diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 000000000..4ec0a91a4 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,8 @@ +# Auto-detect text files, ensure they use LF. +* text=auto eol=lf + +# These files are always considered text and should use LF. +# See core.whitespace @ http://git-scm.com/docs/git-config for whitespace flags. +*.php text eol=lf whitespace=blank-at-eol,blank-at-eof,space-before-tab,tab-in-indent,tabwidth=4 diff=php +*.json text eol=lf whitespace=blank-at-eol,blank-at-eof,space-before-tab,tab-in-indent,tabwidth=4 +*.test text eol=lf whitespace=blank-at-eol,blank-at-eof,space-before-tab,tab-in-indent,tabwidth=4 diff --git a/.gitignore b/.gitignore index 0e883e5c1..f9d78df20 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,4 @@ phpunit.xml .vagrant Vagrantfile .idea +.php_cs.cache \ No newline at end of file diff --git a/.php_cs b/.php_cs new file mode 100644 index 000000000..a2bd217ed --- /dev/null +++ b/.php_cs @@ -0,0 +1,59 @@ + + Jordi Boggiano + +For the full copyright and license information, please view the LICENSE +file that was distributed with this source code. +EOF; + +$finder = Symfony\CS\Finder\DefaultFinder::create() + ->files() + ->name('*.php') + ->exclude('Fixtures') + ->in(__DIR__.'/src') + ->in(__DIR__.'/tests') +; + +return Symfony\CS\Config\Config::create() + ->setUsingCache(true) + ->setRiskyAllowed(true) + ->setRules(array( + '@PSR2' => true, + 'duplicate_semicolon' => true, + 'extra_empty_lines' => true, + 'header_comment' => array('header' => $header), + 'include' => true, + 'long_array_syntax' => true, + 'method_separation' => true, + 'multiline_array_trailing_comma' => true, + 'namespace_no_leading_whitespace' => true, + 'no_blank_lines_after_class_opening' => true, + 'no_empty_lines_after_phpdocs' => true, + 'object_operator' => true, + 'operators_spaces' => true, + 'phpdoc_align' => true, + 'phpdoc_indent' => true, + 'phpdoc_no_access' => true, + 'phpdoc_no_package' => true, + 'phpdoc_order' => true, + 'phpdoc_scalar' => true, + 'phpdoc_trim' => true, + 'phpdoc_type_to_var' => true, + 'psr0' => true, + 'return' => true, + 'remove_leading_slash_use' => true, + 'remove_lines_between_uses' => true, + 'single_array_no_trailing_comma' => true, + 'single_blank_line_before_namespace' => true, + 'spaces_cast' => true, + 'standardize_not_equal' => true, + 'ternary_spaces' => true, + 'unused_use' => true, + 'whitespacy_lines' => true, + )) + ->finder($finder) +; diff --git a/.travis.yml b/.travis.yml index 4aed11625..eb51bca16 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,23 +1,42 @@ language: php +sudo: false + +cache: + directories: + - $HOME/.composer/cache + +addons: + apt: + packages: + - parallel + php: - 5.3.3 - 5.3 - 5.4 - 5.5 - 5.6 + - 7.0 - hhvm + - nightly + +matrix: + fast_finish: true + allow_failures: + - php: nightly before_script: - - sudo apt-get install parallel - rm -f ~/.phpenv/versions/$(phpenv version-name)/etc/conf.d/xdebug.ini - - composer install --prefer-source - - bin/composer install --prefer-source + - flags="" + - if [ `phpenv version-name` == "5.3.3" ]; then flags="--ignore-platform-reqs"; fi + - composer install $flags + - bin/composer install $flags - git config --global user.name travis-ci - git config --global user.email travis@example.com script: - - ls -d tests/Composer/Test/* | parallel --gnu --keep-order 'echo "Running {} tests"; ./vendor/bin/phpunit -c tests/complete.phpunit.xml {};' + - ls -d tests/Composer/Test/* | parallel --gnu --keep-order 'echo "Running {} tests"; ./vendor/bin/phpunit -c tests/complete.phpunit.xml --colors=always {} || (echo -e "\e[41mFAILED\e[0m {}" && $(exit 1));' git: depth: 5 diff --git a/CHANGELOG.md b/CHANGELOG.md index d78b8e109..65e7018f6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,54 @@ -### 1.0.0-alpha9 (2014-12-07) +### [1.0.0-alpha11] - 2015-11-14 + + * Added config.platform to let you specify what your target environment looks like and make sure you do not inadvertently install dependencies that would break it + * Added `exclude-from-classmap` in the autoload config that lets you ignore sub-paths of classmapped directories, or psr-0/4 directories when building optimized autoloaders + * Added `path` repository type to install/symlink packages from local paths + * Added possibility to reference script handlers from within other handlers using @script-name to reduce duplication + * Added `suggests` command to show what packages are suggested, use -v to see more details + * Added `content-hash` inside the composer.lock to restrict the warnings about outdated lock file to some specific changes in the composer.json file + * Added `archive-format` and `archive-dir` config options to specify default values for the archive command + * Added --classmap-authoritative to `install`, `update`, `require`, `remove` and `dump-autoload` commands, forcing the optimized classmap to be authoritative + * Added -A / --with-dependencies to the `validate` command to allow validating all your dependencies recursively + * Added --strict to the `validate` command to treat any warning as an error that then returns a non-zero exit code + * Added a dependency on composer/semver, which is the externalized lib for all the version constraints parsing and handling + * Added support for classmap autoloading to load plugin classes and script handlers + * Added `bin-compat` config option that if set to `full` will create .bat proxy for binaries even if Compoesr runs in a linux VM + * Added SPDX 2.0 support, and externalized that in a composer/spdx-licenses lib + * Added warnings when the classmap autoloader finds duplicate classes + * Added --file to the `archive` command to choose the filename + * Added Ctrl+C handling in create-project to cancel the operation cleanly + * Fixed version guessing to use ^ always, default to stable versions, and avoid versions that require a higher php version than you have + * Fixed the lock file switching back and forth between old and new URL when a package URL is changed and many people run updates + * Fixed partial updates updating things they shouldn't when the current vendor dir was out of date with the lock file + * Fixed PHAR file creation to be more reproducible and always generate the exact same phar file from a given source + * Fixed issue when checking out git branches or tags that are also the name of a file in the repo + * Many minor fixes and documentation additions and UX improvements + +### [1.0.0-alpha10] - 2015-04-14 + + * Break: The following event classes are deprecated and you should update your script handlers to use the new ones in type hints: + - `Composer\Script\CommandEvent` is deprecated, use `Composer\Script\Event` + - `Composer\Script\PackageEvent` is deprecated, use `Composer\Installer\PackageEvent` + * Break: Output is now split between stdout and stderr. Any irrelevant output to each command is on stderr as per unix best practices. + * Added support for npm-style semver operators (`^` and `-` ranges, ` ` = AND, `||` = OR) + * Added --prefer-lowest to `update` command to allow testing a package with the lowest declared dependencies + * Added support for parsing semver build metadata `+anything` at the end of versions + * Added --sort-packages option to `require` command for sorting dependencies + * Added --no-autoloader to `install` and `update` commands to skip autoload generation + * Added --list to `run-script` command to see available scripts + * Added --absolute to `config` command to get back absolute paths + * Added `classmap-authoritative` config option, if enabled only the classmap info will be used by the composer autoloader + * Added support for branch-alias on numeric branches + * Added support for the `https_proxy`/`HTTPS_PROXY` env vars used only for https URLs + * Added support for using real composer repos as local paths in `create-project` command + * Added --no-dev to `licenses` command + * Added support for PHP 7.0 nightly builds + * Fixed detection of stability when parsing multiple constraints + * Fixed installs from lock file containing updated composer.json requirement + * Fixed the autoloader suffix in vendor/autoload.php changing in every build + * Many minor fixes, documentation additions and UX improvements + +### [1.0.0-alpha9] - 2014-12-07 * Added `remove` command to do the reverse of `require` * Added --ignore-platform-reqs to `install`/`update` commands to install even if you are missing a php extension or have an invalid php version @@ -28,7 +78,7 @@ * Improved SVN and Perforce support * A boatload of minor fixes, documentation additions and UX improvements -### 1.0.0-alpha8 (2014-01-06) +### [1.0.0-alpha8] - 2014-01-06 * Break: The `install` command now has --dev enabled by default. --no-dev can be used to install without dev requirements * Added `composer-plugin` package type to allow extensibility, and deprecated `composer-installer` @@ -59,7 +109,7 @@ * Improved memory usage and performance of solving dependencies * Tons of minor bug fixes and improvements -### 1.0.0-alpha7 (2013-05-04) +### [1.0.0-alpha7] - 2013-05-04 * Break: For forward compatibility, you should change your deployment scripts to run `composer install --no-dev`. The install command will install dev dependencies by default starting in the next release * Break: The `update` command now has --dev enabled by default. --no-dev can be used to update without dev requirements, but it will create an incomplete lock file and is discouraged @@ -110,10 +160,10 @@ * Improved the coverage of the `validate` command * Tons of minor bug fixes and improvements -### 1.0.0-alpha6 (2012-10-23) +### [1.0.0-alpha6] - 2012-10-23 * Schema: Added ability to pass additional options to repositories (i.e. ssh keys/client certificates to secure private repos) - * Schema: Added a new `~` operator that should be prefered over `>=`, see http://getcomposer.org/doc/01-basic-usage.md#package-versions + * Schema: Added a new `~` operator that should be preferred over `>=`, see http://getcomposer.org/doc/01-basic-usage.md#package-versions * Schema: Version constraints ` **Note:** If the above fails for some reason, you can download the installer + > with `php` instead: + + ```sh + php -r "readfile('https://getcomposer.org/installer');" | php + ``` 2. Create a composer.json defining your dependencies. Note that this example is a short version for applications that are not meant to be published as packages themselves. To create libraries/packages please read the -[documentation](http://getcomposer.org/doc/02-libraries.md). +[documentation](https://getcomposer.org/doc/02-libraries.md). ``` json { @@ -35,26 +44,26 @@ themselves. To create libraries/packages please read the Global installation of Composer (manual) ---------------------------------------- -Follow instructions [in the documentation](http://getcomposer.org/doc/00-intro.md#globally) +Follow instructions [in the documentation](https://getcomposer.org/doc/00-intro.md#globally) Updating Composer ----------------- Running `php composer.phar self-update` or equivalent will update a phar -install with the latest version. - +install to the latest version. Community --------- -Mailing lists for [user support](http://groups.google.com/group/composer-users) and -[development](http://groups.google.com/group/composer-dev). - IRC channels are on irc.freenode.org: [#composer](irc://irc.freenode.org/composer) for users and [#composer-dev](irc://irc.freenode.org/composer-dev) for development. -Stack Overflow has a growing collection of -[Composer related questions](http://stackoverflow.com/questions/tagged/composer-php). +For support, Stack Overflow also offers a good collection of +[Composer related questions](https://stackoverflow.com/questions/tagged/composer-php). + +Please note that this project is released with a +[Contributor Code of Conduct](http://contributor-covenant.org/version/1/2/0/). +By participating in this project and its community you agree to abide by those terms. Requirements ------------ @@ -64,8 +73,8 @@ PHP 5.3.2 or above (at least 5.3.4 recommended to avoid potential bugs) Authors ------- -Nils Adermann - - -
-Jordi Boggiano - - -
+Nils Adermann - - -
+Jordi Boggiano - - -
See also the list of [contributors](https://github.com/composer/composer/contributors) who participated in this project. @@ -78,6 +87,6 @@ Acknowledgments --------------- - This project's Solver started out as a PHP port of openSUSE's - [Libzypp satsolver](http://en.opensuse.org/openSUSE:Libzypp_satsolver). + [Libzypp satsolver](https://en.opensuse.org/openSUSE:Libzypp_satsolver). - This project uses hiddeninput.exe to prompt for passwords on windows, sources and details can be found on the [github page of the project](https://github.com/Seldaek/hidden-input). diff --git a/appveyor.yml b/appveyor.yml new file mode 100644 index 000000000..7651c6da8 --- /dev/null +++ b/appveyor.yml @@ -0,0 +1,35 @@ +build: false +shallow_clone: true +platform: + - x86 + - x64 +clone_folder: c:\projects\composer + +cache: + - c:\tools\php -> appveyor.yml + +init: + - SET PATH=C:\Program Files\OpenSSL;c:\tools\php;%PATH% + - SET COMPOSER_NO_INTERACTION=1 + - SET PHP=1 + - SET ANSICON=121x90 (121x90) + +install: + - IF EXIST c:\tools\php (SET PHP=0) + - IF %PHP%==1 cinst -y OpenSSL.Light + - IF %PHP%==1 cinst -y php + - cd c:\tools\php + - IF %PHP%==1 copy php.ini-production php.ini /Y + - IF %PHP%==1 echo date.timezone="UTC" >> php.ini + - IF %PHP%==1 echo extension_dir=ext >> php.ini + - IF %PHP%==1 echo extension=php_openssl.dll >> php.ini + - IF %PHP%==1 echo extension=php_mbstring.dll >> php.ini + - IF %PHP%==1 echo extension=php_fileinfo.dll >> php.ini + - IF %PHP%==1 echo @php %%~dp0composer.phar %%* > composer.bat + - appveyor DownloadFile https://getcomposer.org/composer.phar + - cd c:\projects\composer + - composer install --prefer-source --no-progress + +test_script: + - cd c:\projects\composer + - vendor/bin/phpunit --colors=always diff --git a/bin/compile b/bin/compile index c4a6b1105..a2720a95d 100755 --- a/bin/compile +++ b/bin/compile @@ -1,6 +1,20 @@ #!/usr/bin/env php compile(); } catch (\Exception $e) { - echo 'Failed to compile phar: ['.get_class($e).'] '.$e->getMessage().' at '.$e->getFile().':'.$e->getLine(); + echo 'Failed to compile phar: ['.get_class($e).'] '.$e->getMessage().' at '.$e->getFile().':'.$e->getLine().PHP_EOL; exit(1); } diff --git a/bin/composer b/bin/composer index 3a1b5df02..401efb5b0 100755 --- a/bin/composer +++ b/bin/composer @@ -32,9 +32,9 @@ if (function_exists('ini_set')) { }; $memoryLimit = trim(ini_get('memory_limit')); - // Increase memory_limit if it is lower than 512M - if ($memoryLimit != -1 && $memoryInBytes($memoryLimit) < 512 * 1024 * 1024) { - @ini_set('memory_limit', '512M'); + // Increase memory_limit if it is lower than 1GB + if ($memoryLimit != -1 && $memoryInBytes($memoryLimit) < 1024 * 1024 * 1024) { + @ini_set('memory_limit', '1G'); } unset($memoryInBytes, $memoryLimit); } diff --git a/bin/fetch-spdx-identifiers b/bin/fetch-spdx-identifiers deleted file mode 100755 index d519913c1..000000000 --- a/bin/fetch-spdx-identifiers +++ /dev/null @@ -1,85 +0,0 @@ -#!/usr/bin/env php -printStringArray($identifiers->getStrings()); - -/** - * SPDX Identifier List from the registry. - */ -class SPDXLicenseIdentifiersOnline -{ - const REGISTRY = 'http://www.spdx.org/licenses/'; - const EXPRESSION = '//*[@typeof="spdx:License"]/code[@property="spdx:licenseId"]/text()'; - - private $identifiers; - - /** - * @return array - */ - public function getStrings() - { - if ($this->identifiers) { - return $this->identifiers; - } - $this->identifiers = $this->importNodesFromURL( - self::REGISTRY, - self::EXPRESSION - ); - - return $this->identifiers; - } - - private function importNodesFromURL($url, $expressionTextNodes) - { - $doc = new DOMDocument(); - $doc->loadHTMLFile($url); - $xp = new DOMXPath($doc); - $codes = $xp->query($expressionTextNodes); - if (!$codes) { - throw new \Exception(sprintf('XPath query failed: %s', $expressionTextNodes)); - } - if ($codes->length < 20) { - throw new \Exception('Obtaining the license table failed, there can not be less than 20 identifiers.'); - } - $identifiers = array(); - foreach ($codes as $code) { - $identifiers[] = $code->nodeValue; - } - - return $identifiers; - } -} - -/** - * Print an array the way this script needs it. - */ -class JsonPrinter -{ - /** - * - * @param array $array - */ - public function printStringArray(array $array) - { - $lines = array(''); - $line = &$lines[0]; - $last = count($array) - 1; - foreach ($array as $item => $code) { - $code = sprintf('"%s"%s', trim($code), $item === $last ? '' : ', '); - $length = strlen($line) + strlen($code) - 1; - if ($length > 76) { - $line = rtrim($line); - unset($line); - $lines[] = $code; - $line = &$lines[count($lines) - 1]; - } else { - $line .= $code; - } - } - $json = sprintf("[%s]", implode("\n ", $lines)); - $json = str_replace(array("[\"", "\"]"), array("[\n \"", "\"\n]"), $json); - echo $json; - } -} \ No newline at end of file diff --git a/composer.json b/composer.json index 9fca7d74c..8fcd1ea93 100644 --- a/composer.json +++ b/composer.json @@ -2,7 +2,7 @@ "name": "composer/composer", "description": "Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere.", "keywords": ["package", "dependency", "autoload"], - "homepage": "http://getcomposer.org/", + "homepage": "https://getcomposer.org/", "type": "library", "license": "MIT", "authors": [ @@ -22,25 +22,37 @@ "issues": "https://github.com/composer/composer/issues" }, "require": { - "php": ">=5.3.2", - "justinrainbow/json-schema": "~1.3", - "seld/jsonlint": "~1.0", - "symfony/console": "~2.3", - "symfony/finder": "~2.2", - "symfony/process": "~2.1" + "php": "^5.3.2 || ^7.0", + "justinrainbow/json-schema": "^1.6", + "composer/spdx-licenses": "^1.0", + "composer/semver": "^1.0", + "seld/jsonlint": "^1.4", + "symfony/console": "^2.5 || ^3.0", + "symfony/finder": "^2.2 || ^3.0", + "symfony/process": "^2.1 || ^3.0", + "symfony/filesystem": "^2.5 || ^3.0", + "seld/phar-utils": "^1.0", + "seld/cli-prompt": "^1.0" }, "require-dev": { - "phpunit/phpunit": "~4.0" + "phpunit/phpunit": "^4.5 || ^5.0.5", + "phpunit/phpunit-mock-objects": "2.3.0 || ^3.0" + }, + "_": "phpunit/phpunit-mock-objects required in 2.3.0 due to https://github.com/sebastianbergmann/phpunit-mock-objects/issues/223 - needs hhvm 3.8+ on travis", + "config": { + "platform": { + "php": "5.3.9" + } }, "suggest": { "ext-zip": "Enabling the zip extension allows you to unzip archives, and allows gzip compression of all internet traffic", "ext-openssl": "Enabling the openssl extension allows you to access https URLs for repositories and packages" }, "autoload": { - "psr-0": { "Composer": "src/" } + "psr-4": { "Composer\\": "src/Composer" } }, "autoload-dev": { - "psr-0": { "Composer\\Test": "tests/" } + "psr-4": { "Composer\\Test\\": "tests/Composer/Test" } }, "bin": ["bin/composer"], "extra": { diff --git a/composer.lock b/composer.lock index 7d28fcb09..7bc8d3320 100644 --- a/composer.lock +++ b/composer.lock @@ -1,27 +1,151 @@ { "_readme": [ "This file locks the dependencies of your project to a known state", - "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", + "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "hash": "2bc9cc8aa706b68d611d7058e4eb8de7", + "hash": "fdf4b487fa59607376721ebec4ff4783", + "content-hash": "454148e20b837d9755dee7862f9c7a5d", "packages": [ + { + "name": "composer/semver", + "version": "1.2.0", + "source": { + "type": "git", + "url": "https://github.com/composer/semver.git", + "reference": "0faeb6e433f6b352f0dc55ec1faf5c6b605a35d3" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/composer/semver/zipball/0faeb6e433f6b352f0dc55ec1faf5c6b605a35d3", + "reference": "0faeb6e433f6b352f0dc55ec1faf5c6b605a35d3", + "shasum": "" + }, + "require": { + "php": "^5.3.2 || ^7.0" + }, + "require-dev": { + "phpunit/phpunit": "^4.5 || ^5.0.5", + "phpunit/phpunit-mock-objects": "2.3.0 || ^3.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.x-dev" + } + }, + "autoload": { + "psr-4": { + "Composer\\Semver\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nils Adermann", + "email": "naderman@naderman.de", + "homepage": "http://www.naderman.de" + }, + { + "name": "Jordi Boggiano", + "email": "j.boggiano@seld.be", + "homepage": "http://seld.be" + }, + { + "name": "Rob Bast", + "email": "rob.bast@gmail.com", + "homepage": "http://robbast.nl" + } + ], + "description": "Semver library that offers utilities, version constraint parsing and validation.", + "keywords": [ + "semantic", + "semver", + "validation", + "versioning" + ], + "time": "2015-11-10 11:17:42" + }, + { + "name": "composer/spdx-licenses", + "version": "1.1.2", + "source": { + "type": "git", + "url": "https://github.com/composer/spdx-licenses.git", + "reference": "9e1c3926bb0842812967213d7c92827bc5883671" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/composer/spdx-licenses/zipball/9e1c3926bb0842812967213d7c92827bc5883671", + "reference": "9e1c3926bb0842812967213d7c92827bc5883671", + "shasum": "" + }, + "require": { + "php": ">=5.3.2" + }, + "require-dev": { + "phpunit/phpunit": "~4.5", + "phpunit/phpunit-mock-objects": "~2.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.x-dev" + } + }, + "autoload": { + "psr-4": { + "Composer\\Spdx\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nils Adermann", + "email": "naderman@naderman.de", + "homepage": "http://www.naderman.de" + }, + { + "name": "Jordi Boggiano", + "email": "j.boggiano@seld.be", + "homepage": "http://seld.be" + }, + { + "name": "Rob Bast", + "email": "rob.bast@gmail.com", + "homepage": "http://robbast.nl" + } + ], + "description": "SPDX licenses list and validation library.", + "keywords": [ + "license", + "spdx", + "validator" + ], + "time": "2015-10-05 11:27:42" + }, { "name": "justinrainbow/json-schema", - "version": "1.3.7", + "version": "v1.6.0", "source": { "type": "git", "url": "https://github.com/justinrainbow/json-schema.git", - "reference": "87b54b460febed69726c781ab67462084e97a105" + "reference": "f9e27c3e202faf14fd581ef41355d83bb4b7eb7d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/justinrainbow/json-schema/zipball/87b54b460febed69726c781ab67462084e97a105", - "reference": "87b54b460febed69726c781ab67462084e97a105", + "url": "https://api.github.com/repos/justinrainbow/json-schema/zipball/f9e27c3e202faf14fd581ef41355d83bb4b7eb7d", + "reference": "f9e27c3e202faf14fd581ef41355d83bb4b7eb7d", "shasum": "" }, "require": { - "php": ">=5.3.0" + "php": ">=5.3.2" }, "require-dev": { "json-schema/json-schema-test-suite": "1.1.0", @@ -38,8 +162,8 @@ } }, "autoload": { - "psr-0": { - "JsonSchema": "src/" + "psr-4": { + "JsonSchema\\": "src/JsonSchema/" } }, "notification-url": "https://packagist.org/downloads/", @@ -70,24 +194,72 @@ "json", "schema" ], - "time": "2014-08-25 02:48:14" + "time": "2016-01-06 14:37:04" + }, + { + "name": "seld/cli-prompt", + "version": "1.0.0", + "source": { + "type": "git", + "url": "https://github.com/Seldaek/cli-prompt.git", + "reference": "fe114c7a6ac5cb0ce76932ae4017024d9842a49c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/Seldaek/cli-prompt/zipball/fe114c7a6ac5cb0ce76932ae4017024d9842a49c", + "reference": "fe114c7a6ac5cb0ce76932ae4017024d9842a49c", + "shasum": "" + }, + "require": { + "php": ">=5.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.x-dev" + } + }, + "autoload": { + "psr-4": { + "Seld\\CliPrompt\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Jordi Boggiano", + "email": "j.boggiano@seld.be" + } + ], + "description": "Allows you to prompt for user input on the command line, and optionally hide the characters they type", + "keywords": [ + "cli", + "console", + "hidden", + "input", + "prompt" + ], + "time": "2015-04-30 20:24:49" }, { "name": "seld/jsonlint", - "version": "1.3.0", + "version": "1.4.0", "source": { "type": "git", "url": "https://github.com/Seldaek/jsonlint.git", - "reference": "a7bc2ec9520ad15382292591b617c43bdb1fec35" + "reference": "66834d3e3566bb5798db7294619388786ae99394" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Seldaek/jsonlint/zipball/a7bc2ec9520ad15382292591b617c43bdb1fec35", - "reference": "a7bc2ec9520ad15382292591b617c43bdb1fec35", + "url": "https://api.github.com/repos/Seldaek/jsonlint/zipball/66834d3e3566bb5798db7294619388786ae99394", + "reference": "66834d3e3566bb5798db7294619388786ae99394", "shasum": "" }, "require": { - "php": ">=5.3.0" + "php": "^5.3 || ^7.0" }, "bin": [ "bin/jsonlint" @@ -116,30 +288,74 @@ "parser", "validator" ], - "time": "2014-09-05 15:36:20" + "time": "2015-11-21 02:21:41" + }, + { + "name": "seld/phar-utils", + "version": "1.0.1", + "source": { + "type": "git", + "url": "https://github.com/Seldaek/phar-utils.git", + "reference": "7009b5139491975ef6486545a39f3e6dad5ac30a" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/Seldaek/phar-utils/zipball/7009b5139491975ef6486545a39f3e6dad5ac30a", + "reference": "7009b5139491975ef6486545a39f3e6dad5ac30a", + "shasum": "" + }, + "require": { + "php": ">=5.