Download the PHP package danielbachhuber/composer-lock-updater without Composer
On this page you can find all versions of the php package danielbachhuber/composer-lock-updater. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download danielbachhuber/composer-lock-updater
More information about danielbachhuber/composer-lock-updater
Files in danielbachhuber/composer-lock-updater
Package composer-lock-updater
Short Description Run composer-lock-updater in your CI system for bot-powered composer.lock pull requests.
License MIT
Informations about the package composer-lock-updater
composer-lock-updater
Run composer-lock-updater in your CI system for bot-powered composer.lock
pull requests.
When you run clu
, it:
- Clones a given git repository to a working
/tmp/
directory. - Runs
composer update
within the working directory. - Submits a pull request if changes are detected to a tracked
composer.lock
file.
Et voila! Now your dependencies are no longer six months out of date.
composer-lock-updater is different than dependabot in that it bundles all of your updates into one pull request, instead of creating separate pull requests for each dependency.
Integrate with Travis CI
Installing
composer-lock-updater is a PHP library that can be installed with Composer:
composer global require danielbachhuber/composer-lock-updater
composer-lock-updater depends on composer
and git
being available on the system. For use with GitHub, also install the official hub
CLI tool. For use with GitLab, you can use the unofficial lab
CLI tool that emulates hub
.
Both hub
and lab
will need to be authenticated with their respective services in order to create the pull/merge requests.
Support for other providers
Copy Terminus Bitbucket Plugin, create the following clu-config.json
:
Using
Run composer-lock-updater within an existing GitHub repository with:
clu
composer-lock-updater defaults to using git config --get remote.origin.url
. If you'd like to specify a different value, either pass the repository URL as the first positional argument or define a CLU_GIT_URL
environment variable.
To use composer-lock-updater with a GitLab repository, use:
clu --provider=gitlab
composer-lock-updater also supports the following environment variables to modify its behavior:
CLU_COMPOSER_INSTALL_ARGS
: Arguments passed tocomposer install
; defaults to--no-dev --no-interaction
.CLU_COMPOSER_UPDATE_ARGS
: Arguments passed tocomposer update
; defaults to--no-progress --no-dev --no-interaction
.CLU_GIT_NAME
: Name used for Git commits; defaults to 'composer-lock-update'.CLU_GIT_EMAIL
: Email used for Git commits; defaults to 'composer-lock-update@localhost'.
Integrate with Travis CI
This wouldn't be very useful if it didn't run automatically for you.
To configure composer-lock-updater to run on Travis master branch builds, add the following to your .travis.yml
file:
To grant commit and pull request access to the Travis build, define these private environment variables in the Travis control panel:
GITHUB_TOKEN=<personal-oauth-token>
CLU_REPO_URL=https://<personal-oauth-token>:[email protected]/<org>/<repo>.git
Make sure to replace <personal-oauth-token>
, <org>
and <repo>
with the appropriate values.
Lastly, because of the CLU_RUN
environment variable, composer-lock-updater is disabled by default. Enable it for one job per build by modifying your environment matrix:
matrix:
include:
- php: 7.1
env: WP_VERSION=latest PHP_APCU=enabled CLU_RUN=1
- php: 7.0
env: WP_VERSION=latest PHP_APCU=enabled
- php: 5.6
env: WP_VERSION=latest PHP_APCU=enabled
Because composer-lock-updater is running on the after_script
step, make sure to verify it's working correctly, because it won't fail your build if misconfigured.