composer.lock records the exact versions that are installed. So that you are in the same versions with your co-workers.
composer install
- Check for
composer.lockfile - If not, auto generate
composer.lockfile (Usingcomposer update) - Install the specified versions recorded in the
composer.lockfile
composer update
- Go through the
composer.jsonfile - Check availability of newer (latest) versions, based on the version criteria mentioned (e.g. 1.12.*)
- Install the latest possible (according to above) versions
- Update
composer.lockfile with installed versions
So in a simple check list.
If you want to keep all co-workers in the same versions as you…
- Commit your
composer.lockto GIT (or vcs you have) - Ask others to get the that version of
composer.lockfile - Always use
composer installto get the correct dependencies
If you want to Upgrade the system dependencies to new versions
- Check the composer.json file for version specs.
- Do a
composer update - This will change the
composer.lockfile with newest versions - Commit it to the GIT (or vcs)
- Ask others to get it and
composer install
Following will be a very good reading
https://blog.engineyard.com/2014/composer-its-all-about-the-lock-file
Enjoy the power of composer.lock file!