Skip to content

fix #4936: warn user about auth overwriting #4971

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 29, 2016
Merged

fix #4936: warn user about auth overwriting #4971

merged 1 commit into from
Feb 29, 2016

Conversation

@e-moe
Copy link
Contributor

@e-moe e-moe commented Feb 27, 2016

No description provided.

Seldaek
Seldaek reviewed Feb 28, 2016
View reviewed changes
src/Composer/IO/BaseIO.php
$repositoryName
)
);
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry but this really has to be checked in loadConfiguration below before calling setAuthentication, because otherwise when we do interactive prompts for passwords we might end up writing the same auth domain/repositoryName a few times and I think that'd be quite confusing for users to see this warning at that point.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Seldaek, thanks for review! I will update my pull request.
what do you think if I'll replace setAuthentication call inside loadConfiguration to new protected function with this check/warning inside?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please, review updated code

@e-moe e-moe force-pushed the bugfix/4936-check-auth-overwrite branch from 2da9dd2 to 957e1cc Compare February 28, 2016 15:07
@Seldaek
Copy link
Member

Seldaek commented Feb 29, 2016

Looks good like this I think, thanks :)

Seldaek added a commit that referenced this pull request Feb 29, 2016
@Seldaek
Merge pull request #4971 from e-moe/bugfix/4936-check-auth-overwrite
fff71e5 
fix #4936: warn user about auth overwriting
@Seldaek Seldaek merged commit fff71e5 into composer:master Feb 29, 2016
@renatomefi
Copy link

Guys, I think its bugged, from nothing my composer started yelling this error all the time. I only have one auth.json config file and no domains repetitions, it also yells errors even when in an empty directory I do a composer require some package.
Somehow seems like the auth.json is getting read twice!

How can I better try to debug this to help?

@eXistenZNL
Copy link

+1, I am experiencing the same. To reproduce, just go to a random directory and type

composer require symfony/console

In my case I see two warnings because I have both authentication for GitHub and GitLab:

Using version ^3.0 for symfony/console
./composer.json has been updated
Warning: You should avoid overwriting already defined auth settings for github.com.
Warning: You should avoid overwriting already defined auth settings for gitlab.com.
Loading composer repositories with package information
Updating dependencies (including require-dev)

Please fix as the yellow warning is quite annoying :)

@Seldaek
Copy link
Member

Seldaek commented Mar 1, 2016

Hmm.. could be due to loading the global auth file.. I'll investigate.

@Seldaek
Copy link
Member

Seldaek commented Mar 1, 2016

In the meantime if either of you could paste the content of their auth.json (both global and local if present) without passwords obviously but just wondering how the config looks like.. And also please check if you have in composer.json or global config.json some auth config as well.

@Seldaek
Copy link
Member

Seldaek commented Mar 1, 2016

Can't reproduce this here guys so I need one of you to give more details.

@eXistenZNL
Copy link

Thx for the quick response! My auth.json is as follows:

{
    "github-oauth": {
        "github.com": "12345"
    },
    "gitlab-oauth": {
        "gitlab.com": "12345"
    }
}

and my config.json is this:

{
    "config": {
    }
}

This is the contents of my ~/.composer:

╭─stefan@svessen-t530  ~
╰─$ ls -al ~/.composer 
total 2360
drwxr-xr-x  4 stefan stefan    4096 feb  5 22:15 .
drwx------ 84 stefan stefan   20480 mrt  1 15:30 ..
-rw-r--r--  1 stefan stefan 1116502 okt  5 12:57 2015-08-02_11-10-47-06feb19-old.phar
-rw-r--r--  1 stefan stefan 1148306 dec 18 19:30 2015-10-03_22-10-34-fcce52b-old.phar
-r-x------  1 stefan stefan     215 dec 18 21:19 auth.json
-rw-rw-r--  1 stefan stefan      41 aug 11  2015 auth.key
drwxr-xr-x  5 stefan stefan    4096 okt  5 12:48 cache
-rw-rw-r--  1 stefan stefan      71 aug 12  2015 composer.json
-rw-rw-r--  1 stefan stefan    3552 aug 12  2015 composer.lock
-rw-------  1 stefan stefan      26 aug 11  2015 config.json
-rw-r--r--  1 stefan stefan      13 aug  4  2015 .htaccess
-rw-rw-r--  1 stefan stefan     799 feb  5 22:15 keys.dev.pub
-rw-rw-r--  1 stefan stefan     799 feb  5 22:15 keys.tags.pub
drwxrwxr-x  5 stefan stefan    4096 aug 12  2015 vendor

@Seldaek
Copy link
Member

Seldaek commented Mar 1, 2016

@eXistenZNL no warning for me using that.. Can you paste the output of composer require -vvv symfony/console? At least the part until the warnings.

