efe6e44883
Perform audit on Composer and its dependencies during diagnose, fixes #11216 ( #11761 )
2024-01-04 10:55:59 +01:00
53a1f32061
Add --sort-by-age to show/outdated commands, and also release date for latest package in --latest mode ( #11762 )
2023-12-20 15:37:27 +01:00
c8f1028ef9
Fix minor error msg issue
2023-12-20 15:16:12 +01:00
3cfd9bf51b
Ensure composer.json gets deleted after a dry run require, fixes #11747
2023-12-19 15:51:39 +01:00
e0f75276a2
Switch default audit.abandoned to fail for 2.7 release
2023-12-18 15:02:10 +01:00
aefa46dfba
Add support for "scripts-aliases" in composer.json ( #11666 )
2023-10-27 11:36:59 +02:00
cc653161c3
Merge branch '2.6'
2023-10-26 11:39:41 +02:00
8c0f1e10dc
Display error instead of throwing exception when unable to update with temporary constraint ( #11692 )
2023-10-26 11:38:02 +02:00
81b662d388
Suggest running 'require' not 'update' if a root req fails to update ( #11691 )
2023-10-26 11:08:03 +02:00
899dcedf66
Add --minimal-changes mode to perform partial updates --with-dependencies while changing only what is necessary in other dependencies ( #11665 )
2023-10-26 10:25:04 +02:00
c66894278c
Bump dev version to 2.7, fix issues with symfony 7
2023-10-25 17:13:36 +02:00
cb363b0e84
Fix autoload generator dump() non-BC signature change in 2.6.4
2023-10-06 09:34:10 +02:00
b608b8e87e
feat: improve Composer's output reproducibility ( #11663 )
...
* AutoloadGenerator: add `Locker` parameter to the `dump` method
* AutoloadGenerator: do not create a random hash, re-use the one from the lock file if it exists
* FileSystem: make sure `safeCopy` copy also the file time metadata
2023-09-28 11:43:52 +02:00
e3484c8581
Add audit.abandoned warnings for abandoned packages, fixes #11623 ( #11639 )
2023-09-14 11:30:09 +02:00
98a588eb90
Avoid COMPOSER env being set if not necessary as it can cause issues with scripts, fixes #11613 , refs #11493
2023-09-03 11:13:54 +02:00
90cbb144b2
Fix exit code 5 on composer require/create-project command ( #11616 )
2023-09-03 10:54:07 +02:00
7dc5666f33
Avoid failing the require command if the audit step failed
2023-09-01 10:05:13 +02:00
0ab4dfba7c
Change audit.ignore behavior before 2.6.0 ( #11605 )
...
* Still report ignored security advisories
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2023-09-01 10:04:31 +02:00
1c4ac1c437
Add `dumpautoload --dry-run` option ( #11608 )
2023-08-31 10:35:02 +02:00
6fd145f01e
Allow --strict-psr in `DumpAutoloadCommand` also with --classmap-authoritative ( #11607 )
2023-08-30 21:43:16 +02:00
db53c65986
COMPOSER_DISABLE_NETWORK aware `diagnose` checks; SKIP output ( #11597 )
...
Make `diagnose` checks aware of COMPOSER_DISABLE_NETWORK (true) and skip
Composer network operations that would otherwise spill stack traces into
diagnostic messages and taint the result as error while the check itself
is not applicable/useful within the environment.
`COMPOSER_DISABLE_NETWORK` was released with [2.0.0-alpha1] and intro-
duced in fc03ab9bbhttps://getcomposer.org/changelog/2.0.0-alpha1 > "released 2020-06-03"
2023-08-30 21:35:59 +02:00
0cdabcc4ee
Add audit.ignored config setting to ignore security advisories by id or CVE id, fixes #11298 ( #11556 )
2023-07-21 14:36:38 +02:00
3e9c148b63
Fix trailing whitespace in 'composer show -N' ( #11536 )
...
