You may encounter issues when developing Adobe Commerce modules with Composer. These best practices describe some common tasks to make development easier and help you quickly resolve issues.
These guidelines apply primarily to global reference architecture (GRA) projects.
Install https://github.com/hirak/prestissimo to speed up Composer with asynchronous package downloads.
composer global require hirak/prestissimo
If you encounter problems, uninstall
composer global remove hirak/prestissimo
Composer sometimes gets deadlocked with package versions. You may see messages about versions that are incompatible even if they are not. Before debugging compatibility issues, try resetting Composer:
Clear the Composer cache.
composer.lock file for all packages.
rm -rf vendor/* composer.lock
Reinstall the Composer packages.
These steps update all packages to the latest available version. Revert the
composer.lock file from Git to undo these upgrades.
Find out which packages might be outdated.
Filter using wildcards and/or the
--minor-only option to skip backward-incompatible upgrades:
composer outdated 'magento/*'
composer outdated --minor-only 'magento/*'
View details about all installed packages on a Git branch.
composer install after switching Git branches and before running
composer info. Otherwise, Composer shows details about the previous branch that you had checked out.
To filter or search, use one of the following commands.
composer info '*magento*'
composer info | grep magento
Sometimes, Composer installs the latest available version of a package because of a strict dependency in another package.
Find out if there is a strict dependency in another package.
composer why client/module-example
If the results show a list of metapackages or another package that is not explicitly required, run the command on that package:
composer why example/metapackage
Sometimes, Composer does not install a package because it conflicts with another package, another package replaces it, or you haven’t defined it is as a dependency.
Find out why a package is not installed.
composer why-not client/module-example
Private Packagist is secure, costs around $600 USD per year with three admin users and is hosted.
JFrog Artifactory starts at $1,176 USD per year. It is not as commonly used as Packagist, but it supports more languages than PHP.
Satis has no built-in security, no automation, and requires additional hosting. It is only free if your time is also free.
For Adobe Commerce module dependencies, follow the module version dependencies documentation.
Do not use the version definition inside the
composer.json file. Instead, use Git tags for versions. See Composer Versions and constraints.
Create a Git repository for modules in an archive and host them yourself. Every Adobe Commerce module has a
composer.json file. After you host it in Git and synchronize it with Private Packagist, you can install it with Composer.
When you receive a new version of the package, upload the code to Git, tag it, and install the new version with Composer.