Search code, repositories, users, issues, pull requests...

Fixed json schema issues with version validation (#12367)
- Fixed issues running on 32bit machines (#12365)

`v2.8.7`

Bumped justinrainbow/json-schema dependency to 6.x (#12348)
- Added COMPOSER_MAX_PARALLEL_PROCESS env var to control max amount of parallel processes Composer will start (#12356)
- Added zstd/brotli presence in diagnose command output
- Fixed error handler to avoid spamming deprecation notices (#12360)
- Fixed InstalledVersions returning duplicate data at Composer runtime (#12225)
- Fixed handling of --with ... constraints to make them apply to packages replaced a package with a different name (#12353)
- Fixed deprecation warnings showing up in IDE code inspections within the vendor dir (#12331)
- Fixed a few json schema completeness issues (#12332, #12321)
- Fixed issue autoloading files with a .phar inside the path (#12326)

`v2.8.6`

Added COMPOSER_WITH_DEPENDENCIES and COMPOSER_WITH_ALL_DEPENDENCIES env vars to enable the --with[-all]-dependencies flags (#12289)
- Added COMPOSER_SKIP_SCRIPTS env var to tell Composer to skip certain script handlers by script names (comma separated) (#12290)
- Added error hint when Avast is detected together with curl certificate errors (#9894)
- Fixed handling of backslash in folder names when creating archives (#12327)
- Fixed detection of containerd for containers to avoid warning about root usage (#12299)

`v2.8.5`

Added build provenance attestation so you can also now download and verify phar files from GitHub releases:
```
  gh release --repo composer/composer download --pattern composer.phar
  gh attestation verify --repo composer/composer composer.phar
```
- Fixed unsupported funding values causing parse errors in packages (#12247)
- Fixed support for a few newer funding formats (#12257)
- Fixed InstalledVersions regression from 2.8.4 when reload() is used (#12269)
- Fixed psr-0/psr-4 rules having unstable order in vendor/composer/autoload*.php (#12263)
- Fixed a few warnings happening incorrectly in edge cases (#12284, #12268, #12283)

`v2.8.4`

Fixed exit code of the audit command not being meaningful (now 1 for vulnerabilities and 2 for abandoned, 3 for both) (#12203)
- Fixed issue on plugin upgrade when it defines multiple classes (#12226)
- Fixed duplicate errors appearing in the output depending on php settings (#12214)
- Fixed InstalledVersions returning duplicate data in some instances (#12225)
- Fixed installed.php sorting to be deterministic (#12197)
- Fixed bump-after-update failing when using inline constraints (#12223)
- Fixed create-project command to now disable symlinking when used with a path repo as argument (#12222)
- Fixed validate --no-check-publish to hide publish errors entirely as they are irrelevant (#12196)
- Fixed audit command returning a failing code when composer audit fails as this should not trigger build failures, but running audit as standard part of your build is probably a terrible idea anyway (#12196)
- Fixed curl usage to disable multiplexing on broken versions when proxies are in use (#12207)

`v2.8.3`

Fixed windows handling of process discovery (#12180)
- Fixed react/promise requirement to allow 2.x installs again (#12188)
- Fixed some issues when lock:false is set in require and bump commands

`v2.8.2`

Fixed crash while suggesting providers if they have no description (#12152)
- Fixed issues creating lock files violating the schema in some circumstances (#12149)
- Fixed create-project regression in 2.8.1 when using path repos with relative paths (#12150)
- Fixed ctrl-C aborts not working inside text prompts (#12106)
- Fixed git failing silently when git cannot read a repo due to ownership violations (#12178)
- Fixed handling of signals in non-PHP binaries run via proxies (#12176)

`v2.8.1`

Fixed init command regression when no license is provided (#12145)
- Fixed --strict-ambiguous flag handling whereas it sometimes did not report all issues (#12148)
- Fixed create-project to inherit the target folder's permissions for installed project files (#12146)
- Fixed a few cases where the prompt for using a parent dir's composer.json fails to work correctly (#8023)