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.x-dev" + } + }, + "autoload": { + "psr-4": { + "Seld\\PharUtils\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Jordi Boggiano", + "email": "j.boggiano@seld.be" + } + ], + "description": "PHAR file format utilities, for when PHP phars you up", + "keywords": [ + "phra" + ], + "time": "2015-10-13 18:44:15" }, { "name": "symfony/console", - "version": "v2.6.1", - "target-dir": "Symfony/Component/Console", + "version": "v2.8.1", "source": { "type": "git", - "url": "https://github.com/symfony/Console.git", - "reference": "ef825fd9f809d275926547c9e57cbf14968793e8" + "url": "https://github.com/symfony/console.git", + "reference": "2e06a5ccb19dcf9b89f1c6a677a39a8df773635a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/Console/zipball/ef825fd9f809d275926547c9e57cbf14968793e8", - "reference": "ef825fd9f809d275926547c9e57cbf14968793e8", + "url": "https://api.github.com/repos/symfony/console/zipball/2e06a5ccb19dcf9b89f1c6a677a39a8df773635a", + "reference": "2e06a5ccb19dcf9b89f1c6a677a39a8df773635a", "shasum": "" }, "require": { - "php": ">=5.3.3" + "php": ">=5.3.9", + "symfony/polyfill-mbstring": "~1.0" }, "require-dev": { "psr/log": "~1.0", - "symfony/event-dispatcher": "~2.1", - "symfony/process": "~2.1" + "symfony/event-dispatcher": "~2.1|~3.0.0", + "symfony/process": "~2.1|~3.0.0" }, "suggest": { "psr/log": "For using the console logger", @@ -149,140 +365,255 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "2.6-dev" + "dev-master": "2.8-dev" } }, "autoload": { - "psr-0": { + "psr-4": { "Symfony\\Component\\Console\\": "" - } + }, + "exclude-from-classmap": [ + "/Tests/" + ] }, "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, { "name": "Symfony Community", - "homepage": "http://symfony.com/contributors" + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony Console Component", + "homepage": "https://symfony.com", + "time": "2015-12-22 10:25:57" + }, + { + "name": "symfony/filesystem", + "version": "v2.8.1", + "source": { + "type": "git", + "url": "https://github.com/symfony/filesystem.git", + "reference": "a7ad724530a764d70c168d321ac226ba3d2f10fc" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/filesystem/zipball/a7ad724530a764d70c168d321ac226ba3d2f10fc", + "reference": "a7ad724530a764d70c168d321ac226ba3d2f10fc", + "shasum": "" + }, + "require": { + "php": ">=5.3.9" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.8-dev" + } + }, + "autoload": { + "psr-4": { + "Symfony\\Component\\Filesystem\\": "" }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ { "name": "Fabien Potencier", "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" } ], - "description": "Symfony Console Component", - "homepage": "http://symfony.com", - "time": "2014-12-02 20:19:20" + "description": "Symfony Filesystem Component", + "homepage": "https://symfony.com", + "time": "2015-12-22 10:25:57" }, { "name": "symfony/finder", - "version": "v2.6.1", - "target-dir": "Symfony/Component/Finder", + "version": "v2.8.1", "source": { "type": "git", - "url": "https://github.com/symfony/Finder.git", - "reference": "0d3ef7f6ec55a7af5eca7914eaa0dacc04ccc721" + "url": "https://github.com/symfony/finder.git", + "reference": "dd41ae57f4f737be271d944a0cc5f5f21203a7c6" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/Finder/zipball/0d3ef7f6ec55a7af5eca7914eaa0dacc04ccc721", - "reference": "0d3ef7f6ec55a7af5eca7914eaa0dacc04ccc721", + "url": "https://api.github.com/repos/symfony/finder/zipball/dd41ae57f4f737be271d944a0cc5f5f21203a7c6", + "reference": "dd41ae57f4f737be271d944a0cc5f5f21203a7c6", "shasum": "" }, "require": { - "php": ">=5.3.3" + "php": ">=5.3.9" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "2.6-dev" + "dev-master": "2.8-dev" } }, "autoload": { - "psr-0": { + "psr-4": { "Symfony\\Component\\Finder\\": "" - } + }, + "exclude-from-classmap": [ + "/Tests/" + ] }, "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], "authors": [ - { - "name": "Symfony Community", - "homepage": "http://symfony.com/contributors" - }, { "name": "Fabien Potencier", "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" } ], "description": "Symfony Finder Component", - "homepage": "http://symfony.com", - "time": "2014-12-02 20:19:20" + "homepage": "https://symfony.com", + "time": "2015-12-05 11:09:21" }, { - "name": "symfony/process", - "version": "v2.6.1", - "target-dir": "Symfony/Component/Process", + "name": "symfony/polyfill-mbstring", + "version": "v1.0.1", "source": { "type": "git", - "url": "https://github.com/symfony/Process.git", - "reference": "bf0c9bd625f13b0b0bbe39919225cf145dfb935a" + "url": "https://github.com/symfony/polyfill-mbstring.git", + "reference": "49ff736bd5d41f45240cec77b44967d76e0c3d25" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/Process/zipball/bf0c9bd625f13b0b0bbe39919225cf145dfb935a", - "reference": "bf0c9bd625f13b0b0bbe39919225cf145dfb935a", + "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/49ff736bd5d41f45240cec77b44967d76e0c3d25", + "reference": "49ff736bd5d41f45240cec77b44967d76e0c3d25", "shasum": "" }, "require": { "php": ">=5.3.3" }, + "suggest": { + "ext-mbstring": "For best performance" + }, "type": "library", "extra": { "branch-alias": { - "dev-master": "2.6-dev" + "dev-master": "1.0-dev" } }, "autoload": { - "psr-0": { - "Symfony\\Component\\Process\\": "" - } + "psr-4": { + "Symfony\\Polyfill\\Mbstring\\": "" + }, + "files": [ + "bootstrap.php" + ] }, "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, { "name": "Symfony Community", - "homepage": "http://symfony.com/contributors" + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill for the Mbstring extension", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "mbstring", + "polyfill", + "portable", + "shim" + ], + "time": "2015-11-20 09:19:13" + }, + { + "name": "symfony/process", + "version": "v2.8.1", + "source": { + "type": "git", + "url": "https://github.com/symfony/process.git", + "reference": "62c254438b5040bc2217156e1570cf2206e8540c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/process/zipball/62c254438b5040bc2217156e1570cf2206e8540c", + "reference": "62c254438b5040bc2217156e1570cf2206e8540c", + "shasum": "" + }, + "require": { + "php": ">=5.3.9" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.8-dev" + } + }, + "autoload": { + "psr-4": { + "Symfony\\Component\\Process\\": "" }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ { "name": "Fabien Potencier", "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" } ], "description": "Symfony Process Component", - "homepage": "http://symfony.com", - "time": "2014-12-02 20:19:20" + "homepage": "https://symfony.com", + "time": "2015-12-23 11:03:46" } ], "packages-dev": [ { "name": "doctrine/instantiator", - "version": "1.0.4", + "version": "1.0.5", "source": { "type": "git", "url": "https://github.com/doctrine/instantiator.git", - "reference": "f976e5de371104877ebc89bd8fecb0019ed9c119" + "reference": "8e884e78f9f0eb1329e445619e04456e64d8051d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/doctrine/instantiator/zipball/f976e5de371104877ebc89bd8fecb0019ed9c119", - "reference": "f976e5de371104877ebc89bd8fecb0019ed9c119", + "url": "https://api.github.com/repos/doctrine/instantiator/zipball/8e884e78f9f0eb1329e445619e04456e64d8051d", + "reference": "8e884e78f9f0eb1329e445619e04456e64d8051d", "shasum": "" }, "require": { @@ -293,7 +624,7 @@ "ext-pdo": "*", "ext-phar": "*", "phpunit/phpunit": "~4.0", - "squizlabs/php_codesniffer": "2.0.*@ALPHA" + "squizlabs/php_codesniffer": "~2.0" }, "type": "library", "extra": { @@ -302,8 +633,8 @@ } }, "autoload": { - "psr-0": { - "Doctrine\\Instantiator\\": "src" + "psr-4": { + "Doctrine\\Instantiator\\": "src/Doctrine/Instantiator/" } }, "notification-url": "https://packagist.org/downloads/", @@ -323,20 +654,129 @@ "constructor", "instantiate" ], - "time": "2014-10-13 12:58:55" + "time": "2015-06-14 21:17:01" + }, + { + "name": "phpdocumentor/reflection-docblock", + "version": "2.0.4", + "source": { + "type": "git", + "url": "https://github.com/phpDocumentor/ReflectionDocBlock.git", + "reference": "d68dbdc53dc358a816f00b300704702b2eaff7b8" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/d68dbdc53dc358a816f00b300704702b2eaff7b8", + "reference": "d68dbdc53dc358a816f00b300704702b2eaff7b8", + "shasum": "" + }, + "require": { + "php": ">=5.3.3" + }, + "require-dev": { + "phpunit/phpunit": "~4.0" + }, + "suggest": { + "dflydev/markdown": "~1.0", + "erusev/parsedown": "~1.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.0.x-dev" + } + }, + "autoload": { + "psr-0": { + "phpDocumentor": [ + "src/" + ] + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Mike van Riel", + "email": "mike.vanriel@naenius.com" + } + ], + "time": "2015-02-03 12:10:50" + }, + { + "name": "phpspec/prophecy", + "version": "v1.5.0", + "source": { + "type": "git", + "url": "https://github.com/phpspec/prophecy.git", + "reference": "4745ded9307786b730d7a60df5cb5a6c43cf95f7" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/phpspec/prophecy/zipball/4745ded9307786b730d7a60df5cb5a6c43cf95f7", + "reference": "4745ded9307786b730d7a60df5cb5a6c43cf95f7", + "shasum": "" + }, + "require": { + "doctrine/instantiator": "^1.0.2", + "phpdocumentor/reflection-docblock": "~2.0", + "sebastian/comparator": "~1.1" + }, + "require-dev": { + "phpspec/phpspec": "~2.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.4.x-dev" + } + }, + "autoload": { + "psr-0": { + "Prophecy\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Konstantin Kudryashov", + "email": "ever.zet@gmail.com", + "homepage": "http://everzet.com" + }, + { + "name": "Marcello Duarte", + "email": "marcello.duarte@gmail.com" + } + ], + "description": "Highly opinionated mocking framework for PHP 5.3+", + "homepage": "https://github.com/phpspec/prophecy", + "keywords": [ + "Double", + "Dummy", + "fake", + "mock", + "spy", + "stub" + ], + "time": "2015-08-13 10:07:40" }, { "name": "phpunit/php-code-coverage", - "version": "2.0.14", + "version": "2.2.4", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-code-coverage.git", - "reference": "ca158276c1200cc27f5409a5e338486bc0b4fc94" + "reference": "eabf68b476ac7d0f73793aada060f1c1a9bf8979" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/ca158276c1200cc27f5409a5e338486bc0b4fc94", - "reference": "ca158276c1200cc27f5409a5e338486bc0b4fc94", + "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/eabf68b476ac7d0f73793aada060f1c1a9bf8979", + "reference": "eabf68b476ac7d0f73793aada060f1c1a9bf8979", "shasum": "" }, "require": { @@ -344,12 +784,12 @@ "phpunit/php-file-iterator": "~1.3", "phpunit/php-text-template": "~1.2", "phpunit/php-token-stream": "~1.3", - "sebastian/environment": "~1.0", + "sebastian/environment": "^1.3.2", "sebastian/version": "~1.0" }, "require-dev": { "ext-xdebug": ">=2.1.4", - "phpunit/phpunit": "~4.1" + "phpunit/phpunit": "~4" }, "suggest": { "ext-dom": "*", @@ -359,7 +799,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "2.0.x-dev" + "dev-master": "2.2.x-dev" } }, "autoload": { @@ -368,9 +808,6 @@ ] }, "notification-url": "https://packagist.org/downloads/", - "include-path": [ - "" - ], "license": [ "BSD-3-Clause" ], @@ -388,35 +825,37 @@ "testing", "xunit" ], - "time": "2014-12-26 13:28:33" + "time": "2015-10-06 15:47:00" }, { "name": "phpunit/php-file-iterator", - "version": "1.3.4", + "version": "1.4.1", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-file-iterator.git", - "reference": "acd690379117b042d1c8af1fafd61bde001bf6bb" + "reference": "6150bf2c35d3fc379e50c7602b75caceaa39dbf0" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-file-iterator/zipball/acd690379117b042d1c8af1fafd61bde001bf6bb", - "reference": "acd690379117b042d1c8af1fafd61bde001bf6bb", + "url": "https://api.github.com/repos/sebastianbergmann/php-file-iterator/zipball/6150bf2c35d3fc379e50c7602b75caceaa39dbf0", + "reference": "6150bf2c35d3fc379e50c7602b75caceaa39dbf0", "shasum": "" }, "require": { "php": ">=5.3.3" }, "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.4.x-dev" + } + }, "autoload": { "classmap": [ - "File/" + "src/" ] }, "notification-url": "https://packagist.org/downloads/", - "include-path": [ - "" - ], "license": [ "BSD-3-Clause" ], @@ -433,20 +872,20 @@ "filesystem", "iterator" ], - "time": "2013-10-10 15:34:57" + "time": "2015-06-21 13:08:43" }, { "name": "phpunit/php-text-template", - "version": "1.2.0", + "version": "1.2.1", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-text-template.git", - "reference": "206dfefc0ffe9cebf65c413e3d0e809c82fbf00a" + "reference": "31f8b717e51d9a2afca6c9f046f5d69fc27c8686" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-text-template/zipball/206dfefc0ffe9cebf65c413e3d0e809c82fbf00a", - "reference": "206dfefc0ffe9cebf65c413e3d0e809c82fbf00a", + "url": "https://api.github.com/repos/sebastianbergmann/php-text-template/zipball/31f8b717e51d9a2afca6c9f046f5d69fc27c8686", + "reference": "31f8b717e51d9a2afca6c9f046f5d69fc27c8686", "shasum": "" }, "require": { @@ -455,20 +894,17 @@ "type": "library", "autoload": { "classmap": [ - "Text/" + "src/" ] }, "notification-url": "https://packagist.org/downloads/", - "include-path": [ - "" - ], "license": [ "BSD-3-Clause" ], "authors": [ { "name": "Sebastian Bergmann", - "email": "sb@sebastian-bergmann.de", + "email": "sebastian@phpunit.de", "role": "lead" } ], @@ -477,20 +913,20 @@ "keywords": [ "template" ], - "time": "2014-01-30 17:20:04" + "time": "2015-06-21 13:50:34" }, { "name": "phpunit/php-timer", - "version": "1.0.5", + "version": "1.0.7", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-timer.git", - "reference": "19689d4354b295ee3d8c54b4f42c3efb69cbc17c" + "reference": "3e82f4e9fc92665fafd9157568e4dcb01d014e5b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-timer/zipball/19689d4354b295ee3d8c54b4f42c3efb69cbc17c", - "reference": "19689d4354b295ee3d8c54b4f42c3efb69cbc17c", + "url": "https://api.github.com/repos/sebastianbergmann/php-timer/zipball/3e82f4e9fc92665fafd9157568e4dcb01d014e5b", + "reference": "3e82f4e9fc92665fafd9157568e4dcb01d014e5b", "shasum": "" }, "require": { @@ -499,13 +935,10 @@ "type": "library", "autoload": { "classmap": [ - "PHP/" + "src/" ] }, "notification-url": "https://packagist.org/downloads/", - "include-path": [ - "" - ], "license": [ "BSD-3-Clause" ], @@ -521,20 +954,20 @@ "keywords": [ "timer" ], - "time": "2013-08-02 07:42:54" + "time": "2015-06-21 08:01:12" }, { "name": "phpunit/php-token-stream", - "version": "1.3.0", + "version": "1.4.8", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-token-stream.git", - "reference": "f8d5d08c56de5cfd592b3340424a81733259a876" + "reference": "3144ae21711fb6cac0b1ab4cbe63b75ce3d4e8da" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-token-stream/zipball/f8d5d08c56de5cfd592b3340424a81733259a876", - "reference": "f8d5d08c56de5cfd592b3340424a81733259a876", + "url": "https://api.github.com/repos/sebastianbergmann/php-token-stream/zipball/3144ae21711fb6cac0b1ab4cbe63b75ce3d4e8da", + "reference": "3144ae21711fb6cac0b1ab4cbe63b75ce3d4e8da", "shasum": "" }, "require": { @@ -547,7 +980,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.3-dev" + "dev-master": "1.4-dev" } }, "autoload": { @@ -570,20 +1003,20 @@ "keywords": [ "tokenizer" ], - "time": "2014-08-31 06:12:13" + "time": "2015-09-15 10:49:45" }, { "name": "phpunit/phpunit", - "version": "4.4.1", + "version": "4.8.21", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "6a5e49a86ce5e33b8d0657abe145057fc513543a" + "reference": "ea76b17bced0500a28098626b84eda12dbcf119c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/6a5e49a86ce5e33b8d0657abe145057fc513543a", - "reference": "6a5e49a86ce5e33b8d0657abe145057fc513543a", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/ea76b17bced0500a28098626b84eda12dbcf119c", + "reference": "ea76b17bced0500a28098626b84eda12dbcf119c", "shasum": "" }, "require": { @@ -593,18 +1026,19 @@ "ext-reflection": "*", "ext-spl": "*", "php": ">=5.3.3", - "phpunit/php-code-coverage": "~2.0", - "phpunit/php-file-iterator": "~1.3.2", + "phpspec/prophecy": "^1.3.1", + "phpunit/php-code-coverage": "~2.1", + "phpunit/php-file-iterator": "~1.4", "phpunit/php-text-template": "~1.2", - "phpunit/php-timer": "~1.0.2", + "phpunit/php-timer": ">=1.0.6", "phpunit/phpunit-mock-objects": "~2.3", - "sebastian/comparator": "~1.0", - "sebastian/diff": "~1.1", - "sebastian/environment": "~1.1", - "sebastian/exporter": "~1.0", + "sebastian/comparator": "~1.1", + "sebastian/diff": "~1.2", + "sebastian/environment": "~1.3", + "sebastian/exporter": "~1.2", "sebastian/global-state": "~1.0", "sebastian/version": "~1.0", - "symfony/yaml": "~2.0" + "symfony/yaml": "~2.1|~3.0" }, "suggest": { "phpunit/php-invoker": "~1.1" @@ -615,7 +1049,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "4.4.x-dev" + "dev-master": "4.8.x-dev" } }, "autoload": { @@ -641,7 +1075,7 @@ "testing", "xunit" ], - "time": "2014-12-28 07:57:05" + "time": "2015-12-12 07:45:58" }, { "name": "phpunit/phpunit-mock-objects", @@ -700,30 +1134,30 @@ }, { "name": "sebastian/comparator", - "version": "1.1.0", + "version": "1.2.0", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/comparator.git", - "reference": "c484a80f97573ab934e37826dba0135a3301b26a" + "reference": "937efb279bd37a375bcadf584dec0726f84dbf22" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/c484a80f97573ab934e37826dba0135a3301b26a", - "reference": "c484a80f97573ab934e37826dba0135a3301b26a", + "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/937efb279bd37a375bcadf584dec0726f84dbf22", + "reference": "937efb279bd37a375bcadf584dec0726f84dbf22", "shasum": "" }, "require": { "php": ">=5.3.3", - "sebastian/diff": "~1.1", - "sebastian/exporter": "~1.0" + "sebastian/diff": "~1.2", + "sebastian/exporter": "~1.2" }, "require-dev": { - "phpunit/phpunit": "~4.1" + "phpunit/phpunit": "~4.4" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "1.1.x-dev" + "dev-master": "1.2.x-dev" } }, "autoload": { @@ -760,32 +1194,32 @@ "compare", "equality" ], - "time": "2014-11-16 21:32:38" + "time": "2015-07-26 15:48:44" }, { "name": "sebastian/diff", - "version": "1.2.0", + "version": "1.4.1", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/diff.git", - "reference": "5843509fed39dee4b356a306401e9dd1a931fec7" + "reference": "13edfd8706462032c2f52b4b862974dd46b71c9e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/5843509fed39dee4b356a306401e9dd1a931fec7", - "reference": "5843509fed39dee4b356a306401e9dd1a931fec7", + "url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/13edfd8706462032c2f52b4b862974dd46b71c9e", + "reference": "13edfd8706462032c2f52b4b862974dd46b71c9e", "shasum": "" }, "require": { "php": ">=5.3.3" }, "require-dev": { - "phpunit/phpunit": "~4.2" + "phpunit/phpunit": "~4.8" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "1.2-dev" + "dev-master": "1.4-dev" } }, "autoload": { @@ -808,36 +1242,36 @@ } ], "description": "Diff implementation", - "homepage": "http://www.github.com/sebastianbergmann/diff", + "homepage": "https://github.com/sebastianbergmann/diff", "keywords": [ "diff" ], - "time": "2014-08-15 10:29:00" + "time": "2015-12-08 07:14:41" }, { "name": "sebastian/environment", - "version": "1.2.1", + "version": "1.3.3", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/environment.git", - "reference": "6e6c71d918088c251b181ba8b3088af4ac336dd7" + "reference": "6e7133793a8e5a5714a551a8324337374be209df" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/environment/zipball/6e6c71d918088c251b181ba8b3088af4ac336dd7", - "reference": "6e6c71d918088c251b181ba8b3088af4ac336dd7", + "url": "https://api.github.com/repos/sebastianbergmann/environment/zipball/6e7133793a8e5a5714a551a8324337374be209df", + "reference": "6e7133793a8e5a5714a551a8324337374be209df", "shasum": "" }, "require": { "php": ">=5.3.3" }, "require-dev": { - "phpunit/phpunit": "~4.3" + "phpunit/phpunit": "~4.4" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "1.2.x-dev" + "dev-master": "1.3.x-dev" } }, "autoload": { @@ -862,32 +1296,33 @@ "environment", "hhvm" ], - "time": "2014-10-25 08:00:45" + "time": "2015-12-02 08:37:27" }, { "name": "sebastian/exporter", - "version": "1.0.2", + "version": "1.2.1", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/exporter.git", - "reference": "c7d59948d6e82818e1bdff7cadb6c34710eb7dc0" + "reference": "7ae5513327cb536431847bcc0c10edba2701064e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/c7d59948d6e82818e1bdff7cadb6c34710eb7dc0", - "reference": "c7d59948d6e82818e1bdff7cadb6c34710eb7dc0", + "url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/7ae5513327cb536431847bcc0c10edba2701064e", + "reference": "7ae5513327cb536431847bcc0c10edba2701064e", "shasum": "" }, "require": { - "php": ">=5.3.3" + "php": ">=5.3.3", + "sebastian/recursion-context": "~1.0" }, "require-dev": { - "phpunit/phpunit": "~4.0" + "phpunit/phpunit": "~4.4" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "1.0.x-dev" + "dev-master": "1.2.x-dev" } }, "autoload": { @@ -927,20 +1362,20 @@ "export", "exporter" ], - "time": "2014-09-10 00:51:36" + "time": "2015-06-21 07:55:53" }, { "name": "sebastian/global-state", - "version": "1.0.0", + "version": "1.1.1", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/global-state.git", - "reference": "c7428acdb62ece0a45e6306f1ae85e1c05b09c01" + "reference": "bc37d50fea7d017d3d340f230811c9f1d7280af4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/c7428acdb62ece0a45e6306f1ae85e1c05b09c01", - "reference": "c7428acdb62ece0a45e6306f1ae85e1c05b09c01", + "url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/bc37d50fea7d017d3d340f230811c9f1d7280af4", + "reference": "bc37d50fea7d017d3d340f230811c9f1d7280af4", "shasum": "" }, "require": { @@ -978,20 +1413,73 @@ "keywords": [ "global state" ], - "time": "2014-10-06 09:23:50" + "time": "2015-10-12 03:26:01" + }, + { + "name": "sebastian/recursion-context", + "version": "1.0.2", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/recursion-context.git", + "reference": "913401df809e99e4f47b27cdd781f4a258d58791" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/recursion-context/zipball/913401df809e99e4f47b27cdd781f4a258d58791", + "reference": "913401df809e99e4f47b27cdd781f4a258d58791", + "shasum": "" + }, + "require": { + "php": ">=5.3.3" + }, + "require-dev": { + "phpunit/phpunit": "~4.4" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Jeff Welch", + "email": "whatthejeff@gmail.com" + }, + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de" + }, + { + "name": "Adam Harvey", + "email": "aharvey@php.net" + } + ], + "description": "Provides functionality to recursively process PHP variables", + "homepage": "http://www.github.com/sebastianbergmann/recursion-context", + "time": "2015-11-11 19:50:13" }, { "name": "sebastian/version", - "version": "1.0.4", + "version": "1.0.6", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/version.git", - "reference": "a77d9123f8e809db3fbdea15038c27a95da4058b" + "reference": "58b3a85e7999757d6ad81c787a1fbf5ff6c628c6" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/version/zipball/a77d9123f8e809db3fbdea15038c27a95da4058b", - "reference": "a77d9123f8e809db3fbdea15038c27a95da4058b", + "url": "https://api.github.com/repos/sebastianbergmann/version/zipball/58b3a85e7999757d6ad81c787a1fbf5ff6c628c6", + "reference": "58b3a85e7999757d6ad81c787a1fbf5ff6c628c6", "shasum": "" }, "type": "library", @@ -1013,54 +1501,56 @@ ], "description": "Library that helps with managing the version number of Git-hosted PHP projects", "homepage": "https://github.com/sebastianbergmann/version", - "time": "2014-12-15 14:25:24" + "time": "2015-06-21 13:59:46" }, { "name": "symfony/yaml", - "version": "v2.6.1", - "target-dir": "Symfony/Component/Yaml", + "version": "v2.8.1", "source": { "type": "git", - "url": "https://github.com/symfony/Yaml.git", - "reference": "3346fc090a3eb6b53d408db2903b241af51dcb20" + "url": "https://github.com/symfony/yaml.git", + "reference": "ac84cbb98b68a6abbc9f5149eb96ccc7b07b8966" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/Yaml/zipball/3346fc090a3eb6b53d408db2903b241af51dcb20", - "reference": "3346fc090a3eb6b53d408db2903b241af51dcb20", + "url": "https://api.github.com/repos/symfony/yaml/zipball/ac84cbb98b68a6abbc9f5149eb96ccc7b07b8966", + "reference": "ac84cbb98b68a6abbc9f5149eb96ccc7b07b8966", "shasum": "" }, "require": { - "php": ">=5.3.3" + "php": ">=5.3.9" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "2.6-dev" + "dev-master": "2.8-dev" } }, "autoload": { - "psr-0": { + "psr-4": { "Symfony\\Component\\Yaml\\": "" - } + }, + "exclude-from-classmap": [ + "/Tests/" + ] }, "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], "authors": [ - { - "name": "Symfony Community", - "homepage": "http://symfony.com/contributors" - }, { "name": "Fabien Potencier", "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" } ], "description": "Symfony Yaml Component", - "homepage": "http://symfony.com", - "time": "2014-12-02 20:19:20" + "homepage": "https://symfony.com", + "time": "2015-12-26 13:37:56" } ], "aliases": [], @@ -1069,7 +1559,10 @@ "prefer-stable": false, "prefer-lowest": false, "platform": { - "php": ">=5.3.2" + "php": "^5.3.2 || ^7.0" }, - "platform-dev": [] + "platform-dev": [], + "platform-overrides": { + "php": "5.3.9" + } } diff --git a/doc/00-intro.md b/doc/00-intro.md index 2c652a5e1..1d09f2339 100644 --- a/doc/00-intro.md +++ b/doc/00-intro.md @@ -1,54 +1,42 @@ # Introduction Composer is a tool for dependency management in PHP. It allows you to declare -the dependent libraries your project needs and it will install them in your -project for you. +the libraries your project depends on and it will manage (install/update) them +for you. ## Dependency management -Composer is not a package manager. Yes, it deals with "packages" or libraries, but -it manages them on a per-project basis, installing them in a directory (e.g. `vendor`) -inside your project. By default it will never install anything globally. Thus, -it is a dependency manager. +Composer is **not** a package manager in the same sense as Yum or Apt are. Yes, +it deals with "packages" or libraries, but it manages them on a per-project +basis, installing them in a directory (e.g. `vendor`) inside your project. By +default it does not install anything globally. Thus, it is a dependency +manager. It does however support a "global" project for convenience via the +[global](03-cli.md#global) command. -This idea is not new and Composer is strongly inspired by node's [npm](http://npmjs.org/) -and ruby's [bundler](http://gembundler.com/). But there has not been such a tool -for PHP. +This idea is not new and Composer is strongly inspired by node's +[npm](https://npmjs.org/) and ruby's [bundler](http://bundler.io/). -The problem that Composer solves is this: +Suppose: a) You have a project that depends on a number of libraries. b) Some of those libraries depend on other libraries. -c) You declare the things you depend on. +Composer: -d) Composer finds out which versions of which packages need to be installed, and - installs them (meaning it downloads them into your project). - -## Declaring dependencies +c) Enables you to declare the libraries you depend on. -Let's say you are creating a project, and you need a library that does logging. -You decide to use [monolog](https://github.com/Seldaek/monolog). In order to -add it to your project, all you need to do is create a `composer.json` file -which describes the project's dependencies. - -```json -{ - "require": { - "monolog/monolog": "1.2.*" - } -} -``` +d) Finds out which versions of which packages can and need to be installed, and + installs them (meaning it downloads them into your project). -We are simply stating that our project requires some `monolog/monolog` package, -any version beginning with `1.2`. +See the [Basic usage](01-basic-usage.md) chapter for more details on declaring +dependencies. ## System Requirements Composer requires PHP 5.3.2+ to run. A few sensitive php settings and compile -flags are also required, but when using the installer you will be warned about any -incompatibilities. +flags are also required, but when using the installer you will be warned about +any incompatibilities. To install packages from sources instead of simple zip archives, you will need git, svn or hg depending on how the package is version-controlled. @@ -60,6 +48,12 @@ Linux and OSX. ### Downloading the Composer Executable +Composer offers a convenient installer that you can execute directly from the +commandline. Feel free to [download this file](https://getcomposer.org/installer) +or review it on [GitHub](https://github.com/composer/getcomposer.org/blob/master/web/installer) +if you wish to know more about the inner workings of the installer. The source +is plain PHP. + There are in short, two ways to install Composer. Locally as part of your project, or globally as a system wide executable. @@ -79,37 +73,54 @@ curl -sS https://getcomposer.org/installer | php php -r "readfile('https://getcomposer.org/installer');" | php ``` -The installer will just check a few PHP settings and then download `composer.phar` -to your working directory. This file is the Composer binary. It is a PHAR (PHP -archive), which is an archive format for PHP which can be run on the command -line, amongst other things. +The installer will just check a few PHP settings and then download +`composer.phar` to your working directory. This file is the Composer binary. It +is a PHAR (PHP archive), which is an archive format for PHP which can be run on +the command line, amongst other things. + +Now just run `php composer.phar` in order to run Composer. You can install Composer to a specific directory by using the `--install-dir` -option and providing a target directory (it can be an absolute or relative path): +option and additionally (re)name it as well using the `--filename` option: ```sh -curl -sS https://getcomposer.org/installer | php -- --install-dir=bin +curl -sS https://getcomposer.org/installer | php -- --install-dir=bin --filename=composer ``` +Now just run `php bin/composer` in order to run Composer. + #### Globally -You can place this file anywhere you wish. If you put it in your `PATH`, -you can access it globally. On unixy systems you can even make it -executable and invoke it without `php`. +You can place the Composer PHAR anywhere you wish. If you put it in a directory +that is part of your `PATH`, you can access it globally. On unixy systems you +can even make it executable and invoke it without directly using the `php` +interpreter. -You can run these commands to easily access `composer` from anywhere on your system: +Run these commands to globally install `composer` on your system: ```sh curl -sS https://getcomposer.org/installer | php mv composer.phar /usr/local/bin/composer ``` -> **Note:** If the above fails due to permissions, run the `mv` line -> again with sudo. +> **Note:** If the above fails due to permissions, run the `mv` line again +> with sudo. -> **Note:** In OSX Yosemite the `/usr` directory does not exist by default. If you receive the error "/usr/local/bin/composer: No such file or directory" then you must create `/usr/local/bin/` manually before proceeding. +A quick copy-paste version including sudo: -Then, just run `composer` in order to run Composer instead of `php composer.phar`. +```sh +curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin --filename=composer +``` + +> **Note:** On some versions of OSX the `/usr` directory does not exist by +> default. If you receive the error "/usr/local/bin/composer: No such file or +> directory" then you must create the directory manually before proceeding: +> `mkdir -p /usr/local/bin`. + +> **Note:** For information on changing your PATH, please read the +> [Wikipedia article](https://en.wikipedia.org/wiki/PATH_(variable)) and/or use Google. + +Now just run `composer` in order to run Composer instead of `php composer.phar`. ## Installation - Windows @@ -117,17 +128,18 @@ Then, just run `composer` in order to run Composer instead of `php composer.phar This is the easiest way to get Composer set up on your machine. -Download and run [Composer-Setup.exe](https://getcomposer.org/Composer-Setup.exe), -it will install the latest Composer version and set up your PATH so that you can -just call `composer` from any directory in your command line. +Download and run +[Composer-Setup.exe](https://getcomposer.org/Composer-Setup.exe). It will +install the latest Composer version and set up your PATH so that you can just +call `composer` from any directory in your command line. -> **Note:** Close your current terminal. Test usage with a new terminal: -> That is important since the PATH only gets loaded when the terminal starts. +> **Note:** Close your current terminal. Test usage with a new terminal: This is +> important since the PATH only gets loaded when the terminal starts. ### Manual Installation Change to a directory on your `PATH` and run the install snippet to download -composer.phar: +`composer.phar`: ```sh C:\Users\username>cd C:\bin @@ -135,7 +147,7 @@ C:\bin>php -r "readfile('https://getcomposer.org/installer');" | php ``` > **Note:** If the above fails due to readfile, enable php_openssl.dll in php.ini. -> You may use the http URL, however this will leave the request susceptible to a +> You may use the `http` URL, however this will leave the request susceptible to a > Man-In-The-Middle (MITM) attack. Create a new `composer.bat` file alongside `composer.phar`: @@ -144,6 +156,8 @@ Create a new `composer.bat` file alongside `composer.phar`: C:\bin>echo @php "%~dp0composer.phar" %*>composer.bat ``` +Add the directory to your PATH environment variable if it isn't already. + Close your current terminal. Test usage with a new terminal: ```sh @@ -153,46 +167,7 @@ Composer version 27d8904 ## Using Composer -We will now use Composer to install the dependencies of the project. If you -don't have a `composer.json` file in the current directory please skip to the -[Basic Usage](01-basic-usage.md) chapter. - -To resolve and download dependencies, run the `install` command: - -```sh -php composer.phar install -``` - -If you did a global install and do not have the phar in that directory -run this instead: - -```sh -composer install -``` - -Following the [example above](#declaring-dependencies), this will download -monolog into the `vendor/monolog/monolog` directory. - -> **Note:** Composer will attempt to protect all HTTPS requests using SSL/TLS. It -> implements peer verification using a certificate bundle, either one installed on -> the local system or a copy distributed with Composer. You may also pass the path -> to a bundle using the --cafile option for most commands. While you can also -> disable peer verification by passing the --disable-tls option, this is not -> recommended and will leave all downloads susceptible to Man-In-The-Middle (MITM) -> attacks. - -## Autoloading - -Besides downloading the library, Composer also prepares an autoload file that's -capable of autoloading all of the classes in any of the libraries that it -downloads. To use it, just add the following line to your code's bootstrap -process: - -```php -require 'vendor/autoload.php'; -``` - -Woah! Now start using monolog! To keep learning more about Composer, keep -reading the "Basic Usage" chapter. +Now that you've installed Composer, you are ready to use it! Head on over to the +next chapter for a short and simple demonstration. -[Basic Usage](01-basic-usage.md) → +[Basic usage](01-basic-usage.md) → diff --git a/doc/01-basic-usage.md b/doc/01-basic-usage.md index ef72f556c..b33f06ac6 100644 --- a/doc/01-basic-usage.md +++ b/doc/01-basic-usage.md @@ -1,8 +1,13 @@ # Basic usage -## Installing +## Introduction -If you have not yet installed Composer, refer to the [Intro](00-intro.md) chapter. +For our basic usage introduction, we will be installing `monolog/monolog`, +a logging library. If you have not yet installed Composer, refer to the +[Intro](00-intro.md) chapter. + +> **Note:** for the sake of simplicity, this introduction will assume you +> have performed a [local](00-intro.md#locally) install of Composer. ## `composer.json`: Project Setup @@ -10,14 +15,11 @@ To start using Composer in your project, all you need is a `composer.json` file. This file describes the dependencies of your project and may contain other metadata as well. -The [JSON format](http://json.org/) is quite easy to write. It allows you to -define nested structures. - ### The `require` Key The first (and often only) thing you specify in `composer.json` is the -`require` key. You're simply telling Composer which packages your project -depends on. +[`require`](04-schema.md#require) key. You're simply telling Composer which +packages your project depends on. ```json { @@ -27,15 +29,16 @@ depends on. } ``` -As you can see, `require` takes an object that maps **package names** (e.g. `monolog/monolog`) -to **package versions** (e.g. `1.0.*`). +As you can see, [`require`](04-schema.md#require) takes an object that maps +**package names** (e.g. `monolog/monolog`) to **version constraints** (e.g. +`1.0.*`). ### Package Names The package name consists of a vendor name and the project's name. Often these -will be identical - the vendor name just exists to prevent naming clashes. It allows -two different people to create a library named `json`, which would then just be -named `igorw/json` and `seldaek/json`. +will be identical - the vendor name just exists to prevent naming clashes. It +allows two different people to create a library named `json`, which would then +just be named `igorw/json` and `seldaek/json`. Here we are requiring `monolog/monolog`, so the vendor name is the same as the project's name. For projects with a unique name this is recommended. It also @@ -45,59 +48,26 @@ smaller decoupled parts. ### Package Versions -In the previous example we were requiring version `1.0.*` of monolog. This -means any version in the `1.0` development branch. It would match `1.0.0`, -`1.0.2` or `1.0.20`. - -Version constraints can be specified in a few different ways. - -Name | Example | Description --------------- | ------------------------------------------------------------------------ | ----------- -Exact version | `1.0.2` | You can specify the exact version of a package. -Range | `>=1.0` `>=1.0 <2.0` >=1.0 <1.1 || >=1.2 | By using comparison operators you can specify ranges of valid versions. Valid operators are `>`, `>=`, `<`, `<=`, `!=`.
You can define multiple ranges. Ranges separated by a space ( ) or comma (`,`) will be treated as a **logical AND**. A double pipe (||) will be treated as a **logical OR**. AND has higher precedence than OR. -Hyphen Range | `1.0 - 2.0` | Inclusive set of versions. Partial versions on the right include are completed with a wildcard. For example `1.0 - 2.0` is equivalent to `>=1.0.0 <2.1` as the `2.0` becomes `2.0.*`. On the other hand `1.0.0 - 2.1.0` is equivalent to `>=1.0.0 <=2.1.0`. -Wildcard | `1.0.*` | You can specify a pattern with a `*` wildcard. `1.0.*` is the equivalent of `>=1.0 <1.1`. -Tilde Operator | `~1.2` | Very useful for projects that follow semantic versioning. `~1.2` is equivalent to `>=1.2 <2.0`. For more details, read the next section below. -Caret Operator | `^1.2.3` | Very useful for projects that follow semantic versioning. `^1.2.3` is equivalent to `>=1.2.3 <2.0`. For more details, read the next section below. - -### Next Significant Release (Tilde and Caret Operators) - -The `~` operator is best explained by example: `~1.2` is equivalent to -`>=1.2 <2.0.0`, while `~1.2.3` is equivalent to `>=1.2.3 <1.3.0`. As you can see -it is mostly useful for projects respecting [semantic -versioning](http://semver.org/). A common usage would be to mark the minimum -minor version you depend on, like `~1.2` (which allows anything up to, but not -including, 2.0). Since in theory there should be no backwards compatibility -breaks until 2.0, that works well. Another way of looking at it is that using -`~` specifies a minimum version, but allows the last digit specified to go up. - -The `^` operator behaves very similarly but it sticks closer to semantic -versioning, and will always allow non-breaking updates. For example `^1.2.3` -is equivalent to `>=1.2.3 <2.0.0` as none of the releases until 2.0 should -break backwards compatibility. For pre-1.0 versions it also acts with safety -in mind and treats `^0.3` as `>=0.3.0 <0.4.0` - -> **Note:** Though `2.0-beta.1` is strictly before `2.0`, a version constraint -> like `~1.2` would not install it. As said above `~1.2` only means the `.2` -> can change but the `1.` part is fixed. - -> **Note:** The `~` operator has an exception on its behavior for the major -> release number. This means for example that `~1` is the same as `~1.0` as -> it will not allow the major number to increase trying to keep backwards -> compatibility. +In the previous example we were requiring version +[`1.0.*`](http://semver.mwl.be/#?package=monolog%2Fmonolog&version=1.0.*) of +Monolog. This means any version in the `1.0` development branch. It is the +equivalent of saying versions that match `>=1.0 <1.1`. + +Version constraints can be specified in several ways, read +[versions](articles/versions.md) for more in-depth information on this topic. ### Stability -By default only stable releases are taken into consideration. If you would like -to also get RC, beta, alpha or dev versions of your dependencies you can do -so using [stability flags](04-schema.md#package-links). To change that for all -packages instead of doing per dependency you can also use the +By default only stable releases are taken into consideration. If you would +like to also get RC, beta, alpha or dev versions of your dependencies you can +do so using [stability flags](04-schema.md#package-links). To change that for +all packages instead of doing per dependency you can also use the [minimum-stability](04-schema.md#minimum-stability) setting. ## Installing Dependencies -To fetch the defined dependencies into your local project, just run the -`install` command of `composer.phar`. +To install the defined dependencies for your project, just run the +[`install`](03-cli.md#install) command. ```sh php composer.phar install @@ -106,14 +76,14 @@ php composer.phar install This will find the latest version of `monolog/monolog` that matches the supplied version constraint and download it into the `vendor` directory. It's a convention to put third party code into a directory named `vendor`. -In case of monolog it will put it into `vendor/monolog/monolog`. +In case of Monolog it will put it into `vendor/monolog/monolog`. > **Tip:** If you are using git for your project, you probably want to add -> `vendor` into your `.gitignore`. You really don't want to add all of that +> `vendor` in your `.gitignore`. You really don't want to add all of that > code to your repository. -Another thing that the `install` command does is it adds a `composer.lock` -file into your project root. +You will notice the [`install`](03-cli.md#install) command also created a +`composer.lock` file. ## `composer.lock` - The Lock File @@ -121,82 +91,82 @@ After installing the dependencies, Composer writes the list of the exact versions it installed into a `composer.lock` file. This locks the project to those specific versions. -**Commit your application's `composer.lock` (along with `composer.json`) into version control.** +**Commit your application's `composer.lock` (along with `composer.json`) +into version control.** -This is important because the `install` command checks if a lock file is present, -and if it is, it downloads the versions specified there (regardless of what `composer.json` -says). +This is important because the [`install`](03-cli.md#install) command checks +if a lock file is present, and if it is, it downloads the versions specified +there (regardless of what `composer.json` says). -This means that anyone who sets up the project will download the exact -same version of the dependencies. Your CI server, production machines, other -developers in your team, everything and everyone runs on the same dependencies, which -mitigates the potential for bugs affecting only some parts of the deployments. Even if you -develop alone, in six months when reinstalling the project you can feel confident the -dependencies installed are still working even if your dependencies released -many new versions since then. +This means that anyone who sets up the project will download the exact same +version of the dependencies. Your CI server, production machines, other +developers in your team, everything and everyone runs on the same dependencies, +which mitigates the potential for bugs affecting only some parts of the +deployments. Even if you develop alone, in six months when reinstalling the +project you can feel confident the dependencies installed are still working even +if your dependencies released many new versions since then. If no `composer.lock` file exists, Composer will read the dependencies and -versions from `composer.json` and create the lock file after executing the `update` or the `install` -command. +versions from `composer.json` and create the lock file after executing the +[`update`](03-cli.md#update) or the [`install`](03-cli.md#install) command. -This means that if any of the dependencies get a new version, you won't get the updates -automatically. To update to the new version, use `update` command. This will fetch -the latest matching versions (according to your `composer.json` file) and also update -the lock file with the new version. +This means that if any of the dependencies get a new version, you won't get the +updates automatically. To update to the new version, use the +[`update`](03-cli.md#update) command. This will fetch the latest matching +versions (according to your `composer.json` file) and also update the lock file +with the new version. ```sh php composer.phar update ``` -> **Note:** Composer will display a Warning when executing an `install` command if - `composer.lock` and `composer.json` are not synchronized. - +> **Note:** Composer will display a Warning when executing an `install` command +> if `composer.lock` and `composer.json` are not synchronized. + If you only want to install or update one dependency, you can whitelist them: ```sh php composer.phar update monolog/monolog [...] ``` -> **Note:** For libraries it is not necessarily recommended to commit the lock file, -> see also: [Libraries - Lock file](02-libraries.md#lock-file). +> **Note:** For libraries it is not necessary to commit the lock +> file, see also: [Libraries - Lock file](02-libraries.md#lock-file). ## Packagist [Packagist](https://packagist.org/) is the main Composer repository. A Composer repository is basically a package source: a place where you can get packages from. Packagist aims to be the central repository that everybody uses. This -means that you can automatically `require` any package that is available -there. +means that you can automatically `require` any package that is available there. -If you go to the [packagist website](https://packagist.org/) (packagist.org), +If you go to the [Packagist website](https://packagist.org/) (packagist.org), you can browse and search for packages. -Any open source project using Composer should publish their packages on -packagist. A library doesn't need to be on packagist to be used by Composer, -but it makes life quite a bit simpler. +Any open source project using Composer is recommended to publish their packages +on Packagist. A library