rector / jack
Jack helps you incrementally update your `composer.json` dependencies, ensuring your project stays current without the chaos of outdated packages
Fund package maintenance!
tomasvotruba
www.paypal.me/rectorphp
Installs: 8 029
Dependents: 6
Suggesters: 0
Security: 0
Stars: 37
Watchers: 4
Forks: 1
Open Issues: 1
Requires
- php: >=7.2
README
Experimental: Jack is an experimental project under active development. It is not yet stable, may contain bugs or undergo breaking changes. It's build it in the open with the community feedback.
In real world, "jack" is a tool that helps to raise your heavy car one inch at a time. So you can fix any issues down there and drive safely on journeys to come.
In Composer world, Jack helps you to raise dependencies one version at a time, safely and steadily.
Say goodbye to unnoticed, years-old dependencies!
Why Jack?
Manually upgrading dependencies can be daunting, especially when tackling multiple outdated packages at once. Large upgrades often lead to errors, compatibility issues, and costly delays.
Jack automates and simplifies this process by:
- Monitoring outdated dependencies via CI.
- Gradually opening up package versions for safe updates.
- Prioritizing low-risk updates (e.g., dev dependencies).
Install
Rector Jack is downgraded and scoped. It requires PHP 7.2+ and can be installed on any legacy project.
composer require rector/jack --dev
Then, pick from three powerful commands:
1. Too many Outdated Dependencies? Let CI tell us
Postponing upgrades often results in large, risky jumps (e.g., updating once a 3 years). Jack integrates with your CI pipeline to catch outdated dependencies early.
Run the breakpoint
command to check for outdated major packages:
vendor/bin/jack breakpoint
↓
If there are more than 5 major outdated packages, the CI will fail.
Use --limit
to raise or lower your bar:
vendor/bin/jack breakpoint --limit 3
This ensures upgrades stay on your radar without overwhelming you. No more "oops, our 30 dependencies are 5 years old" moments!
It's safer to start upgrading dev packages first. You can spot them like this:
vendor/bin/jack breakpoint --dev
2. Open up Next Versions
We know we're behind the latest versions of our dependencies, but where to start? Which versions should be force to update first? We can get lot of conflicts if we try to bump wrong end of knot.
Instead, let Composer handle it. How? We open-up package versions to the next version:
vendor/bin/jack open-versions
This command opens up 5 versions to their next nearest step, e.g.:
{ "require": { "php": "^7.4", - "symfony/console": "5.1.*" + "symfony/console": "5.1.*|5.2.*" }, "require-dev": { - "phpunit/phpunit": "^9.0" + "phpunit/phpunit": "^9.0|^10.0" } } }
Then we run Composer to do the work:
composer update
If no blockers exist, Composer will update packages to their next version.
To change the number of packages, use --limit
option:
vendor/bin/jack open-versions --limit 3
To upgrade only specific group of packages, use --package-prefix
option:
vendor/bin/jack open-versions --package-prefix symfony
To preview changes without modifying composer.json
, add --dry-run
.
Do you want to play it safe? Try low-risk dev packages first:
vendor/bin/jack open-versions --dev
3. Raise to Installed Versions
Sometimes, we get to an opposite situation. Our dependencies are quite new, but our composer.json
is a outdated:
Here we can see that:
illuminate/container
12.0 is allowed, but we already use 12.14symfony/finder
6.4 is allowed, but we already use 7.2
If someone runs composer update
, they might get unnecessary older dependencies than we can handle. Also, we're self-deprecating out project by signalling old dependencies we don't even use.
Instead, we should raise our composer.json
to the installed versions:
{ "require": { "php": "^7.4", - "illuminate/container": "^12.0", + "illuminate/container": "^12.14", // ... - "symfony/finder": "^6.4|^7.2", + "symfony/finder": "^7.2", // ... } }
That's exactly what following command does:
vendor/bin/jack raise-to-installed
To see changes first without applying, add --dry-run
.
Happy coding!