composer best practices 2018
play

Composer Best Practices 2018 Nils Adermann @naderman Private - PowerPoint PPT Presentation

Sep 18, 2022 •143 likes •838 views

Composer Best Practices 2018 Nils Adermann @naderman Private Packagist https://packagist.com 2018? Delete your lock files 2018? Delete your lock files Composer Ecosystem Reality Update 2018 Nils Adermann @naderman Best Practices? Nils

  1. Composer Best Practices 2018 Nils Adermann @naderman Private Packagist https://packagist.com

  2. 2018? Delete your lock files

  3. 2018? Delete your lock files

  4. Composer Ecosystem Reality Update 2018 Nils Adermann @naderman

  5. Best Practices?

  6. Nils Adermann @naderman

  7. Deployment

  8. Improving your deployment process Slow Deployment - - You will not enjoy deploying - Unreliable deployment - You will be scared to deploy - You deploy infrequently - more work to debug older problems - no incentive to improve the process - Vicious cycle - Reliability and speed are key to breaking it Nils Adermann @naderman

  9. Reduce dependence on external services Build Process (move more into this) - - Install dependencies (Composer, npm, …) - Generate assets (Javascript, CSS, generated PHP code, …) - Create an artifact with everything in it - Deploy Process (make this as small as possible) - Move the artifact to your production machine - sftp, rsync, apt-get install - Machine dependent configuration - Database modifications - Start using new version Nils Adermann @naderman

  10. Never Deploy without a Lock File Do not run composer update during deployments

  11. Reduce dependence on external services composer install loads packages from URLs in composer.lock - - Packagist.org is metadata only - Open-source dependencies could come from anywhere - Solutions to unavailability Composer cache in ~/.composer/cache - - Unreliable, not intended for this use - Fork every dependency - huge maintenance burden - Your own Composer repository mirroring all packages - e.g. Private Packagist Nils Adermann @naderman

  12. composer install performance Use --prefer-dist to avoid git clones - - Will always download zip files if possible (default for stable versions) - Store ~/.composer/cache between builds - How depends on CI product/setup you use Nils Adermann @naderman

  13. Autoloader Optimization - composer install --optimize-autoloader - composer dump-autoload --optimize - composer install --optimize-autoloader --classmap-authoritative - composer dump-autoload --optimize --classmap-authoritative - composer install --optimize-autoloader --apcu-autoloader - composer dump-autoload --optimize --apcu https://getcomposer.org/doc/articles/autoloader-optimization.md Nils Adermann @naderman

  14. Autoloader Optimization - Use this one composer dump-autoload --optimize --classmap-authoritative - Requires PHP7 to be optimal - opcache can keep static array definition in shared memory - no loading overhead on PHP request startup - Will not search for classes not in lookup table - not useful for development - not useful for dynamically generated code (don’t do that!) Nils Adermann @naderman

  15. It’s 2018 - What’s new in Composer? - Current version: 1.6.5 (released May 4, 2018) - 22 releases since January 2017 - Bugfixes & Performance Improvements - Over 900 issues closed since January 2017 (~250 open) - Over 300 pull requests closed since January 2017 (~25 open) - Not all bug reports / bugfixes, feature requests, support issues, etc. Nils Adermann @naderman

  16. It’s 2018 - What’s new in Composer? - Interoperability - GitLab API v4 - released in 1.5.0 in August 2017 - Bitbucket API v2 - released in v1.4.0 in March 2017 - New Git versions - v1.4.3 in August 2017 - Upcoming: GitHub deprecated Services - GitHub App for packagist.org Nils Adermann @naderman

  17. It’s 2018 - What’s new in Composer? - New features - usually very small things - often not useful for everyone - Let’s look at a couple Nils Adermann @naderman

  18. New Features SPDX 3.0 License Identifier Update GPL2.0 => GPL2.0-only GPL2.0+ => GPL2.0-or-later Packagist now rejects updates with invalid license identifiers now https://github.com/composer/spdx-licenses Nils Adermann @naderman

  19. New Features --with-all-dependencies Released in 1.6.0, Jan 2018 Nils Adermann @naderman

  20. Partial Updates { “name”: “zebra/zebra”, “require”: { “horse/horse”: “^1.0” }} { “name”: “giraffe/giraffe”, “require”: { “duck/duck”: “^1.0” }} Nils Adermann @naderman

