901e6f1d0e
Fix output and handling of RFS::copy() and extract redirect code into its own method, refs #4783
2016-01-25 17:55:29 +00:00
a574d5ef76
Merge remote-tracking branch 'cs278/follow-redirects'
2016-01-25 17:26:05 +00:00
e2e07a32c3
Fixes to vuln detection
2016-01-24 20:54:43 +00:00
bc8b7b0f78
Remove left behind debug code
2016-01-24 19:41:14 +00:00
b32aad8439
Do not set TLS options on local URLs
2016-01-24 19:10:11 +00:00
74aa73e841
The origin may not be the remote host
2016-01-24 19:09:35 +00:00
304c268c3b
Tidy up and general improvement of sAN handling code
...
* Move OpenSSL functions into a new TlsHelper class
* Add error when sAN certificate cannot be verified due to
CVE-2013-6420
* Throw exception if PHP >= 5.6 manages to use fallback code
* Add support for wildcards in CN/sAN
* Add tests for cert name validation
* Check for backported security fix for CVE-2013-6420 using
testcase from PHP tests.
* Whitelist some disto PHP versions that have the CVE-2013-6420
fix backported.
2016-01-24 19:02:50 +00:00
7e2a015e9b
Provide support for subjectAltName on PHP < 5.6
2016-01-24 19:02:29 +00:00
d6be2a693b
switch to array-replace-recursive
2016-01-22 14:27:08 +01:00
2393222826
more appropriate name
2016-01-22 09:20:43 +01:00
474541e9aa
apply comments
...
- add capath to json schema
- simplify factory
- hash_file and sha256 for CA checking
- remove exception as scenario should not occur
- remove executable bit from CA file
- make CA file also group/world writable (we overwrite invalid content anyway)
to avoid permission errors as much as possible
2016-01-22 09:14:37 +01:00
33f823146b
Account for ports in URL
2016-01-22 01:48:16 +00:00
34f1fcbdcb
Drop downgrade warning
2016-01-22 01:47:05 +00:00
c232566e52
add a hash to make sure CA file gets recreated if the content changes
2016-01-21 16:02:44 +01:00
cef97904d0
dont rewrite temp CA file if it already exists
...
and make it readable by everyone the first time we create it
2016-01-21 15:07:51 +01:00
4482a1dca0
also wrong array
2016-01-20 21:53:49 +01:00
f79255df29
make sure passed options are merged into defaults before checking
2016-01-20 21:35:06 +01:00
94947ee772
merge isset() calls
2016-01-20 21:29:55 +01:00
b95b0c2ab6
wrong array
2016-01-20 21:27:26 +01:00
008cce8d85
add back sanity checks
2016-01-20 21:24:13 +01:00
c1488f65bf
a quick stab at adding capath
2016-01-20 21:20:18 +01:00
dd3216e93d
Refactor to use new helper methods for headers
2016-01-19 22:19:17 +00:00
8a8ec6fccc
Too many redirects is not an error in PHP, return the latest response
2016-01-19 22:06:38 +00:00
33471e389f
Pass redirect count using options
...
Removing the risk it might be preserved between requests.
