5 Composer Tips PHP Developers Should Know_php Tips

This article mainly introduces 5 Composer tips that PHP developers should know. Friends in need can refer to them

Composer is a new generation of PHP dependency management tool. For its introduction and basic usage, you can read this article "A New Era of Composer PHP Dependency Management". This article introduces five tips for using Composer, hoping to bring convenience to your PHP development.

1. Only update a single library

You only want to update a specific library and don’t want to update all its dependencies. It’s very simple:

composer update foo/bar

In addition, this trick can also be used to solve the "warning message problem". You must have seen warning messages like this:

Warning: The lock file is not up to date with the latest changes in composer.json, you may be getting outdated dependencies, run update to update them.

Oh, what went wrong? Don't panic! If you edit composer.json, you should see a message like this. For example, if you add or update details such as a library description, author, more parameters, or even just a space, it will change the md5sum of the file. Then Composer will warn you that the hash value is different from the one recorded in composer.lock.

So what should we do? The update command can update the lock file, but if you only add some descriptions, it should not update any libraries. In this case, just update nothing:

$ composer update nothing
Loading composer repositories with package information 
Updating dependencies 
Nothing to install or update 
Writing lock file 
Generating autoload files

This way Composer will not update the library, but it will update composer.lock. Note that nothing is not a keyword of the update command. There is just no nothing result caused by this package. If you type foobar, the result will be the same.

If the Composer version you are using is new enough, you can use the --lock option directly:

composer update --lock

2. No editing In the case of composer.json, when installing the library

you may find it too troublesome to modify composer.json every time you install a library, then you can use the require command directly.

composer require "foo/bar:1.0.0"

This method can also be used to quickly open a new project. The init command has the --require option, which can automatically write composer.json: (note that we use -n so that we don’t have to answer the question)

$ composer init --require=foo/bar:1.0.0 -n
$ cat composer.json
{
  "require": {
    "foo/bar": "1.0.0"
  }
}

3. It is easy to derive

During initialization, have you tried the create-project command?

composer create-project doctrine/orm path 2.2.0

This will automatically clone the repository and check out the specified version. This command is very convenient to use when cloning a library, as there is no need to search for the original URI.

4. Consider caching, distpackage priority

Composer from the past year will automatically archive the distpackage you downloaded. By default, the dist package is used for tagged versions, such as "symfony/symfony": "v2.1.4", or wildcards or version ranges, "2.1.*" or ">=2.2,<2.3-dev" (if you use stable as your minimum-stability). The

dist package can also be used for branches such as dev-master. Github allows you to download the compressed package of a certain git reference. To force the use of a tarball instead of cloning the source code, you can use the install option of update and --prefer-dist.

Here is an example (I used the --profile option to show execution time):

$ composer init --require="twig/twig:1.*" -n --profile
Memory usage: 3.94MB (peak: 4.08MB), time: 0s

$ composer install --profile
Loading composer repositories with package information 
Installing dependencies 
 - Installing twig/twig (v1.12.2)
  Downloading: 100%

Writing lock file 
Generating autoload files 
Memory usage: 10.13MB (peak: 12.65MB), time: 4.71s

$ rm -rf vendor

$ composer install --profile
Loading composer repositories with package information 
Installing dependencies from lock file 
 - Installing twig/twig (v1.12.2)
  Loading from cache

Generating autoload files 
Memory usage: 4.96MB (peak: 5.57MB), time: 0.45s

Here, twig/twig:1.12.2 The compressed package is saved in ~/.composer/cache/files/twig/twig/1.12.2.0-v1.12.2.zip. Use it directly when reinstalling the package.

5. If you want to modify, source code first

When you need to modify the library, cloning the source code is more convenient than downloading the package. You can use --prefer-source to force selection of cloned source code.

composer update symfony/yaml --prefer-source

Next you can modify the file:

composer status -v 
You have changes in the following dependencies: 
/path/to/app/vendor/symfony/yaml/Symfony/Component/Yaml:
  M Dumper.php

When When you try to update a modified library, Composer will remind you and ask whether to abandon the modification:

$ composer update
Loading composer repositories with package information 
Updating dependencies 
 - Updating symfony/symfony v2.2.0 (v2.2.0- => v2.2.0)
  The package has modified files:
  M Dumper.php
  Discard changes [y,n,v,s,?]?

Prepare for production environment

Finally, when deploying code to the production environment, don’t forget to optimize automatic loading:

composer dump-autoload --optimize

You can do this when installing the package Use --optimize-autoloader similarly. Without this option, you may see a 20% to 25% performance loss.

If you need help or want to know the details of a certain command, you can read the official documentation or Chinese documentation, or you can check out this interactive cheat sheet made by JoliCode.

