captainhook/plugin-composer
Deprecated Composer plugin for CaptainHook that auto-installs Git hooks for your team. Configure hook file name, PHAR path, or disable via composer.json “extra”. Use captainhook/hook-installer instead for flexible PHAR/source installs.
Architecture fit is poor due to forced rigid dependency model conflicting with modern Laravel practices. Integration feasibility is near-zero as the package is officially deprecated with explicit warnings in the README. Technical risk is severe: no maintenance since January 2022, zero dependents, known incompatibilities with Composer 2.2+ and PHP 8.1+, and unpatched security vulnerabilities. Key questions include: Why was the package replaced by hook-installer? What specific vulnerabilities or limitations triggered deprecation? What is the official migration timeline for existing users? How does hook-installer resolve architectural flaws like hardcoded CaptainHook dependencies?
This package must never be integrated into new Laravel projects. The only valid approach is migrating to captainhook/hook-installer. Stack fit analysis shows active conflicts with modern PHP/Composer ecosystems due to hardcoded dependencies and lack of PHP 8+ support. Migration path requires removing captainhook/plugin-composer from require-dev and adding captainhook/hook-installer with either captainhook/captainhook-phar (PHAR) or captainhook/captainhook (source). Compatibility is nonexistent for current toolchains—it fails on Composer 2.2+ and PHP 8.1+ without manual workarounds. Sequencing must prioritize immediate replacement: new projects should never reference this package; existing users must migrate before infrastructure upgrades.
Maintenance burden would be high due to complete lack of updates since 2022—any issues require in-house fixes without vendor support. Support is non-existent: GitHub issues are unanswered and community resources are obsolete. Scaling is impossible as the package fails in secondary worktrees (fixed only in v5.3.2 of deprecated version) and cannot handle modern team workflows. Failure modes include silent hook installation failures (v5.2.0), PHP binary mismatches (v5.3.1), and unpatched security vulnerabilities. Ramp-up effort is counterproductive—teams should instead invest time learning hook-installer's configuration for PHAR/source/PHIVE setups, which supports all current Laravel versions with documented best practices.
How can I help you explore Laravel packages today?