composer 2 0
play

Composer 2.0 Nils Adermann @naderman Private Packagist - PowerPoint PPT Presentation

Oct 26, 2023 •325 likes •609 views

Composer 2.0 Nils Adermann @naderman Private Packagist https://packagist.com Goals for 2.0 Performance Improvements - - Better reproducibility - Most serious 1.x bugs are edge cases which are difficult to debug and hard to reproduce -

  1. Composer 2.0 Nils Adermann @naderman Private Packagist https://packagist.com

  2. Goals for 2.0 Performance Improvements - - Better reproducibility - Most serious 1.x bugs are edge cases which are difficult to debug and hard to reproduce - Better error reporting - New features which become easier to add by BC breaks/refactoring - Keep upgrading as painless as possible Nils Adermann @naderman

  3. Why 2.0 at all and not 1.x?

  4. Improving Performance What makes Composer slow? - - I/O - Network - Metadata JSON downloads - Package file downloads - Memory access - Writing, accessing and modifying GBs of memory - CPU - Sequential unpacking of code archives Nils Adermann @naderman

  5. Improving Performance What does Composer use memory for? - JSON representation of every version of every package that may fit your requirements - representation of dependencies/conflicts for SAT solver between all of these packages Solutions - Reduce number of package versions which “may fit my requirements” - Represent dependencies/conflicts more efficiently Nils Adermann @naderman

  6. Reduce number of package versions which “may fit my requirements” - Composer 1 lazy loads packages while creating memory representation of dependencies - Idea: Solver only loads what it needs when it gets to that point - Problems - Solver just waits for same info at a later point - Impossible to reduce set of packages before generating dependencies - Parallelized network access becomes hard to manage Composer 2.0 refactors process into multiple clearly separated steps: - Recursively download metadata only for package versions which may really get installed - Reduce number of package versions in memory as far as possible - Generate solver memory representation of dependencies => BC Break (for plugins) => 2.0 Nils Adermann @naderman

  7. Represent dependencies/conflicts more efficiently SAT Solver takes boolean expressions, e.g. foo/bar 1.0 requires baz/qux ^2.0 (- foo/bar 1.0 | baz/qux 2.0.0 | baz/qux 2.0.1 | baz/qux 2.1.0) foo/bar 1.0 conflicts with baz/qux ^2.0 (- foo/bar 1.0 |- baz/qux 2.0.0) & (- foo/bar 1.0 |- baz/qux 2.0.1) & (- foo/bar 1.0 |- baz/qux 2.1.0) You can only install one version of a package => automatically generate a conflict for each pair of versions foo/bar 1.0, 1.1, 1.2 (- foo/bar 1.0 |- foo/bar 1.1) & (- foo/bar 1.0 |- foo/bar 1.2) & (- foo/bar 1.1 |- foo/bar 1.2) Extreme Growth = 3 versions 6 versions 100 versions 500 versions 1000 versions Composer 1 3 rules 15 rules 4,950 rules 124,750 rules 499,500 rules Composer 2 1 rule 1 rule 1 rule 1 rule 1 rule Composer 2.0 uses a special single multi conflict rule representation for all of these rules foo/bar 1.0, 1.1, 1.2 oneof(foo/bar 1.0, foo/bar 1.1,foo/bar 1.2) Nils Adermann @naderman

  8. Improving Performance: Network - JSON Metadata & Package archive downloads - Parallelization of HTTP requests with curl multi - Use of HTTP/2 features to reduce server round-trips - More reliable and feature complete than Composer 1 plugin implementations (hirak/prestissimo, symfony/flex) which were limited by plugin interface - Packagist.org protocol improvements - Reduced amount of data transferred - Stability improvements to packagist.org infrastructure Note: Improvements require ext-curl Nils Adermann @naderman

  9. Improving Performance: Archive Extraction Composer 2.0 unzips all downloaded archives in parallel - - Requires Linux/OS X/WSL - Requires CLI command unzip in $PATH Nils Adermann @naderman

