Jordi Boggiano
e49be96f3b
Release 2.7.3
2024-04-19 21:40:57 +02:00
Jordi Boggiano
69dc828ba7
Ensure type must be provided in init command
2024-04-19 17:27:50 +02:00
John Stevenson
70927f728e
Add FAQ about using a proxy ( #11933 )
2024-04-19 17:27:54 +02:00
Jordi Boggiano
b0ec0f96ad
Update phpstan deps and fix a few array_filter issues
2024-04-19 17:00:50 +02:00
Jordi Boggiano
3604996464
Ensure diagnose command works even if provider-includes disappears
2024-04-19 14:20:56 +02:00
John Stevenson
41fb6146b0
Improve proxy reporting in Diagnose command ( #11932 )
2024-04-19 14:18:55 +02:00
John Stevenson
3cc490d4c4
Refactor proxy handling to require https_proxy ( #11915 )
...
Composer has always allowed a single http_proxy (or CGI_HTTP_PROXY)
environment variable to be used for both HTTP and HTTPS requests. But
many other tools and libraries require scheme-specific values.
The landscape is already complicated by the use of and need for upper
and lower case values, so to bring matters inline with current practice
https_proxy is now required for HTTPS requests.
The new proxy handler incorporates a transition mechanism, which allows
http_proxy to be used for all requests when https_proxy is not set and
provides a `needsTransitionWarning` method for the main application.
Moving to scheme-specific environment variables means that a user may
set a single proxy for either HTTP or HTTPS requests. To accomodate this
situation during the transition period, an https_proxy value can be set
to an empty string which will prevent http_proxy being used for HTTPS
requests.
2024-04-17 14:34:26 +02:00
Jordi Boggiano
92f641ac3d
Fix show command output to remove v prefixes on versions, making for more uniform output, fixes #11925
2024-04-15 13:23:25 +02:00
Jordi Boggiano
89f057e0df
Ensure we clear the locally configured cache dir instead of default one, fixes #11921
2024-04-15 11:49:10 +02:00
Fabrizio Balliano
c5ff69ed58
Added support for buy_me_a_coffee ( #11902 )
2024-04-03 11:05:07 +02:00
Jordi Boggiano
f01ec4a98f
Ensure integer env vars do not cause a crash, fixes #11908
2024-04-03 10:36:39 +02:00
Jordi Boggiano
dd18a5fe55
Make methods chainable
2024-04-02 17:40:35 +02:00
Jordi Boggiano
9ced107af2
Ensure extension packages in platform repo have php-ext type set
2024-04-02 17:39:00 +02:00
Jordi Boggiano
94be5b5c14
Allow restricting allowed types as well, and allow configured ignored/allowed types in Installer class
2024-04-02 17:38:41 +02:00
Jordi Boggiano
2027d4975a
Fail status more softly unless -vvv is used, refs #11889
2024-03-21 11:16:56 +01:00
Jordi Boggiano
bc157ebea9
Fix phpdoc for new php-ext schema
2024-03-20 22:44:48 +01:00
Jordi Boggiano
07fa4255d6
Add support for php extension packages ( #11795 )
...
* Update schema
* Validate php-ext is only set for php-ext or php-ext-zend packages
* Make sure the pool builder excludes php-ext/php-ext-zend
2024-03-20 22:04:58 +01:00
gaxweb
a6947f116a
Allow for SSH URLs when using hg repository type ( #11878 )
2024-03-20 16:31:25 +01:00
Jordi Boggiano
75ccf6557a
Use reactphp/promise v2 compatible code
2024-03-20 12:32:54 +01:00
Jordi Boggiano
59152ad7aa
Fix phpstan errors in FileDownloader, update baseline (1642, 96)
2024-03-20 12:20:30 +01:00
Jordi Boggiano
5a1d506c77
Fix composer status command handling of failed promises, closes #11889
2024-03-20 12:20:30 +01:00
Brad Jones
d00f590354
Surface the advisory ID when CVE not present. ( #11892 )
2024-03-19 16:24:10 +01:00
Stephan
d36cd30d11
HttpDownloader: add option to prevent access to private network ( #11895 )
2024-03-19 16:18:59 +01:00
Jordi Boggiano
504e6c581a
Update deps and baseline (1663, 96)
2024-03-19 15:22:44 +01:00
Ayesh Karunaratne
62126e1a40
[PHP 8.4] Fix for implicit nullability deprecation ( #11888 )
...
Fixes a issue that emits a deprecation notice on PHP 8.4.
