From 15f7d24e7edfb74927b3d9416be5802d3ea31178 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Thu, 2 Jun 2022 21:15:18 +0200 Subject: [PATCH 01/13] Parse openssl 3 versions cleaner --- src/Composer/Platform/Version.php | 9 +++++++-- tests/Composer/Test/Platform/VersionTest.php | 3 +++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/Composer/Platform/Version.php b/src/Composer/Platform/Version.php index 6c9cd8fa5..a04d279f4 100644 --- a/src/Composer/Platform/Version.php +++ b/src/Composer/Platform/Version.php @@ -32,11 +32,16 @@ class Version return null; } + // OpenSSL 1 used 1.2.3a style versioning, 3+ uses semver + $patch = ''; + if (version_compare($matches['version'], '3.0.0', '<')) { + $patch = '.'.self::convertAlphaVersionToIntVersion($matches['patch']); + } + $isFips = strpos($matches['suffix'], 'fips') !== false; $suffix = strtr('-'.ltrim($matches['suffix'], '-'), array('-fips' => '', '-pre' => '-alpha')); - $patch = self::convertAlphaVersionToIntVersion($matches['patch']); - return rtrim($matches['version'].'.'.$patch.$suffix, '-'); + return rtrim($matches['version'].$patch.$suffix, '-'); } /** diff --git a/tests/Composer/Test/Platform/VersionTest.php b/tests/Composer/Test/Platform/VersionTest.php index 3ebb03724..edcca0041 100644 --- a/tests/Composer/Test/Platform/VersionTest.php +++ b/tests/Composer/Test/Platform/VersionTest.php @@ -69,6 +69,9 @@ class VersionTest extends TestCase array('1.2.3za', '1.2.3.27'), array('1.2.3zy', '1.2.3.51'), array('1.2.3zz', '1.2.3.52'), + // 3.x + array('3.0.0', '3.0.0', false, '3.0.0.0'), + array('3.2.4-dev', '3.2.4-dev', false, '3.2.4.0-dev'), ); } From 1e9210f7b1fc66984a891ea58f13c8c5d2dff81d Mon Sep 17 00:00:00 2001 From: Fabien Villepinte Date: Sat, 4 Jun 2022 15:20:58 +0200 Subject: [PATCH 02/13] Fix TypeError when a JSON file can not be read (#10818) --- phpstan/baseline.neon | 5 ----- src/Composer/Json/JsonFile.php | 4 ++++ 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/phpstan/baseline.neon b/phpstan/baseline.neon index ac39f66e8..c335349c5 100644 --- a/phpstan/baseline.neon +++ b/phpstan/baseline.neon @@ -4365,11 +4365,6 @@ parameters: count: 1 path: ../src/Composer/Json/JsonFile.php - - - message: "#^Parameter \\#1 \\$json of static method Composer\\\\Json\\\\JsonFile\\:\\:parseJson\\(\\) expects string\\|null, string\\|false\\|null given\\.$#" - count: 1 - path: ../src/Composer/Json/JsonFile.php - - message: "#^Parameter \\#1 \\$json of static method Composer\\\\Json\\\\JsonFile\\:\\:validateSyntax\\(\\) expects string, string\\|false given\\.$#" count: 1 diff --git a/src/Composer/Json/JsonFile.php b/src/Composer/Json/JsonFile.php index 2202530d9..bbcd24206 100644 --- a/src/Composer/Json/JsonFile.php +++ b/src/Composer/Json/JsonFile.php @@ -110,6 +110,10 @@ class JsonFile throw new \RuntimeException('Could not read '.$this->path."\n\n".$e->getMessage()); } + if ($json === false) { + throw new \RuntimeException('Could not read '.$this->path); + } + return static::parseJson($json, $this->path); } From a76a1c9fc2ee786d81e1bd91c0773045ee20c362 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Mon, 6 Jun 2022 14:49:37 +0200 Subject: [PATCH 03/13] Fix parsing of multi-line arrays in funding yml, fixes #10784 --- src/Composer/Repository/Vcs/GitHubDriver.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/Composer/Repository/Vcs/GitHubDriver.php b/src/Composer/Repository/Vcs/GitHubDriver.php index 33d7e8cd3..96f7ed996 100644 --- a/src/Composer/Repository/Vcs/GitHubDriver.php +++ b/src/Composer/Repository/Vcs/GitHubDriver.php @@ -234,6 +234,10 @@ class GitHubDriver extends VcsDriver foreach (Preg::split('{\r?\n}', $funding) as $line) { $line = trim($line); if (Preg::isMatch('{^(\w+)\s*:\s*(.+)$}', $line, $match)) { + if ($match[2] === '[') { + $key = $match[1]; + continue; + } if (Preg::isMatch('{^\[(.*)\](?:\s*#.*)?$}', $match[2], $match2)) { foreach (array_map('trim', Preg::split('{[\'"]?\s*,\s*[\'"]?