Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #3133903 by longwave, jungle: Ensure all packages in composer.lock are considered for vendor hardening

merge-requests/2/head
Alex Pott 2020-07-13 23:26:11 +01:00
parent 9d4de9c325
commit f0f4922f91
No known key found for this signature in database
GPG Key ID: 31905460D4A69276
3 changed files with 121 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
composer/Plugin/VendorHardening/Config.php
View File

@ -20,38 +20,65 @@ class Config {
* @var array * @var array
*/ */
protected static $defaultConfig = [ protected static $defaultConfig = [
'asm89/stack-cors' => ['test'],
'behat/mink' => ['tests', 'driver-testsuite'], 'behat/mink' => ['tests', 'driver-testsuite'],
'behat/mink-browserkit-driver' => ['tests'], 'behat/mink-browserkit-driver' => ['tests'],
'behat/mink-goutte-driver' => ['tests'], 'behat/mink-goutte-driver' => ['tests'],
'behat/mink-selenium2-driver' => ['tests'], 'behat/mink-selenium2-driver' => ['tests'],
'composer/composer' => ['bin'], 'composer/ca-bundle' => ['tests'],
'composer/composer' => ['bin', 'tests'],
'composer/installers' => ['tests'],
'composer/semver' => ['tests'],
'composer/spdx-licenses' => ['tests'],
'composer/xdebug-handler' => ['tests'],
'doctrine/annotations' => ['tests'],
'doctrine/instantiator' => ['tests'],
'doctrine/lexer' => ['tests'],
'doctrine/reflection' => ['tests'],
'drupal/coder' => [ 'drupal/coder' => [
'coder_sniffer/Drupal/Test', 'coder_sniffer/Drupal/Test',
'coder_sniffer/DrupalPractice/Test', 'coder_sniffer/DrupalPractice/Test',
], ],
'doctrine/instantiator' => ['tests'], 'drupal/core' => [],
'easyrdf/easyrdf' => ['scripts'], 'drupal/core-project-message' => [],
'egulias/email-validator' => ['documentation', 'tests'], 'drupal/core-vendor-hardening' => [],
'easyrdf/easyrdf' => ['test', 'scripts'],
'egulias/email-validator' => ['documentation', 'Tests'],
'fabpot/goutte' => ['Goutte/Tests'], 'fabpot/goutte' => ['Goutte/Tests'],
'guzzlehttp/guzzle' => ['tests'],
'guzzlehttp/promises' => ['tests'], 'guzzlehttp/promises' => ['tests'],
'guzzlehttp/psr7' => ['tests'], 'guzzlehttp/psr7' => ['tests'],
'instaclick/php-webdriver' => ['doc', 'test'], 'instaclick/php-webdriver' => ['doc', 'test'],
'justinrainbow/json-schema' => ['demo'], 'justinrainbow/json-schema' => ['demo', 'tests'],
'laminas/laminas-diactoros' => ['test'],
'laminas/laminas-escaper' => ['test'],
'laminas/laminas-feed' => ['test'],
'laminas/laminas-stdlib' => ['test'],
'laminas/laminas-zendframework-bridge' => ['test'],
'masterminds/html5' => ['bin', 'test'], 'masterminds/html5' => ['bin', 'test'],
'mikey179/vfsstream' => ['src/test'], 'mikey179/vfsstream' => ['examples', 'src/test'],
'myclabs/deep-copy' => ['doc'], 'myclabs/deep-copy' => ['doc', 'tests'],
'pear/archive_tar' => ['docs', 'tests'], 'pear/archive_tar' => ['docs', 'tests'],
'pear/console_getopt' => ['tests'], 'pear/console_getopt' => ['tests'],
'pear/pear-core-minimal' => ['tests'], 'pear/pear-core-minimal' => ['tests'],
'pear/pear_exception' => ['tests'], 'pear/pear_exception' => ['tests'],
'phar-io/manifest' => ['examples', 'tests'], 'phar-io/manifest' => ['examples', 'tests'],
'phar-io/version' => ['tests'], 'phar-io/version' => ['tests'],
'phpdocumentor/reflection-common' => ['tests'],
'phpdocumentor/reflection-docblock' => ['tests'], 'phpdocumentor/reflection-docblock' => ['tests'],
'phpdocumentor/type-resolver' => ['tests'],
'phpspec/prophecy' => ['fixtures', 'spec', 'tests'], 'phpspec/prophecy' => ['fixtures', 'spec', 'tests'],
'phpunit/php-code-coverage' => ['tests'], 'phpunit/php-code-coverage' => ['tests'],
'phpunit/php-file-iterator' => ['tests'],
