Code composer

Composer update vs install

During an interview today I was presented with a relative simple question. What is the difference between composer update and composer install. Easy!… Well so I thought. I know when to use the 2 different options. But I didn’t know the reasons why. Maybe I read it once and forgot, maybe I didn’t. So here is a basic difference of the 2 and when to use them.

Composer install works in 2 ways.

  1. if it is the first time that it has been run, it will fetch the most recent copies of your dependency based on what you have specified in your composer.json.
  2. The second way it can be used is if you have an existing composer.lock file. It will download the dependencies as stated in the lock file. The reason you would do this is when deploying to production. This way it will install the same version of a dependency as your local version. That is if the composer.lock file is added to the repository.

Composer update

This works in a much simpler way. It will go and fetch all the most recent updates for your dependencies. If you currently have version 1.2 and 1.3 has been release, it will go and get 1.3 (that is if your composer.json allows that). So it works much in the same way as composer install when there is no lock file.