}', $match2[1])) as $item) { $result[] = array('type' => $match[1], 'url' => trim($item, '"\' ')); @@ -244,8 +248,13 @@ class GitHubDriver extends VcsDriver $key = null; } elseif (Preg::isMatch('{^(\w+)\s*:\s*#\s*$}', $line, $match)) { $key = $match[1]; - } elseif ($key && Preg::isMatch('{^-\s*(.+)(\s+#.*)?$}', $line, $match)) { + } elseif ($key && ( + Preg::isMatch('{^-\s*(.+)(\s+#.*)?$}', $line, $match) + || Preg::isMatch('{^(.+),(\s*#.*)?$}', $line, $match) + )) { $result[] = array('type' => $key, 'url' => trim($match[1], '"\' ')); + } elseif ($key && $line === ']') { + $key = null; } } From e3527ea37f26cb357401b1d9c57cdc51a96972cd Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Mon, 6 Jun 2022 15:22:41 +0200 Subject: [PATCH 04/13] Detect broken symlinks when checking for a package's presence, fixes #6708 --- src/Composer/Installer/LibraryInstaller.php | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/Composer/Installer/LibraryInstaller.php b/src/Composer/Installer/LibraryInstaller.php index 71f45e8e4..d05b8e63f 100644 --- a/src/Composer/Installer/LibraryInstaller.php +++ b/src/Composer/Installer/LibraryInstaller.php @@ -90,7 +90,19 @@ class LibraryInstaller implements InstallerInterface, BinaryPresenceInterface return true; } - return (Platform::isWindows() && $this->filesystem->isJunction($installPath)) || is_link($installPath); + if (Platform::isWindows() && $this->filesystem->isJunction($installPath)) { + return true; + } + + if (is_link($installPath)) { + if (realpath($installPath) === false) { + return false; + } + + return true; + } + + return false; } /** From fbc85dede80a9d4adfdd29d5081a8f92fcdd9bd1 Mon Sep 17 00:00:00 2001 From: Stephan Jorek <38257959+brandung-sjorek@users.noreply.github.com> Date: Mon, 6 Jun 2022 16:14:54 +0200 Subject: [PATCH 05/13] allow chained proxy-binary php-inclusions (#10823) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * allow chained proxy-binary php-inclusion by skipping redundant “phpvfscomposer” stream-wrapper registration --- src/Composer/Installer/BinaryInstaller.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/Composer/Installer/BinaryInstaller.php b/src/Composer/Installer/BinaryInstaller.php index 417e9be2b..a96bfce0a 100644 --- a/src/Composer/Installer/BinaryInstaller.php +++ b/src/Composer/Installer/BinaryInstaller.php @@ -379,7 +379,10 @@ if (PHP_VERSION_ID < 80000) { } } - if (function_exists('stream_wrapper_register') && stream_wrapper_register('phpvfscomposer', 'Composer\BinProxyWrapper')) { + if ( + (function_exists('stream_get_wrappers') && in_array('phpvfscomposer', stream_get_wrappers(), true)) + || (function_exists('stream_wrapper_register') && stream_wrapper_register('phpvfscomposer', 'Composer\BinProxyWrapper')) + ) { include("phpvfscomposer://" . $binPathExported); exit(0); } From 7cb994fade868cd4fe83506c8aec61e0d8fa6e75 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Mon, 6 Jun 2022 16:32:44 +0200 Subject: [PATCH 06/13] Update changelog --- CHANGELOG.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ccca38d77..9ed45a499 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,13 @@ +### [2.2.14] 2022-06-06 + + * Fixed handling of broken symlinks when checking whether a package is still installed (#6708) + * Fixed JSON schema regex pattern for name to be JS compatible (#10811) + * Fixed bin proxies to allow a proxy to include another one safely (#10823) + * Fixed gitlab-token JSON schema definition (#10800) + * Fixed openssl 3.x version parsing as it is now semver compliant + * Fixed type error when a json file cannot be read (#10818) + * Fixed parsing of multi-line arrays in funding.yml (#10784) + ### [2.2.13] 2022-05-25 * Fixed invalid credentials loop when setting up GitLab token (#10748) @@ -1436,6 +1446,7 @@ * Initial release +[2.2.14]: https://github.com/composer/composer/compare/2.2.13...2.2.14 [2.2.13]: https://github.com/composer/composer/compare/2.2.12...2.2.13 [2.2.12]: https://github.com/composer/composer/compare/2.2.11...2.2.12 [2.2.11]: https://github.com/composer/composer/compare/2.2.10...2.2.11 From 8c7a2d200bb0e66d6fafeff2f9c9a27188e52842 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Mon, 6 Jun 2022 16:32:50 +0200 Subject: [PATCH 07/13] Release 2.2.14 --- src/Composer/Composer.