search

typisttech / imposter-plugin

Composer plugin that wraps all composer vendor packages inside your own namespace. Intended for WordPress plugins.
https://www.typist.tech/projects/imposter-plugin
MIT License
150 stars 11 forks source link

Bump composer/composer from 2.0.13 to 2.2.5 #485

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps composer/composer from 2.0.13 to 2.2.5.

Release notes

Sourced from composer/composer's releases.

2.2.5

  • Disabled composer/package-versions-deprecated by default as it can function using Composer\InstalledVersions at runtime (#10458)
  • Fixed artifact repositories crashing if a phar file was present in the directory (#10406)
  • Fixed binary proxy issue on PHP <8 when fseek is used on the proxied binary path (#10468)
  • Fixed handling of non-string versions in package repositories metadata (#10470)

2.2.4

  • Fixed handling of process timeout when running async processes during installation
  • Fixed GitLab API handling when projects have a repository disabled (#10440)
  • Fixed reading of environment variables (e.g. APPDATA) containing unicode characters to workaround a PHP bug on Windows (#10434)
  • Fixed partial update issues with path repos missing if a path repo is required by a path repo (#10431)
  • Fixed support for sourcing binaries via the new bin proxies (#10389)
  • Fixed messaging when GitHub tokens need SSO authorization (#10432)

2.2.3

  • Fixed issue with PHPUnit and process isolation now including PHPUnit <6.5 (#10387)
  • Fixed interoperability issue with laminas/laminas-zendframework-bridge and Composer 2.2 (#10401)
  • Fixed binary proxies for shell scripts to work correctly when they are symlinked (jakzal/phpqa#336)
  • Fixed overly greedy pool optimization in cases where a locked package is not required by anything anymore in a partial update (#10405)

2.2.2

  • Added COMPOSER_BIN_DIR env var and _composer_bin_dir global containing the path to the bin-dir for binaries. Packages relying on finding the bin dir with $BASH_SOURCES[0] will need to update their binaries (#10402)
  • Fixed issue when new binary proxies are combined with PHPUnit and process isolation (#10387)
  • Fixed deprecation warnings when using Symfony 5.4+ and requiring composer/composer itself (#10404)
  • Fixed UX of plugin warnings (#10381)

2.2.1

  • Fixed plugin autoloading including files autoload rules from the root package (#10382)
  • Fixed issue parsing php files with unterminated comments found inside backticks (#10385)

2.2.0

Read the Composer 2.2 Release Announcement for more details on the release highlights.

Complete Changelog

  • Bumped composer-runtime-api and composer-plugin-api to 2.2.0
  • UX Change: Added allow-plugins config value to enhance security against runtime execution, this will prompt you the first time you use a plugin and may hang pipelines if they aren't using --no-interaction (-n) as they should (#10314)
  • Added an optimization pass to reduce the amount of redundant inspected during resolution, drastically improving memory and CPU usage (#9261, #9620)
  • Added a global $_composer_autoload_path variable containing the path to autoload.php for binaries (#10137)
  • Added wildcard support to --ignore-platform-req (e.g. ext-*) (#10083)
  • Added support for ignoring the upper bound of platform requirements using "name+" notation e.g. using --ignore-platform-req=php+ would allow installing a package requiring php: 8.0.* on PHP 8.1, but not on PHP 7.4. Useful for CI builds of upcoming PHP versions (#10318)
  • Added support for setting platform packages to false in config.platform to disable/hide them (#10308)
  • Added use-parent-dir option to configure the prompt for using composer.json in upper directory when none is present in current dir (#10307)
  • Added composer platform package which is always the exact version of Composer running unlike composer-*-api packages (#10313)
  • Added a --source flag to config command to show where config values are loaded from (#10129)
  • Added support for files autoloaders in the runtime scripts/plugins contexts (#10065)
  • Added retry behavior on certain http status and curl error codes (#10162)
  • Added abandoned flag display in search command output
  • Added support for --ignore-platform-reqs in outdated command (#10293)
  • Added --only-vendor (-O) flag to search command to search (and return) vendor names (#10336)

... (truncated)

Changelog

Sourced from composer/composer's changelog.