doesn't need to be on Packagist to be used by Composer, +but it enables discovery and adoption by other developers more quickly. ## Autoloading For libraries that specify autoload information, Composer generates a -`vendor/autoload.php` file. You can simply include this file and you -will get autoloading for free. +`vendor/autoload.php` file. You can simply include this file and you will get +autoloading for free. ```php -require 'vendor/autoload.php'; +require __DIR__ . '/vendor/autoload.php'; ``` -This makes it really easy to use third party code. For example: If your -project depends on monolog, you can just start using classes from it, and they -will be autoloaded. +This makes it really easy to use third party code. For example: If your project +depends on Monolog, you can just start using classes from it, and they will be +autoloaded. ```php $log = new Monolog\Logger('name'); $log->pushHandler(new Monolog\Handler\StreamHandler('app.log', Monolog\Logger::WARNING)); - $log->addWarning('Foo'); ``` -You can even add your own code to the autoloader by adding an `autoload` field -to `composer.json`. +You can even add your own code to the autoloader by adding an +[`autoload`](04-schema.md#autoload) field to `composer.json`. ```json { @@ -213,24 +183,25 @@ You define a mapping from namespaces to directories. The `src` directory would be in your project root, on the same level as `vendor` directory is. An example filename would be `src/Foo.php` containing an `Acme\Foo` class. -After adding the `autoload` field, you have to re-run `dump-autoload` to re-generate -the `vendor/autoload.php` file. +After adding the [`autoload`](04-schema.md#autoload) field, you have to re-run +[`dump-autoload`](03-cli.md#dump-autoload) to re-generate the +`vendor/autoload.php` file. Including that file will also return the autoloader instance, so you can store the return value of the include call in a variable and add more namespaces. This can be useful for autoloading classes in a test suite, for example. ```php -$loader = require 'vendor/autoload.php'; +$loader = require __DIR__ . '/vendor/autoload.php'; $loader->add('Acme\\Test\\', __DIR__); ``` -In addition to PSR-4 autoloading, classmap is also supported. This allows -classes to be autoloaded even if they do not conform to PSR-4. See the -[autoload reference](04-schema.md#autoload) for more details. +In addition to PSR-4 autoloading, Composer also supports PSR-0, classmap and +files autoloading. See the [`autoload`](04-schema.md#autoload) reference for +more information. -> **Note:** Composer provides its own autoloader. If you don't want to use -that one, you can just include `vendor/composer/autoload_*.php` files, -which return associative arrays allowing you to configure your own autoloader. +> **Note:** Composer provides its own autoloader. If you don't want to use that +> one, you can just include `vendor/composer/autoload_*.php` files, which return +> associative arrays allowing you to configure your own autoloader. ← [Intro](00-intro.md) | [Libraries](02-libraries.md) → diff --git a/doc/02-libraries.md b/doc/02-libraries.md index 913f996b7..da5725e4d 100644 --- a/doc/02-libraries.md +++ b/doc/02-libraries.md @@ -1,16 +1,17 @@ # Libraries -This chapter will tell you how to make your library installable through Composer. +This chapter will tell you how to make your library installable through +Composer. ## Every project is a package As soon as you have a `composer.json` in a directory, that directory is a -package. When you add a `require` to a project, you are making a package that -depends on other packages. The only difference between your project and -libraries is that your project is a package without a name. +package. When you add a [`require`](04-schema.md#require) to a project, you are +making a package that depends on other packages. The only difference between +your project and libraries is that your project is a package without a name. In order to make that package installable you need to give it a name. You do -this by adding a `name` to `composer.json`: +this by adding the [`name`](04-schema.md#name) property in `composer.json`: ```json { @@ -21,12 +22,12 @@ this by adding a `name` to `composer.json`: } ``` -In this case the project name is `acme/hello-world`, where `acme` is the -vendor name. Supplying a vendor name is mandatory. +In this case the project name is `acme/hello-world`, where `acme` is the vendor +name. Supplying a vendor name is mandatory. > **Note:** If you don't know what to use as a vendor name, your GitHub -username is usually a good bet. While package names are case insensitive, the -convention is all lowercase and dashes for word separation. +> username is usually a good bet. While package names are case insensitive, the +> convention is all lowercase and dashes for word separation. ## Platform packages @@ -50,15 +51,14 @@ includes PHP itself, PHP extensions and some system libraries. PHP. The following are available: `curl`, `iconv`, `icu`, `libxml`, `openssl`, `pcre`, `uuid`, `xsl`. -You can use `composer show --platform` to get a list of your locally available -platform packages. +You can use [`show --platform`](03-cli.md#show) to get a list of your locally +available platform packages. ## Specifying the version -You need to specify the package's version some way. When you publish your -package on Packagist, it is able to infer the version from the VCS (git, svn, -hg) information, so in that case you do not have to specify it, and it is -recommended not to. See [tags](#tags) and [branches](#branches) to see how +When you publish your package on Packagist, it is able to infer the version +from the VCS (git, svn, hg) information. This means you don't have to +explicitly declare it. Read [tags](#tags) and [branches](#branches) to see how version numbers are extracted from these. If you are creating packages by hand and really have to specify it explicitly, @@ -76,9 +76,9 @@ you can just add a `version` field: ### Tags For every tag that looks like a version, a package version of that tag will be -created. It should match 'X.Y.Z' or 'vX.Y.Z', with an optional suffix -of `-patch` (`-p`), `-alpha` (`-a`), `-beta` (`-b`) or `-RC`. The suffixes -can also be followed by a number. +created. It should match 'X.Y.Z' or 'vX.Y.Z', with an optional suffix of +`-patch` (`-p`), `-alpha` (`-a`), `-beta` (`-b`) or `-RC`. The suffix can also +be followed by a number. Here are a few examples of valid tag names: @@ -89,19 +89,20 @@ Here are a few examples of valid tag names: - v2.0.0-alpha - v2.0.4-p1 -> **Note:** Even if your tag is prefixed with `v`, a [version constraint](01-basic-usage.md#package-versions) -> in a `require` statement has to be specified without prefix -> (e.g. tag `v1.0.0` will result in version `1.0.0`). +> **Note:** Even if your tag is prefixed with `v`, a +> [version constraint](01-basic-usage.md#package-versions) in a `require` +> statement has to be specified without prefix (e.g. tag `v1.0.0` will result +> in version `1.0.0`). ### Branches For every branch, a package development version will be created. If the branch -name looks like a version, the version will be `{branchname}-dev`. For example -a branch `2.0` will get a version `2.0.x-dev` (the `.x` is added for technical -reasons, to make sure it is recognized as a branch, a `2.0.x` branch would also -be valid and be turned into `2.0.x-dev` as well. If the branch does not look -like a version, it will be `dev-{branchname}`. `master` results in a -`dev-master` version. +name looks like a version, the version will be `{branchname}-dev`. For example, +the branch `2.0` will get the `2.0.x-dev` version (the `.x` is added for +technical reasons, to make sure it is recognized as a branch). The `2.0.x` +branch would also be valid and be turned into `2.0.x-dev` as well. If the +branch does not look like a version, it will be `dev-{branchname}`. `master` +results in a `dev-master` version. Here are some examples of version branch names: @@ -116,8 +117,8 @@ Here are some examples of version branch names: ### Aliases It is possible to alias branch names to versions. For example, you could alias -`dev-master` to `1.0.x-dev`, which would allow you to require `1.0.x-dev` in all -the packages. +`dev-master` to `1.0.x-dev`, which would allow you to require `1.0.x-dev` in +all the packages. See [Aliases](articles/aliases.md) for more information. @@ -133,7 +134,7 @@ the `.gitignore`. ## Publishing to a VCS -Once you have a vcs repository (version control system, e.g. git) containing a +Once you have a VCS repository (version control system, e.g. git) containing a `composer.json` file, your library is already composer-installable. In this example we will publish the `acme/hello-world` library on GitHub under `github.com/username/hello-world`. @@ -180,31 +181,32 @@ For more details on how package repositories work and what other types are available, see [Repositories](05-repositories.md). That's all. You can now install the dependencies by running Composer's -`install` command! +[`install`](03-cli.md#install) command! **Recap:** Any git/svn/hg repository containing a `composer.json` can be added to your project by specifying the package repository and declaring the -dependency in the `require` field. +dependency in the [`require`](04-schema.md#require) field. ## Publishing to packagist -Alright, so now you can publish packages. But specifying the vcs repository +Alright, so now you can publish packages. But specifying the VCS repository every time is cumbersome. You don't want to force all your users to do that. The other thing that you may have noticed is that we did not specify a package -repository for `monolog/monolog`. How did that work? The answer is packagist. +repository for `monolog/monolog`. How did that work? The answer is Packagist. [Packagist](https://packagist.org/) is the main package repository for Composer, and it is enabled by default. Anything that is published on -packagist is available automatically through Composer. Since monolog -[is on packagist](https://packagist.org/packages/monolog/monolog), we can depend -on it without having to specify any additional repositories. +Packagist is available automatically through Composer. Since +[Monolog is on Packagist](https://packagist.org/packages/monolog/monolog), we +can depend on it without having to specify any additional repositories. If we wanted to share `hello-world` with the world, we would publish it on -packagist as well. Doing so is really easy. +Packagist as well. Doing so is really easy. -You simply hit the big "Submit Package" button and sign up. Then you submit -the URL to your VCS repository, at which point packagist will start crawling -it. Once it is done, your package will be available to anyone. +You simply visit [Packagist](https://packagist.org) and hit the "Submit". This +will prompt you to sign up if you haven't already, and then allows you to +submit the URL to your VCS repository, at which point Packagist will start +crawling it. Once it is done, your package will be available to anyone! ← [Basic usage](01-basic-usage.md) | [Command-line interface](03-cli.md) → diff --git a/doc/03-cli.md b/doc/03-cli.md index 700ebf7cc..62d3f74b8 100644 --- a/doc/03-cli.md +++ b/doc/03-cli.md @@ -64,30 +64,31 @@ If there is a `composer.lock` file in the current directory, it will use the exact versions from there instead of resolving them. This ensures that everyone using the library will get the same versions of the dependencies. -If there is no `composer.lock` file, composer will create one after dependency +If there is no `composer.lock` file, Composer will create one after dependency resolution. ### Options * **--prefer-source:** There are two ways of downloading a package: `source` - and `dist`. For stable versions composer will use the `dist` by default. + and `dist`. For stable versions Composer will use the `dist` by default. The `source` is a version control repository. If `--prefer-source` is - enabled, composer will install from `source` if there is one. This is + enabled, Composer will install from `source` if there is one. This is useful if you want to make a bugfix to a project and get a local git clone of the dependency directly. -* **--prefer-dist:** Reverse of `--prefer-source`, composer will install +* **--prefer-dist:** Reverse of `--prefer-source`, Composer will install from `dist` if possible. This can speed up installs substantially on build servers and other use cases where you typically do not run updates of the vendors. It is also a way to circumvent problems with git if you do not have a proper setup. * **--ignore-platform-reqs:** ignore `php`, `hhvm`, `lib-*` and `ext-*` requirements and force the installation even if the local machine does not - fulfill these. + fulfill these. See also the [`platform`](06-config.md#platform) config option. * **--dry-run:** If you want to run through an installation without actually installing a package, you can use `--dry-run`. This will simulate the installation and show you what would happen. * **--dev:** Install packages listed in `require-dev` (this is the default behavior). -* **--no-dev:** Skip installing packages listed in `require-dev`. +* **--no-dev:** Skip installing packages listed in `require-dev`. The autoloader + generation skips the `autoload-dev` rules. * **--no-autoloader:** Skips autoloader generation. * **--no-scripts:** Skips execution of scripts defined in `composer.json`. * **--no-plugins:** Disables plugins. @@ -98,6 +99,8 @@ resolution. a bit of time to run so it is currently not done by default. * **--disable-tls:** Display SSL/TLS peer verification. * **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification. +* **--classmap-authoritative (-a):** Autoload classes from the classmap only. + Implicitly enables `--optimize-autoloader`. ## update @@ -129,10 +132,10 @@ php composer.phar update vendor/* * **--prefer-dist:** Install packages from `dist` when available. * **--ignore-platform-reqs:** ignore `php`, `hhvm`, `lib-*` and `ext-*` requirements and force the installation even if the local machine does not - fulfill these. + fulfill these. See also the [`platform`](06-config.md#platform) config option. * **--dry-run:** Simulate the command without actually doing anything. * **--dev:** Install packages listed in `require-dev` (this is the default behavior). -* **--no-dev:** Skip installing packages listed in `require-dev`. +* **--no-dev:** Skip installing packages listed in `require-dev`. The autoloader generation skips the `autoload-dev` rules. * **--no-autoloader:** Skips autoloader generation. * **--no-scripts:** Skips execution of scripts defined in `composer.json`. * **--no-plugins:** Disables plugins. @@ -141,11 +144,13 @@ php composer.phar update vendor/* * **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to get a faster autoloader. This is recommended especially for production, but can take a bit of time to run so it is currently not done by default. +* **--classmap-authoritative (-a):** Autoload classes from the classmap only. + Implicitly enables `--optimize-autoloader`. * **--lock:** Only updates the lock file hash to suppress warning about the lock file being out of date. -* **--with-dependencies** Add also all dependencies of whitelisted packages to the whitelist. * **--disable-tls:** Display SSL/TLS peer verification. * **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification. +* **--with-dependencies:** Add also all dependencies of whitelisted packages to the whitelist. * **--prefer-stable:** Prefer stable versions of dependencies. * **--prefer-lowest:** Prefer lowest versions of dependencies. Useful for testing minimal versions of requirements, generally used with `--prefer-stable`. @@ -175,16 +180,22 @@ php composer.phar require vendor/package:2.* vendor/package2:dev-master * **--prefer-dist:** Install packages from `dist` when available. * **--ignore-platform-reqs:** ignore `php`, `hhvm`, `lib-*` and `ext-*` requirements and force the installation even if the local machine does not - fulfill these. + fulfill these. See also the [`platform`](06-config.md#platform) config option. * **--dev:** Add packages to `require-dev`. * **--no-update:** Disables the automatic update of the dependencies. * **--no-progress:** Removes the progress display that can mess with some terminals or scripts which don't handle backspace characters. -* **--update-no-dev** Run the dependency update with the --no-dev option. -* **--update-with-dependencies** Also update dependencies of the newly +* **--update-no-dev:** Run the dependency update with the `--no-dev` option. +* **--update-with-dependencies:** Also update dependencies of the newly required packages. * **--disable-tls:** Display SSL/TLS peer verification. * **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification. +* **--sort-packages:** Keep packages sorted in `composer.json`. +* **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to + get a faster autoloader. This is recommended especially for production, but + can take a bit of time to run so it is currently not done by default. +* **--classmap-authoritative (-a):** Autoload classes from the classmap only. + Implicitly enables `--optimize-autoloader`. ## remove @@ -201,13 +212,18 @@ uninstalled. ### Options * **--ignore-platform-reqs:** ignore `php`, `hhvm`, `lib-*` and `ext-*` requirements and force the installation even if the local machine does not - fulfill these. + fulfill these. See also the [`platform`](06-config.md#platform) config option. * **--dev:** Remove packages from `require-dev`. * **--no-update:** Disables the automatic update of the dependencies. * **--no-progress:** Removes the progress display that can mess with some terminals or scripts which don't handle backspace characters. -* **--update-no-dev** Run the dependency update with the --no-dev option. -* **--update-with-dependencies** Also update dependencies of the removed packages. +* **--update-no-dev:** Run the dependency update with the --no-dev option. +* **--update-with-dependencies:** Also update dependencies of the removed packages. +* **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to + get a faster autoloader. This is recommended especially for production, but + can take a bit of time to run so it is currently not done by default. +* **--classmap-authoritative (-a):** Autoload classes from the classmap only. + Implicitly enables `--optimize-autoloader`. ## global @@ -215,6 +231,9 @@ The global command allows you to run other commands like `install`, `require` or `update` as if you were running them from the [COMPOSER_HOME](#composer-home) directory. +This is merely a helper to manage a project stored in a central location that +can hold CLI tools or Composer plugins that you want to have available everywhere. + This can be used to install CLI utilities globally and if you add `$COMPOSER_HOME/vendor/bin` to your `$PATH` environment variable. Here is an example: @@ -267,8 +286,8 @@ name : monolog/monolog versions : master-dev, 1.0.2, 1.0.1, 1.0.0, 1.0.0-RC1 type : library names : monolog/monolog -source : [git] http://github.com/Seldaek/monolog.git 3d4e60d0cbc4b888fe5ad223d77964428b1978da -dist : [zip] http://github.com/Seldaek/monolog/zipball/3d4e60d0cbc4b888fe5ad223d77964428b1978da 3d4e60d0cbc4b888fe5ad223d77964428b1978da +source : [git] https://github.com/Seldaek/monolog.git 3d4e60d0cbc4b888fe5ad223d77964428b1978da +dist : [zip] https://github.com/Seldaek/monolog/zipball/3d4e60d0cbc4b888fe5ad223d77964428b1978da 3d4e60d0cbc4b888fe5ad223d77964428b1978da license : MIT autoload @@ -293,6 +312,7 @@ php composer.phar show monolog/monolog 1.0.2 * **--self (-s):** List the root package info. * **--disable-tls:** Display SSL/TLS peer verification. * **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification. +* **--tree (-t):** List the dependencies as a tree. Only usable when giving a single package name or combined with `-i`. ## browse / home @@ -303,6 +323,18 @@ in your browser. * **--homepage (-H):** Open the homepage instead of the repository URL. +## suggests + +Lists all packages suggested by currently installed set of packages. You can +optionally pass one or multiple package names in the format of `vendor/package` +to limit output to suggestions made by those packages only. + +### Options + +* **--no-dev:** Excludes suggestions from `require-dev` packages. +* **--verbose (-v):** Increased verbosity adds suggesting package name and + reason for suggestion. + ## depends The `depends` command tells you which other packages depend on a certain @@ -312,17 +344,21 @@ should be included in the listing. By default both are used. ```sh php composer.phar depends --link-type=require monolog/monolog -nrk/monolog-fluent -poc/poc -propel/propel -symfony/monolog-bridge -symfony/symfony +nrk/monolog-fluent requires monolog/monolog (~1.8) +poc/poc requires monolog/monolog (^1.6) +propel/propel requires monolog/monolog (1.