1
0
Fork 0
Commit Graph

4017 Commits (a48159b2838bcbd429ee57e31b848e5db26239a1)

Author SHA1 Message Date
Niels Keurentjes a48159b283 Bail out if root package attempts to include itself. 2016-01-26 23:39:39 +01:00
Jordi Boggiano 593b88e414 Let users configure *any auth* via COMPOSER_AUTH and add it to the docs, refs #4546 2016-01-26 19:09:57 +00:00
Jordi Boggiano e513f27674 Merge remote-tracking branch 'firoxer/envvar_auth' 2016-01-26 18:59:55 +00:00
Jordi Boggiano ae14e0f086 Add ssh2 protocol default ports, fixes #4835 2016-01-26 16:53:41 +00:00
appchecker 13b50799d1 fix: missing parentheses 2016-01-26 18:19:58 +03:00
Jordi Boggiano 618e7f98b2 Force base error reporting level to include everything 2016-01-26 15:05:57 +00:00
Jordi Boggiano 4e00635298 Fix error handling support, fixes #4833 2016-01-26 15:04:13 +00:00
Rob Bast f829a160fb use a proper tmp directory
this test failed on OSX before, trying to create a directory at the root of the filesystem
2016-01-26 14:32:04 +01:00
Jordi Boggiano 1818b95149 CS fixes 2016-01-26 13:07:18 +00:00
Jordi Boggiano 5c944d45ac Merge pull request #4827 from curry684/issue-4203
Added more graceful warning suppression utility
2016-01-26 12:31:18 +00:00
Niels Keurentjes c2e768b8ad Made Silencer invocations safer against exceptions. 2016-01-26 13:27:24 +01:00
Jordi Boggiano 5672f67475 Merge pull request #4829 from curry684/issue-4726
Globbing while resolving path repositories now normalizes to slashes
2016-01-26 12:18:47 +00:00
Jordi Boggiano fff5074bbf Fix additionalOptions getting dropped when SAN and redirect handling are combined, refs #4782 2016-01-26 10:44:06 +00:00
Jordi Boggiano 03e0d65f37 Allow stream wrapper usage in config dirs, fixes #4788 2016-01-25 23:40:16 +00:00
Niels Keurentjes 84fed02df1 Globbing while resolving path repositories now normalizes to slashes for predictable cross-platform behaviour. Fixes #4726 2016-01-26 00:33:47 +01:00
Niels Keurentjes 76c1645a0e Merge remote-tracking branch 'upstream/master' into issue-4203 2016-01-25 23:38:13 +01:00
Niels Keurentjes 18cd4f966b Added silencer utility to more gracefully handle error suppression without hiding errors or worse. Fixes #4203, #4683 2016-01-25 23:37:54 +01:00
Jordi Boggiano e0ff9598c3 Tweak wording a bit, refs #3177 2016-01-25 22:24:34 +00:00
Jordi Boggiano 4d9bab4b86 Merge remote-tracking branch 'singles/missing-extension-ini-hint' 2016-01-25 22:22:41 +00:00
Jordi Boggiano c5cb2327cf Merge remote-tracking branch 'bamarni/config-repo-options' 2016-01-25 21:28:22 +00:00
Jordi Boggiano 5b41eaad3a Bundle pubkeys and fail hard if validation can not happen 2016-01-25 19:43:48 +00:00
Jordi Boggiano 59975e3aaa Add missing keys class 2016-01-25 19:43:48 +00:00
Jordi Boggiano f4bcf7590b Fix array syntax 2016-01-25 19:43:48 +00:00
Jordi Boggiano 3ef22258e5 Add key fingerprints for easier comparison and debugging via diagnose 2016-01-25 19:43:48 +00:00
Jordi Boggiano a9be7c83f1 Add verification of signatures when running self-update 2016-01-25 19:43:48 +00:00
Jordi Boggiano bdb97e7527 Reuse new TlsHelper for CA validation, refs #4798 2016-01-25 19:17:56 +00:00
Jordi Boggiano 1ea810d40b Merge remote-tracking branch 'cs278/san-support' 2016-01-25 18:53:45 +00:00