[2.2.5] 2022-01-21

  • Disabled composer/package-versions-deprecated by default as it can function using Composer\InstalledVersions at runtime (#10458)
  • Fixed artifact repositories crashing if a phar file was present in the directory (#10406)
  • Fixed binary proxy issue on PHP <8 when fseek is used on the proxied binary path (#10468)
  • Fixed handling of non-string versions in package repositories metadata (#10470)

[2.2.4] 2022-01-08

  • Fixed handling of process timeout when running async processes during installation
  • Fixed GitLab API handling when projects have a repository disabled (#10440)
  • Fixed reading of environment variables (e.g. APPDATA) containing unicode characters to workaround a PHP bug on Windows (#10434)
  • Fixed partial update issues with path repos missing if a path repo is required by a path repo (#10431)
  • Fixed support for sourcing binaries via the new bin proxies (#10389)
  • Fixed messaging when GitHub tokens need SSO authorization (#10432)

[2.2.3] 2021-12-31

  • Fixed issue with PHPUnit and process isolation now including PHPUnit <6.5 (#10387)
  • Fixed interoperability issue with laminas/laminas-zendframework-bridge and Composer 2.2 (#10401)
  • Fixed binary proxies for shell scripts to work correctly when they are symlinked (jakzal/phpqa#336)
  • Fixed overly greedy pool optimization in cases where a locked package is not required by anything anymore in a partial update (#10405)

[2.2.2] 2021-12-29

  • Added COMPOSER_BIN_DIR env var and _composer_bin_dir global containing the path to the bin-dir for binaries. Packages relying on finding the bin dir with $BASH_SOURCES[0] will need to update their binaries (#10402)
  • Fixed issue when new binary proxies are combined with PHPUnit and process isolation (#10387)
  • Fixed deprecation warnings when using Symfony 5.4+ and requiring composer/composer itself (#10404)
  • Fixed UX of plugin warnings (#10381)

[2.2.1] 2021-12-22

  • Fixed plugin autoloading including files autoload rules from the root package (#10382)
  • Fixed issue parsing php files with unterminated comments found inside backticks (#10385)

[2.2.0] 2021-12-22

  • Added support for using dev-main as the default path repo package version if no VCS info is available (#10372)
  • Added --no-scripts as a globally supported flag to all Composer commands to disable scripts execution (#10371)
  • Fixed self-update failing in some edge cases due to loading plugins (#10371)
  • Fixed display of conflicts showing the wrong package name in some conditions (#10355)

[2.2.0-RC1] 2021-12-08

  • Bumped composer-runtime-api and composer-plugin-api to 2.2.0
  • UX Change: Added allow-plugins config value to enhance security against runtime execution, this will prompt you the first time you use a plugin and may hang pipelines if they aren't using --no-interaction (-n) as they should (#10314)
  • Added an optimization pass to reduce the amount of redundant inspected during resolution, drastically improving memory and CPU usage (#9261, #9620)
  • Added a global $_composer_autoload_path variable containing the path to autoload.php for binaries (#10137)
  • Added wildcard support to --ignore-platform-req (e.g. ext-*) (#10083)
  • Added support for ignoring the upper bound of platform requirements using "name+" notation e.g. using --ignore-platform-req=php+ would allow installing a package requiring php: 8.0.* on PHP 8.1, but not on PHP 7.4. Useful for CI builds of upcoming PHP versions (#10318)

... (truncated)

Commits
  • 22c41ef Release 2.2.5
  • ac5ae4e Update changelog
  • 8c0b4ff Also retry for HTTP2 stream errors, fixes #10462
  • 3b4afaa ArrayLoader/ValidatingArrayLoader: handle non-string values for version/versi...
  • 6b8f140 report error if binary is a directory (#10463)
  • af60130 Ignore phar files in artifact repo, fixes #10406
  • 0228e5b Clean up properly if self-update fails (#10475)
  • e3d99ca Fix phpstan issues, update baseline and pin PHPStan version in 2.2 branch (#1...
  • e103ee0 Remove getenv workaround on fixed PHP versions
  • db64534 Fixed bin proxies on PHP < 8 to support stream_seek (#10468)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 2 years ago

Superseded by #487.