Develop Reference

Composer package conflict when updating guzzlehttp

laravel version is 5.8, When I write this command in cmd,
composer require guzzlehttp/guzzle
I get the below problems:
Using version ^7.5 for guzzlehttp/guzzle
./composer.json has been updated
Running composer update guzzlehttp/guzzle
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Root composer.json requires guzzlehttp/guzzle ^7.5, found guzzlehttp/guzzle[dev-master, 7.5.0, 7.5.x-dev] but these were not loaded, likely because it conflicts with another require.
Problem 2
- Root composer.json requires netflie/whatsapp-cloud-api ^1.3 -> satisfiable by netflie/whatsapp-cloud-api[1.3.0].
- netflie/whatsapp-cloud-api 1.3.0 requires guzzlehttp/guzzle ^7.0 -> found guzzlehttp/guzzle[dev-master, 7.0.0-beta.1, ..., 7.5.x-dev] but these were not loaded, likely because it conflicts with another require.
Problem 3
- php-http/guzzle6-adapter v1.1.1 requires guzzlehttp/guzzle ^6.0 -> found guzzlehttp/guzzle[6.0.0, ..., 6.5.x-dev] but it conflicts with your root composer.json require (^7.5).
- nexmo/laravel 1.1.2 requires nexmo/client ^1.0 -> satisfiable by nexmo/client[1.9.1].
- nexmo/client 1.9.1 requires php-http/guzzle6-adapter ^1.0 -> satisfiable by php-http/guzzle6-adapter[v1.1.1].
- nexmo/laravel is locked to version 1.1.2 and an update of this package was not requested.
Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.
You can also try re-running composer require with an explicit version constraint, e.g. "composer require guzzlehttp/guzzle:*" to figure out if any version is installable, or "composer require guzzlehttp/guzzle:^2.1" if you know which you need.
Installation failed, reverting ./composer.json and ./composer.lock to their original content.
It's troublesome, and it seems like a catch22 situation and I cannot figure out the problem.

trouble installing nesk/puphpeteer using composer require nesk/puphpeteer

i am having this error when running composer require nesk/puphpeteer
Problem 1
- Root composer.json requires nesk/puphpeteer 2.0 -> satisfiable by nesk/puphpeteer[2.0.0].
- nesk/puphpeteer 2.0.0 requires psr/log ^1.0 -> found psr/log[1.0.0, ..., 1.1.4] but the package is fixed to 3.0.0 (lock file version) by a partial update and that version does not match. Make sure you list it as an argument for the update command.
Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions

The composer logs has already detailed the necessary changes you might need –
The nesk/puphpeteer:2.0 requires that the psr/log be at version 1.0.*.
You can try the following to lower your psr/log requirement:
composer require psr/log "^1.0"

What is the error I am making when I'm installing the passport dependencies?

Using version ^10.1 for laravel/passport
./composer.json has been updated
Running composer update laravel/passport
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.
Problem 1
- laravel/passport[v10.1.0, ..., 10.x-dev] require illuminate/auth ^8.2 -> found illuminate/auth[v8.2.0, ..., 8.x-dev] but these were not loaded, likely because it conflicts with another require.
- Root composer.json requires laravel/passport ^10.1 -> satisfiable by laravel/passport[v10.1.0, v10.1.1, v10.1.2, 10.x-dev].
Installation failed, reverting ./composer.json and ./composer.lock to their original content.

you must check your project dependencies and laravel dependencies , you can test this remove composer.lock file and run this composer install

You need to upgrade your Laravel or install an older version of Laravel Passport
composer require laravel/passport:X.x.x

Composer Google API Download Failed

I tried to download google api using composer to a legacy code but, the following error appeared:
composer require google/apiclient:^2.0
./composer.json has been updated
Loading composer repositories with package information
Updating dependencies (including require-dev)
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Installation request for google/apiclient 2.0 -> satisfiable by google/apiclient[v2.0.0].
- google/apiclient v2.0.0 requires google/auth 0.8 -> satisfiable by google/auth[v0.8].
- Conclusion: don't install guzzlehttp/psr7 1.4.2
- google/auth v0.8 requires guzzlehttp/psr7 1.2.* -> satisfiable by guzzlehttp/psr7[1.2.0, 1.2.1, 1.2.2, 1.2.3].
- Can only install one of: guzzlehttp/psr7[1.2.0, 1.4.2].
- Can only install one of: guzzlehttp/psr7[1.2.1, 1.4.2].
- Can only install one of: guzzlehttp/psr7[1.2.2, 1.4.2].
- Can only install one of: guzzlehttp/psr7[1.2.3, 1.4.2].
- Installation request for guzzlehttp/psr7 (locked at 1.4.2) -> satisfiable by guzzlehttp/psr7[1.4.2].
Installation failed, reverting ./composer.json to its original content.
What should I do?

Try removing vendor/google and then run composer install again, this worked for me.

Can only install one of: guzzlehttp/psr7[1.2.3, 1.4.2].
Your dependencies led to confusion of two different major versions of the package, but only one can be installed.
The locked at 1.4.2 message means this package has been already installed as per your composer.lock file, and you're trying to install different version not compatible with your existing criteria.
$ composer show -a google/auth | grep psr7
guzzlehttp/psr7 ~1.2
You can check which existing package depends on the locked version by checking the dependency tree:
composer show -t
In some cases, removing composer.lock may help.
Otherwise, to see why (from where) the package is referenced, run:
composer why guzzlehttp/psr7 -t
See also: How to resolve a "Can only install one of:" conflict?