  21. Partial Updates { “name”: “horse/horse”, “require”: { “giraffe/giraffe”: “^1.0” }} { “name”: “duck/duck”, “require”: {}} Nils Adermann @naderman

  22. Partial Updates { “name”: “my-project”, “require”: { “zebra/zebra”: “^1.0”, “giraffe/giraffe”: “^1.0” } } Nils Adermann @naderman

  23. Partial Updates zebra 1.0 horse 1.0 Project giraffe 1.0 duck 1.0 Now each package releases 1.1 Nils Adermann @naderman

  24. Partial Updates zebra 1.1 horse 1.0 Project giraffe 1.0 duck 1.0 $ composer update --dry-run zebra/zebra Updating zebra/zebra (1.0 -> 1.1) Nils Adermann @naderman

  25. Partial Updates zebra 1.1 horse 1.1 Project giraffe 1.0 duck 1.0 $ composer update --dry-run zebra/zebra --with-dependencies Updating horse/horse (1.0 -> 1.1) Updating zebra/zebra (1.0 -> 1.1) Nils Adermann @naderman

  26. Partial Updates zebra 1.1 horse 1.0 Project giraffe 1.1 duck 1.0 $ composer update --dry-run zebra/zebra giraffe/giraffe Updating zebra/zebra (1.0 -> 1.1) Updating giraffe/giraffe (1.0 -> 1.1) Nils Adermann @naderman

  27. Partial Updates zebra 1.1 horse 1.1 Project giraffe 1.1 duck 1.1 $ composer update zebra/zebra giraffe/giraffe --with-dependencies Updating duck/duck (1.0 -> 1.1) Updating giraffe/giraffe (1.0 -> 1.1) Updating horse/horse (1.0 -> 1.1) Updating zebra/zebra (1.0 -> 1.1) Nils Adermann @naderman

  28. Partial Updates zebra 1.1 horse 1.1 Project giraffe 1.1 duck 1.1 $ composer update zebra/zebra --with-all-dependencies Updating duck/duck (1.0 -> 1.1) Updating giraffe/giraffe (1.0 -> 1.1) Updating horse/horse (1.0 -> 1.1) Updating zebra/zebra (1.0 -> 1.1) Nils Adermann @naderman

  29. Partial Updates zebra 1.1 horse 1.1 Project giraffe 1.0 duck 1.0 $ composer update zebra/zebra --with-dependencies Updating horse/horse (1.0 -> 1.1) Updating zebra/zebra (1.0 -> 1.1) Nils Adermann @naderman

  30. Partial Updates zebra 1.1 horse 1.1 Project giraffe 1.1 duck 1.1 $ composer update zebra/zebra --with-all-dependencies Updating duck/duck (1.0 -> 1.1) Updating giraffe/giraffe (1.0 -> 1.1) Updating horse/horse (1.0 -> 1.1) Updating zebra/zebra (1.0 -> 1.1) Nils Adermann @naderman

  31. Best Practice: CI for Libraries - Multiple runs composer install from lock file - composer update for latest deps - composer update --prefer-lowest --prefer-stable for oldest (stable) deps - - Potentially multiple composer.json files with different platform configurations - COMPOSER=composer-customer1.json php composer.phar update - COMPOSER=composer-customer1.json php composer.phar install - Don’t use this except for testing - you’ll ruin our wonderful world where every PHP library can be installed with a plain composer install Nils Adermann @naderman

  32. Best Practice: Semantic Versioning Promise of Compatibility X .Y.Z - Must be used consistently Dare to increment X ! - Only valuable if BC/Compatibility promise formalized - See http://symfony.com/doc/current/contributing/code/bc.html - Document in Changelog Nils Adermann @naderman

  33. Versions Constraints - Exact Match: 1.0.0 1.2.3-beta2 dev-master - Wildcard Range: 1.0.* 2.* - Hyphen Range: 1.0-2.0 1.0.0 - 2.1.0 >=1.0.0 <2.1 >=1.0.0 <=2.1.0 - (Unbounded Range: >= 1.0) Bad! - Next Significant Release ~1.2 ~1.2.3 >=1.2.0 <2.0.0 >=1.2.3 <1.3.0 - Caret/Semver Operator ^1.2 ^1.2.3 Best Choice for Libraries >=1.2.0 <2.0.0 >=1.2.3 <2.0.0 Operatoren: “ “ AND, “||” OR Nils Adermann @naderman

