893fbfcb89
Add support for "extra.branch-version"
4 years ago
8ad33298ff
Fix regression, refs #9204
4 years ago
24abd233ec
Merge branch 'master' into code-improvements
4 years ago
9528ce7057
Fix invalid usage of Link class, fixes #9252
4 years ago
2223b93efd
Several small code improvements
4 years ago
80d71ccb3f
Merged isset, unset and str_replace calls
4 years ago
a4509d28e7
Introduce constants for Composer\Package\Link types
4 years ago
4f4c299015
Add pretty constraint to links in PlatformRepository
...
fixes #9210
4 years ago
974e7ba296
Removed unneccesary elseifs
4 years ago
80a75e9959
Minor code improvements
4 years ago
a6475a7118
Removed unused variables, properties and parameters of private functions
4 years ago
002fd39bc6
Removed passing of parameters with default value
4 years ago
cda6e8bea6
Removed unnecessary property initialization or declaration
4 years ago
6b3b51e299
Fixed $this usage on static functions
4 years ago
74e02193a8
Do not hard fail on lazy repository when network is disabled and no package cache exists
4 years ago
bb96b04f4a
Remove dead code
4 years ago
2a82371adf
Rename available-package-regexes to available-package-patterns and switch negated function around, refs #9197
4 years ago
66a767c065
specify covered names with regexes in 2.x repos
...
This supplements the available-packages list so that repositories may
rule themselves out of a given name (and thus not be probed with lazy
load requests) by regex, as well as by exact name match.
The use case is sizeable and varying supplemental Composer repositories
such as packages.drupal.org, which otherwise must either maintain a list
of over 10k package names in their root packages.json or accept lots of
lazy-load requests for unrelated packages that will 404.
4 years ago
bae227ec2d
Changed all substr calls used to compare fragments of text to strpos
...
Some additional code cleanups in those classes
Reverted change causing issues
4 years ago
8694077564
Merge pull request #9177 from simonberger/reduce-requests
...
Re-Fetch cached packages only once in a run
4 years ago
cb3c71a18a
Always assume the cache file is fresh when loading a package again which was already loaded, even if it lacks a last-modified header.
4 years ago
fc462ab978
Merge branch '1.10'
4 years ago
9516d0dc98
Re-Fetch cached packages only once in a run
4 years ago
bd6f62c535
Consistently reuse the new PlatformRepository::isPlatformPackage() method
4 years ago
773635e355
ComposerRepository: avoid notice if includes do not provide a sha1
4 years ago
1385412748
Merge branch 'master' into filter-packages
...
* master:
Add tests for edge cases of packages providing names which exist as real packages
Add another test verifying that a package may provide an incompatible version of sth that actually exists
Fix provider coexistence test, needs another requirement to install both
Fix test filename to end with .test extension so it gets run
Update config section to note required scope for GitLab tokens
Fix pre/post-package-install/update/uninstall events receiving a partial list of operations, fixes #9079
Also remove credentials from cache dirs in git/svn drivers, fixes #7439 , refs #9155
AuthHelper: Allow fall-through GitLab-specific HTTP headers for auth
Sanitize repo URLs to mask HTTP auth passwords from cache directory
Util/Zip: fix strpos args order
4 years ago
a1e1cd8fa4
Do not trigger Intervals::isSubsetOf() over and over again for platform packages
4 years ago
c3db4614c9
Also remove credentials from cache dirs in git/svn drivers, fixes #7439 , refs #9155
4 years ago
87573aab27
Sanitize repo URLs to mask HTTP auth passwords from cache directory
...
When a Composer repository is cached, a directory name is generated created stored package meta information fetched from that repository.
The cache directory can contain HTTP basic auth tokens, or access_token query parameters that end up in the directory name of the cache directory.
Discovered when trying out [GitLab composer repository feature](https://php.watch/articles/composer-gitlab-repositories ), and the HTTP password was visible in a `composer update -vvv` command.
Using passwords/tokens in the URL is fundamentally a bad idea, but Composer already has `\Composer\Util\Url::sanitize()` that tries to mitigate such cases, and this same function is applied to the repo URL before deciding the name of the repo cache directory.
4 years ago
9a04ecefbf
Merge branch 'master' into filter-packages
4 years ago
90332f1dbd
Add a readonly mode to the cache, fixes #9150
4 years ago
f262feebec
fixing error message for higher repository priority, when higher repo has only a dev-branch
4 years ago
a83588f568
The proper fix
4 years ago
4e06aa051a
Check if inet_pton() exists
4 years ago
c845d66818
Lowercase ext- package names, refs #9093
4 years ago
4d20e6f5d6
Move Version util to Platform namespace, fix CS nitpicks, make regexes case insensitive for robustness, refs #9093
4 years ago
7e1ef19a5a
Expand library version checking capabilities ( closes #9093 )
4 years ago
657ae5519e
Add support for TAR in Artifact packages ( #9105 )
4 years ago
2d3905157d
Merge branch '1.10'
4 years ago
00f712a7c4
Revert "Allow specifying a version requirement for CLDR"
4 years ago
7028d0ce27
Merge pull request #9077 from glaubinix/f/api-data-detection
...
Driver: only cache composer.json file without API data to disk
4 years ago
12d6759888
Fail hard instead of skipping branches/tags quietly when parsing VCS repos if 401/403 are returned, fixes #9087
4 years ago
79813b2f77
Fix detection of git refs to be more strict
4 years ago
5a02ea6a96
Check that class exists
4 years ago
404dea61c2
Allow specifying a version requirement for the relevant CLDR
4 years ago
b25296ef74
Driver: only cache composer.json file without API data to disk
4 years ago
d8fa746433
Merge pull request #9058 from Seldaek/zip-cleanup
...
Clean up Zip Util to be more strict about what is a valid package archive
4 years ago
c353ac835c
Add exception for multiple composer.json files ( #3 )
4 years ago
750a92b4b7
Fix headers array format
4 years ago
c3d40ae79a
Fix passing of repo http options in async requests
4 years ago
22367a68f9
Avoid loading same packages multiple times
4 years ago
c3028c02d9
Merge branch '1.10'
4 years ago
eac03e16e7
Reuse repository manager and others directly from the Composer instance, refs #9057
4 years ago
201533e16f
Fix return value
4 years ago
a2ab6f2b54
Add support for multiple --repository additions in create-project, and make --add-repository delete the lock file, fixes #8853
4 years ago
92ef439666
Merge branch '1.10'
4 years ago
d2d3aa8494
Fix parsing of # in funding links, fixes composer/packagist#1097, closes #9035
4 years ago
70f211923b
Add support for list URL in composer repos, fixes #9009
4 years ago
86af5e5c6e
Remove conflict between trunk and master, as they do not normalize anymore
4 years ago
e2f1e8aed6
Allow optimizing fetching of dev versions only if no other stability is needed
4 years ago
6f9b39180c
Add phpdocs
4 years ago
05dacbdabb
Rename DEV_MASTER_ALIAS to DEFAULT_BRANCH_ALIAS
4 years ago
821e575658
Merge branch '1.10'
4 years ago
52332d994e
GitDriver: use authentication for supports check
4 years ago
923f198a1f
Fix default-branch attribute on package files, and add it to schema
4 years ago
4682efcf77
Support also default_branch flag in cached versions
4 years ago
52afa5ef16
Fix handling of default branches
4 years ago
ce368f8269
Store default branch info inside metadata
4 years ago
04381c70fe
Merge branch '1.10'
4 years ago
cb1f3899bb
Revert "Store default branch info inside metadata"
...
This reverts commit 472a62152d
4 years ago
8c0ecf7337
Clarify why a dev tag was ignored, fixes #8951
4 years ago
93d4cf6f91
Add --no-show-signature where git supports it, fixes #8966
4 years ago
472a62152d
Store default branch info inside metadata
4 years ago
80d1b1a34c
Merge pull request #8987 from GrahamCampbell/patch-2
...
