composer-lock-diff
composer-lock-diff copied to clipboard
davidrjonas
See what has changed after a composer update
When we have composer package with version something like `0.0.x-dev` then on composer update the output shown by `./vendor/bin/composer-lock-diff --md` command is ``` | Production Changes | From | To...
This tool is brilliant. I was wondering if it has been integrated with Github actions, it would seem like a sensible thing to do and I'm happy to look at...
https://github.com/davidrjonas/composer-lock-diff/blob/817bb8f7e9177c87947e2e067e138ca93e8a4681/composer-lock-diff#L185 `git show` called here does not expect `DIRECTORY_SEPARATOR` in path. It always expect linux style separators (in general these starts to be [revision notation](https://git-scm.com/docs/gitrevisions), not a paths at all...
Let's add color formatting to the output, so the differences can be read a little easier. Here's what composer show --outdated looks like:  
This could be done by making them bold, or by sorting the list on direct & indirect. For example, here's how Private Packagist updates our issues with a changelog; 
Ignore the composer.lock and vendor directory. Github codespaces automatically does a composer install.
This is useful for Drupal packages where they still use `8.x-` type tags. Previous behaviour: | Production Changes | From | To | Compare | |-------------------------------------------------|---------------|-----------------|------------------------------------------------------------------------------------------------------------------| | drupal/token | 1.9.0...
`composer-lock-diff` >The system cannot find the path specified. The system cannot find the path specified. 'git --version' exited with non-zero code '1' 'svn --version' exited with non-zero code '1' No...
When having huge dependency lists, separate tables for direct and indirect dependencies are helpful - you see which changes were desired, and which ones came only automatically. Having direct prod+dev...
