e823f24940
Match default choice to actual default ( #11010 )
...
The 'Y' is capital, so Yes should be the default choice and is what most people would want, but No was the default.
2022-08-20 09:45:34 +02:00
2152b20a94
Correct prohibits/why-not example command ( #10994 )
...
Running the example command `composer prohibits php:8` returns an error, "Not enough arguments (missing: "version")."
2022-08-16 11:45:35 +02:00
104bf0d75d
Handle 404s gracefully when loading providers in ComposerRepo, fixes #10974
2022-08-16 11:44:21 +02:00
f2141dd3ea
Fix tests from #10985
2022-08-16 11:25:15 +02:00
598c1c7573
Fix phpstan error
2022-08-16 11:19:20 +02:00
6457a88aa1
Fix COMPOSER_NO_DEV to work with --update-no-dev for require/remove commands as well, refs #10995
2022-08-16 11:15:52 +02:00
1f0bd51f55
GitHubDriver: stricter URL validation to avoid issues with undefined index owner ( #10985 )
2022-08-16 11:08:03 +02:00
b0674c421a
Update ca-bundle
2022-07-21 11:14:47 +02:00
9d90bc649d
Fix tests
2022-07-20 22:53:57 +02:00
623f903d62
Add support for +meta in hg version number, fixes #10955
2022-07-20 22:47:27 +02:00
8d5bdaf443
Fixes #10938 : Do not display duplicate ignore extension hints
2022-07-17 13:02:12 +02:00
740af2bdb1
Add warning if constraint appears too narrow, refs #10943
2022-07-17 10:29:56 +02:00
93eb19e756
For custom composer.json paths the default cwd should be that files directory, fixes ergebnis/composer-normalize#865, refs #10935
2022-07-17 10:22:07 +02:00
c5ff1e1fc6
Reverting release version changes
2022-07-13 15:27:38 +02:00
a8ab5070fb
Release 2.2.17
2022-07-13 15:27:38 +02:00
5cb24aaa81
Update changelog
2022-07-13 15:27:29 +02:00
b195f383f2
Always clone root package before adding it to a RootPackageRepo to avoid issues with plugins, fixes #10940
2022-07-13 15:10:15 +02:00
336a0d20c6
Add hint in create-project when it fails due to a missing allow-plugins in project, refs #10928
2022-07-13 14:38:54 +02:00
0e59fbb46e
Fix #10935 in a more generic way which fixes the issue for all Factory::create usages
2022-07-13 14:13:02 +02:00
37a788932d
Fix phpdoc issue
2022-07-13 13:35:03 +02:00
55fe12bd65
Allow disabling only local or global plugins internally to fix #10935 without side-effects
2022-07-13 13:23:27 +02:00
a481dfce3f
Fix disk_free_space being called even when not available, fixes #10936
2022-07-13 10:35:32 +02:00
f600ea46c7
Fix syntax error
2022-07-13 10:09:33 +02:00
32a7ceac2f
Improve exception message when a package cannot be added in another repo, refs #10940
2022-07-13 10:06:00 +02:00
75ef4903ef
Ensure plugins from CWD/vendor do not get loaded when running create-project, fixes #10935
2022-07-12 16:25:12 +02:00
8323e85bc8
Fix allow-plugins check to not check plugins which are anyway incompatible with the current Composer version, refs #10928
2022-07-12 13:24:21 +02:00
dcd7f2180d
Avoid checking for allowed plugins if plugins are disabled entirely, fixes #10925
2022-07-05 22:20:33 +02:00
2759d8b545
Reverting release version changes
2022-07-05 16:50:29 +02:00
8c0ee53ff6
Release 2.2.16
2022-07-05 16:50:29 +02:00
8b7ea8deb6
Update changelog
2022-07-05 16:50:25 +02:00
3ebd66b851
Fix deprecation notice ( #10921 )
...
Deprecation Notice: trim(): Passing null to parameter #1 ($string) of type string is deprecated in phar:///usr/bin/composer/src/Composer/Util/GitHub.php:103
2022-07-05 15:51:07 +02:00
92e1c26c3b
Disallow plugins by throwing an exception if non-interactive to avoid half-broken runtime states ( #10920 )
...
* Disallow plugins by throwing an exception if non-interactive to avoid half-broken runtime states, fixes #10912
* Also allow BC mode for lock files older than 2.2.0 to keep plugins working there
* Allow locker to be accessed by plugin manager at init time
* Update allow-plugins docs
Co-authored-by: Damien Tournoud <damien@platform.sh>
Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
2022-07-05 15:44:30 +02:00
f14b02b9c9
Reverting release version changes
2022-07-01 12:01:26 +02:00
509dcbd4f8
Release 2.2.15
2022-07-01 12:01:26 +02:00
c3bb27960b
Fix other issues with readonly caches, refs #10906
2022-07-01 11:55:43 +02:00
f8324e0524
Fix support for read-only caches where the filesystem is not writable ( fixes #10906 )
2022-07-01 11:50:26 +02:00
143e42269a
Update changelog
2022-07-01 11:43:12 +02:00
ac7a6e3326
Update docs, refs #10909
2022-07-01 11:35:50 +02:00
424547bb70
Correctly merge boolean flag of allow-plugin config ( #10909 )
2022-07-01 11:08:35 +02:00
a5fdc00de1
Remove duplicate function in RootPackageInterface, fixes #10895
2022-06-23 13:39:39 +02:00
690ab5166a
Ignoring passed arguments for @putenv, closes #10846
2022-06-22 13:40:35 +02:00
5730c24c92
Rethrow path repo init failures with path information, closes #10845
2022-06-22 13:30:39 +02:00
5c68c2c86d
Fix case where branches cannot be listed in GitDownloader, fixes #10888
2022-06-22 08:50:55 +02:00
14476ec2a6
chore: Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-06-22 08:18:22 +02:00
03fbcdbf07
Fix exported path with space in binary installer proxy ( #10836 )
2022-06-10 21:56:11 +02:00
ba2ce37cd9
Reverting release version changes
2022-06-06 16:32:51 +02:00
8c7a2d200b
Release 2.2.14
2022-06-06 16:32:50 +02:00
7cb994fade
Update changelog
2022-06-06 16:32:44 +02:00
fbc85dede8
allow chained proxy-binary php-inclusions ( #10823 )
...
* allow chained proxy-binary php-inclusion by skipping redundant “phpvfscomposer” stream-wrapper registration
2022-06-06 16:14:54 +02:00
e3527ea37f
Detect broken symlinks when checking for a package's presence, fixes #6708
2022-06-06 15:22:49 +02:00
Yehuda Katz