*) +symfony/monolog-bridge requires monolog/monolog (>=1.2) +symfony/symfony requires monolog/monolog (~1) ``` ### Options * **--link-type:** The link types to match on, can be specified multiple times. +* **--match-constraint (-m):** Filters the dependencies shown using this constraint. +* **--invert-match-constraint (-i):** Turns --match-constraint around into a blacklist + insteead of a whitelist. +* **--with-replaces:** Search for replaced packages as well. ## validate @@ -336,7 +372,9 @@ php composer.phar validate ### Options -* **--no-check-all:** Whether or not composer do a complete validation. +* **--no-check-all:** Do not emit a warning if requirements in `composer.json` use unbound version constraints. +* **--no-check-lock:** Do not emit an error if `composer.lock` exists and is not up to date. +* **--no-check-publish:** Do not emit an error if `composer.json` is unsuitable for publishing as a package on Packagist but is otherwise valid. ## status @@ -361,7 +399,7 @@ vendor/seld/jsonlint: ## self-update -To update composer itself to the latest version, just run the `self-update` +To update Composer itself to the latest version, just run the `self-update` command. It will replace your `composer.phar` with the latest version. ```sh @@ -374,7 +412,7 @@ If you would like to instead update to a specific release simply specify it: php composer.phar self-update 1.0.0-alpha7 ``` -If you have installed composer for your entire system (see [global installation](00-intro.md#globally)), +If you have installed Composer for your entire system (see [global installation](00-intro.md#globally)), you may have to run the command with `root` privileges ```sh @@ -384,13 +422,14 @@ sudo composer self-update ### Options * **--rollback (-r):** Rollback to the last version you had installed. -* **--clean-backups:** Delete old backups during an update. This makes the current version of composer the only backup available after the update. * **--disable-tls:** Display SSL/TLS peer verification. * **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification. +* **--clean-backups:** Delete old backups during an update. This makes the + current version of Composer the only backup available after the update. ## config -The `config` command allows you to edit some basic composer settings in either +The `config` command allows you to edit some basic Composer settings in either the local composer.json file or the global config.json file. ```sh @@ -405,8 +444,7 @@ php composer.phar config --list configuration value. For settings that can take an array of values (like `github-protocols`), more than one setting-value arguments are allowed. -See the [config schema section](04-schema.md#config) for valid configuration -options. +See the [Config](06-config.md) chapter for valid configuration options. ### Options @@ -430,13 +468,13 @@ In addition to modifying the config section, the `config` command also supports changes to the repositories section by using it the following way: ```sh -php composer.phar config repositories.foo vcs http://github.com/foo/bar +php composer.phar config repositories.foo vcs https://github.com/foo/bar ``` ## create-project You can use Composer to create new projects from an existing package. This is -the equivalent of doing a git clone/svn checkout followed by a composer install +the equivalent of doing a git clone/svn checkout followed by a "composer install" of the vendors. There are several applications for this: @@ -446,7 +484,7 @@ There are several applications for this: 3. Projects with multiple developers can use this feature to bootstrap the initial application for development. -To create a new project using composer you can use the "create-project" command. +To create a new project using Composer you can use the "create-project" command. Pass it a package name, and the directory to create the project in. You can also provide a version as third argument, otherwise the latest version is used. @@ -479,14 +517,11 @@ By default the command checks for the packages on packagist.org. * **--keep-vcs:** Skip the deletion of the VCS metadata for the created project. This is mostly useful if you run the command in non-interactive mode. -<<<<<<< HEAD * **--disable-tls:** Display SSL/TLS peer verification. * **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification. -======= * **--ignore-platform-reqs:** ignore `php`, `hhvm`, `lib-*` and `ext-*` requirements and force the installation even if the local machine does not fulfill these. ->>>>>>> master ## dump-autoload @@ -506,6 +541,8 @@ performance. * **--optimize (-o):** Convert PSR-0/4 autoloading to classmap to get a faster autoloader. This is recommended especially for production, but can take a bit of time to run so it is currently not done by default. +* **--classmap-authoritative (-a):** Autoload classes from the classmap only. + Implicitly enables `--optimize`. * **--no-dev:** Disables autoload-dev rules. ## clear-cache @@ -524,8 +561,13 @@ Lists the name, version and license of every package installed. Use ## run-script +### Options + +* **--no-dev:** Disable dev mode +* **--list:** List user defined scripts + To run [scripts](articles/scripts.md) manually you can use this command, -just give it the script name and optionally --no-dev to disable the dev mode. +just give it the script name and optionally any required arguments. ## diagnose @@ -566,6 +608,11 @@ To get more information about a certain command, just use `help`. php composer.phar help install ``` +## Command-line completion + +Command-line completion can be enabled by following instructions +[on this page](https://github.com/bamarni/symfony-console-autocomplete). + ## Environment variables You can set a number of environment variables that override certain settings. @@ -584,6 +631,8 @@ For example: COMPOSER=composer-other.json php composer.phar install ``` +The generated lock file will use the same name: `composer-other.lock` in this example. + ### COMPOSER_ROOT_VERSION By setting this var you can specify the version of the root package, if it can @@ -591,7 +640,7 @@ not be guessed from VCS info and is not present in `composer.json`. ### COMPOSER_VENDOR_DIR -By setting this var you can make composer install the dependencies into a +By setting this var you can make Composer install the dependencies into a directory other than `vendor`. ### COMPOSER_BIN_DIR @@ -601,7 +650,7 @@ directory to something other than `vendor/bin`. ### http_proxy or HTTP_PROXY -If you are using composer from behind an HTTP proxy, you can use the standard +If you are using Composer from behind an HTTP proxy, you can use the standard `http_proxy` or `HTTP_PROXY` env vars. Simply set it to the URL of your proxy. Many operating systems already set this variable for you. @@ -623,18 +672,18 @@ can also set it to `*` to ignore the proxy for all HTTP requests. ### HTTP_PROXY_REQUEST_FULLURI If you use a proxy but it does not support the request_fulluri flag, then you -should set this env var to `false` or `0` to prevent composer from setting the +should set this env var to `false` or `0` to prevent Composer from setting the request_fulluri option. ### HTTPS_PROXY_REQUEST_FULLURI If you use a proxy but it does not support the request_fulluri flag for HTTPS -requests, then you should set this env var to `false` or `0` to prevent composer +requests, then you should set this env var to `false` or `0` to prevent Composer from setting the request_fulluri option. ### COMPOSER_HOME -The `COMPOSER_HOME` var allows you to change the composer home directory. This +The `COMPOSER_HOME` var allows you to change the Composer home directory. This is a hidden, global (per-user on the machine) directory that is shared between all projects. @@ -648,23 +697,23 @@ You may put a `config.json` file into the location which `COMPOSER_HOME` points to. Composer will merge this configuration with your project's `composer.json` when you run the `install` and `update` commands. -This file allows you to set [configuration](04-schema.md#config) and -[repositories](05-repositories.md) for the user's projects. +This file allows you to set [repositories](05-repositories.md) and +[configuration](06-config.md) for the user's projects. In case global configuration matches _local_ configuration, the _local_ configuration in the project's `composer.json` always wins. ### COMPOSER_CACHE_DIR -The `COMPOSER_CACHE_DIR` var allows you to change the composer cache directory, -which is also configurable via the [`cache-dir`](04-schema.md#config) option. +The `COMPOSER_CACHE_DIR` var allows you to change the Composer cache directory, +which is also configurable via the [`cache-dir`](06-config.md#cache-dir) option. By default it points to $COMPOSER_HOME/cache on \*nix and OSX, and `C:\Users\\AppData\Local\Composer` (or `%LOCALAPPDATA%/Composer`) on Windows. ### COMPOSER_PROCESS_TIMEOUT -This env var controls the time composer waits for commands (such as git +This env var controls the time Composer waits for commands (such as git commands) to finish executing. The default value is 300 seconds (5 minutes). ### COMPOSER_CAFILE @@ -674,11 +723,15 @@ file to be used during SSL/TLS peer verification. ### COMPOSER_DISCARD_CHANGES -This env var controls the discard-changes [config option](04-schema.md#config). +This env var controls the [`discard-changes`](06-config.md#discard-changes) config option. ### COMPOSER_NO_INTERACTION -If set to 1, this env var will make composer behave as if you passed the +If set to 1, this env var will make Composer behave as if you passed the `--no-interaction` flag to every command. This can be set on build boxes/CI. +### COMPOSER_DISABLE_XDEBUG_WARN + +If set to 1, this env disables the warning about having xdebug enabled. + ← [Libraries](02-libraries.md) | [Schema](04-schema.md) → diff --git a/doc/04-schema.md b/doc/04-schema.md index e422d5c38..023e7b8bf 100644 --- a/doc/04-schema.md +++ b/doc/04-schema.md @@ -20,9 +20,6 @@ this is the `config` field. Only the root package can define configuration. The config of dependencies is ignored. This makes the `config` field `root-only`. -If you clone one of those dependencies to work on it, then that package is the -root package. The `composer.json` is identical, but the context is different. - > **Note:** A package can be the root package or not, depending on the context. > For example, if your project depends on the `monolog` library, your project > is the root package. However, if you clone `monolog` from GitHub in order to @@ -87,7 +84,7 @@ that needs some special logic, you can define a custom type. This could be a all be specific to certain projects, and they will need to provide an installer capable of installing packages of that type. -Out of the box, composer supports four types: +Out of the box, Composer supports four types: - **library:** This is the default. It will simply copy the files to `vendor`. - **project:** This denotes a project rather than a library. For example @@ -157,7 +154,7 @@ The recommended notation for the most common licenses is (alphabetical): - MIT Optional, but it is highly recommended to supply this. More identifiers are -listed at the [SPDX Open Source License Registry](http://www.spdx.org/licenses/). +listed at the [SPDX Open Source License Registry](https://www.spdx.org/licenses/). For closed-source software, you may use `"proprietary"` as the license identifier. @@ -235,11 +232,12 @@ Various information to get support about the project. Support information includes the following: * **email:** Email address for support. -* **issues:** URL to the Issue Tracker. -* **forum:** URL to the Forum. -* **wiki:** URL to the Wiki. +* **issues:** URL to the issue tracker. +* **forum:** URL to the forum. +* **wiki:** URL to the wiki. * **irc:** IRC channel for support, as irc://server/channel. * **source:** URL to browse or download the sources. +* **docs:** URL to the documentation. An example: @@ -271,7 +269,7 @@ Example: All links are optional fields. -`require` and `require-dev` additionally support stability flags (root-only). +`require` and `require-dev` additionally support stability flags ([root-only](04-schema.md#root-package)). These allow you to further restrict or expand the stability of a package beyond the scope of the [minimum-stability](#minimum-stability) setting. You can apply them to a constraint, or just apply them to an empty constraint if you want to @@ -329,12 +327,26 @@ It is also possible to inline-alias a package constraint so that it matches a constraint that it otherwise would not. For more information [see the aliases article](articles/aliases.md). +`require` and `require-dev` also support references to specific PHP versions +and PHP extensions your project needs to run successfully. + +Example: + +```json +{ + "require" : { + "php" : "^5.5 || ^7.0", + "ext-mbstring": "*" + } +} +``` + #### require Lists packages required by this package. The package will not be installed unless those requirements can be met. -#### require-dev (root-only) +#### require-dev ([root-only](04-schema.md#root-package)) Lists packages required for developing this package, or running tests, etc. The dev requirements of the root package are installed by default. @@ -554,7 +566,27 @@ Example: } ``` -### autoload-dev (root-only) +#### Exclude files from classmaps + +If you want to exclude some files or folders from the classmap you can use the 'exclude-from-classmap' property. +This might be useful to exclude test classes in your live environment, for example, as those will be skipped +from the classmap even when building an optimized autoloader. + +The classmap generator will ignore all files in the paths configured here. The paths are absolute from the package +root directory (i.e. composer.json location), and support `*` to match anything but a slash, and `**` to +match anything. `**` is implicitly added to the end of the paths. + +Example: + +```json +{ + "autoload": { + "exclude-from-classmap": ["/Tests/", "/test/", "/tests/"] + } +} +``` + +### autoload-dev ([root-only](04-schema.md#root-package)) This section allows to define autoload rules for development purposes. @@ -627,7 +659,7 @@ To do that, `autoload` and `target-dir` are defined as follows: Optional. -### minimum-stability (root-only) +### minimum-stability ([root-only](04-schema.md#root-package)) This defines the default behavior for filtering packages by stability. This defaults to `stable`, so if you rely on a `dev` package, you should specify @@ -642,7 +674,7 @@ a given package can be done in `require` or `require-dev` (see Available options (in order of stability) are `dev`, `alpha`, `beta`, `RC`, and `stable`. -### prefer-stable (root-only) +### prefer-stable ([root-only](04-schema.md#root-package)) When this is enabled, Composer will prefer more stable packages over unstable ones when finding compatible stable packages is possible. If you require a @@ -651,11 +683,11 @@ selected granted that the minimum-stability allows for it. Use `"prefer-stable": true` to enable. -### repositories (root-only) +### repositories ([root-only](04-schema.md#root-package)) Custom package repositories to use. -By default composer just uses the packagist repository. By specifying +By default Composer just uses the packagist repository. By specifying repositories you can get packages from elsewhere. Repositories are not resolved recursively. You can only add them to your main @@ -664,14 +696,14 @@ ignored. The following repository types are supported: -* **composer:** A composer repository is simply a `packages.json` file served +* **composer:** A Composer repository is simply a `packages.json` file served via the network (HTTP, FTP, SSH), that contains a list of `composer.json` objects with additional `dist` and/or `source` information. The `packages.json` file is loaded using a PHP stream. You can set extra options on that stream using the `options` parameter. * **vcs:** The version control system repository can fetch packages from git, svn and hg repositories. -* **pear:** With this you can import any pear repository into your composer +* **pear:** With this you can import any pear repository into your Composer project. * **package:** If you depend on a project that does not have any support for composer whatsoever you can define the package inline using a `package` @@ -703,7 +735,7 @@ Example: }, { "type": "pear", - "url": "http://pear2.php.net" + "url": "https://pear2.php.net" }, { "type": "package", @@ -715,7 +747,7 @@ Example: "type": "zip" }, "source": { - "url": "http://smarty-php.googlecode.com/svn/", + "url": "https://smarty-php.googlecode.com/svn/", "type": "svn", "reference": "tags/Smarty_3_1_7/distribution/" } @@ -730,99 +762,12 @@ will look from the first to the last repository, and pick the first match. By default Packagist is added last which means that custom repositories can override packages from it. -### config (root-only) - -A set of configuration options. It is only used for projects. +### config ([root-only](04-schema.md#root-package)) -The following options are supported: - -* **process-timeout:** Defaults to `300`. The duration processes like git clones - can run before Composer assumes they died out. You may need to make this - higher if you have a slow connection or huge vendors. -* **use-include-path:** Defaults to `false`. If true, the Composer autoloader - will also look for classes in the PHP include path. -* **preferred-install:** Defaults to `auto` and can be any of `source`, `dist` or - `auto`. This option allows you to set the install method Composer will prefer to - use. -* **store-auths:** What to do after prompting for authentication, one of: - `true` (always store), `false` (do not store) and `"prompt"` (ask every - time), defaults to `"prompt"`. -* **github-protocols:** Defaults to `["git", "https", "ssh"]`. A list of protocols to - use when cloning from github.com, in priority order. You can reconfigure it to - for example prioritize the https protocol if you are behind a proxy or have somehow - bad performances with the git protocol. -* **github-oauth:** A list of domain names and oauth keys. For example using - `{"github.com": "oauthtoken"}` as the value of this option will use `oauthtoken` - to access private repositories on github and to circumvent the low IP-based - rate limiting of their API. - [Read more](articles/troubleshooting.md#api-rate-limit-and-oauth-tokens) - on how to get an OAuth token for GitHub. -* **http-basic:** A list of domain names and username/passwords to authenticate - against them. For example using - `{"example.org": {"username": "alice", "password": "foo"}` as the value of this - option will let composer authenticate against example.org. -* **vendor-dir:** Defaults to `vendor`. You can install dependencies into a - different directory if you want to. `$HOME` and `~` will be replaced by your - home directory's path in vendor-dir and all `*-dir` options below. -* **bin-dir:** Defaults to `vendor/bin`. If a project includes binaries, they - will be symlinked into this directory. -* **cache-dir:** Defaults to `$COMPOSER_HOME/cache` on unix systems and - `C:\Users\\AppData\Local\Composer` on Windows. Stores all the caches - used by composer. See also [COMPOSER_HOME](03-cli.md#composer-home). -* **cache-files-dir:** Defaults to `$cache-dir/files`. Stores the zip archives - of packages. -* **cache-repo-dir:** Defaults to `$cache-dir/repo`. Stores repository metadata - for the `composer` type and the VCS repos of type `svn`, `github` and `bitbucket`. -* **cache-vcs-dir:** Defaults to `$cache-dir/vcs`. Stores VCS clones for - loading VCS repository metadata for the `git`/`hg` types and to speed up installs. -* **cache-files-ttl:** Defaults to `15552000` (6 months). Composer caches all - dist (zip, tar, ..) packages that it downloads. Those are purged after six - months of being unused by default. This option allows you to tweak this - duration (in seconds) or disable it completely by setting it to 0. -* **cache-files-maxsize:** Defaults to `300MiB`. Composer caches all - dist (zip, tar, ..) packages that it downloads. When the garbage collection - is periodically ran, this is the maximum size the cache will be able to use. - Older (less used) files will be removed first until the cache fits. -* **prepend-autoloader:** Defaults to `true`. If false, the composer autoloader - will not be prepended to existing autoloaders. This is sometimes required to fix - interoperability issues with other autoloaders. -* **autoloader-suffix:** Defaults to `null`. String to be used as a suffix for - the generated Composer autoloader. When null a random one will be generated. -* **optimize-autoloader** Defaults to `false`. Always optimize when dumping - the autoloader. -* **classmap-authoritative:** Defaults to `false`. If true, the composer - autoloader will not scan the filesystem for classes that are not found in - the class map. Implies 'optimize-autoloader'. -* **github-domains:** Defaults to `["github.com"]`. A list of domains to use in - github mode. This is used for GitHub Enterprise setups. -* **github-expose-hostname:** Defaults to `true`. If set to false, the OAuth - tokens created to access the github API will have a date instead of the - machine hostname. -* **notify-on-install:** Defaults to `true`. Composer allows repositories to - define a notification URL, so that they get notified whenever a package from - that repository is installed. This option allows you to disable that behaviour. -* **discard-changes:** Defaults to `false` and can be any of `true`, `false` or - `"stash"`. This option allows you to set the default style of handling dirty - updates when in non-interactive mode. `true` will always discard changes in - vendors, while `"stash"` will try to stash and reapply. Use this for CI - servers or deploy scripts if you tend to have modified vendors. +A set of configuration options. It is only used for projects. See +[Config](06-config.md) for a description of each individual option. -Example: - -```json -{ - "config": { - "bin-dir": "bin" - } -} -``` - -> **Note:** Authentication-related config options like `http-basic` and -> `github-oauth` can also be specified inside a `auth.json` file that goes -> besides your `composer.json`. That way you can gitignore it and every -> developer can place their own credentials in there. - -### scripts (root-only) +### scripts ([root-only](04-schema.md#root-package)) Composer allows you to hook into various parts of the installation process through the use of scripts. @@ -878,4 +823,39 @@ The example will include `/dir/foo/bar/file`, `/foo/bar/baz`, `/file.php`, Optional. +### non-feature-branches + +A list of regex patterns of branch names that are non-numeric (e.g. "latest" or something), +that will NOT be handled as feature branches. This is an array of strings. + +If you have non-numeric branch names, for example like "latest", "current", "latest-stable" +or something, that do not look like a version number, then Composer handles such branches +as feature branches. This means it searches for parent branches, that look like a version +or ends at special branches (like master) and the root package version number becomes the +version of the parent branch or at least master or something. + +To handle non-numeric named branches as versions instead of searching for a parent branch +with a valid version or special branch name like master, you can set patterns for branch +names, that should be handled as dev version branches. + +This is really helpful when you have dependencies using "self.version", so that not dev-master, +but the same branch is installed (in the example: latest-testing). + +An example: + +If you have a testing branch, that is heavily maintained during a testing phase and is +deployed to your staging environment, normally "composer show -s" will give you `versions : * dev-master`. + +If you configure `latest-.*` as a pattern for non-feature-branches like this: + +```json +{ + "non-feature-branches": ["latest-.