Add COMPOSER_DISABLE_ROOT_WARN env var and skip root warning on self-update command as well, refs #5119
parent
eb84ca564f
commit
cb8587cdad
|
@ -794,4 +794,10 @@ If set to 1, this env var will make Composer behave as if you passed the
|
|||
|
||||
If set to 1, this env disables the warning about having xdebug enabled.
|
||||
|
||||
### COMPOSER_DISABLE_ROOT_WARN
|
||||
|
||||
If set to 1, this env disables the warning about running commands as root. It also
|
||||
disables automatic clearing of sudo sessions, so you should really only set this
|
||||
if you use Composer as root at all times like in docker containers.
|
||||
|
||||
← [Libraries](02-libraries.md) | [Schema](04-schema.md) →
|
||||
|
|
|
@ -133,9 +133,11 @@ class Application extends BaseApplication
|
|||
$input->setInteractive(false);
|
||||
}
|
||||
|
||||
if (!Platform::isWindows() && function_exists('exec')) {
|
||||
if (!Platform::isWindows() && function_exists('exec') && !getenv('COMPOSER_DISABLE_ROOT_WARN')) {
|
||||
if (function_exists('posix_getuid') && posix_getuid() === 0) {
|
||||
$io->writeError('<warning>Running composer as root is highly discouraged as packages, plugins and scripts cannot always be trusted</warning>');
|
||||
if ($commandName !== 'self-update' && $commandName !== 'selfupdate') {
|
||||
$io->writeError('<warning>Running composer as root is highly discouraged as packages, plugins and scripts cannot always be trusted</warning>');
|
||||
}
|
||||
if ($uid = getenv('SUDO_UID')) {
|
||||
// Silently clobber any sudo credentials on the invoking user to avoid privilege escalations later on
|
||||
// ref. https://github.com/composer/composer/issues/5119
|
||||
|
|
Loading…
Reference in New Issue