public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Replace whitelist with allow list

pull/8957/head
Graham Campbell 2020-06-07 22:15:09 +01:00
parent 6630519882
commit fa799970ad
33 changed files with 269 additions and 195 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/01-basic-usage.md
View File

@ -159,7 +159,7 @@ php composer.phar update
> if the `composer.lock` has not been updated since changes were made to the > if the `composer.lock` has not been updated since changes were made to the
> `composer.json` that might affect dependency resolution. > `composer.json` that might affect dependency resolution.
If you only want to install or update one dependency, you can whitelist them: If you only want to install or update one dependency, you can allow list them:
```sh ```sh
php composer.phar update monolog/monolog [...] php composer.phar update monolog/monolog [...]

4
doc/03-cli.md
View File

@ -157,8 +157,8 @@ php composer.phar update "vendor/*"
* **--no-progress:** Removes the progress display that can mess with some * **--no-progress:** Removes the progress display that can mess with some
terminals or scripts which don't handle backspace characters. terminals or scripts which don't handle backspace characters.
* **--no-suggest:** Skips suggested packages in the output. * **--no-suggest:** Skips suggested packages in the output.
* **--with-dependencies:** Add also dependencies of whitelisted packages to the whitelist, except those that are root requirements. * **--with-dependencies:** Add also dependencies of allowed packages to the allow list, except those that are root requirements.
* **--with-all-dependencies:** Add also all dependencies of whitelisted packages to the whitelist, including those that are root requirements. * **--with-all-dependencies:** Add also all dependencies of allowed packages to the allow list, including those that are root requirements.
* **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to get a faster * **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to get a faster
autoloader. This is recommended especially for production, but can take autoloader. This is recommended especially for production, but can take
a bit of time to run so it is currently not done by default. a bit of time to run so it is currently not done by default.

22
src/Composer/Autoload/AutoloadGenerator.php
View File

@ -229,16 +229,16 @@ EOF;
EOF; EOF;
} }
$blacklist = null; $excluded = null;
if (!empty($autoloads['exclude-from-classmap'])) { if (!empty($autoloads['exclude-from-classmap'])) {
$blacklist = '{(' . implode('|', $autoloads['exclude-from-classmap']) . ')}'; $excluded = '{(' . implode('|', $autoloads['exclude-from-classmap']) . ')}';
} }
$classMap = array(); $classMap = array();
$ambiguousClasses = array(); $ambiguousClasses = array();
$scannedFiles = array(); $scannedFiles = array();
foreach ($autoloads['classmap'] as $dir) { foreach ($autoloads['classmap'] as $dir) {
$classMap = $this->addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $blacklist, null, null, $classMap, $ambiguousClasses, $scannedFiles); $classMap = $this->addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $excluded, null, null, $classMap, $ambiguousClasses, $scannedFiles);
} }
if ($scanPsrPackages) { if ($scanPsrPackages) {
@ -261,7 +261,7 @@ EOF;
continue; continue;
} }
$classMap = $this->addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $blacklist, $namespace, $group['type'], $classMap, $ambiguousClasses, $scannedFiles); $classMap = $this->addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $excluded, $namespace, $group['type'], $classMap, $ambiguousClasses, $scannedFiles);
} }
} }
} }
@ -336,9 +336,9 @@ EOF;
return 0; return 0;
} }
private function addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $blacklist, $namespaceFilter, $autoloadType, array $classMap, array &$ambiguousClasses, array &$scannedFiles) private function addClassMapCode($filesystem, $basePath, $vendorPath, $dir, $excluded, $namespaceFilter, $autoloadType, array $classMap, array &$ambiguousClasses, array &$scannedFiles)
{ {
foreach ($this->generateClassMap($dir, $blacklist, $namespaceFilter, $autoloadType, true, $scannedFiles) as $class => $path) { foreach ($this->generateClassMap($dir, $excluded, $namespaceFilter, $autoloadType, true, $scannedFiles) as $class => $path) {
$pathCode = $this->getPathCode($filesystem, $basePath, $vendorPath, $path).",\n"; $pathCode = $this->getPathCode($filesystem, $basePath, $vendorPath, $path).",\n";
if (!isset($classMap[$class])) { if (!isset($classMap[$class])) {
$classMap[$class] = $pathCode; $classMap[$class] = $pathCode;
@ -350,9 +350,9 @@ EOF;
return $classMap; return $classMap;
} }
private function generateClassMap($dir, $blacklist, $namespaceFilter, $autoloadType, $showAmbiguousWarning, array &$scannedFiles) private function generateClassMap($dir, $excluded, $namespaceFilter, $autoloadType, $showAmbiguousWarning, array &$scannedFiles)
{ {
return ClassMapGenerator::createMap($dir, $blacklist, $showAmbiguousWarning ? $this->io : null, $namespaceFilter, $autoloadType, $scannedFiles); return ClassMapGenerator::createMap($dir, $excluded, $showAmbiguousWarning ? $this->io : null, $namespaceFilter, $autoloadType, $scannedFiles);
} }
public function buildPackageMap(InstallationManager $installationManager, PackageInterface $mainPackage, array $packages) public function buildPackageMap(InstallationManager $installationManager, PackageInterface $mainPackage, array $packages)
@ -456,15 +456,15 @@ EOF;
} }
if (isset($autoloads['classmap'])) { if (isset($autoloads['classmap'])) {
$blacklist = null; $excluded = null;
if (!empty($autoloads['exclude-from-classmap'])) { if (!empty($autoloads['exclude-from-classmap'])) {
$blacklist = '{(' . implode('|', $autoloads['exclude-from-classmap']) . ')}'; $excluded = '{(' . implode('|', $autoloads['exclude-from-classmap']) . ')}';
} }
$scannedFiles = array(); $scannedFiles = array();
foreach ($autoloads['classmap'] as $dir) { foreach ($autoloads['classmap'] as $dir) {
try { try {
$loader->addClassMap($this->generateClassMap($dir, $blacklist, null, null, false, $scannedFiles)); $loader->addClassMap($this->generateClassMap($dir, $excluded, null, null, false, $scannedFiles));
} catch (\RuntimeException $e) { } catch (\RuntimeException $e) {
$this->io->writeError('<warning>'.$e->getMessage().'</warning>'); $this->io->writeError('<warning>'.$e->getMessage().'</warning>');
} }

10
src/Composer/Autoload/ClassMapGenerator.php
View File

@ -51,7 +51,7 @@ class ClassMapGenerator
* Iterate over all files in the given directory searching for classes * Iterate over all files in the given directory searching for classes
* *
* @param \Iterator|string $path The path to search in or an iterator * @param \Iterator|string $path The path to search in or an iterator
* @param string $blacklist Regex that matches against the file path that exclude from the classmap. * @param string $excluded Regex that matches against the file path that exclude from the classmap.
