Document how to solve unique namespace in external Composer dependencies #2
Description
A note about Composer dependencies in WordPress plugins is that there's a risk of namespace or version conflict when two plugins include multiple instances of the same dependency, particularly popular packages like symphony/* and guzzlehttp.
Tangible modules like Framework and Updater have a module loader that handles this, by having a registry of available versions and loading a single instance of the newest version. However most Composer modules are not designed this way.
Ideally such external dependencies are "vendored in" 1 with a unique namespace using a tool like php-scoper.
If/when someone figures it out, it'd be nice to document the steps in the docs site and integrate it as part of the common plugin setup and build pipeline.
Related:
Footnotes
-
Vendoring is a software development technique where you copy the source code of another project directly into your own project, rather than relying on external dependencies. ↩