dunglas/symfony-lock

Enforces that all Symfony components use the same major version

Locking a Symfony Project to a Specific Major Version of the Framework

Deprecation notice: Symfony Flex now natively support this feature, you can use it in your CI instead directly. This package is no longer maintained., _(*1)

Using symfony/symfony makes Composer install all Symfony Components, all in the same version. But when using the standalone packages (the Symfony Flex way), Composer might install dependencies in a different major version (symfony/http-kernel v2.8 and symfony/event-dispatcher v3.4 for instance, usually because another dependency of the project is not compatible with Symfony 3.0)., _(*2)

This Composer package allows you to enforce a consistent major version on all Symfony Components, whether they are explicitly listed as a project's dependency or installed transitively., _(*3)

For instance when using dunglas/symfony-lock:^4, if a package cannot be installed in v4.0, but only in v3.4 (usually because of another library not supporting Symfony 4), a conflict will be generated., _(*4)

Note that this package is meant to be used by library authors in their continuous integration systems. It should NOT be added directly to the project's composer.json., _(*5)

Difference with symfony/lts

symfony/lts enforces that your project don't use use a version not released as a LTS, but does not enforce that all your Symfony packages are in the same major version. For instance, when using symfony/lts v3, some packages can be installed in version 3.4, and some others in version 2.8., _(*6)

Usage

Use the Composer command line:, _(*7)

composer require dunglas/symfony-lock v4