See:
- [RFC](https://wiki.php.net/rfc/deprecate-implicitly-nullable-types )
- [PHP 8.4: Implicitly nullable parameter declarations deprecated](https://php.watch/versions/8.4/implicitly-marking-parameter-type-nullable-deprecated )
2024-03-15 13:55:25 +01:00
Yanick Witschi
5a20dba768
Only show warning about default version when not "project" type ( #11885 )
2024-03-14 16:38:28 +01:00
Jordi Boggiano
2124f09d75
Fix context info being missing from output when using the IO classes as PSR-3 logger, fixes #11882
2024-03-11 17:23:06 +01:00
Jordi Boggiano
96f757f3a4
Reverting release version changes
2024-03-11 17:12:19 +01:00
Jordi Boggiano
b826edb791
Release 2.7.2
2024-03-11 17:12:18 +01:00
Jordi Boggiano
57427e6227
Fix filesystem::copy with broken symlinks, refs #11864
2024-03-08 10:44:47 +01:00
Jordi Boggiano
c5aa3dc021
Update deps, update baseline (1677, 97), fixes #11875
2024-03-08 09:03:23 +01:00
Pol Dellaiera
66acb84c12
Fix update --lock to avoid updating all metadata except dist/source urls and mirrors ( #11850 )
...
We now update the existing package instead of reverting changes in the updated package to ensure we keep all metadata intact, fixes #11787
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2024-03-05 11:32:40 +01:00
Jordi Boggiano
1dc2c93261
Fix ensureDirectoryExists not working when a broken symlink appears somewhere in the path, fixes #11864
2024-03-04 14:39:30 +01:00
Jordi Boggiano
c42bb68aff
Optimize outdated --ignore to avoid fetching the latest package info for ignored packages, fixes #11863
2024-03-04 14:07:27 +01:00
Jordi Boggiano
133447cf51
Output tweak
2024-03-04 14:01:23 +01:00
Jordi Boggiano
c3efff91f8
Fix plugins still being available in a few special contexts when running as non-interactive root, mainly create-project, refs #11854
2024-03-04 13:45:04 +01:00
Michael Newton
c0b8086af5
Include PHP information when showing Composer version verbosely ( #11866 )
...
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2024-03-01 10:14:41 +01:00
Pol Dellaiera
a0d474f75c
Add a warning message when Composer is not able to guess the root package version ( #11858 )
...
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2024-02-23 10:47:36 +01:00
Jordi Boggiano
8c61f812a4
Reverting release version changes
2024-02-09 15:26:29 +01:00
Jordi Boggiano
aaf6ed5ccd
Release 2.7.1
2024-02-09 15:26:28 +01:00
Jordi Boggiano
be876b47a9
Also output root plugin warning after script execution errors
2024-02-09 14:26:07 +01:00
Jordi Boggiano
690fe716c5
Output more warnings about plugins being disabled to hint that it may cause problems, fixes #11839 ( #11842 )
2024-02-09 11:56:25 +01:00
Jordi Boggiano
6335551cc2
Fix diagnose auditing of composer dependencies in phar files
2024-02-08 16:24:16 +01:00
Jordi Boggiano
f00d3fb5ab
Reverting release version changes
2024-02-08 15:09:19 +01:00
Jordi Boggiano
96d107e2bf
Release 2.7.0
2024-02-08 15:09:19 +01:00
Jordi Boggiano
64e4eb356b
Merge pull request from GHSA-7c6p-848j-wh5h
...
* Fix usage of possibly compromised installed.php/InstalledVersions.php at runtime, refs GHSA-7c6p-848j-wh5h
* Fix InstalledVersionsTest regression
2024-02-08 14:33:59 +01:00
Jordi Boggiano
754f2868fb
Add non-zero return codes when why-not finds a reason a package is not installable, or when why finds no reason it is there, fixes #11796
2024-02-07 22:27:58 +01:00
Dezső BICZÓ
7cb92a90c8
Introduce COMPOSER_AUDIT_ABANDONED env var ( #11794 )
...
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2024-02-07 22:13:36 +01:00
Ayesh Karunaratne
e0807d381e
Diagnose command: Add GitHub OAuth token expiration date information ( #11688 )
...
GitHub's new fine-grained tokens have a cumpulsory expiration date, and their
classic tokens also support an expiration date.
https://github.blog/changelog/2021-07-26-expiration-options-for-personal-access-tokens/
This improves the `composer diagnose` command to display the expiration
date and time if it is provided by the response headers
(via `GitHub-Authentication-Token-Expiration`).
