amik
amik

Reputation: 5919

Composer dependency for specified PHP version

is it possible to tell composer to install a dependency only when using specified PHP versions?

Reason: my library uses password_hash function, which is available in 5.5+, and there is a compatibility library ircmaxell/password-compat for PHP 5.4. However installing this library on PHP 5.5+ is completely pointless. So, Is it possible to tell composer to install ircmaxell/password-compat only when running on versions <5.5?

Short story to make the question more clear - I want to tell composer to:

IF php version < 5.5:
    install ircmaxell/password-compat
ELSE:
    skip ircmaxell/password-compat

Thanks in advance.

P.S. Please posts only direct answers how to do this, not any workarounds or suggestions to drop 5.4 support. I can also come up with them, I am looking for the smart solution here :)

Upvotes: 6

Views: 1694

Answers (2)

Estus Flask
Estus Flask

Reputation: 223104

Yes, it is possible.

Consider having one branch, e.g. 1.x for legacy php versions, like

{
    "name": "some/library",
    "version": "1.0.0",
    "require": {
        "ircmaxell/password-compat": "*"
    }
}

and 2.x branch for 5.5+

{
    "name": "some/library",
    "version": "2.0.0",
    "require": {
        "php": ">=5.5"
    }
}

This way loose version requirements, i.e. some/library:* will resolve to appropriate versions.

Another way is to instruct the users to add

"replace": {
    "ircmaxell/password-compat": "*"
}

by themselves if needed.

Note that some users (including myself) can change their php interpreter on the fly and won't be too happy to debug this kind of automagical issues.

Upvotes: 2

Evert
Evert

Reputation: 99816

The short answer is "It's not possible".

The dependency is not a massive one. Why not simply let it install anyway? If you are on PHP 5.5 the built-in password functions will still be used.

You could also make password-compat an optional dependency (suggests). The issue then is that it's up to the maintainer to install it alongside your application.

Lastly, you could make a secondary, virtual package. Say your package is called 'Acme', It would be possible to create a secondary 'Acme-php54' package that depends on both password_compat and your main project. This keeps the dependency outside of your project, but I would argue that the simplest is to just always install it as long as you intend to support PHP 5.4, and just drop PHP 5.4 in a little while when it EOLs.

Upvotes: 3

Related Questions