如何测试composer.lock是否最新?
[英]How to test if composer.lock is up to date?
问题描述
During development (multiple people in the team) sometimes composer install returns: 
在开发过程中(团队中有多个人),有时composer install返回内容:
Warning: The lock file is not up to date with the latest changes in composer.json. 警告:锁文件不是最新的composer.json更改。 You may be getting outdated dependencies. 您可能会过时的依赖关系。 Run update to update them. 运行更新以更新它们。
Is there a way to check for this very quickly (in milliseconds, without making any changes)? 有没有一种方法可以快速检查(以毫秒为单位,而无需进行任何更改)?
I understand how composer works. 我了解作曲家的工作方式。 However when code merges in it doesn't necessarily cause merge conflicts on the composer.json or composer.lock file and it's not fun to run composer install all the time when theres almost never any changes and that command takes several minutes. 但是,当代码合并时,并不一定会在composer.json或composer.lock文件上引起合并冲突,并且在几乎没有任何更改且该命令花费几分钟的情况下,始终运行composer install并不有趣。
If I'm able to quick test if the lock fail has fallen out of sync I can build it into the bash environment to notify every command. 如果我能够快速测试锁定失败是否不同步,则可以将其构建到bash环境中以通知每个命令。 Similar to how people like their git status to be built into their bash prompt. 类似于人们喜欢将其git status内置到其bash提示中的方式。
Further more this makes sense in CI to make sure it does sneak it's way into the stable branch. 此外,这在CI中有意义,以确保它确实潜入稳定分支。
4 个解决方案
解决方案1
9 2017-06-30 16:32:40
on newer versions (I suppose 1.3+) you can run the following: 在较新的版本(我认为是1.3+)上,您可以运行以下命令:
$ composer validate --no-check-all --no-check-publish
Which might output something like this (with a catchable error exit code): 可能会输出如下内容(带有可捕获的错误退出代码):
./composer.json is valid for simple usage with composer but has
strict errors that make it unable to be published as a package:
See https://getcomposer.org/doc/04-schema.md for details on the
schema
The lock file is not up to date with the latest changes in composer.json, it is recommended that you run `composer update`.
解决方案2
8 2015-02-19 09:26:13
You can run 你可以跑
composer install --dry-run
--dry-run Outputs the operations but will not execute anything (implicitly enables --verbose).
This won't change anything but will show the warning if not up to date. 这不会改变任何内容,但是如果不是最新的,则会显示警告。 But it will still have to check the servers for new versions of your installed packages, so if you have many installed this might still take more than milli seconds. 但是仍然需要检查服务器上已安装软件包的新版本,因此,如果您已安装了许多新软件包,则可能仍需要花费毫秒以上的时间。 Anyway it's faster. 无论如何,它更快。
解决方案3
8 2015-02-25 22:29:38
For composer < 1.3.0
Yes, there is a way to check for this very quickly. 是的,有一种方法可以非常快速地进行检查。
The "out-of-date" check is based on a hash of the composer.json contents, stored in the composer.lock . “过期”检查基于composer.json内容的哈希值,该哈希值存储在composer.lock 。 There's no salt, and it's a straight-forward hash of the contents, so it's very, very easy to do. 没有盐,而且是内容的直接哈希,因此非常非常容易做到。
<?php
$lock = json_decode(file_get_contents('composer.lock'))->hash;
$json = md5(file_get_contents('composer.json'));
if ($lock !== $json) {
echo "Lock file out of date\n";
exit(1);
}
echo "Lock file up to date\n";
exit(0);
解决方案4
7 已采纳 2015-02-27 00:15:42
For composer < 1.3.0
Extending from @Domster, the solution in pure bash: 从@Domster扩展,纯bash解决方案:
COMPOSER_IN_SYNC=$(expr "`cat composer.lock | grep '"hash":' | cut -d'"' -f4`" = "`md5sum composer.json | cut -d ' ' -f 1`")
$COMPOSER_IN_SYNC will be 0 or 1 respectively. $COMPOSER_IN_SYNC将分别为0或1 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.