ed590de8dd
typo
...
I see, that exist a typo error.
2013-02-28 16:56:26 +01:00
c29f3c698e
Fix support of aliases combined with reference locked packages, fixes #1631
2013-02-28 10:51:21 +01:00
e3f06582e4
Clean up archive downloader, fixes #1630
2013-02-27 19:15:40 +01:00
1c468e7c02
Fix cs
2013-02-27 17:35:53 +01:00
821f57f443
A bug in PHP prevents the headers from correctly beeing sent when a content-type header is present and
...
NOT at the end of the array
https://bugs.php.net/bug.php?id=61548
This updates fixes the array by moving the content-type header to the end
2013-02-27 17:07:13 +01:00
9f961dca92
Guard against arrays being passed to is_file, fixes #1627
2013-02-27 15:45:04 +01:00
259a25344d
Use the api to get file contents instead of raw.github.com
...
raw.github does not like the access_token query param
2013-02-27 14:10:28 +01:00
5454645cf3
Merge pull request #1625 from jappie/master
...
Fixed the "access_token query param" (5b1f314
2013-02-27 04:36:27 -08:00
573b7a0fb7
Only downgrade providers but not the notification url
2013-02-27 13:32:21 +01:00
88ae6c023b
Extract archives into temp dir to shorten paths and avoid issues on windows, fixes #1591
2013-02-27 13:31:55 +01:00
4347cb7a55
Fixed the "access_token query param" ( 5b1f314) fix
2013-02-27 13:23:59 +01:00
f69418427f
Add lib-ICU platform package
2013-02-27 13:11:35 +01:00
5b1f3145c2
Update the way github authorization is handled, fixes #1632
...
Since api.github.com redirects to s3 for downloads and s3 does not like Authorization
headers, we have to rely on the access_token query param. Otherwise php follows redirects
but still sends the Authorization header to all following requests.
2013-02-27 12:34:18 +01:00
15e9c3d101
Show proper error message when a git bitbucket repo is loaded as hg repo, refs composer/packagist#294
2013-02-27 10:54:19 +01:00
a783727227
adding use statement
2013-02-25 15:55:37 +00:00
0ba335730e
Specific schema validation failure messages (fixes issue #1616 )
2013-02-25 15:34:31 +00:00
914a4b32e4
removing incorrect optimization
2013-02-25 09:15:25 +00:00
c6c521bfae
optimizing loops
2013-02-25 08:55:26 +00:00
e43d0b5a5b
Allow for "proprietary" as license identifier
2013-02-24 18:33:06 +01:00
8d55b9cced
Merge remote-tracking branch 'ronnylt/script-event-post-dump-autoload'
...
Conflicts:
tests/Composer/Test/Autoload/AutoloadGeneratorTest.php
2013-02-22 18:42:29 +01:00
cee34b4faa
Add the include_paths.php autoload file to the phar when it is present
2013-02-21 18:53:39 +01:00
d4c9a9004a
Add support for the hashed provider includes
2013-02-21 18:51:22 +01:00
2c4c5dd764
Fail hard only after 3 failed attempts
2013-02-21 18:18:04 +01:00
c7ed20e9d8
Fix minor issues in json code
2013-02-21 17:58:23 +01:00
b750e70f5f
Abort execution when a RepositorySecurityException is thrown
2013-02-21 17:41:38 +01:00
995dc40130
Make packagist downgrade out of ssl after fetching the main file, since the other files can be verified via sha256
2013-02-21 17:37:18 +01:00
211b69b38b
Adjust exception message
2013-02-21 17:07:53 +01:00
b59489f6ae
Merge remote-tracking branch 'edas/exception-on-broken-signature'
2013-02-21 17:04:41 +01:00
9521d1e7ad
Make use of new hashed provider filenames, fixes #1431 , refs composer/packagist#283
2013-02-21 16:50:04 +01:00
27898c4c31
Suppress errors from mkdir calls that are checked for failure
2013-02-20 14:51:15 +01:00
0525297ff5
Always move time to the end of the package spec in the lock file, fixes #1498
2013-02-20 13:27:45 +01:00
b7cd971b06
Merge pull request #1598 from fabpot/package-time-fix
...
fixed time parsing when the composer.lock file has an old time format
2013-02-20 01:01:38 -08:00
ab4e3fbf86
fixed time parsing when the composer.lock file has an old time format
2013-02-19 19:42:59 +01:00
5a484cb3a9
Make sure target-dir plays well with classmap and files autoload, for root and deps, refs #1550
2013-02-19 15:23:43 +01:00
ab1256e135
Merge remote-tracking branch 'cmodijk/master'
2013-02-19 14:21:31 +01:00
518253e150
Show proper repo information and not always the default ones
2013-02-19 11:54:20 +01:00
8ac4b649c3
Merge remote-tracking branch 'gerryvdm/master'
...
