Fixed regression preventing autoloading the dependencies of metapackages when running --no-dev (#11481)
2.5.6
BC Warning: Installers and InstallationManager::getInstallPath will now return null instead of an empty string for metapackages' paths. This may have adverse effects on plugin code using this expecting always a string but it is unlikely (#11455)
Fixed metapackages showing their install path as the root package's path instead of empty (#11455)
Fixed lock file verification on install to deal better with replace/provide (#11475)
Fixed lock file having a more recent modification time than the vendor dir when require guesses the constraint after resolution (#11405)
Fixed numeric default branches with a v prefix being treated as non-numeric ones and receiving an alias like e.g. dev-main would (e51d755a08)
Fixed binary proxies not being transparent when included by another PHP process and returning a value (#11454)
Fixed support for plugin classes being marked as readonly (#11404)
Fixed getmypid being required as it is not always available (#11401)
Fixed authentication issue when downloading several files from private Bitbucket in parallel (#11464)
2.5.5
Fixed basic auth failures resulting in infinite retry loop (#11320)
Fixed regression preventing autoloading the dependencies of metapackages when running --no-dev (#11481)
[2.5.6] 2023-05-24
BC Warning: Installers and InstallationManager::getInstallPath will now return null instead of an empty string for metapackages' paths. This may have adverse effects on plugin code using this expecting always a string but it is unlikely (#11455)
Fixed metapackages showing their install path as the root package's path instead of empty (#11455)
Fixed lock file verification on install to deal better with replace/provide (#11475)
Fixed lock file having a more recent modification time than the vendor dir when require guesses the constraint after resolution (#11405)
Fixed numeric default branches with a v prefix being treated as non-numeric ones and receiving an alias like e.g. dev-main would (e51d755a08)
Fixed binary proxies not being transparent when included by another PHP process and returning a value (#11454)
Fixed support for plugin classes being marked as readonly (#11404)
Fixed getmypid being required as it is not always available (#11401)
Fixed authentication issue when downloading several files from private Bitbucket in parallel (#11464)
[2.5.5] 2023-03-21
Fixed basic auth failures resulting in infinite retry loop (#11320)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
1 year ago
Bumps composer/composer from 2.5.4 to 2.5.7.
Release notes
Sourced from composer/composer's releases.
Changelog
Sourced from composer/composer's changelog.
Commits
d477018Release 2.5.7b982883Update changelog33c293aFix autoload regression with metapackage dependencies (#11481)4893b67Reverting release version changesf7c05dbRelease 2.5.63ab8310Update changelog2365438Fix lock file verification to take into account root provider/replacers and o...9d965b9Fix authentication issues with private bitbucket repos (#11464)9885d23Ensure stripos() receives a stringe51d755Fix numeric default-branches with v prefix (e.g. v2.x-dev) being treated as n...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)