public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Validate licenses passed into init command (#12115) 

Fixes #10838
pull/12129/head
Jordi Boggiano 2024-09-19 17:07:28 +02:00 committed by GitHub
parent a5d0d73e00
commit 58905ffe4e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/Composer/Command/InitCommand.php
View File

@ -21,6 +21,7 @@ use Composer\Pcre\Preg;
use Composer\Repository\CompositeRepository;
use Composer\Repository\PlatformRepository;
use Composer\Repository\RepositoryFactory;
use Composer\Spdx\SpdxLicenses;
use Composer\Util\Filesystem;
use Composer\Util\Silencer;
use Symfony\Component\Console\Input\ArrayInput;
@ -398,6 +399,10 @@ EOT
'License [<comment>'.$license.'</comment>]: ',
$license
);
$spdx = new SpdxLicenses();
if (!$spdx->validate($license)) {
throw new \InvalidArgumentException('Invalid license provided: '.$license.'. Only SPDX license identifiers (https://spdx.org/licenses/) or "proprietary" are accepted.');
}
$input->setOption('license', $license);
$io->writeError(['', 'Define your dependencies.', '']);

4
tests/Composer/Test/Command/InitCommandTest.php
View File

@ -711,7 +711,7 @@ class InitCommandTest extends TestCase
'Mr. Test <test@example.org>', // Author
'stable', // Minimum stability
'library', // Type
'Custom License', // License
'AGPL-3.0-only', // License
'no', // Define dependencies
'no', // Define dev dependencies
'n', // Add PSR-4 autoload mapping
@ -726,7 +726,7 @@ class InitCommandTest extends TestCase
'name' => 'vendor/pkg',
'description' => 'my desciption',
'type' => 'library',
'license' => 'Custom License',
'license' => 'AGPL-3.0-only',
'authors' => [['name' => 'Mr. Test', 'email' => 'test@example.org']],
'minimum-stability' => 'stable',
'require' => [],