Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Plugin Installer
Assessments

Plugin Installer Laravel Package

craftcms/plugin-installer

Automate installing and managing Craft CMS plugins via Composer. Simplifies adding plugins to projects, handling dependencies, and keeping installs consistent across environments—ideal for CI/CD workflows and teams that want repeatable, scriptable plugin setup.

View on GitHub
Deep Wiki
Context7

Technical Evaluation

Architecture Fit

  • Plugin Ecosystem Alignment: The package is specifically designed for Craft CMS, a PHP-based CMS built on Laravel-like conventions (e.g., service providers, config files, and Composer-based dependency management). This makes it a tight architectural fit for Craft CMS plugin installation workflows.
  • Composer Integration: Leverages Composer’s native installer system, aligning with PHP’s standard package management. This avoids reinventing the wheel and integrates seamlessly with Craft’s existing Composer-based plugin system.
  • Isolation from Core: The package operates at the Composer layer, meaning it doesn’t modify Craft’s core architecture but enhances plugin discovery/installation. This reduces risk of conflicts with future Craft updates.

Integration Feasibility

  • Low-Coupling Design: The package is a Composer plugin, meaning integration requires minimal changes to Craft’s core. It hooks into Composer’s lifecycle (e.g., post-install-cmd), making adoption straightforward.
  • Plugin Compatibility: Works with any Craft CMS plugin distributed via Packagist or private repositories. No need for custom plugin formats or additional metadata.
  • Existing Workflows: Craft CMS already uses Composer for plugin management (via craft install-plugin), so this package extends rather than replaces existing functionality.

Technical Risk

  • Dependency Conflicts: Risk of version mismatches between plugins and Craft CMS core (e.g., PHP version, Laravel dependencies). Mitigated by Craft’s existing composer.json constraints.
  • Composer Version Requirements: May require Composer 2.x+ for full functionality (e.g., modern plugin API). Craft CMS 4+ already enforces this.
  • Plugin-Specific Issues: Some plugins may rely on custom installation scripts or post-install hooks. The package assumes standard Composer-based plugins, so edge cases (e.g., non-PHP assets) may need manual handling.
  • Testing Overhead: Requires validating the package against all supported Craft CMS versions (3.x and 4.x) to ensure backward compatibility.

Key Questions

  1. Does Craft CMS 3.x/4.x fully support Composer 2.x? (Critical for plugin API compatibility.)
  2. How does this package handle private repositories or custom plugin sources? (Some enterprises use internal Packagist instances.)
  3. What’s the fallback if a plugin fails to install? (Does it roll back gracefully or require manual intervention?)
  4. Does it support plugin updates seamlessly, or does it require additional Craft CLI commands?
  5. Are there performance implications for large plugin ecosystems? (E.g., parallel installs, dependency resolution time.)
  6. How does it handle conflicting plugin dependencies? (E.g., two plugins requiring different versions of the same library.)
  7. Is there documentation for plugin developers on how to optimize their plugins for this installer?

Integration Approach

Stack Fit

  • Primary Use Case: Craft CMS plugin developers and system administrators managing plugin ecosystems.
  • Tech Stack Synergy:
    • PHP 8.0+ (Craft CMS 4.x requirement; aligns with modern Composer features).
    • Composer 2.x (Required for plugin API; Craft 4+ already enforces this).
    • Laravel-like Service Providers (Craft plugins use similar bootstrapping, so installation hooks integrate cleanly).
  • Alternatives Considered:
    • Custom Craft CLI commands: More invasive, requires core modifications.
    • Git-based plugin management: Less maintainable for dependency resolution.
    • Manual ZIP uploads: No dependency management, security risks.

Migration Path

  1. Phase 1: Pilot with Non-Critical Plugins
    • Test with low-risk plugins (e.g., utilities, non-core functionality) to validate installation/update workflows.
    • Compare success rates against existing craft install-plugin method.
  2. Phase 2: Gradual Adoption
    • Update composer.json in Craft project to include the installer: 
      "extra": {
  "installer-paths": {
    "plugins/*": ["type:craft-plugin"]
  }
}
    • Replace manual craft install-plugin with composer require vendor/plugin.
  3. Phase 3: Full Rollout
    • Automate plugin updates via Composer scripts (e.g., post-update-cmd).
    • Deprecate legacy installation methods in documentation.