* @param IOInterface $io IO object * @param IOInterface $io IO object
* @param string $namespace Optional namespace prefix to filter by * @param string $namespace Optional namespace prefix to filter by
* @param string $autoloadType psr-0|psr-4 Optional autoload standard to use mapping rules * @param string $autoloadType psr-0|psr-4 Optional autoload standard to use mapping rules
@ -59,7 +59,7 @@ class ClassMapGenerator
* @throws \RuntimeException When the path is neither an existing file nor directory * @throws \RuntimeException When the path is neither an existing file nor directory
* @return array A class map array * @return array A class map array
*/ */
public static function createMap($path, $blacklist = null, IOInterface $io = null, $namespace = null, $autoloadType = null, &$scannedFiles = array()) public static function createMap($path, $excluded = null, IOInterface $io = null, $namespace = null, $autoloadType = null, &$scannedFiles = array())
{ {
if (is_string($path)) { if (is_string($path)) {
$basePath = $path; $basePath = $path;
@ -102,12 +102,12 @@ class ClassMapGenerator
continue; continue;
} }
// check the realpath of the file against the blacklist as the path might be a symlink and the blacklist is realpath'd so symlink are resolved // check the realpath of the file against the excluded paths as the path might be a symlink and the excluded path is realpath'd so symlink are resolved
if ($blacklist && preg_match($blacklist, strtr($realPath, '\\', '/'))) { if ($excluded && preg_match($excluded, strtr($realPath, '\\', '/'))) {
continue; continue;
} }
// check non-realpath of file for directories symlink in project dir // check non-realpath of file for directories symlink in project dir
if ($blacklist && preg_match($blacklist, strtr($filePath, '\\', '/'))) { if ($excluded && preg_match($excluded, strtr($filePath, '\\', '/'))) {
continue; continue;
} }

22
src/Composer/Cache.php
View File

@ -28,20 +28,20 @@ class Cache
private $io; private $io;
private $root; private $root;
private $enabled = true; private $enabled = true;
private $whitelist; private $allowList;
private $filesystem; private $filesystem;
/** /**
* @param IOInterface $io * @param IOInterface $io
* @param string $cacheDir location of the cache * @param string $cacheDir location of the cache
* @param string $whitelist List of characters that are allowed in path names (used in a regex character class) * @param string $allowList List of characters that are allowed in path names (used in a regex character class)
* @param Filesystem $filesystem optional filesystem instance * @param Filesystem $filesystem optional filesystem instance
*/ */
public function __construct(IOInterface $io, $cacheDir, $whitelist = 'a-z0-9.', Filesystem $filesystem = null) public function __construct(IOInterface $io, $cacheDir, $allowList = 'a-z0-9.', Filesystem $filesystem = null)
{ {
$this->io = $io; $this->io = $io;
$this->root = rtrim($cacheDir, '/\\') . '/'; $this->root = rtrim($cacheDir, '/\\') . '/';
$this->whitelist = $whitelist; $this->allowList = $allowList;
$this->filesystem = $filesystem ?: new Filesystem(); $this->filesystem = $filesystem ?: new Filesystem();
if (!self::isUsable($cacheDir)) { if (!self::isUsable($cacheDir)) {
@ -77,7 +77,7 @@ class Cache
public function read($file) public function read($file)
{ {
if ($this->enabled) { if ($this->enabled) {
$file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file);
if (file_exists($this->root . $file)) { if (file_exists($this->root . $file)) {
$this->io->writeError('Reading '.$this->root . $file.' from cache', true, IOInterface::DEBUG); $this->io->writeError('Reading '.$this->root . $file.' from cache', true, IOInterface::DEBUG);
@ -91,7 +91,7 @@ class Cache
public function write($file, $contents) public function write($file, $contents)
{ {
if ($this->enabled) { if ($this->enabled) {
$file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file);
$this->io->writeError('Writing '.$this->root . $file.' into cache', true, IOInterface::DEBUG); $this->io->writeError('Writing '.$this->root . $file.' into cache', true, IOInterface::DEBUG);
@ -129,7 +129,7 @@ class Cache
public function copyFrom($file, $source) public function copyFrom($file, $source)
{ {
if ($this->enabled) { if ($this->enabled) {
$file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file);
$this->filesystem->ensureDirectoryExists(dirname($this->root . $file)); $this->filesystem->ensureDirectoryExists(dirname($this->root . $file));
if (!file_exists($source)) { if (!file_exists($source)) {
@ -150,7 +150,7 @@ class Cache
public function copyTo($file, $target) public function copyTo($file, $target)
{ {
if ($this->enabled) { if ($this->enabled) {
$file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file);
if (file_exists($this->root . $file)) { if (file_exists($this->root . $file)) {
try { try {
touch($this->root . $file, filemtime($this->root . $file), time()); touch($this->root . $file, filemtime($this->root . $file), time());
@ -177,7 +177,7 @@ class Cache
public function remove($file) public function remove($file)
{ {
if ($this->enabled) { if ($this->enabled) {
$file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file);
if (file_exists($this->root . $file)) { if (file_exists($this->root . $file)) {
return $this->filesystem->unlink($this->root . $file); return $this->filesystem->unlink($this->root . $file);
} }
@ -229,7 +229,7 @@ class Cache
public function sha1($file) public function sha1($file)
{ {
if ($this->enabled) { if ($this->enabled) {
$file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file);
if (file_exists($this->root . $file)) { if (file_exists($this->root . $file)) {
return sha1_file($this->root . $file); return sha1_file($this->root . $file);
} }
@ -241,7 +241,7 @@ class Cache
public function sha256($file) public function sha256($file)
{ {
if ($this->enabled) { if ($this->enabled) {
$file = preg_replace('{[^'.$this->whitelist.']}i', '-', $file); $file = preg_replace('{[^'.$this->allowList.']}i', '-', $file);
if (file_exists($this->root . $file)) { if (file_exists($this->root . $file)) {
return hash_file('sha256', $this->root . $file); return hash_file('sha256', $this->root . $file);
} }

4
src/Composer/Command/InitCommand.php
View File

@ -86,8 +86,8 @@ EOT
{ {
$io = $this->getIO(); $io = $this->getIO();
$whitelist = array('name', 'description', 'author', 'type', 'homepage', 'require', 'require-dev', 'stability', 'license'); $allowList = array('name', 'description', 'author', 'type', 'homepage', 'require', 'require-dev', 'stability', 'license');
$options = array_filter(array_intersect_key($input->getOptions(), array_flip($whitelist))); $options = array_filter(array_intersect_key($input->getOptions(), array_flip($allowList)));
if (isset($options['author'])) { if (isset($options['author'])) {
$options['authors'] = $this->formatAuthors($options['author']); $options['authors'] = $this->formatAuthors($options['author']);

4
src/Composer/Command/RemoveCommand.php
View File

@ -146,8 +146,8 @@ EOT
->setClassMapAuthoritative($authoritative) ->setClassMapAuthoritative($authoritative)
->setApcuAutoloader($apcu) ->setApcuAutoloader($apcu)
->setUpdate(true) ->setUpdate(true)
->setUpdateWhitelist($packages) ->setUpdateAllowList($packages)
->setWhitelistTransitiveDependencies(!$input->getOption('no-update-with-dependencies')) ->setAllowListTransitiveDependencies(!$input->getOption('no-update-with-dependencies'))
->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs')) ->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs'))
->setRunScripts(!$input->getOption('no-scripts')) ->setRunScripts(!$input->getOption('no-scripts'))
; ;

6
src/Composer/Command/RequireCommand.php
View File

@ -237,9 +237,9 @@ EOT
->setClassMapAuthoritative($authoritative) ->setClassMapAuthoritative($authoritative)
->setApcuAutoloader($apcu) ->setApcuAutoloader($apcu)
->setUpdate(true) ->setUpdate(true)
->setUpdateWhitelist(array_keys($requirements)) ->setUpdatAllowList(array_keys($requirements))
->setWhitelistTransitiveDependencies($input->getOption('update-with-dependencies')) ->setAllowListTransitiveDependencies($input->getOption('update-with-dependencies'))
->setWhitelistAllDependencies($input->getOption('update-with-all-dependencies')) ->setAllowListAllDependencies($input->getOption('update-with-all-dependencies'))
->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs')) ->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs'))
->setPreferStable($input->getOption('prefer-stable')) ->setPreferStable($input->getOption('prefer-stable'))
->setPreferLowest($input->getOption('prefer-lowest')) ->setPreferLowest($input->getOption('prefer-lowest'))

10
src/Composer/Command/UpdateCommand.php
View File

@ -49,8 +49,8 @@ class UpdateCommand extends BaseCommand
new InputOption('no-scripts', null, InputOption::VALUE_NONE, 'Skips the execution of all scripts defined in composer.json file.'), new InputOption('no-scripts', null, InputOption::VALUE_NONE, 'Skips the execution of all scripts defined in composer.json file.'),
new InputOption('no-progress', null, InputOption::VALUE_NONE, 'Do not output download progress.'), new InputOption('no-progress', null, InputOption::VALUE_NONE, 'Do not output download progress.'),
new InputOption('no-suggest', null, InputOption::VALUE_NONE, 'Do not show package suggestions.'), new InputOption('no-suggest', null, InputOption::VALUE_NONE, 'Do not show package suggestions.'),
new InputOption('with-dependencies', null, InputOption::VALUE_NONE, 'Add also dependencies of whitelisted packages to the whitelist, except those defined in root package.'), new InputOption('with-dependencies', null, InputOption::VALUE_NONE, 'Add also dependencies of allowed packages to the allow list, except those defined in root package.'),
