Automated Dependency Updates for Composer
Categories: php
Renovate supports updating Composer dependencies.
File Matching¶
By default, Renovate will check any files matching the following regular expression: (^|/)([\w-]*)composer\.json$
.
For details on how to extend a manager's fileMatch
value, please follow this link.
Supported datasources¶
This manager supports extracting the following datasources: bitbucket-tags
, git-tags
, packagist
.
Default config¶
{
"fileMatch": [
"(^|/)([\\w-]*)composer\\.json$"
],
"versioning": "composer"
}
Additional Information¶
Extracts dependencies from composer.json
files, and keeps the associated composer.lock
file updated too.
If you use VCS repositories then Renovate needs a hint via the name
property, which must match the relevant package.
For example, the package acme/foo
would need an entry in repositories similar to the following:
{
"name": "acme/foo",
"type": "vcs",
"url": "http://vcs-of-acme.org/acme/foo.git"
}
Open items¶
The below list of features and bugs were current when this page was generated on October 12, 2024.
Feature requests¶
- Composer: support non-semver versions #28298
- Support Composer v2 canonical settings #20201
- Automated updates for
config.platform.php
field in composer #13676 - Composer global configuration #11980
- Support composer packages in repositories with type path #11674
- Composer local package support #8176
Bug reports¶
- Composer: unsupported value if != constraint used #31504