2024-02-07 21:30:24 +01:00
Jordi Boggiano
0c99bfc8fd
Fix root aliases causing problems when auditing locked dependencies, fixes #11771
2024-02-07 11:37:50 +01:00
Jordi Boggiano
fa040131b0
Add more details to event debug output, refs #11818
2024-02-07 11:18:06 +01:00
PrinsFrank
fd23381391
Add arguments to command call output ( #11826 )
2024-02-07 11:11:16 +01:00
Kuba Werłos
7745d56c14
Do not show error that plugins have been disabled when they are already disabled ( #11803 )
2024-02-07 09:32:55 +01:00
Stephan
9a656854ad
ValidatingArrayLoader: fix link validation with missing name ( #11830 )
2024-02-06 17:18:41 +01:00
Jordi Boggiano
e88c7a8987
Add support for wildcards in outdated's --ignore arg, fixes #11831
2024-02-06 17:17:25 +01:00
Derek Stephen McLean
ebb6a82099
issue #11811 auth token links on separate lines ( #11812 )
...
* issue #11811 auth token links on separate lines
* 11811 - remove stray bracket
* 11811 : links on separte lines
2024-02-06 16:53:18 +01:00
Jordi Boggiano
ef6c224ec2
Fix require command crashing at the end if no lock file is present, fixes #11814
2024-02-06 13:46:46 +01:00
Jordi Boggiano
0f70c0a9c9
Add detection of constraints which do not match anything in validate command, fixes #11802 ( #11829 )
2024-02-06 12:57:52 +01:00
Jordi Boggiano
d3aeb1357f
Merge branch '2.6'
2024-01-26 17:45:05 +01:00
Jordi Boggiano
7048ff3808
Fix automatic disabling of plugins when running non-interactive as root
2024-01-26 17:44:35 +01:00
Jordi Boggiano
f402517af5
Merge branch '2.6'
2024-01-26 17:27:48 +01:00
Jordi Boggiano
b1bd22f37c
Fix type error
2024-01-26 17:27:42 +01:00
Jordi Boggiano
2ec8feb825
Merge branch '2.6'
2024-01-26 17:11:27 +01:00
Jordi Boggiano
952256247c
Only include installed versions class when plugins and scripts are allowed, as it is not needed otherwise
2024-01-26 17:11:16 +01:00
Jordi Boggiano
4e5be9ee7d
Emit warning instead of crashing on invalid security advisory API response, fixes #11767
2024-01-12 14:20:59 +01:00
Jordi Boggiano
a29acbdd2e
Ensure repos declaring security-advisories have at least an API or a restricted set of packages to avoid too many wasteful requests
2024-01-12 13:17:05 +01:00
Jordi Boggiano
3491986ad3
Add IPv4 fallback on connection timeout, and adds COMPOSER_IPRESOLVE env var ( #11791 )
...
* Add IPv4 fallback on connection timeout, and adds COMPOSER_IPRESOLVE env var, fixes #530
* Address feedback
* Add warning in diagnose command when COMPOSER_IPRESOLVE is set
2024-01-11 17:13:54 +01:00
Jordi Boggiano
c069174ac7
Merge remote-tracking branch 'origin/2.6'
2024-01-11 16:44:46 +01:00
Jordi Boggiano
75fd2bbeb2
Ensure we respect available-package-patterns and available-packages directives when fetching security advisories, fixes #11704 ( #11773 )
2024-01-11 16:44:27 +01:00
Jordi Boggiano
55db88f51b
Add error when composer show --direct <transient-dependency> is used to show a dependency which is not direct, fixes #11728
2024-01-11 09:53:00 +01:00
Jordi Boggiano
3427bee1f2
🤦
2024-01-10 13:47:26 +01:00
Jordi Boggiano
10667db1ba
Only override ist url if it is not handled gracefully already
2024-01-10 13:42:01 +01:00
Jordi Boggiano
547a635287
Fix build
2024-01-10 13:34:56 +01:00
Jordi Boggiano
042a8c2128
Ensure dist url/type/checksum remain the same when doing lock hash updates, refs #11787
2024-01-10 13:33:49 +01:00
Jordi Boggiano
284821543a
Merge branch '2.6'
2024-01-08 16:10:20 +01:00
Sam L
44f02a5c86
Add COMPOSER_FUND=0 env var to disable calls for funding ( #11779 )
2024-01-08 15:10:49 +01:00
Jordi Boggiano
be71bf056e
Fix support for versions with 4 components in VersionSelector, fixes #11716
2024-01-08 14:56:08 +01:00
Jordi Boggiano
071fbcf347
Fix warnings incorrectly being shown when using require with upper bound ignored on platform requirements, fixes #11722 ( #11786 )
2024-01-08 14:48:24 +01:00
Jordi Boggiano
534bc20beb
Add support for combining show --self with --installed or --locked ( #11785 )
2024-01-08 14:14:44 +01:00
rkpiii
d00e38a038
[11744] handle missing hyphen when attempting to run self-update… ( #11775 )
...
