Getting Started

Define Your Dependencies

Put a file named composer.json at the root of your project, containing your project dependencies:

{
    "require": {
        "vendor/package": "1.3.2",
        "vendor/package2": "1.*",
        "vendor/package3": "^2.0.3"
    }
}

For more information about packages versions usage, see the composer documentation.

Install Composer In Your Project

Run this in your command line:

curl -sS https://getcomposer.org/installer | php

Or download composer.phar into your project root.

See the Composer documentation for complete installation instructions on various platforms.

Install Dependencies

Execute this in your project root.

php composer.phar install

Autoload Dependencies

If your packages specify autoloading information, you can autoload all the dependencies by adding this to your code:

require 'vendor/autoload.php';

Browse the packages we have to find more great libraries you can use in your project.

Publishing Packages

Define Your Package

Put a file named composer.json at the root of your package's repository, containing this information:

{
    "name": "your-vendor-name/package-name",
    "description": "A short description of what your package does",
    "require": {
        "php": ">=8.2",
        "another-vendor/package": "1.*"
    }
}

This is the strictly minimal information you have to give.

For more details about package naming and the fields you can use to document your package better, see the about page.

Validate The File

Run composer validate to check that your file has no syntax errors.

Commit The File

Add the composer.json to your git or other VCS repository and commit it.

Publish It

Log in or register on this site, then hit the submit button in the menu.

Once you entered your public repository URL in there, your package will be automatically crawled periodically. You just have to make sure you keep the composer.json file up to date.

Sharing Private Code

Use Private Packagist if you want to share private code as a Composer package with colleagues or customers without publishing it for everyone on Packagist.org. Private Packagist allows you to manage your own private Composer repository with per-user authentication, team management and integration in version control systems.

Latest News

Strengthening PHP Supply Chain Security with a Transparency Log for Packagist.org - Nov 14, 2025

The release of Composer 2.9 this week introduced new security features on the Composer CLI client, which were funded by Private Packagist through service subscriptions. But in parallel, we are working...

Composer 2.9 Release - Nov 13, 2025

We are pleased to announce the release of Composer 2.9.0, bringing improvements to security, repository management from the CLI, and lots more. Automatic Security Blocking Composer now automatically b...

A Call for Sustainable Open Source Infrastructure - Sep 23, 2025

Today, we joined other major package registries in signing an important joint statement on sustainable stewardship of open source infrastructure. Together with Maven Central, PyPI, crates.io, Open VSX...

Packagist.org shutdown of Composer 1.x support postponed to September 1st, 2025 - Jul 03, 2025

With the deadline drawing near, we’d like to remind you that we are discontinuing Composer 1.x support on Packagist.org soon. We're extending our original timeline by one month to give teams additiona...

Discover Security Advisories with Composer’s audit command - Oct 09, 2024

Did you know that October is Cyber Security Awareness month, and that this year already marks its 21st anniversary? This collaborative effort between government and industry aims to raise awareness of...