public-mirrors/composer
1
0
Fork 0
mirror of https://github.com/composer/composer synced 2025-05-10 17:12:51 +00:00
Code Activity

Merge pull request from GHSA-h5h8-pc6h-jvvx

Browse source 
* Fix external process calls to avoid user input being able to pass extra parameters

* Tweak some fixes
This commit is contained in:
Jordi Boggiano 2021-04-27 13:00:40 +02:00 committed by GitHub
parent 2a50a9400f
commit 332c46af8b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 50 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tests/Composer/Test/Downloader/FossilDownloaderTest.php
View file

@ -69,19 +69,19 @@ class FossilDownloaderTest extends TestCase
->will($this->returnValue(array('http://fossil.kd2.org/kd2fw/')));
$processExecutor = $this->getMockBuilder('Composer\Util\ProcessExecutor')->getMock();
$expectedFossilCommand = $this->getCmd('fossil clone \'http://fossil.kd2.org/kd2fw/\' \'repo.fossil\'');
$expectedFossilCommand = $this->getCmd('fossil clone -- \'http://fossil.kd2.org/kd2fw/\' \'repo.fossil\'');
$processExecutor->expects($this->at(0))
->method('execute')
->with($this->equalTo($expectedFossilCommand))
->will($this->returnValue(0));
$expectedFossilCommand = $this->getCmd('fossil open \'repo.fossil\' --nested');
$expectedFossilCommand = $this->getCmd('fossil open --nested -- \'repo.fossil\'');
$processExecutor->expects($this->at(1))
->method('execute')
->with($this->equalTo($expectedFossilCommand))
->will($this->returnValue(0));
$expectedFossilCommand = $this->getCmd('fossil update \'trunk\'');
$expectedFossilCommand = $this->getCmd('fossil update -- \'trunk\'');
$processExecutor->expects($this->at(2))
->method('execute')
->with($this->equalTo($expectedFossilCommand))