new InputOption('with-all-dependencies', null, InputOption::VALUE_NONE, 'Add also all dependencies of whitelisted packages to the whitelist, including those defined in root package.'), new InputOption('with-all-dependencies', null, InputOption::VALUE_NONE, 'Add also all dependencies of allowed packages to the allow list, including those defined in root package.'),
new InputOption('verbose', 'v|vv|vvv', InputOption::VALUE_NONE, 'Shows more details including new commits pulled in when updating packages.'), new InputOption('verbose', 'v|vv|vvv', InputOption::VALUE_NONE, 'Shows more details including new commits pulled in when updating packages.'),
new InputOption('optimize-autoloader', 'o', InputOption::VALUE_NONE, 'Optimize autoloader during autoloader dump.'), new InputOption('optimize-autoloader', 'o', InputOption::VALUE_NONE, 'Optimize autoloader during autoloader dump.'),
new InputOption('classmap-authoritative', 'a', InputOption::VALUE_NONE, 'Autoload classes from the classmap only. Implicitly enables `--optimize-autoloader`.'), new InputOption('classmap-authoritative', 'a', InputOption::VALUE_NONE, 'Autoload classes from the classmap only. Implicitly enables `--optimize-autoloader`.'),
@ -148,9 +148,9 @@ EOT
->setClassMapAuthoritative($authoritative) ->setClassMapAuthoritative($authoritative)
->setApcuAutoloader($apcu) ->setApcuAutoloader($apcu)
->setUpdate(true) ->setUpdate(true)
->setUpdateWhitelist($input->getOption('lock') ? array('lock') : $packages) ->setUpdateAllowList($input->getOption('lock') ? array('lock') : $packages)
->setWhitelistTransitiveDependencies($input->getOption('with-dependencies')) ->setAllowListTransitiveDependencies($input->getOption('with-dependencies'))
->setWhitelistAllDependencies($input->getOption('with-all-dependencies')) ->setAllowListAllDependencies($input->getOption('with-all-dependencies'))
->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs')) ->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs'))
->setPreferStable($input->getOption('prefer-stable')) ->setPreferStable($input->getOption('prefer-stable'))
->setPreferLowest($input->getOption('prefer-lowest')) ->setPreferLowest($input->getOption('prefer-lowest'))

11
src/Composer/DependencyResolver/Pool.php
View File

@ -50,7 +50,7 @@ class Pool implements \Countable
protected $versionParser; protected $versionParser;
protected $providerCache = array(); protected $providerCache = array();
protected $filterRequires; protected $filterRequires;
protected $whitelist = null; protected $whitelist = null; // TODO 2.0 rename to allowList
protected $id = 1; protected $id = 1;
public function __construct($minimumStability = 'stable', array $stabilityFlags = array(), array $filterRequires = array()) public function __construct($minimumStability = 'stable', array $stabilityFlags = array(), array $filterRequires = array())
@ -71,6 +71,15 @@ class Pool implements \Countable
} }
} }
public function setAllowList($allowList)
{
// call original method for BC
$this->setWhitelist($allowList);
}
/**
* @deprecated use setAllowList instead
*/
public function setWhitelist($whitelist) public function setWhitelist($whitelist)
{ {
$this->whitelist = $whitelist; $this->whitelist = $whitelist;

34
src/Composer/DependencyResolver/RuleSetGenerator.php
View File

@ -26,7 +26,7 @@ class RuleSetGenerator
protected $rules; protected $rules;
protected $jobs; protected $jobs;
protected $installedMap; protected $installedMap;
protected $whitelistedMap; protected $allowListedMap;
protected $addedMap; protected $addedMap;
protected $conflictAddedMap; protected $conflictAddedMap;
protected $addedPackages; protected $addedPackages;
@ -147,6 +147,15 @@ class RuleSetGenerator
$this->rules->add($newRule, $type); $this->rules->add($newRule, $type);
} }
protected function allowListFromPackage(PackageInterface $package)
{
// call original method for BC
$this->whitelistFromPackage($package);
}
/**
* @deprecated use whitelistFromPackage instead
*/
protected function whitelistFromPackage(PackageInterface $package) protected function whitelistFromPackage(PackageInterface $package)
{ {
$workQueue = new \SplQueue; $workQueue = new \SplQueue;
@ -154,11 +163,11 @@ class RuleSetGenerator
while (!$workQueue->isEmpty()) { while (!$workQueue->isEmpty()) {
$package = $workQueue->dequeue(); $package = $workQueue->dequeue();
if (isset($this->whitelistedMap[$package->id])) { if (isset($this->allowListedMap[$package->id])) {
continue; continue;
} }
$this->whitelistedMap[$package->id] = true; $this->allowListedMap[$package->id] = true;
foreach ($package->getRequires() as $link) { foreach ($package->getRequires() as $link) {
$possibleRequires = $this->pool->whatProvides($link->getTarget(), $link->getConstraint(), true); $possibleRequires = $this->pool->whatProvides($link->getTarget(), $link->getConstraint(), true);
@ -294,6 +303,15 @@ class RuleSetGenerator
return $impossible; return $impossible;
} }
protected function allowListFromJobs()
{
// call original method for BC
$this->whitelistFromJobs();
}
/**
* @deprecated use allowListFromJobs instead
*/
protected function whitelistFromJobs() protected function whitelistFromJobs()
{ {
foreach ($this->jobs as $job) { foreach ($this->jobs as $job) {
@ -301,7 +319,7 @@ class RuleSetGenerator
case 'install': case 'install':
$packages = $this->pool->whatProvides($job['packageName'], $job['constraint'], true); $packages = $this->pool->whatProvides($job['packageName'], $job['constraint'], true);
foreach ($packages as $package) { foreach ($packages as $package) {
$this->whitelistFromPackage($package); $this->allowListFromPackage($package);
} }
break; break;
} }
@ -348,13 +366,13 @@ class RuleSetGenerator
$this->rules = new RuleSet; $this->rules = new RuleSet;
$this->installedMap = $installedMap; $this->installedMap = $installedMap;
$this->whitelistedMap = array(); $this->allowListedMap = array();
foreach ($this->installedMap as $package) { foreach ($this->installedMap as $package) {
$this->whitelistFromPackage($package); $this->allowListFromPackage($package);
} }
$this->whitelistFromJobs(); $this->allowListFromJobs();
$this->pool->setWhitelist($this->whitelistedMap); $this->pool->setAllowList($this->allowListedMap);
$this->addedMap = array(); $this->addedMap = array();
$this->conflictAddedMap = array(); $this->conflictAddedMap = array();

97
src/Composer/Installer.php
View File

@ -127,9 +127,9 @@ class Installer
* *
* @var array|null * @var array|null
*/ */
protected $updateWhitelist = null; protected $updateWhitelist = null; // TODO 2.0 rename to updateAllowList
protected $whitelistDependencies = false; // TODO 2.0 rename to whitelistTransitiveDependencies protected $whitelistDependencies = false; // TODO 2.0 rename to allowListTransitiveDependencies
protected $whitelistAllDependencies = false; protected $whitelistAllDependencies = false; // TODO 2.0 rename to allowListAllDependencies
/** /**
* @var SuggestedPackagesReporter * @var SuggestedPackagesReporter
@ -360,7 +360,7 @@ class Installer
$repositories = null; $repositories = null;
// initialize locked repo if we are installing from lock or in a partial update // initialize locked repo if we are installing from lock or in a partial update
// and a lock file is present as we need to force install non-whitelisted lock file // and a lock file is present as we need to force install non-allowed lock file
// packages in that case // packages in that case
if (!$this->update || (!empty($this->updateWhitelist) && $this->locker->isLocked())) { if (!$this->update || (!empty($this->updateWhitelist) && $this->locker->isLocked())) {
try { try {
@ -375,7 +375,7 @@ class Installer
} }
} }
$this->whitelistUpdateDependencies( $this->allowListUpdateDependencies(
$lockedRepository ?: $localRepo, $lockedRepository ?: $localRepo,
$this->package->getRequires(), $this->package->getRequires(),
$this->package->getDevRequires() $this->package->getDevRequires()
@ -1011,7 +1011,7 @@ class Installer
} }
if ($this->update) { if ($this->update) {
// skip package if the whitelist is enabled and it is not in it // skip package if the allow list is enabled and it is not in it
if ($this->updateWhitelist && !$this->isUpdateable($package)) { if ($this->updateWhitelist && !$this->isUpdateable($package)) {
// check if non-updateable packages are out of date compared to the lock file to ensure we don't corrupt it // check if non-updateable packages are out of date compared to the lock file to ensure we don't corrupt it
foreach ($currentPackages as $curPackage) { foreach ($currentPackages as $curPackage) {
@ -1280,11 +1280,11 @@ class Installer
private function isUpdateable(PackageInterface $package) private function isUpdateable(PackageInterface $package)
{ {
if (!$this->updateWhitelist) { if (!$this->updateWhitelist) {
throw new \LogicException('isUpdateable should only be called when a whitelist is present'); throw new \LogicException('isUpdateable should only be called when an allow list is present');
} }
foreach ($this->updateWhitelist as $whiteListedPattern => $void) { foreach ($this->updateWhitelist as $pattern => $void) {
$patternRegexp = BasePackage::packageNameToRegexp($whiteListedPattern); $patternRegexp = BasePackage::packageNameToRegexp($pattern);
if (preg_match($patternRegexp, $package->getName())) { if (preg_match($patternRegexp, $package->getName())) {
return true; return true;
} }
@ -1310,11 +1310,11 @@ class Installer
} }
/** /**
* Adds all dependencies of the update whitelist to the whitelist, too. * Adds all dependencies of the update allow list to the allow list, too.
