Composer v2.4.0-RC1 Release Notes

Release Date: 2022-07-21 // over 1 year ago
    • Added bash completions for Composer commands, package names, etc (see how to setup) (#10320)
    • Added bump command to bump requirements to the currently installed version (#10829)
    • Added audit command to check for known security vulnerabilities in installed packages (#10798, #10898)
    • Added automatic auditing of security vulnerabilities after update is done, can be overridden with --no-audit (#10798, #10898)
    • Added --audit to install command to also do an audit (#10798, #10898)
    • Added r alias to require command (#10953)
    • Added composer/class-map-generator dependency to replace Composer\Autoload\ClassMapGenerator which is now deprecated (#10885)
    • Added --locked to depends/prohibits commands (#10834)
    • Added --strict-psr flag to dump-autoload command to fail the process if PSR violations were detected, useful for CI (#10886)
    • Added COMPOSER_PREFER_STABLE and COMPOSER_PREFER_LOWEST env vars to turn on --prefer-stable/--prefer-lowest on update and require command, useful for CI (#10919)
    • Added support for temporary update constraints on all packages (now also including non-root dependencies) (#10773)
    • Added --major-only flag to the outdated command to show only packages with major version updates (#10827)
    • Added sections for direct and transitive deps in outdated command output (#10779)
    • Added ability for cache GC to clean up vcs and repo caches (#10826)
    • Added --gc flag to clear-cache to only trigger a garbage collection instead of clearing everything (#10826)
    • Added signal (SIGINT, SIGTERM, SIGHUP) handling to ensure we wait for the child process to exit before Composer exits to avoid dropping output (#10958)
    • Added prompt suggesting using --dev when requiring packages with dev/testing/static analysis keywords present (#10960)
    • Added warning in require, init and create-project commands when the latest version of a package cannot be used due to platform requirements (#10896)