1
0
Fork 0
Commit Graph

9941 Commits (de0085767c3e16a1cae217a3d4ac076fd257f1d6)

Author SHA1 Message Date
Jordi Boggiano 199696d120
Fix undefined method call 2020-09-07 11:42:24 +02:00
Jordi Boggiano 070530534d
Merge pull request #9176 from glaubinix/t/remote-file-system-response-decode
Composer2 RemoteFileSystem: response decode for TransportException
2020-09-04 13:13:51 +02:00
Stephan 32a0563443 RemoteFileSystem: catch decode errors for content length mismatch 2020-09-04 11:33:36 +01:00
Jordi Boggiano fc462ab978
Merge branch '1.10' 2020-09-04 12:18:24 +02:00
Jordi Boggiano 960413da3a
Merge pull request #9183 from derrabus/bugfix/numeric-user-func-array
Call call_user_func_array() with a numeric arguments array
2020-09-04 12:17:43 +02:00
Jordi Boggiano b159e4da7e
Merge pull request #9172 from Toflar/platform-repo-cleanup
Consistently reuse new PlatformRepository::isPlatformPackage()
2020-09-04 12:16:55 +02:00
Alexander M. Turek fc961dce70 Call call_user_func_array() with a numeric arguments array. 2020-09-03 23:26:09 +02:00
Samuel Ryan a66db48673
Ask for target directory when using `create-project` 2020-09-03 17:40:09 +01:00
Simon Berger 687f886d56 Moved duplicated table render code to a new method in BaseCommand 2020-09-03 15:56:04 +02:00
Simon Berger 9516d0dc98 Re-Fetch cached packages only once in a run 2020-09-03 08:18:07 +02:00
Stephan 3b2d91975e RemoteFileSystem: response decode for TransportException 2020-09-02 16:55:37 +01:00
Jordi Boggiano 86ff43d8b9
Merge pull request #9174 from IvanZugec/patch-1
Capitalised the word "But" in point 3.
2020-09-02 08:54:15 +02:00
Ivan Zugec 2b4e9742c4
capitalised the word "But" in point 3.
Just capitalised the word `But`.
2020-09-02 12:32:49 +10:00
Yanick Witschi bd6f62c535 Consistently reuse the new PlatformRepository::isPlatformPackage() method 2020-09-01 17:19:19 +02:00
Nils Adermann 4ac9f44571 Clear up PoolBuilder comment after code move 2020-09-01 16:57:24 +02:00
Jordi Boggiano 3e56ec2881
Merge pull request #9170 from glaubinix/f/composer-repository-withou-sha1-include
ComposerRepository: avoid notice if includes do not provide a sha1
2020-09-01 16:57:16 +02:00
Stephan 773635e355 ComposerRepository: avoid notice if includes do not provide a sha1 2020-09-01 12:21:36 +01:00
Nils Adermann 046c54fdb8
Merge pull request #8850 from Toflar/filter-packages
Filter dependent packages early
2020-09-01 12:33:16 +02:00
Nils Adermann 7b990f3767 PoolBuilder: Move merging of constaints to be loaded into relevant section 2020-09-01 12:28:22 +02:00
Nils Adermann b2670945bd PoolBuilder: clear up comment, matching and identity are different for constraints 2020-09-01 12:23:51 +02:00
Nils Adermann 976fcd2eb4 PoolBuilderTest: Add case for multiple repositories and partial update with replace 2020-09-01 12:07:12 +02:00
Nils Adermann 6c4ed247dd Add a pool builder test for replaces across multiple repos 2020-08-31 16:00:49 +02:00
username fc87caf639 Provide correct parameter data type 2020-08-29 21:21:15 +02:00
username 113adbcd87 Sort conditions by cost 2020-08-29 21:20:30 +02:00
username 98462292c0 Sort conditions by cost 2020-08-29 21:19:52 +02:00
username abedc0dc42 Sort conditions by cost 2020-08-29 21:19:20 +02:00
username 17ae93bc9c Remove unnecessary method call 2020-08-29 21:18:31 +02:00
username 18009af023 Inline variable 2020-08-29 21:16:58 +02:00
username e719be501e Remove unnecessary method call 2020-08-29 21:15:52 +02:00
username 459e2473c8 Remove unused variable 2020-08-29 21:15:15 +02:00
username 3f09ae0737 Simplify duplicate case 2020-08-29 21:13:54 +02:00
username 46cc387598 Split workflows 2020-08-29 21:12:07 +02:00
Nils Adermann 1385412748 Merge branch 'master' into filter-packages
* master:
  Add tests for edge cases of packages providing names which exist as real packages
  Add another test verifying that a package may provide an incompatible version of sth that actually exists
  Fix provider coexistence test, needs another requirement to install both
  Fix test filename to end with .test extension so it gets run
  Update config section to note required scope for GitLab tokens
  Fix pre/post-package-install/update/uninstall events receiving a partial list of operations, fixes #9079
  Also remove credentials from cache dirs in git/svn drivers, fixes #7439, refs #9155
  AuthHelper: Allow fall-through GitLab-specific HTTP headers for auth
  Sanitize repo URLs to mask HTTP auth passwords from cache directory
  Util/Zip: fix strpos args order
2020-08-28 14:52:58 +02:00
Nils Adermann 43093d0eeb Add tests for edge cases of packages providing names which exist as real packages 2020-08-28 14:50:28 +02:00
Yanick Witschi a1e1cd8fa4 Do not trigger Intervals::isSubsetOf() over and over again for platform packages 2020-08-28 14:34:50 +02:00
Nils Adermann 140665eadd Add another test verifying that a package may provide an incompatible version of sth that actually exists 2020-08-28 13:40:44 +02:00
Nils Adermann 85950f8e9a Fix provider coexistence test, needs another requirement to install both 2020-08-28 13:40:44 +02:00
Nils Adermann cf8ff2a75d Fix test filename to end with .test extension so it gets run 2020-08-28 13:40:44 +02:00
Nils Adermann c9201b8e40 PoolBuilderTest: Allow setting filter options for repositories 2020-08-28 13:07:11 +02:00
Nils Adermann fcb9ef4899 Allow defining multiple reppos in pool builder tests 2020-08-28 12:15:19 +02:00
Jordi Boggiano bfc695e67c
Merge pull request #9161 from bradjones1/patch-1
Update config section to note required scope for GitLab tokens
2020-08-28 11:55:42 +02:00
Brad Jones 706125fbbf
Update config section to note required scope for GitLab tokens 2020-08-27 20:05:04 -10:00
Jordi Boggiano f18d91bd58
Fix pre/post-package-install/update/uninstall events receiving a partial list of operations, fixes #9079 2020-08-27 11:25:43 +02:00
Jordi Boggiano c3db4614c9
Also remove credentials from cache dirs in git/svn drivers, fixes #7439, refs #9155 2020-08-27 10:19:23 +02:00
Jordi Boggiano 98862f5408
Merge pull request #9155 from Ayesh/hide-passwords-cache
Sanitize repo URLs to mask HTTP auth passwords from cache directory
2020-08-27 10:12:56 +02:00
Jordi Boggiano 9e77514764
Merge pull request #9156 from Ayesh/gitlab-repos
AuthHelper: Allow fall-through GitLab-specific HTTP headers for auth
2020-08-27 10:06:28 +02:00
Ayesh Karunaratne 931a1ff1f8
AuthHelper: Allow fall-through GitLab-specific HTTP headers for auth
Previously, `AuthHelper` consumed the authentication credentials for GitLab domains and added access tokens as GitLab-specific headers.
[Composer repositories now supported in GitLab](https://php.watch/articles/composer-gitlab-repositories) require standard Authorization headers with a personal access to function, which failed to work due to out GitLab-specific headers.

