0

I work on some sites with many composer requirements and need to be able to create a report of all of the package sources. For example, if I had the following packages:

zizaco/entrust
taitems/jQuery.Gantt
opauth/opauth

and some of these were not on packagist, I may want to get a list of all of them in a csv or other format so that I can review them. I know we have composer show to list out all of the installed packages, but can we get more details so we can see, at a glance, where packages came from? By "where they came from", I am referring to the original url source of the package, such as "https://github.com/mycompany/privaterepo", so the goal is to type something like composer show --someswitch and then see a list of packages along with the source url.

Jav
  • 543
  • 1
  • 4
  • 10
  • Your requirements are pretty vague, but have you seen `composer show --tree`? – waterloomatt Sep 19 '21 at 17:54
  • @waterloomatt please explain what you mean by vague? I gave details of what I was trying to achieve. While I appreciate your suggestion of using `composer show --tree`, it does not answer the question of where did the packages come from. In the event that it was not clear that I'm looking for the source of the package, I will update the question to include that, and perhaps you can upvote the question if that is more helpful. If not, please clarify what you feel I should change in the OP. Thanks. – Jav Sep 20 '21 at 16:43
  • Are you able to parse/inspect your `composer.lock` file? You should be able to go through _packages.source.url_ or possible _packages.dist.url_ to find the repo's URL. – waterloomatt Sep 20 '21 at 17:47
  • I thought of that first, but the reason for my post was to, hopefully, learn of a cool composer command that did the trick. – Jav Sep 22 '21 at 01:23

0 Answers0