hugo
/
composer
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
11,155 Commits
1 Branch
0 Tags
25 MiB
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '54123e4093'
${ noResults }
Commit Graph

1428 Commits (54123e4093c7770ec3d807263274ce750302bc4b)

Author SHA1 Message Date
Jochen Roth b6c9d34125
Add install-path and type to installedVersions.php and installed.php, add method to get installed packages by type 
Issue https://github.com/composer/composer/issues/9648
 3 years ago
Jordi Boggiano 9ba042ded8
Add Platform-PHP version to user-agent header to improve targetted-php stats (#9873) 3 years ago
Jordi Boggiano 40c7a725e1
Merge branch '2.0' 3 years ago
Jordi Boggiano 332c46af8b
Merge pull request from GHSA-h5h8-pc6h-jvvx 
* Fix external process calls to avoid user input being able to pass extra parameters

* Tweak some fixes
 3 years ago
Adam e291aa1d12
Allow PreFileDownloadEvent to carry transport options for metadata (#9831) 3 years ago
Adam 180ba49f33
ComposerRepository::asyncFetchFile() does not pass the downloaded URL to PostFileDownloadEvent (#9827) 3 years ago
Jordi Boggiano d75d79b452
Merge pull request #9822 from phenaproxima/post-file-download 
Fire POST_FILE_DOWNLOAD event for metadata fetched by ComposerRepository
 3 years ago
Jordi Boggiano 9a9c738f23
Add repository instance to Pre/PostFileDownloadEvent metadata 3 years ago
Jordi Boggiano 7dd95a768b
Clean stuff up and deprecate old usages for PostFileDownloadEvent 3 years ago
Phéna Proxima df0a2cdd0a Fire POST_FILE_DOWNLOAD event for metadata fetched by ComposerRepository. 3 years ago
Jordi Boggiano a4eb2d4096
Merge branch '2.0' 3 years ago
Jordi Boggiano ddc3693725
Switch to composer/metadata-minifier, fixes #9727 3 years ago
Adam 29befaa94b
Make ComposerRepository::configurePackageTransportOptions() protected. (#9818) 3 years ago
Jordi Boggiano 1179e4b481
Change root.dev-requirement to root.dev in installed.php as the root is not required per se, and this simply tracks the dev mode at install time 3 years ago
Jordi Boggiano 5d6f9b2528
Prefer @phpstan- annotations as that is what we run against 3 years ago
Jordi Boggiano 059b5b197d
Merge branch '2.0' 3 years ago
Jordi Boggiano 17747181d0
Clarify behavior of name in VCS repo, closes #9752 3 years ago
Jordi Boggiano 4940009f83
Bump phpstan to level 3 (#9734) 
Clean up PackageInterface/CompletePackageInterface, add missing methods, type things in solver as BasePackage, added CompleteAliasPackage, ..
 3 years ago
Jordi Boggiano 8392508e23
Merge branch '2.0' 3 years ago
Jordi Boggiano de8a737015
Fix var shadowing 3 years ago
Jordi Boggiano 40800df6bd
Fix CS 3 years ago
Jordi Boggiano 7c555b6382
Merge pull request #9682 from nicolas-grekas/installed-no-dev 
Allow querying InstalledVersions::isInstalled() for no-dev packages
 3 years ago
Jordi Boggiano 8da3b3b9be
List relevant conflicts in why/why-not, fixes #9693 3 years ago
Nicolas Grekas 7d4501816c Allow querying InstalledVersions::isInstalled() for no-dev packages 3 years ago
Jordi Boggiano 03e8cacd12
Merge pull request #9696 from Seldaek/fix_installed_versions_during_update 
Fix installed versions usage issues when using it in plugins during a Composer update process
 3 years ago
Jordi Boggiano f7e8f7625f
Remove plugin installer hackery 3 years ago
brandonkelly 62af444821 Check if SODIUM_LIBRARY_VERSION is defined 3 years ago
Jordi Boggiano cf324ee664
Make sure the plugins can use InstalledVersions to introspect themselves when being activated right after initial install 3 years ago
Jordi Boggiano e7f6dd287c
Merge branch '1.10' 3 years ago
Jordi Boggiano abcf9e993b
Fix processes silently ignoring the CWD when it does not exist, refs #9694 3 years ago
Jordi Boggiano a6d92e1eee
Sanitize URLs 3 years ago
Jordi Boggiano 902174d2a7
Improve error reporting when failing to load a package, fixes #9680 3 years ago
Jordi Boggiano 07b8c23f02
