dongxu2398
2018-07-19 06:44
浏览 137
已采纳

Composer.lock与生产服务器上实际安装的软件包版本不兼容

I'm working on a project based on PHP7 and Laravel. Unfortunately, there was a problem with dependencies and package versions.

I guessed that the previous developer working on the project started updating packages by calling

composer update 

on his local dev environment.

Therefore, a new composer.lock file has been generated and everything has been pushed to the production server - however, the composer update command has not been called on the production...

There is a problem with the incompatibility of the PHP version and other errors in dependencies.

This is a very large project and I wouldn't like to migrate now to higher versions on the production server.

I am currently preparing a development environment and I care about maintaining the maximum compatibility of all package versions with what is on production.

By calling:

composer install

on local environment, I'm receiving a series of errors related to the incompatibility of the package versions.

Is there any way to regenerate / restore composer.json and composer.lock based on what is currently installed on the production server? Unfortunately, at this moment composer.lock on production doesn't completely reflect the current state of actually installed versions.

What is a safe and good way to recreate locally a cloned project from a repository on a production server - and maintain full compatibility of all package versions, the correct form of composer.json and composer.lock?

Thanks in advance for your help!

图片转代码服务由CSDN问答提供 功能建议

我正在开发一个基于PHP7和Laravel的项目。 遗憾的是,依赖项和软件包版本存在问题。

我猜测以前开发项目的开发人员通过调用

 <开始更新软件包 代码> composer update 
   
 
 

在他的本地开发环境中。

因此,生成了一个新的composer.lock文件, 所有内容都已推送到生产服务器 - 但是,生产中尚未调用composer update命令...

PHP版本与其他错误不兼容存在问题 在依赖项中。

这是一个非常大的项目,我现在不想在生产服务器上迁移到更高版本。

我是 目前正在准备一个开发环境,我关心的是保持所有软件包版本与生产中的最大兼容性。

通过调用:

  composer install 
   
 
 

在本地环境中,我收到一系列错误 是否与软件包版本不兼容。

有没有办法根据生产服务器上当前安装的内容重新生成/恢复composer.json和composer.lock? 不幸的是,目前生产中的composer.lock并没有完全反映实际安装版本的当前状态。

从存储库本地重建克隆项目的安全且好的方法是什么 在生产服务器上 - 并保持所有软件包版本的完全兼容性,正确形式的composer.json和composer.lock?

提前感谢您的帮助!

  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • douni1396 2018-07-19 07:53
    已采纳

    No, there is no way to recreate composer.json file based on what is already installed in /vendor. You can look for /vendor/composer/installed.json file as a reference for installed versions of all packages.

    What you need to do in this case is:

    1. Make sure your local environment is exactly the same as your production one. You can fake it if needed in your composer.json too by using platform configuration.
    2. Your composer.lock file is of no use. Get /vendor/composer/installed.json file from your production. Delete your /vendor folder.
    3. Run composer install. Write down all packages that have issues and check provided solutions by Composer.
    4. Start downgrading the versions in your composer.json for packages that have issues based to the solutions provided by Composer. Be sure to look into those packages yourself - developers aren't always very strict with the way they maintain dependencies and versioning of their packages. You can always just take package version from production's /vendor/composer/installed.json and place that specific version in your composer.json.
    5. Repeat steps 3-4 until you can finally generate new composer.lock file. Make sure your composer.json and composer.lock files are tracked by your VCS and fixate the changes.
    打赏 评论

相关推荐 更多相似问题