mwalbeck/docker-composer
1
0
Fork 0
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity

Update dependency composer/composer to v2 #169

Closed
renovate-bot wants to merge 1 commits from renovate/composer-composer-2.x into master
pull from: renovate/composer-composer-2.x
merge into: mwalbeck:master
Conversation 1 Commits 1 Files Changed 2 +2 -2
renovate-bot commented 2021-12-22 11:03:38 +00:00
Collaborator
Copy Link

This PR contains the following updates:

Package Update Change
composer/composer major 1.10.24 -> 2.2.3

Release Notes

composer/composer

v2.2.3

Compare Source

  • Fixed issue with PHPUnit and process isolation now including PHPUnit <6.5 (#​10387)
    • Fixed interoperability issue with laminas/laminas-zendframework-bridge and Composer 2.2 (#​10401)
    • Fixed binary proxies for shell scripts to work correctly when they are symlinked (jakzal/phpqa#​336)
    • Fixed overly greedy pool optimization in cases where a locked package is not required by anything anymore in a partial update (#​10405)

v2.2.2

Compare Source

  • Added COMPOSER_BIN_DIR env var and _composer_bin_dir global containing the path to the bin-dir for binaries. Packages relying on finding the bin dir with $BASH_SOURCES[0] will need to update their binaries (#​10402)
    • Fixed issue when new binary proxies are combined with PHPUnit and process isolation (#​10387)
    • Fixed deprecation warnings when using Symfony 5.4+ and requiring composer/composer itself (#​10404)
    • Fixed UX of plugin warnings (#​10381)

v2.2.1

Compare Source

  • Fixed plugin autoloading including files autoload rules from the root package (#​10382)
    • Fixed issue parsing php files with unterminated comments found inside backticks (#​10385)

v2.2.0

Compare Source

  • Added support for using dev-main as the default path repo package version if no VCS info is available (#​10372)
    • Added --no-scripts as a globally supported flag to all Composer commands to disable scripts execution (#​10371)
    • Fixed self-update failing in some edge cases due to loading plugins (#​10371)
    • Fixed display of conflicts showing the wrong package name in some conditions (#​10355)

v2.1.14

Compare Source

  • Fixed invalid release build

v2.1.12

Compare Source

  • Fixed issues in proxied binary files relying on FILE / DIR on php <8 (#​10261)
    • Fixed 9999999-dev being shown in some cases by the show command (#​10260)
    • Fixed GitHub Actions output escaping regression on PHP 8.1 (#​10250)

v2.1.11

Compare Source

  • Fixed issues in proxied binary files when using declare() on php <8 (#​10249)
    • Fixed GitHub Actions output escaping issues (#​10243)

v2.1.10

Compare Source

  • Added type annotations to all classes, which may have an effect on CI/static analysis for people using Composer as a dependency (#​10159)
    • Fixed CurlDownloader requesting gzip encoding even when no gzip support is present (#​10153)
    • Fixed regression in 2.1.6 where the help command was not working for plugin commands (#​10147)
    • Fixed warning showing when an invalid cache dir is configured but unused (#​10125)
    • Fixed require command reverting changes even though dependency resolution succeeded when something fails in scripts for example (#​10118)
    • Fixed require not finding the right package version when some newly required extension is missing from the system (#​10167)
    • Fixed proxied binary file issues, now using output buffering (e1dbd65)
    • Fixed and improved error reporting in several edge cases (#​9804, #​10136, #​10163, #​10224, #​10209)
    • Fixed some more Windows CLI parameter escaping edge cases

v2.1.9

Compare Source

  • Security: Fixed command injection vulnerability on Windows (GHSA-frqg-7g38-6gcf / CVE-2021-41116)
    • Fixed classmap parsing with a new class parser which does not rely on regexes anymore (#​10107)
    • Fixed inline git credentials showing up in output in some conditions (#​10115)
    • Fixed support for running updates while offline as long as the cache contains enough information (#​10116)
    • Fixed show --all foo/bar which as of 2.0.0 was not showing all versions anymore but only the installed one (#​10095)
    • Fixed VCS repos ignoring some versions silently when the API rate limit is reached (#​10132)
    • Fixed CA bundle to remove the expired Let's Encrypt root CA

v2.1.8

Compare Source

  • Fixed regression in 2.1.7 when parsing classmaps in files containing invalid Unicode (#​10102)

v2.1.7

Compare Source

  • Added many type annotations internally, which may have an effect on CI/static analysis for people using Composer as a dependency. This work will continue in following releases
    • Fixed regression in 2.1.6 when parsing classmaps with empty heredocs (#​10067)
    • Fixed regression in 2.1.6 where list command was not showing plugin commands (#​10075)
    • Fixed issue handling package updates where the package type changed (#​10076)
    • Fixed docker being detected as WSL when run inside WSL (#​10094)

v2.1.6

Compare Source

  • Updated internal PHAR signatures to be SHA512 instead of SHA1
    • Fixed uncaught exception handler regression (#​10022)
    • Fixed more PHP 8.1 deprecation warnings (#​10036, #​10038, #​10061)
    • Fixed corrupted zips in the cache from blocking installs until a cache clear, the bad archives are now deleted automatically on first failure (#​10028)
    • Fixed URL sanitizer handling of new github tokens (#​10048)
    • Fixed issue finding classes with very long heredocs in classmap autoload (#​10050)
    • Fixed proc_open being required for simple installs from zip, as well as diagnose (#​9253)
    • Fixed path repository bug causing symlinks to be left behind after a package is uninstalled (#​10023)
    • Fixed issue in 7-zip support on windows with certain archives (#​10058)
    • Fixed bootstrapping process to avoid loading the composer.json and plugins until necessary, speeding things up slightly (#​10064)
    • Fixed lib-openssl detection on FreeBSD (#​10046)
    • Fixed support for ircs:// protocol for support.irc composer.json entries

