fc03ab9bba
Add COMPOSER_DISABLE_NETWORK env var for debugging
2019-01-14 17:29:24 +01:00
e8c6948770
Deduplicate link instances between versions of a given package
2019-01-14 17:29:24 +01:00
e753bf08b1
Minor tweaks
2019-01-14 17:29:24 +01:00
0961e16795
Add support for new metadata-url repo attribute
2019-01-14 17:29:24 +01:00
ed65625126
Handle custom http options cleaner in ComposerRepo
2019-01-14 17:29:24 +01:00
4a8a1cb0c9
Fix PHP 5.3 support
2019-01-14 17:29:23 +01:00
655a784fac
Fix findPackage(s) implementation
2019-01-14 17:29:23 +01:00
346de47af2
Small fixes
2019-01-14 17:29:23 +01:00
f946d8eb5a
More RemoteFilesystem usage removals and some repository/vcs driver refactorings
2019-01-14 17:29:23 +01:00
713bc4de1d
Minor fixes and updated the rest of the code/tests to use HttpDownloader
2019-01-14 17:29:23 +01:00
56805ecafe
Add HttpDownloader to wrap/replace RemoteFilesystem with a new curl multi implementation
2019-01-14 17:29:23 +01:00
902cb290e7
Only load package versions which fit the root composer.json constraints
2018-09-12 16:48:17 +02:00
81bb8f81ad
Set all package ids only once the pool is created
...
They all get set in one place only and at a specific time when nothing
else will possibly change them anymore
2018-09-12 14:31:40 +02:00
261efe1e8e
Implement loadPackages on Composer repositories with providers
2018-09-12 14:14:04 +02:00
190d263c74
Fix logic for composer repository's optional acceptable callable filter
2018-09-11 14:43:25 +02:00
1228bcdffc
Internalize pool creation in repository set, store root aliases in set
...
The pool is still exposed too early in a few places which will require
further refactoring
2018-09-11 13:34:18 +02:00
76bf6bdf97
Fixed typo
2018-07-24 18:20:04 +02:00
c5fa3bdde0
Migrate to repo.packagist.org for package metadata
2018-07-24 09:30:06 +02:00
c6d53abf89
Fix tests
2018-05-15 16:06:56 +02:00
af1dccb1fb
Avoid showing virtual packages in search results, fixes #7310
2018-05-15 15:20:21 +02:00
6a7e932233
Mention that also a antivirus software might corrupt file contents
2018-01-22 14:41:19 +01:00
eab705d057
Reword exception text to evoke somewhat less panic
...
Refs https://github.com/composer/composer/issues/5196#issuecomment-346754244
Signature mismatch could indicate MitM, or just a CDN issue which is rather more likely.
2017-11-30 15:57:12 +01:00
88ec172bd8
Fix CS
2017-05-19 15:14:47 +02:00
05fcc4adfb
can use relative path for mirror
2017-05-16 21:56:24 +02:00
11ce391222
Add support for info/warnings in every json file loaded by ComposerRepo
2017-03-08 14:10:50 +01:00
9ee17ef6ff
Fix handling of partial package listings containing replaces/provides
2016-12-06 21:56:09 +01:00
7259630cbe
Fix support for partial provider repos
2016-11-30 22:53:59 +01:00
64d29dc6dc
Fix regex cleaning up repo URLs, fixes #5686
2016-09-17 13:27:29 +02:00
75074382de
Merge branch '1.1'
2016-06-25 15:50:18 +01:00
ebae5dfd95
Undo downgrade before trying again if http seems unreliable, refs #2835
2016-06-24 14:58:32 +01:00
6a557e45b8
Added --type option to search
2016-06-21 16:38:52 +02:00
ff4e2ec219
Avoid lazy-loading composer-plugin-api
2016-04-15 14:04:44 +01:00
3b0a1c6f70
Run cs fixer and update config to latest master
2016-04-11 15:06:57 +01:00
818c3e707a
Ton of phpDoc fixes.
