Search code examples
phpcomposer-php

Is it possible to hide unwanted major versions from the composer outdated output?

In symfony projects my typical composer outdated output looks like this:

Direct dependencies required in composer.json:
aws/aws-sdk-php                    3.294.4     3.294.5 AWS SDK for PHP - Use Amazon Web Services in your PHP project
phpunit/phpunit                    9.6.15      10.5.3  The PHP Unit Testing framework.
symfony/asset                      v5.4.31     v7.0.0  Manages URL generation and versioning of web assets such as CSS stylesheets, JavaScript files and image files
symfony/browser-kit                v5.4.31     v7.0.0  Simulates the behavior of a web browser, allowing you to make requests, click on links and submit forms programmatically
symfony/console                    v5.4.32     v7.0.1  Eases the creation of beautiful and testable command line interfaces
symfony/css-selector               v5.4.26     v7.0.0  Converts CSS selectors to XPath expressions

Given that I only use symfony LTS versions - I'm not interested in seeing symfony/* packages >=7,<7.4.

Hence a question, is it possible to somehow write a constraint to not show symfony/*: >=7,<7.4 at all in the composer outdated output? While keeping all other packages.

Eg: for the output above I expect to see symfony/asset of v6.4.0.

Solution

  • outdate simply checks if there are updated packages there, according to your minimum-stability.

    The available options and filters are documented here, and are pretty straightforward: you could filter for major|minor|patch (but that does not match the LTS concept you are trying to filter for) or ignore a specific package or platform requirements.

    But not an arbitrary version range, nor the Symfony defined LTS stability.

    There is no "LTS" minimum-stability you can use (and if there were, it would conflict with every other package out there that does not use an LTS concept).

    "LTS" as a concept is completely foreign to Packagist. That information is stored only internally by the Symfony org, and not communicated to the package repository in any way (probably simply because, again, Packagist does not support -at least currently- the "LTS" stability idea).

    outdate does not even check if those packages are installable in your project as it is (e.g. it might show "foo/bar 4.0.0" which conflicts with "fizz/buzz 1.0.0", which one might have installed.

    It's not possible to filter using this data without writing some Composer plugin or some other script, maybe having it check the Symfony releases endpoint (https://symfony.com/releases.json, or https://symfony.com/releases/7.0.json) and use the information there to filter the output.