In this chapter, we're going to take a pause from Laravel to examine another tool in the PHP world. Don't worry. Laravel does make use of this tool, so if you stick it out, it will make you a better Laravel developer.
Composer is something special in the world of PHP. It has changed the way we handle application dependencies and quelled the tears of many PHP developers.
You see, in the olden days, when you wanted to build an application that relied on third party dependencies you would have to install them with PEAR or PECL. These two dependency managers both have a very limited set of outdated dependencies and have been a thorn in the side of PHP developers for a long time.
When a package is finally available, you could download a particular version, and it would be installed on your system. However, the dependency is linked to PHP rather than your application itself. What this means is that if you had two applications that required different versions of the same dependencies... well, you’re gonna have a bad time.
Enter Composer, king of the package managers. First, let’s think about packages. What are they?
Let’s forget about the concept of ‘applications’ and ‘projects’ for now. The tool that you are building is called a package. Imagine a little box containing everything needed to run your application.
This box requires only one piece of paper (file) inside for it to be registered as a package.
Configuration
You have learned about JSON in the last chapter, right? You are ready for this now! Remember that I told you JSON was used for data transfer between web applications? Well, I lied. It’s not that I’m nasty. It just made it easier to teach the topic with a smaller scope of its ability. I do this a lot. Expect many lies!
Do you remember how JSON represents a complex piece of data? Why can’t we use it within flat files to provide configuration? That’s precisely what the Composer guys thought. Who are we to argue with them?
JSON files use the .json
extension. Composer expects its configuration to live at the root of your package using the filename composer.json
. Remember this! Laravel will use this file often.
Let’s open it up and start entering some information about our package.
{
"name": "marvel/xmen",
"description": "Mutants saving the world for people who hate them.",
"keywords": ["mutant", "superhero", "bald", "guy"],
"homepage": "http://marvel.com/xmen",
"time": "1963-09-01",
"license": "MIT",
"authors": [
{
"name": "Stan Lee",
"email": "stan@marvel.com",
"homepage": "http://marvel.com",
"role": "Genius"
}
]
}
Right. Here we have a composer.json
file at the root of a package for the X-Men. Why the X-Men? They are awesome. That’s why.
Truth be told, all of the options (keys) in this file are optional. You would usually provide the above information if you intended to redistribute the package or release it into the wild.
To be quite honest with you, I normally go ahead and fill in this information. It doesn’t do any harm. The configuration above is used to identify the package. I have omitted a few keys that I felt were reserved for special circumstances. If you are curious about any additional config, then I would recommend checking out the Composer website which contains a wealth of information and documentation.
I also found this handy cheat sheet online, which may be useful for newcomers to Composer when creating new packages. Mouse over each line to discover more about the configuration items.
Let’s have a closer look at the configuration we have created for the X-Men package.
{"name": "marvel/xmen"}
This is the package name. If you have used Github then the name format will be familiar to you, but I’m going to explain it anyway.
The package name consists of two words separated by a forward slash (/
). The part before the forward slash represents the owner of the package. In most circumstances, developers will use their Github username as the owner, and I fully agree with this notion. You can, however, use any name you like. Be sure to keep it consistent across all packages that belong to you.
The second part of the name string is the package name. Keep it straightforward and descriptive. Many developers choose to use the repository name for the package when hosted on Github, and once again I fully agree with this system.
{"description": "Mutants saving the world for people who hate them."}
Provide a brief description of the functionality of the package. Remember to keep it simple. If the package is intended for open source, then you can go into detail within the README
file for your repository. If you want to keep some personal documentation, then this isn’t the place for it. Maybe get it tattooed on your back and keep a mirror handy? That makes the most sense to me. Sticky notes will also work well, though.
{"keywords": ["mutant", "superhero", "bald", "guy"]}
These keywords are an array of strings used to represent your package. They are similar to tags within a blogging platform and essentially serve the same purpose. The tags will provide useful search metadata for when your package is listed within a repository.
