chore(deps): update dependency composer/composer to v2.7.6 #5719
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2.6.6
->2.7.6
Release Notes
composer/composer (composer/composer)
v2.7.6
Compare Source
v2.7.5
Compare Source
uninstall
alias toremove
command (#11951)100
as code (#11954)v2.7.4
Compare Source
Call to undefined method ProxyManager::needsTransitionWarning()
) with projects requiring composer/composer in an pre-2.7.3 version (#11943, #11940)v2.7.3
Compare Source
https_proxy
env var falling back tohttp_proxy
's value, this is still in place but with a warning for now, and https_proxy can now be set empty to remove the fallback. Composer 2.8.0 will remove the fallback so make sure you heed the warnings (#11915)show
andoutdated
commands to remove leadingv
in e.g.v1.2.3
when showing lists of packages (#11925)audit
command not showing any id when no CVE is present, the advisory ID is now shown (#11892)project
type as those are typically not versioned and do not have cyclic dependencies (#11885)clear-cache
command to respect the config.cache-dir setting from the local composer.json (#11921)status
command not handling failed download/install promises correctly (#11889)buy_me_a_coffee
in GitHub funding files (#11902)hg
support for SSH urls (#11878)v2.7.2
Compare Source
composer --version
(#11866)c3efff9
)outdated --ignore ...
still attempting to load the latest version of the ignored packages (#11863)update --lock
still incorrectly updating some metadata (#11850, #11787)v2.7.1
Compare Source
diagnose
auditing of Composer dependencies failing when running from the pharv2.7.0
Compare Source
audit.abandoned
config setting tofail
, set it toreport
orignore
if you do not want this, or set it viaCOMPOSER_AUDIT_ABANDONED
env var (#11643)update
/require
/remove
commands to perform partial update with --with-dependencies while changing only what is absolutely necessary in transitive dependencies (#11665)outdated
/show
commands to allow sorting by and displaying the release date (most outdated first) (#11762)--self
combined with--installed
or--locked
inshow
command, to add the root package to the package list being output (#11785)audit
command output (#11702)scripts-aliases
top level key in composer.json to define aliases for custom scripts you defined (#11666)COMPOSER_IPRESOLVE
env var to force IPv4 or IPv6, set it to4
or6
(#11791)outdated
's --ignore arg (#11831)bump
command bumping*
to>=current version
(#11694)validate
command (#11829)install
when running in very verbose (-vv) mode (#11763)diagnose
command (#11761)diagnose
command output (#11688)show --direct <package>
with an indirect/transitive dependency (#11728)COMPOSER_FUND=0
env var to hide calls for funding (#11779)bump
command not bumping packages required with av
prefix (#11764)update --lock
not keeping the dist reference/url/checksum pinned (#11787)require
command crashing at the end if no lock file is present (#11814)require
command (#11716)require
command (#11747)Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.