ChatGPT解决这个技术问题 Extra ChatGPT

Composer: remove a package, clean up dependencies, don't update other packages

The situation

Let's say I have a project with two packages installed by Composer: 

php composer.phar require 'squizlabs/php_codesniffer:~2.0' 'phpmd/phpmd:~2.1'

The autogenerated composer.json file looks like this: 

{
    "require": {
        "squizlabs/php_codesniffer": "~2.0",
        "phpmd/phpmd": "~2.1"
    }
}

In the autogenerated composer.lock file, there are the two requested packages:

2.0.0 squizlabs/php_codesniffer

2.1.3 phpmd/phpmd

and also four dependencies of phpmd/phpmd:

2.0.4 pdepend/pdepend

2.5.9 symfony/config

2.5.9 symfony/dependency-injection

2.5.9 symfony/filesystem

A few days later, squizlabs/php_codesniffer version 2.1.0 is released, but I don't want to run update yet. I want to stay on version 2.0.0 for now, and maybe I'll run update in a few days.

The question

I now want to remove phpmd/phpmd from my project. I want to achieve the following points:

Delete phpmd/phpmd from composer.json Delete phpmd/phpmd from composer.lock Delete phpmd/phpmd from the vendor folder Delete all the dependencies of phpmd/phpmd from composer.lock Delete all the dependencies of phpmd/phpmd from the vendor folder Do not update squizlabs/php_codesniffer to version 2.1.0

Edit: I'd prefer a solution which doesn't require changing the version constraint of squizlabs/php_codesniffer in composer.json

What I've tried

If I run: 

php composer.phar remove phpmd/phpmd

this achieves points 1, 2, 3, 6, but does not achieve points 4, 5.

The dependencies of phpmd/phpmd remain in composer.lock and the vendor folder.

If I run: 

php composer.phar remove phpmd/phpmd
php composer.phar update

this achieves points 1, 2, 3, 4, 5, but does not achieve point 6.

squizlabs/php_codesniffer gets updated to version 2.1.0.

See stackoverflow.com/questions/26930816/…
Does this answer your question? How to remove unused dependencies from composer?

k
kzap

Remove the entry from composer.json then run composer update phpmd/phpmd.

As to why that is the solution that works. I have no idea but that is what is required to remove a package totally from composer.lock and /vendor and allow you to install a new/replacement/conflicting package.

Ty a lot , it seems composer is full of hacks, sometimes id doesn't let me upgradem but lets remove+install. In mu case your cure works like a charm
could you set this answer as solution?
Is not any kind of hack. "composer update" updates the lock according to the set json then installs the packages etc. The fact that you specify a package means that only that package will be modified in lock. This is actually a basic usage and specified in docs (getcomposer.org/doc/01-basic-usage.md).
K
Kevin G.

Do this: 

php composer.phar remove phpmd/phpmd

Modify the composer.json file so it contains the following require section. 

{
    "require": {
        "squizlabs/php_codesniffer": "2.0.*",
    }
}

Now run composer.phar update. That should get you where you want to be.

Note: You could also pin the php_codesniffer package to a specific version e.g. 2.0.0. More information about how composer does versioning can be found on here.

Thank you for your answer. This does indeed achieve what I want. However, if possible, I'd prefer a solution which doesn't require changing the version constraint of squizlabs/php_codesniffer in composer.json. Sorry, I should have made this clear in my question. Ideally, I'm looking for something similar to MacPorts' --follow-dependencies flag for its uninstall command: "Uninstall ports that were automatically installed as dependencies of the removed port and are no longer needed".
Theres a --update-with-dependencies flag. Maybe this is what you are looking for
L
Lauris Kuznecovs

To remove package from .json and .lock files you have to remove package as follows: 

composer remove package-name
The question explicitly specified that this does not lead to the desired behavior. Could you elaborate why you think this does work?
This solution works fine for me - Laravel 6.0. No need to remove anything else from the json file nor the lock file.
apparently there was a bug in composer where composer remove was broken. Updating composer might help.
J
JimB814

I found this answer here,

Manually remove the package from composer.json. Manually delete vendor folder. Run composer install (from inside your project folder).

Composer re-installs the packages listed in composer.json.

If you also remove the packages from composer.lock then this works. For me anyway.
Can you explain how that could work nowadays? composer install would use the lock file and reinstall the remove package
M
Michael Cordingley

I do not believe this to currently be possible. This is the sort of thing that you may wish to submit as a feature request to Composer.

Meanwhile, I think your best bet is to go with option #1: php composer.phar remove phpmd/phpmd

It will remove the package from your explicit dependencies without forcing you to update anything. The obsolete dependencies from your removed library will remain until you next run composer update, which is something you should be doing periodically anyway. Most of the files from the old dependencies should be set to autoload one way or another, so you shouldn't have any real penalties for keeping those files around other than the space they use on disk.

关注公众号,不定期副业成功案例分享
Follow WeChat

Success story sharing

Want to stay one step ahead of the latest teleworks?

Subscribe Now

HuntsBot,a one-stop outsourcing task, remote job, product ideas sharing and subscription platform, which supports DingTalk, Lark, WeCom, Email and Telegram robot subscription. The platform will push outsourcing task requirements, remote work opportunities, product ideas to every subscribed user with timely, stable and reliable.

简体中文 English

Platform

Support

Contact US

Any questions or suggestions during use, you can contact us in the following ways:

Email: huntsbot@xinbeitime.com

Copyright© 2022-2023 www.huntsbot.com 浙ICP备2022000860号-4 All Rights Reserved.