  34. Stabilities - Order dev -> alpha -> beta -> RC -> stable - Automatically from tags 1.2.3 -> stable 1.3.0-beta3 -> beta - Automatically from branches Branch -> Version (Stability) 2.0 -> 2.0.x-dev (dev) master -> dev-master (dev) myfeature -> dev-myfeature (dev) - Choosing “foo/bar”: “1.3.*@beta” “foo/bar”: “2.0.x-dev” “minimum-stability”: “alpha” Nils Adermann @naderman

  35. In case of Errors $ php composer.phar validate ./composer.json is valid for simple usage with composer but has strict errors that make it unable to be published as a package: See https://getcomposer.org/doc/04-schema.md for details on the schema name : The property name is required description : The property description is required require.composer/composer : unbound version constraints (dev-master) should be avoided Common: Version entry in composer.json conflicts with tag $ php composer.phar self-update $ php composer.phar update -vvv Nils Adermann @naderman

  36. Resolution Conflicts: Overly Strict Requirements // composer.json "require": { "cool/alice": "~1.3", "lazy/bob": "~1.2" } // dependencies "name": "cool/alice", "require": { "monolog/monolog": "~1.6" } "name": "lazy/bob", "require": { "monolog/monolog": "1.3.*" } Nils Adermann @naderman

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Composer Best Practices Nils Adermann @naderman Private Packagist https://packagist.com

Composer Best Practices Nils Adermann @naderman Private Packagist https://packagist.com

Composer Best Practices Nils Adermann @naderman Private Packagist https://packagist.com Dependency Management - Dependency Management vs Package Management - System state vs installation/update instructions - Configuration Management -

843 views • 48 slides
Composer: good practices Kuba Weros Semantic Versioning MAJOR.MINOR.PATCH 1. MAJOR

Composer: good practices Kuba Weros Semantic Versioning MAJOR.MINOR.PATCH 1. MAJOR

Composer: good practices Kuba Weros Semantic Versioning MAJOR.MINOR.PATCH 1. MAJOR incompatible (breaking) API changes, 2. MINOR add functionality in a backwards-compatible manner, 3. PATCH backwards-compatible bug fixes.

578 views • 42 slides
Demystifying Composer David Hernandez FFW, ffwagency.com Drupal.org: davidhernandez Full

Demystifying Composer David Hernandez FFW, ffwagency.com Drupal.org: davidhernandez Full

Demystifying Composer David Hernandez FFW, ffwagency.com Drupal.org: davidhernandez Full Tutorial https://github.com/david-hernandez/composer-tutorial Why Composer? Builds modern PHP applications https://packagist.org/ Drupal 8

608 views • 33 slides
Composer 101 Mike Miles | Drupalcon Nashville 2018 events.drupal.org/node/20624 About Me Work:

Composer 101 Mike Miles | Drupalcon Nashville 2018 events.drupal.org/node/20624 About Me Work:

______ / ____/___ ____ ___ ____ ____ ________ _____ / / / __ \/ __ `__ \/ __ \/ __ \/ ___/ _ \/ ___/ / /___/ /_/ / / / / / / /_/ / /_/ (__ ) __/ / \____/\____/_/ /_/ /_/ .___/\____/____/\___/_/ /_/ Composer 101 Mike Miles | Drupalcon

752 views • 59 slides
www.drupaleurope.org axelerant.com 1 Lesser known perks of using composer Drupal Europe 2018

www.drupaleurope.org axelerant.com 1 Lesser known perks of using composer Drupal Europe 2018

www.drupaleurope.org axelerant.com 1 Lesser known perks of using composer Drupal Europe 2018 axelerant.com 2 Drupal + Technology TRACK SUPPORTED BY axelerant.com 3 Special Thanks to.. axelerant.com 4 Mohit Aghera Drupal developer

