问题
Let's say I have a Symfony v4.4 (Flex) project with the following block in the composer.json:
"extra": {
"symfony": {
"allow-contrib": false,
"require": "4.4.*"
}
}
As expected, it restricts the Symfony core packages to stick to the v4.4 version.
symfony/monolog-bridge package respects it, so you cannot install symfony/monolog-bridge ~4.3.0 or ^5.0.
Yet you can install symfony/monolog-bundle ~3.5.0, which is also expected, given it's just a bundle that is not part of the core Symfony framework and which has its own independent release and versioning cycle.
What I cannot understand is what helps composer to distinguish, which of those packages a Symfony core package so that extra.symfony.require restriction was applied, and which is not?
I originally thought it's the composer's type property that makes it possible, but I cannot find any traces of symfony-bridge type being any unique. If it is - a link to source code or documentation would be extremely helpful.
UPD:
The default Symfony (with Flex) v4.4 composer.json:
{
"name": "symfony/website-skeleton",
"type": "project",
"license": "MIT",
"description": "A skeleton to start a new Symfony website",
"require": {
"php": "^7.1.3",
"ext-ctype": "*",
"ext-iconv": "*",
"sensio/framework-extra-bundle": "^5.1",
"symfony/asset": "*",
"symfony/console": "*",
"symfony/dotenv": "*",
"symfony/expression-language": "*",
"symfony/flex": "^1.3.1",
"symfony/form": "*",
"symfony/framework-bundle": "*",
"symfony/http-client": "*",
"symfony/intl": "*",
"symfony/mailer": "*",
"symfony/monolog-bundle": "^3.1",
"symfony/orm-pack": "*",
"symfony/process": "*",
"symfony/security-bundle": "*",
"symfony/serializer-pack": "*",
"symfony/translation": "*",
"symfony/twig-pack": "*",
"symfony/validator": "*",
"symfony/web-link": "*",
"symfony/yaml": "*"
},
"require-dev": {
"symfony/debug-pack": "*",
"symfony/maker-bundle": "^1.0",
"symfony/profiler-pack": "*",
"symfony/test-pack": "*"
},
"config": {
"preferred-install": {
"*": "dist"
},
"sort-packages": true
},
"autoload": {
"psr-4": {
"App\\": "src/"
}
},
"autoload-dev": {
"psr-4": {
"App\\Tests\\": "tests/"
}
},
"replace": {
"paragonie/random_compat": "2.*",
"symfony/polyfill-ctype": "*",
"symfony/polyfill-iconv": "*",
"symfony/polyfill-php71": "*",
"symfony/polyfill-php70": "*",
"symfony/polyfill-php56": "*"
},
"scripts": {
"auto-scripts": {
"cache:clear": "symfony-cmd",
"assets:install %PUBLIC_DIR%": "symfony-cmd"
},
"post-install-cmd": [
"@auto-scripts"
],
"post-update-cmd": [
"@auto-scripts"
]
},
"conflict": {
"symfony/symfony": "*"
},
"extra": {
"symfony": {
"allow-contrib": false,
"require": "4.4.*"
}
}
}
now if you add "symfony/monolog-bridge": "^5.0" dependency and composer update you'd get
$ composer update
Loading composer repositories with package information
Updating dependencies (including require-dev)
Restricting packages listed in "symfony/symfony" to "4.4.*"
Your requirements could not be resolved to an installable set of packages.
Problem 1
- The requested package symfony/monolog-bridge ^5.0 exists as symfony/monolog-bridge[4.4.x-dev, v4.4.0, v4.4.0-BETA1, v4.4.0-BETA2, v4.4.0-RC1, v4.4.1] but these are rejected by your constraint.
Problem 2
- symfony/monolog-bundle v3.5.0 requires symfony/monolog-bridge ~3.4 || ~4.0 || ^5.0 -> satisfiable by symfony/monolog-bridge[4.4.x-dev, v4.4.0, v4.4.0-BETA1, v4.4.0-BETA2, v4.4.0-RC1, v4.4.1] but these conflict with your requirements or minimum-stability.
- symfony/monolog-bundle v3.5.0 requires symfony/monolog-bridge ~3.4 || ~4.0 || ^5.0 -> satisfiable by symfony/monolog-bridge[4.4.x-dev, v4.4.0, v4.4.0-BETA1, v4.4.0-BETA2, v4.4.0-RC1, v4.4.1] but these conflict with your requirements or minimum-stability.
- symfony/monolog-bundle v3.4.0 requires symfony/monolog-bridge ~3.4|~4.0 -> satisfiable by symfony/monolog-bridge[4.4.x-dev, v4.4.0, v4.4.0-BETA1, v4.4.0-BETA2, v4.4.0-RC1, v4.4.1] but these conflict with your requirements or minimum-stability.
- symfony/monolog-bundle v3.3.1 requires symfony/monolog-bridge ~2.7|~3.3|~4.0 -> satisfiable by symfony/monolog-bridge[4.4.x-dev, v4.4.0, v4.4.0-BETA1, v4.4.0-BETA2, v4.4.0-RC1, v4.4.1] but these conflict with your requirements or minimum-stability.
