Tweet
Tweet

Slide 1

Slide 1 text

Composer: Effective Dependency Management for PHP Projects #BCSPHP Jeff Carouth

Slide 2

Slide 2 text

#bcsphp June 21, 2012 chris weldon jeff carouth & featuring sponsored by

Slide 3

Slide 3 text

http://mojolive.com/profile/jcarouth

Slide 4

Slide 4 text

Defining Composer Using composed projects Exposing tools through Composer Questions Agenda

Slide 5

Slide 5 text

Defining Composer Using composed projects Exposing tools through Composer Questions Agenda

Slide 6

Slide 6 text

http://getcomposer.org

Slide 7

Slide 7 text

Isn’t PEAR and the PEAR installer the de-facto PHP package manager?

Slide 8

Slide 8 text

Isn’t PEAR and the PEAR installer the de-facto PHP package manager? Yep.

Slide 9

Slide 9 text

However, PEAR tends to be used globally.* Composer is intended to be used in a per-project manner. * PEAR can be used per-project, but that’s not what this talk is about. Okay?

Slide 10

Slide 10 text

The Problem As a developer working on a PHP project, I want to use a consistent version of libraries and tools, so that the code will be stable and predictable.

Slide 11

Slide 11 text

Example: Behat

Slide 12

Slide 12 text

Example: Behat $ pear channel-discover pear.behat.org $ sudo pear install behat/behat $ sudo pear install behat/mink

Slide 13

Slide 13 text

Example: Behat $ pear channel-discover pear.behat.org $ sudo pear install behat/behat $ sudo pear install behat/mink $ behat --version Behat version 2.3.5

Slide 14

Slide 14 text

hack…hack…hack

Slide 15

Slide 15 text

What’s this? This awesome project I forked… uses Behat version 2.4

Slide 16

Slide 16 text

Decision Time

Slide 17

Slide 17 text

Decision Time But WHY?

Slide 18

Slide 18 text

More Developers, More Dependency Problems

Slide 19

Slide 19 text

More Developers, More Dependency Problems Jeff PHPUnit 3.6.10 Behat 2.3.5 Guzzle 2.0 Bob PHPUnit 3.4.15 Behat 2.2 Guzzle 1.1

Slide 20

Slide 20 text

More Developers, More Dependency Problems Jeff PHPUnit 3.6.10 Behat 2.3.5 Guzzle 2.0 Bob PHPUnit 3.4.15 Behat 2.2 Guzzle 1.1 Of course, they were all installed via the PEAR installer

Slide 21

Slide 21 text

More Developers, More Dependency Problems Jeff PHPUnit 3.6.10 Behat 2.3.5 Guzzle 2.0 Bob PHPUnit 3.4.15 Behat 2.2 Guzzle 1.1 Of course, they were all installed via the PEAR installer standardize & distribute

Slide 22

Slide 22 text

Common Solution $ cd ~/projects/my_awesome_project/vendor/ $ mkdir Behat && cd Behat $ wget https://github.com/downloads/Behat/Behat/behat.phar $ cd ../../ $ php vendor/Behat/behat.phar tests/features/

Slide 23

Slide 23 text

Common Solution $ cd ~/projects/my_awesome_project/vendor/ $ mkdir Behat && cd Behat $ wget https://github.com/downloads/Behat/Behat/behat.phar $ cd ../../ $ php vendor/Behat/behat.phar tests/features/ Or use a git submodule… or an SVN external if it’s still 2007

Slide 24

Slide 24 text

Common Solution $ cd ~/projects/my_awesome_project/vendor/ $ mkdir Behat && cd Behat $ wget https://github.com/downloads/Behat/Behat/behat.phar $ cd ../../ $ php vendor/Behat/behat.phar tests/features/ Or use a git submodule… or an SVN external if it’s still 2007 I kid. I kid.

Slide 25

Slide 25 text

Common Solution $ cd ~/projects/my_awesome_project/vendor/ $ mkdir Behat && cd Behat $ wget https://github.com/downloads/Behat/Behat/behat.phar $ cd ../../ $ php vendor/Behat/behat.phar tests/features/ Or use a git submodule… or an SVN external if it’s still 2007 BUT…we can do better I kid. I kid.

Slide 26

Slide 26 text

Install Composer

Slide 27

Slide 27 text

Install Composer with PEAR

Slide 28

Slide 28 text

with PEAR for MAXIMUM trolling Install Composer

Slide 29

Slide 29 text

with PEAR for MAXIMUM trolling Install Composer sorry, no can do

Slide 30

Slide 30 text

getcomposer.org

Slide 31

Slide 31 text

getcomposer.org local install $ curl -s http://getcomposer.org/installer | php $ php composer.phar --version Composer version 6f576d4

Slide 32

Slide 32 text

getcomposer.org local install $ curl -s http://getcomposer.org/installer | php $ php composer.phar --version Composer version 6f576d4 global install $ curl -s http://getcomposer.org/installer | php $ sudo mv composer.phar /usr/local/bin/composer $ composer --version Composer version 6f576d4

Slide 33

Slide 33 text

Now you can use Composer

Slide 34

Slide 34 text

$ cd ~/projects/composed-project $ vim composer.json

Slide 35

Slide 35 text

$ cd ~/projects/composed-project $ vim composer.json { "require": { "slim/slim": "1.6.3", "pimple/pimple": "1.0.0" } }

Slide 36

Slide 36 text

$ cd ~/projects/composed-project $ vim composer.json { "require": { "slim/slim": "1.6.3", "pimple/pimple": "1.0.0" } } $ composer install Installing dependencies - Installing slim/slim (1.6.3) Downloading: 100% - Installing pimple/pimple (1.0.0) Downloading: 100% Writing lock file Generating autoload files

