1
0
Fork 0
Commit Graph

4104 Commits (4c0e163977f8289288df7b37e0fd0469d3e8cbc6)

Author SHA1 Message Date
Jordi Boggiano 79ac2cac82 Merge pull request #4817 from alcohol/repro-4795
Bug #4795
2016-02-04 12:40:23 +00:00
Jordi Boggiano 2e1cdccac0 Merge pull request #4875 from cs278/openssl-platform-version
Handle OpenSSL's many patch releases
2016-02-04 11:43:55 +00:00
Rob Bast be5719eb53 Merge remote-tracking branch 'upstream/master' into repro-4795
* upstream/master: (98 commits)
  Fallback to zlib extension to unpack gzip on non Windows systems
  Zip extension does not provide zlib support
  Unified all Windows tests throughout the code.
  Added Platform utility and unit test for it.
  Remove warnings for non-writable dirs, refs #3588
  [doc] add -H flag to sudo commands
  use full json content to determine reference, closes #4859
  typos
  Make sure COMPOSER_AUTH is also loaded in Config, refs #4546
  Use proper defaults for IO authentications
  Add verbosity input support to IOInterface
  Update SolverTest.php
  Update broken-deps-do-not-replace.test
  Update SolverProblemsException.php
  Cleaned up check+conversion that was no longer required.
  Cleaner notation for expected exceptions in fixtures.
  Introduced more generic, less invasive way to test for exceptions in fixtures, more in line with how phpunit works.
  Included unit test for circular root dependencies.
  Expanded InstallerTest to support expecting Exceptions by supplying "EXCEPTION" as "--EXPECT--"
  Clarified error message and added braces.
  ...
2016-02-04 12:43:37 +01:00
Jordi Boggiano 16215c1937 Merge pull request #4877 from cs278/zip-zlib-muddle
zlib suggest and fallback on non Windows
2016-02-04 11:15:49 +00:00
Jordi Boggiano 57e33fcad7 Merge pull request #4873 from curry684/platform-tests
Windows platform tests unified
2016-02-04 11:12:36 +00:00
Jordi Boggiano 644aa517d5 Merge pull request #4863 from alcohol/issues-4859
bugfix for issue #4859 - path repo does not update when composer.json is adjusted
2016-02-04 10:58:59 +00:00
bogdan 581ce91f90 Implemented new option (ignore-missing-metadata) for composer install command
The command allows to slightly change how repository updates are handled during install

In the previous version composer failed to updated if .git|.svn|.hg folder was missing from the package
In the current version, with the option enabled, if the update fails for exactly this reason,
it'll try to remove the package completely and install it from remote
2016-02-04 03:16:39 +02:00
bogdan a77e2fb093 Removed code duplication with abstract hasMetadataRepository method
which checks if vcs metadata is present in the package

Fixed a bug with -vvv mode. When .git folder is missing from package
in normal mode, -v mode, -vv mode the program throws the exception about missing .git folder
in -vvv mode an exception about inability to read logs
2016-02-04 03:11:18 +02:00
Chris Smith e4877473cf Fallback to zlib extension to unpack gzip on non Windows systems 2016-02-04 00:49:56 +00:00
Chris Smith 0818a6ed54 Previous attempt would cause 0.9.8aa == 0.9.8b 2016-02-04 00:28:42 +00:00
Chris Smith f6f273c4b6 Improve OpenSSL library description 2016-02-04 00:28:42 +00:00
Chris Smith e9e2514b5e Handle OpenSSL version after 26 patch releases
e.g. https://github.com/openssl/openssl/blob/OpenSSL_0_9_8zh/crypto/opensslv.h#L33
2016-02-04 00:28:42 +00:00
Niels Keurentjes 0dab63e050 Unified all Windows tests throughout the code. 2016-02-03 22:39:16 +01:00
Niels Keurentjes f2a2b18367 Added Platform utility and unit test for it. 2016-02-03 22:25:43 +01:00
Jordi Boggiano 8771eca527 Merge remote-tracking branch 'curry684/issue-4767' 2016-02-03 17:00:30 +00:00
Jordi Boggiano d93f7b8a10 Remove warnings for non-writable dirs, refs #3588 2016-02-03 14:57:32 +00:00
Rob Bast 47aa87ea97 use full json content to determine reference, closes #4859 2016-02-03 13:25:10 +01:00
Niels Keurentjes b71c67239d Made NTFS junction detection more reliable and added unit tests for the junction functions. 2016-02-02 23:44:01 +01:00
Niels Keurentjes 1b1462317c Merge branch 'master' of https://github.com/composer/composer into pull-4690 2016-02-02 22:51:22 +01:00
Rob Bast 0e584aa980 resolve issue 2016-02-02 10:45:57 +01:00
Niels Keurentjes 05caf8349c Fixed bug potentially causing broken sites and solved #4431 along the way. 2016-01-30 01:13:37 +01:00
Alexander Stehlik 298e7a218a Trigger event in validate command
This allows plugins to run additional validations.
