public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code
12,607 Commits
3 Branches
206 Tags
52 MiB
Commit Graph

145 Commits (2e83ead40c396a8b0be85b6359442f51a902b6ea)

Author SHA1 Message Date
Jordi Boggiano 8f24b67c3c
Try to fix lowest deps tests 2024-11-14 11:47:19 +01:00
Jordi Boggiano d832d8c6c5
Simplify lint CI 2024-09-01 20:53:37 +02:00
Jordi Boggiano db869409e1
Bump highest php lint to use nightly (#12058) 2024-07-25 16:26:13 +02:00
Jordi Boggiano e61d4ad986
Update deps 2024-07-06 23:35:00 +02:00
dependabot[bot] 158df56ccc
Bump actions/cache from 3 to 4 (#11807) 
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-07 10:10:42 +01:00
dependabot[bot] 8410643e65
Bump actions/stale from 8 to 9 (#11753) 
Bumps [actions/stale](https://github.com/actions/stale) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v8...v9)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-19 11:26:04 +01:00
dependabot[bot] d463df1021
Bump actions/github-script from 6 to 7 (#11718) 
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-08 18:25:33 +01:00
Juliette 6385079695
GH Actions: update the CI workflow for the release of PHP 8.3 (#11726) 
PHP 8.4 has been added as experimental.
And the "high" PHP builds for the variations have been updated to use PHP 8.3.

Co-authored-by: jrfnl <jrfnl@users.noreply.github.com>
 2023-12-08 18:25:18 +01:00
dependabot[bot] 77de19dcaa
Bump actions/checkout from 3 to 4 (#11621) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-07 14:47:04 +02:00
Juliette bb1aa8432f
GH Actions: run against PHP 8.3 (#11601) 
* GH Actions: run against PHP 8.3

What with PHP 8.3 being close to the first RC, I'd like to suggest enabling runs against PHP 8.3 for the linting and test runs.

* Linting passes on PHP 8.3, so I propose to not allow new failures to be introduced there.
* The test runs, however, do not pass against PHP 8.3, so I'm marking those as `experimental` for now to allow for fixing the issue(s).

As for the compatibility issues (based on the test runs):
* PR 11599 fixes all known deprecation notices.
* There is, however, one test failure, which I'm not exactly sure how to fix, so I'm leaving this for the maintainers to decide upon.
    Details:
    Prior to PHP 8.3, `ReflectionMethod` could set a `private` method on a parent class to accessible. This is no longer possible in PHP 8.3 since php/php-src 9470 and breaks the `Composer\Test\Repository\ComposerRepositoryTest::testWhatProvides` test.
    Also see: https://3v4l.org/8YcIk/rfc#vgit.master

* GH Actions: update addition of PHP 8.3

* Don't add PHP 8.3 to the `lint` workflow.
* Replace the PHP 8.2 extra builds instead of adding to them for `test`.
* Don't allow builds to fail.

---------

Co-authored-by: jrfnl <jrfnl@users.noreply.github.com>
 2023-08-30 15:53:45 +02:00
Juliette 80b02cdef9
CONTRIBUTING: remove outdated suggestion (#11600) 
This doesn't appear to be needed anymore since 2a771dfb2d.

Co-authored-by: jrfnl <jrfnl@users.noreply.github.com>
 2023-08-30 14:09:14 +02:00
Andreas Möller 9eb9e0dcb3
Fix: Require tests on PHP 8.2 to pass (#11554) 2023-07-21 11:10:15 +02:00
dependabot[bot] 4e17745180
Bump actions/stale from 7 to 8 (#11402) 
Bumps [actions/stale](https://github.com/actions/stale) from 7 to 8.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v7...v8)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-29 11:32:46 +02:00
Jordi Boggiano 0a2846cb24
Fix autoloading on PHP 5.6 (#11285) 
* Add a CI check to ensure the autoloader can run on php5.6+

* Fix autoloading on PHP 5.6
 2023-01-27 16:26:04 +01:00
dependabot[bot] f07614f1c9
Bump actions/stale from 6 to 7 (#11244) 
Bumps [actions/stale](https://github.com/actions/stale) from 6 to 7.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-30 14:38:27 +01:00
Jordi Boggiano cbb7c91223
Fix ClassLoader to be serializable (#11237) 
* Fix ClassLoader to be serializable

* Fix CI to use the source bin/composer as process for "composer" runs incl within simple-phpunit

* Store the closure statically to avoid serialization issues in a cleaner way
 2022-12-22 15:17:04 +01:00
Jordi Boggiano 8ffd8bef08
Merge branch '2.4' 2022-10-25 15:27:14 +02:00
Juliette e746f71e95
GH Actions: fix use of deprecated `set-output` (#11126) 
GitHub has deprecated the use of `set-output` (and `set-state`) in favour of new environment files.

This commit updates workflows to use the new methodology.