Compatibility

  • Craft CMS Versions:
    • Craft 4.x: Full support (Composer 2.x, modern plugin API).
    • Craft 3.x: Partial support (may require Composer 1.x compatibility layer).
  • Plugin Compatibility:
    • Standard Composer Plugins: Works out-of-the-box.
    • Legacy Plugins: May need composer.json updates to declare type:craft-plugin.
  • Hosting Environments:
    • Shared Hosting: May block Composer execution (requires SSH or custom solutions).
    • Dedicated/VPS: Full compatibility with standard Composer workflows.

Sequencing

  1. Pre-Installation:
    • Verify Composer version (≥2.0.0).
    • Backup existing plugins and vendor/ directory.
  2. Installation:
    • Run composer require vendor/plugin (or composer update for updates).
    • Validate plugin activation via craft CLI or admin panel.
  3. Post-Installation:
    • Test plugin functionality (e.g., hooks, assets, dependencies).
    • Monitor for dependency conflicts or performance degradation.
  4. Rollback Plan:
    • Delete vendor/ and restore from backup if issues arise.
    • Use composer remove vendor/plugin for clean uninstallation.

Operational Impact

Maintenance

  • Proactive Tasks:
    • Composer Updates: Regularly update the installer package (craftcms/plugin-installer) for bug fixes.
    • Plugin Dependency Audits: Monitor for breaking changes in plugins or Craft CMS core.
    • Composer Lock Management: Pin versions in composer.lock to avoid unexpected updates.
  • Reactive Tasks:
    • Plugin Conflicts: Resolve via composer why-not vendor/plugin or manual dependency overrides.
    • Installer Failures: Debug Composer logs (--verbose flag) or Craft error logs.

Support

  • Troubleshooting Workflows:
    • Installation Failures: Check:
      • Composer version (composer --version).
      • Plugin composer.json validity.
      • Craft CMS compatibility (e.g., PHP version, Laravel constraints).
    • Update Issues: Use composer why vendor/plugin to diagnose dependency conflicts.
  • Documentation Gaps:
    • Plugin Developers: Need guidance on composer.json schema for Craft plugins.
    • Admins: Require runbooks for rollback procedures.
  • Third-Party Dependencies:
    • Rely on Craft CMS support for core issues.
    • Engage plugin authors for plugin-specific problems.

Scaling

  • Performance:
    • Large Plugin Counts: Composer resolution time increases with plugins. Mitigate by:
      • Using --prefer-dist to avoid runtime downloads.
      • Caching vendor/ in production.
    • Dependency Bloat: Monitor composer.json for excessive transitive dependencies.
  • Automation:
    • CI/CD Integration: Use Composer in pipelines for plugin testing/deployment.
    • Infrastructure as Code: Define plugin dependencies in composer.json for reproducibility.
  • Multi-Environment Sync:
    • Shared composer.lock: Ensures consistency across dev/staging/prod.
    • Private Packagist: For internal plugins, use repositories in composer.json.

Failure Modes

Failure Scenario Impact Mitigation
Composer version mismatch Installation fails Enforce Composer 2.x via .composer-version.
Plugin dependency conflicts Broken plugin or Craft core Use composer why to diagnose; manual overrides.
Corrupted vendor/ directory Silent failures or missing plugins Regular backups; composer install --prefer-dist.
Network issues (Packagist downtime) Installation hangs Use --prefer-source or local mirrors.
Plugin post-install hooks fail Partial functionality Log hooks; implement retry logic.
Craft CMS update breaks plugins Plugin incompatibility Test plugins against Craft beta releases.

Ramp-Up

  • Training Needs:
    • Developers: Teach composer.json structure for Craft plugins (e.g., type:craft-plugin, craft-version constraints).
    • Admins: Train on composer require/update vs. craft install-plugin.
  • Onboarding Checklist:
    1. Install craftcms/plugin-installer via Composer.
    2. Update composer.json with installer-paths.
    3. Test with a single plugin.
    4. Automate updates
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
make-dev/orca
dmstr/symfony-system-resources-bundle
dmstr/symfony-job-queue-bundle
dmstr/openapi-json-schema-bundle
dmstr/keycloak-security-bundle
dmstr/doctrine-audit-log-bundle
dmstr/api-platform-utils-bundle
dmstr/api-configuration-bundle
chrisdev/ux-components
baks-dev/finances
emuniq/filament-browser-notifications
syriable/filament-translator
hungnm28/livewire-form
wenprise/eloquent
crudly/encrypted
fadion/bouncy
cuci/prototurk-sdk
gos/pubsub-router-bundle
cuci/prototurk-sdk-symfony
clementtalleu/easyadmin-markdown-bundle