How to correctly use Composer to install Laravel extension package
We often need to add extension packages to existing projects. sometimes, due to document error guidance, such as from this document:
In our current logic, the composer update command may cause huge damage to the project.
Because the logic of composer update is based on composer. update all expansion packages to the latest version according to the extension package version rules specified in json. Note that all expansion packages are used. for example, you used monolog at the beginning of the project, the current configuration information is
The monolog 1.1 version is installed, and more than a month later, monolog is already 1.2, and is directly updated to 1.2 after running the command. at this time, the project has not been tested against 1.2, the project suddenly becomes unstable and sometimes worse than this, especially in a large project where you did not write a complete coverage test for the project, you don't know what is broken.
Which command should I use? Install, update or require?
Next we will explain it one by one.
- Composer install-directly install the composer. lock file if any. otherwise, install the latest extension package and dependencies from composer. json;
- Composer update-install the latest extension package and dependency from composer. json;
- Composer update vendor/package-update configurations from composer. json or corresponding package to the latest version;
- Composer require new/package-add and install new/package. you can specify a version, for example, composer require new/package ~ 2.5.
Next we will introduce several daily production processes to help you better understand them.
Process 1: New project process
- Create composer. json and add the dependent extension package;
- Run composer install to install the extension package and generate composer. lock;
- Commit composer. lock to the code version controller, such as git;
Process 2: Project collaborators install existing projects
- After the project is cloned, run composer install in the root directory to install the extension package of the specified version and its dependencies from composer. lock;
This process is applicable to the deployment of production environment code.
Process 3: Add a new extension package for the project
- Use composer require vendor/package to add extension packages;
- Commit the updated composer. json and composer. lock to the code version controller, such as git;
About the composer. lock file
Composer. the lock file stores the version records for each code dependency (see figure), submits the records to the version controller, and works with composer install, this ensures the consistency of the code versions running in the development environment and online production environment of all collaborators of the team.
How to install the extension package
So, you are going to add an extension package. the install, update, and require commands can be used to install the extension package. which one is correct?
The answer is: use the composer require command.
In addition, modify composer manually. after the extension package is added in json, composer update new/package can be correctly installed to update the specified extension package. However, this method is not recommended because, once you forget to finalize the extension package name, it will go into the endless state.
The above concepts are confusing for beginners and veterans. remember this concept:
All new extensions added to the original project are installed using composer require new/package.
Welcome to LaravelTips, a public account dedicated to providing Laravel developers with better understanding of the Laravel framework and improved development efficiency.