public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Prevent require command from allowing a package to require itself, fixes #8247

pull/8252/head
Jordi Boggiano 2019-07-30 09:18:19 +02:00
parent e7051de1a4
commit 1a391b572c
No known key found for this signature in database
GPG Key ID: 7BBD42C429EC80BC
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/Composer/Command/RequireCommand.php
View File

@ -145,7 +145,12 @@ EOT
// validate requirements format
$versionParser = new VersionParser();
foreach ($requirements as $constraint) {
foreach ($requirements as $package => $constraint) {
if (strtolower($package) === $composer->getPackage()->getName()) {
$io->writeError(sprintf('<error>Root package \'%s\' cannot require itself in its composer.json</error>', $package));
return 1;
}
$versionParser->parseConstraints($constraint);
}