Composer.json getting latest package version and

Question

For each new project, I want to:

• Get the latest versions of all packages inside composer.json
• Once I have them I no longer want to get the latest - just the version of the first run.

I know I could manually specify latest versions from packagist.org, but Ideally I'd like this automated.

I hope this makes sense.

Thanks

Answer 1

Running composer require vendor/package will consult packagist.org for the most current released version and add both the latest release and the version requirement to get this release and compatible updates later.

This will install only stable versions.

After the initial install, you have two options:

1. composer install will again install the previously found packages.
2. composer update will look for updated packages that match the version requirement.

Never run update unattended. A developer should run this consciously and then run the test suite to determine if everything still works (or the continuous integration job does it if available). Especially only run install when deploying to production.

Answer 2

1. the latest package:

"require": { "namespace/libname": "@dev" }

2. after install of this package, composer will dump all info (and version) to composer.lock. do not remove this file and do not use composer update. always use composer install because this will force composer to look into composer.lock file for package version