kkonstan
commented
8 years ago Remove composer update, it was a hack to get it to work.
On Thursday, 21 April 2016, Alexandros Spyropoulos notifications@github.com wrote:
Assigned #24 https://github.com/openh2labs/elastic-erga/issues/24 to @kkonstan https://github.com/kkonstan.
— You are receiving this because you were mentioned. Reply to this email directly or view it on GitHub https://github.com/openh2labs/elastic-erga/issues/24#event-636312385
Konstantinos Konstantinidis
Ianos Ltd - Company No: 08121271 - Registered Office: 145-157 St John Street, London EC1V 4PW
dance-cmdr
Do not use composer update or npm update during build.
The reason is that
<package-manager> updatecommands are meant to run manually when the dev team wants to update the dependencies of an app. What actually does is bumping up the version numbers of the dependencies to the latest available version and it will update the composer.lock. The argument that constrains to minor numbers protect your build doesn't apply when the dependency is on beta. because beta versions could have breaking api changes in minor numbers.Use composer install instead as this command will install the dependencies from the composer.lock(down) file. Which the developer has more controll.