2016-04-07 01:12:30 +02:00
623c0dcda7
Improve solver error reporting, fixes #5086 , fixes #2575 , fixes #2661
2016-04-01 00:18:36 +01:00
6825c04a62
Merge pull request #4799 from balbuf/balbuf/honor-class-name
...
createPackage() method should use the $class argument it accepts
2016-02-29 14:53:20 +00:00
868e607f17
Missing parent constructor calls.
2016-02-27 22:39:03 +01:00
c9436438ff
Add memoization to parseConstraints, saves some (6-7% here) RAM and marginal CPU time
2016-02-24 17:27:42 +00:00
72a3563f1e
Removed some 3 year old backward compatibility code.
2016-02-15 21:37:19 +01:00
39ccb929b1
Merge pull request #4801 from balbuf/balbuf/find-provider-break-early
...
Break early when a provider name is matched
2016-02-14 19:12:04 +00:00
25e089eee9
Allow force-lazy-providers for any repo, still an experimental flag that should not be used though
2016-02-12 14:03:59 +00:00
1818b95149
CS fixes
2016-01-26 13:07:18 +00:00
f1cf5d64dd
createPackage() method should use the $class argument it accepts
2016-01-20 01:34:37 -05:00
c1b9b082a4
Break early when a provider name is matched
2016-01-20 01:29:32 -05:00
a13b06725e
Add support for if-modified-since on lazy repos and turning packagist into a lazy provider repo
2016-01-18 14:03:10 +00:00
1d08f83976
Only clone if needed
2016-01-18 12:29:14 +00:00
33c123e8c2
Fix passing of options to remotefilesystem in composer repo
2016-01-18 12:28:03 +00:00
876f143418
Forward repo options correctly to the RemoteFilesystem even if we get one injected, fixes #4786
2016-01-18 10:50:49 +00:00
c1cc6bfecf
Avoid doing too many loads of the remotefilesystem
2016-01-10 20:06:10 +00:00
5d015defb8
Merge remote-tracking branch 'origin/master' into tls-config
2016-01-10 16:10:22 +00:00
feefd51565
Fix custom installer example, fixes #4648
2015-12-03 16:17:58 +00:00
5b748eda6c
Allows repositories to implement ConfigurableRepositoryInterface and thus provide getRepoConfigmethod
2015-11-23 23:18:24 +01:00
ce08582671
Fix CS
2015-09-28 10:53:24 +01:00
c41079192f
Merge pull request #4454 from alcohol/urlencode-urls-only
...
only urlencode $ if filename is not local
2015-09-28 10:38:16 +01:00
b219abe8f6
@seldaek damn your assignment in expression
2015-09-28 10:59:26 +02:00
e491b72a8c
only urlencode $ if filename is not local
2015-09-28 10:39:36 +02:00
a1427d7fd6
replace all occurences in code and comments
2015-09-24 16:32:36 +02:00
ed95448523
URL-encode dollar signs to work around bad proxy failures
2015-09-20 18:26:23 +01:00
eac5fbdee4
Fix: Remove unused imports
2015-06-28 23:20:54 -04:00
801a7fcd0a
Add support for constraints and not just exact versions in RepositoryInterface::findPackage/s
2015-06-18 17:44:58 +01:00
75c501251d
Revert "Merge remote-tracking branch 'naderman/load-no-providers'"
...
This reverts commit 3e85f82373b025d0982b
2015-06-18 15:40:27 +02:00
3e85f82373
Merge remote-tracking branch 'naderman/load-no-providers'
2015-06-18 11:32:37 +01:00
c471edc488
Also downgrade provider access and others
2015-06-11 11:22:19 +01:00
8b28d4bc82
Optimisation: Composer repo version listings are index by package name
2015-06-08 18:50:15 +02:00
65243ca392
Move methods for PR readability and fix phpdoc
2015-06-08 18:45:03 +02:00
63e96a41f8
Add proper docblocks in composer repo
2015-05-05 20:30:57 +02:00
aa7d145dd0
PHP 5.3 compatible function invokation
2015-05-05 20:24:04 +02:00
ec5416f03c
loadDev parameter is nonsense, properly load packages in create command
2015-05-05 19:58:03 +02:00
b99c03ea04
Entirely remove whatProvides from Composer repository
2015-05-05 19:28:15 +02:00
090711b21c
Completely move loading of packages from composer repo to pool
2015-05-05 19:08:33 +02:00
9b9ad9d0fe
Remove dead code paths and use exceptions instead of die
2015-05-04 17:34:41 +02:00
65f69c4227
Remove debug output
2015-05-04 17:28:03 +02:00
4d0db5add6
POC Implementation of loading only explicitly named package data
2015-05-04 17:25:55 +02:00
cb336a5416
Implement writeError throughout Composer
2015-02-25 11:00:35 +01:00
8b46880f42
Avoid failing on composer show of lazy providers
2015-01-31 21:24:50 +00:00
19e24c5804
Merge branch 'master' into tls-config
...
