public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code
11,133 Commits
6 Branches
212 Tags
56 MiB
Commit Graph

308 Commits (cc32ebcabd578dbc3da8e06e6e005ebc47c00eb2)

Author SHA1 Message Date
Jordi Boggiano cc32ebcabd
Search improvements (#10336) 
* Search performance improvements, add SEARCH_VENDOR type, fixes #10326, fixes #10324, fixes #10325

* Add extra optimization path for autocompletion of ^foo/* whereas the vendor is fully known, refs #10320
 2021-12-08 11:45:18 +01:00
Jordi Boggiano 24ce1eddbd
Add composer/pcre dependency and use it everywhere instead of preg_* 2021-12-07 12:37:19 +01:00
Jordi Boggiano b42a897ebe
Fix var name 2021-12-04 13:41:16 +01:00
Jordi Boggiano 128a2648fb
Optimize name only search with preg_grep, refs #10326 2021-12-03 14:54:17 +01:00
Jordi Boggiano 7c8267f57c
Cache root packages.json, refs #10326 2021-12-03 14:49:41 +01:00
Jordi Boggiano f509c41280
Upgrade PHPStan to 1.0 (#10253) 
Co-authored-by: Martin Herndl <martin@herndl.org>
 2021-11-14 20:42:24 +01:00
Jordi Boggiano 61b50cb7ec
Remove hack from ComposerRepository, fixes #9297 2021-11-13 13:25:25 +01:00
Jordi Boggiano ba1814f306
Added retry behavior for certain http status and curl error codes (#10162) 2021-11-10 22:12:42 +01:00
Martin Herndl 5b47fa1896
Add back abandoned key in repository search results (#10259) 2021-11-08 10:27:45 +01:00
Jordi Boggiano c65d09dff7
Fix @inheritDoc annotations 2021-10-27 16:18:53 +02:00
Martin Herndl 3645d3042c
Add types to root namespace (#10213) 2021-10-26 12:40:52 +02:00
Anatoly Pashin b1a96a3141
PHPStan level 6 in src/Composer/Repository (#10197) 2021-10-25 12:58:31 +02:00
Stephan 261d93aacf
ComposerRepository: handle packages.json with null value for package (#10189) 2021-10-19 13:14:12 +02:00
Jordi Boggiano d1c8a4d1b4
Lots of typing improvements 2021-10-12 22:47:23 +02:00
Jordi Boggiano a7963b7fed
Fix ComposerRepository handling of offline state to allow resolution as long as everything is present in the cache, fixes #10116 2021-10-02 21:22:25 +02:00
Jordi Boggiano 01d734125c
Add more type info 2021-08-30 17:45:35 +02:00
Jordi Boggiano d3c176ec69
PHPStan Level 5 (#10070) 
* Bump PHPStan to level 5

* Update seld/phar-utils to latest

* Add phpstan-setup / phpstan scripts
 2021-08-21 17:41:52 +02:00
Ondřej Mirtes 58ced29a2a
Simplify code 2021-07-14 16:36:12 +02:00
Adam e291aa1d12
Allow PreFileDownloadEvent to carry transport options for metadata (#9831) 2021-04-19 13:55:52 +02:00
Adam 180ba49f33
ComposerRepository::asyncFetchFile() does not pass the downloaded URL to PostFileDownloadEvent (#9827) 2021-04-11 13:59:18 +02:00
Jordi Boggiano d75d79b452
Merge pull request #9822 from phenaproxima/post-file-download 
Fire POST_FILE_DOWNLOAD event for metadata fetched by ComposerRepository
 2021-04-09 14:53:20 +02:00
Jordi Boggiano 9a9c738f23
Add repository instance to Pre/PostFileDownloadEvent metadata 2021-04-09 11:21:14 +02:00
Jordi Boggiano 7dd95a768b
Clean stuff up and deprecate old usages for PostFileDownloadEvent 2021-04-09 11:21:13 +02:00
Phéna Proxima df0a2cdd0a Fire POST_FILE_DOWNLOAD event for metadata fetched by ComposerRepository. 2021-04-08 11:08:13 -04:00
Jordi Boggiano a4eb2d4096
Merge branch '2.0' 2021-04-07 15:58:25 +02:00
Jordi Boggiano ddc3693725
Switch to composer/metadata-minifier, fixes #9727 2021-04-07 15:56:34 +02:00
Adam 29befaa94b
Make ComposerRepository::configurePackageTransportOptions() protected. (#9818) 2021-04-07 15:56:15 +02:00
Jordi Boggiano 4940009f83
Bump phpstan to level 3 (#9734) 
Clean up PackageInterface/CompletePackageInterface, add missing methods, type things in solver as BasePackage, added CompleteAliasPackage, ..
 2021-03-09 15:49:40 +01:00
Jordi Boggiano de8a737015
Fix var shadowing 2021-03-09 14:13:28 +01:00
Jordi Boggiano a6d92e1eee
Sanitize URLs 2021-02-10 12:46:57 +01:00
Jordi Boggiano 902174d2a7
Improve error reporting when failing to load a package, fixes #9680 2021-02-10 11:24:59 +01:00
Jordi Boggiano b7d770659b
CS fixes 2020-11-22 14:52:39 +01:00
Jordi Boggiano 3772696ad6
Use IO for output 2020-10-26 12:34:27 +01:00
Jordi Boggiano 191196de48
Detect broken packagist.org mirrors and fix them on the fly, refs #9297 2020-10-24 11:10:08 +02:00
Simon Berger 002fd39bc6 Removed passing of parameters with default value 2020-09-20 02:16:28 +02:00
Simon Berger 74e02193a8 Do not hard fail on lazy repository when network is disabled and no package cache exists 2020-09-11 21:35:20 +02:00
Jordi Boggiano bb96b04f4a
Remove dead code 2020-09-10 16:05:31 +02:00
Jordi Boggiano 2a82371adf
Rename available-package-regexes to available-package-patterns and switch negated function around, refs #9197 2020-09-10 14:58:05 +02:00
Mike Baynton 66a767c065 specify covered names with regexes in 2.x repos 
This supplements the available-packages list so that repositories may
rule themselves out of a given name (and thus not be probed with lazy
load requests) by regex, as well as by exact name match.

