c1b9b082a4
Break early when a provider name is matched
2016-01-20 01:29:32 -05:00
a13b06725e
Add support for if-modified-since on lazy repos and turning packagist into a lazy provider repo
2016-01-18 14:03:10 +00:00
1d08f83976
Only clone if needed
2016-01-18 12:29:14 +00:00
33c123e8c2
Fix passing of options to remotefilesystem in composer repo
2016-01-18 12:28:03 +00:00
876f143418
Forward repo options correctly to the RemoteFilesystem even if we get one injected, fixes #4786
2016-01-18 10:50:49 +00:00
c1cc6bfecf
Avoid doing too many loads of the remotefilesystem
2016-01-10 20:06:10 +00:00
5d015defb8
Merge remote-tracking branch 'origin/master' into tls-config
2016-01-10 16:10:22 +00:00
feefd51565
Fix custom installer example, fixes #4648
2015-12-03 16:17:58 +00:00
5b748eda6c
Allows repositories to implement ConfigurableRepositoryInterface and thus provide getRepoConfigmethod
2015-11-23 23:18:24 +01:00
ce08582671
Fix CS
2015-09-28 10:53:24 +01:00
c41079192f
Merge pull request #4454 from alcohol/urlencode-urls-only
...
only urlencode $ if filename is not local
2015-09-28 10:38:16 +01:00
b219abe8f6
@seldaek damn your assignment in expression
2015-09-28 10:59:26 +02:00
e491b72a8c
only urlencode $ if filename is not local
2015-09-28 10:39:36 +02:00
a1427d7fd6
replace all occurences in code and comments
2015-09-24 16:32:36 +02:00
ed95448523
URL-encode dollar signs to work around bad proxy failures
2015-09-20 18:26:23 +01:00
eac5fbdee4
Fix: Remove unused imports
2015-06-28 23:20:54 -04:00
801a7fcd0a
Add support for constraints and not just exact versions in RepositoryInterface::findPackage/s
2015-06-18 17:44:58 +01:00
75c501251d
Revert "Merge remote-tracking branch 'naderman/load-no-providers'"
...
This reverts commit 3e85f82373b025d0982b
2015-06-18 15:40:27 +02:00
3e85f82373
Merge remote-tracking branch 'naderman/load-no-providers'
2015-06-18 11:32:37 +01:00
c471edc488
Also downgrade provider access and others
2015-06-11 11:22:19 +01:00
8b28d4bc82
Optimisation: Composer repo version listings are index by package name
2015-06-08 18:50:15 +02:00
65243ca392
Move methods for PR readability and fix phpdoc
2015-06-08 18:45:03 +02:00
63e96a41f8
Add proper docblocks in composer repo
2015-05-05 20:30:57 +02:00
aa7d145dd0
PHP 5.3 compatible function invokation
2015-05-05 20:24:04 +02:00
ec5416f03c
loadDev parameter is nonsense, properly load packages in create command
2015-05-05 19:58:03 +02:00
b99c03ea04
Entirely remove whatProvides from Composer repository
2015-05-05 19:28:15 +02:00
090711b21c
Completely move loading of packages from composer repo to pool
2015-05-05 19:08:33 +02:00
9b9ad9d0fe
Remove dead code paths and use exceptions instead of die
2015-05-04 17:34:41 +02:00
65f69c4227
Remove debug output
2015-05-04 17:28:03 +02:00
4d0db5add6
POC Implementation of loading only explicitly named package data
2015-05-04 17:25:55 +02:00
cb336a5416
Implement writeError throughout Composer
2015-02-25 11:00:35 +01:00
8b46880f42
Avoid failing on composer show of lazy providers
2015-01-31 21:24:50 +00:00
19e24c5804
Merge branch 'master' into tls-config
...
Conflicts:
.travis.yml
doc/03-cli.md
src/Composer/Command/ConfigCommand.php
src/Composer/Command/CreateProjectCommand.php
src/Composer/Command/DiagnoseCommand.php
src/Composer/Command/InstallCommand.php
src/Composer/Command/RequireCommand.php
src/Composer/Command/SelfUpdateCommand.php
src/Composer/Command/ShowCommand.php
src/Composer/Command/UpdateCommand.php
src/Composer/Config.php
src/Composer/Downloader/FileDownloader.php
src/Composer/Factory.php
src/Composer/Repository/ComposerRepository.php
src/Composer/Repository/PearRepository.php
src/Composer/Repository/Vcs/VcsDriver.php
src/Composer/Util/GitHub.php
src/Composer/Util/RemoteFilesystem.php
2015-01-29 20:31:56 +00:00
45089a6771
[Minor] remove the unused private variables
2014-12-28 00:45:27 +01:00
3ff8bcffea
Allow loading of real composer repos by local path, fixes #1899
2014-12-08 22:04:10 +00:00
89bd9be295
This entirely removes StreamableRepositories and minimal package arrays
2014-11-20 17:23:51 +01:00
9751e1ab58
Remove unnecessary collection of names which isn't used
2014-11-20 12:54:56 +01:00
f8fae61b05
Add fallback for findPackage(s) for repo without provider
...
