News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Peter Petermann:
A few thoughts about composer and how people use it
May 18, 2015 @ 10:17:43

In the latest post to Peter Petermann's site he shares a few thoughts about Composer and how people use it in the more modern PHP ecosystem.

Composer has changed the PHP ecosystem like now other tool introduced - almost everyone is using it today. Now, I have written about Composer before, and have always been a big proponent of using it. However, as i have spend some time with looking more closely on a few things, there is a few problems (some with Composer, some with how people (ab)use Composer) that I would like to write about.

He's broken the list up into six different point, each with a bit of explanation:

  • Composer gets slow and resource hungry
  • People are using composer as an installer
  • People use their own paths
  • People don't adhere semver
  • People don't tag their releases / don't release
  • People release packages with dependencies to unstable versions

He ends the post by looking at each of these points and offering a brief one-liner way to help solve the issue (or at least minimize the problem).

0 comments voice your opinion now!
composer opinion problem usage ecosystem package

Link: https://devedge.wordpress.com/2015/05/16/a-few-thoughts-about-composer-and-how-people-use-it/

ServerGrove Blog:
Satis building your own Composer repository
April 30, 2015 @ 11:26:53

Composer has definitely made a huge impact on how PHP packages and libraries are integrated into other applications. Sometimes, though, it makes more sense for you to keep your code internal to the organization rather than have it public where Composer can install it. In this case, using some thing like Satis (a self-hosted Packagist-ish server) makes more sense.

We all love Composer. It changed dramatically the way we build PHP applications, based on small and reusable components, but this creates new challenges, especially when we have a single point of failure (SPO). With Satis, the deployment process can be made robust by adding redundancy in all potential SPOFs (Packagist and GitHub). Let's see how it works.

They start with a brief look at how Composer works for those not familiar, making the connection with Packagist and ultimately the public repository. In the context of the "single point of failure" they talk about Packagist being down and it preventing the install (or deployment!) of your application. Satis is prefect to help prevent this. The article then shows how to install Satis (via Composer, naturally) and how to set up the configuration file to define the repositories. The server is then built and can be run using the built-in PHP server on the port of your choice. They include a screenshot of the end result and a quick example of how to use it via your project's Composer configuration.

0 comments voice your opinion now!
satis tutorial packagist composer local server install configure repository

Link: http://blog.servergrove.com/2015/04/29/satis-building-composer-repository/

Acquia Blog:
PHP Reset, PHP Renaissance Unify everything in PHP with Composer
April 30, 2015 @ 08:19:15

On the Acquia blog there's a new post today with another of Jeffrey A. "jam" McGuire's interviews with a member of the PHP community. In this latest interview he talks with Jordi Boggiano, a lead developer on the Composer project that's changed the way people use and install PHP packages.

It was great to get the chance to sit down and talk with Jordi Boggiano at SymfonyCon Madrid 2014. Jordi is responsible for Composer, one of the most important pieces of technology that is driving PHP interoperability and the PHP "renaissance" of the last couple of years. He's also on the Symfony2 core team.

Jeffrey gives a brief overview of some of the main points that Jordi makes in his interview including the suggestion of "using what you know" and thinking of the people/users of the tool, not just the technology of it. He also mentions Jordi's response to the "PHP Renaissance" (and note that he sees it as more of a PHP Reset instead). You can watch the full interview video either through the embedded player or on YouTube, You can also use the in-page audio player or download the mp3 if you'd like an audio-only version.

0 comments voice your opinion now!
acquia interview community jordiboggiano composer video reset renaissance

Link: http://www.acquia.com/resources/podcasts/acquia-podcast-192-php-reset-renaissance-unify-everything-composer

Engine Yard Blog:
Composer & Continuous Integration
April 29, 2015 @ 09:14:11

In a new post to the Engine Yard blog Nils Adermann provides an overview of using Composer with continuous integration, its role in the overall process and some good practices to follow in its use.

Continous Integration (CI) is the practice of continuously (and automatically) testing every change a developer makes. So automated tests become an integral part of the development process providing direct feedback on changes made. [...] Davey Shafik's article on Composer's Lock File explains the typical usage of composer install and update. The key takeaway is that developers should run composer update manually to explicitly update individual dependencies while composer install should be used in automated processes. This principle includes automated test environments.

He points out that using the lock file method reproduces the vendor directory exactly as it is in production and what it means for failures in your automated tests. He also talks about methods to improve the build performance to reduce time spent during the generation of the environment, including the use of the Composer cache data. He includes a few flags you can pass to Composer to reduce not only the libraries it installs but also how it fetches their contents.

0 comments voice your opinion now!
composer continuous integration build process performance automated test composerlock

Link: https://blog.engineyard.com/2015/composer-continuous-integration

Alejandro Celaya:
Composer advanced concepts
April 28, 2015 @ 11:42:34

Alejandro Celaya has shared some advanced concepts when using Composer that you may or may not know this popular tool could do.

Composer is The Tool in any modern PHP project. Nowadays I can't imagine to work without it. It is much more powerful than some people think, easily solving the integration of third party components in our projects, but there are some advanced features that are less known. I'm going to try to explain some of the best practices and mechanisms bundled with composer.

His list of more advanced techniques and concepts includes:

  • Globally installing composer
  • Create the composer.json file (with composer init)
  • Production environments (and flags to customize the installation)
  • Executing CLI scripts

There's several more items in his list and each includes a description of the feature/practice and commands or code where appropriate.

0 comments voice your opinion now!
composer advanced concept practice install configure tutorial

Link: http://blog.alejandrocelaya.com/2015/04/25/composer-advanced-concepts/

Made With Love Blog:
Tilde and caret version constraints in Composer
April 13, 2015 @ 12:56:22

The Made With Love blog has posted a great introduction to version handling in Composer today. They focus in on two characters that can be confusing if you're not exactly sure what they mean - the carat (^) and tilde (~).

