hugo
/
composer
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
10,545 Commits
1 Branch
0 Tags
25 MiB
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd56387edb7'
${ noResults }
Commit Graph

1359 Commits (d56387edb7bbeb6dd67394d2f2c7dc199d50cde7)

Author SHA1 Message Date
Jordi Boggiano 8694077564
Merge pull request #9177 from simonberger/reduce-requests 
Re-Fetch cached packages only once in a run
 4 years ago
Jordi Boggiano cb3c71a18a
Always assume the cache file is fresh when loading a package again which was already loaded, even if it lacks a last-modified header. 4 years ago
Jordi Boggiano fc462ab978
Merge branch '1.10' 4 years ago
Simon Berger 9516d0dc98 Re-Fetch cached packages only once in a run 4 years ago
Yanick Witschi bd6f62c535 Consistently reuse the new PlatformRepository::isPlatformPackage() method 4 years ago
Stephan 773635e355 ComposerRepository: avoid notice if includes do not provide a sha1 4 years ago
Nils Adermann 1385412748 Merge branch 'master' into filter-packages 
* master:
  Add tests for edge cases of packages providing names which exist as real packages
  Add another test verifying that a package may provide an incompatible version of sth that actually exists
  Fix provider coexistence test, needs another requirement to install both
  Fix test filename to end with .test extension so it gets run
  Update config section to note required scope for GitLab tokens
  Fix pre/post-package-install/update/uninstall events receiving a partial list of operations, fixes #9079
  Also remove credentials from cache dirs in git/svn drivers, fixes #7439, refs #9155
  AuthHelper: Allow fall-through GitLab-specific HTTP headers for auth
  Sanitize repo URLs to mask HTTP auth passwords from cache directory
  Util/Zip: fix strpos args order
 4 years ago
Yanick Witschi a1e1cd8fa4 Do not trigger Intervals::isSubsetOf() over and over again for platform packages 4 years ago
Jordi Boggiano c3db4614c9
Also remove credentials from cache dirs in git/svn drivers, fixes #7439, refs #9155 4 years ago
Ayesh Karunaratne 87573aab27
Sanitize repo URLs to mask HTTP auth passwords from cache directory 
When a Composer repository is cached, a directory name is generated created stored package meta information fetched from that repository.
The cache directory can contain HTTP basic auth tokens, or access_token query parameters that end up in the directory name of the cache directory.

Discovered when trying out [GitLab composer repository feature](https://php.watch/articles/composer-gitlab-repositories), and the HTTP password was visible in a `composer update -vvv` command.