`v2.8.0`

BC Warning: Fixed https_proxy env var falling back to http_proxy's value. The fallback and warning have now been removed per the 2.7.3 release notes (#11938, #11915)
- Added --patch-only flag to the update command to restrict updates to patch versions and make an update of all deps safer (#12122)
- Added --abandoned flag to the audit command to configure how abandoned packages should be treated, overriding the audit.abandoned config setting (#12091)
- Added --ignore-severity flag to the audit command to ignore one or more advisory severities (#12132)
- Added --bump-after-update flag to the update command to run bump after the update is done (#11942)
- Added a way to control which scripts receive additional CLI arguments and where they appear in the command, see the docs (#12086)
- Added allow-missing-requirements config setting to skip the error when the lock file is not fulfilling the composer.json's dependencies (#11966)
- Added a JSON schema for the composer.lock file (#12123)
- Added better support for Bitbucket app passwords when cloning repos / installing from source (#12103)
- Added --type flag to filter packages by type(s) in the reinstall command (#12114)
- Added --strict-ambiguous flag to the dump-autoload command to make it return with an error code if duplicate classes are found (#12119)
- Added warning in dump-autoload when vendor files have been deleted (#12139)
- Added warnings for each missing platform package when running create-project to avoid having to run it again and again (#12120)
- Added sorting of packages in allow-plugins when sort-packages is enabled (#11348)
- Added suggestion of provider packages / polyfills when an ext or lib package is missing (#12113)
- Improved interactive package update selection by first outputting all packages and their possible updates (#11990)
- Improved dependency resolution failure output by sorting the output in a deterministic and (often) more logical way (#12111)
- Fixed PHP 8.4 deprecation warnings about E_STRICT (#12116)
- Fixed init command to validate the given license identifier (#12115)
- Fixed version guessing to be more deterministic on feature branches if it appears that it could come from either of two mainline branches (#12129)
- Fixed COMPOSER_ROOT_VERSION env var handling to treat 1.2 the same as 1.2.x-dev and not 1.2.0 (#12109)
- Fixed require command skipping new stability flags from the lock file, causing invalid lock file diffs (#12112)
- Fixed php://stdin potentially being open several times when running Composer programmatically (#12107)
- Fixed handling of platform packages in why-not command and partial updates (#12110)
- Reverted "Fixed transport-options.ssl for local cert authorization being stored in lock file making them less portable (#12019)" from 2.7.8 as it was broken

`v2.7.9`

Fixed Docker detection breaking on constrained environments (#12095)
- Fixed upstream issue in bash completion script, it is recommended to update it using the completion command (#12015)

`v2.7.8`

Added release-age, release-date and latest-release-date in the JSON output of outdated (#12053)
- Fixed PHP 8.4 deprecation warnings
- Fixed addressability of branches containing # signs (#12042)
- Fixed bump command not handling some ~ constraints correctly (#12038)
- Fixed COMPOSER_AUTH not taking precedence over ./auth.json (#12084)
- Fixed relative: true sometimes not being respected in path repo symlinks (#12092)
- Fixed copy from cache sometimes failing on VirtualBox shared folders (#12057)
- Fixed PSR-4 autoloading order regression in some edge case (#12063)
- Fixed duplicate lib-* packages causing issues when having pecl + core versions of the same PHP extension (#12093)
- Fixed transport-options.ssl for local cert authorization being stored in lock file making them less portable (#12019)
- Fixed memory issues when installing large binaries (#12032)
- Fixed archive command crashing when a path cannot be realpath'd on windows (#11544)
- API: Deprecated BasePackage::$stabilities in favor of BasePackage::STABILITIES (685add7)
- Improved Docker detection (#12062)

infection/infection (infection/infection)

`v0.29.14`: Fix simple diff colorizer throwing fatal error

Fixed:

Fix for fallback to the simple diff colorizer for multiline removed lines by @sidz in https://github.com/infection/infection/pull/2053

Full Changelog: infection/infection@0.29.13...0.29.14

`v0.29.13`

Added:

Add PHP 8.4 mutator to replace array_find_key() with null by @maks-rafalko in https://github.com/infection/infection/pull/2050
Add PHP 8.4 mutator to replace array_find() with null by @maks-rafalko in https://github.com/infection/infection/pull/2049

Changed:

Remove Pest test framework by @maks-rafalko in https://github.com/infection/infection/pull/2047
Update .gitattributes by @kubawerlos in https://github.com/infection/infection/pull/2044
Allow justinrainbow/json-schema:^6 by @kubawerlos in https://github.com/infection/infection/pull/2045

Internal:

Update PHPStan to version 2 by @sidz in https://github.com/infection/infection/pull/2038
PHPUnit 11 by @sidz in https://github.com/infection/infection/pull/2039
Add cs-check to make autoreview by @maks-rafalko in https://github.com/infection/infection/pull/2052
Remove deprecated Rector's rule as it generates warnings by @maks-rafalko in https://github.com/infection/infection/pull/2051
[Conductor] Update phpunit/phpunit to 11.5.8 by @private-packagist in https://github.com/infection/infection/pull/2040
[Conductor] Update thecodingmachine/safe to v3.0.1 by @private-packagist in https://github.com/infection/infection/pull/2041
[Conductor] Update phpstan/phpstan to 2.1.6 by @private-packagist in https://github.com/infection/infection/pull/2042
[Conductor] Update thecodingmachine/safe to v3.0.2 by @private-packagist in https://github.com/infection/infection/pull/2043
[Conductor] Update phpunit/phpunit to 11.5.9 by @private-packagist in https://github.com/infection/infection/pull/2046
[Conductor] Update symfony/process to v7.2.4 by @private-packagist in https://github.com/infection/infection/pull/2048

Full Changelog: infection/infection@0.29.12...0.29.13

`v0.29.12`: Support thecodingmachine/safe v3, drop Symfony 5.4 support

Changed:

Replace shish/safe back with thecodingmachine/safe v3 by @maks-rafalko in https://github.com/infection/infection/pull/2037
Get rid of Symfony 5.4 support as it's EOLed and on security fixes only by @maks-rafalko in https://github.com/infection/infection/pull/2029
Add PHPUnit 12 e2e tests to make sure we are ok with it by @maks-rafalko in https://github.com/infection/infection/pull/2035
[Conductor] Update all of composer by @private-packagist in https://github.com/infection/infection/pull/2023
[Conductor] Update helmich/phpunit-json-assert to v3.5.2 by @private-packagist in https://github.com/infection/infection/pull/2024
[Conductor] Update infection/extension-installer to 0.1.2 by @private-packagist in https://github.com/infection/infection/pull/2025
[Conductor] Update nikic/php-parser to v5.4.0 by @private-packagist in https://github.com/infection/infection/pull/2026
[Conductor] Update ondram/ci-detector to 4.2.0 by @private-packagist in https://github.com/infection/infection/pull/2027
[Conductor] Update all of phpunit by @private-packagist in https://github.com/infection/infection/pull/2028
[Conductor] Update sanmai/later to 0.1.4 by @private-packagist in https://github.com/infection/infection/pull/2031
[Conductor] Update all of fidry by @private-packagist in https://github.com/infection/infection/pull/2032

Full Changelog: infection/infection@0.29.11...0.29.12

`v0.29.11`: Add support for `sebastian/diff` v7

Added:

feat: add support for sebastian/diff v7 by @Slamdunk in https://github.com/infection/infection/pull/2022

Full Changelog: infection/infection@0.29.10...0.29.11

`v0.29.10`: Require PHP 8.2. Switch to `shish/safe`to fix issue with`thecodingmachine/safe`

Fixed:

Attempt to switch to shish/safe to fix issue with thecodingmachine/safe by @sanmai in https://github.com/infection/infection/pull/2017

Changed:

Bump PHP version to 8.2 by @maks-rafalko in https://github.com/infection/infection/pull/2018

Full Changelog: infection/infection@0.29.9...0.29.10

`v0.29.9`: New PHP 8.4 mutators, remove PHP 8.4 deprecations

Added:

Add PHP 8.4 mutator to replace array_all() with true by @maks-rafalko in https://github.com/infection/infection/pull/2009
Add PHP 8.4 mutator to replace array_any() with true by @maks-rafalko in https://github.com/infection/infection/pull/2010
Make sure Infection mutates PHP 8.4 getters (new syntax) by @maks-rafalko in https://github.com/infection/infection/pull/2011

Changed:

Update nikic/php-parser to the latest version to support PHP 8.4 mutators by @maks-rafalko in https://github.com/infection/infection/pull/2008

Full Changelog: infection/infection@0.29.8...0.29.9

`v0.29.8`: PHPUnit 11 compatibility, performance improvement thanks to `stopOnDefect`

Added:

use $GLOBALS['_composer_autoload_path'] if possible by @Kanti in https://github.com/infection/infection/pull/2002
add stopOnDefect by @Kanti in https://github.com/infection/infection/pull/2003

Changed:

fix phpunit 11 config (cacheResultFile -> cacheDirectory) by @Kanti in https://github.com/infection/infection/pull/2003

