duanbu4962 2014-04-17 18:11
浏览 41
已采纳

为什么作曲家降级我的包裹?

php composer.phar update did this (removed 2.3.0 packages and installed entire 2.2.5 Zend Framework):

$ php composer.phar update
Loading composer repositories with package information
Updating dependencies (including require-dev)
  - Removing zendframework/zend-filter (2.3.0)
  - Removing zendframework/zend-view (2.3.0)
  - Removing zendframework/zend-eventmanager (2.3.0)
  - Removing zendframework/zend-loader (2.3.0)
  - Removing zendframework/zend-escaper (2.3.0)
  - Removing zendframework/zend-log (2.3.0)
  - Removing zendframework/zend-servicemanager (2.3.0)
  - Removing zendframework/zend-stdlib (2.3.0)
  - Installing zendframework/zendframework (2.2.5)
    Loading from cache
Writing lock file
Generating autoload files

Why did it do that? My composer.json looks like this and suggests nothing of the sort that directed the above course of events:

"repositories":[
    {
        "type":"composer",
        "url":"https://packagist.org/"
    },
    {
         "type":"composer",
         "url":"http://packages.zendframework.com/"
    }
],
"require": {
    "zendframework/zend-log" : "2.*",
    "zendframework/zend-escaper" : "2.*",
    "zendframework/zend-filter" : "2.*",
    "zendframework/zend-view" : "2.*"
}

My expectation was: remove 2.3.0, install 2.3.1 packages

  • 写回答

1条回答 默认 最新

  • douhulao7642 2014-04-17 19:47
    关注

    My answer doesn't quite describe why it was downgraded, since the algorithms in Composer are quite intensive (that is why update takes way longer than installing with a .lock). They go through all of your dependencies, all of the potential versions, and what each dependencies' versions' dependencies are. After getting all of this information it tries to come up with a "perfect" match.

    Sometimes the slightest change in your dependencies, or a dependency's dependencies, can create drastic changes. Also, you'll sometimes see that it is impossible to resolve your dependencies because one dependency may require symfony/http-foundation ~2.5 and one may require symfony/http-foundation 2.1.* (this isn't what happened in your case, but it is good to know).

    All in all, the moral of the story is you should be as specific as possible with your composer.json (especially in production). That way, you can always be in control of what version you use rather than letting Composer decide. Worse case, is you run a composer update and it cannot resolve your dependencies. Then do some research on Packagist to see which versions will happily resolve together.

    I suggest using either version ~2.3 (which is the same as >= 2.3 and < 3) or 2.3.*. Then Composer won't even try version 2.2.5. Check Composer's documentation to see how you can express different package versions.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 这个复选框什么作用?
  • ¥15 单通道放大电路的工作原理
  • ¥30 YOLO检测微调结果p为1
  • ¥20 求快手直播间榜单匿名采集ID用户名简单能学会的
  • ¥15 DS18B20内部ADC模数转换器
  • ¥15 做个有关计算的小程序
  • ¥15 MPI读取tif文件无法正常给各进程分配路径
  • ¥15 如何用MATLAB实现以下三个公式(有相互嵌套)
  • ¥30 关于#算法#的问题:运用EViews第九版本进行一系列计量经济学的时间数列数据回归分析预测问题 求各位帮我解答一下
  • ¥15 setInterval 页面闪烁,怎么解决