Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump composer/composer from 2.2.1 to 2.2.5 #67

Closed
wants to merge 1 commit into from
Closed

Bump composer/composer from 2.2.1 to 2.2.5 #67

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 1, 2022

Bumps composer/composer from 2.2.1 to 2.2.5.

Release notes

Sourced from composer/composer's releases.

2.2.5

  • Disabled composer/package-versions-deprecated by default as it can function using Composer\InstalledVersions at runtime (#10458)
  • Fixed artifact repositories crashing if a phar file was present in the directory (#10406)
  • Fixed binary proxy issue on PHP <8 when fseek is used on the proxied binary path (#10468)
  • Fixed handling of non-string versions in package repositories metadata (#10470)

2.2.4

  • Fixed handling of process timeout when running async processes during installation
  • Fixed GitLab API handling when projects have a repository disabled (#10440)
  • Fixed reading of environment variables (e.g. APPDATA) containing unicode characters to workaround a PHP bug on Windows (#10434)
  • Fixed partial update issues with path repos missing if a path repo is required by a path repo (#10431)
  • Fixed support for sourcing binaries via the new bin proxies (#10389)
  • Fixed messaging when GitHub tokens need SSO authorization (#10432)

2.2.3

  • Fixed issue with PHPUnit and process isolation now including PHPUnit <6.5 (#10387)
  • Fixed interoperability issue with laminas/laminas-zendframework-bridge and Composer 2.2 (#10401)
  • Fixed binary proxies for shell scripts to work correctly when they are symlinked (Fix builds jakzal/phpqa#336)
  • Fixed overly greedy pool optimization in cases where a locked package is not required by anything anymore in a partial update (#10405)

2.2.2

  • Added COMPOSER_BIN_DIR env var and _composer_bin_dir global containing the path to the bin-dir for binaries. Packages relying on finding the bin dir with $BASH_SOURCES[0] will need to update their binaries (#10402)
  • Fixed issue when new binary proxies are combined with PHPUnit and process isolation (#10387)
  • Fixed deprecation warnings when using Symfony 5.4+ and requiring composer/composer itself (#10404)
  • Fixed UX of plugin warnings (#10381)
Changelog

Sourced from composer/composer's changelog.

[2.2.5] 2022-01-21

  • Disabled composer/package-versions-deprecated by default as it can function using Composer\InstalledVersions at runtime (#10458)
  • Fixed artifact repositories crashing if a phar file was present in the directory (#10406)
  • Fixed binary proxy issue on PHP <8 when fseek is used on the proxied binary path (#10468)
  • Fixed handling of non-string versions in package repositories metadata (#10470)

[2.2.4] 2022-01-08

  • Fixed handling of process timeout when running async processes during installation
  • Fixed GitLab API handling when projects have a repository disabled (#10440)
  • Fixed reading of environment variables (e.g. APPDATA) containing unicode characters to workaround a PHP bug on Windows (#10434)
  • Fixed partial update issues with path repos missing if a path repo is required by a path repo (#10431)
  • Fixed support for sourcing binaries via the new bin proxies (#10389)
  • Fixed messaging when GitHub tokens need SSO authorization (#10432)

[2.2.3] 2021-12-31

  • Fixed issue with PHPUnit and process isolation now including PHPUnit <6.5 (#10387)
  • Fixed interoperability issue with laminas/laminas-zendframework-bridge and Composer 2.2 (#10401)
  • Fixed binary proxies for shell scripts to work correctly when they are symlinked (Fix builds jakzal/phpqa#336)
  • Fixed overly greedy pool optimization in cases where a locked package is not required by anything anymore in a partial update (#10405)

