Compare Private Packagist with Satis
Thinking about setting up a basic Satis installation? The following list can help you decide if you should try out Private Packagist instead.
Get in touch with us: send an e-mail to contact@packagist.com or chat with us.
Private Packagist |
Satis |
|
---|---|---|
Reliability |
Highly available setup, Private Packagist uses redundant servers and runs in multiple geographical regions. |
Satis is self-hosted, so reliability is up to you. Running multiple servers in multiple locations just to host your Satis may get quite expensive. |
Permissions |
Supports user accounts, teams and access control on a per-package basis. Users and permissions can be synchronized with GitHub, Bitbucket or GitLab. |
No concept of authentication and you will need to build and maintain your own authentication mechanism. |
Mirroring |
Automatically mirror packages when you require them. |
Manually add every package you want to mirror to its config file. |
Package Updates |
Supports webhooks to update package information and find new versions immediately when you push code. |
Run a command to re-generate all JSON metadata which takes a long time with many packages, and is usually run as a cron command only a few times per hour. |
Security Monitoring |
Monitors your project dependencies for vulnerabilities and alerts you via email, Slack, Microsoft Teams, or a custom webhook. |
Not supported, you would need to build your own tool to monitor security vulnerabilities and send alerts. |
Update Review |
Receive a human-readable comment summarizing composer.lock changes when updating your dependencies in a pull request. |
Not supported, you would need to build your own tool which creates comments on your pull requests. |
Maintenance |
|
|
Third Party Integrations |
Integrates with Github, Bitbucket and Gitlab to automatically find packages and to configure webhooks. Automatic synchronization for user accounts to match your VCS. |
You need to manually copy and paste URL around. |
Separate Composer repository with separate authentication tokens for each client project. |
Not supported, you would need to build your own tool to manage many Satis installations and authentication. |
|
Separate Composer repository URL and unique token for each customer who you want to sell packages to. |
Not supported, you would need to build your own tool to manage many Satis installations and authentication. |
Please note that the above comparison assumes you will use Satis without additional code changes. You can build features available in Private Packagist yourself on top of Satis and you can build the infrastructure to support high availability, but the time and cost to do so will be significant. Using Private Packagist is usually the more cost effective solution for you and your team. Moreover by using Private Packagist, you'll help fund the Composer open-source project and the public Packagist.org package repository.
You can easily import your Satis configuration file into Private Packagist. Do you have any questions or are you missing anything?
Contact us at contact@packagist.com or chat with us.