From 955194f8969bdbf110475f3eda604f869d059133 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Tue, 31 May 2022 13:24:38 +0200 Subject: [PATCH 1/8] docs: Fix inconsist semver operator suggestion (#10810) Using caret over tilde is better since it behaves the same as in npm: https://jubianchi.github.io/semver-check/#/constraint/~3.0 But when this change was introduced in https://github.com/composer/composer/pull/5396, it was not complete. --- doc/faqs/why-are-unbound-version-constraints-a-bad-idea.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/faqs/why-are-unbound-version-constraints-a-bad-idea.md b/doc/faqs/why-are-unbound-version-constraints-a-bad-idea.md index 2039fa81b..d9df4e5d8 100644 --- a/doc/faqs/why-are-unbound-version-constraints-a-bad-idea.md +++ b/doc/faqs/why-are-unbound-version-constraints-a-bad-idea.md @@ -12,7 +12,7 @@ The only good alternative is to define an upper bound on your constraints, which you can increase in a new release after testing that your package is compatible with the new major version of your dependency. -For example instead of using `>=3.4` you should use `~3.4` which allows all +For example instead of using `>=3.4` you should use `^3.4` which allows all versions up to `3.999` but does not include `4.0` and above. The `^` operator works very well with libraries following [semantic versioning](https://semver.org). From 313142c6cd64ac5d7d37aaa327ee244068512b03 Mon Sep 17 00:00:00 2001 From: Matronator <5470780+matronator@users.noreply.github.com> Date: Tue, 31 May 2022 01:44:07 +0200 Subject: [PATCH 2/8] Escape forward slash in `properties.name` --- res/composer-schema.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/res/composer-schema.json b/res/composer-schema.json index e4e460b89..b09c095cc 100644 --- a/res/composer-schema.json +++ b/res/composer-schema.json @@ -6,7 +6,7 @@ "name": { "type": "string", "description": "Package name, including 'vendor-name/' prefix.", - "pattern": "^[a-z0-9]([_.-]?[a-z0-9]++)*+/[a-z0-9](([_.]|-{1,2})?[a-z0-9]++)*+$" + "pattern": "^[a-z0-9]([_.-]?[a-z0-9]++)*+\/[a-z0-9](([_.]|-{1,2})?[a-z0-9]++)*+$" }, "description": { "type": "string", From 70a7b592e994cc8c042e3c869af34ff1e72db777 Mon Sep 17 00:00:00 2001 From: Nicolas Hedger <649677+nhedger@users.noreply.github.com> Date: Wed, 1 Jun 2022 21:23:07 +0200 Subject: [PATCH 3/8] Fix JSON schema regex pattern (#10811) --- res/composer-schema.json | 2 +- tests/Composer/Test/Json/ComposerSchemaTest.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/res/composer-schema.json b/res/composer-schema.json index b09c095cc..9516e4590 100644 --- a/res/composer-schema.json +++ b/res/composer-schema.json @@ -6,7 +6,7 @@ "name": { "type": "string", "description": "Package name, including 'vendor-name/' prefix.", - "pattern": "^[a-z0-9]([_.-]?[a-z0-9]++)*+\/[a-z0-9](([_.]|-{1,2})?[a-z0-9]++)*+$" + "pattern": "^[a-z0-9]([_.-]?[a-z0-9]+)*\/[a-z0-9](([_.]|-{1,2})?[a-z0-9]+)*$" }, "description": { "type": "string", diff --git a/tests/Composer/Test/Json/ComposerSchemaTest.php b/tests/Composer/Test/Json/ComposerSchemaTest.php index 8c252a046..2cda98e4e 100644 --- a/tests/Composer/Test/Json/ComposerSchemaTest.php +++ b/tests/Composer/Test/Json/ComposerSchemaTest.php @@ -25,9 +25,9 @@ class ComposerSchemaTest extends TestCase $expectedError = array( array( 'property' => 'name', - 'message' => 'Does not match the regex pattern ^[a-z0-9]([_.-]?[a-z0-9]++)*+/[a-z0-9](([_.]|-{1,2})?[a-z0-9]++)*+$', + 'message' => 'Does not match the regex pattern ^[a-z0-9]([_.-]?[a-z0-9]+)*/[a-z0-9](([_.]|-{1,2})?[a-z0-9]+)*$', 'constraint' => 'pattern', - 'pattern' => '^[a-z0-9]([_.-]?[a-z0-9]++)*+/[a-z0-9](([_.]|-{1,2})?[a-z0-9]++)*+$', + 'pattern' => '^[a-z0-9]([_.-]?[a-z0-9]+)*/[a-z0-9](([_.]