1
0
Fork 0
Commit Graph

431 Commits (811dfd3a136ff482c6d84fd19e6545bd76b60804)

Author SHA1 Message Date
Andrew Nicols 811dfd3a13
Support schemeless funding URLs
The [GitHub documentation][1] for FUNDING.yml specifically notes that if a
custom URL is in the Array format, and includes `:` then it must be
quoted.

From this we can infer that the custom URL does not have to contain a
`:` at all.

The example for a Custom URL also gives an example of an unquoted URL
without any `:` character:

```
custom: ["https://www.paypal.me/octocat", octocat.com]
```

However if a repository uses a URL in this format it is currently
rejected because it does not specify a scheme. Furthermore the
`parse_url` method treats the `octocat.com` example as a path and not a
host. The same is true for URLs such as
`octocat.com/funding/example.html`.

This patch adds an additional allowance for the URL filter to capture
the case where a URL has no scheme or host, but does have a path.

[1]: https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository#about-funding-files
2024-12-17 22:22:26 +08:00
Nicolas Grekas 3dc279cf66
Stop relying on OS to find executables on Windows, and migrate most Process calls to array syntax (#12180)
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2024-11-06 13:49:06 +01:00
Jordi Boggiano 8f3fed674b
Clean up md5/sha1 usages, upgrade algos where possible (#12088)
* Clean up md5/sha1 usages, upgrade algos where possible

* Fully qualify PHP_VERSION_ID constant usages

* Fix 7.2 build
2024-08-21 17:06:42 +02:00
Jordi Boggiano eeff1c79ba
Fix addressability of branches containing # characters (#12042)
Fixes #12029
2024-07-25 16:46:57 +02:00
Jordi Boggiano 685add70ec
Refactor the BasePackage::$stabilities into a constant 2024-07-12 11:28:26 +02:00
Jordi Boggiano c1be804a0c
Fix UX when a non-required plugin is still present in vendor dir (#12000)
Composer now skips it and does not prompt if it is not allowed to run, fixes #11944
2024-05-31 10:29:56 +02:00
Jordi Boggiano 37d722e73c
PHPStan/tests updates (#11996)
* Remove a bunch of inline ignores and migrate all PHPUnit assertions to static calls

* Update baseline (1573, 93)

* Update commit hash
2024-05-29 23:12:06 +02:00
Ondřej Mirtes 5bb30ca170
Update PHPStan (#11976)
* Update PHPStan

* Update inline ignores to `@phpstan-ignore` with error identifier
2024-05-22 09:09:04 +02:00
Jordi Boggiano b0ec0f96ad
Update phpstan deps and fix a few array_filter issues 2024-04-19 17:00:50 +02:00
Jordi Boggiano 64e4eb356b
Merge pull request from GHSA-7c6p-848j-wh5h
* Fix usage of possibly compromised installed.php/InstalledVersions.php at runtime, refs GHSA-7c6p-848j-wh5h

* Fix InstalledVersionsTest regression
2024-02-08 14:33:59 +01:00
Dan Wallis c827c93b62
Use global constant if available for libpq version (#11684) 2023-10-11 14:19:31 +02:00
Juliette 5af6151493
PHP 8.3 | ComposerRepositoryTest: fix test failure (#11602)
Prior to PHP 8.3, ReflectionMethod could set a private method on a parent class to accessible. This is no longer possible in PHP 8.3 since php/php-src 9470 and breaks the Composer\Test\Repository\ComposerRepositoryTest::testWhatProvides test.
Also see: https://3v4l.org/8YcIk/rfc#vgit.master

Fixed now.

Co-authored-by: jrfnl <jrfnl@users.noreply.github.com>
Co-authored-by: Christophe Coevoet <stof@notk.org>
2023-08-30 11:43:12 +02:00
Stephan 5062338079
Audit: ignores configured repository options (#11173)
* Audit: ignores configured repository options

* ComposerRepository: add test case to assert that repo http options are used to make security advisory POST request
2023-08-29 15:16:34 +02:00
Stephan cf8ea3c70e
GitHubDriver: better handle empty composer.json file (#11552) 2023-07-21 11:09:32 +02:00
David Zülke 8f49166ec6
Fix lib-curl-openssl parsing for SecureTransport (#11534)
On macOS, if libcurl is built against SecureTransport, the platform repository will contain an invalid package name:

    % composer show --platform | grep curl
    ext-curl                           8.2.7    The curl PHP extension
    lib-curl                           8.1.2    The curl library
    lib-curl-(securetransport) openssl 3.1.1    curl (securetransport) openss...
    lib-curl-libssh2                   1.11.0   curl libssh2 version
    lib-curl-zlib                      1.2.11   curl zlib version

This change fixes it:

    % bin/composer show --platform | grep curl
    lib-curl                 8.1.2              The curl library
    lib-curl-libssh2         1.11.0             curl libssh2 version
    lib-curl-securetransport 3.1.1              curl (securetransport) openssl ...
    lib-curl-zlib            1.2.11             curl zlib version

(second column width difference comes from the Composer dev version number)
2023-07-21 11:06:03 +02:00
Jordi Boggiano 9f3e2105da
Add IOMock and get rid of all withConsecutive calls in tests (#11497) 2023-06-07 14:35:16 +02:00
David Zülke c45b403967
tests for empty or absent repository filters (#11476)
The behavior in FilterRepository is currently correct, but not explicitly tested.

