Composer is a new generation of PHP dependency management tool. For its introduction and basic usage, you can read this article "A New Era of Composer PHP Dependency Management". This article introduces five tips for using Composer, hoping to bring convenience to your PHP development.
You only want to update a specific library and don’t want to update all its dependencies. It’s very simple:
composer update foo/bar
In addition, this trick can also be used to solve the "warning message problem". You must have seen warning messages like this:
<code>Warning: The lock file is not up to date with the latest changes in composer.json, you may be getting outdated dependencies, run update to update them. </code>
Damn, what went wrong? Don't panic! If you edit composer.json
, you should see a message like this. For example, if you add or update details such as a library description, author, more parameters, or even just a space, it will change the md5sum of the file. Then Composer will warn you that the hash value is different from the one recorded in composer.lock
.
So what should we do? The update
command can update the lock file, but if you only add some descriptions, it should not update any libraries. In this case, just update nothing
:
$ composer update nothing Loading composer repositories with package information Updating dependencies Nothing to install or update Writing lock file Generating autoload files
This way, Composer will not update the library, but it will update composer.lock
. Note that nothing
is not a keyword of the update
command. There is just no nothing
result caused by this package. If you type foobar
, the result will be the same.
If the Composer version you are using is new enough, you can use the --lock
option directly:
composer update --lock
composer.json
You may find it too troublesome to modify composer.json
every time you install a library, then you can use the require
command directly.
composer require "foo/bar:1.0.0"
This method can also be used to quickly open a new project. The init
command has the --require
option, which can automatically write composer.json
: (note that we use -n
so that we don’t have to answer the question)
$ composer init --require=foo/bar:1.0.0 -n $ cat composer.json { "require": { "foo/bar": "1.0.0" } }
Have you tried the create-project
command during initialization?
composer create-project doctrine/orm path 2.2.0
This will automatically clone the repository and check out the specified version. This command is very convenient to use when cloning a library, as there is no need to search for the original URI.
dist
packet priorityComposer from the past year will automatically archive the dist
packages you downloaded. By default, the dist
package is used for tagged versions, such as "symfony/symfony": "v2.1.4"
, or wildcards or version ranges, "2.1.*"
or ">=2.2,<2.3-dev"
(if you use stable
as your minimum-stability
).
dist package can also be used for branches such as dev-master
. Github allows you to download the compressed package of a certain git reference. To force the use of a tarball instead of cloning the source code, you can use the install
option of update
and --prefer-dist
.
Here is an example (I used the --profile
option to show execution time):
$ composer init --require="twig/twig:1.*" -n --profile Memory usage: 3.94MB (peak: 4.08MB), time: 0s $ composer install --profile Loading composer repositories with package information Installing dependencies - Installing twig/twig (v1.12.2) Downloading: 100% Writing lock file Generating autoload files Memory usage: 10.13MB (peak: 12.65MB), time: 4.71s $ rm -rf vendor $ composer install --profile Loading composer repositories with package information Installing dependencies from lock file - Installing twig/twig (v1.12.2) Loading from cache Generating autoload files Memory usage: 4.96MB (peak: 5.57MB), time: 0.45s
Here, the compressed package of twig/twig:1.12.2
is saved in ~/.composer/cache/files/twig/twig/1.12.2.0-v1.12.2.zip
. Use it directly when reinstalling the package.
When you need to modify the library, cloning the source code is more convenient than downloading the package. You can use --prefer-source
to force selection of cloned source code.
composer update symfony/yaml --prefer-source
Next you can modify the file:
composer status -v You have changes in the following dependencies: /path/to/app/vendor/symfony/yaml/Symfony/Component/Yaml: M Dumper.php
When you try to update a modified library, Composer will remind you and ask whether to abandon the modification:
$ composer update Loading composer repositories with package information Updating dependencies - Updating symfony/symfony v2.2.0 (v2.2.0- => v2.2.0) The package has modified files: M Dumper.php Discard changes [y,n,v,s,?]?
Finally, when deploying code to the production environment, don’t forget to optimize automatic loading:
composer dump-autoload --optimize
You can also use --optimize-autoloader
when installing packages. Without this option, you may see a 20% to 25% performance loss.
If you need help or want to know the details of a certain command, you can read the official documentation or Chinese documentation, or check out this interactive cheat sheet made by JoliCode.
Original address: 5 features to know about Composer PHP
Translation address: 5 Composer tips that PHP developers should know
Composer is a new generation of PHP dependency management tool. For its introduction and basic usage, you can read this article "A New Era of Composer PHP Dependency Management". This article introduces five tips for using Composer, hoping to bring convenience to your PHP development.
