stable

composer-2.8.1-1.fc40

FEDORA-2024-f6393af6ce created by remi 2 months ago for Fedora 40

Version 2.8.1 - 2024-10-04

  • Fixed init command regression when no license is provided (#12145)
  • Fixed --strict-ambiguous flag handling whereas it sometimes did not report all issues (#12148)
  • Fixed create-project to inherit the target folder's permissions for installed project files (#12146)
  • Fixed a few cases where the prompt for using a parent dir's composer.json fails to work correctly (#8023)

Version 2.8.0 - 2024-10-02

  • BC Warning: Fixed https_proxy env var falling back to http_proxy's value. The fallback and warning have now been removed per the 2.7.3 release notes (#11938, #11915)
  • Added --patch-only flag to the update command to restrict updates to patch versions and make an update of all deps safer (#12122)
  • Added --abandoned flag to the audit command to configure how abandoned packages should be treated, overriding the audit.abandoned config setting (#12091)
  • Added --ignore-severity flag to the audit command to ignore one or more advisory severities (#12132)
  • Added --bump-after-update flag to the update command to run bump after the update is done (#11942)
  • Added a way to control which scripts receive additional CLI arguments and where they appear in the command, see the docs (#12086)
  • Added allow-missing-requirements config setting to skip the error when the lock file is not fulfilling the composer.json's dependencies (#11966)
  • Added a JSON schema for the composer.lock file (#12123)
  • Added better support for Bitbucket app passwords when cloning repos / installing from source (#12103)
  • Added --type flag to filter packages by type(s) in the reinstall command (#12114)
  • Added --strict-ambiguous flag to the dump-autoload command to make it return with an error code if duplicate classes are found (#12119)
  • Added warning in dump-autoload when vendor files have been deleted (#12139)
  • Added warnings for each missing platform package when running create-project to avoid having to run it again and again (#12120)
  • Added sorting of packages in allow-plugins when sort-packages is enabled (#11348)
  • Added suggestion of provider packages / polyfills when an ext or lib package is missing (#12113)
  • Improved interactive package update selection by first outputting all packages and their possible updates (#11990)
  • Improved dependency resolution failure output by sorting the output in a deterministic and (often) more logical way (#12111)
  • Fixed PHP 8.4 deprecation warnings about E_STRICT (#12116)
  • Fixed init command to validate the given license identifier (#12115)
  • Fixed version guessing to be more deterministic on feature branches if it appears that it could come from either of two mainline branches (#12129)
  • Fixed COMPOSER_ROOT_VERSION env var handling to treat 1.2 the same as 1.2.x-dev and not 1.2.0 (#12109)
  • Fixed require command skipping new stability flags from the lock file, causing invalid lock file diffs (#12112)
  • Fixed php://stdin potentially being open several times when running Composer programmatically (#12107)
  • Fixed handling of platform packages in why-not command and partial updates (#12110)
  • Reverted "Fixed transport-options.ssl for local cert authorization being stored in lock file making them less portable (#12019)" from 2.7.8 as it was broken

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2024-f6393af6ce

This update has been submitted for testing by remi.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update has obsoleted composer-2.8.0-1.fc40, and has inherited its bugs and notes.

2 months ago
User Icon imabug provided feedback 2 months ago
karma

This update has been pushed to testing.

2 months ago

This update has been submitted for stable by bodhi.

a month ago

This update has been pushed to stable.

a month ago

Please login to add feedback.

Metadata
Type
enhancement
Karma
1
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 months ago
in testing
2 months ago
in stable
a month ago
approved
a month ago

Automated Test Results