You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from nikic/php-parser's releases.

PHP-Parser 4.10.3

Fixed

• Fixed formatting-preserving pretty printing for "{$x}".
• Ternary expressions are now treated as non-associative in the pretty printer, in order to generate code that is compatible with the parentheses requirement introduced in PHP 8.
• Removed no longer necessary error_clear_last() call in lexer, which may interfere with fatal error handlers if invoked during shutdown.

Sourced from nikic/php-parser's changelog.

Version 4.10.3 (2020-12-03)

Fixed

• Fixed formatting-preserving pretty printing for "{$x}".
• Ternary expressions are now treated as non-associative in the pretty printer, in order to generate code that is compatible with the parentheses requirement introduced in PHP 8.
• Removed no longer necessary error_clear_last() call in lexer, which may interfere with fatal error handlers if invoked during shutdown.

• dbe56d2 Release PHP-Parser 4.10.3
• c64986f Allow both '{' and T_CURLY_OPEN as curly bracket (#732)
• bc7a9bf Remove useless code left from old implementation
• 2816485 Updated README to indicate that parsing PHP 8.0 code is supported
• 1d1bc8a Upgrade some PrettyPrinter methods to protected
• d520bc9 Don't allow failures on PHP 8.0 integration tests
• 51e0b30 Test against 8.0.0rc1
• eff72ee Fix #718: PrettyPrinter breaks nested ternaries
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from composer/composer's releases.

2.0.5

• Disabled platform-check verification of extensions by default (now defaulting php-only), set platform-check to true if you want a complete check
• Improved platform-check handling of issue reporting
• Fixed platform-check to only check non-dev requires even if require-dev dependencies are installed
• Fixed issues dealing with custom installers which return trailing slashes in getInstallPath (ideally avoid doing this as there might be other issues left)
• Fixed issues when curl functions are disabled
• Fixed gitlab-domains/github-domains to make sure if they are overridden the default value remains present
• Fixed issues removing/upgrading packages from path repositories on Windows
• Fixed regression in 2.0.4 when handling of [email protected] URLs in vcs repositories
• Fixed issue running create-project in current directory on Windows

2.0.4

• Fixed check-platform-req command not being clear on what packages are checked, and added a --lock flag to explicitly check the locked packages
• Fixed config & create-project adding of repositories to make sure they are prepended as order is much more important in Composer 2, also added a --append flag to config to restore the old behavior in the unlikely case this is needed
• Fixed curl downloader failing on old PHP releases or when using self-signed SSL certificates
• Fixed Bitbucket API authentication issue

2.0.3

• Fixed bug in outdated command where dev packages with branch-aliases where always shown as being outdated
• Fixed issue in lock file interoperability with composer 1.x when using dev-master as xxx aliases
• Fixed new --locked option being missing from outdated command, for checking outdated packages directly from the lock file
• Fixed a few debug/error reporting strings

2.0.2

• Fixed regression handling composer show -s in projects where no version can be guessed from VCS
• Fixed regression handling partial updates/require when a lock file was missing
• Fixed interop issue with plugins that need to update dist URLs of packages, see docs if you need this

2.0.1

• Fixed crash on PHP8

2.0.0

Read the Composer 2.0 announcement first for the highlights!

Complete 2.0 Changelog

• Breaking: This is a major release and while we tried to keep things compatible for most users, you might want to have a look at the UPGRADE guides
• Many CPU and memory performance improvements
• The update command is now much more deterministic as it does not take the already installed packages into account
• Package installation now performs all network operations first before doing any changes on disk, to reduce the chances of ending up with a partially updated vendor dir
• Partial updates and require/remove are now much faster as they only load the metadata required for the updated packages
• Added a platform-check step when vendor/autoload.php gets initialized which checks the current PHP version/extensions match what is expected and fails hard otherwise. Can be disabled with the platform-check config option
• Added a Composer\InstalledVersions class which is autoloaded in every project and lets you check which packages/versions are present at runtime
• Added a composer-runtime-api virtual package which you can require (as e.g. ^2.0) to ensure things like the InstalledVersions class above are present. It will effectively force people to use Composer 2.x to install your project
• Added support for parallel downloads of package metadata and zip files, this requires that the curl extension is present and we thus strongly recommend enabling curl
• Added parallel installation of packages (requires OSX/Linux/WSL, and that unzip is present in PATH)
• Added much clearer dependency resolution error reporting for common error cases
• Added support for updating to a specific version with partial updates, as well as a --with flag to pass in temporary constraint overrides
• Added automatic removal of packages which are not required anymore whenever an update is done, this will purge packages previously left over by partial updates and require/remove

Sourced from composer/composer's changelog.

