Jordi BoggianoNov 13

Composer 2.9 is here! 🚀 It automatically blocks packages with known vulnerabilities, has a new repository command to manage repos from the CLI, and lots more!

Read the full announcement: https://blog.packagist.com/composer-2-9/
#composerphp #phpc #PHP

Composer 2.9 Release

We are pleased to announce the release of Composer 2.9.0, bringing improvements to security, repository management from the CLI, and lots more. Automatic Security Blocking Composer now automatically blocks updates to packages with known security advisories. This protection is enabled by default and prevents you from accidentally updating

Private Packagist
Show threadLarry GarfieldNov 13

@seldaek Ay carumba! The vulnerability feature is cool, but I'm more impressed by the lockerge conflict support. I have been bitten by that so many times!

Great work, Team Composer!

Show threadAlessandro Lai
@Crell @seldaek me too! I learned through the years how to come out of that leveraging git, but I lost count of how many times I had to help colleagues do the same... Having Composer handling this automatically feels like magic!
Nov 14 at 6:36amWeb