|-{1,2})?[a-z0-9]+)*$', ), ); From 3ead6c01197da9ec0793a9d7669cae8e2befdb8b Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Wed, 1 Jun 2022 21:32:29 +0200 Subject: [PATCH 4/8] Backport schema fixes for gitlab-token, fixes #10800 --- res/composer-schema.json | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/res/composer-schema.json b/res/composer-schema.json index 9516e4590..f3f0ca2a9 100644 --- a/res/composer-schema.json +++ b/res/composer-schema.json @@ -349,7 +349,18 @@ "type": "object", "description": "An object of domain name => gitlab private tokens, typically {\"gitlab.com\":\"\"}.", "additionalProperties": { - "type": "string" + "type": ["string", "object"], + "required": ["username", "token"], + "properties": { + "username": { + "type": "string", + "description": "The username used for GitLab authentication" + }, + "token": { + "type": "string", + "description": "The token used for GitLab authentication" + } + } } }, "gitlab-protocol": { From 3ebf82e4912a2878422fe02dd54c8b94ba0228ca Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Wed, 1 Jun 2022 21:40:56 +0200 Subject: [PATCH 5/8] Update deps --- composer.lock | 77 +++++++++++++++++++++++++-------------------------- 1 file changed, 37 insertions(+), 40 deletions(-) diff --git a/composer.lock b/composer.lock index 5850e2813..2c5954377 100644 --- a/composer.lock +++ b/composer.lock @@ -807,16 +807,16 @@ }, { "name": "symfony/console", - "version": "v5.4.8", + "version": "v5.4.9", "source": { "type": "git", "url": "https://github.com/symfony/console.git", - "reference": "ffe3aed36c4d60da2cf1b0a1cee6b8f2e5fa881b" + "reference": "829d5d1bf60b2efeb0887b7436873becc71a45eb" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/console/zipball/ffe3aed36c4d60da2cf1b0a1cee6b8f2e5fa881b", - "reference": "ffe3aed36c4d60da2cf1b0a1cee6b8f2e5fa881b", + "url": "https://api.github.com/repos/symfony/console/zipball/829d5d1bf60b2efeb0887b7436873becc71a45eb", + "reference": "829d5d1bf60b2efeb0887b7436873becc71a45eb", "shasum": "" }, "require": { @@ -886,7 +886,7 @@ "terminal" ], "support": { - "source": "https://github.com/symfony/console/tree/v5.4.8" + "source": "https://github.com/symfony/console/tree/v5.4.9" }, "funding": [ { @@ -902,7 +902,7 @@ "type": "tidelift" } ], - "time": "2022-04-12T16:02:29+00:00" + "time": "2022-05-18T06:17:34+00:00" }, { "name": "symfony/deprecation-contracts", @@ -973,16 +973,16 @@ }, { "name": "symfony/filesystem", - "version": "v5.4.7", + "version": "v5.4.9", "source": { "type": "git", "url": "https://github.com/symfony/filesystem.git", - "reference": "3a4442138d80c9f7b600fb297534ac718b61d37f" + "reference": "36a017fa4cce1eff1b8e8129ff53513abcef05ba" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/filesystem/zipball/3a4442138d80c9f7b600fb297534ac718b61d37f", - "reference": "3a4442138d80c9f7b600fb297534ac718b61d37f", + "url": "https://api.github.com/repos/symfony/filesystem/zipball/36a017fa4cce1eff1b8e8129ff53513abcef05ba", + "reference": "36a017fa4cce1eff1b8e8129ff53513abcef05ba", "shasum": "" }, "require": { @@ -1017,7 +1017,7 @@ "description": "Provides basic utilities for the filesystem", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/filesystem/tree/v5.4.7" + "source": "https://github.com/symfony/filesystem/tree/v5.4.9" }, "funding": [ { @@ -1033,7 +1033,7 @@ "type": "tidelift" } ], - "time": "2022-04-01T12:33:59+00:00" + "time": "2022-05-20T13:55:35+00:00" }, { "name": "symfony/finder", @@ -1737,16 +1737,16 @@ }, { "name": "symfony/string", - "version": "v5.4.8", + "version": "v5.4.9", "source": { "type": "git", "url": "https://github.com/symfony/string.git", - "reference": "3c061a76bff6d6ea427d85e12ad1bb8ed8cd43e8" + "reference": "985e6a9703ef5ce32ba617c9c7d97873bb7b2a99" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/string/zipball/3c061a76bff6d6ea427d85e12ad1bb8ed8cd43e8", - "reference": "3c061a76bff6d6ea427d85e12ad1bb8ed8cd43e8", + "url": "https://api.github.com/repos/symfony/string/zipball/985e6a9703ef5ce32ba617c9c7d97873bb7b2a99", + "reference": "985e6a9703ef5ce32ba617c9c7d97873bb7b2a99", "shasum": "" }, "require": { @@ -1803,7 +1803,7 @@ "utf8" ], "support": { - "source": "https://github.com/symfony/string/tree/v5.4.8" + "source": "https://github.com/symfony/string/tree/v5.4.9" }, "funding": [ { @@ -1825,16 +1825,16 @@ "packages-dev": [ { "name": "phpstan/phpstan", - "version": "1.7.1", + "version": "1.7.8", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "e3baed2ee2ef322e0f9b8fe8f87fdbe024c7c719" + "reference": "2bf3d43015d56abac4d002a4d2d6c3a7d6fa627a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/e3baed2ee2ef322e0f9b8fe8f87fdbe024c7c719", - "reference": "e3baed2ee2ef322e0f9b8fe8f87fdbe024c7c719", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/2bf3d43015d56abac4d002a4d2d6c3a7d6fa627a", + "reference": "2bf3d43015d56abac4d002a4d2d6c3a7d6fa627a", "shasum": "" }, "require": { @@ -1860,7 +1860,7 @@ "description": "PHPStan - PHP Static Analysis Tool", "support": { "issues": "https://github.com/phpstan/phpstan/issues", - "source": "https://github.com/phpstan/phpstan/tree/1.7.1" + "source": "https://github.com/phpstan/phpstan/tree/1.7.8" }, "funding": [ { @@ -1880,7 +1880,7 @@ "type": "tidelift" } ], - "time": "2022-05-24T09:05:09+00:00" + "time": "2022-06-01T13:43:17+00:00" }, { "name": "phpstan/phpstan-deprecation-rules", @@ -2034,22 +2034,22 @@ }, { "name": "phpstan/phpstan-symfony", - "version": "1.1.8", + "version": "1.2.2", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan-symfony.git", - "reference": "4bdffcf1033b6c60662a28419d0192e0dda5684f" + "reference": "30f12aeab960c7f324eee3b39645655cf8a84146" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan-symfony/zipball/4bdffcf1033b6c60662a28419d0192e0dda5684f", - "reference": "4bdffcf1033b6c60662a28419d0192e0dda5684f", + "url": "https://api.github.com/repos/phpstan/phpstan-symfony/zipball/30f12aeab960c7f324eee3b39645655cf8a84146", + "reference": "30f12aeab960c7f324eee3b39645655cf8a84146", "shasum": "" }, "require": { "ext-simplexml": "*", - "php": "^7.1 || ^8.0", - "phpstan/phpstan": "^1.4" + "php": "^7.2 || ^8.0", + "phpstan/phpstan": "^1.6" }, "conflict": { "symfony/framework-bundle": "<3.0" @@ -2073,9 +2073,6 @@ }, "type": "phpstan-extension", "extra": { - "branch-alias": { - "dev-master": "1.0-dev" - }, "phpstan": { "includes": [ "extension.neon", @@ -2102,22 +2099,22 @@ "description": "Symfony Framework extensions and rules for PHPStan", "support": { "issues": "https://github.com/phpstan/phpstan-symfony/issues", - "source": "https://github.com/phpstan/phpstan-symfony/tree/1.1.8" + "source": "https://github.com/phpstan/phpstan-symfony/tree/1.2.2" }, - "time": "2022-03-24T07:56:03+00:00" + "time": "2022-05-28T15:18:51+00:00" }, { "name": "symfony/phpunit-bridge", - "version": "v6.0.8", + "version": "v6.1.0", "source": { "type": "git", "url": "https://github.com/symfony/phpunit-bridge.git", - "reference": "4959a1eedd473bdb3f19db5b1525d5415dfab471" + "reference": "092ccc3b364925cd8ed6046bc31dcf3a022bd5a4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/phpunit-bridge/zipball/4959a1eedd473bdb3f19db5b1525d5415dfab471", - "reference": "4959a1eedd473bdb3f19db5b1525d5415dfab471", + "url": "https://api.github.com/repos/symfony/phpunit-bridge/zipball/092ccc3b364925cd8ed6046bc31dcf3a022bd5a4", + "reference": "092ccc3b364925cd8ed6046bc31dcf3a022bd5a4", "shasum": "" }, "require": { @@ -2171,7 +2168,7 @@ "description": "Provides utilities for PHPUnit, especially user deprecation notices management", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/phpunit-bridge/tree/v6.0.8" + "source": "https://github.com/symfony/phpunit-bridge/tree/v6.1.0" }, "funding": [ { @@ -2187,7 +2184,7 @@ "type": "tidelift" } ], - "time": "2022-04-12T16:11:42+00:00" + "time": "2022-04-12T16:22:53+00:00" } ], "aliases": [], From 932aa4b8a753fce11233297baa3d23835324d08c Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Wed, 1 Jun 2022 21:57:09 +0200 Subject: [PATCH 6/8] Update changelog --- CHANGELOG.