public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Error out on recursive links in validating loader and ignore them in regular loader

pull/10272/head
Jordi Boggiano 2021-11-10 11:07:44 +01:00
parent bd4d624cc7
commit b09a39f9c8
No known key found for this signature in database
GPG Key ID: 7BBD42C429EC80BC
4 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Composer/Package/Loader/ArrayLoader.php
View File

@ -327,6 +327,12 @@ class ArrayLoader implements LoaderInterface
$links = array(); $links = array();
foreach ($config[$type] as $prettyTarget => $constraint) { foreach ($config[$type] as $prettyTarget => $constraint) {
$target = strtolower($prettyTarget); $target = strtolower($prettyTarget);
// recursive links are not supported
if ($target === $name) {
continue;
}
if ($constraint === 'self.version') { if ($constraint === 'self.version') {
$links[$target] = $this->createLink($name, $prettyVersion, $opts['method'], $target, $constraint); $links[$target] = $this->createLink($name, $prettyVersion, $opts['method'], $target, $constraint);
} else { } else {

5
src/Composer/Package/Loader/ValidatingArrayLoader.php
View File

@ -241,6 +241,11 @@ class ValidatingArrayLoader implements LoaderInterface
foreach (array_keys(BasePackage::$supportedLinkTypes) as $linkType) { foreach (array_keys(BasePackage::$supportedLinkTypes) as $linkType) {
if ($this->validateArray($linkType) && isset($this->config[$linkType])) { if ($this->validateArray($linkType) && isset($this->config[$linkType])) {
foreach ($this->config[$linkType] as $package => $constraint) { foreach ($this->config[$linkType] as $package => $constraint) {
if (0 === strcasecmp($package, $this->config['name'])) {
$this->errors[] = $linkType.'.'.$package.' : a package cannot set a '.$linkType.' on itself';
unset($this->config[$linkType][$package]);
continue;
}
if ($err = self::hasPackageNamingError($package, true)) { if ($err = self::hasPackageNamingError($package, true)) {
$this->warnings[] = 'Deprecation warning: '.$linkType.'.'.$err.' Make sure you fix this as Composer 2.0 will error.'; $this->warnings[] = 'Deprecation warning: '.$linkType.'.'.$err.' Make sure you fix this as Composer 2.0 will error.';
} elseif (!preg_match('{^[A-Za-z0-9_./-]+$}', $package)) { } elseif (!preg_match('{^[A-Za-z0-9_./-]+$}', $package)) {

2
tests/Composer/Test/Fixtures/installer/circular-dependency2.test
View File

@ -17,7 +17,7 @@ Circular dependencies are possible between packages
"version": "1.0.0", "version": "1.0.0",
"source": { "reference": "some.branch", "type": "git", "url": "" }, "source": { "reference": "some.branch", "type": "git", "url": "" },
"require": { "require": {
"require/itself": "1.0.0" "root/pkg": "dev-master"
} }
}, },
{ {

9
tests/Composer/Test/Package/Loader/ValidatingArrayLoaderTest.php
View File

@ -354,6 +354,15 @@ class ValidatingArrayLoaderTest extends TestCase
'source.url : must not start with a "-", "--foo" given', 'source.url : must not start with a "-", "--foo" given',
), ),
), ),
array(
array(
'name' => 'foo/bar',
'require' => array('foo/Bar' => '1.*'),
),
array(
'require.foo/Bar : a package cannot set a require on itself',
),
),
)); ));
} }