PHP Composer consistency checker

Checks if the /vendor directory is consistent with the project's /composer.lock (direct API, no CLI).

/composer.json <== (synchronized) ==> /vendor

About

For small teams can be difficult to cooperate and keep /vendor directory synchronized with requirements in /composer.json. Your colleagues can be a junior or can be not accustomed to the right of use the Composer and often forgot to call composer install before running the App after update code from remote.

You can force refresh Composer via git-hooks, but it requires careful preparation on each developer station.
In another way, you can push the whole /vendor into your repo, but it's a very very dirty way. Don't do it!

Or… just add this package to you project. It checks if your /vendor is consistent with the project and can notify you and your colleagues to forgotten refresh it.

Usage

Add this package to project as dev-dependency:

composer require --dev jakubboucek/composer-consistency

In your app just call validate() method:

ComposerConsistency::rootDir(__DIR__)->validate();

When /vendor directory is not consistent with /composer.json, checker throws an Exception.

Usage

use JakubBoucek\ComposerConsistency\ComposerConsistency;

ComposerConsistency::rootDir(__DIR__)
    ->validate();

Directories

Root directory - directory which contains /composer.json, rspt. /composer.lock file, usually the root directory of the project.
Vendor directory - directory which contains Composer's autoload.php file.

By default, the checker is assuming Vendor dir at /vendor from root directory, you can change by method vendorDir().

ComposerConsistency::rootDir(__DIR__)
    ->vendorDir(__DIR__ . '/../vendor')
    ->validate();

Error severity

When the checker detects any inconsistency, it throws ComposerInconsitencyException.

You can change exception throwing to emit user error by method errorMode($severity) where $severity is Severity of emitted error, default is E_USER_ERROR, you can change it to any of E_USER family severity (read more):

ComposerConsistency::rootDir(__DIR__)
    ->errorMode(E_USER_WARNING)
    ->validate();

Also, you can disable checking by errorMode(false) – that's cause to completelly disable checking:

ComposerConsistency::rootDir(__DIR__)
    ->errorMode(false)
    ->validate();

Strict mode

In strict mode, the checker throws Exception when is unable to read Composer's files used to compute vendor consistency. Default value: off.

Turn on Strict mode:

ComposerConsistency::rootDir(__DIR__)
    ->strict()
    ->validate();

Strict mode is by default disabled, because:

it can break production if you ignore some files (like /composer.lock) during deploy - that's a false positive,
is not important to guard these files, for example when is missing the whole /vendor directory, is unable to load this package too,
the main purpose of the package is watching to subtle nuances in packages consistency, not fatal in the Composer's file system.

Cache

Checking /vendor consistency on every request consumes unnecessarily huge CPU power. The cache is storing the last success validation result. It does not more check consistency until these files keep the same content. It requires a path to a temporary directory for saving necessary files. Default value: off.

ComposerConsistency::rootDir(__DIR__)
    ->cache(__DIR__ . '/temp')
    ->validate();

Froze mode

Checking /vendor consistency on every request consumes unnecessarily huge CPU power. Froze mode is usable when you guarantee the deploy process to production is always purge the temp directory. It requires a path to a temporary directory for saving necessary files. Recommended in the production environment. Default value: off.

ComposerConsistency::rootDir(__DIR__)
    ->froze(__DIR__ . '/temp')
    ->validate();

In Froze mode is vendor consistency checked only once, then is state saved to the temp directory and no more checks are performed until is temp directory purged. The difference between cache and froze behavior is cache mode is checking files if is not modified and froze does don't do it.

DRAFT Ideas for v2

IMPORTANT: This is not a documentation - it's proposal for planned version v2.

All of examples checks if Composer has consistently installed packages in vendor/ directory.

Most simple usage

Debug mode: Yes - Throws the Exception when found mistake between requirements and
really installed packages.
Strict mode: No - Do nothing when any of searched files is missing.

use JakubBoucek\ComposerConsistency\VendorDir;

VendorDir::validateConsistency(__DIR__);

Directories

Root dir - directory which contains composer.json, rspt. composer.lock file,
usually root directory od project.
Vendor dir - directory which contains Composer's autoload.php file.

By default checker is assumes Verdor dir at vendor/ from root dir, you can cange it
in optional second argument.

VendorDir::validateConsistency(__DIR__, __DIR__ . '/../vendor');

Few words about shortcut

This static shortcut does not allows change any optional parameters. It's just shortcut.
I am enemy for huge blind arguments like doSmthng(true, false, 1, true, "/xy[z]/i", 0, 3).
Wanna strict mode? Create an instance.

Instance usage

(new VendorDir(__DIR__))->validate();

The result is the same behavior as the above static shortcut.

Debug mode

In debug mode is thrown Exception when is found inconsistency. Otherwise is triggered error only.
Default value: on.

In opposite to Debug mode is Production mode.

Turn off Debug mode (turn on Production mode):

(new VendorDir(__DIR__))->validate(false);

Error severity

For Production mode you can set the Severity of triggered errors. Default is E_USER_ERROR,
you can change the Severity to any of E_USER family severity (read more).

(new VendorDir(__DIR__))->severity(E_USER_NOTICE)->validate(false);

Also you can disable error triggering – that's cause to completelly disable checking on Production mode.

(new VendorDir(__DIR__))->severity(null)->validate(false);

About production mode

Package is designed to cooperate with Debugging tools
like Tracy which is detects Debug mode and

Strict mode

In strict mode Checker throws Exception when is unable to read Composer's files used to
compute vendor consistency. Default value: off.

Turn on Strict mode:

(new VendorDir(__DIR__))->strict()->validate();

Scrict mode is by default disabled, because:

it can break production if you ignore some files (like composer.lock) during deploy -
that's false positive,
is not important to guard these files, for example when is missing whole vendor/ directory,
is unable to load this package too,
main purpose of package is watching to subtle nuances in packages consistency, not fatals
in Composer's file system.

IMPORTANT: Production mode is not affects Strict mode! This will still throwns Exception.

Froze mode

Checking vendor consistency on every request consume unnecessarily huge CPU power. Froze mode is
usable when you guarantee the deploy process to production is always purge the temp directory.
Froze mode is affects Production mode only. Default value: off.

(new VendorDir(__DIR__))->froze(__DIR__ . '/temp')->validate(false);

In Froze mode is vendon consistenty checked only once, then is state saved to temp directory and
no more checks are performed until is temp directory purged.<

jakubboucek / php-composer-consistency Goto Github PK

php-composer-consistency's Introduction

PHP Composer consistency checker

About

Usage

Usage

Directories

Error severity

Strict mode

Cache

Froze mode

php-composer-consistency's People

Contributors

Stargazers

Watchers

Forkers

php-composer-consistency's Issues

Most simple usage

Directories

Few words about shortcut

Instance usage

Debug mode

Error severity

About production mode

Strict mode

Froze mode

Recommend Projects

Recommend Topics

Recommend Org