Cannot run proc_open on shared hosting - drupal-modules

I am trying to use Composer to update a Drupal module. After reading a lot, I am presuming that proc_open is disabled in my shared hosting env. If that is the case, can it be enabled for just one hostname or is it server-wide?
"The Process class relies on proc_open, which is not available on your PHP installation."
From the host: Cpanel states the shell php is system wide so we cannot edit it for just this site. (this comes directly from a ticket they used at cPanel)
The module I was trying to update is for Drupal, Webform latest stable version. Not recommended to update with GUI or Manually....
I understand that proc_open is a potential security risk to other hosts but is there ANY workaround short of a dedicated server? Upping the co$t of doing business by a LOT :)
$ composer require 'drupal/webform:^6.2#beta'
./composer.json has been updated
Running composer update drupal/webform
Loading composer repositories with package information
Updating dependencies
Lock file op#drupal/webform (6.2.0-beta1)
Writing lock file
Installing dependencies from lock file (including require-dev)
Nothing to install, update or remove
2 package suggestions were added by new dependencies, use `composer suggest` to see details.
Package doctrine/reflection is abandoned, you should avoid using it. Use roave/better-reflection instead.
Generating autoload files
Hardening vendor directory with .htaccess and web.config files.
41 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
Scaffolding files for drupal/core:
- Copy [web-root]/sites/default/default.services.yml from assets/scaffold/files/default.services.yml
- Copy [web-root]/sites/default/default.settings.php from assets/scaffold/files/default.settings.php
Installation failed, reverting ./composer.json and ./composer.lock to their original content.
[Symfony\Component\Process\Exception\RuntimeException]
The Process class relies on proc_open, which is not available on your PHP installation.

Related

The Process class relies on proc_open, which is not available on your PHP installation

I am trying to finish converting a Drupal | 9.3 site and update The Webform Module for Drupal using Composer. A warning appears in Drupals admin-interface that using auto-update has a good chance of failing.... manual update MIGHT work.... and using composer is the recommended way plus, long term... no Composer, not much chance of updating compex modules.
***At bottom of this post, details with the commands and output I received using Composer are viewable.
I'm on shared hosting and the host investigated through cPanel and on to the upstream wholesale provider. "proc_open" is disabled server-wide as it can potentially traverse the entire server skel, a potentialy security risk to other hosts on the shared server. "proc_open" cannot be enabled for just one host on this system or any system that isn't in a dedicated environment.... all alternatives ^$up the cost of operation BIG.
Does anyone know if there is in fact a workaround? All options/feedback greatly appreciated. I know I'm not alone in this. Has anyone successfully done the manual update to Webform 6.2#beta? Long term, manual updates for Drupal Modules are going to become more and more difficult sans composer....
DRUPAL WEBFORM
6.2.0-beta2 released 15 February 2022
Works with Drupal: ^9.2
Install: $ composer require 'drupal/webform:^6.2#beta'
Thank you!
############# #various command/output #################
Lock file op#drupal/webform 6.2.0-beta1
Writing lock file
Installing dependencies from lock file including require-dev
Nothing to install, update or remove
2 package suggestions were added by new dependencies, use composer suggest to see details.
Package doctrine/reflection is abandoned, you should avoid using it. Use roave/better-reflection instead.
Generating autoload files
Hardening vendor directory with .htaccess and web.config files.
41 packages you are using are looking for funding.
Use the composer fund command to find out more!
Scaffolding files for drupal/core:
Copy [web-root]/sites/default/default.services.yml from assets/scaffold/files/default.services.yml
Copy [web-root]/sites/default/default.settings.php from assets/scaffold/files/default.settings.php
Installation failed, reverting ./composer.json and ./composer.lock to their original content.
[Symfony\Component\Process\Exception\RuntimeException]
The Process class relies on proc_open, which is not available on your PHP installation.
TRIED THIS AS WELL
[user#server web-services]$ composer update drupal/webform --with-dependencies
Loading composer repositories with package information
Updating dependencies
Package "drupal/webform" listed for update is not locked.
Nothing to modify in lock file
Installing dependencies from lock file including require-dev
Package operations: 0 installs, 0 updates, 1 removal
Removing drupal/webform 6.2.0-beta1
Deleting modules/contrib/webform - deleted
Package doctrine/reflection is abandoned, you should avoid using it. Use roave/better-reflection instead.
Generating autoload files
Hardening vendor directory with .htaccess and web.config files.
41 packages you are using are looking for funding.
Use the composer fund command to find out more!
[Symfony\Component\Process\Exception\RuntimeException]
The Process class relies on proc_open, which is not available on your PHP installation.

How to import and use a modified npm library packages dynamically

I am using a sigmajs library for creating node based graph visualisations. But the library package had a few bugs, so I modified a few files in the source code of the library and fixed them.
I have hosted my graphs on django server, and whenever I host it, the sigma package in the package.json gets loaded dynamically each time. The static library files on my machine which I had modified and fixed bugs don't get loaded. So,I get the same old package and not the modified one.
How do I access the modified library package dynamically when I host the server.
My advice is that of copying your fixed version of the library on server and install it from local path instead of remote npm repository like this:
npm install --save /path/to/fixed/lib/dir/in/server.
See this answer: npm local install
Pay attention that your fixed lib won't be sync with official one.
I don't know how you modify the library but i suggest to fork the official repository and syncronize your local one with remote one as for example explaind here sync forked repo github.
In this way you can sync to official repo while you mantain your fix and you will install your modified local one. Eventually consider to open issues and PR on sigmajs official repo to apply your fix directly to official library. If they will be accepted you can then install directly official version.

