minte9
SoftwareDevelopment / PHP





Dependency management

Composer is a tool for dependency management in PHP. You declare the libraries your project depends on and it will install (update) them for you. 
 
sudo apt update
sudo apt install wget php-cli php-zip unzip curl
curl -sS getcomposer.org/installer |php

Composer.json

To use Composer a project simply need a composer.json file in its root directory. This file defines the dependencies of the project. 
 
{
    "require": {
        "nesbot/carbon": "2.12.*"
    }
}

Require

We can edit composer.json manually, or we can use commands (require/update). 
 
mkdir /var/www/html/composer-test
cd /var/www/html/composer-test

composer require nesbot/carbon

   # Failed to open stream: Permission denied
   # Cannot create cache directory /home/catalin/.composer/cache/
   # Avoid sudo when running composer.

sudo chown -R myuser.myuser composer-test
sudo chown -R catalin.catalin /home/catalin/.composer/

 
require __DIR__ . '/vendor/autoload.php';
use Carbon\Carbon;

printf("Now: %s", Carbon::now()); // Now: 2020-05-08 10:34:49
printf("Lastweek: %s", Carbon::now()->subWeek());

Self update

To upgrade Composer on Ubuntu, you can use the following command in your terminal: 
 
composer --version
Composer version 2.2.6 2022-02-04 17:00:38

sudo composer self-update

composer --version
Composer version 2.6.6 2023-12-08 18:32:26

Update packages vendor/

Regenerate the Composer autoload files (useful after adding new classes or files). Check for outdated dependencies. Clear Composer's internal cache (helps resolve issues with corrupted or outdated cache). 
 
composer dumpautoload
composer outdated
composer clearcache
Composer will update the package if newer version found. Version constraints match the one specified in the composer.json 
 
cd myproject/
php artisan cache:clear
composer update

php artisan test
git add composer.lock

PROD

Install project dependencies from composer.lock on PROD server. Installing exactly the versions listed in composer.lock, ensuring consistency with your DEV environment. Skips installing packages listed under "require-dev" (useful for production). Optimizes the autoloader for better performance (recommended for production). Downloads package archives instead of cloning from source (faster and cleaner) 
     
cd myproject/
composer install --no-dev --optimize-autoloader --prefer-dist






Questions and answers:
Clink on Option to Answer




1. Composer delete cache

  • a) composer remove cache
  • b) composer clearcache

2. Check for packages newer versions.

  • a) composer update
  • b) composer outdated

3. The file composer.lock is used by the command:

  • a) composer install
  • b) composer update

4. The file that preserve dependencies across environments:

  • a) composer.lock
  • b) composer.json


References: