From fa799970ada7057b1b41c67dba182ee01d7b09ec Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Sun, 7 Jun 2020 22:15:09 +0100 Subject: [PATCH 1/3] Replace whitelist with allow list --- doc/01-basic-usage.md | 2 +- doc/03-cli.md | 4 +- src/Composer/Autoload/AutoloadGenerator.php | 22 ++--- src/Composer/Autoload/ClassMapGenerator.php | 10 +- src/Composer/Cache.php | 22 ++--- src/Composer/Command/InitCommand.php | 4 +- src/Composer/Command/RemoveCommand.php | 4 +- src/Composer/Command/RequireCommand.php | 6 +- src/Composer/Command/UpdateCommand.php | 10 +- src/Composer/DependencyResolver/Pool.php | 11 ++- .../DependencyResolver/RuleSetGenerator.php | 34 +++++-- src/Composer/Installer.php | 97 ++++++++++++++----- src/Composer/Package/BasePackage.php | 8 +- src/Composer/Repository/Vcs/GitHubDriver.php | 4 +- .../installer/github-issues-4795-2.test | 4 +- .../installer/github-issues-4795.test | 6 +- .../install-from-lock-removes-package.test | 12 +-- ...e-downgrades-non-whitelisted-unstable.test | 2 +- ...ce-from-lock-for-non-updated-packages.test | 2 +- .../partial-update-without-lock.test | 2 +- .../installer/update-changes-url.test | 4 +- .../update-whitelist-locked-require.test | 14 +-- ...telist-patterns-with-all-dependencies.test | 24 ++--- ...-whitelist-patterns-with-dependencies.test | 24 ++--- ...elist-patterns-with-root-dependencies.test | 44 ++++----- ...itelist-patterns-without-dependencies.test | 24 ++--- .../installer/update-whitelist-patterns.test | 2 +- .../update-whitelist-removes-unused.test | 14 +-- .../update-whitelist-with-dependencies.test | 14 +-- ...te-whitelist-with-dependency-conflict.test | 12 +-- .../Fixtures/installer/update-whitelist.test | 14 +-- .../update-with-all-dependencies.test | 2 +- tests/Composer/Test/InstallerTest.php | 6 +- 33 files changed, 269 insertions(+), 195 deletions(-) diff --git a/doc/01-basic-usage.md b/doc/01-basic-usage.md index 8c634bcfd..ac8086491 100644 --- a/doc/01-basic-usage.md +++ b/doc/01-basic-usage.md @@ -159,7 +159,7 @@ php composer.phar update > if the `composer.lock` has not been updated since changes were made to the > `composer.json` that might affect dependency resolution. -If you only want to install or update one dependency, you can whitelist them: +If you only want to install or update one dependency, you can allow list them: ```sh php composer.phar update monolog/monolog [...] diff --git a/doc/03-cli.md b/doc/03-cli.md index 0c41e9ef7..833cf2c5c 100644 --- a/doc/03-cli.md +++ b/doc/03-cli.md @@ -157,8 +157,8 @@ php composer.phar update "vendor/*" * **--no-progress:** Removes the progress display that can mess with some terminals or scripts which don't handle backspace characters. * **--no-suggest:** Skips suggested packages in the output. -* **--with-dependencies:** Add also dependencies of whitelisted packages to the whitelist, except those that are root requirements. -* **--with-all-dependencies:** Add also all dependencies of whitelisted packages to the whitelist, including those that are root requirements. +* **--with-dependencies:** Add also dependencies of allowed packages to the allow list, except those that are root requirements. +* **--with-all-dependencies:** Add also all dependencies of allowed packages to the allow list, including those that are root requirements. * **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to get a faster autoloader. This is recommended especially for production, but can take a bit of time to run so it is currently not done by default. diff --git a/src/Composer/Autoload/AutoloadGenerator.php b/src/Composer/Autoload/AutoloadGenerator.php index 371f3ed76..863ceac43 100644 --- a/src/Composer/Autoload/AutoloadGenerator.php +++ b/src/Composer/Autoload/AutoloadGenerator.php @@ -229,16 +229,16 @@ EOF; EOF; } - $blacklist = null; + $excluded = null; if (!empty($autoloads['exclude-from-classmap'])) { - $blacklist = '{(' . implode('|', $autoloads['exclude-from-classmap']) . ')}'; + $excluded = '{(' . implode('|', $autoloads['exclude-from-classmap']) . ')}'; } $classMap = array(); $ambiguousClasses = array(); $scannedFiles = array(); foreach ($autoloads['classmap'] as $dir) { - $classMap = $this->addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $blacklist, null, null, $classMap, $ambiguousClasses, $scannedFiles); + $classMap = $this->addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $excluded, null, null, $classMap, $ambiguousClasses, $scannedFiles); } if ($scanPsrPackages) { @@ -261,7 +261,7 @@ EOF; continue; } - $classMap = $this->addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $blacklist, $namespace, $group['type'], $classMap, $ambiguousClasses, $scannedFiles); + $classMap = $this->addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $excluded, $namespace, $group['type'], $classMap, $ambiguousClasses, $scannedFiles); } } } @@ -336,9 +336,9 @@ EOF; return 0; } - private function addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $blacklist, $namespaceFilter, $autoloadType, array $classMap, array &$ambiguousClasses, array &$scannedFiles) + private function addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $excluded, $namespaceFilter, $autoloadType, array $classMap, array &$ambiguousClasses, array &$scannedFiles) { - foreach ($this->generateClassMap($dir, $blacklist, $namespaceFilter, $autoloadType, true, $scannedFiles) as $class => $path) { + foreach ($this->generateClassMap($dir, $excluded, $namespaceFilter, $autoloadType, true, $scannedFiles) as $class => $path) { $pathCode = $this->getPathCode($filesystem, $basePath, $vendorPath, $path).",\n"; if (!isset($classMap[$class])) { $classMap[$class] = $pathCode; @@ -350,9 +350,9 @@ EOF; return $classMap; } - private function generateClassMap($dir, $blacklist, $namespaceFilter, $autoloadType, $showAmbiguousWarning, array &$scannedFiles) + private function generateClassMap($dir, $excluded, $namespaceFilter, $autoloadType, $showAmbiguousWarning, array &$scannedFiles) { - return ClassMapGenerator::createMap($dir, $blacklist, $showAmbiguousWarning ? $this->io : null, $namespaceFilter, $autoloadType, $scannedFiles); + return ClassMapGenerator::createMap($dir, $excluded, $showAmbiguousWarning ? $this->io : null, $namespaceFilter, $autoloadType, $scannedFiles); } public function buildPackageMap(InstallationManager $installationManager, PackageInterface $mainPackage, array $packages) @@ -456,15 +456,15 @@ EOF; } if (isset($autoloads['classmap'])) { - $blacklist = null; + $excluded = null; if (!empty($autoloads['exclude-from-classmap'])) { - $blacklist = '{(' . implode('|', $autoloads['exclude-from-classmap']) . ')}'; + $excluded = '{(' . implode('|', $autoloads['exclude-from-classmap']) . ')}'; } $scannedFiles = array(); foreach ($autoloads['classmap'] as $dir) { try { - $loader->addClassMap($this->generateClassMap($dir, $blacklist, null, null, false, $scannedFiles)); + $loader->addClassMap($this->generateClassMap($dir, $excluded, null, null, false, $scannedFiles)); } catch (\RuntimeException $e) { $this->io->writeError(''.