v2.1.5

Compare Source

  • Fixed create-project creating a php: directory in the directory it was executed in (#​10020, #​10021)
    • Fixed curl downloader to respect default_socket_timeout if it is bigger than our default 300s (#​10018)

v2.1.4

Compare Source

  • Fixed PHP 8.1 deprecation warnings (#​10008)
    • Fixed support for working within UNC/WSL paths on Windows (#​9993)
    • Fixed 7-zip support to also be looked up on Linux/macOS as 7z or 7zz (#​9951)
    • Fixed repositories' only/exclude properties to avoid matching names as sub-strings of full package names (#​10001)
    • Fixed open_basedir regression from #​9855
    • Fixed schema errors being reported incorrectly in some conditions (#​9986)
    • Fixed archive command not working with async archive extraction
    • Fixed init command being able to generate an invalid composer.json (#​9986)

v2.1.3

Compare Source

  • Add "symlink" option for "bin-compat" config to force symlinking even on WSL/Windows (#​9959)
    • Fixed source binaries not being made executable when symlinks cannot be used (#​9961)
    • Fixed more deletion edge cases (#​9955, #​9956)
    • Fixed dump-autoload command not dispatching scripts anymore, regressed in 2.1.2 (#​9954)

v2.1.2

Compare Source

  • Added --dev to dump-autoload command to allow force-dumping dev autoload rules even if dev requirements are not present (#​9946)
    • Fixed --no-scripts disabling events for plugins too instead of only disabling script handlers, using --no-plugins is the way to disable plugins (#​9942)
    • Fixed handling of deletions during package installs on some filesystems (#​9945, #​9947)
    • Fixed undefined array access when using "@​php " in a script handler (#​9943)
    • Fixed usage of InstalledVersions when loaded from composer/composer installed as a dependency and runtime Composer is v1 (#​9937)

v2.1.1

Compare Source

  • Fixed invalid release build

v2.1.0

Compare Source

  • Fixed PHP 8.1 deprecation warning (#​9932)
    • Fixed env var handling when variables_order includes E and symfony/console 3.3.15+ is in use (#​9930)

v2.0.14

Compare Source

  • Updated composer/xdebug-handler to 2.0 which adds supports for Xdebug 3
    • Fixed handling of inline-update-constraints with references or stability flags (#​9847)
    • Fixed async processes erroring in an unclear way when they failed to start (#​9808)
    • Fixed support for the upcoming Symfony 6.0 release when Composer is installed as a library (#​9896)
    • Fixed progress output missing newlines on PowerShell, and disable progress output by default when CI env var is present (#​9621)
    • Fixed support for Vagrant/VirtualBox filesystem slowness when installing binaries from packages (#​9627)
    • Fixed type annotations for the InstalledVersions class
    • Deprecated InstalledVersions::getRawData in favor of InstalledVersions::getAllRawData (#​9816)

v2.0.13

Compare Source

  • Security: Fixed command injection vulnerability in HgDriver/HgDownloader and hardened other VCS drivers and downloaders (GHSA-h5h8-pc6h-jvvx / CVE-2021-29472)
    • Fixed install step at the end of the init command to take new dependencies into account correctly
    • Fixed update --lock listing updates which were not really happening (#​9812)
    • Fixed support for --no-dev combined with --locked in outdated and show commands (#​9788)

v2.0.12

Compare Source

  • Fixed support for new GitHub OAuth token format (#​9757)
    • Fixed support for Vagrant/VirtualBox filesystem slowness by adding short sleeps in some places (#​9627)
    • Fixed unclear error reporting when a package is in the lock file but not in the remote repositories (#​9750)
    • Fixed processes silently ignoring the CWD when it does not exist
    • Fixed new Windows bin handling to avoid proxying phar files (#​9742)
    • Fixed issue extracting archives into paths that already exist, fixing problems with some custom installers (composer/installers#​479)
    • Fixed support for branch names starting with master/trunk/default (#​9739)
    • Fixed self-update to preserve phar file permissions on Windows (#​9733)
    • Fixed detection of hg version when localized (#​9753)
    • Fixed git execution failures to also include the stdout output (#​9720)

v2.0.11

Compare Source

  • Reverted "Fixed runtime autoloader registration (for plugins and script handlers) to prefer the project dependencies over the bundled Composer ones" as it caused more problems than expected

v2.0.10

Compare Source

  • Added COMPOSER_MAX_PARALLEL_HTTP to let people set a lower amount of parallel requests if needed
    • Fixed autoloader registration when plugins are loaded, which may impact plugins relying on this bug (if you use symfony/flex make sure you upgrade it to 1.12.2+ to fix dump-env issues)
    • Fixed exec command suppressing output in some circumstances
    • Fixed Windows/cmd.exe support for script handlers defined as path/to/foo, which are now rewritten internally to path\to\foo when needed
    • Fixed bin handling on Windows for PHP scripts, to more closely match symlinks and allow @php vendor/bin/foo to work cross-platform
    • Fixed Git for Windows/Git Bash not being detected correctly as an interactive shell (regression since 2.0.7)
    • Fixed regression handling some private Bitbucket repository clones
    • Fixed Ctrl-C/SIGINT handling during downloads to correctly abort as soon as possible
    • Fixed runtime autoloader registration (for plugins and script handlers) to prefer the project dependencies over the bundled Composer ones
    • Fixed numeric default branches being aliased as 9999999-dev internally. This alias now only applies to default branches being non-numeric (e.g. dev-main)
    • Fixed support for older lib-sodium versions
    • Fixed various minor issues