A dependency that uses semantic versioning allows you to predict wether it is still going to work or not when you upgrade it to a new version. Basically when the x in a x.y.z version number changes, you might need to do some changes to be able to work with this new version without problems. [...] Depending on your dependency manager you can define version constraints using wildcards (*), comparators like <=, logical operators (, often means AND and | means OR), etc. [...] There are also some syntactic sugar operators like ~ (tilde) and ^ (caret)

They include some examples of both characters in use defining the required install versions, showing how one allows for approximate matches and the version ranges they apply to.

0 comments voice your opinion now!
composer dependency version constraint tilde carat

Link: http://blog.madewithlove.be/post/tilde-and-caret-constraints/

Scotch.io:
A Beginner's Guide To Composer
March 31, 2015 @ 13:48:55

The Scotch.io site has posted a guide that can help you if you're just getting started in the world of PHP packages via Composer. In this new tutorial Daniel Pataki introduces you to the tool and how to use it to install the dependencies you need.

I'm sure there are plenty of coders out there who are wondering about the benefits of using composer and many who are afraid to make the leap into a new system. In this article we'll take a look at what exactly Composer is, what it does and why it is a great tool for PHP projects.

He starts with the basics of dependency management, why it would be used in a project and how it automates the installation and integration of 3rd party libraries. From there he helps you get Composer installed and starts in on a sample "composer.json" configuration file. In his example he installs Monolog, the popular PHP logging class. He talks some about how to specify versions, locking down the dependency versions to install and installing "developer only" requirements.

0 comments voice your opinion now!
composer package dependencies library introduction beginner guide

Link: https://scotch.io/tutorials/a-beginners-guide-to-composer

ServerGrove Blog:
Security tools for PHP projects
March 23, 2015 @ 12:19:13

On the ServerGrove blog there's a new post looking at some of the currently available PHP security tools you can use to help keep your applications safe.

Security is getting more and more important, and the PHP community has been doing great improvements in this topic during the last few years. From better configuration settings to provide some level of security by default to frameworks providing functionality to avoid common attacks such as XSS, CSRF or SQL injection. [...] Well, any piece of software can have bugs, and obviously open source projects are not an exception. The good point is that security researchers, once they find a vulnerability, it is reported and added to a database of known vulnerabilities. We basically need to find a way to avoid using code with known vulnerabilities, and there are some interesting tools out there to help us.

They list four tools that focus on different areas of the security of your application to help provide good basic coverage:

One thing to note, these are all automated tools so they shouldn't be relied upon exclusively to ensure the security of your application. Testing and evaluation of the codebase with these and other testing tools should always be done as well.

0 comments voice your opinion now!
security tools list checker advisories roave composer iniscan versionscan

Link: http://blog.servergrove.com/2015/03/23/security-tools-php-projects/

Piotr Pasich:
Ant, composer and code quality tools
March 18, 2015 @ 11:33:47

In his latest post Piotr Pasich shares some handy tips (and tools) to help you use Composer to do some of the common tasks you might use Ant or Phing for.

I decided to start with something uncomplicated - a simple solution that could help me solve a prosaic, but annoying issue. For instance, XML format. No, I won't fight with it. I see it as great and practical, however mostly I don't need so sophisticated code to cover my needs - the yaml usually fits the purpose. [...] Yet, do I really need this flexibility [of XML configuration] when I use vagrant or docker to maintain the same environment as on the production? For 90% of PHP projects probably I won't use all of the features of the virtualization tools. I only want to install necessary libraries, check the code quality before committing or introduce fixtures. Most of those points are easily feasible in composer.

He then shows how to execute these checks through the functionality included with Composer to run custom scripts. His example measures the quality of the code based on the results first from a single run of the PHP Mess Detector (phpmd) command. He then extends this with the open source contribution he mentions earlier with his CodeQualityThreshold library allowing not only for more checks (phpmd, phpcs, phpcpd, etc) but also allows you to configure the thresholds for each class if desired. He includes an example of it in action and screenshots of the results.

0 comments voice your opinion now!
ant composer code quality phpmd commandline library codequalitythreshold threshold

Link: http://piotrpasich.com/ant-composer-and-code-quality-tools/

Alan Storm:
Laravel 5 Autoloader
February 24, 2015 @ 11:51:15

Alan Storm has a new post to his site that takes an in-depth look at Laravel's autoloader and how things have changed with the release of Laravel 5.

Last time we finished up our look at Laravel 4.2's autoloader implementation. Like a lot of features in Laravel, (or any framework), once you pull out the microscope sharp edges begin to jut out everywhere. However, unlike many other framework teams, the Laravel core team is willing to make shifts in their platform and application architecture. If you're familiar with the internals of Laravel 4, looking at the internals of Laravel 3 may be a little disorienting. Similarly, the recent release of Laravel 5 presents some new wrinkles at the system level.

In the post he compares some of the differences based off of things found in a previous look at Laravel 4.2's autoloading system. He lists out the autoloaders initialized during the autoloader phase, four of them, including the use of the PhpParser library and Composer-only autoloading. He also includes a section at the end about some other smaller autoloading changes in the Composer configuration in both the "autoload" and "autoload-dev" sections.

0 comments voice your opinion now!
laravel autoloader laravel4 laravel5 indepth composer phpparser swift

Link: http://alanstorm.com/laravel_5_autoloader


Community Events

Don't see your event here?
Let us know!


series install interview laravel opinion performance example voicesoftheelephpant configure symfony2 podcast community conference api php7 library introduction release application framework

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework