In the web industry there are a lot of tools available to make a developers life easier. Because this ecosystem moves so fast - and it's hard to keep track of everything - I thought it would be a good idea to do a roundup of tools I personally use for Magento development. These slides cover dependency management basics, Composer, Modman and N98 Magerun.
5. Modman (Module Manager)
Allows you to clone a repository with
Magento module files and have them be
mapped to the Magento filesystem
6. Modman (Module Manager)
● Files are symlinked
○ (as per `modman` file that’s in the projects
repo)
● Example: github repo link
7. Modman (Module Manager)
● Files are symlinked
○ (as per `modman` file that’s in the projects
repo)
● Example: github repo link
● Not really a package or dependency
management tool
○ Not quite sure what it’s good for (if you’re
using VCS…)
8. Composer
● dependency manager for PHP projects
○ allows you to declare the libraries your project
needs
○ packagist.org is composer main archive
■ packagist doesn’t host the actual files, it
just links to them
http://alanstorm.com/php_composer_magento_tutorial
9. Dependency management basics
● file that states what the project needs
○ In vcs, editable
○ composer.json (e.g. lib-x: 1.0.*)
10. Dependency management basics
● file that states what the project needs
○ In vcs, editable
○ composer.json (e.g. lib-x: 1.0.*)
● file that states what the project
currently has
○ In vcs, auto generated
○ composer.lock (e.g. lib-x: 1.0.9)
13. Dependency management basics
● lock file gets generated by running
`composer update`
○ grabs newest versions
● if there is a lock file present, you can
install all modules by running
`composer install`
○ installs versions as specified in composer.lock,
even though there may be newer versions
available!
19. Magento & Composer with VCS
Method #1
● symlink, vendor not version controlled
○ when cloning the project, you have to install all
dependencies
○ deployment system becomes responsible for
fetching all dependencies
20.
21. 1. “You’re reliant on the npm infrastructure being up and working when you
need it (it won’t always be, as was so clearly demonstrated on Feburary
27th... and in January... and November... and etc...).
2. You’re assuming nobody will subvert the repository and insert malicious
code (not as far-fetched as it sounds—it happened to Ruby).
3. You’re relying on npm to serve the exact bug-for-bug compatible version
of the code that you originally developed and tested against, including all
subdependencies(which it doesn’t, not without special effort).
4. You’re trusting that the online repository will remain available and
serving the exact packages you need for the rest of your application’s
life, which could be decades.“ http://www.letscodejavascript.
com/v3/blog/2014/03/the_npm_debacle
22. Magento & Composer with VCS
Method #2
● symlink, vendor in VCS
○ you might need to add them as git
submodules
http://www.lornajane.net/posts/2014/using-composer-without-
gitignoring
23. Magento & Composer with VCS
Method #3
● copy, vendor not version controlled
○ you can see a diff when you update modules
○ you don’t have to run composer install to have
a project work
○ deployments run smooth, even if certain repo’
s aren’t available
○ disadvantage: files are now in two places