$e->getMessage().''); } diff --git a/src/Composer/Autoload/ClassMapGenerator.php b/src/Composer/Autoload/ClassMapGenerator.php index c0b011f3f..4adbcc8be 100644 --- a/src/Composer/Autoload/ClassMapGenerator.php +++ b/src/Composer/Autoload/ClassMapGenerator.php @@ -51,7 +51,7 @@ class ClassMapGenerator * Iterate over all files in the given directory searching for classes * * @param \Iterator|string $path The path to search in or an iterator - * @param string $blacklist Regex that matches against the file path that exclude from the classmap. + * @param string $excluded Regex that matches against the file path that exclude from the classmap. * @param IOInterface $io IO object * @param string $namespace Optional namespace prefix to filter by * @param string $autoloadType psr-0|psr-4 Optional autoload standard to use mapping rules @@ -59,7 +59,7 @@ class ClassMapGenerator * @throws \RuntimeException When the path is neither an existing file nor directory * @return array A class map array */ - public static function createMap($path, $blacklist = null, IOInterface $io = null, $namespace = null, $autoloadType = null, &$scannedFiles = array()) + public static function createMap($path, $excluded = null, IOInterface $io = null, $namespace = null, $autoloadType = null, &$scannedFiles = array()) { if (is_string($path)) { $basePath = $path; @@ -102,12 +102,12 @@ class ClassMapGenerator continue; } - // check the realpath of the file against the blacklist as the path might be a symlink and the blacklist is realpath'd so symlink are resolved - if ($blacklist && preg_match($blacklist, strtr($realPath, '\\', '/'))) { + // check the realpath of the file against the excluded paths as the path might be a symlink and the excluded path is realpath'd so symlink are resolved + if ($excluded && preg_match($excluded, strtr($realPath, '\\', '/'))) { continue; } // check non-realpath of file for directories symlink in project dir - if ($blacklist && preg_match($blacklist, strtr($filePath, '\\', '/'))) { + if ($excluded && preg_match($excluded, strtr($filePath, '\\', '/'))) { continue; } diff --git a/src/Composer/Cache.php b/src/Composer/Cache.php index 06c6a0996..069f59d5d 100644 --- a/src/Composer/Cache.php +++ b/src/Composer/Cache.php @@ -28,20 +28,20 @@ class Cache private $io; private $root; private $enabled = true; - private $whitelist; + private $allowList; private $filesystem; /** * @param IOInterface $io * @param string $cacheDir location of the cache - * @param string $whitelist List of characters that are allowed in path names (used in a regex character class) + * @param string $allowList List of characters that are allowed in path names (used in a regex character class) * @param Filesystem $filesystem optional filesystem instance */ - public function __construct(IOInterface $io, $cacheDir, $whitelist = 'a-z0-9.', Filesystem $filesystem = null) + public function __construct(IOInterface $io, $cacheDir, $allowList = 'a-z0-9.', Filesystem $filesystem = null) { $this->io = $io; $this->root = rtrim($cacheDir, '/\\') . '/'; - $this->whitelist = $whitelist; + $this->allowList = $allowList; $this->filesystem = $filesystem ?: new Filesystem(); if (!self::isUsable($cacheDir)) { @@ -77,7 +77,7 @@ class Cache public function read($file) { if ($this->enabled) { - $file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); + $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file); if (file_exists($this->root . $file)) { $this->io->writeError('Reading '.$this->root . $file.' from cache', true, IOInterface::DEBUG); @@ -91,7 +91,7 @@ class Cache public function write($file, $contents) { if ($this->enabled) { - $file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); + $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file); $this->io->writeError('Writing '.$this->root . $file.' into cache', true, IOInterface::DEBUG); @@ -129,7 +129,7 @@ class Cache public function copyFrom($file, $source) { if ($this->enabled) { - $file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); + $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file); $this->filesystem->ensureDirectoryExists(dirname($this->root . $file)); if (!file_exists($source)) { @@ -150,7 +150,7 @@ class Cache public function copyTo($file, $target) { if ($this->enabled) { - $file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); + $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file); if (file_exists($this->root . $file)) { try { touch($this->root . $file, filemtime($this->root . $file), time()); @@ -177,7 +177,7 @@ class Cache public function remove($file) { if ($this->enabled) { - $file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); + $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file); if (file_exists($this->root . $file)) { return $this->filesystem->unlink($this->root . $file); } @@ -229,7 +229,7 @@ class Cache public function sha1($file) { if ($this->enabled) { - $file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); + $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file); if (file_exists($this->root . $file)) { return sha1_file($this->root . $file); } @@ -241,7 +241,7 @@ class Cache public function sha256($file) { if ($this->enabled) { - $file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); + $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file); if (file_exists($this->root . $file)) { return hash_file('sha256', $this->root . $file); } diff --git a/src/Composer/Command/InitCommand.php b/src/Composer/Command/InitCommand.php index d234a8cba..59f0488d1 100644 --- a/src/Composer/Command/InitCommand.php +++ b/src/Composer/Command/InitCommand.php @@ -86,8 +86,8 @@ EOT { $io = $this->getIO(); - $whitelist = array('name', 'description', 'author', 'type', 'homepage', 'require', 'require-dev', 'stability', 'license'); - $options = array_filter(array_intersect_key($input->getOptions(), array_flip($whitelist))); + $allowList = array('name', 'description', 'author', 'type', 'homepage', 'require', 'require-dev', 'stability', 'license'); + $options = array_filter(array_intersect_key($input->getOptions(), array_flip($allowList))); if (isset($options['author'])) { $options['authors'] = $this->formatAuthors($options['author']); diff --git a/src/Composer/Command/RemoveCommand.php b/src/Composer/Command/RemoveCommand.php index e4407d4cb..e6a2fbfb3 100644 --- a/src/Composer/Command/RemoveCommand.php +++ b/src/Composer/Command/RemoveCommand.php @@ -146,8 +146,8 @@ EOT ->setClassMapAuthoritative($authoritative) ->setApcuAutoloader($apcu) ->setUpdate(true) - ->setUpdateWhitelist($packages) - ->setWhitelistTransitiveDependencies(!$input->getOption('no-update-with-dependencies')) + ->setUpdateAllowList($packages) + ->setAllowListTransitiveDependencies(!$input->getOption('no-update-with-dependencies')) ->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs')) ->setRunScripts(!$input->getOption('no-scripts')) ; diff --git a/src/Composer/Command/RequireCommand.php b/src/Composer/Command/RequireCommand.php index 9b59e7feb..45bd315fe 100644 --- a/src/Composer/Command/RequireCommand.php +++ b/src/Composer/Command/RequireCommand.php @@ -237,9 +237,9 @@ EOT ->setClassMapAuthoritative($authoritative) ->setApcuAutoloader($apcu) ->setUpdate(true) - ->setUpdateWhitelist(array_keys($requirements)) - ->setWhitelistTransitiveDependencies($input->getOption('update-with-dependencies')) - ->setWhitelistAllDependencies($input->getOption('update-with-all-dependencies')) + ->setUpdatAllowList(array_keys($requirements)) + ->setAllowListTransitiveDependencies($input->getOption('update-with-dependencies')) + ->setAllowListAllDependencies($input->getOption('update-with-all-dependencies')) ->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs')) ->setPreferStable($input->getOption('prefer-stable')) ->setPreferLowest($input->getOption('prefer-lowest')) diff --git a/src/Composer/Command/UpdateCommand.php b/src/Composer/Command/UpdateCommand.php index e68c265c0..44f1e7dea 100644 --- a/src/Composer/Command/UpdateCommand.php +++ b/src/Composer/Command/UpdateCommand.php @@ -49,8 +49,8 @@ class UpdateCommand extends BaseCommand new InputOption('no-scripts', null, InputOption::VALUE_NONE, 'Skips the execution of all scripts defined in composer.json file.'), new InputOption('no-progress', null, InputOption::VALUE_NONE, 'Do not output download progress.'), new InputOption('no-suggest', null, InputOption::VALUE_NONE, 'Do not show package suggestions.'), - new InputOption('with-dependencies', null, InputOption::VALUE_NONE, 'Add also dependencies of whitelisted packages to the whitelist, except those defined in root package.'), - new InputOption('with-all-dependencies', null, InputOption::VALUE_NONE, 'Add also all