'phpunit/php-text-template' => [],
'phpunit/php-timer' => ['tests'], 'phpunit/php-timer' => ['tests'],
'phpunit/php-token-stream' => ['tests'], 'phpunit/php-token-stream' => ['tests'],
'phpunit/phpunit' => ['tests'], 'phpunit/phpunit' => ['tests'],
'psr/container' => [],
'psr/http-factory' => [],
'psr/http-message' => [],
'psr/log' => [],
'ralouphie/getallheaders' => ['tests'],
'sebastian/code-unit-reverse-lookup' => ['tests'], 'sebastian/code-unit-reverse-lookup' => ['tests'],
'sebastian/comparator' => ['tests'], 'sebastian/comparator' => ['tests'],
'sebastian/diff' => ['tests'], 'sebastian/diff' => ['tests'],
@ -61,7 +88,11 @@ class Config {
'sebastian/object-enumerator' => ['tests'], 'sebastian/object-enumerator' => ['tests'],
'sebastian/object-reflector' => ['tests'], 'sebastian/object-reflector' => ['tests'],
'sebastian/recursion-context' => ['tests'], 'sebastian/recursion-context' => ['tests'],
'sebastian/resource-operations' => ['tests'],
'sebastian/type' => ['tests'],
'sebastian/version' => [],
'seld/jsonlint' => ['tests'], 'seld/jsonlint' => ['tests'],
'seld/phar-utils' => [],
'squizlabs/php_codesniffer' => ['tests'], 'squizlabs/php_codesniffer' => ['tests'],
'stack/builder' => ['tests'], 'stack/builder' => ['tests'],
'symfony/browser-kit' => ['Tests'], 'symfony/browser-kit' => ['Tests'],
@ -70,22 +101,38 @@ class Config {
'symfony/debug' => ['Tests'], 'symfony/debug' => ['Tests'],
'symfony/dependency-injection' => ['Tests'], 'symfony/dependency-injection' => ['Tests'],
'symfony/dom-crawler' => ['Tests'], 'symfony/dom-crawler' => ['Tests'],
'symfony/error-handler' => ['Tests'],
'symfony/event-dispatcher' => ['Tests'],
'symfony/event-dispatcher-contracts' => [],
'symfony/filesystem' => ['Tests'], 'symfony/filesystem' => ['Tests'],
'symfony/finder' => ['Tests'], 'symfony/finder' => ['Tests'],
'symfony/event-dispatcher' => ['Tests'],
'symfony/http-foundation' => ['Tests'], 'symfony/http-foundation' => ['Tests'],
'symfony/http-kernel' => ['Tests'], 'symfony/http-kernel' => ['Tests'],
'symfony/lock' => ['Tests'],
'symfony/mime' => ['Tests'],
'symfony/phpunit-bridge' => ['Tests'], 'symfony/phpunit-bridge' => ['Tests'],
'symfony/polyfill-ctype' => [],
'symfony/polyfill-iconv' => [],
'symfony/polyfill-intl-idn' => [],
'symfony/polyfill-mbstring' => [],
'symfony/polyfill-php72' => [],
'symfony/polyfill-php73' => [],
'symfony/polyfill-php80' => [],
'symfony/process' => ['Tests'], 'symfony/process' => ['Tests'],
'symfony/psr-http-message-bridge' => ['Tests'], 'symfony/psr-http-message-bridge' => ['Tests'],
'symfony/routing' => ['Tests'], 'symfony/routing' => ['Tests'],
'symfony/serializer' => ['Tests'], 'symfony/serializer' => ['Tests'],
'symfony/service-contracts' => ['Test', 'Tests'],
'symfony/translation' => ['Tests'], 'symfony/translation' => ['Tests'],
'symfony/validator' => ['Tests', 'Resources'], 'symfony/translation-contracts' => ['Test', 'Tests'],
'symfony/validator' => ['Test', 'Tests', 'Resources'],
'symfony/var-dumper' => ['Tests'],
'symfony/yaml' => ['Tests'], 'symfony/yaml' => ['Tests'],
'symfony-cmf/routing' => ['Test', 'Tests'], 'symfony-cmf/routing' => ['tests'],
'theseer/tokenizer' => ['tests'], 'theseer/tokenizer' => ['tests'],
'twig/twig' => ['doc', 'ext', 'test', 'tests'], 'twig/twig' => ['doc', 'lib/Twig/Test', 'src/Test', 'tests'],
'typo3/phar-stream-wrapper' => ['tests'],
'webmozart/assert' => ['tests'],
]; ];
/** /**

76
core/lib/Drupal/Core/Composer/Composer.php
View File

@ -16,38 +16,65 @@ use Drupal\Component\FileSecurity\FileSecurity;
class Composer { class Composer {
protected static $packageToCleanup = [ protected static $packageToCleanup = [
