Composer unsatisfied requirement

2019-08-13 08:02发布

问题:

In a composer setup I need vendor/package-A and vendor/package-B.

Package B builds upon package A and has A defined as a requirement in its composer.json.

Directly installing the base package A works fine. Other requirements are resolved from Packagist and the package itself is correctly pulled from the private repository.

However, when installing only package B (which should then also pull in package A due to the requirement), I get the following error:

Your requirements could not be resolved to an installable set of packages.

Problem 1
  - Installation request for vendor/package-B dev-master@dev -> satisfiable by vendor/package-B[dev-master].
  - vendor/package-B dev-master requires vendor/package-A dev-master@dev -> no matching package found.

Both packages don't have any tagged releases and operate at the dev-master version.

Is there something I'm overlooking?


EDIT

For those interested in the solution, this is a summary from what I've learned from the selected answer below.

Basically, three methods exist to get deep dev-master dependencies installed. In order of most recommended:

  1. Tag all releases and use tagged version constraints instead of dev-master everywhere. (I actually ended up doing this!)

  2. In your application's composer.json, add an additional require key using the @dev flag for the corresponding subdepencency you need in dev:

    {
        "require": {
            "vendor/package-B": "dev-master",
            "vendor/package-A": "@dev"
        }
    }
    

    This way you basically whitelist a specific subdependency to be used as dev.

  3. In your application's composer.json, add the minimum-stability and prefer-stable keys as follows.

    {
        "minimum-stability": "dev",
        "prefer-stable" : true
    }
    

    In this last method you lower the stability constraint to be dev, but you also set that IF a stable version is available, you'll prefer that one instead. Most of the time this would generate the wanted behavior, but sometimes it can be quirky.

回答1:

This is a stability resolution problem.

The best solution for this situation is to start tagging your releases.

You might define "minmum-stability":"dev".

It will set the lower bound and allow "dev" packages for all packages.

You have explicitly defined dev-master@dev. I'm not sure that this is really needed.

This explains your situation: https://igor.io/2013/02/07/composer-stability-flags.html