- Security: Fixed command injection vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828)
- Added warning when downloading a file with verify_peer[_name] disabled (#10722)
- Fixed curl downloader not retrying when a DNS resolution failure occurs (#10716)
- Fixed composer.lock file still being used/read when the lock config option is disabled (#10726)
- Fixed validate command checking the lock file even if the lock option is disabled (#10723)
- Fixed detection of default branch name when it changed since a git repo was mirrored in cache dir (#10701)
Releases · composer/composer
Dependency Manager for PHP. Contribute to composer/composer development by creating an account on GitHub.
github.com