Many PHP projects are now starting to use Composer, a tool for dependency management. Here we look at how to create a project using Composer with PHP, including downloading, installing and running composer commands.
To start with, why is Composer used by so many developers? Well, let’s say you have a project that requires you to have specific library, for example Zend Framework. Zend Framework then requires a specific version of PHP. These dependencies can be managed with Composer.
Downloading and installing Composer is simple. Simply head to the Composer download page, and run the commands suggested on the page.
If you have installed it correctly, you should be able to run the following command that will list the options available for the composer.phar
command.
$ php composer.phar --help
To start using composer in your own project, the minimum requirement is for you to include a composer.json
file within your project. This lets Composer know that your project depends on a library.
The composer.json file might look like the following.
{
"require": {
"zendframework/zendframework": "3.0.*"
}
}
Here we are using the require
key, that takes an object that maps package names to version constraints. In the above example, we’re stating that the project requires Zend Framework 3.0.*.
The zendframework/zendframework
is the name of the repository. Composer will look for this repository firstly under a repositories
key in the composer.json file. If this doesn’t exist, it is assumed that zendframework/zendframework
is a package registered on Packagist.
To install these dependencies, run the install
command.
$ php composer.phar install
In the example above, the zendframework/zendframework
repository will be added to the project. If the Zend Framework repository itself has dependencies listed, these will also be installed.
The installed repositories are stored within the vendor
directory of your project.
You may also notice that a composer.lock
is generated after running the install command. This lock file writes the packages and their versions downloaded into this file, and essentially locks the projects into using those versions.
If the project is being used by other developers and you’re using a VCS, you should commit this file so that other developers are locked into using the same package versions for the project.
There may be cases where you run the composer install command, whilst a composer.lock file already exists. This scenario may occur if another developer has worked on the same project, run the install command and committed the composer.lock file.
This is fine, as Composer uses the exact versions listed in composer.lock to ensure that the repository versions are consistent for every person working on your project. So when running the install command with a composer.lock file present, you will have all dependencies requested by your composer.json file, but they may not all be at the very latest available versions due to the versions listed in the lock file.
Should you wish to update the versions of your dependencies, you can run the update
command.
$ php composer.phar update
If you only wish to update the versions of specific dependencies, you can run the update command passing in the name of the repository.
$ php composer.phar update zendframework/zendframework
Composer generates an autoload.php
file when running the install command, located within the vendor
directory. You can include this file in your project and start including the classes that the repositories provide.
// /path/to/project/index.php
include __DIR__ . '/vendor/autoload.php';
$logger = new Zend\Log\Logger();
// Do something with the Logger class below