Composer: putting dependencies on the score

Rafael Dohms / @rdohms

C!"p#$r
Putting your dependencies on the score

Rafael Dohms

photo credit: Eli White
@rdohms

Evangelist, Speaker and
Contributor.

Developer at WEBclusive.

Enabler at AmsterdamPHP.

%$ E&$v'(!r P)(*+
a general introduction to Composer

Ev$r,-', *!"p#)./
the basic stuff you need to know

Up/r'-)./ (! ' M'$0(r!
advanced features for more complex scenarios

1.-)./ ,!2r (2.$
discovering and sharing libraries

per project system wide
central repository spread out channels
open acceptance strict standards

Pr!b&$":
I need my team and my deployments to use consistent
versions of the dependencies of my project

Pr!b&$":

S!&2()!.:

Pr!b&$":

S!&2()!.:
PEAR

Pr!b&$":

S!&2()!.:
PEAR
SVN Externals

Pr!b&$":

S!&2()!.:
PEAR
SVN Externals
Git Submodules

Pr!b&$":

S!&2()!.:
PEAR
SVN Externals
Git Submodules
vendor management script

Pr!b&$":

S!&2()!.:
PEAR
SVN Externals
Git Submodules
vendor management script

C!"p#$r!

A per-project dependency
manager that allows you to
declare a consistent list of
dependencies and versions for
your application, as well as a
consistent way of sharing your
libraries and making them
discoverable using
packagist.org

I.0('&&)./ C!"p#$r

Local (embed)
$ curl -s http://getcomposer.org/installer | php

Global
$ curl -s http://getcomposer.org/installer | php -- --install-dir=bin

I.0('&&)./ C!"p#$r

Local (embed)
$ curl -s http://getcomposer.org/installer | php

Global
$ curl -s http://getcomposer.org/installer | php -- --install-dir=bin

3p: $ ln -s /usr/bin/composer.phar /usr/bin/composer

I.0('&&)./ C!"p#$r

$ composer.phar --version
Composer version 6573fd3

I.0('&&)./ C!"p#$r

php

$ composer.phar --version
Composer version 6573fd3

K$$p )( 2p-'($-!

$ composer.phar self-update

Updating to version 65e95ed.
Downloading: 100%

C!"p#$r 101

$ cd ~/dev/myproject

C!"p#$r 101

$ vim composer.json

{
"require": {
"silex/silex": "1.0.*"
},

"minimum-stability": "dev"
}

C!"p#$r 101

$ vim composer.json note: project root

{
"require": {
},

}

C!"p#$r 101


“require”: required packages and versions
{
"require": {
adv. ex.: >=1.0.0,<1.2-dev
},

}

C!"p#$r 101


{
"require": {
adv. ex.: >=1.0.0,<1.2-dev
},

"minimum-stability": "dev" “minimum-stability”: if you only want stable
} packages

default: stable

C!"p#$r 101


{
"require": {
adv. ex.: >=1.0.0,<1.2-dev
},

"minimum-stability": "dev" “minimum-stability”: if you only want stable
} packages

default: stable

$ composer.phar install

Installing dependencies
- Installing pimple/pimple (dev-master)
Cloning d2cfa2f02f50abef65c238747c753a5f6786f6be

- Installing symfony/routing (dev-master)
Cloning 6bca82c3ea0d42d750de4f49b22020dfd047dc0f

- Installing symfony/http-foundation (dev-master)
Cloning 498c2da9c3fecefc7e3b0add73621f3feb337ddd

- Installing symfony/event-dispatcher (dev-master)
Cloning b99b49760016467099f010aff7a5098861d49e09

- Installing symfony/http-kernel (dev-master)
Cloning 7f671472f009231f9c1f5ec9b81fc6fbfcd9a955

- Installing silex/silex (dev-master)
Cloning 18e248a277adb061602d2bcabe96011db1c76ec0

symfony/routing suggests installing symfony/config (dev-master)
symfony/routing suggests installing symfony/yaml (dev-master)
symfony/routing suggests installing doctrine/common (>=2.2,<2.4-dev)
symfony/event-dispatcher suggests installing symfony/dependency-injection (dev-master)
symfony/http-kernel suggests installing symfony/browser-kit (dev-master)
symfony/http-kernel suggests installing symfony/class-loader (dev-master)
symfony/http-kernel suggests installing symfony/config (dev-master)
symfony/http-kernel suggests installing symfony/console (dev-master)
symfony/http-kernel suggests installing symfony/dependency-injection (dev-master)
symfony/http-kernel suggests installing symfony/finder (dev-master)
silex/silex suggests installing symfony/browser-kit (2.1.*)
silex/silex suggests installing symfony/css-selector (2.1.*)
silex/silex suggests installing symfony/dom-crawler (2.1.*)
Writing lock file
Generating autoload files