dependencies of whitelisted packages to the whitelist, including those defined in root package.'), + new InputOption('with-dependencies', null, InputOption::VALUE_NONE, 'Add also dependencies of allowed packages to the allow list, except those defined in root package.'), + new InputOption('with-all-dependencies', null, InputOption::VALUE_NONE, 'Add also all dependencies of allowed packages to the allow list, including those defined in root package.'), new InputOption('verbose', 'v|vv|vvv', InputOption::VALUE_NONE, 'Shows more details including new commits pulled in when updating packages.'), new InputOption('optimize-autoloader', 'o', InputOption::VALUE_NONE, 'Optimize autoloader during autoloader dump.'), new InputOption('classmap-authoritative', 'a', InputOption::VALUE_NONE, 'Autoload classes from the classmap only. Implicitly enables `--optimize-autoloader`.'), @@ -148,9 +148,9 @@ EOT ->setClassMapAuthoritative($authoritative) ->setApcuAutoloader($apcu) ->setUpdate(true) - ->setUpdateWhitelist($input->getOption('lock') ? array('lock') : $packages) - ->setWhitelistTransitiveDependencies($input->getOption('with-dependencies')) - ->setWhitelistAllDependencies($input->getOption('with-all-dependencies')) + ->setUpdateAllowList($input->getOption('lock') ? array('lock') : $packages) + ->setAllowListTransitiveDependencies($input->getOption('with-dependencies')) + ->setAllowListAllDependencies($input->getOption('with-all-dependencies')) ->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs')) ->setPreferStable($input->getOption('prefer-stable')) ->setPreferLowest($input->getOption('prefer-lowest')) diff --git a/src/Composer/DependencyResolver/Pool.php b/src/Composer/DependencyResolver/Pool.php index 085aaa7bf..8021275b6 100644 --- a/src/Composer/DependencyResolver/Pool.php +++ b/src/Composer/DependencyResolver/Pool.php @@ -50,7 +50,7 @@ class Pool implements \Countable protected $versionParser; protected $providerCache = array(); protected $filterRequires; - protected $whitelist = null; + protected $whitelist = null; // TODO 2.0 rename to allowList protected $id = 1; public function __construct($minimumStability = 'stable', array $stabilityFlags = array(), array $filterRequires = array()) @@ -71,6 +71,15 @@ class Pool implements \Countable } } + public function setAllowList($allowList) + { + // call original method for BC + $this->setWhitelist($allowList); + } + + /** + * @deprecated use setAllowList instead + */ public function setWhitelist($whitelist) { $this->whitelist = $whitelist; diff --git a/src/Composer/DependencyResolver/RuleSetGenerator.php b/src/Composer/DependencyResolver/RuleSetGenerator.php index e8714a405..8638440bd 100644 --- a/src/Composer/DependencyResolver/RuleSetGenerator.php +++ b/src/Composer/DependencyResolver/RuleSetGenerator.php @@ -26,7 +26,7 @@ class RuleSetGenerator protected $rules; protected $jobs; protected $installedMap; - protected $whitelistedMap; + protected $allowListedMap; protected $addedMap; protected $conflictAddedMap; protected $addedPackages; @@ -147,6 +147,15 @@ class RuleSetGenerator $this->rules->add($newRule, $type); } + protected function allowListFromPackage(PackageInterface $package) + { + // call original method for BC + $this->whitelistFromPackage($package); + } + + /** + * @deprecated use whitelistFromPackage instead + */ protected function whitelistFromPackage(PackageInterface $package) { $workQueue = new \SplQueue; @@ -154,11 +163,11 @@ class RuleSetGenerator while (!$workQueue->isEmpty()) { $package = $workQueue->dequeue(); - if (isset($this->whitelistedMap[$package->id])) { + if (isset($this->allowListedMap[$package->id])) { continue; } - $this->whitelistedMap[$package->id] = true; + $this->allowListedMap[$package->id] = true; foreach ($package->getRequires() as $link) { $possibleRequires = $this->pool->whatProvides($link->getTarget(), $link->getConstraint(), true); @@ -294,6 +303,15 @@ class RuleSetGenerator return $impossible; } + protected function allowListFromJobs() + { + // call original method for BC + $this->whitelistFromJobs(); + } + + /** + * @deprecated use allowListFromJobs instead + */ protected function whitelistFromJobs() { foreach ($this->jobs as $job) { @@ -301,7 +319,7 @@ class RuleSetGenerator case 'install': $packages = $this->pool->whatProvides($job['packageName'], $job['constraint'], true); foreach ($packages as $package) { - $this->whitelistFromPackage($package); + $this->allowListFromPackage($package); } break; } @@ -348,13 +366,13 @@ class RuleSetGenerator $this->rules = new RuleSet; $this->installedMap = $installedMap; - $this->whitelistedMap = array(); + $this->allowListedMap = array(); foreach ($this->installedMap as $package) { - $this->whitelistFromPackage($package); + $this->allowListFromPackage($package); } - $this->whitelistFromJobs(); + $this->allowListFromJobs(); - $this->pool->setWhitelist($this->whitelistedMap); + $this->pool->setAllowList($this->allowListedMap); $this->addedMap = array(); $this->conflictAddedMap = array(); diff --git a/src/Composer/Installer.php b/src/Composer/Installer.php index c5c0f7a21..c7af69427 100644 --- a/src/Composer/Installer.php +++ b/src/Composer/Installer.php @@ -127,9 +127,9 @@ class Installer * * @var array|null */ - protected $updateWhitelist = null; - protected $whitelistDependencies = false; // TODO 2.0 rename to whitelistTransitiveDependencies - protected $whitelistAllDependencies = false; + protected $updateWhitelist = null; // TODO 2.0 rename to updateAllowList + protected $whitelistDependencies = false; // TODO 2.0 rename to allowListTransitiveDependencies + protected $whitelistAllDependencies = false; // TODO 2.0 rename to allowListAllDependencies /** * @var SuggestedPackagesReporter @@ -360,7 +360,7 @@ class Installer $repositories = null; // initialize locked repo if we are installing from lock or in a partial update - // and a lock file is present as we need to force install non-whitelisted lock file + // and a lock file is present as we need to force install non-allowed lock file // packages in that case if (!$this->update || (!empty($this->updateWhitelist) && $this->locker->isLocked())) { try { @@ -375,7 +375,7 @@ class Installer } } - $this->whitelistUpdateDependencies( + $this->allowListUpdateDependencies( $lockedRepository ?: $localRepo, $this->package->getRequires(), $this->package->getDevRequires() @@ -1011,7 +1011,7 @@ class Installer } if ($this->update) { - // skip package if the whitelist is enabled and it is not in it + // skip package if the allow list is enabled and it is not in it if ($this->updateWhitelist && !$this->isUpdateable($package)) { // check if non-updateable packages are out of date compared to the lock file to ensure we don't corrupt it foreach ($currentPackages as $curPackage) { @@ -1280,11 +1280,11 @@ class Installer private function isUpdateable(PackageInterface $package) { if (!$this->updateWhitelist) { - throw new \LogicException('isUpdateable should only be called when a whitelist is present'); + throw new \LogicException('isUpdateable should only be called when an allow list is present'); } - foreach ($this->updateWhitelist as $whiteListedPattern => $void) { - $patternRegexp = BasePackage::packageNameToRegexp($whiteListedPattern); + foreach ($this->updateWhitelist as $pattern => $void) { + $patternRegexp = BasePackage::packageNameToRegexp($pattern); if (preg_match($patternRegexp, $package->getName())) { return true; } @@ -1310,11 +1310,11 @@ class Installer } /** - * Adds all dependencies of the update whitelist to the whitelist, too. + * Adds all dependencies of the update allow list to the allow list, too. * * Packages which are listed as requirements in the root package will be * skipped including their dependencies, unless they are listed in the - * update whitelist themselves or $whitelistAllDependencies is true. + * update allow list themselves or $whitelistAllDependencies is true. * * @param RepositoryInterface $localOrLockRepo Use the locked repo if available, otherwise installed repo will do * As we want the most accurate package list to work with, and installed @@ -1322,7 +1322,7 @@ class Installer * @param array $rootRequires An array of links to packages in require of the root package * @param array $rootDevRequires An array of links to packages in require-dev of the root package */ - private function whitelistUpdateDependencies($localOrLockRepo, array $rootRequires, array $rootDevRequires) + private function allowListUpdateDependencies($localOrLockRepo, array $rootRequires, array $rootDevRequires) { if (!