Also add a test that ensures both filters can't be there simultaneously.
2023-05-28 15:02:12 +02:00
David Zülke e0c1ad1448
PlatformRepository library support for libpq (from ext-pq) and librdkafka (from ext-rdkafka) (#11418)
* libpq library version info for ext-pq

* librdkafka library version info for ext-rdkafka

Computes from RD_KAFKA_VERSION, faster than output buffering
2023-04-25 13:59:36 +02:00
Stephan 685a2e6be2
Composer support string (#11386)
* GitHubDriver: fix support is set to string

* GitLabDriver: fix support is set to string

* BitbucketDriver: fix support is set to string

* Fix PHPStan
2023-03-20 20:18:19 +01:00
Jordi Boggiano 5165792f9c
Fix security advisory parsing when filter repo is used, fixes #11281 2023-01-27 11:09:34 +01:00
Jordi Boggiano 3534499c6b
Add test covering edge case of composer repo format, closes #11206 2022-12-17 23:15:40 +01:00
Ion Bazan 8ff237afb6
[Tests] Use static data providers (#11197) 2022-11-24 14:39:08 +01:00
Jordi Boggiano 6c85b875f2
Update to PHPStan 1.9 2022-11-03 21:53:42 +01:00
Jordi Boggiano 8600894003 Update deps, constrain a few types to non-empty-strings 2022-10-12 09:19:36 +02:00
Jordi Boggiano 131da999ac
Fix CS (#11003) 2022-08-17 14:20:07 +02:00
Jordi Boggiano cc33db9257
Only fetch remote default branch for mirrored git repos, not local ones, refs #10949 (#10996) 2022-08-16 15:53:57 +02:00
Jordi Boggiano f1877afc0b
Merge branch '2.3' 2022-08-16 11:27:40 +02:00
Jordi Boggiano 550fc3d321
Merge branch '2.2' into 2.3 2022-08-16 11:27:34 +02:00
Jordi Boggiano f2141dd3ea
Fix tests from #10985 2022-08-16 11:25:15 +02:00
Stephan 1f0bd51f55
GitHubDriver: stricter URL validation to avoid issues with undefined index owner (#10985) 2022-08-16 11:08:03 +02:00
Jordi Boggiano efd426f8bb
Extract some common logic for filtering away dev requirements into a RepositoryUtils 2022-06-30 15:05:34 +02:00
Mathias Reker ⚡️ d17c724f23
Php unit dedicate assert (#10881)
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2022-06-22 14:20:08 +02:00
Jordi Boggiano fdab6657c7
Add command testing utilities to TestCase, add tests for ConfigCommand 2022-05-11 16:08:39 +02:00
Jordi Boggiano 06ef742a66
Update phpstan, fix InstalledVersions key ordering to be more logical/consistent 2022-04-29 10:30:04 +02:00
Jordi Boggiano bd6403a6be
Fix newly surfaced errors 2022-04-28 21:20:40 +02:00
Stephan 1f6f4a786e
BitbucketDriver: remove unnecessary HTTP call to fetch the root identifier (#10729) 2022-04-14 10:53:26 +02:00
Jordi Boggiano b0b364af19
E_TOO_MANY_BRANCHES 2022-04-13 17:24:39 +02:00
Jordi Boggiano d7ad2093f6
Merge branch '2.2' into main 2022-04-13 17:10:07 +02:00
Jordi Boggiano 9a62ef7ff2
Add missing return type 2022-04-13 17:07:33 +02:00
Jordi Boggiano a1f9baa118
Fix 5.3/5.4 builds 2022-04-13 16:42:12 +02:00
Jordi Boggiano 615530f0a1
Merge branch '2.2' into main, update baseline (2085, 104) 2022-04-13 16:18:25 +02:00
Stephan 2c40c53637
Merge pull request from GHSA-x7cr-6qr6-2hh6
* GitDriver: filter branch names starting with a - character

* GitDriver: getFileContent prevent identifiers starting with a -

* HgDriver: prevent invalid identifiers and prevent file from running commands

* HgDriver: filter branches starting with a - character
2022-04-13 15:54:58 +02:00
Stephan a5e35f911b
GitDriver: fix test for remote identifier on windows (#10727) 2022-04-13 14:08:24 +02:00
Stephan 866d2a49b2
GitDriver: try to fetch default branch form remote using auth (#10701) 2022-04-13 12:11:25 +02:00
Stephan ef12e42bdb
GitDriver: try to fetch default branch from remote (#10687)
The initial clone determined what the default branch of the cache git repository was. Changing it on the remote didn't have any impact on the local data. However, cloning it on a different machine would then store a different default branch on that machine. This could lead to different results for the same command on different machines.
2022-04-01 17:13:22 +02:00
Jordi Boggiano 6bd75d5738
Update phpstan & baseline (2158, 104) 2022-03-29 14:03:05 +02:00
Jordi Boggiano b0665981c2
Parallellize the branch comparisons to speed up bootstrapping/version guessing when on a feature branch (#10632)
* Parallellize the branch comparisons to speed up bootstrapping/version guessing when on a feature branch, fixes #10568

* Allow ProcessExecutorMock to function with async calls
2022-03-17 14:52:14 +01:00
Jordi Boggiano 6a466a120a
Enable strict types on all files 2022-02-24 13:24:34 +01:00
Jordi Boggiano 3cdca37e85
Fix strict type issues 2022-02-24 13:24:25 +01:00
Jordi Boggiano 0db443ba5f
Add visibility to all consts, fixes #10550 2022-02-23 14:28:04 +01:00