Merge branch '1.10' 3 years ago
Nicolas Grekas 725b33ee5a Handle "versions" option in PathRepository, remove support for "branch-version" 3 years ago
Nicolas Grekas 079e501ac8 Revert "Merge pull request #9273 from nicolas-grekas/dev-version" 
This reverts commit d2d606ced2, reversing
changes made to 4a8dbcd145.
 3 years ago
Jordi Boggiano 51371944e1
Add comment about not removing the static $installed data, refs #9635 3 years ago
Jordi Boggiano b7d770659b
CS fixes 4 years ago
Andrés De la Cruz 480a6439fd
Fix phpstan phpdocs issues (#9478) 4 years ago
Jordi Boggiano fec44f883c
Always load the current InstalledVersions when writing to disk, fixes #9457 4 years ago
Jordi Boggiano 56c65a58e2
Make platform-check only check non-dev requires, refs #9412 4 years ago
Jordi Boggiano abd61369e4
Revert "Support git@bitbucket.org URLs for git-bitbucket driver", fixes #9400 
This reverts commit 985cef790f.
 4 years ago
Jordi Boggiano 985cef790f
Support git@bitbucket.org URLs for git-bitbucket driver 4 years ago
Jordi Boggiano 3772696ad6
Use IO for output 4 years ago
Jordi Boggiano 191196de48
Detect broken packagist.org mirrors and fix them on the fly, refs #9297 4 years ago
Jordi Boggiano 0d236858ec
Merge branch '1.10' 4 years ago
Christophe Coevoet 3dd7e829b9 Fix support of provided packages in the why-not command 
The version provided by such a rule is defined by the constraint of the
rule, not by the package version.
 4 years ago
Jordi Boggiano 14ec957e96
Fix composer show -a usage, fixes #9304 4 years ago
Jordi Boggiano 7ea6d5d2e7
Merge branch '1.10' 4 years ago
Nicolas Grekas 4feed8b85c Fix parsing "branch-version" 4 years ago
Jordi Boggiano bafdf9f705
Merge branch '1.10' 4 years ago
Nicolas Grekas 893fbfcb89 Add support for "extra.branch-version" 4 years ago
Jordi Boggiano 8ad33298ff
Fix regression, refs #9204 4 years ago
Jordi Boggiano 24abd233ec
Merge branch 'master' into code-improvements 4 years ago
Jordi Boggiano 9528ce7057
Fix invalid usage of Link class, fixes #9252 4 years ago
Simon Berger 2223b93efd Several small code improvements 4 years ago
Simon Berger 80d71ccb3f Merged isset, unset and str_replace calls 4 years ago
Michael Telgmann a4509d28e7
Introduce constants for Composer\Package\Link types 4 years ago
Michael Telgmann 4f4c299015
Add pretty constraint to links in PlatformRepository 
fixes #9210
 4 years ago
Simon Berger 974e7ba296 Removed unneccesary elseifs 4 years ago
Simon Berger 80a75e9959 Minor code improvements 4 years ago
Simon Berger a6475a7118 Removed unused variables, properties and parameters of private functions 4 years ago
Simon Berger 002fd39bc6 Removed passing of parameters with default value 4 years ago
Simon Berger cda6e8bea6 Removed unnecessary property initialization or declaration 4 years ago
Simon Berger 6b3b51e299 Fixed $this usage on static functions 4 years ago
Simon Berger 74e02193a8 Do not hard fail on lazy repository when network is disabled and no package cache exists 4 years ago
Jordi Boggiano bb96b04f4a
Remove dead code 4 years ago
Jordi Boggiano 2a82371adf
Rename available-package-regexes to available-package-patterns and switch negated function around, refs #9197 4 years ago
Mike Baynton 66a767c065 specify covered names with regexes in 2.x repos 
This supplements the available-packages list so that repositories may
rule themselves out of a given name (and thus not be probed with lazy
load requests) by regex, as well as by exact name match.

The use case is sizeable and varying supplemental Composer repositories
such as packages.drupal.org, which otherwise must either maintain a list
of over 10k package names in their root packages.json or accept lots of
lazy-load requests for unrelated packages that will 404.
 4 years ago
Simon Berger bae227ec2d Changed all substr calls used to compare fragments of text to strpos 
Some additional code cleanups in those classes