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 21f52c39e..2254fafdf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,16 @@ +### [2.3.6] 2022-06-01 + + * Added `Composer\PHPStan\ConfigReturnTypeExtension` to improve return types of `Config::get()` which you can also use in plugins CI (#10635) + * Fixed name validation regex in schema causing issues with JS IDEs like VS Code (#10811) + * Fixed unnecessary HTTP request in BitbucketDriver (#10729) + * Fixed invalid credentials loop when setting up GitLab token (#10748) + * Fixed PHP 8.2 deprecations (#10766) + * Fixed lock file changes being output even when the lock file creation is disabled + * Fixed race condition when multiple requests asking for auth on the same hostname fired concurrently (#10763) + * Fixed quoting of commas on Windows (#10775) + * Fixed issue installing path repos with a disabled symlink function (#10786) + * Fixed various type errors (#10753, #10739, #10751) + ### [2.3.5] 2022-04-13 * Security: Fixed command injection vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828) @@ -1509,6 +1522,7 @@ * Initial release +[2.3.6]: https://github.com/composer/composer/compare/2.3.5...2.3.6 [2.3.5]: https://github.com/composer/composer/compare/2.3.4...2.3.5 [2.3.4]: https://github.com/composer/composer/compare/2.3.3...2.3.4 [2.3.3]: https://github.com/composer/composer/compare/2.3.2...2.3.3 From 0f43aa1652c447a6bc7c9217ec133313b1d32e72 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Wed, 1 Jun 2022 21:57:13 +0200 Subject: [PATCH 7/8] Release 2.3.6 --- src/Composer/Composer.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Composer/Composer.php b/src/Composer/Composer.php index 93e8c0a6f..b7b8b29fd 100644 --- a/src/Composer/Composer.php +++ b/src/Composer/Composer.php @@ -51,10 +51,10 @@ class Composer extends PartialComposer * * @see getVersion() */ - public const VERSION = '@package_version@'; - public const BRANCH_ALIAS_VERSION = '@package_branch_alias_version@'; - public const RELEASE_DATE = '@release_date@'; - public const SOURCE_VERSION = '2.3.999-dev+source'; + public const VERSION = '2.3.6'; + public const BRANCH_ALIAS_VERSION = ''; + public const RELEASE_DATE = '2022-06-01 21:57:13'; + public const SOURCE_VERSION = ''; /** * Version number of the internal composer-runtime-api package From f58b72a43be171faaf328f938b8af4faf499dc69 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Wed, 1 Jun 2022 21:57:14 +0200 Subject: [PATCH 8/8] Reverting release version changes --- src/Composer/Composer.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Composer/Composer.php b/src/Composer/Composer.php index b7b8b29fd..93e8c0a6f 100644 --- a/src/Composer/Composer.php +++ b/src/Composer/Composer.php @@ -51,10 +51,10 @@ class Composer extends PartialComposer * * @see getVersion() */ - public const VERSION = '2.3.6'; - public const BRANCH_ALIAS_VERSION = ''; - public const RELEASE_DATE = '2022-06-01 21:57:13'; - public const SOURCE_VERSION = ''; + public const VERSION = '@package_version@'; + public const BRANCH_ALIAS_VERSION = '@package_branch_alias_version@'; + public const RELEASE_DATE = '@release_date@'; + public const SOURCE_VERSION = '2.3.999-dev+source'; /** * Version number of the internal composer-runtime-api package