I want to use the autoloader generated by composer for my unit tests to load classes automatically.
Now I don't know if I should commit my vendor directory to my git repo. A pro is that everyone who clones my repo immediately can run the phpUnit tests. A con is that I ship a lot of proprietary code with my repo.
Should I insist that the user who clones my repo has to run composer install first and therefor has to have composer "installed"?
Is it a solution to don't commit vendor directory into my git repo but pack it into a release branch so that my application runs out of the box?
The official recommendation is to ignore vendor/:
Tip: If you are using git for your project, you probably want to add vendor into your .gitignore. You really don't want to add all of that code to your repository.
Make sure to include both your composer.json and composer.lock files, though.
Related
When creating sites using a framework like Silverstripe I often want to use helper modules like gridfieldextensions and lumberjack.
I therefore use composer require to add the dependencies.
However when I follow my regular development work flow and use git add -A to add the module to the repo rather than the code being added to the repo I get a reference to it.
This causes problems when I then try to clone the site elsewhere (using Jenkins or another developer). The git clone or git pull leaves an empty directory.
I solve this by deleting the .git dir of the module and adding all the files.
Is there a better way to do this? Is using git submodule an option?
Somewhere i found a good .gitignore file that ignores everything and i have to tell it to include the custom modules for my project. It's like:
# ignore everything...
/*
# ...but
!/.htaccess
!/.gitignore
!/composer.json
!/composer.lock
!/Capfile
!/Gemfile
!/favicon.ico
!/touch-icon-*
!/mysite
!/some-module
#...other modules
# theme stuff
!/themes/
**/.sass-cache
**/node_modules
!**/node_modules/_manifest_exclude
#no assets in general, but /assets/.htaccess
!/assets
/assets/*
!assets/.htaccess
As FinBoWa already said you need the composer.json and composer.lock file in your project and running
composer install
on another machine it'll install the packages in the versions saved in the composer.lock file on that machine
composer install --no-dev
will only install the "normal" requirements, no dev-requirements like phpunit or other stuff you only need for developing or testing but not live
composer install --no-dev -o
will also optimize (-o) the auto loader, so it'll be a bit faster.
composer update
will update your packages, which might have funny side effects and break your site. So use it carefully and test afterwards.
composer update silverstripe/framework
will just update that package and finally
composer update silverstripe/*
will update all packages by the vendor silverstripe (e.g. framework and cms package)
See also:
gitignore documentation
composer documentation
This is how I use composer and svn together:
In my development version, I run composer to download required packages to the vendor directory. I then commit the vendor directory to svn together with the rest of the development folder. The production build makes a copy of the vendor folder.
I know, it is recommended not to commit the vendor directory in svn (see SVN Repo in vendor with Composer), but I want to be safe for the case when a composer update may break my application. It allows me to rollback everything in that case to the last stable state.
The problem with how composer works is that the checked out svn repo breaks, if composer deletes whole directories.
I would switch to the recommended practice and only check in composer.lock and composer.json into svn, if I knew how to rollback an eventual breaking composer update. Can somebody explain this to me, please.
When you have composer.lock and run composer install (not update) you are sure that you'll get dependencies which are "locked" by you.
Running composer update ignores entries in composer.lock and tries to download latest dependencies allowed by composer.json.
I have a PHP project with some 3rd party developed dependencies and some developed by myself.
Some times I happen to find a bug on one of the dependencies I maintain and want to patch it on the spot or code some extra functionality that fits the main project needs.
Right now I am coding on the module project, doing a commit and then a composer update on the main project's composer.json, whose source for the module is the remote repo.
I would like to be able to have the full dependency repos on the main project, or at least commit to local and get the update without pushing to remote.
I believe I can use composer create-project for that, but the problem is I also get a lot of rubbish (the 3rd party dependency repos) that make my project huge.
Is there any way to have a composer create-project that only downloads the full repo of the dependencies I choose (those developed by myself)? Or to have the repo url point to a local git repository folder instead of a remote one?
According to the manual, create-project
is the equivalent of doing a git clone/svn checkout followed by a
"composer install" of the vendors.
Considering that, you run
composer create-project --no-install
Then you add local repos in composer.json (I'm not sure if it is documented but you can provide absolute and relative local paths as repo url) and do
composer install
I've created my own site on my local computer and it works wonderfully. I'm having tons of fun developing with it. But when it came time to move it to my server and test I ran into issue.
I'm using the FOSUserBundle. Obviously being a Git of it's own, when I did a git commit and push, git ignored everything in vendor/friendsofsymfony/user-bundle. So when I cloned to my server, the folder came empty, and of course now my site doesn't work.
I want to do this the right way. So if it means destroying the git repo and doing it a different way, I'm ok with that.
So far I've tried.
Following the original install instructions for FOSUserBundle
Running the following:
composer update friendsofsymfony/user-bundle
composer install friendsofsymfony/user-bundle
Both return "nothing to update/install"
I've also tried clearing composer's cache between each command attempt.
rm -rf ~/.composer/cache
Answer is in the comments. Ignore vendor/ use composer to install the appropriate files.
also this Symfony project cloned with git vendors not installed
What it sounds like your trying to do is create a mywebsite parent repo within which you have a third party child repo that has the FOSUserBundle code. This uses git submodules and requires related submodule commands like git submodule init.
The ... directory is there, but empty. You must run two commands: git submodule init to initialize your local configuration file, and git submodule update to fetch all the data from that project and check out the appropriate commit listed in your superproject...
I don't know anything about composer. Here is how you could do it with git.
cd mywebsite
git init
git submodule add <url-to-FOSUserBundle-repo>
You should now have a directory structure like this:
mywebsite
.git
.gitmodules
FOSUserBunder
.git
See also http://git-scm.com/book/en/v2/Git-Tools-Submodules
Is there a way to clean unused dependencies and composer dev requires to reduce a Laravel project, because it's so heavy (43,3 Mb) and it's a small project. Btw, I'm using some dev helpers like Debugbar and IDEHelpers which are not used for deployment...
Is there a way to make a deployment version of my project in other folder
The recommended way to deploy your app is without the vendor directory. I'm going to assume that you're using git for your project. First, put the following in your .gitignore.
/vendor/
Now remove the vendor directory from your repository
git rm -r --cached vendor
git commit -m 'Removed vendor directory'
Now you have a two step deployment:
Update the app using git pull or however you usually deploy.
Run composer install --no-dev --optimize-autoloader. This will generate your vendor directory omitting any development only dependencies.
In order to take advantage of the --no-dev flag, you need to put your development dependencies in the require-dev section in your composer.json. For example:
"require-dev": {
"phpunit/phpunit": "~4.3"
}
Now PHPUnit will be required for development, but not when the --no-dev flag is specified.
Maybe I'm misunderstanding your question but when you deploy a project, you shouldn't be deploying the laravel app with it (/vendor/). You should run composer install and it will pull in all the dependencies. In your composer.json file you can also choose which dependencies are for dev environments only similar to the require-dev section found here: https://gist.github.com/philsturgeon/5976359