[2.0.5] 2020-11-06

• Disabled platform-check verification of extensions by default (now defaulting php-only), set platform-check to true if you want a complete check
• Improved platform-check handling of issue reporting
• Fixed platform-check to only check non-dev requires even if require-dev dependencies are installed
• Fixed issues dealing with custom installers which return trailing slashes in getInstallPath (ideally avoid doing this as there might be other issues left)
• Fixed issues when curl functions are disabled
• Fixed gitlab-domains/github-domains to make sure if they are overridden the default value remains present
• Fixed issues removing/upgrading packages from path repositories on Windows
• Fixed regression in 2.0.4 when handling of [email protected] URLs in vcs repositories
• Fixed issue running create-project in current directory on Windows

[2.0.4] 2020-10-30

• Fixed check-platform-req command not being clear on what packages are checked, and added a --lock flag to explicitly check the locked packages
• Fixed config & create-project adding of repositories to make sure they are prepended as order is much more important in Composer 2, also added a --append flag to config to restore the old behavior in the unlikely case this is needed
• Fixed curl downloader failing on old PHP releases or when using self-signed SSL certificates
• Fixed Bitbucket API authentication issue

[2.0.3] 2020-10-28

• Fixed bug in outdated command where dev packages with branch-aliases where always shown as being outdated
• Fixed issue in lock file interoperability with composer 1.x when using dev-master as xxx aliases
• Fixed new --locked option being missing from outdated command, for checking outdated packages directly from the lock file
• Fixed a few debug/error reporting strings

[2.0.2] 2020-10-25

• Fixed regression handling composer show -s in projects where no version can be guessed from VCS
• Fixed regression handling partial updates/require when a lock file was missing
• Fixed interop issue with plugins that need to update dist URLs of packages, see docs if you need this

[2.0.1] 2020-10-24

• Fixed crash on PHP8

[2.0.0] 2020-10-24

• Fixed proxy handling issues when combined with our new curl-based downloader
• Fixed solver bug resulting in endless loops in some cases
• Fixed solver output being extremely long due to learnt rules
• Fixed solver bug with multi literals
• Fixed a couple minor regressions

[2.0.0-RC2] 2020-10-14

• Breaking: Removed OperationInterface::getReason as the data was not accurate
• Added automatic removal of packages which are not required anymore whenever an update is done, this will purge packages previously left over by partial updates and require/remove
• Added shorthand aliases -w for --with-dependencies and -W for --with-all-dependencies on update/require/remove commands
• Added COMPOSER_DEBUG_EVENTS=1 env var support for plugin authors to figure out which events are triggered when

• 0934b44 Release 2.0.5
• 3e9cb5e Update changelog for 2.0.5
• f31564e Fix check-platform-reqs --no-dev to not require lock anymore
• 2a8cc06 Merge pull request #9426 from UrGuardian4ngel/bugfix/add-missing-directory-se...
• 611a9f5 Drop unused imports
• c35a8e7 Fix missing directory separator in FileDownloader
• 3f68999 Avoid using curl when it has been disabled, fixes #9423
• 4b8e77b Merge pull request #9422 from kdambekalns/patch-1
• bc93369 Trim trailing slash in path downloader to avoid symlink issues, and in FileDo...
• c04c42b Merge branch '1.10'
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from composer/composer's releases.

2.0.3

• Fixed bug in outdated command where dev packages with branch-aliases where always shown as being outdated
• Fixed issue in lock file interoperability with composer 1.x when using dev-master as xxx aliases
• Fixed new --locked option being missing from outdated command, for checking outdated packages directly from the lock file
• Fixed a few debug/error reporting strings

2.0.2

• Fixed regression handling composer show -s in projects where no version can be guessed from VCS
• Fixed regression handling partial updates/require when a lock file was missing
• Fixed interop issue with plugins that need to update dist URLs of packages, see docs if you need this

2.0.1

• Fixed crash on PHP8

2.0.0

Read the Composer 2.0 announcement first for the highlights!

