1
0
Fork 0
Commit Graph

304 Commits (30ff21a9af9a10845436abaeeb0bb7276e996d24)

Author SHA1 Message Date
Ayesh Karunaratne b067e96021
Update URL masking patterns for new GitHub fine-grained PATs
Updates GitHub Personal Access Token regex pattern to detect new [fine-grained PATs](https://github.blog/changelog/2022-10-18-introducing-fine-grained-personal-access-tokens/)
2022-10-25 15:08:16 +02:00
John Stevenson 2837585e47
Fix cmd splitting paths on commas (#10775) 2022-05-12 21:13:55 +02:00
Stephan Vock d40c3a89c0
GitLab: add warning in case GitLab authentication is misconfigured 2022-04-28 21:37:45 +01:00
Stephan Vock 3b4a3d63bf
GitLab: prevent invalid loop during composer install with invalid credentials 2022-04-28 21:16:16 +01:00
Jordi Boggiano 6b97524b25
Load plugins which modify install path early, fixes #10618 (#10621) 2022-03-15 22:11:19 +01:00
Jordi Boggiano dbcdb4a903
Add test for circular depths of equal weight 2022-03-15 12:02:03 +01:00
Jordi Boggiano f31700bf19
Sort packages with the same weight alphabetically to have a completely stable sort not dependent on input order, fixes #10614 2022-03-15 11:35:33 +01:00
Jordi Boggiano e96656d850
Fix tests on windows 2021-11-24 16:19:37 +01:00
Jordi Boggiano 7e3626362e
Add support for warnings/infos keys to report more complex information to diverse Composer versions 2021-11-24 16:00:57 +01:00
Martin Herndl 96370657b8
Fix phpstan return type in `SvnTest::urlProvider` (#10233) 2021-10-28 10:00:25 +02:00
Jordi Boggiano 44b69ba77f
Upgrade php-cs-fixer to 3.x and fix CS 2021-10-27 16:21:45 +02:00
Martin Herndl 2992e8651a
Add types to `Util` tests (#10228) 2021-10-27 16:18:46 +02:00
Jordi Boggiano c3c6969cf5
Type annotations 2021-10-16 10:25:12 +02:00
Jordi Boggiano 2828ce59cf
Merge branch '1.10' 2021-10-13 22:12:54 +02:00
John Stevenson 906442117c Carriage returns are ignored by cmd 2021-10-13 14:54:37 +01:00
John Stevenson 0783b043d2 Fix Windows escaping in tests 2021-10-10 17:02:22 +01:00
John Stevenson 8f974fe741 Improve Windows escaping 2021-10-10 16:24:49 +01:00
Jordi Boggiano 18e24976c1
Merge branch '1.10' 2021-10-05 09:43:00 +02:00
Jordi Boggiano ca5e2f8d50
Fix escaping issues on Windows which could lead to command injection, fixes GHSA-frqg-7g38-6gcf 2021-10-05 09:39:50 +02:00
Jordi Boggiano f4e2b389a1
Fix test 2021-08-29 20:10:24 +02:00
Jordi Boggiano d3c176ec69
PHPStan Level 5 (#10070)
* Bump PHPStan to level 5

* Update seld/phar-utils to latest

* Add phpstan-setup / phpstan scripts
2021-08-21 17:41:52 +02:00
Jordi Boggiano a586a753df
Fix all remaining php8.1 test suite deprecations 2021-08-19 13:00:30 +02:00
Jordi Boggiano 0b09e08f4b
Fix direct deprecations 2021-08-18 15:17:06 +02:00
Stephan c65bd832d6
Url: fix sanitize for new github tokens (#10048) 2021-08-11 13:24:41 +02:00
Jordi Boggiano 10ae1d7b08
Fix some PHP 8.1 deprecation warnings, fixes #10008 2021-07-21 15:13:24 +02:00
Jordi Boggiano cc81f5bac3
Fix support for UNC paths in normalizePath, refs #9993 2021-07-12 13:36:57 +02:00
Jordi Boggiano 1b34495daa
Some phpstan level 4 fixes 2021-06-03 11:29:00 +02:00
Jordi Boggiano 40c7a725e1
Merge branch '2.0' 2021-04-27 13:06:49 +02:00
Jordi Boggiano 332c46af8b
Merge pull request from GHSA-h5h8-pc6h-jvvx
* Fix external process calls to avoid user input being able to pass extra parameters

