Composer/Packagist could not find package for minimum stability

Asked 14/12, 2016 at 18:25 Answered 22/1, 2021 at 14:58

I'm trying to install the following composer package:

composer require cr/hashcli

it is a package that I did. But when I try to install it I get the following error:

[InvalidArgumentException] Could not find package cr/hashcli at any version for your minimum-stability (stable). Check the package spelling or your minimum-stability

My composer.json is the following:

{
"name": "cr/hashcli",
"description": "HashCLI - PHP CLI Tool For hashing",
"type": "library",
"keywords": ["hash", "cli"],
"license": "MIT",
"require": {
    "php": ">=5.5"
},
"require-dev": {
    "phpunit/phpunit": "^5.7"
},
"bin":[
    "src/hashCLI"
],
"autoload": {
    "classmap": [
        "src/"
    ]
},
"autoload-dev": {
    "classmap": [
        "tests/"
    ]
}
}

Any idea on why this is happening and how can I solve this problem?

Savanna answered 14/12, 2016 at 18:25 Comment(0)

115

There is no stable version of this package. Use

composer require cr/hashcli:dev-master

Edit: nowadays you might check dev-main instead of dev-master.

Pointless answered 14/12, 2016 at 18:32 Comment(8)

And what does it take to have a stable version? – Pigheaded 14/12, 2016 at 18:34

Author of this package needs to release stable version. – Pointless 14/12, 2016 at 18:34

@Bizley's answer help me! To use an unstable package you can set your minimum-stability to dev and prefer-stable to true. But if you are coding a package and you want be able to download it then, just create a tag using Git and your package will be found as stable on packagist then. – Flagstone 17/12, 2016 at 23:10

Neat answer. Worked for me. Too many misleading answers for this – Adversary 15/10, 2019 at 8:32

I have created tags a while ago but still the issue. github.com/inimist/cakephp3-captcha. Any idea? – Kristin 19/10, 2019 at 15:58

@ArvindK. have you followed the packagist instruction how to set up your package for the automatic updates from github? Looks like this is the case. Maybe there is no webhook added or something. – Pointless 19/10, 2019 at 16:4

@Pointless I am not sure what was wrong. I had setup Packagist to auto sync. I created another release 1.2.2, manually updated in Packagist and it started to show 1.2.2 tag there. I did try the update last night as well but it did not work then. Not sure what was missing. Thanks anyways, it made it to install without mentioning dev-master finally. – Kristin 20/10, 2019 at 8:3

I got this problem when trying to use a library created by a work mate. In this case I had to use "composer require myCompanyName/my-workmate-library:dev-main" – Tudela 6/1, 2023 at 13:43

Since you mentioned that you are the author of the package you should create a release if you think that your version may be used in production.

You can do this at GitHub:

Click on 0 releases
Create a new release
Create a release version, perhaps v1.0, add a description and push the button:
Try to reinstall with composer. Make sure to remove the cahce first composer clear-cache and then just try composer require your/pagackge.

Sidenote:

I recommend you to read this to understand when you should name a release v1.0.1 or v1.1 or v.2.0-alpha etc. Here is a little excerpt:

Once a versioned package has been released, the contents of that version MUST NOT be modified. Any modifications MUST be released as a new version.

In other words, if you push something to your repository and you do not create another release. People are only able to download the latest release through composer.

6.Patch version Z (x.y.Z | x > 0) MUST be incremented if only backwards compatible bug fixes are introduced. A bug fix is defined as an internal change that fixes incorrect behavior.

For bug fixes that are not breaking anything you may update to v1.0.1

7.Minor version Y (x.Y.z | x > 0) MUST be incremented if new, backwards compatible functionality is introduced to the public API. It MUST be incremented if any public API functionality is marked as deprecated. [...]

If you add new functionality that does not break the code you should call the next release v1.1.0.

8.Major version X (X.y.z | X > 0) MUST be incremented if any backwards incompatible changes are introduced to the public API.

If you do something that may breaks the code from other people, you may call the new release v2.0

9.A pre-release version MAY be denoted by appending a hyphen and a series of dot separated identifiers immediately following the patch version. Identifiers MUST comprise only ASCII alphanumerics and hyphen [0-9A-Za-z-].

Anything called v1.3-alpha or v1.3-christmas will be seen as a pre-release.

Kylix answered 5/9, 2019 at 8:8 Comment(1)

You saved me! Couldn't figure out how to get away from dev-master and throw up a version. Tagging is not sufficient, but doing the release worked for me (after waiting a few minutes for cache to clear up) – Gerlac 18/3, 2020 at 22:51

If you want to be able to install dev packages you can change your composer config for that project:

composer config minimum-stability dev
composer config prefer-stable true

Meadowsweet answered 22/1, 2021 at 14:58 Comment(1)

that fixed it for me thanks! – Subjectivism 2/2, 2022 at 9:28

For those using Packagist, Composer and GIT from the command line, just tag your package after pushing it to GitHub:

git push origin master
git tag v1.0.0
git push --tags

And provided you have already created the GitHub Hook for Packagist, Packagist will update in a few minutes and then you can run composer require my-user/my-package from your consuming project.

Moot answered 23/9, 2020 at 16:14 Comment(0)

Recommended topics

Hot tags