1
0
Fork 0

Detect packages which are only available in lock file and warn appropriately

pull/8690/head
Jordi Boggiano 2020-03-13 11:12:39 +01:00
parent 8945936dbd
commit e09dd9c10d
No known key found for this signature in database
GPG Key ID: 7BBD42C429EC80BC
2 changed files with 11 additions and 2 deletions

View File

@ -14,6 +14,7 @@ namespace Composer\DependencyResolver;
use Composer\Package\CompletePackageInterface;
use Composer\Repository\RepositorySet;
use Composer\Repository\LockArrayRepository;
use Composer\Semver\Constraint\Constraint;
/**
@ -221,6 +222,14 @@ class Problem
}
}
$nonLockedPackages = array_filter($packages, function ($p) {
return !$p->getRepository() instanceof LockArrayRepository;
});
if (!$nonLockedPackages) {
return array("- Root composer.json requires $packageName".self::constraintToText($constraint) . ', ', 'found '.self::getPackageList($packages).' in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.');
}
return array("- Root composer.json requires $packageName".self::constraintToText($constraint) . ', ', 'found '.self::getPackageList($packages).' but '.(self::hasMultipleNames($packages) ? 'these conflict' : 'it conflicts').' with another require.');
}

View File

@ -44,9 +44,9 @@ Your requirements could not be resolved to an installable set of packages.
Problem 1
- locked/pkg is locked to version dev-master and an update of this package was not requested.
- locked/pkg dev-master requires locked/dependency 1.0.0 -> found locked/dependency[1.0.0] but it conflicts with another require.
- locked/pkg dev-master requires locked/dependency 1.0.0 -> found locked/dependency[1.0.0] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 2
- locked/pkg dev-master requires locked/dependency 1.0.0 -> found locked/dependency[1.0.0] but it conflicts with another require.
- locked/pkg dev-master requires locked/dependency 1.0.0 -> found locked/dependency[1.0.0] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
- Root composer.json requires locked/pkg *@dev -> satisfiable by locked/pkg[dev-master].
Use the option --with-all-dependencies to allow updates and removals for packages currently locked to specific versions.