1
0
Fork 0
composer/doc/03-cli.md

1064 lines
42 KiB
Markdown
Raw Normal View History

2014-07-20 16:47:10 +00:00
# Command-line interface / Commands
2012-02-19 14:16:25 +00:00
2012-02-20 10:08:18 +00:00
You've already learned how to use the command-line interface to do some
things. This chapter documents all the available commands.
2012-02-19 14:16:25 +00:00
To get help from the command-line, call `composer` or `composer list`
2012-11-08 14:44:58 +00:00
to see the complete list of commands, then `--help` combined with any of those
can give you more information.
2017-08-16 13:14:29 +00:00
As Composer uses [symfony/console](https://github.com/symfony/console) you can call commands by short name if it's not ambiguous.
```sh
composer dump
```
calls `composer dump-autoload`.
2012-11-08 14:44:58 +00:00
## Global Options
The following options are available with every command:
* **--verbose (-v):** Increase verbosity of messages.
* **--help (-h):** Display help information.
* **--quiet (-q):** Do not output any message.
* **--no-interaction (-n):** Do not ask any interactive question.
* **--no-plugins:** Disables plugins.
* **--no-cache:** Disables the use of the cache directory. Same as setting the COMPOSER_CACHE_DIR
env var to /dev/null (or NUL on Windows).
2012-11-08 14:44:58 +00:00
* **--working-dir (-d):** If specified, use the given directory as working directory.
* **--profile:** Display timing and memory usage information
* **--ansi:** Force ANSI output.
* **--no-ansi:** Disable ANSI output.
* **--version (-V):** Display this application version.
## Process Exit Codes
* **0:** OK
* **1:** Generic/unknown error code
* **2:** Dependency solving error code
2012-02-19 14:16:25 +00:00
## init
In the [Libraries](02-libraries.md) chapter we looked at how to create a
`composer.json` by hand. There is also an `init` command available to do this.
2012-02-19 14:16:25 +00:00
2012-02-20 10:08:18 +00:00
When you run the command it will interactively ask you to fill in the fields,
while using some smart defaults.
2012-02-19 14:16:25 +00:00
```sh
php composer.phar init
```
2012-02-19 14:16:25 +00:00
### Options
* **--name:** Name of the package.
* **--description:** Description of the package.
* **--author:** Author name of the package.
2017-03-21 13:57:46 +00:00
* **--type:** Type of package.
* **--homepage:** Homepage of the package.
* **--require:** Package to require with a version constraint. Should be
in format `foo/bar:1.0.0`.
* **--require-dev:** Development requirements, see **--require**.
2012-11-30 16:10:37 +00:00
* **--stability (-s):** Value for the `minimum-stability` field.
2017-03-21 13:57:46 +00:00
* **--license (-l):** License of package.
* **--repository:** Provide one (or more) custom repositories. They will be stored
in the generated composer.json, and used for auto-completion when prompting for
the list of requires. Every repository can be either an HTTP URL pointing
to a `composer` repository or a JSON string which similar to what the
[repositories](04-schema.md#repositories) key accepts.
2018-07-11 17:21:09 +00:00
## install / i
2012-02-19 14:16:25 +00:00
2012-02-20 10:08:18 +00:00
The `install` command reads the `composer.json` file from the current
directory, resolves the dependencies, and installs them into `vendor`.
2012-02-19 14:16:25 +00:00
```sh
php composer.phar install
```
2012-02-19 14:16:25 +00:00
2012-02-20 10:08:18 +00:00
If there is a `composer.lock` file in the current directory, it will use the
exact versions from there instead of resolving them. This ensures that
everyone using the library will get the same versions of the dependencies.
2012-02-19 14:16:25 +00:00
If there is no `composer.lock` file, Composer will create one after dependency
2012-02-20 10:08:18 +00:00
resolution.
2012-02-19 14:16:25 +00:00
### Options
* **--prefer-source:** There are two ways of downloading a package: `source`
and `dist`. For stable versions Composer will use the `dist` by default.
The `source` is a version control repository. If `--prefer-source` is
enabled, Composer will install from `source` if there is one. This is
useful if you want to make a bugfix to a project and get a local git
clone of the dependency directly.
* **--prefer-dist:** Reverse of `--prefer-source`, Composer will install
2012-11-08 14:44:58 +00:00
from `dist` if possible. This can speed up installs substantially on build
servers and other use cases where you typically do not run updates of the
vendors. It is also a way to circumvent problems with git if you do not
have a proper setup.
* **--dry-run:** If you want to run through an installation without actually
installing a package, you can use `--dry-run`. This will simulate the
installation and show you what would happen.
* **--dev:** Install packages listed in `require-dev` (this is the default behavior).
2015-06-24 06:43:07 +00:00
* **--no-dev:** Skip installing packages listed in `require-dev`. The autoloader
generation skips the `autoload-dev` rules.
* **--no-autoloader:** Skips autoloader generation.
* **--no-scripts:** Skips execution of scripts defined in `composer.json`.
2012-12-13 16:19:58 +00:00
* **--no-progress:** Removes the progress display that can mess with some
terminals or scripts which don't handle backspace characters.
* **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to get a faster
2012-11-08 14:44:58 +00:00
autoloader. This is recommended especially for production, but can take
a bit of time to run so it is currently not done by default.
* **--classmap-authoritative (-a):** Autoload classes from the classmap only.
Implicitly enables `--optimize-autoloader`.
* **--apcu-autoloader:** Use APCu to cache found/not-found classes.
* **--apcu-autoloader-prefix:** Use a custom prefix for the APCu autoloader cache.
Implicitly enables `--apcu-autoloader`.
* **--ignore-platform-reqs:** ignore all platform requirements (`php`, `hhvm`,
`lib-*` and `ext-*`) and force the installation even if the local machine does
not fulfill these.
See also the [`platform`](06-config.md#platform) config option.