Using passwords/tokens in the URL is fundamentally a bad idea, but Composer already has `\Composer\Util\Url::sanitize()` that tries to mitigate such cases, and this same function is applied to the repo URL before deciding the name of the repo cache directory.
 4 years ago
Jordi Boggiano 9a04ecefbf
Merge branch 'master' into filter-packages 4 years ago
Jordi Boggiano 90332f1dbd
Add a readonly mode to the cache, fixes #9150 4 years ago
Oleg Andreyev f262feebec
fixing error message for higher repository priority, when higher repo has only a dev-branch 4 years ago
Lars Strojny a83588f568
The proper fix 4 years ago
Lars Strojny 4e06aa051a
Check if inet_pton() exists 4 years ago
Jordi Boggiano c845d66818
Lowercase ext- package names, refs #9093 4 years ago
Jordi Boggiano 4d20e6f5d6
Move Version util to Platform namespace, fix CS nitpicks, make regexes case insensitive for robustness, refs #9093 4 years ago
Jordi Boggiano 7e1ef19a5a
Expand library version checking capabilities (closes #9093) 4 years ago
Wissem Riahi 657ae5519e
Add support for TAR in Artifact packages (#9105) 4 years ago
Jordi Boggiano 2d3905157d
Merge branch '1.10' 4 years ago
Jordi Boggiano 00f712a7c4
Revert "Allow specifying a version requirement for CLDR" 4 years ago
Jordi Boggiano 7028d0ce27
Merge pull request #9077 from glaubinix/f/api-data-detection 
Driver: only cache composer.json file without API data to disk
 4 years ago
Jordi Boggiano 12d6759888
Fail hard instead of skipping branches/tags quietly when parsing VCS repos if 401/403 are returned, fixes #9087 4 years ago
Jordi Boggiano 79813b2f77
Fix detection of git refs to be more strict 4 years ago
Lars Strojny 5a02ea6a96
Check that class exists 4 years ago
Lars Strojny 404dea61c2
Allow specifying a version requirement for the relevant CLDR 4 years ago
Stephan b25296ef74 Driver: only cache composer.json file without API data to disk 4 years ago
Jordi Boggiano d8fa746433
Merge pull request #9058 from Seldaek/zip-cleanup 
Clean up Zip Util to be more strict about what is a valid package archive
 4 years ago
Wissem Riahi c353ac835c
Add exception for multiple composer.json files (#3) 4 years ago
Jordi Boggiano 750a92b4b7
Fix headers array format 4 years ago
Jordi Boggiano c3d40ae79a
Fix passing of repo http options in async requests 4 years ago
Jordi Boggiano 22367a68f9
Avoid loading same packages multiple times 4 years ago
Jordi Boggiano c3028c02d9
Merge branch '1.10' 4 years ago
Jordi Boggiano eac03e16e7
Reuse repository manager and others directly from the Composer instance, refs #9057 4 years ago
Jordi Boggiano 201533e16f
Fix return value 4 years ago
Jordi Boggiano a2ab6f2b54
Add support for multiple --repository additions in create-project, and make --add-repository delete the lock file, fixes #8853 4 years ago
Jordi Boggiano 92ef439666
Merge branch '1.10' 4 years ago
Jordi Boggiano d2d3aa8494
Fix parsing of # in funding links, fixes composer/packagist#1097, closes #9035 4 years ago
Jordi Boggiano 70f211923b
Add support for list URL in composer repos, fixes #9009 4 years ago
Jordi Boggiano 86af5e5c6e
Remove conflict between trunk and master, as they do not normalize anymore 4 years ago
Jordi Boggiano e2f1e8aed6
Allow optimizing fetching of dev versions only if no other stability is needed 4 years ago
Jordi Boggiano 6f9b39180c
Add phpdocs 4 years ago
Jordi Boggiano 05dacbdabb
Rename DEV_MASTER_ALIAS to DEFAULT_BRANCH_ALIAS 4 years ago
Jordi Boggiano 821e575658
Merge branch '1.10' 4 years ago
Stephan Vock 52332d994e GitDriver: use authentication for supports check 4 years ago
Jordi Boggiano 923f198a1f
Fix default-branch attribute on package files, and add it to schema 4 years ago
Jordi Boggiano 4682efcf77
Support also default_branch flag in cached versions 4 years ago
Jordi Boggiano 52afa5ef16
Fix handling of default branches 4 years ago
Jordi Boggiano ce368f8269
Store default branch info inside metadata 4 years ago
Jordi Boggiano 04381c70fe
Merge branch '1.10' 4 years ago
Jordi Boggiano cb1f3899bb
Revert "Store default branch info inside metadata" 
This reverts commit 472a62152d.
 4 years ago
Jordi Boggiano 8c0ecf7337
Clarify why a dev tag was ignored, fixes #8951 4 years ago
Jordi Boggiano 93d4cf6f91
Add --no-show-signature where git supports it, fixes #8966 4 years ago
Jordi Boggiano 472a62152d
Store default branch info inside metadata 4 years ago
Jordi Boggiano 80d1b1a34c
Merge pull request #8987 from GrahamCampbell/patch-2 
Marked getRootAliasesPerPackage as static
 4 years ago
Jordi Boggiano c8731598cc
Merge branch '1.10' 4 years ago
Graham Campbell 643852a2b0
Marked getRootAliasesPerPackage as static 4 years ago
Jordi Boggiano 0d369c87bc
Merge pull request #8975 from ffraenz/pr 
Composer 2: Allow plugins to override the URL before triggering the download
 4 years ago
Jordi Boggiano 5aae7f4f20
Merge remote-tracking branch 'jderusse/optimize-compile' 4 years ago
Jordi Boggiano a797ee1322
Fix inline aliases not being loaded when extracting dev requirements, fixes #8954 4 years ago
Fränz Friederes 5c13c97428
Implement type and context properties in PreFileDownloadEvent 4 years ago
Fränz Friederes 13bdf8553a
Add setProcessedUrl method to PreFileDownloadEvent 4 years ago
Graham Campbell fa799970ad Replace whitelist with allow list 4 years ago
Jordi Boggiano a4a617abb4
Reduce amount of Filesystem/ProcessExecutor instantiations, add lots of docblocks 4 years ago
Jérémy Derussé 95e6e16b78
Use Semver compiled constraints 4 years ago
azjezz 30f994e424 fix deprecations in PHP 8 4 years ago
Jordi Boggiano c7fb15faf4
Update to MatchAllConstraint 4 years ago
Jordi Boggiano ef3797cdd6
Cache successful requests to make sure subsequent loadPackages calls do not do the same requests for nothing 4 years ago
Ayesh Karunaratne d4c8478df5
Improve regex in \Composer\Repository\ComposerRepository::fetchFile() by removing unnecessary greedy operator 4 years ago
Jordi Boggiano 56811b4c8f
Exclude platform require/provides from InstalledVersions as concrete ones are also not listed 4 years ago
Jordi Boggiano 3c593b0d12
Remove duplicate use statement 4 years ago
Jordi Boggiano 74a63b4d6b
Merge branch '1.10' 4 years ago
Alessandro Lai ff05150c4e Add composer-runtime-api version constant 4 years ago
Alessandro Lai 270c7c3262
Backport validation support for composer-runtime-api (#8842) 
Fixes #8841
 4 years ago
Jordi Boggiano 6529fabb24
Add isFresh to InstalledRepositoryInterface and make sure local repo is always an InstalledRepositoryInterface 4 years ago
Jordi Boggiano c2f77d80bd
Remove usage of 5.6+ constant 4 years ago
Jordi Boggiano 0ab48a1773
Add composer-runtime-api platform package 4 years ago
Jordi Boggiano 0d1922dc27
Add a Composer\Versions class which is available in all projects at runtime to query installed packages/versions 4 years ago
Pierre Grimaud a42c6ceff3 Fix typos 4 years ago
Jordi Boggiano 424c08d6b2
Fix bug loading ~dev in some circumstances 4 years ago
Jordi Boggiano 5b54a93751
Fix phpstan build 5 years ago
Jordi Boggiano 44a4429978
Remove PEAR installer/downloader/repos/..., fixes #8778 5 years ago
Jordi Boggiano 6bed9d8f13
Implement count and search correctly in FilterRepository 5 years ago
Jordi Boggiano 62fda2ed85
Reorg ComposerRepository to fix tests 5 years ago
Jordi Boggiano 048781c268
Fix whatProvides function declaration 5 years ago
Jordi Boggiano 4ea6b1ef55
Make all params non-optional 5 years ago
Ayesh Karunaratne fdb35a6a06
Fix \Composer\Installer\PackageEvent::__construct() and \Composer\Repository\ComposerRepository::isVersionAcceptable() required arguments used after optional, which is deprecated in PHP 8.0 
1. `Deprecated: Required parameter $name follows optional parameter $constraint in src\Composer\Repository\ComposerRepository.php on line 745`