* *
* Packages which are listed as requirements in the root package will be * Packages which are listed as requirements in the root package will be
* skipped including their dependencies, unless they are listed in the * skipped including their dependencies, unless they are listed in the
* update whitelist themselves or $whitelistAllDependencies is true. * update allow list themselves or $whitelistAllDependencies is true.
* *
* @param RepositoryInterface $localOrLockRepo Use the locked repo if available, otherwise installed repo will do * @param RepositoryInterface $localOrLockRepo Use the locked repo if available, otherwise installed repo will do
* As we want the most accurate package list to work with, and installed * As we want the most accurate package list to work with, and installed
@ -1322,7 +1322,7 @@ class Installer
* @param array $rootRequires An array of links to packages in require of the root package * @param array $rootRequires An array of links to packages in require of the root package
* @param array $rootDevRequires An array of links to packages in require-dev of the root package * @param array $rootDevRequires An array of links to packages in require-dev of the root package
*/ */
private function whitelistUpdateDependencies($localOrLockRepo, array $rootRequires, array $rootDevRequires) private function allowListUpdateDependencies($localOrLockRepo, array $rootRequires, array $rootDevRequires)
{ {
if (!$this->updateWhitelist) { if (!$this->updateWhitelist) {
return; return;
@ -1352,16 +1352,16 @@ class Installer
$matchesByPattern = array(); $matchesByPattern = array();
// check if the name is a glob pattern that did not match directly // check if the name is a glob pattern that did not match directly
if (empty($depPackages)) { if (empty($depPackages)) {
// add any installed package matching the whitelisted name/pattern // add any installed package matching the allow listed name/pattern
$whitelistPatternSearchRegexp = BasePackage::packageNameToRegexp($packageName, '^%s$'); $allowListPatternSearchRegexp = BasePackage::packageNameToRegexp($packageName, '^%s$');
foreach ($localOrLockRepo->search($whitelistPatternSearchRegexp) as $installedPackage) { foreach ($localOrLockRepo->search($allowListPatternSearchRegexp) as $installedPackage) {
$matchesByPattern[] = $pool->whatProvides($installedPackage['name']); $matchesByPattern[] = $pool->whatProvides($installedPackage['name']);
} }
// add root requirements which match the whitelisted name/pattern // add root requirements which match the allow listed name/pattern
$whitelistPatternRegexp = BasePackage::packageNameToRegexp($packageName); $allowListPatternRegexp = BasePackage::packageNameToRegexp($packageName);
foreach ($rootRequiredPackageNames as $rootRequiredPackageName) { foreach ($rootRequiredPackageNames as $rootRequiredPackageName) {
if (preg_match($whitelistPatternRegexp, $rootRequiredPackageName)) { if (preg_match($allowListPatternRegexp, $rootRequiredPackageName)) {
$nameMatchesRequiredPackage = true; $nameMatchesRequiredPackage = true;
break; break;
} }
@ -1404,7 +1404,7 @@ class Installer
} }
if (isset($skipPackages[$requirePackage->getName()]) && !preg_match(BasePackage::packageNameToRegexp($packageName), $requirePackage->getName())) { if (isset($skipPackages[$requirePackage->getName()]) && !preg_match(BasePackage::packageNameToRegexp($packageName), $requirePackage->getName())) {
$this->io->writeError('<warning>Dependency "' . $requirePackage->getName() . '" is also a root requirement, but is not explicitly whitelisted. Ignoring.</warning>'); $this->io->writeError('<warning>Dependency "' . $requirePackage->getName() . '" is also a root requirement, but is not explicitly allowed. Ignoring.</warning>');
continue; continue;
} }
@ -1679,6 +1679,8 @@ class Installer
* restrict the update operation to a few packages, all other packages * restrict the update operation to a few packages, all other packages
* that are already installed will be kept at their current version * that are already installed will be kept at their current version
* *
* @deprecated use setAllowList instead
*
* @param array $packages * @param array $packages
* @return Installer * @return Installer
*/ */
@ -1690,7 +1692,20 @@ class Installer
} }
/** /**
* @deprecated use setWhitelistTransitiveDependencies instead * restrict the update operation to a few packages, all other packages
* that are already installed will be kept at their current version
*
* @param array $packages
* @return Installer
*/
public function setUpdateAllowList(array $packages)
{
// call original method for BC
return $this->setUpdateWhitelist($packages);
}
/**
* @deprecated use setAllowListTransitiveDependencies instead
*/ */
public function setWhitelistDependencies($updateDependencies = true) public function setWhitelistDependencies($updateDependencies = true)
{ {
@ -1698,11 +1713,13 @@ class Installer
} }
/** /**
* Should dependencies of whitelisted packages (but not direct dependencies) be updated? * Should dependencies of allowed packages (but not direct dependencies) be updated?
* *
* This will NOT whitelist any dependencies that are also directly defined * This will NOT allow list any dependencies that are also directly defined
* in the root package. * in the root package.
* *
* @deprecated use setAllowListTransitiveDependencies instead
*
* @param bool $updateTransitiveDependencies * @param bool $updateTransitiveDependencies
* @return Installer * @return Installer
*/ */
@ -1714,11 +1731,28 @@ class Installer
} }
/** /**
* Should all dependencies of whitelisted packages be updated recursively? * Should dependencies of allowed packages (but not direct dependencies) be updated?
* *
* This will whitelist any dependencies of the whitelisted packages, including * This will NOT allow list any dependencies that are also directly defined
* in the root package.
*
* @param bool $updateTransitiveDependencies
* @return Installer
*/
public function setAllowListTransitiveDependencies($updateTransitiveDependencies = true)
{
// call original method for BC
return $this->setWhitelistTransitiveDependencies($updateTransitiveDependencies);
}
/**
* Should all dependencies of allowed packages be updated recursively?
*
* This will allow list any dependencies of the allow listed packages, including
* those defined in the root package. * those defined in the root package.
* *
* @deprecated use setAllowListAllDependencies instead
*
* @param bool $updateAllDependencies * @param bool $updateAllDependencies
* @return Installer * @return Installer
*/ */
@ -1729,6 +1763,21 @@ class Installer
return $this; return $this;
} }
/**
* Should all dependencies of allowed packages be updated recursively?
*
* This will allow list any dependencies of the allow listed packages, including
* those defined in the root package.
