Multi-Variance: API Versioning For Software Libraries

Multi-Variance: API Versioning For Software Libraries

One of the key features of Composer - the PHP community's package manager - is that you can't have two different versions of a Composer package in your project at the same time. Your project - and all the packages you depend upon - must agree on which versions to install, otherwise Composer cannot continue. Anyone who has used popular packages like Guzzle or PHPUnit over the last few years will have seen first-hand the problems this can cause.

In this talk, Stuart will introduce you to 'multivariant packages', a technique he uses with his own Composer packages to make sure his packages aren't contributing to the problem. He'll show you how to organise code inside your packages, and how to version your packages to work best with Composer. And finally, he'll look at how to handle devtools that install new Terminal commands inside your project.

2c1dc90ff7bf69097a151677624777d2?s=128

Stuart Herbert

August 28, 2018
Tweet

Transcript

  1. 2.

    Industry veteran: architect, engineer, leader, manager, mentor F/OSS contributor since

    1994 Talking and writing about PHP since 2004 Chief Software Archaeologist Building Quality @GanbaroDigital About Stuart
  2. 6.

    @GanbaroDigital ?? ?? Have you ever put out a new

    version of your package with substantial b/c breaks?
  3. 10.

    @GanbaroDigital In This Talk ... 1. Semantic Versioning 2. Modularity

    3. Consequences 4. Library Packages 5. Dev Tools
  4. 25.

    @GanbaroDigital “Library users should be able to upgrade to the

    latest X.*.* release without changing their code.
  5. 38.
  6. 50.

    @GanbaroDigital This is not a PHP problem. Nearly all mainstream

    programming languages share this limitation.
  7. 53.
  8. 55.
  9. 57.

    @GanbaroDigital ... you'll have seen errors like this: "Can only

    install one of: guzzlehttp/guzzle[6.1.0, 5.3.0]"
  10. 59.

    @GanbaroDigital The more popular your package, the more likely it

    is to be pulled into the same app multiple times.
  11. 68.
  12. 76.

    @GanbaroDigital We can't use semver for our package version numbers.

    But package managers expect semver-like version numbers.
  13. 97.

    @GanbaroDigital They pull in dependencies of their own, which can

    clash with your app's dependencies. (Or with the dependencies' dependencies!)
  14. 102.

    Thank You How Can We Help You? A presentation by

    @stuherbert
 for @GanbaroDigital