As part of the Composer initiative, we need to create some Composer plugins within Drupal core. Current issues dealing with Composer plugins are:
Since we're adding Composer-based plugins to Drupal core as subtree-split components, we need to be able to run their tests.
This means adding composer/composer as a dev dependency of those components.
For components, we have historically used the wikimedia merge plugin to merge the dev dependency of components when installing or updating drupal/drupal. We can see this is the case in #2982684: Add a composer scaffolding plugin to core → , which seeks to add a scaffold-building plugin to core. This plugin is not expected to be available to Composer, however, within the scope of that issue. Therefore merging the dependencies is fine for now.
In the case of #3057094: Add Composer vendor/ hardening plugin to core → , however, we do expect the vendor cleanup plugin to be available to Composer when it installs and updates core locally. We need to a) Allow the plugin to do vendor cleanup during install and update before core's runtime starts, and b) Be able to patch the component and its tests, and then run the tests. This means we can't use merge to inherit the plugin's dev dependencies. That's why that issue changes the drupal/drupal package to have composer/composer as a dev dependency, along with other packages already in use in core. This is acceptable because the plan of the Composer initiative is to replace drupal/drupal with a Composer-based project that emulates the tarball style: #2982680: Add composer-ready project templates to Drupal core →
The difference between those two issues explained, it seems as though reviewers here would be familiar with composer/composer since it's used all day every day to build essentially all PHP projects everywhere. :-)
composer/composerFixed
8.8 ⚰️
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.