Open in app

Sign in

Write

Sign in

Introducing Composer — the heart of Modern PHP Apps development

Utpal Biswas
Oceanize Lab Geeks
Published in
4 min readAug 31, 2017

Managing app dependencies manually in any programming language is a huge pain. This is why in most programming languages today you will find that they all have some implementation of a dependency management system or sometimes a package manager. Composer is the dependency management system that you will find inside most modern PHP projects.

My goal is to try and show you the basics of using Composer to install packages and libraries into your future projects.

We will need to understand what Composer is, what it will do for us, and explore the why before we get into the how. Composer manages all of your project dependencies and keeps them in a clean folder structure and tracks versions as well. For example, if your project needs to have PHPUnit installed for testing, you would tell Composer that you need PHPUnit and the specific version you want. Then you would run an install command. Composer would then go out and search for the package and version you requested and download it for you. Not only will it download your requested package, but also any other packages that your requested project requires to work. It will keep all of these dependencies in a folder named vendor which helps to keep your project nice and clean.

Before we go into detail, there are two things that we need to have in mind:

What Composer is:

As we can see on their website: “Composer is a tool for dependency management in PHP. It allows you to declare the libraries your project depends on and it will manage (install/update) them for you.” And need to keep in mind that Composer is not a package manager.

Getting Composer:

There are two ways of installing Composer: locally and globally. Because Composer is such a useful and widespread tool, I always recommend installing it globally, as you’ll probably be working on more than one project at once. And you will able to install via Using the Installer or install manually.

Running the composer command shows the information page:

information page after running composer command

Some of Composer’s more useful commands are:

  • composer help <command> — will show the help page for a given command.
  • composer self update — Updates composer to the latest available version.
  • composer search — Searches for packages.
  • composer status — Shows a list of dependencies that have been modified locally. If we install something from the source (using the — prefer-source option), we will end up with a clone of that package in the /vendor folder. If we make some changes to that package, the composer status command will show us a git status for those changes.
  • composer diagnose — Diagnoses the system for common errors. This is especially useful for debugging, as it checks for things like connectivity to Packagist, free disk space, and git settings.

Using Composer:

To manage dependencies in a project, Composer uses a json file. This file describes all the dependencies, and holds some metadata as well. composer init will launch the wizard. The wizard will guide us through the generation of our composer.json file.

If you used composer init or the manual method, you need to run composer install. This will download all the dependencies needed for the packages described in the composer.json file.

The first time you run the composer install command, the dependencies are downloaded and their installed versions are registered in the composer.lock file. The next time someone runs composer install on the project, it will not get the latest available package versions, but the ones that are registered in the composer.lock file. This way, Composer ensures that your project doesn’t break due to unexpected code changes in newer versions of the packages.

Updating Your Packages:

The composer.lock file ensures that everyone in the project uses the same version of the packages by not allowing newer versions to be downloaded.

If for any reason we want to stick to a particular version, than we should mention the appropriate version in the composer.json file.

But what if we want to update our dependencies to the latest versions?

To update dependencies, Composer provides the composer update command. This command will not only download the latest versions of our dependencies, it will also update the composer.lock file to the new versions. Running composer update is actually the same as deleting composer.lock and then re-running composer install.

The Vendor Folder:

Composer downloads all dependencies into the /vendor folder, which it creates if it doesn’t exist. It also creates a vendor/autoload.php file.

Autoloading:

The autoloading provided by Composer to access the project’s dependencies is very useful, and can also be used to access our own application’s code. To do this, we need to register our code in the composer.json file using the autoload key.

{
    "autoload": {
        "psub-4": {"Foo\\": "src/"}
    }
}

First, Composer will register a PSUB-4 autoloader for the Foo namespace.

Conclusion:

This is all about important and useful topic about composer. Hopefully this has given you a good overview of how to use composer to install and manage project dependencies within your PHP projects!

PHP
Composer
App Development
Dependencies

--

--

Utpal Biswas
Oceanize Lab Geeks

Written by Utpal Biswas

49 Followers
Writer for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams