0e7d519958
feat: Detect containerd runtime and allow root execution ( #12299 )
...
Composer now permits running as root when the container runtime is containerd,
aligning with existing behavior for Docker and Podman.
2025-02-19 14:54:03 +01:00
bc4bc7340f
Add warning for extra awareness about dangers of requiring anything, fixes #12312 ( #12319 )
2025-02-19 14:50:19 +01:00
da63c30330
Update deps, fix build
2025-02-18 15:22:47 +01:00
a73b127dda
fix: RootPackageLoader.php constructor creates unusable fallback instance of VersionGuesser ( #12305 )
2025-02-18 14:25:25 +01:00
e58aad45b5
fix typo ( #12298 )
2025-02-06 14:00:23 +01:00
b70b6bd070
Remove superfluous override- prefix from download-url-method ( #12297 )
2025-02-05 11:20:56 +01:00
103041802c
Added override-download-url-method directive for php-ext ( #12296 )
2025-02-05 11:00:15 +01:00
6308749a61
Merge pull request #12290 from glaubinix/skip-scripts-for-certain-events
...
Scripts: add ENV variable to skip script execution for certain event names
2025-02-03 16:39:21 +01:00
62bf82a4f7
Merge pull request #12289 from syssi/feature/introduce-new-envs
...
Introduce COMPOSER_{,ALL_}WITH_DEPENDENCIES env var
2025-02-03 16:38:53 +01:00
6ba63dd29c
Add hint when avast is detected and we get a curl error 60, refs #9894
2025-02-03 11:34:02 +01:00
4f4b43badb
Extend input option descriptions
2025-01-27 17:45:41 +01:00
9d2897b850
Introduce COMPOSER_WITH_DEPENDENCIES and COMPOSER_WITH_ALL_DEPENDENCIES env var
2025-01-27 17:22:40 +01:00
ddda2ff0a2
Remove dependabot labels
2025-01-22 10:06:06 +01:00
9d68f67091
Update phpstan
2025-01-22 09:55:30 +01:00
465364d754
Update issue template
2025-01-22 09:47:27 +01:00
6d03fad8a5
Reverting release version changes
2025-01-21 15:23:40 +01:00
ae208dc1e1
Release 2.8.5
2025-01-21 15:23:40 +01:00
a0fa616355
Update changelog
2025-01-21 15:23:36 +01:00
885dd9b3ec
Update deps
2025-01-21 15:15:56 +01:00
30e5825c68
Merge pull request #12266 from Seldaek/copy_src_to_dist_ref
...
Copy source ref to dist ref if a custom dist info is present in non-dist-supporting drivers
2025-01-21 14:41:35 +01:00
0626efaa13
Merge pull request #12269 from Seldaek/fix_installed_regr
...
Fix regression from #12233 in InstalledVersions when reload is used
2025-01-21 13:51:20 +01:00
d2cd6dec2d
Add workaround for InstalledVersion to ensure we always run last version
2025-01-21 13:01:55 +01:00
f12d2f5bb1
Merge pull request #12284 from Seldaek/init_validate_name
...
Sanitize guessed name and vendor name before suggesting it in init command
2025-01-20 15:38:09 +01:00
ee6dc33fd1
Fix regression from #12233 in InstalledVersions when reload is used, fixes #12235
2025-01-20 15:13:43 +01:00
8d8f4e8ab8
Sanitize guessed name and vendor name before suggesting it in init command, fixes #12276
2025-01-20 15:08:15 +01:00
d9a158daa0
Merge pull request #12268 from Seldaek/suppress_dev_hint_on_global
...
Suppress require-dev hint when requiring things globally
2025-01-20 14:33:07 +01:00
34c16ad169
Merge pull request #12231 from ThomasLandauer/patch-1
...
Adding explicit message to `why-not` if package is already installed
2025-01-20 14:30:13 +01:00
149dc40dda
Merge pull request #12283 from Seldaek/fix_cmd_guessing
...
Fix command name parsing to take into account global input options
2025-01-20 14:28:13 +01:00
ade9c766eb
Delete .github/ISSUE_TEMPLATE.md
2025-01-20 14:06:02 +01:00
4871bd729d
Update issue templates
2025-01-20 14:05:30 +01:00
3acb0ca26b
Merge pull request #12273 from eliashaeussler/patch-1
...