*
* @param bool $updateAllDependencies
* @return Installer
*/
public function setAllowListAllDependencies($updateAllDependencies = true)
{
// call original method for BC
return $this->setWhitelistAllDependencies($updateAllDependencies);
}
/** /**
* Should packages be preferred in a stable version when updating? * Should packages be preferred in a stable version when updating?
* *

8
src/Composer/Package/BasePackage.php
View File

@ -238,14 +238,14 @@ abstract class BasePackage implements PackageInterface
/** /**
* Build a regexp from a package name, expanding * globs as required * Build a regexp from a package name, expanding * globs as required
* *
* @param string $whiteListedPattern * @param string $allowListPattern
* @param string $wrap Wrap the cleaned string by the given string * @param string $wrap Wrap the cleaned string by the given string
* @return string * @return string
*/ */
public static function packageNameToRegexp($whiteListedPattern, $wrap = '{^%s$}i') public static function packageNameToRegexp($allowListPattern, $wrap = '{^%s$}i')
{ {
$cleanedWhiteListedPattern = str_replace('\\*', '.*', preg_quote($whiteListedPattern)); $cleanedAllowListPattern = str_replace('\\*', '.*', preg_quote($allowListPattern));
return sprintf($wrap, $cleanedWhiteListedPattern); return sprintf($wrap, $cleanedAllowListPattern);
} }
} }

4
src/Composer/Repository/Vcs/GitHubDriver.php
View File

@ -337,13 +337,11 @@ class GitHubDriver extends VcsDriver
$this->branches = array(); $this->branches = array();
$resource = $this->getApiUrl() . '/repos/'.$this->owner.'/'.$this->repository.'/git/refs/heads?per_page=100'; $resource = $this->getApiUrl() . '/repos/'.$this->owner.'/'.$this->repository.'/git/refs/heads?per_page=100';
$branchBlacklist = array('gh-pages');
do { do {
$branchData = JsonFile::parseJson($this->getContents($resource), $resource); $branchData = JsonFile::parseJson($this->getContents($resource), $resource);
foreach ($branchData as $branch) { foreach ($branchData as $branch) {
$name = substr($branch['ref'], 11); $name = substr($branch['ref'], 11);
if (!in_array($name, $branchBlacklist)) { if ($name !== 'gh-pages') {
$this->branches[$name] = $branch['object']['sha']; $this->branches[$name] = $branch['object']['sha'];
} }
} }

4
tests/Composer/Test/Fixtures/installer/github-issues-4795-2.test
View File

@ -2,8 +2,8 @@
See Github issue #4795 ( github.com/composer/composer/issues/4795 ). See Github issue #4795 ( github.com/composer/composer/issues/4795 ).
Composer\Installer::whitelistUpdateDependencies should not output a warning for dependencies that need to be updated Composer\Installer::allowListUpdateDependencies should not output a warning for dependencies that need to be updated
that are also a root package, when that root package is also explicitly whitelisted. that are also a root package, when that root package is also explicitly allowed.
--COMPOSER-- --COMPOSER--
{ {

6
tests/Composer/Test/Fixtures/installer/github-issues-4795.test
View File

@ -2,8 +2,8 @@
See Github issue #4795 ( github.com/composer/composer/issues/4795 ). See Github issue #4795 ( github.com/composer/composer/issues/4795 ).
Composer\Installer::whitelistUpdateDependencies intentionally ignores root requirements even if said package is also a Composer\Installer::allowListUpdateDependencies intentionally ignores root requirements even if said package is also a
dependency of one the requirements that is whitelisted for update. dependency of one the requirements that is allowed for update.
--COMPOSER-- --COMPOSER--
{ {
@ -34,7 +34,7 @@ dependency of one the requirements that is whitelisted for update.
update b/b --with-dependencies update b/b --with-dependencies
--EXPECT-OUTPUT-- --EXPECT-OUTPUT--
<warning>Dependency "a/a" is also a root requirement, but is not explicitly whitelisted. Ignoring.</warning> <warning>Dependency "a/a" is also a root requirement, but is not explicitly allowed. Ignoring.</warning>
Loading composer repositories with package information Loading composer repositories with package information
Updating dependencies (including require-dev) Updating dependencies (including require-dev)
Nothing to install or update Nothing to install or update

12
tests/Composer/Test/Fixtures/installer/install-from-lock-removes-package.test
View File

@ -6,8 +6,8 @@ Install from a lock file that deleted a package
{ {
"type": "package", "type": "package",
"package": [ "package": [
{ "name": "whitelisted", "version": "1.1.0" }, { "name": "allowed", "version": "1.1.0" },
{ "name": "whitelisted", "version": "1.0.0", "require": { "fixed-dependency": "1.0.0", "old-dependency": "1.0.0" } }, { "name": "allowed", "version": "1.0.0", "require": { "fixed-dependency": "1.0.0", "old-dependency": "1.0.0" } },
{ "name": "fixed-dependency", "version": "1.1.0" }, { "name": "fixed-dependency", "version": "1.1.0" },
{ "name": "fixed-dependency", "version": "1.0.0" }, { "name": "fixed-dependency", "version": "1.0.0" },
{ "name": "old-dependency", "version": "1.0.0" } { "name": "old-dependency", "version": "1.0.0" }
@ -15,14 +15,14 @@ Install from a lock file that deleted a package
} }
], ],
"require": { "require": {
"whitelisted": "1.*", "allowed": "1.*",
"fixed-dependency": "1.*" "fixed-dependency": "1.*"
} }
} }
--LOCK-- --LOCK--
{ {
"packages": [ "packages": [
{ "name": "whitelisted", "version": "1.1.0" }, { "name": "allowed", "version": "1.1.0" },
{ "name": "fixed-dependency", "version": "1.0.0" } { "name": "fixed-dependency", "version": "1.0.0" }
], ],
"packages-dev": null, "packages-dev": null,
@ -33,7 +33,7 @@ Install from a lock file that deleted a package
} }
--INSTALLED-- --INSTALLED--
[ [
{ "name": "whitelisted", "version": "1.0.0", "require": { "old-dependency": "1.0.0", "fixed-dependency": "1.0.0" } }, { "name": "allowed", "version": "1.0.0", "require": { "old-dependency": "1.0.0", "fixed-dependency": "1.0.0" } },
{ "name": "fixed-dependency", "version": "1.0.0" }, { "name": "fixed-dependency", "version": "1.0.0" },
{ "name": "old-dependency", "version": "1.0.0" } { "name": "old-dependency", "version": "1.0.0" }
] ]
@ -41,4 +41,4 @@ Install from a lock file that deleted a package
install install
--EXPECT-- --EXPECT--
Uninstalling old-dependency (1.0.0) Uninstalling old-dependency (1.0.0)
Updating whitelisted (1.0.0) to whitelisted (1.1.0) Updating allowed (1.0.0) to allowed (1.1.0)

2
tests/Composer/Test/Fixtures/installer/partial-update-downgrades-non-whitelisted-unstable.test
View File

@ -1,5 +1,5 @@
--TEST-- --TEST--
Partial update from lock file should apply lock file and downgrade unstable packages even if not whitelisted Partial update from lock file should apply lock file and downgrade unstable packages even if not allowed
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [

2
tests/Composer/Test/Fixtures/installer/partial-update-forces-dev-reference-from-lock-for-non-updated-packages.test
View File

@ -1,5 +1,5 @@
--TEST-- --TEST--
Partial update forces updates dev reference from lock file for non whitelisted packages Partial update forces updates dev reference from lock file for non allowed packages
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [

2
tests/Composer/Test/Fixtures/installer/partial-update-without-lock.test
View File

@ -1,5 +1,5 @@
--TEST-- --TEST--
Partial update without lock file should update everything whitelisted, remove overly unstable packages Partial update without lock file should update everything allowed, remove overly unstable packages
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [

4
tests/Composer/Test/Fixtures/installer/update-changes-url.test
View File

@ -3,10 +3,10 @@ Update updates URLs for updated packages if they have changed
a/a is dev and gets everything updated as it updates to a new ref a/a is dev and gets everything updated as it updates to a new ref
b/b is a tag and gets everything updated by updating the package URL directly b/b is a tag and gets everything updated by updating the package URL directly
c/c is a tag and not whitelisted and gets the new URL but keeps its old ref c/c is a tag and not allowed and gets the new URL but keeps its old ref
d/d is dev but with a #ref so it should get URL updated but not the reference d/d is dev but with a #ref so it should get URL updated but not the reference
