composer-asset-plugin: Problems installing NPM-assets

since a few days i get errors when trying to update/install npm-asset dependencies

It’s trying to update to npm-asset/moment v2.22.1

  - Removing npm-asset/moment (2.22.0)

  [InvalidArgumentException]
  Unknown downloader type: npm-signature. Available types: git, svn, fossil, hg, perforce, zip, r
  ar, tar, gzip, xz, phar, file, path.

I don’t know if this is the correct place to report this, if not i’m sorry.

composer --version
Composer version 1.6.4 2018-04-13 12:04:24

and

fxp/composer-asset-plugin v1.4.2 NPM/Bower Dependency Manager for Composer

About this issue

Original URL
State: closed
Created 6 years ago
Reactions: 3
Comments: 16 (5 by maintainers)

Links to this issue

yii2 - Composer fail on update with "npm-signature" error - Stack Overflow

Commits related to this issue

Fix "Unknown downloader type: npm-signature" exception. Issue: https://github.com/fxpio/composer-asset-plugin/issues/321 — committed to Zaporozhec7/composer-asset-plugin by another-one-studio 6 years ago
Fix "Unknown downloader type: npm-signature" exception. Issue: https://github.com/fxpio/composer-asset-plugin/issues/321 — committed to Zaporozhec7/composer-asset-plugin by Zaporozhec7 6 years ago

Most upvoted comments

@francoispluchino

he PR #323 still has errors in the tests, that’s why it is not merged. But you can contribute by proposing a valid PR. A help is always appreciated.

This sounds easy in theory, right? But think a bit, we are developers doing other things and we have no experience to work on your plugin, getting involved would mean maybe hours to only learn it’s internals.

If you have problem finding the time, please don’t throw it on your user base, instead, set a donation page, let us pay for your time and fix the issue if possible. This is how things work, i would gladly contribute to see this issue solved.

Just my two cents.

twisted1919 on May 22, 2018

@sicutdeux

Another workaround - it worked for me (compared with @rob006 described - you need not locate release tarball):

    "config": {
        ...
        "fxp-asset": {
             ...
            "repositories": [
                {
                    "name": "npm-asset/html5sortable",
                    "type": "npm-vcs",
                    "url": "git@github.com:lukasoppermann/html5sortable.git"
                }

Note that you add package to repositories in fxp-asset entry in config, not to repositories in composer.json root.

SDKiller on May 11, 2018

I have created pull request with fix for this issue, but it fail test, since my fix disallow other dist types than supported by Composer, but in test data used dist type “type” (https://github.com/fxpio/composer-asset-plugin/blob/master/Tests/Converter/NpmPackageConverterTest.php#L192).

I think filter out all unknown by Composer types is right solution, since this can help to avoid new issues like this if next time npm will add another one new field to dist information

Zaporozhec7 on Apr 21, 2018

The reason: https://blog.npmjs.org/post/172999548390/new-pgp-machinery

I described workaround at Stack Overflow, but it will be a pain if you have multiple npm packages broken by this.

@SilverFire @hiqsol This affects also asset-packagist - just check dist URL of last release of https://asset-packagist.org/package/npm-asset/moment

rob006 on Apr 20, 2018

Any updates on this ? This simply left our apps broken…

twisted1919 on Apr 26, 2018