| Age | Commit message (Collapse) | Author |
|---|
|
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add blank lines between groups, use 78-dash separator in dual mode,
sanitize reason strings by replacing newlines and stripping control
characters, and include root package name in direct-deps filter so
its suggestions are correctly shown by default.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Composer caps the repo cache at 1 GB during garbage collection, but
Mozart was passing u64::MAX (no limit). Align with Composer behavior.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace direct println\! with console.write_stdout() so the about
command honors verbosity settings, matching Composer's behavior.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
absent
Match Composer behavior: --dry-run now returns exit code 1 when
un-bumped constraints are detected (useful for CI). Also warn when
the package type field is missing, since Composer treats it as
"library" by default.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Extends the PHP inline script to query constants and functions for 14
library packages (lib-pcre, lib-openssl, lib-curl, lib-libxml, etc.)
and parses the new LIB:name:version output format. This fixes SAT
resolver failures for packages requiring lib-* constraints like
lib-pcre >=7.0.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Virtual/meta packages (e.g. "psr/http-client-implementation") don't
exist on Packagist and caused a fatal error during transitive dependency
exploration. These packages are resolved via provides/replaces from
other packages already in the pool, so 404 errors are now skipped.
Also fix PoolBuilder::next_pending() repeatedly returning the same
virtual package name by tracking explored names in a HashSet, since
virtual packages are never added to inputs and the old check
(inputs.any(name)) never matched them.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
The install command succeeds with a warning when no lock file exists,
rather than failing with a suggestion to run update.
|
|
|
|
Re-resolve dependencies and compare with the current lock file to
detect packages that are no longer reachable from root requirements.
Removes them from the lock file and re-installs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Walk vendor/<vendor>/<package>/composer.json files and run the same
manifest validations on each dependency, reporting per-package errors
and warnings with a summary count.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
- --patch-only: restrict updates to patch-level changes by pinning
packages back to locked versions when major.minor differs
- --root-reqs: auto-populate update list with root require/require-dev
packages when no explicit packages are specified
- --bump-after-update: bump composer.json version constraints to match
resolved versions after update, with dev/no-dev/all modes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Split AND constraints (e.g. ">=1.0 <2.0" or ">=1.0,<2.0") into parts
and bump only the lower-bound operator (>=, ^, ~) while preserving
upper-bound operators (<, <=, \!=) unchanged.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Use previously stored but unused fields: show installed_version in
advisory tables/plain/JSON output, and package version in abandoned
package output. Remove unused unlockable_ids field from LockTransaction.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Replace unreachable\!() with proper @dev suffix output. Although Dev
is normally handled by an early return, this prevents a panic if the
control flow is ever refactored.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Parse `==` as an exact match operator, identical to `=`. Previously
the `=` handler would strip only one `=`, leaving `=1.2.3` which
failed to parse as a version number.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
composer-runtime-api, composer-plugin-api, and composer are Composer
pseudo packages that don't exist on Packagist. The resolver was trying
to fetch them remotely (HTTP 404) because PackageName::is_platform()
didn't recognize them and detect_platform() didn't inject them.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add mozart-sat-resolver crate implementing a CDCL SAT-based dependency
resolver ported from Composer's DependencyResolver. This replaces the
pubgrub library to ensure identical resolution behavior with Composer.
The new crate includes: pool (package storage with integer IDs),
rule/rule_set/rule_set_generator (constraint encoding), decisions
(assignment tracking), rule_watch_graph (2-watched literal BCP),
solver (CDCL loop with conflict analysis and clause learning),
policy (version preference), problem (Composer-style error messages),
and transaction (install/update/uninstall operation computation).
The registry resolver is rewritten to use PoolBuilder → RuleSetGenerator
→ Solver pipeline instead of pubgrub's DependencyProvider trait.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
ComposerVersion used u16 segments (max 65535), causing overflow for
PHP extensions like ext-dom (version 20031129). The extension became
invisible to the resolver, failing create-project with "depends on
ext-dom" errors.
Use mozart_semver::Version (u64 segments) directly as pubgrub's
version type, eliminating the overflow and redundant conversion layer.
Also fixes Ord for patch pre-releases (patch1 > stable) and adds
Display impl required by pubgrub.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Rename mozart-constraint to mozart-semver (mirrors composer/semver) and
extract mozart-class-map-generator from mozart-autoload (mirrors
composer/class-map-generator). No logic changes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Composer uses `|` (single pipe) as the standard OR separator, but
split_or() only recognized `||` (double pipe). This caused disjunctive
constraints like `^6.0|^7.0|^8.0` to be parsed as only `^6.0`,
breaking dependency resolution for packages like laravel/tinker.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Match Composer behavior: instead of failing with an error when no
composer.lock is present, show a warning and delegate to the update
command to resolve dependencies from composer.json.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Composer never shows the internal __root__ identifier to users. Add
root_name field to ResolveRequest so the resolver can substitute the
real package name (e.g. "laravel/laravel") in pubgrub error reports.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
PlatformConfig::new() was hardcoded to PHP 8.1 with a fixed extension
list, causing resolution failures for packages requiring newer PHP
(e.g. Laravel 12 requires >=8.2). Now calls detect_platform() to
discover the actual PHP version, extensions and capabilities.
Also adds a mutex to composer_home_dir tests to prevent env-var races.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
Add mozart_core::http::user_agent() that returns a consistent
"Mozart/<version> (<os>; <arch>)" string. Replace all scattered
user-agent definitions across mozart-registry and mozart CLI commands.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
Replace the TODO placeholders with a full interactive search-and-pick
loop for both require and require-dev dependencies during `init`.