2016-01-19 22:06:27 +00:00
e830a611ec
Handle other path redirects
2016-01-19 22:06:27 +00:00
ffab235edd
Remove code preventing protocol downgrades
2016-01-19 22:06:27 +00:00
ce1eda25f3
Follow redirects inside RFS only when required by PHP version
2016-01-19 22:06:27 +00:00
73662c725a
Don't let PHP follow redirects it doesn't validate certificates
2016-01-19 22:06:04 +00:00
546730dcf3
Show CA files being used in debug mode, refs #4792
2016-01-19 17:34:29 +00:00
f9fadb187e
Fix undefined var $auth issue
2016-01-19 12:04:23 +00:00
a13b06725e
Add support for if-modified-since on lazy repos and turning packagist into a lazy provider repo
2016-01-18 14:03:10 +00:00
33c123e8c2
Fix passing of options to remotefilesystem in composer repo
2016-01-18 12:28:03 +00:00
22d8b5dff4
fix possible caBundle error
2016-01-18 08:59:12 +01:00
8375af268c
Use fixed CN_match for github hosts, fixes #4782
2016-01-17 13:41:56 +00:00
42f49b3b97
fix missing import
2016-01-16 20:47:49 +01:00
d7c61c50ad
Merge branch 'tls-config'
2016-01-16 16:55:19 +00:00
fb848d2e07
Code cleanups
2016-01-16 16:50:28 +00:00
72fae0bf70
Declare CN_match/SNI_server_name only for php <5.6
2016-01-16 16:28:04 +00:00
449f68deae
Remove dangerous CN_match fallback
2016-01-16 16:26:14 +00:00
03299ff075
Suggest https in docs where it makes sense, closes #4056
2016-01-10 20:34:53 +00:00
fc4d94f160
Code clarity and updates from the getcomposer.org installer
2016-01-10 17:59:08 +00:00
cb53bd04cb
Remove a few instances of RemoteFilesystem that were not needed
2016-01-10 17:07:54 +00:00
f8dff0867c
Remove --disable-tls/--cafile flags and rely solely on config options plus some wording clarifications
2016-01-10 16:37:11 +00:00
5d015defb8
Merge remote-tracking branch 'origin/master' into tls-config
2016-01-10 16:10:22 +00:00
29312be4df
Strict typing fixes
2015-12-16 17:48:12 +00:00
fbab2bfa17
Move user agent definition to StreamContextFactory so it is available in all contexts
2015-11-23 15:12:33 +00:00
f084b1e053
Remove duplicate handling of retry-auth-failure option, refs #3765
2015-11-21 21:51:58 +00:00
020c126c27
Fix CS
2015-11-21 21:51:43 +00:00
a10bffec0e
Merge remote-tracking branch 'GromNaN/gitlab'
2015-11-21 21:48:46 +00:00
966a982738
CS fixes
2015-11-21 19:28:10 +00:00
4255db9e31
Allows SSH urls for gitlab and detect the scheme
...
SSH urls uses HTTPS to request the API
2015-11-14 16:05:05 +01:00
ac68a721f4
Merge remote-tracking branch 'composer/master' into gitlab
...
Conflicts:
doc/04-schema.md
src/Composer/Util/RemoteFilesystem.php
2015-11-14 14:13:39 +01:00
6ccc562c0f
Add tests on GitLab class (copied from GitHubTest)
2015-11-13 18:50:50 +01:00
db056b8383
Fix retry authentification on gitlab oauth
2015-11-13 18:36:29 +01:00
211d4632bb
Fix compatibility with PHP 5.3
2015-11-13 18:06:17 +01:00
58a6d4b7d3
Add comment
2015-11-10 16:35:29 +00:00
064e1a6d6d
Fix handling of http 400 errors
...
Before 400 errors were silently dropped. This caused composer to store
the returned body (usually some html) in cache. This resulted in later
errors when composer tried to extract this error response as zip.
With this exceptions thrown it handles the error gracefully and falls
back to the next URL provided by the package configuration.
2015-11-10 16:30:01 +01:00
54584e6b0f
Have xcopy overwrite existing files
2015-11-04 10:46:27 -05:00
c7ed232ef4
Merge pull request #4529 from jeroenseegers/warn-on-commit-reference
...
Generate a warning when a commit reference is used
2015-10-29 10:52:59 +01:00
8e99cec3e7
Fix ref to findShortestPath
2015-10-28 00:04:33 +00:00
125dc62fab
Make trigger error visible
2015-10-27 16:11:07 +00:00
615638c7c3
Simplify bin-compat by removing the nosymlink option, refs #3704
2015-10-27 15:36:12 +00:00
c9b51a5751
Merge remote-tracking branch 'kocsismate/feature-bin-compat'
2015-10-27 15:20:53 +00:00
279b5f0156
Drop irrelevant properties from composer_commit-ref.json
2015-10-27 14:20:45 +01:00
f3dc31839f
Refactor commit-ref validation
...
The require and require-dev arrays have been merged into one and no
longer user private methods/properties to collect warnings.
2015-10-27 13:59:29 +01:00
73e73c90fb
Generate a warning when a commit reference is used
...
