概述
Composer是PHP的一个依赖管理工具。它允许开发者声明项目所依赖的代码库,并自动为项目安装这些依赖。Composer的出现极大地简化了PHP项目的依赖管理过程,提高了项目的稳定性和可维护性。文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
主要功能
依赖管理: Composer可以自动下载和安装项目所需的依赖库和框架,确保它们与项目兼容。 开发者可以在 composer.json
文件中指定所需的依赖及其版本,Composer会根据这些要求自动解决和安装依赖。
版本控制: Composer使用 composer.lock
文件来锁定项目的依赖版本,确保每次安装时获得相同版本的依赖库。这有助于避免因依赖版本冲突导致的问题,并确保项目的一致性和可重复性。
自动加载: Composer提供了自动加载功能,可以根据项目的依赖关系自动加载所需的类文件。 这避免了手动引入和加载库文件的繁琐操作,提高了代码的可维护性和可读性。
扩展开发: Composer也用于PHP扩展的开发和管理。开发者可以使用Composer发布和管理自己的PHP扩展,其他开发者则可以通过Composer轻松地安装和使用这些扩展。
集成其他工具: Composer可以与许多其他工具和框架集成,如PHPUnit(单元测试框架)、Travis CI(持续集成平台)、Packagist(PHP包仓库)等。 这使得开发者能够轻松地使用和管理各种工具和框架,提高开发效率和项目质量。
工作原理
Composer的工作原理基于包
和库
的概念。当开发者在项目中声明依赖时,Composer会查找这些依赖在Packagist等包仓库中的可用版本,并根据composer.json
文件中的要求下载和安装这些依赖。同时,Composer会生成一个composer.lock
文件来锁定依赖的版本,以确保项目的稳定性和可重复性。文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
安装
下载文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
curl -sS https://getcomposer.org/installer | php
移动且重命名文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
mv composer.phar /usr/local/bin/composer
查看版本号文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
composer -v
______
/ ____/___ ____ ___ ____ ____ ________ _____
/ / / __ \/ __ `__ \/ __ \/ __ \/ ___/ _ \/ ___/
/ /___/ /_/ / / / / / / /_/ / /_/ (__ ) __/ /
\____/\____/_/ /_/ /_/ .___/\____/____/\___/_/
/_/
Composer version 2.1.14 2021-11-30 10:51:43
国内镜像
因为访问国外比较慢,可以使用国内镜像提供加速下载镜像。文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
阿里云 Composer 全量镜像文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
镜像地址:https://developer.aliyun.com/composer文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
官方地址:https://developer.aliyun.com/composer文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
腾讯云 Composer 全量镜像文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
镜像地址:https://mirrors.cloud.tencent.com/composer/文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
官方地址:https://mirrors.cloud.tencent.com/help/composer.html文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
华为 Composer 全量镜像文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
镜像地址:https://mirrors.huaweicloud.com/repository/php/文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
官方地址:https://mirrors.huaweicloud.com/文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
交通大学镜像文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
镜像地址:https://packagist.mirrors.sjtug.sjtu.edu.cn文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
官方地址:https://mirrors.sjtug.sjtu.edu.cn/packagist/文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
Packagist / JP文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
镜像地址:https://packagist.jp文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
官方地址:https://packagist.jp文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
全局配置(推荐)
所有项目都会使用该镜像地址。例如使用阿里云镜像文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
composer config -g repo.packagist composer https://mirrors.aliyun.com/composer/
取消配置文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
composer config -g --unset repos.packagist
项目配置
仅修改当前工程配置,仅当前工程可使用该镜像地址:文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
composer config repo.packagist composer https://mirrors.aliyun.com/composer/
取消配置:文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
composer config --unset repos.packagist
查看当前配置文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
$ composer config -gl
[repositories.packagist.org.type] composer
[repositories.packagist.org.url] https://repo.packagist.org
直接引入第三方包
在项目目录下执行以下命令即可文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
composer require --dev phpunit/phpunit
安装记录文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
composer-package-template> composer require --dev phpunit/phpunit
Cannot use phpunit/phpunit's latest version 11.2.0 as it requires php >=8.2 which is not satisfied by your platform.