Complete 2.0 Changelog

• Breaking: This is a major release and while we tried to keep things compatible for most users, you might want to have a look at the UPGRADE guides
• Many CPU and memory performance improvements
• The update command is now much more deterministic as it does not take the already installed packages into account
• Package installation now performs all network operations first before doing any changes on disk, to reduce the chances of ending up with a partially updated vendor dir
• Partial updates and require/remove are now much faster as they only load the metadata required for the updated packages
• Added a platform-check step when vendor/autoload.php gets initialized which checks the current PHP version/extensions match what is expected and fails hard otherwise. Can be disabled with the platform-check config option
• Added a Composer\InstalledVersions class which is autoloaded in every project and lets you check which packages/versions are present at runtime
• Added a composer-runtime-api virtual package which you can require (as e.g. ^2.0) to ensure things like the InstalledVersions class above are present. It will effectively force people to use Composer 2.x to install your project
• Added support for parallel downloads of package metadata and zip files, this requires that the curl extension is present and we thus strongly recommend enabling curl
• Added parallel installation of packages (requires OSX/Linux/WSL, and that unzip is present in PATH)
• Added much clearer dependency resolution error reporting for common error cases
• Added support for updating to a specific version with partial updates, as well as a --with flag to pass in temporary constraint overrides
• Added automatic removal of packages which are not required anymore whenever an update is done, this will purge packages previously left over by partial updates and require/remove
• Added support for TTY mode on Linux/OSX/WSL so that script handlers now run in interactive mode
• Added only, exclude and canonical options to all repositories, see repository priorities for details
• Added support for many new lib-* packages in the platform repository and improved version detection for some ext-* and lib-* packages
• Added pre-operations-exec event to be fired before the packages get installed/upgraded/removed
• Added pre-pool-create event to be fired before the package pool for the dependency solver is created, which lets you modify the list of packages going in
• Added post-file-download event to be fired after package dist files are downloaded, which lets you do additional checks on the files
• Added --locked flag to show command to see the packages from the composer.lock file
• Added --unused flag to remove command to make sure any packages which are not needed anymore get removed
• Added --dry-run flag to require and remove commands
• Added --no-install flag to update, require and remove commands to disable the install step and only do the update step (composer.lock file update)
• Added an --ask flag to create-project command to make Composer prompt for the install dir name, useful for project install instructions
• Added support for multiple --repository flags being passed into the create-project command, only useful in combination with --add-repository to persist them to composer.json
• Added --with-dependencies and --with-all-dependencies flag aliases to require and remove commands for consistency with update
• Added shorthand aliases -w for --with-dependencies and -W for --with-all-dependencies on update/require/remove commands
• Added more info to vendor/composer/installed.json, a dev key stores whether dev requirements were installed, and every package now has an install-path key with its install location
• Added COMPOSER_DISABLE_NETWORK which if set makes Composer do its best to run offline. This can be useful when you have poor connectivity or to do benchmarking without network jitter
• Added COMPOSER_DEBUG_EVENTS=1 env var support for plugin authors to figure out which events are triggered when

Sourced from composer/composer's changelog.

[2.0.3] 2020-10-28

• Fixed bug in outdated command where dev packages with branch-aliases where always shown as being outdated
• Fixed issue in lock file interoperability with composer 1.x when using dev-master as xxx aliases
• Fixed new --locked option being missing from outdated command, for checking outdated packages directly from the lock file
• Fixed a few debug/error reporting strings

[2.0.2] 2020-10-25

• Fixed regression handling composer show -s in projects where no version can be guessed from VCS
• Fixed regression handling partial updates/require when a lock file was missing
• Fixed interop issue with plugins that need to update dist URLs of packages, see docs if you need this

[2.0.1] 2020-10-24

• Fixed crash on PHP8

[2.0.0] 2020-10-24

• Fixed proxy handling issues when combined with our new curl-based downloader
• Fixed solver bug resulting in endless loops in some cases
• Fixed solver output being extremely long due to learnt rules
• Fixed solver bug with multi literals
• Fixed a couple minor regressions

[2.0.0-RC2] 2020-10-14

• Breaking: Removed OperationInterface::getReason as the data was not accurate
• Added automatic removal of packages which are not required anymore whenever an update is done, this will purge packages previously left over by partial updates and require/remove
• Added shorthand aliases -w for --with-dependencies and -W for --with-all-dependencies on update/require/remove commands
• Added COMPOSER_DEBUG_EVENTS=1 env var support for plugin authors to figure out which events are triggered when
• Added setCustomCacheKey to PreFileDownloadEvent and fixed a cache bug for integrations changing the processed url of package archives
• Added Composer\Util\SyncHelper for plugin authors to deal with async Promises more easily
• Added $composer->getLoop()->getHttpDownloader() to get access to the main HttpDownloader instance in plugins
• Added a non-zero exit code (2) and warning to remove command when a package to be removed could not be removed
• Added --apcu-autoloader-prefix (or --apcu-prefix for dump-autoload command) flag to let people use apcu autoloading in a deterministic output way if that is needed
• Fixed version guesser to look at remote branches as well as local ones
• Lots of minor bug fixes and improvements

[2.0.0-RC1] 2020-09-10

• Added more advanced filtering to avoid loading all versions of all referenced packages when resolving dependencies, which should reduce memory usage further in some cases
• Added support for many new lib-* packages in the platform repository and improved version detection for some ext-* and lib-* packages
• Added an --ask flag to create-project command to make Composer prompt for the install dir name, useful for project install instructions
• Added support for tar in artifact repositories
• Added a cache-read-only config option to make the cache usable in read only mode for containers and such
• Added better error reporting for a few more specific cases
• Added a new optional available-package-patterns attribute for v2-format Composer repositories, see UPGRADE for details
• Fixed more PHP 8 compatibility issues
• Lots of minor bug fixes for regressions

