ae14e0f086
Add ssh2 protocol default ports, fixes #4835
2016-01-26 16:53:41 +00:00
13b50799d1
fix: missing parentheses
2016-01-26 18:19:58 +03:00
618e7f98b2
Force base error reporting level to include everything
2016-01-26 15:05:57 +00:00
4e00635298
Fix error handling support, fixes #4833
2016-01-26 15:04:13 +00:00
f829a160fb
use a proper tmp directory
...
this test failed on OSX before, trying to create a directory at the root of the filesystem
2016-01-26 14:32:04 +01:00
1818b95149
CS fixes
2016-01-26 13:07:18 +00:00
5c944d45ac
Merge pull request #4827 from curry684/issue-4203
...
Added more graceful warning suppression utility
2016-01-26 12:31:18 +00:00
c2e768b8ad
Made Silencer invocations safer against exceptions.
2016-01-26 13:27:24 +01:00
5672f67475
Merge pull request #4829 from curry684/issue-4726
...
Globbing while resolving path repositories now normalizes to slashes
2016-01-26 12:18:47 +00:00
fff5074bbf
Fix additionalOptions getting dropped when SAN and redirect handling are combined, refs #4782
2016-01-26 10:44:06 +00:00
03e0d65f37
Allow stream wrapper usage in config dirs, fixes #4788
2016-01-25 23:40:16 +00:00
84fed02df1
Globbing while resolving path repositories now normalizes to slashes for predictable cross-platform behaviour. Fixes #4726
2016-01-26 00:33:47 +01:00
76c1645a0e
Merge remote-tracking branch 'upstream/master' into issue-4203
2016-01-25 23:38:13 +01:00
18cd4f966b
Added silencer utility to more gracefully handle error suppression without hiding errors or worse. Fixes #4203 , #4683
2016-01-25 23:37:54 +01:00
e0ff9598c3
Tweak wording a bit, refs #3177
2016-01-25 22:24:34 +00:00
4d9bab4b86
Merge remote-tracking branch 'singles/missing-extension-ini-hint'
2016-01-25 22:22:41 +00:00
c5cb2327cf
Merge remote-tracking branch 'bamarni/config-repo-options'
2016-01-25 21:28:22 +00:00
5b41eaad3a
Bundle pubkeys and fail hard if validation can not happen
2016-01-25 19:43:48 +00:00
59975e3aaa
Add missing keys class
2016-01-25 19:43:48 +00:00
f4bcf7590b
Fix array syntax
2016-01-25 19:43:48 +00:00
3ef22258e5
Add key fingerprints for easier comparison and debugging via diagnose
2016-01-25 19:43:48 +00:00
a9be7c83f1
Add verification of signatures when running self-update
2016-01-25 19:43:48 +00:00
bdb97e7527
Reuse new TlsHelper for CA validation, refs #4798
2016-01-25 19:17:56 +00:00
1ea810d40b
Merge remote-tracking branch 'cs278/san-support'
2016-01-25 18:53:45 +00:00
78ffe0fd08
Avoid checking CA files several times
2016-01-25 18:34:52 +00:00
e727f9f5fe
[Config command] allow to pass options when adding a repo
2016-01-25 19:25:10 +01:00
901e6f1d0e
Fix output and handling of RFS::copy() and extract redirect code into its own method, refs #4783
2016-01-25 17:55:29 +00:00
a574d5ef76
Merge remote-tracking branch 'cs278/follow-redirects'
2016-01-25 17:26:05 +00:00
e2e07a32c3
Fixes to vuln detection
2016-01-24 20:54:43 +00:00
bc8b7b0f78
Remove left behind debug code
2016-01-24 19:41:14 +00:00
b32aad8439
Do not set TLS options on local URLs
2016-01-24 19:10:11 +00:00
74aa73e841
The origin may not be the remote host
2016-01-24 19:09:35 +00:00
304c268c3b
Tidy up and general improvement of sAN handling code
...
* Move OpenSSL functions into a new TlsHelper class
* Add error when sAN certificate cannot be verified due to
CVE-2013-6420
* Throw exception if PHP >= 5.6 manages to use fallback code
* Add support for wildcards in CN/sAN
* Add tests for cert name validation
* Check for backported security fix for CVE-2013-6420 using
testcase from PHP tests.