v2.0.9

Compare Source

  • Added warning if the curl extension is not enabled as it significantly degrades performance
    • Fixed InstalledVersions to report all packages when several vendor dirs are present in the same runtime
    • Fixed download speed when downloading large files
    • Fixed archive and path repo copies mishandling some .gitignore paths
    • Fixed root package classes not being available to the plugins/scripts during the initial install
    • Fixed cache writes to be atomic and better support multiple Composer processes running in parallel
    • Fixed preg jit issues when config or require modifies large composer.json files
    • Fixed compatibility with envs having open_basedir restrictions
    • Fixed exclude-from-classmap causing regex issues when having too many paths
    • Fixed compatibility issue with Symfony 4/5
    • Several small performance and debug output improvements

v2.0.8

Compare Source

  • Fixed packages with aliases not matching conflicts which match the alias
    • Fixed invalid reports of uncommitted changes when using non-default remotes in vendor dir
    • Fixed curl error handling edge cases
    • Fixed cached git repositories becoming stale by having a git gc applied to them periodically
    • Fixed issue initializing plugins when using dev packages
    • Fixed update --lock / mirrors failing to update in some edge cases
    • Fixed partial update with --with-dependencies failing in some edge cases with some nonsensical error

v2.0.7

Compare Source

  • Fixed detection of TTY mode, made input non-interactive automatically if STDIN is not a TTY
    • Fixed root aliases not being present in lock file if not required by anything else
    • Fixed remove command requiring a lock file to be present
    • Fixed Composer\InstalledVersions to always contain up to date data during installation
    • Fixed status command breaking on slow networks
    • Fixed order of POST_PACKAGE_* events to occur together once all installations of a package batch are done

v2.0.6

Compare Source

  • Fixed regression in 2.0.5 dealing with custom installers which do not pass absolute paths

v2.0.5

Compare Source

  • Disabled platform-check verification of extensions by default (now defaulting php-only), set platform-check to true if you want a complete check
    • Improved platform-check handling of issue reporting
    • Fixed platform-check to only check non-dev requires even if require-dev dependencies are installed
    • Fixed issues dealing with custom installers which return trailing slashes in getInstallPath (ideally avoid doing this as there might be other issues left)
    • Fixed issues when curl functions are disabled
    • Fixed gitlab-domains/github-domains to make sure if they are overridden the default value remains present
    • Fixed issues removing/upgrading packages from path repositories on Windows
    • Fixed regression in 2.0.4 when handling of git@bitbucket.org URLs in vcs repositories
    • Fixed issue running create-project in current directory on Windows

v2.0.4

Compare Source

  • Fixed check-platform-req command not being clear on what packages are checked, and added a --lock flag to explicitly check the locked packages
    • Fixed config & create-project adding of repositories to make sure they are prepended as order is much more important in Composer 2, also added a --append flag to config to restore the old behavior in the unlikely case this is needed
    • Fixed curl downloader failing on old PHP releases or when using self-signed SSL certificates
    • Fixed Bitbucket API authentication issue

v2.0.3

Compare Source

  • Fixed bug in outdated command where dev packages with branch-aliases where always shown as being outdated
    • Fixed issue in lock file interoperability with composer 1.x when using dev-master as xxx aliases
    • Fixed new --locked option being missing from outdated command, for checking outdated packages directly from the lock file
    • Fixed a few debug/error reporting strings

v2.0.2

Compare Source

  • Fixed regression handling composer show -s in projects where no version can be guessed from VCS
    • Fixed regression handling partial updates/require when a lock file was missing
    • Fixed interop issue with plugins that need to update dist URLs of packages, see docs if you need this

v2.0.1

Compare Source

  • Updated composer/xdebug-handler to 2.0 which adds supports for Xdebug 3
    • Fixed handling of inline-update-constraints with references or stability flags (#​9847)
    • Fixed async processes erroring in an unclear way when they failed to start (#​9808)
    • Fixed support for the upcoming Symfony 6.0 release when Composer is installed as a library (#​9896)
    • Fixed progress output missing newlines on PowerShell, and disable progress output by default when CI env var is present (#​9621)
    • Fixed support for Vagrant/VirtualBox filesystem slowness when installing binaries from packages (#​9627)
    • Fixed type annotations for the InstalledVersions class
    • Deprecated InstalledVersions::getRawData in favor of InstalledVersions::getAllRawData (#​9816)

v2.0.0

Compare Source

  • Fixed proxy handling issues when combined with our new curl-based downloader
    • Fixed solver bug resulting in endless loops in some cases
    • Fixed solver output being extremely long due to learnt rules
    • Fixed solver bug with multi literals
    • Fixed a couple minor regressions

