7b261bdf53
Merge branch 'main' into skipInvalidFormatFundingOnImport
2025-01-10 16:34:19 +01:00
2645d080b5
Merge pull request #12257 from jrfnl/feature/vcs-github-funding-support-thanksdev
...
Fix failing Packagist updates / GitHubDriver::getFundingInfo(): add support for thanks.dev and polar.sh
2025-01-10 16:32:39 +01:00
efe91c76e8
Merge pull request #12258 from TimWolla/release-attest-build-provenance
...
Generate build provenance attestation during release
2025-01-10 16:29:15 +01:00
a2fcc1a4db
Merge pull request #12250 from elazar/patch-2
...
Update installer script URL to include openssl_free_key() deprecation fix
2025-01-10 13:40:56 +01:00
4deec0359f
Update installer script URL to include openssl_free_key() deprecation fix
...
If the installer script linked from [this page]([https://getcomposer.org/doc/faqs/how-to-install-composer-programmatically.md ](https://getcomposer.org/doc/faqs/how-to-install-composer-programmatically.md )) is run using PHP 8, it generates the following deprecation notice.
```
Deprecated: Function openssl_free_key() is deprecated since 8.0, as OpenSSLAsymmetricKey objects are freed automatically in Standard input code on line 982
```
This issue was [fixed in the installer script]([composer/getcomposer.org#159 ](https://github.com/composer/getcomposer.org/pull/159 )), but the documentation was not updated to link to the version of it that includes the fix.
2025-01-10 13:40:00 +01:00
c12edf8034
Merge pull request #12248 from glaubinix/redirect-response-output-warnings
...
Allow redirect responses to output warnings/infos
2025-01-10 08:53:32 +01:00
7b1655bc62
Merge pull request #12263 from Seldaek/autoload_order
...
Fix unstable order of psr-0 and psr-4 rules
2025-01-09 15:07:26 +01:00
7b1e983ce9
Fix unstable order of psr-0 and psr-4 rules
...
Fixes #12090
2025-01-09 14:50:13 +01:00
9d87fd7e8d
Update deps
2025-01-09 14:45:16 +01:00
aa2fd0bb24
Merge pull request #12260 from bilogic/patch-1
...
explicitly state UTC
2025-01-08 15:49:18 +01:00
089972db87
Generate build provenance attestation during release
...
This will simplify secure installation of composer in GitHub Actions to two
calls to `gh` cli with no need to manually import any PGP signing keys:
gh release --repo composer/composer download --pattern composer.phar
gh attestation verify --repo composer/composer composer.phar
Given that the current PGP signing key is stored as a GitHub Action secret,
this type of attestation is no less secure than the existing PGP signing.
2025-01-08 15:46:13 +01:00
b89036c1f8
Merge pull request #12261 from Seldaek/use_phar_running
...
Make use of Phar::running() to get the current phar path
2025-01-08 14:22:32 +01:00
e751c8e4eb
Fix new phpstan error
2025-01-08 14:09:14 +01:00
e81df52e53
Make use of Phar::running() to get the current phar path
2025-01-08 13:46:52 +01:00
d3da12a30d
explicitly state UTC
2025-01-06 11:39:42 +08:00
ccdfb56078
GitHubDriver::getFundingInfo(): add support for thanks.dev and polar.sh
...
GitHub looks to have added a dedicated syntax for the thanks.dev funding platform when added to a `funding.yml` file.
However, it looks like Composer does not (yet) support this syntax as can be seen from failed Packagist updates of the dev branches of the [PHP_CodeSniffer](https://packagist.org/packages/squizlabs/php_codesniffer#dev-master ) and [PHPCompatibility](https://packagist.org/packages/phpcompatibility/php-compatibility ) packages.
The polar.sh funding platform also appears to be newly supported by GH and missing from the list.
This PR fixes both.
Refs:
* https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository
2024-12-31 02:14:33 +01:00
ab390f6bf1
GitHubDriver::getFundingInfo(): order the cases
...
This re-orders the cases in the `switch` to follow the same order as the GitHub documentation (largely alphabetic) for easier comparisons between the two lists.
