composer parallel install plugin

Overview

prestissimo (composer plugin)

Build Status Scrutinizer Code Quality Coverage Status Latest Stable Version Total Downloads License

This is a composer 1.x plugin that downloads packages in parallel to speed up the installation process.

Announcement: Composer 2 is now available!

This plugin is for Composer1; Composer2 is very fast on its own. Uninstall this plugin and update the Composer itself.

Requirements

  • composer >=1.0.0 <2.0
  • PHP >=5.3, (suggest >=5.5, because curl_share_init)
  • ext-curl

Install, Updating & Upgrading

$ composer global require hirak/prestissimo

Uninstall

$ composer global remove hirak/prestissimo

Benchmark Example

288s -> 26s

$ composer create-project laravel/laravel laravel1 --no-progress --profile --prefer-dist

laravel

Config

prestissimo ^0.3.x

Recognize composer's options. You don't need to set any special configuration.

Composer authentication

To avoid Composer asking for authentication it is recommended to follow the procedure on composer's authentication.

For github.com you could also use an auth.json file with an oauth access token placed on the the same level as your composer.json file:

{
    "github-oauth": {
        "github.com": "YOUR_GITHUB_ACCESS_TOKEN"
    }
}

License

MIT License. See the LICENSE file.

Comments
  • not work - nothing changed after install

    not work - nothing changed after install

    Hello! Great idea, thanks for your work, but it not work.

    1. composer global require "hirak/prestissimo:^0.3"
    2. composer update
    3. see just regular composer work, nothing improved, no parralell installing
    opened by errogaht 30
  • Compatibility with Composer 2.0.0

    Compatibility with Composer 2.0.0

    Composer 2.0.0 has been released 3 hours ago and prestissimo now can't be installed on the new version https://github.com/composer/composer/releases/tag/2.0.0

    $ composer.phar global require hirak/prestissimo
    ...
    Do not run Composer as root/super user! See https://getcomposer.org/root for details
    
                                                                                                                                           
      [InvalidArgumentException]                                                                                                           
      Package hirak/prestissimo at version  has a PHP requirement incompatible with your PHP version, PHP extensions and Composer version  
    ...
    
    
    opened by shqear93 14
  • error with `--no-cache` in composer 1.9

    error with `--no-cache` in composer 1.9

    This may or may not be an actual issue. But composer 1.9 now comes with a --no-cache global option which I tried to use for installing prestissimo in docker so that I don't have to call composer clear-cache afterwards. I understand the 2 are different but I thought perhaps prestissimo won't do anything yet when it's first installed (excuse my lack of understanding of how composer plugins work).

    composer global require --no-cache hirak/prestissimo -v gives

    /app # composer global require --no-cache hirak/prestissimo -v                                                                                                                                                                        Changed current directory to /tmp
    Using version ^0.3.9 for hirak/prestissimo
    ./composer.json has been created
    Loading composer repositories with package information
    Updating dependencies (including require-dev)
    Dependency resolution completed in 0.000 seconds
    Analyzed 75 packages to resolve dependencies
    Analyzed 46 rules to resolve dependencies
    Package operations: 1 install, 0 updates, 0 removals                                                                                                                                                                                  Installs: hirak/prestissimo:0.3.9
      - Installing hirak/prestissimo (0.3.9): Downloading (100%)
     Extracting archivePlugin installation failed, rolling back
      - Removing hirak/prestissimo (0.3.9)
    
    Installation failed, deleting ./composer.json.                                                                                                                                                                                        
    