e/e is dev and newly installed with a #ref so it should get the correct URL but with the #111 ref e/e is dev and newly installed with a #ref so it should get the correct URL but with the #111 ref
e/e is dev but not whitelisted and gets the new URL but keeps its old ref e/e is dev but not allowed and gets the new URL but keeps its old ref
g/g is dev and installed in a different ref than the #ref, so it gets updated and gets the new URL but not the new ref g/g is dev and installed in a different ref than the #ref, so it gets updated and gets the new URL but not the new ref
--COMPOSER-- --COMPOSER--
{ {

14
tests/Composer/Test/Fixtures/installer/update-whitelist-locked-require.test
View File

@ -1,13 +1,13 @@
--TEST-- --TEST--
Update with a package whitelist only updates those packages if they are not present in composer.json Update with a package allowed list only updates those packages if they are not present in composer.json
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [
{ {
"type": "package", "type": "package",
"package": [ "package": [
{ "name": "whitelisted", "version": "1.1.0", "require": { "dependency": "1.1.0", "fixed-dependency": "1.*" } }, { "name": "allowed", "version": "1.1.0", "require": { "dependency": "1.1.0", "fixed-dependency": "1.*" } },
{ "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.0.0", "fixed-dependency": "1.*" } }, { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.0.0", "fixed-dependency": "1.*" } },
{ "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.1.0" },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "fixed-dependency", "version": "1.1.0", "require": { "fixed-sub-dependency": "1.*" } }, { "name": "fixed-dependency", "version": "1.1.0", "require": { "fixed-sub-dependency": "1.*" } },
@ -18,19 +18,19 @@ Update with a package whitelist only updates those packages if they are not pres
} }
], ],
"require": { "require": {
"whitelisted": "1.*", "allowed": "1.*",
"fixed-dependency": "1.*" "fixed-dependency": "1.*"
} }
} }
--INSTALLED-- --INSTALLED--
[ [
{ "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.0.0", "fixed-dependency": "1.*" } }, { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.0.0", "fixed-dependency": "1.*" } },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "fixed-dependency", "version": "1.0.0", "require": { "fixed-sub-dependency": "1.*" } }, { "name": "fixed-dependency", "version": "1.0.0", "require": { "fixed-sub-dependency": "1.*" } },
{ "name": "fixed-sub-dependency", "version": "1.0.0" } { "name": "fixed-sub-dependency", "version": "1.0.0" }
] ]
--RUN-- --RUN--
update whitelisted dependency update allowed dependency
--EXPECT-- --EXPECT--
Updating dependency (1.0.0) to dependency (1.1.0) Updating dependency (1.0.0) to dependency (1.1.0)
Updating whitelisted (1.0.0) to whitelisted (1.1.0) Updating allowed (1.0.0) to allowed (1.1.0)

24
tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-all-dependencies.test
View File

@ -1,5 +1,5 @@
--TEST-- --TEST--
Update with a package whitelist pattern and all-dependencies flag updates packages and their dependencies, even if defined as root dependency, matching the pattern Update with a package allowed list pattern and all-dependencies flag updates packages and their dependencies, even if defined as root dependency, matching the pattern
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [
@ -8,10 +8,10 @@ Update with a package whitelist pattern and all-dependencies flag updates packag
"package": [ "package": [
{ "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.1.0" },
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted-component1", "version": "1.1.0" }, { "name": "allowed-component1", "version": "1.1.0" },
{ "name": "whitelisted-component1", "version": "1.0.0" }, { "name": "allowed-component1", "version": "1.0.0" },
{ "name": "whitelisted-component2", "version": "1.1.0", "require": { "dependency": "1.*" } }, { "name": "allowed-component2", "version": "1.1.0", "require": { "dependency": "1.*" } },
{ "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.*" } }, { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.*" } },
{ "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.1.0" },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } },
@ -23,8 +23,8 @@ Update with a package whitelist pattern and all-dependencies flag updates packag
], ],
"require": { "require": {
"fixed": "1.*", "fixed": "1.*",
"whitelisted-component1": "1.*", "allowed-component1": "1.*",
"whitelisted-component2": "1.*", "allowed-component2": "1.*",
"dependency": "1.*", "dependency": "1.*",
"unrelated": "1.*" "unrelated": "1.*"
} }
@ -32,15 +32,15 @@ Update with a package whitelist pattern and all-dependencies flag updates packag
--INSTALLED-- --INSTALLED--
[ [
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted-component1", "version": "1.0.0" }, { "name": "allowed-component1", "version": "1.0.0" },
{ "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } },
{ "name": "unrelated-dependency", "version": "1.0.0" } { "name": "unrelated-dependency", "version": "1.0.0" }
] ]
--RUN-- --RUN--
update whitelisted-* --with-all-dependencies update allowed-* --with-all-dependencies
--EXPECT-- --EXPECT--
Updating whitelisted-component1 (1.0.0) to whitelisted-component1 (1.1.0) Updating allowed-component1 (1.0.0) to allowed-component1 (1.1.0)
Updating dependency (1.0.0) to dependency (1.1.0) Updating dependency (1.0.0) to dependency (1.1.0)
Updating whitelisted-component2 (1.0.0) to whitelisted-component2 (1.1.0) Updating allowed-component2 (1.0.0) to allowed-component2 (1.1.0)

24
tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-dependencies.test
View File

@ -1,5 +1,5 @@
--TEST-- --TEST--
Update with a package whitelist only updates those packages and their dependencies matching the pattern but no dependencies defined as roo package Update with a package allowed list only updates those packages and their dependencies matching the pattern but no dependencies defined as roo package
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [
@ -8,10 +8,10 @@ Update with a package whitelist only updates those packages and their dependenci
"package": [ "package": [
{ "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.1.0" },
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted-component1", "version": "1.1.0" }, { "name": "allowed-component1", "version": "1.1.0" },
{ "name": "whitelisted-component1", "version": "1.0.0" }, { "name": "allowed-component1", "version": "1.0.0" },
{ "name": "whitelisted-component2", "version": "1.1.0", "require": { "dependency": "1.*", "root-dependency": "1.*" } }, { "name": "allowed-component2", "version": "1.1.0", "require": { "dependency": "1.*", "root-dependency": "1.*" } },
{ "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.*", "root-dependency": "1.*" } }, { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.*", "root-dependency": "1.*" } },
{ "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.1.0" },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "root-dependency", "version": "1.1.0" }, { "name": "root-dependency", "version": "1.1.0" },
@ -25,8 +25,8 @@ Update with a package whitelist only updates those packages and their dependenci
], ],
"require": { "require": {
"fixed": "1.*", "fixed": "1.*",
"whitelisted-component1": "1.*", "allowed-component1": "1.*",
"whitelisted-component2": "1.*", "allowed-component2": "1.*",
"root-dependency": "1.*", "root-dependency": "1.*",
"unrelated": "1.*" "unrelated": "1.*"
} }
@ -34,16 +34,16 @@ Update with a package whitelist only updates those packages and their dependenci
--INSTALLED-- --INSTALLED--
[ [
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted-component1", "version": "1.0.0" }, { "name": "allowed-component1", "version": "1.0.0" },
{ "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } },
{ "name": "root-dependency", "version": "1.0.0" }, { "name": "root-dependency", "version": "1.0.0" },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } },
{ "name": "unrelated-dependency", "version": "1.0.0" } { "name": "unrelated-dependency", "version": "1.0.0" }
] ]
--RUN-- --RUN--
update whitelisted-* --with-dependencies update allowed-* --with-dependencies
--EXPECT-- --EXPECT--