Custom Recipe on a Cookbook

I'm developing a custom recipe using the package packages from chef.
I created a file under the recipes folder called apache.rb.
Then I uploaded the cookbook through berks and I edited the recipes list on one node with recipe["packages::apache"].
When i run the chef-client I got the following error:
could not find recipe apache for cookbook packages
This is the apache.rb located under recipes/ folder:
package 'Install Apache' do
case node[:platform]
when 'redhat', 'centos'
package_name 'httpd'
version '2.2.0'
when 'ubuntu', 'debian'
package_name 'apache2'
end
action :install
end
Can you try knife upload . --force, to make sure the cookbook is really up-to-date on the chef server?
There might be an older version of the cookbook already uploaded (i.e. before you created the apache recipe), and because you've kept the version number in metadata.rb the same, knife (or berks, depending on what you use for the upload) might be skipping the upload, thinking nothing's changed.
UPDATE:
It should be noted that the above should really only be used if you are really sure you want to update the existing version on the Chef Server (e.g. if you are still in development).
Bumping the version number on the cookbook's metadata would be a much better way to solve this problem for production environments, as pointed out by #Tensibai in the comments below.

Adding dependencies from a single file, without composer.json

I am struggling around a wrong usage of composer, for sure.
I set up this repository: https://github.com/alle/assets-merger
I forked the project and was just trying to make it a kohana-module, including all the dependencies.
As for it would need the YUI comporess JAR, I was trying to make just that JARfile as a dependency, and I ended to declare it in the composer.json file (please, look at this).
Once I need to add my new package to a project I add it in the require section as follows:
...
"alle/assets-merger": "dev-master",
...
But the (latest) composer update command says:
Loading composer repositories with package information
Updating dependencies (including require-dev)
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Installation request for alle/assets-merger dev-develop -> satisfiable by alle/assets-merger[dev-develop].
- alle/assets-merger dev-develop requires yui/yuicompressor 2.4.8 -> no matching package found.
Potential causes:
- A typo in the package name
- The package is not available in a stable-enough version according to your minimum-stability setting see <https://groups.google.com/d/topic/composer-dev/_g3ASeIFlrc/discussion> for more details.
And my story ends here.
How should I configure my composer.json in the https://github.com/alle/assets-merger repository, in order to include it as a fully satisfied kohana-module in other projects?
Some things I notice in your composer.json.
There is a version of that CSS minify available on Packagist which says it is just a copy of the original Goole-Code hosted files, but with Composer: natxet/cssmin. It is version 3.0.2, but I think that shouldn't make a difference.
mrclay/minify is included twice in the packages with the same version. It also is available on Packagist. You will probably already use that (version 2.2.0 is registered, and because you didn't turn of Packagist access, it will be generally available for install unless a version requirement or conflict prevents it).
You are trying to download a JAR file (which is a java executable without and PHP), but try to get PHP classmaps out of it. That will fail for sure.
You did miss the big note in the Composer documentation saying that Composer cannot resolve repositories mentioned in sub packages, only in the root package. That means that whatever you mention in your alle/asset-merger package will not be used if you use that package anywhere else. You'd have to duplicate these repositories in every package in addition to adding the package name itself as "required".
What this means is that you probably avoided missing mrclay/minify because it is available on Packagist, you might as well have added the cssmin by accident, but you definitly did not add YUICompressor.
But you shouldn't add this in the first place, because it is no PHP software. You can however add post-install commands to your projects. All your Composer integration does is download the JAR file. You can do that with a post-install or post-update command. See the documentation here.

laravel 4 suggestions about new installations

I have just installed laravel 4 using composer in my linux os. While it was downloading and installing all the packages it also gave me a lot of suggestions. It asked me to install
symfony/config
symfony/yaml
symfony/dependemcy-injection
symfony/class-loader
symfony/validator
doctrine/dbal
symfony/expression-language
doctrine/annotations
ext-phpiredis
ext-curl
ext-gmp
paer-pear/PHP_Compat
ext-intl
graylog2/gelf-php
raven/raven
doctrine/couchdb
ruflin/elastica
ext-amqp
ext-mongo
aws/aws-sdk-php
rollbar/rollbar
Should I install these things. And if I have to then how would I install them? Thanks in advance. :D
You don't have to install them for Laravel to function any differently. You should only install them if you explicitly plan on using them. The install directions are usually found on the project's github page.
All of those packages can be found on http://www.packagist.com where you will easily be able to find them, see install directions, usage, etc...
To install them, usually you'd just add the appropriate line, usually found in the documentation, to your composer.json file, run composer update and they should automatically be made available to your project.
You got suggestions for both PHP library packages (PHP code) and PHP extensions (C code).
You should only install the PHP libraries if you know you want to use them. The suggestion feature of Composer allows any developer of a package to let Composer announce on update that there might be more software that enhances the library, but is entirely optional. The description next to the package name might have details on why the package could be installed. For example, a library for FTP and HTTP access might want to use existing FTP or HTTP clients, and will announce both as suggestions. If you decide you don't need FTP access, you only require the HTTP client to be used.
You cannot install PHP extensions via Composer. Installing them usually requires some kind of administrator access to the server, and depends on which OS is installed and whether or not it allows to install these extensions as a regular software package, or needs to have the PECL install toolchain available. If a PHP library suggests a PHP extension, then this extension also is completely optional, and you probably will know that if you need that feature (like access to MongoDB), you need the PHP extension as a prerequisite, but are likely to already have it installed (which would skip this suggestion from the list because it is fulfilled).

Resources