1
0
Fork 0

Merge pull request #8762 from stof/patch-1

Fix the doc about repository priorities
pull/8780/head
Jordi Boggiano 2020-04-13 11:47:04 +02:00 committed by GitHub
commit f5e80778c8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions

View File

@ -17,7 +17,7 @@ has been found somewhere. It also avoids loading duplicate packages in case
the same package is present in several of your repositories. the same package is present in several of your repositories.
- Security wise, it is safer to treat them canonically as it means that packages you - Security wise, it is safer to treat them canonically as it means that packages you
expect to come from your most important repositories will never be loaded from expect to come from your most important repositories will never be loaded from
another repository instad. Let's another repository instead. Let's
say you have a private repository which is not canonical, and you require your say you have a private repository which is not canonical, and you require your
private package `foo/bar ^2.0` for example. Now if someone publishes private package `foo/bar ^2.0` for example. Now if someone publishes
`foo/bar 2.999` to packagist.org, suddenly Composer will pick that package as it `foo/bar 2.999` to packagist.org, suddenly Composer will pick that package as it
@ -76,7 +76,7 @@ For example here we want to pick only the package `foo/bar` and all the packages
} }
``` ```
And in this other example we exclude `toy/package` from a path repository, which And in this other example we exclude `toy/package` from a repository, which
we may not want to load in this project. we may not want to load in this project.
```json ```json