Skip to content

Bump composer/composer from 1.4.2 to 1.7.0 #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump composer/composer from 1.4.2 to 1.7.0 #8

wants to merge 1 commit into from

Conversation

dependabot-preview[bot]
Copy link
Contributor

Bumps composer/composer from 1.4.2 to 1.7.0.

Release notes

Sourced from composer/composer's releases.

1.7.0

  • Changed default repository URL from packagist.org to repo.packagist.org, this might affect people with strict firewall rules
  • Changed output from Updating to Downgrading when performing package downgrades, this might affect anything parsing output
  • Several minor performance improvements
  • Added the overridden platform config's PHP version in the diagnose command output
  • Added basic authentication support for mercurial repos
  • Added explicit i and u aliases for the install and update commands
  • Added support for show command to output json format with --tree
  • Added support for {glob,braces} support in the path repository's path argument
  • Added support in status command for showing diffs in vendor dir even for packages installed as dist/zip archives
  • Added --remove-vcs flag to create-project command to avoid prompting for keeping VCS files
  • Added --no-secure-http flag to create-project command to bypass https (use at your own risk)
  • Added pre-command-run event that lets plugins modify arguments
  • Added RemoteFilesystem::getRemoteContents extension point
  • Fixed setting scripts via config command
  • Fixed --no-plugins not being respected in a few commands

1.7.0-RC

Run composer self-update --preview to try this out!

  • Changed default repository URL from packagist.org to repo.packagist.org, this might affect people with strict firewall rules
  • Changed output from Updating to Downgrading when performing package downgrades, this might affect anything parsing output
  • Several minor performance improvements
  • Added basic authentication support for mercurial repos
  • Added explicit i and u aliases for the install and update commands
  • Added support for show command to output json format with --tree
  • Added support for {glob,braces} support in the path repository's path argument
  • Added support in status command for showing diffs in vendor dir even for packages installed as dist/zip archives
  • Added --remove-vcs flag to create-project command to avoid prompting for keeping VCS files
  • Added --no-secure-http flag to create-project command to bypass https (use at your own risk)
  • Added pre-command-run event that lets plugins modify arguments
  • Added RemoteFilesystem::getRemoteContents extension point
  • Fixed setting scripts via config command

1.6.5

  • Fixed regression in 1.6.4 causing strange update behaviors with dev packages
  • Fixed regression in 1.6.4 color support detection for Windows
  • Fixed issues dealing with broken symlinks when switching branches and using path repositories
  • Fixed JSON schema for package repositories
  • Fixed issues on computers set to Turkish locale
  • Fixed classmap parsing of files using short-open-tags when they are disabled in php

1.6.4

  • Security fixes in some edge case scenarios, recommended update for all users
  • Fixed regression in version guessing of path repositories
  • Fixed removing aliased packages from the repository, which might resolve some odd update bugs
  • Fixed updating of package URLs for GitLab
  • Fixed run-script --list failing when script handlers were defined
  • Fixed init command not respecting the current php version when selecting package versions
  • Fixed handling of uppercase package names in why/why-not commands
... (truncated)
Changelog

Sourced from composer/composer's changelog.

[1.7.0] 2018-08-03

  • Added the overridden platform config's PHP version in the diagnose command output
  • Fixed --no-plugins not being respected in a few commands
  • Fixed 1.7.0-RC regression in output showing instead of proper colors
  • Fixed 1.7.0-RC regression in output missing "Loading from cache" output on package install

[1.7.0-RC] 2018-07-24

  • Changed default repository URL from packagist.org to repo.packagist.org, this might affect people with strict firewall rules
  • Changed output from Updating to Downgrading when performing package downgrades, this might affect anything parsing output
  • Several minor performance improvements
  • Added basic authentication support for mercurial repos
  • Added explicit i and u aliases for the install and update commands
  • Added support for show command to output json format with --tree
  • Added support for {glob,braces} support in the path repository's path argument
  • Added support in status command for showing diffs in vendor dir even for packages installed as dist/zip archives
  • Added --remove-vcs flag to create-project command to avoid prompting for keeping VCS files
  • Added --no-secure-http flag to create-project command to bypass https (use at your own risk)
  • Added pre-command-run event that lets plugins modify arguments
  • Added RemoteFilesystem::getRemoteContents extension point
  • Fixed setting scripts via config command

[1.6.5] 2018-05-04

  • Fixed regression in 1.6.4 causing strange update behaviors with dev packages
  • Fixed regression in 1.6.4 color support detection for Windows
  • Fixed issues dealing with broken symlinks when switching branches and using path repositories
  • Fixed JSON schema for package repositories
  • Fixed issues on computers set to Turkish locale
  • Fixed classmap parsing of files using short-open-tags when they are disabled in php

[1.6.4] 2018-04-13

  • Security fixes in some edge case scenarios, recommended update for all users
  • Fixed regression in version guessing of path repositories
  • Fixed removing aliased packages from the repository, which might resolve some odd update bugs
  • Fixed updating of package URLs for GitLab
  • Fixed run-script --list failing when script handlers were defined
  • Fixed init command not respecting the current php version when selecting package versions
  • Fixed handling of uppercase package names in why/why-not commands
  • Fixed exclude-from-classmap symlink handling
  • Fixed filesystem permissions of PEAR binaries
  • Improved performance of subversion repos
  • Other minor fixes

[1.6.3] 2018-01-31

  • Fixed GitLab downloads failing in some edge cases
  • Fixed ctrl-C handling during create-project
... (truncated)
Commits
  • 39edb2f Release 1.7.0
  • a1179aa Update changelog
  • 0fdf746 Fix --no-plugins not working in certain edge cases
  • 73f14c0 Fix output when loading zips from cache, fixes #7498
  • a53b3c6 Merge pull request #7501 from kassner/patch-1
  • 42739e7 Do not dump source and dist for metapackages
  • de6432f Show overridden php version in diagnose command, fixes #7497
  • 35389f1 Merge pull request #7495 from nicolas-grekas/resp-exc
  • a3bbcf9 Make RemoteFilesystem::getRemoteContents() report response headers also on ex...
  • 9bc578e Fix warning tag name, fixes #7494
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

If all status checks pass Dependabot will automatically merge this pull request.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

@dependabot-support
Bump composer/composer from 1.4.2 to 1.7.0
541156b 
Bumps [composer/composer](https://github.com/composer/composer) from 1.4.2 to 1.7.0.
- [Release notes](https://github.com/composer/composer/releases)
- [Changelog](https://github.com/composer/composer/blob/master/CHANGELOG.md)
- [Commits](composer/composer@1.4.2...1.7.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
@dependabot-preview dependabot-preview bot mentioned this pull request Aug 6, 2018
Closed
@dependabot-preview
Copy link
Contributor Author

Superseded by #9.

@dependabot-preview dependabot-preview bot deleted the dependabot/composer/composer/composer-1.7.0 branch August 8, 2018 07:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dependabot-support