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Composer/Composer.php b/src/Composer/Composer.php index 624e02507..8f8ce63cc 100644 --- a/src/Composer/Composer.php +++ b/src/Composer/Composer.php @@ -52,10 +52,10 @@ class Composer * const RELEASE_DATE = '@release_date@'; * const SOURCE_VERSION = '1.8-dev+source'; */ - const VERSION = '@package_version@'; - const BRANCH_ALIAS_VERSION = '@package_branch_alias_version@'; - const RELEASE_DATE = '@release_date@'; - const SOURCE_VERSION = '2.2.999-dev+source'; + const VERSION = '2.2.14'; + const BRANCH_ALIAS_VERSION = ''; + const RELEASE_DATE = '2022-06-06 16:32:50'; + const SOURCE_VERSION = ''; /** * Version number of the internal composer-runtime-api package From ba2ce37cd9c9db582d593d418f1729dc0e3d120d Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Mon, 6 Jun 2022 16:32:51 +0200 Subject: [PATCH 08/13] Reverting release version changes --- src/Composer/Composer.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Composer/Composer.php b/src/Composer/Composer.php index 8f8ce63cc..624e02507 100644 --- a/src/Composer/Composer.php +++ b/src/Composer/Composer.php @@ -52,10 +52,10 @@ class Composer * const RELEASE_DATE = '@release_date@'; * const SOURCE_VERSION = '1.8-dev+source'; */ - const VERSION = '2.2.14'; - const BRANCH_ALIAS_VERSION = ''; - const RELEASE_DATE = '2022-06-06 16:32:50'; - const SOURCE_VERSION = ''; + const VERSION = '@package_version@'; + const BRANCH_ALIAS_VERSION = '@package_branch_alias_version@'; + const RELEASE_DATE = '@release_date@'; + const SOURCE_VERSION = '2.2.999-dev+source'; /** * Version number of the internal composer-runtime-api package From ab9e18027e643802be5c51e76e28d78d3cb0c90a Mon Sep 17 00:00:00 2001 From: Markus Staab Date: Mon, 6 Jun 2022 16:42:24 +0200 Subject: [PATCH 09/13] plugins: mention static analysis support (#10812) --- composer.json | 5 +++++ doc/articles/plugins.md | 21 +++++++++++++++++++++ 2 files changed, 26 insertions(+) diff --git a/composer.json b/composer.json index 769642299..c346aa009 100644 --- a/composer.json +++ b/composer.json @@ -63,6 +63,11 @@ "extra": { "branch-alias": { "dev-main": "2.3-dev" + }, + "phpstan": { + "includes": [ + "phpstan/rules.neon" + ] } }, "autoload": { diff --git a/doc/articles/plugins.md b/doc/articles/plugins.md index bcbbe2cad..e26d16385 100644 --- a/doc/articles/plugins.md +++ b/doc/articles/plugins.md @@ -339,6 +339,25 @@ depend on other packages can function correctly, a runtime autoloader is created a plugin is loaded. That autoloader is only configured to load with the plugin dependencies, so you may not have access to all the packages which are installed. +## Static Analysis support + +As of Composer 2.3.7 we ship a `phpstan/rules.neon` PHPStan config file, which provides additional error checking when working on Composer plugins. + +### Usage with [PHPStan Extension Installer][13] + +The necessary configuration files are automatically loaded, in case your plugin projects declares a dependency to `phpstan/extension-installer`. + +### Alternative manual installation + +To make use of it, your Composer plugin project needs a [PHPStan config file][12], which includes the `phpstan/rules.neon` file: + +``` +includes: + - vendor/composer/composer/phpstan/rules.neon + +// your remaining config.. +``` + [1]: ../04-schema.md#type [2]: ../04-schema.md#extra [3]: https://github.com/composer/composer/blob/main/src/Composer/Plugin/PluginInterface.php @@ -350,3 +369,5 @@ so you may not have access to all the packages which are installed. [9]: https://github.com/composer/composer/blob/main/src/Composer/Plugin/Capability/CommandProvider.php [10]: https://symfony.com/doc/current/components/console.html [11]: https://github.com/composer/composer/blob/main/src/Composer/Util/SyncHelper.php +[12]: https://phpstan.org/config-reference#multiple-files +[13]: https://github.com/phpstan/extension-installer#usage From a33f6585969bb28362c589e27871af8d7d4c4add Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Mon, 6 Jun 2022 16:39:27 +0200 Subject: [PATCH 10/13] Update changelog --- CHANGELOG.