New Contributors

@Kanti made their first contribution in https://github.com/infection/infection/pull/2002

Full Changelog: infection/infection@0.29.7...0.29.8

`v0.29.7`: Diff colorizer fix for multiline cases, PHP 8.4 support in pipelines

What's Changed

Fixed:

Fallback to the simple diff colorizer (previous implementation) for multiline diffs by @maks-rafalko in https://github.com/infection/infection/pull/2000
Fix PHP-Parser 5.0 and 5.1 compatibility in tests by @sidz in https://github.com/infection/infection/pull/1994

Added:

Add PHP 8.4 to the pipeline by @sidz in https://github.com/infection/infection/pull/1992

Changed:

Run e2e tests in parallel by @maks-rafalko in https://github.com/infection/infection/pull/1990
Redirect stderr to stdout for e2e tests by @maks-rafalko in https://github.com/infection/infection/pull/1991
Un-prophecyze in favor of phpunit mock by @sidz in https://github.com/infection/infection/pull/1993
Use Null Coalescing Assignment Operator by @sidz in https://github.com/infection/infection/pull/1995

Full Changelog: infection/infection@0.29.6...0.29.7

`v0.29.6`: Ignore `switch(bool)` statements in `TrueValue` and `FalseValue` mutators

Changed:

Ignore switch(bool) statements in TrueValue and FalseValue mutators. by @shanept in https://github.com/infection/infection/pull/1986

New Contributors

@shanept made their first contribution in https://github.com/infection/infection/pull/1986

Full Changelog: infection/infection@0.29.5...0.29.6

`v0.29.5`

Added:

Update GitHub actions used by @vincentchalamon in https://github.com/infection/infection/pull/1979
Introduce GitHub Actions Concurrency used by @vincentchalamon in https://github.com/infection/infection/pull/1979

`v0.29.4`

Added:

Introduce --logger-project-root-directory by @vincentchalamon in https://github.com/infection/infection/pull/1978

`v0.29.3`: Add support for `colinodell/json5` v3

Changed:

Add support for colinodell/json5 v3 by @Slamdunk in https://github.com/infection/infection/pull/1976

Full Changelog: infection/infection@0.29.2...0.29.3

`v0.29.2`: Highlight inline differences in CLI

Added:

[Logs] Highlight inline differences in CLI by @Slamdunk in https://github.com/infection/infection/pull/1974

Full Changelog: infection/infection@0.29.1...0.29.2

`v0.29.1`: Fix usage of custom mutator with bootstrap file

Fixed:

Fix usage of custom mutator with bootstrap file by @maks-rafalko in https://github.com/infection/infection/pull/1973

Full Changelog: infection/infection@0.29.0...0.29.1

`v0.29.0`

Added:

Support custom mutators by @vss414 in https://github.com/infection/infection/pull/1686
Custom mutator generator by @maks-rafalko in https://github.com/infection/infection/pull/1969

Read about how to create custom mutators: https://infection.github.io/guide/custom-mutators.html

Changed:

Move Infection\Mutator\Mutator to a separate package by @maks-rafalko in https://github.com/infection/infection/pull/1963
Make Mutator::getDefinition return type non-nullable by @maks-rafalko in https://github.com/infection/infection/pull/1958
Enable Rector's AddCoversClassAttributeRector rule by @maks-rafalko in https://github.com/infection/infection/pull/1962
Mention Discord instead of Slack in issue github template by @staabm in https://github.com/infection/infection/pull/1951
test: Force mutators to include remedies by @theofidry in https://github.com/infection/infection/pull/1954
Use the latest composer 2 to prevent issue with incompatibility for Box and composer 2.1 by @maks-rafalko in https://github.com/infection/infection/pull/1957
Use the latest v1 test checker action by @maks-rafalko in https://github.com/infection/infection/pull/1960
Upgrade Rector and fix new issues by @maks-rafalko in https://github.com/infection/infection/pull/1961
Use new PHP-CS-Fixer with parallelization by @maks-rafalko in https://github.com/infection/infection/pull/1964
Remove our own custom FQCN visitor as we already use php-parser's NameResolver visitor by @maks-rafalko in https://github.com/infection/infection/pull/1967
Replace deprecated constant NodeTraverser::DONT_TRAVERSE_CURRENT_AND_CHILDREN with NodeVisitor::DONT_TRAVERSE_CURRENT_AND_CHILDREN by @maks-rafalko in https://github.com/infection/infection/pull/1968
Remove our own ParentConnectorVisitor and use nikic-phpparser's one by @maks-rafalko in https://github.com/infection/infection/pull/1970

