and dependency manager for PHP A PACKAGE MANAGER ? A package manager is a tool that automates the process of installing, upgrading, configuring, and removing packages for a software. The dependency layer resolves all dependencies automatically and recursively. It allows to resolve package installation per project. ‘‘ ‘‘ 3
the PHP installer: curl -s https://getcomposer.org/installer | php php composer.phar Then launch composer like this: Do move the phar to your bin directory: mv composer.phar /usr/local/bin/composer Composer is now accessible from everywhere: composer 7
we get from Packagist to the require section of composer.json: "require": { "twig/twig": "1.16.3" } Now, run the following Composer’s command: composer install 12
and a composer.lock file. VENDOR DIRECTORY COMPOSER.LOCK FILE Contains all the packages you required in composer.json and their potential dependencies Keeps in memory the version of each package downloaded DO NOT COMMIT IT! COMMIT IT! 13
great autoloader, Just add it to your PHP bootstrap file like this: require 'vendor/autoload.php'; This file handles a lazy loading of the packages PHP files. $loader = new Twig_Loader_Array(array( 'index.html' => 'Hello {{ name }}!', )); $twig = new Twig_Environment($loader); Twig is now accessible! 14
of a package that satisfies your criteria, do as below: composer update vendorname/packagename This is useful only if you didn’t specified an exact version of a package in composer.json. Be aware that this command regenerates the composer.lock file. 15
a new package or update old ones with composer, the composer.lock file is regenerated. This file is essential when you deploy your application in production. COMPOSER.LOCK FILE IT ENSURES THAT YOUR APPLICATION USES THE EXACT SAME VERSION OF THE PACKAGES THAN YOU DO. COMMIT IT! 16
every reusable component as a composer package. We will create a package for DataSailor: 1 ) Create a directory (data-sailor) for your reusable component data-sailor src 2 ) Create a src directory at its root where your source files will stand. 18
following lines at the end of your composer.json file: "autoload": { "psr-4": { "ReputationVIP\\DataSailor\\": "src" } } This tells to Composer where to search for our package files when we require them. PSR-4 is a standard specification for autoloading classes from file paths. It is based on PHP namespaces and is the recommanded autoloading specification to use by Composer. 20
package we just created is private and not released on Packagist. We need to tell Composer where to find it. Add this to the composer.json of your project : Composer will know that this package should be downloaded from this repository and not from Packagist. "repositories": [ { "type": "git", "url": "git://url/data-sailor" } ], 21
add your composer package to your project’s dependencies: "dev-master" means that the last pushed version of the package on master will be used. "require": { "reputation-vip/data-sailor": "dev-master" } You just have to launch: composer install 22
two versions of a same package in different projects, you need to tag your package: We use Git tags for that: git tag -a -m "Your tag message" x.y.z Then push your tag: git push origin master --tags "require": { "reputation-vip/data-sailor": "x.y.z" } You can now use this tag in your project: 23
option filtering packages. The packages that doesn't match the minimum stability you defined will be ignored. You can specify it in composer.json: By default the minimum stability is stable. The minimum stability option is root-only. "minimum-stability": "RC" stable RC beta alpha dev 1.0.0 1.0.0-RC 1.0.0-beta 1.0.0-alpha dev-master HANDLED STABILITIES 24
Composer’s documentation: This means that these options will not be overriden by required packages. YOUR PROJECT IS THE ROOT PACKAGE FOR COMPOSER. ROOT-ONLY OPTIONS SET THE CONTEXT YOU WANT TO WORK WITH. 25
root. It is set to stable Package A is required as dev-master. But as it is explicitly defined in root, it is allowed to be used as dev stability. Package A requires Package B as dev-master. This dependency is not specified in root so the minimum stability will be used (stable). Package B will not be found! 26
by defining the minimum stability globally: "minimum-stability": "dev" NOW, ALL YOUR PACKAGES COULD BE UNSTABLE! You should use the stability flags. They override the root’s minimum stability. Let’s grant Package B usage as dev: "require": { "A": "dev-master", (required in root, converted as dev-master@dev) "B": "@dev" (or "1.0.0@dev") } 27
your server: composer show –-platform (-p) Optimize your autoloader by generating class maps: composer install –-optimize (-o) Quickly fork a package: composer create-project doctrine/orm your_path 2.2.* Boost your download time by using cached packages: { "config": { "preferred-install": "dist" } } 28
assets files need to be accessible by the browser. However, Composer only downloads your PHP files into the vendor directory. "require": { "reputation-vip/composer-assets-installer": "~1.0" } A Composer plugin has been released for this: 29
at the end of your required package composer.json file: "extra": { "assets-dir" : "public" } This tells to Composer Assets Manager where is your public directory. Now, in your project composer.json, tell to composer where you want the assets to be downloaded: "extra": { "assets-dir" : "web" } On composer update, the assets will now be accessible through the following path: web/reputation-vip/data-sailor 30