Composer command line interface and commands (Part 6)


This is the sixth part of the Composer command line interface and commands.

#dump-autoload (dumpautoload)

If you need to update the autoloader because of new classes in a classmap package for example, you can use dump-autoload to do that without having to go through an install or update.

Additionally, it can dump an optimized autoloader that converts PSR-0/4 packages into classmap ones for performance reasons. In large applications with many classes, the autoloader can take up a substantial portion of every request's time. Using classmaps for everything is less convenient in development, but using this option you can still use PSR-0/4 for convenience and classmaps for performance.


  • --no-scripts: Skips the execution of all scripts defined in composer.json file.
  • --optimize (-o): Convert PSR-0/4 autoloading to classmap to get a faster autoloader. This is recommended especially for production, but can take a bit of time to run so it is currently not done by default.
  • --classmap-authoritative (-a): Autoload classes from the classmap only. Implicitly enables --optimize.
  • --apcu: Use APCu to cache found/not-found classes.
  • --no-dev: Disables autoload-dev rules.

clear-cache (clearcache)#

Deletes all content from Composer's cache directories.


Lists the name, version and license of every package installed. Use --format=json to get machine readable output.


  • --format: Format of the output: text or json (default: "text")
  • --no-dev: Remove dev dependencies from the output



  • --timeout: Set the script timeout in seconds, or 0 for no timeout.
  • --dev: Sets the dev mode.
  • --no-dev: Disable dev mode.
  • --list (-l): List user defined scripts.

To run scripts manually you can use this command, give it the script name and optionally any required arguments.


Executes a vendored binary/script. You can execute any command and this will ensure that the Composer bin-dir is pushed on your PATH before the command runs.


  • --list (-l): List the available composer binaries.


If you think you found a bug, or something is behaving strangely, you might want to run the diagnose command to perform automated checks for many common problems.

php composer.phar diagnose


This command is used to generate a zip/tar archive for a given package in a given version. It can also be used to archive your entire project without excluded/ignored files.

php composer.phar archive vendor/package 2.0.21 --format=zip


  • --format (-f): Format of the resulting archive: tar or zip (default: "tar")
  • --dir: Write the archive to this directory (default: ".")
  • --file: Write the archive with the given file name.


To get more information about a certain command, you can use help.

php composer.phar help install


Command-line completion#

Command-line completion can be enabled by following instructions on this page.

Environment variables#

You can set a number of environment variables that override certain settings. Whenever possible it is recommended to specify these settings in the config section of composer.json instead. It is worth noting that the env vars will always take precedence over the values specified in composer.json.


By setting the COMPOSER env variable it is possible to set the filename of composer.json to something else.

For example:

COMPOSER=composer-other.json php composer.phar install

The generated lock file will use the same name: composer-other.lock in this example.


If set to 1, this env disables the warning about running commands as root/super user. It also disables automatic clearing of sudo sessions, so you should really only set this if you use Composer as super user at all times like in docker containers.


The COMPOSER_AUTH var allows you to set up authentication as an environment variable. The contents of the variable should be a JSON formatted object containing http-basic, github-oauth, bitbucket-oauth, ... objects as needed, and following the spec from the config.


By setting this option you can change the bin (Vendor Binaries) directory to something other than vendor/bin.


The COMPOSER_CACHE_DIR var allows you to change the Composer cache directory, which is also configurable via the cache-dir option.

By default it points to $COMPOSER_HOME/cache on *nix and macOS, and C:\Users\<user>\AppData\Local\Composer (or %LOCALAPPDATA%/Composer) on Windows.


By setting this environmental value, you can set a path to a certificate bundle file to be used during SSL/TLS peer verification.


This env var controls the discard-changes config option.


The COMPOSER_HOME var allows you to change the Composer home directory. This is a hidden, global (per-user on the machine) directory that is shared between all projects.

By default it points to C:\Users\<user>\AppData\Roaming\Composer on Windows and /Users/<user>/.composer on macOS. On *nix systems that follow the XDG Base Directory Specifications, it points to $XDG_CONFIG_HOME/composer. On other *nix systems, it points to /home/<user>/.composer.


You may put a config.json file into the location which COMPOSER_HOME points to. Composer will merge this configuration with your project's composer.json when you run the install and update commands.

This file allows you to set repositories and configuration for the user's projects.

In case global configuration matches local configuration, the local configuration in the project's composer.json always wins.


Defaults to 1. If set to 0, Composer will not create .htaccess files in the composer home, cache, and data directories.


If set, the value is used as PHP's memory_limit.


If set to 1, this env changes the default path repository strategy to mirror instead of symlink. As it is the default strategy being set it can still be overwritten by repository options.


If set to 1, this env var will make Composer behave as if you passed the --no-interaction flag to every command. This can be set on build boxes/CI.


This env var controls the time Composer waits for commands (such as git commands) to finish executing. The default value is 300 seconds (5 minutes).


By setting this var you can specify the version of the root package, if it can not be guessed from VCS info and is not present in composer.json.


By setting this var you can make Composer install the dependencies into a directory other than vendor.

http_proxy or HTTP_PROXY#

If you are using Composer from behind an HTTP proxy, you can use the standard http_proxy or HTTP_PROXY env vars. Simply set it to the URL of your proxy. Many operating systems already set this variable for you.

Using http_proxy (lowercased) or even defining both might be preferable since some tools like git or curl will only use the lower-cased http_proxy version. Alternatively you can also define the git proxy using git config --global http.proxy <proxy url>.

If you are using Composer in a non-CLI context (i.e. integration into a CMS or similar use case), and need to support proxies, please provide the CGI_HTTP_PROXY environment variable instead. See httpoxy.org for further details.


If you use a proxy but it does not support the request_fulluri flag, then you should set this env var to false or 0 to prevent Composer from setting the request_fulluri option.


If you use a proxy but it does not support the request_fulluri flag for HTTPS requests, then you should set this env var to false or 0 to prevent Composer from setting the request_fulluri option.

no_proxy or NO_PROXY#

If you are behind a proxy and would like to disable it for certain domains, you can use the no_proxy or NO_PROXY env var. Simply set it to a comma separated list of domains the proxy should not be used for.

The env var accepts domains, IP addresses, and IP address blocks in CIDR notation. You can restrict the filter to a particular port (e.g. :80). You can also set it to * to ignore the proxy for all HTTP requests.

Previous: Composer command line interface and commands (part 5)
Next: Composer configurations and its community

Follow us on Facebook and Twitter for latest update.