Composer is the standard package manager for PHP and essential for any Laravel project. Via SSH, you can execute Composer commands directly on your hosting to install, update, and manage packages. In this guide, you will learn everything about effectively using Composer via SSH for your Laravel applications.

What is Composer and why do you need it?

Composer is a dependency manager that automatically manages all the necessary PHP libraries for your project. It keeps track of which packages you need and installs them in the correct versions. Laravel itself is also installed and updated via Composer. This makes Composer an essential tool for every Laravel developer.

The main benefits of Composer:

  • Automatic management of all your project dependencies, meaning you don't have to worry about manually keeping track of versions.
  • Version control so that packages remain compatible, making your project more stable and reliable.
  • Easy updating of libraries with a command, saving you time and effort.
  • Autoloading of PHP classes without manual includes, making your code cleaner and easier to maintain.
  • Access to thousands of packages via Packagist.org, allowing you to quickly add functionality to your project.

Activating SSH access for your hosting

Before you can use Composer, you need SSH access. At Theory7, you can easily activate this via DirectAdmin under the SSH options. After activation, connect with an SSH client. This is a crucial step, as SSH allows you to securely and efficiently execute commands on your server.

On Windows, use PuTTY; on Mac or Linux, use the built-in Terminal:

ssh username@yourdomain.nl

Don't forget to adjust your username and domain name. Once connected, you have access to your server's command line, where you can use Composer.

Checking Composer availability

On Theory7 hosting, Composer is usually already installed. Check this with:

composer --version

You will see the installed version. If Composer is not available, install it locally in your home directory. This can usually be done by executing a few simple commands, depending on your server configuration.

Essential Composer commands for Laravel

Installing dependencies

After cloning a Laravel project, install all packages:

composer install

For production environments, use extra flags for better performance:

composer install --no-dev --optimize-autoloader

Using the --no-dev flag ensures that only the necessary packages for production are installed, which can improve your application's load time.

Adding new packages

Add a package to your project:

composer require vendor/package-name

For example, if you want to add laravel/sanctum for API authentication, use:

composer require laravel/sanctum

Updating packages

Update all packages to the latest compatible versions:

composer update

This command is useful to ensure you always have the latest security updates and features. However, keep in mind that this can also lead to compatibility issues, so always test your application after an update.

Regenerating the autoloader

After manual changes in your classmap:

composer dump-autoload

This is especially useful if you have added new classes or moved existing classes.

Some commonly used packages that you install via Composer:

  • laravel/sanctum - API authentication tokens, ideal for SPAs and mobile applications.
  • spatie/laravel-permission - Roles and permissions system, helping you effectively manage user rights.
  • intervention/image - Image editing and resizing, a must-have for any application that works with media.
  • barryvdh/laravel-debugbar - Debug information during development, helping you quickly identify issues.
  • laravel/horizon - Queue monitoring dashboard, ideal for managing your background tasks.

Troubleshooting common issues

Memory limit errors

For large projects, Composer may run into memory limits. Temporarily increase the limit:

COMPOSER_MEMORY_LIMIT=-1 composer install

This command sets the memory limit to unlimited, which can be useful for large installations or updates.

Timeout with large packages

Increase the timeout for slow downloads:

composer config --global process-timeout 600

This can help if you are working with a slow internet connection or if the server is responding slowly.

Cache issues

Clear the Composer cache when encountering strange errors:

composer clear-cache

This can help resolve issues arising from outdated or corrupted cache files.

Best practices for Composer

  • Always commit composer.lock to your Git repository. This ensures that everyone on your team uses the same versions, preventing compatibility issues.
  • Use install in production, never update. This prevents unexpected breaks due to new versions.
  • Regularly check for updates with composer outdated. This helps keep your project up to date.
  • Specify version constraints in composer.json. This ensures that you don't accidentally upgrade to an incompatible version.
  • Use the --no-dev flag on production servers. This reduces load and increases security.

composer.json vs composer.lock

The difference between these two files is important:

  • composer.json - Defines which packages you want and which version ranges are acceptable. This file is the basis for your project configuration.
  • composer.lock - Contains the exact versions that are installed. This file ensures that your project remains consistent, regardless of where it is installed.

By committing composer.lock, you ensure that everyone on your team uses the same versions, which is crucial for collaboration and project consistency.

With this knowledge, you can efficiently manage all packages for your Laravel projects via SSH. Need help with your Laravel hosting? The team at Theory7 is ready to assist you with all your questions and challenges.