* [11744] handle missing hyphen when attempting to run self-update command
* fix: [1744] silently fix the "self update" command
2024-01-04 17:02:34 +01:00
Quynh Anh
8246892d48
Fix PackageInterface parameter comments ( #11777 )
2024-01-04 14:49:27 +01:00
Jordi Boggiano
efe6e44883
Perform audit on Composer and its dependencies during diagnose, fixes #11216 ( #11761 )
2024-01-04 10:55:59 +01:00
Jordi Boggiano
12ed21705d
Check for non-platform requirements before warning that no deps are installed on show command, fixes #11760
2023-12-22 17:48:47 +01:00
Roberto Guido
8e62977cb5
Exposing GitLab's project metadata ( #11734 )
...
* Exposing GitLab's project metadata
* Fixed check about GitLab project's metadata initialization
2023-12-20 16:50:24 +01:00
Jordi Boggiano
53a1f32061
Add --sort-by-age to show/outdated commands, and also release date for latest package in --latest mode ( #11762 )
2023-12-20 15:37:27 +01:00
Jordi Boggiano
c8f1028ef9
Fix minor error msg issue
2023-12-20 15:16:12 +01:00
Stephan
86cd364901
Audit: add severity to plain and table output ( #11702 )
2023-12-19 19:11:50 +01:00
Jordi Boggiano
9b0f9b40a4
Show package source in very verbose updates, fixes #11733 ( #11763 )
2023-12-19 17:17:48 +01:00
Jordi Boggiano
4a209b7d3d
Fix bump command not bumping versions with a v prefix e.g. ^v2.4, fixes #11723 ( #11764 )
2023-12-19 17:17:32 +01:00
Jordi Boggiano
3cfd9bf51b
Ensure composer.json gets deleted after a dry run require, fixes #11747
2023-12-19 15:51:39 +01:00
Jordi Boggiano
e0f75276a2
Switch default audit.abandoned to fail for 2.7 release
2023-12-18 15:02:10 +01:00
Jordi Boggiano
bf6c7f8ea2
Merge branch '2.6'
2023-12-18 10:12:45 +01:00
Jordi Boggiano
e14d28baec
Update deps
2023-12-18 10:11:33 +01:00
Jordi Boggiano
eaa7dd46f5
Reverting release version changes
2023-12-08 18:32:27 +01:00
Jordi Boggiano
683557bd24
Release 2.6.6
2023-12-08 18:32:26 +01:00
Travis Carden
aefa46dfba
Add support for "scripts-aliases" in composer.json ( #11666 )
2023-10-27 11:36:59 +02:00
Jordi Boggiano
cc653161c3
Merge branch '2.6'
2023-10-26 11:39:41 +02:00
Dan Wallis
8c0f1e10dc
Display error instead of throwing exception when unable to update with temporary constraint ( #11692 )
2023-10-26 11:38:02 +02:00
Dan Wallis
81b662d388
Suggest running 'require' not 'update' if a root req fails to update ( #11691 )
2023-10-26 11:08:03 +02:00
Tom Klingenberg
03085c8181
Fix Git Driver to use supported Git VCS driver URL
...