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ff1b0a09f..c9fe7206f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,13 @@ +### [2.3.7] 2022-06-06 + + * Fixed a few PHPStan ConfigReturnTypeExtension bugs + * Fixed Config default for auth configs to be empty arrays instead of null, fixes issues with diagnose command (#10814) + * Fixed handling of broken symlinks when checking whether a package is still installed (#6708) + * Fixed bin proxies to allow a proxy to include another one safely (#10823) + * Fixed openssl 3.x version parsing as it is now semver compliant + * Fixed type error when a json file cannot be read (#10818) + * Fixed parsing of multi-line arrays in funding.yml (#10784) + ### [2.3.6] 2022-06-01 * Added `Composer\PHPStan\ConfigReturnTypeExtension` to improve return types of `Config::get()` which you can also use in plugins CI (#10635) @@ -1532,6 +1542,7 @@ * Initial release +[2.3.7]: https://github.com/composer/composer/compare/2.3.6...2.3.7 [2.3.6]: https://github.com/composer/composer/compare/2.3.5...2.3.6 [2.3.5]: https://github.com/composer/composer/compare/2.3.4...2.3.5 [2.3.4]: https://github.com/composer/composer/compare/2.3.3...2.3.4 From e6d061c68244c0c7fd38f4e2d959d34fb856b96d Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Mon, 6 Jun 2022 16:43:22 +0200 Subject: [PATCH 11/13] Update hash --- composer.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.lock b/composer.lock index 2c5954377..c1f0ad6c5 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "9e35cddef900ba721bf84c8cda25db75", + "content-hash": "1f572d2fe0d3c7200c3887bd2fc9e991", "packages": [ { "name": "composer/ca-bundle", From 10cd375cf85dede2ff417ceab517ef9a0dc55407 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Mon, 6 Jun 2022 16:43:28 +0200 Subject: [PATCH 12/13] Release 2.3.7 --- src/Composer/Composer.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Composer/Composer.php b/src/Composer/Composer.php index 93e8c0a6f..a4cb3e1a6 100644 --- a/src/Composer/Composer.php +++ b/src/Composer/Composer.php @@ -51,10 +51,10 @@ class Composer extends PartialComposer * * @see getVersion() */ - public const VERSION = '@package_version@'; - public const BRANCH_ALIAS_VERSION = '@package_branch_alias_version@'; - public const RELEASE_DATE = '@release_date@'; - public const SOURCE_VERSION = '2.3.999-dev+source'; + public const VERSION = '2.3.7'; + public const BRANCH_ALIAS_VERSION = ''; + public const RELEASE_DATE = '2022-06-06 16:43:28'; + public const SOURCE_VERSION = ''; /** * Version number of the internal composer-runtime-api package From b39608753b917f567a2a5341006739993e4dcbf3 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Mon, 6 Jun 2022 16:43:28 +0200 Subject: [PATCH 13/13] Reverting release version changes --- src/Composer/Composer.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Composer/Composer.php b/src/Composer/Composer.php index a4cb3e1a6..93e8c0a6f 100644 --- a/src/Composer/Composer.php +++ b/src/Composer/Composer.php @@ -51,10 +51,10 @@ class Composer extends PartialComposer * * @see getVersion() */ - public const VERSION = '2.3.7'; - public const BRANCH_ALIAS_VERSION = ''; - public const RELEASE_DATE = '2022-06-06 16:43:28'; - public const SOURCE_VERSION = ''; + public const VERSION = '@package_version@'; + public const BRANCH_ALIAS_VERSION = '@package_branch_alias_version@'; + public const RELEASE_DATE = '@release_date@'; + public const SOURCE_VERSION = '2.3.999-dev+source'; /** * Version number of the internal composer-runtime-api package