* Whitelist some disto PHP versions that have the CVE-2013-6420
fix backported.
2016-01-24 19:02:50 +00:00
7e2a015e9b
Provide support for subjectAltName on PHP < 5.6
2016-01-24 19:02:29 +00:00
837fa805ec
Code tweaks, refs #4124
2016-01-22 19:09:44 +00:00
ddd140fd1c
Rollback plugin api version to 1.0.0 for now, add warning about requiring 1.0.0 exactly
2016-01-22 19:09:03 +00:00
5ec6988218
Fixed docs and removed implementation detail
2016-01-22 13:54:59 +00:00
aa45a48283
Refactoring
...
- changed "SPI" into something more familiar, like "implementation"
- throw exceptions on invalid implementation types or invalid class names
- use null instead of false when querying
- refactored the tests accordingly
2016-01-22 13:51:32 +00:00
ec8229ffa3
Remove @since
2016-01-22 13:51:32 +00:00
2051d74774
Added Capable plugins for a more future-proof Plugin API
...
Plugins can now present their capabilities to the PluginManager, through which it can act accordingly, thus making Plugin API more flexible, BC-friendly and decoupled.
2016-01-22 13:51:32 +00:00
5b85ee409c
add missing array-replace-recursive
2016-01-22 14:29:29 +01:00
d6be2a693b
switch to array-replace-recursive
2016-01-22 14:27:08 +01:00
2393222826
more appropriate name
2016-01-22 09:20:43 +01:00
474541e9aa
apply comments
...
- add capath to json schema
- simplify factory
- hash_file and sha256 for CA checking
- remove exception as scenario should not occur
- remove executable bit from CA file
- make CA file also group/world writable (we overwrite invalid content anyway)
to avoid permission errors as much as possible
2016-01-22 09:14:37 +01:00
33f823146b
Account for ports in URL
2016-01-22 01:48:16 +00:00
34f1fcbdcb
Drop downgrade warning
2016-01-22 01:47:05 +00:00
c232566e52
add a hash to make sure CA file gets recreated if the content changes
2016-01-21 16:02:44 +01:00
cef97904d0
dont rewrite temp CA file if it already exists
...
and make it readable by everyone the first time we create it
2016-01-21 15:07:51 +01:00
4482a1dca0
also wrong array
2016-01-20 21:53:49 +01:00
f79255df29
make sure passed options are merged into defaults before checking
2016-01-20 21:35:06 +01:00
94947ee772
merge isset() calls
2016-01-20 21:29:55 +01:00
b95b0c2ab6
wrong array
2016-01-20 21:27:26 +01:00
008cce8d85
add back sanity checks
2016-01-20 21:24:13 +01:00
c1488f65bf
a quick stab at adding capath
2016-01-20 21:20:18 +01:00
395d115d9b
Resolve all dirs before initializing them, fixes #4802
2016-01-20 11:17:40 +00:00
dd3216e93d
Refactor to use new helper methods for headers
2016-01-19 22:19:17 +00:00
8a8ec6fccc
Too many redirects is not an error in PHP, return the latest response
2016-01-19 22:06:38 +00:00
33471e389f
Pass redirect count using options
...
Removing the risk it might be preserved between requests.
2016-01-19 22:06:27 +00:00
e830a611ec
Handle other path redirects
2016-01-19 22:06:27 +00:00
ffab235edd
Remove code preventing protocol downgrades
2016-01-19 22:06:27 +00:00
ce1eda25f3
Follow redirects inside RFS only when required by PHP version
2016-01-19 22:06:27 +00:00
73662c725a
Don't let PHP follow redirects it doesn't validate certificates
2016-01-19 22:06:04 +00:00
09417cae50
Composer gives .ini hints about missing extensions
2016-01-19 21:02:40 +01:00
b39b113fc3
Handle envvar auth credentials as a JSON blob
...
As well as move the handling to a proper place
2016-01-19 20:53:07 +02:00
aaee6dc0b0
Simplify envvar credential parsing
2016-01-19 20:53:07 +02:00
e9cac53f90
Allow fetching auth credentials from an envvar
...
When an environmental variable named "COMPOSER_AUTH" is set
as $USERNAME:$PASSWORD, it is automatically used for authentication
e.g. when fetching packages from Satis.