Conflicts:
.travis.yml
doc/03-cli.md
src/Composer/Command/ConfigCommand.php
src/Composer/Command/CreateProjectCommand.php
src/Composer/Command/DiagnoseCommand.php
src/Composer/Command/InstallCommand.php
src/Composer/Command/RequireCommand.php
src/Composer/Command/SelfUpdateCommand.php
src/Composer/Command/ShowCommand.php
src/Composer/Command/UpdateCommand.php
src/Composer/Config.php
src/Composer/Downloader/FileDownloader.php
src/Composer/Factory.php
src/Composer/Repository/ComposerRepository.php
src/Composer/Repository/PearRepository.php
src/Composer/Repository/Vcs/VcsDriver.php
src/Composer/Util/GitHub.php
src/Composer/Util/RemoteFilesystem.php
2015-01-29 20:31:56 +00:00
45089a6771
[Minor] remove the unused private variables
2014-12-28 00:45:27 +01:00
3ff8bcffea
Allow loading of real composer repos by local path, fixes #1899
2014-12-08 22:04:10 +00:00
89bd9be295
This entirely removes StreamableRepositories and minimal package arrays
2014-11-20 17:23:51 +01:00
9751e1ab58
Remove unnecessary collection of names which isn't used
2014-11-20 12:54:56 +01:00
f8fae61b05
Add fallback for findPackage(s) for repo without provider
...
This was introcuced in a4d43ee860
2014-10-17 09:10:47 +02:00
ac497feaba
CS fixes
2014-06-10 16:13:12 +02:00
d036b2390e
Load root aliases for providers by package name and not by provider name, fixes #3043
2014-06-09 19:36:06 +02:00
58d01b2c6e
Merge pull request #2988 from tristanlins/feature/composer-repository-find-packages
...
ComposerRepository::findPackage[s]
2014-06-05 10:55:27 +02:00
0c343f925a
Clarify code
2014-05-14 11:25:20 +02:00
a4d43ee860
Implement ComposerRepository::findPackage and ComposerRepository::findPackages.
2014-05-13 23:54:48 +02:00
2a7a954f62
Handle multiple urls in package transport options
2014-05-07 19:34:46 +02:00
b6981d09e8
Fix handling of origin url in composer repository class
2014-05-07 19:34:43 +02:00
31b787249c
More fixes to mirror support
2014-05-07 19:34:40 +02:00
44e45ed2d5
Add support for lazy providers/proxies
2014-05-07 19:34:36 +02:00
77163f66fc
Add support for mirrors in composer repos
2014-05-07 19:34:35 +02:00
faeb706de6
Handle alias packages properly, refs #2189
2014-05-07 19:10:55 +02:00
32cd883daa
Rename options to transport-options, refs #2189
2014-05-07 18:25:28 +02:00
016a016455
Merge remote-tracking branch 'lcobucci/master'
...
Conflicts:
src/Composer/Downloader/FileDownloader.php
2014-05-07 18:02:46 +02:00
b437c1cc05
Support github auth directly in the RemoteFilesystem class
2014-04-11 14:29:17 +02:00
306ba77e93
Implement the RemoteFilesystem Factory everywhere...
...
- also fixes impacted test
2014-03-01 17:01:44 +00:00
0f2c0ab389
Merge remote-tracking branch 'upstream/master'
...
