Basically, when I run "composer install" it checks all packages coming from merged composer.json files and validates if they have a "higher" version.
If yes, than it simply ignores version that is already locked and updates it.
In my case, it broke a build in our project because a non-compatible package was updated (and we were not aware it was incompatible, due to be launched recently).
To make things easier, is there a way to run composer install merging all plugins but respecting composer.lock main file?
bd808
commented
1 year ago
Basically, when I run "composer install" it checks all packages coming from merged composer.json files and validates if they have a "higher" version. If yes, than it simply ignores version that is already locked and updates it. In my case, it broke a build in our project because a non-compatible package was updated (and we were not aware it was incompatible, due to be launched recently).
To make things easier, is there a way to run composer install merging all plugins but respecting composer.lock main file?