Marked getRootAliasesPerPackage as static
4 years ago
c8731598cc
Merge branch '1.10'
4 years ago
643852a2b0
Marked getRootAliasesPerPackage as static
4 years ago
0d369c87bc
Merge pull request #8975 from ffraenz/pr
...
Composer 2: Allow plugins to override the URL before triggering the download
4 years ago
5aae7f4f20
Merge remote-tracking branch 'jderusse/optimize-compile'
4 years ago
a797ee1322
Fix inline aliases not being loaded when extracting dev requirements, fixes #8954
4 years ago
5c13c97428
Implement type and context properties in PreFileDownloadEvent
4 years ago
13bdf8553a
Add setProcessedUrl method to PreFileDownloadEvent
4 years ago
fa799970ad
Replace whitelist with allow list
4 years ago
a4a617abb4
Reduce amount of Filesystem/ProcessExecutor instantiations, add lots of docblocks
4 years ago
95e6e16b78
Use Semver compiled constraints
4 years ago
30f994e424
fix deprecations in PHP 8
4 years ago
c7fb15faf4
Update to MatchAllConstraint
4 years ago
ef3797cdd6
Cache successful requests to make sure subsequent loadPackages calls do not do the same requests for nothing
4 years ago
d4c8478df5
Improve regex in \Composer\Repository\ComposerRepository::fetchFile() by removing unnecessary greedy operator
4 years ago
56811b4c8f
Exclude platform require/provides from InstalledVersions as concrete ones are also not listed
4 years ago
3c593b0d12
Remove duplicate use statement
4 years ago
74a63b4d6b
Merge branch '1.10'
4 years ago
ff05150c4e
Add composer-runtime-api version constant
4 years ago
270c7c3262
Backport validation support for composer-runtime-api ( #8842 )
...
Fixes #8841
4 years ago
6529fabb24
Add isFresh to InstalledRepositoryInterface and make sure local repo is always an InstalledRepositoryInterface
4 years ago
c2f77d80bd
Remove usage of 5.6+ constant
4 years ago
0ab48a1773
Add composer-runtime-api platform package
4 years ago
0d1922dc27
Add a Composer\Versions class which is available in all projects at runtime to query installed packages/versions
4 years ago
a42c6ceff3
Fix typos
4 years ago
424c08d6b2
Fix bug loading ~dev in some circumstances
4 years ago
5b54a93751
Fix phpstan build
4 years ago
44a4429978
Remove PEAR installer/downloader/repos/..., fixes #8778
4 years ago
6bed9d8f13
Implement count and search correctly in FilterRepository
4 years ago
62fda2ed85
Reorg ComposerRepository to fix tests
4 years ago
048781c268
Fix whatProvides function declaration
4 years ago
4ea6b1ef55
Make all params non-optional
4 years ago
fdb35a6a06
Fix \Composer\Installer\PackageEvent::__construct() and \Composer\Repository\ComposerRepository::isVersionAcceptable() required arguments used after optional, which is deprecated in PHP 8.0
...
1. `Deprecated: Required parameter $name follows optional parameter $constraint in src\Composer\Repository\ComposerRepository.php on line 745`
2. `Deprecated: Required parameter $operation follows optional parameter $operations in src\Composer\Installer\PackageEvent.php on line 73`
Optional parameters with a type declared, and a default value of `null` is excepted from this deprecation. See https://php.watch/versions/8.0/deprecate-required-param-after-optional . This is the case in `ComposerRepository::isVersionAcceptable`, which still has two optional parameters as first two parameters, but this will not raise a deprecation notice.
4 years ago
a7ad186c89
Return early in case a call to the wrapped repo is unnecessary
4 years ago
b6bad4eef6
Add options to configure repository priorities
4 years ago
59c831c2f8
Add docs to loadPackages
4 years ago
aa6be02c64
Allow COMPOSER_DISABLE_NETWORK to work with GitHubDriver by doing a cache priming pass first
4 years ago
a695f686c3
Add some docblocks and make sure RepositorySet/PoolBuilder accept regular rootAliases and not pre-normalized ones
4 years ago
593d5abf27
use more precise phpstan/psam return-types ( #8744 )
4 years ago
c30925e68d
extracted `VersionParser::DEV_MASTER_ALIAS` ( #8742 )
4 years ago
25cd2382cb
Raise phpstan level to 1 ( #8027 )
4 years ago
d34ea60c48
canonicalize providers api url
4 years ago
87757de6bc
Merge branch '2.0'
4 years ago
1c73f078f7
Remove repository field from getProviders result
4 years ago
379baa1560
Merge pull request #8717 from naderman/t/pool-builder-allow-list
...
