1
0
Fork 0
Commit Graph

12609 Commits (8f87ab3ea0f55ef21fe6a6346a06a0485b0e9c60)

Author SHA1 Message Date
Igor Santos 596a384c97
Explicit the version where script-aliases was included (#11847)
Since this was included in a minor version, it's nice to tell the user if this feature is available on the version they're running or if they need to upgrade. If it's not available, the only hint (besides the missing aliases on `composer list`) is the mild complaint at `composer validate`.
2024-02-15 11:42:14 +01:00
Jordi Boggiano 8c61f812a4
Reverting release version changes 2024-02-09 15:26:29 +01:00
Jordi Boggiano aaf6ed5ccd
Release 2.7.1 2024-02-09 15:26:28 +01:00
Jordi Boggiano 2a20575e73
Update changelog 2024-02-09 15:23:55 +01:00
theoboldalex b2910b17f2
Makes note appear in a note section. (#11844) 2024-02-09 15:00:37 +01:00
Jordi Boggiano be876b47a9
Also output root plugin warning after script execution errors 2024-02-09 14:26:07 +01:00
theoboldalex 9acf6bc0a1
Repositories docs reference (#11840)
* doc: Adds docs for reference field on package repo

* fixes double space

* minor grammar fix
2024-02-09 14:17:21 +01:00
Jordi Boggiano 690fe716c5
Output more warnings about plugins being disabled to hint that it may cause problems, fixes #11839 (#11842) 2024-02-09 11:56:25 +01:00
Jordi Boggiano 33335fdfdd
Update plugins api version in docs 2024-02-08 17:41:02 +01:00
Jordi Boggiano 6335551cc2
Fix diagnose auditing of composer dependencies in phar files 2024-02-08 16:24:16 +01:00
Jordi Boggiano f00d3fb5ab
Reverting release version changes 2024-02-08 15:09:19 +01:00
Jordi Boggiano 96d107e2bf
Release 2.7.0 2024-02-08 15:09:19 +01:00
Jordi Boggiano eea73daeac
Update changelog 2024-02-08 14:34:27 +01:00
Jordi Boggiano 64e4eb356b
Merge pull request from GHSA-7c6p-848j-wh5h
* Fix usage of possibly compromised installed.php/InstalledVersions.php at runtime, refs GHSA-7c6p-848j-wh5h

* Fix InstalledVersionsTest regression
2024-02-08 14:33:59 +01:00
Jordi Boggiano 7442981364
Add flag alias to docs 2024-02-08 11:31:44 +01:00
theoboldalex 7a6bb18e21
Adds a test for no dev (#11833) 2024-02-08 11:06:34 +01:00
Jordi Boggiano 67d80e1c9d
Fix php7.2 2024-02-07 22:44:22 +01:00
Jordi Boggiano df8f9f05a3
Update tests 2024-02-07 22:37:22 +01:00
Jordi Boggiano 754f2868fb
Add non-zero return codes when why-not finds a reason a package is not installable, or when why finds no reason it is there, fixes #11796 2024-02-07 22:27:58 +01:00
Dezső BICZÓ 7cb92a90c8
Introduce COMPOSER_AUDIT_ABANDONED env var (#11794)
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2024-02-07 22:13:36 +01:00
Ayesh Karunaratne e0807d381e
Diagnose command: Add GitHub OAuth token expiration date information (#11688)
GitHub's new fine-grained tokens have a cumpulsory expiration date, and their
classic tokens also support an expiration date.

https://github.blog/changelog/2021-07-26-expiration-options-for-personal-access-tokens/