• f7eebdd Release 2.0.3
• ec5f020 Update changelog
• 90a6aa7 Make sure we compare packages to their latest without aliases, fixes #9357
• 86072a7 Merge branch '1.10'
• 04e5d72 Add docs
• ff74d0e Fix lock file generation with dev-master aliases to be compatible with Compos...
• 44dc3c2 Try and sign phars on releases, refs #5155
• 568d920 Fix tests
• 881ec8c Use httpdownloader/curl to process install notifications
• d699e6b Make sure global plugins are described as such in loading output, fixes compo...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from composer/composer's releases.

2.5.1

• Fixed ClassLoader regression which made it fail if serialized (e.g. within PHPUnit process isolation) (#11237)
• Fixed preg type error in svn version guessing (#11231)

2.5.0

• BC Warning: To prevent abuse of our includeFile() function it is now gone, it was not part of the official API but may still cause issues if some code incorrectly relied on it (#11015)
• Improved version guessing of require command to use the dependency resolution result instead of using the latest available version (except if you run with --no-update) (#11160)
• Improved version selection in archive command (#11230)
• Added hard failure when installing from a lock file which does not satisfy the composer.json requirements (#11195)
• Added autocompletion of config option names in the config command (#11130)
• Added support for writing custom commands as Command classes (#11151)
• Added warning when the outdated command rejects a new package due to unmet platform requirements (#11113)
• Added support for bump command to bump >=x to >=installed-version (#11179)
• Added --download-only flag to install command to only download and prime the cache with the package archives (#11041)
• Added autoconfiguration of github-domains/gitlab-domains when GitHub/GitLab credentials are configured for a custom domain (#11062)
• Added hard failure (throw) if COMPOSER_AUTH is present and malformed JSON (#11085)
• Added interactive prompt to run-script and exec commands if run without any argument (#11157)
• Added interactive prompt where to store credentials when a project-local auth.json exists (#11188)
• Fixed full disk warning to be shown when less than 100MiB is available (#11190)
• Fixed cache keys to allow _ to avoid conflicts between package names like a-b and a_b (#11229)
• Fixed docker compatibility by making paths more portable even if the project is installed at / (#11169)

2.4.4

• Added extra debug output when a zip extraction fails while on GitHub Actions (#11148)
• Fixed cache write failures when the cache dir gets removed during a composer run (#11076)
• Fixed 2.4.3 regression in loading Composer on SMB/network shares (#11077)
• Fixed --dry-run flag missing from bump command (#11047)
• Fixed status command reporting differences when the source ref is a tag (#11155)
• Fixed outdated command outputting legend on stdout instead of stderr
• Fixed URL sanitizer to handle new GitHub personal access tokens format (#11137)

2.4.3

• BC Break: The json format of audit command now has reportedAt as an RFC3339 string instead of an object which was a mistake (#11120)
• Fixed json format of audit command which was missing affectedVersions (#11120)
• Fixed plugin commands not being loaded during bash completions (#11074)
• Fixed parsing of inline aliases within complex constraints with || or , (#11086)
• Fixed min-php version check in autoload.php to avoid crashing sites running on PHP 5.5 or below silently with a 200 (#11091)
• Fixed JsonFile reading files without checking if they are readable first (#11077)
• Fixed require command with --dry-run failing when requiring a package requiring stability flag extraction (#11112)

2.4.2

• Fixed bash completion hanging when running as root without COMPOSER_ALLOW_SUPERUSER set (#11024)
• Fixed handling of plugin activation when running as root without COMPOSER_ALLOW_SUPERUSER set so it always happens after prompting, or does not happen if input is non-interactive
• Fixed package filter on bump command (#11053)
• Fixed handling of --ignore-platform-req with upper-bound ignores to not apply to conflict rules (#11037)
• Fixed handling of COMPOSER_DISCARD_CHANGES when set to 0
• Fixed handling of zero-major versions in outdated command with --major-only (#11032)
• Fixed show --platform regression since 2.4.0 when running in a directory without composer.json (#11046)
• Fixed a few strict type errors

... (truncated)

Sourced from composer/composer's changelog.

