VOOZH about

URL: https://deepwiki.com/guanguans/ai-commit/4.5-http-client-layer

⇱ HTTP Client Layer | guanguans/ai-commit | DeepWiki

Loading...
Loading...
Menu

Dependency Management and Tooling

This document explains how ai-commit manages its dependencies through Composer, configures autoloading, and integrates development tools for code quality, testing, and refactoring. This covers the technical foundation that enables both runtime execution and development workflow automation.

For information about the testing framework specifically, see Testing Framework. For CI/CD automation of these tools, see CI/CD Workflows. For pre-commit hook execution, see Code Quality Tools.

Composer Dependency Management

ai-commit uses Composer as its package manager for both production runtime dependencies and development tooling. The dependency manifest is defined in composer.json1-479 and locked to specific versions in composer.lock1-12846

Production Dependencies

The application requires PHP 8.2+ and several core dependencies for runtime execution:

PackageVersionPurpose
guzzlehttp/guzzle^7.10HTTP client for API-based generators (OpenAI, ERNIE, Moonshot)
laravel-zero/framework^12.0Micro-framework foundation for console applications
laravel-zero/phar-updater^1.4Self-update mechanism for PHAR distribution
laravel/framework^12.36Full Laravel framework components (used by Laravel Zero)
laminas/laminas-text^2.12Text manipulation utilities
laravel-lang/common^6.7Multi-language support

Required PHP Extensions:

  • ext-curl - HTTP transport
  • ext-mbstring - Multi-byte string handling

Sources: composer.json58-68

Development Dependencies

The project includes extensive development tooling for code quality, testing, and analysis:



The full list includes 40+ development packages covering:


    

  • Static Analysis: PHPStan + 10 extension packages
    • 

  • Refactoring: Rector + 3 rule sets
    • 

  • Code Style: PHP-CS-Fixer + Ergebnis config
    • 

  • Testing: Pest + plugins (Laravel, Snapshots)
    • 

  • Quality Gates: Multiple analysis tools (cognitive complexity, type coverage, class leaks)
    • 



Sources: composer.json69-123


Autoloading Strategy


The application uses PSR-4 autoloading with namespace-to-directory mapping:


Production Autoloading:




Test Autoloading:




This configuration means:


    

  • App\Commands\CommitCommand maps to app/Commands/CommitCommand.php
    • 

  • App\Generators\OpenAIChatGenerator maps to app/Generators/OpenAIChatGenerator.php
    • 

  • Tests\Feature\CommitCommandTest maps to tests/Feature/CommitCommandTest.php
    • 

  • Global helper functions are loaded from app/Support/helpers.php
    • 



The binary executable is registered at builds/ai-commit, making the command globally accessible after Composer installation.


Sources: composer.json133-145


Lock File and Version Constraints


The composer.lock1-12846 file locks all dependencies to exact versions, ensuring reproducible builds. Key characteristics:


    

  • Content hash: c07bf71e7ab2ac5c60966406fdea2eb0
    • 

  • Contains 200+ packages (direct + transitive dependencies)
    • 

  • Records exact versions, download URLs, and SHA checksums
    • 

  • Updated via composer update or composer install (when lock missing)
    • 



Version constraints follow semantic versioning:


    

  • ^12.0 = >=12.0.0 <13.0.0 (compatible with 12.x)
    • 

  • ^7.10 = >=7.10.0 <8.0.0 (compatible with 7.x from 7.10)
    • 

  • ~2.12 = >=2.12.0 <3.0.0 (equivalent to ^2.12 for major version 2)
    • 



Sources: composer.lock1-9




Code Quality Tools Configuration


Rector - Automated Refactoring


Rector performs automated code refactoring and modernization with 120+ rules configured in rector.php1-298




Key Configuration Points:


    

  1. PHP Version Target: PHP 8.2 rector.php102
    2. 

  2. Paths Scanned: app/, bootstrap/, resources/, tests/, root PHP files rector.php72-84
    3. 

  3. Parallel Processing: Enabled via withParallel() rector.php95
    4. 

  4. Cache Directory: .build/rector/ rector.php94
    5. 

  5. Import Names: Auto-imports classes, but not doc block names rector.php98
    6. 



Applied Rule Sets:


    

  • PHP 8.2 features and syntax
    • 

  • Laravel 11.0 conventions and best practices
    • 

  • PHPUnit 11.0 test patterns
    • 

  • Dead code elimination
    • 

  • Code quality improvements
    • 

  • Type declarations strengthening
    • 

  • Early returns
    • 

  • Carbon date handling
    • 



Skipped Rules:


    

  • Static closure enforcement in tests rector.php269-272
    • 

  • Array spread instead of merge (for performance)
    • 

  • Some Laravel-specific transformations that conflict with project style
    • 



Execution:




Sources: rector.php71-297 composer.json361-370


PHPStan - Static Analysis


PHPStan performs static analysis to detect type errors, bugs, and code quality issues. Configuration is defined in phpstan.neon.dist (not provided in files, but referenced).