2016-01-29 17:33:16 +01:00
Bilal Amarni cc75946ef2 typos 2016-01-29 17:13:44 +01:00
Jordi Boggiano 7c3e621102 Make sure COMPOSER_AUTH is also loaded in Config, refs #4546 2016-01-29 12:58:17 +00:00
Jordi Boggiano 2617ec5d28 Use proper defaults for IO authentications 2016-01-29 12:51:23 +00:00
Jordi Boggiano 49d7d65933 Add verbosity input support to IOInterface 2016-01-29 10:14:12 +00:00
Jefferson Carpenter 8d57c3e743 Update SolverProblemsException.php 2016-01-28 19:56:25 -06:00
Niels Keurentjes 358cb3f4fc Fixed exception text and some warnings. 2016-01-28 01:06:05 +01:00
Niels Keurentjes 5489586436 Fully implemented junctioning on Windows for path repositories. 2016-01-28 00:56:02 +01:00
Niels Keurentjes e515eb84e9 Add NTFS junction support to Util\Filesystem. 2016-01-28 00:33:11 +01:00
Chris Smith 0a25bb0bf3 Simplify for PHP 5.3 2016-01-27 08:57:28 +00:00
Niels Keurentjes 7b6ccde97a Clarified error message and added braces. 2016-01-27 09:09:29 +01:00
Niels Keurentjes b1de2c52a3 Add --no-plugins option to remove/require 2016-01-27 00:48:17 +01:00
Niels Keurentjes a48159b283 Bail out if root package attempts to include itself. 2016-01-26 23:39:39 +01:00
Chris Smith 3979abc638 Add warning if OpenSSL does not support TLSv1.2 or TLSv1.1 2016-01-26 22:05:35 +00:00
Jordi Boggiano 593b88e414 Let users configure *any auth* via COMPOSER_AUTH and add it to the docs, refs #4546 2016-01-26 19:09:57 +00:00
Jordi Boggiano e513f27674 Merge remote-tracking branch 'firoxer/envvar_auth' 2016-01-26 18:59:55 +00:00
Jordi Boggiano ae14e0f086 Add ssh2 protocol default ports, fixes #4835 2016-01-26 16:53:41 +00:00
appchecker 13b50799d1 fix: missing parentheses 2016-01-26 18:19:58 +03:00
Jordi Boggiano 618e7f98b2 Force base error reporting level to include everything 2016-01-26 15:05:57 +00:00
Jordi Boggiano 4e00635298 Fix error handling support, fixes #4833 2016-01-26 15:04:13 +00:00
Rob Bast f829a160fb use a proper tmp directory
this test failed on OSX before, trying to create a directory at the root of the filesystem
2016-01-26 14:32:04 +01:00
Jordi Boggiano 1818b95149 CS fixes 2016-01-26 13:07:18 +00:00
Jordi Boggiano 5c944d45ac Merge pull request #4827 from curry684/issue-4203
Added more graceful warning suppression utility
2016-01-26 12:31:18 +00:00
Niels Keurentjes c2e768b8ad Made Silencer invocations safer against exceptions. 2016-01-26 13:27:24 +01:00
Jordi Boggiano 5672f67475 Merge pull request #4829 from curry684/issue-4726
Globbing while resolving path repositories now normalizes to slashes
2016-01-26 12:18:47 +00:00
Jordi Boggiano fff5074bbf Fix additionalOptions getting dropped when SAN and redirect handling are combined, refs #4782 2016-01-26 10:44:06 +00:00
Jordi Boggiano 03e0d65f37 Allow stream wrapper usage in config dirs, fixes #4788 2016-01-25 23:40:16 +00:00