  10. Improving Performance What makes Composer slow? - - I/O ✔ - Network ✔ - Metadata JSON downloads ✔ - Package file downloads ✔ - Memory access ✔ - Writing, accessing and modifying GBs of memory ✔ - Reduce number of package versions which “may fit my requirements” ✔ - Represent dependencies/conflicts more efficiently ✔ - CPU ✔ - Sequential unpacking of code archives ✔ Nils Adermann @naderman

  11. Improving Performance Benchmarks? - - Only anecdotal information so far “Whoa, I tried Compsoer V2 alpha 1, nearly 80% faster on a composer install” “Fast. Faster. Composer 2.0” “If you are still on PHP 7.3 you gain the most, Composer 2.x is about 2.5 times faster than Composer 1.x. If you are already on PHP 7.4, Composer 2.x will be about 1.8 times faster. This is really impressive!” “c omposer update Spryker is seeing 64% memory reduction & 51% less time - from 3.4GB to 1.2GB and down from 2 minutes to 1 minute! Thanks to @sprysys for financially supporting this work through a Private Packagist subscription!” Nils Adermann @naderman

  12. Better Reproducibility: composer update vs composer install

  13. Separating update & install Nils Adermann @naderman

  14. Separating update & install vendor symfony/http-foundation 5.1.2 previous local upgrade attempt composer.lock symfony/http-foundation: 4.4.10 old production state composer.json symfony/http-foundation: 5.0.* limited upgrade for now, because of 5.1 issues naderman@saumur:~/projects/composer/test/symfony-http-foundation$ composer update Loading composer repositories with package information Updating dependencies Lock file operations: 0 installs, 1 update, 0 removals - Upgrading symfony/http-foundation (v4.4.10 => v5.0.10) Writing lock file Installing dependencies from lock file (including require-dev) Package operations: 3 installs, 1 update, 1 removal - Removing symfony/deprecation-contracts (v2.1.3) - Installing symfony/polyfill-php72 (v1.17.0): Extracting archive - Installing symfony/polyfill-intl-idn (v1.17.1): Extracting archive - Installing symfony/mime (v5.1.2): Extracting archive - Downgrading symfony/http-foundation (v5.1.2 => v5.0.10): Extracting archive Generating autoload files 6 packages you are using are looking for funding. Use the `composer fund` command to find out more! Nils Adermann @naderman

  15. New Features

  16. Ignoring specific platform requirements Trying to test your project on PHP8? composer update --ignore-platform-reqs Installs on PHP8 May install packages requiring PHP extensions you do not have composer update --ignore-platform-req=php Installs on PHP8 Checks all extension requirements as usual Nils Adermann @naderman

  17. Partial Updates to specific versions // composer.json "require": { "symfony/http-foundation": “^4.0 || ^5.0" , } // composer.lock "packages": [ { "name": "symfony/http-foundation", "version": "v4.4.10", $ composer update symfony/http-foundation :5.0 Loading composer repositories with package information Updating dependencies Lock file operations: 0 installs, 1 update, 0 removals - Upgrading symfony/http-foundation (v4.4.10 => v5.0.0) Writing lock file Installing dependencies from lock file (including require-dev) Package operations: 0 installs, 1 update, 0 removals - Downloading symfony/http-foundation (v5.0.0) - Upgrading symfony/http-foundation (v4.4.10 => v5.0.0): Extracting archive Nils Adermann @naderman

  18. Repository Priorities - Repositories are canonical by default: - First repository which has a package for a given name wins use “canonical”: false to restore old behavior of merging package versions - - Limit packages a repository can provide { “type”: “composer”, “url”: “https://some-third-party.com/composer-repo/”, “only”: [“foo/*”, “bar/baz”], “exclude”: [“foo/qux”] } Nils Adermann @naderman

  19. Upgrading your projects

  20. Best Case composer self-update --2 composer update / composer install No errors, everything works as before. Nils Adermann @naderman

  21. Upgrading issues with plugins foo/bar requires composer-plugin-api ^1.0.0 -> no matching package found. - Update foo/bar if new version with Composer 2.0 support available - Contact author of foo/bar plugin - Temporarily remove the requirement for the plugin to test symfony/flex is compatible as of 1.8.0! https://github.com/symfony/flex/pull/617 Nils Adermann @naderman

