PHPackages                             hanoii/composer-should-not - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Utility &amp; Helpers](/categories/utility)
4. /
5. hanoii/composer-should-not

ActiveComposer-plugin[Utility &amp; Helpers](/categories/utility)

hanoii/composer-should-not
==========================

Provides a way to prevent installing configured versions of packages.

1.1.0(1y ago)11.0k↓66.7%MITPHP

Since Oct 29Pushed 1y ago1 watchersCompare

[ Source](https://github.com/hanoii/composer-should-not)[ Packagist](https://packagist.org/packages/hanoii/composer-should-not)[ RSS](/packages/hanoii-composer-should-not/feed)WikiDiscussions main Synced 1mo ago

READMEChangelogDependencies (2)Versions (3)Used By (0)

Composer should-not
===================

[](#composer-should-not)

This plugin removes certain versions from your dependency list preventing them from being installed and provide a reason for doing so.

While the idea of versions constraint is that you can do this on your `composer.json` that works OK as long as everybody in your team knows what to do when changing or requiring a new version constraint.

This module is meant to provide a fail-safe and document a reason for doing so that if others tries to change the current constraint that will fail and a warning with a reason will be provided.

Installation
------------

[](#installation)

Install as usual:

```
composer require hanoii/composer-should-not
```

Usage
-----

[](#usage)

The configuration of this plugin is through the ["extra" property](https://getcomposer.org/doc/04-schema.md#extra)of your `composer.json` file.

```
{
    "extra": {
        "should-not": {
            "drupal/block_class": {
                "version": "^3",
                "reason": "Version constraint ^3 should not be installed, it is the a new release of the previous 1.x codebase."
            }
        }
    }
}
```

Alternatively, you can also provide an array of reasons:

```
    "should-not": {
        "twig/twig": {
            "version": "~3.14.1",
            "reasons": [
                "3.14.1: Recurssion issue on drupal https://www.drupal.org/project/drupal/issues/3485956.",
                "3.14.2: Performance issues on drupal https://www.drupal.org/project/drupal/issues/3487031."
            ]
        }
    },
```

Note

[dev versions](https://getcomposer.org/doc/articles/versions.md#branches) are always allowed.

Demo
----

[](#demo)

[![composer-should-not demo animated gif](https://private-user-images.githubusercontent.com/677879/381571674-f84f7d15-26f7-477e-b8f3-6fc07cba66df.gif?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NzQ4MzU1MzAsIm5iZiI6MTc3NDgzNTIzMCwicGF0aCI6Ii82Nzc4NzkvMzgxNTcxNjc0LWY4NGY3ZDE1LTI2ZjctNDc3ZS1iOGYzLTZmYzA3Y2JhNjZkZi5naWY_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjYwMzMwJTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI2MDMzMFQwMTQ3MTBaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT00MjU5ZmY4NTNiMmRmYjZhMGJmZWIwN2JmYzk3MzRkNDRlMzRhZmVhMGUxOTYzYjdhYWU1ZjViYzc0ZjMxZGFhJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCJ9.YD1ybfSeaVQ3GH1C6uUXP_GrE1RicjNuLihdWQAosac)](https://private-user-images.githubusercontent.com/677879/381571674-f84f7d15-26f7-477e-b8f3-6fc07cba66df.gif?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NzQ4MzU1MzAsIm5iZiI6MTc3NDgzNTIzMCwicGF0aCI6Ii82Nzc4NzkvMzgxNTcxNjc0LWY4NGY3ZDE1LTI2ZjctNDc3ZS1iOGYzLTZmYzA3Y2JhNjZkZi5naWY_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjYwMzMwJTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI2MDMzMFQwMTQ3MTBaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT00MjU5ZmY4NTNiMmRmYjZhMGJmZWIwN2JmYzk3MzRkNDRlMzRhZmVhMGUxOTYzYjdhYWU1ZjViYzc0ZjMxZGFhJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCJ9.YD1ybfSeaVQ3GH1C6uUXP_GrE1RicjNuLihdWQAosac)

---

The provided example configuration is what encouraged the creation of this plugin, see [https://www.drupal.org/project/block\_class/issues/3468976](https://www.drupal.org/project/block_class/issues/3468976).

They decided to create a new major version out of an older codebase 🤷, and it has proven to be an issue for us, so with this we can preemptively avoid the module from being upgrade to 3.0. This was fixed with a new 4.0.0 release.

However, other times I wanted something like this for ducumenting why a certain dependency should be locked to a specific version (something that I needed several times in Drupal projects).

###  Health Score

29

—

LowBetter than 59% of packages

Maintenance38

Infrequent updates — may be unmaintained

Popularity21

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity40

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~20 days

Total

2

Last Release

546d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/d9c933f7b19bd7227b32a05967df5ffdccf5af537fbde717102b326c5c4f4f05?d=identicon)[hanoii](/maintainers/hanoii)

---

Top Contributors

[![hanoii](https://avatars.githubusercontent.com/u/677879?v=4)](https://github.com/hanoii "hanoii (18 commits)")

### Embed Badge

![Health badge](/badges/hanoii-composer-should-not/health.svg)

```
[![Health](https://phpackages.com/badges/hanoii-composer-should-not/health.svg)](https://phpackages.com/packages/hanoii-composer-should-not)
```

###  Alternatives

[vaimo/composer-patches

Applies a patch from a local or remote file to any package that is part of a given composer project. Patches can be defined both on project and on package level. Optional support for patch versioning, sequencing, custom patch applier configuration and patch command for testing/troubleshooting added patches.

2994.3M16](/packages/vaimo-composer-patches)[mglaman/composer-drupal-lenient

1317.4M15](/packages/mglaman-composer-drupal-lenient)[drupal/core-composer-scaffold

A flexible Composer project scaffold builder.

5341.9M446](/packages/drupal-core-composer-scaffold)[drupal/core-project-message

Adds a message after Composer installation.

2122.6M172](/packages/drupal-core-project-message)[olvlvl/composer-attribute-collector

A convenient and near zero-cost way to retrieve targets of PHP 8 attributes

184108.8k8](/packages/olvlvl-composer-attribute-collector)[lullabot/drainpipe

An automated build tool to allow projects to have a set standardized operations scripts.

41716.4k2](/packages/lullabot-drainpipe)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)