- symfony/monolog-bundle v3.3.0 requires symfony/monolog-bridge ~2.7|~3.3|~4.0 -> satisfiable by symfony/monolog-bridge[4.4.x-dev, v4.4.0, v4.4.0-BETA1, v4.4.0-BETA2, v4.4.0-RC1, v4.4.1] but these conflict with your requirements or minimum-stability.
- symfony/monolog-bundle v3.2.0 requires symfony/monolog-bridge ~2.7|~3.0|~4.0 -> satisfiable by symfony/monolog-bridge[4.4.x-dev, v4.4.0, v4.4.0-BETA1, v4.4.0-BETA2, v4.4.0-RC1, v4.4.1] but these conflict with your requirements or minimum-stability.
- symfony/monolog-bundle v3.1.2 requires symfony/monolog-bridge ~2.7|~3.0|~4.0 -> satisfiable by symfony/monolog-bridge[4.4.x-dev, v4.4.0, v4.4.0-BETA1, v4.4.0-BETA2, v4.4.0-RC1, v4.4.1] but these conflict with your requirements or minimum-stability.
- symfony/monolog-bundle v3.1.1 requires symfony/monolog-bridge ~2.7|~3.0|~4.0 -> satisfiable by symfony/monolog-bridge[4.4.x-dev, v4.4.0, v4.4.0-BETA1, v4.4.0-BETA2, v4.4.0-RC1, v4.4.1] but these conflict with your requirements or minimum-stability.
- symfony/monolog-bundle v3.1.0 requires symfony/monolog-bridge ~2.7|~3.0 -> no matching package found.
- Installation request for symfony/monolog-bundle ^3.1 -> satisfiable by symfony/monolog-bundle[v3.1.0, v3.1.1, v3.1.2, v3.2.0, v3.3.0, v3.3.1, v3.4.0, v3.5.0].
Potential causes:
- A typo in the package name
- The package is not available in a stable-enough version according to your minimum-stability setting
see <https://getcomposer.org/doc/04-schema.md#minimum-stability> for more details.
- It's a private package and you forgot to add a custom repository to find it
Read <https://getcomposer.org/doc/articles/troubleshooting.md> for further common problems.
The question remains - how symfony knows that package should be restricted by v4.4
回答1:
As far as I know Flex uses the list of components from the symfony/symfony metapackage, according to the message in your output:
Restricting packages listed in "symfony/symfony" to "4.4.*"
You can find the list of packages in the corresponding composer.json or on packagist:
- https://packagist.org/packages/symfony/symfony
- https://github.com/symfony/symfony/blob/master/composer.json#L38-L100
This is the current list for 4.4.1:
symfony/asset: v4.4.1
symfony/amazon-mailer: v4.4.1
symfony/browser-kit: v4.4.1
symfony/cache: v4.4.1
symfony/config: v4.4.1
symfony/console: v4.4.1
symfony/css-selector: v4.4.1
symfony/dependency-injection: v4.4.1
symfony/debug: v4.4.1
symfony/debug-bundle: v4.4.1
symfony/doctrine-bridge: v4.4.1
symfony/dom-crawler: v4.4.1
symfony/dotenv: v4.4.1
symfony/error-handler: v4.4.1
symfony/event-dispatcher: v4.4.1
symfony/expression-language: v4.4.1
symfony/filesystem: v4.4.1
symfony/finder: v4.4.1
symfony/form: v4.4.1
symfony/framework-bundle: v4.4.1
symfony/google-mailer: v4.4.1
symfony/http-client: v4.4.1
symfony/http-foundation: v4.4.1
symfony/http-kernel: v4.4.1
symfony/inflector: v4.4.1
symfony/intl: v4.4.1
symfony/ldap: v4.4.1
symfony/lock: v4.4.1
symfony/mailchimp-mailer: v4.4.1
symfony/mailer: v4.4.1
symfony/mailgun-mailer: v4.4.1
symfony/messenger: v4.4.1
symfony/mime: v4.4.1
symfony/monolog-bridge: v4.4.1
symfony/options-resolver: v4.4.1
symfony/postmark-mailer: v4.4.1
symfony/process: v4.4.1
symfony/property-access: v4.4.1
symfony/property-info: v4.4.1
symfony/proxy-manager-bridge: v4.4.1
symfony/routing: v4.4.1
symfony/security: v4.4.1
symfony/security-core: v4.4.1
symfony/security-csrf: v4.4.1
symfony/security-guard: v4.4.1
symfony/security-http: v4.4.1
symfony/security-bundle: v4.4.1
symfony/sendgrid-mailer: v4.4.1
symfony/serializer: v4.4.1
symfony/stopwatch: v4.4.1
symfony/templating: v4.4.1
symfony/translation: v4.4.1
symfony/twig-bridge: v4.4.1
symfony/twig-bundle: v4.4.1
symfony/validator: v4.4.1
symfony/var-dumper: v4.4.1
symfony/var-exporter: v4.4.1
symfony/web-link: v4.4.1
symfony/web-profiler-bundle: v4.4.1
symfony/web-server-bundle: v4.4.1
symfony/workflow: v4.4.1
symfony/yaml: v4.4.1
As for symfony/monolog-bundle, which is not in the list, it will be installed in a version which does not conflict with other packages. In other words it will be installed in whatever version fits best for Symfony 4.
来源:https://stackoverflow.com/questions/59166939/how-composer-extra-symfony-require-restriction-is-enforced