- π«π·France prudloff Lille
Is there a Drupal policy stating that modules should not include a composer.lock file?
- πΊπΈUnited States DamienMcKenna NH, USA
Not specifically a policy, more the fact that when the project is added by Composer to a site the contents of this file are ignored.
From the point of view of contributing to the module, how does the composer.lock file help? I'm genuinely curious.
- π«π·France prudloff Lille
From the point of view of contributing to the module, how does the composer.lock file help? I'm genuinely curious.
This is more a general practice I have than something specific to this module.
Running
composer installin the module folder installs a pre-commit hook that runs checks on the code.
For example, the composer.lock file includes drupal/coder and different versions of this package sometimes enforce different rules.
On other projects, I have seen contributors going back and forth on code style changes because they had different versions of the rule installed depending on when they installed the dev dependencies for the first time, so I took the habit of versioning the lock file.
(In some cases, it can also help CI pipelines run the exact same checks as the pre-commit hook.)But on a small module like this one, it probably does not make that much of a difference.
- Status changed to Needs work
2 months ago 5:12pm 9 October 2024 - π«π·France prudloff Lille
drupal-quality-checker is not maintained anymore so we should probably remove it from require-dev and then we can remove the composer.lock file.