Stars: 255
Forks: 16
Pull Requests: 26
Issues: 18
Watchers: 8
Last Updated: 2023-08-07 14:19:43
See what has changed after a composer update
License: MIT License
Languages: PHP, Makefile, Shell
See what packages have changed after you run composer update
by comparing composer.lock to the the git HEAD.
Requires:
There are no other dependencies.
composer global require davidrjonas/composer-lock-diff:^1.0
# With zsh, run `rehash` to make it known to the shell.
# try it
composer-lock-diff --help
If composer-lock-diff
is not found, make sure ~/.composer/vendor/bin
is in
your $PATH
env variable. For more information on how to do that see this question on Stack Overflow.
composer update
# don't commit yet!
composer-lock-diff
Or from vim, to insert the output into the commit message, type :r!composer-lock-diff
.
--path, -p
: Base to with which to prefix paths. Default "./"--from
: The file^, git ref, or git ref with filename to compare from (HEAD:composer.lock)--to
: The file^, git ref, or git ref with filename to compare to (composer.lock)--md
: Markdown table output--json
: json output--pretty
: pretty output when combined with --json
(>=5.4 only)--no-links
: Don't include Compare links in plain text or any links in markdown--only-prod
: Only include changes from packages
--only-dev
: Only include changes from packages-dev
--vcs
: Force vcs (git, svn, ...). Default auto-detect from path^ File includes anything available as a protocol stream wrapper such as URLs.
+--------------------+-------+--------+------------------------------------------------------------------+
| Production Changes | From | To | Compare |
+--------------------+-------+--------+------------------------------------------------------------------+
| guzzlehttp/guzzle | 6.2.0 | 6.3.0 | https://github.com/guzzle/guzzle/compare/6.2.0...6.3.0 |
| hashids/hashids | 2.0.0 | 2.0.4 | https://github.com/ivanakimov/hashids.php/compare/2.0.0...2.0.4 |
| league/flysystem | 1.0.0 | 1.0.42 | https://github.com/thephpleague/flysystem/compare/1.0.0...1.0.42 |
| monolog/monolog | NEW | 1.21.0 | |
+--------------------+-------+--------+------------------------------------------------------------------+
+------------------+--------+---------+---------+
| Dev Changes | From | To | Compare |
+------------------+--------+---------+---------+
| phpspec/php-diff | v1.0.2 | REMOVED | |
+------------------+--------+---------+---------+
| Production Changes | From | To | Compare |
|--------------------|-------|--------|-------------------------------------------------------------------------|
| guzzlehttp/guzzle | 6.2.0 | 6.3.0 | [...](https://github.com/guzzle/guzzle/compare/6.2.0...6.3.0) |
| hashids/hashids | 2.0.0 | 2.0.4 | [...](https://github.com/ivanakimov/hashids.php/compare/2.0.0...2.0.4) |
| league/flysystem | 1.0.0 | 1.0.42 | [...](https://github.com/thephpleague/flysystem/compare/1.0.0...1.0.42) |
| monolog/monolog | NEW | 1.21.0 | |
| Dev Changes | From | To | Compare |
|------------------|--------|---------|---------|
| phpspec/php-diff | v1.0.2 | REMOVED | |
Production Changes | From | To | Compare |
---|---|---|---|
guzzlehttp/guzzle | 6.2.0 | 6.3.0 | ... |
hashids/hashids | 2.0.0 | 2.0.4 | ... |
league/flysystem | 1.0.0 | 1.0.42 | ... |
monolog/monolog | NEW | 1.21.0 |
Dev Changes | From | To | Compare |
---|---|---|---|
phpspec/php-diff | v1.0.2 | REMOVED |
New features are always welcome! Follow these guidelines
The Makefile has some test cases. Run make | less
and inspect the output. If you need specific versions or more information, continue reading.
To run using the test data manually simply point the --to
and --from
args at the lock files,
php ./composer-lock-diff --from ./test-data/composer.from.lock --to ./test-data/composer.to.lock
Docker is very helpful for targeting a specific version of php and/or composer,
docker run --rm -it -v "$PWD":/src -w /src php:7.4.2 \
php ./composer-lock-diff --from ./test-data/composer.from.lock --to ./test-data/composer.to.lock
Sometimes you want to test the git related functions. To do that first I make a temporary repo. Then I copy into it test-data/composer.from.lock
as composer.lock
to set the previous state and test-data/composer.to.json
as composer.json
for the future state. I commit those then run composer-lock-diff
with the options I want to test and visually inspect the results.
mkdir tmp && cd tmp
git init
cp ../test-data/composer.to.json composer.json
cp ../test-data/composer.from.lock composer.lock
git add .
git commit -m "initial"
composer update
# or
docker run --rm -it -v "$PWD":/src -w /src composer:latest php composer update
php ../composer-lock-diff
# or, if you want to use docker, you'll need git
cd ..
docker run --rm -it -v "$PWD":/src -w /src php:7.4.2 bash
apt-get update && apt-get install -y git
# You may want composer as well,
curl -OL https://getcomposer.org/download/1.9.3/composer.phar
cd tmp
php ../composer.phar update
php ../composer-lock-diff
./tmp
../test-data/composer.from.json
as composer.json
and ../test-data/composer.from.lock
as composer.lock
.composer install
composer.json
. Use an exact version.composer update
.composer.lock
should look similar to ../test-data/composer.from.lock
but there will be differences due to transient dependencies. No real way around that. Use composer-lock-diff
to make sure none of the named packages change versions and your new case is there.composer.json
to ../test-data/composer.from.json
and composer.lock
to composer.from.lock
.../test-data/composer.to.json
as composer.json
.composer.json
. Again, exact versions are best.composer.json
to ../test-data/composer.to.json
and composer.lock
to ../test-data/composer.to.lock
.See Makefile.
comopser-lock-diff
# no argscomposer-lock-diff --from ./test-data/composer.from.lock --to ./test-data/composer.to.lock
composer-lock-diff --path ./test-data/
composer-lock-diff --from <git ref>
# this gets tested with 'no args'composer-lock-diff --from <git ref with filename>
composer-lock-diff --to <git ref>
composer-lock-diff --to <git ref with filename>
composer-lock-diff --only-dev
composer-lock-diff --only-prod
composer-lock-diff --no-links
composer-lock-diff --json
composer-lock-diff --json --pretty
composer-lock-diff --md
composer-lock-diff --md --no-links
If anyone can help test with Windows that would be very much appreciated!
Thanks to everyone who has shared ideas and code! In particular,