{"homepage": "http://marvel.com/xmen"}
The homepage configuration is useful for packages due to be open-sourced. You could use the homepage for the project, or maybe the Github repository URL? Whichever you feel is more informative.
Once again, I must remind you that all of these configuration options are optional. Feel free to omit them if they don’t make sense for your package.
{"time": "1963-09-01"}
This is one of those options that I don’t see very often. According to the cheat sheet, it represents the release date of your application or library. I’d imagine that it’s not required in most circumstances because most packages are hosted on Github or some other version control site. These sites normally date each commit, each tag, and other useful events.
Formats accepted for the time configuration are YYYY-MM-DD
and YYYY-MM-DD HH:MM:SS
. Go ahead and provide these values if you feel like it!
{"license": "MIT"}
If your package is due to be redistributed, then you will want to provide a license with it. Without a license, many developers will not be able to use the package at all due to legal restrictions. Choose a license that suits your requirements, but isn’t too restrictive to those hoping to use your code. The Laravel project uses the MIT license which offers lots of freedom.
Most licenses require you to keep a copy of the license within the source repository, but if you also provide this configuration entry within the composer.json
file then the package repository will be able to list the package by its license.
The authors section of the configuration provides information about the package authors and can be useful for package users wishing to make contact.
Note that the authors section will allow an array of authors for collaborative packages. Let’s have a look at the options given.
{
"authors": [
{
"name": "Stan Lee",
"email": "stan@marvel.com",
"homepage": "http://marvel.com",
"role": "Genius"
}
]
}
Use an object to represent each author. Our example only has one author. Let’s take a look at Stan Lee. Not only does he have a cameo in every Marvel movie, but he’s also managed to make it into my book. What a cheeky old sausage!
{"name": "Stan Lee"}
I don’t know how to simplify this line. If you are having trouble understanding it, then you might want to consider closing this book, and instead pursue a career in sock puppetry.
{"email": "stan@marvel.com"}
Be sure to provide a valid email address so that you can be contacted if the package is broken.
{"homepage": "http://marvel.com"}
This time, a personal homepage can be provided, go ahead and leech some hits!
{"role": "Genius"}
The role option defines the author’s role within the project. For example, developer, designer, or even sock puppetry artist. If you can’t think of something accurate, then put something funny.
That’s all you need to describe your package. Let’s look at something more interesting. Dependency management!
Dependency Management
You have a box that will contain the X-Men. There aren’t a lot of mutants in that box yet, are there? To build a great superhero team (application) you will need to enlist the support of other mutants (3rd party dependencies). Let’s take a look at how Composer will help us accomplish this.
{
"name": "marvel/xmen",
"description": "Mutants saving the world for people who hate them.",
"keywords": ["mutant", "superhero", "bald", "guy"],
"homepage": "http://marvel.com/xmen",
"time": "1963-09-01",
"license": "MIT",
"authors": [
{
"name": "Stan Lee",
"email": "stan@marvel.com",
"homepage": "http://marvel.com",
"role": "Genius"
}
],
"require": {
}
}
We now have a new section within our composer.json
called 'require'. This will be used to list our dependenc... mutants. From now on I’ll be omitting the rest of the configuration, and just showing the require block to shorten the examples. Make sure you know where it lives!
We know that the X-Men will depend on:
- Wolverine
- Cyclops
- Storm
- Gambit
There are loads of others, but these guys are cool. We will stick with them for now. You see, we could copy the source files for these guys into our application directly, but then we would have to update them ourselves with any upstream changes. That could get boring. Let’s add them to the require
section so that Composer will manage them for us.
{
"require": {
"xmen/wolverine": "1.0.0",
"xmen/cyclops": "1.0.1",
"xmen/storm": "1.2.0",
"xmen/gambit": "1.0.0"
}
}
Here we are listing the packages for our mutant dependencies and the versions that we would like to use. In this example, they all belong to the same owner as the X-Men package, but they could just as easily belong to another person.