  22. ocramius/package-versions - Compatible with Composer 2.0 as of 1.8.0 - requires PHP ^7.4 - composer require composer/package-versions-deprecated - We forked the package, now compatible with PHP ^7.0 - replaces ocramius/package-versions => satisfies all requirements of ocramius/package-versions - Building new code requiring runtime access to package info? Runtime Composer Utilities https://github.com/composer/composer/blob/master/doc/07-runtime.md Automatically autoloaded in every Composer project \Composer\InstalledVersions::isInstalled('vendor/package'); // returns bool use Composer\Semver\VersionParser; \Composer\InstalledVersions::satisfies(new VersionParser, 'vendor/package', '2.0.*'); Nils Adermann @naderman

  23. Autoloading Issues Check deprecation warnings in Composer1 Class Foo\Bar located in ./src/SomeName/Bar.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v2.0. in phar:///usr/local/bin/composer/src/Composer/Autoload/ClassMapGenerator.php:18 Make sure directories match class names as defined in PSR-0/4. Nils Adermann @naderman

  24. How far along is Composer 2.0?

  25. Composer 2.0-alpha2 released June 24, 2020 - Works reliably in nearly all use cases - A few refactorings and optimizations left before a beta/RC release - 1.2% of packagist.org installs from Composer 2.0 within last 30 days Nils Adermann @naderman

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Demystifying Composer David Hernandez FFW, ffwagency.com Drupal.org: davidhernandez Full

Demystifying Composer David Hernandez FFW, ffwagency.com Drupal.org: davidhernandez Full

Demystifying Composer David Hernandez FFW, ffwagency.com Drupal.org: davidhernandez Full Tutorial https://github.com/david-hernandez/composer-tutorial Why Composer? Builds modern PHP applications https://packagist.org/ Drupal 8

608 views • 33 slides
Airglow CI/CD: Github to Composer (easy as 1, 2, 3 ) Speaker: Jake Ferriero Email:

Airglow CI/CD: Github to Composer (easy as 1, 2, 3 ) Speaker: Jake Ferriero Email:

Airglow CI/CD: Github to Composer (easy as 1, 2, 3 ) Speaker: Jake Ferriero Email: jferriero@google.com Github: jaketf@ Source: https://github.com/jaketf/ci-cd-for-data-processing-workflow July 2020 0 Composer Basics Airglow Architecture

430 views • 20 slides
composer.lock demystified Nils Adermann @naderman Private Packagist https://packagist.com

composer.lock demystified Nils Adermann @naderman Private Packagist https://packagist.com

composer.lock demystified Nils Adermann @naderman Private Packagist https://packagist.com composer.lock - Contents - all dependencies including transitive dependencies - all metadata (name, description, require, autoload, extra, ) -

497 views • 12 slides
INTRO Just a brief introduction for those who may not be familiar with my work. I am a composer /

INTRO Just a brief introduction for those who may not be familiar with my work. I am a composer /

INTRO Just a brief introduction for those who may not be familiar with my work. I am a composer / producer and over the past 10 years I have been focusing primarily on the international export pitching my productions to major festival,

412 views • 3 slides
COMPOSER IN DRUPAL WORLD Johannes Haseitl - @derhasi ME Johannes Haseitl @derhasi everywhere

COMPOSER IN DRUPAL WORLD Johannes Haseitl - @derhasi ME Johannes Haseitl @derhasi everywhere

#drupaldevdays / Composer in Drupal World / @derhasi COMPOSER IN DRUPAL WORLD Johannes Haseitl - @derhasi ME Johannes Haseitl @derhasi everywhere Maintainer of Master Search API Override , , ... CEO of undpaul GmbH WHAT IS

820 views • 42 slides
Metadata composer for NeXus Jan Kota nski Deutsches Elektronen-Synchrotron Oct 8, 2017 Jan

Metadata composer for NeXus Jan Kota nski Deutsches Elektronen-Synchrotron Oct 8, 2017 Jan

Metadata composer for NeXus Jan Kota nski Deutsches Elektronen-Synchrotron Oct 8, 2017 Jan Kota nski (DESY) Metadata composer for NeXus Oct 8, 2017 1 / 13 Modular structure of the NeXus Framework Experimental Configuration Control

