We build our projects on the shoulders of giants---using third-party dependencies. But how well do we know them; what risks do they pose? Learn how to assess and minimize these risks and how to manage dependencies effectively. This talk covers a broad range of dependency management subjects, from assessing and minimizing risk to your business from BC breaks or failing external APIs, all the way to hands-on tips for working with Composer in the real world---e.g., how to solve composer.lock merge conflicts when other team members modified the file.


Comments are closed.

Chuck Burgess at 16:35 on 31 May 2018

Good points to consider, especially around risks.

Anonymous at 16:39 on 31 May 2018

Very informative, thanks

Framing dependency management in the context of risk analysis is not how I traditionally think about Composer. Thank you for this perspective and the tips you provided.

Some excellent insights into both technical and business risks, and good advice on how to mitigate. It's almost as if Composer + Packagist are Nils' bread & butter or something!

Dave Liddament at 17:31 on 4 Jun 2018

Lots of useful little tips; we'll be changing how we comment composer updates off the back of this talk.