This was introcuced in a4d43ee860
2014-10-17 09:10:47 +02:00
ac497feaba
CS fixes
2014-06-10 16:13:12 +02:00
d036b2390e
Load root aliases for providers by package name and not by provider name, fixes #3043
2014-06-09 19:36:06 +02:00
58d01b2c6e
Merge pull request #2988 from tristanlins/feature/composer-repository-find-packages
...
ComposerRepository::findPackage[s]
2014-06-05 10:55:27 +02:00
0c343f925a
Clarify code
2014-05-14 11:25:20 +02:00
a4d43ee860
Implement ComposerRepository::findPackage and ComposerRepository::findPackages.
2014-05-13 23:54:48 +02:00
2a7a954f62
Handle multiple urls in package transport options
2014-05-07 19:34:46 +02:00
b6981d09e8
Fix handling of origin url in composer repository class
2014-05-07 19:34:43 +02:00
31b787249c
More fixes to mirror support
2014-05-07 19:34:40 +02:00
44e45ed2d5
Add support for lazy providers/proxies
2014-05-07 19:34:36 +02:00
77163f66fc
Add support for mirrors in composer repos
2014-05-07 19:34:35 +02:00
faeb706de6
Handle alias packages properly, refs #2189
2014-05-07 19:10:55 +02:00
32cd883daa
Rename options to transport-options, refs #2189
2014-05-07 18:25:28 +02:00
016a016455
Merge remote-tracking branch 'lcobucci/master'
...
Conflicts:
src/Composer/Downloader/FileDownloader.php
2014-05-07 18:02:46 +02:00
b437c1cc05
Support github auth directly in the RemoteFilesystem class
2014-04-11 14:29:17 +02:00
306ba77e93
Implement the RemoteFilesystem Factory everywhere...
...
- also fixes impacted test
2014-03-01 17:01:44 +00:00
0f2c0ab389
Merge remote-tracking branch 'upstream/master'
...
Conflicts:
src/Composer/Downloader/FileDownloader.php
2013-12-29 00:37:08 +00:00
fbadc19bf6
Add preFileDownload event on package.json fetch
2013-11-19 17:45:28 +01:00
f538acc4b0
added support for file:// url to repository
...
file:// is valid url even if it does not define a host.
allows to define a repo like this (local directory generated with
composer/satis):
```json
{
"repositories": [ { "type": "composer", "url": "file:///home/cebe/dev/jescali/xeno-core/core/repo" } ],
"require": {
...
}
}
```
2013-10-30 17:46:35 +01:00
0b77a59af6
Repository options must be replicated on package when dist file is under
...
repository base dir
2013-08-19 04:40:54 -03:00
3f2b9b4d4b
Avoid overwriting notification-url
2013-05-16 02:27:11 +02:00
4b26c627ff
Retry file downloads 3 times before giving up in case of basic network failure
2013-05-03 12:29:54 +02:00
a7e88f7a80
Unfold aliases in streamable repos since aliases are already loaded by the pool, refs #1346 , fixes #1851
2013-05-02 17:43:45 +02:00
753a8345cb
Added support for the alias of an aliased package
2013-04-11 13:20:34 +02:00
d38eb244fa
Add PlatformRepository::PLATFORM_PACKAGE_REGEX to remove duplication
2013-04-06 22:26:10 +02:00
2b385cbe58
Fix dependency flags not applying to provides/replaces, fixes #1771
2013-04-04 17:41:01 +02:00
41392ace56
Check that a repo has no providers when getPackages is called to catch any mis-use
2013-03-10 13:40:54 +01:00
be861f090a
Remove filterPackages and add RepositoryInterface::search, refactor all commands to use new methods and remove all usage of the full package list for Composer repositories that support providers, fixes #1646
2013-03-10 13:40:52 +01:00
095852933e
Remove code duplication, add support for searchUrl
2013-03-10 13:40:50 +01:00
573b7a0fb7
Only downgrade providers but not the notification url
2013-02-27 13:32:21 +01:00
d4c9a9004a
Add support for the hashed provider includes
2013-02-21 18:51:22 +01:00
2c4c5dd764
Fail hard only after 3 failed attempts
2013-02-21 18:18:04 +01:00
b750e70f5f
Abort execution when a RepositorySecurityException is thrown
2013-02-21 17:41:38 +01:00
995dc40130
Make packagist downgrade out of ssl after fetching the main file, since the other files can be verified via sha256
2013-02-21 17:37:18 +01:00
211b69b38b
Adjust exception message
2013-02-21 17:07:53 +01:00
b59489f6ae
Merge remote-tracking branch 'edas/exception-on-broken-signature'
2013-02-21 17:04:41 +01:00
9521d1e7ad
Make use of new hashed provider filenames, fixes #1431 , refs composer/packagist#283
2013-02-21 16:50:04 +01:00
59f8be3b92
Throw Exception on broken signature
...
