Package dependency management tool that PHP developers must know: Composer

Composer is a very popular PHP package dependency management tool. It has replaced the PEAR package manager. It is necessary for PHP developers to master Composer.

For For users, Composer is very simple. You can download the required code package to the vendor directory with a simple command, and then developers can introduce the package and use it.

The key lies in the definition of your project composer.json, you can define the packages that the project needs to depend on (there may be multiple), and the dependent packages may depend on other packages (this is the benefit of components). You don’t have to worry about these. Composer will automatically download everything you need. , everything lies in the definition of composer.json.

Composer is very transparent to users, but the concept behind it still needs to be understood, and its birth is not accidental, thanks to the speed of Github With the development of Composer, the PHP language is becoming more and more modern and appears to be higher and higher.

In order to understand Composer, first have a general understanding of its structure:

The structure of Composer

##Composer command line tool:

This understanding is relatively simple, through user definition Composer.json to download the code you need. If you just use Composer simply, then you can master some specific commands.

Autoloading code loader:

Through Composer, developers can use it in a variety of ways, and the key lies in the namespace concept of PHP and the development of the PSR-4 standard. Composer only developed a code automatic loader based on these two

Github:

With Github, PHP developers can host open source code on it, and the development of Composer originated from Github. Composer essentially downloads the code on Github Go to local.

Packagist:

For users, the command line tool of Composer is used, so how does the command line tool know how many packages can be used by the user? Well, this mainly relies on Packagist. Packagist is Composer's main package information repository. Package developers host specific codes on Github and submit package information to Packagist, so that users can use it through Composer.

Composer queries Packagist based on the locally defined composer.json information. Packagist parses the information based on Composer.json/Package.json and finally corresponds to the github repository. When Composer finally downloads the code, it also depends on the Github repository. Composer.json, three types of composer.json are involved here, and their meanings are different.

Composer.json:

This is the core of Composer. The rules of Composer, the three types of Composer.json are also mentioned above. You must pay attention to the distinction when using them. I always messed up when I first learned.

Composer command line Tool

composer init

Users can create composer.json under their own projects to define the dependency packages of your project, or they can pass composer init interactively creates composer.json.

composer install

should be the most commonly used command. Composer will download the installation package based on the local composer.json Put the package into the vendor directory under the project, and put the package version information during installation into composer.lock to lock the version.

In fact, during installation, if the composer.lock version is found to be the same as the current version If the code versions in the vendor directory are the same, Composer will do nothing. The purpose of composer.lock is to allow you to work in the current version without getting the latest version of the package.

composer update

So how to update composer.lock to get the latest version of the package? Use this command to update the latest version of the package

composer config

It is recommended to understand this command. The global configuration is saved in COMPOSER_HOME/config.json, and the non-global configuration information is stored in the project directory.

composer config --list -g
composer config -g notify-on-install false
composer global config bin-dir --absolute
composer create-project

This command is not commonly used. But I personally think it is still very important. Using the ordinary install command is to download all the dependent packages of the project to the vendor directory of the project. With this command, all the code and its dependent packages are placed in one directory, which is quite Because a git clone command is executed, usually the package developer may use this command to fix bugs.

composer global

This is a global installation command , it allows you to execute Composer commands in the COMPOSER_HOME directory, such as install and update. Of course, your COMPOSER_HOME must be in the $PATH environment.

For example, execute composer global require fabpot/php-cs-fixer, now php -cs-fixer command line can now be run globally. If you want to update it later, just run composer global update

composer dump-autoload

when you modify the project It is not necessary to run the composer update command to update the composer.json file under Practice to illustrate this command.

composer require

假如手动或者交互式创建composer.json文件,可以直接使用该命令来安装包

composer require  cerdic/css-tidy:1.5.2
composer require "ywdblog/phpcomposer:dev-master"

–prefer-source和–prefer-dist参数

–prefer-dist:对于稳定的包来说,一般Composer安装默认使用该参数,这也能加快安装,比如有可能直接从packagist安装了相应的包,而不用实际去Github上下载包.

–prefer-source:假如使用该参数,则会直接从Github上安装,安装包后vendor目录下还含有.git信息

composer require "ywdblog/phpcomposer:dev-master" --prefer-source
#在vendor/ywdblog/phpcomposer目录下含有.git信息

如何给Composer添加代理

在国内使用Composer下载特别慢,可以通过二个方法进行加速

composer config repo.packagist composer “https://packagist.phpcomposer.com“

编辑composer.json

"repositories": {
  "packagist": {
      "type": "composer",
      "url": "https://packagist.phpcomposer.com"
  }
}

Autoloading代码加载器

composer本身集成一个autoloader,支持PSR-4,PSR-0,classmap,files autoloading.

