What if…

…you could run composer update on a web server or an embedded system that does not provide enough RAM?

Meet the Composer Resolver Cloud!

The Composer Resolver Cloud allows you to offload the memory intensive task of dependency resolving into the cloud. Simply put, you send it a composer.json along with some information about your platform and it will try to resolve the dependencies and provide you with the resulting composer.lock once it's done. You can then use the resulting composer.lock to run composer install on your local machine which will download all the packages.

Basic workflow

You send a POST request to the /jobs endpoint from which you'll get a JSON response containing all the necessary information about the job, most importantly the jobId. Using the jobId you can then continue to monitor the status of your job and fetch the resulting composer.lock once it's been processed.

Of course, during the resolving process you can get the Composer CLI output to constantly see what's happening.

You can even pass along arguments (to e.g. only update one package) and options (such as --with-dependencies etc.) as you would on command line.

Checkout the OpenApi Spec for all the endpoints and configuration options.

The client context

All of the interactions with the API must happen within a «client context» so whenever you send a request, you are required to pass the Composer-Resolver-Client header containing your «client key». The Composer Resolver Cloud API itself is not protected using any authentication but instead requires certain packages to be present in the "require" section of your provided composer.json. These requirements as well as the available resources (e.g. number of workers, maximum of jobs accepted on the queue etc.) are tied to the «client key». There's a free «public» client which you may use to test your integration against. Get in touch once you want to get serious about it and integrate it with your application so you can get your own «client key».

You can find all available client contexts on the statistics page.

Working with local packages

If you have local packages (such as packages from path or artifact repositories), you have to tell the Composer Resolver Cloud how to deal with those, meaning you have to provide all the composer.json files of the local packages including their dist information. You can pass all these additional information along to the Cloud using the localPackages key like so:


{
    "localPackages": [{
        "name": "vendor/package-one",
        "version": "1.0.0",
        "dist": {
            "type": "zip",
            "url": "artifact-repository/package-one.zip",
            "reference": null,
            "shasum": "51dc8572ccb2a47d9cdc4b4ba989eade442014e1"
        }
    }, {
        "name": "vendor/package-three",
        "version": "1.0.0",
        "dist": {
            "type": "path",
            "url": "path-repository",
            "reference": "07c937be2f4089ad1d5b7f5e22d7530dcf787e52",
            "shasum": null
        }
    }, {
        "name": "vendor/package-two",
        "version": "1.0.0",
        "dist": {
            "type": "zip",
            "url": "artifact-repository/package-two.zip",
            "reference": null,
            "shasum": "2d326a58462b38d0094173aef06c67f830fbeb11"
        }
    }]
}