Sunday, November 5, 2017

Install the latest version of a composer programmatically

If you need to install the latest version of a composer you can use next bash snippet:
EXPECTED_SIGNATURE=$(wget -q -O - && \
php -r "copy('', 'composer-setup.php');" && \
php -r "if (hash_file('SHA384', 'composer-setup.php') === '${EXPECTED_SIGNATURE}') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" && \
php composer-setup.php && \
php -r "unlink('composer-setup.php');" && \
mv composer.phar /usr/local/bin/composer
Using EXPECTED_SIGNATURE variable with the latest available signature value you don't have to hardcode a specific one for comparison on 3rd line.


  1. Hey, could you please let me know the difference between this and running 'composer install' ?

    1. Hi, Hamza.

      Before running `composer install` you have to actually install a `composer`.

      `composer install` downloads all dependencies from your `composer.json` file.