      [ErrorException]
      mkdir(): Not a directory  
    
    Exception trace:                                                                                                                                                                                                                       () at /tmp/vendor/hirak/prestissimo/src/CopyRequest.php:103
    Composer\Util\ErrorHandler::handle() at n/a:n/a                                                                                                                                                                                       mkdir() at /tmp/vendor/hirak/prestissimo/src/CopyRequest.php:103
    Hirak\Prestissimo\CopyRequest->createDir() at /tmp/vendor/hirak/prestissimo/src/CopyRequest.php:89
    Hirak\Prestissimo\CopyRequest->setDestination() at /tmp/vendor/hirak/prestissimo/src/CopyRequest.php:39
    Hirak\Prestissimo\CopyRequest->__construct() at /tmp/vendor/hirak/prestissimo/src/ParallelizedComposerRepository.php:26
    Hirak\Prestissimo\ParallelizedComposerRepository->preloadProviderListings() at /tmp/vendor/hirak/prestissimo/src/ParallelizedComposerRepository.php:39
    Hirak\Prestissimo\ParallelizedComposerRepository->prefetch() at /tmp/vendor/hirak/prestissimo/src/Plugin.php:150
    Hirak\Prestissimo\Plugin->prefetchComposerRepositories() at /tmp/vendor/hirak/prestissimo/src/Plugin.php:82
    Hirak\Prestissimo\Plugin->activate() at phar:///usr/bin/composer/src/Composer/Plugin/PluginManager.php:237
    Composer\Plugin\PluginManager->addPlugin() at phar:///usr/bin/composer/src/Composer/Plugin/PluginManager.php:206
    Composer\Plugin\PluginManager->registerPackage() at phar:///usr/bin/composer/src/Composer/Installer/PluginInstaller.php:62
    Composer\Installer\PluginInstaller->install() at phar:///usr/bin/composer/src/Composer/Installer/InstallationManager.php:173
    Composer\Installer\InstallationManager->install() at phar:///usr/bin/composer/src/Composer/Installer/InstallationManager.php:160
    Composer\Installer\InstallationManager->execute() at phar:///usr/bin/composer/src/Composer/Installer.php:597
    Composer\Installer->doInstall() at phar:///usr/bin/composer/src/Composer/Installer.php:229
    Composer\Installer->run() at phar:///usr/bin/composer/src/Composer/Command/RequireCommand.php:218
    Composer\Command\RequireCommand->doUpdate() at phar:///usr/bin/composer/src/Composer/Command/RequireCommand.php:175
    Composer\Command\RequireCommand->execute() at phar:///usr/bin/composer/vendor/symfony/console/Command/Command.php:245
    Symfony\Component\Console\Command\Command->run() at phar:///usr/bin/composer/vendor/symfony/console/Application.php:835
    Symfony\Component\Console\Application->doRunCommand() at phar:///usr/bin/composer/vendor/symfony/console/Application.php:185
    Symfony\Component\Console\Application->doRun() at phar:///usr/bin/composer/src/Composer/Console/Application.php:267
    Composer\Console\Application->doRun() at phar:///usr/bin/composer/vendor/symfony/console/Application.php:117
    Symfony\Component\Console\Application->run() at phar:///usr/bin/composer/src/Composer/Console/Application.php:106
    Composer\Console\Application->run() at phar:///usr/bin/composer/src/Composer/Command/GlobalCommand.php:101
    Composer\Command\GlobalCommand->run() at phar:///usr/bin/composer/vendor/symfony/console/Application.php:835
    Symfony\Component\Console\Application->doRunCommand() at phar:///usr/bin/composer/vendor/symfony/console/Application.php:185
    Symfony\Component\Console\Application->doRun() at phar:///usr/bin/composer/src/Composer/Console/Application.php:267
    Composer\Console\Application->doRun() at phar:///usr/bin/composer/vendor/symfony/console/Application.php:117
    Symfony\Component\Console\Application->run() at phar:///usr/bin/composer/src/Composer/Console/Application.php:106
    Composer\Console\Application->run() at phar:///usr/bin/composer/bin/composer:61
    require() at /usr/bin/composer:24
    

    Works fine without the --no-cache option. Then trying to install any package with the --no-cache option produces the same error which kind of makes sense as prestissimo relies on a cache directory. I guess a more friendly behavior is to fall back to normal composer if cache is disabled. But it's not a biggie.

    The question is whether the cache directory is a hard requirement for installing prestissimo for the first time?

    opened by sudomabider 13
  • Http2 support

    Http2 support

    adding http2 support, as packagist.org supports it now https://twitter.com/seldaek/status/1022179344091893760

    composer will use repo.packagist.org in the future for package metadata see https://github.com/composer/composer/commit/c5fa3bdde0e042b64e32102c21edb2e12e474746

    opened by staabm 11
  • Composer has trouble clearing the cache on Travis CI

    Composer has trouble clearing the cache on Travis CI

    Please take a look at this issue https://github.com/travis-ci/travis-ci/issues/5590 for the whole output.

    When I'm using the plugin and Travis CI tries to run the tests I'm getting

      [ErrorException]                                                            
      rmdir(/home/travis/.composer/cache/files/henrikbjorn): Directory not empty  
    

    this error message. This doesn't happen locally for me. The plugin might have some kind of issue similar to https://github.com/composer/composer/issues/690 this but honestly, I don't know what the exact cause is.