315 views • 13 slides
5 th International Meetings of Mirecourt From 19 th to 24 th N ovember 2013 Composer Edith

5 th International Meetings of Mirecourt From 19 th to 24 th N ovember 2013 Composer Edith

5 th International Meetings of Mirecourt From 19 th to 24 th N ovember 2013 Composer Edith Canat de Chizy Pianists Silke Avenhaus Dana Ciocarlie Violonists Christian Altenburger Marianne Piketty

724 views • 14 slides
NetBeans JavaFX Composer in Action Creating Applications with Rich UI David Kaspar Software

NetBeans JavaFX Composer in Action Creating Applications with Rich UI David Kaspar Software

NetBeans JavaFX Composer in Action Creating Applications with Rich UI David Kaspar Software Engineer JavaOne|Oracle Develop NetBeans JavaFX Composer in Action Creating Applications with Rich UI Hands-on Lab: S313803 Introduction NetBeans

617 views • 46 slides
Composer 101 Mike Miles | Drupalcon Nashville 2018 events.drupal.org/node/20624 About Me Work:

Composer 101 Mike Miles | Drupalcon Nashville 2018 events.drupal.org/node/20624 About Me Work:

______ / ____/___ ____ ___ ____ ____ ________ _____ / / / __ \/ __ `__ \/ __ \/ __ \/ ___/ _ \/ ___/ / /___/ /_/ / / / / / / /_/ / /_/ (__ ) __/ / \____/\____/_/ /_/ /_/ .___/\____/____/\___/_/ /_/ Composer 101 Mike Miles | Drupalcon

752 views • 59 slides
COMPOSER THERE'S A MODULE (OR LIBRARY) FOR THAT! Presented by Rob Loach and Larry Garfield

COMPOSER THERE'S A MODULE (OR LIBRARY) FOR THAT! Presented by Rob Loach and Larry Garfield

COMPOSER THERE'S A MODULE (OR LIBRARY) FOR THAT! Presented by Rob Loach and Larry Garfield DEPENDENCY MANAGEMENT SUCKS PHP SUCKS AT SHARING How do I get a 3rd party library? How do I load its code? Does it depend on anything? Where do I

527 views • 51 slides
Managing dependencies is more than running composer update Nils Adermann @naderman

Managing dependencies is more than running composer update Nils Adermann @naderman

Managing dependencies is more than running composer update Nils Adermann @naderman Private Packagist https://packagist.com What are Dependencies? - Services - APIs - Client-side Integrations (OAuth / External JS / Analytics / )

533 views • 32 slides
Managing dependencies is more than running composer update Nils Adermann @naderman

Managing dependencies is more than running composer update Nils Adermann @naderman

Managing dependencies is more than running composer update Nils Adermann @naderman Private Packagist https://packagist.com What are Dependencies? - Services - APIs - Client-side Integrations (OAuth / External JS / Analytics / )

569 views • 37 slides
A Level Music Becoming an expert Performer Composer Analyst & Historian A Level

A Level Music Becoming an expert Performer Composer Analyst & Historian A Level

A Level Music Becoming an expert Performer Composer Analyst & Historian A Level Music Analysis and History (40%) The Western Classical Tradition The symphony in the Classical and Romantic eras Musical Theatre Into

504 views • 21 slides
REQUIEM BY ALFRED SCHNITTKE Composer's name and birth/death dates: Alfred Schnittke (Russian,

REQUIEM BY ALFRED SCHNITTKE Composer's name and birth/death dates: Alfred Schnittke (Russian,

REQUIEM BY ALFRED SCHNITTKE Composer's name and birth/death dates: Alfred Schnittke (Russian, German/Jewish, 1938-1996) Full title of composition: Requiem (from the stage music to Don Carlos by Friedich von Schiller) Placement in the

205 views • 3 slides
Composer: Visual Cohort Analysis of Patient Outcomes Jennifer Rogers, Nicholas Spina, Ashley

Composer: Visual Cohort Analysis of Patient Outcomes Jennifer Rogers, Nicholas Spina, Ashley