You only want to update a specific library and don’t want to update all its dependencies. It’s very simple:
composer update foo/bar
In addition, this trick can also be used to solve the "warning message problem". You must have seen warning messages like this:
<code>Warning: The lock file is not up to date with the latest changes in composer.json, you may be getting outdated dependencies, run update to update them. </code>
擦,哪里出问题了?别惊慌!如果你编辑了composer.json
,你应该会看到这样的信息。比如,如果你增加或更新了细节信息,比如库的描述、作者、更多参数,甚至仅仅增加了一个空格,都会改变文件的md5sum。然后Composer就会警告你哈希值和composer.lock
中记载的不同。
那么我们该怎么办呢?update
命令可以更新lock文件,但是如果仅仅增加了一些描述,应该是不打算更新任何库。这种情况下,只需update nothing
:
$ composer update nothing Loading composer repositories with package information Updating dependencies Nothing to install or update Writing lock file Generating autoload files
这样一来,Composer不会更新库,但是会更新composer.lock
。注意nothing
并不是update
命令的关键字。只是没有nothing
这个包导致的结果。如果你输入foobar
,结果也一样。
如果你用的Composer版本足够新,那么你可以直接使用--lock
选项:
composer update --lock
composer.json
的情况下安装库你可能会觉得每安装一个库都需要修改composer.json
太麻烦,那么你可以直接使用require
命令。
composer require "foo/bar:1.0.0"
这个方法也可以用来快速地新开一个项目。init
命令有--require
选项,可以自动编写composer.json
:(注意我们使用-n
,这样就不用回答问题)
$ composer init --require=foo/bar:1.0.0 -n $ cat composer.json { "require": { "foo/bar": "1.0.0" } }
初始化的时候,你试过create-project
命令么?
composer create-project doctrine/orm path 2.2.0
这会自动克隆仓库,并检出指定的版本。克隆库的时候用这个命令很方便,不需要搜寻原始的URI了。
dist
包优先最近一年以来的Composer会自动存档你下载的dist
包。默认设置下,dist
包用于加了tag的版本,例如"symfony/symfony": "v2.1.4"
,或者是通配符或版本区间,"2.1.*"
或">=2.2,<2.3-dev"
(如果你使用stable
作为你的minimum-stability
)。
dist包也可以用于诸如dev-master
之类的分支,Github允许你下载某个git引用的压缩包。为了强制使用压缩包,而不是克隆源代码,你可以使用install
和update
的--prefer-dist
选项。
下面是一个例子(我使用了--profile
选项来显示执行时间):
$ composer init --require="twig/twig:1.*" -n --profile Memory usage: 3.94MB (peak: 4.08MB), time: 0s $ composer install --profile Loading composer repositories with package information Installing dependencies - Installing twig/twig (v1.12.2) Downloading: 100% Writing lock file Generating autoload files Memory usage: 10.13MB (peak: 12.65MB), time: 4.71s $ rm -rf vendor $ composer install --profile Loading composer repositories with package information Installing dependencies from lock file - Installing twig/twig (v1.12.2) Loading from cache Generating autoload files Memory usage: 4.96MB (peak: 5.57MB), time: 0.45s
这里,twig/twig:1.12.2
的压缩包被保存在~/.composer/cache/files/twig/twig/1.12.2.0-v1.12.2.zip
。重新安装包时直接使用。
当你需要修改库的时候,克隆源代码就比下载包方便了。你可以使用--prefer-source
来强制选择克隆源代码。
composer update symfony/yaml --prefer-source
接下来你可以修改文件:
composer status -v You have changes in the following dependencies: /path/to/app/vendor/symfony/yaml/Symfony/Component/Yaml: M Dumper.php
当你试图更新一个修改过的库的时候,Composer会提醒你,询问是否放弃修改:
$ composer update Loading composer repositories with package information Updating dependencies - Updating symfony/symfony v2.2.0 (v2.2.0- => v2.2.0) The package has modified files: M Dumper.php Discard changes [y,n,v,s,?]?
最后提醒一下,在部署代码到生产环境的时候,别忘了优化一下自动加载:
composer dump-autoload --optimize
安装包的时候可以同样使用--optimize-autoloader
。不加这一选项,你可能会发现20%到25%的性能损失。
如果你需要帮助,或者想要了解某个命令的细节,你可以阅读官方文档或者中文文档,也可以查看JoliCode做的这个交互式备忘单。
原文地址:5 features to know about Composer PHP
译文地址:PHP 开发者该知道的 5 个 Composer 小技巧