[2.5.1] 2022-12-22

• Fixed ClassLoader regression which made it fail if serialized (e.g. within PHPUnit process isolation) (#11237)
• Fixed preg type error in svn version guessing (#11231)

[2.5.0] 2022-12-20

• BC Warning: To prevent abuse of our includeFile() function it is now gone, it was not part of the official API but may still cause issues if some code incorrectly relied on it (#11015)
• Improved version guessing of require command to use the dependency resolution result instead of using the latest available version (except if you run with --no-update) (#11160)
• Improved version selection in archive command (#11230)
• Added autocompletion of config option names in the config command (#11130)
• Added support for writing custom commands as Command classes (#11151)
• Added hard failure when installing from a lock file which does not satisfy the composer.json requirements (#11195)
• Added warning when the outdated command rejects a new package due to unmet platform requirements (#11113)
• Added support for bump command to bump >=x to >=installed-version (#11179)
• Added --download-only flag to install command to only download and prime the cache with the package archives (#11041)
• Added autoconfiguration of github-domains/gitlab-domains when GitHub/GitLab credentials are configured for a custom domain (#11062)
• Added hard failure (throw) if COMPOSER_AUTH is present and malformed JSON (#11085)
• Added interactive prompt to run-script and exec commands if run without any argument (#11157)
• Added interactive prompt where to store credentials when a project-local auth.json exists (#11188)
• Fixed full disk warning to be shown when less than 100MiB is available (#11190)
• Fixed cache keys to allow _ to avoid conflicts between package names like a-b and a_b (#11229)
• Fixed docker compatibility by making paths more portable even if the project is installed at / (#11169)

[2.4.4] 2022-10-27

• Added extra debug output when a zip extraction fails while on GitHub Actions (#11148)
• Fixed cache write failures when the cache dir gets removed during a composer run (#11076)
• Fixed 2.4.3 regression in loading Composer on SMB/network shares (#11077)
• Fixed --dry-run flag missing from bump command (#11047)
• Fixed status command reporting differences when the source ref is a tag (#11155)
• Fixed outdated command outputting legend on stdout instead of stderr
• Fixed URL sanitizer to handle new GitHub personal access tokens format (#11137)

[2.4.3] 2022-10-14

• BC Break: The json format of audit command now has reportedAt as an RFC3339 string instead of an object which was a mistake (#11120)
• Fixed json format of audit command which was missing affectedVersions (#11120)
• Fixed plugin commands not being loaded during bash completions (#11074)
• Fixed parsing of inline aliases within complex constraints with || or , (#11086)
• Fixed min-php version check in autoload.php to avoid crashing sites running on PHP 5.5 or below silently with a 200 (#11091)
• Fixed JsonFile reading files without checking if they are readable first (#11077)
• Fixed require command with --dry-run failing when requiring a package requiring stability flag extraction (#11112)

[2.4.2] 2022-09-14

• Fixed bash completion hanging when running as root without COMPOSER_ALLOW_SUPERUSER set (#11024)
• Fixed handling of plugin activation when running as root without COMPOSER_ALLOW_SUPERUSER set so it always happens after prompting, or does not happen if input is non-interactive
• Fixed package filter on bump command (#11053)
• Fixed handling of --ignore-platform-req with upper-bound ignores to not apply to conflict rules (#11037)

... (truncated)

• 923278a Release 2.5.1
• 9c04f9b Update changelog
• cf8ce82 Fix preg match type error in svn version guessing, fixes #11231
• cbb7c91 Fix ClassLoader to be serializable (#11237)
• 7290f5b Document recovering from invalid merges on composer.lock and composer.json (#...
• da611e0 Docs: fix documention deep links (#11233)
• 737fd0f Reverting release version changes
• 09ef0e3 Release 2.5.0
• 5d659be Update changelog
• be053cb Allow underscores in cache keys to avoid conflicts with package names contain...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from codeception/codeception's releases.

4.2.2

• Propagate --ext and --override parameters to included test suites (#6536)
• Fixed false negative message about stecman/symfony-console-completion package (#6541)

4.2.1

• Execute setupBeforeClass/tearDownAfterClass only once (#6481)
• Handle action with intersection return type correctly in dry-run command

4.2.0

• Improved multi-application experience, allow filtering suites by name (#6435) by @​calvinalkan
• Configuration override is passed to included suites (#5978) by @​calvinalkan
• Made dry-run command work with module methods having return types (#6470)
• Support for expectError/Warning/Notice/Deprecation methods in unit tests (Requires PHPUnit 8.4+)
• Implemented new setting convert_deprecations_to_exceptions (#6469)
• Action file generator: Do not return when return type is never (#6462)
• Backported test.useless event from Codeception 5.0 (#6459)

4.1.31

• RunBefore extension prints error output and stops execution if command failed
• Action file generator: Fixed handling of intersection types
• Action file generator: Fixed handling of self and parent types

4.1.30

• Fix handling of previous exception in ExtensionException
• Improved parser fix for PHP keywords as named parameters
• Add link to https://helpukrainewin.org

4.1.29

• Fixed duplicate test runs when codeception.yml and codeception.dist.yml are present in multi-app setup by @​calvinalkan
• Action generator handles mixed type correctly
• Parser fix to allow named parameters named class and namespace

