Tuesday, March 1, 2022

[FIXED] Should composer.lock be committed to version control?

      , ,      No comments   

Issue

I'm a little confused with composer.lock used in an application with a repository.

I saw many people saying that we should not .gitignore composer.lock from the repository.

If I update my libraries in my dev environment, I will have a new composer.lock but I will not be able to update them into production, will I ?

Won't it generate conflicts on this file ?


Solution

If you update your libs, you want to commit the lockfile too. It basically states that your project is locked to those specific versions of the libs you are using.

If you commit your changes, and someone pulls your code and updates the dependencies, the lockfile should be unmodified. If it is modified, it means that you have a new version of something.

Having it in the repository assures you that each developer is using the same versions.



Answered By - meza

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...