$this->updateWhitelist) { return; @@ -1352,16 +1352,16 @@ class Installer $matchesByPattern = array(); // check if the name is a glob pattern that did not match directly if (empty($depPackages)) { - // add any installed package matching the whitelisted name/pattern - $whitelistPatternSearchRegexp = BasePackage::packageNameToRegexp($packageName, '^%s$'); - foreach ($localOrLockRepo->search($whitelistPatternSearchRegexp) as $installedPackage) { + // add any installed package matching the allow listed name/pattern + $allowListPatternSearchRegexp = BasePackage::packageNameToRegexp($packageName, '^%s$'); + foreach ($localOrLockRepo->search($allowListPatternSearchRegexp) as $installedPackage) { $matchesByPattern[] = $pool->whatProvides($installedPackage['name']); } - // add root requirements which match the whitelisted name/pattern - $whitelistPatternRegexp = BasePackage::packageNameToRegexp($packageName); + // add root requirements which match the allow listed name/pattern + $allowListPatternRegexp = BasePackage::packageNameToRegexp($packageName); foreach ($rootRequiredPackageNames as $rootRequiredPackageName) { - if (preg_match($whitelistPatternRegexp, $rootRequiredPackageName)) { + if (preg_match($allowListPatternRegexp, $rootRequiredPackageName)) { $nameMatchesRequiredPackage = true; break; } @@ -1404,7 +1404,7 @@ class Installer } if (isset($skipPackages[$requirePackage->getName()]) && !preg_match(BasePackage::packageNameToRegexp($packageName), $requirePackage->getName())) { - $this->io->writeError('Dependency "' . $requirePackage->getName() . '" is also a root requirement, but is not explicitly whitelisted. Ignoring.'); + $this->io->writeError('Dependency "' . $requirePackage->getName() . '" is also a root requirement, but is not explicitly allowed. Ignoring.'); continue; } @@ -1679,6 +1679,8 @@ class Installer * restrict the update operation to a few packages, all other packages * that are already installed will be kept at their current version * + * @deprecated use setAllowList instead + * * @param array $packages * @return Installer */ @@ -1690,7 +1692,20 @@ class Installer } /** - * @deprecated use setWhitelistTransitiveDependencies instead + * restrict the update operation to a few packages, all other packages + * that are already installed will be kept at their current version + * + * @param array $packages + * @return Installer + */ + public function setUpdateAllowList(array $packages) + { + // call original method for BC + return $this->setUpdateWhitelist($packages); + } + + /** + * @deprecated use setAllowListTransitiveDependencies instead */ public function setWhitelistDependencies($updateDependencies = true) { @@ -1698,11 +1713,13 @@ class Installer } /** - * Should dependencies of whitelisted packages (but not direct dependencies) be updated? + * Should dependencies of allowed packages (but not direct dependencies) be updated? * - * This will NOT whitelist any dependencies that are also directly defined + * This will NOT allow list any dependencies that are also directly defined * in the root package. * + * @deprecated use setAllowListTransitiveDependencies instead + * * @param bool $updateTransitiveDependencies * @return Installer */ @@ -1714,11 +1731,28 @@ class Installer } /** - * Should all dependencies of whitelisted packages be updated recursively? + * Should dependencies of allowed packages (but not direct dependencies) be updated? * - * This will whitelist any dependencies of the whitelisted packages, including + * This will NOT allow list any dependencies that are also directly defined + * in the root package. + * + * @param bool $updateTransitiveDependencies + * @return Installer + */ + public function setAllowListTransitiveDependencies($updateTransitiveDependencies = true) + { + // call original method for BC + return $this->setWhitelistTransitiveDependencies($updateTransitiveDependencies); + } + + /** + * Should all dependencies of allowed packages be updated recursively? + * + * This will allow list any dependencies of the allow listed packages, including * those defined in the root package. * + * @deprecated use setAllowListAllDependencies instead + * * @param bool $updateAllDependencies * @return Installer */ @@ -1729,6 +1763,21 @@ class Installer return $this; } + /** + * Should all dependencies of allowed packages be updated recursively? + * + * This will allow list any dependencies of the allow listed packages, including + * those defined in the root package. + * + * @param bool $updateAllDependencies + * @return Installer + */ + public function setAllowListAllDependencies($updateAllDependencies = true) + { + // call original method for BC + return $this->setWhitelistAllDependencies($updateAllDependencies); + } + /** * Should packages be preferred in a stable version when updating? * diff --git a/src/Composer/Package/BasePackage.php b/src/Composer/Package/BasePackage.php index 9630e7ef0..3987e7e87 100644 --- a/src/Composer/Package/BasePackage.php +++ b/src/Composer/Package/BasePackage.php @@ -238,14 +238,14 @@ abstract class BasePackage implements PackageInterface /** * Build a regexp from a package name, expanding * globs as required * - * @param string $whiteListedPattern + * @param string $allowListPattern * @param string $wrap Wrap the cleaned string by the given string * @return string */ - public static function packageNameToRegexp($whiteListedPattern, $wrap = '{^%s$}i') + public static function packageNameToRegexp($allowListPattern, $wrap = '{^%s$}i') { - $cleanedWhiteListedPattern = str_replace('\\*', '.*', preg_quote($whiteListedPattern)); + $cleanedAllowListPattern = str_replace('\\*', '.*', preg_quote($allowListPattern)); - return sprintf($wrap, $cleanedWhiteListedPattern); + return sprintf($wrap, $cleanedAllowListPattern); } } diff --git a/src/Composer/Repository/Vcs/GitHubDriver.php b/src/Composer/Repository/Vcs/GitHubDriver.php index 2fe7e872e..549625fa9 100644 --- a/src/Composer/Repository/Vcs/GitHubDriver.php +++ b/src/Composer/Repository/Vcs/GitHubDriver.php @@ -337,13 +337,11 @@ class GitHubDriver extends VcsDriver $this->branches = array(); $resource = $this->getApiUrl() . '/repos/'.$this->owner.'/'.$this->repository.'/git/refs/heads?per_page=100'; - $branchBlacklist = array('gh-pages'); - do { $branchData = JsonFile::parseJson($this->getContents($resource), $resource); foreach ($branchData as $branch) { $name = substr($branch['ref'], 11); - if (!in_array($name, $branchBlacklist)) { + if ($name !