Updating whitelisted-component1 (1.0.0) to whitelisted-component1 (1.1.0) Updating allowed-component1 (1.0.0) to allowed-component1 (1.1.0)
Updating dependency (1.0.0) to dependency (1.1.0) Updating dependency (1.0.0) to dependency (1.1.0)
Updating whitelisted-component2 (1.0.0) to whitelisted-component2 (1.1.0) Updating allowed-component2 (1.0.0) to allowed-component2 (1.1.0)

44
tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-with-root-dependencies.test
View File

@ -1,5 +1,5 @@
--TEST-- --TEST--
Update with a package whitelist only updates those packages and their dependencies matching the pattern Update with a package allowed list only updates those packages and their dependencies matching the pattern
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [
@ -8,16 +8,16 @@ Update with a package whitelist only updates those packages and their dependenci
"package": [ "package": [
{ "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.1.0" },
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted-component1", "version": "1.1.0", "require": { "whitelisted-component2": "1.1.0" } }, { "name": "allowed-component1", "version": "1.1.0", "require": { "allowed-component2": "1.1.0" } },
{ "name": "whitelisted-component1", "version": "1.0.0", "require": { "whitelisted-component2": "1.0.0" } }, { "name": "allowed-component1", "version": "1.0.0", "require": { "allowed-component2": "1.0.0" } },
{ "name": "whitelisted-component2", "version": "1.1.0", "require": { "dependency": "1.1.0", "whitelisted-component5": "1.0.0" } }, { "name": "allowed-component2", "version": "1.1.0", "require": { "dependency": "1.1.0", "allowed-component5": "1.0.0" } },
{ "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } },
{ "name": "whitelisted-component3", "version": "1.1.0", "require": { "whitelisted-component4": "1.1.0" } }, { "name": "allowed-component3", "version": "1.1.0", "require": { "allowed-component4": "1.1.0" } },
{ "name": "whitelisted-component3", "version": "1.0.0", "require": { "whitelisted-component4": "1.0.0" } }, { "name": "allowed-component3", "version": "1.0.0", "require": { "allowed-component4": "1.0.0" } },
{ "name": "whitelisted-component4", "version": "1.1.0" }, { "name": "allowed-component4", "version": "1.1.0" },
{ "name": "whitelisted-component4", "version": "1.0.0" }, { "name": "allowed-component4", "version": "1.0.0" },
{ "name": "whitelisted-component5", "version": "1.1.0" }, { "name": "allowed-component5", "version": "1.1.0" },
{ "name": "whitelisted-component5", "version": "1.0.0" }, { "name": "allowed-component5", "version": "1.0.0" },
{ "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.1.0" },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } },
@ -29,27 +29,27 @@ Update with a package whitelist only updates those packages and their dependenci
], ],
"require": { "require": {
"fixed": "1.*", "fixed": "1.*",
"whitelisted-component1": "1.*", "allowed-component1": "1.*",
"whitelisted-component2": "1.*", "allowed-component2": "1.*",
"whitelisted-component3": "1.0.0", "allowed-component3": "1.0.0",
"unrelated": "1.*" "unrelated": "1.*"
} }
} }
--INSTALLED-- --INSTALLED--
[ [
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted-component1", "version": "1.0.0", "require": { "whitelisted-component2": "1.0.0" } }, { "name": "allowed-component1", "version": "1.0.0", "require": { "allowed-component2": "1.0.0" } },
{ "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } },
{ "name": "whitelisted-component3", "version": "1.0.0", "require": { "whitelisted-component4": "1.0.0" } }, { "name": "allowed-component3", "version": "1.0.0", "require": { "allowed-component4": "1.0.0" } },
{ "name": "whitelisted-component4", "version": "1.0.0" }, { "name": "allowed-component4", "version": "1.0.0" },
{ "name": "whitelisted-component5", "version": "1.0.0" }, { "name": "allowed-component5", "version": "1.0.0" },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } },
{ "name": "unrelated-dependency", "version": "1.0.0" } { "name": "unrelated-dependency", "version": "1.0.0" }
] ]
--RUN-- --RUN--
update whitelisted-* --with-dependencies update allowed-* --with-dependencies
--EXPECT-- --EXPECT--
Updating dependency (1.0.0) to dependency (1.1.0) Updating dependency (1.0.0) to dependency (1.1.0)
Updating whitelisted-component2 (1.0.0) to whitelisted-component2 (1.1.0) Updating allowed-component2 (1.0.0) to allowed-component2 (1.1.0)
Updating whitelisted-component1 (1.0.0) to whitelisted-component1 (1.1.0) Updating allowed-component1 (1.0.0) to allowed-component1 (1.1.0)

24
tests/Composer/Test/Fixtures/installer/update-whitelist-patterns-without-dependencies.test
View File

@ -1,5 +1,5 @@
--TEST-- --TEST--
Update with a package whitelist only updates those packages matching the pattern Update with a package allowed list only updates those packages matching the pattern
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [
@ -8,10 +8,10 @@ Update with a package whitelist only updates those packages matching the pattern
"package": [ "package": [
{ "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.1.0" },
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted-component1", "version": "1.1.0" }, { "name": "allowed-component1", "version": "1.1.0" },
{ "name": "whitelisted-component1", "version": "1.0.0" }, { "name": "allowed-component1", "version": "1.0.0" },
{ "name": "whitelisted-component2", "version": "1.1.0", "require": { "dependency": "1.*" } }, { "name": "allowed-component2", "version": "1.1.0", "require": { "dependency": "1.*" } },
{ "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.*" } }, { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.*" } },
{ "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.1.0" },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } },
@ -23,22 +23,22 @@ Update with a package whitelist only updates those packages matching the pattern
], ],
"require": { "require": {
"fixed": "1.*", "fixed": "1.*",
"whitelisted-component1": "1.*", "allowed-component1": "1.*",
"whitelisted-component2": "1.*", "allowed-component2": "1.*",
"unrelated": "1.*" "unrelated": "1.*"
} }
} }
--INSTALLED-- --INSTALLED--
[ [
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted-component1", "version": "1.0.0" }, { "name": "allowed-component1", "version": "1.0.0" },
{ "name": "whitelisted-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "allowed-component2", "version": "1.0.0", "require": { "dependency": "1.0.0" } },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } },
{ "name": "unrelated-dependency", "version": "1.0.0" } { "name": "unrelated-dependency", "version": "1.0.0" }
] ]
--RUN-- --RUN--
update whitelisted-* update allowed-*
--EXPECT-- --EXPECT--
Updating whitelisted-component1 (1.0.0) to whitelisted-component1 (1.1.0) Updating allowed-component1 (1.0.0) to allowed-component1 (1.1.0)
Updating whitelisted-component2 (1.0.0) to whitelisted-component2 (1.1.0) Updating allowed-component2 (1.0.0) to allowed-component2 (1.1.0)

2
tests/Composer/Test/Fixtures/installer/update-whitelist-patterns.test
View File

@ -1,5 +1,5 @@
--TEST-- --TEST--
Update with a package whitelist only updates those corresponding to the pattern Update with a package allowed list only updates those corresponding to the pattern
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [

14
tests/Composer/Test/Fixtures/installer/update-whitelist-removes-unused.test
View File

@ -1,13 +1,13 @@
--TEST-- --TEST--
Update with a package whitelist removes unused packages Update with a package allowed list removes unused packages
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [
{ {
"type": "package", "type": "package",
"package": [ "package": [
{ "name": "whitelisted", "version": "1.1.0" }, { "name": "allowed", "version": "1.1.0" },
{ "name": "whitelisted", "version": "1.0.0", "require": { "fixed-dependency": "1.0.0", "old-dependency": "1.0.0" } }, { "name": "allowed", "version": "1.0.0", "require": { "fixed-dependency": "1.0.0", "old-dependency": "1.0.0" } },
{ "name": "fixed-dependency", "version": "1.1.0" }, { "name": "fixed-dependency", "version": "1.1.0" },
{ "name": "fixed-dependency", "version": "1.0.0" }, { "name": "fixed-dependency", "version": "1.0.0" },
{ "name": "old-dependency", "version": "1.0.0" } { "name": "old-dependency", "version": "1.0.0" }
