I inherited a project that was built with PHP 5.3.x, Symfony2, and Composer for dependency management.
There are many lines in the composer.json file: "vendorname/library" : "dev-master" for the version of the libraries used. It was last edited in August 2012 and obviously worked then, since the composer.lock file exists, and the project runs on the server on our host.
Fortunately, with 1 small tweak for composer.lock, I got composer install to work, but now I'm trying to fix some crashes that I get when I run the update for composer. There are many posts on the Internet about Adventism by the composer - and I'm in an impassable boat on the Styx River that pulls my hair there.
In short, a couple of years ago when composer.lock was created, the project worked with the then versions of "dev" from dozens of included vendor libraries, but now when I try to clear the mess, I'd like to put the correct versions in composer.json and try to update things from a known state.
How to find out which versions are actually installed by the composer? Or what keys / values ββin the composer.lock file tell you this?
In the composer.lock file, I have many hashes for github hashing, but this is not clear, given the arbitrary hash of the hashes, that the closest marked version will replace the corresponding line in composer.json.
Here is an example line from composer.json:
"doctrine/doctrine-bundle" : "dev-master",
and here is the corresponding node in composer.lock for this module:
{ "name": "doctrine/doctrine-bundle", "version": "dev-master", "target-dir": "Doctrine/Bundle/DoctrineBundle", "source": { "type": "git", "url": "http://github.com/doctrine/DoctrineBundle.git", "reference": "d3c930599723c8343472a5791b0f5909a4111a73" }, "dist": { "type": "zip", "url": "https://github.com/doctrine/DoctrineBundle/zipball/d3c930599723c8343472a5791b0f5909a4111a73", "reference": "d3c930599723c8343472a5791b0f5909a4111a73", "shasum": "" }, "require": { "doctrine/dbal": ">=2.2,<2.4-dev", "php": ">=5.3.2", "symfony/doctrine-bridge": "2.1.*", "symfony/framework-bundle": "2.1.*" }, "require-dev": { "doctrine/orm": ">=2.2,<2.4-dev", "symfony/validator": "2.1.*", "symfony/yaml": "2.1.*" }, "suggest": { "doctrine/orm": "The Doctrine ORM integration is optional in the bundle." }, "type": "symfony-bundle", "extra": { "branch-alias": { "dev-master": "1.0.x-dev" } }, "autoload": { "psr-0": { "Doctrine\\Bundle\\DoctrineBundle": "" } }, "license": [ "MIT" ], "authors": [ { "name": "Fabien Potencier", "email": " fabien@symfony.com " }, { "name": "Benjamin Eberlei", "email": " kontakt@beberlei.de " }, { "name": "Symfony Community", "homepage": "http://symfony.com/contributors" } ], "description": "Symfony DoctrineBundle", "homepage": "http://www.doctrine-project.org", "keywords": [ "DBAL", "Database", "ORM", "Persistence" ], "support": { "source": "https://github.com/doctrine/DoctrineBundle/tree/master", "issues": "https://github.com/doctrine/DoctrineBundle/issues" }, "time": "2012-09-10 15:12:44" }
I assume that the composer sets dist-> url or source-> url from composer.lock, but I have dozens of modules to go through and are wondering how to find the closest (by date) tag for each link library to create sound composer.json file to proceed to update our code.