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [composer/composer](https://github.com/composer/composer) | major | `1.10.24` -> `2.2.3` | --- ### Release Notes <details> <summary>composer/composer</summary> ### [`v2.2.3`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;223-2021-12-31) [Compare Source](https://github.com/composer/composer/compare/2.2.2...2.2.3) - Fixed issue with PHPUnit and process isolation now including PHPUnit <6.5 ([#&#8203;10387](https://github.com/composer/composer/issues/10387)) - Fixed interoperability issue with laminas/laminas-zendframework-bridge and Composer 2.2 ([#&#8203;10401](https://github.com/composer/composer/issues/10401)) - Fixed binary proxies for shell scripts to work correctly when they are symlinked ([jakzal/phpqa#&#8203;336](https://github.com/jakzal/phpqa/issues/336)) - Fixed overly greedy pool optimization in cases where a locked package is not required by anything anymore in a partial update ([#&#8203;10405](https://github.com/composer/composer/issues/10405)) ### [`v2.2.2`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;222-2021-12-29) [Compare Source](https://github.com/composer/composer/compare/2.2.1...2.2.2) - Added [`COMPOSER_BIN_DIR` env var and `_composer_bin_dir` global](https://getcomposer.org/doc/articles/vendor-binaries.md#finding-the-composer-bin-dir-from-a-binary) containing the path to the bin-dir for binaries. Packages relying on finding the bin dir with `$BASH_SOURCES[0]` will need to update their binaries ([#&#8203;10402](https://github.com/composer/composer/issues/10402)) - Fixed issue when new binary proxies are combined with PHPUnit and process isolation ([#&#8203;10387](https://github.com/composer/composer/issues/10387)) - Fixed deprecation warnings when using Symfony 5.4+ and requiring composer/composer itself ([#&#8203;10404](https://github.com/composer/composer/issues/10404)) - Fixed UX of plugin warnings ([#&#8203;10381](https://github.com/composer/composer/issues/10381)) ### [`v2.2.1`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;221-2021-12-22) [Compare Source](https://github.com/composer/composer/compare/2.2.0...2.2.1) - Fixed plugin autoloading including files autoload rules from the root package ([#&#8203;10382](https://github.com/composer/composer/issues/10382)) - Fixed issue parsing php files with unterminated comments found inside backticks ([#&#8203;10385](https://github.com/composer/composer/issues/10385)) ### [`v2.2.0`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;220-2021-12-22) [Compare Source](https://github.com/composer/composer/compare/2.1.14...2.2.0) - Added support for using `dev-main` as the default path repo package version if no VCS info is available ([#&#8203;10372](https://github.com/composer/composer/issues/10372)) - Added --no-scripts as a globally supported flag to all Composer commands to disable scripts execution ([#&#8203;10371](https://github.com/composer/composer/issues/10371)) - Fixed self-update failing in some edge cases due to loading plugins ([#&#8203;10371](https://github.com/composer/composer/issues/10371)) - Fixed display of conflicts showing the wrong package name in some conditions ([#&#8203;10355](https://github.com/composer/composer/issues/10355)) ### [`v2.1.14`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;2114-2021-11-30) [Compare Source](https://github.com/composer/composer/compare/2.1.12...2.1.14) - Fixed invalid release build ### [`v2.1.12`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;2112-2021-11-09) [Compare Source](https://github.com/composer/composer/compare/2.1.11...2.1.12) - Fixed issues in proxied binary files relying on **FILE** / **DIR** on php <8 ([#&#8203;10261](https://github.com/composer/composer/issues/10261)) - Fixed [`9999999`](https://github.com/composer/composer/commit/9999999)-dev being shown in some cases by the `show` command ([#&#8203;10260](https://github.com/composer/composer/issues/10260)) - Fixed GitHub Actions output escaping regression on PHP 8.1 ([#&#8203;10250](https://github.com/composer/composer/issues/10250)) ### [`v2.1.11`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;2111-2021-11-02) [Compare Source](https://github.com/composer/composer/compare/2.1.10...2.1.11) - Fixed issues in proxied binary files when using declare() on php <8 ([#&#8203;10249](https://github.com/composer/composer/issues/10249)) - Fixed GitHub Actions output escaping issues ([#&#8203;10243](https://github.com/composer/composer/issues/10243)) ### [`v2.1.10`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;2110-2021-10-29) [Compare Source](https://github.com/composer/composer/compare/2.1.9...2.1.10) - Added type annotations to all classes, which may have an effect on CI/static analysis for people using Composer as a dependency ([#&#8203;10159](https://github.com/composer/composer/issues/10159)) - Fixed CurlDownloader requesting gzip encoding even when no gzip support is present ([#&#8203;10153](https://github.com/composer/composer/issues/10153)) - Fixed regression in 2.1.6 where the help command was not working for plugin commands ([#&#8203;10147](https://github.com/composer/composer/issues/10147)) - Fixed warning showing when an invalid cache dir is configured but unused ([#&#8203;10125](https://github.com/composer/composer/issues/10125)) - Fixed `require` command reverting changes even though dependency resolution succeeded when something fails in scripts for example ([#&#8203;10118](https://github.com/composer/composer/issues/10118)) - Fixed `require` not finding the right package version when some newly required extension is missing from the system ([#&#8203;10167](https://github.com/composer/composer/issues/10167)) - Fixed proxied binary file issues, now using output buffering ([`e1dbd65`](https://github.com/composer/composer/commit/e1dbd65aff)) - Fixed and improved error reporting in several edge cases ([#&#8203;9804](https://github.com/composer/composer/issues/9804), [#&#8203;10136](https://github.com/composer/composer/issues/10136), [#&#8203;10163](https://github.com/composer/composer/issues/10163), [#&#8203;10224](https://github.com/composer/composer/issues/10224), [#&#8203;10209](https://github.com/composer/composer/issues/10209)) - Fixed some more Windows CLI parameter escaping edge cases ### [`v2.1.9`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;219-2021-10-05) [Compare Source](https://github.com/composer/composer/compare/2.1.8...2.1.9) - Security: Fixed command injection vulnerability on Windows (GHSA-frqg-7g38-6gcf / CVE-2021-41116) - Fixed classmap parsing with a new class parser which does not rely on regexes anymore ([#&#8203;10107](https://github.com/composer/composer/issues/10107)) - Fixed inline git credentials showing up in output in some conditions ([#&#8203;10115](https://github.com/composer/composer/issues/10115)) - Fixed support for running updates while offline as long as the cache contains enough information ([#&#8203;10116](https://github.com/composer/composer/issues/10116)) - Fixed `show --all foo/bar` which as of 2.0.0 was not showing all versions anymore but only the installed one ([#&#8203;10095](https://github.com/composer/composer/issues/10095)) - Fixed VCS repos ignoring some versions silently when the API rate limit is reached ([#&#8203;10132](https://github.com/composer/composer/issues/10132)) - Fixed CA bundle to remove the expired Let's Encrypt root CA ### [`v2.1.8`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;218-2021-09-15) [Compare Source](https://github.com/composer/composer/compare/2.1.7...2.1.8) - Fixed regression in 2.1.7 when parsing classmaps in files containing invalid Unicode ([#&#8203;10102](https://github.com/composer/composer/issues/10102)) ### [`v2.1.7`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;217-2021-09-14) [Compare Source](https://github.com/composer/composer/compare/2.1.6...2.1.7) - Added many type annotations internally, which may have an effect on CI/static analysis for people using Composer as a dependency. This work will continue in following releases - Fixed regression in 2.1.6 when parsing classmaps with empty heredocs ([#&#8203;10067](https://github.com/composer/composer/issues/10067)) - Fixed regression in 2.1.6 where list command was not showing plugin commands ([#&#8203;10075](https://github.com/composer/composer/issues/10075)) - Fixed issue handling package updates where the package type changed ([#&#8203;10076](https://github.com/composer/composer/issues/10076)) - Fixed docker being detected as WSL when run inside WSL ([#&#8203;10094](https://github.com/composer/composer/issues/10094)) ### [`v2.1.6`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;216-2021-08-19) [Compare Source](https://github.com/composer/composer/compare/2.1.5...2.1.6) - Updated internal PHAR signatures to be SHA512 instead of SHA1 - Fixed uncaught exception handler regression ([#&#8203;10022](https://github.com/composer/composer/issues/10022)) - Fixed more PHP 8.1 deprecation warnings ([#&#8203;10036](https://github.com/composer/composer/issues/10036), [#&#8203;10038](https://github.com/composer/composer/issues/10038), [#&#8203;10061](https://github.com/composer/composer/issues/10061)) - Fixed corrupted zips in the cache from blocking installs until a cache clear, the bad archives are now deleted automatically on first failure ([#&#8203;10028](https://github.com/composer/composer/issues/10028)) - Fixed URL sanitizer handling of new github tokens ([#&#8203;10048](https://github.com/composer/composer/issues/10048)) - Fixed issue finding classes with very long heredocs in classmap autoload ([#&#8203;10050](https://github.com/composer/composer/issues/10050)) - Fixed proc_open being required for simple installs from zip, as well as diagnose ([#&#8203;9253](https://github.com/composer/composer/issues/9253)) - Fixed path repository bug causing symlinks to be left behind after a package is uninstalled ([#&#8203;10023](https://github.com/composer/composer/issues/10023)) - Fixed issue in 7-zip support on windows with certain archives ([#&#8203;10058](https://github.com/composer/composer/issues/10058)) - Fixed bootstrapping process to avoid loading the composer.json and plugins until necessary, speeding things up slightly ([#&#8203;10064](https://github.com/composer/composer/issues/10064)) - Fixed lib-openssl detection on FreeBSD ([#&#8203;10046](https://github.com/composer/composer/issues/10046)) - Fixed support for `ircs://` protocol for support.irc composer.json entries ### [`v2.1.5`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;215-2021-07-23) [Compare Source](https://github.com/composer/composer/compare/2.1.4...2.1.5) - Fixed `create-project` creating a `php:` directory in the directory it was executed in ([#&#8203;10020](https://github.com/composer/composer/issues/10020), [#&#8203;10021](https://github.com/composer/composer/issues/10021)) - Fixed curl downloader to respect default_socket_timeout if it is bigger than our default 300s ([#&#8203;10018](https://github.com/composer/composer/issues/10018)) ### [`v2.1.4`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;214-2021-07-22) [Compare Source](https://github.com/composer/composer/compare/2.1.3...2.1.4) - Fixed PHP 8.1 deprecation warnings ([#&#8203;10008](https://github.com/composer/composer/issues/10008)) - Fixed support for working within UNC/WSL paths on Windows ([#&#8203;9993](https://github.com/composer/composer/issues/9993)) - Fixed 7-zip support to also be looked up on Linux/macOS as 7z or 7zz ([#&#8203;9951](https://github.com/composer/composer/issues/9951)) - Fixed repositories' `only`/`exclude` properties to avoid matching names as sub-strings of full package names ([#&#8203;10001](https://github.com/composer/composer/issues/10001)) - Fixed open_basedir regression from [#&#8203;9855](https://github.com/composer/composer/issues/9855) - Fixed