4.1.28

• Strictly compare test hashes to avoid skipping tests #6320 by @​michel-cetina
• Fixed deprecation message in codecept build #6311 by @​barmax

4.1.27

• Renamed editorUrl setting to editor_url for consistency
• Fixed wildcard matching of group files (#6302) by @​DavertMik

4.1.26

• Added editorUrl setting to codeception.yml (#6261) by @​ThomasLandauer
• Reverted optional value to fail-fast option because it was breaking change (#6290)
• Fixed E_DEPRECATED warnings in Example class on PHP 8.1 (#6298) by @​fabacino

4.1.25

• Update dependencies (Codeception/Codeception#6296)

4.1.24

• Fixed running tests from group files in included configs (#6292) by @​DavertMik

... (truncated)

Sourced from codeception/codeception's changelog.

4.2.2

• Propagate --ext and --override parameters to included test suites (#6536)
• Fixed false negative message about stecman/symfony-console-completion package (#6541)

4.2.1

• Execute setupBeforeClass/tearDownAfterClass only once (#6481)
• Handle action with intersection return type correctly in dry-run command

4.2.0

• Improved multi-application experience, allow filtering suites by name (#6435) by @​calvinalkan
• Configuration override is passed to included suites (#5978) by @​calvinalkan
• Made dry-run command work with module methods having return types (#6470)
• Support for expectError/Warning/Notice/Deprecation methods in unit tests (Requires PHPUnit 8.4+)
• Implemented new setting convert_deprecations_to_exceptions (#6469)
• Action file generator: Do not return when return type is never (#6462)
• Backported test.useless event from Codeception 5.0 (#6459)

4.1.31

• RunBefore extension prints error output and stops execution if command failed
• Action file generator: Fixed handling of intersection types
• Action file generator: Fixed handling of self and parent types

4.1.30

• Fix handling of previous exception in ExtensionException
• Improved parser fix for PHP keywords as named parameters
• Add link to https://helpukrainewin.org

4.1.29

• Fixed duplicate test runs when codeception.yml and codeception.dist.yml are present in multi-app setup by @​calvinalkan
• Action generator handles mixed type correctly
• Parser fix to allow named parameters named class and namespace

4.1.28

• Strictly compare test hashes to avoid skipping tests #6320 by @​michel-cetina
• Fixed deprecation message in codecept build #6311 by @​barmax

4.1.27

• Renamed editorUrl setting to editor_url for consistency
• Fixed wildcard matching of group files (#6302) by @​DavertMik

4.1.26

... (truncated)

• b88014f 4.2.2
• c53401d Propagate --ext and --override parameters to included test suites (#6536)
• 83f6f7b Fixed false negative message about stecman/symfony-console-completion packege
• 0ce6194 update links (#6544)
• 30c5ed8 CI: Bump COMPOSER_ROOT_VERSION in 4.2 branch
• 77b3e20 4.2.1
• 2bc7b3d Merge pull request #6481 from Codeception/4.2-execute-before-after-class-hook...
• a9a4c27 Execute before/after class hooks only once
• 0f93270 RunCest: Improve data provider output of html report tests
• 71ab0a1 Handle intersection return type correctly in dry-run
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from squizlabs/php_codesniffer's releases.

3.7.1

• Fixed bug #3609: Methods/constants with name empty/isset/unset are always reported as error
  • Thanks to Juliette Reinders Folmer (@​jrfnl) for the patch

3.7.0

PHP 8.1 Language Feature Support

PHP_CodeSniffer has run correctly under PHP 8.1 since PHP 8 support was added, but it has not supported new 8.1 language features until this release. Version 3.7.0 adds support for the following PHP 8.1 language features:

• Enums
• Explicit octal notation
• Readonly properties
• Intersection types
• The never type

Note: Standards and sniffs included with PHP_CodeSniffer have been updated to support these language features, but external standards and sniffs may need updating before they are able to detect them correctly.