*"] +} +``` + +Then "composer show -s" will give you `versions : * dev-latest-testing`. + +Optional. + ← [Command-line interface](03-cli.md) | [Repositories](05-repositories.md) → diff --git a/doc/05-repositories.md b/doc/05-repositories.md index 80d15c561..7541f2a22 100644 --- a/doc/05-repositories.md +++ b/doc/05-repositories.md @@ -6,7 +6,7 @@ of repositories are available, and how they work. ## Concepts Before we look at the different types of repositories that exist, we need to -understand some of the basic concepts that composer is built on. +understand some of the basic concepts that Composer is built on. ### Package @@ -16,8 +16,8 @@ code, but in theory it could be anything. And it contains a package description which has a name and a version. The name and the version are used to identify the package. -In fact, internally composer sees every version as a separate package. While -this distinction does not matter when you are using composer, it's quite +In fact, internally Composer sees every version as a separate package. While +this distinction does not matter when you are using Composer, it's quite important when you want to change it. In addition to the name and the version, there is useful metadata. The information @@ -103,7 +103,7 @@ It may include any of the other fields specified in the [schema](04-schema.md). #### notify-batch -The `notify-batch` field allows you to specify an URL that will be called +The `notify-batch` field allows you to specify a URL that will be called every time a user installs a package. The URL can be either an absolute path (that will use the same domain as the repository) or a fully qualified URL. @@ -216,7 +216,7 @@ repository. The `packages.json` file is loaded using a PHP stream. You can set extra options on that stream using the `options` parameter. You can set any valid PHP stream -context option. See [Context options and parameters](http://php.net/manual/en/context.php) +context option. See [Context options and parameters](https://php.net/manual/en/context.php) for more information. ### VCS @@ -234,7 +234,7 @@ project to use the patched version. If the library is on GitHub (this is the case most of the time), you can simply fork it there and push your changes to your fork. After that you update the project's `composer.json`. All you have to do is add your fork as a repository and update the version constraint to -point to your custom branch. For version constraint naming conventions see +point to your custom branch. Your custom branch name must be prefixed with `"dev-"`. For version constraint naming conventions see [Libraries](02-libraries.md) for more information. Example assuming you patched monolog to fix a bug in the `bugfix` branch: @@ -263,6 +263,10 @@ custom repository has priority over packagist. If you want to rename the package, you should do so in the default (often master) branch and not in a feature branch, since the package name is taken from the default branch. +Also note that the override will not work if you change the `name` property +in your forked repository's composer.json file as this needs to match the +original for the override to work. + If other dependencies rely on the package you forked, it is possible to inline-alias it so that it matches a constraint that it otherwise would not. For more information [see the aliases article](articles/aliases.md). @@ -293,8 +297,8 @@ The only requirement is the installation of SSH keys for a git client. Git is not the only version control system supported by the VCS repository. The following are supported: -* **Git:** [git-scm.com](http://git-scm.com) -* **Subversion:** [subversion.apache.org](http://subversion.apache.org) +* **Git:** [git-scm.com](https://git-scm.com) +* **Subversion:** [subversion.apache.org](https://subversion.apache.org) * **Mercurial:** [mercurial.selenic.com](http://mercurial.selenic.com) To get packages from these systems you need to have their respective clients @@ -312,7 +316,7 @@ should you need to specify one for whatever reason, you can use `git`, `svn` or If you set the `no-api` key to `true` on a github repository it will clone the repository as it would with any other git repository instead of using the -GitHub API. But unlike using the `git` driver directly, composer will still +GitHub API. But unlike using the `git` driver directly, Composer will still attempt to use github's zip files. #### Subversion Options @@ -341,7 +345,7 @@ If you have no branches or tags directory you can disable them entirely by setting the `branches-path` or `tags-path` to `false`. If the package is in a sub-directory, e.g. `/trunk/foo/bar/composer.json` and -`/tags/1.0/foo/bar/composer.json`, then you can make composer access it by +`/tags/1.0/foo/bar/composer.json`, then you can make Composer access it by setting the `"package-path"` option to the sub-directory, in this example it would be `"package-path": "foo/bar/"`. @@ -389,7 +393,7 @@ Example using `pear2.php.net`: "repositories": [ { "type": "pear", - "url": "http://pear2.php.net" + "url": "https://pear2.php.net" } ], "require": { @@ -462,7 +466,7 @@ and `IntermediatePackage` from a Github repository: ### Package -If you want to use a project that does not support composer through any of the +If you want to use a project that does not support Composer through any of the means above, you still can define the package yourself by using a `package` repository. @@ -517,7 +521,7 @@ Typically you would leave the source part off, as you don't really need it. While you will probably want to put your packages on packagist most of the time, there are some use cases for hosting your own repository. -* **Private company packages:** If you are part of a company that uses composer +* **Private company packages:** If you are part of a company that uses Composer for their packages internally, you might want to keep those packages private. * **Separate ecosystem:** If you have a project which has its own ecosystem, @@ -533,19 +537,22 @@ There are a few tools that can help you create a `composer` repository. ### Packagist The underlying application used by packagist is open source. This means that you -can just install your own copy of packagist, re-brand, and use it. It's really -quite straight-forward to do. However due to its size and complexity, for most -small and medium sized companies willing to track a few packages will be better -off using Satis. +can technically install your own copy of packagist. However it is not a +supported use case and changes will happen without caring for third parties +using the code. Packagist is a Symfony2 application, and it is [available on -GitHub](https://github.com/composer/packagist). It uses composer internally and -acts as a proxy between VCS repositories and the composer users. It holds a list -of all VCS packages, periodically re-crawls them, and exposes them as a composer +GitHub](https://github.com/composer/packagist). It uses Composer internally and +acts as a proxy between VCS repositories and the Composer users. It holds a list +of all VCS packages, periodically re-crawls them, and exposes them as a Composer repository. -To set your own copy, simply follow the instructions from the [packagist -github repository](https://github.com/composer/packagist). +### Toran Proxy + +[Toran Proxy](https://toranproxy.com/) is a web app much like Packagist but +providing private package hosting as well as mirroring/proxying of GitHub and +packagist.org. Check its homepage and the [Satis/Toran Proxy article](articles/handling-private-packages-with-satis.md) +for more information. ### Satis @@ -599,6 +606,49 @@ imported. When an archive with a newer version is added in the artifact folder and you run `update`, that version will be imported as well and Composer will update to the latest version. +### Path + +In addition to the artifact repository, you can use the path one, which allows +you to depend on a relative directory. This can be especially useful when dealing +with monolith repositories. + +For instance, if you have the following directory structure in your repository: +``` +- apps +\_ my-app + \_ composer.json +- packages +\_ my-package + \_ composer.json +``` + +Then, to add the package `my/package` as a dependency, in your `apps/my-app/composer.json` +file, you can use the following configuration: + +```json +{ + "repositories": [ + { + "type": "path", + "url": "../../packages/my-package" + } + ], + "require": { + "my/package": "*" + } +} +``` + +The local package will be symlinked if possible, in which case the output in +the console will read `Symlinked from ../../packages/my-package`. If symlinking +is _not_ possible the package will be copied. In that case, the console will +output `Mirrored from ../../packages/my-package`. + +Instead of using a relative path, an absolute path can also be used. + +> **Note:** Repository paths can also contain wildcards like ``*`` and ``?``. +> For details, see the [PHP glob function](http://php.net/glob). + ## Disabling Packagist You can disable the default Packagist repository by adding this to your @@ -614,4 +664,4 @@ You can disable the default Packagist repository by adding this to your } ``` -← [Schema](04-schema.md) | [Community](06-community.md) → +← [Schema](04-schema.md) | [Config](06-config.md) → diff --git a/doc/06-config.md b/doc/06-config.md new file mode 100644 index 000000000..ec1203d05 --- /dev/null +++ b/doc/06-config.md @@ -0,0 +1,189 @@ +# Config + +This chapter will describe the `config` section of the `composer.json` +[schema](04-schema.md). + +## process-timeout + +Defaults to `300`. The duration processes like git clones can run before +Composer assumes they died out. You may need to make this higher if you have a +slow connection or huge vendors. + +## use-include-path + +Defaults to `false`. If `true`, the Composer autoloader will also look for classes +in the PHP include path. + +## preferred-install + +Defaults to `auto` and can be any of `source`, `dist` or `auto`. This option +allows you to set the install method Composer will prefer to use. + +## store-auths + +What to do after prompting for authentication, one of: `true` (always store), +`false` (do not store) and `"prompt"` (ask every time), defaults to `"prompt"`. + +## github-protocols + +Defaults to `["git", "https", "ssh"]`. A list of protocols to use when cloning +from github.com, in priority order. You can reconfigure it to for example +prioritize the https protocol if you are behind a proxy or have somehow bad +performances with the git protocol. + +## github-oauth + +A list of domain names and oauth keys. For example using `{"github.com": +"oauthtoken"}` as the value of this option will use `oauthtoken` to access +private repositories on github and to circumvent the low IP-based rate limiting +of their API. [Read +more](articles/troubleshooting.md#api-rate-limit-and-oauth-tokens) on how to get +an OAuth token for GitHub. + +## http-basic + +A list of domain names and username/passwords to authenticate against them. For +example using `{"example.org": {"username": "alice", "password": "foo"}` as the +value of this option will let Composer authenticate against example.org. + +> **Note:** Authentication-related config options like `http-basic` and +> `github-oauth` can also be specified inside a `auth.json` file that goes +> besides your `composer.json`. That way you can gitignore it and every +> developer can place their own credentials in there. + +## platform + +Lets you fake platform packages (PHP and extensions) so that you can emulate a +production env or define your target platform in the config. Example: `{"php": +"5.4", "ext-something": "4.0"}`. + +## vendor-dir + +Defaults to `vendor`. You can install dependencies into a different directory if +you want to. `$HOME` and `~` will be replaced by your home directory's path in +vendor-dir and all `*-dir` options below. + +## bin-dir + +Defaults to `vendor/bin`. If a project includes binaries, they will be symlinked +into this directory. + +## cache-dir + +Defaults to `$COMPOSER_HOME/cache` on unix systems and +`C:\Users\\AppData\Local\Composer` on Windows. Stores all the caches used +by Composer. See also [COMPOSER_HOME](03-cli.md#composer-home). + +## cache-files-dir + +Defaults to `$cache-dir/files`. Stores the zip archives of packages. + +## cache-repo-dir + +Defaults to `$cache-dir/repo`. Stores repository metadata for the `composer` +type and the VCS repos of type `svn`, `github` and `bitbucket`. + +## cache-vcs-dir + +Defaults to `$cache-dir/vcs`. Stores VCS clones for loading VCS repository +metadata for the `git`/`hg` types and to speed up installs. + +## cache-files-ttl + +Defaults to `15552000` (6 months). Composer caches all dist (zip, tar, ..) +packages that it downloads. Those are purged after six months of being unused by +default. This option allows you to tweak this duration (in seconds) or disable +it completely by setting it to 0. + +## cache-files-maxsize + +Defaults to `300MiB`. Composer caches all dist (zip, tar, ..) packages that it +downloads. When the garbage collection is periodically ran, this is the maximum +size the cache will be able to use. Older (less used) files will be removed +first until the cache fits. + +## bin-compat + +Defaults to `auto`. Determines the compatibility of the binaries to be installed. +If it is `auto` then Composer only installs .bat proxy files when on Windows. If +set to `full` then both .bat files for Windows and scripts for Unix-based +operating systems will be installed for each binary. This is mainly useful if you +run Composer inside a linux VM but still want the .bat proxies available for use +in the Windows host OS. + +## prepend-autoloader + +Defaults to `true`. If `false`, the Composer autoloader will not be prepended to +existing autoloaders. This is sometimes required to fix interoperability issues +with other autoloaders. + +## autoloader-suffix + +Defaults to `null`. String to be used as a suffix for the generated Composer +autoloader. When null a random one will be generated. + +## optimize-autoloader + +Defaults to `false`. If `true`, always optimize when dumping the autoloader. + +## sort-packages + +Defaults to `false`. If `true`, the `require` command keeps packages sorted +by name in `composer.json` when adding a new package. + +## classmap-authoritative + +Defaults to `false`. If `true`, the Composer autoloader will only load classes +from the classmap. Implies `optimize-autoloader`. + +## github-domains + +Defaults to `["github.com"]`. A list of domains to use in github mode. This is +used for GitHub Enterprise setups. + +## github-expose-hostname + +Defaults to `true`. If `false`, the OAuth tokens created to access the +github API will have a date instead of the machine hostname. + +## gitlab-domains + +Defaults to `["gitlab.com"]`. A list of domains of GitLab servers. +This is used if you use the `gitlab` repository type. + +## notify-on-install + +Defaults to `true`. Composer allows repositories to define a notification URL, +so that they get notified whenever a package from that repository is installed. +This option allows you to disable that behaviour. + +## discard-changes + +Defaults to `false` and can be any of `true`, `false` or `"stash"`. This option +allows you to set the default style of handling dirty updates when in +non-interactive mode. `true` will always discard changes in vendors, while +`"stash"` will try to stash and reapply. Use this for CI servers or deploy +scripts if you tend to have modified vendors. + +## archive-format + +Defaults to `tar`. Composer allows you to add a default archive format when the +workflow needs to create a dedicated archiving format. + +## archive-dir + +Defaults to `.`. Composer allows you to add a default archive directory when the +workflow needs to create a dedicated archiving format. Or for easier development +between modules. + +Example: + +```json +{ + "config": { + "archive-dir": "/home/user/.composer/repo" + } +} +``` + +← [Repositories](05-repositories.md) | [Community](07-community.md) → diff --git a/doc/06-community.md b/doc/07-community.md similarity index 54% rename from doc/06-community.md rename to doc/07-community.md index 10ef31b3b..d5bfc55dc 100644 --- a/doc/06-community.md +++ b/doc/07-community.md @@ -1,12 +1,14 @@ # Community -There are many people using composer already, and quite a few of them are +There are many people using Composer already, and quite a few of them are contributing. ## Contributing -If you would like to contribute to composer, please read the -[README](https://github.com/composer/composer). +If you would like to contribute to Composer, please read the +[README](https://github.com/composer/composer) and +[CONTRIBUTING](https://github.com//composer/composer/blob/master/CONTRIBUTING.md) +documents. The most important guidelines are described as follows: @@ -17,18 +19,17 @@ The most important guidelines are described as follows: > Fork the project, create a feature branch, and send us a pull request. > > To ensure a consistent code base, you should make sure the code follows -> the [Coding Standards](http://symfony.com/doc/2.0/contributing/code/standards.html) -> which we borrowed from Symfony. +> the [PSR-2 Coding Standards](http://www.php-fig.org/psr/psr-2/). ## IRC / mailing list -Mailing lists for [user support](http://groups.google.com/group/composer-users) and -[development](http://groups.google.com/group/composer-dev). +Mailing lists for [user support](https://groups.google.com/group/composer-users) and +[development](https://groups.google.com/group/composer-dev). IRC channels are on irc.freenode.org: [#composer](irc://irc.freenode.org/composer) for users and [#composer-dev](irc://irc.freenode.org/composer-dev) for development. Stack Overflow has a growing collection of -[Composer related questions](http://stackoverflow.com/questions/tagged/composer-php). +[Composer related questions](https://stackoverflow.com/questions/tagged/composer-php). -← [Repositories](05-repositories.md) +← [Config](06-config.md) diff --git a/doc/articles/aliases.md b/doc/articles/aliases.md index 79c573d3d..c340e7053 100644 --- a/doc/articles/aliases.md +++ b/doc/articles/aliases.md @@ -38,8 +38,8 @@ specifying a `branch-alias` field under `extra` in `composer.json`: } ``` -If you alias a non-comparible version (such as dev-develop) `dev-` must prefix the -branch name. You may also alias a comparible version (i.e. start with numbers, +If you alias a non-comparable version (such as dev-develop) `dev-` must prefix the +branch name. You may also alias a comparable version (i.e. start with numbers, and end with `.x-dev`), but only as a more specific version. For example, 1.x-dev could be aliased as 1.2.x-dev. diff --git a/doc/articles/custom-installers.md b/doc/articles/custom-installers.md index 98a9a2212..8b3536826 100644 --- a/doc/articles/custom-installers.md +++ b/doc/articles/custom-installers.md @@ -51,7 +51,7 @@ An example composer.json of such a template package would be: ## Creating an Installer A Custom Installer is defined as a class that implements the -[`Composer\Installer\InstallerInterface`][3] and is usually distributed in a +[`Composer\Installer\InstallerInterface`][4] and is usually distributed in a Composer Plugin. A basic Installer Plugin would thus compose of three files: @@ -159,7 +159,7 @@ class TemplateInstaller extends LibraryInstaller /** * {@inheritDoc} */ - public function getPackageBasePath(PackageInterface $package) + public function getInstallPath(PackageInterface $package) { $prefix = substr($package->getPrettyName(), 0, 23); if ('phpdocumentor/template-' !== $prefix) { diff --git a/doc/articles/handling-private-packages-with-satis.md b/doc/articles/handling-private-packages-with-satis.md index 0ee0adbca..0ce4123a3 100644 --- a/doc/articles/handling-private-packages-with-satis.md +++ b/doc/articles/handling-private-packages-with-satis.md @@ -6,16 +6,22 @@ # Toran Proxy -[Toran Proxy](https://toranproxy.com/) is a commercial alternative to Satis offering professional support as well as a web UI to manage everything and a better integration with Composer. +[Toran Proxy](https://toranproxy.com/) is a commercial alternative to Satis +offering professional support as well as a web UI to manage everything and a +better integration with Composer. It also provides proxying/mirroring for git +repos and package zip files which makes installs faster and independent from +third party systems. -Toran's revenue is also used to pay for Composer and Packagist development and hosting so using it is a good way to support open source financially. You can find more information about how to set it up and use it on the [Toran Proxy](https://toranproxy.com/) website. +Toran's revenue is also used to pay for Composer and Packagist development and +hosting so using it is a good way to support open source financially. You can +find more information about how to set it up and use it on the [Toran Proxy](https://toranproxy.com/) website. # Satis Satis on the other hand is open source but only a static `composer` repository generator. It is a bit like an ultra-lightweight, static file-based version of packagist and can be used to host the metadata of your company's -private packages, or your own. You can get it from [GitHub](http://github.com/composer/satis) +private packages, or your own. You can get it from [GitHub](https://github.com/composer/satis) or install via CLI: `php composer.phar create-project composer/satis --stability=dev --keep-vcs`. @@ -23,7 +29,7 @@ or install via CLI: For example let's assume you have a few packages you want to reuse across your company but don't really want to open-source. You would first define a Satis -configuration: a json file with an arbitrary name that lists your curated +configuration: a json file with an arbitrary name that lists your curated [repositories](../05-repositories.md). Here is an example configuration, you see that it holds a few VCS repositories, @@ -38,9 +44,9 @@ The default file Satis looks for is `satis.json` in the root of the repository. "name": "My Repository", "homepage": "http://packages.example.org", "repositories": [ - { "type": "vcs", "url": "http://github.com/mycompany/privaterepo" }, + { "type": "vcs", "url": "https://github.com/mycompany/privaterepo" }, { "type": "vcs", "url": "http://svn.example.org/private/repo" }, - { "type": "vcs", "url": "http://github.com/mycompany/privaterepo2" } + { "type": "vcs", "url": "https://github.com/mycompany/privaterepo2" } ], "require-all": true } @@ -54,9 +60,9 @@ constraint if you want really specific versions. ```json { "repositories": [ - { "type": "vcs", "url": "http://github.com/mycompany/privaterepo" }, + { "type": "vcs", "url": "https://github.com/mycompany/privaterepo" }, { "type": "vcs", "url": "http://svn.example.org/private/repo" }, - { "type": "vcs", "url": "http://github.com/mycompany/privaterepo2" } + { "type": "vcs", "url": "https://github.com/mycompany/privaterepo2" } ], "require": { "company/package": "*", @@ -66,8 +72,8 @@ constraint if you want really specific versions. } ``` -Once you did this, you just run `php bin/satis build `. -For example `php bin/satis build config.json web/` would read the `config.json` +Once you've done this, you just run `php bin/satis build `. +For example `php bin/satis build satis.json web/` would read the `satis.json` file and build a static repository inside the `web/` directory. When you ironed out that process, what you would typically do is run this @@ -84,6 +90,29 @@ Set up a virtual-host that points to that `web/` directory, let's say it is `packages.example.org`. Alternatively, with PHP >= 5.4.0, you can use the built-in CLI server `php -S localhost:port -t satis-output-dir/` for a temporary solution. +### Partial Updates + +You can tell Satis to selectively update only particular packages or process only +a repository with a given URL. This cuts down the time it takes to rebuild the +`package.json` file and is helpful if you use (custom) webhooks to trigger rebuilds +whenever code is pushed into one of your repositories. + +To rebuild only particular packages, pass the package names on the command line like +so: +``` +php bin/satis build satis.json web/ this/package that/other-package +``` + +Note that +this will still need to pull and scan all of your VCS repositories because any VCS +repository might contain (on any branch) one of the selected packages. + +If you want to scan only a single repository and update all packages found in it, +pass the VCS repository URL as an optional argument: +``` +php bin/satis build --repository-url https://only.my/repo.git satis.json web/ +``` + ## Usage In your projects all you need to add now is your own composer repository using @@ -129,7 +158,7 @@ Example using a custom repository using SSH (requires the SSH2 PECL extension): } ``` -> **Tip:** See [ssh2 context options](http://www.php.net/manual/en/wrappers.ssh2.php#refsect1-wrappers.ssh2-options) for more information. +> **Tip:** See [ssh2 context options](https://www.php.net/manual/en/wrappers.ssh2.php#refsect1-wrappers.ssh2-options) for more information. Example using HTTP over SSL using a client certificate: @@ -149,7 +178,45 @@ Example using HTTP over SSL using a client certificate: } ``` -> **Tip:** See [ssl context options](http://www.php.net/manual/en/context.ssl.php) for more information. +> **Tip:** See [ssl context options](https://www.php.net/manual/en/context.ssl.php) for more information. + +Example using a custom HTTP Header field for token authentication: + +```json +{ + "repositories": [ + { + "type": "composer", + "url": "https://example.org", + "options": { + "http": { + "header": [ + "API-TOKEN: YOUR-API-TOKEN" + ] + } + } + } + ] +} +``` + +### Authentication + +When your private repositories are password protected, you can store the authentication details permanently. +The first time Composer needs to authenticate against some domain it will prompt you for a username/password +and then you will be asked whether you want to store it. + +The storage can be done either globally in the `COMPOSER_HOME/auth.json` file (`COMPOSER_HOME` defaults to +`~/.composer` or `%APPDATA%/Composer` on Windows) or also in the project directory directly sitting besides your +composer.json. + +You can also configure these by hand using the config command if you need to configure a production machine +to be able to run non-interactive installs. For example to enter credentials for example.org one could type: + + composer config http-basic.example.org username password + +That will store it in the current directory's auth.json, but if you want it available globally you can use the +`--global` (`-g`) flag. ### Downloads @@ -176,10 +243,14 @@ following to your `satis.json`: #### Options explained - * `directory`: the location of the dist files (inside the `output-dir`) + * `directory`: required, the location of the dist files (inside the `output-dir`) * `format`: optional, `zip` (default) or `tar` * `prefix-url`: optional, location of the downloads, homepage (from `satis.json`) followed by `directory` by default * `skip-dev`: optional, `false` by default, when enabled (`true`) satis will not create downloads for branches + * `absolute-directory`: optional, a _local_ directory where the dist files are dumped instead of `output-dir`/`directory` + * `whitelist`: optional, if set as a list of package names, satis will only dump the dist files of these packages + * `blacklist`: optional, if set as a list of package names, satis will