Closes #4485
2015-10-23 21:38:11 +02:00
b523fc0b7b
ran fixers
2015-10-13 11:35:51 +02:00
ce08582671
Fix CS
2015-09-28 10:53:24 +01:00
ae23979dfa
Add validation warning for prs-0/4 definitions without namespace prefix, refs #3202
2015-09-20 19:29:53 +01:00
ead68d3d49
Create the path repository and downloader
2015-08-18 14:40:48 +01:00
9859859f10
Add comment, fixes #4145
2015-08-17 15:57:00 +01:00
87c16073ec
Merge branch 'master' of https://github.com/composer/composer into feature-bin-compat
2015-07-22 15:54:20 +02:00
00c26791fa
Merge pull request #4264 from alcohol/use-composer-spdx
...
remove spdx files, introduce external library
2015-07-20 18:29:14 +01:00
bbf959ac34
Do not retry failures once degraded mode is already enabled
2015-07-20 17:44:03 +01:00
ff84b32097
Add degraded mode to try and bypass ipv6/gzip issues, refs #4142 , refs #4121
2015-07-20 17:33:53 +01:00
2553f5f7d4
throw error when file is loaded
2015-07-20 12:10:30 +02:00
616585e0cc
spdxlicense extends spdxlicenses, add depr error
2015-07-16 13:21:18 +02:00
5ae9e7fe22
remove spdx files, introduce external library
2015-07-16 11:42:12 +02:00
e2b2f450dc
Merge pull request #4144 from staabm/patch-2
...
Dropped unnecessary break statements
2015-07-03 21:49:05 +01:00
9b3e8b963e
Merge pull request #4143 from staabm/patch-1
...
Dropped obsolete condition
2015-07-03 21:48:39 +01:00
4019f7bb44
Revert "apply a regex solution instead of tokenizer"
...
This reverts commit 33a7305e22c8d4e2ce38586855fd3d4b7b2af3dd.
2015-07-03 12:22:16 +02:00
b5d286e27b
apply a regex solution instead of tokenizer
2015-07-03 12:22:16 +02:00
e4118385a0
updated spdx related files
2015-07-03 12:22:16 +02:00
6a64041055
CS fixes
2015-06-30 15:38:32 +01:00
eac5fbdee4
Fix: Remove unused imports
2015-06-28 23:20:54 -04:00
94a924b702
Dropped unnecessary break statements
...
Next line breaks nevertheless
2015-06-14 10:16:45 +02:00
a4ad3c2146
Dropped obsolete condition
...
The conditional a few lines above already checks for `bytesMax > 0`
2015-06-14 10:13:18 +02:00
49bd1d773b
Make an invalid package name a publish error, not warning
...
Since invalid names will prevent publishing to packagist, they should
be considered publish errors. If people do not plan on submitting their
package to packagist, they can use the --no-check-publish flag to turn
it into a normal warning again.
2015-06-07 17:44:56 -07:00
a060c536bb
Remove extra '/' when findShortestPath $from ends with '/'
2015-06-04 14:44:09 -03:00
84c9c30b63
Remove extra '/' when findShortestPath $from is a directory
2015-06-03 16:48:01 -03:00
1753c275ff
Handle deprecation notices softer
2015-05-31 12:26:57 +01:00
4d5d524704
Clear stat cache after a git failure as it might have modified the filesystem
2015-05-07 16:28:18 +01:00
52d290f5f2
trim token just in case and update tests
2015-05-07 00:37:08 +01:00
41f4451c20
take care of retry-auth-failure:false in case of 403 as well
2015-05-07 00:29:45 +01:00
e16d53893e
Remove password prompt for github tokens and require the user creates a token themselves
2015-05-07 00:29:20 +01:00
29ca21f30e
PHP version checks tweaking
2015-05-05 20:18:24 +02:00
13a3349603
Merge pull request #3967 from xi-ao/master
...
Fixed svn update command
2015-05-05 18:07:08 +01:00
aa4afbf49f
Updated AuthHelper to pass a null for maximum attempts to the IOInterface instead of false so an exception is not thrown by Symfony Question class.
