Great tip by Mattias: TIL: you can fake package versions in composer using the "as" alias. Useful to force install certain versions while keeping other dependencies in check! 👍https://t.co/VzmMRCCoR5 — Mattias Geniar (@mattiasgeniar) April 16, 2020 You can alias directly when requiring a package: composer require monolog/monolog:”dev-bugfix as 1.0.x-dev” Surely comes in handy when locally […]
Tag Archives: composer
“Composer require local package”: Working with symlinked Composer packages in PHP
When developing a PHP library/package, you most likely also have a project on disk that consumes said library. Take a WordPress plugin for example: to test it, you need a WordPress installation — both are linked but separate projects. To speed up development you can tell Composer to use the local version of the package, […]
Overriding the PHP version to use when installing Composer dependencies
If you have a (legacy) PHP project running on a legacy server (running PHP 5.4.27 for example), but are locally developing with a more modern PHP version (PHP 7.4 for example), you might end up installing dependencies that are not compatible with the PHP version on the server. To bypass this, you can tell Composer, […]
Selling Composer Packages through “Private Packagist for Vendors”
Nice new addition by Packagist: If you’re selling PHP packages, the easiest way to offer Composer package installation to your customers is now “Private Packagist for Vendors”. You get a unique URL and authentication token for each customer and they can use these in their composer.json file to install your packages. Especially if you’re still […]
Bash/Shell Autocompletion for Composer
The other day I opened up a PHP project that I hadn’t worked on in a while. No longer remembering which Composer Scripts I had defined for it, I needed to take a peek inside composer.json to see which ones were available to me. Then it hit me: why is there no autocompletion for composer […]
Private Packagist
Mid-December Nils Adermann – Co-Founder of Packagist Conductors & Creator of Composer for PHP – announced Private Packagist. Being a hosted service, setting up your own Composer package repository on Private Packagist is done with a few clicks. No matter if your private source code is hosted on GitHub, GitLab, Bitbucket, any of their on-premise […]
Check for updates on PHP dependencies with `composer outdated`
Just yesterday it came to my attention that you can run composer outdatedto check if newer versions of dependencies you are using exist: Composer → Related: npm-check-updates does the same for Node
PHP Roave Security Advisories
$ composer require roave/security-advisories:dev-master $ # following commands will fail: $ composer require symfony/symfony:2.5.2 $ composer require zendframework/zendframework:2.3.1 This package ensures that your PHP application doesn’t have installed dependencies with known security vulnerabilities. This package does not provide any API or usable classes: its only purpose is to prevent installation of software with known and […]
Heroku <3 PHP
Good news from Heroku: PHP is (finally) properly supported. Just add a composer.json file to your repo and Heroku will know your app runs PHP. Yes, you see that right: Composer is supported. Whenever you push your code to Heroku, it will install the dependencies if needed. $ git add . $ git commit -m […]
Composer Cheat Sheet
Composer is the dependency manager for PHP. This site is a one-page-only doc for this tool. It has a very nice and well-supplied documentation on the official website, this page just brings you the essential. A video walking throug the site quickly is also available: Composer Cheat Sheet →