`v0.28.1`: Use CI (GitHub, GitLab) variable to detect project path

Changed:

feat: use CI variables to detect project path by @darthf1 in https://github.com/infection/infection/pull/1949

New Contributors

@darthf1 made their first contribution in https://github.com/infection/infection/pull/1949

Full Changelog: infection/infection@0.28.0...0.28.1

`v0.28.0`

Added:

Add PHP-Parser 5 support by @sidz in https://github.com/infection/infection/pull/1909

laminas/automatic-releases (laminas/automatic-releases)

`v1.25.0`

Release Notes for 1.25.0

Feature release (minor)

1.25.0

Total issues resolved: 0
Total pull requests resolved: 11
Total contributors: 2

Ocramius/PackageVersions (ocramius/package-versions)

`v2.10.0`

Release Notes for 2.10.0

Feature release (minor)

2.10.0

Total issues resolved: 0
Total pull requests resolved: 4
Total contributors: 1

renovate

261: Update dependency vimeo/psalm to v6 thanks to @renovate[bot]
257: Roll back laminas/automatic-releases action to 1.24.0 - autoclosed thanks to @renovate[bot]
252: Update dependency phpunit/phpunit to v11 thanks to @renovate[bot]
246: Update dependency phpunit/phpunit to v10 - abandoned thanks to @renovate[bot]

`v2.9.0`

Release Notes for 2.9.0

Feature release (minor)

2.9.0

Total issues resolved: 0
Total pull requests resolved: 2
Total contributors: 2

dependencies,enhancement

256: Allow PHP 8.4 thanks to @fezfez

security

253: Update dependency composer/composer to ^2.7.0 [SECURITY] thanks to @renovate[bot]

containerbase/php-prebuild (php)

`v8.4.5`

Bug Fixes

deps: update dependency php to v8.4.5

`v8.4.4`

Bug Fixes

deps: update dependency php to v8.4.4

`v8.4.3`

Bug Fixes

deps: update dependency php to v8.4.3

`v8.4.2`

Bug Fixes

deps: update dependency php to v8.4.2

`v8.4.1`

Bug Fixes

deps: update dependency php to v8.4.1

sebastianbergmann/phpunit (phpunit/phpunit)

`v10.5.45`: PHPUnit 10.5.45

Changed

#6117: Include source location information for issues triggered during test in --debug output
#6119: Improve message for errors that occur while parsing attributes

`v10.5.44`: PHPUnit 10.5.44

Fixed

#6115: Backed enumerations with values not of type string cannot be used in customized TestDox output

`v10.5.43`: PHPUnit 10.5.43

Changed

Do not skip execution of test that depends on a test that is larger than itself

`v10.5.42`: PHPUnit 10.5.42

Fixed

#6103: Output from test run in separate process is printed twice
#6109: Skipping a test in a before-class method crashes JUnit XML logger
#6111: Deprecations cause SourceMapper to scan all <source/> files

`v10.5.41`: PHPUnit 10.5.41

Added

Test\AfterLastTestMethodErrored, Test\AfterTestMethodErrored, Test\BeforeTestMethodErrored, Test\PostConditionErrored, and Test\PreConditionErrored events

Fixed

#6094: Errors in after-last-test methods are not reported
#6095: Expectation is not counted correctly when a doubled method is called more often than is expected
#6098: No system-out element in JUnit XML logfile

`v10.5.40`: PHPUnit 10.5.40

Fixed

#6082: assertArrayHasKey(), assertArrayNotHasKey(), arrayHasKey(), and ArrayHasKey::__construct() do not support all possible key types
#6087: --migrate-configuration does not remove beStrictAboutTodoAnnotatedTests attribute from XML configuration file

`v10.5.39`: PHPUnit 10.5.39

Added

#6081: DefaultResultCache::mergeWith() for merging result cache instances

Fixed

#6066: TeamCity logger does not handle error/skipped events in before-class methods correctly

`v10.5.38`: PHPUnit 10.5.38

Changed

#6012: Remove empty lines between TeamCity events

`v10.5.37`: PHPUnit 10.5.37

Fixed

#5982: Typo in exception message

`v10.5.36`: PHPUnit 10.5.36