when I initialize a new project with composer I have this error in the terminal:
No lock file found. Updating dependencies instead of installing from lock file. Use composer update over composer install if you do not have a lock file.
Can someone explain to me?
composer update and composer install are similar in that they both download your dependencies, but are different in an important way.
The update command will retrieve the latest versions of all of your dependencies that meet your version constraints in your composer.json file. Next, it has to discover the exact versions to install of your dependencies, your dependencies’ dependencies, their dependencies, and so on all the way to the bottom. If it can’t find a set of versions that satisfy all constraints, the command exits with an error explaining what it can’t resolve and why. If all dependencies can be resolved, they will be downloaded into the vendor directory. Finally, a composer.lock file will be generated that has the exact versions and commits that were installed.
If a lock file is present and you run composer install, composer doesn’t have to do the dependency resolution because they’ve already been resolved. It downloads the exact version of each package from the lock file.
The message you received is telling you that your dependencies haven’t been resolved yet (by the update command), but running install will act like an update if there is no composer.lock file.