This improves the `composer diagnose` command to display the expiration
date and time if it is provided by the response headers
(via `GitHub-Authentication-Token-Expiration`).
2024-02-07 21:30:24 +01:00
Jordi Boggiano 18cd8a01a4
Update jsonlint 2024-02-07 14:09:39 +01:00
theoboldalex 338bc16a11
test: Covers audit of pkg with no sec advisories (#11789) 2024-02-07 11:40:29 +01:00
Jordi Boggiano 0c99bfc8fd
Fix root aliases causing problems when auditing locked dependencies, fixes #11771 2024-02-07 11:37:50 +01:00
Jordi Boggiano fa040131b0
Add more details to event debug output, refs #11818 2024-02-07 11:18:06 +01:00
PrinsFrank fd23381391
Add arguments to command call output (#11826) 2024-02-07 11:11:16 +01:00
Jordi Boggiano 654da6f576
Update deps, fixes #11801 2024-02-07 11:10:55 +01:00
dependabot[bot] 158df56ccc
Bump actions/cache from 3 to 4 (#11807)
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-07 10:10:42 +01:00
Antoine M d0b465ffd0
chore(doc): add `_comment` documentation inside `composer.json` schema (#11825)
* Update 04-schema.md

* example
2024-02-07 10:10:05 +01:00
Kuba Werłos 7745d56c14
Do not show error that plugins have been disabled when they are already disabled (#11803) 2024-02-07 09:32:55 +01:00
Stephan 9a656854ad
ValidatingArrayLoader: fix link validation with missing name (#11830) 2024-02-06 17:18:41 +01:00
Jordi Boggiano e88c7a8987
Add support for wildcards in outdated's --ignore arg, fixes #11831 2024-02-06 17:17:25 +01:00
Derek Stephen McLean ebb6a82099
issue #11811 auth token links on separate lines (#11812)
* issue #11811 auth token links on separate lines

* 11811 - remove stray bracket

* 11811 : links on separte lines
2024-02-06 16:53:18 +01:00
Jordi Boggiano ef6c224ec2
Fix require command crashing at the end if no lock file is present, fixes #11814 2024-02-06 13:46:46 +01:00
Jordi Boggiano bff129f4f5
Update require docs, fixes #11823 2024-02-06 13:27:55 +01:00
Jordi Boggiano 0f70c0a9c9
Add detection of constraints which do not match anything in validate command, fixes #11802 (#11829) 2024-02-06 12:57:52 +01:00
PrinsFrank 8a69c0555b
Update plugin documentation (#11813) 2024-02-06 12:57:34 +01:00
Jordi Boggiano d3aeb1357f
Merge branch '2.6' 2024-01-26 17:45:05 +01:00
Jordi Boggiano 7048ff3808
Fix automatic disabling of plugins when running non-interactive as root 2024-01-26 17:44:35 +01:00
Jordi Boggiano f402517af5
Merge branch '2.6' 2024-01-26 17:27:48 +01:00
Jordi Boggiano b1bd22f37c
Fix type error 2024-01-26 17:27:42 +01:00
Jordi Boggiano 2ec8feb825
Merge branch '2.6' 2024-01-26 17:11:27 +01:00
Jordi Boggiano 952256247c
Only include installed versions class when plugins and scripts are allowed, as it is not needed otherwise 2024-01-26 17:11:16 +01:00
Jordi Boggiano 4e5be9ee7d
Emit warning instead of crashing on invalid security advisory API response, fixes #11767 2024-01-12 14:20:59 +01:00
Jordi Boggiano a29acbdd2e
Ensure repos declaring security-advisories have at least an API or a restricted set of packages to avoid too many wasteful requests 2024-01-12 13:17:05 +01:00
Jordi Boggiano 3491986ad3
Add IPv4 fallback on connection timeout, and adds COMPOSER_IPRESOLVE env var (#11791)
* Add IPv4 fallback on connection timeout, and adds COMPOSER_IPRESOLVE env var, fixes #530

* Address feedback

* Add warning in diagnose command when COMPOSER_IPRESOLVE is set
2024-01-11 17:13:54 +01:00
Jordi Boggiano c069174ac7
Merge remote-tracking branch 'origin/2.6' 2024-01-11 16:44:46 +01:00
Jordi Boggiano 75fd2bbeb2
Ensure we respect available-package-patterns and available-packages directives when fetching security advisories, fixes #11704 (#11773) 2024-01-11 16:44:27 +01:00
Jordi Boggiano 55db88f51b
Add error when composer show --direct <transient-dependency> is used to show a dependency which is not direct, fixes #11728 2024-01-11 09:53:00 +01:00
Jordi Boggiano 3427bee1f2
🤦 2024-01-10 13:47:26 +01:00