info/php-the-right-way
1
0
Fork 0
mirror of https://github.com/codeguy/php-the-right-way.git synced 2025-08-07 06:26:45 +02:00
Code Issues Projects Releases Wiki Activity

Warn about composer update on production

Browse Source 
Also, greater encouragement to check composer.lock is staged in repositories.
Rephrased for (imho) improved clarity.
This commit is contained in:
William Turrell
2016-10-28 11:10:36 +01:00
committed by GitHub
parent c07d9a60c0
commit 60c2720bec
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
_posts/04-02-01-Composer-and-Packagist.md
View File

@@ -100,10 +100,11 @@ Now you can use your project dependencies, and they'll be autoloaded on demand.
### Updating your dependencies
Composer creates a file called `composer.lock` which stores the exact version of each package it
downloaded when you
first ran `composer install`. If you share your project with other coders and the `composer.lock` file
is part of your distribution, when they run `composer install` they'll get the same versions as you.
To update your dependencies, run `composer update`.
downloaded when you first ran `composer install`. If you share your project with others,
ensure the `composer.lock` file is included, so that when they run `composer install` they'll
get the same versions as you. To update your dependencies, run `composer update`. Don't use
`composer update` when deploying, only `composer install`, otherwise you may end up with different
package versions on production.
This is most useful when you define your version requirements flexibly. For instance a version
requirement of `~1.8` means "anything newer than `1.8.0`, but less than `2.0.x-dev`". You can also use