Bump composer/composer from 2.1.14 to 2.2.7

[dependabot]

Bumps composer/composer from 2.1.14 to 2.2.7.

Release notes

Sourced from composer/composer's releases.

2.2.7

• Allow installation together with composer/xdebug-handler ^3 (#10528)
• Fixed support for packages with no licenses in licenses command output (#10537)
• Fixed handling of allow-plugins: false which kept warning (#10530)
• Fixed enum parsing in classmap generation when the enum keyword is not lowercased (#10521)
• Fixed author parsing in init command requiring an email whereas the schema allows a name only (#10538)
• Fixed issues in require command when requiring packages which do not exist (but are provided by something else you require) (#10541)
• Performance improvement in pool optimization step (#10546)

2.2.6

• BC Break: due to an oversight, the COMPOSER_BIN_DIR env var for binaries added in Composer 2.2.2 had to be renamed to COMPOSER_RUNTIME_BIN_DIR (#10512)
• Fixed enum parsing in classmap generation with syntax like enum foo:string without space after : (#10498)
• Fixed package search not urlencoding the input (#10500)
• Fixed reinstall command not firing pre-install-cmd/post-install-cmd events (#10514)
• Fixed edge case in path repositories where a symlink: true option would be ignored on old Windows and old PHP combos (#10482)
• Fixed test suite compatibility with latest symfony/console releases (#10499)
• Fixed some error reporting edge cases (#10484, #10451, #10493)

2.2.5

• Disabled composer/package-versions-deprecated by default as it can function using Composer\InstalledVersions at runtime (#10458)
• Fixed artifact repositories crashing if a phar file was present in the directory (#10406)
• Fixed binary proxy issue on PHP <8 when fseek is used on the proxied binary path (#10468)
• Fixed handling of non-string versions in package repositories metadata (#10470)

2.2.4

• Fixed handling of process timeout when running async processes during installation
• Fixed GitLab API handling when projects have a repository disabled (#10440)
• Fixed reading of environment variables (e.g. APPDATA) containing unicode characters to workaround a PHP bug on Windows (#10434)
• Fixed partial update issues with path repos missing if a path repo is required by a path repo (#10431)
• Fixed support for sourcing binaries via the new bin proxies (#10389)
• Fixed messaging when GitHub tokens need SSO authorization (#10432)

2.2.3

• Fixed issue with PHPUnit and process isolation now including PHPUnit <6.5 (#10387)
• Fixed interoperability issue with laminas/laminas-zendframework-bridge and Composer 2.2 (#10401)
• Fixed binary proxies for shell scripts to work correctly when they are symlinked (Fix builds jakzal/phpqa#336)
• Fixed overly greedy pool optimization in cases where a locked package is not required by anything anymore in a partial update (#10405)

2.2.2

• Added COMPOSER_BIN_DIR env var and _composer_bin_dir global containing the path to the bin-dir for binaries. Packages relying on finding the bin dir with $BASH_SOURCES[0] will need to update their binaries (#10402)
• Fixed issue when new binary proxies are combined with PHPUnit and process isolation (#10387)
• Fixed deprecation warnings when using Symfony 5.4+ and requiring composer/composer itself (#10404)
• Fixed UX of plugin warnings (#10381)

2.2.1

• Fixed plugin autoloading including files autoload rules from the root package (#10382)
• Fixed issue parsing php files with unterminated comments found inside backticks (#10385)

2.2.0

Read the Composer 2.2 Release Announcement for more details on the release highlights.

... (truncated)

Changelog

Sourced from composer/composer's changelog.

[2.2.7] 2022-02-25

• Allow installation together with composer/xdebug-handler ^3 (#10528)
• Fixed support for packages with no licenses in licenses command output (#10537)
• Fixed handling of allow-plugins: false which kept warning (#10530)
• Fixed enum parsing in classmap generation when the enum keyword is not lowercased (#10521)
• Fixed author parsing in init command requiring an email whereas the schema allows a name only (#10538)
• Fixed issues in require command when requiring packages which do not exist (but are provided by something else you require) (#10541)
• Performance improvement in pool optimization step (#10546)

[2.2.6] 2022-02-04

• BC Break: due to an oversight, the COMPOSER_BIN_DIR env var for binaries added in Composer 2.2.2 had to be renamed to COMPOSER_RUNTIME_BIN_DIR (#10512)
• Fixed enum parsing in classmap generation with syntax like enum foo:string without space after : (#10498)
• Fixed package search not urlencoding the input (#10500)
• Fixed reinstall command not firing pre-install-cmd/post-install-cmd events (#10514)
• Fixed edge case in path repositories where a symlink: true option would be ignored on old Windows and old PHP combos (#10482)
• Fixed test suite compatibility with latest symfony/console releases (#10499)
• Fixed some error reporting edge cases (#10484, #10451, #10493)

[2.2.5] 2022-01-21

• Disabled composer/package-versions-deprecated by default as it can function using Composer\InstalledVersions at runtime (#10458)
• Fixed artifact repositories crashing if a phar file was present in the directory (#10406)
• Fixed binary proxy issue on PHP <8 when fseek is used on the proxied binary path (#10468)
• Fixed handling of non-string versions in package repositories metadata (#10470)

[2.2.4] 2022-01-08

• Fixed handling of process timeout when running async processes during installation
• Fixed GitLab API handling when projects have a repository disabled (#10440)
• Fixed reading of environment variables (e.g. APPDATA) containing unicode characters to workaround a PHP bug on Windows (#10434)
• Fixed partial update issues with path repos missing if a path repo is required by a path repo (#10431)
• Fixed support for sourcing binaries via the new bin proxies (#10389)
• Fixed messaging when GitHub tokens need SSO authorization (#10432)

[2.2.3] 2021-12-31

• Fixed issue with PHPUnit and process isolation now including PHPUnit <6.5 (#10387)
• Fixed interoperability issue with laminas/laminas-zendframework-bridge and Composer 2.2 (#10401)
• Fixed binary proxies for shell scripts to work correctly when they are symlinked (Fix builds jakzal/phpqa#336)
• Fixed overly greedy pool optimization in cases where a locked package is not required by anything anymore in a partial update (#10405)

[2.2.2] 2021-12-29

• Added COMPOSER_BIN_DIR env var and _composer_bin_dir global containing the path to the bin-dir for binaries. Packages relying on finding the bin dir with $BASH_SOURCES[0] will need to update their binaries (#10402)
• Fixed issue when new binary proxies are combined with PHPUnit and process isolation (#10387)
• Fixed deprecation warnings when using Symfony 5.4+ and requiring composer/composer itself (#10404)
• Fixed UX of plugin warnings (#10381)

... (truncated)

Commits

• 061d154 Release 2.2.7
• 039980a Update changelog
• 8179d1e Early return when a package was already marked to be kept
• 7ee44e6 Merge pull request #10541 from Seldaek/init_req_fixes
• 2a2440c Fix handling of virtual packages when searching for packages or when looking ...
• 8b52546 Drop early package name validation if a version is provided to require/init c...
• acea849 Clarify plugin docs slightly wrt pre-operations-exec event
• 4376153 Improve untrusted package install docs
• 0c4cefa Introduce phpstan-type about autoload array type to be DRY (#10516)
• 53810b0 Fix return type
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #163.