== 'gh-pages') { $this->branches[$name] = $branch['object']['sha']; } } diff --git a/tests/Composer/Test/Fixtures/installer/github-issues-4795-2.test b/tests/Composer/Test/Fixtures/installer/github-issues-4795-2.test index 877ac3653..c8d10d4cd 100644 --- a/tests/Composer/Test/Fixtures/installer/github-issues-4795-2.test +++ b/tests/Composer/Test/Fixtures/installer/github-issues-4795-2.test @@ -2,8 +2,8 @@ See Github issue #4795 ( github.com/composer/composer/issues/4795 ). -Composer\Installer::whitelistUpdateDependencies should not output a warning for dependencies that need to be updated -that are also a root package, when that root package is also explicitly whitelisted. +Composer\Installer::allowListUpdateDependencies should not output a warning for dependencies that need to be updated +that are also a root package, when that root package is also explicitly allowed. --COMPOSER-- { diff --git a/tests/Composer/Test/Fixtures/installer/github-issues-4795.test b/tests/Composer/Test/Fixtures/installer/github-issues-4795.test index 1f4b1af27..64d8e0b39 100644 --- a/tests/Composer/Test/Fixtures/installer/github-issues-4795.test +++ b/tests/Composer/Test/Fixtures/installer/github-issues-4795.test @@ -2,8 +2,8 @@ See Github issue #4795 ( github.com/composer/composer/issues/4795 ). -Composer\Installer::whitelistUpdateDependencies intentionally ignores root requirements even if said package is also a -dependency of one the requirements that is whitelisted for update. +Composer\Installer::allowListUpdateDependencies intentionally ignores root requirements even if said package is also a +dependency of one the requirements that is allowed for update. --COMPOSER-- { @@ -34,7 +34,7 @@ dependency of one the requirements that is whitelisted for update. update b/b --with-dependencies --EXPECT-OUTPUT-- -Dependency "a/a" is also a root requirement, but is not explicitly whitelisted. Ignoring. +Dependency "a/a" is also a root requirement, but is not explicitly allowed. Ignoring. Loading composer repositories with package information Updating dependencies (including require-dev) Nothing to install or update diff --git a/tests/Composer/Test/Fixtures/installer/install-from-lock-removes-package.test b/tests/Composer/Test/Fixtures/installer/install-from-lock-removes-package.test index 6063abfee..8a2bf39a1 100644 --- a/tests/Composer/Test/Fixtures/installer/install-from-lock-removes-package.test +++ b/tests/Composer/Test/Fixtures/installer/install-from-lock-removes-package.test @@ -6,8 +6,8 @@ Install from a lock file that deleted a package { "type": "package", "package": [ - { "name": "whitelisted", "version": "1.1.0" }, - { "name": "whitelisted", "version": "1.0.0", "require": { "fixed-dependency": "1.0.0", "old-dependency": "1.0.0" } }, + { "name": "allowed", "version": "1.1.0" }, + { "name": "allowed", "version": "1.0.0", "require": { "fixed-dependency": "1.0.0", "old-dependency": "1.0.0" } }, { "name": "fixed-dependency", "version": "1.1.0" }, { "name": "fixed-dependency", "version": "1.0.0" }, { "name": "old-dependency", "version": "1.0.0" } @@ -15,14 +15,14 @@ Install from a lock file that deleted a package } ], "require": { - "whitelisted": "1.*", + "allowed": "1.*", "fixed-dependency": "1.*" } } --LOCK-- { "packages": [ - { "name": "whitelisted", "version": "1.1.0" }, + { "name": "allowed", "version": "1.1.0" }, { "name": "fixed-dependency", "version": "1.0.0" } ], "packages-dev": null, @@ -33,7 +33,7 @@ Install from a lock file that deleted a package } --INSTALLED-- [ - { "name": "whitelisted", "version": "1.0.0", "require": { "old-dependency": "1.0.0", "fixed-dependency": "1.0.0" } }, + { "name": "allowed", "version": "1.0.0", "require": { "old-dependency": "1.0.0", "fixed-dependency": "1.0.0" } }, { "name": "fixed-dependency", "version": "1.0.0" }, { "name": "old-dependency", "version": "1.0.0" } ] @@ -41,4 +41,4 @@ Install from a lock file that deleted a package install --EXPECT-- Uninstalling old-dependency (1.0.0) -Updating whitelisted (1.0.0) to whitelisted (1.1.0) +Updating allowed (1.0.0) to allowed (1.1.0) diff --git a/tests/Composer/Test/Fixtures/installer/partial-update-downgrades-non-whitelisted-unstable.test b/tests/Composer/Test/Fixtures/installer/partial-update-downgrades-non-whitelisted-unstable.test index 3a428c97c..99c46a918 100644 --- a/tests/Composer/Test/Fixtures/installer/partial-update-downgrades-non-whitelisted-unstable.test +++ b/tests/Composer/Test/Fixtures/installer/partial-update-downgrades-non-whitelisted-unstable.test @@ -1,5 +1,5 @@ --TEST-- -Partial update from lock file should apply lock file and downgrade unstable packages even if not whitelisted +Partial update from lock file should apply lock file and downgrade unstable packages even if not allowed --COMPOSER-- { "repositories": [ diff --git a/tests/Composer/Test/Fixtures/installer/partial-update-forces-dev-reference-from-lock-for-non-updated-packages.test b/tests/Composer/Test/Fixtures/installer/partial-update-forces-dev-reference-from-lock-for-non-updated-packages.test index 4533d5a94..756c52d42 100644 --- a/tests/Composer/Test/Fixtures/installer/partial-update-forces-dev-reference-from-lock-for-non-updated-packages.test +++ b/tests/Composer/Test/Fixtures/installer/partial-update-forces-dev-reference-from-lock-for-non-updated-packages.test @@ -1,5 +1,5 @@ --TEST-- -Partial update forces updates dev reference from lock file for non whitelisted packages +Partial update forces updates dev reference from lock file for non allowed packages --COMPOSER-- { "repositories": [ diff --git a/tests/Composer/Test/Fixtures/installer/partial-update-without-lock.test b/tests/Composer/Test/Fixtures/installer/partial-update-without-lock.test index 94be9176c..97fc4bb49 100644 --- a/tests/Composer/Test/Fixtures/installer/partial-update-without-lock.test +++ b/tests/Composer/Test/Fixtures/installer/partial-update-without-lock.test @@ -1,5 +1,5 @@ --TEST-- -Partial update without lock file should update everything whitelisted, remove overly unstable packages +Partial update without lock file should update everything allowed, remove overly unstable packages --COMPOSER-- { "repositories": [ diff --git a/tests/Composer/Test/Fixtures/installer/update-changes-url.test b/tests/Composer/Test/Fixtures/installer/update-changes-url.test index 0a0d47507..5ca2df792 100644 --- a/tests/Composer/Test/Fixtures/installer/update-changes-url.test +++ b/tests/Composer/Test/Fixtures/installer/update-changes-url.test @@ -3,10 +3,10 @@ Update updates URLs for updated packages if they have changed a/a is dev and gets everything updated as it updates to a new ref b/b is a tag and gets everything updated by updating the package URL directly -c/c is a tag and not whitelisted and gets the new URL but keeps its old ref +c/c is a tag and not allowed and gets the new URL but keeps its old ref d/d is dev but with a #ref so it should get URL updated but not the reference e/e is dev and newly installed with a #ref so it should get the correct URL but with the #111 ref -e/e is dev but not whitelisted and gets the new URL but keeps its old ref +e/e is dev but not allowed and gets the new URL but keeps its old ref g/g is dev and installed in a different ref than the #ref, so it gets updated and gets the new URL but not the new ref --COMPOSER-- { diff --git a/tests/Composer/Test/Fixtures/installer/update-whitelist-locked-require.test b/tests/Composer/Test/Fixtures/installer/update-whitelist-locked-require.test index 381416af1..cad697e0b 100644 --- a/tests/Composer/Test/Fixtures/installer/update-whitelist-locked-require.test +++ b/tests/Composer/Test/Fixtures/installer/update-whitelist-locked-require.test @@ -1,13 +1,13 @@ --TEST-- -Update with a package whitelist only updates those packages if they are not present in composer.json +Update with a package allowed list only updates those packages if they are not present in composer.json --COMPOSER-- { "repositories": [ { "type": "package", "package": [ - { "name": "whitelisted", "version": "1.1.0", "require": { "dependency": "1.1.0", "fixed-dependency": "1.*" } }, - { "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.0.0", "fixed-dependency": "1.*" } }, + { "name": "allowed", "version": "1.1.0", "require": { "dependency": "1.1.0", "fixed-dependency": "1.*" } }, + { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.0.0", "fixed-dependency": "1.*" } }, { "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.0.0" }, { "name": "fixed-dependency", "version": "1.1.0", "require": { "fixed-sub-dependency": "1.*" } }, @@ -18,19 +18,19 @@ Update with a package whitelist only updates those packages if they are not pres } ], "require": { - "whitelisted": "1.