With this commit, AuthHelper checks if the password is an access token, and falls through to HTTP basic authentication even if the domain name is a GitLab domain name.
2020-08-27 12:13:28 +07:00
Jordi Boggiano 42920e01d4
Merge pull request #9154 from quasilyte/patch-1
Util/Zip: fix strpos args order
2020-08-26 20:15:00 +02:00
Ayesh Karunaratne 87573aab27
Sanitize repo URLs to mask HTTP auth passwords from cache directory
When a Composer repository is cached, a directory name is generated created stored package meta information fetched from that repository.
The cache directory can contain HTTP basic auth tokens, or access_token query parameters that end up in the directory name of the cache directory.

Discovered when trying out [GitLab composer repository feature](https://php.watch/articles/composer-gitlab-repositories), and the HTTP password was visible in a `composer update -vvv` command.

Using passwords/tokens in the URL is fundamentally a bad idea, but Composer already has `\Composer\Util\Url::sanitize()` that tries to mitigate such cases, and this same function is applied to the repo URL before deciding the name of the repo cache directory.
2020-08-26 23:01:00 +07:00
Iskander (Alex) Sharipov dc1fd92b9b
Util/Zip: fix strpos args order
`strpos()` first argument is a haystack, not a needle.

`strpos('x', $s)` is identical to `$s === 'x'` which is probably not what we want here.
2020-08-26 17:23:10 +03:00