Bump composer/composer from 1.4.2 to 1.6.5

[dependabot-preview]

Bumps composer/composer from 1.4.2 to 1.6.5.

Release notes

Sourced from composer/composer's releases.

1.6.5

• Fixed regression in 1.6.4 causing strange update behaviors with dev packages
• Fixed regression in 1.6.4 color support detection for Windows
• Fixed issues dealing with broken symlinks when switching branches and using path repositories
• Fixed JSON schema for package repositories
• Fixed issues on computers set to Turkish locale
• Fixed classmap parsing of files using short-open-tags when they are disabled in php

1.6.4

• Security fixes in some edge case scenarios, recommended update for all users
• Fixed regression in version guessing of path repositories
• Fixed removing aliased packages from the repository, which might resolve some odd update bugs
• Fixed updating of package URLs for GitLab
• Fixed run-script --list failing when script handlers were defined
• Fixed init command not respecting the current php version when selecting package versions
• Fixed handling of uppercase package names in why/why-not commands
• Fixed exclude-from-classmap symlink handling
• Fixed filesystem permissions of PEAR binaries
• Improved performance of subversion repos
• Other minor fixes

1.6.3

• Fixed GitLab downloads failing in some edge cases
• Fixed ctrl-C handling during create-project
• Fixed GitHub VCS repositories not prompting for a token in some conditions
• Fixed SPDX license identifiers being case sensitive
• Fixed and clarified a few dependency resolution error reporting strings
• Fixed SVN commit log fetching in verbose mode when using private repositories

1.6.2

• Fixed more autoloader regressions
• Fixed support for updating dist refs in gitlab URLs

1.6.1

• Fixed upgrade regression due to some autoloader cleanups
• Fixed some overly loose version constraints

1.6.0

• Improved performance of installs and updates from git clones when checking out known commits
• Added check-platform-reqs command that checks that your PHP and extensions versions match the platform requirements of the installed packages
• Added support for SPDX license identifiers v3.0, deprecates GPL/LGPL/AGPL identifiers, which should now have a -only or -or-later suffix added.
• Added --with-all-dependencies to the update and require commands which updates all dependencies of the listed packages, including those that are direct root requirements
• Added scripts-descriptions key to composer.json to customize the description and document your custom commands
• Added support for the uppercase NO_PROXY env var
• Added support for COMPOSER_DEFAULT_{AUTHOR,LICENSE,EMAIL,VENDOR} env vars to pre-populate init command values
• Added support for COMPOSER_MEMORY_LIMIT env var to make Composer set the PHP memory limit explicitly
• Added support for simple strings for the bin
• Added support for local fossil repositories
• Added suggestions for alternative spellings when entering packages in init and require commands and nothing can be found
• Fixed installed.json data to be sorted alphabetically by package name

... (truncated)

Changelog

Sourced from composer/composer's changelog.

[1.6.5] 2018-05-04

• Fixed regression in 1.6.4 causing strange update behaviors with dev packages
• Fixed regression in 1.6.4 color support detection for Windows
• Fixed issues dealing with broken symlinks when switching branches and using path repositories
• Fixed JSON schema for package repositories
• Fixed issues on computers set to Turkish locale
• Fixed classmap parsing of files using short-open-tags when they are disabled in php

[1.6.4] 2018-04-13

• Security fixes in some edge case scenarios, recommended update for all users
• Fixed regression in version guessing of path repositories
• Fixed removing aliased packages from the repository, which might resolve some odd update bugs
• Fixed updating of package URLs for GitLab
• Fixed run-script --list failing when script handlers were defined
• Fixed init command not respecting the current php version when selecting package versions
• Fixed handling of uppercase package names in why/why-not commands
• Fixed exclude-from-classmap symlink handling
• Fixed filesystem permissions of PEAR binaries
• Improved performance of subversion repos
• Other minor fixes

[1.6.3] 2018-01-31

• Fixed GitLab downloads failing in some edge cases
• Fixed ctrl-C handling during create-project
• Fixed GitHub VCS repositories not prompting for a token in some conditions
• Fixed SPDX license identifiers being case sensitive
• Fixed and clarified a few dependency resolution error reporting strings
• Fixed SVN commit log fetching in verbose mode when using private repositories

[1.6.2] 2018-01-05

• Fixed more autoloader regressions
• Fixed support for updating dist refs in gitlab URLs

[1.6.1] 2018-01-04

• Fixed upgrade regression due to some autoloader cleanups
• Fixed some overly loose version constraints

[1.6.0] 2018-01-04

• Added support for SPDX license identifiers v3.0, deprecates GPL/LGPL/AGPL identifiers, which should now have a -only or -or-later suffix added.
• Added support for COMPOSER_MEMORY_LIMIT env var to make Composer set the PHP memory limit explicitly
• Added support for simple strings for the bin
• Fixed check-platform-reqs bug in version checking

[1.6.0-RC] 2017-12-19

... (truncated)

Commits

• b184a92 Release 1.6.5
• b540ce2 Update changelog
• e697293 Handle broken symlinks more cleanly, fixes #7255
• 78ae0a9 Terminate quoted strings
• 3b9d676 Fix class names in comments being parsed in short_open_tags files, fixes #7289
• a3ed848 Merge pull request #7303 from nicolas-grekas/c-locale
• 43e33be Fix regression in 036fc44c25e051479f06435800d76c4301d9b1fa, fixes #7268
• 69d25c0 Merge pull request #7286 from stof/patch-1
• 6586857 Force "C" locale to prevent issue with turkish "I"
• 61f54e1 Fix the JSON schema for package repositories
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

If all status checks pass Dependabot will automatically merge this pull request.

---

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

[dependabot-preview]

Superseded by #4.