dongxu2398 2018-07-19 06:44
浏览 233
已采纳

Composer.lock与生产服务器上实际安装的软件包版本不兼容

I'm working on a project based on PHP7 and Laravel. Unfortunately, there was a problem with dependencies and package versions.

I guessed that the previous developer working on the project started updating packages by calling

composer update 

on his local dev environment.

Therefore, a new composer.lock file has been generated and everything has been pushed to the production server - however, the composer update command has not been called on the production...

There is a problem with the incompatibility of the PHP version and other errors in dependencies.

This is a very large project and I wouldn't like to migrate now to higher versions on the production server.

I am currently preparing a development environment and I care about maintaining the maximum compatibility of all package versions with what is on production.

By calling:

composer install

on local environment, I'm receiving a series of errors related to the incompatibility of the package versions.

Is there any way to regenerate / restore composer.json and composer.lock based on what is currently installed on the production server? Unfortunately, at this moment composer.lock on production doesn't completely reflect the current state of actually installed versions.

What is a safe and good way to recreate locally a cloned project from a repository on a production server - and maintain full compatibility of all package versions, the correct form of composer.json and composer.lock?

Thanks in advance for your help!

  • 写回答

1条回答 默认 最新

  • douni1396 2018-07-19 07:53
    关注

    No, there is no way to recreate composer.json file based on what is already installed in /vendor. You can look for /vendor/composer/installed.json file as a reference for installed versions of all packages.

    What you need to do in this case is:

    1. Make sure your local environment is exactly the same as your production one. You can fake it if needed in your composer.json too by using platform configuration.
    2. Your composer.lock file is of no use. Get /vendor/composer/installed.json file from your production. Delete your /vendor folder.
    3. Run composer install. Write down all packages that have issues and check provided solutions by Composer.
    4. Start downgrading the versions in your composer.json for packages that have issues based to the solutions provided by Composer. Be sure to look into those packages yourself - developers aren't always very strict with the way they maintain dependencies and versioning of their packages. You can always just take package version from production's /vendor/composer/installed.json and place that specific version in your composer.json.
    5. Repeat steps 3-4 until you can finally generate new composer.lock file. Make sure your composer.json and composer.lock files are tracked by your VCS and fixate the changes.
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 在虚拟机的pycharm上
  • ¥15 jupyterthemes 设置完毕后没有效果
  • ¥15 matlab图像高斯低通滤波
  • ¥15 针对曲面部件的制孔路径规划,大家有什么思路吗
  • ¥15 钢筋实图交点识别,机器视觉代码
  • ¥15 如何在Linux系统中,但是在window系统上idea里面可以正常运行?(相关搜索:jar包)
  • ¥50 400g qsfp 光模块iphy方案
  • ¥15 两块ADC0804用proteus仿真时,出现异常
  • ¥15 关于风控系统,如何去选择
  • ¥15 这款软件是什么?需要能满足我的需求