2. `Deprecated: Required parameter $operation follows optional parameter $operations in src\Composer\Installer\PackageEvent.php on line 73`

Optional parameters with a type declared, and a default value of `null` is excepted from this deprecation. See https://php.watch/versions/8.0/deprecate-required-param-after-optional. This is the case in `ComposerRepository::isVersionAcceptable`, which still has two optional parameters as first two parameters, but this will not raise a deprecation notice.
 5 years ago
Jordi Boggiano a7ad186c89
Return early in case a call to the wrapped repo is unnecessary 5 years ago
Jordi Boggiano b6bad4eef6
Add options to configure repository priorities 5 years ago
Jordi Boggiano 59c831c2f8
Add docs to loadPackages 5 years ago
Jordi Boggiano aa6be02c64
Allow COMPOSER_DISABLE_NETWORK to work with GitHubDriver by doing a cache priming pass first 5 years ago
Jordi Boggiano a695f686c3
Add some docblocks and make sure RepositorySet/PoolBuilder accept regular rootAliases and not pre-normalized ones 5 years ago
Markus Staab 593d5abf27
use more precise phpstan/psam return-types (#8744) 5 years ago
Markus Staab c30925e68d
extracted `VersionParser::DEV_MASTER_ALIAS` (#8742) 5 years ago
Adam Žurek 25cd2382cb
Raise phpstan level to 1 (#8027) 5 years ago
Jordi Boggiano d34ea60c48
canonicalize providers api url 5 years ago
Jordi Boggiano 87757de6bc
Merge branch '2.0' 5 years ago
Jordi Boggiano 1c73f078f7
Remove repository field from getProviders result 5 years ago
Jordi Boggiano 379baa1560
Merge pull request #8717 from naderman/t/pool-builder-allow-list 
Move processing of partial update argument list into the pool builder
 5 years ago
Nils Adermann c270d3cfa6 PoolBuilder: make io non-nullable, NullIO can be used instead 5 years ago