← 返回命令列表

Linux command

composer-require-checker 命令

文本

复制后可按需替换文件名、目录或参数。

常用示例

Check for missing composer requirements

composer-require-checker check

Check specific composer.json

composer-require-checker check [/path/to/composer.json]

Output in JSON format

composer-require-checker check --output=json

说明

composer-require-checker is a static analysis tool that scans PHP codebases to identify symbols (classes, functions, constants) that are used in the code but not explicitly declared as dependencies in composer.json. It helps prevent the common problem of transitive dependencies where Package A requires Package B, and your code uses Package B without explicitly declaring it, creating a fragile dependency graph. The tool performs symbol table analysis across the entire codebase, cross-referencing discovered symbols against the declared require and require-dev sections in composer.json. When undeclared dependencies are found, it reports which symbols are missing and from which packages they originate, allowing developers to add proper dependency declarations. This is particularly important for library maintainers who need to ensure their packages can be installed independently without relying on implicit dependencies. It prevents "works on my machine" scenarios where a dependency happens to be available through another package locally but fails in different environments or when dependency versions change.

参数

--output _format_
Output format: text, json.
--config-file _file_
Path to configuration file. Default: composer-require-checker.json if present.
--composer-vendor-dir _dir_
Path to Composer vendor directory. Default: ./vendor.
--exclude _path_
Exclude files or directories from analysis. Can be used multiple times.
--dump-configuration
Dump the default configuration to stdout.
-v, --verbose
Increase verbosity. Use -vv or -vvv for more detail.

FAQ

What is the composer-require-checker command used for?

composer-require-checker is a static analysis tool that scans PHP codebases to identify symbols (classes, functions, constants) that are used in the code but not explicitly declared as dependencies in composer.json. It helps prevent the common problem of transitive dependencies where Package A requires Package B, and your code uses Package B without explicitly declaring it, creating a fragile dependency graph. The tool performs symbol table analysis across the entire codebase, cross-referencing discovered symbols against the declared require and require-dev sections in composer.json. When undeclared dependencies are found, it reports which symbols are missing and from which packages they originate, allowing developers to add proper dependency declarations. This is particularly important for library maintainers who need to ensure their packages can be installed independently without relying on implicit dependencies. It prevents "works on my machine" scenarios where a dependency happens to be available through another package locally but fails in different environments or when dependency versions change.

How do I run a basic composer-require-checker example?

Run `composer-require-checker check` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does --output _format_ do in composer-require-checker?

Output format: text, json.