Otherwise the URL may not be supported since 3bb191a46
(Add support for
env vars and ~ (for HOME) in repo paths for vcs and artifact
repositories, fixes #11409 (#11453 ), 2023-05-07)
2023-10-26 11:06:11 +02:00
Jordi Boggiano
899dcedf66
Add --minimal-changes mode to perform partial updates --with-dependencies while changing only what is necessary in other dependencies ( #11665 )
2023-10-26 10:25:04 +02:00
Dan Wallis
7a09e05560
Bump wildcard constraints to >=current ( #11694 )
2023-10-25 18:04:52 +02:00
Jordi Boggiano
c66894278c
Bump dev version to 2.7, fix issues with symfony 7
2023-10-25 17:13:36 +02:00
Dan Wallis
c827c93b62
Use global constant if available for libpq version ( #11684 )
2023-10-11 14:19:31 +02:00
Jordi Boggiano
d2bd9836a6
Reverting release version changes
2023-10-06 10:11:53 +02:00
Jordi Boggiano
4b0fe89db9
Release 2.6.5
2023-10-06 10:11:52 +02:00
Uladzimir Tsykun
3e22e1ceda
Fix error when vendor dir contains broken symlinks ( #11670 )
2023-10-06 09:53:39 +02:00
Jordi Boggiano
cb363b0e84
Fix autoload generator dump() non-BC signature change in 2.6.4
2023-10-06 09:34:10 +02:00
Jordi Boggiano
64c5bdd55b
Reverting release version changes
2023-09-29 10:54:48 +02:00
Jordi Boggiano
d75d17c16a
Release 2.6.4
2023-09-29 10:54:47 +02:00
Pol Dellaiera
b608b8e87e
feat: improve Composer's output reproducibility ( #11663 )
...
* AutoloadGenerator: add `Locker` parameter to the `dump` method
* AutoloadGenerator: do not create a random hash, re-use the one from the lock file if it exists
* FileSystem: make sure `safeCopy` copy also the file time metadata
2023-09-28 11:43:52 +02:00
Jordi Boggiano
892eaacedf
Optimize show -a by loading only the requested package ( #11659 )
...
Fixes #11648
2023-09-27 11:28:33 +02:00
Yanick Witschi
f6ce8349c5
Use CompilingMatcher in DefaultPolicy for performance reasons ( #11638 )
...
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-27 09:08:29 +02:00
Dezső BICZÓ
755de04bf5
Fix abandoned package list JSON serialization ( #11647 )
...
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-26 14:23:45 +02:00
Jordi Boggiano
39faacbca9
Reverting release version changes
2023-09-15 09:38:22 +02:00
Jordi Boggiano
ff477832e6
Release 2.6.3
2023-09-15 09:38:22 +02:00
Jordi Boggiano
e3484c8581
Add audit.abandoned warnings for abandoned packages, fixes #11623 ( #11639 )
2023-09-14 11:30:09 +02:00
Jordi Boggiano
3bc72f75cb
Fix build, update deps
2023-09-13 18:17:28 +02:00
wgevaert
e2f5afd4cd
Add warning when duplicate "files" autoload rules are detected ( #11109 )
...
Co-authored-by: Wout Gevaert <wout@wikibase.nl>
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-13 14:11:00 +02:00
Yanick Witschi
5474dc9b5b
Fixed replaced packages being incorrectly missing when unlocked by an old version ( #11629 )
...
Co-authored-by: Nils Adermann <naderman@naderman.de>
2023-09-13 10:42:47 +02:00
Jason McCreary
1e4966c313
Get realpath for `ZipArchive` ( #11636 )
2023-09-13 09:59:22 +02:00
Jordi Boggiano
1ac0ea8739
Retry curl receive errors when connection reset by peer, fixes #11622
2023-09-12 10:10:53 +02:00
Jordi Boggiano
755e89fc91
Fix loading of root aliases on path repo packages when doing partial updates, fixes #11630 ( #11632 )
2023-09-11 17:45:19 +02:00
Christophe Coevoet
087b21d687
Fix the promise resolution for the cleanup logic ( #11620 )
2023-09-11 17:40:43 +02:00
Jordi Boggiano
75ae504b2c
Reverting release version changes
2023-09-03 14:09:16 +02:00
Jordi Boggiano
623e5e1de0
Release 2.6.2
2023-09-03 14:09:15 +02:00
Michael Voříšek
40244dc228
Revert "Set $_SERVER['SCRIPT_NAME'] within proxy command ( #11562 )" ( #11617 )
...
This reverts commit 9c25633d6d
.
2023-09-03 13:39:48 +02:00
Jordi Boggiano
98a588eb90
Avoid COMPOSER env being set if not necessary as it can cause issues with scripts, fixes #11613 , refs #11493
2023-09-03 11:13:54 +02:00
Uladzimir Tsykun
90cbb144b2
Fix exit code 5 on composer require/create-project command ( #11616 )
2023-09-03 10:54:07 +02:00
Jordi Boggiano
d221d5c69a
Reverting release version changes
2023-09-01 13:53:09 +02:00
Jordi Boggiano
ee851d6b6b
Release 2.6.1
2023-09-01 13:53:08 +02:00
Jordi Boggiano
5fae76ce67
Revert "Allow executing binaries which are not marked executable via shell proxies ( #11557 )"
...
