Reputation: 805
I want to make sure if my understanding is correct. When developing locally, from the CLI, I use Composer to bring in packages to use for my app. These packages are then put in my "vendor" directory.
Now, the vendor directory is included in my gitignore file so that won't be pushed to version control. However, when I deploy my app to production, since those vendor packages were not version controlled, in my CLI (while SSH'd into my server) I need to run composer update. This will grab all the dependencies from my composer.lock file and install them all on my server.
Consequently, when developing locally, if I pull in a new package, I'd have to run another composer update on the server to get that new package for production.
Please let me know if my understanding of this is correct. Thanks!
Upvotes: 0
Views: 817
Reputation: 50491
You probably don't want to be running composer update
on production. You would want to run composer install
.
With composer update
you have the possibility of upgrading packages you are using to versions you haven't tested them on. If you need to update your dependencies you can do that from local and the composer.lock
file will get updated. With the lock file committed, on the server running composer install
will install the packages to match the versions in the lock file to keep everything consistent in your environments.
Upvotes: 1
Reputation: 7814
Yes you are right.You need to do a composer install or update on the server as well.
Upvotes: 0