Move processing of partial update argument list into the pool builder
4 years ago
c270d3cfa6
PoolBuilder: make io non-nullable, NullIO can be used instead
4 years ago
6e45a53e76
Add support for relative paths in handling of install-path for the installed.json
4 years ago
01fe92905a
The update allow list is now generated while building the pool
...
This reduces code complexity while making partial updates more
predictable. This also allows composer require to successfully run a
partial update for a new package with transitive dependency updates.
4 years ago
7e679656a4
Keep absolute path repos symlinks absolute, fixes #8700
4 years ago
c2d0fed06b
Tweak lock repo name
4 years ago
e15f7d6bb7
Merge branch 'master' into 2.0
4 years ago
08cee4c3e9
Implement getProviders equally on all repos
4 years ago
ee8df484c4
Separate createPool and createPoolWithAllPackages, fix test description
4 years ago
281d8930ff
For dev extraction skip pool building, we already have a working package set
...
Also reduce getProviders back to just providers, and add some todos
4 years ago
1f467046d7
Implement getProviders on reposet for all repo types and add replacers
...
This way errors during require dev extraction make more sense
4 years ago
9c84f4d79f
Make sure InstalledRepository itself can be added too but requires allowing installed repos in reposet
4 years ago
ba04a46cae
Fix 5.3 issue
4 years ago
d13ce20b6e
Fix handling of composer repos with v1 version_normalized format
4 years ago
a453792d6b
Merge pull request #8682 from glaubinix/f/gitlab-guest-token-access
...
GitLab: properly handle token which has Guest only access
4 years ago
d559bf5387
Allow configuring a path repo to an empty path as long as using wildcards and the wildcard root exists, fixes #8679
4 years ago
402c64c271
Update src/Composer/Repository/Vcs/GitLabDriver.php
...
Co-Authored-By: Jordi Boggiano <j.boggiano@seld.be>
4 years ago
55d252b9c3
GitLab: properly handle token which has Guest only access
4 years ago
d63eb8179e
Merge branch 'master' into 2.0
4 years ago
7a270955f5
Fix issues handling branch names with pipes in them
4 years ago
80875e896d
Merge branch 'master' into 2.0
4 years ago
05737a46fb
Improve funding info parsing
4 years ago
9cab8c10cc
Merge branch 'master' into 2.0
4 years ago
c4f19e51d8
Rework the funding info parsing to avoid requiring graphql permissions
4 years ago
a2eb0bab12
Abort loop correctly when package is a match
4 years ago
5b41b78809
Optimize findPackagesWithReplacersAndProviders to avoid multiple loops over replace/provide links
4 years ago
20e4cc3b6f
Fix finding replacers/providers to check constraints correctly
4 years ago
2e82e34fe0
Merge branch 'master' into 2.0
4 years ago
4f59162827
Fix class name of caught exception
4 years ago
0ad322e51f
Fix tests
4 years ago
bc002ae1fb
Merge branch 'master' into 2.0
4 years ago
8dc055bec7
Fix 5.3 syntax
4 years ago
f171d1fd89
Avoid requiring auth for the funding API access
4 years ago
Nicolas Grekas
Jordi Boggiano
Simon Berger
Michael Telgmann
Mike Baynton
Yanick Witschi
Stephan
Nils Adermann
Ayesh Karunaratne
Oleg Andreyev
Lars Strojny
Wissem Riahi
Stephan Vock
Graham Campbell
Fränz Friederes
Graham Campbell
Jérémy Derussé
azjezz
Alessandro Lai
Pierre Grimaud
Markus Staab
Adam Žurek