A few composer tips
I recently learned about a couple of features of composer that I thought I’d write down here so that I don’t forget them! I also had to deal with a conflict in composer.lock recently, so I’ve noted down how I solved that too.
List installed versions
To list the current versions of all installed dependencies:
composer show -i
The output looks something like:
container-interop/container-interop 1.1.0 Promoting the interoperability of container objects... monolog/monolog 1.17.2 Sends your logs to files, sockets, inboxes, ... nikic/fast-route v0.6.0 Fast request router for PHP pimple/pimple v3.0.2 Pimple, a simple Dependency Injection Container psr/http-message 1.0 Common interface for HTTP messages psr/log 1.0.0 Common interface for logging libraries slim/php-view 2.0.6 Render PHP view scripts into a PSR-7 Response... slim/slim 3.1.0 Slim is a PHP micro framework that helps you...
Very useful for working out exactly what’s installed.
Set PHP version
To set the version of PHP that composer will use to resolve dependencies, add this to your composer.json file:
"config": { "platform": { "php": "5.6.19" } },
You can now run composer update on a PHP 7 installation and it will create a composer.lock file suitable for a server running PHP 5.6.19.
Resolving a conflict in composer.lock
When you merge a feature branch into develop and get a conflict in composer.lock, I’ve found these strategies work best for me:
Just the hash
If the only conflict is in the "hash" and "content-hash" lines, then pick either choice and then run:
composer update --lock
Any other conflict
For any other conflict where you want to keep the current set of versions on develop:
- Retrieve the correct lock file for develop: git merge --ours
- Add in each new dependency in the merged composer.json that’s not in the original develop’s composer.json using
composer require {vendor/package}
The end result is a composer.lock file with the original information from develop along with the new packages from the feature branch.