ccmbenchmark / composer-helper
That tool allows you to check dependencies and versions across all your project.
This package's canonical repository appears to be gone and the package has been frozen as a result.
Requires
- composer/composer: 1.0.*@dev
- symfony/filesystem: ^2.6
This package is auto-updated.
Last update: 2019-11-14 16:31:13 UTC
README
The main purpose of this project is to help you to handle your composer usage.
It can be used on a per-project basis, allowing you to check one project from command line. It can also be used to handle multiple projects and see results from a simple web interface.
Screenshots
Web view
Cli usage
Usage
Per-project
In a per-project usage, you just need to checkout this repo where you want and, then, launch this command line :
./bin/composer_helper check /var/www/myproject --no-export -s http://mysatisproxy.com
This will take any folders under /var/www, which have a composer.json file and apply rules.
Global usage
The global usage have 2 possibilities. You can just use the previous command line and give it all the folders you wanna check. Or you can export results in a more convenient way, with a little web app. This is how to do the last option.
- Checkout this project in a path your webserver can use (i.e: /var/www/composer_helper).
- Make sure both your user and your webserver can edit the "health.json" file.
- Run this command :
`
./bin/composer_helper check /var/www/* -s http://mysatisproxy.com --quiet`
- Go to http://localhost/composer_helper/web/ (or whatever your host is) and see results.
To go further, you'll obviously wanna create a cronjob and a vhost. Feel free to do so, it'll be easier to work with that tool.
Rules applied
Proxy
In this project we assume you have a satis proxy configured. Satis helps you to maintain private projects and be able to deploy your app when github or bitbucket are offline.
So one of the rule checks that every projects you use is in your satis proxy with the correct version.
You can also provide an internal vendor option (i.e: ccmbenchmark). When doing so, it'll check that for all packages from this particular vendor, you use the very last version. It will help you to keep hidden technical debt low.
Lock file
One of the rule checks that your lock file is up-to-date.
Stability
This project checks that you use only stable packages, as recommended in a production environment.
Validate
One of the rule just does a "composer validate" over every project to be sure there is no errors.