* github-composer/2.0: (63 commits)
Fix PSR warnings for optimized autoloader, refs #8397, refs #8403
Prepare 1.9.1 changelog
Output a hint that maybe you are not in the right directory, fixes#8404
Fix PSR warnings for optimized autoloader, refs #8397, refs #8403
Fix tests for PSR-fix in optimized autoloader, refs #8397
Fix tests for PSR-fix in optimized autoloader, refs #8397
Change PSR-fix for optimized autoloader to only warn for now, refs #8397
Fix output of dump-autoload command to avoid interfering with warnings, refs #8397
Remove credentials from git remotes in cache and vendor dirs
Avoid overwriting credentials with existing ones from git repos, refs #8293
Fix github auth to try https with pwd also, fixes#8356
Fix gitlab support for basic-auth fallback from ssh URLs
Avoid clearing the error output during removeDirectory execution, losing git error output, fixes#8351
Move test file parsing into try/catch block to avoid phpunit swallowing errors
make optimized autoloader respect PSR standards
Validate composer show with --tree and --path options set (#8390)
Don't show root warning for docker containers
Added phpdoc for ComposerAutoloaderInit$SHA1::getLoader() (#8393)
Validate schema name, type and version
Fix require command to allow working on network mounts, fixes#8231
...
The pool builder tries to be minimal so it's fine for present/locked
packages not be assigned a solver/pool id. Adding a test to verify
correct creation of uninstall jobs
These special commands no longer (ab)use the partial update mechanism
but rather create a special install request for all current lock file
contents and later override any modified code references to the
originals. This leads to up to date remote metadata but no other
changes.
Particularly the test
tests/Composer/Test/Fixtures/installer/partial-update-downgrades-non-whitelisted-unstable.test
is interesting because it verifies that an older version will be
installed on update if the new one is only present in the installed repo
or vendor dir. This was the cause of a lot of weird edge cases and
unreliable update behavior in Composer v1
As a result some lock file packages are no longer in the pool, so the
former installed map, now present map cannot use package ids anymore
Need to revisit some more code later to simplify this, todo notes left
Ensures packages get loaded from locked repo correctly. We may not want
to support this particular use-case at all, but for now it fixes the
existing test, so we may want to revisit this later.
New approach is to use only the solved set of packages as input and then
to resolve with only the non-dev requirements and to mark everything as
dev that is not part of the result set, rather than transitioning a
temporary local repo state by uninstalling dev packages.
* github-composer/2.0: (48 commits)
Fix missing use/undefined var
Split up steps on VCS downloaders to allow doing network operations before touching the filesystem on GitDownloader, fixes#7903
Fix use statement
Deduplicate findHeaderValue code
Add install-path to the installed.json for every package, fixes#2174, closes#2424
Remove unnecessary config from phpstan
Make sure the directory exists and will not block installation later when downloading
Avoid wiping the whole target package if download of the new one fails, refs #7929
Only empty dir before actually installing packages, fixes#7929
Improve output when installing packages
Show best possible version in diagnose command
Remove extra arg
Allow path repos to point to their own source dir as install target, resulting in noop, fixes#8254
Fix use of decodeJson
Fix update mirrors to also update transport-options, fixes#7672
Fix updating or URLs to include dist type and shasum, fixes#8216
Fix origin computation
Improve handling of non-standard ports for GitLab and GitHub installs, fixes#8173
Load packages from the lock file for check-platform-reqs if no dependencies have been installed yet, fixes#8058
Fix error_handler return type declaration
...
- Introduce separate Lock and LocalRepo transactions, one for changes
to the lock file, one for changes to locally installed packages based
on lock file
- Remove various hacks to keep dev dependencies updated and
incorporated the functionality into the transaction classes
- Remove installed repo, there are now local repo, locked repo and
platform repo
- Remove access to local repo from solver, only supply locked packages
- Update can now be run to modify the lock file but not install packages
to local repo
* master:
Follow up to #7946 test: add solver flag to assert path execution
Fix tests
Make sure config command output is also output on --quiet so that warnings can be hidden, fixes#7963
Recognize composer-plugin-api as a platform package, fixes#7951
Quote wildcards to avoid issues in some shells, fixes#7960
Avoid dumping null values for dist reference/shasum and source reference, fixes#7955
Soften hard exit after revert of composer file
Make unixy proxy code POSIX compatible
Update aliases.md
Same but for Problem.php
Better error message for present but incompatible versions
Fix inconsistent casing
Don't do (new Foo())->bar() - not 5.3-compatible
Support identifying the HHVM version when not running with HHVM
* master:
Fix solver problem exceptions with unexpected contradictory "Conclusions"
Also load config into IO if not freshly created
Only load configuration into IO if IO is available
Fix defaultRepos fallback does not use auth config
Add warning/info msg when tweaking disable-tls setting to avoid confusion, fixes#7935
This 5 character fix comes with a solver test as well as a functional
installer test essentially verifying the same thing. The solver test is
more useful when working on the solver. But the functional test is less
likely to be accidentally modified incorrectly during refactoring, as
every single package, version and link in the rather complex test
scenario is essential, and a modified version of the test may very well
still result in a successful installation but no longer verify the bug
described below.