[2.2.2] 2021-12-29

  • Added COMPOSER_BIN_DIR env var and _composer_bin_dir global containing the path to the bin-dir for binaries. Packages relying on finding the bin dir with $BASH_SOURCES[0] will need to update their binaries (#10402)
  • Fixed issue when new binary proxies are combined with PHPUnit and process isolation (#10387)
  • Fixed deprecation warnings when using Symfony 5.4+ and requiring composer/composer itself (#10404)
  • Fixed UX of plugin warnings (#10381)
Commits
  • 22c41ef Release 2.2.5
  • ac5ae4e Update changelog
  • 8c0b4ff Also retry for HTTP2 stream errors, fixes #10462
  • 3b4afaa ArrayLoader/ValidatingArrayLoader: handle non-string values for version/versi...
  • 6b8f140 report error if binary is a directory (#10463)
  • af60130 Ignore phar files in artifact repo, fixes #10406
  • 0228e5b Clean up properly if self-update fails (#10475)
  • e3d99ca Fix phpstan issues, update baseline and pin PHPStan version in 2.2 branch (#1...
  • e103ee0 Remove getenv workaround on fixed PHP versions
  • db64534 Fixed bin proxies on PHP < 8 to support stream_seek (#10468)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump composer/composer from 2.2.1 to 2.2.5
1a54738 
Bumps [composer/composer](https://github.com/composer/composer) from 2.2.1 to 2.2.5.
- [Release notes](https://github.com/composer/composer/releases)
- [Changelog](https://github.com/composer/composer/blob/main/CHANGELOG.md)
- [Commits](composer/composer@2.2.1...2.2.5)

---
updated-dependencies:
- dependency-name: composer/composer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from WyriHaximus as a code owner February 1, 2022 23:03
@dependabot dependabot bot added Dependencies 📦 Pull requests that update a dependency file PHP 🐘 Hypertext Pre Processor labels Feb 1, 2022
@github-actions
Copy link

github-actions bot commented Feb 1, 2022

🏰 Composer Production Dependency changes 🏰

Prod Packages Operation Base Target Link
composer/composer Upgraded 2.2.1 2.2.5 Compare
composer/pcre Upgraded 1.0.0 1.0.1 Compare
composer/semver Upgraded 3.2.6 3.2.7 Compare
composer/xdebug-handler Upgraded 2.0.3 2.0.4 Compare
symfony/filesystem Upgraded v5.4.0 v5.4.3 Compare
symfony/finder Upgraded v5.4.0 v5.4.3 Compare
symfony/process Upgraded v5.4.0 v5.4.3 Compare

@WyriHaximus WyriHaximus added this to the v1.1.0 milestone Feb 1, 2022
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 7, 2022

Superseded by #68.

@dependabot dependabot bot closed this Feb 7, 2022
@dependabot dependabot bot deleted the dependabot/composer/composer/composer-2.2.5 branch February 7, 2022 15:13
github-actions bot pushed a commit that referenced this pull request Apr 8, 2022
@WyriHaximus
v1.1.0
5ea2804 
======

- Total issues resolved: **1**
- Total pull requests resolved: **38**
- Total contributors: **3**

