[packagist] api v2 support #7575
Conversation
calebcartwright
changed the title
Packagist deprecated the original `packagist.org/p/username/package` endpoint in favor of v2 `packagist.org/p2/username/package` endpoint. Because of this, new packages aren't being found using v1. This PR updates the Packagist service to use the new endpoint.
Some packages don't return the same data structure as others with the new api endpoints. This changes the validation schema to account for the potential differences.
yookoala
force-pushed
the
feat/packagist-api-v2-support
branch
from
ab2195c
to
dd567c7
Compare
Address issues raised by @chris48s in badges#6508, which this PR is base on. Includes: * Remove getDefaultBranch() from base class for it is no longer used. * Change try-catch statement syntax to align code style. * Rename findRelease() to findLatestRelease() for clarity.
|
Thanks for picking this up. #6508 was most of the way there and it would be good to get this over the line but it had fallen off the radar. It has been quite a while since I looked at #6508 but having got back into it and looked over this, I've pushed a few more commits with my suggested changes to get this over the line. Maybe another maintainer could give this a once over so we can get this one resolved. In response to #6508 (comment) (I'll reply here to keep the conversation in this thread rather than split across two PRs): The logic in |
I think we need some clarification before carrying on the discussion. If I read the code correct:
The logics here looks like it wants to fulfil the contract of the method |
Yes I'd agree with that summary 👍 |
yookoala
force-pushed
the
feat/packagist-api-v2-support
branch
3 times, most recently
from
8e97937
to
1d7af3a
Compare
|
@chris48s: I've modified Also did some rename and documentation of the existing methods. Please check if this is what you asked for. |
yookoala
force-pushed
the
feat/packagist-api-v2-support
branch
from
f72c43d
to
de32faf
Compare
|
This pull request introduces 1 alert when merging d0127c4 into a1885cd - view on LGTM.com new alerts:
|
* resurrected some of the relevant older tests. * remove the api json array expand logics from test.
* Moved expandPackageVersions calls into fetchRelease and fetchDev. The return values needed to be expanded anyway. * Rename fetchVersions as fetch to make it closer resembling the current stable version. * Improve documentations.
* Use fetchRelease instead of fetch. Less API calls.
yookoala
force-pushed
the
feat/packagist-api-v2-support
branch
from
d0127c4
to
cf195bf
Compare
* Only fetch the ~dev.json endpoint if needed.
* export error message string as constant and reuse in tests
Yes that seems accurate, per https://github.com/composer/packagist/blob/7493c36087514fbe269bc623edba9b8d6d1c96eb/src/Controller/PackageController.php#L570-L583 and https://github.com/composer/packagist/blob/7493c36087514fbe269bc623edba9b8d6d1c96eb/src/Entity/Package.php#L871-L874 The one slight inaccuracy is if the default branch is numeric and for example |
@Seldaek: So the default display would show:
Am I correct? |
|
I've kind of lost track of where we are with this PR but I'd really like to try and get this work landed one way or another. The branch has been force-pushed a bunch of times so I've totally lost the thread of what changed since last time I reviewed it. @yookoala - are you waiting on us to review this, or are we waiting for you to update it? |
|
I believe I made all changes that are asked by you and other reviewers. Please kindly check if any other amendment you might want me to do. |
|
Just having a cursory look at the build it is failing with |
* Move all messages constant to base class file. Ensure *.service.js exports only services or collection of services.
Should be fixed now. I've also re-run Please let me know what to check next, if any. Thanks. |
* Off load the default branch searching logics from findLatestRelease to findDefaultBranchVersion. Implement Packagist default logic to search for default metadata to display.
* fix documentation in fetchRelease and fetchDev. * use await keyword in usage of fetchRelease and fetchDev to get reasonable results.
|
Thanks for your continued work on this but I tried re-running the build with the latest changes. There are still failing tests: It seemed like we were close to getting this merged at one point. I can see you are trying to help, but it also feels like we're going round in circles a bit here. I am aware that the fact builds are not running on this branch for some reason is making it harder for both of us. I'm also finding the changes from e5b31cd onwards quite hard to understand. There is a lot of tangential refactoring mixed in with functional changes and I'm finding it difficult to follow the thread of where the behaviour of the code is changing intentionally, and where it is changing accidentally. I think you are too tbh - there are several points where this PR has been "ready" with tests still failing. This is the second time someone has tried to pick up this issue and I'd really like to try and get #7020 closed. I'd like this not to fall through the cracks again. Here's an idea for a way forward: If we take the code on this branch up to b164565 , is what's there fundamentally broken? i.e: if we merge the commit range 2a87125 - b164565 to master, are we actively introducing bugs? If the answer to that is no, I'm going to suggest we pick those commits to a new branch, merge that and then if you have some additional functional improvements or refactoring PRs you want to make to the packagist suite of badges you can make those changes in one or more follow up PRs which are more clearly scoped. This will be easier for both of us to reason about (and hopefully the builds will run automatically on a new PR). I accept that it is not always possible to completely decouple refactoring from functional changes and there are improvements that can be made to this code, but if we can break this down into smaller clearer objectives rather than trying to boil the ocean in one PR we're much more likely to achieve success. |
|
I'd agree. I was trying to improve the functionality and test coverage after b16465. Also, what is the command to run all tests for packagist? |
|
Sort of. There are two types of tests relevant to this PR: Unit testsThese are in files ending Service testsThese are in files ending Hopefully that helps. In any case, I have pulled out 2a87125 - b164565 into another PR over at #7681 . Lets get that one merged first. I will close this PR. Then if you want to do some follow-up PRs with functional tweaks, additional testing or structural improvements incorporating some of the concepts from this branch then we can look at them. Splitting that into a few smaller PRs with a clear objective would be really helpful. |
|
Yeah good shout. Was largely doing a drive by response from the notification inbox and assumed we were talking about service tests; missed the context of the failing tests in the core suite |
Rebased #6508 on the current master branch. An attempt to fix #7020.
I have a packagist v2 only package (this one). The v1 API doesn't really show any information about my package. I'd want to fix this so badges for my package works normally. Please let me know what I need to do to get this merged.
Update: Seems the badge for my package was affected by the reduced update rate of v1 Packagist API. It works for me now. But I'd still like to contribute and fix this for long run.