没有更好的解决方案.

您必须以某种方式提供托管程序包的每个存储库的元数据.Composer可以找到有关公共软件包的信息，因为它知道如何询问packagist.org.对于私有存储库，此操作无法完成，因此有人必须给Composer一个指针，以代替获取元数据的位置.

You have to provide the meta data of every repository hosting a package somehow. Composer can find out about the public packages because it knows how to ask packagist.org. For private repos this cannot be done, so someone has to give Composer a pointer where to get the meta data instead.

基本上有两种方法:不想使用的一种方法是，通过运行您自己的Packagist实例，Satis或Toran Proxy，使用另一个实例执行Packagist的相同功能.

There are basically two ways: The one you don't want to use is to use an additional instance doing the same thing Packagist does, by either running your own instance of Packagist, or Satis, or Toran Proxy.

另一种方法是在需要该软件包的所有composer.json文件中单独列出每个存储库.这显然是次等的解决方案，因为这意味着您必须不断地将拥有的所有存储库添加到所有存储库的composer.json文件中，以防万一发生交叉引用的依赖关系.另外，由于在更新期间收集最新数据时涉及的服务器连接数量，它可能会使速度变慢.

The other way is to list each repository individually in ALL composer.json files that would ever need the package hosted there. This clearly is the inferior solution because it means that you constantly have to add ALL repositories you have into ALL repositories' composer.json file, just in case any cross referenced dependencies occur. Additionally it probably slows things down because of the number of server connections involved when collecting the newest data during an update.

没有适合您的灵丹妙药.为了能够接受可接受的运行时间，Composer决定不递归扫描存储库.只有根存储库决定扫描软件包的位置，默认情况下仅使用Packagist(可以将其关闭)，然后再扫描类似packagist的实例或存储库.

There is no silver bullet for you. Composer decided to not scan repositories recursively in order to be able to have acceptable run times. Only the root repository decides where to scan for packages, with using only Packagist being the default (which can be turned off), and additionally scanning either packagist-like instances, or repos.

Satis仍然是托管私有存储库的最简单方法，因为它仅需要在命令行上运行PHP，然后通过静态HTTP托管使创建的文件可用.

Satis is still the easiest way to host private repos because it only requires running PHP on the command line, and then make the created files available via static HTTP hosting.

Packagist是一个PHP应用程序，具有对数据库，redis，缓存，邮件服务器等的依赖关系-设置起来可能比Satis要复杂.

Packagist is a PHP application with dependencies to a database, redis, a cache, a mail server etc. - likely more complicated to set up than Satis.

Toran Proxy也是一个PHP应用程序，但是没有这种依赖关系(根据网站-我没有使用它的经验).您只需要能够运行主脚本的虚拟主机.

Toran Proxy also is a PHP application, but without such dependencies (according to the website - I have no experience using it). You'd only need a vhost able to run the main script.

对于所有它们，您都必须正确配置，添加私有存储库列表以供它们扫描，然后将新Composer信息源的URL添加到所有 composer.json 文件保存在您所有的私有存储库中-但是最后一次只能完成一次，之后此URL保持不变，并指向您所有存储库的更新后的元数据.

For all of them, you'd have to get the configuration right, add the list of your private repositories for them to scan, and then add the URL of your new Composer information source to all composer.json files in all your private repositories - but this has to be done only one final time, after that this URL stays the same and points to updated meta data of all your repos.