not dump the dist files of these packages + * `checksum`: optional, `true` by default, when disabled (`false`) satis will not provide the sha1 checksum for the dist files Once enabled, all downloads (include those from GitHub and BitBucket) will be replaced with a _local_ version. @@ -188,9 +259,31 @@ Once enabled, all downloads (include those from GitHub and BitBucket) will be re Prefixing the URL with another host is especially helpful if the downloads end up in a private Amazon S3 bucket or on a CDN host. A CDN would drastically improve download times and therefore package installation. -Example: A `prefix-url` of `http://my-bucket.s3.amazonaws.com` (and `directory` set to `dist`) creates download URLs -which look like the following: `http://my-bucket.s3.amazonaws.com/dist/vendor-package-version-ref.zip`. +Example: A `prefix-url` of `https://my-bucket.s3.amazonaws.com` (and `directory` set to `dist`) creates download URLs +which look like the following: `https://my-bucket.s3.amazonaws.com/dist/vendor-package-version-ref.zip`. + +### Web outputs + + * `output-html`: optional, `true` by default, when disabled (`false`) satis will not generate the `output-dir`/index.html page. + * `twig-template`: optional, a path to a personalized [Twig](http://twig.sensiolabs.org/) template for the `output-dir`/index.html page. + +### Abandoned packages +To enable your satis installation to indicate that some packages are abandoned, add the following to your `satis.json`: + +```json +{ + "abandoned": { + "company/package": true, + "company/package2": "company/newpackage" + } +} +``` + +The `true` value indicates that the package is truly abandoned while the `"company/newpackage"` value specifies that the package is replaced by +the `company/newpackage` package. + +Note that all packages set as abandoned in their own `composer.json` file will be marked abandoned as well. ### Resolving dependencies @@ -209,3 +302,11 @@ When searching for packages, satis will attempt to resolve all the required pack Therefore, if you are requiring a package from Packagist, you will need to define it in your `satis.json`. Dev dependencies are packaged only if the `require-dev-dependencies` parameter is set to true. + +### Other options + + * `output-dir`: optional, defines where to output the repository files + if not provided as an argument when calling the `build` command. + * `config`: optional, lets you define all config options from composer, except `archive-format` and `archive-dir` as the configuration is done through [archive](#downloads) instead. See + (http://getcomposer.org/doc/04-schema.md#config) + * `notify-batch`: optional, specify a URL that will be called every time a user installs a package. See (https://getcomposer.org/doc/05-repositories.md#notify-batch) diff --git a/doc/articles/http-basic-authentication.md b/doc/articles/http-basic-authentication.md index 1add2d7a6..7284e1c03 100644 --- a/doc/articles/http-basic-authentication.md +++ b/doc/articles/http-basic-authentication.md @@ -17,7 +17,7 @@ of credentials inline with the repository specification such as: "repositories": [ { "type": "composer", - "url": "http://extremely:secret@repo.example.org" + "url": "https://extremely:secret@repo.example.org" } ] } @@ -40,7 +40,7 @@ username/password pairs, for example: ```json { - "basic-auth": { + "http-basic": { "repo.example1.org": { "username": "my-username1", "password": "my-secret-password1" @@ -55,5 +55,5 @@ username/password pairs, for example: The main advantage of the auth.json file is that it can be gitignored so that every developer in your team can place their own credentials in there, -which makes revokation of credentials much easier than if you all share the +which makes revocation of credentials much easier than if you all share the same. diff --git a/doc/articles/plugins.md b/doc/articles/plugins.md index 65884fd18..edaa013f0 100644 --- a/doc/articles/plugins.md +++ b/doc/articles/plugins.md @@ -16,7 +16,7 @@ specific logic. ## Creating a Plugin -A plugin is a regular composer package which ships its code as part of the +A plugin is a regular Composer package which ships its code as part of the package and may also depend on further packages. ### Plugin Package @@ -24,23 +24,30 @@ package and may also depend on further packages. The package file is the same as any other package file but with the following requirements: -1. the [type][1] attribute must be `composer-plugin`. -2. the [extra][2] attribute must contain an element `class` defining the +1. The [type][1] attribute must be `composer-plugin`. +2. The [extra][2] attribute must contain an element `class` defining the class name of the plugin (including namespace). If a package contains - multiple plugins this can be array of class names. + multiple plugins, this can be array of class names. +3. You must require the special package called `composer-plugin-api` + to define which Plugin API versions your plugin is compatible with. -Additionally you must require the special package called `composer-plugin-api` -to define which composer API versions your plugin is compatible with. The -current composer plugin API version is 1.0.0. +The required version of the `composer-plugin-api` follows the same [rules][7] +as a normal package's. -For example +The current composer plugin API version is 1.0.0. + +An example of a valid plugin `composer.json` file (with the autoloading +part omitted): ```json { "name": "my/plugin-package", "type": "composer-plugin", "require": { - "composer-plugin-api": "1.0.0" + "composer-plugin-api": "^1.0" + }, + "extra": { + "class": "My\\Plugin" } } ``` @@ -82,15 +89,7 @@ Furthermore plugins may implement the event handlers automatically registered with the `EventDispatcher` when the plugin is loaded. -The events available for plugins are: - -* **COMMAND**, is called at the beginning of all commands that load plugins. - It provides you with access to the input and output objects of the program. -* **PRE_FILE_DOWNLOAD**, is triggered before files are downloaded and allows - you to manipulate the `RemoteFilesystem` object prior to downloading files - based on the URL to be downloaded. - -> A plugin can also subscribe to [script events][7]. +Plugin can subscribe to any of the available [script events](scripts.md#event-names). Example: @@ -148,7 +147,7 @@ list of installed packages. Additionally all plugin packages installed in the local project plugins are loaded. > You may pass the `--no-plugins` option to composer commands to disable all -> installed commands. This may be particularly helpful if any of the plugins +> installed plugins. This may be particularly helpful if any of the plugins > causes errors and you wish to update or uninstall it. [1]: ../04-schema.md#type @@ -157,4 +156,4 @@ local project plugins are loaded. [4]: https://github.com/composer/composer/blob/master/src/Composer/Composer.php [5]: https://github.com/composer/composer/blob/master/src/Composer/IO/IOInterface.php [6]: https://github.com/composer/composer/blob/master/src/Composer/EventDispatcher/EventSubscriberInterface.php -[7]: ./scripts.md#event-names +[7]: ../01-basic-usage.md#package-versions diff --git a/doc/articles/scripts.md b/doc/articles/scripts.md index 3e6ef54cf..fcb2f7b4c 100644 --- a/doc/articles/scripts.md +++ b/doc/articles/scripts.md @@ -20,30 +20,46 @@ the Composer execution process. Composer fires the following named events during its execution process: +### Command Events + - **pre-install-cmd**: occurs before the `install` command is executed. -- **post-install-cmd**: occurs after the `install` command is executed. +- **post-install-cmd**: occurs after the `install` command has been executed. - **pre-update-cmd**: occurs before the `update` command is executed. -- **post-update-cmd**: occurs after the `update` command is executed. +- **post-update-cmd**: occurs after the `update` command has been executed. - **pre-status-cmd**: occurs before the `status` command is executed. -- **post-status-cmd**: occurs after the `status` command is executed. -- **pre-dependencies-solving**: occurs before the dependencies are resolved. -- **post-dependencies-solving**: occurs after the dependencies are resolved. -- **pre-package-install**: occurs before a package is installed. -- **post-package-install**: occurs after a package is installed. -- **pre-package-update**: occurs before a package is updated. -- **post-package-update**: occurs after a package is updated. -- **pre-package-uninstall**: occurs before a package has been uninstalled. -- **post-package-uninstall**: occurs after a package has been uninstalled. +- **post-status-cmd**: occurs after the `status` command has been executed. +- **pre-archive-cmd**: occurs before the `archive` command is executed. +- **post-archive-cmd**: occurs after the `archive` command has been executed. - **pre-autoload-dump**: occurs before the autoloader is dumped, either during `install`/`update`, or via the `dump-autoload` command. -- **post-autoload-dump**: occurs after the autoloader is dumped, either +- **post-autoload-dump**: occurs after the autoloader has been dumped, either during `install`/`update`, or via the `dump-autoload` command. - **post-root-package-install**: occurs after the root package has been installed, during the `create-project` command. -- **post-create-project-cmd**: occurs after the `create-project` command is - executed. -- **pre-archive-cmd**: occurs before the `archive` command is executed. -- **post-archive-cmd**: occurs after the `archive` command is executed. +- **post-create-project-cmd**: occurs after the `create-project` command has + been executed. + +### Installer Events + +- **pre-dependencies-solving**: occurs before the dependencies are resolved. +- **post-dependencies-solving**: occurs after the dependencies have been resolved. + +### Package Events + +- **pre-package-install**: occurs before a package is installed. +- **post-package-install**: occurs after a package has been installed. +- **pre-package-update**: occurs before a package is updated. +- **post-package-update**: occurs after a package has been updated. +- **pre-package-uninstall**: occurs before a package is uninstalled. +- **post-package-uninstall**: occurs after a package has been uninstalled. + +### Plugin Events + +- **command**: occurs before any Composer Command is executed on the CLI. It + provides you with access to the input and output objects of the program. +- **pre-file-download**: occurs before files are downloaded and allows + you to manipulate the `RemoteFilesystem` object prior to downloading files + based on the URL to be downloaded. > **Note:** Composer makes no assumptions about the state of your dependencies > prior to `install` or `update`. Therefore, you should not specify scripts @@ -66,6 +82,10 @@ For any given event: and command-line executable commands. - PHP classes containing defined callbacks must be autoloadable via Composer's autoload functionality. +- Callbacks can only autoload classes from psr-0, psr-4 and classmap +definitions. If a defined callback relies on functions defined outside of a +class, the callback itself is responsible for loading the file containing these +functions. Script definition example: @@ -80,7 +100,10 @@ Script definition example: "MyVendor\\MyClass::warmCache", "phpunit -c app/" ], - "post-create-project-cmd" : [ + "post-autoload-dump": [ + "MyVendor\\MyClass::postAutoloadDump" + ], + "post-create-project-cmd": [ "php -r \"copy('config/local-example.php', 'config/local.php');\"" ] } @@ -96,6 +119,7 @@ that might be used to execute the PHP callbacks: namespace MyVendor; use Composer\Script\Event; +use Composer\Installer\PackageEvent; class MyClass { @@ -105,7 +129,15 @@ class MyClass // do stuff } - public static function postPackageInstall(Event $event) + public static function postAutoloadDump(Event $event) + { + $vendorDir = $event->getComposer()->getConfig()->get('vendor-dir'); + require $vendorDir . '/autoload.php'; + + some_function_from_an_autoloaded_file(); + } + + public static function postPackageInstall(PackageEvent $event) { $installedPackage = $event->getOperation()->getPackage(); // do stuff @@ -118,14 +150,21 @@ class MyClass } ``` -When an event is fired, Composer's internal event handler receives a -`Composer\Script\Event` object, which is passed as the first argument to your -PHP callback. This `Event` object has getters for other contextual objects: +When an event is fired, your PHP callback receives as first argument an +`Composer\EventDispatcher\Event` object. This object has a `getName()` method +that lets you retrieve event name. + +Depending on the script types (see list above) you will get various event +subclasses containing various getters with relevant data and associated +objects: -- `getComposer()`: returns the current instance of `Composer\Composer` -- `getName()`: returns the name of the event being fired as a string -- `getIO()`: returns the current input/output stream which implements -`Composer\IO\IOInterface` for writing to the console +- Base class: [`Composer\EventDispatcher\Event`](https://getcomposer.org/apidoc/master/Composer/EventDispatcher/Event.html) +- Command Events: [`Composer\Script\Event`](https://getcomposer.org/apidoc/master/Composer/Script/Event.html) +- Installer Events: [`Composer\Installer\InstallerEvent`](https://getcomposer.org/apidoc/master/Composer/Installer/InstallerEvent.html) +- Package Events: [`Composer\Installer\PackageEvent`](https://getcomposer.org/apidoc/master/Composer/Installer/PackageEvent.html) +- Plugin Events: + - command: [`Composer\Plugin\CommandEvent`](https://getcomposer.org/apidoc/master/Composer/Plugin/CommandEvent.html) + - pre-file-download: [`Composer\Plugin\PreFileDownloadEvent`](https://getcomposer.org/apidoc/master/Composer/Plugin/PreFileDownloadEvent.html) ## Running scripts manually @@ -161,3 +200,20 @@ simply running `composer test`: > **Note:** Composer's bin-dir is pushed on top of the PATH so that binaries > of dependencies are easily accessible as CLI commands when writing scripts. + +## Referencing scripts + +To enable script re-use and avoid duplicates, you can call a script from another +one by prefixing the command name with `@`: + +```json +{ + "scripts": { + "test": [ + "@clearCache", + "phpunit" + ], + "clearCache": "rm -rf cache/*" + } +} +``` diff --git a/doc/articles/troubleshooting.md b/doc/articles/troubleshooting.md index 4de3ad19e..c03395d61 100644 --- a/doc/articles/troubleshooting.md +++ b/doc/articles/troubleshooting.md @@ -43,12 +43,16 @@ This is a list of common pitfalls on using Composer, and how to avoid them. 5. If you are updating to a recently published version of a package, be aware that Packagist has a delay of up to 1 minute before new packages are visible to Composer. +6. If you are updating a single package, it may depend on newer versions itself. + In this case add the `--with-dependencies` argument **or** add all dependencies which + need an update to the command. + ## Package not found on travis-ci.org 1. Check the ["Package not found"](#package-not-found) item above. 2. If the package tested is a dependency of one of its dependencies (cyclic - dependency), the problem might be that composer is not able to detect the version + dependency), the problem might be that Composer is not able to detect the version of the package properly. If it is a git clone it is generally alright and Composer will detect the version of the current branch, but travis does shallow clones so that process can fail when testing pull requests and feature branches in general. @@ -58,11 +62,22 @@ This is a list of common pitfalls on using Composer, and how to avoid them. Use: `before_script: COMPOSER_ROOT_VERSION=dev-master composer install` to export the variable for the call to composer. +## Package not found in a Jenkins-build + +1. Check the ["Package not found"](#package-not-found) item above. +2. Reason for failing is similar to the problem which can occur on travis-ci.org: The + git-clone / checkout within Jenkins leaves the branch in a "detached HEAD"-state. As + a result, Composer is not able to identify the version of the current checked out branch + and may not be able to resolve a cyclic dependency. To solve this problem, you can use + the "Additional Behaviours" -> "Check out to specific local branch" in your Git-settings + for your Jenkins-job, where your "local branch" shall be the same branch as you are + checking out. Using this, the checkout will not be in detached state any more and cyclic + dependency is recognized correctly. + ## Need to override a package version -Let say your project depends on package A which in turn depends on a specific -version of package B (say 0.1) and you need a different version of that -package - version 0.11. +Let's say your project depends on package A, which in turn depends on a specific +version of package B (say 0.1). But you need a different version of said package B (say 0.11). You can fix this by aliasing version 0.11 to 0.1: @@ -85,11 +100,14 @@ If composer shows memory errors on some commands: `PHP Fatal error: Allowed memory size of XXXXXX bytes exhausted <...>` -The PHP `memory_limit` should be increased. +Check first that XDebug is not loaded in your `php.ini` by running +`composer diagnose`. If XDebug is loaded, you should disable it by +commenting the line `zend_extension=path/to/xdebug` in your `php.ini`. +Don't forget to enable XDebug again after using Composer, if you need it. -> **Note:** Composer internally increases the `memory_limit` to `512M`. -> If you have memory issues when using composer, please consider [creating -> an issue ticket](https://github.com/composer/composer/issues) so we can look into it. +If composer still raises the error, the PHP `memory_limit` should be increased. + +> **Note:** Composer internally increases the `memory_limit` to `1G`. To get the current `memory_limit` value, run: @@ -101,7 +119,7 @@ Try increasing the limit in your `php.ini` file (ex. `/etc/php5/cli/php.ini` for Debian-like systems): ```ini -; Use -1 for unlimited or define an explicit value like 512M +; Use -1 for unlimited or define an explicit value like 2G memory_limit = -1 ``` @@ -111,6 +129,47 @@ Or, you can increase the limit with a command-line argument: php -d memory_limit=-1 composer.phar <...> ``` +## Xdebug impact on Composer + +Running Composer console commands while the php extension "xdebug" is loaded reduces speed considerably. +This is even the case when all "xdebug" related features are disabled per php.ini flags, +but the php extension itself is loaded into the PHP engine. +Compared to a cli command run with "xdebug" enabled a speed improvement by a factor of up to 3 is not uncommon. + +> **Note:** This is a general issue when running PHP with "xdebug" enabled. You shouldn't +> load the extension in production like environments per se. + +Disable "xdebug" in your `php.ini` (ex. `/etc/php5/cli/php.ini` for Debian-like systems) by +locating the related `zend_extension` directive and prepending it with `;` (semicolon): + +```sh +;zend_extension = "/path/to/my/xdebug.so" +``` + +If you disable this extension and still want it to be added on `php` cli command, you can deal with aliases on *nix systems: + +```sh +# Load xdebug Zend extension with php command +alias php='php -dzend_extension=xdebug.so' +# PHPUnit needs xdebug for coverage. In this case, just make an alias with php command prefix. +alias phpunit='php $(which phpunit)' +``` + +With that, all php binaries called directly **will not** have xdebug enabled +but you will still have it by prefixing them with php command. + +Example: + +```sh +# Will NOT have xdebug enabled +composer update +# Will have xdebug enabled by alias +php /usr/local/bin/composer update +``` + +If you do not want to disable it and want to get rid of the warning you can also define the +[COMPOSER_DISABLE_XDEBUG_WARN](../03-cli.md#composer-disable-xdebug-warn) environment variable. + ## "The system cannot find the path specified" (Windows) 1. Open regedit. @@ -157,3 +216,28 @@ To enable the swap you can use for example: /sbin/mkswap /var/swap.1 /sbin/swapon /var/swap.1 ``` + +## Degraded Mode + +Due to some intermittent issues on Travis and other systems, we introduced a +degraded network mode which helps Composer finish successfully but disables +a few optimizations. This is enabled automatically when an issue is first +detected. If you see this issue sporadically you probably don't have to worry +(a slow or overloaded network can also cause those time outs), but if it +appears repeatedly you might want to look at the options below to identify +and resolve it. + +If you have been pointed to this page, you want to check a few things: + +- If you are using ESET antivirus, go in "Advanced Settings" and disable "HTTP-scanner" + under "web access protection" +- If you are using IPv6, try disabling it. If that solves your issues, get in touch + with your ISP or server host, the problem is not at the Packagist level but in the + routing rules between you and Packagist (i.e. the internet at large). The best way to get + these fixed is raise awareness to the network engineers that have the power to fix it. + + To disable IPv6 on Linux, try using this command which appends a + rule preferring IPv4 over IPv6 to your config: + + `sudo sh -c "echo 'precedence ::ffff:0:0/96 100' >> /etc/gai.conf"` +- If none of the above helped, please report the error. diff --git a/doc/articles/versions.md b/doc/articles/versions.md new file mode 100644 index 000000000..226fd84e6 --- /dev/null +++ b/doc/articles/versions.md @@ -0,0 +1,118 @@ + + +# Versions + +## Basic Constraints + +### Exact + +You can specify the exact version of a package. This will tell Composer to +install this version and this version only. If other dependencies require +a different version, the solver will ultimately fail and abort any install +or update procedures. + +Example: `1.0.2` + +### Range + +By using comparison operators you can specify ranges of valid versions. Valid +operators are `>`, `>=`, `<`, `<=`, `!=`. + +You can define multiple ranges. Ranges separated by a space ( ) +or comma (`,`) will be treated as a **logical AND**. A double pipe (`||`) +will be treated as a **logical OR**. AND has higher precedence than OR. + +> **Note:** Be careful when using unbounded ranges as you might end up +> unexpectedly installing versions that break backwards compatibility. +> Consider using the [caret](#caret) operator instead for safety. + +Examples: + +* `>=1.0` +* `>=1.0 <2.0` +* `>=1.0 <1.1 || >=1.2` + +### Range (Hyphen) + +Inclusive set of versions. Partial versions on the right include are completed +with a wildcard. For example `1.0 - 2.0` is equivalent to `>=1.0.0 <2.1` as the +`2.0` becomes `2.0.*`. On the other hand `1.0.0 - 2.1.0` is equivalent to +`>=1.0.0 <=2.1.0`. + +Example: `1.0 - 2.0` + +### Wildcard + +You can specify a pattern with a `*` wildcard. `1.0.*` is the equivalent of +`>=1.0 <1.1`. + +Example: `1.0.*` + +## Next Significant Release Operators + +### Tilde + +The `~` operator is best explained by example: `~1.2` is equivalent to +`>=1.2 <2.0.0`, while `~1.2.3` is equivalent to `>=1.2.3 <1.3.0`. As you can see +it is mostly useful for projects respecting [semantic +versioning](http://semver.org/). A common usage would be to mark the minimum +minor version you depend on, like `~1.2` (which allows anything up to, but not +including, 2.0). Since in theory there should be no backwards compatibility +breaks until 2.0, that works well. Another way of looking at it is that using +`~` specifies a minimum version, but allows the last digit specified to go up. + +Example: `~1.2` + +> **Note:** Though `2.0-beta.1` is strictly before `2.0`, a version constraint +> like `~1.2` would not install it. As said above `~1.2` only means the `.2` +> can change but the `1.