Composer: Visual Cohort Analysis of Patient Outcomes Jennifer Rogers, Nicholas Spina, Ashley Neese, Rachel Hess, Darrel Brodke, Alexander Lex 1 Lower Back Pain is a Significant Health Burden 2.6 Million Emergency Room visits Treatment exceeding

821 views • 64 slides
Composer Best Practices 2018 Nils Adermann @naderman Private Packagist https://packagist.com

Composer Best Practices 2018 Nils Adermann @naderman Private Packagist https://packagist.com

Composer Best Practices 2018 Nils Adermann @naderman Private Packagist https://packagist.com 2018? Delete your lock files 2018? Delete your lock files Composer Ecosystem Reality Update 2018 Nils Adermann @naderman Best Practices? Nils

838 views • 68 slides
First Investigations on Self Trained Speaker Diarization el Le Lan 1 , 2 Sylvain Meignier 2 Ga

First Investigations on Self Trained Speaker Diarization el Le Lan 1 , 2 Sylvain Meignier 2 Ga

First Investigations on Self Trained Speaker Diarization el Le Lan 1 , 2 Sylvain Meignier 2 Ga Delphine Charlet 1 Anthony Larcher 2 1 Orange Labs, France first.lastname@orange.com 2 LIUM, Universit e du Maine, France

449 views • 33 slides
Saratoga a Delay-Tolerant Networking convergence layer with efficient link utilization Wesley

Saratoga a Delay-Tolerant Networking convergence layer with efficient link utilization Wesley

Saratoga a Delay-Tolerant Networking convergence layer with efficient link utilization Wesley M. Eddy co-authors: Lloyd Wood (Cisco Systems) Verizon / NASA GRC Wesley M. Eddy (Verizon / NASA GRC) Will Ivancic (NASA Glenn Research Center)

573 views • 15 slides
The Problem Distributed Denial of Service Attacks and Defenses CS 239 Advanced Topics in

The Problem Distributed Denial of Service Attacks and Defenses CS 239 Advanced Topics in

The Problem Distributed Denial of Service Attacks and Defenses CS 239 Advanced Topics in Network Security Peter Reiher May 3, 2006 Lecture 9 Lecture 9 Page 1 Page 2 CS 239, Spring 2006 CS 239, Spring 2006 Distributed Denial of Service

500 views • 4 slides
Radio Networks The Model Broadcast Andrea CLEMENTI A radio network is a set of stations (nodes)

Radio Networks The Model Broadcast Andrea CLEMENTI A radio network is a set of stations (nodes)

Radio Networks The Model Broadcast Andrea CLEMENTI A radio network is a set of stations (nodes) located over a support Euclidean Space. To each node v , a transmission range R(v)>0 is assigned. A node w can receive a msg M from v only if

664 views • 44 slides
Decompilation, type inference and finding the code to decompile Alan Mycroft Computer

Decompilation, type inference and finding the code to decompile Alan Mycroft Computer

UNIVERSITY OF CAMBRIDGE Decompilation, type inference and finding the code to decompile Alan Mycroft Computer Laboratory, University of Cambridge http://www.cl.cam.ac.uk/users/am/ 30 January 2012 Decompilation, type inference and finding

614 views • 34 slides
t t t

t t t

t s tr r t t t

1.05k views • 31 slides
Software Testing Lecture 7 Property Based Testing Justin Pearson 2019 1 / 17 When are there

Software Testing Lecture 7 Property Based Testing Justin Pearson 2019 1 / 17 When are there

Software Testing Lecture 7 Property Based Testing Justin Pearson 2019 1 / 17 When are there enough unit tests? Lets look at a really simple example. import u n i t t e s t def add ( x , y ) : return x+y class TestAddition ( u n i t t e s t

352 views • 17 slides
Eclipse Project 3.3 Release Review Eclipse Project PMC 1 Highlights 3.3 new features:

Eclipse Project 3.3 Release Review Eclipse Project PMC 1 Highlights 3.3 new features:

Eclipse Project 3.3 Release Review Eclipse Project PMC 1 Highlights 3.3 new features: Vista support, Java6 (JSR 269, JSR 199), UI usability/appearance enhancements, Early Access WPF port, Eclipse on the server, JNI launcher and

821 views • 40 slides

More recommend