Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Lorna Mitchell:
Handling Composer "lock file out of date" Warning
Jan 22, 2016 @ 09:48:23

Lorna Mitchell has a post on her site that wants to help you out when Composer reports a "lock file out of date" warning when you try to update your Composer dependencies. She provides three options to help resolve this issue.

Composer is dependency management for PHP, and it consists of two main files: [composer.json and composer.lock]. Crucially, the composer.lock also includes a hash of the current composer.json when it updates, so you can always tell if you've added a requirement to the composer.json file and forgotten to install it.

The post includes three different ways to correct the warning message:

  • Option one: upgrade all of the things
  • Option two: try to work out which composer.json change caused this
  • Option three: do nothing, safely

The first two options are preferable to the last one (essentially overriding the error) but it could be used in cases where you think Composer is just getting things wrong.

tagged: composer lock file outofdate warning option fix override

Link: http://www.lornajane.net/posts/2016/handling-composer-lock-file-out-of-date-warning

Evert Pot:
Strict typing in PHP 7 - poll results
Jan 15, 2016 @ 11:19:54

Evert Pot has shared the results of a poll he recently set up on Twitter asking PHP developers if they planned to make use of the strict typing functionality in PHP 7 in their applications. Unsurprisingly, the majority voted that they will with a more undecided audience coming in second.

Type hinting comes in two flavors: strict and non-strict. This is the result of a long battle between two camps, a strict and non-strict camp, which in the end was resolved by this compromise.

Now by default PHP acts in non-strict mode, and if you'd like to opt-in to strict-mode, you'll need to start every PHP file with this statement. [...] So I was curious about everyone and whether you will be using strict mode or not. Results are in.

According to those that voted 46% were completely in favor of using the declare statement to enable strict typing in their PHP 7 code by default. The next group, the "undecided" were at 26% with "no way" and "what is that?" coming in farther down the list. He also mentions a package that's in the works from Justin Martin that would automatically add the declare statement to your code in the desired location(s). Additionally there's an extension in development from Joe Watkins that will do the same thing but making it a bit more automatic.

tagged: php7 strict type declare poll results usage composer package extension

Link: https://evertpot.com/strict-types-pollresults/

Rob Allen:
Using Composer with shared hosting
Dec 28, 2015 @ 09:25:44

Rob Allen has a post to his site talking about using Composer with shared hosting, showing how to use this popular tool even if you're on a shared hosting environment and don't have direct SSH or shell access.

I've seen this sentiment a few times now, so this seems like a good time to point out that you do not need SSH access to your server in order to use Composer. In fact, I don't run Composer on a live server (regardless of whether it's using shared hosting) and it's not on my list of things to do in the near future.

What you do need is a process where you handle your Composer dependencies on your own computer where you have PHP running.

He gives two possible solutions to the problem: either commit your dependencies or create some kind of build script that can execute the Composer install for you on deploy. He gives details on both of these solutions including the process for installing the dependencies with an automated FTP script (run at deploy rather than committed).

tagged: composer shared hosting ftp deploy script commit dependency

Link: https://akrabat.com/using-composer-with-shared-hosting/

Lorna Mitchell:
Relying on A Dev-Master Dependency in Composer
Dec 23, 2015 @ 10:52:51

In this post to her site Lorna Mitchell makes an interesting point about relying on libraries/packages that recommend using dev-master as the target of choice when installing via Composer. It started from a Tweet and lead to more discussion. She share some of that and more about her own thinking in this post.

If your project installation instructions recommend requiring dev-master in composer, I may need to reconsider my choice of package. [...] I got a few responses asking me to expand so I thought I would take the opportunity to write more than 140 characters on this topic.

She talks about the types of dependencies she prefers to add to her systems and how, usually, the code that lives in dev-master is not actually what's desired. It could be in any state after all - broken or correct. She points out three places where she'd see this kind of dependency as "okay" but points out that they are rarely seen in a mature project. She ends with a recommendation to users to look for dev-master entries in their own composer.json files and replace them with a release to prevent issues in the future.

tagged: devmaster composer dependency reliance version stable

Link: http://www.lornajane.net/posts/2015/relying-on-a-dev-master-dependency-in-composer

Jordi Boggiano:
New Composer Patterns
Dec 21, 2015 @ 11:52:36

Jordi Boggiano, lead developer on the Composer has posted about some of the new Composer patterns that have been introduced into the tool this year, including some you might not even have realized.

Here is a short update on some nice little features that have become available in the last year in Composer.

He includes five of these features in his list (but something tells me these are just some of the more user-facing improvements the project has introduced):

  • Checking dependencies for bad patterns
  • Referencing scripts to avoid duplication
  • Defining your target production environment in composer.json
  • Excluding paths from the optimized classmap
  • Requiring packages easily and safely

For each item he includes the command (and sometimes optional arguments) that make it work and what kind of results you can expect. There's definitely some handy features in here and not just for the "power users" in the crowd.

tagged: composer feature update project patterns duplication environment classmap

Link: http://seld.be/notes/new-composer-patterns

Heroku Blog:
50% and Counting: PHP 7 Takes Off
Dec 16, 2015 @ 13:50:48

As Heroku points out in their latest blog post the popularity of PHP 7 is already rising quickly since they made this major release available on their service and how it's now reached the point of being the most deployed version on their systems.

Last week, we made PHP 7 available on top of a new, reworked version of our PHP support, and our users are adopting PHP 7’s exciting new features and stellar performance improvements quickly - we’re already seeing PHP 7 being used in the majority of PHP deploys on Heroku.