The use case is sizeable and varying supplemental Composer repositories
such as packages.drupal.org, which otherwise must either maintain a list
of over 10k package names in their root packages.json or accept lots of
lazy-load requests for unrelated packages that will 404.
 2020-09-09 21:43:46 -05:00
Simon Berger bae227ec2d Changed all substr calls used to compare fragments of text to strpos 
Some additional code cleanups in those classes

Reverted change causing issues
 2020-09-07 21:08:34 +02:00
Jordi Boggiano 8694077564
Merge pull request #9177 from simonberger/reduce-requests 
Re-Fetch cached packages only once in a run
 2020-09-07 17:01:46 +02:00
Jordi Boggiano cb3c71a18a
Always assume the cache file is fresh when loading a package again which was already loaded, even if it lacks a last-modified header. 2020-09-07 17:00:02 +02:00
Jordi Boggiano fc462ab978
Merge branch '1.10' 2020-09-04 12:18:24 +02:00
Simon Berger 9516d0dc98 Re-Fetch cached packages only once in a run 2020-09-03 08:18:07 +02:00
Yanick Witschi bd6f62c535 Consistently reuse the new PlatformRepository::isPlatformPackage() method 2020-09-01 17:19:19 +02:00
Stephan 773635e355 ComposerRepository: avoid notice if includes do not provide a sha1 2020-09-01 12:21:36 +01:00
Nils Adermann 1385412748 Merge branch 'master' into filter-packages 
* master:
  Add tests for edge cases of packages providing names which exist as real packages
  Add another test verifying that a package may provide an incompatible version of sth that actually exists
  Fix provider coexistence test, needs another requirement to install both
  Fix test filename to end with .test extension so it gets run
  Update config section to note required scope for GitLab tokens
  Fix pre/post-package-install/update/uninstall events receiving a partial list of operations, fixes #9079
  Also remove credentials from cache dirs in git/svn drivers, fixes #7439, refs #9155
  AuthHelper: Allow fall-through GitLab-specific HTTP headers for auth
  Sanitize repo URLs to mask HTTP auth passwords from cache directory
  Util/Zip: fix strpos args order
 2020-08-28 14:52:58 +02:00
Ayesh Karunaratne 87573aab27
Sanitize repo URLs to mask HTTP auth passwords from cache directory 
When a Composer repository is cached, a directory name is generated created stored package meta information fetched from that repository.
The cache directory can contain HTTP basic auth tokens, or access_token query parameters that end up in the directory name of the cache directory.

Discovered when trying out [GitLab composer repository feature](https://php.watch/articles/composer-gitlab-repositories), and the HTTP password was visible in a `composer update -vvv` command.

Using passwords/tokens in the URL is fundamentally a bad idea, but Composer already has `\Composer\Util\Url::sanitize()` that tries to mitigate such cases, and this same function is applied to the repo URL before deciding the name of the repo cache directory.
 2020-08-26 23:01:00 +07:00
Jordi Boggiano 9a04ecefbf
Merge branch 'master' into filter-packages 2020-08-25 16:51:28 +02:00
Jordi Boggiano 90332f1dbd
Add a readonly mode to the cache, fixes #9150 2020-08-25 13:55:32 +02:00