ion-bazan/composer-diff

Compares composer.lock changes and generates Markdown report so you can use it in PR description.

Fund package maintenance!
IonBazan

Installs: 4 803

Dependents: 0

Suggesters: 0

Security: 0

Stars: 40

Watchers: 2

Forks: 2

Open Issues: 0

Type:composer-plugin

v1.4.0 2021-11-05 05:36 UTC

This package is auto-updated.

Last update: 2021-12-02 04:02:42 UTC


README

PHP 5.3+ | 7.x | 8.x Composer v1 | v2 Dependencies: 0 Latest version GitHub Workflow Status Codecov Mutation testing badge Downloads License

Generates packages changes report in Markdown format by comparing composer.lock files. Compares with last-commited changes by default.

Now available as GitHub Action!

preview

Installation

composer global require ion-bazan/composer-diff

Usage

composer diff # Displays packages changed in current git tree compared with HEAD
composer diff --help # Display detailed usage instructions

Example output

Prod Packages Operation Base Target
psr/event-dispatcher New - 1.0.0
symfony/deprecation-contracts New - v2.1.2
symfony/event-dispatcher Upgraded v2.8.52 v5.1.2
symfony/event-dispatcher-contracts New - v2.1.2
symfony/polyfill-php80 New - v1.17.1
php New - >=5.3
Dev Packages Operation Base Target
phpunit/php-code-coverage Downgraded 8.0.2 7.0.10
phpunit/php-file-iterator Downgraded 3.0.2 2.0.2
phpunit/php-text-template Downgraded 2.0.1 1.2.1
phpunit/php-timer Downgraded 5.0.0 2.1.2
phpunit/php-token-stream Downgraded 4.0.2 3.1.1
phpunit/phpunit Downgraded 9.2.5 8.5.8
sebastian/code-unit-reverse-lookup Downgraded 2.0.1 1.0.1
sebastian/comparator Downgraded 4.0.2 3.0.2
sebastian/diff Downgraded 4.0.1 3.0.2
sebastian/environment Downgraded 5.1.1 4.2.3
sebastian/exporter Downgraded 4.0.1 3.1.2
sebastian/global-state Downgraded 4.0.0 3.0.0
sebastian/object-enumerator Downgraded 4.0.1 3.0.3
sebastian/object-reflector Downgraded 2.0.1 1.1.1
sebastian/recursion-context Downgraded 4.0.1 3.0.0
sebastian/resource-operations Downgraded 3.0.1 2.0.1
sebastian/type Downgraded 2.1.0 1.1.3
sebastian/version Downgraded 3.0.0 2.0.1
phpunit/php-invoker Removed 3.0.1 -
sebastian/code-unit Removed 1.0.3 -

Options

  • --base (-b) - path, URL or git ref to original composer.lock file
  • --target (-t) - path, URL or git ref to modified composer.lock file
  • --no-dev - ignore dev dependencies (require-dev)
  • --no-prod - ignore prod dependencies (require)
  • --with-platform (-p) - include platform dependencies (PHP, extensions, etc.)
  • --with-links (-l) - include compare/release URLs
  • --format (-f) - output format (mdtable, mdlist, json) - default: mdtable
  • --gitlab-domains - custom gitlab domains for compare/release URLs - default: use composer config

Advanced usage

composer diff master # Compare current composer.lock with the one on master branch
composer diff master:composer.lock develop:composer.lock -p # Compare master and develop branches, including platform dependencies
composer diff --no-dev # ignore dev dependencies
composer diff -p # include platform dependencies
composer diff -f json # Output as JSON instead of table

Strict mode

To help you control your dependencies, you may pass --strict option when running in CI. If there are any changes detected, a non-zero exit code will be returned.

Exit code of the command is built using following bit flags:

  • 0 - OK.
  • 1 - General error.
  • 2 - There were changes in prod packages.
  • 4 - There were changes is dev packages.
  • 8 - There were downgrades in prod packages.
  • 16 - There were downgrades in dev packages.

You may check for individual flags or simply check if the status is greater or equal 8 if you don't want to downgrade any package.

Similar packages

While there are several existing packages offering similar functionality:

This package offers:

  • Support for wide range of PHP versions, starting from 5.3.2 up to 8.0 and newer.
  • No dependencies if you run it as composer plugin.
  • Both standalone executable and composer plugin interface - you choose how you want to use it.
  • Allows generating reports in several formats.
  • Extra Gitlab domains support.
  • GitHub Action with example workflow
  • 100% test coverage.
  • MIT license.