* Audit: ignores configured repository options
* ComposerRepository: add test case to assert that repo http options are used to make security advisory POST request
On macOS, if libcurl is built against SecureTransport, the platform repository will contain an invalid package name:
% composer show --platform | grep curl
ext-curl 8.2.7 The curl PHP extension
lib-curl 8.1.2 The curl library
lib-curl-(securetransport) openssl 3.1.1 curl (securetransport) openss...
lib-curl-libssh2 1.11.0 curl libssh2 version
lib-curl-zlib 1.2.11 curl zlib version
This change fixes it:
% bin/composer show --platform | grep curl
lib-curl 8.1.2 The curl library
lib-curl-libssh2 1.11.0 curl libssh2 version
lib-curl-securetransport 3.1.1 curl (securetransport) openssl ...
lib-curl-zlib 1.2.11 curl zlib version
(second column width difference comes from the Composer dev version number)
The behavior in FilterRepository is currently correct, but not explicitly tested.
Also add a test that ensures both filters can't be there simultaneously.
* GitHubDriver: fix support is set to string
* GitLabDriver: fix support is set to string
* BitbucketDriver: fix support is set to string
* Fix PHPStan
* GitDriver: filter branch names starting with a - character
* GitDriver: getFileContent prevent identifiers starting with a -
* HgDriver: prevent invalid identifiers and prevent file from running commands
* HgDriver: filter branches starting with a - character
The initial clone determined what the default branch of the cache git repository was. Changing it on the remote didn't have any impact on the local data. However, cloning it on a different machine would then store a different default branch on that machine. This could lead to different results for the same command on different machines.
* Parallellize the branch comparisons to speed up bootstrapping/version guessing when on a feature branch, fixes#10568
* Allow ProcessExecutorMock to function with async calls