schema errors being reported incorrectly in some conditions ([#&#8203;9986](https://github.com/composer/composer/issues/9986)) - Fixed `archive` command not working with async archive extraction - Fixed `init` command being able to generate an invalid composer.json ([#&#8203;9986](https://github.com/composer/composer/issues/9986)) ### [`v2.1.3`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;213-2021-06-09) [Compare Source](https://github.com/composer/composer/compare/2.1.2...2.1.3) - Add "symlink" option for "bin-compat" config to force symlinking even on WSL/Windows ([#&#8203;9959](https://github.com/composer/composer/issues/9959)) - Fixed source binaries not being made executable when symlinks cannot be used ([#&#8203;9961](https://github.com/composer/composer/issues/9961)) - Fixed more deletion edge cases ([#&#8203;9955](https://github.com/composer/composer/issues/9955), [#&#8203;9956](https://github.com/composer/composer/issues/9956)) - Fixed `dump-autoload` command not dispatching scripts anymore, regressed in 2.1.2 ([#&#8203;9954](https://github.com/composer/composer/issues/9954)) ### [`v2.1.2`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;212-2021-06-07) [Compare Source](https://github.com/composer/composer/compare/2.1.1...2.1.2) - Added `--dev` to `dump-autoload` command to allow force-dumping dev autoload rules even if dev requirements are not present ([#&#8203;9946](https://github.com/composer/composer/issues/9946)) - Fixed `--no-scripts` disabling events for plugins too instead of only disabling script handlers, using `--no-plugins` is the way to disable plugins ([#&#8203;9942](https://github.com/composer/composer/issues/9942)) - Fixed handling of deletions during package installs on some filesystems ([#&#8203;9945](https://github.com/composer/composer/issues/9945), [#&#8203;9947](https://github.com/composer/composer/issues/9947)) - Fixed undefined array access when using "[@&#8203;php](https://github.com/php) <absolute path>" in a script handler ([#&#8203;9943](https://github.com/composer/composer/issues/9943)) - Fixed usage of InstalledVersions when loaded from composer/composer installed as a dependency and runtime Composer is v1 ([#&#8203;9937](https://github.com/composer/composer/issues/9937)) ### [`v2.1.1`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;2114-2021-11-30) [Compare Source](https://github.com/composer/composer/compare/2.1.0...2.1.1) - Fixed invalid release build ### [`v2.1.0`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;210-2021-06-03) [Compare Source](https://github.com/composer/composer/compare/2.0.14...2.1.0) - Fixed PHP 8.1 deprecation warning ([#&#8203;9932](https://github.com/composer/composer/issues/9932)) - Fixed env var handling when variables_order includes E and symfony/console 3.3.15+ is in use ([#&#8203;9930](https://github.com/composer/composer/issues/9930)) ### [`v2.0.14`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;2014-2021-05-21) [Compare Source](https://github.com/composer/composer/compare/2.0.13...2.0.14) - Updated composer/xdebug-handler to 2.0 which adds supports for Xdebug 3 - Fixed handling of inline-update-constraints with references or stability flags ([#&#8203;9847](https://github.com/composer/composer/issues/9847)) - Fixed async processes erroring in an unclear way when they failed to start ([#&#8203;9808](https://github.com/composer/composer/issues/9808)) - Fixed support for the upcoming Symfony 6.0 release when Composer is installed as a library ([#&#8203;9896](https://github.com/composer/composer/issues/9896)) - Fixed progress output missing newlines on PowerShell, and disable progress output by default when CI env var is present ([#&#8203;9621](https://github.com/composer/composer/issues/9621)) - Fixed support for Vagrant/VirtualBox filesystem slowness when installing binaries from packages ([#&#8203;9627](https://github.com/composer/composer/issues/9627)) - Fixed type annotations for the InstalledVersions class - Deprecated InstalledVersions::getRawData in favor of InstalledVersions::getAllRawData ([#&#8203;9816](https://github.com/composer/composer/issues/9816)) ### [`v2.0.13`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;2013-2021-04-27) [Compare Source](https://github.com/composer/composer/compare/2.0.12...2.0.13) - Security: Fixed command injection vulnerability in HgDriver/HgDownloader and hardened other VCS drivers and downloaders (GHSA-h5h8-pc6h-jvvx / CVE-2021-29472) - Fixed install step at the end of the init command to take new dependencies into account correctly - Fixed `update --lock` listing updates which were not really happening ([#&#8203;9812](https://github.com/composer/composer/issues/9812)) - Fixed support for --no-dev combined with --locked in outdated and show commands ([#&#8203;9788](https://github.com/composer/composer/issues/9788)) ### [`v2.0.12`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;2012-2021-04-01) [Compare Source](https://github.com/composer/composer/compare/2.0.11...2.0.12) - Fixed support for new GitHub OAuth token format ([#&#8203;9757](https://github.com/composer/composer/issues/9757)) - Fixed support for Vagrant/VirtualBox filesystem slowness by adding short sleeps in some places ([#&#8203;9627](https://github.com/composer/composer/issues/9627)) - Fixed unclear error reporting when a package is in the lock file but not in the remote repositories ([#&#8203;9750](https://github.com/composer/composer/issues/9750)) - Fixed processes silently ignoring the CWD when it does not exist - Fixed new Windows bin handling to avoid proxying phar files ([#&#8203;9742](https://github.com/composer/composer/issues/9742)) - Fixed issue extracting archives into paths that already exist, fixing problems with some custom installers ([composer/installers#&#8203;479](https://github.com/composer/installers/issues/479)) - Fixed support for branch names