8ac4b649c3
Merge remote-tracking branch 'gerryvdm/master'
...
Conflicts:
src/Composer/Command/ShowCommand.php
2013-02-19 11:42:15 +01:00
c1a4e5d43b
Add curl -sS everywhere
2013-02-18 17:56:13 +01:00
e348642aa7
Fix json manipulator handling of escaped backslashes, fixes #1588
2013-02-18 17:27:43 +01:00
2e12993c9c
Make selfupdate use ssl when possible
2013-02-15 23:55:20 +01:00
d4fb7bd251
Substract 1char from the width to avoid blank lines in the output on windows
2013-02-15 14:23:08 +01:00
211ca0c826
Merge remote-tracking branch 'KingCrunch/pretty-show'
2013-02-15 14:19:35 +01:00
c55c9e4e8d
Use strtr instead of str_replace
2013-02-15 12:54:33 +01:00
b5c7d97e8c
Pretty "show"-command
2013-02-15 12:17:39 +01:00
a8a99cee24
Fix RepositorySecurityException class name
2013-02-15 09:52:31 +01:00
a2525c8fbe
Replace backslashes in Window directories for config --list
2013-02-14 23:12:24 +00:00
59f8be3b92
Throw Exception on broken signature
...
This is related to issue #1562
With a fresh installation of Composer I had the following message:
> The contents of https://packagist.org/p/providers-latest.json do not
match its signature, this is most likely due to a temporary glitch but
could indicate a man-in-the-middle attack.
> Try running composer again and please report it if it still persists.
This was *probably* a temporary glitch, as the error did not appear
again, even after a full reinstallation of all packages.
*However* Composer had no way to differentiate a man-in-the-middle
attack and a temporary glitch. The installation / update did continue
despite the problem and files where installed / updates with no easy
rollback. These files may have been corrupted with malicious code and I
have no way to check they don't.
This is a *serious* security issue.
The code in [ComposerRepository line
434](https://github.com/composer/composer/blob/master/src/Composer/Repos
itory/ComposerRepository.php#L434) states
```php
// TODO throw SecurityException and abort once we are sure this can not
happen accidentally
````
Even if the broken signature may happen in accidentally in a standard
process, if it may be a security issue, we have to abort the procedure,
or at least ask for confirmation to the user. If it helps continuing
despite the temporary glitch, it may be possible to add a command line
switch like `--ignore-signature` to force the process to continue.
Proposed :
Send a RepositorySecurityException instead of the warning, even if this
may happen accidentally
2013-02-14 15:53:40 +01:00
5127fe8359
added type check to autoloader fixes #1504
2013-02-14 00:10:18 +01:00
2b36f61596
Use full hash in version information of dev phars, fixes #1502
2013-02-13 14:32:50 +01:00
97dfbefa72
Add support for arbitrary values for the references in version constraints
2013-02-13 13:26:27 +01:00
17a5bdf162
Normalize github URLs generated by the GitHubDriver, fixes #1551
2013-02-13 12:55:14 +01:00
94e99b9c8b
Update docs, config command and schema with all the config values
2013-02-12 11:16:52 +01:00
5165008be7
Merge remote-tracking branch 'pierredup/master'
2013-02-12 10:17:49 +01:00
dd372e7635
Add explicit return
2013-02-12 10:14:44 +01:00
8ab5ef430a
Merge remote-tracking branch 'bamarni/require-command-rollback'
2013-02-12 10:13:29 +01:00
f98f093f7b
Minor code reformatting and error message clarification
2013-02-11 22:55:14 +01:00
8bcb442d2b
Merge remote-tracking branch 'romainneutron/zip-downloader'
2013-02-11 22:53:26 +01:00
1dd7700fc2
Capture output of the rm command
2013-02-11 22:52:06 +01:00
2d40e14985
Try twice to remove a directory on windows because sometimes it fails due to temporary locks
2013-02-11 22:51:24 +01:00
77290069a2
Added option to only show package names
...
Added the --name-only (-N) option to the show command to only list
package names (and exclude version and description).
This is useful to produce a list of package names to be parsed by
a shell script for example (bash completion comes to mind).
2013-02-11 16:13:43 +01:00
2552f4c65e
Added option to only show available packages
...
Added the --available (-a) option to the show command to only list
the available packages, similar to the --installed and --platform
options.
Additionally changed the output formatting when limiting the
package result to remove the hierarchy when only one type is being
showed. This facilitates parsing of a list of packages (for example
for shell scripting and completion).