Niels Keurentjes 84fed02df1 Globbing while resolving path repositories now normalizes to slashes for predictable cross-platform behaviour. Fixes #4726 2016-01-26 00:33:47 +01:00
Niels Keurentjes 76c1645a0e Merge remote-tracking branch 'upstream/master' into issue-4203 2016-01-25 23:38:13 +01:00
Niels Keurentjes 18cd4f966b Added silencer utility to more gracefully handle error suppression without hiding errors or worse. Fixes #4203, #4683 2016-01-25 23:37:54 +01:00
Jordi Boggiano e0ff9598c3 Tweak wording a bit, refs #3177 2016-01-25 22:24:34 +00:00
Jordi Boggiano 4d9bab4b86 Merge remote-tracking branch 'singles/missing-extension-ini-hint' 2016-01-25 22:22:41 +00:00
Jordi Boggiano c5cb2327cf Merge remote-tracking branch 'bamarni/config-repo-options' 2016-01-25 21:28:22 +00:00
Jordi Boggiano 5b41eaad3a Bundle pubkeys and fail hard if validation can not happen 2016-01-25 19:43:48 +00:00
Jordi Boggiano 59975e3aaa Add missing keys class 2016-01-25 19:43:48 +00:00
Jordi Boggiano f4bcf7590b Fix array syntax 2016-01-25 19:43:48 +00:00
Jordi Boggiano 3ef22258e5 Add key fingerprints for easier comparison and debugging via diagnose 2016-01-25 19:43:48 +00:00
Jordi Boggiano a9be7c83f1 Add verification of signatures when running self-update 2016-01-25 19:43:48 +00:00
Jordi Boggiano bdb97e7527 Reuse new TlsHelper for CA validation, refs #4798 2016-01-25 19:17:56 +00:00
Jordi Boggiano 1ea810d40b Merge remote-tracking branch 'cs278/san-support' 2016-01-25 18:53:45 +00:00
Jordi Boggiano 78ffe0fd08 Avoid checking CA files several times 2016-01-25 18:34:52 +00:00
Bilal Amarni e727f9f5fe [Config command] allow to pass options when adding a repo 2016-01-25 19:25:10 +01:00
Jordi Boggiano 901e6f1d0e Fix output and handling of RFS::copy() and extract redirect code into its own method, refs #4783 2016-01-25 17:55:29 +00:00
Jordi Boggiano a574d5ef76 Merge remote-tracking branch 'cs278/follow-redirects' 2016-01-25 17:26:05 +00:00
Chris Smith e2e07a32c3 Fixes to vuln detection 2016-01-24 20:54:43 +00:00
Chris Smith bc8b7b0f78 Remove left behind debug code 2016-01-24 19:41:14 +00:00
Chris Smith b32aad8439 Do not set TLS options on local URLs 2016-01-24 19:10:11 +00:00
Chris Smith 74aa73e841 The origin may not be the remote host 2016-01-24 19:09:35 +00:00
Chris Smith 304c268c3b Tidy up and general improvement of sAN handling code
* Move OpenSSL functions into a new TlsHelper class
* Add error when sAN certificate cannot be verified due to
  CVE-2013-6420
* Throw exception if PHP >= 5.6 manages to use fallback code
* Add support for wildcards in CN/sAN
* Add tests for cert name validation
* Check for backported security fix for CVE-2013-6420 using
  testcase from PHP tests.
* Whitelist some disto PHP versions that have the CVE-2013-6420
  fix backported.
