Switch default audit.abandoned to fail for 2.7 release
parent
8f190fc090
commit
e0f75276a2
|
@ -56,12 +56,8 @@ class Auditor
|
||||||
* @return int Amount of packages with vulnerabilities found
|
* @return int Amount of packages with vulnerabilities found
|
||||||
* @throws InvalidArgumentException If no packages are passed in
|
* @throws InvalidArgumentException If no packages are passed in
|
||||||
*/
|
*/
|
||||||
public function audit(IOInterface $io, RepositorySet $repoSet, array $packages, string $format, bool $warningOnly = true, array $ignoreList = [], string $abandoned = self::ABANDONED_REPORT): int
|
public function audit(IOInterface $io, RepositorySet $repoSet, array $packages, string $format, bool $warningOnly = true, array $ignoreList = [], string $abandoned = self::ABANDONED_FAIL): int
|
||||||
{
|
{
|
||||||
if ($abandoned === 'default' && $format !== self::FORMAT_SUMMARY) {
|
|
||||||
$io->writeError('<warning>The new audit.abandoned setting (currently defaulting to "report" will default to "fail" in Composer 2.7, make sure to set it to "report" or "ignore" explicitly by then if you do not want this.</warning>');
|
|
||||||
}
|
|
||||||
|
|
||||||
$allAdvisories = $repoSet->getMatchingSecurityAdvisories($packages, $format === self::FORMAT_SUMMARY);
|
$allAdvisories = $repoSet->getMatchingSecurityAdvisories($packages, $format === self::FORMAT_SUMMARY);
|
||||||
// we need the CVE & remote IDs set to filter ignores correctly so if we have any matches using the optimized codepath above
|
// we need the CVE & remote IDs set to filter ignores correctly so if we have any matches using the optimized codepath above
|
||||||
// and ignores are set then we need to query again the full data to make sure it can be filtered
|
// and ignores are set then we need to query again the full data to make sure it can be filtered
|
||||||
|
|
|
@ -65,7 +65,7 @@ EOT
|
||||||
|
|
||||||
$auditConfig = $composer->getConfig()->get('audit');
|
$auditConfig = $composer->getConfig()->get('audit');
|
||||||
|
|
||||||
return min(255, $auditor->audit($this->getIO(), $repoSet, $packages, $this->getAuditFormat($input, 'format'), false, $auditConfig['ignore'] ?? [], $auditConfig['abandoned'] ?? Auditor::ABANDONED_REPORT));
|
return min(255, $auditor->audit($this->getIO(), $repoSet, $packages, $this->getAuditFormat($input, 'format'), false, $auditConfig['ignore'] ?? [], $auditConfig['abandoned'] ?? Auditor::ABANDONED_FAIL));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -38,7 +38,7 @@ class Config
|
||||||
'allow-plugins' => [],
|
'allow-plugins' => [],
|
||||||
'use-parent-dir' => 'prompt',
|
'use-parent-dir' => 'prompt',
|
||||||
'preferred-install' => 'dist',
|
'preferred-install' => 'dist',
|
||||||
'audit' => ['ignore' => [], 'abandoned' => 'default'], // TODO in 2.7 switch to ABANDONED_FAIL
|
'audit' => ['ignore' => [], 'abandoned' => Auditor::ABANDONED_FAIL],
|
||||||
'notify-on-install' => true,
|
'notify-on-install' => true,
|
||||||
'github-protocols' => ['https', 'ssh', 'git'],
|
'github-protocols' => ['https', 'ssh', 'git'],
|
||||||
'gitlab-protocol' => null,
|
'gitlab-protocol' => null,
|
||||||
|
|
|
@ -419,7 +419,7 @@ class Installer
|
||||||
|
|
||||||
$auditConfig = $this->config->get('audit');
|
$auditConfig = $this->config->get('audit');
|
||||||
|
|
||||||
return $auditor->audit($this->io, $repoSet, $packages, $this->auditFormat, true, $auditConfig['ignore'] ?? [], $auditConfig['abandoned'] ?? Auditor::ABANDONED_REPORT) > 0 && $this->errorOnAudit ? self::ERROR_AUDIT_FAILED : 0;
|
return $auditor->audit($this->io, $repoSet, $packages, $this->auditFormat, true, $auditConfig['ignore'] ?? [], $auditConfig['abandoned'] ?? Auditor::ABANDONED_FAIL) > 0 && $this->errorOnAudit ? self::ERROR_AUDIT_FAILED : 0;
|
||||||
} catch (TransportException $e) {
|
} catch (TransportException $e) {
|
||||||
$this->io->error('Failed to audit '.$target.' packages.');
|
$this->io->error('Failed to audit '.$target.' packages.');
|
||||||
if ($this->io->isVerbose()) {
|
if ($this->io->isVerbose()) {
|
||||||
|
|
Loading…
Reference in New Issue