PHP Dependency Management
Last Updated on Mar 22, 2023
Introduction
In any programming language that you use, in your project you might use packages (codes that other people wrote). So your code depends on that package. You need a way to manage all the dependencies. How can you do that in PHP?
In php we do that with composer.
You can download it from getcomposer.org
Dependency Management
So let’s get started
how to use composer
All you need to do is to have a composer.json file in your project folder
So let’s create one with an empty Composer.json
{
}
All the packages that you need will be written like this
{
"require": {
"package/first" : "version",
"example/package" : "version"
}
}
So now we have to answer 2 question
- where do I find those package and their names?
- how to format the version
1. Find Pakcages
you can find the packages in packagist
You search for whatever you want. Here I searched for a random number
Then between the package you choose one
In the page for each page it has written the name of the package in this format vendor/packagename
You can copy that and write it in your composer.json file manually and then run the command
composer update
For example I wrote
{
"require": {
"ircmaxell/random-lib": "^1.2"
}
}
And then ran
composer update
Or you can run this command
composer require vendor/packagename
Which in our case is
composer require ircmaxell/random-lib
Composer will take care of everything for you and requires the latest version.
2. versions
well there are different ways to format the version numbers.
You can write the exact version like:
"vendor/package": "1.3.2"
Or you can specify a range.
There are different ways to specify the range:
// >, <, >=, <= | specify upper / lower bounds
"vendor/package": ">=1.3.2", // anything above or equal to 1.3.2
"vendor/package": "<1.3.2", // anything below 1.3.2
// * | wildcard
"vendor/package": "1.3.*", // >=1.3.0 <1.4.0
// ~ | allows last digit specified to go up
"vendor/package": "~1.3.2", // >=1.3.2 <1.4.0
"vendor/package": "~1.3", // >=1.3.0 <2.0.0
// ^ | doesn't allow breaking changes (major version fixed - following semver)
"vendor/package": "^1.3.2", // >=1.3.2 <2.0.0
"vendor/package": "^0.3.2", // >=0.3.2 <0.4.0 // except if major version is 0
After running composer require vendor/package or composer update composer creates a composer.lock file and a folder named vendor
Inside that vendor folder there are all the packages you have required.
Inside the vendor folder there is also a file called autoload.php
What is that and how can we use it?
Autoload
Do you remember when we defined namespaces and when we wanted to use it in our file we had to require/include them
Well imagine if we had 100 packages how on earth can I keep track of which one I should include in my file? Well you don’t. Composer will take care of that for you.
It doesn’t matter if you have required 1 package or 100 package the only file that you need to include in your file is this autoload.php
Now in my index.php I write
require './vendor/autoload.php';
And that’s it. I can now use the package that I have required
Conclusion
Now you know about dependency management in PHP.
I recommend you to go to packagist and find some packages that interests you. add them to your project and try to use them.
If you have any suggestions, questions, or opinions, please contact me. I’m looking forward to hearing from you!
Key takeaways
- dependency management in PHP
- composer
- packagist
- format verion of the package
- composer require
- composer update
- compost.json file
- autoload.php file
- how to autoload packages to your project