Composer installation with composer only.
I recently installed the PHP application specified in the composer.lock file.
When running the composer install, the command line tool still prompts for composer .json .... I don't have one.
The composer documentation says that the install command first looks for composer .lock and then for composer.json.
Why is composer still asking for a file that doesn't need to install my dependencies?
composer installs> returns: Composer could not find composer.json file
source to share
You must have one composer.json
to install the dependencies because this is the file that lists the dependencies. Please refer to the documentation .
composer.lock
contains the listed dependencies that are already installed. The composer looks at it first to maintain compatible versions.
According to the documentation [ https://getcomposer.org/doc/01-basic-usage.md#installing-with-composer-lock] :
run the install when the composer.lock file is present resolves and installs all dependencies that you listed in the composer.json file, but Composer uses the exact versions listed in the composer.lock file to ensure that package versions are compatible for everyone else running on your computer. project.
If you lost yours composer.json
, you can cancel developing yours composer.lock
. Open it and read all installed packages, then build composer.json
that requires them. Not every package will be directly dependent on your problem: you must identify and remove those that are not.
source to share
You still need a composer.json file to install or update any dependencies. The presence of the composer.lock file means that composer will not look for the latest commits of dependencies
A few weeks ago on Twitter, I noticed that the OpenCFP project does not have a composer.lock file in its repository. "So - you could say - just install the composer and go. You get the same dependencies, right?" Wrong.
The point of the lock file is to record the exact versions that are installed so that they can be re-installed. This means that if you have a 1. * spec and your co-worker runs an update for composer that installs 1.2.4 and then writes the composer.lock file when you install composer, you will also get 1.2.4 even if version 1.3.0 has been released. This ensures that everyone working on the project has the same exact version.
source to share