Learned today that you can't trust the dependencies of an older project not to break that project even if you update it according to its own composer specs.
that's what the lockfile is supposed to address, though, innit? by keeping a specific version of every dependency, not just the first-order ones?
-
-
oh hm you did say 'update', if a 'composer update' is involved as opposed to a 'composer install' then that'd make sense, no telling how many second-plus-order dependencies are just specified with *
-
just trying to make sense of my own impressions, things have felt fragile in exactly this way but then there's components intended specifically to make them not fragile in this way so i'm trying to get a sense of when and why they don't work
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.