6

Let's say I have a composer.json file with locked dependencies:

{
  "require" : {
   "zendframework/zendframework" : "2.4.2"
  },
  "require-dev": {
    "phpunit/phpunit": "4.6.6"
  }
}

I want to do that because would like to update dependencies manually, so I won't be in a situation where my build fails or other developers experience issues I don't have because Composer installed a different version of the package.

Is there a good way to use Composer to list all newer versions of the locked packages, perhaps something like composer discover, where I get output: zendframework/zendframework is locked at version 2.4.2 (or 2.4.* or whatever), but there are versions 2.5.0, 2.5.1, and 2.6.0 available*?

Is any existing command capable of providing that kind of information?

Basically, I'm more about the newer versions being shown to me, so I can know what dependency to update manually. Committing the composer.lock isn't really the solution because that won't show me what to update (and my composer.json is locked at specific versions, so composer.lock won't differ anyway).

kenorb
  • 155,785
  • 88
  • 678
  • 743
Cezary Kluczyński
  • 171
  • 8

5 Answers5

1

In order to do what you want, commit the composer.lock file and make sure everyone runs composer install to install the deps. This way, everyone has exact the same version/commit of each package.

You can then run composer update to get newer versions. This will update the packages and the composer.lock file, which you can commit and push, so everyone has the same versions again (after they run composer install).

Wouter J
  • 41,455
  • 15
  • 107
  • 112
  • I'm more about the newer versions being shown to me, so I can know what dependency to update manually. Commiting the composer.lock isn't really the solution, because that won't show me what to update (and my composer.json is locked at specific versions, so composer.lock won't differ anyway). – Cezary Kluczyński May 16 '15 at 19:38
1

This is not exactly what you are suggesting. But you can run

composer update --dry-run

to see what happens when composer updates your dependencies. This only shows you the latest version a package could be updated to, but not the versions in between:

composer update --dry-run
Loading composer repositories with package information
Updating dependencies (including require-dev)
  - Updating symfony/translation (v2.5.5) to symfony/translation (v2.5.11)

  - Updating symfony/security-core (v2.5.5) to symfony/security-core (v2.5.11)

  - Updating symfony/routing (v2.5.5) to symfony/routing (v2.5.11)

  - Updating symfony/process (v2.5.5) to symfony/process (v2.5.11)

  - Updating symfony/http-foundation (v2.5.5) to symfony/http-foundation (v2.5.11)
Pᴇʜ
  • 56,719
  • 10
  • 49
  • 73
1

The simplest way would probably just to run:

composer outdated

and get a list of the outdated dependencies. The output looks roughly like this:

enter image description here

spekulatius
  • 1,434
  • 14
  • 24
0

As has been said by others, composer does what you tell it, and will only install the versions specified from the .lock file, or update to new versions (as specified within the range of the given version).

There are outside website services that will let you know that packages have been updated though - such as Versioneye.com. You can follow a number of packages, and it will let you know when any of them have been updated, so you can update the composer file as you wish.

Alister Bulman
  • 34,482
  • 9
  • 71
  • 110
0

To show the latest version of the packages, use show with -l/--latest parameter, e.g.

composer show -l

-l, --latest Show the latest version

To see the tree of dependencies, use -t/--tree parameter, e.g.

composer show -t

-t, --tree List the dependencies as a tree

To list all available version for the given package, run:

composer show -a zendframework/zendframework

Note: Change zendframework/zendframework with your package name.

Notes:

  • For global, add global right after composer.
  • For help, run: composer global help show.
kenorb
  • 155,785
  • 88
  • 678
  • 743