Refs:
* https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository
2024-12-31 01:50:29 +01:00
f3f676d2a9
Allow redirect responses to output warnings/infos
2024-12-19 11:17:17 +00:00
5c07d1d154
Discard unsupported FUNDING.yml URL values
2024-12-18 11:57:23 +08:00
fb397acaa0
Reverting release version changes
2024-12-11 11:57:45 +01:00
112e37d1dc
Release 2.8.4
2024-12-11 11:57:47 +01:00
1175bf52ac
Update changelog
2024-12-11 11:57:31 +01:00
6e0cb6cae0
Fix tests
2024-12-11 11:39:34 +01:00
8eedfd0ecb
Hide publish errors entirely with --no-check-publish instead of downgrading to warning, fixes #12196
2024-12-11 11:32:30 +01:00
99430ca669
Avoid returning failing status code if the composer audit fails in diagnose command, refs #12196
2024-12-11 11:29:49 +01:00
ace7a3ffa8
Update deps
2024-12-11 10:53:22 +01:00
144e8f8a34
Fix create-project when passed with a path repo to disable symlinks by default
...
Fixes #12222
2024-12-11 10:51:37 +01:00
6a9336fa9c
Merge pull request #12233 from Seldaek/fix_duplicates
...
Fixed InstalledVersions returning duplicates in some instances
2024-12-11 10:40:36 +01:00
45436c0a20
Fixed InstalledVersions returning duplicates in some instances
...
Fixes #12225
2024-12-11 10:25:10 +01:00
a383632641
Merge pull request #12230 from Seldaek/duplicate_errors
...
Fixes #12214
2024-12-11 09:26:04 +01:00
3a2d1c5f9c
Update logic
2024-12-11 09:24:40 +01:00
5cb9733588
Fix bug when plugin defines multiple PluginInterface classes ( #12226 )
2024-12-10 16:49:33 +01:00
008129be49
Avoid duplicate errors in the output, fixes #12214
2024-12-10 16:37:56 +01:00
eefa012204
Add OS families to `php-ext` config options for PIE ( #12218 )
2024-12-09 14:37:10 +01:00
bbab31b564
Fix bump-after-update when passing inline constraints, fixes #12223
2024-12-09 14:27:05 +01:00
666dc93fcc
Update docs for `audit` command ( #12220 )
2024-12-01 13:26:21 +01:00
74f68adeb1
fix(docs): Audit command dependency from custom repositories ( #12212 )
2024-11-27 16:31:32 +01:00
302ecf824c
Update wording of process-timeout description ( #12211 )
...
Cleans up the description of process-timeout to better separate the config setting from the static helper for script commands.
2024-11-27 16:30:21 +01:00
5eeba719d3
Fix type
2024-11-26 17:10:11 +01:00
2e7b006134
Add missing type annotation
2024-11-26 14:52:33 +01:00
59b63bc231
Validate license data more thoroughly
2024-11-26 14:49:36 +01:00
cc820306eb
Ensure installed.php data is sorted deterministically, fixes #12197
2024-11-25 16:23:10 +01:00
dc2844cc72
disable multiplexing for some versions of curl ( #12207 )
...
* disable multiplexing for some versions of curl
I'm behind a corporate proxy and was hitting a `Curl 2 (...) [CONN-1-0] send: no filter connected` error when trying to download some packages.
Some google research led me to https://github.com/rust-lang/cargo/issues/12202 and its fix https://github.com/rust-lang/cargo/pull/12234 .
This PR backports this fix to composer.
> In certain versions of libcurl when proxy is in use with HTTP/2
multiplexing, connections will continue stacking up. This was
fixed in libcurl 8.0.0 in curl/curl@821f6e2
* fix has proxy condition
2024-11-25 15:03:36 +01:00
e468b73cb2
Use a bitmask to produce deterministic exit codes for the "audit" command ( #12203 )
...
* Use a bitmask to produce deterministic exit codes for the "audit" command
* Rename consts, small cleanups
---------
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2024-11-25 14:30:31 +01:00
38cb4bfe71
GitLab: adjust links to profile/user-settings ( #12205 )
2024-11-21 09:16:24 +01:00
aee3bd14db
Add build-path to php-ext config options for PIE ( #12206 )
...
* Add build-path to php-ext config options
* Use phpstan- prefix for shape definitions
2024-11-21 08:52:30 +01:00
9fb833f97e
Reverting release version changes
2024-11-17 13:13:04 +01:00
2a7c71266b
Release 2.8.3
2024-11-17 13:13:04 +01:00
8f87ab3ea0
Update changelog
2024-11-17 13:12:53 +01:00
580f0006d6
Ensure we run git commands for bin/compile inside the root of the git repo, refs #12194
2024-11-15 14:08:32 +01:00
Jordi Boggiano