public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Introduce COMPOSER_AUDIT_ABANDONED env var (#11794) 

Co-authored-by: Jordi Boggiano <j.boggiano@seld.be>
pull/11842/head
Dezső BICZÓ 2024-02-07 21:13:36 +00:00 committed by GitHub
parent e0807d381e
commit 7cb92a90c8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 58 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/03-cli.md
View File

@ -1247,6 +1247,11 @@ similar use case), and need to support proxies, please provide the `CGI_HTTP_PRO
environment variable instead. See [httpoxy.org](https://httpoxy.org/) for further environment variable instead. See [httpoxy.org](https://httpoxy.org/) for further
details. details.
### COMPOSER_AUDIT_ABANDONED
Set to `ignore`, `report` or `fail` to override the [audit.abandoned](06-config.md#abandoned)
config option.
### COMPOSER_MAX_PARALLEL_HTTP ### COMPOSER_MAX_PARALLEL_HTTP
Set to an integer to configure how many files can be downloaded in parallel. This Set to an integer to configure how many files can be downloaded in parallel. This

12
doc/06-config.md
View File

@ -143,6 +143,18 @@ Defaults to `report` in Composer 2.6, and defaults to `fail` from Composer 2.7 o
- `report` means abandoned packages are reported as an error but do not cause the command to exit with a non-zero code. - `report` means abandoned packages are reported as an error but do not cause the command to exit with a non-zero code.
- `fail` means abandoned packages will cause audits to fail with a non-zero code. - `fail` means abandoned packages will cause audits to fail with a non-zero code.
```json
{
"config": {
"audit": {
"abandoned": "report"
}
}
}
```
Since Composer 2.7 the option can be overriden via the [`COMPOSER_AUDIT_ABANDONED`](03-cli.md#composer-audit-abandoned) environment variable.
## use-parent-dir ## use-parent-dir
When running Composer in a directory where there is no composer.json, if there When running Composer in a directory where there is no composer.json, if there

1
src/Composer/Advisory/Auditor.php
View File

@ -19,6 +19,7 @@ use Composer\Package\CompletePackageInterface;
use Composer\Package\PackageInterface; use Composer\Package\PackageInterface;
use Composer\Repository\RepositorySet; use Composer\Repository\RepositorySet;
use Composer\Util\PackageInfo; use Composer\Util\PackageInfo;
use Composer\Util\Platform;
use InvalidArgumentException; use InvalidArgumentException;
use Symfony\Component\Console\Formatter\OutputFormatter; use Symfony\Component\Console\Formatter\OutputFormatter;

14
src/Composer/Config.php
View File

@ -436,6 +436,20 @@ class Config
return $this->process($this->config[$key], $flags); return $this->process($this->config[$key], $flags);
case 'audit':
$result = $this->config[$key];
$abandonedEnv = $this->getComposerEnv('COMPOSER_AUDIT_ABANDONED');
if (false !== $abandonedEnv) {
if (!in_array($abandonedEnv, $validChoices = [Auditor::ABANDONED_IGNORE, Auditor::ABANDONED_REPORT, Auditor::ABANDONED_FAIL], true)) {
throw new \RuntimeException(
"Invalid value for COMPOSER_AUDIT_ABANDONED: {$abandonedEnv}. Expected ".Auditor::ABANDONED_IGNORE.", ".Auditor::ABANDONED_REPORT." or ".Auditor::ABANDONED_FAIL
);
}
$result['abandoned'] = $abandonedEnv;
}
return $result;
default: default:
if (!isset($this->config[$key])) { if (!isset($this->config[$key])) {
return null; return null;

1
tests/Composer/Test/Advisory/AuditorTest.php
View File

@ -23,6 +23,7 @@ use Composer\Repository\ComposerRepository;
use Composer\Repository\RepositorySet; use Composer\Repository\RepositorySet;
use Composer\Test\TestCase; use Composer\Test\TestCase;
use Composer\Advisory\Auditor; use Composer\Advisory\Auditor;
use Composer\Util\Platform;
use InvalidArgumentException; use InvalidArgumentException;
class AuditorTest extends TestCase class AuditorTest extends TestCase

25
tests/Composer/Test/ConfigTest.php
View File

@ -12,6 +12,7 @@
namespace Composer\Test; namespace Composer\Test;
use Composer\Advisory\Auditor;
use Composer\Config; use Composer\Config;
use Composer\IO\IOInterface; use Composer\IO\IOInterface;
use Composer\Util\Platform; use Composer\Util\Platform;
@ -382,6 +383,30 @@ class ConfigTest extends TestCase
$this->assertEquals('COMPOSER_HTACCESS_PROTECT', $result); $this->assertEquals('COMPOSER_HTACCESS_PROTECT', $result);
} }
public function testAudit(): void
{
$config = new Config(true);
$result = $config->get('audit');
self::assertArrayHasKey('abandoned', $result);
self::assertArrayHasKey('ignore', $result);
self::assertSame(Auditor::ABANDONED_FAIL, $result['abandoned']);
self::assertSame([], $result['ignore']);
Platform::putEnv('COMPOSER_AUDIT_ABANDONED', Auditor::ABANDONED_IGNORE);
$result = $config->get('audit');
Platform::clearEnv('COMPOSER_AUDIT_ABANDONED');
self::assertArrayHasKey('abandoned', $result);
self::assertArrayHasKey('ignore', $result);
self::assertSame(Auditor::ABANDONED_IGNORE, $result['abandoned']);
self::assertSame([], $result['ignore']);
$config->merge(['config' => ['audit' => ['ignore' => ['A', 'B']]]]);
$config->merge(['config' => ['audit' => ['ignore' => ['A', 'C']]]]);
$result = $config->get('audit');
self::assertArrayHasKey('ignore', $result);
self::assertSame(['A', 'B', 'A', 'C'], $result['ignore']);
}
public function testGetDefaultsToAnEmptyArray(): void public function testGetDefaultsToAnEmptyArray(): void
{ {
$config = new Config; $config = new Config;