Composer lock out of sync

[patoui]

Description

composer.lock file out of sync with composer.json causes issues when trying to require a new package, example:

composer require psr/simple-cache
Using version ^1.0 for psr/simple-cache
./composer.json has been updated
Running composer update psr/simple-cache
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Root composer.json requires spiral/framework ^2.7, found spiral/framework[dev-master, v2.7.0, ..., 2.8.x-dev (alias of dev-master)] but the package is fixed to 2.6.x-dev (lock file version) by a partial update and that version does not match. Make sure you list it as an argument for the update command.

Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.

Installation failed, reverting ./composer.json and ./composer.lock to their original content.

Proposed solutions:

run composer update and commit/push new composer.lock file

OR

remove composer.lock and add to .gitignore and add "composer install" as the first entry within the "post-create-project-cmd" script, example:

"post-create-project-cmd": [
    "composer install",
    "php -r \"copy('.env.sample', '.env');\"",
    "php app.php encrypt:key -m .env",
    "php app.php configure -vv",
    "spiral get-binary"
]

[SerafimArts]

Done https://github.com/spiral/app/releases/tag/v1.3.1