Users can search Packagist, pick packages by number or name, and
version constraints are auto-detected from available versions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Extract shared helpers (composer_home, read/write_json_file,
add/remove_repository, render_value) from config.rs into
config_helpers.rs module. Implement all 7 repository actions:
list, add, remove, set-url, get-url, disable, enable with
--append/--before/--after positioning support.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
Add new workspace crate that validates SPDX license expressions using
data from composer/spdx-licenses (git submodule). Includes build.rs
codegen from JSON, recursive descent expression parser supporting
AND/OR/WITH/LicenseRef, and integrates into mozart-core's
validate_license function.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Port composer/metadata-minifier to Rust as an independent workspace
crate. Implements expand() and minify() for Packagist's delta-encoded
version metadata. Update mozart-registry to use the new crate for
transparent minified response handling, and add __unset sentinel
support to PackagistVersion deserialization.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
|
|
Replace reqwest::blocking with async reqwest across the entire codebase.
All command execute functions, registry API calls (packagist, downloader,
resolver, lockfile), and the main entry point now use async/await with
the tokio runtime. The pubgrub resolver runs on spawn_blocking since its
DependencyProvider trait is synchronous, using Handle::block_on for
async I/O within that context.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Wire up the existing --profile flag with tracing-subscriber to emit
span timings on stderr. Supports MOZART_LOG env var override and
verbose-level-aware filtering. No subscriber is installed when
--profile is off, keeping tracing macros zero-cost.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Extract modules from the single `mozart` crate into 5 focused library
crates to improve compilation parallelism and architectural clarity:
- mozart-constraint: version constraint parser (independent)
- mozart-core: base types, console, validation, platform utilities
- mozart-archiver: archive creation (tar, zip, bzip2)
- mozart-registry: Packagist API, cache, resolver, downloader, lockfile
- mozart-autoload: autoloader generation and PHP scanner
Refactor Console::from_cli and build_cache_config to accept primitive
args instead of &Cli to break circular dependencies. Introduce
[workspace.dependencies] for centralized version management. Remove 9
unused direct dependencies from the CLI crate.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add a `completion` subcommand that generates shell completion scripts
for Bash, Zsh, Fish, Elvish, and PowerShell using the clap_complete
crate.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Runs on push/PR to main with Rust nightly toolchain, submodule
checkout, and Swatinem/rust-cache for build caching.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Implement Phase 7.2 error handling & UX infrastructure:
- Add exit_code module with MozartError, bail()/bail_silent() helpers,
and Composer-compatible exit code constants (0-5, 100)
- Redesign Console struct with Verbosity enum (Quiet/Normal/Verbose/
VeryVerbose/Debug), ANSI auto-detection via IsTerminal, and
verbosity-gated output methods (info/verbose/debug/error)
- Thread Console through all 33 command execute() signatures
- Replace all std::process::exit() calls with structured MozartError
returns handled in main()
- Migrate eprintln\! status messages to console.info() for quiet-mode
suppression
- Add suggest module with Levenshtein distance and "Did you mean?"
formatting for future package name suggestions
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add ~136 tests across 7 categories: version parsing edge cases,
version ordering, constraint parsing, constraint matching, internal
functions, Composer behavioral compatibility, and divergence
investigation. One test (double equals) is #[ignore]d due to ==
operator not being supported.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add 23 integration tests using assert_cmd and predicates covering
about, validate, show, licenses, install, config, init, and
dump-autoload commands with shared test helpers and fixture projects.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add full self-update functionality: fetch releases from GitHub API,
download platform-specific binaries, atomically replace the running
executable using self-replace, and support --rollback and --preview
flags. Includes backup management and 12 unit tests.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add archive command supporting zip, tar, tar.gz, and tar.bz2 formats
with .gitattributes export-ignore filtering, composer.json archive.exclude
patterns, remote package archiving via Packagist, and self-exclusion to
prevent archives from including themselves.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
composer.json allows license to be either a string or an array. Parse
the raw JSON to support both forms, emit license as a proper array in
JSON output, and apply console::comment() coloring to the text header.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Resolves global home from $COMPOSER_HOME, $XDG_CONFIG_HOME, or
$HOME/.config/composer, then re-dispatches the given subcommand
with --working-dir set to that path. Forwards all global CLI flags
and accepts hyphen-prefixed trailing arguments.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Collects platform requirements (php, ext-*, lib-*, composer-*-api) from
lock file, installed.json, and root composer.json, then compares them
against the detected PHP environment. Supports text/JSON output and
exit codes 0 (pass), 1 (failed), 2 (missing).
Extracts shared platform detection into a new platform.rs module,
reused by both check-platform-reqs and show --platform.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Add "Dependencies:" label and remove column headers/separator from
text output to align with Composer's licenses command behavior.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
connectivity
Adds 10 diagnostic checks: Mozart version, HTTPS/HTTP Packagist connectivity,
GitHub API, HTTP proxy detection, composer.json validation, composer.lock
freshness, git availability/version, disk free space, and cache directory
writability. Exit codes: 0=clean, 1=warnings, 2=errors.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
Support shell commands, @php/@composer/@putenv prefixes, script
references with circular detection, @additional_args/@no_additional_args,
timeout handling, and COMPOSER_DEV_MODE. PHP callbacks are skipped with
a warning since Mozart cannot execute PHP class methods.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
|
vulnerabilities
Query Packagist security advisories API for known vulnerabilities
affecting installed or locked packages, with version constraint
matching, severity filtering, abandoned package detection, and
multiple output formats (table, plain, json, summary).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