` part is fixed. + +> **Note:** The `~` operator has an exception on its behavior for the major +> release number. This means for example that `~1` is the same as `~1.0` as +> it will not allow the major number to increase trying to keep backwards +> compatibility. + +### Caret + +The `^` operator behaves very similarly but it sticks closer to semantic +versioning, and will always allow non-breaking updates. For example `^1.2.3` +is equivalent to `>=1.2.3 <2.0.0` as none of the releases until 2.0 should +break backwards compatibility. For pre-1.0 versions it also acts with safety +in mind and treats `^0.3` as `>=0.3.0 <0.4.0`. + +This is the recommended operator for maximum interoperability when writing +library code. + +Example: `^1.2.3` + +## Stability + +If you are using a constraint that does not explicitly define a stability, +Composer will default internally to `-dev` or `-stable`, depending on the +operator(s) used. This happens transparently. + +If you wish to explicitly consider only the stable release in the comparison, +add the suffix `-stable`. + +Examples: + + Constraint | Internally +------------------- | ------------------------ + `1.2.3` | `=1.2.3.0-stable` + `>1.2` | `>1.2.0.0-stable` + `>=1.2` | `>=1.2.0.0-dev` + `>=1.2-stable` | `>=1.2.0.0-stable` + `<1.3` | `<1.3.0.0-dev` + `<=1.3` | `<=1.3.0.0-stable` + `1 - 2` | `>=1.0.0.0-dev <3.0.0.0-dev` + `~1.3` | `>=1.3.0.0-dev <2.0.0.0-dev` + `1.4.*` | `>=1.4.0.0-dev <1.5.0.0-dev` + +## Test version constraints + +You can test version constraints using [semver.mwl.be](http://semver.mwl.be). +Fill in a package name and it will autofill the default version constraint +which Composer would add to your `composer.json` file. You can adjust the +version constraint and the tool will highlight all releases that match. diff --git a/doc/dev/DefaultPolicy.md b/doc/dev/DefaultPolicy.md index 61db2bf15..65d0710df 100644 --- a/doc/dev/DefaultPolicy.md +++ b/doc/dev/DefaultPolicy.md @@ -12,6 +12,13 @@ resulting order in which the solver will try to install them. The rules are to be applied in the order of these descriptions. +### Repository priorities + +Packages Repo1.Av1, Repo2.Av1 + +* priority(Repo1) >= priority(Repo2) => (Repo1.Av1, Repo2.Av1) +* priority(Repo1) < priority(Repo2) => (Repo2.Av1, Repo1.Av1) + ### Package versions Packages: Av1, Av2, Av3 @@ -22,13 +29,6 @@ Request: install A * (Av3) -### Repository priorities - -Packages Repo1.Av1, Repo2.Av1 - -* priority(Repo1) >= priority(Repo2) => (Repo1.Av1, Repo2.Av1) -* priority(Repo1) < priority(Repo2) => (Repo2.Av1, Repo1.Av1) - ### Virtual Packages (provides) Packages Av1, Bv1 diff --git a/doc/faqs/should-i-commit-the-dependencies-in-my-vendor-directory.md b/doc/faqs/should-i-commit-the-dependencies-in-my-vendor-directory.md index cdbd3141c..14da5f5e3 100644 --- a/doc/faqs/should-i-commit-the-dependencies-in-my-vendor-directory.md +++ b/doc/faqs/should-i-commit-the-dependencies-in-my-vendor-directory.md @@ -27,6 +27,6 @@ If you really feel like you must do this, you have a few options: in ZSH or `find vendor/ -type d -name ".git" -exec rm -rf {} \;` in Bash. but this means you will have to delete those dependencies from disk before running composer update. -4. Add a .gitignore rule (`vendor/.git`) to ignore all the vendor `.git` folders. +4. Add a .gitignore rule (`/vendor/**/.git`) to ignore all the vendor `.git` folders. This approach does not require that you delete dependencies from disk prior to running a composer update. diff --git a/doc/faqs/why-are-unbound-version-constraints-a-bad-idea.md b/doc/faqs/why-are-unbound-version-constraints-a-bad-idea.md index 183403948..56d152c82 100644 --- a/doc/faqs/why-are-unbound-version-constraints-a-bad-idea.md +++ b/doc/faqs/why-are-unbound-version-constraints-a-bad-idea.md @@ -14,7 +14,7 @@ compatible with the new major version of your dependency. For example instead of using `>=3.4` you should use `~3.4` which allows all versions up to `3.999` but does not include `4.0` and above. The `~` operator -works very well with libraries follow [semantic versioning](http://semver.org). +works very well with libraries following [semantic versioning](http://semver.org). **Note:** As a package maintainer, you can make the life of your users easier by providing an [alias version](../articles/aliases.md) for your development diff --git a/res/composer-schema.json b/res/composer-schema.json index 4c40bdfb2..df1fe8290 100644 --- a/res/composer-schema.json +++ b/res/composer-schema.json @@ -35,7 +35,7 @@ }, "version": { "type": "string", - "description": "Package version, see http://getcomposer.org/doc/04-schema.md#version for more info on valid schemes." + "description": "Package version, see https://getcomposer.org/doc/04-schema.md#version for more info on valid schemes." }, "time": { "type": "string", @@ -136,6 +136,11 @@ "description": "A hash of domain name => github API oauth tokens, typically {\"github.com\":\"\"}.", "additionalProperties": true }, + "gitlab-oauth": { + "type": "object", + "description": "A hash of domain name => gitlab API oauth tokens, typically {\"gitlab.com\":\"\"}.", + "additionalProperties": true + }, "http-basic": { "type": "object", "description": "A hash of domain name => {\"username\": \"...\", \"password\": \"...\"}.", @@ -145,6 +150,11 @@ "type": ["string", "boolean"], "description": "What to do after prompting for authentication, one of: true (store), false (do not store) or \"prompt\" (ask every time), defaults to prompt." }, + "platform": { + "type": "object", + "description": "This is a hash of package name (keys) and version (values) that will be used to mock the platform packages on this machine.", + "additionalProperties": true + }, "vendor-dir": { "type": "string", "description": "The location where all packages are installed, defaults to \"vendor\"." @@ -181,6 +191,10 @@ "type": ["string", "integer"], "description": "The cache max size for the files cache, defaults to \"300MiB\"." }, + "bin-compat": { + "enum": ["auto", "full"], + "description": "The compatibility of the binaries, defaults to \"auto\" (automatically guessed) and can be \"full\" (compatible with both Windows and Unix-based systems)." + }, "discard-changes": { "type": ["string", "boolean"], "description": "The default style of handling dirty updates, defaults to false and can be any of true, false or \"stash\"." @@ -211,6 +225,21 @@ "github-expose-hostname": { "type": "boolean", "description": "Defaults to true. If set to false, the OAuth tokens created to access the github API will have a date instead of the machine hostname." + }, + "gitlab-domains": { + "type": "array", + "description": "A list of domains to use in gitlab mode. This is used for custom GitLab setups, defaults to [\"gitlab.com\"].", + "items": { + "type": "string" + } + }, + "archive-format": { + "type": "string", + "description": "The default archiving format when not provided on cli, defaults to \"tar\"." + }, + "archive-dir": { + "type": "string", + "description": "The default archive path when not provided on cli, defaults to \".\"." } } }, @@ -240,6 +269,10 @@ "files": { "type": "array", "description": "This is an array of files that are always required on every request." + }, + "exclude-from-classmap": { + "type": "array", + "description": "This is an array of patterns to exclude from autoload classmap generation. (e.g. \"exclude-from-classmap\": [\"/test/\", \"/tests/\", \"/Tests/\"]" } } }, @@ -284,11 +317,12 @@ }, "minimum-stability": { "type": ["string"], - "description": "The minimum stability the packages must have to be install-able. Possible values are: dev, alpha, beta, RC, stable." + "description": "The minimum stability the packages must have to be install-able. Possible values are: dev, alpha, beta, RC, stable.", + "pattern": "^dev|alpha|beta|rc|RC|stable$" }, "prefer-stable": { "type": ["boolean"], - "description": "If set to true, stable packages will be prefered to dev packages when possible, even if the minimum-stability allows unstable packages." + "description": "If set to true, stable packages will be preferred to dev packages when possible, even if the minimum-stability allows unstable packages." }, "bin": { "type": ["array"], @@ -384,17 +418,17 @@ }, "issues": { "type": "string", - "description": "URL to the Issue Tracker.", + "description": "URL to the issue tracker.", "format": "uri" }, "forum": { "type": "string", - "description": "URL to the Forum.", + "description": "URL to the forum.", "format": "uri" }, "wiki": { "type": "string", - "description": "URL to the Wiki.", + "description": "URL to the wiki.", "format": "uri" }, "irc": { @@ -406,8 +440,24 @@ "type": "string", "description": "URL to browse or download the sources.", "format": "uri" + }, + "docs": { + "type": "string", + "description": "URL to the documentation.", + "format": "uri" } } + }, + "non-feature-branches": { + "type": ["array"], + "description": "A set of string or regex patterns for non-numeric branch names that will not be handled as feature branches.", + "items": { + "type": "string" + } + }, + "abandoned": { + "type": ["boolean", "string"], + "description": "Indicates whether this package has been abandoned, it can be boolean or a package name/URL pointing to a recommended alternative. Defaults to false." } } } diff --git a/res/spdx-identifier.json b/res/spdx-identifier.json deleted file mode 100644 index b6d8dbc1f..000000000 --- a/res/spdx-identifier.json +++ /dev/null @@ -1,59 +0,0 @@ -[ - "Glide", "Abstyles", "AFL-1.1", "AFL-1.2", "AFL-2.0", "AFL-2.1", "AFL-3.0", - "AMPAS", "APL-1.0", "Adobe-Glyph", "APAFML", "Adobe-2006", "AGPL-1.0", - "Afmparse", "Aladdin", "ADSL", "AMDPLPA", "ANTLR-PD", "Apache-1.0", - "Apache-1.1", "Apache-2.0", "AML", "APSL-1.0", "APSL-1.1", "APSL-1.2", - "APSL-2.0", "Artistic-1.0", "Artistic-1.0-Perl", "Artistic-1.0-cl8", - "Artistic-2.0", "AAL", "Bahyph", "Barr", "Beerware", "BitTorrent-1.0", - "BitTorrent-1.1", "BSL-1.0", "Borceux", "BSD-2-Clause", - "BSD-2-Clause-FreeBSD", "BSD-2-Clause-NetBSD", "BSD-3-Clause", - "BSD-3-Clause-Clear", "BSD-4-Clause", "BSD-Protection", - "BSD-3-Clause-Attribution", "BSD-4-Clause-UC", "bzip2-1.0.5", "bzip2-1.0.6", - "Caldera", "CECILL-1.0", "CECILL-1.1", "CECILL-2.0", "CECILL-B", "CECILL-C", - "ClArtistic", "MIT-CMU", "CNRI-Python", "CNRI-Python-GPL-Compatible", - "CPOL-1.02", "CDDL-1.0", "CDDL-1.1", "CPAL-1.0", "CPL-1.0", "CATOSL-1.1", - "Condor-1.1", "CC-BY-1.0", "CC-BY-2.0", "CC-BY-2.5", "CC-BY-3.0", - "CC-BY-4.0", "CC-BY-ND-1.0", "CC-BY-ND-2.0", "CC-BY-ND-2.5", "CC-BY-ND-3.0", - "CC-BY-ND-4.0", "CC-BY-NC-1.0", "CC-BY-NC-2.0", "CC-BY-NC-2.5", - "CC-BY-NC-3.0", "CC-BY-NC-4.0", "CC-BY-NC-ND-1.0", "CC-BY-NC-ND-2.0", - "CC-BY-NC-ND-2.5", "CC-BY-NC-ND-3.0", "CC-BY-NC-ND-4.0", "CC-BY-NC-SA-1.0", - "CC-BY-NC-SA-2.0", "CC-BY-NC-SA-2.5", "CC-BY-NC-SA-3.0", "CC-BY-NC-SA-4.0", - "CC-BY-SA-1.0", "CC-BY-SA-2.0", "CC-BY-SA-2.5", "CC-BY-SA-3.0", - "CC-BY-SA-4.0", "CC0-1.0", "Crossword", "CUA-OPL-1.0", "Cube", "D-FSL-1.0", - "diffmark", "WTFPL", "DOC", "Dotseqn", "DSDP", "dvipdfm", "EPL-1.0", - "eCos-2.0", "ECL-1.0", "ECL-2.0", "eGenix", "EFL-1.0", "EFL-2.0", - "MIT-advertising", "MIT-enna", "Entessa", "ErlPL-1.1", "EUDatagrid", - "EUPL-1.0", "EUPL-1.1", "Eurosym", "Fair", "MIT-feh", "Frameworx-1.0", - "FTL", "FSFUL", "FSFULLR", "Giftware", "GL2PS", "Glulxe", "AGPL-3.0", - "GFDL-1.1", "GFDL-1.2", "GFDL-1.3", "GPL-1.0", "GPL-1.0+", "GPL-2.0", - "GPL-2.0+", "GPL-2.0-with-autoconf-exception", - "GPL-2.0-with-bison-exception", "GPL-2.0-with-classpath-exception", - "GPL-2.0-with-font-exception", "GPL-2.0-with-GCC-exception", "GPL-3.0", - "GPL-3.0+", "GPL-3.0-with-autoconf-exception", "GPL-3.0-with-GCC-exception", - "LGPL-2.1", "LGPL-2.1+", "LGPL-3.0", "LGPL-3.0+", "LGPL-2.0", "LGPL-2.0+", - "gnuplot", "gSOAP-1.3b", "HaskellReport", "HPND", "IBM-pibs", "IPL-1.0", - "ImageMagick", "iMatix", "Imlib2", "IJG", "Intel-ACPI", "Intel", "IPA", - "ISC", "JasPer-2.0", "JSON", "LPPL-1.3a", "LPPL-1.0", "LPPL-1.1", - "LPPL-1.2", "LPPL-1.3c", "Latex2e", "BSD-3-Clause-LBNL", "Leptonica", - "Libpng", "libtiff", "LPL-1.02", "LPL-1.0", "MakeIndex", "MTLL", "MS-PL", - "MS-RL", "MirOS", "MITNFA", "MIT", "Motosoto", "MPL-1.0", "MPL-1.1", - "MPL-2.0", "MPL-2.0-no-copyleft-exception", "mpich2", "Multics", "Mup", - "NASA-1.3", "Naumen", "NBPL-1.0", "NetCDF", "NGPL", "NOSL", "NPL-1.0", - "NPL-1.1", "Newsletr", "NLPL", "Nokia", "NPOSL-3.0", "Noweb", "NRL", "NTP", - "Nunit", "OCLC-2.0", "ODbL-1.0", "PDDL-1.0", "OGTSL", "OLDAP-2.2.2", - "OLDAP-1.1", "OLDAP-1.2", "OLDAP-1.3", "OLDAP-1.4", "OLDAP-2.0", - "OLDAP-2.0.1", "OLDAP-2.1", "OLDAP-2.2", "OLDAP-2.2.1", "OLDAP-2.3", - "OLDAP-2.4", "OLDAP-2.5", "OLDAP-2.6", "OLDAP-2.7", "OML", "OPL-1.0", - "OSL-1.0", "OSL-1.1", "OSL-2.0", "OSL-2.1", "OSL-3.0", "OLDAP-2.8", - "OpenSSL", "PHP-3.0", "PHP-3.01", "Plexus", "PostgreSQL", "psfrag", - "psutils", "Python-2.0", "QPL-1.0", "Qhull", "Rdisc", "RPSL-1.0", "RPL-1.1", - "RPL-1.5", "RHeCos-1.1", "RSCPL", "Ruby", "SAX-PD", "Saxpath", "SCEA", - "SWL", "SGI-B-1.0", "SGI-B-1.1", "SGI-B-2.0", "OFL-1.0", "OFL-1.1", - "SimPL-2.0", "Sleepycat", "SNIA", "SMLNJ", "StandardML-NJ", - "SugarCRM-1.1.3", "SISSL", "SISSL-1.2", "SPL-1.0", "Watcom-1.0", "TCL", - "Unlicense", "TMate", "TORQUE-1.1", "TOSL", "Unicode-TOU", "NCSA", "Vim", - "VOSTROM", "VSL-1.0", "W3C", "Wsuipa", "WXwindows", "Xnet", "X11", "Xerox", - "XFree86-1.1", "xinetd", "xpp", "XSkat", "YPL-1.0", "YPL-1.1", "Zed", - "Zend-2.0", "Zimbra-1.3", "Zlib", "zlib-acknowledgement", "ZPL-1.1", - "ZPL-2.0", "ZPL-2.1" -] diff --git a/src/Composer/Autoload/AutoloadGenerator.php b/src/Composer/Autoload/AutoloadGenerator.php index c88c34b41..eaae8ec69 100644 --- a/src/Composer/Autoload/AutoloadGenerator.php +++ b/src/Composer/Autoload/AutoloadGenerator.php @@ -38,8 +38,21 @@ class AutoloadGenerator */ private $io; + /** + * @var bool + */ private $devMode = false; + /** + * @var bool + */ + private $classMapAuthoritative = false; + + /** + * @var bool + */ + private $runScripts = false; + public function __construct(EventDispatcher $eventDispatcher, IOInterface $io = null) { $this->eventDispatcher = $eventDispatcher; @@ -51,11 +64,38 @@ class AutoloadGenerator $this->devMode = (boolean) $devMode; } + /** + * Whether or not generated autoloader considers the class map + * authoritative. + * + * @param bool $classMapAuthoritative + */ + public function setClassMapAuthoritative($classMapAuthoritative) + { + $this->classMapAuthoritative = (boolean) $classMapAuthoritative; + } + + /** + * Set whether to run scripts or not + * + * @param bool $runScripts + */ + public function setRunScripts($runScripts = true) + { + $this->runScripts = (boolean) $runScripts; + } + public function dump(Config $config, InstalledRepositoryInterface $localRepo, PackageInterface $mainPackage, InstallationManager $installationManager, $targetDir, $scanPsr0Packages = false, $suffix = '') { - $this->eventDispatcher->dispatchScript(ScriptEvents::PRE_AUTOLOAD_DUMP, $this->devMode, array(), array( - 'optimize' => (bool) $scanPsr0Packages, - )); + if ($this->classMapAuthoritative) { + // Force scanPsr0Packages when classmap is authoritative + $scanPsr0Packages = true; + } + if ($this->runScripts) { + $this->eventDispatcher->dispatchScript(ScriptEvents::PRE_AUTOLOAD_DUMP, $this->devMode, array(), array( + 'optimize' => (bool) $scanPsr0Packages, + )); + } $filesystem = new Filesystem(); $filesystem->ensureDirectoryExists($config->get('vendor-dir')); @@ -63,7 +103,6 @@ class AutoloadGenerator $vendorPath = $filesystem->normalizePath(realpath($config->get('vendor-dir'))); $useGlobalIncludePath = (bool) $config->get('use-include-path'); $prependAutoloader = $config->get('prepend-autoloader') === false ? 'false' : 'true'; - $classMapAuthoritative = $config->get('classmap-authoritative'); $targetDir = $vendorPath.'/'.$targetDir; $filesystem->ensureDirectoryExists($targetDir); @@ -171,40 +210,43 @@ EOF; EOF; } + $blacklist = null; + if (!empty($autoloads['exclude-from-classmap'])) { + $blacklist = '{(' . implode('|', $autoloads['exclude-from-classmap']) . ')}'; + } + // flatten array $classMap = array(); if ($scanPsr0Packages) { + $namespacesToScan = array(); + // Scan the PSR-0/4 directories for class files, and add them to the class map foreach (array('psr-0', 'psr-4') as $psrType) { foreach ($autoloads[$psrType] as $namespace => $paths) { - foreach ($paths as $dir) { + $namespacesToScan[$namespace][] = array('paths' => $paths, 'type' => $psrType); + } + } + + krsort($namespacesToScan); + + foreach ($namespacesToScan as $namespace => $groups) { + foreach ($groups as $group) { + $psrType = $group['type']; + foreach ($group['paths'] as $dir) { $dir = $filesystem->normalizePath($filesystem->isAbsolutePath($dir) ? $dir : $basePath.'/'.$dir); if (!is_dir($dir)) { continue; } - $whitelist = sprintf( - '{%s/%s.+(?io, $namespaceFilter) as $class => $path) { - if (!isset($classMap[$class])) { - $path = $this->getPathCode($filesystem, $basePath, $vendorPath, $path); - $classMap[$class] = $path.",\n"; - } - } + $classMap = $this->addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $blacklist, $namespaceFilter, $classMap); } } } } foreach ($autoloads['classmap'] as $dir) { - foreach (ClassMapGenerator::createMap($dir, null, $this->io) as $class => $path) { - $path = $this->getPathCode($filesystem, $basePath, $vendorPath, $path); - $classMap[$class] = $path.",\n"; - } + $classMap = $this->addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $blacklist, null, $classMap); } ksort($classMap); @@ -214,33 +256,66 @@ EOF; $classmapFile .= ");\n"; if (!$suffix) { - $suffix = $config->get('autoloader-suffix') ?: md5(uniqid('', true)); + if (!$config->get('autoloader-suffix') && is_readable($vendorPath.'/autoload.php')) { + $content = file_get_contents($vendorPath.'/autoload.php'); + if (preg_match('{ComposerAutoloaderInit([^:\s]+)::}', $content, $match)) { + $suffix = $match[1]; + } + } + + if (!$suffix) { + $suffix = $config->get('autoloader-suffix') ?: md5(uniqid('', true)); + } } file_put_contents($targetDir.'/autoload_namespaces.php', $namespacesFile); file_put_contents($targetDir.'/autoload_psr4.php', $psr4File); file_put_contents($targetDir.'/autoload_classmap.php', $classmapFile); - if ($includePathFile = $this->getIncludePathsFile($packageMap, $filesystem, $basePath, $vendorPath, $vendorPathCode52, $appBaseDirCode)) { - file_put_contents($targetDir.'/include_paths.php', $includePathFile); - } - if ($includeFilesFile = $this->getIncludeFilesFile($autoloads['files'], $filesystem, $basePath, $vendorPath, $vendorPathCode52, $appBaseDirCode)) { - file_put_contents($targetDir.'/autoload_files.php', $includeFilesFile); + $includePathFilePath = $targetDir.'/include_paths.php'; + if ($includePathFileContents = $this->getIncludePathsFile($packageMap, $filesystem, $basePath, $vendorPath, $vendorPathCode52, $appBaseDirCode)) { + file_put_contents($includePathFilePath, $includePathFileContents); + } elseif (file_exists($includePathFilePath)) { + unlink($includePathFilePath); + } + $includeFilesFilePath = $targetDir.'/autoload_files.php'; + if ($includeFilesFileContents = $this->getIncludeFilesFile($autoloads['files'], $filesystem, $basePath, $vendorPath, $vendorPathCode52, $appBaseDirCode)) { + file_put_contents($includeFilesFilePath, $includeFilesFileContents); + } elseif (file_exists($includeFilesFilePath)) { + unlink($includeFilesFilePath); } file_put_contents($vendorPath.'/autoload.php', $this->getAutoloadFile($vendorPathToTargetDirCode, $suffix)); - file_put_contents($targetDir.'/autoload_real.php', $this->getAutoloadRealFile(true, (bool) $includePathFile, $targetDirLoader, (bool) $includeFilesFile, $vendorPathCode, $appBaseDirCode, $suffix, $useGlobalIncludePath, $prependAutoloader, $classMapAuthoritative)); - - // use stream_copy_to_stream instead of copy - // to work around https://bugs.php.net/bug.php?id=64634 - $sourceLoader = fopen(__DIR__.'/ClassLoader.php', 'r'); - $targetLoader = fopen($targetDir.'/ClassLoader.php', 'w+'); - stream_copy_to_stream($sourceLoader, $targetLoader); - fclose($sourceLoader); - fclose($targetLoader); - unset($sourceLoader, $targetLoader); - - $this->eventDispatcher->dispatchScript(ScriptEvents::POST_AUTOLOAD_DUMP, $this->devMode, array(), array( - 'optimize' => (bool) $scanPsr0Packages, - )); + file_put_contents($targetDir.'/autoload_real.php', $this->getAutoloadRealFile(true, (bool) $includePathFileContents, $targetDirLoader, (bool) $includeFilesFileContents, $vendorPathCode, $appBaseDirCode, $suffix, $useGlobalIncludePath, $prependAutoloader)); + + $this->safeCopy(__DIR__.'/ClassLoader.php', $targetDir.'/ClassLoader.php'); + $this->safeCopy(__DIR__.'/../../../LICENSE', $targetDir.'/LICENSE'); + + if ($this->runScripts) { + $this->eventDispatcher->dispatchScript(ScriptEvents::POST_AUTOLOAD_DUMP, $this->devMode, array(), array( + 'optimize' => (bool) $scanPsr0Packages, + )); + } + } + + private function addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $blacklist = null, $namespaceFilter = null, array $classMap = array()) + { + foreach ($this->generateClassMap($dir, $blacklist, $namespaceFilter) as $class => $path) { + $pathCode = $this->getPathCode($filesystem, $basePath, $vendorPath, $path).",\n"; + if (!isset($classMap[$class])) { + $classMap[$class] = $pathCode; + } elseif ($this->io && $classMap[$class] !== $pathCode && !preg_match('{/(test|fixture|example|stub)s?/}i', strtr($classMap[$class].' '.$path, '\\', '/'))) { + $this->io->writeError( + 'Warning: Ambiguous class resolution, "'.$class.'"'. + ' was found in both "'.str_replace(array('$vendorDir . \'', "',\n"), array($vendorPath, ''), $classMap[$class]).'" and "'.$path.'", the first will be used.' + ); + } + } + + return $classMap; + } + + private function generateClassMap($dir, $blacklist = null, $namespaceFilter = null) + { + return ClassMapGenerator::createMap($dir, $blacklist, $this->io, $namespaceFilter); } public function buildPackageMap(InstallationManager $installationManager, PackageInterface $mainPackage, array $packages) @@ -301,13 +376,20 @@ EOF; $psr0 = $this->parseAutoloadsType($packageMap, 'psr-0', $mainPackage); $psr4 = $this->parseAutoloadsType($packageMap, 'psr-4', $mainPackage); - $classmap = $this->parseAutoloadsType($sortedPackageMap, 'classmap', $mainPackage); + $classmap = $this->parseAutoloadsType(array_reverse($sortedPackageMap), 'classmap', $mainPackage); $files = $this->parseAutoloadsType($sortedPackageMap, 'files', $mainPackage); + $exclude = $this->parseAutoloadsType($sortedPackageMap, 'exclude-from-classmap', $mainPackage); krsort($psr0); krsort($psr4); - return array('psr-0' => $psr0, 'psr-4' => $psr4, 'classmap' => $classmap, 'files' => $files); + return array( + 'psr-0' => $psr0, + 'psr-4' => $psr4, + 'classmap' => $classmap, + 'files' => $files, + 'exclude-from-classmap' => $exclude, + ); } /** @@ -332,6 +414,16 @@ EOF; } } + if (isset($autoloads['classmap'])) { + foreach ($autoloads['classmap'] as $dir) { + try { + $loader->addClassMap($this->generateClassMap($dir)); + } catch (\RuntimeException $e) { + $this->io->writeError(''.$e->getMessage().''); + } + } + } + return $loader; } @@ -378,12 +470,13 @@ EOF; protected function getIncludeFilesFile(array $files, Filesystem $filesystem, $basePath, $vendorPath, $vendorPathCode, $appBaseDirCode) { $filesCode = ''; - foreach ($files as $functionFile) { - $filesCode .= ' '.$this->getPathCode($filesystem, $basePath, $vendorPath, $functionFile).",\n"; + foreach ($files as $fileIdentifier => $functionFile) { + $filesCode .= ' ' . var_export($fileIdentifier, true) . ' => ' + . $this->getPathCode($filesystem, $basePath, $vendorPath, $functionFile) . ",\n"; } if (!$filesCode) { - return FALSE; + return false; } return <<classMapAuthoritative) { + $file .= <<<'PSR04' $map = require __DIR__ . '/autoload_namespaces.php'; foreach ($map as $namespace => $path) { $loader->set($namespace, $path); } - -PSR0; - - $file .= <<<'PSR4' $map = require __DIR__ . '/autoload_psr4.php'; foreach ($map as $namespace => $path) { $loader->setPsr4($namespace, $path); } -PSR4; +PSR04; + } if ($useClassMap) { $file .= <<<'CLASSMAP' @@ -521,7 +605,7 @@ PSR4; CLASSMAP; } - if ($classMapAuthoritative) { + if ($this->classMapAuthoritative) { $file .= <<<'CLASSMAPAUTHORITATIVE' $loader->setClassMapAuthoritative(true); @@ -536,11 +620,11 @@ INCLUDEPATH; } if ($targetDirLoader) { - $file .= << \$file) { + composerRequire$suffix(\$fileIdentifier, \$file); } @@ -568,12 +652,23 @@ METHOD_FOOTER; $file .= $targetDirLoader; - return $file . <<