How to understand installed.json and why it would differ from composer.lock #9686
-
I've been trying to understand Composer's installed.json file. Looking at the source, this file is loaded into an object referred to as a local repository. I can see that Composer needs to keep track of packages in a project, and a repository of the installed packages makes sense to me as a way of achieving this. Where I'm struggling is to reconcile the existence of the composer.lock file within my understanding of installed.json, because installed.json and composer.lock seem to share a lot of the same information. I've seen someone comment that composer.lock is what should be installed and installed.json is what's actually installed. But surely you'd have a problem if something which should be installed didn't actually get installed. Why would the contents of the installed.json file ever differ from the composer.lock file? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
installed.json reflects what is actually installed. It also stores additional metadata specific to the installation (the path in which it is installed for instance). The common case for differing is that another dev in your team ran a |
Beta Was this translation helpful? Give feedback.
installed.json reflects what is actually installed. It also stores additional metadata specific to the installation (the path in which it is installed for instance).
The common case for differing is that another dev in your team ran a
composer update
changing the lock file, and you haven't runcomposer install
yet after fetching the new commit.