如何解释 Composer 的错误日志?

2022-01-21 00:00:00 php composer-php

我在网上做了很多研究,但没有找到作曲家错误日志的文档.在我发现的讨论中,没有人给出与错误日志一致的解释.例如:

  • 【支持】需要说明结论:不要安装..."
  • 为什么作曲家说结论:不要安装"什么时候(似乎)没有障碍物存在?

我知道,composer 可以做什么并且可以自己解决问题,但我经常需要咨询 packagist.org.尽管非常(并且不必要)冗长,作曲家日志只给了我一些提示.它并没有真正指出具体的问题.

有没有人知道完整的文档或者如何解释日志背后的原因,也许以上面的为例?

解决方案

Composer 的文档可以在 getcomposer.org/找到doc,尤其是 Troubleshooting 部分.通常依赖问题来自于你的 composer.json 的错误配置,而理解 Composer 日志来自于经验或通过反复试验学习.记录数百个可能的错误可能很快就会过时.如果您认为某些特定错误不够清楚,您可以随时提出 新建议Composer 的 GitHub 页面.

正如链接中的建议 GitHub 问题,结论:不要安装"消息它可能与 minimum-stability 中定义的要求有关.另一个 linked question 可能与 Composer 的错误有关,如 GH-7215.

错误

这是一个解释 Composer 常见错误的小指南:

  • <块引用>

    只能安装一个:org/package[x.y.z, X.Y.Z].

    如果您看到此消息,这可能是依赖性问题的主要原因.这基本上意味着根据 Composer 的依赖关系计算,这两个版本都是必需的,但只能安装一个主要版本(您不能同时拥有 x.y.z 和 X.Y.Z,除非您将配置拆分为不同的文件夹).要查看 why 这些包是必需的,请使用 composer why/depends 命令并相应地调整依赖关系.

    请参阅:如何解决只能安装其中一个:"冲突? &运行composer install时如何解决两个包需求冲突?

  • <块引用>

    org/package2 的安装请求(锁定在 vX.Y.Z)

    此消息表示存在 org/package 的安装请求,但是它被锁定在 X.Y.Z.如果请求的版本与锁定的版本不兼容(如不同的主要版本),则不能同时安装两者.此消息通常与已经提到的只能安装一个"一起出现.一.因此,每当您看到locked at"时,这意味着 Composer 会从 composer.lock 文件中读取您安装的软件包版本.要解决问题,可以使用 composer why/depends 命令查找请求包的原因并调整兼容性,否则可以尝试删除 composer.lock 文件并从头开始(最好从空文件夹开始).

    请参阅:laravel/lumen-installer 安装失败:guzzlehttp/guzzle 锁定在 6.3.0

  • <块引用>

    org/package1 vx.y.z 冲突与 org/package2[vX.Y.Z].

    这是一个与上面类似的问题,两个包发生冲突,您需要手动解决依赖关系.阅读消息的整个上下文可能会给您更多线索.检查依赖关系树也可能有帮助(composer show -t).

  • <块引用>

    与您的要求或最低稳定性

    冲突

    这条消息的意思是它的意思,所以你应该检查所需的版本和/或你的最低稳定性设置.

这可能是由于软件包被标记为不稳定而您的要求是仅稳定".请参阅:但这些与您的要求或最低稳定性相冲突

或者因为与其他已安装的包冲突.请参阅:如何识别阻止 Composer 安装最新版本软件包的原因?.

对于任何其他错误,请查看官方 Composer 的故障排除页面.

疑难解答

这里有更多关于如何解决 Composer 依赖问题的建议:

  • 在您的命令中添加 -v/-vv/-vvv 参数以获得更详细的输出.
  • 运行 composer diagnostic 以检查常见错误以帮助调试问题.
  • 如果您看到锁定在 x.y.z";消息,它与锁定在 composer.lock 中的包有关.
  • 在空文件夹中测试您的 composer.json.
  • 将您的 composer.json 保持在最低限度.
  • 运行 composer show -t 来查看你当前的依赖树.
  • 运行composer show -a org/package x.y.z查看包的详细信息.
  • 欢迎在 Stack Overflow 提出新问题.

要全面调试 Composer 的依赖问题,您可以:

  • 分析或修改源代码(例如DependencyResolver/Problem.php).
  • 在 XDebug 下运行 Composer,通过断点或生成完整或部分跟踪文件.