Conflicts:
src/Composer/Command/ShowCommand.php
2013-02-19 11:42:15 +01:00
e348642aa7
Fix json manipulator handling of escaped backslashes, fixes #1588
2013-02-18 17:27:43 +01:00
2e12993c9c
Make selfupdate use ssl when possible
2013-02-15 23:55:20 +01:00
d4fb7bd251
Substract 1char from the width to avoid blank lines in the output on windows
2013-02-15 14:23:08 +01:00
211ca0c826
Merge remote-tracking branch 'KingCrunch/pretty-show'
2013-02-15 14:19:35 +01:00
c55c9e4e8d
Use strtr instead of str_replace
2013-02-15 12:54:33 +01:00
b5c7d97e8c
Pretty "show"-command
2013-02-15 12:17:39 +01:00
a8a99cee24
Fix RepositorySecurityException class name
2013-02-15 09:52:31 +01:00
a2525c8fbe
Replace backslashes in Window directories for config --list
2013-02-14 23:12:24 +00:00
59f8be3b92
Throw Exception on broken signature
...
This is related to issue #1562
With a fresh installation of Composer I had the following message:
> The contents of https://packagist.org/p/providers-latest.json do not
match its signature, this is most likely due to a temporary glitch but
could indicate a man-in-the-middle attack.
> Try running composer again and please report it if it still persists.
This was *probably* a temporary glitch, as the error did not appear
again, even after a full reinstallation of all packages.
*However* Composer had no way to differentiate a man-in-the-middle
attack and a temporary glitch. The installation / update did continue
despite the problem and files where installed / updates with no easy
rollback. These files may have been corrupted with malicious code and I
have no way to check they don't.
This is a *serious* security issue.
The code in [ComposerRepository line
434](https://github.com/composer/composer/blob/master/src/Composer/Repos
itory/ComposerRepository.php#L434) states
```php
// TODO throw SecurityException and abort once we are sure this can not
happen accidentally
````
Even if the broken signature may happen in accidentally in a standard
process, if it may be a security issue, we have to abort the procedure,
or at least ask for confirmation to the user. If it helps continuing
despite the temporary glitch, it may be possible to add a command line
switch like `--ignore-signature` to force the process to continue.
Proposed :
Send a RepositorySecurityException instead of the warning, even if this
may happen accidentally
2013-02-14 15:53:40 +01:00
5127fe8359
added type check to autoloader fixes #1504
2013-02-14 00:10:18 +01:00
2b36f61596
Use full hash in version information of dev phars, fixes #1502
2013-02-13 14:32:50 +01:00
97dfbefa72
Add support for arbitrary values for the references in version constraints
2013-02-13 13:26:27 +01:00
17a5bdf162
Normalize github URLs generated by the GitHubDriver, fixes #1551
2013-02-13 12:55:14 +01:00
94e99b9c8b
Update docs, config command and schema with all the config values
2013-02-12 11:16:52 +01:00
5165008be7
Merge remote-tracking branch 'pierredup/master'
2013-02-12 10:17:49 +01:00
dd372e7635
Add explicit return
2013-02-12 10:14:44 +01:00
8ab5ef430a
Merge remote-tracking branch 'bamarni/require-command-rollback'
2013-02-12 10:13:29 +01:00
f98f093f7b
Minor code reformatting and error message clarification
2013-02-11 22:55:14 +01:00
8bcb442d2b
Merge remote-tracking branch 'romainneutron/zip-downloader'
2013-02-11 22:53:26 +01:00
1dd7700fc2
Capture output of the rm command
2013-02-11 22:52:06 +01:00
2d40e14985
Try twice to remove a directory on windows because sometimes it fails due to temporary locks
2013-02-11 22:51:24 +01:00
77290069a2
Added option to only show package names
...
Added the --name-only (-N) option to the show command to only list
package names (and exclude version and description).
This is useful to produce a list of package names to be parsed by
a shell script for example (bash completion comes to mind).
2013-02-11 16:13:43 +01:00
2552f4c65e
Added option to only show available packages
...
Added the --available (-a) option to the show command to only list
the available packages, similar to the --installed and --platform
options.
Additionally changed the output formatting when limiting the
package result to remove the hierarchy when only one type is being
showed. This facilitates parsing of a list of packages (for example
for shell scripting and completion).