Reverted change causing issues
 4 years ago
Jordi Boggiano 8694077564
Merge pull request #9177 from simonberger/reduce-requests 
Re-Fetch cached packages only once in a run
 4 years ago
Jordi Boggiano cb3c71a18a
Always assume the cache file is fresh when loading a package again which was already loaded, even if it lacks a last-modified header. 4 years ago
Jordi Boggiano fc462ab978
Merge branch '1.10' 4 years ago
Simon Berger 9516d0dc98 Re-Fetch cached packages only once in a run 4 years ago
Yanick Witschi bd6f62c535 Consistently reuse the new PlatformRepository::isPlatformPackage() method 4 years ago
Stephan 773635e355 ComposerRepository: avoid notice if includes do not provide a sha1 4 years ago
Nils Adermann 1385412748 Merge branch 'master' into filter-packages 
* master:
  Add tests for edge cases of packages providing names which exist as real packages
  Add another test verifying that a package may provide an incompatible version of sth that actually exists
  Fix provider coexistence test, needs another requirement to install both
  Fix test filename to end with .test extension so it gets run
  Update config section to note required scope for GitLab tokens
  Fix pre/post-package-install/update/uninstall events receiving a partial list of operations, fixes #9079
  Also remove credentials from cache dirs in git/svn drivers, fixes #7439, refs #9155
  AuthHelper: Allow fall-through GitLab-specific HTTP headers for auth
  Sanitize repo URLs to mask HTTP auth passwords from cache directory
  Util/Zip: fix strpos args order
 4 years ago
Yanick Witschi a1e1cd8fa4 Do not trigger Intervals::isSubsetOf() over and over again for platform packages 4 years ago
Jordi Boggiano c3db4614c9
Also remove credentials from cache dirs in git/svn drivers, fixes #7439, refs #9155 4 years ago
Ayesh Karunaratne 87573aab27
Sanitize repo URLs to mask HTTP auth passwords from cache directory 
When a Composer repository is cached, a directory name is generated created stored package meta information fetched from that repository.
The cache directory can contain HTTP basic auth tokens, or access_token query parameters that end up in the directory name of the cache directory.

Discovered when trying out [GitLab composer repository feature](https://php.watch/articles/composer-gitlab-repositories), and the HTTP password was visible in a `composer update -vvv` command.

Using passwords/tokens in the URL is fundamentally a bad idea, but Composer already has `\Composer\Util\Url::sanitize()` that tries to mitigate such cases, and this same function is applied to the repo URL before deciding the name of the repo cache directory.
 4 years ago
Jordi Boggiano 9a04ecefbf
Merge branch 'master' into filter-packages 4 years ago
Jordi Boggiano 90332f1dbd
Add a readonly mode to the cache, fixes #9150 4 years ago
Oleg Andreyev f262feebec
fixing error message for higher repository priority, when higher repo has only a dev-branch 4 years ago
Lars Strojny a83588f568
The proper fix 4 years ago
Lars Strojny 4e06aa051a
Check if inet_pton() exists 4 years ago
Jordi Boggiano c845d66818
Lowercase ext- package names, refs #9093 4 years ago
Jordi Boggiano 4d20e6f5d6
Move Version util to Platform namespace, fix CS nitpicks, make regexes case insensitive for robustness, refs #9093 4 years ago
Jordi Boggiano 7e1ef19a5a
Expand library version checking capabilities (closes #9093) 4 years ago
Wissem Riahi 657ae5519e
Add support for TAR in Artifact packages (#9105) 4 years ago
Jordi Boggiano 2d3905157d
Merge branch '1.10' 4 years ago
Jordi Boggiano 00f712a7c4
Revert "Allow specifying a version requirement for CLDR" 4 years ago
Jordi Boggiano 7028d0ce27
Merge pull request #9077 from glaubinix/f/api-data-detection 
Driver: only cache composer.json file without API data to disk
 4 years ago
Jordi Boggiano 12d6759888
Fail hard instead of skipping branches/tags quietly when parsing VCS repos if 401/403 are returned, fixes #9087 4 years ago
Jordi Boggiano 79813b2f77
Fix detection of git refs to be more strict 4 years ago
Lars Strojny 5a02ea6a96
Check that class exists 4 years ago
Lars Strojny 404dea61c2
Allow specifying a version requirement for the relevant CLDR 4 years ago
Stephan b25296ef74 Driver: only cache composer.json file without API data to disk 4 years ago
Jordi Boggiano d8fa746433
Merge pull request #9058 from Seldaek/zip-cleanup 
Clean up Zip Util to be more strict about what is a valid package archive
 4 years ago
Wissem Riahi c353ac835c
Add exception for multiple composer.json files (#3) 4 years ago
Jordi Boggiano 750a92b4b7
Fix headers array format 4 years ago
Jordi Boggiano c3d40ae79a
Fix passing of repo http options in async requests 4 years ago