This is related to issue #1562
With a fresh installation of Composer I had the following message:
> The contents of https://packagist.org/p/providers-latest.json do not
match its signature, this is most likely due to a temporary glitch but
could indicate a man-in-the-middle attack.
> Try running composer again and please report it if it still persists.
This was *probably* a temporary glitch, as the error did not appear
again, even after a full reinstallation of all packages.
*However* Composer had no way to differentiate a man-in-the-middle
attack and a temporary glitch. The installation / update did continue
despite the problem and files where installed / updates with no easy
rollback. These files may have been corrupted with malicious code and I
have no way to check they don't.
This is a *serious* security issue.
The code in [ComposerRepository line
434](https://github.com/composer/composer/blob/master/src/Composer/Repos
itory/ComposerRepository.php#L434) states
```php
// TODO throw SecurityException and abort once we are sure this can not
happen accidentally
````
Even if the broken signature may happen in accidentally in a standard
process, if it may be a security issue, we have to abort the procedure,
or at least ask for confirmation to the user. If it helps continuing
despite the temporary glitch, it may be possible to add a command line
switch like `--ignore-signature` to force the process to continue.
Proposed :
Send a RepositorySecurityException instead of the warning, even if this
may happen accidentally
2013-02-14 15:53:40 +01:00
a8f74a0983
Allow notification from locked installs, fixes #1368 , fixes #1372 , fixes #1369
2012-11-29 09:24:28 +01:00
e868c9706b
Add support for batch notifications
2012-11-28 18:44:49 +01:00
15475f0ef2
Rename cache dirs to consolidate them by purpose
2012-11-23 00:15:14 +01:00
cbd91b5952
Fix FILTER_VALIDATE_URL not supporting IDNs
2012-11-05 15:39:43 +01:00
45c1c3f881
Fixed package name for stability test in ComposerRepository
2012-10-30 22:20:49 +01:00
b10c832be0
fixed a typo
2012-10-28 09:57:42 +01:00
125ff3e4f5
Fix root aliasing with new providers repo format
2012-10-24 16:11:32 +02:00
ad9f887edd
Clarify error message to sound less scary until we can guarantee it
2012-10-23 10:53:17 +02:00
9ed481ef02
Fix handling of legacy Composer repositories
2012-10-22 21:40:32 +01:00
e887f6cea9
Fix CS
2012-10-22 20:25:11 +02:00
89d4df990a
Use JsonFile to decode cached entries
2012-10-22 17:56:30 +02:00
fef3dacdfb
Reset ids of aliased packages as well
2012-10-22 14:28:55 +02:00
338127ff9c
Disable failure on hash mismatch until it can be proven to work reliably
2012-10-21 16:10:47 +02:00
5978197b5d
Reset package IDs before they can be used in the pool in case there are already some in the cache
2012-10-18 12:57:55 +02:00
541bcabbc0
Actually check the hash after downloading
2012-10-15 14:37:27 +02:00
07f72e9fb6
Add support for provider listings
2012-10-14 16:33:53 +02:00
a3f9accd37
Fix various dumb issues
2012-10-13 18:54:48 +02:00
aafc1f7857
Make sure alias package have a repo instance set
2012-10-13 17:19:06 +02:00
41c7432fef
Do not fetch from repo for packages that obviously can not be there
2012-10-13 17:18:47 +02:00
c0e5736ae7
Add support for one-file-per-provider composer repositories
2012-10-12 18:24:26 +02:00
116b822953
Fix loop and add missing options
2012-10-11 21:35:51 +02:00
1d80720405
Add retries and failover of all jsons to cache even if the main one worked
2012-10-11 21:26:11 +02:00
fb296972ef
Enable https for packagist when possible
2012-10-11 20:57:31 +02:00
6cf860669f
Add repository stream context options
...
Add support for passing stream context options to the
StreamContextFactory. This allows support for SSH keyfiles, SSL
certificates and much more. Example:
{
"repositories": [
{
"type": "composer",
"url": "ssh2.sftp://host:22/path/to/packages.json",
"options": {
"ssh2": {
"username": "composer",
"pubkey_file": "/path/to/composer.key.pub",
"privkey_file": "/path/to/composer.key"
}
}
}
]
}
2012-10-03 14:49:41 +02:00
4799053ca9
Allow dot in URL scheme
...
This makes it possible to support SSH2 urls, like ssh2.scp://
See: http://www.php.net/manual/en/wrappers.ssh2.php
2012-10-03 10:50:02 +02:00
Stephen Beemsterboer