public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Fix security advisory parsing when filter repo is used, fixes #11281

pull/11283/head
Jordi Boggiano 2023-01-27 11:05:23 +01:00
parent f6f972a699
commit 5165792f9c
No known key found for this signature in database
GPG Key ID: 7BBD42C429EC80BC
2 changed files with 36 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/Composer/Repository/FilterRepository.php
View File

@ -21,7 +21,7 @@ use Composer\Pcre\Preg;
*
* @author Jordi Boggiano <j.boggiano@seld.be>
*/
class FilterRepository implements RepositoryInterface
class FilterRepository implements RepositoryInterface, AdvisoryProviderInterface
{
/** @var ?string */
private $only = null;
@ -188,6 +188,33 @@ class FilterRepository implements RepositoryInterface
return 0;
}
public function hasSecurityAdvisories(): bool
{
if (!$this->repo instanceof AdvisoryProviderInterface) {
return false;
}
return $this->repo->hasSecurityAdvisories();
}
/**
* @inheritDoc
*/
public function getSecurityAdvisories(array $packageConstraintMap, bool $allowPartialAdvisories = false): array
{
if (!$this->repo instanceof AdvisoryProviderInterface) {
return ['namesFound' => [], 'advisories' => []];
}
foreach ($packageConstraintMap as $name => $constraint) {
if (!$this->isAllowed($name)) {
unset($packageConstraintMap[$name]);
}
}
return $this->repo->getSecurityAdvisories($packageConstraintMap, $allowPartialAdvisories);
}
private function isAllowed(string $name): bool
{
if (!$this->only && !$this->exclude) {

8
tests/Composer/Test/Repository/FilterRepositoryTest.php
View File

@ -62,6 +62,14 @@ class FilterRepositoryTest extends TestCase
];
}
public function testSecurityAdvisoriesDisabledInChild(): void
{
$repo = new FilterRepository($this->arrayRepo, ['only' => ['foo/*']]);
self::assertFalse($repo->hasSecurityAdvisories());
self::assertSame(['namesFound' => [], 'advisories' => []], $repo->getSecurityAdvisories(['foo/aaa' => new MatchAllConstraint()], true));
}
public function testCanonicalDefaultTrue(): void
{
$repo = new FilterRepository($this->arrayRepo, []);