* Tweak some fixes
2021-04-27 13:00:40 +02:00
Jordi Boggiano 083b73515d
Merge pull request from GHSA-h5h8-pc6h-jvvx
* Fix external process calls to avoid user input being able to pass extra parameters

* Tweak some fixes
2021-04-27 13:00:40 +02:00
Jordi Boggiano 4940009f83
Bump phpstan to level 3 (#9734)
Clean up PackageInterface/CompletePackageInterface, add missing methods, type things in solver as BasePackage, added CompleteAliasPackage, ..
2021-03-09 15:49:40 +01:00
Jordi Boggiano 40800df6bd
Fix CS 2021-02-25 13:46:52 +01:00
Jordi Boggiano b7d770659b
CS fixes 2020-11-22 14:52:39 +01:00
Andrés De la Cruz 480a6439fd
Fix phpstan phpdocs issues (#9478) 2020-11-20 09:28:09 +01:00
Stephan Vock d97c37f103 Zip: ignore mac osx specific folder when searching for composer.json 2020-10-29 22:30:12 +00:00
johnstevenson 2a913c7a68 Improve proxy error messages for streams 2020-10-24 18:20:31 +01:00
Jordi Boggiano 62eff8e979
Tweaks to new proxying code, refs #9324 2020-10-24 10:36:39 +02:00
johnstevenson d47261eb93 Refactor proxy handling for Composer2 2020-10-23 21:38:29 +01:00
Nils Adermann e868996bdd Validate: Warn about providing or replacing packages you require 2020-10-23 22:02:13 +02:00
Jordi Boggiano 8564dd8dac
Allow Url::sanitize to escape URLs without scheme 2020-10-23 13:27:46 +02:00
johnstevenson 8feb83b22b
Remove duplicate StreamContextFactory ssl options
Added in Dec 2014 (commit 8dad846), superseded in Jan 2016 (pr #4759)
2020-10-23 13:25:17 +02:00
Nils Adermann 6409ed0fc2 Validate: Warn about providing or replacing packages you require 2020-10-22 11:28:19 +02:00
Jordi Boggiano c01e3bd2f0
Make async test more robust 2020-10-16 11:23:03 +02:00
Simon Berger 80d71ccb3f Merged isset, unset and str_replace calls 2020-09-26 00:55:19 +02:00
Simon Berger 80a75e9959 Minor code improvements 2020-09-20 02:16:28 +02:00
Jordi Boggiano d942c65e0c
Fix more warnings 2020-09-11 11:32:09 +02:00
Jordi Boggiano 1593b67230
Fix warnings on higher phpunit versions 2020-09-11 11:01:32 +02:00
Simon Berger f3936b82cd Added test to cancel ProcessExecutor::asyncExecute 2020-09-08 11:33:41 +02:00
Nils Adermann 1385412748 Merge branch 'master' into filter-packages
* master:
  Add tests for edge cases of packages providing names which exist as real packages
  Add another test verifying that a package may provide an incompatible version of sth that actually exists
  Fix provider coexistence test, needs another requirement to install both
  Fix test filename to end with .test extension so it gets run
  Update config section to note required scope for GitLab tokens
  Fix pre/post-package-install/update/uninstall events receiving a partial list of operations, fixes #9079
  Also remove credentials from cache dirs in git/svn drivers, fixes #7439, refs #9155
  AuthHelper: Allow fall-through GitLab-specific HTTP headers for auth
  Sanitize repo URLs to mask HTTP auth passwords from cache directory
  Util/Zip: fix strpos args order
2020-08-28 14:52:58 +02:00
Ayesh Karunaratne 931a1ff1f8
AuthHelper: Allow fall-through GitLab-specific HTTP headers for auth
Previously, `AuthHelper` consumed the authentication credentials for GitLab domains and added access tokens as GitLab-specific headers.
[Composer repositories now supported in GitLab](https://php.watch/articles/composer-gitlab-repositories) require standard Authorization headers with a personal access to function, which failed to work due to out GitLab-specific headers.

With this commit, AuthHelper checks if the password is an access token, and falls through to HTTP basic authentication even if the domain name is a GitLab domain name.
2020-08-27 12:13:28 +07:00