PHPackages                             slam/alert-on-composerlock-change - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Utility &amp; Helpers](/categories/utility)
4. /
5. slam/alert-on-composerlock-change

AbandonedArchivedComposer-plugin[Utility &amp; Helpers](/categories/utility)

slam/alert-on-composerlock-change
=================================

Composer plugin that alerts (in dev) that composer.lock changed and so the developer should run `composer install`

v1.0.0(8y ago)06.1kMITPHPPHP ^7.1.0

Since Apr 19Pushed 8y ago1 watchersCompare

[ Source](https://github.com/Slamdunk/alert-on-composerlock-change)[ Packagist](https://packagist.org/packages/slam/alert-on-composerlock-change)[ RSS](/packages/slam-alert-on-composerlock-change/feed)WikiDiscussions master Synced 2w ago

READMEChangelog (1)Dependencies (3)Versions (2)Used By (0)

Alert on composer.lock change...
================================

[](#alert-on-composerlock-change)

### ...when commanding a `git pull`, `git checkout` or a `git merge`

[](#when-commanding-a-git-pull-git-checkout-or-a-git-merge)

[![Build Status](https://camo.githubusercontent.com/0609bf5c1fddee99a46c4566645817e70117c560dbdc2bae195ccc67b3465548/68747470733a2f2f7472617669732d63692e6f72672f536c616d64756e6b2f616c6572742d6f6e2d636f6d706f7365726c6f636b2d6368616e67652e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/Slamdunk/alert-on-composerlock-change)[![Packagist](https://camo.githubusercontent.com/bce42db79425c4b9138b3c134d944ee4691c303e84511cbc858579929f25616d/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f736c616d2f616c6572742d6f6e2d636f6d706f7365726c6f636b2d6368616e67652e737667)](https://packagist.org/packages/slam/alert-on-composerlock-change)

Show an alert when `composer.lock` changed while moving between commits.

[![alert GIF](https://github.com/Slamdunk/alert-on-composerlock-change/raw/master/alert.gif)](https://github.com/Slamdunk/alert-on-composerlock-change/raw/master/alert.gif)

Installation
------------

[](#installation)

To use this extension, require it in [Composer](https://getcomposer.org/):

```
composer require --dev slam/alert-on-composerlock-change
```

WARNING: git hooks overridden !
-------------------------------

[](#warning-git-hooks-overridden-)

To enable the warning both `.git/hooks/post-merge` and `.git/hooks/post-checkout`are overridden.

Where to use it
---------------

[](#where-to-use-it)

This is useful in development, you clone the repo and you'll automatically notified on `composer.lock` changes without custom hooks/code (after the first `composer install` of course).

The alert is triggered also while moving between commits with `git checkout`.

Where NOT to use it
-------------------

[](#where-not-to-use-it)

You should avoid relying on this in production, as you are supposed to have a dedicated strategy for deploy that involves much more than a plain `git pull`.

Also this isn't useful for a library, as libraries shouldn't commit the `composer.lock`.

Why not just run `composer install`?
------------------------------------

[](#why-not-just-run-composer-install)

This is intended to help developers be aware of what happened in the repo while they where sleeping (uh?). Developers are supposed to investigate how the dependencies changed, to be aware of them and, if needed, to discuss the changes and improve them. If everything happens under the hood, knowledge would be much slower to gain.

###  Health Score

29

—

LowBetter than 57% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity18

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity58

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

2994d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/50348?v=4)[Sahn Lam](/maintainers/Slam)[@slam](https://github.com/slam)

---

Top Contributors

[![Slamdunk](https://avatars.githubusercontent.com/u/152236?v=4)](https://github.com/Slamdunk "Slamdunk (11 commits)")

---

Tags

composer-pluginphp

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/slam-alert-on-composerlock-change/health.svg)

```
[![Health](https://phpackages.com/badges/slam-alert-on-composerlock-change/health.svg)](https://phpackages.com/packages/slam-alert-on-composerlock-change)
```

###  Alternatives

[symfony/runtime

Enables decoupling PHP applications from global state

74794.9M945](/packages/symfony-runtime)[drupal/core-composer-scaffold

A flexible Composer project scaffold builder.

5344.1M527](/packages/drupal-core-composer-scaffold)[drupal/core-project-message

Adds a message after Composer installation.

2124.0M194](/packages/drupal-core-project-message)[sandersander/composer-link

Adds ability to link local packages for development with composer

94441.4k](/packages/sandersander-composer-link)[phpro/grumphp-shim

GrumPHP Phar distribution

284.6M334](/packages/phpro-grumphp-shim)[lullabot/drainpipe

An automated build tool to allow projects to have a set standardized operations scripts.

41759.2k3](/packages/lullabot-drainpipe)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
