maintenance/checkComposerLockUpToDate.php

   1 <?php
   2
   3 require_once __DIR__ . '/Maintenance.php';
   4
   5 use Composer\Semver\Semver;
   6
   7 /**
   8  * Checks whether your composer-installed dependencies are up to date
   9  *
  10  * Composer creates a "composer.lock" file which specifies which versions are installed
  11  * (via `composer install`). It has a hash, which can be compared to the value of
  12  * the composer.json file to see if dependencies are up to date.
  13  */
  14 class CheckComposerLockUpToDate extends Maintenance {
  15         public function __construct() {
  16                 parent::__construct();
  17                 $this->addDescription(
  18                         'Checks whether your composer.lock file is up to date with the current composer.json' );
  19         }
  20
  21         public function execute() {
  22                 global $IP;
  23                 $lockLocation = "$IP/composer.lock";
  24                 $jsonLocation = "$IP/composer.json";
  25                 if ( !file_exists( $lockLocation ) ) {
  26                         // Maybe they're using mediawiki/vendor?
  27                         $lockLocation = "$IP/vendor/composer.lock";
  28                         if ( !file_exists( $lockLocation ) ) {
  29                                 $this->fatalError(
  30                                         'Could not find composer.lock file. Have you run "composer install --no-dev"?'
  31                                 );
  32                         }
  33                 }
  34
  35                 $lock = new ComposerLock( $lockLocation );
  36                 $json = new ComposerJson( $jsonLocation );
  37
  38                 // Check all the dependencies to see if any are old
  39                 $found = false;
  40                 $installed = $lock->getInstalledDependencies();
  41                 foreach ( $json->getRequiredDependencies() as $name => $version ) {
  42                         if ( isset( $installed[$name] ) ) {
  43                                 if ( !SemVer::satisfies( $installed[$name]['version'], $version ) ) {
  44                                         $this->output(
  45                                                 "$name: {$installed[$name]['version']} installed, $version required.\n"
  46                                         );
  47                                         $found = true;
  48                                 }
  49                         } else {
  50                                 $this->output( "$name: not installed, $version required.\n" );
  51                                 $found = true;
  52                         }
  53                 }
  54                 if ( $found ) {
  55                         $this->fatalError(
  56                                 'Error: your composer.lock file is not up to date. ' .
  57                                         'Run "composer update --no-dev" to install newer dependencies'
  58                         );
  59                 } else {
  60                         // We couldn't find any out-of-date dependencies, so assume everything is ok!
  61                         $this->output( "Your composer.lock file is up to date with current dependencies!\n" );
  62                 }
  63         }
  64 }
  65
  66 $maintClass = CheckComposerLockUpToDate::class;
  67 require_once RUN_MAINTENANCE_IF_MAIN;