    Using version ^0.1.9 for hirak/prestissimo
    ./composer.json has been created
    Loading composer repositories with package information
    Updating dependencies (including require-dev)
      - Installing hirak/prestissimo (0.1.9)
        Downloading: Connecting...    Failed to download hirak/prestissimo from dist: Could not authenticate against github.com
        Now trying to download from source
      - Installing hirak/prestissimo (0.1.9)
        Cloning cf526eee464e93dcb13c8d3521bad2ea0111bbfd
    Writing lock file
    Generating autoload files
    1.02s$ composer install --prefer-source --no-interaction
    You are running composer with xdebug enabled. This has a major impact on runtime performance. See https://getcomposer.org/xdebug
    Loading composer repositories with package information
    Installing dependencies (including require-dev) from lock file
        Prefetch start: total: 67
        1/67:    https://codeload.github.com/dnoegel/php-xdg-base-dir/legacy.zip/265b8593498b997dc2d31e75b89f053b5cc9621a
        2/67:    https://codeload.github.com/JakubOnderka/PHP-Console-Highlighter/legacy.zip/7daa75df45242c8d5b75a22c00a201e7954e4fb5
        3/67:    https://codeload.github.com/symfony/var-dumper/legacy.zip/24bb94807eff00db49374c37ebf56a0304e8aef3
        4/67:    https://codeload.github.com/nikic/PHP-Parser/legacy.zip/c542e5d86a9775abd1021618eb2430278bfc1e01
        5/67:    https://codeload.github.com/myclabs/DeepCopy/legacy.zip/e3abefcd7f106677fd352cd7c187d6c969aa9ddc
        6/67:    https://codeload.github.com/sebastianbergmann/php-file-iterator/legacy.zip/6150bf2c35d3fc379e50c7602b75caceaa39dbf0
        7/67:    https://codeload.github.com/phpspec/prophecy/legacy.zip/4745ded9307786b730d7a60df5cb5a6c43cf95f7
        8/67:    https://codeload.github.com/sebastianbergmann/php-timer/legacy.zip/3e82f4e9fc92665fafd9157568e4dcb01d014e5b
        9/67:    https://codeload.github.com/sebastianbergmann/phpunit/legacy.zip/64c37805098cfe42a1aaf4838b60c654377ec4a9
        10/67:    https://codeload.github.com/bobthecow/psysh/legacy.zip/0f04df0b23663799a8941fae13cd8e6299bde3ed
        11/67:    https://codeload.github.com/sebastianbergmann/php-code-coverage/legacy.zip/92f5c61b5c64159faec5298325ffab0c7e59dcc8
        12/67:    https://codeload.github.com/doctrine/instantiator/legacy.zip/8e884e78f9f0eb1329e445619e04456e64d8051d
        13/67:    https://codeload.github.com/sebastianbergmann/phpunit-mock-objects/legacy.zip/49bc700750196c04dd6bc2c4c99cb632b893836b
        14/67:    https://codeload.github.com/sebastianbergmann/php-text-template/legacy.zip/31f8b717e51d9a2afca6c9f046f5d69fc27c8686
        15/67:    https://codeload.github.com/sebastianbergmann/comparator/legacy.zip/937efb279bd37a375bcadf584dec0726f84dbf22
        16/67:    https://codeload.github.com/sebastianbergmann/environment/legacy.zip/6e7133793a8e5a5714a551a8324337374be209df
        17/67:    https://codeload.github.com/sebastianbergmann/diff/legacy.zip/13edfd8706462032c2f52b4b862974dd46b71c9e
        18/67:    https://codeload.github.com/sebastianbergmann/exporter/legacy.zip/7ae5513327cb536431847bcc0c10edba2701064e
        19/67:    https://codeload.github.com/sebastianbergmann/global-state/legacy.zip/bc37d50fea7d017d3d340f230811c9f1d7280af4
        20/67:    https://codeload.github.com/sebastianbergmann/recursion-context/legacy.zip/913401df809e99e4f47b27cdd781f4a258d58791
        21/67:    https://codeload.github.com/sebastianbergmann/resource-operations/legacy.zip/ce990bb21759f94aeafd30209e8cfcdfa8bc3f52
        22/67:    https://codeload.github.com/sebastianbergmann/version/legacy.zip/c829badbd8fdf16a0bad8aa7fa7971c029f1b9c5
        23/67:    https://codeload.github.com/JakubOnderka/PHP-Console-Color/legacy.zip/e0b393dacf7703fc36a4efc3df1435485197e6c1
        24/67:    https://codeload.github.com/phpDocumentor/ReflectionDocBlock/legacy.zip/d68dbdc53dc358a816f00b300704702b2eaff7b8
        25/67:    https://codeload.github.com/sebastianbergmann/php-token-stream/legacy.zip/3144ae21711fb6cac0b1ab4cbe63b75ce3d4e8da
        26/67:    https://codeload.github.com/php-fig-rectified/psr2r-sniffer/legacy.zip/def642e5364c798695a07b6e051e2837bb0246c0
        27/67:    https://codeload.github.com/jdorn/sql-formatter/legacy.zip/64990d96e0959dff8e059dfcdc1af130728d92bc
        28/67:    https://codeload.github.com/cakephp/debug_kit/legacy.zip/5a1f567a36f854c8d4786757d822a9942bd8f5ea
        29/67:    https://codeload.github.com/cakephp/elastic-search/legacy.zip/e6de018f13569482ac17d9e7a1dbc70ddd1ee391
        30/67:    https://codeload.github.com/UseMuffin/Tags/legacy.zip/1e8767faa6b01a5b554c2375b5b0a7f1f09dc6d4
        31/67:    https://codeload.github.com/UseMuffin/Slug/legacy.zip/678ef1420b9a2c927bf481c28c3d1ec3c4776c5e
        32/67:    https://codeload.github.com/squizlabs/PHP_CodeSniffer/legacy.zip/6731851d6aaf1d0d6c58feff1065227b7fda3ba8
        33/67:    https://codeload.github.com/FriendsOfCake/search/legacy.zip/a67c2ac4cbedde63c52d630bf451cacfed7933d5
        34/67:    https://codeload.github.com/FriendsOfCake/bootstrap-ui/legacy.zip/89f360ab0a30469e1bd19b92ccd8b82232f376a0
    
