Install premium WordPress theme with Composer

2 Views

I’ve bought a “premium” theme on Themeforest: Avada. I’d like to install this theme with Composer because it’s a dependency (I’m using Bedrock as base). So I came across this article where they suggest to make a custom package with the download link (example with some of there own WordPress plugins WP Migrate DB Pro): 

"require": {
    "deliciousbrains/wp-migrate-db-pro": "*"
},
"repositories": [
    {
        "type": "package",
        "package": {
            "name": "deliciousbrains/wp-migrate-db-pro",
            "type": "wordpress-plugin",
            "version": "1.5",
            "dist": {
                "type": "zip",
                "url": "https://deliciousbrains.com/dl/wp-migrate-db-pro-latest.zip?licence_key=<LICENSE_KEY>&site_url=composer-test.dev"
            },
            "require": {
                "composer/installers": "v1.0.7"
            }
        }
    }
]

Very nice, but then I’ve to maintain the version numbers by myself (I can’t download an old version) and I don’t like license keys in urls that much. But alright, I’ve tried but I need to be logged in on Themeforest else the download link (something like http://themeforest.net/user/username/download_purchase/some-random-id?accessor=wordpress_theme) won’t work. I can try to trace the download link but Envato recommends against download manager, so I don’t think this is allowed or the way to go. I’ve contacted Envato in the past because they recommend using Composer on there tutorial site Tutsplus but they don’t support this on there marketplace sites. Never got a reply.

Read More

Another method is to create my own GIT repository for Avada. No problem, so I’ve created it, added all the files with my own composer.json file: 

{
    "name": "username/wordpress-avada-theme",
    "type": "wordpress-theme"
}

Pretty simple, added a GIT tag with the version and it can be installed. Very nice! But… I’ve to maintain this by myself, if Avada releases a new version I’ve to remove all files from my Avada repo, add the new files with a new version number tag and then I can install the new version with Composer.

Another problem: plugins, Avada comes with some plugins which needs to be installed:

  • Fusion Core
  • Layerslider
  • Revolution Slider

So I need 3 more repositories and I’ve to maintain them all if a new version comes out. So I’ve contacted Theme Fusion, the creators of the theme. I don’t think they doesn’t work with version control and it’s true, they use GIT but they are not allowed to give me access because of the conditions of Envato.

What other options do I have? I’m now just using Composer for WordPress itself and all free plugins but I’d like to use it for my “premium” stuff too. Composer should make things easier, but when I’ve to maintain those repo’s it’s not. So for now I’ve putted Avada and it’s plugins in the project repo but it doesn’t feel good.

EDIT: Meanwhile I’ve found some interesting stuff in the Envato API which could make this possible, see my issue on the wpackagist repository which is a Composer mirror of the WordPress plugin and theme directory.

Post Views: 2

Related posts

4 comments

  1. SatisPress is what you are looking for. It’s a tool that allows you to

    expose installed WordPress plugins and themes as Composer packages.

    It’s quite easy to setup and use:

    1. Setup WordPress instance (e.g. packages.example.com)
    2. Install and activate SatisPress
    3. Install and active premium/paid packages (plugins/themes)
    4. Provide license credentials to enable automatic updates
    5. Add access token
    6. Add repository and credentials to your composer.json/auth.json (or Private Packagist mirror)
    7. Require premium package like this: $ composer require satispress/my-private-plugin

    Refer to the documentation for more details: https://github.com/cedaro/satispress/blob/develop/docs/index.md

    Note: I’m not affiliated with SatisPress or Private Packagist.

  2. I’m beta-ing a better solution to this. Sign up here.

    Though it won’t currently handle nested dependencies (your Fusion Slider, Fusion Builder, etc) it will allow you to manage Avada (or other Envato purchases) via Composer and use version constraints properly:

    composer require theme-fusion/avada

    Or something to that effect.

    Though Avada specifically screws this up because they have their patch updates that are applied outside the scope of normal WordPress updates. So to say nothing of that.

  3. I’ve often seen people place purchased content under source control so it can be code reviewed when a new version is introduced. However, I believe the common practice for private packages is to use a private repository.

    There are a handful of options when the private packages have composer.json files in them. Unfortunately, with WordPress that is often not the case. You can put a packages.json file on a webserver to use that URL as a composer repository.

    The test fixture in the composer source can be used as an example for what is expected in that file. I tend to leave out the version_normalized field and provide dist information opposed to source (both can be provided).

    What I had done in the past was place all of the packages on an internal server with a naming convention that reflected the relevant metadata so a composer repository could be generated easily from a bash script.

    Something like /archives/{package-type}/{vendor}/{name}_{version}.zip

Comments are closed.