your dependency’s dependencies



Cloning 18e248a277adb061602d2bcabe96011db1c76ec0

Writing lock file






Cloning 18e248a277adb061602d2bcabe96011db1c76ec0 your dependency

Writing lock file






Cloning 18e248a277adb061602d2bcabe96011db1c76ec0 your dependency

silex/silex suggests installing symfony/dom-crawler (2.1.*) suggestions of other packages,
Writing lock file
for further features

P)*42p (+$ ($"p!!
Let Composer bootstrap you development

B!!(0(r'pp)./ Pr!5$*(0

$ composer.phar create-project fabpot/silex-skeleton ~/dev/myproject

B!!(0(r'pp)./ Pr!5$*(0


Installing fabpot/silex-skeleton (dev-master cc19d406cf3cac253715db92d400992d4f3e1b52)
- Installing fabpot/silex-skeleton (dev-master)
Cloning master

Created project in one-liner/

[...]

[...]

Writing lock file

B!!(0(r'pp)./ Pr!5$*(0


Installing fabpot/silex-skeleton (dev-master cc19d406cf3cac253715db92d400992d4f3e1b52)
- Installing fabpot/silex-skeleton (dev-master)
Cloning master

Created project in one-liner/ myproje
ct/
Installing dependencies compose
- Installing pimple/pimple (dev-master) r.json
compose
Cloning d2cfa2f02f50abef65c238747c753a5f6786f6be r.lock
config/
[...] console
/
src/
templat
[...] es/
vendor/
Writing lock file web/

I w'.( (! *!.(r)b2($ ' pr!5$*(
Composer can set that up for you.

B!!(0(r'pp)./ C!.(r)b2()!.0

$ composer.phar create-project dms/dms --dev ~/dev/oss/dms

B!!(0(r'pp)./ C!.(r)b2()!.0
gimme dev packages


B!!(0(r'pp)./ C!.(r)b2()!.0
gimme dev packages


    "require-dev": {
        "symfony/symfony": ">=2.1-dev",
        "doctrine/orm": "dev-master"
    },

B!!(0(r'pp)./ C!.(r)b2()!.0
gimme dev packages


    "require-dev": {
        "symfony/symfony": ">=2.1-dev",
        "doctrine/orm": "dev-master"
    },
“require-dev”: only needed if you are going
to contribute

H!w -! I 6.-/&!'- (+$ 6&$0?
PSR-0 and the modern autoloader

Composer generates an
autoload file for all your
dependencies

Composer generates an
autoload file for all your
dependencies

vendor/autoload.php

"autoload": {
"psr-0": { "MyNamespace": "<root>" },

"classmap": ["src/", "lib/", "Something.php"],

"files": ["src/MyLibrary/functions.php"]

},

“autoload”: describes the autoloading needed for your library

"autoload": {
"psr-0": { "MyNamespace": "<root>" },



},


"autoload": {
"psr-0": { "MyNamespace": "<root>" }, “psr-0”: PSR-0 Compatible libraries



},


"autoload": {

“classmap”: Old PEAR packages and other
libraries


},


"autoload": {

“classmap”: Old PEAR packages and other
libraries

“files”: for php functions or initializations
},

I.0('&&)./, 2p-'()./ '.- "!v)./ !.
how does Composer guarantee consistency

“composer.json”: metadata and list of your
dependencies.

composer.json

dependencies.

composer.json

composer.lock

dependencies.

composer.json

composer.lock

“composer.lock”: existing dependencies and
current commit hashes.

composer.json

composer.lock

update

composer.json

composer.lock

update install

composer.json

composer.lock

update install

reads
composer.json

composer.lock

update install

reads
composer.json

composer.lock

gets latest

update install

reads
composer.json

writes
composer.lock

gets latest

update install

reads reads

composer.json

writes
composer.lock

gets latest

update install

reads reads

composer.json

compares
writes
composer.lock

gets latest

update install

reads reads

composer.json

compares
writes
composer.lock

gets latest gets locked version

D$v$&!p)./ '. App ). ' ($'"?

Commit you composer.lock file
into the repository, and use
composer install.

D$v$&!p)./ '. App ). ' ($'"?