*", + "allowed": "1.*", "fixed-dependency": "1.*" } } --INSTALLED-- [ - { "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.0.0", "fixed-dependency": "1.*" } }, + { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.0.0", "fixed-dependency": "1.*" } }, { "name": "dependency", "version": "1.0.0" }, { "name": "fixed-dependency", "version": "1.0.0", "require": { "fixed-sub-dependency": "1.*" } }, { "name": "fixed-sub-dependency", "version": "1.0.0" } ] --RUN-- -update whitelisted dependency +update allowed dependency --EXPECT-- Updating dependency (1.0.0) to dependency (1.1.0) -Updating whitelisted (1.0.0) to whitelisted (1.1.0) +Updating allowed (1.0.0) to allowed (1.1.0) diff --git a/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-all-dependencies.test b/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-all-dependencies.test index 8ea177cad..ec507859c 100644 --- a/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-all-dependencies.test +++ b/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-all-dependencies.test @@ -1,5 +1,5 @@ --TEST-- -Update with a package whitelist pattern and all-dependencies flag updates packages and their dependencies, even if defined as root dependency, matching the pattern +Update with a package allowed list pattern and all-dependencies flag updates packages and their dependencies, even if defined as root dependency, matching the pattern --COMPOSER-- { "repositories": [ @@ -8,10 +8,10 @@ Update with a package whitelist pattern and all-dependencies flag updates packag "package": [ { "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted-component1", "version": "1.1.0" }, - { "name": "whitelisted-component1", "version": "1.0.0" }, - { "name": "whitelisted-component2", "version": "1.1.0", "require": { "dependency": "1.*" } }, - { "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.*" } }, + { "name": "allowed-component1", "version": "1.1.0" }, + { "name": "allowed-component1", "version": "1.0.0" }, + { "name": "allowed-component2", "version": "1.1.0", "require": { "dependency": "1.*" } }, + { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.*" } }, { "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } }, @@ -23,8 +23,8 @@ Update with a package whitelist pattern and all-dependencies flag updates packag ], "require": { "fixed": "1.*", - "whitelisted-component1": "1.*", - "whitelisted-component2": "1.*", + "allowed-component1": "1.*", + "allowed-component2": "1.*", "dependency": "1.*", "unrelated": "1.*" } @@ -32,15 +32,15 @@ Update with a package whitelist pattern and all-dependencies flag updates packag --INSTALLED-- [ { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted-component1", "version": "1.0.0" }, - { "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, + { "name": "allowed-component1", "version": "1.0.0" }, + { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated-dependency", "version": "1.0.0" } ] --RUN-- -update whitelisted-* --with-all-dependencies +update allowed-* --with-all-dependencies --EXPECT-- -Updating whitelisted-component1 (1.0.0) to whitelisted-component1 (1.1.0) +Updating allowed-component1 (1.0.0) to allowed-component1 (1.1.0) Updating dependency (1.0.0) to dependency (1.1.0) -Updating whitelisted-component2 (1.0.0) to whitelisted-component2 (1.1.0) +Updating allowed-component2 (1.0.0) to allowed-component2 (1.1.0) diff --git a/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-dependencies.test b/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-dependencies.test index c685f14ce..e9e21916d 100644 --- a/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-dependencies.test +++ b/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-dependencies.test @@ -1,5 +1,5 @@ --TEST-- -Update with a package whitelist only updates those packages and their dependencies matching the pattern but no dependencies defined as roo package +Update with a package allowed list only updates those packages and their dependencies matching the pattern but no dependencies defined as roo package --COMPOSER-- { "repositories": [ @@ -8,10 +8,10 @@ Update with a package whitelist only updates those packages and their dependenci "package": [ { "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted-component1", "version": "1.1.0" }, - { "name": "whitelisted-component1", "version": "1.0.0" }, - { "name": "whitelisted-component2", "version": "1.1.0", "require": { "dependency": "1.*", "root-dependency": "1.*" } }, - { "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.*", "root-dependency": "1.*" } }, + { "name": "allowed-component1", "version": "1.1.0" }, + { "name": "allowed-component1", "version": "1.0.0" }, + { "name": "allowed-component2", "version": "1.1.0", "require": { "dependency": "1.*", "root-dependency": "1.*" } }, + { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.*", "root-dependency": "1.*" } }, { "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.0.0" }, { "name": "root-dependency", "version": "1.1.0" }, @@ -25,8 +25,8 @@ Update with a package whitelist only updates those packages and their dependenci ], "require": { "fixed": "1.*", - "whitelisted-component1": "1.*", - "whitelisted-component2": "1.*", + "allowed-component1": "1.*", + "allowed-component2": "1.*", "root-dependency": "1.*", "unrelated": "1.*" } @@ -34,16 +34,16 @@ Update with a package whitelist only updates those packages and their dependenci --INSTALLED-- [ { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted-component1", "version": "1.0.0" }, - { "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, + { "name": "allowed-component1", "version": "1.0.0" }, + { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "root-dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated-dependency", "version": "1.0.0" } ] --RUN-- -update whitelisted-* --with-dependencies +update allowed-* --with-dependencies --EXPECT-- -Updating whitelisted-component1 (1.0.0) to whitelisted-component1 (1.1.0) +Updating allowed-component1 (1.0.0) to allowed-component1 (1.1.0) Updating dependency (1.0.0) to dependency (1.1.0) -Updating whitelisted-component2 (1.0.0) to whitelisted-component2 (1.1.0) +Updating allowed-component2 (1.0.0) to allowed-component2 (1.1.0) diff --git a/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-root-dependencies.test b/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-root-dependencies.test index a24bafb91..8724b4a82 100644 --- a/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-root-dependencies.test +++ b/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-root-dependencies.test @@ -1,5 +1,5 @@ --TEST-- -Update with a package whitelist only updates those packages and their dependencies matching the pattern +Update with a package allowed list only updates those packages and their dependencies matching the pattern --COMPOSER-- { "repositories": [ @@ -8,16 +8,16 @@ Update with a package whitelist only updates those packages and their dependenci "package": [ { "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted-component1", "version": "1.1.0", "require": { "whitelisted-component2": "1.1.0" } }, - { "name": "whitelisted-component1", "version": "1.0.0", "require": { "whitelisted-component2": "1.0.0" } }, - { "name": "whitelisted-component2", "version": "1.1.0", "require": { "dependency": "1.1.0", "whitelisted-component5": "1.0.0" } }, - { "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, - { "name": "whitelisted-component3", "version": "1.1.0", "require": { "whitelisted-component4": "1.1.0" } }, - { "name": "whitelisted-component3", "version": "1.0.0", "require": { "whitelisted-component4": "1.0.0" } }, - { "name": "whitelisted-component4", "version": "1.1.0" }, - { "name": "whitelisted-component4", "version": "1.0.0" }, - { "name": "whitelisted-component5", "version": "1.1.0" }, - { "name": "whitelisted-component5", "version": "1.0.0" }, + { "name": "allowed-component1", "version": "1.1.0", "require": { "allowed-component2": "1.1.0" } }, + { "name": "allowed-component1", "version": "1.0.0", "require": { "allowed-component2": "1.0.0" } }, + { "name": "allowed-component2", "version": "1.1.0", "require": { "dependency": "1.1.0", "allowed-component5": "1.0.0" } }, + { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, + { "name": "allowed-component3", "version": "1.1.0", "require": { "allowed-component4": "1.1.0" } }, + { "name": "allowed-component3", "version": "1.0.0", "require": { "allowed-component4": "1.0.0" } }, + { "name": "allowed-component4", "version": "1.1.0" }, + { "name": "allowed-component4", "version": "1.0.0" }, + { "name": "allowed-component5", "version": "1.1.0" }, + { "name": "allowed-component5", "version": "1.0.0" }, { "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } }, @@ -29,27 +29,27 @@ Update with a package whitelist only updates those packages and their dependenci ], "require": { "fixed": "1.