Learned today that you can't trust the dependencies of an older project not to break that project even if you update it according to its own composer specs.
-
-
lockfile
-
dang, must be some dishonest-ass packages i guess
-
It's a nesting problem. Upper layer doesn't know about the dependencies in the lower layer, which have jumped ahead.
-
that's what the lockfile is supposed to address, though, innit? by keeping a specific version of every dependency, not just the first-order ones?
-
oh hm you did say 'update', if a 'composer update' is involved as opposed to a 'composer install' then that'd make sense, no telling how many second-plus-order dependencies are just specified with *
-
Yeah, that's what happened. Something deep in the stack decided it wanted to get modern.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.