Extensions and Rules:


From the development dependencies, PHPStan is configured with:



























































Extension PackagePurpose
phpstan/phpstan ^2.1Core static analyzer
larastan/larastan ^3.7Laravel-specific rules
phpstan/phpstan-deprecation-rulesDetect deprecated usage
phpstan/phpstan-strict-rulesStricter type checking
phpstan/phpstan-mockeryMockery mock type inference
phpstan/phpstan-webmozart-assertAssert function analysis
spaze/phpstan-disallowed-callsForbidden function calls
staabm/phpstan-todo-byTODO comment validation
tomasvotruba/cognitive-complexityComplexity measurement
tomasvotruba/type-coverageType coverage reporting
symplify/phpstan-extensionsAdditional rules
symplify/phpstan-rulesMore quality rules


Baseline Management:
The project uses per-identifier baselines for incremental error fixing:




Baselines are stored in baselines/ directory and loaded via baselines/loader.neon.


Execution:




Sources: composer.json87-101 composer.json342-348


Pint/PHP-CS-Fixer - Code Style


Code style enforcement uses Laravel Pint (wrapper around PHP-CS-Fixer) with Ergebnis configuration.


Style Configuration:




Execution Commands:




The pint-dirty commands are optimized for incremental development by only checking Git-modified files.


Sources: composer.json83 composer.json349-357 composer.json399-400


Pest - Testing Framework


Pest provides the testing foundation with Laravel integration. Configuration in phpunit.xml.dist1-43


Test Suite Structure:




Coverage Requirements:


    

  • Minimum 80% code coverage enforced via --min=80 flag
    • 

  • Coverage report generated in .build/phpunit/ directory
    • 

  • HTML and Clover XML formats supported
    • 



Test Execution:




Pest Plugins:


    

  • pestphp/pest-plugin-laravel ^3.2 - Laravel-specific assertions and helpers
    • 

  • spatie/pest-plugin-snapshots ^2.2 - Snapshot testing support
    • 



Sources: phpunit.xml.dist1-43 composer.json91-92 composer.json320-332




Additional Development Tools


Composer Dependency Analysis


The shipmonk/composer-dependency-analyser package audits dependency usage to detect:


    

  • Unused dependencies: Installed but never imported
    • 

  • Shadow dependencies: Used but not declared (should be in require)
    • 

  • Dev dependencies in production: Dev packages used in production code
    • 



Configuration in composer-dependency-analyser.php1-72:


Scan Paths:




Ignored Errors:


    

  • Unused dependencies: laminas/laminas-text, laravel-lang/common, laravel-zero/phar-updater (runtime loaded)
    • 

  • Shadow dependencies: Symfony Console, Guzzle PSR-7, Laravel Zero Foundation packages (indirect usage)
    • 



Execution:




Sources: composer-dependency-analyser.php1-72 composer.json249


Other Quality Tools























































ToolPackagePurposeComposer Script
Composer Normalizeergebnis/composer-normalize ^2.48Standardize composer.json formattingcomposer normalized
EditorConfig Checkereditorconfig-checker ^10.7Validate .editorconfig compliancecomposer editorconfig-checker
PHPMNDpovils/phpmnd ^3.6Detect magic numberscomposer phpmnd
Collision Detectorshipmonk/name-collision-detector ^2.1Find class name collisionscomposer detect-collisions
Dead Code Detectorshipmonk/dead-code-detector ^0.11Find unreachable code(integrated with PHPStan)
Class Leaktomasvotruba/class-leak ^2.0Detect leaked dependenciescomposer class-leak-check
Swiss Kniferector/swiss-knife ^2.3Multi-purpose code utilitiescomposer sk-* commands


Sources: composer.json71-122 composer.json224-398




Composer Scripts Architecture


The composer.json185-439 defines 150+ Composer scripts that orchestrate all development tools. These scripts provide:


    

  1. Unified Interface: Single entry point for all tools
    2. 

  2. Parameter Presets: Pre-configured common flags
    3. 

  3. Workflow Automation: Multi-step processes
    4. 

  4. Environment Management: Xdebug control, PHP version switching
    5. 



Script Categories




The checks Pipeline


The primary quality gate is composer checks, which runs a comprehensive validation pipeline:




This executes composer.json222-242:


    

  1. Turn off Xdebug (performance)
    2. 

  2. Normalize composer.json format
    3. 

  3. Validate composer.json structure and lock file
    4. 

  4. Lint Markdown documentation
    5. 

  5. Lint README specifically
    6. 

  6. Lint YAML configuration files
    7. 

  7. Validate prefer-lowest compatibility
    8. 

  8. Detect magic numbers (PHPMND)
    9. 

  9. Check code style (Pint)
    10. 

  10. Check conflicts (Swiss Knife)
    11. 

  11. Check commented code (Swiss Knife)
    12. 

  12. Check finalization (Swiss Knife dry-run)
    13. 

  13. Analyze dependencies (Composer Dependency Analyser)
    14. 

  14. Check lazy traits (Swiss Knife)
    15. 

  15. Turn on Xdebug (for coverage)
    16. 

  16. Run tests with coverage (Pest)
    17. 

  17. Turn off Xdebug (cleanup)
    18. 

  18. Dry-run Rector (preview refactorings)
    19. 

  19. Run PHPStan (static analysis)
    20. 



Each step must pass before proceeding to the next, ensuring comprehensive code quality.


Sources: composer.json222-242


AI Commit Helper Scripts


The project provides convenience scripts for testing the ai-commit command itself:




These scripts in composer.json198-205 allow developers to quickly test different AI generators during development.


Sources: composer.json198-205


Environment Variable Management


Scripts can control runtime environment:



























ScriptPurpose
env-put-xdebug-offXDEBUG_MODE=off (faster execution)
env-put-xdebug-onXDEBUG_MODE=coverage,debug + session
env-put-composer-memory-unlimitedCOMPOSER_MEMORY_LIMIT=-1
env-put-phpDefine PHP version paths


These are used internally by other scripts to optimize performance or enable debugging.


Sources: composer.json270-284




Git Hooks Integration


Git hooks are managed via brainmaestro/composer-git-hooks package, configured in composer.json176-183:




Hook Lifecycle:




Hook Management:




The hooks are automatically installed during composer install and composer update via composer.json186-197:




Sources: composer.json176-197 composer.json212-221




Tool Configuration Files Reference


The tooling ecosystem is configured through multiple files:

























































FilePurposeKey Configurations
composer.jsonDependency manifest + scriptsDependencies, autoloading, scripts
composer.lockLocked dependency versionsExact versions, checksums
rector.phpRector refactoring rulesRule sets, paths, skips
phpstan.neon.distPHPStan analysis configLevel, paths, extensions
phpunit.xml.distPHPUnit/Pest test configSuites, coverage, environment
.php-cs-fixer.phpCode style rulesFixers, paths, excluded
composer-dependency-analyser.phpDependency audit configScan paths, ignored packages
.editorconfigEditor formattingIndentation, line endings
.lintmdrcMarkdown lintingMD rules and violations


Application Bootstrap Integration


The application bootstrap bootstrap/app.php1-117 demonstrates how production dependencies are wired:


Dependency Injection Registration:




Configuration Loading:




Service Provider Registration:




Logger Manager Extension:




This shows how development dependencies (like intonate/tinker-zero) are conditionally registered only in non-production environments, while production dependencies are always available.


Sources: bootstrap/app.php36-116




Summary


The ai-commit project employs a sophisticated dependency management and tooling ecosystem:


    

  1. Composer manages 6 production dependencies and 40+ development packages
    2. 

  2. PSR-4 autoloading maps namespaces to directories with zero configuration overhead
    3. 

  3. Rector provides automated refactoring with 120+ rules across PHP, Laravel, and PHPUnit rule sets
    4. 

  4. PHPStan performs static analysis with 10+ extension packages for comprehensive type checking
    5. 

  5. Pint/PHP-CS-Fixer enforces code style using Ergebnis opinionated configuration
    6. 

  6. Pest provides the testing framework with Laravel integration and 80% minimum coverage requirement
    7. 

  7. 150+ Composer scripts orchestrate all tools through a unified interface
    8. 

  8. Git hooks automatically run quality checks on commit and merge operations
    9. 



All tools are configured to work together in the composer checks pipeline, creating automated quality gates that prevent regression and enforce consistency across the codebase.


Sources: composer.json1-479 composer.lock1-12846 rector.php1-298 composer-dependency-analyser.php1-72 phpunit.xml.dist1-43 bootstrap/app.php1-117