*", - "whitelisted-component1": "1.*", - "whitelisted-component2": "1.*", - "whitelisted-component3": "1.0.0", + "allowed-component1": "1.*", + "allowed-component2": "1.*", + "allowed-component3": "1.0.0", "unrelated": "1.*" } } --INSTALLED-- [ { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted-component1", "version": "1.0.0", "require": { "whitelisted-component2": "1.0.0" } }, - { "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, - { "name": "whitelisted-component3", "version": "1.0.0", "require": { "whitelisted-component4": "1.0.0" } }, - { "name": "whitelisted-component4", "version": "1.0.0" }, - { "name": "whitelisted-component5", "version": "1.0.0" }, + { "name": "allowed-component1", "version": "1.0.0", "require": { "allowed-component2": "1.0.0" } }, + { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, + { "name": "allowed-component3", "version": "1.0.0", "require": { "allowed-component4": "1.0.0" } }, + { "name": "allowed-component4", "version": "1.0.0" }, + { "name": "allowed-component5", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated-dependency", "version": "1.0.0" } ] --RUN-- -update whitelisted-* --with-dependencies +update allowed-* --with-dependencies --EXPECT-- Updating dependency (1.0.0) to dependency (1.1.0) -Updating whitelisted-component2 (1.0.0) to whitelisted-component2 (1.1.0) -Updating whitelisted-component1 (1.0.0) to whitelisted-component1 (1.1.0) +Updating allowed-component2 (1.0.0) to allowed-component2 (1.1.0) +Updating allowed-component1 (1.0.0) to allowed-component1 (1.1.0) diff --git a/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-without-dependencies.test b/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-without-dependencies.test index e5551b43f..0dff8264a 100644 --- a/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-without-dependencies.test +++ b/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-without-dependencies.test @@ -1,5 +1,5 @@ --TEST-- -Update with a package whitelist only updates those packages matching the pattern +Update with a package allowed list only updates those packages matching the pattern --COMPOSER-- { "repositories": [ @@ -8,10 +8,10 @@ Update with a package whitelist only updates those packages matching the pattern "package": [ { "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted-component1", "version": "1.1.0" }, - { "name": "whitelisted-component1", "version": "1.0.0" }, - { "name": "whitelisted-component2", "version": "1.1.0", "require": { "dependency": "1.*" } }, - { "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.*" } }, + { "name": "allowed-component1", "version": "1.1.0" }, + { "name": "allowed-component1", "version": "1.0.0" }, + { "name": "allowed-component2", "version": "1.1.0", "require": { "dependency": "1.*" } }, + { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.*" } }, { "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } }, @@ -23,22 +23,22 @@ Update with a package whitelist only updates those packages matching the pattern ], "require": { "fixed": "1.*", - "whitelisted-component1": "1.*", - "whitelisted-component2": "1.*", + "allowed-component1": "1.*", + "allowed-component2": "1.*", "unrelated": "1.*" } } --INSTALLED-- [ { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted-component1", "version": "1.0.0" }, - { "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, + { "name": "allowed-component1", "version": "1.0.0" }, + { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated-dependency", "version": "1.0.0" } ] --RUN-- -update whitelisted-* +update allowed-* --EXPECT-- -Updating whitelisted-component1 (1.0.0) to whitelisted-component1 (1.1.0) -Updating whitelisted-component2 (1.0.0) to whitelisted-component2 (1.1.0) +Updating allowed-component1 (1.0.0) to allowed-component1 (1.1.0) +Updating allowed-component2 (1.0.0) to allowed-component2 (1.1.0) diff --git a/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns.test b/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns.test index de1fb1b73..e4344cc7d 100644 --- a/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns.test +++ b/tests/Composer/Test/Fixtures/installer/update-whitelist-patterns.test @@ -1,5 +1,5 @@ --TEST-- -Update with a package whitelist only updates those corresponding to the pattern +Update with a package allowed list only updates those corresponding to the pattern --COMPOSER-- { "repositories": [ diff --git a/tests/Composer/Test/Fixtures/installer/update-whitelist-removes-unused.test b/tests/Composer/Test/Fixtures/installer/update-whitelist-removes-unused.test index e658e8c06..87fc11b05 100644 --- a/tests/Composer/Test/Fixtures/installer/update-whitelist-removes-unused.test +++ b/tests/Composer/Test/Fixtures/installer/update-whitelist-removes-unused.test @@ -1,13 +1,13 @@ --TEST-- -Update with a package whitelist removes unused packages +Update with a package allowed list removes unused packages --COMPOSER-- { "repositories": [ { "type": "package", "package": [ - { "name": "whitelisted", "version": "1.1.0" }, - { "name": "whitelisted", "version": "1.0.0", "require": { "fixed-dependency": "1.0.0", "old-dependency": "1.0.0" } }, + { "name": "allowed", "version": "1.1.0" }, + { "name": "allowed", "version": "1.0.0", "require": { "fixed-dependency": "1.0.0", "old-dependency": "1.0.0" } }, { "name": "fixed-dependency", "version": "1.1.0" }, { "name": "fixed-dependency", "version": "1.0.0" }, { "name": "old-dependency", "version": "1.0.0" } @@ -15,18 +15,18 @@ Update with a package whitelist removes unused packages } ], "require": { - "whitelisted": "1.*", + "allowed": "1.*", "fixed-dependency": "1.*" } } --INSTALLED-- [ - { "name": "whitelisted", "version": "1.0.0", "require": { "old-dependency": "1.0.0", "fixed-dependency": "1.0.0" } }, + { "name": "allowed", "version": "1.0.0", "require": { "old-dependency": "1.0.0", "fixed-dependency": "1.0.0" } }, { "name": "fixed-dependency", "version": "1.0.0" }, { "name": "old-dependency", "version": "1.0.0" } ] --RUN-- -update --with-dependencies whitelisted +update --with-dependencies allowed --EXPECT-- Uninstalling old-dependency (1.0.0) -Updating whitelisted (1.0.0) to whitelisted (1.1.0) +Updating allowed (1.0.0) to allowed (1.1.0) diff --git a/tests/Composer/Test/Fixtures/installer/update-whitelist-with-dependencies.test b/tests/Composer/Test/Fixtures/installer/update-whitelist-with-dependencies.test index bb2e04193..2c0e7b9bf 100644 --- a/tests/Composer/Test/Fixtures/installer/update-whitelist-with-dependencies.test +++ b/tests/Composer/Test/Fixtures/installer/update-whitelist-with-dependencies.test @@ -1,5 +1,5 @@ --TEST-- -Update with a package whitelist only updates those packages and their dependencies listed as command arguments +Update with a package allowed list only updates those packages and their dependencies listed as command arguments --COMPOSER-- { "repositories": [ @@ -8,8 +8,8 @@ Update with a package whitelist only updates those packages and their dependenci "package": [ { "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted", "version": "1.1.0", "require": { "dependency": "1.1.0" } }, - { "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, + { "name": "allowed", "version": "1.1.0", "require": { "dependency": "1.1.0" } }, + { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } }, @@ -21,20 +21,20 @@ Update with a package whitelist only updates those packages and their dependenci ], "require": { "fixed": "1.