      [ErrorException]                                                            
      rmdir(/home/travis/.composer/cache/files/henrikbjorn): Directory not empty  
    
    
      [ErrorException]                                                         
      rmdir(/home/travis/.composer/cache/files/codegyre): Directory not empty  
    
    
      [ErrorException]                                                             
      rmdir(/home/travis/.composer/cache/files/mobiledetect): Directory not empty  
    
    
      [ErrorException]                                                       
      rmdir(/home/travis/.composer/cache/files/ruflin): Directory not empty  
    
    
      [ErrorException]                                                    
      rmdir(/home/travis/.composer/cache/files/psa): Directory not empty  
    
    opened by burzum 10
  • Yii2 Advanced App Template doesn't install

    Yii2 Advanced App Template doesn't install

    First, I've installed Laravel, and prestissimo worked perfectly. Then, I've tried to install Yii2 Advanced App. Composer installed npm and bower packages (via composer-asset-plugin), but then console stopped as seen on screenshot below: image It has already passed 30 minutes, but nothing happend...

    opened by berezuev 10
  • Undefined property: Hirak\Prestissimo\CurlRemoteFilesystem::$lastHeaders

    Undefined property: Hirak\Prestissimo\CurlRemoteFilesystem::$lastHeaders

    [ErrorException] Undefined property: Hirak\Prestissimo\CurlRemoteFilesystem::$lastHeaders

    when running composer update

    composer version fff5074bbf5697a907b2832902d4219801b90bc5

    bug 
    opened by bazo 10
  • Use PHPUnit\Framework\TestCase instead of PHPUnit_Framework_TestCase

    Use PHPUnit\Framework\TestCase instead of PHPUnit_Framework_TestCase

    I use the PHPUnit\Framework\TestCase notation instead of PHPUnit_Framework_TestCase while extending our TestCases. This will help us migrate to PHPUnit 6, that no longer support snake case class names.

    I just need to bump PHPUnit version to ^4.8.35 and, that support this namespace.

    opened by carusogabriel 9
  • Support for multi-threaded composer update?

    Support for multi-threaded composer update?

    Is there any way to have support for multi-threaded composer update ? With a lot of private GitHub packages, this takes a very long time for us to run and it's also a much more common operation than composer install.

    opened by khromov 7
  • segmentation fault occurered

    segmentation fault occurered

    environments:

    • macOS 10.14.5 Mojave
    • php 7.3.6 cli (via brew install php)
    • composer 1.8.5 (via brew install composer)

    output of composer diagnose below:

    Checking platform settings: OK
    Checking git settings: OK
    Checking http connectivity to packagist: OK
    Checking https connectivity to packagist: OK
    Checking github.com rate limit: OK
    Checking disk free space: OK
    Checking pubkeys:
    Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0  87719BA6 8F3BB723 4E5D42D0 84A14642
    Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B  0C708369 153E328C AD90147D AFE50952
    OK
    Checking composer version: OK
    Composer version: 1.8.5
    PHP version: 7.3.6
    PHP binary path: /usr/local/Cellar/php/7.3.6/bin/php
    

    First, flush my composer global packages and settings.

    rm -rf ~/.composer/cache ~/.composer/vendor ~/.composer/composer.*
    

    and try composer global require consolidation/cgr.

