duanbu4962 2014-04-17 18:11
浏览 41
已采纳

为什么作曲家降级我的包裹?

php composer.phar update did this (removed 2.3.0 packages and installed entire 2.2.5 Zend Framework):

$ php composer.phar update
Loading composer repositories with package information
Updating dependencies (including require-dev)
  - Removing zendframework/zend-filter (2.3.0)
  - Removing zendframework/zend-view (2.3.0)
  - Removing zendframework/zend-eventmanager (2.3.0)
  - Removing zendframework/zend-loader (2.3.0)
  - Removing zendframework/zend-escaper (2.3.0)
  - Removing zendframework/zend-log (2.3.0)
  - Removing zendframework/zend-servicemanager (2.3.0)
  - Removing zendframework/zend-stdlib (2.3.0)
  - Installing zendframework/zendframework (2.2.5)
    Loading from cache
Writing lock file
Generating autoload files

Why did it do that? My composer.json looks like this and suggests nothing of the sort that directed the above course of events:

"repositories":[
    {
        "type":"composer",
        "url":"https://packagist.org/"
    },
    {
         "type":"composer",
         "url":"http://packages.zendframework.com/"
    }
],
"require": {
    "zendframework/zend-log" : "2.*",
    "zendframework/zend-escaper" : "2.*",
    "zendframework/zend-filter" : "2.*",
    "zendframework/zend-view" : "2.*"
}

My expectation was: remove 2.3.0, install 2.3.1 packages

  • 写回答

1条回答 默认 最新

  • douhulao7642 2014-04-17 19:47
    关注

    My answer doesn't quite describe why it was downgraded, since the algorithms in Composer are quite intensive (that is why update takes way longer than installing with a .lock). They go through all of your dependencies, all of the potential versions, and what each dependencies' versions' dependencies are. After getting all of this information it tries to come up with a "perfect" match.

    Sometimes the slightest change in your dependencies, or a dependency's dependencies, can create drastic changes. Also, you'll sometimes see that it is impossible to resolve your dependencies because one dependency may require symfony/http-foundation ~2.5 and one may require symfony/http-foundation 2.1.* (this isn't what happened in your case, but it is good to know).

    All in all, the moral of the story is you should be as specific as possible with your composer.json (especially in production). That way, you can always be in control of what version you use rather than letting Composer decide. Worse case, is you run a composer update and it cannot resolve your dependencies. Then do some research on Packagist to see which versions will happily resolve together.

    I suggest using either version ~2.3 (which is the same as >= 2.3 and < 3) or 2.3.*. Then Composer won't even try version 2.2.5. Check Composer's documentation to see how you can express different package versions.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 基于MSP430f5529的MPU6050驱动,求出欧拉角
  • ¥20 Java-Oj-桌布的计算
  • ¥15 powerbuilder中的datawindow数据整合到新的DataWindow
  • ¥20 有人知道这种图怎么画吗?
  • ¥15 pyqt6如何引用qrc文件加载里面的的资源
  • ¥15 安卓JNI项目使用lua上的问题
  • ¥20 RL+GNN解决人员排班问题时梯度消失
  • ¥60 要数控稳压电源测试数据
  • ¥15 能帮我写下这个编程吗
  • ¥15 ikuai客户端l2tp协议链接报终止15信号和无法将p.p.p6转换为我的l2tp线路