Common commands and version constraints of Composer

The following column of composer usage tutorial will explain commonly used package management commands and how to constrain package versions. I hope it will be helpful to friends in need!

Common commands

require command

In "Composer Tutorial " has briefly introduced how to use the install command to install dependencies. In addition to the install command, we can also use the require command to quickly install a dependency without manually adding dependency information in composer.json:

$ composer require monolog/monolog
Using version ^1.19 for monolog/monolog
./composer.json has been updated
Loading composer repositories with package information
Updating dependencies (including require-dev)
  - Installing psr/log (1.0.0)
    Downloading: 100%         
 
  - Installing monolog/monolog (1.19.0)
    Downloading: 100%         
 
monolog/monolog suggests installing graylog2/gelf-php (Allow sending log messages to a GrayLog2 server)
......
monolog/monolog suggests installing php-console/php-console (Allow sending log messages to Google Chrome)
Writing lock file
Generating autoload files

Composer will first find the appropriate version and then update the composer.json file. Add the relevant information of the monolog/monolog package in require, then download the relevant dependencies for installation, and finally update the composer.lock file and generate the PHP automatic loading file.

update command

Through the update command, you can update all packages in the project, or certain specified packages.

# 更新所有依赖
$ composer update
 
# 更新指定的包
$ composer update monolog/monolog
 
# 更新指定的多个包
$ composer update monolog/monolog symfony/dependency-injection
 
# 还可以通过通配符匹配包
$ composer update monolog/monolog symfony/*

It should be noted that the version that the package can upgrade will be restricted by the version constraint, and the package will not be upgraded to a version beyond the constrained range. For example, if the version constraint of the package in composer.json is ^1.10, and the latest version is 2.0. Then the update command cannot upgrade the package to version 2.0, but can only upgrade it to version 1.x. Please see the introduction below for version constraints.

remove command

Use the remove command to remove a package and its dependencies (when the dependencies are not used by other packages):

$ composer remove monolog/monolog
Loading composer repositories with package information
Updating dependencies (including require-dev)
  - Removing monolog/monolog (1.19.0)
  - Removing psr/log (1.0.0)
Writing lock file
Generating autoload files

search command

Use the search command to search for packages:

$ composer search monolog
monolog/monolog Sends your logs to files, sockets, inboxes, databases and various web services
 
# 如果只是想匹配名称可以使用--only-name选项
$ composer search --only-name monolog

show command

Use the show command to list Get information about the packages currently installed in the project:

# 列出所有已经安装的包
$ composer show
 
# 可以通过通配符进行筛选
$ composer show monolog/*
 
# 显示具体某个包的信息
$ composer show monolog/monolog

The above is an introduction to commonly used commands.

Version Constraints

As mentioned earlier, we can specify the version of the package to be downloaded. For example, we want to download version 1.19 of monolog. We can achieve the goal through the composer.json file:

{
    "require": {
        "monolog/monolog": "1.19"
    }
}

and then run the install command, or through the require command:

$ composer require monolog/monolog:1.19
 
# 或者
$ composer require monolog/monolog=1.19
 
# 或者
$composer require monolog/monolog 1.19

In addition to specifying the specific version as above, we can also pass different constraints way to specify the version.

Basic constraints

Precise version

You can specify a specific version to tell Composer that only this version can be installed. But if other dependencies require other versions, the package installation or update will eventually fail and terminate.

Example: 1.0.2

Scope

You can specify the scope of a package using comparison operators. These operators include: >, >=, <, <=, !=.

You can define multiple ranges, use spaces or commas to indicate logical AND, and use double vertical bars || to indicate logical OR. The priority of AND will be greater than or.

It should be noted that using an unbounded range may cause unpredictable versions to be installed and break downward compatibility. It is recommended to use the hyphen operator.

Example:

>=1.0
>=1.0 <2.0
>=1.0 <1.1 || >=1.2

Range (use hyphen)

The hyphenated range indicates the included version range, which means that there must be borderline. The left side of the hyphen indicates the >= version, while the situation on the right side of the hyphen is a little more complicated. If the version on the right is not a complete version number, it will be completed using wildcard characters. For example, 1.0 - 2.0 is equivalent to >=1.0.0 <2.1 (2.0 is equivalent to 2.0.*), while 1.0.0 - 2.1.0 is equivalent to >=1.0.0 <=2.1.0.

Example: 1.0 - 2.0

Wildcards

You can use wildcards to define versions. 1.0.* is equivalent to >=1.0 <1.1.

Example: 1.0.*

Next Major Version Operator

tilde~

## Let's first explain the usage of the ~ operator through the following example: ~1.2 is equivalent to >=1.2 <2.0.0, and ~1.2.3 is equivalent to >=1.2.3 <1.3.0. This version constraint method is very practical for projects that use Semantic Versioning as the version number standard. For example, ~1.2 defines the smallest minor version number, and then you can upgrade any version below 2.0 without problems, because according to the version definition of Semantic Versioning, minor version upgrades should not have compatibility issues. Simply put, ~ defines the minimum version and allows the last digit of the version number to be upgraded (if you don’t understand, please look at the previous example again).

Example: ~1.2

It should be noted that if ~ acts on the major version number, such as ~1, according to the above statement, Composer can install major versions after version 1, but In fact, ~1 will be treated as ~1.0, and only minor versions can be added, not major versions.

fold number^

^操作符的行为跟Semantic Versioning有比较大的关联，它允许升级版本到安全的版本。例如，^1.2.3相当于>=1.2.3 <2.0.0，因为在2.0版本前的版本应该都没有兼容性的问题。而对于1.0之前的版本，这种约束方式也考虑到了安全问题，例如^0.3会被当作>=0.3.0 <0.4.0对待。

例子：^1.2.3

版本稳定性

如果你没有显式的指定版本的稳定性，Composer会根据使用的操作符，默认在内部指定为-dev或者-stable。例如：

如果你想指定版本只要稳定版本，你可以在版本后面添加后缀-stable。

minimum-stability 配置项定义了包在选择版本时对稳定性的选择的默认行为。默认是stable。它的值如下（按照稳定性排序）：dev，alpha，beta，RC和stable。除了修改这个配置去修改这个默认行为，我们还可以通过稳定性标识（例如@stable和@dev）来安装一个相比于默认配置不同稳定性的版本。例如：

{
    "require": {
        "monolog/monolog": "1.0.*@beta",
        "acme/foo": "@dev"
    }
}

以上是版本约束的介绍。

The above is the detailed content of Common commands and version constraints of Composer. For more information, please follow other related articles on the PHP Chinese website!