Conflicts:
src/Composer/Downloader/FileDownloader.php
2013-12-29 00:37:08 +00:00
fbadc19bf6
Add preFileDownload event on package.json fetch
2013-11-19 17:45:28 +01:00
f538acc4b0
added support for file:// url to repository
...
file:// is valid url even if it does not define a host.
allows to define a repo like this (local directory generated with
composer/satis):
```json
{
"repositories": [ { "type": "composer", "url": "file:///home/cebe/dev/jescali/xeno-core/core/repo" } ],
"require": {
...
}
}
```
2013-10-30 17:46:35 +01:00
0b77a59af6
Repository options must be replicated on package when dist file is under
...
repository base dir
2013-08-19 04:40:54 -03:00
3f2b9b4d4b
Avoid overwriting notification-url
2013-05-16 02:27:11 +02:00
4b26c627ff
Retry file downloads 3 times before giving up in case of basic network failure
2013-05-03 12:29:54 +02:00
a7e88f7a80
Unfold aliases in streamable repos since aliases are already loaded by the pool, refs #1346 , fixes #1851
2013-05-02 17:43:45 +02:00
753a8345cb
Added support for the alias of an aliased package
2013-04-11 13:20:34 +02:00
d38eb244fa
Add PlatformRepository::PLATFORM_PACKAGE_REGEX to remove duplication
2013-04-06 22:26:10 +02:00
2b385cbe58
Fix dependency flags not applying to provides/replaces, fixes #1771
2013-04-04 17:41:01 +02:00
41392ace56
Check that a repo has no providers when getPackages is called to catch any mis-use
2013-03-10 13:40:54 +01:00
be861f090a
Remove filterPackages and add RepositoryInterface::search, refactor all commands to use new methods and remove all usage of the full package list for Composer repositories that support providers, fixes #1646
2013-03-10 13:40:52 +01:00
095852933e
Remove code duplication, add support for searchUrl
2013-03-10 13:40:50 +01:00
573b7a0fb7
Only downgrade providers but not the notification url
2013-02-27 13:32:21 +01:00
d4c9a9004a
Add support for the hashed provider includes
2013-02-21 18:51:22 +01:00
2c4c5dd764
Fail hard only after 3 failed attempts
2013-02-21 18:18:04 +01:00
b750e70f5f
Abort execution when a RepositorySecurityException is thrown
2013-02-21 17:41:38 +01:00
995dc40130
Make packagist downgrade out of ssl after fetching the main file, since the other files can be verified via sha256
2013-02-21 17:37:18 +01:00
211b69b38b
Adjust exception message
2013-02-21 17:07:53 +01:00
b59489f6ae
Merge remote-tracking branch 'edas/exception-on-broken-signature'
2013-02-21 17:04:41 +01:00
9521d1e7ad
Make use of new hashed provider filenames, fixes #1431 , refs composer/packagist#283
2013-02-21 16:50:04 +01:00
59f8be3b92
Throw Exception on broken signature
...
This is related to issue #1562
With a fresh installation of Composer I had the following message:
> The contents of https://packagist.org/p/providers-latest.json do not
match its signature, this is most likely due to a temporary glitch but
could indicate a man-in-the-middle attack.
> Try running composer again and please report it if it still persists.
This was *probably* a temporary glitch, as the error did not appear
again, even after a full reinstallation of all packages.
*However* Composer had no way to differentiate a man-in-the-middle
attack and a temporary glitch. The installation / update did continue
despite the problem and files where installed / updates with no easy
rollback. These files may have been corrupted with malicious code and I
have no way to check they don't.
This is a *serious* security issue.
The code in [ComposerRepository line
434](https://github.com/composer/composer/blob/master/src/Composer/Repos
itory/ComposerRepository.php#L434) states
```php
// TODO throw SecurityException and abort once we are sure this can not
happen accidentally
````
Even if the broken signature may happen in accidentally in a standard
process, if it may be a security issue, we have to abort the procedure,
or at least ask for confirmation to the user. If it helps continuing
despite the temporary glitch, it may be possible to add a command line
switch like `--ignore-signature` to force the process to continue.
