security-checker | PHP frontend for security.symfony.com | Build Tool library

You need to remove it also from the composer.json "auto-scripts" section, you probably have something like this:

i think the service stopped ..

https://packagist.org/packages/sensiolabs/security-checker

use this instead

https://github.com/fabpot/local-php-security-checker

The issue with composer require was reported and fixed in PR 9336 on Composer's GitHub repository. It will be in Composer 2.0.2 just about to be released now. So you can upgrade to 2.0.2 and it should resolve your problem.

To explain why your workaround failed:

composer require nimut/typo3-complete:$TYPO3_VERSION edits the composer.json file to add "nimut/typo3-complete": "^$TYPO3_VERSION". Then it runs composer update nimut/typo3-complete, or (on Composer 1.x or 2.0.2+) a plain composer update if no lock file exists yet.

If you run a composer install without a lock file first, this executes a composer update because there is no lock file. The subsequent composer require then still edits the json file and now runs composer update nimut/typo3-complete because there is a lock file. Even with all the dependency options enabled, this may have a different outcome or even a conflict from running a plain composer update as you are restricting the update to only the new package and its dependencies.

Through that list of requirements, you've installed doctrine/common in v3. The latest stable version of gedmo/doctrine-extensions is not yet compatible with that, which you can see in some issues.

You have two options: either wait for some more days or weeks until that package is made compatible, or downgrade doctrine/common before to v2. This is possible by using

composer require doctrine/common:"^2.11" doctrine/persistence:"^1.3"

You should complain to the provider of that package for making a bad decision: the package enforces the installation of symfony/symfony (the full package of all Symfony components), while all current projects should depend on the individual components. That's what your project does: it installs each needed component, and not the whole framework.

And that's where stuff gets difficult for you: the full framework package symfony/symfony contains all components and lists them in the replaces section. Installing both the framework package and single components leads to problems and is not possible. But as that barcode package depends on the whole framework, and your own application depends on single components, the installation can not continue.

If you really want to use this package (there might be alternatives that structure their dependencies better), you can remove all Symfony components (those with the version constraint 4.3.*) from your composer.json and instead require symfony/symfony:4.3.*. Afterwards, that package should be installable

download zip from here then copy only bootstrap folder from this zip and put in your root dir

as i can see