Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Rob Allen:
Slim 3.4.0 now provides PSR-7!
May 09, 2016 @ 09:48:10

Rob Allen has a post to his site announcing the latest release of the Slim Framework - v3.4.0 - and an update that allows for full PSR-7 support, telling Composer that the framework fully supports it now as well.

I've been neglecting Slim's PR queue recently, so this weekend I dedicated a lot of time to merging all the good work that our contributors have done. As a result, I'm delighted to release version 3.4.0! This release has a larger set of changes in it than I would have ideally liked which is a direct consequence of having gone two months between releases rather than one.

One particularly interesting addition that we have a made this release is adding a provide section to our composer.json file. [...] This means that we have informed Composer that Slim provides a valid implementation of the interfaces in psr/http-message-implementation virtual package that defines the PSR-7 interfaces.

This basically means that if you're using other libraries/tools that require a PSR-7 compatible system to work correctly, they'll detect that Slim fully supports it.

tagged: slimframework slim3 psr7 support http message implementation composer

Link: https://akrabat.com/slim-3-4-0-now-provides-psr-7/

Leonid Mamchenkov:
Adventure in composer private repositories
Apr 22, 2016 @ 09:19:44

In this new post to his site Leonid Mamchenkov talks about some of his "adventure with Composer private repositories" in some of his deployment work with CakePHP 3 applications.

As good as the Packagist is, there is often a need for a repository or a package elsewhere. Whether it’s a commercial library, or sensitive corporate code, having an ability to store it outside of public eye and handle with the same ease and the same tool as the rest of the dependencies is a very welcome feature.

[...] We are setting up similar development and deployment process, but now for CakePHP-based projects. Things are much easier, since CakePHP 3 natively supports composer for the application itself and for its plugins. But we still have the need for private repositories here and there, so we follow the same setup as we did for WordPress.

Unfortunately he was getting a RuntimeException when he was trying to pull in a plugin through the same private repository workflow. Not only had he not seen the error before but the autoloader was configured as defined and other plugins were working with the same structure. As it turns out, it was the composer.json of the main application repository that was the problem. He includes the fix he made to the configuration on a sample CakePHP 3 project, showing how to switch it to a "vcs" type for more correct handling.

tagged: composer private repository issue runtime exception composerjson configuration

Link: http://mamchenkov.net/wordpress/2016/04/21/adventure-in-composer-private-repositories/

Jordi Boggiano:
Common files in PHP packages
Apr 21, 2016 @ 09:29:15

Jordi Boggiano has a new post to his site today sharing some interesting PHP package statistics he gathered as a part of the metadata in the Composer/Packagist ecosystem.

This one started in a peculiar way. Paul M. Jones announced a new version of his Producer tool, I had a look at it and saw that it recommended having a changelog called CHANGES.md by default. [...] My first thought was to report an issue asking to change the default, but then I thought it's Paul, he will not just take my word for it, he will want hard facts. So here I am two days later. I queried GitHub's API for the file listing (only the root directory) of all PHP packages listed on packagist.org. What this let me do is look at what files are commonly present (and not), which is quite interesting to get a picture of the whole ecosystem.

He queried about 79,000 packages and found some interesting patterns in the results. These included findings like:

  • 8% have a DependencyInjection/ directory, which I believe indicates Symfony bundles
  • 3.6% have a examples/ and 3.5% a docs/ directory
  • 49% have some file or directory indicating the presence of tests (phpunit.xml & co)
  • 14% have committed their composer.lock
  • 8% show a presence of some code quality/style CI (scrutinizer, codeclimate, styleci)

There's some other interesting statistics in the post around license files, changelogs and CLI binaries too. He's also posted the full data set for anyone interested in running some of their own statistics on the results.

tagged: package statistics packagist composer data results summary

Link: https://seld.be/notes/common-files-in-php-packages

Rob Allen:
Using Eloquent in Slim Framework
Apr 07, 2016 @ 09:45:31

Rob Allen has a quick post showing how to use Eloquent in a Slim framework application to work with your database queries and functionality.

Eloquent is one of the easier ORMs to get started with, so let's look at how to use and test it within a Slim Framework application. [...] Eloquent is quite a nice implementation of the Active Record pattern. If that meets your needs, then it is easy to use within a Slim Framework application, so go for it!

He walks you through the set up of the Eloquent package via a Composer require and update your Slim configuration with the database settings. He then includes the few lines you'll need to use the "capsule" manager to integrate it with the Slim structure. He also talks about testing models and shows how to create some simple tests with PHPUnit and a bit of mocking.

tagged: slimframework eloquent database capsule composer tutorial

Link: https://akrabat.com/using-testing-eloquent-in-slim-framework/

Jordi Boggiano:
Composer goes Gold
Apr 05, 2016 @ 13:08:39

Jordi Boggiano has posted some excellent news for all of the Composer users out there - the widely popular dependency management tool has officially "gone gold" and has tagged the stable v1.0.0 version of the tool.

Five years ago today, Composer was born. In some ways it feels like yesterday, at least it doesn't feel like five years went by. In other ways it seems like a lifetime ago, and I can barely remember what it was like to write PHP code without having a whole ecosystem at my fingertips.

Jordi talks about one big change that happened recently around the "self-update" feature of the tool. He hopes that more people will use the preview or snapshot channels in their deploys/development so he can get more information about these other options before they get to stable. Finally, to mark the occasion Jordi has put a "gold" copy (on floppy disk none the less) up for sale on eBay to commemorate the release.

tagged: composer v1 stable release gold commemorate gold disk ebay

Link: https://seld.be/notes/composer-goes-gold

SitePoint PHP Blog:
Drunk with the Power of Composer Plugins
Mar 28, 2016 @ 13:54:25

The SitePoint PHP blog has a new tutorial for the Composer users out there talking about Composer plugin development and how they can add functionality to this already powerful tool.

