I'm using the ZF2 skeleton app and it has a .gitignore that prevents external libraries from being commited to git. While debugging I like to go and change stuff here and there in the libraries' source to learn how things work. If these were version controlled it would be very easy to revert them back to their original state.
How can I force Composer to reinstall a particular framework so that I can get a fresh -unmodified- copy again?
PS: Please don't suggest removing the .gitignore file since it's there for a reason; it prevents my third party libraries from getting into my app's repository. I can always install them during an automated deployment.
The same applies to Laravel framework: it also gitignores the vendor folder.
First execute composer clearcache
Then clear your vendors folder
rm -rf vendor/*
or better yet just remove the specific module which makes problems to avoid having to download all over again.
You can use the --prefer-source flag for composer to checkout external packages with the VCS information (if any available). You can simply revert to the original state. Also if you issue the composer update command composer will detect any changes you made locally and ask if you want to discard them.
Your .gitignore file is related to your root project (ZF2 skeleton) and it prevents the vendor dir (where your third party libs are) from committing to your own VCS. The ignore file is unrelated to the git repo's of your vendors.
I didn't want to delete all the packages in vendor/ directory, so here is how I did it:
rm -rf vendor/package-i-messed-up
composer install again
What I did:
Deleted that particular library's folder
composer update --prefer-source vendor/library-name
It fetches the library again along with it's git repo
The relevant feature request is https://github.com/composer/composer/issues/3112
In 2021-05 the "reinstall" command patch got merged: https://github.com/composer/composer/pull/9915 - it is available in composer version 2.1.0 and all later ones.
The reinstall command is merged and availabe since 2.1.0:
composer reinstall <package-name> # Removes and installs the package.
Short answer
you can execute it in one cli command with &&:
composer remove vendor/package && composer require vendor/package:version
Detailed answer
Remove existing package by command:
composer remove vendor/package
this will remove folder of package from /vendor, row from composer.json and whole record of package from composer.lock right way with removing not used dependencies and not removing dependencies which used by another packages
Then install preferred one with command:
composer require vendor/package:version
this will install package with desired version right way with adding row to composer.json, adding record to composer.lock and all needed dependent packages
if there would be package which is used in more that one package, Composer
will try to install version which fits all using packages. If it will not resolve this it will crash with corresponding error message
Links
How to install a specific version of package using Composer?
How to remove a package from Laravel using composer?
Install, Uninstall and Update Modules Themes etc with Composer: https://modulesunraveled.com/drupal-8-composer-and-configuration-management/installing-and-uninstalling-modules-composer
Reinstall the dependencies. Remove the vendor folder (manually) or via rm command (if you are in the project folder, sure) on Linux before:
rm -rf vendor/
composer update -v
https://www.dev-metal.com/composer-problems-try-full-reset/
As user #aaracrr pointed out in a comment on another answer probably the best answer is to re-require the package with the same version constraint.
ie.
composer require vendor/package
or specifying a version constraint
composer require vendor/package:^1.0.0
For some reason no one suggested the obvious and the most straight forward way to force re-install:
> composer remove vendor-name/package-name && composer vendor-name/package-name
Be aware that this exact command will install latest version of the package. If you was using old version of the package and package does not have backward compatibility this will brake version compatibility. You might consider backing up your composer.json first.
Since Composer 2.1 you can do
composer reinstall vendor/package
see https://getcomposer.org/doc/03-cli.md#reinstall
In 2022
You can use composer status to list the libraries you changed.
Then composer resinstall vendor/package to overwrite the changes.
This does not change the version of the installed library like the solutions with composer require or composer install.
Related
I need to install only 1 package for my SF2 distribution (DoctrineFixtures).
When I run
php composer.phar update
I get
- Updating twig/twig (dev-master 39d94fa => v1.13.0)
The package has modified files:
M CHANGELOG
M doc/filters/batch.test
M doc/filters/index.rst
M doc/filters/url_encode.rst
M doc/functions/index.rst
M doc/tags/index.rst
M doc/tests/index.rst
M lib/Twig/Autoloader.php
M lib/Twig/Compiler.php
M lib/Twig/CompilerInterface.php
-10 more files modified, choose "v" to view the full list
It appears the last developer edited a lot of files inside vendor.
In order to get around this, I tried
php composer.phar update <package_name>
But that doesn't seem to work. How can I update/install only one library from composer.json?
