When I try to composer require something/something in my vendor folder
it starts installing a lot of stuff I didn't ask for.
Like I just did composer require ramsey/uuid, and Composer created a subfolder called vendor then started downloading a lot of libraries e.g Laravel, Symfony, and Twig (these are just the ones I know).
This first happened when I tried to require Twig. I just deleted the irrelevant libraries and kept Twig.
Does anyone have an idea to whats causing this?
If composer is downloading and installing stuff you didn't ask for, then that stuff probably was asked for by one of the following:
some require statement defined in the composer.json file
a dependency required by something you are installing. I'm not familiar with twig, but it might require laravel, symfony et. al. If you plan to use one of these frameworks, I suggest you install that first before requiring twig.
some cached thing somewhere, like the composer.lock file mentioned above
Composer creates the folder called vendor as the home for all of the libraries/packages that it fetches and installs.
You can always check, why Composer installed something, by runnung
$ composer why webmozart/assert
The command will show you, which of the root requirements depends on the package (webmozart/assert in this case).
The best way is to delete everything and start from scratch, given that you haven't really done much yet (as you say, your composer.json file is empty):
$ rm -rf vendor/
$ rm composer.json
$ rm composer.lock
Then, start composer and install the dependency again:
$ composer init
$ composer require ramsey/uuid
You should now have it all working.
My assumption is that you were running composer install based on an older composer.lock file, which will re-download the dependencies.
Related
I have a project with the composer.lock file.
I installed packages with the command:
composer install
Now I would like to rollback that composer install command to the state as it was before running it.
How to remove all packages without affecting composer.lock file?
Is there any single composer command to do that?
I tried:
composer remove *
but I got:
[UnexpectedValueException]
"LICENSE" is not a valid alias.
I tried:
composer remove */*
But then I get bunch of print like:
bin/console is not required in your composer.json and has not been removed
Package "bin/console" listed for update is not locked.
Why composer remove * did not work at all? AFAIK the package name as VendorName/PackageName is a common convention for Packagist but not a must (if you use private repos) so how one would be able to remove all packages named IdontHaveAnySlash etc. at once?
I may use someting similar to:
for package in $(composer show | awk '{print $1}'); do composer remove --no-interaction --dev --no-install "$package"; done
But that is not a simple and single composer command.
Also composer often complains about a package being a part (dependency) of another one so composer does not uninstall it.
Removal failed, doctrine/annotations is still present, it may be required by another package. See composer why doctrine/annotations.
As my intention is to rollback to the state that did not have any package installed but only files: composer.lock and potentially composer.json I really don't care about any dependencies, packages versions, downloading repositories' urls etc.
I just want to have a project without any installed dependencies as it was before.
Is there any single composer command to do that?
My:
composer --version
is:
version 2.2.7 2022-02-25 11:12:27
Following yivi answer I created a simple test to verify:
mkdir -p /tmp/composer-install
cd /tmp/composer-install
curl -o composer.json https://raw.githubusercontent.com/composer/composer/18246212db7103d0a2688febcc336f77183275ee/composer.json
curl -o composer.lock https://raw.githubusercontent.com/composer/composer/d955458f271edb4fcc055a394f90a60a8328a2a8/composer.lock
sha1sum composer.json > composer.json.sha1
sha1sum composer.lock > composer.lock.sha1
composer install
sha1sum -c composer.json.sha1
sha1sum -c composer.lock.sha1
that outputs:
composer.json: OK
composer.lock: OK
So both composer.json and composer.lock are not affected by composer install so the only one thing to achieve the rollback (uninstall) of the composer install is to remove the vendor directory
rm -rf vendor
However as yivi mentioned:
If some other plugin (e.g Symfony Flex) makes changes to your existing files during the process, you'd better have the project on top of a version control system, in which case reverting is managed by VCS, not of composer.
I did not test against that case.
rm -rf vendor
In any case, install should not make any changes to a lockfile, so there shouldn't be anything to "revert" from an install but deleting the installed files.