Under the hood, much of the logic that handles a deploy has changed, but not the fundamental principles upon which our support for PHP applications is designed. We've always been determined to provide a fully standards-based implementation that does not rely on proprietary configuration or magic behavior, and that means building on top of a great foundation of tools.

They also mention the rise of Composer in recent years in the PHP community and how they're continuing to treat the composer.json (and .lock) and installation process as first class citizens, making use of Composer itself to install not only dependencies but also language runtimes and extensions.

tagged: heroku php7 installation majority composer support

Link: https://blog.heroku.com/archives/2015/12/15/php7

NetTuts.com:
What Are Laravel Packages?
Dec 11, 2015 @ 11:13:14

On the NetTuts.com site they've published a tutorial that explains Laravel packages - what they are and how you can create your own to seamlessly integrate with this popular framework.

As a PHP developer, you may be interested in working with frameworks. Frameworks attempt to make the process of development easier by simplifying common practices used in the majority of developing web projects such as packages, modules, plug-ins, and even components (CakePHP).

[...] There are two types of packages; some are framework independent (stand-alone) and the others are for a specific framework. This tutorial will exclusively cover Laravel packages.

They start with a look at what these packages are and how they integrate with the framework and your application. They also link to a few of the packages they've found useful in their development including an IDE helper and OAuth wrapper. With this knowledge in place the tutorial then gets into to creating your own packages, installable via Composer and using a Service Provider to set up configuration needs. The post ends with a look at integrating and enabling your package through the application configuration.

tagged: laravel framework package introduction example composer

Link: http://code.tutsplus.com/tutorials/what-are-laravel-packages--cms-25013

Marc Morera:
Your Packages Dependencies
Dec 04, 2015 @ 10:36:58

In a recent post to his site Marc Morera discusses the topic of package dependencies in PHP applications. While a lot of the concepts and terms he use are more related to Symfony-based applications, the concepts are good and could apply anywhere.

I’m part of this group of people that consider themselves addicts to open source. [...] want to expose my personal experiences about what I learned over the time by leading an open source project, several small open source bundles and PHP libraries, and I want to do it by explaining how we should take care of our Symfony bundles or PHP component dependencies.

He starts by pointing out that he's talking about framework-agnostic packages and their dependencies here (but his own experience is, again, Symfony-centric). He talks about identifying true dependencies through both use statements and composer.json configurations. He points out that the tricky part comes when your dependencies have dependencies and conflicts that may come up because of these relationships. He also talks about another way to identify dependencies (through adapter use) and package versioning problems. He then gets into talking about Symfony bundle dependencies specifically and links to a tool that can help you map out your required packages. He ends the post with a look at development dependencies and the idea of "trust" in the open source software you use.

tagged: package dependencies version use composer adapter symfony bundle trust

Link: http://mmoreram.com/blog/2015/11/20/your-packages-dependencies/

Jordi Boggiano:
PHP Versions Stats - 2015 Edition
Nov 23, 2015 @ 13:17:54

It's come to "that time of year" again and Jordi Boggiano has posted the latest update in his series of PHP usage statistics. In this summary he looks at the PHP versions installed based on the packagist.org logs for developers using Composer.

It's that time of the year again, where I figure it's time to update my yearly data on PHP version usage. Last year's post showed 5.5 as the main winner and 5.3 declining rapidly. Let's see what 2015 brought.

[...] A quick note on methodology, because all these stats are imperfect as they just sample some subset of the PHP user base. [...] Composer sends the PHP version it is running with in its User-Agent header, so I can use that to see which PHP versions people are using Composer with. Of course this data set is probably biased towards development machines and CI servers and as such it should also be taken with a grain of salt.

He first compares the statics for his 2015 searches against the 2014 stats and shows the differences in usage for PHP versions 5.3.3 up to 5.6.0. Fortunately, the results show a rise in the usage of PHP 5.5 and a decline in all others...but it's not too much of a difference (2-3% range). Pie graphs are also included to help visualize these differences. He also includes some statistics on what PHP versions are required by certain packages for the ones listed on Packagist with increases starting with 5.4 and the largest advance for 5.5.

tagged: usage statistics version comparison yearly packagist composer required

Link: http://seld.be/notes/php-versions-stats-2015-edition

Tyler Longren:
Use Composer in Your WordPress Plugin or Theme
Nov 16, 2015 @ 10:22:47

In this post to his site Tyler Longren shows how to use Composer to install WordPress plugins as well as the usual libraries.

I love Composer. It just makes including libraries or scripts in your app incredibly easy. So easy that it’s stupid not to use it (in many, if not most cases).

[...] I'd never used Composer with a proprietary WordPress plugin before. The plugin is for a client so it’ll never be available to the public. Here’s the steps I took to make this WordPress plugin compatible with Composer so that I can easily bring in third-party libraries.

He breaks it down into a five step process, showing the installation of the Mailgun PHP client:

  • Install composer on your server
  • Add Mailgun as a dependency
  • Check your composer.json file
  • Tell composer to install Mailgun
  • Autoload Our Mailgun Classes in Our Plugin

With the help of Composer, the Mailgun client is ready to go and accessible in his WordPress instance, quickly and easily.

tagged: composer wordpress plugin mailgun client install autoload

Link: https://longren.io/use-composer-in-your-wordpress-plugin-or-theme/