* github-composer/2.0: (63 commits)
Fix PSR warnings for optimized autoloader, refs #8397, refs #8403
Prepare 1.9.1 changelog
Output a hint that maybe you are not in the right directory, fixes#8404
Fix PSR warnings for optimized autoloader, refs #8397, refs #8403
Fix tests for PSR-fix in optimized autoloader, refs #8397
Fix tests for PSR-fix in optimized autoloader, refs #8397
Change PSR-fix for optimized autoloader to only warn for now, refs #8397
Fix output of dump-autoload command to avoid interfering with warnings, refs #8397
Remove credentials from git remotes in cache and vendor dirs
Avoid overwriting credentials with existing ones from git repos, refs #8293
Fix github auth to try https with pwd also, fixes#8356
Fix gitlab support for basic-auth fallback from ssh URLs
Avoid clearing the error output during removeDirectory execution, losing git error output, fixes#8351
Move test file parsing into try/catch block to avoid phpunit swallowing errors
make optimized autoloader respect PSR standards
Validate composer show with --tree and --path options set (#8390)
Don't show root warning for docker containers
Added phpdoc for ComposerAutoloaderInit$SHA1::getLoader() (#8393)
Validate schema name, type and version
Fix require command to allow working on network mounts, fixes#8231
...
The solver now only calculates a lock file transaction which does not
need to be sorted in order of dependencies. This is only necessary for
the local repo transaction generated without the solver during install
The pool builder tries to be minimal so it's fine for present/locked
packages not be assigned a solver/pool id. Adding a test to verify
correct creation of uninstall jobs
These special commands no longer (ab)use the partial update mechanism
but rather create a special install request for all current lock file
contents and later override any modified code references to the
originals. This leads to up to date remote metadata but no other
changes.
This only removes the credentials if they are managed by composer auth.json or equivalent, if the credentials were present in the package URL to begin with they might remain
Refs #8293Fixes#3644Closes#3608
Particularly the test
tests/Composer/Test/Fixtures/installer/partial-update-downgrades-non-whitelisted-unstable.test
is interesting because it verifies that an older version will be
installed on update if the new one is only present in the installed repo
or vendor dir. This was the cause of a lot of weird edge cases and
unreliable update behavior in Composer v1
As a result some lock file packages are no longer in the pool, so the
former installed map, now present map cannot use package ids anymore
Need to revisit some more code later to simplify this, todo notes left
Ensures packages get loaded from locked repo correctly. We may not want
to support this particular use-case at all, but for now it fixes the
existing test, so we may want to revisit this later.
Nils Adermann