PHP Composer

composer/composer last check 2026-06-18 19:01 UTC 94 releases

Notes

Dependency Manager for PHP

https://getcomposer.org/

Release notes

v1.10.27 · 1y+

! Reminder: if you are still using Composer 1.x, please upgrade. No further security fixes will be provided! See https://blog.packagist.com/deprecating-composer-1-support/

Changelog:

Security: Fixed possible remote code execution vulnerability if composer.phar is publicly accessible, executable as PHP, and register_argc_argv is enabled in php.ini (GHSA-jm6m-4632-36hf / CVE-2023-43655)