723 views • 26 slides
Airglow CI/CD: Github to Composer (easy as 1, 2, 3 ) Speaker: Jake Ferriero Email:

Airglow CI/CD: Github to Composer (easy as 1, 2, 3 ) Speaker: Jake Ferriero Email:

Airglow CI/CD: Github to Composer (easy as 1, 2, 3 ) Speaker: Jake Ferriero Email: jferriero@google.com Github: jaketf@ Source: https://github.com/jaketf/ci-cd-for-data-processing-workflow July 2020 0 Composer Basics Airglow Architecture

430 views • 20 slides
composer.lock demystified Nils Adermann @naderman Private Packagist https://packagist.com

composer.lock demystified Nils Adermann @naderman Private Packagist https://packagist.com

composer.lock demystified Nils Adermann @naderman Private Packagist https://packagist.com composer.lock - Contents - all dependencies including transitive dependencies - all metadata (name, description, require, autoload, extra, ) -

497 views • 12 slides
INTRO Just a brief introduction for those who may not be familiar with my work. I am a composer /

INTRO Just a brief introduction for those who may not be familiar with my work. I am a composer /

INTRO Just a brief introduction for those who may not be familiar with my work. I am a composer / producer and over the past 10 years I have been focusing primarily on the international export pitching my productions to major festival,

412 views • 3 slides
COMPOSER IN DRUPAL WORLD Johannes Haseitl - @derhasi ME Johannes Haseitl @derhasi everywhere

COMPOSER IN DRUPAL WORLD Johannes Haseitl - @derhasi ME Johannes Haseitl @derhasi everywhere

#drupaldevdays / Composer in Drupal World / @derhasi COMPOSER IN DRUPAL WORLD Johannes Haseitl - @derhasi ME Johannes Haseitl @derhasi everywhere Maintainer of Master Search API Override , , ... CEO of undpaul GmbH WHAT IS

820 views • 42 slides
Metadata composer for NeXus Jan Kota nski Deutsches Elektronen-Synchrotron Oct 8, 2017 Jan

Metadata composer for NeXus Jan Kota nski Deutsches Elektronen-Synchrotron Oct 8, 2017 Jan

Metadata composer for NeXus Jan Kota nski Deutsches Elektronen-Synchrotron Oct 8, 2017 Jan Kota nski (DESY) Metadata composer for NeXus Oct 8, 2017 1 / 13 Modular structure of the NeXus Framework Experimental Configuration Control

315 views • 13 slides
Best Practices Nils Adermann - @naderman - n.adermann@packagist.com Package Repositories Third

Best Practices Nils Adermann - @naderman - n.adermann@packagist.com Package Repositories Third

Developing and Deploying Magento with Composer: Best Practices Nils Adermann - @naderman - n.adermann@packagist.com Package Repositories Third Parties - Packagist - https://packagist.org - Magento Marketplace -

721 views • 59 slides
5 th International Meetings of Mirecourt From 19 th to 24 th N ovember 2013 Composer Edith

5 th International Meetings of Mirecourt From 19 th to 24 th N ovember 2013 Composer Edith

5 th International Meetings of Mirecourt From 19 th to 24 th N ovember 2013 Composer Edith Canat de Chizy Pianists Silke Avenhaus Dana Ciocarlie Violonists Christian Altenburger Marianne Piketty

724 views • 14 slides
NetBeans JavaFX Composer in Action Creating Applications with Rich UI David Kaspar Software

NetBeans JavaFX Composer in Action Creating Applications with Rich UI David Kaspar Software

NetBeans JavaFX Composer in Action Creating Applications with Rich UI David Kaspar Software Engineer JavaOne|Oracle Develop NetBeans JavaFX Composer in Action Creating Applications with Rich UI Hands-on Lab: S313803 Introduction NetBeans

617 views • 46 slides
Composer 2.0 Nils Adermann @naderman Private Packagist https://packagist.com Goals for 2.0

Composer 2.0 Nils Adermann @naderman Private Packagist https://packagist.com Goals for 2.0

Composer 2.0 Nils Adermann @naderman Private Packagist https://packagist.com Goals for 2.0 Performance Improvements - - Better reproducibility - Most serious 1.x bugs are edge cases which are difficult to debug and hard to reproduce -