@Seldaek Seldaek added the Bug label Mar 1, 2016
@Seldaek Seldaek added this to the Bugs milestone Mar 1, 2016
@Seldaek
Copy link
Member

Seldaek commented Mar 1, 2016

@eXistenZNL @renatomefidf please give me full -vvv output :)

@renatomefi
Copy link

verbose output:

Changed CWD to /home/renatomefi/Workspace/PHP/testbla
Reading ./composer.json
Loading config file /home/renatomefi/.composer/config.json
Loading config file /home/renatomefi/.composer/auth.json
Loading config file ./composer.json
Checking CA file /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
Executing command (/home/renatomefi/Workspace/PHP/testbla): git branch --no-color --no-abbrev -v
Executing command (/home/renatomefi/Workspace/PHP/testbla): git describe --exact-match --tags
Failed to initialize global composer: Composer could not find the config file: /home/renatomefi/.composer/composer.json
To initialize a project, please create a composer.json file as described in the https://getcomposer.org/ "Getting Started" section
Reading /home/renatomefi/Workspace/PHP/testbla/vendor/composer/installed.json
Downloading https://packagist.org/packages.json
Writing /home/renatomefi/.composer/cache/repo/https---packagist.org/packages.json into cache
Downloading http://packagist.org/p/provider-2013%246965b2932c5ab77fc051df30b62c3bb5657962b4529feb48b763577753c9f1ee.json
Writing /home/renatomefi/.composer/cache/repo/https---packagist.org/p-provider-2013.json into cache
Downloading http://packagist.org/p/provider-2014%24fc8a514e0ededf5b65b648318ecd295d8d58965663de4bc552dd5009c5afde8b.json
Writing /home/renatomefi/.composer/cache/repo/https---packagist.org/p-provider-2014.json into cache
Downloading http://packagist.org/p/provider-2015%2443485cd1b81211238ad0436cbf46988695b464e33f344cd8e8a459c536788086.json
Writing /home/renatomefi/.composer/cache/repo/https---packagist.org/p-provider-2015.json into cache
Downloading http://packagist.org/p/provider-2015-04%24db94e31deda860c2edb50715674b7034013de51d068bea8ba02247ff580d0580.json
Writing /home/renatomefi/.composer/cache/repo/https---packagist.org/p-provider-2015-04.json into cache
Downloading http://packagist.org/p/provider-2015-07%24de181915818233629bfd6db2db8a1dd519294b89c128d51012236498f00f051f.json
Writing /home/renatomefi/.composer/cache/repo/https---packagist.org/p-provider-2015-07.json into cache
Downloading http://packagist.org/p/provider-2015-10%242142fc835db8c18162c3033074779738bb5dac841ec5cf0ce6f0fdc62ba987cf.json
Writing /home/renatomefi/.composer/cache/repo/https---packagist.org/p-provider-2015-10.json into cache
Downloading http://packagist.org/p/provider-2016-01%2441a8929151294b66eaf7154bed8f3f7e56ea5cbcffae46f4e602c69c401e43cd.json
Writing /home/renatomefi/.composer/cache/repo/https---packagist.org/p-provider-2016-01.json into cache
Reading /home/renatomefi/.composer/cache/repo/https---packagist.org/p-provider-archived.json from cache
Downloading http://packagist.org/p/provider-latest%242792bb810759ae0719928d04f310a7ba4a85886fed17865c5c347edcf3009a47.json
Writing /home/renatomefi/.composer/cache/repo/https---packagist.org/p-provider-latest.json into cache
Downloading http://packagist.org/p/symfony/console%24b9b633949e9eefc04428a610fd5d4d5fbee339a61da7aea55e677c88e2d49bf2.json
Writing /home/renatomefi/.composer/cache/repo/https---packagist.org/provider-symfony$console.json into cache
Using version ^3.0 for symfony/console
./composer.json has been updated
Reading ./composer.json
Loading config file /home/renatomefi/.composer/config.json
Loading config file /home/renatomefi/.composer/auth.json
Loading config file ./composer.json
Warning: You should avoid overwriting already defined auth settings for github.com.
Executing command (/home/renatomefi/Workspace/PHP/testbla): git branch --no-color --no-abbrev -v
Executing command (/home/renatomefi/Workspace/PHP/testbla): git describe --exact-match --tags
Failed to initialize global composer: Composer could not find the config file: /home/renatomefi/.composer/composer.json
To initialize a project, please create a composer.json file as described in the https://getcomposer.org/ "Getting Started" section
Reading /home/renatomefi/Workspace/PHP/testbla/vendor/composer/installed.json
Reading ./composer.lock

home config.json

{
    "config": {
    }
}

home auth.json

{
    "github-oauth": {
        "github.com": "key"
    }
}

./composer.json

{
    "require": {
        "symfony/console": "^3.0"
    }
}

@curry684
Copy link
Contributor

curry684 commented Mar 2, 2016 

Loading config file /home/renatomefi/.composer/auth.json

./composer.json has been updated
Reading ./composer.json

It's caused by the reload when composer.json was updated. As you have a global auth.json the local reload thinks you're trying to overwrite it from the global project.

Seldaek added a commit that referenced this pull request Mar 2, 2016
@Seldaek
Avoid warnings due to duplicate loading of auth files, fixes #4971
6d1e8eb
@Seldaek
Copy link
Member

Seldaek commented Mar 2, 2016

Fixed in 6d1e8eb

@renatomefi
Copy link

Cool, that was pretty fast! :)

Thanks

@eXistenZNL
Copy link

Confirmed to be working both on my native host and my docker image.

I found this whilst trying to build the fastest smallest composer docker image possible, so at first I thought I missed a dependency or an extension or so but then I also noticed the same problem when running on my host.

Just checked and the problem is gone in both my docker image (Based on Alpine Linux), and my host (Ubuntu 15.10)

Thanks!

@e-moe e-moe deleted the bugfix/4936-check-auth-overwrite branch March 11, 2016 07:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Bug

Projects

None yet

Milestone

Bugs

Development

Successfully merging this pull request may close these issues.

5 participants

@e-moe @Seldaek @renatomefi @eXistenZNL @curry684