composing project dependencies
TRANSCRIPT
Composing Project Dependencies
Derek Gallo@derekgallo
http://github.com/drock
Problem
•Projects use many libs or frameworks
•Most libs have several dependencies
•Different projects need different versions
An Example
PHPUnit 3.7
SymfonyYAML
2.2
PHPUnitMocks
1.3...
Project A
PHPUnit 3.6
SymfonyYAML1.02
PHPUnitMocks
1.1...
Project B
Pear
PHPUnit 3.7
SymfonyYAML
2.2
PHPUnitMocks
1.3...
Project A Project B
Single shared dependency
No autoloading
Not part of build
Submodules
PHPUnit 3.7
SymfonyYAML
2.2
PHPUnitMocks
1.3
Project A
PHPUnit 3.6
SymfonyYAML1.02
PHPUnitMocks
1.1
Project B
No autoloading
No dependency management
Composer!
PHPUnit 3.7
SymfonyYAML
2.2
PHPUnitMocks
1.3...
Project A
PHPUnit 3.6
SymfonyYAML1.02
PHPUnitMocks
1.1...
Project B
Composer!
•Autoloading
•Dependency Management
•Per project dependencies
•Part of build
Composer is a tool for dependency management in PHP. It allows you to declare the dependent libraries your project needs and it will install them in your project for you.
Installation
•Locally
• curl -sS https://getcomposer.org/installer | php
•Globally
• sudo mv composer.phar /usr/local/bin/composer
• composer selfupdate <- Do regularly
Silex Sample
•Create empty project folder
•Create composer.json
Silex Sample
Silex Sample• >composer install
Silex Sample• include autoloader
• write controller
Silex Sample• add monolog
Silex Sample• >composer update
Silex Sample• add logging code
Defining Dependencies
Vendor/Package
Version
Stability Requirements
Installing Dependencies•>composer install
•downloads dependencies to vendor folder
•generates autoloader
Using Dependencies
•PSR-0 - Standards defining naming conventions for autoloading.
•Use composer generated autoloader
Updating Dependencies•>composer update
•upgrades packages to latest version based on rules in composer.json
Install vs Update•composer.lock
•tracks versions of dependencies used
•commit it
•install-looks for composer.lock then composer.json
•update-looks straight at composer.json and updates composer.lock
Working in a Team
•Elect a dependency manager
•manages and commits composer files
•add vendor folder to git/svn ignore
Finding Packages
•Packagist
•>composer search ...
•Github
•look for composer.json
Older Packages
• Hopefully its PSR-0 compliant
Define a package repository in your
composer.json
Specify locations of sources
Instruct autoloader
Bleeding EdgeVersion Tag
Version Branch
Other Branch
Custom Forks• Fork on Github
• Add your repo
• Specify your branch
Bootstrapping>composer create-project -s dev fabpot/silex-skeleton .
More?• http://getcomposer.org
• http://packagist.org
• https://github.com/php-fig/fig-standards/blob/master/accepted/
ThanksDerek Gallo@derekgallo
http://github.com/drock