* **--ignore-platform-req:** ignore a specific platform requirement(`php`,
`hhvm`, `lib-*` and `ext-*`) and force the installation even if the local machine
does not fulfill it.
2012-02-19 14:16:25 +00:00
2018-07-19 08:38:43 +00:00
## update / u
2012-02-19 14:16:25 +00:00
2012-02-20 10:08:18 +00:00
In order to get the latest versions of the dependencies and to update the
`composer.lock` file, you should use the `update` command. This command is also
aliased as `upgrade` as it does the same as `upgrade` does if you are thinking
of `apt-get` or similar package managers.
2012-02-19 14:16:25 +00:00
```sh
php composer.phar update
```
2012-02-19 14:16:25 +00:00
2012-02-20 10:08:18 +00:00
This will resolve all dependencies of the project and write the exact versions
into `composer.lock`.
2012-02-19 14:16:25 +00:00
2018-03-23 10:37:33 +00:00
If you only want to update a few packages and not all, you can list them as such:
2012-05-26 13:27:35 +00:00
```sh
php composer.phar update vendor/package vendor/package2
```
2012-05-26 13:27:35 +00:00
2012-12-13 14:06:06 +00:00
You can also use wildcards to update a bunch of packages at once:
```sh
php composer.phar update "vendor/*"
```
If you want to downgrade a package to a specific version without changing your
composer.json you can use `--with` and provide a custom version constraint:
```sh
php composer.phar update --with vendor/package:2.0.1
```
The custom constraint has to be a subset of the existing constraint you have,
and this feature is only available for your root package dependencies.
If you only want to update the package(s) for which you provide custom constraints
using `--with`, you can skip `--with` and just use constraints with the partial
update syntax:
```sh
php composer.phar update vendor/package:2.0.1 vendor/package2:3.0.*
```
2012-02-19 14:16:25 +00:00
### Options
* **--prefer-source:** Install packages from `source` when available.
2012-11-08 14:44:58 +00:00
* **--prefer-dist:** Install packages from `dist` when available.
2012-02-19 14:16:25 +00:00
* **--dry-run:** Simulate the command without actually doing anything.
* **--dev:** Install packages listed in `require-dev` (this is the default behavior).
* **--no-dev:** Skip installing packages listed in `require-dev`. The autoloader generation skips the `autoload-dev` rules.
* **--no-install:** Does not run the install step after updating the composer.lock file.
2017-03-21 13:57:46 +00:00
* **--lock:** Only updates the lock file hash to suppress warning about the
lock file being out of date.
* **--with:** Temporary version constraint to add, e.g. foo/bar:1.0.0 or foo/bar=1.0.0
* **--no-autoloader:** Skips autoloader generation.
* **--no-scripts:** Skips execution of scripts defined in `composer.json`.
2012-12-13 16:19:58 +00:00
* **--no-progress:** Removes the progress display that can mess with some
terminals or scripts which don't handle backspace characters.
2020-10-12 08:36:12 +00:00
* **--with-dependencies (-w):** Update also dependencies of packages in the argument list, except those which are root requirements.
* **--with-all-dependencies (-W):** Update also dependencies of packages in the argument list, including those which are root requirements.
* **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to get a faster
2012-11-08 14:44:58 +00:00
autoloader. This is recommended especially for production, but can take
a bit of time to run, so it is currently not done by default.
* **--classmap-authoritative (-a):** Autoload classes from the classmap only.
Implicitly enables `--optimize-autoloader`.
* **--apcu-autoloader:** Use APCu to cache found/not-found classes.
* **--apcu-autoloader-prefix:** Use a custom prefix for the APCu autoloader cache.
Implicitly enables `--apcu-autoloader`.
* **--ignore-platform-reqs:** ignore all platform requirements (`php`, `hhvm`,
`lib-*` and `ext-*`) and force the installation even if the local machine does
not fulfill these.
See also the [`platform`](06-config.md#platform) config option.
* **--ignore-platform-req:** ignore a specific platform requirement(`php`,
`hhvm`, `lib-*` and `ext-*`) and force the installation even if the local machine
does not fulfill it.
2014-12-13 22:56:15 +00:00
* **--prefer-stable:** Prefer stable versions of dependencies.
* **--prefer-lowest:** Prefer lowest versions of dependencies. Useful for testing minimal
versions of requirements, generally used with `--prefer-stable`.
2017-03-21 13:57:46 +00:00
* **--interactive:** Interactive interface with autocompletion to select the packages to update.
* **--root-reqs:** Restricts the update to your first degree dependencies.
2012-02-19 14:16:25 +00:00
Specifying one of the words `mirrors`, `lock`, or `nothing` as an argument has the same effect as specifying the option `--lock`, for example `composer update mirrors` is exactly the same as `composer update --lock`.
## require
The `require` command adds new packages to the `composer.json` file from
the current directory. If no file exists one will be created on the fly.
```sh
php composer.phar require
```
2012-05-26 13:27:35 +00:00
After adding/changing the requirements, the modified requirements will be
installed or updated.
2012-05-26 13:27:35 +00:00
2018-03-23 10:37:33 +00:00
If you do not want to choose requirements interactively, you can pass them
2012-05-26 13:27:35 +00:00
to the command.
```sh
php composer.phar require "vendor/package:2.*" vendor/package2:dev-master
```
If you do not specify a package, composer will prompt you to search for a package, and given results, provide a list of matches to require.
2012-05-26 13:27:35 +00:00
### Options
2017-03-21 13:57:46 +00:00
* **--dev:** Add packages to `require-dev`.
* **--dry-run:** Simulate the command without actually doing anything.
2012-05-26 13:27:35 +00:00
* **--prefer-source:** Install packages from `source` when available.
2012-11-08 14:44:58 +00:00
* **--prefer-dist:** Install packages from `dist` when available.