2015-04-30 15:30:01 -04:00
27074083cc
Replaced join() by implode()
2015-04-28 13:23:00 +02:00
2f82ed7035
Fixed the fix :)
2015-04-28 11:19:29 +02:00
b2efb95f33
Fixed svn update command (fails before attempting to use authentication provided in auth.json)
2015-04-27 15:26:32 +02:00
1cb427ff5c
Force http1.1 protocol
2015-04-26 22:18:04 +01:00
a32c919145
Return null instead of false
2015-04-18 19:11:12 +01:00
921b3a0eba
Fix regression with non-SPDX licenses in show command, refs #3885
2015-04-15 19:27:04 +01:00
dbfd47eeca
CS fixes
2015-04-15 01:22:19 +01:00
3a06e6f036
Merge pull request #3885 from jakoch/patch-spdx
...
updated spdx-license handling to include metadata
2015-04-14 23:37:03 +01:00
7bf886b3ba
Remove two factor authentication
2015-04-11 17:56:11 +00:00
f870396568
Add oauth2 support for gitlab
2015-04-10 21:45:24 +00:00
951b07eabc
Fix #3903
2015-04-04 12:38:12 +02:00
258408524f
Converted Symlink utility to UTF-8
2015-03-30 20:03:25 +02:00
38c26ae26b
Added Symlink utility class
2015-03-30 20:00:12 +02:00
74a077dd3d
updated spdx-license handling to include metadata
...
issue https://github.com/composer/composer/issues/3744
summary of changes
- replaced bin script "fetch-spdx-identifiers" by "update-spdx-licenses"
- "update-spdx-licenses" uses "Composer/Util/SpdxLicensesUpdater" to update "spdx-licenses.json" file with license identifier, fullname and osi-approved-status
- dropped "spdx-identifiers.json" (identifiers only)
- dropped "SpdxLicenseIdentifier", it's just "SpdxLicense" now
- modified "ShowCommand" to output the license with metadata and removed some unused method arguments (cleanup)
2015-03-29 22:46:38 +02:00
79490f662e
Revert #3813 , implement differently
...
Fix #3830
2015-03-28 20:48:19 +01:00
c5cd184767
Revert 331425bcb3 as well, fixes #3612
2015-03-24 01:36:30 +00:00
6c35dd6b2d
Improved wording
...
All other verbs use are in the form of "doing something", ie Installing, Downloading. "connection" is the odd one out.
2015-03-23 19:36:16 +01:00
b80038804f
Fix env override regression, fixes #3820
2015-03-06 16:21:40 +00:00
3470cef1f1
Merge pull request #3818 from Hellov/master
...
Duplicate download progress
2015-03-05 14:44:34 +00:00
331425bcb3
Fix output of first line of progress when output is not decorated, refs #3818
2015-03-05 14:44:15 +00:00
ef0191ee6a
Duplicate download progress
2015-03-05 16:27:27 +03:00
c1edfbb65c
Add tests on GitLabDriver
...
Add an interactive prompt for gitlab token
Update doc for gitlab-domains
Add tests on GitLabDriver::supports
Update doc + CS
Optimize branch detection + fix typos
Fix test on GitLab support as it depends on SSL
Remove useless method + fix repository URL containing .git
2015-03-04 00:08:44 +01:00
802b57417a
Pass GitLab credential by HTTP header instead of query string to improve security
2015-03-04 00:08:42 +01:00
782c6303bc
Initial GitLab Driver
...
This is a proof of concept, and mostly done to gather feedback on the
structure of the driver and to see if this is something that Composer
should include in core.
Various review changes based on Stof comments.
* Remove cleanup() as it is implemented by the abstract class.
* Remove wrong comment in getReferences
* Implement getSource (as GitHubDriver does)
* Finish phpDocs for methods.
2015-03-04 00:08:30 +01:00
be22a87d9c
Run processes with predictable LANGUAGE=C
2015-03-03 13:10:41 +01:00
2eb69f120e
Move check to follow the previous code change
2015-02-25 19:30:51 +00:00
0c775e997e
Fallback to https directly if ssh proto is disabled on github private repos, fixes #2786
2015-02-25 18:47:31 +00:00
3d329622d7
overwrite -> overwriteError
2015-02-25 11:00:35 +01:00
cb336a5416
Implement writeError throughout Composer
2015-02-25 11:00:35 +01:00
a34335a9bb
github deprecation changes
...