Refs:
* https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
* https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#environment-files

Co-authored-by: jrfnl <jrfnl@users.noreply.github.com>
 2022-10-25 11:54:48 +02:00
dependabot[bot] 5770fb027c
Bump actions/stale from 5 to 6 (#11084) 
Bumps [actions/stale](https://github.com/actions/stale) from 5 to 6.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-09-27 10:51:55 +02:00
Alex a1bc424a06
Update release.yml 2022-08-30 14:03:38 +02:00
Jordi Boggiano 6b31fbec01
Update pull_request_template.md 2022-08-17 17:43:21 +02:00
Jordi Boggiano 81ea5409e0
Set close status to not planned for auto closed support issues 2022-07-30 14:19:06 +02:00
Jordi Boggiano 99255d3d85
Build releases with 8.1 2022-07-01 12:22:11 +02:00
dependabot[bot] 51db9e823c
Bump actions/cache from 2 to 3 (#10902) 
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-30 15:17:38 +02:00
Naveen 137ed52966
chore: Included githubactions in the dependabot config (#10900) 
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-06-28 20:32:45 +02:00
Jordi Boggiano 16ee2e479f
Merge branch '2.2' into 2.3 2022-06-22 09:16:23 +02:00
naveen 14476ec2a6
chore: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-06-22 08:18:22 +02:00
Jordi Boggiano f459b9bf61
Avoid updating phpstan in 7.2 build 2022-03-26 14:41:55 +01:00
Jordi Boggiano 5122bd42fb
Merge branch '2.2' into main 2022-03-15 13:11:59 +01:00
jrfnl dca2d49d0c
GH Actions: version update for various predefined actions 
A number of predefined actions have had major release, which warrant an update to the workflow(s).

These updates don't actually contain any changed functionality, they are mostly just a change of the Node version used by the action itself (from Node 14 to Node 16).

Refs:
* https://github.com/actions/checkout/releases

P.S.: looks like there are some more actions in use which have had new major releases. As those actually _do_ contain changed functionality, I've excluded the others from this PR.
 2022-03-15 12:49:38 +01:00
Andreas Möller 58deb39029
Enhancement: Update actions/github-script (#10612) 2022-03-15 10:22:01 +01:00
Andreas Möller e9680c4c54
Enhancement: Update actions/stale (#10610) 2022-03-15 10:21:11 +01:00
jrfnl 6b36f822d6
GH Actions: version update for various predefined actions 
A number of predefined actions have had major release, which warrant an update to the workflow(s).

These updates don't actually contain any changed functionality, they are mostly just a change of the Node version used by the action itself (from Node 14 to Node 16).

Refs:
* https://github.com/actions/checkout/releases

P.S.: looks like there are some more actions in use which have had new major releases. As those actually _do_ contain changed functionality, I've excluded the others from this PR.
 2022-03-05 19:17:37 +01:00
Jordi Boggiano e3d99cac59
Fix phpstan issues, update baseline and pin PHPStan version in 2.2 branch (#10474) 2022-01-21 12:48:16 +01:00
Jordi Boggiano 4f7d06e2a7
Mark PHP8.1 phpstan build experimental 2022-01-01 14:54:23 +01:00
Jordi Boggiano 095c36ecf8
Fix some PHPStan errors/.. 2022-01-01 14:54:20 +01:00
Jordi Boggiano 59603a357a
Remove PHPUnit direct require again 2022-01-01 14:54:19 +01:00
Jordi Boggiano 2a771dfb2d
Update PHPUnit to 8.5 2022-01-01 14:54:19 +01:00
Jordi Boggiano d2ede370be
Bump target version, bump PHP and dependency requirements to PHP 7.2+ 2022-01-01 14:54:18 +01:00
Jordi Boggiano 99aeba541a
Improve PR template 2022-01-01 14:53:58 +01:00
Jordi Boggiano aeb206bcfb
Fix CI for LTS 2021-12-09 12:02:20 +01:00
Jordi Boggiano ef728bf8f7
Avoid removing the platform config on every build 2021-12-08 22:03:22 +01:00
Jordi Boggiano 2d92e2119a
Add deprecations checks 2021-12-07 09:33:45 +01:00
Jordi Boggiano f758da32c9
Merge branch '2.1' into main 2021-11-30 10:39:44 +01:00
Jordi Boggiano 965b12cdec
Allow alpha and above for latest deps build to catch dependency problems earlier next time 2021-11-30 10:32:23 +01:00
Jordi Boggiano f509c41280
Upgrade PHPStan to 1.0 (#10253) 
Co-authored-by: Martin Herndl <martin@herndl.org>
 2021-11-14 20:42:24 +01:00
Yanick Witschi 34183f49f9
Implemented PoolOptimizer 2021-11-11 16:13:24 +01:00
Viktor Szépe e89459d964
Separate CI steps (#10226) 2021-10-27 14:54:36 +02:00
Fabien Villepinte 3861ce68cd
Replace master by main (#10171) 2021-10-16 22:30:15 +02:00
Fabien Villepinte 1dd2bc6f02
Validate composer.lock strictly (#10160) 2021-10-15 15:11:38 +02:00