Most redistributable packages are hosted on a version control website such as Github or Bitbucket. Version control repositories often have a tagging system where we can define stable versions of our application. For example with git, we can use the following command.
git tag -a 1.0.0 -m 'First version.'
We have created version 1.0.0
of our application. This is a stable release that people can depend on.
Let’s have a closer look at the Gambit dependency.
{"xmen/gambit": "1.0.0"}
You should know by now that Composer package names consist of an owner and a package nickname separated by a forward slash (/
) character. With this information, we know that this is the gambit
package written by the xmen
owner.
Within the require
section, the key for each item is the package name, and the value represents the required version.
In the case of Gambit, the version number matches up to the tag available on Github where the code is versioned. Do you see how the versions of dependencies are now specific to our application, and not the whole system?
You can add as many dependencies as you like to your project. Go ahead, add a billion! Prove me wrong.
Listen, do you want to know a secret? Do you promise not to tell? Woah, oh-oh. Closer, let me whisper in your ear. Say the words you long to hear...
Your dependencies can have their own dependencies.
That’s right! Your dependencies are also Composer packages. They have their own composer.json
files. This means that they have their own require
section with a list of dependencies, and those dependencies might even have more dependencies. And that dep... well. You get the idea!
Composer will manage and install these nested dependencies for you. How fantastic is that? Wolverine might need tools/claws
, tools/yellow-mask
, and power/regeneration
but you don’t have to worry about that. As long as you require
the xmen/wolverine
package, then Composer will take care of the rest.
As for dependency versions, they can assume some different forms. For example, you might not care about minor updates to a component. In which case, you could use a wildcard within the version, like this:
{"xmen/gambit": "1.0.*"}
Now Composer will install the latest version that starts with 1.0
. For example, if Gambit had versions 1.0.0
and 1.0.1
, then 1.0.1
would be installed.
Your package might also have a minimum or maximum boundary for package versions. This can be defined using the greater-than
and less-than
operators.
{"xmen/gambit": ">1.0.0"}
The above example would be satisfied by any versions of the xmen/gambit
package that have a greater version number than 1.0.0
.
{"xmen/gambit": "<1.0.0"}
Similarly, the less-than
operator is satisfiable by packages less than the version 1.0.0
. This will allow your package to specify a maximum version dependency.
{
"xmen/gambit": "=>1.0.0",
"xmen/gambit": "=<1.0.0"
}
Including an equals sign =
along with a comparison operator will result in the comparative version being added to the list of versions which satisfy the version constraint.
Occasionally, you may wish to enter more than one version, or provide a range value for a package version. More than one version constraint can be added by separating each constraint with a comma (,
). For example:
{"xmen/gambit": ">1.0.0,<1.0.2"}
The above example would be satisfied by the 1.0.1
version.
If you don’t want to install stable dependencies, for example, you might be the type that enjoys bungee jumping or skydiving; then you might want to use bleeding edge versions. Composer can target branches
of a repository using the following syntax.
{"xmen/gambit": "dev-branchname"}
For example, if you wanted to use the current codebase from the develop branch of the Gambit project on Github, then you would use the dev-develop
version constraint.
{"xmen/gambit": "dev-develop"}
These development version constraints will not work unless you have a correct minimum stability setting for your package. By default, Composer uses the stable
minimum compatibility flag, which will restrict its dependency versions to stable, tagged releases.
If you would like to override this option, simply change the minumum-stability
configuration option within your composer.json
file.
{
"require": {
"xmen/gambit": "dev-master"
},
"minimum-stability": "dev"
}
There are other values available for the minimum stability setting, but explaining those would involve delving into the depths of version stability tags. I don’t want to overcomplicate this chapter by looking at those. Instead, I’d suggest looking at the Composer documentation for package versions to find additional information on the topic.
