使用 Composer 的开发/生产切换时如何正确部署?

What's the correct way to deploy this without installing the -dev dependencies ?

_{注意:我试图在这里创建一个规范的问答来澄清奇怪的 Composer 部署.随意编辑这个问题.}

推荐答案

为什么

恕我直言，现在 Composer 将默认使用 --dev 标志(在安装 和 更新时)是有充分理由的.Composer 主要在需要这种行为的场景中运行:

There is IMHO a good reason why Composer will use the --dev flag by default (on install and update) nowadays. Composer is mostly run in scenario's where this is desired behavior:

基本的 Composer 工作流程如下:

The basic Composer workflow is as follows:

• 启动一个新项目:composer.phar install --dev，将json和lock文件提交给VCS.
• 其他开发人员开始参与该项目:签出 VCS 和 composer.phar install --dev.
• 开发者添加依赖:composer.phar require ，如果你想要require-dev中的包，添加--dev代码>部分(并提交).
• 其他人继续:(结帐和)composer.phar install --dev.
• 开发人员想要更新版本的依赖项:composer.phar update --dev (并提交).
• 其他人继续:(结帐和)composer.phar install --dev.
• 项目已部署:composer.phar install --no-dev

• A new project is started: composer.phar install --dev, json and lock files are commited to VCS.
• Other developers start working on the project: checkout of VCS and composer.phar install --dev.
• A developer adds dependancies: composer.phar require <package>, add --dev if you want the package in the require-dev section (and commit).
• Others go along: (checkout and) composer.phar install --dev.
• A developer wants newer versions of dependencies: composer.phar update --dev <package> (and commit).
• Others go along: (checkout and) composer.phar install --dev.
• Project is deployed: composer.phar install --no-dev

如您所见，--dev 标志的使用(远)多于 --no-dev 标志，尤其是当开发人员的数量较多时项目成长.

As you can see the --dev flag is used (far) more than the --no-dev flag, especially when the number of developers working on the project grows.

生产部署

在不安装dev"的情况下部署它的正确方法是什么?依赖?

What's the correct way to deploy this without installing the "dev" dependencies?

好吧，composer.json 和 composer.lock 文件应该提交给 VCS.不要省略 composer.lock，因为它包含有关应该使用的包版本的重要信息.

Well, the composer.json and composer.lock file should be committed to VCS. Don't omit composer.lock because it contains important information on package-versions that should be used.

在执行生产部署时，您可以将 --no-dev 标志传递给 Composer:

When performing a production deploy, you can pass the --no-dev flag to Composer:

composer.phar install --no-dev

composer.lock 文件可能包含有关开发包的信息.这没关系.--no-dev 标志将确保未安装这些开发包.

The composer.lock file might contain information about dev-packages. This doesn't matter. The --no-dev flag will make sure those dev-packages are not installed.

当我说生产部署"时，我指的是旨在用于生产的部署.我不是在争论 composer.phar install 是否应该在生产服务器上完成，或者在可以审查事情的临时服务器上完成.这不是这个答案的范围.我只是指出如何在不安装dev"的情况下composer.phar install依赖.

When I say "production deploy", I mean a deploy that's aimed at being used in production. I'm not arguing whether a composer.phar install should be done on a production server, or on a staging server where things can be reviewed. That is not the scope of this answer. I'm merely pointing out how to composer.phar install without installing "dev" dependencies.

离题

--optimize-autoloader 标志在生产环境中也可能是可取的(它会生成一个类映射来加速应用程序的自动加载):

The --optimize-autoloader flag might also be desirable on production (it generates a class-map which will speed up autoloading in your application):

composer.phar install --no-dev --optimize-autoloader

或者在自动部署完成后:

Or when automated deployment is done:

composer.phar install --no-ansi --no-dev --no-interaction --no-plugins --no-progress --no-scripts --optimize-autoloader

如果您的代码库支持它，您可以将 --optimize-autoloader 换成 --classmap-authoritative.更多信息这里

If your codebase supports it, you could swap out --optimize-autoloader for --classmap-authoritative. More info here

这篇关于使用 Composer 的开发/生产切换时如何正确部署?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持跟版网！