Fix URL to GitLab personal access tokens
2025-01-20 11:41:13 +01:00
b1b8d49d36
Fix command name parsing to take into account global input options
...
Fixes #12259
Closes #12275
2025-01-20 11:34:10 +01:00
c0dece23e5
Merge pull request #12271 from jrfnl/feature/vcs-github-expand-funding-tests
...
GitHubDriverTest::testFundingFormat(): expand the tests + fix bug
2025-01-20 09:59:30 +01:00
781ba54ef0
Fix URL to GitLab personal access tokens
2025-01-10 22:50:00 +01:00
2b970652fb
GitHubDriverTest::testFundingFormat(): expand the tests + fix bug
...
Glad that I added some tests as this meant I found a bug in the PR I pulled previously (#12257 ).
The `thanks_dev` key expects a username in the format `u/gh/USERNAME`, but the call to `basename()` was stripping the `u/gh/` part off.
If the use of `basename()` is preferred here, the alternative would be to add `u/gh/` to the default URL prefix for thanks.dev. Let me know if you me to change that.
2025-01-10 17:45:33 +01:00
f5e7a8390d
Merge pull request #12247 from andrewnicols/skipInvalidFormatFundingOnImport
...
Discard unsupported FUNDING.yml URL values
2025-01-10 16:46:38 +01:00
924527cda6
Allow using short form URLs like foo.com if they are very simple
2025-01-10 16:42:50 +01:00
7b261bdf53
Merge branch 'main' into skipInvalidFormatFundingOnImport
2025-01-10 16:34:19 +01:00
2645d080b5
Merge pull request #12257 from jrfnl/feature/vcs-github-funding-support-thanksdev
...
Fix failing Packagist updates / GitHubDriver::getFundingInfo(): add support for thanks.dev and polar.sh
2025-01-10 16:32:39 +01:00
efe91c76e8
Merge pull request #12258 from TimWolla/release-attest-build-provenance
...
Generate build provenance attestation during release
2025-01-10 16:29:15 +01:00
a2fcc1a4db
Merge pull request #12250 from elazar/patch-2
...
Update installer script URL to include openssl_free_key() deprecation fix
2025-01-10 13:40:56 +01:00
4deec0359f
Update installer script URL to include openssl_free_key() deprecation fix
...
If the installer script linked from [this page]([https://getcomposer.org/doc/faqs/how-to-install-composer-programmatically.md ](https://getcomposer.org/doc/faqs/how-to-install-composer-programmatically.md )) is run using PHP 8, it generates the following deprecation notice.
```
Deprecated: Function openssl_free_key() is deprecated since 8.0, as OpenSSLAsymmetricKey objects are freed automatically in Standard input code on line 982
```
This issue was [fixed in the installer script]([composer/getcomposer.org#159 ](https://github.com/composer/getcomposer.org/pull/159 )), but the documentation was not updated to link to the version of it that includes the fix.
2025-01-10 13:40:00 +01:00
c1256a2920
Suppress require-dev hint when requiring things globally, fixes #12253
2025-01-10 09:40:27 +01:00
58e38b111d
Copy source ref to dist ref if a custom dist info is present in non-dist-supporting drivers, fixes #12237
2025-01-10 09:01:18 +01:00
c12edf8034
Merge pull request #12248 from glaubinix/redirect-response-output-warnings
...
Allow redirect responses to output warnings/infos
2025-01-10 08:53:32 +01:00
7b1655bc62
Merge pull request #12263 from Seldaek/autoload_order
...
Fix unstable order of psr-0 and psr-4 rules
2025-01-09 15:07:26 +01:00
7b1e983ce9
Fix unstable order of psr-0 and psr-4 rules
...
Fixes #12090
2025-01-09 14:50:13 +01:00
9d87fd7e8d
Update deps
2025-01-09 14:45:16 +01:00
aa2fd0bb24
Merge pull request #12260 from bilogic/patch-1
...
explicitly state UTC
2025-01-08 15:49:18 +01:00
089972db87
Generate build provenance attestation during release
...
This will simplify secure installation of composer in GitHub Actions to two
calls to `gh` cli with no need to manually import any PGP signing keys:
gh release --repo composer/composer download --pattern composer.phar
gh attestation verify --repo composer/composer composer.phar
Given that the current PGP signing key is stored as a GitHub Action secret,
this type of attestation is no less secure than the existing PGP signing.
2025-01-08 15:46:13 +01:00
Petar Obradović