This reverts commit c1f2964105
.
2023-09-01 13:50:20 +02:00
Jordi Boggiano
9ab8ef5a71
Reverting release version changes
2023-09-01 10:07:51 +02:00
Jordi Boggiano
ea4222fad9
Release 2.6.0
2023-09-01 10:07:50 +02:00
Jordi Boggiano
7dc5666f33
Avoid failing the require command if the audit step failed
2023-09-01 10:05:13 +02:00
Dezső BICZÓ
0ab4dfba7c
Change audit.ignore behavior before 2.6.0 ( #11605 )
...
* Still report ignored security advisories
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-01 10:04:31 +02:00
ಠ_ಠ
1a2bd38764
allow bumping for patch level version constraints fixes #11579 ( #11590 )
2023-08-31 11:05:49 +02:00
Travis Carden
1c4ac1c437
Add `dumpautoload --dry-run` option ( #11608 )
2023-08-31 10:35:02 +02:00
Martin Herndl
6fd145f01e
Allow --strict-psr in `DumpAutoloadCommand` also with --classmap-authoritative ( #11607 )
2023-08-30 21:43:16 +02:00
Tom Klingenberg
db53c65986
COMPOSER_DISABLE_NETWORK aware `diagnose` checks; SKIP output ( #11597 )
...
Make `diagnose` checks aware of COMPOSER_DISABLE_NETWORK (true) and skip
Composer network operations that would otherwise spill stack traces into
diagnostic messages and taint the result as error while the check itself
is not applicable/useful within the environment.
`COMPOSER_DISABLE_NETWORK` was released with [2.0.0-alpha1] and intro-
duced in fc03ab9bb
(Add COMPOSER_DISABLE_NETWORK env var for debugging,
2019-01-14).
The previous behaviour was to exit with a status of two (2), denoting an
error.
The new behaviour is to exit with a status of zero (0), showing the
successful skipping of diagnostics that can only be run when Composer
network is enabled - not disabled.
SKIP output is updated and streamlined.
NOTE: The "prime" Value
It is irrelevant for diagnose checks, as all diagnostic checks that
spilled were with the HTTP Downloader and the check is aligned (both
"1" or "prime" values disable):
(bool) Platform::getEnv('COMPOSER_DISABLE_NETWORK')
NOTE: Not Affected
* The `allow_url_fopen` diagnostic check, platform related
* The `disable-tls` setting related HTTP Downloader creation warning
[2.0.0-alpha1]: <https://getcomposer.org/changelog/2.0.0-alpha1 > "released 2020-06-03"
2023-08-30 21:35:59 +02:00
Christophe Coevoet
83771ce9ba
Fix the mtime of the vendor folder when running composer install ( #11593 )
...
When splitting the logic between the lock file management and the vendor
folder management in composer 2.0, the logic playing nice with make was
broken by running the logic based on operations performed in the lock
file instead of operations performed in the vendor folder.
2023-08-30 18:05:58 +02:00
Jordi Boggiano
094fb6cd70
Fix support for react/promise 2.x
2023-08-30 11:38:36 +02:00
Jordi Boggiano
bbd2c9613e
Fix uncaught promises when doing synchronous file downloads that fail, fixes #11563
2023-08-30 11:19:47 +02:00
Jordi Boggiano
83792838c9
Fix problem output bug when purely numeric versions are condensed
2023-08-30 10:45:57 +02:00
Stephan
5062338079
Audit: ignores configured repository options ( #11173 )
...
* Audit: ignores configured repository options
* ComposerRepository: add test case to assert that repo http options are used to make security advisory POST request
2023-08-29 15:16:34 +02:00
Jordi Boggiano
95dca79fc2
Output error message in verbose mode before asking for credentials, fixes #11570
2023-08-04 11:06:00 +02:00
Jordi Boggiano
7ffcaacd08
Fix ignored config merging when audit is present but ignored isnt
2023-08-04 11:05:59 +02:00
Dan Wallis
9c25633d6d
Set $_SERVER['SCRIPT_NAME'] within proxy command ( #11562 )
2023-08-02 11:55:24 +02:00
Jordi Boggiano
f4738d97b7
Add support for Application::setCatchErrors in symfony 6.4+, refs symfony/symfony#50420
2023-07-28 19:33:33 +02:00
Jordi Boggiano
0cdabcc4ee
Add audit.ignored config setting to ignore security advisories by id or CVE id, fixes #11298 ( #11556 )
2023-07-21 14:36:38 +02:00
Julian Liebig
a6c7b0b327
Retry download if curl error 55 is encountered ( #11543 )
2023-07-21 14:29:56 +02:00
David Zülke
3e9c148b63
Fix trailing whitespace in 'composer show -N' ( #11536 )
...
