insite/composer-dangling-locked-deps

Detect dangling Composer locked dependencies

0.2.1 2020-11-16 13:45 UTC

This package is auto-updated.

Last update: 2021-04-30 08:00:06 UTC


README

This Composer plugin allows you to detect dangling locked dependencies.

That is dependencies that are present in your composer.lock file but are not actually required by your project or one of its dependencies.

This can happen, for example, when merging changes to composer.lock with conflicts; a dependency that has been removed from composer.json will not be correctly removed from composer.lock and will continue to be installed.

Install

composer require insite/composer-dangling-locked-deps --dev

Usage

composer dangling-locked-deps

You can then call composer remove on those dependencies.

GrumPHP task

This package also provides a GrumPHP task.

You can add it to your config like this:

---
parameters:
  extensions:
    - ComposerDanglingLockedDeps\GrumPHP\Loader
  tasks:
    composer_dangling_locked_deps: ~