix: Do not attempt to use url.URL when unavailable
    • f2cdfcf fix: Do not pass scp-style URLs to the WhatWG url.URL
    • e1b83df chore(release): 2.8.6
    • ff259a6 Ensure passwords in hosted Git URLs are correctly escaped
    • 624fd6f chore(release): 2.8.5
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    Reviewed by dependabot[bot] at 2021-05-10 08:18
  • 14. Bump lodash from 4.17.19 to 4.17.21

    Bumps lodash from 4.17.19 to 4.17.21.

    Commits
    • f299b52 Bump to v4.17.21
    • c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
    • 3469357 Prevent command injection through _.template's variable option
    • ded9bc6 Bump to v4.17.20.
    • 63150ef Documentation fixes.
    • 00f0f62 test.js: Remove trailing comma.
    • 846e434 Temporarily use a custom fork of lodash-cli.
    • 5d046f3 Re-enable Travis tests on 4.17 branch.
    • aa816b3 Remove /npm-package.
    • See full diff in compare view
    Maintainer changes

    This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    Reviewed by dependabot[bot] at 2021-05-08 17:18
  • 15. incompatible with your PHP version

    how can i install this package on PHP 8?

    [email protected]:/var/www# php --version
    PHP 8.0.3 (cli) (built: Mar  5 2021 07:53:56) ( NTS )
    Copyright (c) The PHP Group
    Zend Engine v4.0.3, Copyright (c) Zend Technologies
        with Zend OPcache v8.0.3, Copyright (c), by Zend Technologies
        with Xdebug v3.0.0, Copyright (c) 2002-2020, by Derick Rethans
    [email protected]:/var/www# 
    
    Reviewed by pishguy at 2021-04-17 09:07
  • 16. Bump y18n from 3.2.1 to 3.2.2

    Bumps y18n from 3.2.1 to 3.2.2.

    Commits
    Maintainer changes

    This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    Reviewed by dependabot[bot] at 2021-03-30 18:21
  • 17. Unable to remove hirak/prestissimo

    I am on a Macbook Pro Catalina PHP: 8.0.2 Python: pip3 python 3.9 Vagrant 2.2.14 ansible 2.10.5 Coomposer 2.0.9

    When I try composer --version or anything using Composer I get this

    The "hirak/prestissimo" plugin was skipped because it requires a Plugin API version ("^1.0.0") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option.

    Then I tried the instructions to remove it "composer global remove hirak/prestissimo", and I get this:

    Changed current directory to /Users/xxx/.composer The "hirak/prestissimo" plugin was skipped because it requires a Plugin API version ("^1.0.0") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option. ./composer.json has been updated The "hirak/prestissimo" plugin was skipped because it requires a Plugin API version ("^1.0.0") that does not match your Composer installation ("2.0.0"). You may need to run composer update with the "--no-plugins" option. Running composer update hirak/prestissimo Loading composer repositories with package information Updating dependencies Your requirements could not be resolved to an installable set of packages.

    Problem 1 - consolidation/cgr is locked to version 2.0.4 and an update of this package was not requested. - consolidation/cgr 2.0.4 requires php ^5.3.2 || ^7.0 -> your php version (8.0.2) does not satisfy that requirement.

    Removal failed, reverting ./composer.json to its original content. Removal failed, hirak/prestissimo is still present, it may be required by another package. See composer why hirak/prestissimo.

    Any Idea how I can get rid of it so that I can use composer?

    Reviewed by amadhav1 at 2021-02-11 21:52
:musical_note: Provides a composer plugin for normalizing composer.json.
:musical_note: Provides a composer plugin for normalizing composer.json.

composer-normalize Provides a composer plugin for normalizing composer.json. Why When it comes to formatting composer.json, you have the following opt

May 28, 2022
Simple static Composer repository generator - For a full private Composer repo use Private Packagist

Satis Simple static Composer repository generator. Run from source Satis requires a recent PHP version, it does not run with unsupported PHP versions.

