1.3.3

• Capifony users beware: This release has output format tweaks that mess up capifony interactive mode, see #6233
• Improved baseline psr-4 autoloader performance for projects with many nested namespaces configured
• Fixed issues with gitlab API access when the token had insufficient permissions
• Fixed some HHVM strict type issues
• Fixed version guessing of headless git checkouts in some conditions
• Fixed compatibility with subversion 1.8
• Fixed version guessing not working with svn/hg
• Fixed script/exec errors not being output correctly
• Fixed PEAR repository bug with pear.php.net

1.3.2

• Added COMPOSER_BINARY env var that is defined within the scope of a Composer run automatically with the path to the phar file
• Fixed create-project ending in a detached HEAD when installing aliased packages
• Fixed composer show not returning non-zero exit code when the package does not exist
• Fixed @composer handling in scripts when --working-dir is used together with it
• Fixed private-GitLab handling of repos with dashes in them

1.3.1

• Fixed dist downloads from Bitbucket
• Fixed some regressions related to xdebug disabling
• Fixed --minor-only flag in outdated command
• Fixed handling of config.platform.php which did not replace other php-* package's versions

1.3.0

• Added workaround for xdebug performance impact by restarting PHP without xdebug automatically in case it is enabled
• Added --minor-only to the outdated command to only show updates to minor versions and ignore new major versions
• Added --apcu-autoloader to the update/install commands and --apcu to dump-autoload to enable an APCu-caching autoloader, which can be more efficient than --classmap-authoritative if you attempt to autoload many classes that do not exist, or if you can not use authoritative classmaps for some reason
• Added summary of operations to be executed before they run, and made execution output more compact
• Added php-debug and php-zts virtual platform packages
• Added gitlab-token auth config for GitLab private tokens
• Added --strict to the outdated command to return a non-zero exit code when there are outdated packages
• Added ability to call php scripts using the current php interpreter (instead of finding php in PATH by default) in script handlers via @php ...
• Added COMPOSER_ALLOW_XDEBUG env var to circumvent the xdebug-disabling behavior
• Added COMPOSER_MIRROR_PATH_REPOS env var to force mirroring of path repositories vs symlinking
• Added COMPOSER_DEV_MODE env var that is set by Composer to forward the dev mode to script handlers
• Fixed handling of annotated git tags vs lightweight tags leading to useless updates sometimes
• Fixed case insensitivity of remove command
• Fixed support for git 2.11
• Fixed output from zip and rar leaking out when an error occured
• Removed hash from composer.lock, only content-hash is now used which should reduce conflicts
• Minor fixes and performance improvements

1.3.0-RC

Run composer self-update --preview to try this out!

• Added workaround for xdebug performance impact by restarting PHP without xdebug automatically in case it is enabled
• Added --minor-only to the outdated command to only show updates to minor versions and ignore new major versions
• Added --apcu-autoloader to the update/install commands and --apcu to dump-autoload to enable an APCu-caching autoloader, which can be more efficient than --classmap-authoritative if you attempt to autoload many classes that do not exist, or if you can not use authoritative classmaps for some reason
• Added summary of operations to be executed before they run, and made execution output more compact
• Added php-debug and php-zts virtual platform packages
• Added gitlab-token auth config for GitLab private tokens
• Added --strict to the outdated command to return a non-zero exit code when there are outdated packages
• Added ability to call php scripts using the current php interpreter (instead of finding php in PATH by default) in script handlers via @php ...
• Added COMPOSER_ALLOW_XDEBUG env var to circumvent the xdebug-disabling behavior
• Added COMPOSER_MIRROR_PATH_REPOS env var to force mirroring of path repositories vs symlinking
• Added COMPOSER_DEV_MODE env var that is set by Composer to forward the dev mode to script handlers
• Fixed support for git 2.11
• Fixed output from zip and rar leaking out when an error occured
• Removed hash from composer.lock, only content-hash is now used which should reduce conflicts
• Minor fixes and performance improvements

1.2.4

• Fixed regression in output handling of scripts from 1.2.3
• Fixed support for LibreSSL detection as lib-openssl
• Fixed issue with Zend Guard in the autoloader bootstrapping
• Fixed support for loading partial provider repositories

1.2.3

• Fixed bug in HgDriver failing to identify BitBucket repositories
• Fixed support for loading partial provider repositories

1.2.2

• Fixed selection of packages based on stability to be independent from package repository order
• Fixed POST_DEPENDENCIES_SOLVING not containing some operations in edge cases
• Fixed issue handling GitLab URLs containing dots and other special characters
• Fixed issue on Windows when running composer at the root of a drive
• Minor fixes

1.2.1

• Fixed edge case issues with the static autoloader
• Minor fixes

1.2.0

• Security: Fixed httpoxy vulnerability. This only affects people using Composer outside of the CLI
• Added caching of git repositories if you have git 2.3+ installed. Repositories will now be cached once and then cloned from local cache so subsequent installs should be faster
• Added detection of HEAD changes to the status command. If you git checkout X in a vendor directory for example it will tell you that it is not at the version that was installed
• Added a virtual php-ipv6 extension to require PHP compiled with IPv6 support
• Added --no-suggest to install and update commands to skip output of suggestions at the end
• Added --type to the search command to restrict to a given package type
• Added fossil support as alternative to git/svn/.. for package downloads
• Improved BitBucket OAuth support
• Added support for blocking cache operations using COMPOSER_CACHE_DIR=/dev/null (or NUL on windows)
• Added support for using declare(strict_types=1) in plugins
• Added --prefer-stable and --prefer-lowest to the require command
• Added --no-scripts to the require and remove commands
• Added _comment top level key to the schema to endorse using it as a place to store comments (it can be a string or array of strings)
• Added support for justinrainbow/json-schema 2.0
• Fixed binaries not being re-installed if deleted by users or the bin-dir changes. update and install will now re-install them
• Fixed home command to avoid rogue output on unix
• Many minor UX and docs improvements