    Changed current directory to /Users/hidekuro/.composer
    Using version ^2.0 for consolidation/cgr
    ./composer.json has been created
    Loading composer repositories with package information
    Updating dependencies (including require-dev)
    Package operations: 1 install, 0 updates, 0 removals
      - Installing consolidation/cgr (2.0.5): Downloading (100%)
    Writing lock file
    Generating autoload files
    

    succeed.

    but using hirak/prestissimo will failure with Segmentation fault.

    rm -rf ~/.composer/cache ~/.composer/vendor ~/.composer/composer.*
    composer global require hirak/prestissimo
    composer global require consolidation/cgr
    
    Changed current directory to /Users/hidekuro/.composer
        1/2:	https://packagist.jp/p/provider-latest$c4bd61274f7797a33d4f1efdd0bed5c496f7c212138a18f75ea21c9bb2f72245.json
        2/2:	https://packagist.jp/p/provider-2019-04$5897d9820bb6845de340427c738c2272c77072d89780f7d74b1d248c49bc0c75.json
        Finished: success: 2, skipped: 0, failure: 0, total: 2
    Using version ^2.0 for consolidation/cgr
    ./composer.json has been updated
    Loading composer repositories with package information
    Updating dependencies (including require-dev)
    Segmentation fault: 11
    

    any solutions?

    opened by hidekuro 6
  • Cache folders permissions

    Cache folders permissions

    Would it be possible to change default folder permissions from 0766 to 0775 or even 0770? (at least just 077*)

    Current setup is not working with shared cache folder between users :/

    Thanks!

    opened by mthoretton 6
  • Bump decode-uri-component from 0.2.0 to 0.2.2

    Bump decode-uri-component from 0.2.0 to 0.2.2

    Bumps decode-uri-component from 0.2.0 to 0.2.2.

    Release notes

    Sourced from decode-uri-component's releases.

    v0.2.2

    • Prevent overwriting previously decoded tokens 980e0bf

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

    v0.2.1

    • Switch to GitHub workflows 76abc93
    • Fix issue where decode throws - fixes #6 746ca5d
    • Update license (#1) 486d7e2
    • Tidelift tasks a650457
    • Meta tweaks 66e1c28

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump engine.io and browser-sync

    Bump engine.io and browser-sync

    Bumps engine.io to 6.2.1 and updates ancestor dependency browser-sync. These dependencies need to be updated together.

    Updates engine.io from 3.2.1 to 6.2.1

    Release notes

    Sourced from engine.io's releases.

    6.2.1

    :warning: This release contains an important security fix :warning:

    A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

    Error: read ECONNRESET
        at TCP.onStreamRead (internal/stream_base_commons.js:209:20)
    Emitted 'error' event on Socket instance at:
        at emitErrorNT (internal/streams/destroy.js:106:8)
        at emitErrorCloseNT (internal/streams/destroy.js:74:3)
        at processTicksAndRejections (internal/process/task_queues.js:80:21) {
      errno: -104,
      code: 'ECONNRESET',
      syscall: 'read'
    }
    

    Please upgrade as soon as possible.

    Bug Fixes

    • catch errors when destroying invalid upgrades (#658) (425e833)

    6.2.0

    Features

    • add the "maxPayload" field in the handshake details (088dcb4)

    So that clients in HTTP long-polling can decide how many packets they have to send to stay under the maxHttpBufferSize value.

    This is a backward compatible change which should not mandate a new major revision of the protocol (we stay in v4), as we only add a field in the JSON-encoded handshake data:

    0{"sid":"lv_VI97HAXpY6yYWAAAC","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":5000,"maxPayload":1000000}
    

    Links

    6.1.3

    Bug Fixes

    • typings: allow CorsOptionsDelegate as cors options (#641) (a463d26)
    • uws: properly handle chunked content (#642) (3367440)

    ... (truncated)

    Changelog

    Sourced from engine.io's changelog.