*", - "whitelisted": "1.*", + "allowed": "1.*", "unrelated": "1.*" } } --INSTALLED-- [ { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, + { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated-dependency", "version": "1.0.0" } ] --RUN-- -update whitelisted --with-dependencies +update allowed --with-dependencies --EXPECT-- Updating dependency (1.0.0) to dependency (1.1.0) -Updating whitelisted (1.0.0) to whitelisted (1.1.0) +Updating allowed (1.0.0) to allowed (1.1.0) diff --git a/tests/Composer/Test/Fixtures/installer/update-whitelist-with-dependency-conflict.test b/tests/Composer/Test/Fixtures/installer/update-whitelist-with-dependency-conflict.test index f63229fbc..81c667463 100644 --- a/tests/Composer/Test/Fixtures/installer/update-whitelist-with-dependency-conflict.test +++ b/tests/Composer/Test/Fixtures/installer/update-whitelist-with-dependency-conflict.test @@ -1,5 +1,5 @@ --TEST-- -Update with a package whitelist only updates whitelisted packages if no dependency conflicts +Update with a package allowed list only updates allowed packages if no dependency conflicts --COMPOSER-- { "repositories": [ @@ -8,8 +8,8 @@ Update with a package whitelist only updates whitelisted packages if no dependen "package": [ { "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted", "version": "1.1.0", "require": { "dependency": "1.1.0" } }, - { "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, + { "name": "allowed", "version": "1.1.0", "require": { "dependency": "1.1.0" } }, + { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } }, @@ -21,18 +21,18 @@ Update with a package whitelist only updates whitelisted packages if no dependen ], "require": { "fixed": "1.*", - "whitelisted": "1.*", + "allowed": "1.*", "unrelated": "1.*" } } --INSTALLED-- [ { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, + { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated-dependency", "version": "1.0.0" } ] --RUN-- -update whitelisted +update allowed --EXPECT-- diff --git a/tests/Composer/Test/Fixtures/installer/update-whitelist.test b/tests/Composer/Test/Fixtures/installer/update-whitelist.test index 751d79e70..9cc43dba3 100644 --- a/tests/Composer/Test/Fixtures/installer/update-whitelist.test +++ b/tests/Composer/Test/Fixtures/installer/update-whitelist.test @@ -1,5 +1,5 @@ --TEST-- -Update with a package whitelist only updates those packages listed as command arguments +Update with a package allowed list only updates those packages listed as command arguments --COMPOSER-- { "repositories": [ @@ -8,8 +8,8 @@ Update with a package whitelist only updates those packages listed as command ar "package": [ { "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted", "version": "1.1.0", "require": { "dependency": "1.*" } }, - { "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.*" } }, + { "name": "allowed", "version": "1.1.0", "require": { "dependency": "1.*" } }, + { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.*" } }, { "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } }, @@ -21,19 +21,19 @@ Update with a package whitelist only updates those packages listed as command ar ], "require": { "fixed": "1.*", - "whitelisted": "1.*", + "allowed": "1.*", "unrelated": "1.*" } } --INSTALLED-- [ { "name": "fixed", "version": "1.0.0" }, - { "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.*" } }, + { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.*" } }, { "name": "dependency", "version": "1.0.0" }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated-dependency", "version": "1.0.0" } ] --RUN-- -update whitelisted +update allowed --EXPECT-- -Updating whitelisted (1.0.0) to whitelisted (1.1.0) +Updating allowed (1.0.0) to allowed (1.1.0) diff --git a/tests/Composer/Test/Fixtures/installer/update-with-all-dependencies.test b/tests/Composer/Test/Fixtures/installer/update-with-all-dependencies.test index c0019e6ca..12d507a7a 100644 --- a/tests/Composer/Test/Fixtures/installer/update-with-all-dependencies.test +++ b/tests/Composer/Test/Fixtures/installer/update-with-all-dependencies.test @@ -2,7 +2,7 @@ See Github issue #6661 ( github.com/composer/composer/issues/6661 ). -When `--with-all-dependencies` is used, Composer\Installer::whitelistUpdateDependencies should update the dependencies of all whitelisted packages, even if the dependency is a root requirement. +When `--with-all-dependencies` is used, Composer\Installer::allowListUpdateDependencies should update the dependencies of all allowed packages, even if the dependency is a root requirement. --COMPOSER-- { diff --git a/tests/Composer/Test/InstallerTest.php b/tests/Composer/Test/InstallerTest.php index 067baf17a..90f295d1d 100644 --- a/tests/Composer/Test/InstallerTest.php +++ b/tests/Composer/Test/InstallerTest.php @@ -230,9 +230,9 @@ class InstallerTest extends TestCase ->setDevMode(!$input->getOption('no-dev')) ->setUpdate(true) ->setDryRun($input->getOption('dry-run')) - ->setUpdateWhitelist($input->getArgument('packages')) - ->setWhitelistTransitiveDependencies($input->getOption('with-dependencies')) - ->setWhitelistAllDependencies($input->getOption('with-all-dependencies')) + ->setUpdateAllowList($input->getArgument('packages')) + ->setAllowListTransitiveDependencies($input->getOption('with-dependencies')) + ->setAllowListAllDependencies($input->getOption('with-all-dependencies')) ->setPreferStable($input->getOption('prefer-stable')) ->setPreferLowest($input->getOption('prefer-lowest')) ->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs')); From 491067f253f60b5f9c137236b3fbe36476c2a9e5 Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Sun, 7 Jun 2020 22:31:24 +0100 Subject: [PATCH 2/3] Fixed wording --- doc/01-basic-usage.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/01-basic-usage.md b/doc/01-basic-usage.md index ac8086491..e6b1e6772 100644 --- a/doc/01-basic-usage.md +++ b/doc/01-basic-usage.md @@ -159,7 +159,7 @@ php composer.phar update > if the `composer.lock` has not been updated since changes were made to the > `composer.json` that might affect dependency resolution. -If you only want to install or update one dependency, you can allow list them: +If you only want to install or update one dependency, you can allow them: ```sh php composer.phar update monolog/monolog [...] From a97d13fc6db7a4eecb69aa41231d3eafc799ea20 Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Mon, 8 Jun 2020 09:33:40 +0100 Subject: [PATCH 3/3] Fixed typo Co-authored-by: ZhangWei --- src/Composer/Command/RequireCommand.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Composer/Command/RequireCommand.php b/src/Composer/Command/RequireCommand.php index 45bd315fe..039250766 100644 --- a/src/Composer/Command/RequireCommand.php +++ b/src/Composer/Command/RequireCommand.php @@ -237,7 +237,7 @@ EOT ->setClassMapAuthoritative($authoritative) ->setApcuAutoloader($apcu) ->setUpdate(true) - ->setUpdatAllowList(array_keys($requirements)) + ->setUpdateAllowList(array_keys($requirements)) ->setAllowListTransitiveDependencies($input->getOption('update-with-dependencies')) ->setAllowListAllDependencies($input->getOption('update-with-all-dependencies')) ->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs'))