I finally found a solution for me, it works just removing composer.lock!!

How to show what requires a package in Composer

My Composer has just told me that a certain package foo/bar is abandoned.
However, it's not listed in my composer.json, so therefore some other package has that as a dependency.
How can I get Composer to show me this?
For example, it might tell me that my root composer.json requires a/b, which requires c/d which in turn requires the offending foo/bar.

composer show --tree
Lists your dependencies as a tree. If you pass a package name it will show the dependency tree for that package.
See documentation for more: https://getcomposer.org/doc/03-cli.md#show

When you have the package name of a deep dependent, and you want to know to what root dependent it belongs, use composer depends.
$ composer update
Loading composer repositories with package information
Updating dependencies (including require-dev)
Package operations: 0 installs, 0 updates, 0 removals
Package guzzle/guzzle is abandoned, you should avoid using it. Use guzzlehttp/guzzle instead.
Writing lock file
Generating autoload files
$ composer depends guzzle/guzzle
aws/aws-sdk-php 2.8.31 requires guzzle/guzzle (~3.7)
Your comment on another answer suggested you were trying to untangle a dependency problem. Here's an example using depends to do that:
$ composer require phan/phan
Using version ^1.1 for phan/phan
./composer.json has been updated
Loading composer repositories with package information
Updating dependencies (including require-dev)
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Installation request for composer/xdebug-handler (locked at 1.1.0) -> satisfiable by composer/xdebug-handler[1.1.0].
- phan/phan 1.1.0 requires composer/xdebug-handler ^1.3 -> satisfiable by composer/xdebug-handler[1.3.0].
- phan/phan 1.1.1 requires composer/xdebug-handler ^1.3 -> satisfiable by composer/xdebug-handler[1.3.0].
- phan/phan 1.1.2 requires composer/xdebug-handler ^1.3 -> satisfiable by composer/xdebug-handler[1.3.0].
- phan/phan 1.1.3 requires composer/xdebug-handler ^1.3 -> satisfiable by composer/xdebug-handler[1.3.0].
- phan/phan 1.1.4 requires composer/xdebug-handler ^1.3 -> satisfiable by composer/xdebug-handler[1.3.0].
- Conclusion: don't install composer/xdebug-handler 1.3.0
- Installation request for phan/phan ^1.1 -> satisfiable by phan/phan[1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4].
Installation failed, reverting ./composer.json to its original content.
$ composer depends composer/xdebug-handler
friendsofphp/php-cs-fixer v2.12.1 requires composer/xdebug-handler (^1.0)
So, I wanted phan/phan, but that failed because of a version problem on composer/xdebug-handler, which is not a package I've ever asked for explicitly.
Then I ask what packages "depend" on composer/xdebug-handler and discover that friendsofphp/php-cs-fixer needs it (and I know about that package, it's a root dependent).
Then I note that phan/phan wants composer/xdebug-handler:^1.3 and (from the depends) that friendsofphp/php-cs-fixer allows me to have version 1.3. So now I just do an update:
$ composer update composer/xdebug-handler
Loading composer repositories with package information
Updating dependencies (including require-dev)
Package operations: 0 installs, 1 update, 0 removals
- Updating composer/xdebug-handler (1.1.0 => 1.3.0): Loading from cache
Writing lock file
Generating autoload files
$ composer require phan/phan
Using version ^1.1 for phan/phan
./composer.json has been updated
Loading composer repositories with package information
Updating dependencies (including require-dev)
Package operations: 5 installs, 0 updates, 0 removals
- Installing sabre/event (5.0.3): Loading from cache
- Installing microsoft/tolerant-php-parser (v0.0.15): Loading from cache
- Installing netresearch/jsonmapper (v1.4.0): Loading from cache
- Installing felixfbecker/advanced-json-rpc (v3.0.3): Loading from cache
- Installing phan/phan (1.1.4): Loading from cache
phan/phan suggests installing ext-ast (Needed for parsing ASTs (unless --use-fallback-parser is used). php-ast ^0.1.5|^1.0.0 is needed.)
Writing lock file
Generating autoload files

Use composer depends with the --tree option.
Example: say I want to see a tree structure of what packages depend on the doctrine/data-fixtures package up to the _root_ package.
composer depends --tree doctrine/data-fixtures
Output:
doctrine/data-fixtures 1.4.0 Data Fixtures for all Doctrine Object Managers
└──doctrine/doctrine-fixtures-bundle 3.3.0 (requires doctrine/data-fixtures ^1.3)
└──__root__ (requires (for development) doctrine/doctrine-fixtures-bundle ^3.3)

The question has already been answered, but Composer offers, in my opinion, a more eloquent way, which hasn't been mentioned before: depends command alias why.
composer why aims to answer the "Why is this package installed?" question, instead of "Which packages depend on this package?", which I find much easier to remember.
Being an alias, the why command behaves the same as depends and both aforementioned options still apply:
--recursive (-r): Recursively resolves up to the root package;
--tree (-t): Prints the results as a nested tree, implies -r.

I don't know of a nice way to solve this but I ran into the same problem. A package I've never heard of was warning that it was abandoned. My solution was to search the composer.lock file for the abandoned package name. It will appear in require or require-dev for the package that depends on it.
In my case it was several levels, package A depended on package B that depended on abandoned package C. Once I identified what package A was then composer show --tree package/a showed the abandoned package in the tree output