The envvar credentials are of lower priority than URL credentials.
Fixes #4285
2016-01-19 20:53:07 +02:00
546730dcf3
Show CA files being used in debug mode, refs #4792
2016-01-19 17:34:29 +00:00
4dd388074e
Merge pull request #4790 from filbertkm/updatecommand
...
Remove unused import in UpdateCommand
2016-01-19 12:24:00 +00:00
f9fadb187e
Fix undefined var $auth issue
2016-01-19 12:04:23 +00:00
40baa3ff05
Use COMPOSER_HOME if defined instead of falling back to HOME, fixes #4789
2016-01-19 10:54:14 +00:00
0a662a7e42
Remove unused import in UpdateCommand
2016-01-18 19:46:58 -05:00
96ff17c520
Cleanups of XDG support, refs #1407
2016-01-18 18:26:05 +00:00
3e9efcfb85
Merge remote-tracking branch 'ntoniazzi/master'
2016-01-18 17:52:46 +00:00
41d8fdfda8
Restore "Avoid loading plugins that do not match the current plugin api even during installation" but fixed
...
This reverts commit 0118d69603
2016-01-18 15:34:08 +00:00
a13b06725e
Add support for if-modified-since on lazy repos and turning packagist into a lazy provider repo
2016-01-18 14:03:10 +00:00
1d08f83976
Only clone if needed
2016-01-18 12:29:14 +00:00
33c123e8c2
Fix passing of options to remotefilesystem in composer repo
2016-01-18 12:28:03 +00:00
876f143418
Forward repo options correctly to the RemoteFilesystem even if we get one injected, fixes #4786
2016-01-18 10:50:49 +00:00
22d8b5dff4
fix possible caBundle error
2016-01-18 08:59:12 +01:00
0118d69603
Revert "Avoid loading plugins that do not match the current plugin api even during installation"
...
This reverts commit 21f5933e0121f5933eCloses auraphp/Aura.Intl#20
2016-01-17 15:08:25 -05:00
21f5933e01
Avoid loading plugins that do not match the current plugin api even during installation
2016-01-17 16:08:27 +00:00
8375af268c
Use fixed CN_match for github hosts, fixes #4782
2016-01-17 13:41:56 +00:00
42f49b3b97
fix missing import
2016-01-16 20:47:49 +01:00
b839c7ef1c
Fix code to work with old php, fixes #4779 #4780
2016-01-16 17:59:59 +00:00
974fb4ac66
Only pass remotefilesystem when needed, fixes #4779
2016-01-16 17:45:40 +00:00
d7c61c50ad
Merge branch 'tls-config'
2016-01-16 16:55:19 +00:00
fb848d2e07
Code cleanups
2016-01-16 16:50:28 +00:00
72fae0bf70
Declare CN_match/SNI_server_name only for php <5.6
2016-01-16 16:28:04 +00:00
449f68deae
Remove dangerous CN_match fallback
2016-01-16 16:26:14 +00:00
a0398286ba
Wording fixes
2016-01-16 16:18:00 +00:00
2491679ba3
Remove override of renderException, refs #4774
2016-01-16 11:24:04 +00:00
d2e97eecb2
Replace preg_match by strpos
2016-01-10 20:43:33 +00:00
03299ff075
Suggest https in docs where it makes sense, closes #4056
2016-01-10 20:34:53 +00:00
e4eee227e0
Fix old-php support
2016-01-10 20:25:22 +00:00
c1cc6bfecf
Avoid doing too many loads of the remotefilesystem
2016-01-10 20:06:10 +00:00
fc4d94f160
Code clarity and updates from the getcomposer.org installer
2016-01-10 17:59:08 +00:00
cb53bd04cb
Remove a few instances of RemoteFilesystem that were not needed
2016-01-10 17:07:54 +00:00
86a911150b
Update bundled CAfile and other cleanups
2016-01-10 16:54:44 +00:00
f8dff0867c
Remove --disable-tls/--cafile flags and rely solely on config options plus some wording clarifications
2016-01-10 16:37:11 +00:00
5d015defb8
Merge remote-tracking branch 'origin/master' into tls-config
2016-01-10 16:10:22 +00:00
Jordi Boggiano