Skip to content

Bump composer/composer from 2.7.2 to 2.7.3 #570

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
github-actions merged 1 commit into from
Apr 22, 2024
Merged

Bump composer/composer from 2.7.2 to 2.7.3 #570

github-actions merged 1 commit into from
Apr 22, 2024

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 22, 2024

Bumps composer/composer from 2.7.2 to 2.7.3.

Release notes

Sourced from composer/composer's releases.

2.7.3

  • BC Warning: Fixed https_proxy env var falling back to http_proxy's value, this is still in place but with a warning for now, and https_proxy can now be set empty to remove the fallback. Composer 2.8.0 will remove the fallback so make sure you heed the warnings (#11915)
  • Fixed show and outdated commands to remove leading v in e.g. v1.2.3 when showing lists of packages (#11925)
  • Fixed audit command not showing any id when no CVE is present, the advisory ID is now shown (#11892)
  • Fixed the warning about a missing default version showing for packages with project type as those are typically not versioned and do not have cyclic dependencies (#11885)
  • Fixed PHP 8.4 deprecation warnings
  • Fixed clear-cache command to respect the config.cache-dir setting from the local composer.json (#11921)
  • Fixed status command not handling failed download/install promises correctly (#11889)
  • Added support for buy_me_a_coffee in GitHub funding files (#11902)
  • Added hg support for SSH urls (#11878)
  • Fixed some env vars with an integer value causing a crash (#11908)
  • Fixed context data not being output when using IOInterface as a PSR-3 logger (#11882)
Changelog

Sourced from composer/composer's changelog.

[2.7.3] 2024-04-19

  • BC Warning: Fixed https_proxy env var falling back to http_proxy's value, this is still in place but with a warning for now, and https_proxy can now be set empty to remove the fallback. Composer 2.8.0 will remove the fallback so make sure you heed the warnings (#11915)
  • Fixed show and outdated commands to remove leading v in e.g. v1.2.3 when showing lists of packages (#11925)
  • Fixed audit command not showing any id when no CVE is present, the advisory ID is now shown (#11892)
  • Fixed the warning about a missing default version showing for packages with project type as those are typically not versioned and do not have cyclic dependencies (#11885)
  • Fixed PHP 8.4 deprecation warnings
  • Fixed clear-cache command to respect the config.cache-dir setting from the local composer.json (#11921)
  • Fixed status command not handling failed download/install promises correctly (#11889)
  • Added support for buy_me_a_coffee in GitHub funding files (#11902)
  • Added hg support for SSH urls (#11878)
  • Fixed some env vars with an integer value causing a crash (#11908)
  • Fixed context data not being output when using IOInterface as a PSR-3 logger (#11882)
Commits
  • e49be96 Release 2.7.3
  • 1dd63ba Update changelog
  • 69dc828 Ensure type must be provided in init command
  • 3238d7d Upgrade phpstan-strict-rules
  • 70927f7 Add FAQ about using a proxy (#11933)
  • b0ec0f9 Update phpstan deps and fix a few array_filter issues
  • 3604996 Ensure diagnose command works even if provider-includes disappears
  • 41fb614 Improve proxy reporting in Diagnose command (#11932)
  • 3cc490d Refactor proxy handling to require https_proxy (#11915)
  • 92f641a Fix show command output to remove v prefixes on versions, making for more uni...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot
Bump composer/composer from 2.7.2 to 2.7.3
0991eee 
Bumps [composer/composer](https://github.com/composer/composer) from 2.7.2 to 2.7.3. - [Release notes](https://github.com/composer/composer/releases) - [Changelog](https://github.com/composer/composer/blob/main/CHANGELOG.md) - [Commits](composer/composer@2.7.2...2.7.3) --- updated-dependencies: - dependency-name: composer/composer dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels Apr 22, 2024
@github-actions github-actions bot merged commit 96e35a4 into main Apr 22, 2024
@github-actions github-actions bot deleted the dependabot/composer/composer/composer-2.7.3 branch April 22, 2024 01:33
@coveralls
Copy link

coveralls commented Apr 22, 2024

Pull Request Test Coverage Report for Build 8777160649

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 89.508%
Totals Coverage Status
Change from base Build 8502840260: 0.0%
Covered Lines: 546
Relevant Lines: 610
💛 - Coveralls
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file php Pull requests that update Php code

2 participants

@coveralls