Gitiles
Code Review Sign In
gerrit.wikimedia.org / mediawiki / vendor

Composer managed libraries for use with mediawiki/core

Clone this repo:

Branches

More...

Tags

  1. aa8cc78 Update OOUI to v0.51.2 by Anne Tomasevich · 12 hours ago master wmf/branch_cut_pretest wmf/next
  2. d2f2c81 Upgrading wikimedia/normalized-exception (v1.0.1 => v2.0.0) by Reedy · 33 hours ago
  3. 80fbb13 Upgrading wikimedia/request-timeout (1.2.0 => 2.0.0) by Reedy · 33 hours ago
  4. a72eaf6 Upgrade wikimedia/relpath from 4.0.0 to 4.0.1 by James D. Forrester · 2 days ago wmf/1.44.0-wmf.3
  5. 4eda869 Upgrading wikimedia/purtle (v1.0.8 => v2.0.0) by Reedy · 3 days ago

MediaWiki-Vendor

Composer managed libraries required or recommended for use with MediaWiki. This repository is maintained for use on the Wikimedia Foundation production and testing clusters, but may be useful for anyone wishing to avoid directly managing MediaWiki dependencies with Composer.

Usage

Checkout this library into $IP/vendor using git clone <URL> or add the repository as a git submodule using git submodule add <URL> vendor followed by git submodule update --init.

Adding or updating libraries

  1. Read the documentation on the process for adding new libraries.
  2. Ensure you're using version 2.8.1 of composer via composer --version. Everyone using the same version means that diffs from the autoloader are minimal and so easier to validate and manually rebase. This is most easily done with Docker. For example, to run composer update --no-dev do:
    docker run --rm -it -u "$(id -u):$(id -g)" -v "$PWD/.git:/src/.git:ro" -v "$PWD:/src" -w /src docker-registry.wikimedia.org/releng/composer-php74:0.3.3-s4 update --no-dev
  3. Edit the composer.json file to add/update the libraries you want to change. It is recommended that you use composer require <package> <version> --no-update to do so as composer will then automatically sort the composer.json file.
  4. Run composer update --no-dev to download files and update the autoloader.
  5. Add all the new dependencies that got installed to composer.json as well, so that everything has their version pinned. (You can look at the changes in composer.lock or composer/installed.json to see what they are.)
  6. In some cases, the libraries might include not needed files (e.g. test files, project files, etc). If you cannot exclude them from library's archive (e.g. by export-ignoreing unwanted files in library's .gitattributes file), you can skip checking them in by listing them in .gitignore file.
  7. Rarely, lint checks fail because test files in some library were written for an unsupported PHP version. In that case add the test directories to the --exclude parameter in the script > test field in composer.json, and to .gitignore.
  8. Add and commit changes as a gerrit patch.
  9. Review and merge changes.

Note that you MUST pair patches changing versions of libraries used by MediaWiki itself with ones for the "core" repo. Specifically, the patch in mediawiki/core must have a Depends-On footer to the patch in mediawiki/vendor.

The vendor repo has special configuration, which skips the integrity checks and so allowing a circular dependency Gordian knot to be fixed. However, this means that, if merged alone without a pair, you'll cause ALL patches in MediaWiki and ALL extensions to fail their continuous integration tests.

If in doubt, seek advice from regular commiters to this repository.