Changelog

• Added support for PHP 8.1 explicit octal notation
  • This new syntax has been backfilled for PHP versions less than 8.1
  • Thanks to Mark Baker (@​MarkBaker) for the patch
  • Thanks to Juliette Reinders Folmer (@​jrfnl) for additional fixes
• Added support for PHP 8.1 enums
  • This new syntax has been backfilled for PHP versions less than 8.1
  • Includes a new T_ENUM_CASE token to represent the case statements inside an enum
  • Thanks to Jaroslav Hanslík (@​kukulich) for the patch
  • Thanks to Juliette Reinders Folmer (@​jrfnl) for additional core and sniff support
• Added support for the PHP 8.1 readonly token
  • Tokenzing of the readonly keyword has been backfilled for PHP versions less than 8.1
  • Thanks to Jaroslav Hanslík (@​kukulich) for the patch
• Added support for PHP 8.1 intersection types
  • Includes a new T_TYPE_INTERSECTION token to represent the ampersand character inside intersection types
  • Thanks to Jaroslav Hanslík (@​kukulich) for the patch
• File::getMethodParameters now supports the new PHP 8.1 readonly token
  • When constructor property promotion is used, a new property_readonly array index is included in the return value
    • This is a boolean value indicating if the property is readonly
  • If the readonly token is detected, a new readonly_token array index is included in the return value
    • This contains the token index of the readonly keyword
  • Thanks to Juliette Reinders Folmer (@​jrfnl) for the patch
• Support for new PHP 8.1 readonly keyword has been added to the following sniffs:
  • Generic.PHP.LowerCaseKeyword
  • PSR2.Classes.PropertyDeclaration
  • Squiz.Commenting.BlockComment
  • Squiz.Commenting.DocCommentAlignment
  • Squiz.Commenting.VariableComment
  • Squiz.WhiteSpace.ScopeKeywordSpacing
  • Thanks to Juliette Reinders Folmer (@​jrfnl) for the patches
• The parallel feature is now more efficient and runs faster in some situations due to improved process management
  • Thanks to Sergei Morozov (@​morozov) for the patch
• The list of installed coding standards now has consistent ordering across all platforms

... (truncated)

• 1359e17 Prepare for 3.7.1 release
• 0f02e3e Updated changelog message for #3609
• f035ed3 Changelog for #3609 (ref #3610)
• 3726154 Merge branch 'feature/3609-bugfix-context-sensitive-keyword-empty' of https:/...
• 5f78900 Tokenizer/PHP: bug fix in improved context sensitive keyword support
• a2cd51b Prepare for 3.7.0 release
• d8313c6 Changelog for #3604
• fe4dde5 Merge branch 'feature/tokenizer-php-bugfix-double-quoted-strings' of https://...
• 7f5c55d Merge branch 'php-8.1/tokenizer-php-bugfix-octal-explicit-notation' of https:...
• e9f6c43 Changelog for #3575
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from guzzlehttp/psr7's releases.

1.8.5

See change log for changes.

1.8.4

See change log for changes.

1.8.3

See change log for changes.

Sourced from guzzlehttp/psr7's changelog.

1.8.5 - 2022-03-20

Fixed

• Correct header value validation

1.8.4 - 2022-03-20

Fixed

• Validate header values properly

1.8.3 - 2021-10-05

Fixed

• Return null in caching stream size if remote size is null

• 337e3ad Release 1.8.5 (#491)
• 902db15 Release 1.8.4 (#486)
• 1afdd86 Release 1.8.3 (#446)
• a0c4a5f Return null in caching stream size if remote is null (#438)
• 9d00674 Support PHP 8.1 (#435)
• 93c36e7 Updated docs (#434)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from composer/composer's releases.

2.2.9

• Fixed regression with plugins that modify install path of packages, see docs if you are authoring such a plugin (#10621)

2.2.8

• Fixed files autoloading sort order to be fully deterministic (#10617)
• Fixed pool optimization pass edge cases (#10579)
• Fixed require command failing when self.version is used as constraint (#10593)
• Fixed --no-ansi / undecorated output still showing color in repo warnings (#10601)
• Performance improvement in pool optimization step (composer/semver#131)

2.2.7

• Allow installation together with composer/xdebug-handler ^3 (#10528)
• Fixed support for packages with no licenses in licenses command output (#10537)
• Fixed handling of allow-plugins: false which kept warning (#10530)
• Fixed enum parsing in classmap generation when the enum keyword is not lowercased (#10521)
• Fixed author parsing in init command requiring an email whereas the schema allows a name only (#10538)
• Fixed issues in require command when requiring packages which do not exist (but are provided by something else you require) (#10541)
• Performance improvement in pool optimization step (#10546)

2.2.6

• BC Break: due to an oversight, the COMPOSER_BIN_DIR env var for binaries added in Composer 2.2.2 had to be renamed to COMPOSER_RUNTIME_BIN_DIR (#10512)
• Fixed enum parsing in classmap generation with syntax like enum foo:string without space after : (#10498)
• Fixed package search not urlencoding the input (#10500)
• Fixed reinstall command not firing pre-install-cmd/post-install-cmd events (#10514)
• Fixed edge case in path repositories where a symlink: true option would be ignored on old Windows and old PHP combos (#10482)
• Fixed test suite compatibility with latest symfony/console releases (#10499)
• Fixed some error reporting edge cases (#10484, #10451, #10493)

