The current use of composer provides a simple way of building out Drupal core's dependencies. However, putting all vendor libs under core/vendor prevents contrib from extending these with additional libraries.
The current suggested method for contrib, is to put a composer.json into each module, and run them separately. However, this does not make use of the dependency resolution of composer. If module x depends on version 1.0 of lib y, and module z depends on 1.1 of lib y, the first one PHP loads wins. This makes it difficult to debug.
In order to make use of composers dependency resolution, we should:
- remove all core/vendor from git
- an additional per-project composer.json in the project root, that references Drupal's core composer.json as a dependency
- a unified /vendor directory with all of core's dependencies, plus any others from contrib, generated at packaging time on d.o or re-created locally for site-builders.
- composer install/update can be run when packaging up drupal so the download still has all the vendor libs
Site builders would add their additional library dependencies to the 'project' composer.json and let composer do the work of resolving dependencies.
Currently, site builders who use contrib modules (such as search_api_solr) need to download these external libraries manually, and typically put them in sites/all/libraries. This would create a unified method of getting external libraries that integrates with core.
Steps To Test
- Apply patch
- Remove core/vendor directory - didn't include it in patch as its currently 20MB
- Copy example.composer.json to composer.json
- Tweak (e.g. add in other dependencies)
- Run composer install / update as needed
Remaining tasks/Related Issues
- #1805316: Move composer.json to the project root
- #1867192: Upgrade testbots to PHP 5.4?
- #1683942: File syntax check will choke for modules which require PHP 5.4
- Find out where the D.o project packager code is so we could run a composer install on it when packaging
- Find out where the Testbot code is for downloading and building a project so we could composer install it before running tests
- #1923582: Add ability for testbot to run 'composer install' during installation