2012-12-13 16:19:58 +00:00
* **--no-progress:** Removes the progress display that can mess with some
terminals or scripts which don't handle backspace characters.
* **--no-update:** Disables the automatic update of the dependencies (implies --no-install).
* **--no-install:** Does not run the install step after updating the composer.lock file.
* **--no-scripts:** Skips execution of scripts defined in `composer.json`.
2015-07-09 01:45:46 +00:00
* **--update-no-dev:** Run the dependency update with the `--no-dev` option.
2020-10-12 08:36:12 +00:00
* **--update-with-dependencies (-w):** Also update dependencies of the newly required packages, except those that are root requirements.
* **--update-with-all-dependencies (-W):** Also update dependencies of the newly required packages, including those that are root requirements.
* **--ignore-platform-reqs:** ignore all platform requirements (`php`, `hhvm`,
`lib-*` and `ext-*`) and force the installation even if the local machine does
not fulfill these.
See also the [`platform`](06-config.md#platform) config option.
* **--ignore-platform-req:** ignore a specific platform requirement(`php`,
`hhvm`, `lib-*` and `ext-*`) and force the installation even if the local machine
does not fulfill it.
2017-03-21 13:57:46 +00:00
* **--prefer-stable:** Prefer stable versions of dependencies.
* **--prefer-lowest:** Prefer lowest versions of dependencies. Useful for testing minimal
versions of requirements, generally used with `--prefer-stable`.
* **--sort-packages:** Keep packages sorted in `composer.json`.
* **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to
get a faster autoloader. This is recommended especially for production, but
can take a bit of time to run, so it is currently not done by default.
* **--classmap-authoritative (-a):** Autoload classes from the classmap only.
Implicitly enables `--optimize-autoloader`.
* **--apcu-autoloader:** Use APCu to cache found/not-found classes.
* **--apcu-autoloader-prefix:** Use a custom prefix for the APCu autoloader cache.
Implicitly enables `--apcu-autoloader`.
2017-03-21 13:57:46 +00:00
## remove
The `remove` command removes packages from the `composer.json` file from
the current directory.
```sh
php composer.phar remove vendor/package vendor/package2
```
After removing the requirements, the modified requirements will be
uninstalled.
### Options
* **--dev:** Remove packages from `require-dev`.
* **--dry-run:** Simulate the command without actually doing anything.
* **--no-progress:** Removes the progress display that can mess with some
terminals or scripts which don't handle backspace characters.
* **--no-update:** Disables the automatic update of the dependencies (implies --no-install).
* **--no-install:** Does not run the install step after updating the composer.lock file.
* **--no-scripts:** Skips execution of scripts defined in `composer.json`.
* **--update-no-dev:** Run the dependency update with the --no-dev option.
2020-10-12 08:36:12 +00:00
* **--update-with-dependencies (-w):** Also update dependencies of the removed packages.
(Deprecrated, is now default behavior)
* **--update-with-all-dependencies (-W):** Allows all inherited dependencies to be updated,
including those that are root requirements.
* **--ignore-platform-reqs:** ignore all platform requirements (`php`, `hhvm`,
`lib-*` and `ext-*`) and force the installation even if the local machine does
not fulfill these.
See also the [`platform`](06-config.md#platform) config option.
* **--ignore-platform-req:** ignore a specific platform requirement(`php`,
`hhvm`, `lib-*` and `ext-*`) and force the installation even if the local machine
does not fulfill it.
* **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to
get a faster autoloader. This is recommended especially for production, but
can take a bit of time to run so it is currently not done by default.
* **--classmap-authoritative (-a):** Autoload classes from the classmap only.
Implicitly enables `--optimize-autoloader`.
* **--apcu-autoloader:** Use APCu to cache found/not-found classes.
* **--apcu-autoloader-prefix:** Use a custom prefix for the APCu autoloader cache.
Implicitly enables `--apcu-autoloader`.
2017-12-16 21:04:48 +00:00
## check-platform-reqs
The check-platform-reqs command checks that your PHP and extensions versions
match the platform requirements of the installed packages. This can be used
to verify that a production server has all the extensions needed to run a
project after installing it for example.
Unlike update/install, this command will ignore config.platform settings and
check the real platform packages so you can be certain you have the required
platform dependencies.
2013-08-17 01:45:51 +00:00
## global
The global command allows you to run other commands like `install`, `remove`, `require`
2013-10-13 09:52:28 +00:00
or `update` as if you were running them from the [COMPOSER_HOME](#composer-home)
2013-08-17 01:45:51 +00:00
directory.
This is merely a helper to manage a project stored in a central location that
can hold CLI tools or Composer plugins that you want to have available everywhere.
This can be used to install CLI utilities globally. Here is an example:
2013-08-17 01:45:51 +00:00
```sh
php composer.phar global require friendsofphp/php-cs-fixer
```
2013-08-17 01:45:51 +00:00
2018-03-23 10:37:33 +00:00
Now the `php-cs-fixer` binary is available globally. Make sure your global
[vendor binaries](articles/vendor-binaries.md) directory is in your `$PATH`
environment variable, you can get its location with the following command :
```sh
php composer.phar global config bin-dir --absolute
```
2018-03-23 10:37:33 +00:00
If you wish to update the binary later on you can run a global update:
2013-08-17 01:45:51 +00:00
```sh
php composer.phar global update
```
2013-08-17 01:45:51 +00:00
2012-02-19 14:16:25 +00:00
## search
2012-02-20 10:08:18 +00:00
The search command allows you to search through the current project's package
repositories. Usually this will be packagist. You pass it the terms you want
to search for.
2012-02-19 14:16:25 +00:00
```sh
php composer.phar search monolog
```
2012-02-19 14:16:25 +00:00
You can also search for more than one term by passing multiple arguments.
### Options
* **--only-name (-N):** Search only in name.
2017-03-21 13:57:46 +00:00
* **--type (-t):** Search for a specific package type.