starting with master/trunk/default ([#&#8203;9739](https://github.com/composer/composer/issues/9739)) - Fixed self-update to preserve phar file permissions on Windows ([#&#8203;9733](https://github.com/composer/composer/issues/9733)) - Fixed detection of hg version when localized ([#&#8203;9753](https://github.com/composer/composer/issues/9753)) - Fixed git execution failures to also include the stdout output ([#&#8203;9720](https://github.com/composer/composer/issues/9720)) ### [`v2.0.11`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;2011-2021-02-24) [Compare Source](https://github.com/composer/composer/compare/2.0.10...2.0.11) - Reverted "Fixed runtime autoloader registration (for plugins and script handlers) to prefer the project dependencies over the bundled Composer ones" as it caused more problems than expected ### [`v2.0.10`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;2010-2021-02-23) [Compare Source](https://github.com/composer/composer/compare/2.0.9...2.0.10) - Added COMPOSER_MAX_PARALLEL_HTTP to let people set a lower amount of parallel requests if needed - Fixed autoloader registration when plugins are loaded, which may impact plugins relying on this bug (if you use `symfony/flex` make sure you upgrade it to 1.12.2+ to fix `dump-env` issues) - Fixed `exec` command suppressing output in some circumstances - Fixed Windows/cmd.exe support for script handlers defined as `path/to/foo`, which are now rewritten internally to `path\to\foo` when needed - Fixed bin handling on Windows for PHP scripts, to more closely match symlinks and allow `@php vendor/bin/foo` to work cross-platform - Fixed Git for Windows/Git Bash not being detected correctly as an interactive shell (regression since 2.0.7) - Fixed regression handling some private Bitbucket repository clones - Fixed Ctrl-C/SIGINT handling during downloads to correctly abort as soon as possible - Fixed runtime autoloader registration (for plugins and script handlers) to prefer the project dependencies over the bundled Composer ones - Fixed numeric default branches being aliased as [`9999999`](https://github.com/composer/composer/commit/9999999)-dev internally. This alias now only applies to default branches being non-numeric (e.g. `dev-main`) - Fixed support for older lib-sodium versions - Fixed various minor issues ### [`v2.0.9`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;209-2021-01-27) [Compare Source](https://github.com/composer/composer/compare/2.0.8...2.0.9) - Added warning if the curl extension is not enabled as it significantly degrades performance - Fixed InstalledVersions to report all packages when several vendor dirs are present in the same runtime - Fixed download speed when downloading large files - Fixed `archive` and path repo copies mishandling some .gitignore paths - Fixed root package classes not being available to the plugins/scripts during the initial install - Fixed cache writes to be atomic and better support multiple Composer processes running in parallel - Fixed preg jit issues when `config` or `require` modifies large composer.json files - Fixed compatibility with envs having open_basedir restrictions - Fixed exclude-from-classmap causing regex issues when having too many paths - Fixed compatibility issue with Symfony 4/5 - Several small performance and debug output improvements ### [`v2.0.8`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;208-2020-12-03) [Compare Source](https://github.com/composer/composer/compare/2.0.7...2.0.8) - Fixed packages with aliases not matching conflicts which match the alias - Fixed invalid reports of uncommitted changes when using non-default remotes in vendor dir - Fixed curl error handling edge cases - Fixed cached git repositories becoming stale by having a `git gc` applied to them periodically - Fixed issue initializing plugins when using dev packages - Fixed update --lock / mirrors failing to update in some edge cases - Fixed partial update with --with-dependencies failing in some edge cases with some nonsensical error ### [`v2.0.7`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;207-2020-11-13) [Compare Source](https://github.com/composer/composer/compare/2.0.6...2.0.7) - Fixed detection of TTY mode, made input non-interactive automatically if STDIN is not a TTY - Fixed root aliases not being present in lock file if not required by anything else - Fixed `remove` command requiring a lock file to be present - Fixed `Composer\InstalledVersions` to always contain up to date data during installation - Fixed `status` command breaking on slow networks - Fixed order of POST_PACKAGE_\* events to occur together once all installations of a package batch are done ### [`v2.0.6`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;206-2020-11-07) [Compare Source](https://github.com/composer/composer/compare/2.0.5...2.0.6) - Fixed regression in 2.0.5 dealing with custom installers which do not pass absolute paths ### [`v2.0.5`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;205-2020-11-06) [Compare Source](https://github.com/composer/composer/compare/2.0.4...2.0.5) - Disabled platform-check verification of extensions by default (now defaulting `php-only`), set platform-check to `true` if you want a complete check - Improved platform-check handling of issue reporting - Fixed platform-check to only check non-dev requires even if require-dev dependencies are installed - Fixed issues dealing with custom installers which return trailing slashes in getInstallPath (ideally avoid doing this as there might be other issues left) - Fixed issues when curl functions are disabled - Fixed gitlab-domains/github-domains to make sure if they are overridden the default value remains present - Fixed issues removing/upgrading packages from path repositories on Windows - Fixed regression in 2.0.4 when handling of git@bitbucket.org URLs in vcs repositories - Fixed issue running create-project