why update package lock json lead to update package json? - dependabot

I want to update new version of trim-newlines in package-lock.json (don't have trim-newlines dependency in package.json) so I use npm i --package-lock-only trim-newlines.
I only want to update package-lock.json, why it also update package.json?

Related

Update package installed from git in Yarn 3

How to update a proprietary dependency installed from Git repo with Yarn 3?
package.json entry:
"#foo/utils": "git+https://gitlab+deploy-token-...:...#gitlab.com/foo/bar.git#ISSUE-6652-some-git-branch",
yarn up #foo/utils results in the following error:
➤ YN0027: #foo/utils#git+https://gitlab+deploy-token-...:...#gitlab.com/foo/bar.git#ISSUE-6652-some-git-branch can't be resolved to a satisfying range
Internal Error: The remote server failed to provide the requested resource
I need to update the package to latest commit in that branch and the only way I currently know is removing entry for this package manually from yarn.lock, but I guess that's not how things should be done.
It's not ideal since it's interactive, but you can run yarn up -i #foo/utils and choose "reuse" to force the package to resolve (and reinstall) from the same git source again.

can't install html-agility-pack when install Newtonsoft.Json

I want to know why i can't install your pakage with Newtonsoft.Json and get this error :
Severity Code Description Project File Line Suppression State
Error An error occurred while retrieving package metadata for 'Newtonsoft.Json.10.0.3' from source 'C:\Users\......\packages'. 0
I try to use from both of them in .net 4
And i try to install them from nuget package
anyway for install i can use from ignore dependence option in package manager > install and update option > dependence behavior but sometimes when app is running and i got error...
any solution ?
Delete Newtonsoft.Json.10.0.3 folder from c:\....\packages and remove it's line from packages.config then delete from project reference again install lower version.

PHP Composer "require" OR condition with version in future

I need to use a bugfix which has not been released yet. Can I use something like:
"bower-asset/yii2-pjax": "2.0.6 | dev-master#18a9183d578d81fb9dbb1c604daba48815c3ebd5 as 2.0.5"
or
"bower-asset/yii2-pjax": "2.0.6 | dev-master as 2.0.5"
in my composer.json? Where 2.0.6 is the stable version in future and dev-master#hash is the commit including the bugfix, now available in remote repo (#master).
While trying to install this package, I discovered that it has a dependency (thanks to lichunqiang).
Here is how to install the dependency and the package:
composer require "fxp/composer-asset-plugin:~1.1.1"
composer require "bower-asset/yii2-pjax:dev-master"
For some reason, composer require "bower-asset/yii2-pjax:2.0.6" does not work, it seems that composer-asset-plugin, the Composer plugin which is used to install the Bower asset does not find any corresponding version.
The current version of Composer is broken, it returns this error:
[ErrorException]
Illegal offset type in isset or empty
You can get back to the old version by rolling back:
composer self-update --rollback

My composer.json does not install new dependencies using composer update command

I am installing external dependencies using composer update command. The following is the section of the composer.json file in c:\xampp\htdocs\myproject\vendor\laravel\framework\ directory.
"require": {
"laravelcollective/html": "~5.0",
"matriphe/imageupload": "5.1.*"
"illuminate/html": "5.0.*#dev"
},
I am getting the following results after running the composer update command:
Loading composer repositories with package information
Updating dependencies (including require-dev)
Nothing to install or update
Writing lock file
Generating autoload files
I have also tried to create another require array in the composer.json and added the packages I want to install with no success.
The composer update command could not install any unstalled dependency using the composer update command. Even composer self-update did not solve the problem.
Kindly assist me, I have been stuck here for some days now trying all I would do but without success.
I am changing the composer.json under the following directory: c:\xampp\htdocs\myproject\vendor\laravel\framework\ Is this ok?
Don't change any files inside the vendor directory, they are managed by Composer. To install further packages use the composer.json in your project's directory.
And use composer install to install new packages as composer update will update already installed packages to newer versions (if available) too.
composer self-update just updates Composer itself.
You missed column after "matriphe/imageupload": "5.1.*", try to change it:
"require": {
"laravelcollective/html": "~5.0",
"matriphe/imageupload": "5.1.*",
"illuminate/html": "5.0.*#dev"
}

Composer install error after update to Cakephp 3.0.6

I just run composer update and Cakephp was updated to 3.0.6 version so after that when I'm trying to run composer install I'm getting this error:
Nothing to install or update
Generating autoload files
Script App\Console\Installer::postInstall handling the post-install-cmd event te
rminated with an exception
[InvalidArgumentException]
Maximum number of attempts must be a positive value.
Looks like a probably duplicate of Composer packages update but don't install
Composer updated the CakePHP version with the update. Nothing to install. So, you should be good, as long as there were no app-breaking changes for you in 3.0.6. https://adamcod.es/2013/03/07/composer-install-vs-composer-update.html tells how to lock your set-up so that you don't accidentally upgrade versions when you're not expecting it.