Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I run composer update in production server . then i got these message
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Root composer.json requires fideloper/proxy ^4.2, found fideloper/proxy[4.4.1] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 2
- Root composer.json requires firebase/php-jwt ^5.2, found firebase/php-jwt[v5.2.1] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 3
- Root composer.json requires fruitcake/laravel-cors ^2.0, found fruitcake/laravel-cors[v2.0.3] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 4
- Root composer.json requires guzzlehttp/guzzle ^7.2, found guzzlehttp/guzzle[7.2.0] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 5
- Root composer.json requires laravel/framework ^8.0, found laravel/framework[v8.28.1] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 6
- Root composer.json requires laravel/sanctum ^2.6, found laravel/sanctum[v2.9.0] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 7
- Root composer.json requires laravel/tinker ^2.0, found laravel/tinker[v2.6.0] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 8
- Root composer.json requires laravel/ui ^3.1, found laravel/ui[v3.2.0] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 9
- Root composer.json requires spatie/laravel-activitylog ^3.16, found spatie/laravel-activitylog[3.16.1] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 10
- Root composer.json requires spatie/laravel-backup ^6.14, found spatie/laravel-backup[6.14.4] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 11
- Root composer.json requires spatie/laravel-csp ^2.6, found spatie/laravel-csp[2.6.4] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 12
- Root composer.json requires spatie/laravel-permission ^3.17, found spatie/laravel-permission[3.18.0] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 13
- Root composer.json requires yajra/laravel-datatables-oracle ^9.13, found yajra/laravel-datatables-oracle[v9.15.2] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 14
- Root composer.json requires barryvdh/laravel-ide-helper ^2.9, found barryvdh/laravel-ide-helper[v2.9.0] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 15
- Root composer.json requires facade/ignition ^2.3.6, found facade/ignition[2.5.13] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 16
- Root composer.json requires fakerphp/faker ^1.9.1, found fakerphp/faker[v1.13.0] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 17
- Root composer.json requires mockery/mockery ^1.3.1, found mockery/mockery[1.4.2] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 18
- Root composer.json requires nunomaduro/collision ^5.0, found nunomaduro/collision[v5.3.0] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
Problem 19
- Root composer.json requires phpunit/phpunit ^9.3, found phpunit/phpunit[9.5.2] in lock file but not in remote repositories, make sure you avoid updating this package to keep the one from lock file.
comoposer.json
{
"name": "laravel/laravel",
"type": "project",
"description": "The Laravel Framework.",
"keywords": [
"framework",
"laravel"
],
"license": "MIT",
"require": {
"php": "^7.4.1|^8.0",
"fideloper/proxy": "^4.2",
"firebase/php-jwt": "^5.2",
"fruitcake/laravel-cors": "^2.0",
"guzzlehttp/guzzle": "^7.2",
"laravel/framework": "^8.0",
"laravel/sanctum": "^2.6",
"laravel/tinker": "^2.0",
"laravel/ui": "^3.1",
"spatie/laravel-activitylog": "^3.16",
"spatie/laravel-backup": "^6.14",
"spatie/laravel-csp": "^2.6",
"spatie/laravel-permission": "^3.17",
"yajra/laravel-datatables-oracle": "^9.13"
},
"require-dev": {
"barryvdh/laravel-ide-helper": "^2.9",
"facade/ignition": "^2.3.6",
"fakerphp/faker": "^1.9.1",
"mockery/mockery": "^1.3.1",
"nunomaduro/collision": "^5.0",
"phpunit/phpunit": "^9.3"
},
"config": {
"optimize-autoloader": true,
"preferred-install": "dist",
"sort-packages": true
},
"extra": {
"laravel": {
"dont-discover": []
}
},
"autoload": {
"psr-4": {
"App\": "app/",
"Database\Factories\": "database/factories/",
"Database\Seeders\": "database/seeders/"
}
},
"autoload-dev": {
"psr-4": {
"Tests\": "tests/"
}
},
"minimum-stability": "dev",
"prefer-stable": true,
"scripts": {
"post-autoload-dump": [
"Illuminate\Foundation\ComposerScripts::postAutoloadDump",
"@php artisan package:discover --ansi"
],
"post-root-package-install": [
"@php -r \"file_exists('.env') || copy('.env.example', '.env');\""
],
"post-create-project-cmd": [
"@php artisan key:generate --ansi"
]
}
}
composer diagnose
[root@lexionmetal public_html]# composer diagnose
Do not run Composer as root/super user! See https://getcomposer.org/root for details
Continue as root/super user [yes]? yes
Checking composer.json: OK
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: OK
Checking https connectivity to packagist: OK
Checking github.com rate limit: OK
Checking disk free space: OK
Checking pubkeys:
Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0 87719BA6 8F3BB723 4E5D42D0 84A14642
Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B 0C708369 153E328C AD90147D AFE50952
OK
Checking composer version: OK
Composer version: 2.0.11
PHP version: 8.0.2
PHP binary path: /opt/cpanel/ea-php80/root/usr/bin/php
OpenSSL version: OpenSSL 1.1.1j 16 Feb 2021
cURL version: 7.75.0 libz 1.2.7 ssl OpenSSL/1.1.1j
zip: extension present, unzip present
[root@lexionmetal public_html]#
Really learn how to check your dependencies it appears you are trying to update to older packages.