May 25, 2022
Merge one or more additional composer.json files at Composer runtime

Composer Merge Plugin Merge multiple composer.json files at Composer runtime. Composer Merge Plugin is intended to allow easier dependency management

May 16, 2022
Simple composer script to manage phar files using project composer.json.
Simple composer script to manage phar files using project composer.json.

tooly-composer-script With tooly composer-script you can version needed PHAR files in your project's composer.json without adding them directly to a V

Aug 3, 2021
A no-frills PsySH-Composer plugin
A no-frills PsySH-Composer plugin

uma/composer-psysh A no-frills PsySH-Composer plugin. In a nutshell, it provides a composer psy subcommand that spawns a Psy Shell with autoload integ

May 23, 2022
Check your Composer dependencies at runtime.

Composition Composition provides a lightweight and generic API, that you can use to check your environment at runtime, instead of manually go checking

May 4, 2021
Easily parse your project's Composer configuration, and those of its dependencies, at runtime

Composed This library provides a set of utility functions designed to help you parse your project's Composer configuration, and those of its dependenc

Apr 11, 2021
Satis-go is a web server for hosting and managing your Satis Repository for Composer Packages

Satis-go download latest Satis-go is a web server for hosting and managing your Satis Repository for Composer Packages Some Highlights: Satis-go provi

Dec 14, 2021
A composer plugin, to install differenty types of composer packages in custom directories outside the default composer default installation path which is in the vendor folder.

composer-custom-directory-installer A composer plugin, to install differenty types of composer packages in custom directories outside the default comp

Apr 22, 2022
This composer plugin is a temporary implementation of using symbolic links to local packages as dependencies to allow a parallel work process

Composer symlinker A Composer plugin to install packages as local symbolic links. This plugin is a temporary implementation of using symbolic links to

Nov 9, 2021
A easy way to install your basic yii projetc, we have encrypt database password in phpfile, my class with alot funtions to help you encrypt and decrypt and our swoole server install just run ./yii swoole/start and be happy!

Yii 2 Basic Project Template with swoole and Modules Yii 2 Basic Project Template is a skeleton Yii 2 application best for rapidly creating small proj

Apr 11, 2022
The Pest Parallel Plugin

This repository contains the Pest Plugin Parallel. If you want to start testing your application with Pest, visit the main Pest Repository. Explore th

May 6, 2022
Patch other composer packages on install or update

patch-installer Patch other composer packages on install or update. experimental feature Usage For a patch type change the install path to vendor dire

Apr 11, 2021
Composer install helper outsourcing sensitive keys from the package URL into environment variables

private-composer-installer This is a Composer plugin offering a way to reference private package URLs within composer.json and composer.lock. It outso

May 23, 2022
An installer package that let's you install NodeJS and NPM as a Composer dependency.

NodeJS installer for Composer This is an installer that will download NodeJS and NPM and install them in your Composer dependencies. Installation is s

Apr 2, 2022
This module adds a command to easily generate "modules" in Laravel and install them using composer.

Laravel Module Create This module adds a command to easily generate "modules" in Laravel and install them using composer Installation Simply install t

Feb 18, 2022
Ied plugin composer - Inspired Plugin Composer: Create, publish and edit plugins from within Textpattern CMS.

ied_plugin_composer Create, publish and edit plugins from within Textpattern CMS. Creates a new page under the Extensions tab where you can edit and e

Oct 3, 2020
:computer: Parallel testing for PHPUnit

ParaTest The objective of ParaTest is to support parallel testing in PHPUnit. Provided you have well-written PHPUnit tests, you can drop paratest in y

May 22, 2022
A simple PHP Toolkit to parallel generate combinations, save and use the generated terms to brute force attack via the http protocol.
A simple PHP Toolkit to parallel generate combinations, save and use the generated terms to brute force attack via the http protocol.

Brutal A simple PHP Toolkit to parallel generate combinations, save and use the generated terms to apply brute force attack via the http protocol. Bru

Jul 28, 2021
The objective of ParaTest is to support parallel testing in PHPUnit

The objective of ParaTest is to support parallel testing in PHPUnit. Provided you have well-written PHPUnit tests, you can drop paratest in your project and start using it with no additional bootstrap or configurations!

May 22, 2022