From c3efff91f85bf23acdb73cd4296d28f3a1a06370 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Mon, 4 Mar 2024 13:44:43 +0100 Subject: [PATCH] Fix plugins still being available in a few special contexts when running as non-interactive root, mainly create-project, refs #11854 --- src/Composer/Command/BaseCommand.php | 23 +++++++++++++++++++ src/Composer/Command/CreateProjectCommand.php | 10 ++++---- src/Composer/Command/SearchCommand.php | 2 +- src/Composer/Command/ValidateCommand.php | 2 +- 4 files changed, 30 insertions(+), 7 deletions(-) diff --git a/src/Composer/Command/BaseCommand.php b/src/Composer/Command/BaseCommand.php index b6b1439de..bdfbb0d05 100644 --- a/src/Composer/Command/BaseCommand.php +++ b/src/Composer/Command/BaseCommand.php @@ -289,6 +289,29 @@ abstract class BaseCommand extends Command parent::initialize($input, $output); } + /** + * Calls {@see Factory::create()} with the given arguments, taking into account flags and default states for disabling scripts and plugins + * + * @param mixed $config either a configuration array or a filename to read from, if null it will read from + * the default filename + * @return Composer + */ + protected function createComposerInstance(InputInterface $input, IOInterface $io, $config = null, ?bool $disablePlugins = null, ?bool $disableScripts = null): Composer + { + $disablePlugins = $disablePlugins === true || $input->hasParameterOption('--no-plugins'); + $disableScripts = $disableScripts === true || $input->hasParameterOption('--no-scripts'); + + $application = parent::getApplication(); + if ($application instanceof Application && $application->getDisablePluginsByDefault()) { + $disablePlugins = true; + } + if ($application instanceof Application && $application->getDisableScriptsByDefault()) { + $disableScripts = true; + } + + return Factory::create($io, $config, $disablePlugins, $disableScripts); + } + /** * Returns preferSource and preferDist values based on the configuration. * diff --git a/src/Composer/Command/CreateProjectCommand.php b/src/Composer/Command/CreateProjectCommand.php index f0bb7dbb5..b7e873684 100644 --- a/src/Composer/Command/CreateProjectCommand.php +++ b/src/Composer/Command/CreateProjectCommand.php @@ -193,7 +193,7 @@ EOT $this->suggestedPackagesReporter = new SuggestedPackagesReporter($io); if ($packageName !== null) { - $installedFromVcs = $this->installRootPackage($io, $config, $packageName, $platformRequirementFilter, $directory, $packageVersion, $stability, $preferSource, $preferDist, $installDevPackages, $repositories, $disablePlugins, $disableScripts, $noProgress, $secureHttp); + $installedFromVcs = $this->installRootPackage($input, $io, $config, $packageName, $platformRequirementFilter, $directory, $packageVersion, $stability, $preferSource, $preferDist, $installDevPackages, $repositories, $disablePlugins, $disableScripts, $noProgress, $secureHttp); } else { $installedFromVcs = false; } @@ -202,7 +202,7 @@ EOT unlink('composer.lock'); } - $composer = Factory::create($io, null, $disablePlugins, $disableScripts); + $composer = $this->createComposerInstance($input, $io, null, $disablePlugins, $disableScripts); // add the repository to the composer.json and use it for the install run later if ($repositories !== null && $addRepository) { @@ -221,7 +221,7 @@ EOT $configSource->addRepository($name, $repoConfig, false); } - $composer = Factory::create($io, null, $disablePlugins); + $composer = $this->createComposerInstance($input, $io, null, $disablePlugins); } } @@ -336,7 +336,7 @@ EOT * * @throws \Exception */ - protected function installRootPackage(IOInterface $io, Config $config, string $packageName, PlatformRequirementFilterInterface $platformRequirementFilter, ?string $directory = null, ?string $packageVersion = null, ?string $stability = 'stable', bool $preferSource = false, bool $preferDist = false, bool $installDevPackages = false, ?array $repositories = null, bool $disablePlugins = false, bool $disableScripts = false, bool $noProgress = false, bool $secureHttp = true): bool + protected function installRootPackage(InputInterface $input, IOInterface $io, Config $config, string $packageName, PlatformRequirementFilterInterface $platformRequirementFilter, ?string $directory = null, ?string $packageVersion = null, ?string $stability = 'stable', bool $preferSource = false, bool $preferDist = false, bool $installDevPackages = false, ?array $repositories = null, bool $disablePlugins = false, bool $disableScripts = false, bool $noProgress = false, bool $secureHttp = true): bool { if (!$secureHttp) { $config->merge(['config' => ['secure-http' => false]], Config::SOURCE_COMMAND); @@ -388,7 +388,7 @@ EOT throw new \InvalidArgumentException('Invalid stability provided ('.$stability.'), must be one of: '.implode(', ', array_keys(BasePackage::$stabilities))); } - $composer = Factory::create($io, $config->all(), $disablePlugins, $disableScripts); + $composer = $this->createComposerInstance($input, $io, $config->all(), $disablePlugins, $disableScripts); $config = $composer->getConfig(); $rm = $composer->getRepositoryManager(); diff --git a/src/Composer/Command/SearchCommand.php b/src/Composer/Command/SearchCommand.php index 61f0f95eb..d95c94168 100644 --- a/src/Composer/Command/SearchCommand.php +++ b/src/Composer/Command/SearchCommand.php @@ -67,7 +67,7 @@ EOT } if (!($composer = $this->tryComposer())) { - $composer = Factory::create($this->getIO(), [], $input->hasParameterOption('--no-plugins')); + $composer = $this->createComposerInstance($input, $this->getIO(), []); } $localRepo = $composer->getRepositoryManager()->getLocalRepository(); $installedRepo = new CompositeRepository([$localRepo, $platformRepo]); diff --git a/src/Composer/Command/ValidateCommand.php b/src/Composer/Command/ValidateCommand.php index a5d1e9c46..529401e98 100644 --- a/src/Composer/Command/ValidateCommand.php +++ b/src/Composer/Command/ValidateCommand.php @@ -91,7 +91,7 @@ EOT [$errors, $publishErrors, $warnings] = $validator->validate($file, $checkAll, $checkVersion); $lockErrors = []; - $composer = Factory::create($io, $file, $input->hasParameterOption('--no-plugins')); + $composer = $this->createComposerInstance($input, $io, $file); // config.lock = false ~= implicit --no-check-lock; --check-lock overrides $checkLock = ($checkLock && $composer->getConfig()->get('lock')) || $input->getOption('check-lock'); $locker = $composer->getLocker();