2013-02-11 16:05:13 +01:00
908d2d91da
Fix case insensitive matching
2013-02-11 11:52:50 +01:00
432955e0ae
Fix github url escaping, raw.github.com doesnt like escaped slashes
2013-02-11 09:34:50 +01:00
ae9a001053
RequireCommand - check if composer.json is writable
2013-02-02 10:49:32 +01:00
99e4173b3d
RequireCommand - rollback if it fails ( fixes #1469 )
2013-02-01 10:24:05 +01:00
72d4bea89e
Change strategy for ZipDownloader
...
Try to use unzip command-line before ZipArchive as this one does not correctly handle file permissions whereas unzip does.
2013-01-31 10:57:59 +01:00
9219e1ab0a
Simplify ordering of links (there cannot be multiple links to the same target)
2013-01-31 10:19:16 +01:00
704837c574
- Sort links and keywords in ArrayDumper result (fixes issue #1499 )
...
- Adapt ArrayDumperTest
2013-01-31 09:55:19 +01:00
3b2accfb58
Merge pull request #1543 from Slamdunk/minor/mt-rand
...
Switch rand() to mt_rand()
2013-01-30 02:50:42 -08:00
49c839d780
Fix cache blasting on nix
2013-01-30 11:19:16 +01:00
470adc47df
Switched rand() to mt_rand()
2013-01-30 10:44:07 +01:00
ff1cf15cb4
Fix unlink(folder) failure on Windows using removeDirectory()
2013-01-28 15:38:50 +00:00
46f5c53521
Merge pull request #1530 from pborreli/typos
...
Fixed typos
2013-01-27 02:06:30 -08:00
86defea407
Modify punctuation for outdated dependency message in installer
2013-01-27 03:25:19 +07:00
46bbf83778
Fixed typos
2013-01-26 18:43:01 +00:00
5a4c720535
Add another missing use statement, fixes #1521
2013-01-25 10:22:54 +01:00
1539c54a1d
Merge pull request #1523 from deguif/master
...
Moved setter for repository before getter in BasePackage class
2013-01-25 01:19:31 -08:00
958ffd8e8b
Add missing use statement, fixes #1521
2013-01-25 10:16:53 +01:00
3c21dc1499
Moved setter before getter and added @inheritDoc
2013-01-24 13:04:37 +01:00
8904888a74
Add php-64bit package if the php version has 64bit ints, fixes #1506 , fixes #1511
2013-01-23 15:55:48 +01:00
5bac9ffaaa
Merge remote-tracking branch 'xrstf/mercurial-support'
2013-01-23 15:47:51 +01:00
1b5229dc04
Fixed phpdoc
2013-01-23 11:24:20 +01:00
c84d3d5937
replicate the git behvaiour to resolve a feature's version for mercurial
2013-01-23 04:53:57 +01:00
d84484b49d
added hg support for Package\Locker
2013-01-23 04:37:02 +01:00
c7c55915f8
do not output the xcopy summary
2013-01-21 00:52:56 +01:00
e33aebc75d
Fix cs
2013-01-17 17:15:22 +01:00
1bd01a8b0b
Merge remote-tracking branch 'joeholdcroft/autoload-namespace-prepend'
2013-01-17 17:14:27 +01:00
7d5e4f76fb
Bug fix & changing loop + array_unshift to array_merge
2013-01-17 14:12:03 +00:00
a7c950cddd
Add support for github-oauth in config command
2013-01-16 16:19:22 +01:00
41e91f3064
Fixed an issue when a phar file is used in "files" option in composer.json
2013-01-16 00:29:02 +06:00
91ca7d7493
Make use-include-path default to false
2013-01-14 13:09:51 +02:00
84b34b70e0
Add config option to set if the PHP include path should automatically be used when generating the autoloader
2013-01-14 11:15:06 +02:00
dea4bdf8f0
Expand {} into a new line before manipulating json, fixes #1481
2013-01-13 17:06:35 +01:00
cea4c05021
Fix parsing of ~ version constraint with unstable versions, fixes #1476
2013-01-13 16:36:40 +01:00
24611ec919
Add newline because JsonManipulator does not expand {}
2013-01-13 16:02:50 +01:00
a48675005b
Implicitly create composer.json in require command
...
This allows shorteninig install instructions if you do not want to use init
(because it is interactive) and you do not want to use create-project (there
is no skeleton, or you do not want to use a skeleton).
2013-01-13 15:57:03 +01:00
a18db058d5
Fix typo
2013-01-11 16:36:03 +01:00
ee1691f799
Also try authenticating on github for 403 responses
2013-01-11 16:27:33 +01:00
f627c3c603
Make Event devMode argument optional (false by default).
2013-01-10 18:12:46 +01:00
e5cbf83185
Added post-autoload-dump script event.
2013-01-10 15:04:20 +01:00
b51a4a7854
Improve depends output, fixes #1459
2013-01-08 17:38:27 +01:00
Daniel González