If the lockfile does not originally exist, then it will be created.
If some other plugin (e.g Symfony Flex) makes changes to your existing files during the process, you'd better have the project on top of a version control system, in which case reverting is managed by VCS, not of composer.
As my intention is to rollback to the state that did not have any package installed but only files: composer.lock and potentially composer.json
For you to be able to run composer install at all, you need at the very least composer.json to exist. install reads from the lockfile (composer.lock), but requires the JSON configuration file to exist as well. If the lockfile does not exist, update will be run instead and the lockfile will be created.
I tried composer remove
remove is the opposite from require. It removes packages from composer.json, as require adds them. Not the opposite of install. There is no opposite of install, as it does not make much conceptual sense. If one needs to delete the installed project... one can always do so.
I am using https://github.com/tonix-tuft/grunt-hub-automator (a repo I have created on GitHub) which lets me set up a daemon which runs the following command whenever I change my composer.json or composer.lock file:
composer self-update && composer install --no-dev && composer update --lock
This way I can move across different branches and the daemon keeps the dependencies in vendor synchronized with composer.json.
However, if after adding new dependencies on new_branch I checkout old_branch which doesn't have those dependencies defined in composer.json because I have added them only on new_branch, the daemon fires the command and removes the dependencies on the old branch to keep everything in sync.
The problem of this approach is that if at that point I checkout again new_branch before the composer command has finished its work on old_branch (it's running in the background thanks to the daemon), I end up with an unsynced vendor folder because Composer is removing the dependencies as it thinks I am still on old_branch.
Is there a way to tell Composer not to remove already installed dependencies from vendor when they are not defined in composer.json?
Basically, I would like Composer to install missing dependencies or update those which are defined in composer.json every time composer.json changes without removing eventual dependencies which were already installed in vendor but now are not defined in composer.json anymore.
Is it possible?
I hope I was clear.
Thank you for your attention.
I got a website which I need to maintain and after looking at the files and code, I thought there are some missing files in project/vendor folder.
After talking to the current maintainer, he told me I need to use composer in order to see those files. I have installed composer but I don't know how to "fill" the folder with the files.
From reading online I understood I need to extract and install dependencies using the composer.json file but even after searching the web for more then an hour I didn't find how to do it.
Go to the root of you project and run
composer install
after that composer will download all package that are in the composer.json file in the require and require-dev section
First, install the composer, take a look here composer, after this try to run composer install, in some cases I do update with composer update too.
Remember to run the command composer install on the same path where composer.json
Apparently I had to install php7.0-curl using the sudo apt-get install php7.0-curl.
After that I just used composer install again and it's good now
When creating sites using a framework like Silverstripe I often want to use helper modules like gridfieldextensions and lumberjack.
I therefore use composer require to add the dependencies.
However when I follow my regular development work flow and use git add -A to add the module to the repo rather than the code being added to the repo I get a reference to it.
This causes problems when I then try to clone the site elsewhere (using Jenkins or another developer). The git clone or git pull leaves an empty directory.
I solve this by deleting the .git dir of the module and adding all the files.
Is there a better way to do this? Is using git submodule an option?
Somewhere i found a good .gitignore file that ignores everything and i have to tell it to include the custom modules for my project. It's like:
# ignore everything...
/*
# ...but
!/.htaccess
!/.gitignore
!/composer.json
!/composer.lock
!/Capfile
!/Gemfile
!/favicon.ico
!/touch-icon-*
!/mysite
!/some-module
#...other modules
# theme stuff
!/themes/
**/.sass-cache
**/node_modules
!**/node_modules/_manifest_exclude
#no assets in general, but /assets/.htaccess
!/assets
/assets/*
!assets/.htaccess
As FinBoWa already said you need the composer.json and composer.lock file in your project and running
composer install
on another machine it'll install the packages in the versions saved in the composer.lock file on that machine
composer install --no-dev
will only install the "normal" requirements, no dev-requirements like phpunit or other stuff you only need for developing or testing but not live
composer install --no-dev -o
will also optimize (-o) the auto loader, so it'll be a bit faster.