609 views • 28 slides
COMPOSER THERE'S A MODULE (OR LIBRARY) FOR THAT! Presented by Rob Loach and Larry Garfield

COMPOSER THERE'S A MODULE (OR LIBRARY) FOR THAT! Presented by Rob Loach and Larry Garfield

COMPOSER THERE'S A MODULE (OR LIBRARY) FOR THAT! Presented by Rob Loach and Larry Garfield DEPENDENCY MANAGEMENT SUCKS PHP SUCKS AT SHARING How do I get a 3rd party library? How do I load its code? Does it depend on anything? Where do I

527 views • 51 slides
Managing dependencies is more than running composer update Nils Adermann @naderman

Managing dependencies is more than running composer update Nils Adermann @naderman

Managing dependencies is more than running composer update Nils Adermann @naderman Private Packagist https://packagist.com What are Dependencies? - Services - APIs - Client-side Integrations (OAuth / External JS / Analytics / )

533 views • 32 slides
Constraint Satisfaction Search techniques make choices in an often Problems (CSP) arbitrary

Constraint Satisfaction Search techniques make choices in an often Problems (CSP) arbitrary

What we will try to do ... Constraint Satisfaction Search techniques make choices in an often Problems (CSP) arbitrary order. Often little information is available to make each of them (Where we postpone making difficult decisions until

159 views • 14 slides
Generics: Inference &amp; Accommodation Greg Restall constructing social hierarchy 2 mit 6

Generics: Inference &amp; Accommodation Greg Restall constructing social hierarchy 2 mit 6

Generics: Inference &amp; Accommodation Greg Restall constructing social hierarchy 2 mit 6 december 2019 My Aim T o give an account of norms governing our uses of generics , and our inferring , showing how phenomena of accommodation can help

1.82k views • 169 slides
Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max Howald , Siddharth Garg , abhi shelat , and Michael Walfish Stanford University New York University The Cooper Union

1.26k views • 110 slides
Zebrackets: A Score of Years and Delimiters Michael Cohen, Blanca Mancilla, and John Plaice

Zebrackets: A Score of Years and Delimiters Michael Cohen, Blanca Mancilla, and John Plaice

Zebrackets: A Score of Years and Delimiters Zebrackets: A Score of Years and Delimiters Michael Cohen, Blanca Mancilla, and John Plaice U.Aizu, Mentel, GrammaTech and UNSW Australia TUG meeting, July 2016 Zebrackets: A Score of Years and

339 views • 15 slides
Condit itio ional Generativ ive Adversaria ial Networks (cGANs) Prof. Leal-Taix and Prof.

Condit itio ional Generativ ive Adversaria ial Networks (cGANs) Prof. Leal-Taix and Prof.

Condit itio ional Generativ ive Adversaria ial Networks (cGANs) Prof. Leal-Taix and Prof. Niessner 1 Conditional GANs (cGANs) Gain control of output Modeling (e.g., sketch-based modeling, etc.) Add semantic meaning to latent

716 views • 52 slides
Constraint Satisfaction Problems (CSPs) Russell and Norvig Chapter 6 CSP example: map coloring

Constraint Satisfaction Problems (CSPs) Russell and Norvig Chapter 6 CSP example: map coloring

Constraint Satisfaction Problems (CSPs) Russell and Norvig Chapter 6 CSP example: map coloring Given a map of Australia, color it using three colors such that no neighboring territories have the same color. 2 CSP example: map coloring 3

950 views • 63 slides
Conflation: its logic and some applications David Ripley University of Connecticut

Conflation: its logic and some applications David Ripley University of Connecticut

Conflation: its logic and some applications David Ripley University of Connecticut http://davewripley.rocks davewripley@gmail.com Conflation Conflation slenderness substance dualism y xR x y , and x yR x y and reading/revealing

401 views • 22 slides
Chad Voegele Selective Search for Object Recognition Outline 1. Individual contribution of

Chad Voegele Selective Search for Object Recognition Outline 1. Individual contribution of

Chad Voegele Selective Search for Object Recognition Outline 1. Individual contribution of region similarity measures 2. Importance of good base segmentation 3. Box overlap correspondence to recognition 3 Outline 1. Individual contribution

770 views • 41 slides

More recommend