1
0
Fork 0
Commit Graph

2833 Commits (e0807d381ebc90f1d1570e7751700374d3dcbfc7)

Author SHA1 Message Date
theoboldalex 338bc16a11
test: Covers audit of pkg with no sec advisories (#11789) 2024-02-07 11:40:29 +01:00
Stephan 9a656854ad
ValidatingArrayLoader: fix link validation with missing name (#11830) 2024-02-06 17:18:41 +01:00
Jordi Boggiano 0f70c0a9c9
Add detection of constraints which do not match anything in validate command, fixes #11802 (#11829) 2024-02-06 12:57:52 +01:00
Jordi Boggiano 55db88f51b
Add error when composer show --direct <transient-dependency> is used to show a dependency which is not direct, fixes #11728 2024-01-11 09:53:00 +01:00
Jordi Boggiano 284821543a
Merge branch '2.6' 2024-01-08 16:10:20 +01:00
Sam L 44f02a5c86
Add COMPOSER_FUND=0 env var to disable calls for funding (#11779) 2024-01-08 15:10:49 +01:00
Jordi Boggiano be71bf056e
Fix support for versions with 4 components in VersionSelector, fixes #11716 2024-01-08 14:56:08 +01:00
Jordi Boggiano 071fbcf347
Fix warnings incorrectly being shown when using require with upper bound ignored on platform requirements, fixes #11722 (#11786) 2024-01-08 14:48:24 +01:00
Jordi Boggiano 534bc20beb
Add support for combining show --self with --installed or --locked (#11785) 2024-01-08 14:14:44 +01:00
theoboldalex 3be0ca8467
Adds a test for invalid arg combo (#11783) 2024-01-08 11:03:34 +01:00
Jordi Boggiano 53a1f32061
Add --sort-by-age to show/outdated commands, and also release date for latest package in --latest mode (#11762) 2023-12-20 15:37:27 +01:00
Stephan 86cd364901
Audit: add severity to plain and table output (#11702) 2023-12-19 19:11:50 +01:00
Jordi Boggiano 9b0f9b40a4
Show package source in very verbose updates, fixes #11733 (#11763) 2023-12-19 17:17:48 +01:00
Jordi Boggiano 4a209b7d3d
Fix bump command not bumping versions with a v prefix e.g. ^v2.4, fixes #11723 (#11764) 2023-12-19 17:17:32 +01:00
theoboldalex aaff0ae4df
Adds a test for UpdateCommand (#11724)
* test: Interactive mode should throw if no package

* PHPStan fix. Missing return type on test method
2023-12-08 18:26:05 +01:00
Travis Carden aefa46dfba
Add support for "scripts-aliases" in composer.json (#11666) 2023-10-27 11:36:59 +02:00
Jordi Boggiano cc653161c3
Merge branch '2.6' 2023-10-26 11:39:41 +02:00
Dan Wallis 8c0f1e10dc
Display error instead of throwing exception when unable to update with temporary constraint (#11692) 2023-10-26 11:38:02 +02:00
Dan Wallis 81b662d388
Suggest running 'require' not 'update' if a root req fails to update (#11691) 2023-10-26 11:08:03 +02:00
Jordi Boggiano 899dcedf66
Add --minimal-changes mode to perform partial updates --with-dependencies while changing only what is necessary in other dependencies (#11665) 2023-10-26 10:25:04 +02:00
Dan Wallis 7a09e05560
Bump wildcard constraints to >=current (#11694) 2023-10-25 18:04:52 +02:00
Dan Wallis c827c93b62
Use global constant if available for libpq version (#11684) 2023-10-11 14:19:31 +02:00
Jesper Skytte Marcussen 9a407b5ad3
10796 Increase coverage of ShowCommand (#11677)
* Added more tests for ShowCommand class

By doing so, my local setup shows increase in coverage from some 38% to
67%.

* PHP-CS-Fixer

* PHPStan fixes
2023-10-11 13:43:30 +02:00
Jordi Boggiano cb363b0e84
Fix autoload generator dump() non-BC signature change in 2.6.4 2023-10-06 09:34:10 +02:00
Pol Dellaiera b608b8e87e
feat: improve Composer's output reproducibility (#11663)
* AutoloadGenerator: add `Locker` parameter to the `dump` method
* AutoloadGenerator: do not create a random hash, re-use the one from the lock file if it exists
* FileSystem: make sure `safeCopy` copy also the file time metadata
2023-09-28 11:43:52 +02:00
Jordi Boggiano 892eaacedf
Optimize show -a by loading only the requested package (#11659)
Fixes #11648
2023-09-27 11:28:33 +02:00
Dezső BICZÓ 755de04bf5
Fix abandoned package list JSON serialization (#11647)
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-26 14:23:45 +02:00
Alex Theobold 218b9041c9
Test status command (#11522) 2023-09-14 11:45:18 +02:00
Jordi Boggiano e3484c8581
Add audit.abandoned warnings for abandoned packages, fixes #11623 (#11639) 2023-09-14 11:30:09 +02:00
wgevaert e2f5afd4cd
Add warning when duplicate "files" autoload rules are detected (#11109)
Co-authored-by: Wout Gevaert <wout@wikibase.nl>
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-13 14:11:00 +02:00
Yanick Witschi 5474dc9b5b
Fixed replaced packages being incorrectly missing when unlocked by an old version (#11629)
Co-authored-by: Nils Adermann <naderman@naderman.de>
2023-09-13 10:42:47 +02:00
Jordi Boggiano 7a7f364184
Fix bitbucket redirect URLs failing old PHP builds which do not support long headers
51e2015af3
2023-09-12 11:28:26 +02:00
Jordi Boggiano 755e89fc91
Fix loading of root aliases on path repo packages when doing partial updates, fixes #11630 (#11632) 2023-09-11 17:45:19 +02:00
Michael Voříšek 40244dc228
Revert "Set $_SERVER['SCRIPT_NAME'] within proxy command (#11562)" (#11617)
This reverts commit 9c25633d6d.
2023-09-03 13:39:48 +02:00
Dezső BICZÓ 0ab4dfba7c
Change audit.ignore behavior before 2.6.0 (#11605)
* Still report ignored security advisories

Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-01 10:04:31 +02:00
Damien Carrier e0abc40ded
Add test for `ArchiveCommand` with package name (#11551)
* test(ArchiveCommand): Add test for ArchiveCommand with package name

* fix : using explicit variable name for eventDispatcher Mock

---------

Co-authored-by: Damien Carrier <damien.carrier@alximy.io>
2023-08-31 13:46:43 +02:00
ಠ_ಠ 1a2bd38764
allow bumping for patch level version constraints fixes #11579 (#11590) 2023-08-31 11:05:49 +02:00
Martin Herndl 6fd145f01e
Allow --strict-psr in `DumpAutoloadCommand` also with --classmap-authoritative (#11607) 2023-08-30 21:43:16 +02:00
Martin Herndl 02e4a2d1a3
Add test case for `DumpAutoloadCommand` with failing --strict-psr check (#11606) 2023-08-30 21:42:45 +02:00
Martin Herndl 879524d8e3
Add tests for DumpAutoloadCommand (#11581) 2023-08-30 16:09:05 +02:00
Juliette 5af6151493
PHP 8.3 | ComposerRepositoryTest: fix test failure (#11602)
Prior to PHP 8.3, ReflectionMethod could set a private method on a parent class to accessible. This is no longer possible in PHP 8.3 since php/php-src 9470 and breaks the Composer\Test\Repository\ComposerRepositoryTest::testWhatProvides test.
Also see: https://3v4l.org/8YcIk/rfc#vgit.master

Fixed now.

Co-authored-by: jrfnl <jrfnl@users.noreply.github.com>
Co-authored-by: Christophe Coevoet <stof@notk.org>
2023-08-30 11:43:12 +02:00
Juliette 512690dba4
PHP 8.3 | Tests: fix deprecation notices (#11599)
* PHP 8.3 | ZipDownloaderTest: fix deprecation notice

Calling `ReflectionProperty::setValue()` with only one argument (to set a static property) is deprecated.
Passing `null` as the first (`$object`) parameter will work cross-version.

As the `ZipDownloaderTest::setPrivateProperty()` method has a `null` default value for the `$obj` parameter anyway, this means the if/else toggle can be removed.

Ref: https://wiki.php.net/rfc/deprecate_functions_with_overloaded_signatures#reflectionpropertysetvalue

* PHP 8.3 | InstalledVersionsTest: fix deprecation notice

Calling `ReflectionProperty::setValue()` with only one argument (to set a static property) is deprecated.
Passing `null` as the first (`$object`) parameter will work cross-version.

Ref: https://wiki.php.net/rfc/deprecate_functions_with_overloaded_signatures#reflectionpropertysetvalue

---------

Co-authored-by: jrfnl <jrfnl@users.noreply.github.com>
2023-08-30 11:42:33 +02:00
Stephan 5062338079
Audit: ignores configured repository options (#11173)
* Audit: ignores configured repository options

* ComposerRepository: add test case to assert that repo http options are used to make security advisory POST request
2023-08-29 15:16:34 +02:00
Rober Díaz 4137bf38ad
Tests for base dependency command (#11547)
* add a test case for "not provided a required parameter"

* add a test cases for "not provided locked file"

* cleanup for case provider

* add a test case for "package existence"

* add a test case for "warning when dependencies are not installed"

* fix the test case for "warning when dependencies are not installed"

* add a test case for "package was not found in the project"

* add a test cases for `why-not` command

- also they were fixed docblocks

* add a test cases for `why` command

* versions were added to dependency objects

* it was avoided HEREDOC due it seems to be failing in PHP 7.2

* it was avoided mismatches due different platforms EOL

* it was used full output instead of an array of messages (to avoid EOL isues)

* it increased code coverage to 97%

* All test case docblocks were corrected according to CR feedback

* ensure that `why-not` should say that an installed package requires an incompatible version of the inspected package
2023-08-29 15:06:19 +02:00
Dan Wallis 9c25633d6d
Set $_SERVER['SCRIPT_NAME'] within proxy command (#11562) 2023-08-02 11:55:24 +02:00
Jordi Boggiano f4738d97b7
Add support for Application::setCatchErrors in symfony 6.4+, refs symfony/symfony#50420 2023-07-28 19:33:33 +02:00
Jordi Boggiano 0cdabcc4ee
Add audit.ignored config setting to ignore security advisories by id or CVE id, fixes #11298 (#11556) 2023-07-21 14:36:38 +02:00
Dan Wallis 7f78decad7
Fix PHPStan after running autoloader tests (#11558) 2023-07-21 14:34:59 +02:00
David Zülke 3e9c148b63
Fix trailing whitespace in 'composer show -N' (#11536)
The name column was always padded to maximum width, even if no other columns were printed.

This makes it difficult to use the output e.g. in pipelines.

Fixed for all possible columns, and with tests for two cases (regular show and show outdated).
2023-07-21 11:29:38 +02:00
David Zülke 07f706e57d
Fix 'composer show --platform <package>' erroring if no composer.json is present (#11533)
Sort of related to #11046 (although this is not a regression, but didn't work before, either)
2023-07-21 11:28:36 +02:00