Dependencies 📦
--------------

 - [80: Bump composer/composer from 2.3.2 to 2.3.3](#80) thanks to @dependabot[bot]
 - [79: Bump symfony/console from 5.4.5 to 5.4.7](#79) thanks to @dependabot[bot]
 - [78: Bump composer/composer from 2.2.9 to 2.3.2](#78) thanks to @dependabot[bot]
 - [77: Always use the latest Alpine version](#77) thanks to @WyriHaximus
 - [76: Bump guzzlehttp/psr7 from 2.1.0 to 2.2.1](#76) thanks to @dependabot[bot]
 - [75: Bump guzzlehttp/guzzle from 7.4.1 to 7.4.2](#75) thanks to @dependabot[bot]
 - [74: Post process diffs](#74) thanks to @WyriHaximus and @tannyl
 - [73: Bump composer/composer from 2.2.8 to 2.2.9](#73) thanks to @dependabot[bot]
 - [72: Bump composer/composer from 2.2.7 to 2.2.8](#72) thanks to @dependabot[bot]
 - [70: Bump symfony/console from 5.4.3 to 5.4.5](#70) thanks to @dependabot[bot]
 - [69: Bump composer/composer from 2.2.6 to 2.2.7](#69) thanks to @dependabot[bot]
 - [68: Bump composer/composer from 2.2.1 to 2.2.6](#68) thanks to @dependabot[bot]
 - [67: Bump composer/composer from 2.2.1 to 2.2.5](#67) thanks to @dependabot[bot]
 - [66: Bump ion-bazan/composer-diff from 1.5.0 to 1.6.0](#66) thanks to @dependabot[bot]
 - [65: Bump symfony/console from 5.4.1 to 5.4.3](#65) thanks to @dependabot[bot]
 - [64: Bump symfony/console from 5.4.1 to 5.4.2](#64) thanks to @dependabot[bot]
 - [63: Bump composer/composer from 2.2.0 to 2.2.1](#63) thanks to @dependabot[bot]
 - [62: Bump composer/composer from 2.1.14 to 2.2.0](#62) thanks to @dependabot[bot]
 - [61: Bump symfony/console from 5.4.0 to 5.4.1](#61) thanks to @dependabot[bot]
 - [60: Bump guzzlehttp/guzzle from 7.4.0 to 7.4.1](#60) thanks to @dependabot[bot]
 - [59: Bump ion-bazan/composer-diff from 1.4.0 to 1.5.0](#59) thanks to @dependabot[bot]
 - [58: Bump composer/composer from 2.1.12 to 2.1.14](#58) thanks to @dependabot[bot]
 - [57: Bump symfony/console from 5.3.11 to 5.4.0](#57) thanks to @dependabot[bot]
 - [56: Bump symfony/console from 5.3.10 to 5.3.11](#56) thanks to @dependabot[bot]
 - [55: Bump composer/composer from 2.1.11 to 2.1.12](#55) thanks to @dependabot[bot]
 - [54: Bump ion-bazan/composer-diff from 1.3.1 to 1.4.0](#54) thanks to @dependabot[bot]
 - [53: Bump composer/composer from 2.1.10 to 2.1.11](#53) thanks to @dependabot[bot]
 - [52: Bump composer/composer from 2.1.9 to 2.1.10](#52) thanks to @dependabot[bot]
 - [51: Bump symfony/console from 5.3.7 to 5.3.10](#51) thanks to @dependabot[bot]
 - [50: Bump guzzlehttp/guzzle from 7.3.0 to 7.4.0](#50) thanks to @dependabot[bot]
 - [49: Bump composer/composer from 2.1.8 to 2.1.9](#49) thanks to @dependabot[bot]
 - [48: Bump composer/composer from 2.1.7 to 2.1.8](#48) thanks to @dependabot[bot]
 - [47: Bump composer/composer from 2.1.6 to 2.1.7](#47) thanks to @dependabot[bot]
 - [46: Bump symfony/console from 5.3.6 to 5.3.7](#46) thanks to @dependabot[bot]
 - [45: Bump composer/composer from 2.0.14 to 2.1.6](#45) thanks to @dependabot[bot]
 - [41: Bump ion-bazan/composer-diff from 1.1.1 to 1.3.1](#41) thanks to @dependabot[bot]
 - [39: Bump symfony/console from 5.2.8 to 5.3.2](#39) thanks to @dependabot[bot]
 - [37: Bump composer/composer from 2.0.13 to 2.0.14](#37) thanks to @dependabot[bot]
github-actions bot pushed a commit that referenced this pull request Apr 8, 2022
@WyriHaximus
v1.1.0
4059c18 
======

- Total issues resolved: **1**
- Total pull requests resolved: **38**
- Total contributors: **3**

