How to prevent Composer dependency conflicts amongst WP plugins?

In our plugin development we use Composer to install e.g. Symfony\Process that we later use in the code. The big question is how do we make sure that this dependency is not in a conflict with some other plugin also using Symfony\Process in another version.

Now I know this is mostly an inherent PHP issue but still, we’d like to offer our users a solution that at least warns them when such conflict happens (instead of failing hard). One approach, for example, would be to scan the plugins directory for vendor folders and try to figure out whether an incompatible versions are used in some other plugin. I know this far (like really, really far) from perfect but I’m just trying to give an example.

How do you guys deal with this? I know Composer is probably not mainstream amongst plugin developers yet but we all will have this problem sooner or later so I’m wondering if anyone has figured out some sort of strategy for it.

The answer is — you can’t because WordPress can’t. There is no dependency management concept in WP and it was the same case before Composer had even existed.

The rise of autoload (Composer or otherwise) slightly helps with it, since you might just be getting different copy loaded (hopefully close enough) rather than outright fatal error. You can check for this, if you devise a method to. For example checking the paths the definitions where loaded from with get_included_files(), but really that’s just a bandaid not a solution.

The only scenario in which Composer really helps you with it is using it to control whole WP installation, with single shared vendor folder.