Commit you composer.lock file
into the repository, and use
composer install.

will ensure everyone is on
the same “page”

I’" -$v$&!p)./ ' &)br'r,, +$&p!
here are some fields you should care about

{
"name": "vendor-namespace/package-name",
"type": "symfony-bundle",
"description": "A sample package for examples",
"keywords": ["php", "package"],
"homepage": "http://doh.ms",
"license": "MIT",
"support": {
"email": "support@mylib.com",
"issues": "http://issues.lib.com"
}

"target-dir": "/folder/to/install",
}

“name”: this should be unique, pick a good one!
{
"type": "symfony-bundle",
"license": "MIT",
"support": {
}

}

{
“type”: will be used for more advanced
"type": "symfony-bundle", “custom”installs
"license": "MIT",
"support": {
}

}

{
"license": "MIT", “license”: very important!
"support": {
}

}

{
"support": {
“support”: point people the right way.
}

}

{
"support": {
“support”: point people the right way.
}

}

“target-dir”: great for installing sub-dir splits repositories

ex: Symfony Bundles: /Acme/Bundle/MyBundle

M, *!-$ )0 PHP 5.4 !.&,!
managing system dependencies

{
"require": {
"php": ">=5.3.3",
"ext-ldap": "*"
}
}

{ “php”: PHP version.
"require": {
"php": ">=5.3.3",
"ext-ldap": "*"
}
}

{ “php”: PHP version.
"require": {
"php": ">=5.3.3",
"ext-ldap": "*"
}
} “ext-*”: Presence of selected extension

B2( I .$$- ' 0p$*)6* v$r0)!.
version modifiers to the rescue!

"acme/foo": "1.0.x-dev#3ebbe75"

“#<ref>”: Get this specific commit




"acme/foo": "@dev"
"acme/foo": "1.0.*@beta"



"acme/foo": "@dev"
"acme/foo": "1.0.*@beta"

“@<state>”: Get a version outside
your default stability

I .$$- (! 7$*2($ ' f$w 0*r)p(0
how to automate tasks with Composer

"scripts": {
        "post-install-cmd": [
            "SensioBundleDistributionBundleComposerScriptHandler::buildBootstrap",
            "SensioBundleDistributionBundleComposerScriptHandler::clearCache",
            "SensioBundleDistributionBundleComposerScriptHandler::installAssets",
            "SensioBundleDistributionBundleComposerScriptHandler::installRequirementsFile"
        ],
        "post-update-cmd": [
        ]
    },

“scripts”: allows you to run scripts at given moments

    "scripts": {
        "post-install-cmd": [
        ],
        "post-update-cmd": [
        ]
    },

C20(!" R$p#)(!r)$0 !r .!
C!"p#$r, w+'( .!w?
Injecting Composer into wild packages

“hero/superpackage”: “dev-master”


"repositories": [
{
"type": "vcs",
"url": "https://github.com/rdohms/hero-superpackage"
}
]


“repositories”: point to non-indexed, override existing or on-
the-fly packages

"repositories": [
{
"type": "vcs",
"url": "https://github.com/rdohms/hero-superpackage"
}
]

N!.-C!"p#$r P'*4'/$
{
"repositories": [
{
"type": "package",
"package": {
"name": "smarty/smarty",
"version": "3.1.7",
"dist": {
"url": "http://www.smarty.net/files/Smarty-3.1.7.zip",
"type": "zip"
},
"source": {
"url": "http://smarty-php.googlecode.com/svn/",
"type": "svn",
"reference": "tags/Smarty_3_1_7/distribution/"
}
}
}
]
}

N!.-C!"p#$r P'*4'/$
{
"repositories": “package”: on-the-fly package, injecting a composer.json
[
{
"type": "package",
"package": {
"version": "3.1.7",
"dist": {
"type": "zip"
},
"source": {
"type": "svn",
}
}
}
]
}

N!.-C!"p#$r P'*4'/$
{
"repositories": “package”: on-the-fly package, injecting a composer.json
[
{
"type": "package",
"package": {
"version": "3.1.7",
"dist": {
"type": "zip" SVN / Git
},
"source": {
"type": "svn",
}
}
}
]
}

I .$$- (+)0 PEAR p'*4'/$...
No Problem!

{
"repositories": [
{
"type": "pear",
"url": "http://pear2.php.net"
}
],
"require": {
"pear-pear2.php.net/PEAR2_Text_Markdown": "*",
"pear-pear2/PEAR2_HTTP_Request": "*"
}
}

{
"repositories": [ “pear”: official PEAR and custom PEAR channels
{
"type": "pear",
}
],
"require": {
}
}

{
{
"type": "pear",
}
],
"require": {
}
} Remember the prefix!