2012-02-19 14:16:25 +00:00
## show
To list all of the available packages, you can use the `show` command.
```sh
php composer.phar show
```
2012-02-19 14:16:25 +00:00
To filter the list you can pass a package mask using wildcards.
```sh
php composer.phar show monolog/*
monolog/monolog 1.19.0 Sends your logs to files, sockets, inboxes, databases and various web services
```
2012-02-20 10:08:18 +00:00
If you want to see the details of a certain package, you can pass the package
name.
2012-02-19 14:16:25 +00:00
```sh
php composer.phar show monolog/monolog
2012-02-19 14:16:25 +00:00
name : monolog/monolog
versions : master-dev, 1.0.2, 1.0.1, 1.0.0, 1.0.0-RC1
type : library
names : monolog/monolog
2015-05-04 17:37:57 +00:00
source : [git] https://github.com/Seldaek/monolog.git 3d4e60d0cbc4b888fe5ad223d77964428b1978da
dist : [zip] https://github.com/Seldaek/monolog/zipball/3d4e60d0cbc4b888fe5ad223d77964428b1978da 3d4e60d0cbc4b888fe5ad223d77964428b1978da
license : MIT
2012-02-19 14:16:25 +00:00
autoload
psr-0
Monolog : src/
2012-02-19 14:16:25 +00:00
requires
php >=5.3.0
```
2012-02-19 14:16:25 +00:00
2012-02-20 10:08:18 +00:00
You can even pass the package version, which will tell you the details of that
specific version.
2012-02-19 14:16:25 +00:00
```sh
php composer.phar show monolog/monolog 1.0.2
```
2012-02-19 14:16:25 +00:00
### Options
2017-03-21 13:57:46 +00:00
* **--all :** List all packages available in all your repositories.
* **--installed (-i):** List the packages that are installed (this is enabled by default, and deprecated).
2020-04-28 06:53:23 +00:00
* **--locked:** List the locked packages from composer.lock.
2012-11-08 14:44:58 +00:00
* **--platform (-p):** List only platform packages (php & extensions).
2017-03-21 13:57:46 +00:00
* **--available (-a):** List available packages only.
2012-11-08 14:44:58 +00:00
* **--self (-s):** List the root package info.
* **--name-only (-N):** List package names only.
* **--path (-P):** List package paths.
2017-03-21 13:57:46 +00:00
* **--tree (-t):** List your dependencies as a tree. If you pass a package name it will show the dependency tree for that package.
* **--latest (-l):** List all installed packages including their latest version.
* **--outdated (-o):** Implies --latest, but this lists *only* packages that have a newer version available.
* **--no-dev:** Filters dev dependencies from the package list.
* **--minor-only (-m):** Use with --latest. Only shows packages that have minor SemVer-compatible updates.
* **--direct (-D):** Restricts the list of packages to your direct dependencies.
2017-03-21 13:57:46 +00:00
* **--strict:** Return a non-zero exit code when there are outdated packages.
* **--format (-f):** Lets you pick between text (default) or json output format.
2012-02-19 14:16:25 +00:00
## outdated
The `outdated` command shows a list of installed packages that have updates available,
including their current and latest versions. This is basically an alias for
`composer show -lo`.
The color coding is as such:
- **green (=)**: Dependency is in the latest version and is up to date.
- **yellow (`~`)**: Dependency has a new version available that includes backwards compatibility breaks according to semver, so upgrade when
you can but it may involve work.
- **red (!)**: Dependency has a new version that is semver-compatible and you should upgrade it.
### Options
* **--all (-a):** Show all packages, not just outdated (alias for `composer show -l`).
* **--direct (-D):** Restricts the list of packages to your direct dependencies.
* **--strict:** Returns non-zero exit code if any package is outdated.
2017-03-21 13:57:46 +00:00
* **--minor-only (-m):** Only shows packages that have minor SemVer-compatible updates.
* **--format (-f):** Lets you pick between text (default) or json output format.
* **--no-dev:** Do not show outdated dev dependencies.
* **--locked:** Shows updates for packages from the lock file, regardless of what is currently in vendor dir.
## browse / home
The `browse` (aliased to `home`) opens a package's repository URL or homepage
in your browser.
### Options
* **--homepage (-H):** Open the homepage instead of the repository URL.
2017-03-21 13:57:46 +00:00
* **--show (-s):** Only show the homepage or repository URL.
2014-03-17 11:26:19 +00:00
## suggests
2015-06-23 20:44:02 +00:00
Lists all packages suggested by currently installed set of packages. You can
optionally pass one or multiple package names in the format of `vendor/package`
to limit output to suggestions made by those packages only.
2014-03-17 11:26:19 +00:00
Use the `--by-package` (default) or `--by-suggestion` flags to group the output by
the package offering the suggestions or the suggested packages respectively.
If you only want a list of suggested package names, use `--list`.
2017-03-21 13:57:46 +00:00
2014-03-17 11:26:19 +00:00
### Options
* **--by-package:** Groups output by suggesting package (default).
* **--by-suggestion:** Groups output by suggested package.
* **--all:** Show suggestions from all dependencies, including transitive ones (by
default only direct dependencies' suggestions are shown).
* **--list:** Show only list of suggested package names.
2015-06-24 06:43:07 +00:00
* **--no-dev:** Excludes suggestions from `require-dev` packages.
2014-03-17 11:26:19 +00:00
2020-02-14 13:08:26 +00:00
## fund
Discover how to help fund the maintenance of your dependencies. This lists
all funding links from the installed dependencies.
2017-08-16 13:08:05 +00:00
## depends (why)
2012-02-19 14:16:25 +00:00
2012-02-20 10:08:18 +00:00
The `depends` command tells you which other packages depend on a certain
2016-02-16 15:50:06 +00:00
package. As with installation `require-dev` relationships are only considered
for the root package.