解释常见错误的有用线程:

  • 如何解决只能安装一个:"冲突?
  • composer.json 无法解析可安装的软件包集
  • 在依赖项被锁定时发现最新版本的 Composer 包
  • 尝试安装 php-jwt 时遇到 auth0 问题
  • 参考 - Composer 错误您的 PHP 版本不满足要求";升级PHP后
  • 如何识别阻止 Composer 安装最新版本软件包的原因?

I did a lot of research on the web, but did not find a documentation of the composer error log. In the discussions I found, nobody had an explanation that was consistent with the error log. For example:

  • [Support] Need explanation for "Conclusion: don't install ..."
  • Why composer says "Conclusion: don't install" when (seemingly) no obstacles are present?

I know, what composer does and can resolve issues on my own, but I often have to consult packagist.org for this. Despite being quite (and unnecessarily) verbose, the composer log only gives me some hints. It does not really point out the concrete problems.

Does anyone know of a complete documentation or how to explain the reasoning behind the logs, maybe taking the above ones as an example?

解决方案

Documentation of Composer can be found at getcomposer.org/doc, especially Troubleshooting section. Usually the dependency problems comes from misconfiguration of your composer.json and understanding Composer logs comes with experience or learning on trial and error. Documenting every possible errors out of hundreds can become quickly outdated. If you believe some specific error isn't clear enough, you can always raise a new suggestion at the Composer's GitHub page.

As suggested in linked GitHub issue, "Conclusion: don't install" message it could be related to requirements defined in minimum-stability. Another linked question could be related to Composer's bug as reported at GH-7215.

Errors

Here is a small guide explaining the common Composer's errors:

  • Can only install one of: org/package[x.y.z, X.Y.Z].

    If you see this messages, that could be the main cause of the dependency issue. It basically means that based on the Composer's dependency calculation both of these versions are required, but only one major version can be installed (you cannot have both x.y.z and X.Y.Z, unless you split your configuration for different folders). To see why these packages are required, use the composer why/depends command and adjust the dependencies accordingly.

    See: How to resolve a "Can only install one of:" conflict? & How to solve two packages requirements conflicts when running composer install?

  • Installation request for org/package2 (locked at vX.Y.Z)

    This message means that there was an installation request for org/package, however, it is locked at X.Y.Z. If the requested version is not compatible with the locked version (like a different major version), you cannot install both. This message often comes along with already mentioned "Can only install one" one. So, whenever you see "locked at", that means Composer reads your installed package version from the composer.lock file. To troubleshoot, you can use composer why/depends command to find why the package was requested and adjust the compatibility, otherwise, you may try to remove composer.lock file and start from scratch (ideally from the empty folder).

    See: Installation failed for laravel/lumen-installer: guzzlehttp/guzzle locked at 6.3.0

  • org/package1 vx.y.z conflicts with org/package2[vX.Y.Z].

    It is a similar issue as above where two packages are conflicting and you need to solve the dependency manually. Reading the whole context of the message may give you some more clues. Checking the dependency tree may also help (composer show -t).

  • conflict with your requirements or minimum-stability

    This message means as it reads, so you should check the required version and/or your minimum-stability settings.

This can be caused by a package being marked as non-stable and your requirements being "stable only. See: But these conflict with your requirements or minimum-stability

Or because of conflicts with other installed packages. See: How to identify what is preventing Composer from installing latest version of a package?.

For any other errors, check out the official Composer's Troubleshooting page.

Troubleshooting

Here are more suggestions how to troubleshoot the Composer dependency issues in general:

  • Add -v/-vv/-vvv parameter to your command for more verbose output.
  • Run composer diagnose to check for common errors to help debugging problems.
  • If you seeing "locked at x.y.z" messages, it relates to packages locked in your composer.lock.
  • Test your composer.json on the empty folder.
  • Keep your composer.json to minimum.
  • Run composer show -t to see your current dependency tree.
  • Run composer show -a org/package x.y.z to check the details about the package.
  • Feel free to ask a new question at Stack Overflow.

To fully debug Composer's dependency problem, you can:

  • Analyse or modify the source code (e.g. DependencyResolver/Problem.php).
  • Run Composer under XDebug, either by the breakpoint or generating a full or partial trace file.

Useful threads explaining common errors:

  • How to resolve a "Can only install one of:" conflict?
  • composer.json fails to resolve installable set of package
  • Discover latest versions of Composer packages when dependencies are locked
  • When trying to install php-jwt facing trouble with auth0
  • Reference - Composer error "Your PHP version does not satisfy requirements" after upgrading PHP
  • How to identify what is preventing Composer from installing latest version of a package?

相关文章