From b6fe9419114e61124ad136b7849cd5eed234ccc4 Mon Sep 17 00:00:00 2001
From: Jordi Boggiano <j.boggiano@seld.be>
Date: Thu, 31 Aug 2023 16:08:56 +0200
Subject: [PATCH] Update changelog

---
 CHANGELOG.md | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 03f626c30..5df237db9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,29 @@
+### [2.6.0] 2023-08-31
+
+  * Added audit.ignore config setting to ignore security advisories by id or CVE id (#11556, #11605)
+  * Added `rm` alias to the `remove` command (#11367)
+  * Added runtime platform check to verify the php-64bit requirement is met (#11334)
+  * Added platform package detection for lib-pq-libpq and lib-rdkafka-librdkafka (#11418)
+  * Added `--dry-run` to `dump-autoload` command to allow running --strict-psr checks without modifying the filesystem (#11608)
+  * Added support for `bump`ing patch level in `~1.2.3` constraints (#11590)
+  * Added prompt in `require` if the package name is not found but similar ones exist (#11284)
+  * Added support for env vars and `~` in repository paths for vcs and artifact repositories (#11453)
+  * Added support for local directory paths for repositories of type `composer` (#11526)
+  * Added links to package homepages in `why`/`why-not` command output (#11308)
+  * Added a `security` key to the `support` key of composer.json to set the URL to the vulnerability disclosure policy (#11271)
+  * Added support for gathering security advisories from multiple repositories for a single package (#11436)
+  * Fixed `install` and `update` exit code to be non-zero if the post-install security audit failed (#11362)
+  * Fixed binary proxies causing scripts inspecting `$_SERVER['SCRIPT_NAME']` to detect them, they are now more transparent (#11562)
+  * Fixed executability of non-php binaries which are not marked executable (#11557)
+  * Fixed `mtime` modification of the vendor dir to only happen when packages are modified, and not require lock file modification to happen (#11593)
+  * Fixed `create-project` using the wrong composer.json file if one was set via the `COMPOSER` env var (#11493)
+  * Fixed json editing to preserve indentation when updating json files (#11390)
+  * Fixed handling of broken junctions on windows (#11550)
+  * Fixed parsing of lib-curl-openssl version with OSX SecureTransport (#11534)
+  * Fixed svn repo parsing in some edge cases (#11350)
+  * Fixed handling of archive URLs without file extension (#11520)
+  * Performance improvement in pool optimization step (#11449, #11450)
+
 ### [2.5.8] 2023-06-09
 
   * Fixed regression in edge cases where root package gets added to a repository already during the install process (#11495)
@@ -1731,6 +1757,7 @@
 
   * Initial release
 
+[2.6.0]: https://github.com/composer/composer/compare/2.5.8...2.6.0
 [2.5.8]: https://github.com/composer/composer/compare/2.5.7...2.5.8
 [2.5.7]: https://github.com/composer/composer/compare/2.5.6...2.5.7
 [2.5.6]: https://github.com/composer/composer/compare/2.5.5...2.5.6