Dependencies 📦
--------------

 - [80: Bump composer/composer from 2.3.2 to 2.3.3](#80) thanks to @dependabot[bot]
 - [79: Bump symfony/console from 5.4.5 to 5.4.7](#79) thanks to @dependabot[bot]
 - [78: Bump composer/composer from 2.2.9 to 2.3.2](#78) thanks to @dependabot[bot]
 - [77: Always use the latest Alpine version](#77) thanks to @WyriHaximus
 - [76: Bump guzzlehttp/psr7 from 2.1.0 to 2.2.1](#76) thanks to @dependabot[bot]
 - [75: Bump guzzlehttp/guzzle from 7.4.1 to 7.4.2](#75) thanks to @dependabot[bot]
 - [74: Post process diffs](#74) thanks to @WyriHaximus and @tannyl
 - [73: Bump composer/composer from 2.2.8 to 2.2.9](#73) thanks to @dependabot[bot]
 - [72: Bump composer/composer from 2.2.7 to 2.2.8](#72) thanks to @dependabot[bot]
 - [70: Bump symfony/console from 5.4.3 to 5.4.5](#70) thanks to @dependabot[bot]
 - [69: Bump composer/composer from 2.2.6 to 2.2.7](#69) thanks to @dependabot[bot]
 - [68: Bump composer/composer from 2.2.1 to 2.2.6](#68) thanks to @dependabot[bot]
 - [67: Bump composer/composer from 2.2.1 to 2.2.5](#67) thanks to @dependabot[bot]
 - [66: Bump ion-bazan/composer-diff from 1.5.0 to 1.6.0](#66) thanks to @dependabot[bot]
 - [65: Bump symfony/console from 5.4.1 to 5.4.3](#65) thanks to @dependabot[bot]
 - [64: Bump symfony/console from 5.4.1 to 5.4.2](#64) thanks to @dependabot[bot]
 - [63: Bump composer/composer from 2.2.0 to 2.2.1](#63) thanks to @dependabot[bot]
 - [62: Bump composer/composer from 2.1.14 to 2.2.0](#62) thanks to @dependabot[bot]
 - [61: Bump symfony/console from 5.4.0 to 5.4.1](#61) thanks to @dependabot[bot]
 - [60: Bump guzzlehttp/guzzle from 7.4.0 to 7.4.1](#60) thanks to @dependabot[bot]
 - [59: Bump ion-bazan/composer-diff from 1.4.0 to 1.5.0](#59) thanks to @dependabot[bot]
 - [58: Bump composer/composer from 2.1.12 to 2.1.14](#58) thanks to @dependabot[bot]
 - [57: Bump symfony/console from 5.3.11 to 5.4.0](#57) thanks to @dependabot[bot]
 - [56: Bump symfony/console from 5.3.10 to 5.3.11](#56) thanks to @dependabot[bot]
 - [55: Bump composer/composer from 2.1.11 to 2.1.12](#55) thanks to @dependabot[bot]
 - [54: Bump ion-bazan/composer-diff from 1.3.1 to 1.4.0](#54) thanks to @dependabot[bot]
 - [53: Bump composer/composer from 2.1.10 to 2.1.11](#53) thanks to @dependabot[bot]
 - [52: Bump composer/composer from 2.1.9 to 2.1.10](#52) thanks to @dependabot[bot]
 - [51: Bump symfony/console from 5.3.7 to 5.3.10](#51) thanks to @dependabot[bot]
 - [50: Bump guzzlehttp/guzzle from 7.3.0 to 7.4.0](#50) thanks to @dependabot[bot]
 - [49: Bump composer/composer from 2.1.8 to 2.1.9](#49) thanks to @dependabot[bot]
 - [48: Bump composer/composer from 2.1.7 to 2.1.8](#48) thanks to @dependabot[bot]
 - [47: Bump composer/composer from 2.1.6 to 2.1.7](#47) thanks to @dependabot[bot]
 - [46: Bump symfony/console from 5.3.6 to 5.3.7](#46) thanks to @dependabot[bot]
 - [45: Bump composer/composer from 2.0.14 to 2.1.6](#45) thanks to @dependabot[bot]
 - [41: Bump ion-bazan/composer-diff from 1.1.1 to 1.3.1](#41) thanks to @dependabot[bot]
 - [39: Bump symfony/console from 5.2.8 to 5.3.2](#39) thanks to @dependabot[bot]
 - [37: Bump composer/composer from 2.0.13 to 2.0.14](#37) thanks to @dependabot[bot]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@WyriHaximus WyriHaximus Awaiting requested review from WyriHaximus WyriHaximus is a code owner

Assignees
No one assigned
Labels
Dependencies 📦 Pull requests that update a dependency file PHP 🐘 Hypertext Pre Processor
Projects
None yet
Milestone
v1.1.0
Development

Successfully merging this pull request may close these issues.
1 participant
@WyriHaximus