don't remove composer.lock
henkvalk opened this issue · comments
When you remove composer.lock file, (you can use composer install
instead of composer update
), but you need to prevent that composer is installing newer versions of packages, because that's not the task of this action.
Please use composer update --lock
instead of composer update
. There will not been looking to newer versions of packages, but it removes replaced / or installs the excluded replaced packages
This is an ongoing insight. At first, when composer replacements started to be a thing, running compose update
(regardless of the flag) didn't work, so therefore the composer.lock
removal was suggested. Perhaps these days, this is less of an issue. I'll update the docs to mention only composer update --lock