in current directory on Windows ### [`v2.0.4`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;204-2020-10-30) [Compare Source](https://github.com/composer/composer/compare/2.0.3...2.0.4) - Fixed `check-platform-req` command not being clear on what packages are checked, and added a --lock flag to explicitly check the locked packages - Fixed `config` & `create-project` adding of repositories to make sure they are prepended as order is much more important in Composer 2, also added a --append flag to `config` to restore the old behavior in the unlikely case this is needed - Fixed curl downloader failing on old PHP releases or when using self-signed SSL certificates - Fixed Bitbucket API authentication issue ### [`v2.0.3`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;203-2020-10-28) [Compare Source](https://github.com/composer/composer/compare/2.0.2...2.0.3) - Fixed bug in `outdated` command where dev packages with branch-aliases where always shown as being outdated - Fixed issue in lock file interoperability with composer 1.x when using `dev-master as xxx` aliases - Fixed new `--locked` option being missing from `outdated` command, for checking outdated packages directly from the lock file - Fixed a few debug/error reporting strings ### [`v2.0.2`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;202-2020-10-25) [Compare Source](https://github.com/composer/composer/compare/2.0.1...2.0.2) - Fixed regression handling `composer show -s` in projects where no version can be guessed from VCS - Fixed regression handling partial updates/`require` when a lock file was missing - Fixed interop issue with plugins that need to update dist URLs of packages, [see docs](https://getcomposer.org/doc/articles/plugins.md#plugin-modifies-downloads) if you need this ### [`v2.0.1`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;2014-2021-05-21) [Compare Source](https://github.com/composer/composer/compare/2.0.0...2.0.1) - Updated composer/xdebug-handler to 2.0 which adds supports for Xdebug 3 - Fixed handling of inline-update-constraints with references or stability flags ([#&#8203;9847](https://github.com/composer/composer/issues/9847)) - Fixed async processes erroring in an unclear way when they failed to start ([#&#8203;9808](https://github.com/composer/composer/issues/9808)) - Fixed support for the upcoming Symfony 6.0 release when Composer is installed as a library ([#&#8203;9896](https://github.com/composer/composer/issues/9896)) - Fixed progress output missing newlines on PowerShell, and disable progress output by default when CI env var is present ([#&#8203;9621](https://github.com/composer/composer/issues/9621)) - Fixed support for Vagrant/VirtualBox filesystem slowness when installing binaries from packages ([#&#8203;9627](https://github.com/composer/composer/issues/9627)) - Fixed type annotations for the InstalledVersions class - Deprecated InstalledVersions::getRawData in favor of InstalledVersions::getAllRawData ([#&#8203;9816](https://github.com/composer/composer/issues/9816)) ### [`v2.0.0`](https://github.com/composer/composer/blob/HEAD/CHANGELOG.md#&#8203;200-2020-10-24) [Compare Source](https://github.com/composer/composer/compare/1.10.24...2.0.0) - Fixed proxy handling issues when combined with our new curl-based downloader - Fixed solver bug resulting in endless loops in some cases - Fixed solver output being extremely long due to learnt rules - Fixed solver bug with multi literals - Fixed a couple minor regressions </details> --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
renovate-bot changed title from Update dependency composer/composer to v2.2.0 to Update dependency composer/composer to v2.2.1 2021-12-22 22:03:37 +00:00
renovate-bot force-pushed renovate/composer-composer-2.x from c1c121c195 to 9e4185ee4c 2021-12-22 22:03:39 +00:00 Compare
renovate-bot changed title from Update dependency composer/composer to v2.2.1 to Update dependency composer/composer to v2.2.2 2021-12-29 14:03:38 +00:00
renovate-bot force-pushed renovate/composer-composer-2.x from 9e4185ee4c to 5f15f77c48 2021-12-29 14:03:41 +00:00 Compare
renovate-bot changed title from Update dependency composer/composer to v2.2.2 to Update dependency composer/composer to v2.2.3 2021-12-31 12:03:36 +00:00
renovate-bot force-pushed renovate/composer-composer-2.x from 5f15f77c48 to 8fbcfbf133 2021-12-31 12:03:39 +00:00 Compare
renovate-bot changed title from Update dependency composer/composer to v2.2.3 to Update dependency composer/composer to v2 2022-01-04 23:03:46 +00:00
renovate-bot force-pushed renovate/composer-composer-2.x from 8fbcfbf133 to 47cdadf94a 2022-01-04 23:03:49 +00:00 Compare
mwalbeck closed this pull request 2022-01-04 23:17:33 +00:00
renovate-bot commented 2022-01-05 00:03:59 +00:00
Author
Collaborator
Copy Link

Renovate Ignore Notification

As this PR has been closed unmerged, Renovate will ignore this upgrade and you will not receive PRs for any future 2.x releases. However, if you upgrade to 2.x manually then Renovate will reenable minor and patch updates automatically.

If this PR was closed by mistake or you changed your mind, you can simply rename this PR and you will soon get a fresh replacement PR opened.

### Renovate Ignore Notification As this PR has been closed unmerged, Renovate will ignore this upgrade and you will not receive PRs for *any* future 2.x releases. However, if you upgrade to 2.x manually then Renovate will reenable minor and patch updates automatically. If this PR was closed by mistake or you changed your mind, you can simply rename this PR and you will soon get a fresh replacement PR opened.
All checks were successful
continuous-integration/drone/pr Build is passing
Details

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: mwalbeck/docker-composer#169
No description provided.
Delete Branch "renovate/composer-composer-2.x"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?