To install doctrine/doctrine-fixtures-bundle with version 2.1.* and minimum stability #dev use this:
composer require doctrine/doctrine-fixtures-bundle:2.1.*#dev
then to update only this single package:
composer update doctrine/doctrine-fixtures-bundle
If you just want to update a few packages and not all, you can list them as such:
php composer.phar update vendor/package:2.* vendor/package2:dev-master
You can also use wildcards to update a bunch of packages at once:
php composer.phar update vendor/*
As commented by #ZeroThe2nd ZSH users may need to wrap their vendor/* in quotation marks:
php composer.phar update "vendor/*"
--prefer-source: Install packages from source when available.
--prefer-dist: Install packages from dist when available.
--ignore-platform-reqs: ignore php, hhvm, lib-* and ext-* requirements and force the installation even if the local machine does not fulfill these. See also the platform config option.
--dry-run: Simulate the command without actually doing anything.
--dev: Install packages listed in require-dev (this is the default behavior).
--no-dev: Skip installing packages listed in require-dev. The autoloader generation skips the autoload-dev rules.
--no-autoloader: Skips autoloader generation.
--no-scripts: Skips execution of scripts defined in composer.json.
--no-plugins: Disables plugins.
--no-progress: Removes the progress display that can mess with some terminals or scripts which don't handle backspace characters.
--optimize-autoloader (-o): Convert PSR-0/4 autoloading to classmap to get a faster autoloader. This is recommended especially for production, but can take a bit of time to run so it is currently not done by default.
--lock: Only updates the lock file hash to suppress warning about the lock file being out of date.
--with-dependencies: Add also all dependencies of whitelisted packages to the whitelist.
--prefer-stable: Prefer stable versions of dependencies.
--prefer-lowest: Prefer lowest versions of dependencies. Useful for testing minimal versions of requirements, generally used with --prefer-stable.
Difference between install, update and require
Assume the following scenario:
composer.json
"parsecsv/php-parsecsv": "0.*"
composer.lock file
"name": "parsecsv/php-parsecsv",
"version": "0.1.4",
Latest release is 1.1.0. The latest 0.* release is 0.3.2
install: composer install parsecsv/php-parsecsv
This will install version 0.1.4 as specified in the lock file
update: composer update parsecsv/php-parsecsv
This will update the package to 0.3.2. The highest version with respect to your composer.json. The entry in composer.lock will be updated.
require: composer require parsecsv/php-parsecsv
This will update or install the newest version 1.1.0. Your composer.lock file and composer.json file will be updated as well.
You can use the following command to update any module with its dependencies
composer update vendor-name/module-name --with-dependencies
You can basically do following one to install new package as well.
php composer.phar require
then terminal will ask you to enter the name of the package for searching.
$ Search for a package []: //Your package name here
Then terminal will ask the version of the package (If you would like to have the latest version just leave it blank)
$ Enter the version constraint to require (or leave blank to use the latest version) []: //your version number here
Then you just press the return key. Terminal will ask for another package, if you dont want to install another one just press the return key and you will be done.
Just use
composer require {package/packagename}
like
composer require phpmailer/phpmailer
if the package is not in the vendor folder.. composer installs it and if the package exists, composer update package to the latest version.
Update:
require install or update the latest package version. if you want update one package just use update.
To ensure that composer update one package already installed to the last version within the version constraints you've set in composer.json remove the package from vendor and then execute :
php composer.phar update vendor/package
Because you wanted to install specific package
"I need to install only 1 package for my SF2 distribution (DoctrineFixtures)."
php composer.phar require package/package-name:package-version
would be enough
I got a website which I need to maintain and after looking at the files and code, I thought there are some missing files in project/vendor folder.
After talking to the current maintainer, he told me I need to use composer in order to see those files. I have installed composer but I don't know how to "fill" the folder with the files.
From reading online I understood I need to extract and install dependencies using the composer.json file but even after searching the web for more then an hour I didn't find how to do it.
Go to the root of you project and run
composer install
after that composer will download all package that are in the composer.json file in the require and require-dev section
First, install the composer, take a look here composer, after this try to run composer install, in some cases I do update with composer update too.
Remember to run the command composer install on the same path where composer.json
Apparently I had to install php7.0-curl using the sudo apt-get install php7.0-curl.
After that I just used composer install again and it's good now
I freshly installed a PHP application given with a composer.lock file.
When running composer install, command line tool is still asking for a composer.json.... I don't have.
In composer documentation, it's said that install command first look for a composer.lock and then for a composer.json.
