Ad

Why Composer.json Is Modified After "composer Install" Command?

- 1 answer

I am currently working on a Laravel 5.8 project that I have just cloned from our company's Gitlab. I ran composer install and after that when I run git status it lists composer.json as a modified file.

I thought that composer install does not modify composer.json file.

I think that if I commit this file, then the remote server can not merge the new composer file with the old one.

What should I do?

Ad

Answer

Generally, Composer install will not modify composer.json. But there are some circumstances where it can be changed, although I don't know about any that would happen without user input.

The one I can think of as of now, is the setting config.allow-plugins.

If you clone a project created with Composer < 2.2.0, this option wouldn't exist on the configuration file.

If you now run a version of Composer > 2.2.0, and if this project includes composer plugins (some that come to mind are composer/package-versions-deprecated, symfony/flex, symfony/runtime, and more), you'd get a few prompts asking you to authorize plugins.

Like so:

bamarni/composer-bin-plugin contains a Composer plugin which is currently not in your allow-plugins config. See https://getcomposer.org/allow-plugins Do you trust "bamarni/composer-bin-plugin" to execute code and wish to enable it now? (writes "allow-plugins" to composer.json) [y,n,d,?]

The different options stand for:

Choosing yes or no, would end up modifying your composer.json adding this configuration.

I think that if I commit this file, then the remote server can not merge the new composer file with the old one.

Git has no problems merging this kind of change.

What should I do?

Talk with someone at your company. Run git diff composer.json to check the changes, and verify with someone if you should push those changes upstream or not. If not, simply run git restore composer.json

Ad
source: stackoverflow.com
Ad