锁定依赖项时发现最新版本的Composer软件包 [英] Discover latest versions of Composer packages when dependencies are locked

问题描述

比方说我有一个 composer.json 文件，该文件具有依赖项已锁定：

Let's say I have a composer.json file with locked dependencies:

{
  "require" : {
   "zendframework/zendframework" : "2.4.2"
  },
  "require-dev": {
    "phpunit/phpunit": "4.6.6"
  }
}

I想要这样做是因为要手动更新依赖项，所以我不会因为构建器安装了其他版本而无法构建失败或其他开发人员遇到问题的情况。

I want to do that because would like to update dependencies manually, so I won't be in a situation where my build fails or other developers experience issues I don't have because Composer installed a different version of the package.

是否可以使用Composer列出锁定软件包的所有较新版本，例如 composer discover 之类的好方法。输出： zendframework / zendframework 锁定在版本 2.4.2 （或 2.4。* / code>或其他任何名称），但有可用的2.5.0、2.5.1和2.6.0版本*？

Is there a good way to use Composer to list all newer versions of the locked packages, perhaps something like composer discover, where I get output: zendframework/zendframework is locked at version 2.4.2 (or 2.4.* or whatever), but there are versions 2.5.0, 2.5.1, and 2.6.0 available*?

任何现有命令都能够提供此类信息？

Is any existing command capable of providing that kind of information?

基本上，我更了解向我展示的较新版本，因此我可以知道要手动更新哪些依赖项。提交 composer.lock 并不是真正的解决方案，因为这不会告诉我要更新的内容（以及我的 composer.json 已锁定在特定版本，因此 composer.lock 不会有任何不同）。

Basically, I'm more about the newer versions being shown to me, so I can know what dependency to update manually. Committing the composer.lock isn't really the solution because that won't show me what to update (and my composer.json is locked at specific versions, so composer.lock won't differ anyway).

推荐答案

最简单的方法可能只是运行：

The simplest way would probably just to run:

composer outdated

并获取过时依赖项的列表。输出大致如下所示：

and get a list of the outdated dependencies. The output looks roughly like this:

这篇关于锁定依赖项时发现最新版本的Composer软件包的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！