The name column was always padded to maximum width, even if no other columns were printed.
This makes it difficult to use the output e.g. in pipelines.
Fixed for all possible columns, and with tests for two cases (regular show and show outdated).
2023-07-21 11:29:38 +02:00
David Zülke
07f706e57d
Fix 'composer show --platform <package>' erroring if no composer.json is present ( #11533 )
...
Sort of related to #11046 (although this is not a regression, but didn't work before, either)
2023-07-21 11:28:36 +02:00
Stephan
cf8ea3c70e
GitHubDriver: better handle empty composer.json file ( #11552 )
2023-07-21 11:09:32 +02:00
David Zülke
8f49166ec6
Fix lib-curl-openssl parsing for SecureTransport ( #11534 )
...
On macOS, if libcurl is built against SecureTransport, the platform repository will contain an invalid package name:
% composer show --platform | grep curl
ext-curl 8.2.7 The curl PHP extension
lib-curl 8.1.2 The curl library
lib-curl-(securetransport) openssl 3.1.1 curl (securetransport) openss...
lib-curl-libssh2 1.11.0 curl libssh2 version
lib-curl-zlib 1.2.11 curl zlib version
This change fixes it:
% bin/composer show --platform | grep curl
lib-curl 8.1.2 The curl library
lib-curl-libssh2 1.11.0 curl libssh2 version
lib-curl-securetransport 3.1.1 curl (securetransport) openssl ...
lib-curl-zlib 1.2.11 curl zlib version
(second column width difference comes from the Composer dev version number)
2023-07-21 11:06:03 +02:00
Attia A. Ahmed
ce876e7a6f
Fix broken junctions leading to installation failure on Windows ( #11550 )
2023-07-21 10:59:59 +02:00
Jordi Boggiano
e7016b00a9
Upgrade to react/promise 3.0.0 ( #10429 )
2023-07-20 12:52:28 +02:00
Brian French
c1f2964105
Allow executing binaries which are not marked executable via shell proxies ( #11557 )
2023-07-19 17:38:21 +02:00
Jordi Boggiano
82bc8cf94e
Update deps
2023-07-19 14:57:22 +02:00
MaximAL
1c9fbeb978
Preserve indentation when writing JSON files ( #11390 )
...
Refs #11341
2023-07-19 14:13:06 +02:00
Agostino Fiscale
16d1b11c26
Add homepage links in why/why-not commands ( #11308 )
2023-07-19 11:28:17 +02:00
Helmut Hummel
68b7a07187
Feature: Allow local directory paths in repository of type composer ( #11526 )
...
Fixes : #11519
2023-07-18 11:44:53 +02:00
Jordi Boggiano
2b18799c44
Fix problem output of exact constraints to state more clearly that only those versions are matched ( #11521 )
...
Fixes #11479
2023-06-23 13:13:20 +02:00
Jordi Boggiano
1db0a47080
Add prompt to require command if a package name is not found but there are similar names that could be used ( #11284 )
...
fixes #11279
2023-06-23 11:15:03 +02:00
Jordi Boggiano
196ac10505
Remove dead code
2023-06-23 10:57:56 +02:00
Jordi Boggiano
06b4923c47
Add fallback dist type extension to temp archive files for URLs without extension, fixes #11513 ( #11520 )
2023-06-22 16:30:48 +02:00
Jordi Boggiano
bbea3e5284
Merge branch '2.5'
2023-06-09 17:13:53 +02:00
Jordi Boggiano
7b03fa1ba3
Reverting release version changes
2023-06-09 17:13:22 +02:00
Jordi Boggiano
4c51614616
Release 2.5.8
2023-06-09 17:13:21 +02:00
Jordi Boggiano
3f385d466f
Update types some more, refs #11500
2023-06-09 17:13:09 +02:00
Jordi Boggiano
c12b551d3a
Update type declarations on ClassLoader, fixes #11482 ( #11500 )
2023-06-08 16:30:13 +02:00
Jordi Boggiano
7f6de36354
Fix typo
2023-06-07 16:35:29 +02:00
Jordi Boggiano
ff67cdf6e6
Ignore ICU CDLR version fetching when ICU cannot initialize the resource bundle, fixes #11492
2023-06-07 16:19:44 +02:00
Jordi Boggiano
3ae662f4c7
Fix EventDispatcher on windows picking bat files when using "@php binary", fixes #11490
2023-06-07 15:19:44 +02:00
Andreas Schempp
ebd0a60411
Force CreateProjectCommand to use the installed composer.json ( #11493 )
2023-06-07 12:44:50 +02:00
Jordi Boggiano
1d51f34957
Update baseline (1700, 94)
2023-06-07 08:50:57 +02:00
Jordi Boggiano
6a11574ba6
Merge branch '2.5'
2023-06-07 08:14:20 +02:00
Pol Dellaiera
16bdfe4dae
refactor: update `SyncHelper::downloadAndInstallPackageSync` ( #11496 )
...