2016-01-24 19:02:50 +00:00
Chris Smith 7e2a015e9b Provide support for subjectAltName on PHP < 5.6 2016-01-24 19:02:29 +00:00
Jordi Boggiano 837fa805ec Code tweaks, refs #4124 2016-01-22 19:09:44 +00:00
Jordi Boggiano ddd140fd1c Rollback plugin api version to 1.0.0 for now, add warning about requiring 1.0.0 exactly 2016-01-22 19:09:03 +00:00
nevvermind 5ec6988218 Fixed docs and removed implementation detail 2016-01-22 13:54:59 +00:00
nevvermind aa45a48283 Refactoring
- changed "SPI" into something more familiar, like "implementation"
- throw exceptions on invalid implementation types or invalid class names
- use null instead of false when querying
- refactored the tests accordingly
2016-01-22 13:51:32 +00:00
nevvermind ec8229ffa3 Remove @since 2016-01-22 13:51:32 +00:00
nevvermind 2051d74774 Added Capable plugins for a more future-proof Plugin API
Plugins can now present their capabilities to the PluginManager, through which it can act accordingly, thus making Plugin API more flexible, BC-friendly and decoupled.
2016-01-22 13:51:32 +00:00
Rob Bast 5b85ee409c add missing array-replace-recursive 2016-01-22 14:29:29 +01:00
Rob Bast d6be2a693b switch to array-replace-recursive 2016-01-22 14:27:08 +01:00
Rob Bast 2393222826 more appropriate name 2016-01-22 09:20:43 +01:00
Rob Bast 474541e9aa apply comments
- add capath to json schema
- simplify factory
- hash_file and sha256 for CA checking
- remove exception as scenario should not occur
- remove executable bit from CA file
- make CA file also group/world writable (we overwrite invalid content anyway)
    to avoid permission errors as much as possible
2016-01-22 09:14:37 +01:00
Chris Smith 33f823146b Account for ports in URL 2016-01-22 01:48:16 +00:00
Chris Smith 34f1fcbdcb Drop downgrade warning 2016-01-22 01:47:05 +00:00
Rob Bast c232566e52 add a hash to make sure CA file gets recreated if the content changes 2016-01-21 16:02:44 +01:00
Rob Bast cef97904d0 dont rewrite temp CA file if it already exists
and make it readable by everyone the first time we create it
2016-01-21 15:07:51 +01:00
Rob Bast 4482a1dca0 also wrong array 2016-01-20 21:53:49 +01:00
Rob Bast f79255df29 make sure passed options are merged into defaults before checking 2016-01-20 21:35:06 +01:00
Rob Bast 94947ee772 merge isset() calls 2016-01-20 21:29:55 +01:00
Rob Bast b95b0c2ab6 wrong array 2016-01-20 21:27:26 +01:00
Rob Bast 008cce8d85 add back sanity checks 2016-01-20 21:24:13 +01:00
Rob Bast c1488f65bf a quick stab at adding capath 2016-01-20 21:20:18 +01:00
Jordi Boggiano 395d115d9b Resolve all dirs before initializing them, fixes #4802 2016-01-20 11:17:40 +00:00
Stephen Beemsterboer c1b9b082a4 Break early when a provider name is matched 2016-01-20 01:29:32 -05:00
Chris Smith dd3216e93d Refactor to use new helper methods for headers 2016-01-19 22:19:17 +00:00
Chris Smith 8a8ec6fccc Too many redirects is not an error in PHP, return the latest response 2016-01-19 22:06:38 +00:00
Chris Smith 33471e389f Pass redirect count using options
Removing the risk it might be preserved between requests.
2016-01-19 22:06:27 +00:00
Chris Smith e830a611ec Handle other path redirects 2016-01-19 22:06:27 +00:00
Chris Smith ffab235edd Remove code preventing protocol downgrades 2016-01-19 22:06:27 +00:00
Chris Smith ce1eda25f3 Follow redirects inside RFS only when required by PHP version 2016-01-19 22:06:27 +00:00
Chris Smith 73662c725a Don't let PHP follow redirects it doesn't validate certificates 2016-01-19 22:06:04 +00:00