Background:
In commit 451bab1c2c from May 19, 2012 I
refactored literals from complex objects into pure integers to reduce
memory consumption. The absolute value of an integer literal is the id
of the package it refers to in the package pool. The sign indicates
whether the package should be installed (positive) or removed (negative),
So a major part of the refactoring was swapping this call:
$literal->getPackageId()
For this:
abs($literal)
Unintentionally in line 554/523 I incorrectly applied this change to the
line:
$this->literalFromId(-$literal->getPackageId());
It was converted to:
-abs($literal);
The function literalFromId used to create a new literal object. By using
the abs() function this change essentially forces the resulting literal
to be negative, while the minus sign previously inverted the literal, so
positive into negative and vice versa.
This particular line is in a function meant to analyze a conflicting
decision during dependency resolution and to draw a conclusion from it,
then revert the state of the solver to an earlier position, and attempt
to solve the rest of the rules again with this new "learned" conclusion.
Because of this bug these conclusions could only ever occur in the
negative, e.g. "don't install package X". This is by far the most likely
scenario when the solver reaches this particular line, but there are
exceptions.
If you experienced a solver problem description that contained a
statement like "Conclusion: don't install vendor/package 1.2.3" which
directly contradicted other statements listed as part of the problem,
this could likely have been the cause.
The update command can receive a pattern like `vendor/prefix-*`
to update all matching packages.
This has not worked if multiple packages, depending on each other,
where matched to the given pattern. No package has been updated
in this case as only the first package matching the pattern was
added to the whitelist.
When creating a transaction we try to identify all requirements that are
not themselves required by any other package. If a package references
itself this should not mark it as being required by another package.
* upstream/master: (98 commits)
Fallback to zlib extension to unpack gzip on non Windows systems
Zip extension does not provide zlib support
Unified all Windows tests throughout the code.
Added Platform utility and unit test for it.
Remove warnings for non-writable dirs, refs #3588
[doc] add -H flag to sudo commands
use full json content to determine reference, closes#4859
typos
Make sure COMPOSER_AUTH is also loaded in Config, refs #4546
Use proper defaults for IO authentications
Add verbosity input support to IOInterface
Update SolverTest.php
Update broken-deps-do-not-replace.test
Update SolverProblemsException.php
Cleaned up check+conversion that was no longer required.
Cleaner notation for expected exceptions in fixtures.
Introduced more generic, less invasive way to test for exceptions in fixtures, more in line with how phpunit works.
Included unit test for circular root dependencies.
Expanded InstallerTest to support expecting Exceptions by supplying "EXCEPTION" as "--EXPECT--"
Clarified error message and added braces.
...
By default dependencies of white listed packages are no longer installed automaticaly.
To Install dependencies of whitelisted packages use --with-dependencies.
- rework after review comments
- precise documentation of option
- add missing punctuation marks
On update, packages that are less stable than the minimum-stability allows will
now be downgraded to their correct versions, even if they were installed as
unstable already.
Nils Adermann
Jordi Boggiano
Arnout Boks
Sascha Egerer
Christophe Coevoet
Matthew Grasmick
Rob Bast
Stephen Beemsterboer
Stephen
David Zuelke
Fabien Potencier
Lucas CHERIFI
Jeremy Benoist
Jefferson Carpenter
Niels Keurentjes
Matthias Pigulla
Possum
Cees-Jan Kiewiet
Matthias Derer
Nicolas Grekas
Chris Smith
alu
Rafael Dohms
Mátyás Somfai
Christian Flothmann
Phillip Look
Marco Pivetta
Martin Hasoň
Aurélien Thieriot
Mateusz Heleniak