* refactor: Widen `SyncHelper::downloadAndInstallPackageSync` parameter signature
* chore: bump `PluginInterface::PLUGIN_API_VERSION` to `2.6.0`
2023-06-06 23:32:39 +02:00
Dezső BICZÓ
8c18de5a41
Handle better nullable file parameter ( #11486 )
...
* Handle better nullable file parameter
Closes #11483
* CS fix
2023-06-06 23:27:55 +02:00
Pol Dellaiera
45977c7cb1
refactor: update `SyncHelper` ( #11485 )
...
Get rid of 3 PHPStan issues
2023-06-06 15:25:54 +02:00
Dan Wallis
3b5976667c
Simplify property assignment ( #11488 )
2023-06-06 14:26:14 +02:00
Jordi Boggiano
902a153741
Fix regression in edge cases where root package gets added to a repository already during the install process, fixes #11495
2023-06-06 14:02:29 +02:00
Sergii Shymko
52caea70d4
Refactor downloader package dist path parsing ( #11471 )
2023-06-06 13:54:17 +02:00
Jordi Boggiano
52f6f74b7c
Merge branch '2.5'
2023-05-24 15:00:53 +02:00
Jordi Boggiano
7d6c76ee79
Reverting release version changes
2023-05-24 15:00:43 +02:00
Jordi Boggiano
d477018d3f
Release 2.5.7
2023-05-24 15:00:40 +02:00
Jordi Boggiano
33c293aec3
Fix autoload regression with metapackage dependencies ( #11481 )
...
fixes #11480
introduced by #11455
2023-05-24 14:58:11 +02:00
Jordi Boggiano
4893b67efa
Reverting release version changes
2023-05-24 09:14:24 +02:00
Jordi Boggiano
f7c05db8b0
Release 2.5.6
2023-05-24 09:14:18 +02:00
Jordi Boggiano
5a96e6ae13
Merge branch '2.5'
2023-05-23 23:49:53 +02:00
Jordi Boggiano
23654389da
Fix lock file verification to take into account root provider/replacers and output mismatches there more clearly, fixes #11458 ( #11475 )
2023-05-23 23:15:07 +02:00
Stefan Grootscholten
9d965b9c65
Fix authentication issues with private bitbucket repos ( #11464 )
2023-05-23 23:14:11 +02:00
Jørn Støylen
9885d23e2a
Ensure stripos() receives a string
...
If file_get_contents() returns false, stripos() will throw a TypeError.
Casting to string prevents this from happening.
Closes #11470
2023-05-23 21:11:23 +02:00
Jordi Boggiano
24361ae654
Merge branch '2.5'
2023-05-23 16:25:24 +02:00
Jordi Boggiano
e51d755a08
Fix numeric default-branches with v prefix (e.g. v2.x-dev) being treated as non-numeric and receiving an alias like e.g. dev-main
2023-05-23 16:25:08 +02:00
Jordi Boggiano
3a48e39375
Return null for install path for metapackages instead of an empty path which then resolves to the root package's path ( #11455 )
...
Fixes #11389
2023-05-14 13:46:46 +02:00
Jordi Boggiano
54808d9bde
Merge branch '2.5'
2023-05-08 14:50:48 +02:00
Dezső BICZÓ
57a48df34e
Support advisories from multiple repositories for the same package ( #11436 )
2023-05-07 15:12:04 +02:00
Jordi Boggiano
a79eef2949
Fix class renaming in plugin manager
2023-05-07 14:53:17 +02:00
Jordi Boggiano
2b58f2c625
Fix getmypid being required as it is not always available, fixes #11401
2023-05-07 14:48:34 +02:00