Jordi Boggiano
955a48e631
Merge pull request from GHSA-jm6m-4632-36hf
2023-09-29 10:15:51 +02:00
Pol Dellaiera
b608b8e87e
feat: improve Composer's output reproducibility ( #11663 )
...
* AutoloadGenerator: add `Locker` parameter to the `dump` method
* AutoloadGenerator: do not create a random hash, re-use the one from the lock file if it exists
* FileSystem: make sure `safeCopy` copy also the file time metadata
2023-09-28 11:43:52 +02:00
Jordi Boggiano
77fadf0e1e
Update changelog
2023-09-27 14:26:07 +02:00
Jordi Boggiano
892eaacedf
Optimize show -a by loading only the requested package ( #11659 )
...
Fixes #11648
2023-09-27 11:28:33 +02:00
Jordi Boggiano
c7e696dbde
Bump dependencies
2023-09-27 11:09:34 +02:00
Yanick Witschi
f6ce8349c5
Use CompilingMatcher in DefaultPolicy for performance reasons ( #11638 )
...
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-27 09:08:29 +02:00
Dezső BICZÓ
755de04bf5
Fix abandoned package list JSON serialization ( #11647 )
...
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-26 14:23:45 +02:00
Valentin Udaltsov
1f9f91cfea
Changed psr/logger to psr/log ( #11652 )
2023-09-22 09:49:08 +02:00
Jordi Boggiano
39faacbca9
Reverting release version changes
2023-09-15 09:38:22 +02:00
Jordi Boggiano
ff477832e6
Release 2.6.3
2023-09-15 09:38:22 +02:00
Jordi Boggiano
14233f1a77
Update changelog
2023-09-15 09:38:12 +02:00
Jordi Boggiano
af90590c8f
Update baseline (1689, 92)
2023-09-14 11:47:53 +02:00
Alex Theobold
218b9041c9
Test status command ( #11522 )
2023-09-14 11:45:18 +02:00
Jordi Boggiano
e3484c8581
Add audit.abandoned warnings for abandoned packages, fixes #11623 ( #11639 )
2023-09-14 11:30:09 +02:00
Jordi Boggiano
3bc72f75cb
Fix build, update deps
2023-09-13 18:17:28 +02:00
wgevaert
e2f5afd4cd
Add warning when duplicate "files" autoload rules are detected ( #11109 )
...
Co-authored-by: Wout Gevaert <wout@wikibase.nl>
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-13 14:11:00 +02:00
Yanick Witschi
5474dc9b5b
Fixed replaced packages being incorrectly missing when unlocked by an old version ( #11629 )
...
Co-authored-by: Nils Adermann <naderman@naderman.de>
2023-09-13 10:42:47 +02:00
Jason McCreary
1e4966c313
Get realpath for `ZipArchive` ( #11636 )
2023-09-13 09:59:22 +02:00
Jordi Boggiano
7a7f364184
Fix bitbucket redirect URLs failing old PHP builds which do not support long headers
...
51e2015af3
2023-09-12 11:28:26 +02:00
Jordi Boggiano
1ac0ea8739
Retry curl receive errors when connection reset by peer, fixes #11622
2023-09-12 10:10:53 +02:00
Jordi Boggiano
755e89fc91
Fix loading of root aliases on path repo packages when doing partial updates, fixes #11630 ( #11632 )
2023-09-11 17:45:19 +02:00
Christophe Coevoet
087b21d687
Fix the promise resolution for the cleanup logic ( #11620 )
2023-09-11 17:40:43 +02:00
abreel
370b394714
updated memory limit distinction for memory limit errors in docs ( #11624 )
2023-09-11 13:52:05 +02:00
dependabot[bot]
77de19dcaa
Bump actions/checkout from 3 to 4 ( #11621 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-07 14:47:04 +02:00
Jordi Boggiano
75ae504b2c
Reverting release version changes
2023-09-03 14:09:16 +02:00
Jordi Boggiano
623e5e1de0
Release 2.6.2
2023-09-03 14:09:15 +02:00
Jordi Boggiano
3033c0f3a9
Update changelog
2023-09-03 14:08:56 +02:00
Michael Voříšek
40244dc228
Revert "Set $_SERVER['SCRIPT_NAME'] within proxy command ( #11562 )" ( #11617 )
...
This reverts commit 9c25633d6d
.