composer update
will update your packages, which might have funny side effects and break your site. So use it carefully and test afterwards.
composer update silverstripe/framework
will just update that package and finally
composer update silverstripe/*
will update all packages by the vendor silverstripe (e.g. framework and cms package)
See also:
gitignore documentation
composer documentation
I'm using the ZF2 skeleton app and it has a .gitignore that prevents external libraries from being commited to git. While debugging I like to go and change stuff here and there in the libraries' source to learn how things work. If these were version controlled it would be very easy to revert them back to their original state.
How can I force Composer to reinstall a particular framework so that I can get a fresh -unmodified- copy again?
PS: Please don't suggest removing the .gitignore file since it's there for a reason; it prevents my third party libraries from getting into my app's repository. I can always install them during an automated deployment.
The same applies to Laravel framework: it also gitignores the vendor folder.
First execute composer clearcache
Then clear your vendors folder
rm -rf vendor/*
or better yet just remove the specific module which makes problems to avoid having to download all over again.
You can use the --prefer-source flag for composer to checkout external packages with the VCS information (if any available). You can simply revert to the original state. Also if you issue the composer update command composer will detect any changes you made locally and ask if you want to discard them.
Your .gitignore file is related to your root project (ZF2 skeleton) and it prevents the vendor dir (where your third party libs are) from committing to your own VCS. The ignore file is unrelated to the git repo's of your vendors.
I didn't want to delete all the packages in vendor/ directory, so here is how I did it:
rm -rf vendor/package-i-messed-up
composer install again
What I did:
Deleted that particular library's folder
composer update --prefer-source vendor/library-name
It fetches the library again along with it's git repo
The relevant feature request is https://github.com/composer/composer/issues/3112
In 2021-05 the "reinstall" command patch got merged: https://github.com/composer/composer/pull/9915 - it is available in composer version 2.1.0 and all later ones.
The reinstall command is merged and availabe since 2.1.0:
composer reinstall <package-name> # Removes and installs the package.
Short answer
you can execute it in one cli command with &&:
composer remove vendor/package && composer require vendor/package:version
Detailed answer
Remove existing package by command:
composer remove vendor/package
this will remove folder of package from /vendor, row from composer.json and whole record of package from composer.lock right way with removing not used dependencies and not removing dependencies which used by another packages
Then install preferred one with command:
composer require vendor/package:version
this will install package with desired version right way with adding row to composer.json, adding record to composer.lock and all needed dependent packages
if there would be package which is used in more that one package, Composer
will try to install version which fits all using packages. If it will not resolve this it will crash with corresponding error message
Links
How to install a specific version of package using Composer?
How to remove a package from Laravel using composer?
Install, Uninstall and Update Modules Themes etc with Composer: https://modulesunraveled.com/drupal-8-composer-and-configuration-management/installing-and-uninstalling-modules-composer
Reinstall the dependencies. Remove the vendor folder (manually) or via rm command (if you are in the project folder, sure) on Linux before:
rm -rf vendor/
composer update -v
https://www.dev-metal.com/composer-problems-try-full-reset/
As user #aaracrr pointed out in a comment on another answer probably the best answer is to re-require the package with the same version constraint.
ie.
composer require vendor/package
or specifying a version constraint
composer require vendor/package:^1.0.0
For some reason no one suggested the obvious and the most straight forward way to force re-install:
> composer remove vendor-name/package-name && composer vendor-name/package-name
Be aware that this exact command will install latest version of the package. If you was using old version of the package and package does not have backward compatibility this will brake version compatibility. You might consider backing up your composer.json first.
Since Composer 2.1 you can do
composer reinstall vendor/package
see https://getcomposer.org/doc/03-cli.md#reinstall
In 2022
You can use composer status to list the libraries you changed.
Then composer resinstall vendor/package to overwrite the changes.
This does not change the version of the installed library like the solutions with composer require or composer install.