    6.2.1 (2022-11-20)

    :warning: This release contains an important security fix :warning:

    A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

    Error: read ECONNRESET
        at TCP.onStreamRead (internal/stream_base_commons.js:209:20)
    Emitted 'error' event on Socket instance at:
        at emitErrorNT (internal/streams/destroy.js:106:8)
        at emitErrorCloseNT (internal/streams/destroy.js:74:3)
        at processTicksAndRejections (internal/process/task_queues.js:80:21) {
      errno: -104,
      code: 'ECONNRESET',
      syscall: 'read'
    }
    

    Please upgrade as soon as possible.

    Bug Fixes

    • catch errors when destroying invalid upgrades (#658) (425e833)

    3.6.0 (2022-06-06)

    Bug Fixes

    Features

    • decrease the default value of maxHttpBufferSize (58e274c)

    This change reduces the default value from 100 mb to a more sane 1 mb.

    This helps protect the server against denial of service attacks by malicious clients sending huge amounts of data.

    See also: https://github.com/advisories/GHSA-j4f2-536g-r55m

    • increase the default value of pingTimeout (f55a79a)

    ... (truncated)

    Commits
    • 24b847b chore(release): 6.2.1
    • 425e833 fix: catch errors when destroying invalid upgrades (#658)
    • 99adb00 chore(deps): bump xmlhttprequest-ssl and engine.io-client in /examples/latenc...
    • d196f6a chore(deps): bump minimatch from 3.0.4 to 3.1.2 (#660)
    • 7c1270f chore(deps): bump nanoid from 3.1.25 to 3.3.1 (#659)
    • 535a01d ci: add Node.js 18 in the test matrix
    • 1b71a6f docs: remove "Vanilla JS" highlight from README (#656)
    • 917d1d2 refactor: replace deprecated String.prototype.substr() (#646)
    • 020801a chore: add changelog for version 3.6.0
    • ed1d6f9 test: make test script work on Windows (#643)
    • Additional commits viewable in compare view

    Updates browser-sync from 2.26.7 to 2.27.10

    Release notes

    Sourced from browser-sync's releases.

    2.27.9

    What's Changed

    A bug prevented the help output from displaying - it was introduced when the CLI parser yargs was updated, and is now fixed :)

    Full Changelog: https://github.com/BrowserSync/browser-sync/compare/v2.27.8...v2.27.9

    2.27.8

    This release upgrades Socket.io (client+server) to the latest versions - solving the following issues, and silencing security warning :)

    PR:

    Resolved Issues:

    Thanks to @​lachieh for the original PR, which helped me land this fix

    added snippet: boolean option

    This release adds a feature to address BrowserSync/browser-sync#1882

    Sometimes you don't want Browsersync to auto-inject it's connection snippet into your HTML - now you can disable it globally via either a CLI param or the new snippet option :)

    browser-sync . --no-snippet
    

    or in any Browsersync configuration

    const config = {
      snippet: false,
    };
    

    the original request was related to Eleventy usage, so here's how that would look

    eleventyConfig.setBrowserSyncConfig({
      snippet: false,
    });
    

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump socket.io-parser and browser-sync

    Bump socket.io-parser and browser-sync

    Bumps socket.io-parser to 4.2.1 and updates ancestor dependency browser-sync. These dependencies need to be updated together.

    Updates socket.io-parser from 3.2.0 to 4.2.1

    Release notes

    Sourced from socket.io-parser's releases.

    4.2.1

    Bug Fixes

    • check the format of the index of each attachment (b5d0cb7)

    Links

    4.2.0

    Features

    • allow the usage of custom replacer and reviver (#112) (b08bc1a)

    Links

    4.1.2

    Bug Fixes

    • allow objects with a null prototype in binary packets (#114) (7f6b262)

    Links

    4.1.1

    Links

    4.1.0

    Features

    • provide an ESM build with and without debug (388c616)

    Links

    4.0.5

    Bug Fixes

    • check the format of the index of each attachment (b559f05)

    Links

    ... (truncated)

    Changelog

    Sourced from socket.io-parser's changelog.

