Thursday 11 October 2012

Forcing composer to use https connections to Packagist

Been having problems with composer from behind a company firewall. The firewall was blocking us from accessing a particular package.json file from the website

What was strange though was that it was only blocked over http:// connections and perfectly accessible from https:// connections.

However, I have, after much trial and error and research, found a workaround. It's not a particularly graceful workaround but it takes advantage of the fact that composer does not recursively resolve repository locations and only takes commands from the main project's composer.json configuration.

I realised when reading the documentation on the composer github site that you could disable the default packagist configuration. In addition, of course you can add your own repositories to the composer.json in your project.

So, adding the following to the composer.json solves the problem and I'm able to bypass the blocks put in place by the firewall.

    "repositories": [
             "type": "composer", 
             "url": "" 
        { "packagist": false }

Of course, this does solve a problem that was only relevant in a particular scenario and probably won't be relevant to the vast majority of people. But if you have a similar situation, hopefully this will help.

1 comment:

  1. I have been fighting with this for a week. This fixed it!


Please leave your feedback and comments. I love to discuss this stuff!