2.2.5

• Disabled composer/package-versions-deprecated by default as it can function using Composer\InstalledVersions at runtime (#10458)
• Fixed artifact repositories crashing if a phar file was present in the directory (#10406)
• Fixed binary proxy issue on PHP <8 when fseek is used on the proxied binary path (#10468)
• Fixed handling of non-string versions in package repositories metadata (#10470)

2.2.4

• Fixed handling of process timeout when running async processes during installation
• Fixed GitLab API handling when projects have a repository disabled (#10440)
• Fixed reading of environment variables (e.g. APPDATA) containing unicode characters to workaround a PHP bug on Windows (#10434)
• Fixed partial update issues with path repos missing if a path repo is required by a path repo (#10431)
• Fixed support for sourcing binaries via the new bin proxies (#10389)
• Fixed messaging when GitHub tokens need SSO authorization (#10432)

2.2.3

• Fixed issue with PHPUnit and process isolation now including PHPUnit <6.5 (#10387)
• Fixed interoperability issue with laminas/laminas-zendframework-bridge and Composer 2.2 (#10401)
• Fixed binary proxies for shell scripts to work correctly when they are symlinked (jakzal/phpqa#336)
• Fixed overly greedy pool optimization in cases where a locked package is not required by anything anymore in a partial update (#10405)

2.2.2

• Added COMPOSER_BIN_DIR env var and _composer_bin_dir global containing the path to the bin-dir for binaries. Packages relying on finding the bin dir with $BASH_SOURCES[0] will need to update their binaries (#10402)

... (truncated)

Sourced from composer/composer's changelog.

[2.2.9] 2022-03-15

• Fixed regression with plugins that modify install path of packages, see docs if you are authoring such a plugin (#10621)

[2.2.8] 2022-03-15

• Fixed files autoloading sort order to be fully deterministic (#10617)
• Fixed pool optimization pass edge cases (#10579)
• Fixed require command failing when self.version is used as constraint (#10593)
• Fixed --no-ansi / undecorated output still showing color in repo warnings (#10601)
• Performance improvement in pool optimization step (composer/semver#131)

[2.2.7] 2022-02-25

• Allow installation together with composer/xdebug-handler ^3 (#10528)
• Fixed support for packages with no licenses in licenses command output (#10537)
• Fixed handling of allow-plugins: false which kept warning (#10530)
• Fixed enum parsing in classmap generation when the enum keyword is not lowercased (#10521)
• Fixed author parsing in init command requiring an email whereas the schema allows a name only (#10538)
• Fixed issues in require command when requiring packages which do not exist (but are provided by something else you require) (#10541)
• Performance improvement in pool optimization step (#10546)

[2.2.6] 2022-02-04

• BC Break: due to an oversight, the COMPOSER_BIN_DIR env var for binaries added in Composer 2.2.2 had to be renamed to COMPOSER_RUNTIME_BIN_DIR (#10512)
• Fixed enum parsing in classmap generation with syntax like enum foo:string without space after : (#10498)
• Fixed package search not urlencoding the input (#10500)
• Fixed reinstall command not firing pre-install-cmd/post-install-cmd events (#10514)
• Fixed edge case in path repositories where a symlink: true option would be ignored on old Windows and old PHP combos (#10482)
• Fixed test suite compatibility with latest symfony/console releases (#10499)
• Fixed some error reporting edge cases (#10484, #10451, #10493)

[2.2.5] 2022-01-21

• Disabled composer/package-versions-deprecated by default as it can function using Composer\InstalledVersions at runtime (#10458)
• Fixed artifact repositories crashing if a phar file was present in the directory (#10406)
• Fixed binary proxy issue on PHP <8 when fseek is used on the proxied binary path (#10468)
• Fixed handling of non-string versions in package repositories metadata (#10470)

[2.2.4] 2022-01-08

• Fixed handling of process timeout when running async processes during installation
• Fixed GitLab API handling when projects have a repository disabled (#10440)
• Fixed reading of environment variables (e.g. APPDATA) containing unicode characters to workaround a PHP bug on Windows (#10434)
• Fixed partial update issues with path repos missing if a path repo is required by a path repo (#10431)
• Fixed support for sourcing binaries via the new bin proxies (#10389)
• Fixed messaging when GitHub tokens need SSO authorization (#10432)

[2.2.3] 2021-12-31

... (truncated)

• 07eccf0 Release 2.2.9
• 173b558 Update changelog
• 6b97524 Load plugins which modify install path early, fixes #10618 (#10621)
• 7bee425 Reverting release version changes
• 26a5873 Release 2.2.8
• 8eb7f63 Update changelog
• dca2d49 GH Actions: version update for various predefined actions
• 2d7f156 Allow using self.version with require command, fixes #10593
• bf235eb Add note about plugin autoloading, refs #10587
• 4cc4a28 Merge pull request #10617 from Seldaek/pkg_sort
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)