John Stevenson
3cc490d4c4
Refactor proxy handling to require https_proxy ( #11915 )
...
Composer has always allowed a single http_proxy (or CGI_HTTP_PROXY)
environment variable to be used for both HTTP and HTTPS requests. But
many other tools and libraries require scheme-specific values.
The landscape is already complicated by the use of and need for upper
and lower case values, so to bring matters inline with current practice
https_proxy is now required for HTTPS requests.
The new proxy handler incorporates a transition mechanism, which allows
http_proxy to be used for all requests when https_proxy is not set and
provides a `needsTransitionWarning` method for the main application.
Moving to scheme-specific environment variables means that a user may
set a single proxy for either HTTP or HTTPS requests. To accomodate this
situation during the transition period, an https_proxy value can be set
to an empty string which will prevent http_proxy being used for HTTPS
requests.
2024-04-17 14:34:26 +02:00
Jordi Boggiano
92f641ac3d
Fix show command output to remove v prefixes on versions, making for more uniform output, fixes #11925
2024-04-15 13:23:25 +02:00
Jordi Boggiano
b12a88b7f3
Fix call
2024-03-22 09:29:43 +01:00
Jordi Boggiano
54870a78c4
Add a new test to confirm that show --direct <name> works with direct dependents/dev-dependents
2024-03-21 16:59:41 +01:00
Jordi Boggiano
07fa4255d6
Add support for php extension packages ( #11795 )
...
* Update schema
* Validate php-ext is only set for php-ext or php-ext-zend packages
* Make sure the pool builder excludes php-ext/php-ext-zend
2024-03-20 22:04:58 +01:00
Jordi Boggiano
94fe294545
Fix self-update tests on releases
2024-03-11 17:32:50 +01:00
Pol Dellaiera
66acb84c12
Fix update --lock to avoid updating all metadata except dist/source urls and mirrors ( #11850 )
...
We now update the existing package instead of reverting changes in the updated package to ensure we keep all metadata intact, fixes #11787
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2024-03-05 11:32:40 +01:00
Jordi Boggiano
d7cdb28b28
Try to fix CI
2024-02-23 10:54:34 +01:00
Pol Dellaiera
a0d474f75c
Add a warning message when Composer is not able to guess the root package version ( #11858 )
...
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2024-02-23 10:47:36 +01:00
Yuto Takakura
1b7a71f7e7
Add tests for SelfUpdateCommand ( #11816 )
...
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2024-02-21 20:59:50 +01:00
Jordi Boggiano
64e4eb356b
Merge pull request from GHSA-7c6p-848j-wh5h
...
* Fix usage of possibly compromised installed.php/InstalledVersions.php at runtime, refs GHSA-7c6p-848j-wh5h
* Fix InstalledVersionsTest regression
2024-02-08 14:33:59 +01:00
theoboldalex
7a6bb18e21
Adds a test for no dev ( #11833 )
2024-02-08 11:06:34 +01:00
Jordi Boggiano
67d80e1c9d
Fix php7.2
2024-02-07 22:44:22 +01:00
Jordi Boggiano
df8f9f05a3
Update tests
2024-02-07 22:37:22 +01:00
Dezső BICZÓ
7cb92a90c8
Introduce COMPOSER_AUDIT_ABANDONED env var ( #11794 )
...
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2024-02-07 22:13:36 +01:00
theoboldalex
338bc16a11
test: Covers audit of pkg with no sec advisories ( #11789 )
2024-02-07 11:40:29 +01:00
Stephan
9a656854ad
ValidatingArrayLoader: fix link validation with missing name ( #11830 )
2024-02-06 17:18:41 +01:00
Jordi Boggiano
0f70c0a9c9
Add detection of constraints which do not match anything in validate command, fixes #11802 ( #11829 )
2024-02-06 12:57:52 +01:00
Jordi Boggiano
55db88f51b
Add error when composer show --direct <transient-dependency> is used to show a dependency which is not direct, fixes #11728
2024-01-11 09:53:00 +01:00
Jordi Boggiano
284821543a
Merge branch '2.6'
2024-01-08 16:10:20 +01:00
Sam L
44f02a5c86
Add COMPOSER_FUND=0 env var to disable calls for funding ( #11779 )
2024-01-08 15:10:49 +01:00
Jordi Boggiano
be71bf056e
Fix support for versions with 4 components in VersionSelector, fixes #11716
2024-01-08 14:56:08 +01:00
Jordi Boggiano
071fbcf347
Fix warnings incorrectly being shown when using require with upper bound ignored on platform requirements, fixes #11722 ( #11786 )
2024-01-08 14:48:24 +01:00
Jordi Boggiano
534bc20beb
Add support for combining show --self with --installed or --locked ( #11785 )
2024-01-08 14:14:44 +01:00
theoboldalex
3be0ca8467
Adds a test for invalid arg combo ( #11783 )
2024-01-08 11:03:34 +01:00
Jordi Boggiano
53a1f32061
Add --sort-by-age to show/outdated commands, and also release date for latest package in --latest mode ( #11762 )
2023-12-20 15:37:27 +01:00
Stephan
86cd364901
Audit: add severity to plain and table output ( #11702 )
2023-12-19 19:11:50 +01:00
Jordi Boggiano
9b0f9b40a4
Show package source in very verbose updates, fixes #11733 ( #11763 )
2023-12-19 17:17:48 +01:00
Jordi Boggiano
4a209b7d3d
Fix bump command not bumping versions with a v prefix e.g. ^v2.4, fixes #11723 ( #11764 )
2023-12-19 17:17:32 +01:00
theoboldalex
aaff0ae4df
Adds a test for UpdateCommand ( #11724 )
...
