We have a Laravel based collection of sites which have composer.json configured same as the test instances. I needed to know whether to have fixed versions defined in it for packages, instead of those variable versions recommended by the developers is the correct way to go?
Defining fixed versions will push the bug fixes on the back burner and thus may not get included on the live site which is the only drawback I see to such approach. As Laravel is a fast changing framework, I am not very comfortable with the approach.
I need your opinions as I can't find any best practice references anywhere.
Sign in to participate in this thread!