Home » Php » php – How to mark code as stable using Composer?

php – How to mark code as stable using Composer?

Posted by: admin April 23, 2020 Leave a comment

Questions:

I’ve recently come across the change in composer meaning that the default minimum-stability is stable, and rather than set this to dev I’d like to mark some of my libraries as stable.

I actually use two relevant branches, release and dev branched from master. Every so often something is merged into release and tagged as new version.

How does composer determine the stability of my libraries, is there a naming convention for branches, version nums, a key in composer.json?

Thanks

How to&Answers:

The answer is: Tags. Your may also use Alias, if you don’t want to use tags. But it’s worth to mention, that you should only mark your packages as stable, when they are stable and not to make others believe they are.

Update: One more link: Stability

Answer:

Elaborating on KingCrunch’s answer, since this was not immediately obvious to me.

From https://getcomposer.org/doc/02-libraries.md#specifying-the-version

When you publish your package on Packagist, it is able to infer the version from the VCS (git, svn, hg) information. This means you don’t have to explicitly declare it.

This is very easy with Github:
https://help.github.com/articles/working-with-tags/

Furthermore:

If you are creating packages by hand and really have to specify it
explicitly, you can just add a version field:

{
    "version": "1.0.0" 
}

Answer:

To answer the question :

  • for VCS, it’s dev-master
  • for packagist, it’s *@stable

For more about “stabilizing” or “freezing” composer versions

Freeze Make Stable

It’s sometimes useful, especially during an audit, to grab latest versions of your requirements, that’s why we made a composer package make stable all your dependencies : Composer Make Stable (https://github.com/BeAPI/composer-make-stable).

Using this command, your dependencies into composer.json will be automatically be changed from:

"wpackagist-plugin/wordpress-seo":"6.2"

into:

"wpackagist-plugin/wordpress-seo":"*@stable"

Freeze Composer Versions

If afterwards you plan doing the reverse thing to grab latest versions of your composer.lock which you tested your site against, especially useful while making a site live, have a look to an other of our composer command : Composer Freeze Version (https://github.com/BeAPI/composer-freeze-version).

Using this command, your dependencies into composer.json will be automatically be changed from:

"wpackagist-plugin/wordpress-seo":"@stable"

into:

"wpackagist-plugin/wordpress-seo":"6.2"


Hope it helps.