Composer 2.8.3 now available

Composer 2.8.3 is now used in both application containers and Integrated Composer environments.

Automatic rollout - No action required

Composer 2.8.3 will roll out automatically. No action required from you during this process.

Breaking changes

Developers should be aware of a potentially breaking change introduced in 2.8.0. The fallback behavior from https_proxy to http_proxy has been removed, as previously warned in 2.7.3. If your configurations depend on this behavior, update them to avoid connectivity issues.

Highlights

Composer 2.8.3 introduces a range of improvements and updates made between versions 2.7.7 and 2.8.3, including:

• --patch-only flag for updates: Limit updates to patch versions with this new flag for the update command.
• Improved interactive package updates: Enhanced package display makes interactive updates more intuitive.
• JSON schema validation: New validation ensures integrity for composer.lock files.
• PHP 8.4 compatibility: Compatibility updates for the latest PHP version.
• Bug fixes: Resolved issues with provider suggestions and lock file schemas.

View an overview of the changes made between 2.7.7 and 2.8.3 by comparing the tags or explore the highlights on Composer's Releases page.

Notes

• Composer commands can be executed on Pantheon via the Terminus Composer plugin.
• For operations that modify version-controlled code (like adding a module via composer require which will change composer.json and composer.lock), you must run such commands in Dev or Multidev environments where version controlled files are writable. Such files are not writeable in Test and Live environments.
• To learn more about Composer on Pantheon, visit our guide on Integrated Composer.