Release notes
*Sourced from [composer/composer's releases](https://github.com/composer/composer/releases).*
> ## 1.9.1
> * Fixed various credential handling issues with gitlab and github
> * Fixed credentials being present in git remotes in Composer cache and vendor directory when not using SSH keys
> * Fixed `composer why` not listing replacers as a reason something is present
> * Fixed various PHP 7.4 compatibility issues
> * Fixed root warnings always present in Docker containers, setting COMPOSER_ALLOW_SUPERUSER is not necessary anymore
> * Fixed GitHub access tokens leaking into debug-verbosity output
> * Fixed several edge case issues detecting GitHub, Bitbucket and GitLab repository types
> * Fixed Composer asking if you want to use a composer.json in a parent directory when ran in non-interactive mode
> * Fixed classmap autoloading issue finding classes located within a few non-PHP context blocks (?>...
Changelog
*Sourced from [composer/composer's changelog](https://github.com/composer/composer/blob/master/CHANGELOG.md).*
> ### [1.9.1] 2019-11-01
>
> * Fixed various credential handling issues with gitlab and github
> * Fixed credentials being present in git remotes in Composer cache and vendor directory when not using SSH keys
> * Fixed `composer why` not listing replacers as a reason something is present
> * Fixed various PHP 7.4 compatibility issues
> * Fixed root warnings always present in Docker containers, setting COMPOSER_ALLOW_SUPERUSER is not necessary anymore
> * Fixed GitHub access tokens leaking into debug-verbosity output
> * Fixed several edge case issues detecting GitHub, Bitbucket and GitLab repository types
> * Fixed Composer asking if you want to use a composer.json in a parent directory when ran in non-interactive mode
> * Fixed classmap autoloading issue finding classes located within a few non-PHP context blocks (?>...
Commits
- [`bb01f21`](https://github.com/composer/composer/commit/bb01f2180df87ce7992b8331a68904f80439dd2f) Release 1.9.1
- [`1c012b7`](https://github.com/composer/composer/commit/1c012b74a62c9c6f27cad291a1bc2eb000804b1e) Update dependencies
- [`1a797c1`](https://github.com/composer/composer/commit/1a797c16a0e641c91cfa201da72a59e0925da0c4) Prepare 1.9.1 changelog
- [`af86ca1`](https://github.com/composer/composer/commit/af86ca1fb3bde63ec351d78f431da5502318bc3f) Output a hint that maybe you are not in the right directory, fixes [#8404](https://github-redirect.dependabot.com/composer/composer/issues/8404)
- [`149250a`](https://github.com/composer/composer/commit/149250ab92feadd9fe045b54d6e42f33d185a595) Remove credentials from git remotes in cache and vendor dirs
- [`4e43f84`](https://github.com/composer/composer/commit/4e43f849c7a89dd9c83136a78da19673aba12ee4) Avoid overwriting credentials with existing ones from git repos, refs [#8293](https://github-redirect.dependabot.com/composer/composer/issues/8293)
- [`12184aa`](https://github.com/composer/composer/commit/12184aa9c51d5339c0b8c8a53c553794549f78d7) Fix github auth to try https with pwd also, fixes [#8356](https://github-redirect.dependabot.com/composer/composer/issues/8356)
- [`b925d06`](https://github.com/composer/composer/commit/b925d06861a045188f7fe1b2730d1e564e4ca6ac) Fix gitlab support for basic-auth fallback from ssh URLs
- [`ae9cc3d`](https://github.com/composer/composer/commit/ae9cc3db58f80ed2703ad6fd06ffa84405c745ef) Avoid clearing the error output during removeDirectory execution, losing git ...
- [`6a335a4`](https://github.com/composer/composer/commit/6a335a459cd0c244813ff98251c4da6e6eb8c089) Move test file parsing into try/catch block to avoid phpunit swallowing errors
- Additional commits viewable in [compare view](https://github.com/composer/composer/compare/1.9.0...1.9.1)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
If all status checks pass Dependabot will automatically merge this pull request.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in the `.dependabot/config.yml` file in this repo:
- Update frequency
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Bumps composer/composer from 1.9.0 to 1.9.1.