2012-02-19 14:16:25 +00:00
```sh
2016-02-16 15:50:06 +00:00
php composer.phar depends doctrine/lexer
doctrine/annotations v1.2.7 requires doctrine/lexer (1.*)
doctrine/common v2.6.1 requires doctrine/lexer (1.*)
```
You can optionally specify a version constraint after the package to limit the
search.
2012-02-19 14:16:25 +00:00
Add the `--tree` or `-t` flag to show a recursive tree of why the package is
depended upon, for example:
```sh
2016-02-16 15:50:06 +00:00
php composer.phar depends psr/log -t
psr/log 1.0.0 Common interface for logging libraries
|- aboutyou/app-sdk 2.6.11 (requires psr/log 1.0.*)
| `- __root__ (requires aboutyou/app-sdk ^2.6)
|- monolog/monolog 1.17.2 (requires psr/log ~1.0)
| `- laravel/framework v5.2.16 (requires monolog/monolog ~1.11)
| `- __root__ (requires laravel/framework ^5.2)
`- symfony/symfony v3.0.2 (requires psr/log ~1.0)
`- __root__ (requires symfony/symfony ^3.0)
```
2012-02-19 14:16:25 +00:00
### Options
* **--recursive (-r):** Recursively resolves up to the root package.
* **--tree (-t):** Prints the results as a nested tree, implies -r.
2012-02-19 14:16:25 +00:00
2017-08-16 13:08:05 +00:00
## prohibits (why-not)
The `prohibits` command tells you which packages are blocking a given package
from being installed. Specify a version constraint to verify whether upgrades
can be performed in your project, and if not why not. See the following
example:
```sh
php composer.phar prohibits symfony/symfony 3.1
laravel/framework v5.2.16 requires symfony/var-dumper (2.8.*|3.0.*)
```
2012-02-19 14:16:25 +00:00
Note that you can also specify platform requirements, for example to check
whether you can upgrade your server to PHP 8.0:
```sh
php composer.phar prohibits php:8
doctrine/cache v1.6.0 requires php (~5.5|~7.0)
doctrine/common v2.6.1 requires php (~5.5|~7.0)
doctrine/instantiator 1.0.5 requires php (>=5.3,<8.0-DEV)
```
As with `depends` you can request a recursive lookup, which will list all
packages depending on the packages that cause the conflict.
2012-02-19 14:16:25 +00:00
### Options
* **--recursive (-r):** Recursively resolves up to the root package.
* **--tree (-t):** Prints the results as a nested tree, implies -r.
2012-02-19 14:16:25 +00:00
## validate
2012-02-20 10:08:18 +00:00
You should always run the `validate` command before you commit your
`composer.json` file, and before you tag a release. It will check if your
`composer.json` is valid.
2012-02-19 14:16:25 +00:00
```sh
php composer.phar validate
```
2012-02-19 14:16:25 +00:00
### Options
* **--no-check-all:** Do not emit a warning if requirements in `composer.json` use unbound or overly strict version constraints.
2015-07-08 00:12:59 +00:00
* **--no-check-lock:** Do not emit an error if `composer.lock` exists and is not up to date.
2015-07-09 11:04:41 +00:00
* **--no-check-publish:** Do not emit an error if `composer.json` is unsuitable for publishing as a package on Packagist but is otherwise valid.
2017-03-21 13:57:46 +00:00
* **--with-dependencies:** Also validate the composer.json of all installed dependencies.
* **--strict:** Return a non-zero exit code for warnings as well as errors.
2015-07-09 11:04:41 +00:00
2012-11-30 16:23:01 +00:00
## status
If you often need to modify the code of your dependencies and they are
installed from source, the `status` command allows you to check if you have
local changes in any of them.
```sh
php composer.phar status
```
2012-11-30 16:23:01 +00:00
With the `--verbose` option you get some more information about what was
changed:
```sh
php composer.phar status -v
You have changes in the following dependencies:
vendor/seld/jsonlint:
M README.mdown
```
2012-11-30 16:23:01 +00:00
2017-08-16 13:11:04 +00:00
## self-update (selfupdate)
2012-02-19 14:16:25 +00:00
2018-03-23 10:37:33 +00:00
To update Composer itself to the latest version, run the `self-update`
2012-02-20 10:08:18 +00:00
command. It will replace your `composer.phar` with the latest version.
2012-02-19 14:16:25 +00:00
```sh
php composer.phar self-update
```
2012-02-19 14:16:25 +00:00
If you would like to instead update to a specific release specify it:
```sh
php composer.phar self-update 1.0.0-alpha7
```
If you have installed Composer for your entire system (see [global installation](00-intro.md#globally)),
you may have to run the command with `root` privileges
```sh
2016-02-03 14:46:15 +00:00
sudo -H composer self-update
```
If Composer was not installed as a PHAR, this command is not available.
(This is sometimes the case when Composer was installed by an operating system package manager.)
### Options
* **--rollback (-r):** Rollback to the last version you had installed.
2015-06-24 06:43:07 +00:00
* **--clean-backups:** Delete old backups during an update. This makes the
current version of Composer the only backup available after the update.
2017-03-21 13:57:46 +00:00
* **--no-progress:** Do not output download progress.
* **--update-keys:** Prompt user for a key update.
* **--stable:** Force an update to the stable channel.
* **--preview:** Force an update to the preview channel.
* **--snapshot:** Force an update to the snapshot channel.
2020-11-04 15:35:20 +00:00
* **--1:** Force an update to the stable channel, but only use 1.x versions
* **--2:** Force an update to the stable channel, but only use 2.x versions
* **--set-channel-only:** Only store the channel as the default one and then exit
2012-12-07 03:30:44 +00:00
## config
The `config` command allows you to edit composer config settings and repositories
in either the local `composer.json` file or the global `config.json` file.
Additionally it lets you edit most properties in the local `composer.json`.