Proposed :
Send a RepositorySecurityException instead of the warning, even if this
may happen accidentally
2013-02-14 15:53:40 +01:00
a8f74a0983
Allow notification from locked installs, fixes #1368 , fixes #1372 , fixes #1369
2012-11-29 09:24:28 +01:00
e868c9706b
Add support for batch notifications
2012-11-28 18:44:49 +01:00
15475f0ef2
Rename cache dirs to consolidate them by purpose
2012-11-23 00:15:14 +01:00
cbd91b5952
Fix FILTER_VALIDATE_URL not supporting IDNs
2012-11-05 15:39:43 +01:00
45c1c3f881
Fixed package name for stability test in ComposerRepository
2012-10-30 22:20:49 +01:00
b10c832be0
fixed a typo
2012-10-28 09:57:42 +01:00
125ff3e4f5
Fix root aliasing with new providers repo format
2012-10-24 16:11:32 +02:00
ad9f887edd
Clarify error message to sound less scary until we can guarantee it
2012-10-23 10:53:17 +02:00
9ed481ef02
Fix handling of legacy Composer repositories
2012-10-22 21:40:32 +01:00
e887f6cea9
Fix CS
2012-10-22 20:25:11 +02:00
89d4df990a
Use JsonFile to decode cached entries
2012-10-22 17:56:30 +02:00
fef3dacdfb
Reset ids of aliased packages as well
2012-10-22 14:28:55 +02:00
338127ff9c
Disable failure on hash mismatch until it can be proven to work reliably
2012-10-21 16:10:47 +02:00
5978197b5d
Reset package IDs before they can be used in the pool in case there are already some in the cache
2012-10-18 12:57:55 +02:00
541bcabbc0
Actually check the hash after downloading
2012-10-15 14:37:27 +02:00
07f72e9fb6
Add support for provider listings
2012-10-14 16:33:53 +02:00
a3f9accd37
Fix various dumb issues
2012-10-13 18:54:48 +02:00
aafc1f7857
Make sure alias package have a repo instance set
2012-10-13 17:19:06 +02:00
41c7432fef
Do not fetch from repo for packages that obviously can not be there
2012-10-13 17:18:47 +02:00
c0e5736ae7
Add support for one-file-per-provider composer repositories
2012-10-12 18:24:26 +02:00
116b822953
Fix loop and add missing options
2012-10-11 21:35:51 +02:00
1d80720405
Add retries and failover of all jsons to cache even if the main one worked
2012-10-11 21:26:11 +02:00
fb296972ef
Enable https for packagist when possible
2012-10-11 20:57:31 +02:00
6cf860669f
Add repository stream context options
...
Add support for passing stream context options to the
StreamContextFactory. This allows support for SSH keyfiles, SSL
certificates and much more. Example:
{
"repositories": [
{
"type": "composer",
"url": "ssh2.sftp://host:22/path/to/packages.json",
"options": {
"ssh2": {
"username": "composer",
"pubkey_file": "/path/to/composer.key.pub",
"privkey_file": "/path/to/composer.key"
}
}
}
]
}
2012-10-03 14:49:41 +02:00
4799053ca9
Allow dot in URL scheme
...
This makes it possible to support SSH2 urls, like ssh2.scp://
See: http://www.php.net/manual/en/wrappers.ssh2.php
2012-10-03 10:50:02 +02:00
c14826dd1e
Fix exception handling when loading repos
2012-09-08 13:49:37 +02:00
fe4516aff8
Clarify exception messages when a package can not be loaded from a composer repository, fixes #1070
2012-09-08 02:00:02 +02:00
57d1b5a37d
Issue #1056 . Fixed callback call error on search command.
2012-09-06 09:15:29 +03:00
803178d28f
CS fixes for #1038
2012-08-29 15:24:05 +02:00
560d6daccf
Using separate variable for URL parts
2012-08-29 15:12:08 +02:00
841efc98a6
Appending 'packages.json' only if not present in URL
2012-08-29 15:08:04 +02:00
c14bc368b0
Fix memory usage of the update command
2012-08-24 02:29:37 +02:00
Jordi Boggiano