PHP Composer

composer/composer last check 94 releases
Notes

Dependency Manager for PHP

Release notes
v2.6.4 · 1y+
view on github
  • Security: Fixed possible remote code execution vulnerability if composer.phar is publicly accessible, executable as PHP, and register_argc_argv is enabled in php.ini (GHSA-jm6m-4632-36hf / CVE-2023-43655)
  • Fixed json output of abandoned packages in audit command (#11647)
  • Fixed autoloader suffix to reuse the content-hash from lock file if available to make for more reproducible builds by default (#11663)
  • Performance improvement in pool optimization step (#11638)
  • Performance improvement in show -a <packagename> (#11659)