Ben RamseyJul 3, 2025

When specifying a "path" repository with a wildcard, does Composer do a recursive scan of the subdirectories for packages (i.e., composer.json files)?

I'm asking about when you have configuration like this:

{
"repositories": {
"modules": {
"type": "path",
"url": "modules/*"
}
}
}

#PHP #Composer

Show threadBen RamseyJul 3, 2025

I'm asking because I'm running into multiple variations of this error when I try running `composer update` or `composer require any/package`:

found another/package[0.0.1] in the lock file but not in remote repositories

All the packages that show that error are in the "path" repository and also in the lock file, and I can't figure out how to resolve this error so that I can require additional (external) packages.

#PHP #Composer

Show threaddpi
@ramsey found that using this repo method, setting a `version` key in the composer.json files of the fake projects you’re including is a quick solve for resolution pain points. I know they there’s root version env var and maybe other things also…
Jul 4, 2025 at 6:23amWeb
Show threadBen RamseyJul 7, 2025
@dpi Thanks for the pointer. Unfortunately, all our “fake” packages already have version specified in their composer.json files.
Show threadBen RamseyJul 7, 2025
@dpi Another member of our team resolved it. I’m still not clear on what caused it, though. We have some global package I needed to install that has a plugin I needed to allow, so clearly we’re doing something magical and strange that isn’t how Composer normally works.