    4.2.1 (2022-06-27)

    Bug Fixes

    • check the format of the index of each attachment (b5d0cb7)

    4.2.0 (2022-04-17)

    Features

    • allow the usage of custom replacer and reviver (#112) (b08bc1a)

    4.1.2 (2022-02-17)

    Bug Fixes

    • allow objects with a null prototype in binary packets (#114) (7f6b262)

    4.1.1 (2021-10-14)

    4.1.0 (2021-10-11)

    Features

    • provide an ESM build with and without debug (388c616)

    4.0.4 (2021-01-15)

    Bug Fixes

    • allow integers as event names (1c220dd)

    4.0.3 (2021-01-05)

    4.0.2 (2020-11-25)

    ... (truncated)

    Commits
    • 5a2ccff chore(release): 4.2.1
    • b5d0cb7 fix: check the format of the index of each attachment
    • c7514b5 chore(release): 4.2.0
    • 931f152 chore: add Node.js 16 in the test matrix
    • 6c9cb27 chore: bump @​socket.io/component-emitter to version 3.1.0
    • b08bc1a feat: allow the usage of custom replacer and reviver (#112)
    • aed252c chore(release): 4.1.2
    • 89209fa chore: bump cached-path-relative from 1.0.2 to 1.1.0 (#113)
    • 0a3b556 chore: bump path-parse from 1.0.6 to 1.0.7 (#108)
    • 7f6b262 fix: allow objects with a null prototype in binary packets (#114)
    • Additional commits viewable in compare view

    Updates browser-sync from 2.26.7 to 2.27.10

    Release notes

    Sourced from browser-sync's releases.

    2.27.9

    What's Changed

    A bug prevented the help output from displaying - it was introduced when the CLI parser yargs was updated, and is now fixed :)

    Full Changelog: https://github.com/BrowserSync/browser-sync/compare/v2.27.8...v2.27.9

    2.27.8

    This release upgrades Socket.io (client+server) to the latest versions - solving the following issues, and silencing security warning :)

    PR:

    Resolved Issues:

    Thanks to @​lachieh for the original PR, which helped me land this fix

    added snippet: boolean option

    This release adds a feature to address BrowserSync/browser-sync#1882

    Sometimes you don't want Browsersync to auto-inject it's connection snippet into your HTML - now you can disable it globally via either a CLI param or the new snippet option :)

    browser-sync . --no-snippet
    

    or in any Browsersync configuration

    const config = {
      snippet: false,
    };
    

    the original request was related to Eleventy usage, so here's how that would look

    eleventyConfig.setBrowserSyncConfig({
      snippet: false,
    });
    

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump copy-props from 2.0.4 to 2.0.5

    Bump copy-props from 2.0.4 to 2.0.5

    Bumps copy-props from 2.0.4 to 2.0.5.

    Release notes

    Sourced from copy-props's releases.

    2.0.5

    Fix

    • Avoids prototype pollution (#7)

    Doc

    • Update license years.
    • Transfer ownership to Gulp Team (#6)

    Build

    • Update dependencies: each-props (>=1.3.2), is-plain-object (>=5.0.0).

    Test

    • Expand test versions to v11〜v14.
    Changelog

    Sourced from copy-props's changelog.

    Changelog

    3.0.1 (2021-10-31)

    Bug Fixes

    • ci: Rename prettierignore typo & avoid formatting web (192badf)
    • Update dependencies (ba8a51c)

    3.0.0 (2021-09-25)

    ⚠ BREAKING CHANGES

    • Normalize repository, dropping node <10.13 support (#8)

    Miscellaneous Chores

    • Normalize repository, dropping node <10.13 support (#8) (85b1165)
    Commits
    • 40b7974 2.0.5
    • 2c738f5 Fix: Avoids prototype pollution (#7)
    • 4cac863 Merge: Transfer ownership to Gulp Team (#6)
    • 54a791d Doc: Transfer ownership to Gulp Team
    • 196fc9e Merge: Update dependencies and expand ci test versions (#5)
    • e89907f Test: Update npm to v4 when nodejs is v5 because of npm install error.
    • e970322 Test: Run coveralls when nodejs >= 6 because of its supports
    • 063e534 Test: Add nodejs v11-v14 into ci test versions
    • 72270af Doc: Update license years
    • f60b928 Build: Update versions of dependencies
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump path-parse from 1.0.6 to 1.0.7

    Bump path-parse from 1.0.6 to 1.0.7

    Bumps path-parse from 1.0.6 to 1.0.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
Releases(0.3.10)
Owner
Hiraku NAKANO
PHP Programmer at Mercari Inc
Hiraku NAKANO
:musical_note: Provides a composer plugin for normalizing composer.json.

composer-normalize Provides a composer plugin for normalizing composer.json. Why When it comes to formatting composer.json, you have the following opt

null 861 Jan 4, 2023
Simple static Composer repository generator - For a full private Composer repo use Private Packagist

Satis Simple static Composer repository generator. Run from source Satis requires a recent PHP version, it does not run with unsupported PHP versions.