@ -15,18 +15,18 @@ Update with a package whitelist removes unused packages
} }
], ],
"require": { "require": {
"whitelisted": "1.*", "allowed": "1.*",
"fixed-dependency": "1.*" "fixed-dependency": "1.*"
} }
} }
--INSTALLED-- --INSTALLED--
[ [
{ "name": "whitelisted", "version": "1.0.0", "require": { "old-dependency": "1.0.0", "fixed-dependency": "1.0.0" } }, { "name": "allowed", "version": "1.0.0", "require": { "old-dependency": "1.0.0", "fixed-dependency": "1.0.0" } },
{ "name": "fixed-dependency", "version": "1.0.0" }, { "name": "fixed-dependency", "version": "1.0.0" },
{ "name": "old-dependency", "version": "1.0.0" } { "name": "old-dependency", "version": "1.0.0" }
] ]
--RUN-- --RUN--
update --with-dependencies whitelisted update --with-dependencies allowed
--EXPECT-- --EXPECT--
Uninstalling old-dependency (1.0.0) Uninstalling old-dependency (1.0.0)
Updating whitelisted (1.0.0) to whitelisted (1.1.0) Updating allowed (1.0.0) to allowed (1.1.0)

14
tests/Composer/Test/Fixtures/installer/update-whitelist-with-dependencies.test
View File

@ -1,5 +1,5 @@
--TEST-- --TEST--
Update with a package whitelist only updates those packages and their dependencies listed as command arguments Update with a package allowed list only updates those packages and their dependencies listed as command arguments
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [
@ -8,8 +8,8 @@ Update with a package whitelist only updates those packages and their dependenci
"package": [ "package": [
{ "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.1.0" },
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted", "version": "1.1.0", "require": { "dependency": "1.1.0" } }, { "name": "allowed", "version": "1.1.0", "require": { "dependency": "1.1.0" } },
{ "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.0.0" } },
{ "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.1.0" },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } },
@ -21,20 +21,20 @@ Update with a package whitelist only updates those packages and their dependenci
], ],
"require": { "require": {
"fixed": "1.*", "fixed": "1.*",
"whitelisted": "1.*", "allowed": "1.*",
"unrelated": "1.*" "unrelated": "1.*"
} }
} }
--INSTALLED-- --INSTALLED--
[ [
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.0.0" } },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } },
{ "name": "unrelated-dependency", "version": "1.0.0" } { "name": "unrelated-dependency", "version": "1.0.0" }
] ]
--RUN-- --RUN--
update whitelisted --with-dependencies update allowed --with-dependencies
--EXPECT-- --EXPECT--
Updating dependency (1.0.0) to dependency (1.1.0) Updating dependency (1.0.0) to dependency (1.1.0)
Updating whitelisted (1.0.0) to whitelisted (1.1.0) Updating allowed (1.0.0) to allowed (1.1.0)

12
tests/Composer/Test/Fixtures/installer/update-whitelist-with-dependency-conflict.test
View File

@ -1,5 +1,5 @@
--TEST-- --TEST--
Update with a package whitelist only updates whitelisted packages if no dependency conflicts Update with a package allowed list only updates allowed packages if no dependency conflicts
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [
@ -8,8 +8,8 @@ Update with a package whitelist only updates whitelisted packages if no dependen
"package": [ "package": [
{ "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.1.0" },
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted", "version": "1.1.0", "require": { "dependency": "1.1.0" } }, { "name": "allowed", "version": "1.1.0", "require": { "dependency": "1.1.0" } },
{ "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.0.0" } },
{ "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.1.0" },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } },
@ -21,18 +21,18 @@ Update with a package whitelist only updates whitelisted packages if no dependen
], ],
"require": { "require": {
"fixed": "1.*", "fixed": "1.*",
"whitelisted": "1.*", "allowed": "1.*",
"unrelated": "1.*" "unrelated": "1.*"
} }
} }
--INSTALLED-- --INSTALLED--
[ [
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.0.0" } }, { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.0.0" } },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } },
{ "name": "unrelated-dependency", "version": "1.0.0" } { "name": "unrelated-dependency", "version": "1.0.0" }
] ]
--RUN-- --RUN--
update whitelisted update allowed
--EXPECT-- --EXPECT--

14
tests/Composer/Test/Fixtures/installer/update-whitelist.test
View File

@ -1,5 +1,5 @@
--TEST-- --TEST--
Update with a package whitelist only updates those packages listed as command arguments Update with a package allowed list only updates those packages listed as command arguments
--COMPOSER-- --COMPOSER--
{ {
"repositories": [ "repositories": [
@ -8,8 +8,8 @@ Update with a package whitelist only updates those packages listed as command ar
"package": [ "package": [
{ "name": "fixed", "version": "1.1.0" }, { "name": "fixed", "version": "1.1.0" },
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted", "version": "1.1.0", "require": { "dependency": "1.*" } }, { "name": "allowed", "version": "1.1.0", "require": { "dependency": "1.*" } },
{ "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.*" } }, { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.*" } },
{ "name": "dependency", "version": "1.1.0" }, { "name": "dependency", "version": "1.1.0" },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.1.0", "require": { "unrelated-dependency": "1.*" } },
@ -21,19 +21,19 @@ Update with a package whitelist only updates those packages listed as command ar
], ],
"require": { "require": {
"fixed": "1.*", "fixed": "1.*",
"whitelisted": "1.*", "allowed": "1.*",
"unrelated": "1.*" "unrelated": "1.*"
} }
} }
--INSTALLED-- --INSTALLED--
[ [
{ "name": "fixed", "version": "1.0.0" }, { "name": "fixed", "version": "1.0.0" },
{ "name": "whitelisted", "version": "1.0.0", "require": { "dependency": "1.*" } }, { "name": "allowed", "version": "1.0.0", "require": { "dependency": "1.*" } },
{ "name": "dependency", "version": "1.0.0" }, { "name": "dependency", "version": "1.0.0" },
{ "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } }, { "name": "unrelated", "version": "1.0.0", "require": { "unrelated-dependency": "1.*" } },
{ "name": "unrelated-dependency", "version": "1.0.0" } { "name": "unrelated-dependency", "version": "1.0.0" }
] ]
--RUN-- --RUN--
update whitelisted update allowed
--EXPECT-- --EXPECT--
Updating whitelisted (1.0.0) to whitelisted (1.1.0) Updating allowed (1.0.0) to allowed (1.1.0)

2
tests/Composer/Test/Fixtures/installer/update-with-all-dependencies.test
View File

@ -2,7 +2,7 @@
See Github issue #6661 ( github.com/composer/composer/issues/6661 ). See Github issue #6661 ( github.com/composer/composer/issues/6661 ).
When `--with-all-dependencies` is used, Composer\Installer::whitelistUpdateDependencies should update the dependencies of all whitelisted packages, even if the dependency is a root requirement. When `--with-all-dependencies` is used, Composer\Installer::allowListUpdateDependencies should update the dependencies of all allowed packages, even if the dependency is a root requirement.
--COMPOSER-- --COMPOSER--
{ {

6
tests/Composer/Test/InstallerTest.php
View File

@ -230,9 +230,9 @@ class InstallerTest extends TestCase
->setDevMode(!$input->getOption('no-dev')) ->setDevMode(!$input->getOption('no-dev'))
->setUpdate(true) ->setUpdate(true)
->setDryRun($input->getOption('dry-run')) ->setDryRun($input->getOption('dry-run'))
->setUpdateWhitelist($input->getArgument('packages')) ->setUpdateAllowList($input->getArgument('packages'))
->setWhitelistTransitiveDependencies($input->getOption('with-dependencies')) ->setAllowListTransitiveDependencies($input->getOption('with-dependencies'))
->setWhitelistAllDependencies($input->getOption('with-all-dependencies')) ->setAllowListAllDependencies($input->getOption('with-all-dependencies'))
->setPreferStable($input->getOption('prefer-stable')) ->setPreferStable($input->getOption('prefer-stable'))
->setPreferLowest($input->getOption('prefer-lowest')) ->setPreferLowest($input->getOption('prefer-lowest'))
->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs')); ->setIgnorePlatformRequirements($input->getOption('ignore-platform-reqs'));