```sh
php composer.phar config --list
```
### Usage
`config [options] [setting-key] [setting-value1] ... [setting-valueN]`
`setting-key` is a configuration option name and `setting-value1` is a
configuration value. For settings that can take an array of values (like
`github-protocols`), more than one setting-value arguments are allowed.
You can also edit the values of the following properties:
`description`, `homepage`, `keywords`, `license`, `minimum-stability`,
`name`, `prefer-stable`, `type` and `version`.
2015-06-22 12:18:49 +00:00
See the [Config](06-config.md) chapter for valid configuration options.
### Options
* **--global (-g):** Operate on the global config file located at
`$COMPOSER_HOME/config.json` by default. Without this option, this command
affects the local composer.json file or a file specified by `--file`.
* **--editor (-e):** Open the local composer.json file using in a text editor as
defined by the `EDITOR` env variable. With the `--global` option, this opens
the global config file.
2017-03-21 13:57:46 +00:00
* **--auth (-a):** Affect auth config file (only used for --editor).
* **--unset:** Remove the configuration element named by `setting-key`.
* **--list (-l):** Show the list of current config variables. With the `--global`
option this lists the global configuration only.
* **--file="..." (-f):** Operate on a specific file instead of composer.json. Note
that this cannot be used in conjunction with the `--global` option.
* **--absolute:** Returns absolute paths when fetching `*-dir` config values
instead of relative.
* **--json:** JSON decode the setting value, to be used with `extra.*` keys.
* **--merge:** Merge the setting value with the current value, to be used with `extra.*` keys in combination with `--json`.
### Modifying Repositories
In addition to modifying the config section, the `config` command also supports making
changes to the repositories section by using it the following way:
```sh
2015-05-04 17:37:57 +00:00
php composer.phar config repositories.foo vcs https://github.com/foo/bar
```
If your repository requires more configuration options, you can instead pass its JSON representation :
```sh
php composer.phar config repositories.foo '{"type": "vcs", "url": "http://svn.example.org/my-project/", "trunk-path": "master"}'
```
### Modifying Extra Values
In addition to modifying the config section, the `config` command also supports making
changes to the extra section by using it the following way:
```sh
php composer.phar config extra.foo.bar value
```
The dots indicate array nesting, a max depth of 3 levels is allowed though. The above
would set `"extra": { "foo": { "bar": "value" } }`.
If you have a complex value to add/modify, you can use the `--json` and `--merge` flags
to edit extra fields as json:
```sh
php composer.phar config --json extra.foo.bar '{"baz": true, "qux": []}'
```
## create-project
You can use Composer to create new projects from an existing package. This is
2017-12-29 11:44:51 +00:00
the equivalent of doing a git clone/svn checkout followed by a `composer install`
of the vendors.
There are several applications for this:
1. You can deploy application packages.
2. You can check out any package and start developing on patches for example.
3. Projects with multiple developers can use this feature to bootstrap the
initial application for development.
2017-12-29 11:44:51 +00:00
To create a new project using Composer you can use the `create-project` command.
Pass it a package name, and the directory to create the project in. You can also
provide a version as third argument, otherwise the latest version is used.
2013-03-02 11:42:53 +00:00
If the directory does not currently exist, it will be created during installation.
```sh
php composer.phar create-project doctrine/orm path "2.2.*"
```
It is also possible to run the command without params in a directory with an
existing `composer.json` file to bootstrap a project.
By default the command checks for the packages on packagist.org.
### Options
2017-03-21 13:57:46 +00:00
* **--stability (-s):** Minimum stability of package. Defaults to `stable`.
* **--prefer-source:** Install packages from `source` when available.
* **--prefer-dist:** Install packages from `dist` when available.
* **--repository:** Provide a custom repository to search for the package,
which will be used instead of packagist. Can be either an HTTP URL pointing
to a `composer` repository, a path to a local `packages.json` file, or a
JSON string which similar to what the [repositories](04-schema.md#repositories)
key accepts. You can use this multiple times to configure multiple repositories.
* **--add-repository:** Add the custom repository in the composer.json. If a lock
file is present it will be deleted and an update will be run instead of install.
* **--dev:** Install packages listed in `require-dev`.
2017-03-21 13:57:46 +00:00
* **--no-dev:** Disables installation of require-dev packages.
2012-11-08 14:44:58 +00:00
* **--no-scripts:** Disables the execution of the scripts defined in the root
package.
2012-12-13 16:19:58 +00:00
* **--no-progress:** Removes the progress display that can mess with some
terminals or scripts which don't handle backspace characters.
* **--no-secure-http:** Disable the secure-http config option temporarily while
installing the root package. Use at your own risk. Using this flag is a bad
idea.
2012-11-08 14:44:58 +00:00
* **--keep-vcs:** Skip the deletion of the VCS metadata for the created
project. This is mostly useful if you run the command in non-interactive
mode.
2018-01-31 15:23:01 +00:00
* **--remove-vcs:** Force-remove the VCS metadata without prompting.
2017-03-21 13:57:46 +00:00
* **--no-install:** Disables installation of the vendors.
* **--ignore-platform-reqs:** ignore all platform requirements (`php`, `hhvm`,
`lib-*` and `ext-*`) and force the installation even if the local machine does
not fulfill these.
See also the [`platform`](06-config.md#platform) config option.
* **--ignore-platform-req:** ignore a specific platform requirement(`php`,
`hhvm`, `lib-*` and `ext-*`) and force the installation even if the local machine
does not fulfill it.
* **--ask:** Ask user to provide target directory for new project.
2017-08-16 13:11:04 +00:00
## dump-autoload (dumpautoload)
2012-08-15 10:39:53 +00:00
If you need to update the autoloader because of new classes in a classmap
2017-12-29 11:44:51 +00:00
package for example, you can use `dump-autoload` to do that without having to
2012-08-15 10:39:53 +00:00
go through an install or update.