---

Original address: 5 features to know about Composer PHP
Translation address: 5 Composer tips that PHP developers should know

Composer is a new generation of PHP dependency management tool. For its introduction and basic usage, you can read this article "A New Era of Composer PHP Dependency Management". This article introduces five tips for using Composer, hoping to bring convenience to your PHP development.

1. Only update a single library

You only want to update a specific library and don’t want to update all its dependencies. It’s very simple:

composer update foo/bar

In addition, this trick can also be used to solve the "warning message problem". You must have seen warning messages like this:

Warning: The lock file is not up to date with the latest changes in composer.json, you may be getting outdated dependencies, run update to update them.

Oh, what went wrong? Don't panic! If you edit composer.json, you should see a message like this. For example, if you add or update details such as a library description, author, more parameters, or even just a space, it will change the md5sum of the file. Then Composer will warn you that the hash value is different from the one recorded in composer.lock.

So what should we do? The update command can update the lock file, but if you only add some descriptions, it should not update any libraries. In this case, just update nothing:

$ composer update nothing
Loading composer repositories with package information 
Updating dependencies 
Nothing to install or update 
Writing lock file 
Generating autoload files

This way Composer will not update the library, but it will update composer.lock. Note that nothing is not a keyword of the update command. There is just no nothing result caused by this package. If you type foobar, the result will be the same.

If the Composer version you are using is new enough, you can use the --lock option directly:

composer update --lock

2. No editing In the case of composer.json, when installing the library

you may find it too troublesome to modify composer.json every time you install a library, then you can use the require command directly.

composer require "foo/bar:1.0.0"

This method can also be used to quickly open a new project. The init command has the --require option, which can automatically write composer.json: (note that we use -n so that we don’t have to answer the question)

$ composer init --require=foo/bar:1.0.0 -n
$ cat composer.json
{
  "require": {
    "foo/bar": "1.0.0"
  }
}

3. It is easy to derive

During initialization, have you tried the create-project command?

composer create-project doctrine/orm path 2.2.0

This will automatically clone the repository and check out the specified version. This command is very convenient to use when cloning a library, as there is no need to search for the original URI.

4. Consider caching, distpackage priority

Composer from the past year will automatically archive the distpackage you downloaded. By default, the dist package is used for tagged versions, such as "symfony/symfony": "v2.1.4", or wildcards or version ranges, "2.1.*" or ">=2.2,<2.3-dev" (if you use stable as your minimum-stability). The

dist package can also be used for branches such as dev-master. Github allows you to download the compressed package of a certain git reference. To force the use of a tarball instead of cloning the source code, you can use the install option of update and --prefer-dist.

Here is an example (I used the --profile option to show execution time):

$ composer init --require="twig/twig:1.*" -n --profile
Memory usage: 3.94MB (peak: 4.08MB), time: 0s

$ composer install --profile
Loading composer repositories with package information 
Installing dependencies 
 - Installing twig/twig (v1.12.2)
  Downloading: 100%

Writing lock file 
Generating autoload files 
Memory usage: 10.13MB (peak: 12.65MB), time: 4.71s

$ rm -rf vendor

$ composer install --profile
Loading composer repositories with package information 
Installing dependencies from lock file 
 - Installing twig/twig (v1.12.2)
  Loading from cache

Generating autoload files 
Memory usage: 4.96MB (peak: 5.57MB), time: 0.45s

Here, twig/twig:1.12.2 The compressed package is saved in ~/.composer/cache/files/twig/twig/1.12.2.0-v1.12.2.zip. Use it directly when reinstalling the package.

5. If you want to modify, source code first

When you need to modify the library, cloning the source code is more convenient than downloading the package. You can use --prefer-source to force selection of cloned source code.

composer update symfony/yaml --prefer-source

Next you can modify the file:

composer status -v 
You have changes in the following dependencies: 
/path/to/app/vendor/symfony/yaml/Symfony/Component/Yaml:
  M Dumper.php

When When you try to update a modified library, Composer will remind you and ask whether to abandon the modification:

$ composer update
Loading composer repositories with package information 
Updating dependencies 
 - Updating symfony/symfony v2.2.0 (v2.2.0- => v2.2.0)
  The package has modified files:
  M Dumper.php
  Discard changes [y,n,v,s,?]?

Prepare for production environment

Finally, when deploying code to the production environment, don’t forget to optimize automatic loading:

composer dump-autoload --optimize

You can do this when installing the package Use --optimize-autoloader similarly. Without this option, you may see a 20% to 25% performance loss.

If you need help or want to know the details of a certain command, you can read the official documentation or Chinese documentation, or you can check out this interactive cheat sheet made by JoliCode.