Release notes
*Sourced from [composer/composer's releases](https://github.com/composer/composer/releases).* > ## 1.9.1 > * Fixed various credential handling issues with gitlab and github > * Fixed credentials being present in git remotes in Composer cache and vendor directory when not using SSH keys > * Fixed `composer why` not listing replacers as a reason something is present > * Fixed various PHP 7.4 compatibility issues > * Fixed root warnings always present in Docker containers, setting COMPOSER_ALLOW_SUPERUSER is not necessary anymore > * Fixed GitHub access tokens leaking into debug-verbosity output > * Fixed several edge case issues detecting GitHub, Bitbucket and GitLab repository types > * Fixed Composer asking if you want to use a composer.json in a parent directory when ran in non-interactive mode > * Fixed classmap autoloading issue finding classes located within a few non-PHP context blocks (?>...Changelog
*Sourced from [composer/composer's changelog](https://github.com/composer/composer/blob/master/CHANGELOG.md).* > ### [1.9.1] 2019-11-01 > > * Fixed various credential handling issues with gitlab and github > * Fixed credentials being present in git remotes in Composer cache and vendor directory when not using SSH keys > * Fixed `composer why` not listing replacers as a reason something is present > * Fixed various PHP 7.4 compatibility issues > * Fixed root warnings always present in Docker containers, setting COMPOSER_ALLOW_SUPERUSER is not necessary anymore > * Fixed GitHub access tokens leaking into debug-verbosity output > * Fixed several edge case issues detecting GitHub, Bitbucket and GitLab repository types > * Fixed Composer asking if you want to use a composer.json in a parent directory when ran in non-interactive mode > * Fixed classmap autoloading issue finding classes located within a few non-PHP context blocks (?>...Commits
- [`bb01f21`](https://github.com/composer/composer/commit/bb01f2180df87ce7992b8331a68904f80439dd2f) Release 1.9.1 - [`1c012b7`](https://github.com/composer/composer/commit/1c012b74a62c9c6f27cad291a1bc2eb000804b1e) Update dependencies - [`1a797c1`](https://github.com/composer/composer/commit/1a797c16a0e641c91cfa201da72a59e0925da0c4) Prepare 1.9.1 changelog - [`af86ca1`](https://github.com/composer/composer/commit/af86ca1fb3bde63ec351d78f431da5502318bc3f) Output a hint that maybe you are not in the right directory, fixes [#8404](https://github-redirect.dependabot.com/composer/composer/issues/8404) - [`149250a`](https://github.com/composer/composer/commit/149250ab92feadd9fe045b54d6e42f33d185a595) Remove credentials from git remotes in cache and vendor dirs - [`4e43f84`](https://github.com/composer/composer/commit/4e43f849c7a89dd9c83136a78da19673aba12ee4) Avoid overwriting credentials with existing ones from git repos, refs [#8293](https://github-redirect.dependabot.com/composer/composer/issues/8293) - [`12184aa`](https://github.com/composer/composer/commit/12184aa9c51d5339c0b8c8a53c553794549f78d7) Fix github auth to try https with pwd also, fixes [#8356](https://github-redirect.dependabot.com/composer/composer/issues/8356) - [`b925d06`](https://github.com/composer/composer/commit/b925d06861a045188f7fe1b2730d1e564e4ca6ac) Fix gitlab support for basic-auth fallback from ssh URLs - [`ae9cc3d`](https://github.com/composer/composer/commit/ae9cc3db58f80ed2703ad6fd06ffa84405c745ef) Avoid clearing the error output during removeDirectory execution, losing git ... - [`6a335a4`](https://github.com/composer/composer/commit/6a335a459cd0c244813ff98251c4da6e6eb8c089) Move test file parsing into try/catch block to avoid phpunit swallowing errors - Additional commits viewable in [compare view](https://github.com/composer/composer/compare/1.9.0...1.9.1)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.If all status checks pass Dependabot will automatically merge this pull request.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in the `.dependabot/config.yml` file in this repo: - Update frequency - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)