Home >Development Tools >composer >Introduction to the role of composer.lock file
The following column of composertutorial will introduce to you the function of composer.lock file. I hope it will be helpful to friends in need!
Used in the project composer.json
To use composer in a project, you need to have a composer.json file. This file is mainly used to declare the mutual relationships between packages and other element tags.
require keyword
The first thing to do in composer.json is to use the require keyword. You will tell composer which packages your project needs
The code is as follows:
{ "require": { "monolog/monolog": "1.0.*" } }
As you can see, the require object will map the name of the package (monolog/monolog) and the version of the package is 1.0.*
The naming of the package
Basically, the naming of the package is the main name/project name (monolog/monolog). The main name must be unique, but the name of the project, which is our package, can have the same name, for example: igorw/json, and seldaek /json
Package version
The version of monolog we need to use is 1.0.*, which means that as long as the version is the 1.0 branch, such as 1.0.0, 1.0.2 or 1.0 .99
Two ways of version definition:
1. Standard version: Define a guaranteed version package file, such as: 1.0.2
2. A certain range of versions: Use comparison symbols to define the range of valid versions. Valid symbols include >, >=, 5af5b4401fd66a461ea9703551ad3faa=1.0, de82e92441e03fed46c5d3129272fb981.2,8df59bb9076a174e8f27985131dcdc6c=1.2.3,<1.3 version.
Installation package
Run in the project file path
The code is as follows:
$ composer install
In this way, it will automatically download the monolog/monolog file to your vendor below the directory.
The next thing that needs to be explained is
composer.lock - lock file
After installing all required packages, composer will generate A standard package version file is in the composer.lock file. This will lock versions of all packages.
Use composer.lock (of course together with composer.json) to control the version of your project
This is very important. When we use the install command to process it, it will first Determine whether the composer.lock file exists. If it exists, the corresponding version will be downloaded (not based on the configuration in composer.json), which means that anyone who downloads the project will get the same version.
If composer.lock does not exist, composer will read the required package and relative version through composer.json, and then create the composer.lock file
This way you can After the package has a new version, you will not be automatically updated. To upgrade to the new version, just use the update command. This way you can get the latest version of the package and also update your composer.lock file.
$ php composer.phar update 或者 $ composer update
Packagist (This should be composer. It feels a bit like a python package, although it is not as powerful. Haha, with this standard, it will definitely be easy for everyone to develop websites in the future, and you can learn from many people’s codes. , and more convenient!)
Packagist is the main warehouse of composer. You can check it out. The basis of the composer warehouse is the source code of the package. You can obtain it at will. The purpose of Packagist is to build a library that can be used by anyone. A repository can be used, which means any require package in your file.
About automatic loading
In order to conveniently load package files, Composer automatically generates a file vendor/autoload.php, which you can conveniently use wherever you need to use it
require 'vendor/autoload.php';
This means that you can use third-party code very conveniently. If your project needs to use monlog, you can use it directly. They have been automatically loaded!
The code is as follows:
$log = new Monolog\Logger('name'); $log->pushHandler(new Monolog\Handler\StreamHandler('app.log', Monolog\Logger::WARNING)); $log->addWarning('Foo');
Of course you can also load your own code in composer.json:
The code is as follows:
{ "autoload": { "psr-0": {"Acme": "src/"} } }
composer will register psr-0 as the Acme namespace
You can define a mapping to the file directory through the namespace. The src directory is your root directory and vendor is the directory at the same level. For example, a file: src/Acme/Foo.php contains Acme\ Foo class
After you add autoload, you must reinstall to generate the vendor/autoload.php file
When we reference this file, an autoloader class will be returned. , so you can put the returned value into a variable, and then add more namespaces. This is very convenient in a development environment, for example:
The code is as follows:
$loader = require 'vendor/autoload.php'; $loader->add('Acme\Test', __DIR__);
The role of the composer.lock file
The install command reads the composer.json file from the current directory, processes the dependencies, and installs it into the vendor directory.
code show as below:
composer install
如果当前目录下存在 composer.lock 文件,它会从此文件读取依赖版本,而不是根据 composer.json 文件去获取依赖。这确保了该库的每个使用者都能得到相同的依赖版本。
如果没有 composer.lock 文件,composer 将在处理完依赖关系后创建它。
为了获取依赖的最新版本,并且升级 composer.lock 文件,你应该使用 update 命令。
代码如下:
composer update
这将解决项目的所有依赖,并将确切的版本号写入 composer.lock。
如果你只是想更新几个包,你可以像这样分别列出它们:
代码如下:
composer update vendor/package vendor/package2
你还可以使用通配符进行批量更新:
代码如下:
composer update vendor/*
The above is the detailed content of Introduction to the role of composer.lock file. For more information, please follow other related articles on the PHP Chinese website!