Instead of marking locked packages as fixed, we change the pool builder
to load only the locked version and treat it like a fixed package, but
removing the actual request fix, makes the solver treat it as a regular
optional dependency. As a consequence locked packages may be removed on
a partial update of another package, but they cannot be updated.
So far the ordering of alias packages with the same name was undefined
so the actual order was determined by implementation of the sorting
algorithm in PHP. As of PHP8 sort is stable by default which changes the
outcome in some of our test cases.
With the fully defined total order the order can longer change depending
on sorting algorithm used and remains the same across PHP versions.
* master:
Add tests for edge cases of packages providing names which exist as real packages
Add another test verifying that a package may provide an incompatible version of sth that actually exists
Fix provider coexistence test, needs another requirement to install both
Fix test filename to end with .test extension so it gets run
Update config section to note required scope for GitLab tokens
Fix pre/post-package-install/update/uninstall events receiving a partial list of operations, fixes#9079
Also remove credentials from cache dirs in git/svn drivers, fixes#7439, refs #9155
AuthHelper: Allow fall-through GitLab-specific HTTP headers for auth
Sanitize repo URLs to mask HTTP auth passwords from cache directory
Util/Zip: fix strpos args order
Previously, `AuthHelper` consumed the authentication credentials for GitLab domains and added access tokens as GitLab-specific headers.
[Composer repositories now supported in GitLab](https://php.watch/articles/composer-gitlab-repositories) require standard Authorization headers with a personal access to function, which failed to work due to out GitLab-specific headers.
With this commit, AuthHelper checks if the password is an access token, and falls through to HTTP basic authentication even if the domain name is a GitLab domain name.
* master: (59 commits)
Update deps
Reuse repository manager and others directly from the Composer instance, refs #9057
Fix usage of create-project with local filesystem repos
Fix return value
Add support for multiple --repository additions in create-project, and make --add-repository delete the lock file, fixes#8853
Remove cygwin php handling in UAC elevation
Clean up a little to make impl less invasive and to handle replacers/providers
Supply event dispatcher in Create Project Command
Avoid attempting to use /etc/xdg as base config home, fixes#9053, refs #9045
Create an issue @ Docker repository on tag
Mark transaction classes internal, refs #8827
Prepare 1.10.9 release
Remove highest/lowest builds for 1.10 maintenance branch
Fix bitbucket detection of redirects to login page, fixes#9041
Fix doc comment
Fixed spelling mistake
Add Windows UAC elevation to self-update command
GitLab: clarify interactive auth prompt
Improve support for XDG and default to XDG config dir if both that and ~/.composer are available, fixes#9045Fix#9033 - inconsistent behavior with minor-only flag
...
* RemoteFilesystemTest: simplifying some mock expectations calls
- will($this->returnValue()) to willReturn()
- will($this->returnCallBack()) to willReturnCallback()
* RemoteFilesystemTest: extracting identical mocks for IOInterface into a separate getIOInterfaceMock() method
* RemoteFilesystemTest: converting protected helper methods to private.
* RemoteFilesystemTest: moving getConfigMock() private method after the public methods (with other private methods)
* adding RemoteFileSystemTest::testCopyWithRetryAuthFailureFalse() unit test.
* Allow optional injecting of AuthHelper into RemoteFilesystem constructor.
* adding RemoteFileSystemTest::testCopyWithSuccessOnRetry() unit test.
* using backward compatible @expectedException in RemoteFilesystemTest.php
* RemoteFilesystemTest: extracting RemoteFilesystem with mocked method creation into a separate method.
* RemoteFilesystemTest: extracting AuthHelper with mocked method creation into a separate method.