./composer.json has been updated
Running composer update phpunit/phpunit
Loading composer repositories with package information
Updating dependencies
Lock file operations: 28 installs, 0 updates, 0 removals
- Locking doctrine/instantiator (1.5.0)
- Locking myclabs/deep-copy (1.11.1)
- Locking nikic/php-parser (v5.1.0)
- Locking phar-io/manifest (2.0.3)
- Locking phar-io/version (3.2.1)
- Locking phpunit/php-code-coverage (9.2.31)
- Locking phpunit/php-file-iterator (3.0.6)
- Locking phpunit/php-invoker (3.1.1)
- Locking phpunit/php-text-template (2.0.4)
- Locking phpunit/php-timer (5.0.3)
- Locking sebastian/code-unit-reverse-lookup (2.0.3)
- Locking sebastian/comparator (4.0.8)
- Locking sebastian/complexity (2.0.3)
- Locking sebastian/diff (4.0.6)
- Locking sebastian/environment (5.1.5)
- Locking sebastian/exporter (4.0.6)
- Locking sebastian/global-state (5.0.7)
- Locking sebastian/lines-of-code (1.0.4)
- Locking sebastian/object-enumerator (4.0.4)
- Locking sebastian/object-reflector (2.0.4)
- Locking sebastian/recursion-context (4.0.5)
- Locking sebastian/resource-operations (3.0.4)
- Locking sebastian/type (3.2.1)
- Locking sebastian/version (3.0.2)
- Locking theseer/tokenizer (1.2.3)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 28 installs, 0 updates, 0 removals
- Downloading nikic/php-parser (v5.1.0)
- Downloading phpunit/phpunit (9.6.19)
- Installing sebastian/version (3.0.2): Extracting archive
- Installing sebastian/type (3.2.1): Extracting archive
- Installing sebastian/resource-operations (3.0.4): Extracting archive
- Installing sebastian/recursion-context (4.0.5): Extracting archive
- Installing sebastian/object-reflector (2.0.4): Extracting archive
- Installing sebastian/object-enumerator (4.0.4): Extracting archive
- Installing sebastian/global-state (5.0.7): Extracting archive
- Installing sebastian/exporter (4.0.6): Extracting archive
- Installing sebastian/environment (5.1.5): Extracting archive
- Installing sebastian/diff (4.0.6): Extracting archive
- Installing sebastian/comparator (4.0.8): Extracting archive
- Installing sebastian/code-unit (1.0.8): Extracting archive
- Installing sebastian/cli-parser (1.0.2): Extracting archive
- Installing phpunit/php-timer (5.0.3): Extracting archive
- Installing phpunit/php-text-template (2.0.4): Extracting archive
- Installing phpunit/php-invoker (3.1.1): Extracting archive
- Installing phpunit/php-file-iterator (3.0.6): Extracting archive
- Installing theseer/tokenizer (1.2.3): Extracting archive
- Installing nikic/php-parser (v5.1.0): Extracting archive
- Installing sebastian/lines-of-code (1.0.4): Extracting archive
- Installing sebastian/complexity (2.0.3): Extracting archive
- Installing sebastian/code-unit-reverse-lookup (2.0.3): Extracting archive
- Installing phpunit/php-code-coverage (9.2.31): Extracting archive
- Installing phar-io/version (3.2.1): Extracting archive
- Installing phar-io/manifest (2.0.3): Extracting archive
- Installing myclabs/deep-copy (1.11.1): Extracting archive
- Installing doctrine/instantiator (1.5.0): Extracting archive
- Installing phpunit/phpunit (9.6.19): Extracting archive
7 package suggestions were added by new dependencies, use `composer suggest` to see details.
Package sebastian/resource-operations is abandoned, you should avoid using it. No replacement was suggested.
Generating autoload files
56 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
Found 7 security vulnerability advisories affecting 2 packages.
Run composer audit for a full list of advisories.
Using version ^9.6 for phpunit/phpunit
这种方式安装不需要预先配置composer.json
,如果没有该文件,则自动生成该文件。如下文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
{
"require-dev": {
"phpunit/phpunit": "^9.6"
}
}
根据composer.json来安装第三方包
预先配置composer.json
,修改配置如下文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
{
"require-dev": {
"phpunit/phpunit": "^9.6"
}
}
如果该文件已经存在,则会把配置添加到该文件中去,这样当你删除了vendor
目录,就可以使用更新命令来重新生成。文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
composer install
或者文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
composer update
注:只想安装或者更新某个特定的库,不想更新它的所有依赖,则可以使用文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
composer install tinywan/jwt
composer update tinywan/jwt
安装记录文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
composer install
Installing dependencies from lock file (including require-dev)
Verifying lock file contents can be installed on current platform.
Nothing to install, update or remove
Package sebastian/resource-operations is abandoned, you should avoid using it. No replacement was suggested.
Generating autoload files
56 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
composer.lock 文件
为什么需要 composer.lock
在软件开发中,依赖关系的管理是复杂且容易出错的。当你开始一个新项目时,你可能会指定一些库作为你的项目依赖,比如某个特定的 PHP 框架、日志库或者其他任何有用的工具。随着时间的推移,这些库会更新,引入新的功能、修复已知的问题,或者可能引入一些破坏性的更改(即向后不兼容的更改)。文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
如果没有一种机制来锁定你项目依赖的具体版本,那么在不同的开发环境(比如你的本地机器、同事的机器、持续集成服务器、生产环境)中,安装的依赖版本可能会有所不同。这可能导致难以追踪的bug,因为某些功能在一个环境中工作正常,而在另一个环境中则会出现问题。文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
composer.lock 是如何工作的
当你首次运行 composer install 命令时(假设你的项目中已经有一个 composer.json
文件指定了依赖),Composer 会根据 composer.json
文件中的要求,查找并安装满足这些要求的库。然后,它会将实际安装的库的版本号写入 composer.lock
文件中。文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
之后,无论谁运行 composer install
命令,Composer 都会首先检查 composer.lock
文件是否存在。如果文件存在,Composer 将使用 composer.lock
文件中指定的版本号来安装依赖,而忽略 composer.json
文件中的版本约束。这意味着,只要 composer.lock
文件保持不变,项目的依赖版本就会保持不变。文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
如果你想要更新项目的依赖(比如为了利用某个库的新特性或修复),你可以运行 composer update
命令。这个命令会根据 composer.json
文件中的要求更新依赖,并更新 composer.lock
文件以反映新的版本信息。文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
提交 composer.lock 到版本控制
由于 composer.lock
文件对于确保项目依赖的一致性至关重要,因此强烈建议将它提交到你的版本控制系统中(如 Git)。这样,所有团队成员都可以使用完全相同的依赖版本,从而减少因依赖版本不同而导致的潜在问题。文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
可以看出composer.lock
文件是 Composer 项目中不可或缺的一部分,它帮助开发者确保项目依赖的一致性和稳定性。文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html
文章源自菜鸟学院-https://www.cainiaoxueyuan.com/bc/64977.html