'asm89/stack-cors' => ['test'],
'behat/mink' => ['tests', 'driver-testsuite'], 'behat/mink' => ['tests', 'driver-testsuite'],
'behat/mink-browserkit-driver' => ['tests'], 'behat/mink-browserkit-driver' => ['tests'],
'behat/mink-goutte-driver' => ['tests'], 'behat/mink-goutte-driver' => ['tests'],
'behat/mink-selenium2-driver' => ['tests'], 'behat/mink-selenium2-driver' => ['tests'],
'composer/composer' => ['bin'], 'composer/ca-bundle' => ['tests'],
'drupal/coder' => ['coder_sniffer/Drupal/Test', 'coder_sniffer/DrupalPractice/Test'], 'composer/composer' => ['bin', 'tests'],
'composer/installers' => ['tests'],
'composer/semver' => ['tests'],
'composer/spdx-licenses' => ['tests'],
'composer/xdebug-handler' => ['tests'],
'doctrine/annotations' => ['tests'],
'doctrine/instantiator' => ['tests'], 'doctrine/instantiator' => ['tests'],
'easyrdf/easyrdf' => ['scripts'], 'doctrine/lexer' => ['tests'],
'egulias/email-validator' => ['documentation', 'tests'], 'doctrine/reflection' => ['tests'],
'drupal/coder' => [
'coder_sniffer/Drupal/Test',
'coder_sniffer/DrupalPractice/Test',
],
'drupal/core' => [],
'drupal/core-project-message' => [],
'drupal/core-vendor-hardening' => [],
'easyrdf/easyrdf' => ['test', 'scripts'],
'egulias/email-validator' => ['documentation', 'Tests'],
'fabpot/goutte' => ['Goutte/Tests'], 'fabpot/goutte' => ['Goutte/Tests'],
'guzzlehttp/guzzle' => ['tests'],
'guzzlehttp/promises' => ['tests'], 'guzzlehttp/promises' => ['tests'],
'guzzlehttp/psr7' => ['tests'], 'guzzlehttp/psr7' => ['tests'],
'instaclick/php-webdriver' => ['doc', 'test'], 'instaclick/php-webdriver' => ['doc', 'test'],
'justinrainbow/json-schema' => ['demo'], 'justinrainbow/json-schema' => ['demo', 'tests'],
'laminas/laminas-escaper' => ['doc'], 'laminas/laminas-diactoros' => ['test'],
'laminas/laminas-feed' => ['doc'], 'laminas/laminas-escaper' => ['test'],
'laminas/laminas-stdlib' => ['doc'], 'laminas/laminas-feed' => ['test'],
'laminas/laminas-stdlib' => ['test'],
'laminas/laminas-zendframework-bridge' => ['test'],
'masterminds/html5' => ['bin', 'test'], 'masterminds/html5' => ['bin', 'test'],
'mikey179/vfsStream' => ['src/test'], 'mikey179/vfsstream' => ['examples', 'src/test'],
'myclabs/deep-copy' => ['doc'], 'myclabs/deep-copy' => ['doc', 'tests'],
'pear/archive_tar' => ['docs', 'tests'], 'pear/archive_tar' => ['docs', 'tests'],
'pear/console_getopt' => ['tests'], 'pear/console_getopt' => ['tests'],
'pear/pear-core-minimal' => ['tests'], 'pear/pear-core-minimal' => ['tests'],
'pear/pear_exception' => ['tests'], 'pear/pear_exception' => ['tests'],
'phar-io/manifest' => ['examples', 'tests'], 'phar-io/manifest' => ['examples', 'tests'],
'phar-io/version' => ['tests'], 'phar-io/version' => ['tests'],
'phpdocumentor/reflection-common' => ['tests'],
'phpdocumentor/reflection-docblock' => ['tests'], 'phpdocumentor/reflection-docblock' => ['tests'],
'phpdocumentor/type-resolver' => ['tests'],
'phpspec/prophecy' => ['fixtures', 'spec', 'tests'], 'phpspec/prophecy' => ['fixtures', 'spec', 'tests'],
'phpunit/php-code-coverage' => ['tests'], 'phpunit/php-code-coverage' => ['tests'],
'phpunit/php-file-iterator' => ['tests'],
'phpunit/php-text-template' => [],
'phpunit/php-timer' => ['tests'], 'phpunit/php-timer' => ['tests'],
'phpunit/php-token-stream' => ['tests'], 'phpunit/php-token-stream' => ['tests'],
'phpunit/phpunit' => ['tests'], 'phpunit/phpunit' => ['tests'],
'psr/container' => [],
'psr/http-factory' => [],
'psr/http-message' => [],
'psr/log' => [],
'ralouphie/getallheaders' => ['tests'],
'sebastian/code-unit-reverse-lookup' => ['tests'], 'sebastian/code-unit-reverse-lookup' => ['tests'],