Sometimes, you may find yourself needing to use dependencies that only relate to the development of your application. These dependencies might not be required for the day-to-day use of your application in a production environment.
Composer has got you covered in this sithation thanks to its require-dev
section. Let’s imagine for a moment that our application will require the Codeception testing framework to provide acceptance tests. These tests won’t be any use in our production environment, so let’s add them to the require-dev
section of our composer.json
.
{
"require": {
"xmen/gambit": "dev-master"
},
"require-dev": {
"codeception/codeception": "1.6.0.3"
}
}
The codeception/codeception
package will now only be installed if we use the --dev
switch with Composer. There will be more on this topic in the installation and usage section.
As you can see, the require-dev
section uses the same format as the require
section. In fact, there are other sections which use the same format. Let’s have a quick look at what’s available.
{
"conflict": {
"marvel/spiderman": "1.0.0"
}
}
The conflict
section contains a list of packages that would not work happily alongside our package. Composer will not let you install these packages side by side.
{
"replace": {
"xmen/gambit": "1.0.0"
}
}
The replace section informs you that this package can be used as a replacement for another package. This is useful for packages that have been forked from another but provide the same functionality.
{
"provide": {
"xmen/gambit": "1.0.0"
}
}
This section indicates packages that have been provided alongside your package. If the Gambit packages source were included within our main package, then it would be of little use to install it again. Use this section to let Composer know which packages have been embedded within your primary package. Remember, you need not list your package dependencies here. Anything found in require
doesn’t count.
{
"suggest": {
"xmen/gambit": "1.0.0"
}
}
Your package might have some extra packages that enhance its functionality but aren’t strictly required. Why not add them to the suggest
section? Composer will mention any packages in this section as suggestions to install when running the Composer install command.
That’s all I have on dependencies. Let’s take a look at the next piece of Composer magic. Autoloading!
Auto Loading
By now we have the knowledge to enable Composer to retrieve our package dependencies for us, but how do we go about using them? We could require()
the source files ourselves within PHP, but that requires knowing exactly where they live.
Ain’t nobody got time fo' dat. Composer will handle this for us. If we tell Composer where our classes are located, and what method can be used to load them, then it will generate its autoloader. This can be used by our application to load class definitions.
Actions speak louder than words, so let’s dive right in with an example.
{
"autoload": {
}
}
This is the section in which all of our autoloading configurations will be contained. Simple, right? Great! No sock puppetry for you.
Let’s have a look at the most simple of loading mechanisms, the files
method.
{
"autoload": {
"files": [
"path/to/my/firstfile.php",
"path/to/my/secondfile.php"
]
}
}
The files
loading mechanism provides an array of files which will be loaded when the Composer autoloader component is loaded within your application. The file paths are considered relative to your project’s root folder. This loading method is effective, but not very convenient. You won’t want to add every single file manually for a large project. Let’s take a look at some better methods of loading more significant amounts of files.
{
"autoload": {
"classmap": [
"src/Models",
"src/Controllers"
]
}
}
The classmap
is another loading mechanism which accepts an array. This time, the array consists of a number of directories which are relative to the root of the project.
When generating its autoloader code, Composer will iterate through the directories looking for files which contain PHP classes. These files will be added to a collection which maps a file path to a class name. When an application is using the Composer autoloader and attempts to instantiate a class that doesn’t exist, Composer will step in and load the required class definition using the information stored in its map.
There is, however, a downside to using this loading mechanism. You will need to use the composer dump-autoload
command to rebuild the class map every time you add a new file. Fortunately, there is another loading mechanism which is intelligent enough not to require a map. Let’s learn about PSR-0 class loading.
PSR-0 class loading was first described in the PSR-0 PHP standard and provides an easy way of mapping PHP namespaced classes to the files that they are contained in.
Know that if you add a namespace
declaration to a file containing your class, like this:
<?php
namespace Xmen;
class Wolverine
{
// ...
