Contrib.social

Create a mirror for external library dependencies for composer support

Open on Drupal.org β†’
Created on 16 December 2024, 6 days ago

Problem/Motivation

This module requires an external library for certain functionality, but it's not installed via composer, so it is loaded from a CDN as a fallback. Loading resources from third parties requires consent from the user in some places, so this is not an ideal solution from a privacy perspective. And privacy compliance is a high-priority feature for Drupal CMS, so we would love to find a resolution to this, since BEF is included in Drupal CMS for several recipes.

Proposed resolution

In other places, we've created mirrors for external libraries on d.o and made them available to composer that way. Details to be provided by @jurgenhaas.

Remaining tasks

TBC

User interface changes

None

API changes

None

Data model changes

None

✨ Feature request
Status

Active

Version

7.0

Component

Code

Created by

πŸ‡¦πŸ‡ΊAustralia pameeela

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @pameeela
  • Comment 6 days ago β†’
    πŸ‡¦πŸ‡ΊAustralia pameeela
  • Comment 6 days ago β†’
    πŸ‡©πŸ‡ͺGermany jurgenhaas Gottmadingen

    Thanks @pameeela for introducing this.

    Happy to help out with this, if maintainers agree to proceed with this. Here is what we've done in other places like Fullcallendar β†’ or Klaro β†’ :

    • Create a general project on d.o as a mirror of the remote library
    • Add a composer.json to that repository, set the name to drupal/NAMEOFLIB and set the type to drupal-library, also add the installer-name in the extra section to the name of the directory into which this library needs to be installed
    • Push that code and create a release, ideally with the same version number as the referencing upstream library

    The packaging system from d.o will publish that project to Packagist and you can now add drupal/NAMEOFLIB to require section of the composer.json of this project. From now on, the library will be installed automatically without the user having to do anything manually.

  • Comment 6 days ago β†’
    πŸ‡¦πŸ‡ΊAustralia pameeela

    Changing tag to target since this is a pretty last-minute request and is not trivial.

  • Comment 6 days ago β†’
    πŸ‡ΊπŸ‡ΈUnited States smustgrave

    Would it be easier to add a composer.libraries file?

  • Comment 6 days ago β†’
    πŸ‡©πŸ‡ͺGermany jurgenhaas Gottmadingen

    @smustgrave it won't help. The problem is that composer can't load the required library without the declaration of an extra repository. And that needs to be done manually in the root composer.json file, i.e. that's manual work and therefore not a solution for Drupal CMS.

    As composer already knows about the repository of packagist.org, we can easily make the libraries available there and every composer can require them without any extra or manual setup. In addition to that, this approach also solves the need that the libraries then get installed in the right directory as well, i.e. /web/libraries. Also without any extra configuration.

  • Comment 5 days ago β†’
    πŸ‡ΊπŸ‡ΈUnited States smustgrave

    Gotcha, sure I'm fine with the idea.

  • Comment 3 days ago β†’
    πŸ‡¨πŸ‡¦Canada Liam Morland Ontario, CA πŸ‡¨πŸ‡¦
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024