Jordi Boggiano
f8324e0524
Fix support for read-only caches where the filesystem is not writable ( fixes #10906 )
2022-07-01 11:50:26 +02:00
Jordi Boggiano
143e42269a
Update changelog
2022-07-01 11:43:12 +02:00
Jordi Boggiano
ac7a6e3326
Update docs, refs #10909
2022-07-01 11:35:50 +02:00
Andreas Schempp
424547bb70
Correctly merge boolean flag of allow-plugin config ( #10909 )
2022-07-01 11:08:35 +02:00
Jordi Boggiano
a5fdc00de1
Remove duplicate function in RootPackageInterface, fixes #10895
2022-06-23 13:39:39 +02:00
Marek Stipek
690ab5166a
Ignoring passed arguments for @putenv, closes #10846
2022-06-22 13:40:35 +02:00
Jordi Boggiano
5730c24c92
Rethrow path repo init failures with path information, closes #10845
2022-06-22 13:30:39 +02:00
Jordi Boggiano
5c68c2c86d
Fix case where branches cannot be listed in GitDownloader, fixes #10888
2022-06-22 08:50:55 +02:00
naveen
14476ec2a6
chore: Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-06-22 08:18:22 +02:00
Chris Reed
03fbcdbf07
Fix exported path with space in binary installer proxy ( #10836 )
2022-06-10 21:56:11 +02:00
Jordi Boggiano
ba2ce37cd9
Reverting release version changes
2022-06-06 16:32:51 +02:00
Jordi Boggiano
8c7a2d200b
Release 2.2.14
2022-06-06 16:32:50 +02:00
Jordi Boggiano
7cb994fade
Update changelog
2022-06-06 16:32:44 +02:00
Stephan Jorek
fbc85dede8
allow chained proxy-binary php-inclusions ( #10823 )
...
* allow chained proxy-binary php-inclusion by skipping redundant “phpvfscomposer” stream-wrapper registration
2022-06-06 16:14:54 +02:00
Jordi Boggiano
e3527ea37f
Detect broken symlinks when checking for a package's presence, fixes #6708
2022-06-06 15:22:49 +02:00
Jordi Boggiano
a76a1c9fc2
Fix parsing of multi-line arrays in funding yml, fixes #10784
2022-06-06 14:49:37 +02:00
Fabien Villepinte
1e9210f7b1
Fix TypeError when a JSON file can not be read ( #10818 )
2022-06-04 15:20:58 +02:00
Jordi Boggiano
15f7d24e7e
Parse openssl 3 versions cleaner
2022-06-02 21:17:44 +02:00
Jordi Boggiano
3ead6c0119
Backport schema fixes for gitlab-token, fixes #10800
2022-06-01 21:32:29 +02:00
Nicolas Hedger
70a7b592e9
Fix JSON schema regex pattern ( #10811 )
2022-06-01 21:23:07 +02:00
Matronator
313142c6cd
Escape forward slash in `properties.name`
2022-06-01 21:06:22 +02:00
Jan Tojnar
955194f896
docs: Fix inconsist semver operator suggestion ( #10810 )
...
Using caret over tilde is better since it behaves the same as in npm:
https://jubianchi.github.io/semver-check/#/constraint/~3.0
But when this change was introduced in https://github.com/composer/composer/pull/5396 ,
it was not complete.
2022-05-31 13:24:38 +02:00
Jordi Boggiano
5d353716d3
Reverting release version changes
2022-05-25 21:37:26 +02:00
Jordi Boggiano
de11c9819a
Release 2.2.13
2022-05-25 21:37:25 +02:00
Jordi Boggiano
86dcc7ac23
Update changelog
2022-05-25 21:36:44 +02:00
Jordi Boggiano
10d3895f18
Ensure that dotfiles can be excluded, fixes #8866
2022-05-24 22:14:17 +02:00
Jordi Boggiano
25542aca70
Update baseline
2022-05-24 21:26:37 +02:00
Jordi Boggiano
654ecc759a
Check that symlink function exists before using it in path repo, fixes #10786
2022-05-24 21:21:47 +02:00
Jordi Boggiano
d131be009d
Update deps
2022-05-24 14:46:47 +02:00
Jordi Boggiano
44a52e4157
Fix backtracking in name validation regex
2022-05-24 14:32:18 +02:00
John Stevenson
2837585e47
Fix cmd splitting paths on commas ( #10775 )
2022-05-12 21:13:55 +02:00
Jordi Boggiano
aeb204bb1d
Fix race condition where multiple http requests requiring auth end up failing, fixes #10763
2022-05-11 13:06:59 +02:00
Jordi Boggiano
1d0fa93495
Fix lock:false still outputting lock file changes
2022-05-11 09:42:13 +02:00
Nicolas Grekas
c27dca83ef
Fix deprecated syntax since PHP 8.2 ( #10766 )
2022-05-08 10:39:36 +02:00
Jordi Boggiano
1cdc43d9de
Merge pull request #10748 from glaubinix/f/gitlab-auth
...
GitLab: handle infinite loop during composer install
2022-04-29 12:07:01 +02:00
Stephan Vock
d40c3a89c0
GitLab: add warning in case GitLab authentication is misconfigured
2022-04-28 21:37:45 +01:00
Stephan Vock
89721ab322
GitLab: detect invalid token setup and attempt to automatically resolve the issue for the user
2022-04-28 21:17:05 +01:00
Stephan Vock
3b4a3d63bf
GitLab: prevent invalid loop during composer install with invalid credentials
2022-04-28 21:16:16 +01:00
Jordi Boggiano
20d11bfdfb
Display the stored channel when choosing a specific channel in self-update, fixes #10719
2022-04-14 11:25:44 +02:00
Jordi Boggiano
b0b364af19
E_TOO_MANY_BRANCHES
2022-04-13 17:24:39 +02:00
Jordi Boggiano
9a62ef7ff2
Add missing return type
2022-04-13 17:07:33 +02:00
Jordi Boggiano
699956867d
Reverting release version changes
2022-04-13 16:42:26 +02:00
Jordi Boggiano
ba61e768b4
Release 2.2.12
2022-04-13 16:42:25 +02:00
Jordi Boggiano
a1f9baa118
Fix 5.3/5.4 builds
2022-04-13 16:42:12 +02:00
Jordi Boggiano
2ba8758b30
Update changelog
2022-04-13 16:00:31 +02:00
Stephan
2c40c53637
Merge pull request from GHSA-x7cr-6qr6-2hh6
...
* GitDriver: filter branch names starting with a - character
* GitDriver: getFileContent prevent identifiers starting with a -
* HgDriver: prevent invalid identifiers and prevent file from running commands
* HgDriver: filter branches starting with a - character
2022-04-13 15:54:58 +02:00
Jordi Boggiano
915b97fc39
Fix docs
2022-04-13 15:22:18 +02:00
Jordi Boggiano
d64e32c991
Merge remote-tracking branch 'ktomk/patch-validate-no-check-lock' into 2.2
2022-04-13 15:21:36 +02:00
Jordi Boggiano
0a8dfe6ef7
Clarify that autoloader-suffix should be a non-empty-string, fixes #10720 ( #10725 )
2022-04-13 15:17:07 +02:00
Jordi Boggiano
bb0edce095
Fixed lock file being used when lock:false is in config, refs #10715 ( #10726 )
2022-04-13 14:52:13 +02:00