{
{
"type": "pear",
}
],
"require": {
}
} Remember the prefix!

!! Warning: PEAR causes a overhead of requests

alias

{
"extra": {
"branch-alias": {
"dev-master": "1.0.x-dev"
}
},

"require": {
"monolog/monolog": "dev-bugfix as 1.0.x-dev"
}
}

replace provide

alias

{
"extra": {
"branch-alias": {
}
},

"require": {
}
}

replace provide

“replace”: allows you to
replace other packages, and
be used them in their place.

alias

{
"extra": {
"branch-alias": {
}
},

"require": {
}
}

replace provide

“replace”: allows you to “provide”: allows you to say
replace other packages, and a package provides a
be used them in their place. expectation.

I .$$- ' &)br'r, (+'( -!$0..
Let me get that for you

usage info

package info

versions

$ composer.phar search filter

dms/dms-filter-bundle : DMS Filter Bundle, makes Annotation based ...
lexik/form-filter-bundle : This bundle aim to provide classes to build...
rollerworks/recordfilter-bundle : Record search-filtering bundle for Symfony
brikou/zend_filter : Zend Framework Filter Library
ext-filter : The filter PHP extension
dms/dms-filter : DMS Library, includes various bundles and ...
shtumi/useful-bundle : Symfony ShtumiUsefulBundle

$ composer.phar show dms/dms-filter-bundle

$ composer.phar show dms/dms-filter-bundle

name : dms/dms-filter-bundle
descrip. : DMS Filter Bundle, makes Annotation based entity filtering available
in Symfony
keywords : symfony, bundle, filter, dms
versions : dev-master, v1.1.1, v1.1, 1.0.2, 1.0.1, 1.0.0
type : symfony-bundle
license : MIT
source : [git] https://github.com/rdohms/DMSFilterBundle v1.1.1
dist : [zip] https://github.com/rdohms/DMSFilterBundle/zipball/v1.1.1 v1.1.1
names : dms/dms-filter-bundle

autoload
psr-0
DMSBundleFilterBundle => .

requires
php >=5.3.2
dms/dms-filter >=1.0.2

B2( ", r$p#)(!r, )0 pr)v'($!
Get your own package repository

R!&&!2( ,!2r !w. S'()0
$ composer.phar create-project composer/satis

R!&&!2( ,!2r !w. S'()0
$ vi packages.json

{
"name": "My Repository",
"homepage": "http://packages.example.org",
"repositories": [
{ "type": "vcs", "url": "http://github.com/mycompany/privaterepo" },
{ "type": "vcs", "url": "http://svn.example.org/private/repo" },
{ "type": "vcs", "url": "http://github.com/mycompany/privaterepo2" }
],
"require-all": true
}

R!&&!2( ,!2r !w. S'()0
$ vi packages.json

{
"name": "My Repository",
"homepage": "http://packages.example.org",
"repositories": [
{ "type": "vcs", "url": "http://github.com/mycompany/privaterepo" },
{ "type": "vcs", "url": "http://svn.example.org/private/repo" },
{ "type": "vcs", "url": "http://github.com/mycompany/privaterepo2" }
],
"require-all": true
}

$ php bin/satis build config.json web/

U0)./ ,!2r !w. S'()0
{
"repositories": [
{
"type": "composer",
"url": "http://packages.yourdomain.net"
}
],

“require”: {
“myvendor/mypackage”: “dev-master”
}
}

U0)./ ,!2r !w. S'()0
{
"repositories": [ “composer”: use this just like it was Packagist
{
"type": "composer",
"url": "http://packages.yourdomain.net"
}
],

“require”: {
“myvendor/mypackage”: “dev-master”
}
}

W+$r$ 0+!2&- I /$( +$&p?

http://getcomposer.org

#composer on irc.freenode.org

%$ E&$v'(!r P)(*+
Dependency Manager, consistent versions, per-project

Ev$r,-', *!"p#)./
install, update, lock and autoload

Up/r'-)./ (! ' M'$0(r!
post-install, overriding, PEAR integration, developer environment

1.-)./ ,!2r (2.$
Satis and Packagist

Q2$0()!.0?

@rdohms

http://doh.ms

http://slides.doh.ms

Composer: putting dependencies on the score

More Related Content

What's hot

Similar to Composer: putting dependencies on the score

More from Rafael Dohms

Recently uploaded

Composer: putting dependencies on the score