From 4b94e55b0360e395d1a1c5dffc936d73497c48ba Mon Sep 17 00:00:00 2001
From: Nicolas Grekas <nicolas.grekas@gmail.com>
Date: Fri, 10 Feb 2023 13:19:41 +0100
Subject: [PATCH 1/4] Add extra.plugin-optional to auto-disable plugins in
 non-interactive mode (#11315)

---
 doc/articles/plugins.md               | 14 ++++++++++++++
 src/Composer/Plugin/PluginManager.php |  8 +++++---
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/doc/articles/plugins.md b/doc/articles/plugins.md
index 18d966656..818011887 100644
--- a/doc/articles/plugins.md
+++ b/doc/articles/plugins.md
@@ -332,6 +332,20 @@ in your composer.json to hint to Composer that the plugin should be activated as
 as possible to prevent any bad side-effects from Composer assuming packages are installed
 in another location than they actually are.
 
+### plugin-optional
+
+Because Composer plugins can be used to perform actions which are necessary for installing
+a working application, like modifying which path files get stored in, skipping required
+plugins unintentionally can result in broken applications. So, in non-interactive mode,
+Composer will fail if a new plugin is not listed in ["allow-plugins"](../06-config.md#allow-plugins)
+to force users to decide if they want to execute the plugin, to avoid silent failures.
+
+As of Composer 2.5.3, you can use the setting `{"extra": {"plugin-optional": true}}` on
+your plugin, to tell Composer that skipping the plugin has no catastrophic consequences,
+and it can safely be disabled in non-interactive mode if it is not yet listed in
+"allow-plugins". The next interactive run of Composer will still prompt users to choose if
+they want to enable or disable the plugin.
+
 ## Plugin Autoloading
 
 Due to plugins being loaded by Composer at runtime, and to ensure that plugins which
diff --git a/src/Composer/Plugin/PluginManager.php b/src/Composer/Plugin/PluginManager.php
index fbde18b00..74c33221e 100644
--- a/src/Composer/Plugin/PluginManager.php
+++ b/src/Composer/Plugin/PluginManager.php
@@ -187,7 +187,7 @@ class PluginManager
             }
         }
 
-        if (!$this->isPluginAllowed($package->getName(), $isGlobalPlugin)) {
+        if (!$this->isPluginAllowed($package->getName(), $isGlobalPlugin, $package->getExtra()['plugin-optional'] ?? false)) {
             $this->io->writeError('Skipped loading "'.$package->getName() . '" '.($isGlobalPlugin || $this->runningInGlobalDir ? '(installed globally) ' : '').'as it is not in config.allow-plugins', true, IOInterface::DEBUG);
 
             return;
@@ -370,7 +370,7 @@ class PluginManager
 
         if ($sourcePackage === null) {
             trigger_error('Calling PluginManager::addPlugin without $sourcePackage is deprecated, if you are using this please get in touch with us to explain the use case', E_USER_DEPRECATED);
-        } elseif (!$this->isPluginAllowed($sourcePackage->getName(), $isGlobalPlugin)) {
+        } elseif (!$this->isPluginAllowed($sourcePackage->getName(), $isGlobalPlugin, $sourcePackage->getExtra()['plugin-optional'] ?? false)) {
             $this->io->writeError('Skipped loading "'.get_class($plugin).' from '.$sourcePackage->getName() . '" '.($isGlobalPlugin || $this->runningInGlobalDir ? '(installed globally) ' : '').' as it is not in config.allow-plugins', true, IOInterface::DEBUG);
 
             return;
@@ -656,7 +656,7 @@ class PluginManager
     /**
      * @internal
      */
-    public function isPluginAllowed(string $package, bool $isGlobalPlugin): bool
+    public function isPluginAllowed(string $package, bool $isGlobalPlugin, bool $optional = false): bool
     {
         if ($isGlobalPlugin) {
             $rules = &$this->allowGlobalPluginRules;
@@ -733,6 +733,8 @@ class PluginManager
                         break;
                 }
             }
+        } elseif ($optional) {
+            return false;
         }
 
         throw new PluginBlockedException(

From 6876958083ff38ee790faedc693601624b39653b Mon Sep 17 00:00:00 2001
From: Jordi Boggiano <j.boggiano@seld.be>
Date: Fri, 10 Feb 2023 13:23:31 +0100
Subject: [PATCH 2/4] Update changelog

---
 CHANGELOG.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5497d03bc..0e04f80d5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,7 @@
+### [2.5.3] 2023-02-10
+
+  * Added extra.plugin-optional support for allow auto-disabling unknown plugins which are not critical when running non-interactive (#11315)
+
 ### [2.5.2] 2023-02-04
 
   * Added warning when `require` auto-selects a feature branch as that is probably not desired (#11270)
@@ -1691,6 +1695,7 @@
 
   * Initial release
 
+[2.5.3]: https://github.com/composer/composer/compare/2.5.2...2.5.3
 [2.5.2]: https://github.com/composer/composer/compare/2.5.1...2.5.2
 [2.5.1]: https://github.com/composer/composer/compare/2.5.0...2.5.1
 [2.5.0]: https://github.com/composer/composer/compare/2.4.4...2.5.0

From 607a4c04006ce1d2b6fdfd5467bae3d7ad9ce5ab Mon Sep 17 00:00:00 2001
From: Jordi Boggiano <j.boggiano@seld.be>
Date: Fri, 10 Feb 2023 13:23:52 +0100
Subject: [PATCH 3/4] Release 2.5.3

---
 src/Composer/Composer.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/Composer/Composer.php b/src/Composer/Composer.php
index 8a870cc47..6dd019db4 100644
--- a/src/Composer/Composer.php
+++ b/src/Composer/Composer.php
@@ -51,10 +51,10 @@ class Composer extends PartialComposer
      *
      * @see getVersion()
      */
-    public const VERSION = '@package_version@';
-    public const BRANCH_ALIAS_VERSION = '@package_branch_alias_version@';
-    public const RELEASE_DATE = '@release_date@';
-    public const SOURCE_VERSION = '2.5.999-dev+source';
+    public const VERSION = '2.5.3';
+    public const BRANCH_ALIAS_VERSION = '';
+    public const RELEASE_DATE = '2023-02-10 13:23:52';
+    public const SOURCE_VERSION = '';
 
     /**
      * Version number of the internal composer-runtime-api package

From c92485a3fba0adac63c872aac56e88f87d13c0ab Mon Sep 17 00:00:00 2001
From: Jordi Boggiano <j.boggiano@seld.be>
Date: Fri, 10 Feb 2023 13:23:53 +0100
Subject: [PATCH 4/4] Reverting release version changes

---
 src/Composer/Composer.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/Composer/Composer.php b/src/Composer/Composer.php
index 6dd019db4..8a870cc47 100644
--- a/src/Composer/Composer.php
+++ b/src/Composer/Composer.php
@@ -51,10 +51,10 @@ class Composer extends PartialComposer
      *
      * @see getVersion()
      */
-    public const VERSION = '2.5.3';
-    public const BRANCH_ALIAS_VERSION = '';
-    public const RELEASE_DATE = '2023-02-10 13:23:52';
-    public const SOURCE_VERSION = '';
+    public const VERSION = '@package_version@';
+    public const BRANCH_ALIAS_VERSION = '@package_branch_alias_version@';
+    public const RELEASE_DATE = '@release_date@';
+    public const SOURCE_VERSION = '2.5.999-dev+source';
 
     /**
      * Version number of the internal composer-runtime-api package