Installing dependencies

Most of the time when you clone a project all of the dependencies are already configured in the composer.json file.

For the project to function properly you will need to execute a composer command that installs the required dependencies. For development environments that can be done as follows:

First cd to the directory containing the composer.json file and execute the command below:

$ composer install

This will take care of installing all dependencies the project needs.

To install the dependencies on a production environment you can execute the following command:

$ composer install --no-dev

This will install only the dependencies listed in the "require" section of the composer.json file.

Composer will by default pick the latest version that matches the version constraint listed in the composer.json file. Once installed composer generates a file called composer.lock .

The lock file lists the dependencies and the exact versions that are installed. When you run the composer "install" command and the composer.lock file is present it will use the exact versions in the composer.lock file for the dependencies. That is very important because it guarantees for example that all developers are using the exact same version of the dependencies and the production environment also uses that exact version.

If different environments use slightly different versions of the dependencies than the chance that a feature works perfectly on a local environment, but not on a production environment increases. It goes without saying that we should always try to avoid that situation.