Best way to install private/paid plugins with Composer?

This doesn’t work because I use trellis for deploy. At the deploy the whole wordpress structure including the plugin directory is rebuild by composer.

You can do this the same way you did it with the MU Plugins method you described above; install the plugins on your dev machine, exclude them in .gitignore, commit them, and deploy.

That doesn’t work as described above…

The plugins are not working and wordpress doesn’t seem to detect them correctly.

Right. I’m saying use the same method you used for mu-plugins, but don’t put them in the mu-plugins directory; put them in the plugins directory.

1 Like

Ah, ok. Yeah! I could try that. Thx.

I’m having this exact same issue now, trying to install WP Sync DB; I’ve properly added the repository and require entries to my composer.json file, and when running composer update, it spits out an error because the requirement on the WP Sync DB repo’s composer file lists composer/installers ~1.0.6 (which doesn’t gel with my projects requirements, which are ~1.2.0).

What’s the cleanest, most sustainable way to fix this issue? I can’t find a solid answer for this anywhere, sadly.

Please don’t use this forum for support for WP Sync DB… and please use the actual plugin from Delicious Brains. :slight_smile:


I didn’t believe this to be a support issue for WP Sync DB; on its own, the plugin works fine. Where I was having an issue was trying to bring it into my project using what I believed to be the proper method for use with Roots when a plugin wasn’t available on packagist, thus I was looking for some guidance in that respect.

My assumption is, if I posted this on WP Sync DB’s Github page, they’d direct me back here.

I was able to fix the issue by forking their repo and simply changing the constraint in their composer.json file. I just don’t feel like this was the cleanest way of doing things. I also wanted to find a method that worked best moving forward, since many of these other plugins can include constraints which don’t meet my project’s requirements.

It might be worth making a pull request to their repo. Their dependencies are out of date and causing problems.


SatisPress is the best solution IMO.

Been using the new to manage 35 private plugins and very happy with it

It can also automatically mirror packages from other 3rd party sources, such as and WPackagist


Just a head up, Brady Vercher - the guy behind satispress, is in the process of building a commercial offering called Crate.

I think it would be of interest to the Roots Community as composer support and multiple environments are the primary issues he’s trying to tackle.

Recently he’s submitted some screenshots of the alpha interface and has posted a request for feedback, if you’d potentially be interested in crate it’d be worth filling out the form so he has more data to work with when steering the product.

To this day we’re still using 2 Satispress instances ( one for commercial plugins, one for woocommerce extensions ) and it’s working pretty great :slight_smile:

This looks like a cool idea & I saw it a while back. My only concern is that it appears that Crate installs plugins right into your WordPress setup and avoids Composer unless I’m missing something? And if that’s the case, this would not really be useable for people that use Bedrock or manage their installs with Composer

If it’s like Satis then you keep a WP install “running” the plugins you wish to “serve” via composer.

From chatting with Brady it seems like it has a few options.

It’s a plugin / service that has a client mode and a server mode. The server mode is a lot like satispress is now, and can be consumed by multiple clients, one of which is composer, and composer support appears to be getting better too (ability edit package.json etc) So you can continue to use it much like satispress, but with a better interface etc

The plugin can also act as a client for the server, allowing you to push packages to sites in client mode from the server, or install and update plugins via the client site’s admin for those not using composer and who rely on a more traditional wp-admin based management experience.

1 Like

(First post yay hi everybody!)
I’m trying to make Satispress work, but I get this error when I run composer update, anybody knows what I’m doing wrong? (I have been trying to install Formidable Pro)

Loading composer repositories with package information
Warning: Accessing over http which is an insecure protocol.
Updating dependencies (including require-dev)
Package operations: 1 install, 0 updates, 0 removals
  - Installing satispress/formidable (2.05.03): Downloading (100%)         
  The checksum verification of the file failed (downloaded from http://website  

Here is my packages.json:

// 20171103170859

  "packages": {
    "satispress/formidable": {
      "2.05.03": {
        "name": "satispress/formidable",
        "version": "2.05.03",
        "version_normalized": "",
        "dist": {
          "type": "zip",
          "url": "",
          "shasum": "2dbc2cff2044cbd227987579b057d2fbb603db30"
        "require": {
          "composer/installers": "~1.0"
        "type": "wordpress-plugin",
        "authors": [
            "name": "Strategy11",
            "homepage": ""
        "description": "Quickly and easily create drag-and-drop forms",
        "homepage": ""
1 Like

Am I seeing correctly that the starts at 49euro a month for a (3 user) month-to-month subscription?


We do offer a single developer plan for 19 euros/month. If you are interested in that I can create a voucher code so you can access it. We don’t offer it outright because some companies sadly abuse single dev accounts by sharing credentials. –Jordi from Packagist Conductors

1 Like

We do offer a single developer plan for 19 euros/month. If you are interested in that I can create a voucher code so you can access it. We don’t offer it outright because some companies sadly abuse single dev accounts by sharing credentials. –Jordi from Packagist Conductors

Nice! Still a little steep for me :sweat_smile:

1 Like

Guys, perhaps I missed an obvious solution, but: how to you manage licence keys for, say WPML or ACFPro when using wp-premium github for syncing plugins directly via composer to mu-plugins? thanks!