2023-09-03 13:39:48 +02:00
Jordi Boggiano
98a588eb90
Avoid COMPOSER env being set if not necessary as it can cause issues with scripts, fixes #11613 , refs #11493
2023-09-03 11:13:54 +02:00
Uladzimir Tsykun
90cbb144b2
Fix exit code 5 on composer require/create-project command ( #11616 )
2023-09-03 10:54:07 +02:00
Jordi Boggiano
d221d5c69a
Reverting release version changes
2023-09-01 13:53:09 +02:00
Jordi Boggiano
ee851d6b6b
Release 2.6.1
2023-09-01 13:53:08 +02:00
Jordi Boggiano
b4617c94e6
Update changelog
2023-09-01 13:52:54 +02:00
Jordi Boggiano
5fae76ce67
Revert "Allow executing binaries which are not marked executable via shell proxies ( #11557 )"
...
This reverts commit c1f2964105
.
2023-09-01 13:50:20 +02:00
Jordi Boggiano
9ab8ef5a71
Reverting release version changes
2023-09-01 10:07:51 +02:00
Jordi Boggiano
ea4222fad9
Release 2.6.0
2023-09-01 10:07:50 +02:00
Jordi Boggiano
416b43b401
Update changelog
2023-09-01 10:05:37 +02:00
Jordi Boggiano
7dc5666f33
Avoid failing the require command if the audit step failed
2023-09-01 10:05:13 +02:00
Dezső BICZÓ
0ab4dfba7c
Change audit.ignore behavior before 2.6.0 ( #11605 )
...
* Still report ignored security advisories
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-01 10:04:31 +02:00
Jordi Boggiano
b6fe941911
Update changelog
2023-08-31 16:09:07 +02:00
Damien Carrier
e0abc40ded
Add test for `ArchiveCommand` with package name ( #11551 )
...
* test(ArchiveCommand): Add test for ArchiveCommand with package name
* fix : using explicit variable name for eventDispatcher Mock
---------
Co-authored-by: Damien Carrier <damien.carrier@alximy.io>
2023-08-31 13:46:43 +02:00
Jordi Boggiano
e1587cf698
Update deps
2023-08-31 11:52:55 +02:00
ಠ_ಠ
1a2bd38764
allow bumping for patch level version constraints fixes #11579 ( #11590 )
2023-08-31 11:05:49 +02:00
Travis Carden
1c4ac1c437
Add `dumpautoload --dry-run` option ( #11608 )
2023-08-31 10:35:02 +02:00
Martin Herndl
6fd145f01e
Allow --strict-psr in `DumpAutoloadCommand` also with --classmap-authoritative ( #11607 )
2023-08-30 21:43:16 +02:00
Martin Herndl
02e4a2d1a3
Add test case for `DumpAutoloadCommand` with failing --strict-psr check ( #11606 )
2023-08-30 21:42:45 +02:00
Tom Klingenberg
db53c65986
COMPOSER_DISABLE_NETWORK aware `diagnose` checks; SKIP output ( #11597 )
...
Make `diagnose` checks aware of COMPOSER_DISABLE_NETWORK (true) and skip
Composer network operations that would otherwise spill stack traces into
diagnostic messages and taint the result as error while the check itself
is not applicable/useful within the environment.
`COMPOSER_DISABLE_NETWORK` was released with [2.0.0-alpha1] and intro-
duced in fc03ab9bb
(Add COMPOSER_DISABLE_NETWORK env var for debugging,
2019-01-14).
The previous behaviour was to exit with a status of two (2), denoting an
error.
The new behaviour is to exit with a status of zero (0), showing the
successful skipping of diagnostics that can only be run when Composer
network is enabled - not disabled.
SKIP output is updated and streamlined.
NOTE: The "prime" Value
It is irrelevant for diagnose checks, as all diagnostic checks that
spilled were with the HTTP Downloader and the check is aligned (both
"1" or "prime" values disable):
(bool) Platform::getEnv('COMPOSER_DISABLE_NETWORK')
NOTE: Not Affected
* The `allow_url_fopen` diagnostic check, platform related
* The `disable-tls` setting related HTTP Downloader creation warning
[2.0.0-alpha1]: <https://getcomposer.org/changelog/2.0.0-alpha1 > "released 2020-06-03"
2023-08-30 21:35:59 +02:00
Christophe Coevoet
83771ce9ba
Fix the mtime of the vendor folder when running composer install ( #11593 )
...
When splitting the logic between the lock file management and the vendor
folder management in composer 2.0, the logic playing nice with make was
broken by running the logic based on operations performed in the lock
file instead of operations performed in the vendor folder.
2023-08-30 18:05:58 +02:00
Fábio
25f4854ad7
Fix typo 03-cli.md ( #11587 )
2023-08-30 18:03:12 +02:00
Martin Herndl
879524d8e3
Add tests for DumpAutoloadCommand ( #11581 )
2023-08-30 16:09:05 +02:00