In my project I have some Composer vendor libraries that have been manually edited; my purpose is to restore them to the original state, on my development machine.
I unfortunately triggered a composer update so I don't have a correct composer.lock anymore (it has been updated). I got the composer.lock from our production system (that had the same libraries version of the old development composer.lock).
After replacing the new composer.lock with the old one, what should I execute for being sure to have the same environment as before?
Should composer install be enough to reinstall the old versions of the dependencies? (after removing the old Composer vendor/ directory)
I want to reinstall without getting any newer version.
And, in future cases where I will avoid to perform a composer update, what should I have triggered for restoring a vendor library after a manual edit of it?
"Yes, composer install will use the composer.lock file"
I just restored the composer.lock from my production system and then performed a composer install.
As stated from Édipo Costa Rebouças, if we commit the composer.lock to our repository every time we update it then we will always have the right reference to the correct versions of the dependencies.