Composer Power User Tips

Transcript

1. Composer Power User Tips Tom Corrigan Lead Developer - EstimateOne

   @tommygnr Melbourne PHP Users Group January 2015

2. Composer just got way faster • My biggest (and only)

   complaint about composer is its speed • One simple function call has slashed composer update calls by up to %90 • gc_disable() • See Anthony Ferrara’s brilliant explanation of how PHP’s garbage collector works here: http:// blog.ircmaxell.com/2014/12/what-about- garbage.html

3. First: What happens when you run composer update • Parses

   your composer.json • Recurses through dependencies creating Rules for every possible version • Recurses through the ruleset to determine installable versions • Performance gets exponentially worse as package count increases • Downloads updates/ new packages

4. Let’s find out why • Running composer update for the

   packagist app resulted in over 15 million function calls • Lots of classes being created, lots of garbage collector runs • Except there were no circular references • The garbage collector was wasting its time

5. Run composer with HHVM $ hhvm /usr/local/bin/composer update or create

   a simple wrapper #!/bin/bash hhvm /usr/local/bin/composer update -v "$@"

6. Speeding up download • composer install --prefer-source will give you

   git repositories rather than zipballs • Use it for ongoing projects where you will be running composer update often • This isn’t faster the first time • It will pay you back in spades subsequently

7. Bonus when installing from source Tom@Toms-iMac:~/Sites/ascension (master)$ composer update -v

   Loading composer repositories with package information Updating dependencies (including require-dev) - Updating phpunit/php-token-stream (1.3.0 => 1.4.0) Checking out db32c18eba00b121c145575fcbcd4d4d24e6db74 Pulling in changes: db32c18 - Sebastian Bergmann: Update the branch alias to 1.4 802c518 - Milad Rastian: Added tokens introduced in HackLang #43 - Updating mopa/bootstrap-bundle dev-master (184a761 => 32f5c47) Checking out 32f5c47b575278236dbf28245cb26acbe1d1d5ea Pulling in changes: 8be5b94 - auipga: Updated @icon-font-path b500dde - auipga: make $icon-font-path able to override fa3abea - Marc Valldepérez: added compatibility with symfony 2.3 98ff7b0 - Marc Valldepérez: added compatibility with label_format Writing lock file Generating autoload files Tom@Toms-iMac:~/Sites/ascension (master)$ • composer update -v will show you the commit messages for all changes • this is extremely useful when using unstable deps

8. Tracking down bugs in third party code Scenario: After running

   composer update your application breaks. You track it down to a single library that was upgraded from 1.0 to 1.1. There were 300 commits between the two releases and the CHANGELOG isn’t helpful. How do you find which commit broke your app?

9. git bisect to the rescue • Check the diff for

   your composer.lock file • Find the SHA1 hash for the working version $ git bisect start $ git bisect bad #Current version is bad $ git bisect good OLD_SHA1

10. git bisect to the rescue • run your tests •

    if they pass: $ git bisect good • if they fail: $ git bisect bad • repeat until you find the guilty commit

11. Fixing bugs in third party code Scenario: After bisecting the

    third party library to find the bug you fork the repo, fix the bug and issue a pull request. You have a warm fuzzy open source feeling but your app is still broken until the maintainer merges your fix How do I use my fix before it is merged upstream?

12. Overriding a package with an inline alias See: https://getcomposer.org/doc/articles/aliases.md //composer.json

    "require": { "simplethings/entity-audit-bundle": "dev-m2m-audit as dev-master", //... }, "repositories": [ { "type": "vcs", "url": "https://github.com/tommygnr/EntityAudit" } ],

13. ToranProxy • Created by Jordi Boggiano • Acts as a

    proxy & cache for packagist and github • Helps support ongoing development of composer • https://toranproxy.com/

14. Questions ?