2013-02-11 16:05:13 +01:00
908d2d91da
Fix case insensitive matching
2013-02-11 11:52:50 +01:00
432955e0ae
Fix github url escaping, raw.github.com doesnt like escaped slashes
2013-02-11 09:34:50 +01:00
ae9a001053
RequireCommand - check if composer.json is writable
2013-02-02 10:49:32 +01:00
99e4173b3d
RequireCommand - rollback if it fails ( fixes #1469 )
2013-02-01 10:24:05 +01:00
72d4bea89e
Change strategy for ZipDownloader
...
Try to use unzip command-line before ZipArchive as this one does not correctly handle file permissions whereas unzip does.
2013-01-31 10:57:59 +01:00
9219e1ab0a
Simplify ordering of links (there cannot be multiple links to the same target)
2013-01-31 10:19:16 +01:00
704837c574
- Sort links and keywords in ArrayDumper result (fixes issue #1499 )
...
- Adapt ArrayDumperTest
2013-01-31 09:55:19 +01:00
3b2accfb58
Merge pull request #1543 from Slamdunk/minor/mt-rand
...
Switch rand() to mt_rand()
2013-01-30 02:50:42 -08:00
49c839d780
Fix cache blasting on nix
2013-01-30 11:19:16 +01:00
470adc47df
Switched rand() to mt_rand()
2013-01-30 10:44:07 +01:00
ff1cf15cb4
Fix unlink(folder) failure on Windows using removeDirectory()
2013-01-28 15:38:50 +00:00
46f5c53521
Merge pull request #1530 from pborreli/typos
...
Fixed typos
2013-01-27 02:06:30 -08:00
86defea407
Modify punctuation for outdated dependency message in installer
2013-01-27 03:25:19 +07:00
46bbf83778
Fixed typos
2013-01-26 18:43:01 +00:00
5a4c720535
Add another missing use statement, fixes #1521
2013-01-25 10:22:54 +01:00
1539c54a1d
Merge pull request #1523 from deguif/master
...
Moved setter for repository before getter in BasePackage class
2013-01-25 01:19:31 -08:00
958ffd8e8b
Add missing use statement, fixes #1521
2013-01-25 10:16:53 +01:00
3c21dc1499
Moved setter before getter and added @inheritDoc
2013-01-24 13:04:37 +01:00
8904888a74
Add php-64bit package if the php version has 64bit ints, fixes #1506 , fixes #1511
2013-01-23 15:55:48 +01:00
5bac9ffaaa
Merge remote-tracking branch 'xrstf/mercurial-support'
2013-01-23 15:47:51 +01:00
1b5229dc04
Fixed phpdoc
2013-01-23 11:24:20 +01:00
c84d3d5937
replicate the git behvaiour to resolve a feature's version for mercurial
2013-01-23 04:53:57 +01:00
d84484b49d
added hg support for Package\Locker
2013-01-23 04:37:02 +01:00
c7c55915f8
do not output the xcopy summary
2013-01-21 00:52:56 +01:00
e33aebc75d
Fix cs
2013-01-17 17:15:22 +01:00
1bd01a8b0b
Merge remote-tracking branch 'joeholdcroft/autoload-namespace-prepend'
2013-01-17 17:14:27 +01:00
7d5e4f76fb
Bug fix & changing loop + array_unshift to array_merge
2013-01-17 14:12:03 +00:00
a7c950cddd
Add support for github-oauth in config command
2013-01-16 16:19:22 +01:00
91ca7d7493
Make use-include-path default to false
2013-01-14 13:09:51 +02:00
84b34b70e0
Add config option to set if the PHP include path should automatically be used when generating the autoloader
2013-01-14 11:15:06 +02:00
dea4bdf8f0
Expand {} into a new line before manipulating json, fixes #1481
2013-01-13 17:06:35 +01:00
cea4c05021
Fix parsing of ~ version constraint with unstable versions, fixes #1476
2013-01-13 16:36:40 +01:00
24611ec919
Add newline because JsonManipulator does not expand {}
2013-01-13 16:02:50 +01:00
a48675005b
Implicitly create composer.json in require command
...
This allows shorteninig install instructions if you do not want to use init
(because it is interactive) and you do not want to use create-project (there
is no skeleton, or you do not want to use a skeleton).
2013-01-13 15:57:03 +01:00
a18db058d5
Fix typo
2013-01-11 16:36:03 +01:00
ee1691f799
Also try authenticating on github for 403 responses
2013-01-11 16:27:33 +01:00
f627c3c603
Make Event devMode argument optional (false by default).