}
Then the class becomes Xmen\Wolverine
, and as far as PHP is concerned, it is an entirely different animal to the Wolverine
class.
Using PSR-0
autoloading, the Xmen\Wolverine
class would be located in the file Xmen/Wolverine.php
.
See how the namespace matches up with the directory that the class is contained within? The Xmen
name-spaced Wolverine
class is located within the Xmen
directory.
You should also note that the filename matches the class name, including the uppercase character. Having the filename match the class name is essential for PSR-0
autoloading to function correctly.
Namespaces may have several levels. For example, consider the following class.
<?php
namespace Super\Happy\Fun;
class Time
{
// ...
}
The Time
class is located within the Super\Happy\Fun
namespace. PHP will recognize it as Super\Happy\Fun\Time
and not Time
.
This class would be located at the following file path.
Super/Happy/Fun/Time.php
Once again, see how the directory structure matches the namespace? Also, you will notice that the file is named the same as the class.
That’s all there is to PSR-0
autoloading. It’s quite simple really! Let’s have a look at how it can be used with Composer to simplify our class loading.
{
"autoload": {
"psr-0": {
"Super\\Happy\\Fun\\Time": "src/"
}
}
}
This time, our psr-0
autoloading block is an object rather than an array. This is because it requires both a key and value.
The key for each value in the object represents a namespace. Don’t worry about the double backward slashes. They are used because a single slash would represent an escape character within JSON. Remember this when mapping namespaces in JSON files!
The second value is the directory in which the namespace is mapped. I have found that you don’t need the trailing slash, but many examples like to use it to denote a directory.
This next bit is crucial and is a serious ‘gotcha’ for a lot of people. Please read it carefully.
The second parameter is not the directory in which classes for that namespace are located. Instead, it is the directory which begins the namespace to directory mapping. Let’s take a look at the previous example to illustrate this.
Remember the super happy fun time class? Let’s have another look at it.
<?php
namespace Super\Happy\Fun;
class Time
{
// ...
}
We now know that this class would be located in the Super/Happy/Fun/Time.php
file. With that in mind, consider the following autoload snippet.
{
"autoload": {
"psr-0": {
"Super\\Happy\\Fun\\Time": "src/"
}
}
}
You might expect Composer to look in src/Time.php
for the class. This would be incorrect, and the class would not be found.
Instead, the directory structure should exist in the following format.
src/Super/Happy/Fun/Time.php
This is something that catches so many people out when first using Composer. I can’t stress enough how important this fact is to remember.
If we were to run an installation of Composer now, and later add a new class Life.php
to the same namespace, then we would not have to regenerate the autoloader. Composer knows exactly where classes with that namespace exist, and how to load them. Great!
There's one other useful loading mechanism that was added much later into Composer's lifecycle. It's called PSR-4
namespacing and is a little more convenient than PSR-0
loading.
Here's an example require block for PSR-4 name-spacing.
{
"autoload": {
"psr-4": {
"Dayle\\Blog\\": "src"
}
}
}
Here, we've mapped the Dayle\Blog
namespace to the src
directory. Don't forget to suffix the namespace with two slashes! This means that we don't have to create the Dayle/Blog
directory structure, as all classes will be relative to the src
directory. For example, consider the following class.
Dayle\Blog\Content\Post
It would be located at the following location on disk.
src/Content/Post
We've specified the namespace prefix in our autoloader, so we don't need to create the Dayle
and Blog
subfolders. This makes it much easier to see our project in the tree view of our text editor.
You might wonder why I put my namespaced files in an src
folder? This is a common convention when writing Composer based libraries. In fact, here is a common directory/file structure for a Composer package.
src/ (Classes.)
tests/ (Unit/Acceptance tests.)
docs/ (Documentation.)
composer.json
Feel free to keep to this standard, or do whatever makes you happy. Laravel provides locations for its classes which we will examine in a later chapter.