Jordi Boggiano 78ffe0fd08 Avoid checking CA files several times 2016-01-25 18:34:52 +00:00
Bilal Amarni e727f9f5fe [Config command] allow to pass options when adding a repo 2016-01-25 19:25:10 +01:00
Jordi Boggiano 901e6f1d0e Fix output and handling of RFS::copy() and extract redirect code into its own method, refs #4783 2016-01-25 17:55:29 +00:00
Jordi Boggiano a574d5ef76 Merge remote-tracking branch 'cs278/follow-redirects' 2016-01-25 17:26:05 +00:00
Chris Smith e2e07a32c3 Fixes to vuln detection 2016-01-24 20:54:43 +00:00
Chris Smith bc8b7b0f78 Remove left behind debug code 2016-01-24 19:41:14 +00:00
Chris Smith b32aad8439 Do not set TLS options on local URLs 2016-01-24 19:10:11 +00:00
Chris Smith 74aa73e841 The origin may not be the remote host 2016-01-24 19:09:35 +00:00
Chris Smith 304c268c3b Tidy up and general improvement of sAN handling code
* Move OpenSSL functions into a new TlsHelper class
* Add error when sAN certificate cannot be verified due to
  CVE-2013-6420
* Throw exception if PHP >= 5.6 manages to use fallback code
* Add support for wildcards in CN/sAN
* Add tests for cert name validation
* Check for backported security fix for CVE-2013-6420 using
  testcase from PHP tests.
* Whitelist some disto PHP versions that have the CVE-2013-6420
  fix backported.
2016-01-24 19:02:50 +00:00
Chris Smith 7e2a015e9b Provide support for subjectAltName on PHP < 5.6 2016-01-24 19:02:29 +00:00
Jordi Boggiano 837fa805ec Code tweaks, refs #4124 2016-01-22 19:09:44 +00:00
Jordi Boggiano ddd140fd1c Rollback plugin api version to 1.0.0 for now, add warning about requiring 1.0.0 exactly 2016-01-22 19:09:03 +00:00
nevvermind 5ec6988218 Fixed docs and removed implementation detail 2016-01-22 13:54:59 +00:00
nevvermind aa45a48283 Refactoring
- changed "SPI" into something more familiar, like "implementation"
- throw exceptions on invalid implementation types or invalid class names
- use null instead of false when querying
- refactored the tests accordingly
2016-01-22 13:51:32 +00:00
nevvermind ec8229ffa3 Remove @since 2016-01-22 13:51:32 +00:00
nevvermind 2051d74774 Added Capable plugins for a more future-proof Plugin API
Plugins can now present their capabilities to the PluginManager, through which it can act accordingly, thus making Plugin API more flexible, BC-friendly and decoupled.
2016-01-22 13:51:32 +00:00
Rob Bast 5b85ee409c add missing array-replace-recursive 2016-01-22 14:29:29 +01:00
Rob Bast d6be2a693b switch to array-replace-recursive 2016-01-22 14:27:08 +01:00
Rob Bast 2393222826 more appropriate name 2016-01-22 09:20:43 +01:00
Rob Bast 474541e9aa apply comments
- add capath to json schema
- simplify factory
- hash_file and sha256 for CA checking
- remove exception as scenario should not occur
- remove executable bit from CA file
- make CA file also group/world writable (we overwrite invalid content anyway)
    to avoid permission errors as much as possible
2016-01-22 09:14:37 +01:00
Chris Smith 33f823146b Account for ports in URL 2016-01-22 01:48:16 +00:00
Chris Smith 34f1fcbdcb Drop downgrade warning 2016-01-22 01:47:05 +00:00
Rob Bast c232566e52 add a hash to make sure CA file gets recreated if the content changes 2016-01-21 16:02:44 +01:00