2013-01-10 18:12:46 +01:00
e5cbf83185
Added post-autoload-dump script event.
2013-01-10 15:04:20 +01:00
b51a4a7854
Improve depends output, fixes #1459
2013-01-08 17:38:27 +01:00
c80cb76b9b
Always prepend autoloaders to avoid tools (i.e. phpunit) taking precedence over the project autoloader
2013-01-08 17:34:37 +01:00
1356021cb9
Remove installation-source from lock file, fixes #1464
2013-01-08 13:54:25 +01:00
2e19d67aec
allow K/KB as well as KiB for cache size configuration
2013-01-05 20:02:51 +01:00
514a3cde77
CS fixes
2013-01-05 20:01:58 +01:00
6ce285b70c
Merge remote-tracking branch 'galymzhan/add-cache-files-maxsize'
2013-01-05 19:51:54 +01:00
1a98d9f705
Only inject logo in help page and not in the app name
2013-01-05 18:33:29 +01:00
cd12df5c1f
Merge remote-tracking branch 'romainneutron/ascii-art'
2013-01-05 18:20:51 +01:00
4c35f54356
Simplify regex pattern
2013-01-05 18:04:57 +01:00
fcac93b3f1
Fixed InitCommand::addVendorIgnore
2013-01-02 11:02:32 +01:00
ce4a015579
Add a composer ascii-art logo
2012-12-28 20:24:21 +01:00
1beccf9f0f
Fix access of the static loader property
2012-12-25 16:08:36 +01:00
64ca297f97
Autoload dev packages as well for script execution, refs #1430
2012-12-19 10:50:56 +01:00
45d7eb5b53
Fixed generating packageMap in AutoloaderGenerater (fixes generating include_paths.php file)
2012-12-17 11:13:07 +01:00
219b489d01
add size-based limit for files cache, fixes #1321
2012-12-17 01:19:16 +06:00
69f2230a4c
add public method Filesystem#size
2012-12-17 01:04:39 +06:00
321065b124
Merge remote-tracking branch 'hason/autoloader'
2012-12-16 18:15:52 +01:00
247b02d077
Fix minimum-stability handling in InitCommand, fixes #1421
2012-12-15 18:35:32 +01:00
03e355f063
Fixed topological sorting of packages in AutoloadGenerator
2012-12-14 15:21:40 +01:00
51eca2cdfc
Fix matching of classes in trailing non-php text, fixes #1409
2012-12-13 17:39:17 +01:00
6bb1b4ae78
Fix regex delimiters, refs #1419
2012-12-13 16:54:38 +01:00
b34e8554d2
Output info about downloads even with --no-progress and show when reading from cache, refs #1410
2012-12-13 16:54:05 +01:00
b8ca4e1af9
Merge remote-tracking branch 'galymzhan/add-noprogress'
2012-12-13 16:47:19 +01:00
b8da471f9a
Clarify transport exception for 403s, fixes #1416
2012-12-13 15:40:47 +01:00
5fd19f63dd
CS fixes, refs #1419
2012-12-13 15:37:11 +01:00
e264282ac7
Allowed only * wildcard
2012-12-13 14:06:06 +00:00
159badb06b
Add ability to use a Regexp when updating packages
2012-12-13 12:24:42 +00:00
47442b6e39
change parameter order to preserve BC
2012-12-12 11:02:52 +06:00
f59181d7d5
add support for --no-progress, fixes #621
2012-12-11 20:30:09 +06:00
aefe3a0b11
Add support for .inc files in classmap, fixes #1396
2012-12-08 21:54:51 +01:00
0b94fd209a
Warn users if github tokens contain invalid chars
2012-12-08 21:45:43 +01:00
23d45f67c1
Fix config merging for arrays
2012-12-08 21:45:21 +01:00
9b2e3766c0
Show reference as well in show command overview
2012-12-08 21:03:32 +01:00
e7f4768668
Only ask for gitignore if the current dir is a git repo, fixes composer/satis#44
2012-12-08 17:47:44 +01:00
5b24a48827
Allow disabling svn branches/tags, fixes composer/satis#43
2012-12-08 17:41:46 +01:00
7d7eb3b2e8
Fix shell command output, fixes #1295
2012-12-06 09:56:27 +01:00
04c6670f0c
Detect invalid ssh URLs, fixes #1124
2012-12-05 23:23:01 +01:00
Jordi Boggiano