1
0
Fork 0
Commit Graph

12346 Commits (64e4eb356b159a30c766cd1ea83450a38dc23bf5)

Author SHA1 Message Date
Jordi Boggiano 955a48e631
Merge pull request from GHSA-jm6m-4632-36hf 2023-09-29 10:15:51 +02:00
Pol Dellaiera b608b8e87e
feat: improve Composer's output reproducibility (#11663)
* AutoloadGenerator: add `Locker` parameter to the `dump` method
* AutoloadGenerator: do not create a random hash, re-use the one from the lock file if it exists
* FileSystem: make sure `safeCopy` copy also the file time metadata
2023-09-28 11:43:52 +02:00
Jordi Boggiano 77fadf0e1e
Update changelog 2023-09-27 14:26:07 +02:00
Jordi Boggiano 892eaacedf
Optimize show -a by loading only the requested package (#11659)
Fixes #11648
2023-09-27 11:28:33 +02:00
Jordi Boggiano c7e696dbde
Bump dependencies 2023-09-27 11:09:34 +02:00
Yanick Witschi f6ce8349c5
Use CompilingMatcher in DefaultPolicy for performance reasons (#11638)
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-27 09:08:29 +02:00
Dezső BICZÓ 755de04bf5
Fix abandoned package list JSON serialization (#11647)
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-26 14:23:45 +02:00
Valentin Udaltsov 1f9f91cfea
Changed psr/logger to psr/log (#11652) 2023-09-22 09:49:08 +02:00
Jordi Boggiano 39faacbca9
Reverting release version changes 2023-09-15 09:38:22 +02:00
Jordi Boggiano ff477832e6
Release 2.6.3 2023-09-15 09:38:22 +02:00
Jordi Boggiano 14233f1a77
Update changelog 2023-09-15 09:38:12 +02:00
Jordi Boggiano af90590c8f
Update baseline (1689, 92) 2023-09-14 11:47:53 +02:00
Alex Theobold 218b9041c9
Test status command (#11522) 2023-09-14 11:45:18 +02:00
Jordi Boggiano e3484c8581
Add audit.abandoned warnings for abandoned packages, fixes #11623 (#11639) 2023-09-14 11:30:09 +02:00
Jordi Boggiano 3bc72f75cb
Fix build, update deps 2023-09-13 18:17:28 +02:00
wgevaert e2f5afd4cd
Add warning when duplicate "files" autoload rules are detected (#11109)
Co-authored-by: Wout Gevaert <wout@wikibase.nl>
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-13 14:11:00 +02:00
Yanick Witschi 5474dc9b5b
Fixed replaced packages being incorrectly missing when unlocked by an old version (#11629)
Co-authored-by: Nils Adermann <naderman@naderman.de>
2023-09-13 10:42:47 +02:00
Jason McCreary 1e4966c313
Get realpath for `ZipArchive` (#11636) 2023-09-13 09:59:22 +02:00
Jordi Boggiano 7a7f364184
Fix bitbucket redirect URLs failing old PHP builds which do not support long headers
51e2015af3
2023-09-12 11:28:26 +02:00
Jordi Boggiano 1ac0ea8739
Retry curl receive errors when connection reset by peer, fixes #11622 2023-09-12 10:10:53 +02:00
Jordi Boggiano 755e89fc91
Fix loading of root aliases on path repo packages when doing partial updates, fixes #11630 (#11632) 2023-09-11 17:45:19 +02:00
Christophe Coevoet 087b21d687
Fix the promise resolution for the cleanup logic (#11620) 2023-09-11 17:40:43 +02:00
abreel 370b394714
updated memory limit distinction for memory limit errors in docs (#11624) 2023-09-11 13:52:05 +02:00
dependabot[bot] 77de19dcaa
Bump actions/checkout from 3 to 4 (#11621)
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-07 14:47:04 +02:00
Jordi Boggiano 75ae504b2c
Reverting release version changes 2023-09-03 14:09:16 +02:00
Jordi Boggiano 623e5e1de0
Release 2.6.2 2023-09-03 14:09:15 +02:00
Jordi Boggiano 3033c0f3a9
Update changelog 2023-09-03 14:08:56 +02:00
Michael Voříšek 40244dc228
Revert "Set $_SERVER['SCRIPT_NAME'] within proxy command (#11562)" (#11617)
This reverts commit 9c25633d6d.
2023-09-03 13:39:48 +02:00
Jordi Boggiano 98a588eb90
Avoid COMPOSER env being set if not necessary as it can cause issues with scripts, fixes #11613, refs #11493 2023-09-03 11:13:54 +02:00
Uladzimir Tsykun 90cbb144b2
Fix exit code 5 on composer require/create-project command (#11616) 2023-09-03 10:54:07 +02:00
Jordi Boggiano d221d5c69a
Reverting release version changes 2023-09-01 13:53:09 +02:00
Jordi Boggiano ee851d6b6b
Release 2.6.1 2023-09-01 13:53:08 +02:00
Jordi Boggiano b4617c94e6
Update changelog 2023-09-01 13:52:54 +02:00
Jordi Boggiano 5fae76ce67
Revert "Allow executing binaries which are not marked executable via shell proxies (#11557)"
This reverts commit c1f2964105.
2023-09-01 13:50:20 +02:00
Jordi Boggiano 9ab8ef5a71
Reverting release version changes 2023-09-01 10:07:51 +02:00
Jordi Boggiano ea4222fad9
Release 2.6.0 2023-09-01 10:07:50 +02:00
Jordi Boggiano 416b43b401
Update changelog 2023-09-01 10:05:37 +02:00
Jordi Boggiano 7dc5666f33
Avoid failing the require command if the audit step failed 2023-09-01 10:05:13 +02:00
Dezső BICZÓ 0ab4dfba7c
Change audit.ignore behavior before 2.6.0 (#11605)
* Still report ignored security advisories

Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-01 10:04:31 +02:00
Jordi Boggiano b6fe941911
Update changelog 2023-08-31 16:09:07 +02:00
Damien Carrier e0abc40ded
Add test for `ArchiveCommand` with package name (#11551)
* test(ArchiveCommand): Add test for ArchiveCommand with package name

* fix : using explicit variable name for eventDispatcher Mock

---------

Co-authored-by: Damien Carrier <damien.carrier@alximy.io>
2023-08-31 13:46:43 +02:00
Jordi Boggiano e1587cf698
Update deps 2023-08-31 11:52:55 +02:00
ಠ_ಠ 1a2bd38764
allow bumping for patch level version constraints fixes #11579 (#11590) 2023-08-31 11:05:49 +02:00
Travis Carden 1c4ac1c437
Add `dumpautoload --dry-run` option (#11608) 2023-08-31 10:35:02 +02:00
Martin Herndl 6fd145f01e
Allow --strict-psr in `DumpAutoloadCommand` also with --classmap-authoritative (#11607) 2023-08-30 21:43:16 +02:00
Martin Herndl 02e4a2d1a3
Add test case for `DumpAutoloadCommand` with failing --strict-psr check (#11606) 2023-08-30 21:42:45 +02:00
Tom Klingenberg db53c65986
COMPOSER_DISABLE_NETWORK aware `diagnose` checks; SKIP output (#11597)
Make `diagnose` checks aware of COMPOSER_DISABLE_NETWORK (true) and skip
Composer network operations that would otherwise spill stack traces into
diagnostic messages and taint the result as error while the check itself
is not applicable/useful within the environment.

`COMPOSER_DISABLE_NETWORK` was released with [2.0.0-alpha1] and intro-
duced in fc03ab9bb (Add COMPOSER_DISABLE_NETWORK env var for debugging,
2019-01-14).

The previous behaviour was to exit with a status of two (2), denoting an
error.

The new behaviour is to exit with a status of zero (0), showing the
successful skipping of diagnostics that can only be run when Composer
network is enabled - not disabled.

SKIP output is updated and streamlined.

NOTE: The "prime" Value

It is irrelevant for diagnose checks, as all diagnostic checks that
spilled were with the HTTP Downloader and the check is aligned (both
"1" or "prime" values disable):

    (bool) Platform::getEnv('COMPOSER_DISABLE_NETWORK')

NOTE: Not Affected

 * The `allow_url_fopen` diagnostic check, platform related
 * The `disable-tls` setting related HTTP Downloader creation warning

[2.0.0-alpha1]: <https://getcomposer.org/changelog/2.0.0-alpha1> "released 2020-06-03"
2023-08-30 21:35:59 +02:00
Christophe Coevoet 83771ce9ba
Fix the mtime of the vendor folder when running composer install (#11593)
When splitting the logic between the lock file management and the vendor
folder management in composer 2.0, the logic playing nice with make was
broken by running the logic based on operations performed in the lock
file instead of operations performed in the vendor folder.
2023-08-30 18:05:58 +02:00
Fábio 25f4854ad7
Fix typo 03-cli.md (#11587) 2023-08-30 18:03:12 +02:00
Martin Herndl 879524d8e3
Add tests for DumpAutoloadCommand (#11581) 2023-08-30 16:09:05 +02:00