Composer 2.9k Jan 3, 2023
Merge one or more additional composer.json files at Composer runtime

Composer Merge Plugin Merge multiple composer.json files at Composer runtime. Composer Merge Plugin is intended to allow easier dependency management

Wikimedia 844 Dec 5, 2022
Simple composer script to manage phar files using project composer.json.

tooly-composer-script With tooly composer-script you can version needed PHAR files in your project's composer.json without adding them directly to a V

Tommy Mühle 100 Sep 27, 2022
A no-frills PsySH-Composer plugin

uma/composer-psysh A no-frills PsySH-Composer plugin. In a nutshell, it provides a composer psy subcommand that spawns a Psy Shell with autoload integ

Marcel Hernandez 18 May 23, 2022
Check your Composer dependencies at runtime.

Composition Composition provides a lightweight and generic API, that you can use to check your environment at runtime, instead of manually go checking

Bilal Amarni 108 May 4, 2021
Easily parse your project's Composer configuration, and those of its dependencies, at runtime

Composed This library provides a set of utility functions designed to help you parse your project's Composer configuration, and those of its dependenc

Josh Di Fabio 50 Nov 27, 2022
Satis-go is a web server for hosting and managing your Satis Repository for Composer Packages

Satis-go download latest Satis-go is a web server for hosting and managing your Satis Repository for Composer Packages Some Highlights: Satis-go provi

Ben Schwartz 99 Aug 1, 2022
A composer plugin, to install differenty types of composer packages in custom directories outside the default composer default installation path which is in the vendor folder.

composer-custom-directory-installer A composer plugin, to install differenty types of composer packages in custom directories outside the default comp

Mina Nabil Sami 136 Dec 30, 2022
This composer plugin is a temporary implementation of using symbolic links to local packages as dependencies to allow a parallel work process

Composer symlinker A Composer plugin to install packages as local symbolic links. This plugin is a temporary implementation of using symbolic links to

Pierre Cassat 18 Nov 9, 2021
A easy way to install your basic yii projetc, we have encrypt database password in phpfile, my class with alot funtions to help you encrypt and decrypt and our swoole server install just run ./yii swoole/start and be happy!

Yii 2 Basic Project Template with swoole and Modules Yii 2 Basic Project Template is a skeleton Yii 2 application best for rapidly creating small proj

null 3 Apr 11, 2022
The Pest Parallel Plugin

This repository contains the Pest Plugin Parallel. If you want to start testing your application with Pest, visit the main Pest Repository. Explore th

PEST 28 Dec 5, 2022
Ied plugin composer - Inspired Plugin Composer: Create, publish and edit plugins from within Textpattern CMS.

ied_plugin_composer Create, publish and edit plugins from within Textpattern CMS. Creates a new page under the Extensions tab where you can edit and e

Stef Dawson 8 Oct 3, 2020
Opinionated version of Wikimedia composer-merge-plugin to work in pair with Bamarni composer-bin-plugin.

Composer Inheritance Plugin Opinionated version of Wikimedia composer-merge-plugin to work in pair with bamarni/composer-bin-plugin. Usage If you are

Théo FIDRY 25 Dec 2, 2022
Patch other composer packages on install or update

patch-installer Patch other composer packages on install or update. experimental feature Usage For a patch type change the install path to vendor dire

Maik Penz 49 Apr 11, 2021
Composer install helper outsourcing sensitive keys from the package URL into environment variables

private-composer-installer This is a Composer plugin offering a way to reference private package URLs within composer.json and composer.lock. It outso

Fränz Friederes 213 Dec 12, 2022
An installer package that let's you install NodeJS and NPM as a Composer dependency.

NodeJS installer for Composer This is an installer that will download NodeJS and NPM and install them in your Composer dependencies. Installation is s

TheCodingMachine 106 Sep 30, 2022
This module adds a command to easily generate "modules" in Laravel and install them using composer.

Laravel Module Create This module adds a command to easily generate "modules" in Laravel and install them using composer Installation Simply install t

null 2 Feb 18, 2022
:computer: Parallel testing for PHPUnit

ParaTest The objective of ParaTest is to support parallel testing in PHPUnit. Provided you have well-written PHPUnit tests, you can drop paratest in y

null 2k Dec 31, 2022
A simple PHP Toolkit to parallel generate combinations, save and use the generated terms to brute force attack via the http protocol.

Brutal A simple PHP Toolkit to parallel generate combinations, save and use the generated terms to apply brute force attack via the http protocol. Bru

Jean Carlo de Souza 4 Jul 28, 2021