The name column was always padded to maximum width, even if no other columns were printed.
This makes it difficult to use the output e.g. in pipelines.
Fixed for all possible columns, and with tests for two cases (regular show and show outdated).
2023-07-21 11:29:38 +02:00
07f706e57d
Fix 'composer show --platform <package>' erroring if no composer.json is present ( #11533 )
...
Sort of related to #11046 (although this is not a regression, but didn't work before, either)
2023-07-21 11:28:36 +02:00
82bc8cf94e
Update deps
2023-07-19 14:57:22 +02:00
16d1b11c26
Add homepage links in why/why-not commands ( #11308 )
2023-07-19 11:28:17 +02:00
1db0a47080
Add prompt to require command if a package name is not found but there are similar names that could be used ( #11284 )
...
fixes #11279
2023-06-23 11:15:03 +02:00
ebd0a60411
Force CreateProjectCommand to use the installed composer.json ( #11493 )
2023-06-07 12:44:50 +02:00
24361ae654
Merge branch '2.5'
2023-05-23 16:25:24 +02:00
3a48e39375
Return null for install path for metapackages instead of an empty path which then resolves to the root package's path ( #11455 )
...
Fixes #11389
2023-05-14 13:46:46 +02:00
cbb7319963
Merge branch '2.5'
2023-05-05 14:16:14 +02:00
2d2d22d0ec
Fix lock file being more recent than vendor dir when require guesses the constraint after resolution, fixes #11405
2023-05-05 14:15:27 +02:00
776ff2ea51
Merge branch '2.5'
2023-03-21 11:53:54 +01:00
8b0a185d5d
Fixed display of empty objects showing [] instead of {} in config command, fixes #11302
2023-03-21 11:17:55 +01:00
91b7b0ff3b
Fixed querying of default config values, and fix source display for them, and fix bools to show as bools, fixes #11302
2023-03-21 11:07:57 +01:00
5f298ae294
Merge branch '2.5'
2023-03-21 10:45:40 +01:00
5c3d8f35db
Update deps, fix phpstan issues, update baseline (1711, 49)
2023-03-21 10:36:42 +01:00
1a3f98601f
Merge branch '2.5'
2023-03-15 22:56:15 +01:00
d1ab1255b5
Add rm alias to composer remove command ( #11367 )
...
* rm alias
* review
2023-03-10 22:27:20 +01:00
efc105eac1
Add proxy value to bin-compat validator ( #11353 )
...
Fix #11352
2023-02-27 16:02:50 +01:00
1ff942bb44
Fix type errors in key updating logic
2023-02-24 17:41:47 +01:00
f6f972a699
Fix require regression with --fixed, fixes #11247
2023-01-19 21:42:22 +01:00
0d96fd8149
Warn when require ends up auto-selecting a feature branch, fixes #11264 ( #11270 )
2023-01-19 21:42:09 +01:00
7560873740
Added tests for the Remove command
2023-01-06 12:38:47 +11:00
da611e089a
Docs: fix documention deep links ( #11233 )
...
* Docs: Fixed the deep links to the documentation website.
Search scope: `src/Composer/Command`.
* Docs: Fixed the deep links to the documentation website.
2022-12-21 09:32:50 +01:00
5e6ccae116
Improve version selection in archive command, fixes #4794 ( #11230 )
2022-12-18 00:02:43 +01:00
6d1b36be3b
Check missing-from-lock-file required packages when running install and fail when there are any ( #11195 )
2022-12-16 16:48:24 +01:00
bd6a5019b3
Update to composer/pcre 2.1 ( #11189 )
2022-11-17 11:34:54 +01:00
6c85b875f2
Update to PHPStan 1.9
2022-11-03 21:53:42 +01:00
7c1aa8e0ef
Fix regression in run-script/exec commands prompting when used with --list
2022-11-03 13:37:00 +01:00
Jordi Boggiano