An extreme example I give is laravel 4.1 would not go with framework 8.0.
That is just an extreme example of a dependency mismatch, so check your dependencies.
You can check by looking at the various composer. Json files and it will show you requirements.
But are you trying to downgrade?
Actually @jlrdw , my project is laravel 8 , i want to run composer update .but its failed. i don't want to upgrade or downgrade laravel version .
I want to update my library files only. please help me
@jlrdw please check my question again. i updated it
In that above file, are those dependencies updated by you to the ones needed.
If so a composer update should work.
You can run composer update without affecting laravel if you already have version 8.
So if you are updating your dependencies you can update them in composer.json.
Of course if you are going from a version 7 framework to a verson 8 framework naturally you would have to update laravel first.
I will follow up in a moment with another link
See https://laracasts.com/discuss/channels/guides/update-upgrade-laravel-then-framework
Edit:
I usually never update production I update development and push as necessary.
I've seen where some larger sites people use a staging server.
@ddsameera have you tried composer update --lock ?
yes @neilstee , it doesn't work
@ddsameera I missed your caption that you are doing this on production? Why is that?
I wouldn't recommend you do that in production. I hope you can do this locally first.
What I suggest is to delete your composer.lock file then run composer install
Localhost is okay . i have plenty of lib files . so thats why i upgrade it
@ddsameera Oh so it works on your local?
Then push your composer.lock file in production and run composer install
If the issue still persists, try to update your composer app in production:
https://getcomposer.org/doc/03-cli.md#self-update-selfupdate-
Done / @neilstee it doesn't work
you should never need to run composer update on a production machine
run composer update locally, test your site works ok then copy composer.lock to production
Then run composer install --no-dev on production and you will get all the same package versions that you had locally when you tested and none of the dev packages such as phpunit
@snapey ,actually I want to keep up to date library in the production site. how can i do that ? without using composer update
also when i try to create new laravel project command,i got following result
composer create-project laravel/laravel testapp
[InvalidArgumentException]
Could not find package laravel/laravel with stability stable.
create-project [-s|--stability STABILITY] [--prefer-source] [--prefer-dist] [--repository REPOSITORY] [--repository-url REPOSITORY-URL] [--add-repository] [--dev] [--no-dev] [--no-custom-installers] [--no-scripts] [--no-progress] [--no-secure-http] [--keep-vcs] [--remove-vcs] [--no-install] [--ignore-platform-req IGNORE-PLATFORM-REQ] [--ignore-platform-reqs] [--ask] [--] [<package>] [<directory>] [<version>]
actually, you are mad. You want newer packages on the production server than you have developed with?
wait, don't tell me, you develop code on the production site also?
Oh @snapey thanks for your advise. actually i thought always we should have to run composer update in production site. its my bad. anyway thanks for showing this error to me.
According to your explanation , I should have to push composer.lock code to production . am i right ? if i m wrong,please advise me
composer.lock should be part of your revision control so that when you change or update packages then composer.lock is updated
Then on production you just pull your repository and run composer install, you then get exactly the same setup that you tested with
also, by using the no-dev flag, you leave out those packages that are in the require-dev section such as phpunit that has been the source of at least one major security flaw
Here is the solution
Step 01 Go to your laravel project folder
Step 02 Run this code
composer config -g repo.packagist composer https://packagist.org
More info: https://www.programmersought.com/article/81437406841/
@DDSameera bro I tried this but still i get this error list as problems
please i need help. am getting error trying to install lavarel church management system
C:\xampp\htdocs\gerejalaravel>composer update --ignore-platform-reqs Loading composer repositories with package information Info from https:// repo.packagist. org: #StandWithUkraine Updating dependencies Your requirements could not be resolved to an installable set of packages.
Problem 1 - Root composer.json requires daveismyname/laravel-countries master, found daveismyname/laravel-countries[dev-master] in the lock file but not in remote repositories, make sure you avoid updating this package to keep the one from the lock file.
is anybody here please
Please or to participate in this conversation.