Additionally, it can dump an optimized autoloader that converts PSR-0/4 packages
2012-08-15 10:39:53 +00:00
into classmap ones for performance reasons. In large applications with many
classes, the autoloader can take up a substantial portion of every request's
time. Using classmaps for everything is less convenient in development, but
using this option you can still use PSR-0/4 for convenience and classmaps for
2012-08-15 10:39:53 +00:00
performance.
### Options
2017-12-29 11:44:51 +00:00
* **--no-scripts:** Skips the execution of all scripts defined in `composer.json` file.
* **--optimize (-o):** Convert PSR-0/4 autoloading to classmap to get a faster
2012-08-15 10:39:53 +00:00
autoloader. This is recommended especially for production, but can take
a bit of time to run, so it is currently not done by default.
* **--classmap-authoritative (-a):** Autoload classes from the classmap only.
Implicitly enables `--optimize`.
* **--apcu:** Use APCu to cache found/not-found classes.
* **--apcu-prefix:** Use a custom prefix for the APCu autoloader cache.
Implicitly enables `--apcu`.
* **--no-dev:** Disables autoload-dev rules.
* **--ignore-platform-reqs:** ignore all `php`, `hhvm`, `lib-*` and `ext-*`
requirements and skip the [platform check](07-runtime.md#platform-check) for these.
See also the [`platform`](06-config.md#platform) config option.
* **--ignore-platform-req:** ignore a specific platform requirement (`php`, `hhvm`,
`lib-*` and `ext-*`) and skip the [platform check](07-runtime.md#platform-check) for it.
2012-08-15 10:39:53 +00:00
2019-12-04 10:41:39 +00:00
## clear-cache / clearcache / cc
2014-12-13 17:59:14 +00:00
Deletes all content from Composer's cache directories.
2013-08-17 01:45:51 +00:00
## licenses
Lists the name, version and license of every package installed. Use
`--format=json` to get machine-readable output.
2013-08-17 01:45:51 +00:00
2014-12-08 21:21:33 +00:00
### Options
* **--format:** Format of the output: text, json or summary (default: "text")
2017-03-21 13:57:46 +00:00
* **--no-dev:** Remove dev dependencies from the output
2014-12-08 21:21:33 +00:00
## run-script
2015-02-03 14:26:02 +00:00
### Options
* **--timeout:** Set the script timeout in seconds, or 0 for no timeout.
2017-03-21 13:57:46 +00:00
* **--dev:** Sets the dev mode.
* **--no-dev:** Disable dev mode.
* **--list (-l):** List user defined scripts.
2015-02-03 14:26:02 +00:00
To run [scripts](articles/scripts.md) manually you can use this command,
2018-03-23 10:37:33 +00:00
give it the script name and optionally any required arguments.
2016-02-25 12:21:30 +00:00
## exec
Executes a vendored binary/script. You can execute any command and this will
ensure that the Composer bin-dir is pushed on your PATH before the command
runs.
### Options
2017-03-21 13:57:46 +00:00
* **--list (-l):** List the available composer binaries.
2016-02-25 12:21:30 +00:00
2013-04-04 13:44:18 +00:00
## diagnose
2013-04-03 22:47:03 +00:00
If you think you found a bug, or something is behaving strangely, you might
2013-04-04 13:44:18 +00:00
want to run the `diagnose` command to perform automated checks for many common
2013-04-03 22:47:03 +00:00
problems.
```sh
php composer.phar diagnose
```
2013-04-03 22:47:03 +00:00
## archive
This command is used to generate a zip/tar archive for a given package in a
given version. It can also be used to archive your entire project without
excluded/ignored files.
```sh
php composer.phar archive vendor/package 2.0.21 --format=zip
```
### Options
* **--format (-f):** Format of the resulting archive: tar or zip (default:
"tar")
* **--dir:** Write the archive to this directory (default: ".")
2017-03-21 13:57:46 +00:00
* **--file:** Write the archive with the given file name.
2012-02-19 14:16:25 +00:00
## help
2018-03-23 10:37:33 +00:00
To get more information about a certain command, you can use `help`.
2012-02-19 14:16:25 +00:00
```sh
php composer.phar help install
```
## Command-line completion
Command-line completion can be enabled by following instructions
[on this page](https://github.com/bamarni/symfony-console-autocomplete).
## Environment variables
You can set a number of environment variables that override certain settings.
Whenever possible it is recommended to specify these settings in the `config`
2013-08-14 13:37:09 +00:00
section of `composer.json` instead. It is worth noting that the env vars will
always take precedence over the values specified in `composer.json`.
### COMPOSER
2012-03-17 14:02:39 +00:00
By setting the `COMPOSER` env variable it is possible to set the filename of
`composer.json` to something else.
For example:
```sh
COMPOSER=composer-other.json php composer.phar install
```
The generated lock file will use the same name: `composer-other.lock` in this example.
### COMPOSER_ALLOW_SUPERUSER
If set to 1, this env disables the warning about running commands as root/super user.
It also disables automatic clearing of sudo sessions, so you should really only set this
if you use Composer as super user at all times like in docker containers.
### COMPOSER_ALLOW_XDEBUG
If set to 1, this env allows running Composer when the Xdebug extension is enabled, without restarting PHP without it.
### COMPOSER_AUTH
The `COMPOSER_AUTH` var allows you to set up authentication as an environment variable.
The contents of the variable should be a JSON formatted object containing [http-basic,
github-oauth, bitbucket-oauth, ... objects as needed](articles/authentication-for-private-packages.md),
and following the
[spec from the config](06-config.md).
### COMPOSER_BIN_DIR
By setting this option you can change the `bin` ([Vendor Binaries](articles/vendor-binaries.md))
directory to something other than `vendor/bin`.
### COMPOSER_CACHE_DIR
The `COMPOSER_CACHE_DIR` var allows you to change the Composer cache directory,
which is also configurable via the [`cache-dir`](06-config.md#cache-dir) option.