Now that you have learned how to define your autoload mechanisms, it’s time that we looked at how to install and use Composer so that you can start taking advantage of its autoloader.
Installation
The Homestead machine that we configured in the installation chapter will have composer pre-installed. You'll need to SSH into the machine to use it.
First, make, sure that the machine is running by using vagrant up
. Next, you'll use vagrant ssh
to create an SSH connection to the machine. You're now ready to begin using Composer.
That was easy, wasn't it?
Usage
Let’s assume that we have created the following composer.json
file in our package directory.
{
"name": "marvel/xmen",
"description": "Mutants saving the world for people who hate them.",
"keywords": ["mutant", "superhero", "bald", "guy"],
"homepage": "http://marvel.com/xmen",
"time": "1963-09-01",
"license": "MIT",
"authors": [
{
"name": "Stan Lee",
"email": "stan@marvel.com",
"homepage": "http://marvel.com",
"role": "Genius"
}
],
"require": {
"xmen/wolverine": "1.0.0",
"xmen/cyclops": "1.0.1",
"xmen/storm": "1.2.0",
"xmen/gambit": "1.0.0"
},
"autoload": {
"classmap": [
"src/Xmen"
]
}
}
Let’s go ahead and use the install
command to install all of our package dependencies and generate our autoloader.
composer install
The output we get from Composer will be similar to:
Loading composer repositories with package information
Installing dependencies
- Installing tools/claws (1.1.0)
Cloning bc0e1f0cc285127a38c232132132121a2fd53e94
- Installing tools/yellow-mask (1.1.0)
Cloning bc0e1f0cc285127a38c6c12312325dba2fd53e95
- Installing power/regeneration (1.0.0)
Cloning bc0e1f0cc2851213313128ea88bc5dba2fd53e94
- Installing xmen/wolverine (1.0.0)
Cloning bc0e1f0cc285127a38c6c8ea88bc523523523535
- Installing xmen/cyclops (1.0.1)
Cloning bc0e1f0cc2851272343248ea88bc5dba2fd54353
- Installing xmen/storm (1.2.0)
Cloning bc0e1f0cc285127a38c6c8ea88bc5dba2fd53343
- Installing xmen/gambit (1.0.0)
Cloning bc0e1f0cc285127a38c6c8ea88bc5dba2fd56642
Writing lock file
Generating autoload files
Remember that these are fake packages used as an example. Downloading them won’t work! They are however more fun since they are X-men! Yay!
Why are there seven packages installed when I only listed four? Well, you forget that Composer automatically manages the dependencies of dependencies. The three extra packages are dependencies of the xmen/wolverine
package.
I’d imagine you are probably wondering where these packages have been installed? Composer creates a vendor
directory in the root of your project to contain your package’s source files.
The package xmen/wolverine
can be found at vendor/xmen/wolverine
, where you will find its source files along with its own composer.json
.
Composer also stores some of its files relating to the autoload system in the vendor/composer
directory. Don’t worry about it. You will never have to edit it directly.
So how do we take advantage of the awesome autoloading abilities? Well, the answer to that is even simpler than setting up the autoloading itself. Simply require()
or include()
the vendor/autoload.php
file within your application. For example:
<?php
require 'vendor/autoload.php';
// Your awesome application bootstrap here!
Great! Now you can instantiate a class belonging to one of your dependencies. For example:
<?php
$gambit = new \Xmen\Gambit;
Composer will do all the magic and autoload the class definition for you. How fantastic is that? No more littering your source files with thousands of include()
statements.
If you have added a file in a class mapped directory, you will need to run a command before Composer can load it.
{title="Example 49: Rebuild class map.", lang=text} composer dump-autoload
The above command will rebuild all mappings and create a new autoload.php
for you.
What if we want to add another dependency to our project? Let’s add xmen/beast
to our composer.json
file.
