當我嘗試更新單個包時,Composer的行爲讓我感到困惑。儘管「無法安裝或更新」,composer.lock發生了變化
每the docs和堆棧溢出的答案就像this one,我應該能夠像
composer update somevendor/somepackage
我的期望的命令來更新一個包,當我做到這一點的是,我vendor
文件夾和composer.lock
應保持未修改除了somevendor/somepackage
及其依賴。然而,這種情況並非如此。相反,我看到一些與我正在更新的composer.lock
更改無關的軟件包的哈希值。事實上,即使我嘗試通過糖化鍵盤更新不存在的包:
composer update adsfiodfsa/dsafiodsafio
...那麼即使作曲家告訴我,沒有什麼更新:
$ composer update adsfiodfsa/dsafiodsafio
Package "adsfiodfsa/dsafiodsafio" listed for update is not installed. Ignoring.
Loading composer repositories with package information
Updating dependencies (including require-dev)
Nothing to install or update
Writing lock file
Generating autoload files
Generating optimized class loader
...我仍然看到composer.lock
已經改變!更奇怪的是,/vendor
文件夾(我加入到我的Git回購爲測試目的)還沒有被修改,即使鎖定文件似乎聲稱我現在有一些包的不同版本:
$ git status
On branch master
Your branch is up-to-date with 'origin/master'.
Changes not staged for commit:
(use "git add ..." to update what will be committed)
(use "git checkout -- ..." to discard changes in working directory)
modified: composer.lock
no changes added to commit (use "git add" and/or "git commit -a")
這是想要的行爲,還是一個錯誤?如果這是正確的,有人可以解釋爲什麼我的composer.lock
文件正在更改,儘管沒有更新?如果有幫助,在更新後運行在我composer.lock
一個git diff
(其中不修改供應商文件夾)產生以下差異,這似乎明確要求,有些軟件包已經改變:
diff --git a/composer.lock b/composer.lock
index e2f65b9..e6c9a95 100644
--- a/composer.lock
+++ b/composer.lock
@@ -1,7 +1,7 @@
{
"_readme": [
"This file locks the dependencies of your project to a known state",
- "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
+ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
"hash": "3d8098978270f73f9829e9d1138edef9",
@@ -583,7 +583,7 @@
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/doctrine/dbal/zipball/9e7954694971a5fab6ebabb38f9ffeec49d0d2ad",
+ "url": "https://api.github.com/repos/doctrine/dbal/zipball/a0a43c0eb15ed66e71f8160b6bb25f4071ed22ca",
"reference": "9e7954694971a5fab6ebabb38f9ffeec49d0d2ad",
"shasum": ""
},
@@ -879,7 +879,7 @@
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/firebase/firebase-token-generator-php/zipball/61691f56372d32515350dd5522c78be64a0e8d60",
+ "url": "https://api.github.com/repos/firebase/firebase-token-generator-php/zipball/1044f9f5ec8b270dc6c073c7bf2fe67081dbfbb2",
"reference": "61691f56372d32515350dd5522c78be64a0e8d60",
"shasum": ""
},
@@ -1076,7 +1076,7 @@
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/guzzle/RingPHP/zipball/dbbb91d7f6c191e5e405e900e3102ac7f261bc0b",
+ "url": "https://api.github.com/repos/guzzle/RingPHP/zipball/9465032ac5d6beaa55f10923403e6e1c36018d9c",
"reference": "dbbb91d7f6c191e5e405e900e3102ac7f261bc0b",
"shasum": ""
},
@@ -1425,7 +1425,7 @@
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/Seldaek/monolog/zipball/bf2bff61743f20a13dc46ff1e3bbd0f19c997d2b",
+ "url": "https://api.github.com/repos/Seldaek/monolog/zipball/77aef55318035d37dbd4e87ea0c37a191f3e766e",
"reference": "bf2bff61743f20a13dc46ff1e3bbd0f19c997d2b",
"shasum": ""
},
@@ -2027,7 +2027,7 @@
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/php-fig/log/zipball/bf2c13de4300e227d7b2fd08027673a79c519987",
+ "url": "https://api.github.com/repos/php-fig/log/zipball/9e45edca52cc9c954680072c93e621f8b71fab26",
"reference": "bf2c13de4300e227d7b2fd08027673a79c519987",
"shasum": ""
},
@@ -2211,7 +2211,7 @@
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/swiftmailer/swiftmailer/zipball/ac8b475454c120bfb31f5bef475233dd4fb6b626",
+ "url": "https://api.github.com/repos/swiftmailer/swiftmailer/zipball/21b7eb31c51d98e9da0543527a0242875f3d92b9",
"reference": "ac8b475454c120bfb31f5bef475233dd4fb6b626",
"shasum": ""
},
@@ -2744,7 +2744,7 @@
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/symfony/HttpKernel/zipball/7b1632cf2bdbc69c59a44942b70d5aae91034304",
+ "url": "https://api.github.com/repos/symfony/HttpKernel/zipball/31652385d94eafc2103a98435d6d5bd7eea61736",
"reference": "7b1632cf2bdbc69c59a44942b70d5aae91034304",
"shasum": ""
},
@@ -3405,7 +3405,7 @@
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/phpspec/phpspec/zipball/73d0335bf8473be8bcfab5a9d66adce8d0db3857",
+ "url": "https://api.github.com/repos/phpspec/phpspec/zipball/147ff359413be67781d1dd1f3be5d7a4d4af769a",
"reference": "73d0335bf8473be8bcfab5a9d66adce8d0db3857",
"shasum": ""
},
@@ -3483,7 +3483,7 @@
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/phpspec/prophecy/zipball/3132b1f44c7bf2ec4c7eb2d3cb78fdeca760d373",
+ "url": "https://api.github.com/repos/phpspec/prophecy/zipball/5a355f91730c845301a9e28f91c8a5053353c496",
"reference": "3132b1f44c7bf2ec4c7eb2d3cb78fdeca760d373",
"shasum": ""
},
@@ -3543,7 +3543,7 @@
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/9ef4b8cbf3e839a44a9b375d8c59e109ac7aa020",
+ "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/688b6a58acb19c1899dc887b1efb6403dc6dc0bd",
"reference": "9ef4b8cbf3e839a44a9b375d8c59e109ac7aa020",
"shasum": ""
},
@@ -3861,7 +3861,7 @@
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/sebastianbergmann/phpunit-mock-objects/zipball/74ffb87f527f24616f72460e54b595f508dccb5c",
+ "url": "https://api.github.com/repos/sebastianbergmann/phpunit-mock-objects/zipball/5034a3d9f2057a7b7d6ad03a984509dadfdda3cc",
"reference": "74ffb87f527f24616f72460e54b595f508dccb5c",
"shasum": ""
},
https://github.com/composer/composer/issues/1458#issuecomment-18857768似乎很可能與我的問題有關 - 它同樣顯示了dist的'reference'和'url'不同步,沒有顯而易見的原因 - 但我承認,作爲一個只具備作曲家基本知識的人,你的答案很多 - 比如「安裝程序級別」和「vcs驅動程序級別」之間的區別 - 超出了我的頭腦。 –
我會在一些內容中添加更多詳細信息。簡短的回答是URL並不重要。當它基於參考和提供包的類進行實際安裝時,它會被重建。雖然這是令人困惑和誤導。 –
是否有最佳做法或解決方法來處理這種版本控制的變化?我寧願不爲除我正在更新/安裝的軟件包之外的軟件包提交url更新,但是我找不到一種方法讓composer不會將這些更改複製到composer.lock,如果任何vcs軟件包有新的上游版本。 – tubes