Get Composer to suggest dev packages to require-dev

Published On31 Aug 2023

Get Composer to suggest dev packages to require-dev

Composer 2.4 added a feature that the composer require command prompts to install the package with --dev flag if the package being installed is meant to be used as a developer tool.

When the --dev flag is passed, the package is installed under require-dev section in the composer.json file, and other Composer commands (such as composer update, install, dump-autoload, etc can optionally skip require-dev dependencies.


Composer require dev tools prompt
When attempting to install PHPUnit, Composer automatically prompts to install it with the --dev flag


Composer inspects the keywords section of the composer.json file being installed, and if it contains dev, testing, or static analysis as keywords, Composer prompts the user to install it with --dev flag if it is not passed.

The prompt contains the reason why the package was determined to be a dev dependency:

The package you required is recommended to be placed in require-dev (because it is tagged as "testing") but you did not use --dev.

This feature is skipped if Composer is run in a non-interactive environment (such as CI builds or when --no-interaction flag is passed).

How to make Composer prompt --dev flag on your packages

If you publish a developer tool (such as testing tools, data fixture tools, debugging tools, etc.), you can make use of this feature so Composer interactively prompts the user to install them under require-dev section in case the user forgets to use the --dev flag.

To do this, add one of the following keywords to the keywords section of the package's composer.json file.


Keywords Composer uses to recommend a package as a dev dependency:

  • dev
  • testing
  • static analysis

Update the composer.json file, and add one of the keywords above to the keywords section:

  "name": "you/your-dev-tool",
+ "keywords": ["dev"],
  "type": "library",

The keyword only needs to be present in the default branch, and not necessarily in all branches and tags.

Recent Articles on PHP.Watch

All ArticlesFeed 
AEGIS Encryption with PHP Sodium Extension

AEGIS Encryption with PHP Sodium Extension

The Sodium extension in PHP 8.4 now supports AEGIS-128L and AEGIS256 Authenticated Encryption ciphers. They are significantly faster than AES-GCM and CHACHA20-POLY1305. This article benchmarks them and explains how to securely encrypt and decrypt data using AEGIS-128L and AEGIS256 on PHP.
How to Install/Upgrade PHP 8.3 on MacOS with Homebrew

How to Install/Upgrade PHP 8.3 on MacOS with Homebrew

Install PHP 8.3 and PHP extensions on MacOS with Homebrew.
How to install or upgrade to PHP 8.3 on Fedora, RHEL, CentOS, and more

How to install or upgrade to PHP 8.3 on Fedora, RHEL, CentOS, and more

Beginners guide on how to install PHP 8.3 on Fedora, RHEL, CentOS, Alma Linux, Rocky Linux, and others.
Subscribe to PHP.Watch newsletter for monthly updates

You will receive an email on last Wednesday of every month and on major PHP releases with new articles related to PHP, upcoming changes, new features and what's changing in the language. No marketing emails, no selling of your contacts, no click-tracking, and one-click instant unsubscribe from any email you receive.