composer-check-updates logo

ComposerCheckUpdates

Update your dependencies in composer.json to their latest version.

ComposerCheckUpdates, inspired by NPM’s npm-check-updates.

It will read your composer.json, and check for the latest release of each dependency, and update your composer.json to match it.

Whilst this package does strip out semver tags when writing to your composer.json, you will most likely be using this package in the CI, thus updating dependencies as soon as a new version is released, thus rendering semver useless in this scenario, although, whilst semver is a guideline, not everyone adheres to it. It is my opinion that it is best to use a specific version and only that version of a dependency, which was one of the leading decisions to stripping semver tags, alongside the logic needed to account for it didn’t outweight the points I just mentioned.

Table of Contents

Quick Start

You will need to have deno installed: https://deno.land/manual@v1.13.2/getting_started/installation

$ deno run --allow-read=composer.json --allow-write=composer.json --allow-net=github.com https://deno.land/x/composer_check_updates@v2.0.0/check.ts
$ composer install # refresh composer.lock

This was mainly built so it can be a step in a workflow, to automatically bump your dependencies:

name: bumper
on:
  schedule:
    - cron: '0 0 * * 0' # every Saturday at midnight

jobs:
  update-dep:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2

      - uses: denoland/setup-deno@v1
        with:
          deno-version: 'vx.x.x'

      - name: Update Dependencies
        run: |
          deno run --allow-read=composer.json --allow-write=composer.json --allow-net=github.com https://deno.land/x/composer_check_updates@v2.0.0/check.ts
          composer install # refresh composer.lock

      - name: Create Pull Request
        uses: peter-evans/create-pull-request@v3
        with:
          token: ${{ secrets.CI_USER_PAT }}
          commit-message: "chore: Update dependencies"
          title: "chore: Update dependencies"
          labels: |
            chore
          body: This was auto-generated by GitHub Actions.
          branch: update-dependencies

License

By contributing your code, you agree to license your contribution under the MIT License.