Drupal
  • Managing Successful Drupal Based Projects
  • Process
    • Team Roles and Responsibilities
    • Ceremonies
    • User Stories Best Practices
    • Glossary
  • Development Resources
    • Coding Standards
    • Setup Local Development Enviornment
    • Content Modeling
    • Git, Commit Messages & Pull Request Guidelines
    • Useful Terminal Commands
    • Package management - Composer, BLT and CI
    • Behat
      • How Behat is used in Acquia Projects?
    • Maintaining your platform/patches
  • JIRA Ticket Templates
    • Ticket Template
    • Composer Updates
    • Redirect endpoints that should not be public
    • Bug Template
    • Sync local with latest upstream code and database sprint X
    • Drupal Enablement
  • ACE & ACSF
    • Deploying to Acquia Cloud
    • ACSF - First Pull Request
    • ACSF & Drupal and Your Platform
Powered by GitBook
On this page
  • What is Composer?
  • What is version constraint?
  • Where do composer files live?

Was this helpful?

  1. Development Resources

Package management - Composer, BLT and CI

Package Management is a crucial part of collaborative rapid development and delivery.

With an iterative approach to code, projects need to utilize a package manager to avoid ending up a dependency nightmare.

  • Forcing development environments to be as similar as possible will reduce variables to error.

    • Constraining package versions helps development teams working simultaneously while yielding the same results.

    • Package managers reduce the time for a developer to jump into a project.

    • Projects and packages stay compatible to the locked version regardless of time.

    • Package managers increase the security of a project repository because third party modules are not included in the project repository. Packages are downloaded and stored in a build artifact on deployment.

What is Composer?

  • Composer is a tool that allows you to manage PHP dependencies on a per project basis. There are two files to note with composer.

    • What is the composer.json?

      • Here you declare your dependencies such as Drupal core, all contributed dependencies, third party libraries and patches.

    • What is composer.lock?

      • This file is autogenerated by composer and should not be touched. This file guarantees that anyone who downloads the project is using the same versions of PHP dependencies.

  • What is a package?

    • A package is any dependency

What is version constraint?

  • Packages can be forced at a specific version: "acquia/blt": "9.2.0"

  • A specific range "acquia/blt": "~9.2.0",

  • Or set to a minimum minor version "acquia/blt": "^9.2.0",

Where do composer files live?

  • It is considered best practice to keep these files are outside of the docroot for security reasons. When updating dependencies for the platform you must be in the project root so the dependencies are managed in the correct composer.json/composer.lock file.

  • BLT and install profiles will have their own respective composer.json file.

Exercise (optional, but preferred):

Create a project, Manage and update a package

Require a Drupal module composer require drupal/admin_toolbar

Run composer outdate composer outdate

Composer update composer update module_name --with-dependencies

Supporting Materials:

PreviousUseful Terminal CommandsNextBehat

Last updated 6 years ago

Was this helpful?

Composer: Create based on BLT and composer project.composer create-project --no-interaction acquia/blt-project my-project

a new project
Composer
BLT - General Docs on Automated Testing
Jeff Geerling’s blog posts about composer