Composer is the sharpest tool in the toolbox of the modern PHP developer. The days of manual dependency management are in the distant past, and in their place we have wonderful things like Semver. Things that help us sleep at night, because we can update our dependencies without smashing rocks together.

[...] Even though we use Composer so frequently, there’s not a lot of shared knowledge about how to extend it. [...] Yet, recent changes have made it much easier to develop Composer plugins. [...] So, today I thought we would explore the possibilities of Composer plugin development, and create a fresh bit of documentation as we go.

He walks you through the creation of a simple plugin: one that tracks users and the dependencies they require. He shows you how to create the initial plugin boilerplate and the creation of the addDependencies and activate methods. These grab the dependencies being added and send the information off to a remote site.

tagged: composer plugin tutorial dependency tracking introduction

Link: http://www.sitepoint.com/drunk-with-the-power-of-composer-plugins/

Paul Jones:
Producer: Validate and Release PHP Library Packages
Mar 23, 2016 @ 09:40:44

In this post to his site Paul Jones introduces a tool that aims to help you and your Composer-centric workflow, making it easier to validate and release packages for your projects: Producer.

Back when I was working on Solar, we needed a process to package up each release of the entire framework and make sure I hadn’t forgotten anything. [...] After Solar was done, we began extracting its individual components as 30 or so separate packages in Aura.

[...] But now I have started some non-Aura projects: Relay, Radar, Arbiter, Bookdown, and most recently Atlas. These projects do not have the benefit of the automated release process, with all of its checks and validation, that Aura does.

With that in mind, then, I have extracted a substantial amount of the Aura package release process into a new project, Producer, so that I can use it with any non-Aura library package. That means you can use it with your library package, too.

He goes on to talk about why you might want to use Producer in your workflow and its functionality for validating and releasing packages. He also answers some of the common questions he's gotten about the tool, mostly around the steps it takes during the validation/release process.

tagged: producer composer package library release validate workflow process

Link: http://paul-m-jones.com/archives/6301

Joe Ferguson:
Adding Homestead to a SlimPHP App
Mar 22, 2016 @ 11:26:09

Joe Ferguson has a quick post to his site today showing you how to use a Homestead VM to run a Slim 3 application with just a few quick commands.

I’ve been a fan of SlimPHP for a really long time. Recently I started using it for a site that I do freelancing development for and wanted to share a quick solution to local development. It’s no secret that I love Laravel’s Homestead vagrant environment. Using the per-project installation method, you are only three commands away from running a SlimPHP skeleton application in a local Homestead VM.

The remainder of the post shows the commands to:

  • create a new Slim application based on the Skeleton
  • Setting up Homestead
  • And creating a new instance to host the Slim application

With a quick vagrant up your virtual machine is ready to go with the application ready to run.

tagged: homestead virtualmachine slim3 slimframework tutorial install composer

Link: https://www.joeferguson.me/adding-homestead-to-a-slimphp-app/

Laravel News Podcast:
Episode #11 – Spark Watch, Interview with Shawn McCool
Mar 08, 2016 @ 12:22:46

The Laravel News podcast has posted their latest episode today: Episode #11 - "Spark Watch, Interview with Shawn McCool".

In this episode, we talk with Shawn McCool about Laracon.eu and latest Spark news, my new dotdev.co project, and painless switching to mariadb.

They also spend some time discussing one of the latest major advancements in the world of Composer - its official tagging of beta 1. You can listen to this latest episode either by subscribing via iTunes or their RSS feed.

tagged: laravelnews podcast ep11 spark shawnmccool composer

Link: https://laravel-news.com/2016/03/episode-11-spark-watch-interview-shawn-mccool/

Larry Garfield:
Composer vs. Linux Distributions: A Mental Model Battle
Feb 25, 2016 @ 11:41:11

In his latest post Larry Garfield talks about the Composer problem that was recently brought up by the Gentoo linux project and is related to how Composer packages and system-level shared libraries differ.

This is not a new complaint; Other distributions have complained about Composer's impact before. But fundamentally I think the issue stems from having the wrong mental model of how modern PHP works when viewed from a distribution or sysadmin perspective.

In a recent heated GitHub thread, several people referred to PHP "linking" to 3rd party libraries, as if they were shared C libraries. That is simply not the case. Neither "static linking" nor "dynamic linking" really applies to PHP. From a sysadmin perspective, PHP is closer to highly complicated bash scripts than anything else.

Larry starts with a bit of history on the subject, pointing out the two methods most developers used PHP code: copy/pasted from the web or installed via PEAR. He talks about the common issues with both approaches. He then talks about how modern PHP development and Composer related and how, from a sysadmin perspective, Composer is the "compile" step of PHP and only supports static links. He also makes some suggestions to the distribution packagers around how to handle these system-level Composer dependencies (and how to treat it like a "binary" if needed).

The mistake here is trying to treat dependent packages of modern PHP applications like shared libraries. They're not. The community has spoken, and PHP simply doesn't work that way anymore. Fighting that is a losing battle. But by viewing composer as a compiler, distributions can still slot PHP into their typical workflows and get all of the security update ease that they're looking for.
tagged: composer linux distribution mental model shared library system dependency gentoo

Link: http://www.garfieldtech.com/blog/composer-distribution-mental-model