• Security: Fixed shell escaping when opening an editor (#12903)
• Security: Verify backup phar signature before restoring it when using self-update --rollback (#12918)
• Fixed source-fallback also disabling fallbacks to dist install when source is the preferred install method (#12888)
• Fixed source -> dist package updates wiping the .git dir without checking for local changes first (#12912)
• Fixed GitHub token prompt happening multiple times on parallel auth failures (#12913)
• Fixed warnings from Composer repositories being printed twice in some cases (#12907)

Full Changelog: 2.10.0...2.10.1

Read the Composer 2.10 Release Announcement for more details on the release highlights.

Full Changelog

• BC Break / Security: Disabled automatic fallback to source checkout if dist/zip install fails, we have introduced a new source-fallback config option as a temporary way to restore the old behavior, but if you need this talk to us as we plan to remove it entirely in 2.11 (#12885)
• BC Break: Minor break for audit consumers, the exit code is now always 0 (success) or 1 if anything failed the audit (#12881)
• Security: Added dependency policies to block package versions where malware was detected on update/install or report it with audit (#12786)
• Security: Hardened output filtering of URLs to reduce chances of token leaks (#12882, #12886)
• Security: Fixed handling of uppercase schemes in URL validation that might have allowed https requirement bypass (#12884)
• Security: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3)
• Security: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77)
• Security: Enforce allow-plugins even in non-interactive mode for very old pre-2.2 lock files (#12764)
• Added support for temporary --with constraints with wildcards in the package name for the update command (#12658)
• Added --strict-psr-autoloader flag to install and update commands (#12647)
• Added source-fallback config option to disable or enable source fallback on download failure (#12698)
• Added --require parameter to create-project to add new packages to the project as it gets installed (#12738)
• Optimized plugin autoloading by avoiding regenerating classmaps for every package per plugin (#12696)
• Optimized PoolOptimizer memory usage (#12783)
• Optimized classmap dumping performance
• Deprecated most of the audit config in favor of the new policy one (#12804, see #12786 for the RFC and upgrade docs)
• Fixed update --bump-after-update to only bump packages that actually were updated (#12733)
• Fixed GitHub API authentication errors not being visible to the user (#12737)
• Fixed error reporting for clarity when a constraint cannot be parsed (#12743)
• Fixed warning being shown when lock file is disabled (#12760)
• Fixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (#12758)
• Fixed some platform package parsing failing when Composer runs in web SAPIs (#12735)
• Fixed audit command returning a success code when the vendor dir was not present (#12880)

Full Changelog: 2.9.8...2.10.0

Composer 2.10 is ready for a release, and we need your help to test it and report any regression.

Please try it out!

• Running composer self-update --preview will get you the 2.10.0-RC2
• Running composer self-update --stable will get you back on the latest 2.9 stable release if anything broke.
• Report any issues you encounter as a new issue specifying you tried the 2.10 RC and please include stack traces & repro details.

Full Changelog

• Since 2.10.0-RC1, fixes in 2.9.6 - 2.9.8, many of which security relevant, are also included
• Since 2.10.0-RC1 a lot of the new filter list config format was modified - see #12786 for the latest state of this new feature
• Added a new policy config block to control all security related update/install/audit policies. This replaces and deprecates most of the audit config (#12804 for implementation, #12786 for RFC/upgrade docs)
• Enabled blocking of malware packages at install time by default
• Fixed --no-plugins handling regression (#12789)
• Fixed regression in startup performance when many scripts are defined (#12832)
• Improved classmap dumping performance

Full Changelog: 2.10.0-RC1...2.10.0-RC2

• Security: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2 / CVE-2026-45793)

Full Changelog: 2.9.7...2.9.8

• Security: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2 / CVE-2026-45793)

Full Changelog: 2.2.27...2.2.28

• Security: Fixed GitHub token validation and disclosure (GHSA-f9f8-rm49-7jv2 / CVE-2026-45793)

• Fixes regression calling custom script command aliases that are called a substring of a composer command (#12802)

Full Changelog: 2.9.6...2.9.7

• Security: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)
• Security: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)
• Security: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3)
• Security: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77)
• Security: Fixed Perforce unescaped user input in queryP4User shell command (ef3fc08)
• Security: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with - do not cause issues (6621d45, d836b90, 5e08c76)
• Fixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (#12758)
• Fixed GitHub API authentication errors not being visible to the user (#12737)
• Fixed some platform package parsing failing when Composer runs in web SAPIs (#12735)
• Fixed error reporting for clarity when a constraint cannot be parsed (#12743)

Full Changelog: 2.9.5...2.9.6

• Security: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261)
• Security: Fixed command injection via malicious Perforce repository definition (GHSA-wg36-wvj6-r67p / CVE-2026-40176)
• Security: Hardened git/hg/perforce/fossil identifier validation to ensure branch names starting with - do not cause issues (246f807, 246f807, 246f807)
• Security: Fixed Perforce unescaped user input in queryP4User shell command (246f807)
• Security: Fixed usage of insecure 3DES ciphers when ext-curl is missing (21ffece62)
• Fixed issue handling paths with = in them on Windows (#11568)

Full Changelog: 2.2.26...2.2.27

Composer 2.10 is ready for a release, and we need your help to test it and report any regression.

Please try it out!

• Running composer self-update --preview will get you the 2.10.0-RC1
• Running composer self-update --stable will get you back on the latest 2.9 stable release if anything broke.
• Report any issues you encounter as a new issue specifying you tried the 2.10 RC and please include stack traces & repro details.

Full Changelog

• Security: Added filter lists to block package versions where malware was detected on update or report it with audit (#12786)
• Security: Fixed git credentials remaining in git mirror .git/config after clone or update failed (2bcbfc3)
• Security: Fixed usage of insecure 3DES ciphers when ext-curl is missing (5e71d77)
• Security: Enforce allow-plugins even in non-interactive mode for very old pre-2.2 lock files (#12764)
• Added support for temporary --with constraints with wildcards in the package name for the update command (#12658)
• Added --strict-psr-autoloader flag to install and update commands (#12647)
• Added source-fallback config option to disable or enable source fallback on download failure (#12698)
• Added --require parameter to create-project to add new packages to the project as it gets installed (#12738)
• Optimized plugin autoloading by avoiding regenerating classmaps for every package per plugin (#12696)
• Optimized PoolOptimizer memory usage (#12783)
• Fixed update --bump-after-update to only bump packages that actually were updated (#12733)
• Fixed GitHub API authentication errors not being visible to the user (#12737)
• Fixed error reporting for clarity when a constraint cannot be parsed (#12743)
• Fixed warning being shown when lock file is disabled (#12760)
• Fixed inconsistent treatment of SingleCommandApplication script commands wrt autoloading (#12758)
• Fixed some platform package parsing failing when Composer runs in web SAPIs (#12735)

Full Changelog: 2.9.5...2.10.0-RC1