Jordi Boggiano
|
e3c46cb2b2
|
Audit locked packages if update is called with --no-install, fixes #10894
|
2022-06-22 16:36:54 +02:00 |
Jordi Boggiano
|
611b215896
|
Fix PHPStan issues and a couple minor bugs in audit functionality, refs #10798
|
2022-06-22 15:39:51 +02:00 |
Guy Sartorelli
|
d93239ddd9
|
Add audit command to check for security issues (#10798)
Closes #10329
|
2022-06-22 15:15:01 +02:00 |
Mathias Reker ⚡️
|
d17c724f23
|
Php unit dedicate assert (#10881)
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
|
2022-06-22 14:20:08 +02:00 |
Mathias Reker ⚡️
|
4131f7cf4c
|
Static lambda (#10854)
Lambdas not (indirect) referencing $this must be declared static.
|
2022-06-22 14:19:18 +02:00 |
Jordi Boggiano
|
ef276d26d6
|
Add upcoming fixes, refs #10871
|
2022-06-22 14:02:22 +02:00 |
Jordi Boggiano
|
b627816781
|
Merge branch '2.3' into main
|
2022-06-22 13:49:30 +02:00 |
Jordi Boggiano
|
30a8b82b15
|
Merge branch '2.2' into 2.3
|
2022-06-22 13:49:11 +02:00 |
immeëmosol
|
bbcadcb35e
|
Hint at improved merge conflict resolving (#10840)
|
2022-06-22 13:47:15 +02:00 |
Marek Stipek
|
690ab5166a
|
Ignoring passed arguments for @putenv, closes #10846
|
2022-06-22 13:40:35 +02:00 |
Jordi Boggiano
|
5730c24c92
|
Rethrow path repo init failures with path information, closes #10845
|
2022-06-22 13:30:39 +02:00 |
Jordi Boggiano
|
d132b9e6fd
|
Fixup
|
2022-06-22 13:11:28 +02:00 |
Jordi Boggiano
|
53680afb85
|
Merge branch '2.3' into main
|
2022-06-22 13:09:06 +02:00 |
Jordi Boggiano
|
81043c5691
|
Add git version to diagnose command, and warn if <2.24, closes #10832
|
2022-06-22 13:05:35 +02:00 |
anzago
|
567423e9f7
|
Removed blank line in missing extensions hint when having no php.ini loaded file (#10839)
|
2022-06-22 12:29:36 +02:00 |
Jordi Boggiano
|
bad3eb2cd9
|
Update deps, update baseline (1958, 103)
|
2022-06-22 09:49:09 +02:00 |
Jordi Boggiano
|
16ee2e479f
|
Merge branch '2.2' into 2.3
|
2022-06-22 09:16:23 +02:00 |
Jordi Boggiano
|
5c68c2c86d
|
Fix case where branches cannot be listed in GitDownloader, fixes #10888
|
2022-06-22 08:50:55 +02:00 |
naveen
|
14476ec2a6
|
chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
|
2022-06-22 08:18:22 +02:00 |
Jordi Boggiano
|
b025971bb8
|
Add missing strict type decl, closes #10863
|
2022-06-22 08:17:18 +02:00 |
Mathias Reker ⚡️
|
279b518518
|
No useless sprintf (#10878)
There must be no sprintf calls with only the first argument.
|
2022-06-21 21:19:09 +02:00 |
Mathias Reker ⚡️
|
4714fd5a7b
|
No useless return (#10877)
There should not be an empty return statement at the end of a function.
|
2022-06-21 21:17:47 +02:00 |
Mathias Reker ⚡️
|
805b7f12f9
|
No alias functions (#10864)
Primary functions shall be used instead of aliases.
|
2022-06-21 21:16:04 +02:00 |
Jordi Boggiano
|
e8530699c3
|
Add --strict-psr flag to dump-autoload to fail the process if psr violations were detected, fixes #10241 (#10886)
|
2022-06-20 13:57:20 +02:00 |
Jordi Boggiano
|
c2046566fc
|
Merge pull request #10885 from Seldaek/classmapgen
Make use of composer/class-map-generator and deprecate ClassMapGenerator class
|
2022-06-20 13:47:26 +02:00 |
Jordi Boggiano
|
3a945ac70f
|
Delete ClassMapGenerator tests which are not needed anymore
|
2022-06-19 14:08:02 +02:00 |
Jordi Boggiano
|
7d4d941392
|
Make use of new composer/class-map-generator package and build up BC layer
|
2022-06-19 14:02:24 +02:00 |
Ayesh Karunaratne
|
3e844cc48f
|
`composer bump` - Fix typo in the warning message (#10841)
Change warning text 'Alternatively you can use --dev-only to only bump dependencies within "require-dev"'
that said `--dev` instead of `--dev-only`.