- added some tests
- minor bug fixes discovered during testing
- resolved two deprecations (rate limit api and authorizations api)
- added some more comments to make the flow more understandable
2015-02-11 10:18:47 +01:00
19e24c5804
Merge branch 'master' into tls-config
...
Conflicts:
.travis.yml
doc/03-cli.md
src/Composer/Command/ConfigCommand.php
src/Composer/Command/CreateProjectCommand.php
src/Composer/Command/DiagnoseCommand.php
src/Composer/Command/InstallCommand.php
src/Composer/Command/RequireCommand.php
src/Composer/Command/SelfUpdateCommand.php
src/Composer/Command/ShowCommand.php
src/Composer/Command/UpdateCommand.php
src/Composer/Config.php
src/Composer/Downloader/FileDownloader.php
src/Composer/Factory.php
src/Composer/Repository/ComposerRepository.php
src/Composer/Repository/PearRepository.php
src/Composer/Repository/Vcs/VcsDriver.php
src/Composer/Util/GitHub.php
src/Composer/Util/RemoteFilesystem.php
2015-01-29 20:31:56 +00:00
296252330e
fix-token-retrying-itself
2015-01-19 17:28:27 +01:00
c9f666f60b
Also clean up DYLD_LIBRARY_PATH before running git, refs #2146
2015-01-11 23:09:41 +00:00
45089a6771
[Minor] remove the unused private variables
2014-12-28 00:45:27 +01:00
8dad846613
Add SNI settings for SSL URLs that are proxied, fixes #3204
2014-12-12 12:25:21 +00:00
4a6503fe36
Add suppor for https_proxy, fixes #3204
2014-12-11 17:42:55 +00:00
59648b12a4
Add HHVM support in UA header
2014-12-07 13:47:34 +00:00
94926218e8
CS fixes
2014-10-17 18:57:27 +01:00
e4d96750ee
Merge pull request #3164 from xelan/github-expose-hostname-setting
...
Option to disable inclusion of hostname in OAuth app name
2014-10-17 17:16:30 +01:00
be53c5dd2c
Merge pull request #3207 from cs278/handle-low-diskspace
...
Handle low diskspace errors
2014-10-17 17:12:31 +01:00
d093481ed5
Merge remote-tracking branch 'garoevans/intelligent-auth'
...
Conflicts:
src/Composer/Util/Git.php
2014-10-07 15:15:23 +01:00
6e4a21d700
Merge remote-tracking branch 'hakre/patch-2'
2014-10-07 14:10:29 +01:00
923191a489
Merge remote-tracking branch 'hakre/patch-1'
2014-10-07 13:45:32 +01:00
e61e62908e
Merge remote-tracking branch 'frederikbosch/patch-1'
2014-09-24 19:17:30 +01:00
91ac3e1426
Add support for unixy paths in git/hg local repo urls, closes #3294
2014-09-24 19:13:05 +01:00
d1d40502bf
ProcessExecutor::escape
2014-09-24 18:30:12 +02:00
7ae1430689
#3297 ProcessUtil class using ProcessUtil of Symfony Console
2014-09-24 17:18:15 +02:00
b279dda1c0
Merge branch 'master' of https://github.com/composer/composer
2014-09-24 13:23:49 +02:00
2c237fdfdf
Handle files in Filesystem::copyThenRemove, fixes #3287
2014-09-22 15:09:55 +01:00
204fc207fa
Moved config option to not save subversion credentials to repository configuration, added documentation.
2014-09-16 15:16:55 +02:00
b132e4eae0
Added cacheCredentials config flag for saved SVN credentials to control the --no-auth-cache flag
...
Example config:
{
"http-basic": {
"svn.example.com": {
"username": "user",
"password": "password",
"cacheCredentials": false
}
}
}
2014-09-11 11:48:24 +02:00
d79f2b0fd3
Adds warning when the version field is set, fixes composer/packagist#438
2014-09-10 16:11:05 +01:00
Jordi Boggiano