By default, it points to `$COMPOSER_HOME/cache` on \*nix and macOS, and
`C:\Users\<user>\AppData\Local\Composer` (or `%LOCALAPPDATA%/Composer`) on Windows.
### COMPOSER_CAFILE
By setting this environmental value, you can set a path to a certificate bundle
file to be used during SSL/TLS peer verification.
### COMPOSER_DISABLE_XDEBUG_WARN
If set to 1, this env suppresses a warning when Composer is running with the Xdebug extension enabled.
### COMPOSER_DISCARD_CHANGES
This env var controls the [`discard-changes`](06-config.md#discard-changes) config option.
2012-04-26 15:24:31 +00:00
### COMPOSER_HOME
The `COMPOSER_HOME` var allows you to change the Composer home directory. This
is a hidden, global (per-user on the machine) directory that is shared between
all projects.
2012-04-26 15:24:31 +00:00
Use `composer config --global home` to see the location of the home directory.
By default, it points to `C:\Users\<user>\AppData\Roaming\Composer` on Windows
2018-10-31 17:13:39 +00:00
and `/Users/<user>/.composer` on macOS. On \*nix systems that follow the [XDG Base
2017-12-29 10:33:19 +00:00
Directory Specifications](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html),
it points to `$XDG_CONFIG_HOME/composer`. On other \*nix systems, it points to
`/home/<user>/.composer`.
2012-04-26 15:24:31 +00:00
#### COMPOSER_HOME/config.json
You may put a `config.json` file into the location which `COMPOSER_HOME` points
to. Composer will merge this configuration with your project's `composer.json`
when you run the `install` and `update` commands.
2015-06-22 12:18:49 +00:00
This file allows you to set [repositories](05-repositories.md) and
[configuration](06-config.md) for the user's projects.
In case global configuration matches _local_ configuration, the _local_
configuration in the project's `composer.json` always wins.
### COMPOSER_HTACCESS_PROTECT
2013-08-13 13:19:08 +00:00
Defaults to `1`. If set to `0`, Composer will not create `.htaccess` files in the
composer home, cache, and data directories.
2013-08-13 13:19:08 +00:00
### COMPOSER_MEMORY_LIMIT
If set, the value is used as php's memory_limit.
### COMPOSER_MIRROR_PATH_REPOS
If set to 1, this env changes the default path repository strategy to `mirror` instead
of `symlink`. As it is the default strategy being set it can still be overwritten by
repository options.
### COMPOSER_NO_INTERACTION
If set to 1, this env var will make Composer behave as if you passed the
`--no-interaction` flag to every command. This can be set on build boxes/CI.
2013-08-13 13:19:08 +00:00
2012-04-26 15:24:31 +00:00
### COMPOSER_PROCESS_TIMEOUT
This env var controls the time Composer waits for commands (such as git
2012-04-26 16:59:09 +00:00
commands) to finish executing. The default value is 300 seconds (5 minutes).
2012-04-26 15:24:31 +00:00
### COMPOSER_ROOT_VERSION
2014-03-02 18:24:03 +00:00
By setting this var you can specify the version of the root package, if it
cannot be guessed from VCS info and is not present in `composer.json`.
### COMPOSER_VENDOR_DIR
By setting this var you can make Composer install the dependencies into a
directory other than `vendor`.
### http_proxy or HTTP_PROXY
If you are using Composer from behind an HTTP proxy, you can use the standard
`http_proxy` or `HTTP_PROXY` env vars. Set it to the URL of your proxy.
Many operating systems already set this variable for you.
Using `http_proxy` (lowercased) or even defining both might be preferable since
some tools like git or curl will only use the lower-cased `http_proxy` version.
Alternatively you can also define the git proxy using
`git config --global http.proxy <proxy url>`.
If you are using Composer in a non-CLI context (i.e. integration into a CMS or
similar use case), and need to support proxies, please provide the `CGI_HTTP_PROXY`
environment variable instead. See [httpoxy.org](https://httpoxy.org/) for further
details.
### COMPOSER_MAX_PARALLEL_HTTP
Set to an integer to configure how many files can be downloaded in parallel. This
defaults to 12 and must be between 1 and 50. If your proxy has issues with
concurrency maybe you want to lower this. Increasing it should generally not result
in performance gains.
### HTTP_PROXY_REQUEST_FULLURI
If you use a proxy, but it does not support the request_fulluri flag, then you
should set this env var to `false` or `0` to prevent Composer from setting the
request_fulluri option.
### HTTPS_PROXY_REQUEST_FULLURI
If you use a proxy, but it does not support the request_fulluri flag for HTTPS
requests, then you should set this env var to `false` or `0` to prevent Composer
from setting the request_fulluri option.
### COMPOSER_SELF_UPDATE_TARGET
If set, makes the self-update command write the new Composer phar file into that path instead of overwriting itself. Useful for updating Composer on read-only filesystem.
### no_proxy or NO_PROXY
If you are behind a proxy and would like to disable it for certain domains, you
can use the `no_proxy` or `NO_PROXY` env var. Set it to a comma separated list of
domains the proxy should *not* be used for.
The env var accepts domains, IP addresses, and IP address blocks in CIDR
notation. You can restrict the filter to a particular port (e.g. `:80`). You
can also set it to `*` to ignore the proxy for all HTTP requests.
### COMPOSER_DISABLE_NETWORK
If set to `1`, disables network access (best effort). This can be used for debugging or
to run Composer on a plane or a starship with poor connectivity.
If set to `prime`, GitHub VCS repositories will prime the cache, so it can then be used
fully offline with `1`.
### COMPOSER_DEBUG_EVENTS
If set to `1`, outputs information about events being dispatched, which can be
useful for plugin authors to identify what is firing when exactly.
&larr; [Libraries](02-libraries.md) | [Schema](04-schema.md) &rarr;