|
2022-06-12 21:44:03 +02:00 |
Chris Reed
|
03fbcdbf07
|
Fix exported path with space in binary installer proxy (#10836)
|
2022-06-10 21:56:11 +02:00 |
Jordi Boggiano
|
6186d0c1d5
|
Add --gc flag to cache-cache command and ability to GC vcs/repo caches, fixes #7834 (#10826)
|
2022-06-09 11:46:00 +02:00 |
Jordi Boggiano
|
0fd845eeaf
|
Add --major-only flag to outdated/show commands to restrict the list to packages with major updates available, fixes #10439 (#10827)
|
2022-06-09 11:45:32 +02:00 |
Jordi Boggiano
|
70f2dd6edd
|
Add bump command to bump requirements to the currently installed version, fixes #7273 (#10829)
|
2022-06-09 11:43:59 +02:00 |
Jordi Boggiano
|
73fd0f22e8
|
Fix phpstan 8.1 build
|
2022-06-08 20:03:59 +02:00 |
Jordi Boggiano
|
203ec4b485
|
Update baseline (1947, 103)
|
2022-06-08 15:07:38 +02:00 |
Jordi Boggiano
|
e9b44b4499
|
Document files autoloading order, fixes #10509
|
2022-06-07 15:27:54 +02:00 |
Carsten Brandt
|
7cf3b01631
|
Added documentation about HTTP Bearer Auth (#10780)
Bearer Auth has been added here:
- 548505f103
- f964b83018
- #8671
- #8642
but it was not documented in this file.
|
2022-06-07 14:04:04 +02:00 |
Jordi Boggiano
|
ab1de96fcb
|
Do not verify rate limit OK as part of test as these might randomly fail
|
2022-06-06 17:01:31 +02:00 |
Jordi Boggiano
|
367012513d
|
Merge branch '2.3' into main
|
2022-06-06 16:49:52 +02:00 |
Jordi Boggiano
|
b39608753b
|
Reverting release version changes
|
2022-06-06 16:43:28 +02:00 |
Jordi Boggiano
|
10cd375cf8
|
Release 2.3.7
|
2022-06-06 16:43:28 +02:00 |
Jordi Boggiano
|
e6d061c682
|
Update hash
|
2022-06-06 16:43:22 +02:00 |
Jordi Boggiano
|
a33f658596
|
Update changelog
|
2022-06-06 16:42:31 +02:00 |
Markus Staab
|
ab9e18027e
|
plugins: mention static analysis support (#10812)
|
2022-06-06 16:42:24 +02:00 |
Jordi Boggiano
|
cb76394800
|
Merge branch '2.2' into 2.3
|
2022-06-06 16:34:34 +02:00 |
Jordi Boggiano
|
ba2ce37cd9
|
Reverting release version changes
|
2022-06-06 16:32:51 +02:00 |
Jordi Boggiano
|
8c7a2d200b
|
Release 2.2.14
|
2022-06-06 16:32:50 +02:00 |
Jordi Boggiano
|
7cb994fade
|
Update changelog
|
2022-06-06 16:32:44 +02:00 |
Stephan Jorek
|
fbc85dede8
|
allow chained proxy-binary php-inclusions (#10823)
* allow chained proxy-binary php-inclusion by skipping redundant “phpvfscomposer” stream-wrapper registration
|
2022-06-06 16:14:54 +02:00 |
Jordi Boggiano
|
e3527ea37f
|
Detect broken symlinks when checking for a package's presence, fixes #6708
|
2022-06-06 15:22:49 +02:00 |
Jordi Boggiano
|
a76a1c9fc2
|
Fix parsing of multi-line arrays in funding yml, fixes #10784
|
2022-06-06 14:49:37 +02:00 |