How to update a single library with Composer?

Difference between install, update and require

Assume the following scenario:

composer.json

"parsecsv/php-parsecsv": "0.*"

composer.lock file

  "name": "parsecsv/php-parsecsv",
            "version": "0.1.4",

Latest release is 1.1.0. The latest 0.* release is 0.3.2

install: composer install parsecsv/php-parsecsv

This will install version 0.1.4 as specified in the lock file

update: composer update parsecsv/php-parsecsv

This will update the package to 0.3.2. The highest version with respect to your composer.json. The entry in composer.lock will be updated.

require: composer require parsecsv/php-parsecsv

This will update or install the newest version 1.1.0. Your composer.lock file and composer.json file will be updated as well.

If you just want to update a few packages and not all, you can list them as such:

php composer.phar update vendor/package:2.* vendor/package2:dev-master

You can also use wildcards to update a bunch of packages at once:

php composer.phar update vendor/*

As commented by @ZeroThe2nd ZSH users may need to wrap their vendor/* in quotation marks:

php composer.phar update "vendor/*"

• --prefer-source: Install packages from source when available.
• --prefer-dist: Install packages from dist when available.
• --ignore-platform-reqs: ignore php, hhvm, lib-* and ext-* requirements and force the installation even if the local machine does not fulfill these. See also the platform config option.
• --dry-run: Simulate the command without actually doing anything.
• --dev: Install packages listed in require-dev (this is the default behavior).
• --no-dev: Skip installing packages listed in require-dev. The autoloader generation skips the autoload-dev rules.
• --no-autoloader: Skips autoloader generation.
• --no-scripts: Skips execution of scripts defined in composer.json.
• --no-plugins: Disables plugins.
• --no-progress: Removes the progress display that can mess with some terminals or scripts which don't handle backspace characters.
• --optimize-autoloader (-o): Convert PSR-0/4 autoloading to classmap to get a faster autoloader. This is recommended especially for production, but can take a bit of time to run so it is currently not done by default.
• --lock: Only updates the lock file hash to suppress warning about the lock file being out of date.
• --with-dependencies: Add also all dependencies of whitelisted packages to the whitelist.
• --prefer-stable: Prefer stable versions of dependencies.
• --prefer-lowest: Prefer lowest versions of dependencies. Useful for testing minimal versions of requirements, generally used with --prefer-stable.

To install doctrine/doctrine-fixtures-bundle with version 2.1.* and minimum stability @dev use this:

composer require doctrine/doctrine-fixtures-bundle:2.1.*@dev

then to update only this single package:

composer update doctrine/doctrine-fixtures-bundle

You can use the following command to update any module with its dependencies

composer update vendor-name/module-name --with-dependencies