Why composer is still asking for a file it doesn't need to install my dependencies ?
composer install > returns :
Composer could not find a composer.json file
You still need the composer.json file to install or update any dependencies.
Having a composer.lock file means that composer will not search for the latest commits of the dependencies
A few weeks ago on Twitter, I noticed that the OpenCFP project doesn’t have a composer.lock file in it’s repository. “So what,” you might say, “just composer install and away you go. You’ll get the same dependencies, right?”
Wrong.
The point of the lock file is to record the exact versions that are installed so they can be re-installed. This means that if you have a version spec of 1.* and your co-worker runs composer update which installs 1.2.4, and then commits the composer.lock file, when you composer install, you will also get 1.2.4, even if 1.3.0 has been released. This ensures everybody working on the project has the same exact version.
Source: Composer: It's all about Lock File
You must have a composer.json to install dependencies, because it's the file where dependencies theirself are listed. Refer to the documentation.
composer.lock lists dependencies which has already been installed. The composer looks first into it in order to keep versions consistent.
The (documentation states)[https://getcomposer.org/doc/01-basic-usage.md#installing-with-composer-lock]:
running install when a composer.lock file is present resolves and installs all dependencies that you listed in composer.json, but Composer uses the exact versions listed in composer.lock to ensure that the package versions are consistent for everyone working on your project.
If you have lost your composer.json you can reverse engineering your composer.lock. Open it and read all the packages installed, then create a composer.json which requires them. Not every single package will be a direct dependency for your problem: you should identify and remove those which are not.
When creating sites using a framework like Silverstripe I often want to use helper modules like gridfieldextensions and lumberjack.
I therefore use composer require to add the dependencies.
However when I follow my regular development work flow and use git add -A to add the module to the repo rather than the code being added to the repo I get a reference to it.
This causes problems when I then try to clone the site elsewhere (using Jenkins or another developer). The git clone or git pull leaves an empty directory.
I solve this by deleting the .git dir of the module and adding all the files.
Is there a better way to do this? Is using git submodule an option?
Somewhere i found a good .gitignore file that ignores everything and i have to tell it to include the custom modules for my project. It's like:
# ignore everything...
/*
# ...but
!/.htaccess
!/.gitignore
!/composer.json
!/composer.lock
!/Capfile
!/Gemfile
!/favicon.ico
!/touch-icon-*
!/mysite
!/some-module
#...other modules
# theme stuff
!/themes/
**/.sass-cache
**/node_modules
!**/node_modules/_manifest_exclude
#no assets in general, but /assets/.htaccess
!/assets
/assets/*
!assets/.htaccess
As FinBoWa already said you need the composer.json and composer.lock file in your project and running
composer install
on another machine it'll install the packages in the versions saved in the composer.lock file on that machine
composer install --no-dev
will only install the "normal" requirements, no dev-requirements like phpunit or other stuff you only need for developing or testing but not live
composer install --no-dev -o
will also optimize (-o) the auto loader, so it'll be a bit faster.
composer update
will update your packages, which might have funny side effects and break your site. So use it carefully and test afterwards.
composer update silverstripe/framework
will just update that package and finally
composer update silverstripe/*
will update all packages by the vendor silverstripe (e.g. framework and cms package)
See also:
gitignore documentation
composer documentation
The project is set-up via composer.phar install --prefer-source and contains quite some modules which are kept in git.
I manage all these modules and their git repositories in my IDE (PhpStorm) and so might commit some changes to some of the modules in the vendor/ folder - directly to the source git repository.
How can I make sure now, that my co-workers get my recent module version when doing a composer.phar install (composer.lock is in the repo)?
If I make a local composer.phar update it looks like the composer.lock is not updated, because I already have the latest version (as I just made the commit directly in the vendor folder)
Commit the changes in the modules repos you've updated.
Push the changes to all respective remote repos.
Tag the new changes with appropriate versions.
Run composer update vendor1/package1 vendor2/package2 (or just composer update if you don't need to be explicit).
Commit and push the updated composer.lock file.
Your co-workers need to pull the updated composer.lock file and run composer install (install latest package versions from lock file).
If you have specified versions restrictions such as "vendor/package": "3.5.*" in your composer.json and you have tagged a new version like 3.6.0 you will need to update your composer.json file accordingly before step 4..
P.S. It is very good you use such a workflow with --prefer-source. Please do not use * or dev-master version restrictions in your composer.json. I would recommend always use versions even if they are in the zero major version range (0.X.X).