Slide 37

Slide 37 text

$ cd ~/projects/composed-project $ vim composer.json { "require": { "slim/slim": "1.6.3", "pimple/pimple": "1.0.0" } } $ composer install Installing dependencies - Installing slim/slim (1.6.3) Downloading: 100% - Installing pimple/pimple (1.0.0) Downloading: 100% Writing lock file Generating autoload files

Slide 38

Slide 38 text

$ md public && vim public/index.php

Slide 39

Slide 39 text

$ md public && vim public/index.php 1 get('/', function() { 13 print "Hello, world!"; 14 }); 15 16 $app->run();

Slide 40

Slide 40 text

1 get('/', function() { 13 print "Hello, world!"; 14 }); 15 16 $app->run(); $ md public && vim public/index.php

Slide 41

Slide 41 text

Commit You should commit your composer.json file, the generated composer.lock file, and ignore the vendor directory.

Slide 42

Slide 42 text

You should not ignore the [composer.lock] file in git. In fact you should commit it whenever it is changed. Users of your project or other developers can then run “composer install” to install exactly the versions you had in your lock file, rather than installing versions based on composer.json and potentially ending up with a slightly newer dependency which could result in problems, since you didn’t test with that particular version. - Nils Adermann

Slide 43

Slide 43 text

$ vim .gitignore vendor/ $ git add . $ git commit -m “Hello world! First commit” [master (root-commit) f38852e] Hello world! First commit 4 files changed, 44 insertions(+) create mode 100644 composer.json create mode 100644 composer.lock create mode 100644 public/index.php create mode 100644 .gitignore

Slide 44

Slide 44 text

A Contributor Appears Remember Bob? He’s going to contribute to this project. So he needs to make sure he gets the correct dependencies after he clones the project.

Slide 45

Slide 45 text

A Contributor Appears Remember Bob? He’s going to contribute to this project. So he needs to make sure he gets the correct dependencies after he clones the project.

Slide 46

Slide 46 text

A Contributor Appears Remember Bob? He’s going to contribute to this project. So he needs to make sure he gets the correct dependencies after he clones the project.

Slide 47

Slide 47 text

$ hub clone jcarouth/composer-example

Slide 48

Slide 48 text

$ hub clone jcarouth/composer-example $ [master ✓] composer install Installing dependencies from lock file - Installing pimple/pimple (1.0.0) Downloading: 100% - Installing slim/slim (1.6.3) Downloading: 100% Generating autoload files

Slide 49

Slide 49 text

$ hub clone jcarouth/composer-example $ [master ✓] composer install Installing dependencies from lock file - Installing pimple/pimple (1.0.0) Downloading: 100% - Installing slim/slim (1.6.3) Downloading: 100% Generating autoload files

Slide 50

Slide 50 text

$ hub clone jcarouth/composer-example $ [master ✓] composer install Installing dependencies from lock file - Installing pimple/pimple (1.0.0) Downloading: 100% - Installing slim/slim (1.6.3) Downloading: 100% Generating autoload files BOOM! That was easy

Slide 51

Slide 51 text

Dev-Specific Dependencies Behat for example. require-dev is the ticket.

Slide 52

Slide 52 text

$ vim composer.json 1 { 2 "require": { 3 "slim/slim": "1.6.3", 4 "pimple/pimple": "1.0.0" 5 }, 6 "require-dev": { 7 "behat/behat": "2.4.0" 8 }, 9 "config": { 10 "bin-dir": "bin" 11 } 12 } $ composer update Updating dependencies Nothing to install or update Writing lock file Generating autoload files

Slide 53

Slide 53 text

$ composer install --dev Installing dependencies from lock file Nothing to install or update Installing dev dependencies - Installing symfony/finder (dev-master) Cloning 9ee9a907afeef52956187e862714a7702ca26590 - Installing symfony/yaml (dev-master) Cloning 8272d98f8087878db37e8e5f6d4e37c5cc783dc3 ... snip --- - Installing behat/gherkin (v2.2.1) Downloading: 100% - Installing behat/behat (v2.4.0) Downloading: 100% ... suggestions ... Generating autoload files

Slide 54

Slide 54 text

Suggestions Suggested packages that can enhance or work well with this package. These are just informational and are displayed after the package is installed, to give your users a hint that they could add more packages, even though they are not strictly required. behat/behat suggests installing behat/mink-extension (for integration of with Mink) behat/behat suggests installing behat/yii-extension (for integration of with Yii framework) Generating autoload files

Slide 55

Slide 55 text

Finding Packages http://packagist.org Check other projects for a composer.json file.

Slide 56

Slide 56 text

No content

Slide 57

Slide 57 text

No content

Slide 58

Slide 58 text

http://packages.zendframework.com Making the component nature of the Zend Framework that much easier to use.

Slide 59

Slide 59 text

1 { 2 "repositories": [ 3 { 4 "type": "composer", 5 "url": "http://packages.zendframework.com/" 6 } 7 ], 8 "require": { 9 "slim/slim": "1.6.3", 10 "pimple/pimple": "1.0.0", 11 "zendframework/zend-validator": "2.0.*" 12 }, 13 "require-dev": { 14 "behat/behat": "2.4.0" 15 }, 16 "config": { 17 "bin-dir": "bin" 18 } 19 } Including the Zend\Validator component

Slide 60

Slide 60 text

$ composer update Updating dependencies - Installing zendframework/zend-validator (2.0.0-beta4) Downloading: 100% zendframework/zend-validator suggests installing zendframework/ze… zendframework/zend-validator suggests installing zendframework/ze… zendframework/zend-validator suggests installing zendframework/ze… Writing lock file Generating autoload files

Slide 61

Slide 61 text

The End @jcarouth | carouth.com