Sourced from composer/composer's releases.
2.8.2
- Fixed crash while suggesting providers if they have no description (#12152)
- Fixed issues creating lock files violating the schema in some circumstances (#12149)
- Fixed
create-projectregression in 2.8.1 when using path repos with relative paths (#12150)- Fixed ctrl-C aborts not working inside text prompts (#12106)
- Fixed git failing silently when git cannot read a repo due to ownership violations (#12178)
- Fixed handling of signals in non-PHP binaries run via proxies (#12176)
Full Changelog: https://github.com/composer/composer/compare/2.8.1...2.8.2
2.8.1
- Fixed
initcommand regression when no license is provided (#12145)- Fixed
--strict-ambiguousflag handling whereas it sometimes did not report all issues (#12148)- Fixed
create-projectto inherit the target folder's permissions for installed project files (#12146)- Fixed a few cases where the prompt for using a parent dir's composer.json fails to work correctly (#8023)
Full Changelog: https://github.com/composer/composer/compare/2.8.0...2.8.1
2.8.0
- BC Warning: Fixed
https_proxyenv var falling back tohttp_proxy's value. The fallback and warning have now been removed per the 2.7.3 release notes (#11938, #11915)- Added
--patch-onlyflag to theupdatecommand to restrict updates to patch versions and make an update of all deps safer (#12122)- Added
--abandonedflag to theauditcommand to configure how abandoned packages should be treated, overriding theaudit.abandonedconfig setting (#12091)- Added
--ignore-severityflag to theauditcommand to ignore one or more advisory severities (#12132)- Added
--bump-after-updateflag to theupdatecommand to run bump after the update is done (#11942)- Added a way to control which
scriptsreceive additional CLI arguments and where they appear in the command, see the docs (#12086)- Added
allow-missing-requirementsconfig setting to skip the error when the lock file is not fulfilling the composer.json's dependencies (#11966)- Added a JSON schema for the composer.lock file (#12123)
- Added better support for Bitbucket app passwords when cloning repos / installing from source (#12103)
- Added
--typeflag to filter packages by type(s) in thereinstallcommand (#12114)- Added
--strict-ambiguousflag to thedump-autoloadcommand to make it return with an error code if duplicate classes are found (#12119)- Added warning in
dump-autoloadwhen vendor files have been deleted (#12139)- Added warnings for each missing platform package when running
create-projectto avoid having to run it again and again (#12120)- Added sorting of packages in allow-plugins when
sort-packagesis enabled (#11348)- Added suggestion of provider packages / polyfills when an ext or lib package is missing (#12113)
- Improved interactive package update selection by first outputting all packages and their possible updates (#11990)
- Improved dependency resolution failure output by sorting the output in a deterministic and (often) more logical way (#12111)
- Fixed PHP 8.4 deprecation warnings about
E_STRICT(#12116)- Fixed
initcommand to validate the given license identifier (#12115)- Fixed version guessing to be more deterministic on feature branches if it appears that it could come from either of two mainline branches (#12129)
- Fixed COMPOSER_ROOT_VERSION env var handling to treat 1.2 the same as 1.2.x-dev and not 1.2.0 (#12109)
- Fixed require command skipping new stability flags from the lock file, causing invalid lock file diffs (#12112)
- Fixed php://stdin potentially being open several times when running Composer programmatically (#12107)
- Fixed handling of platform packages in why-not command and partial updates (#12110)
- Reverted "Fixed transport-options.ssl for local cert authorization being stored in lock file making them less portable (#12019)" from 2.7.8 as it was broken
Full Changelog: https://github.com/composer/composer/compare/2.7.9...2.8.0
Sourced from composer/composer's changelog.
[2.8.2] 2024-10-29
- Fixed crash while suggesting providers if they have no description (#12152)
- Fixed issues creating lock files violating the schema in some circumstances (#12149)
- Fixed
create-projectregression in 2.8.1 when using path repos with relative paths (#12150)- Fixed ctrl-C aborts not working inside text prompts (#12106)
- Fixed git failing silently when git cannot read a repo due to ownership violations (#12178)
- Fixed handling of signals in non-PHP binaries run via proxies (#12176)
[2.8.1] 2024-10-04
- Fixed
initcommand regression when no license is provided (#12145)- Fixed
--strict-ambiguousflag handling whereas it sometimes did not report all issues (#12148)- Fixed
create-projectto inherit the target folder's permissions for installed project files (#12146)- Fixed a few cases where the prompt for using a parent dir's composer.json fails to work correctly (#8023)
[2.8.0] 2024-10-02
- BC Warning: Fixed
https_proxyenv var falling back tohttp_proxy's value. The fallback and warning have now been removed per the 2.7.3 release notes (#11938, #11915)- Added
--patch-onlyflag to theupdatecommand to restrict updates to patch versions and make an update of all deps safer (#12122)- Added
--abandonedflag to theauditcommand to configure how abandoned packages should be treated, overriding theaudit.abandonedconfig setting (#12091)- Added
--ignore-severityflag to theauditcommand to ignore one or more advisory severities (#12132)- Added
--bump-after-updateflag to theupdatecommand to run bump after the update is done (#11942)- Added a way to control which
scriptsreceive additional CLI arguments and where they appear in the command, see the docs (#12086)- Added
allow-missing-requirementsconfig setting to skip the error when the lock file is not fulfilling the composer.json's dependencies (#11966)- Added a JSON schema for the composer.lock file (#12123)
- Added better support for Bitbucket app passwords when cloning repos / installing from source (#12103)
- Added
--typeflag to filter packages by type(s) in thereinstallcommand (#12114)- Added
--strict-ambiguousflag to thedump-autoloadcommand to make it return with an error code if duplicate classes are found (#12119)- Added warning in
dump-autoloadwhen vendor files have been deleted (#12139)- Added warnings for each missing platform package when running
create-projectto avoid having to run it again and again (#12120)- Added sorting of packages in allow-plugins when
sort-packagesis enabled (#11348)- Added suggestion of provider packages / polyfills when an ext or lib package is missing (#12113)
- Improved interactive package update selection by first outputting all packages and their possible updates (#11990)
- Improved dependency resolution failure output by sorting the output in a deterministic and (often) more logical way (#12111)
- Fixed PHP 8.4 deprecation warnings about
E_STRICT(#12116)- Fixed
initcommand to validate the given license identifier (#12115)- Fixed version guessing to be more deterministic on feature branches if it appears that it could come from either of two mainline branches (#12129)
- Fixed COMPOSER_ROOT_VERSION env var handling to treat 1.2 the same as 1.2.x-dev and not 1.2.0 (#12109)
- Fixed require command skipping new stability flags from the lock file, causing invalid lock file diffs (#12112)
- Fixed php://stdin potentially being open several times when running Composer programmatically (#12107)
- Fixed handling of platform packages in why-not command and partial updates (#12110)
- Reverted "Fixed transport-options.ssl for local cert authorization being stored in lock file making them less portable (#12019)" from 2.7.8 as it was broken
6e543d0
Release 2.8.2f956683
Update changeloge02f7ba
Fix parsing of comments in arrays of sponsor info, fixes composer/packagist#1473e0ed22b
Warn/throw when we detect git safe.directory errors (#12178)1f0d012
Add hint how ambiguous class issues can be resolved, refs #6221
(#12179)5c3f6e0
Remove SignalHandler from Application to fix issues handling ctrl-C
inside pr...e12cfa0
Fix create-project regression when using path repos with relative paths,
fixe...fa5b361
Fix handling of signals in non-PHP binaries run via proxies (#12176)0a4c2a9
Update deps186d78c
Add php-ext to array dumper