We are keeping the composer.json/composer.lock in our repository and using composer to update the dependencies. We have a githook for post-checkout to do a composer update. If there is a new version of one of our dependencies or dependencies dependencies it will download the update and change the composer.lock
The problem is that I don't want this because I'll have two developers committing the lock files and there will be needless conflicts.
What I would like is to have the composer update be a manual process, commit the composer.lock with the specific versions, and have composer update only based on what has changed in the composer.lock. But I don't see how to do that (and maybe I'm misunderstanding - and it doesn't work that way..)
Is there a way to do this, or another way to solve this problem?
Change your hook to composer install
, which will read from the lock file on checkout. Then also add a post-merge
hook to do the same, such that if one person commits changes to composer.lock
the merged version will automatically install and/or update as necessary.
General rule is that install
uses .lock
if it exists, update
always just uses .json
.
I found a way to (almost) do this. https://gist.github.com/yehosef/8ffbab1f2dbbef22b757
#!/bin/bash
OLD=`md5 -q composer.lock.old`
NEW=`md5 -q composer.lock`
if [ "$NEW" != "$OLD" ]
then
php composer.phar update
fi
cat composer.lock > composer.lock.old
I run this in the post-checkout git hook. I commit the composer.lock and .gitignore the composer.lock.old. When I want to do an update, I do it manually with composer update and then commit the composer.lock.
The problem is that this is not directly matching the versions to the what's in the composer.lock - just keeping me from doing composer updates all the time.
Still would be better to force composer to only load the specific versions in composer.lock.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.