{
"name": "marvel/xmen",
"description": "Mutants saving the world for people who hate them.",
"keywords": ["mutant", "superhero", "bald", "guy"],
"homepage": "http://marvel.com/xmen",
"time": "1963-09-01",
"license": "MIT",
"authors": [
{
"name": "Stan Lee",
"email": "stan@marvel.com",
"homepage": "http://marvel.com",
"role": "Genius"
}
],
"require": {
"xmen/wolverine": "1.0.0",
"xmen/cyclops": "1.0.1",
"xmen/storm": "1.2.0",
"xmen/gambit": "1.0.0",
"xmen/beast": "1.0.0"
},
"autoload": {
"classmap": [
"src/Xmen"
]
}
}
Now we need to run composer install
again so that Composer can install our newly added package.
Loading composer repositories with package information
Installing dependencies
- Installing xmen/beast (1.1.0)
Cloning bc0e1f0c34343347a38c232132132121a2fd53e94
Writing lock file
Generating autoload files
Now xmen/beast
has been installed and we can use it right away. Smashing!
You may have noticed the following line in the output from the composer install
command.
Writing lock file
You might also have noticed that Composer has created a file called composer.lock
at the root of your application. What’s that for I hear you cry?
The composer.lock
file contains the information about your package at the time that the last composer install
or composer update
was performed. It also contains a list of the exact version of each dependency that has been installed.
Why is that? It’s simple. Whenever you use composer install
when a composer.lock
file is present in the directory; it will use the version numbers contained within the file instead of pulling down fresh versions of each dependency.
This means that if you version your composer.lock
file along with your application source (and I highly recommend this) when you deploy to your production environment, it will be using the exact same versions of dependencies that have been tried and tested in your local development environment. This means you can be sure that Composer won’t install any dependency versions that might break your application.
Note that you should never edit the composer.lock
file manually.
While we are on the topic of dependency versions, let's learn how to update them. For example, if we had the following requirement in our composer.json
file.
{"xmen/gambit": "1.0.*"}
Composer might install version 1.0.0
for us. However, what if the package was updated to 1.0.1
a few days later?
We can use the composer update
command to update all of our dependencies to their latest versions. Let’s have a look at the output.
$ composer update
Loading composer repositories with package information
Updating dependencies (including require-dev)
- Installing xmen/gambit (1.0.1)
Cloning bc0e1f0cc285127a38c6c8ea88bc5dba2fd56642
Generating autoload files
Great! The xmen/gambit
package has been updated to its latest version, and our composer.lock
file has been updated.
If we wanted to update only that one dependency rather than all of them, we could specify the package name when using the update
command. For example:
composer update xmen/gambit
Wait, what’s that (including require-dev)
bit mean? Remember the require-dev
section in the composer.json
file where we list our development only dependencies? Composer expects the update command to be only executed within a secure development or testing environment. For this reason, it assumes that you will want your development dependencies, and downloads them for you.
If you don’t want it to install development dependencies, then you can use the following switch.
composer update --no-dev
Also, if you would like to install developer dependencies when using the install
command, simply use the following switch.
composer install --dev
The last thing you should know is that you can use the composer self-update
command to update the Composer binary itself. Be sure to use sudo
if you have installed it globally.
sudo composer self-update
That just about covers all the Composer knowledge we will need when working with Laravel. It has been a lot of information to take in, and a long chapter for these weary fingers, but I hope you have gained something from it.
If you feel that a particular topic needs expanding, then please be sure to let me know! In the next chapter, we're going to learn how to configure our Laravel application. Get your configuration gloves on!
My books are available online for free to encourage learning. However, if you'd like for me to keep writing, then please consider buying a digital copy over at Leanpub.com.
It's available in PDF, ePub, and Kindle format, and contains a bunch of extras that you won't find on the site. I have a full-time job, and I write my books in my spare time. Please consider buying a copy so that I can continue to write new and exciting books!