1
0
Fork 0

Ensure we respect available-package-patterns and available-packages directives when fetching security advisories, fixes #11704 (#11773)

pull/11793/head
Jordi Boggiano 2024-01-11 16:44:27 +01:00 committed by GitHub
parent 3ed4e16dea
commit 75fd2bbeb2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 0 deletions

View File

@ -637,6 +637,15 @@ class ComposerRepository extends ArrayRepository implements ConfigurableReposito
$apiUrl = $this->securityAdvisoryConfig['api-url']; $apiUrl = $this->securityAdvisoryConfig['api-url'];
// respect available-package-patterns / available-packages directives from the repo
if ($this->hasAvailablePackageList) {
foreach ($packageConstraintMap as $name => $constraint) {
if (!$this->lazyProvidersRepoContains(strtolower($name))) {
unset($packageConstraintMap[$name]);
}
}
}
$parser = new VersionParser(); $parser = new VersionParser();
/** /**
* @param array<mixed> $data * @param array<mixed> $data