Working with Composer

Composer is installed on all hosting servers by default. If necessary, you can install manually.

Composer is a batch manager for PHP. It allows you to download / update from the official repository packagist.org libraries used by the project and their dependencies. Due to this, each of them does not need to be downloaded and connected manually, and there is no need to store them directly in the project itself, which reduces its size.

For more information on working with Composer, see official documentation.

Composer starts up as follows:


If the version of PHP used to start Composer is different from the version displayed when it is running, run the command:

export PATH=/usr/local/php73/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin

Instead php73 specify the required PHP version.

  • install — installing packages listed in composer.json... The packages are installed in the directory from which the command was run.
  • update — updating all packages (if any packages were accidentally removed, they will be automatically installed).
  • update package/name — updating a specific package.
  • dumpautoload — re—creation of the autoloader.
  • require somepackage/somepackage:someversion — adding a new package (by default, packages are installed from official repository). During installation, the package is written to composer.json.
  • update –lock — update the lock file composer.lock.
  • –profile — adding this parameter to any command will enable the display of the execution time and the amount of memory used.
  • –verbose — detailed information about the operation being performed.
  • show — a list of installed packages with a description of each.
  • show –platform — information about PHP.
  • –dry-run — rehearsal of command execution. Can be added to commands install and update... Emulates the execution of a command without directly executing it. Needed in order to check if the installation of packages and dependencies will succeed.
  • remove — package removal. The exact opposite require.

composer.json Is the key file for Composer to work. It contains a list of libraries and their versions required for the project to work.

Each of the packages also has its own composer.jsonwhich lists all of its dependencies. This file is generated by the package developer. The file schema is available at official website.

In file composer.lock saves the current list of installed dependencies and their versions. Required so that those who clone the project have an identical package environment (the same set of libraries with the same versions were installed).

While doing install Composer relies primarily on content composer.lock... At each execution update versions of updated packages are written in composer.lock.

composer.lock contains the hash of the file composer.json... If the json file has been edited, Composer will issue a warning about the lock file mismatch with the json file. In this case, you will need to update composer.lock team update –lock.

Installation is performed with the command:

composer install

As a result, Composer:

  1. Check availability composer.lock:
    1. If it exists, it will take from it the names of the required packages and their versions.
    2. If it does not exist, it reads the contents of the file. composer.json and will take from it the names of the required packages and their versions.
  2. Download / install packages of the required versions to the directory vendor.
  3. Automatically generate a file autoload.php.
  4. If the file composer.lock was not, will create it.

So that the project can access the installed libraries, just connect autoload.php:

require_once '../vendor/autoload.php';

The update is performed with the command:

composer update

As a result, Composer:

  1. Check the content composer.json.
  2. Will determine the latest versions based on data from this file.
  3. Installs the latest packages.
  4. Willupdate composer.lock according to the installed packages.

To determine the required package, use the command requirewhich is embedded in the file composer.json, or use the command in the console:

composer require provider/package version

Specifying dependencies in a file composer.json produced in this way:

"require": {
    vendor / package1: version, vendor / package2: version, vendor / package3: version
  • provider (vendor) — the vendor of the library to be installed.
  • plasticbag Is the name of the package provided by the vendor.
  • version — the version of the requested library. If not specified, the latest version of the package will be installed. To work with versions, digital (1.2.1, 3.5.1) or text designations (dev-master, master). It is also possible to use imprecise notations using the standard described in SemVer.

For example, to install a package monolog you need to run the command:

composer require "monolog/monolog"

Or specify in the file composer.json lines:

    "require": {
        "monolog/monolog": "*"

Then execute in the console:

composer update

To remove packages, you need to remove from the file composer.json lines with their mention. For example, for Monolog, you need to remove:

 "monolog/monolog": "*"

After that, you need to run the command in the console:

composer update

Alternatively, you can run the command in the console:

composer remove monolog/monolog

If Composer reports that a package requires a PHP version of at least that specified in the error text, set that version by overriding the variable PATH on instructionsand then rerun the Composer command that generated the error.

If you get an error while executing any composer command "Fatal error: Allowed memory size of XXX bytes exhausted", try running it like this:

php -d memory_limit=-1 /usr/local/bin/composer command