这里通过一个例子来说明通过Composer如何引用classmap,files,本地符合PSR-4标准的代码

编辑composer.json

"autoload": {
  "classmap": ["othsrc/","classsrc.php"],
  "files": ["othsrc/filesrc.php"],
  "psr-4": {"Foo\Bar\": "src"}  }

composer dump-autoload

通过上述的操作,对于PSR-4来说等同注册了一个PSR-4 autoloader(从FooBar命名空间)

假如不想使用Composer的autoloader,可以直接包含vendor/composer/autoload_*.php文件,配置自己的加载器.

具体的例子托管在github上,可参考.

Repositories

关于Repositories,了解其不是必须的,但是假如掌握则更能理解Composer,对于Repositories,其中文文档和英文文档解释的很好,这里也进行了一些摘抄.

基本概念

包:

Composer是一个依赖管理工具,它在本地安装一些资源包和包的描述(比如包名称和对应的版本),比较重要的元数据描述是dist和source,dist指向一个存档,该存档是对一个资源包的某个版本的数据进行的打包.source指向一个开发中的源,这通常是一个源代码仓库(比如git)

资源库:

一个资源库是一个包的来源.它是一个packages/versions的列表.

Composer将查看所有你定义的repositories以找到项目需要的资源包(这句话很重要).

默认情况下已经将http://Packagist.org注册到Composer(或者理解为http://Packagist.org是Composer资源库默认的仓库类型)

Composer资源库类型

Composer资源库包括四种类型,默认的是composer类型,也就是http://packagist.org所使用的资源类型.

它使用一个单一的packages.json文件,包含了所有的资源包元数据.当你将包发布到http://pckagist.org上,则默认系统会创建一个packages.json,不过我没有找到我的包对应的文件.

VCS资源库类型

假如你想构建一个私有的Composer私有资源库类型,可以使用该类型,这里举一个例子,比如你在自己项目的composer.json定义如下,则就可以使用对应的Github上的代码了.

{
    "repositories": [
    {
        "type": "vcs",
        "url": "https://github.com/ywdblog/phpcomposer"
    }
    ],
    "require": {
        "ywdblog/phpcomposer": "dev-master"
    }
}

当运行composer update的时候,Comoser实际上是从Github上下载包而不是从http://pckagist.org上下载.

另外假如需要使用Package资源库类型或者PEAR资源库类型,参考官方文档即可,一般在composer.json中定义name、version属性即可.

Composer.json

在本文上面也多次提到了composer.json,比如你希望使用第三方包则需要在本地定义composer.json,Composer安装第三方包后,也会在第三方包目录下发现composer.json,那么这二者都叫composer.json,有什么区别呢?理解这非常的重要.

假如你在自己的项目下面定义一个composer.json,则这个包称之为ROOT包,这个composer.json定义你项目需要的条件(比如你的项目可能依赖一个第三方包).

composer.json中有些属性只能被ROOT包使用,比如config属性只在ROOT包中生效.

一个资源包是不是ROOT包,取决于它的上下文,比如你git clone ywdblog/phpcomposer,则这时候本地phpcomposer目录就是ROOT包,假如你在本地phpcomposer目录下composer require ywdblog/phpcomposer,则这时候你的项目phpcomposer就是ROOT包.

了解composer-schema.json可参考该网址,Laravel作为一个成熟的框架,其定义的composer.json非常经典

关于包的版本

当使用者在本地配置composer.json的时候,可以指定需要包的特定版本,Composer支持从Github仓库中下载Tag或者分支下的包.

对于Github上的Tag来说,Packagist会创建对应包的版本,它符合X.Y.Z,vX.Y.Z,X.Y.Z-包类型,就是说Github上虽然只有一个特定版本的包,但Composer支持多种形式的引用方式,比如:

composer require monolog/monolog  1.0.0-RC1
composer require monolog/monolog  v1.0.0-RC1
composer require monolog/monolog  1.0.*
composer require monolog/monolog  ~1.10

对于Github上的分支来说,Packagist会创建对应包的版本,假如分支名看起来像一个版本,将创建{分支名}-dev的包版本号,如果分支名看起来不像一个版本号,它将会创建dev-{分支名}形式的版本号

总结:

理解Composer,最重要的是实践,最后也能明白PSR-4和命名空间,也可以尝试将你的项目发布到http://pckagist.org上.

PHP中文网，有大量免费的PHP教程，欢迎大家学习！

本文转自：https://www.jianshu.com/p/d8bb33c53482