I want to get list of outdated packages that will be updated when I issue composer update. Does composer have such functionality? if no is there a way to do that (with or without composer?)
Update:
Since Composer v1.1 (May 2016) the following commands are available:
composer outdated shows you the list of outdated packages
composer show -l returns the complete list of packages. packages in need of update are colored red. the (still) up-2-date ones are colored green.
both commands accept the parameter --direct to show only direct dependencies in the listing
Referencing:
https://github.com/composer/composer/issues/3771
Composer Plugins
There are some Composer Plugins showing the list of outdated packages:
composer-versions-check - https://github.com/Soullivaneuh/composer-versions-check
The Composer Plugin called "composer-versions-check" shows outdated packages from last major versions after using the update command. (Latest is ..)
This plugin runs "update" first, then shows possible "upgrade" indications.
A Composer dry-run isn't supported, yet.
vinkla/climb - https://github.com/vinkla/climb
Climb is a "Composer version manager tool" inspired by npm-check-updates.
It shows the outdates package version and indicates "upgrades" to latest versions.
Since version 1.1 of Composer there is the composer outdated command. With composer outdated --direct only your direct dependencies are taken into account.
To complete #jens-a-koch response, get any dependency update:
composer outdated
or get only direct dependencies from your composer.json:
composer outdated -D
https://getcomposer.org/doc/03-cli.md#outdated
outdated
The outdated command shows a list of installed packages that have
updates available, including their current and latest versions. This
is basically an alias for composer show -lo.
The color coding is as such:
green (=): Dependency is in the latest version and is up to date.
yellow (~): Dependency has a new version available that includes backwards compatibility breaks according to semver, so upgrade when you can but it may involve work.
red (!): Dependency has a new version that is semver-compatible and you should upgrade it.
Options
--all (-a): Show all packages, not just outdated (alias for composer show -l).
--direct (-D): Restricts the list of packages to your direct dependencies.
--strict: Returns non-zero exit code if any package is outdated.
--minor-only (-m): Only shows packages that have minor SemVer-compatible updates.
--format (-f): Lets you pick between text (default) or json output format.
Related
I tried to install this package: https://github.com/reactphp/filesystem
from composer 2.0.13 using this command:
composer require react/filesystem:^0.1.2
Which is the latest current version of this GitHub package.
But for some reason the files content that I'm getting is far different than the one on GitHub , It lacks lots of functions.
It makes me wondered if any of my other composer packages are truely updated..
As for right now I clone it manualy but what makes composer clone a diffrent files?
I tired clearing cache, re-Install, ignore platform requirements and update both composer and packages.
You required a stable version of this package, and got the v0.1.2. Composer package versions usually correspond to Git tags. If you look at the repository tags, you can see that v0.1.2 is commit 766cdef from 27 Oct 2018.
On the repository front page you see the code in its latest version (last commit of main branch), which actually is fc89dc2 committed on 8 May 2020.
The missing code you are talking about probably isn't released yet and may be unstable.
If you still want to install the latest version (there are good reasons for that), change the minimum-stability of your composer.json to dev and require the dev-master version of the package.
I need to install only 1 package for my SF2 distribution (DoctrineFixtures).
When I run
php composer.phar update
I get
- Updating twig/twig (dev-master 39d94fa => v1.13.0)
The package has modified files:
M CHANGELOG
M doc/filters/batch.test
M doc/filters/index.rst
M doc/filters/url_encode.rst
M doc/functions/index.rst
M doc/tags/index.rst
M doc/tests/index.rst
M lib/Twig/Autoloader.php
M lib/Twig/Compiler.php
M lib/Twig/CompilerInterface.php
-10 more files modified, choose "v" to view the full list
It appears the last developer edited a lot of files inside vendor.
In order to get around this, I tried
php composer.phar update <package_name>
But that doesn't seem to work. How can I update/install only one library from composer.json?
To install doctrine/doctrine-fixtures-bundle with version 2.1.* and minimum stability #dev use this:
composer require doctrine/doctrine-fixtures-bundle:2.1.*#dev
then to update only this single package:
composer update doctrine/doctrine-fixtures-bundle
If you just want to update a few packages and not all, you can list them as such:
php composer.phar update vendor/package:2.* vendor/package2:dev-master
You can also use wildcards to update a bunch of packages at once:
php composer.phar update vendor/*
As commented by #ZeroThe2nd ZSH users may need to wrap their vendor/* in quotation marks:
php composer.phar update "vendor/*"
--prefer-source: Install packages from source when available.
--prefer-dist: Install packages from dist when available.
--ignore-platform-reqs: ignore php, hhvm, lib-* and ext-* requirements and force the installation even if the local machine does not fulfill these. See also the platform config option.
--dry-run: Simulate the command without actually doing anything.
--dev: Install packages listed in require-dev (this is the default behavior).
--no-dev: Skip installing packages listed in require-dev. The autoloader generation skips the autoload-dev rules.
--no-autoloader: Skips autoloader generation.
--no-scripts: Skips execution of scripts defined in composer.json.
--no-plugins: Disables plugins.
--no-progress: Removes the progress display that can mess with some terminals or scripts which don't handle backspace characters.
--optimize-autoloader (-o): Convert PSR-0/4 autoloading to classmap to get a faster autoloader. This is recommended especially for production, but can take a bit of time to run so it is currently not done by default.
--lock: Only updates the lock file hash to suppress warning about the lock file being out of date.
--with-dependencies: Add also all dependencies of whitelisted packages to the whitelist.
--prefer-stable: Prefer stable versions of dependencies.
--prefer-lowest: Prefer lowest versions of dependencies. Useful for testing minimal versions of requirements, generally used with --prefer-stable.
Difference between install, update and require
Assume the following scenario:
composer.json
"parsecsv/php-parsecsv": "0.*"
composer.lock file
"name": "parsecsv/php-parsecsv",
"version": "0.1.4",
Latest release is 1.1.0. The latest 0.* release is 0.3.2
install: composer install parsecsv/php-parsecsv
This will install version 0.1.4 as specified in the lock file
update: composer update parsecsv/php-parsecsv
This will update the package to 0.3.2. The highest version with respect to your composer.json. The entry in composer.lock will be updated.
require: composer require parsecsv/php-parsecsv
This will update or install the newest version 1.1.0. Your composer.lock file and composer.json file will be updated as well.
You can use the following command to update any module with its dependencies
composer update vendor-name/module-name --with-dependencies
You can basically do following one to install new package as well.
php composer.phar require
then terminal will ask you to enter the name of the package for searching.
$ Search for a package []: //Your package name here
Then terminal will ask the version of the package (If you would like to have the latest version just leave it blank)
$ Enter the version constraint to require (or leave blank to use the latest version) []: //your version number here
Then you just press the return key. Terminal will ask for another package, if you dont want to install another one just press the return key and you will be done.
Just use
composer require {package/packagename}
like
composer require phpmailer/phpmailer
if the package is not in the vendor folder.. composer installs it and if the package exists, composer update package to the latest version.
Update:
require install or update the latest package version. if you want update one package just use update.
To ensure that composer update one package already installed to the last version within the version constraints you've set in composer.json remove the package from vendor and then execute :
php composer.phar update vendor/package
Because you wanted to install specific package
"I need to install only 1 package for my SF2 distribution (DoctrineFixtures)."
php composer.phar require package/package-name:package-version
would be enough
Well, after running command composer outdated I can see there's newer version of phpdocumentor/type-resolver available. Installed version is 0.2.1 and the latest one is 0.3.0. Need to say that it was indirectly installed by component I use and not by me.
Problem is when I run composer update or composer update phpdocumentor/type-resolver it says "Nothing to install or update". Why and how to fix?
probably some dependency have fixed the package release you want to install. Try so the the output of the command to check who are using and at which version the package you listed:
composer why-not phpdocumentor/type-resolver 0.3.0
NB: in the current version of the documentation of composer the command is named prohibits, so in case this doesn't work try with:
composer prohibits phpdocumentor/type-resolver 0.3.0
Hope this help
You might have version constraints blocking the upgrade in your composer.json file. This is intended to prevent adding in breaking changes. In your example, the versions are pre-release (0.*), so versioning constraints even act on the miner version.
If you are confident there are no breaking changes or you are prepared to deal with them, edit your composer.json file. Change something like:
"phpdocumentor/type-resolver": "0.2.1",
to
"phpdocumentor/type-resolver": "^0.3",
Try composer upgrade again and test it out to make sure everything is ok.
Does anyone know if Wordpress Roots Bedrock Composer updates the Wordpress version? I have tried composer update but it doesn't update the Wordpress version. Any help will be highly appreciated.
Thanks,
Danish.
Wordpress is treated as a required dependency by composer, so yes. It is updated when you run composer update.
You can check if your composer packages are outdated with: composer outdated (or composer show -l). Each package will be listed showing the desired version (the version number specified in composer.json) and the current released version.
Running composer update, (or composer.phar update) will update each package to your specified version. If you want to update the package to the latest version, but you're unaware of the current version number. You can remove the package, and then add it back in. Composer will add the package to your required dependency list with the latest version.
I want to get list of outdated packages that will be updated when I issue composer update. Does composer have such functionality? if no is there a way to do that (with or without composer?)
Update:
Since Composer v1.1 (May 2016) the following commands are available:
composer outdated shows you the list of outdated packages
composer show -l returns the complete list of packages. packages in need of update are colored red. the (still) up-2-date ones are colored green.
both commands accept the parameter --direct to show only direct dependencies in the listing
Referencing:
https://github.com/composer/composer/issues/3771
Composer Plugins
There are some Composer Plugins showing the list of outdated packages:
composer-versions-check - https://github.com/Soullivaneuh/composer-versions-check
The Composer Plugin called "composer-versions-check" shows outdated packages from last major versions after using the update command. (Latest is ..)
This plugin runs "update" first, then shows possible "upgrade" indications.
A Composer dry-run isn't supported, yet.
vinkla/climb - https://github.com/vinkla/climb
Climb is a "Composer version manager tool" inspired by npm-check-updates.
It shows the outdates package version and indicates "upgrades" to latest versions.
Since version 1.1 of Composer there is the composer outdated command. With composer outdated --direct only your direct dependencies are taken into account.
To complete #jens-a-koch response, get any dependency update:
composer outdated
or get only direct dependencies from your composer.json:
composer outdated -D
https://getcomposer.org/doc/03-cli.md#outdated
outdated
The outdated command shows a list of installed packages that have
updates available, including their current and latest versions. This
is basically an alias for composer show -lo.
The color coding is as such:
green (=): Dependency is in the latest version and is up to date.
yellow (~): Dependency has a new version available that includes backwards compatibility breaks according to semver, so upgrade when you can but it may involve work.
red (!): Dependency has a new version that is semver-compatible and you should upgrade it.
Options
--all (-a): Show all packages, not just outdated (alias for composer show -l).
--direct (-D): Restricts the list of packages to your direct dependencies.
--strict: Returns non-zero exit code if any package is outdated.
--minor-only (-m): Only shows packages that have minor SemVer-compatible updates.
--format (-f): Lets you pick between text (default) or json output format.