* test: Interactive mode should throw if no package
* PHPStan fix. Missing return type on test method
2023-12-08 18:26:05 +01:00
Travis Carden
aefa46dfba
Add support for "scripts-aliases" in composer.json ( #11666 )
2023-10-27 11:36:59 +02:00
Jordi Boggiano
cc653161c3
Merge branch '2.6'
2023-10-26 11:39:41 +02:00
Dan Wallis
8c0f1e10dc
Display error instead of throwing exception when unable to update with temporary constraint ( #11692 )
2023-10-26 11:38:02 +02:00
Dan Wallis
81b662d388
Suggest running 'require' not 'update' if a root req fails to update ( #11691 )
2023-10-26 11:08:03 +02:00
Jordi Boggiano
899dcedf66
Add --minimal-changes mode to perform partial updates --with-dependencies while changing only what is necessary in other dependencies ( #11665 )
2023-10-26 10:25:04 +02:00
Dan Wallis
7a09e05560
Bump wildcard constraints to >=current ( #11694 )
2023-10-25 18:04:52 +02:00
Dan Wallis
c827c93b62
Use global constant if available for libpq version ( #11684 )
2023-10-11 14:19:31 +02:00
Jesper Skytte Marcussen
9a407b5ad3
10796 Increase coverage of ShowCommand ( #11677 )
...
* Added more tests for ShowCommand class
By doing so, my local setup shows increase in coverage from some 38% to
67%.
* PHP-CS-Fixer
* PHPStan fixes
2023-10-11 13:43:30 +02:00
Jordi Boggiano
cb363b0e84
Fix autoload generator dump() non-BC signature change in 2.6.4
2023-10-06 09:34:10 +02:00
Pol Dellaiera
b608b8e87e
feat: improve Composer's output reproducibility ( #11663 )
...
* AutoloadGenerator: add `Locker` parameter to the `dump` method
* AutoloadGenerator: do not create a random hash, re-use the one from the lock file if it exists
* FileSystem: make sure `safeCopy` copy also the file time metadata
2023-09-28 11:43:52 +02:00
Jordi Boggiano
892eaacedf
Optimize show -a by loading only the requested package ( #11659 )
...
Fixes #11648
2023-09-27 11:28:33 +02:00
Dezső BICZÓ
755de04bf5
Fix abandoned package list JSON serialization ( #11647 )
...
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-26 14:23:45 +02:00
Alex Theobold
218b9041c9
Test status command ( #11522 )
2023-09-14 11:45:18 +02:00
Jordi Boggiano
e3484c8581
Add audit.abandoned warnings for abandoned packages, fixes #11623 ( #11639 )
2023-09-14 11:30:09 +02:00
wgevaert
e2f5afd4cd
Add warning when duplicate "files" autoload rules are detected ( #11109 )
...
Co-authored-by: Wout Gevaert <wout@wikibase.nl>
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-13 14:11:00 +02:00
Yanick Witschi
5474dc9b5b
Fixed replaced packages being incorrectly missing when unlocked by an old version ( #11629 )
...
Co-authored-by: Nils Adermann <naderman@naderman.de>
2023-09-13 10:42:47 +02:00
Jordi Boggiano
7a7f364184
Fix bitbucket redirect URLs failing old PHP builds which do not support long headers
...
51e2015af3
2023-09-12 11:28:26 +02:00
Jordi Boggiano
755e89fc91
Fix loading of root aliases on path repo packages when doing partial updates, fixes #11630 ( #11632 )
2023-09-11 17:45:19 +02:00
Michael Voříšek
40244dc228
Revert "Set $_SERVER['SCRIPT_NAME'] within proxy command ( #11562 )" ( #11617 )
...
This reverts commit 9c25633d6d
.
2023-09-03 13:39:48 +02:00
Dezső BICZÓ
0ab4dfba7c
Change audit.ignore behavior before 2.6.0 ( #11605 )
...
* Still report ignored security advisories
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-01 10:04:31 +02:00