A CLI tool to analyze composer dependencies and verify that no unknown symbols are used in the sources of a package.
This will prevent you from using "soft" dependencies that are not defined within your
composer.json require section.
Installation / Usage
Composer require checker is not supposed to be installed as part of your project dependencies.
PHAR file [preferred]
Please check the releases for available phar files. Download the latest release and and run it like this:
php composer-require-checker.phar check /path/to/your/project/composer.json
If you already use PHIVE to install and manage your project’s tooling, then you should be able to simply install ComposerRequireChecker like this:
phive install composer-require-checker
Composer - global command
This package can be easily globally installed by using Composer:
composer global require maglnet/composer-require-checker
If you haven't already setup you composer installation to support global requirements, please refer to the Composer cli - global If this is already done, run it like this:
composer-require-checker check /path/to/your/project/composer.json
Composer require checker is configured to whitelist some symbols per default. Have a look at the config file example to see which configuration options are available.
You can now adjust this file, as needed, and tell composer-require-checker to use it for it's configuration.
bin/composer-require-checker check --config-file=path/to/config.json /path/to/your/project/composer.json
Scan Additional Files
To scan files, that are not part of your autoload definition you may add glob patterns to the config file's
The following example would also scan the file
bin/console and all files with
.php extension within your
"scan-files" : ["bin/console", "bin/*.php"]
This package is made available under the MIT LICENSE.