Closed wordish closed 4 months ago
The way you update a composer library is you change your composer.json file to have a constraint that accurately restricts the dependency to versions you want. In the case of this project where concrete is likely to be the main dependency, it's probably best to just lock to a specific minor version like ~9.1.0
so that you don't upgrade the core when you don't expect to, semver.mwl.be is a great tool for determining constraints.
So to update, I do the following:
composer.json
to be accuratecomposer update
The skeleton is a boilerplate to get you started with managing your concrete site with composer. We don't really have any control over projects after they are initially created, and frankly we don't want to have control over them. So with that said this question and the answer are general composer usage questions and not specific to this project.
My guess as to why you'd get a commit and not a release is because you might have prefer-stable
disabled and minimum-stability
set to dev.
What is the best way to upgrade a composer-based concrete5 site?
If I create a project today with:
it will install 8.5.5.
But if I try to update an older project created the same way that's currently on an older version (such as 8.3.2) and I run
I get bumped up to the latest commit on the develop branch:
but I want to just go to 8.5.5.
(The above command I got from Googling "composer based concrete5 how to update core", I just get a3020's upgdate steps which also instruct me to use
composer update
.)What I finally ended up doing is:
which gave me this (along with other dependencies):
This seemed correct to me, but raised a few eyebrows from colleagues because it's now locked to a specific version.
^8.2
incomposer.json
should allow any release up to the next major version number (so anything<9.0
but>= 8.2
)If you just change the file yourself and run
composer update
, you'll usually get a bunch of errors about "requirements could not be resolved to an installable set of packages" or something about being unable to complete due to the constraints. The dependencies need to be updated as well so you need to add add the--with-(all-)dependencies
switch.So rather than edit and run update, it seems you can just combine the two steps with the
require
command.But either way, shouldn't the
^8.2
constraint limit it to an actual release? I don't understand why running update gets the latest commit with that constraint.Is there a better way to start with this skeleton and later move to the latest release without accidentally ending up on the most recent commit on the develop branch?