Detect dangling Composer locked dependencies
This Composer plugin allows you to detect dangling locked dependencies.
That is dependencies that are present in your
but are not actually required by your project or one of its dependencies.
This can happen, for example, when merging changes to
composer.lock with conflicts;
a dependency that has been removed from
will not be correctly removed from
composer.lock and will continue to be installed.
composer require insite/composer-dangling-locked-deps --dev
You can then call
composer remove on those dependencies.
This package also provides a GrumPHP task.
You can add it to your config like this:
--- parameters: extensions: - ComposerDanglingLockedDeps\GrumPHP\Loader tasks: composer_dangling_locked_deps: ~