'sebastian/comparator' => ['tests'], 'sebastian/comparator' => ['tests'],
'sebastian/diff' => ['tests'], 'sebastian/diff' => ['tests'],
@ -57,7 +84,11 @@ class Composer {
'sebastian/object-enumerator' => ['tests'], 'sebastian/object-enumerator' => ['tests'],
'sebastian/object-reflector' => ['tests'], 'sebastian/object-reflector' => ['tests'],
'sebastian/recursion-context' => ['tests'], 'sebastian/recursion-context' => ['tests'],
'sebastian/resource-operations' => ['tests'],
'sebastian/type' => ['tests'],
'sebastian/version' => [],
'seld/jsonlint' => ['tests'], 'seld/jsonlint' => ['tests'],
'seld/phar-utils' => [],
'squizlabs/php_codesniffer' => ['tests'], 'squizlabs/php_codesniffer' => ['tests'],
'stack/builder' => ['tests'], 'stack/builder' => ['tests'],
'symfony/browser-kit' => ['Tests'], 'symfony/browser-kit' => ['Tests'],
@ -66,23 +97,38 @@ class Composer {
'symfony/debug' => ['Tests'], 'symfony/debug' => ['Tests'],
'symfony/dependency-injection' => ['Tests'], 'symfony/dependency-injection' => ['Tests'],
'symfony/dom-crawler' => ['Tests'], 'symfony/dom-crawler' => ['Tests'],
'symfony/filesystem' => ['Tests'],
'symfony/finder' => ['Tests'],
'symfony/error-handler' => ['Tests'], 'symfony/error-handler' => ['Tests'],
'symfony/event-dispatcher' => ['Tests'], 'symfony/event-dispatcher' => ['Tests'],
'symfony/event-dispatcher-contracts' => [],
'symfony/filesystem' => ['Tests'],
'symfony/finder' => ['Tests'],
'symfony/http-foundation' => ['Tests'], 'symfony/http-foundation' => ['Tests'],
'symfony/http-kernel' => ['Tests'], 'symfony/http-kernel' => ['Tests'],
'symfony/lock' => ['Tests'],
'symfony/mime' => ['Tests'],
'symfony/phpunit-bridge' => ['Tests'], 'symfony/phpunit-bridge' => ['Tests'],
'symfony/polyfill-ctype' => [],
'symfony/polyfill-iconv' => [],
'symfony/polyfill-intl-idn' => [],
'symfony/polyfill-mbstring' => [],
'symfony/polyfill-php72' => [],
'symfony/polyfill-php73' => [],
'symfony/polyfill-php80' => [],
'symfony/process' => ['Tests'], 'symfony/process' => ['Tests'],
'symfony/psr-http-message-bridge' => ['Tests'], 'symfony/psr-http-message-bridge' => ['Tests'],
'symfony/routing' => ['Tests'], 'symfony/routing' => ['Tests'],
'symfony/serializer' => ['Tests'], 'symfony/serializer' => ['Tests'],
'symfony/service-contracts' => ['Test', 'Tests'],
'symfony/translation' => ['Tests'], 'symfony/translation' => ['Tests'],
'symfony/validator' => ['Tests', 'Resources'], 'symfony/translation-contracts' => ['Test', 'Tests'],
'symfony/validator' => ['Test', 'Tests', 'Resources'],
'symfony/var-dumper' => ['Tests'],
'symfony/yaml' => ['Tests'], 'symfony/yaml' => ['Tests'],
'symfony-cmf/routing' => ['Test', 'Tests'], 'symfony-cmf/routing' => ['tests'],
'theseer/tokenizer' => ['tests'], 'theseer/tokenizer' => ['tests'],
'twig/twig' => ['doc', 'ext', 'test', 'tests'], 'twig/twig' => ['doc', 'lib/Twig/Test', 'src/Test', 'tests'],
'typo3/phar-stream-wrapper' => ['tests'],
'webmozart/assert' => ['tests'],
]; ];
/** /**

5
core/tests/Drupal/Tests/ComposerIntegrationTest.php
View File

@ -260,9 +260,8 @@ class ComposerIntegrationTest extends UnitTestCase {
$reflection = new \ReflectionProperty($class, $property); $reflection = new \ReflectionProperty($class, $property);
$reflection->setAccessible(TRUE); $reflection->setAccessible(TRUE);
$config = $reflection->getValue(); $config = $reflection->getValue();
foreach (array_keys($config) as $package) { $config_packages = array_map('strtolower', array_keys($config));
$this->assertContains(strtolower($package), $packages); $this->assertEqualsCanonicalizing($packages, $config_packages);
}
} }
/** /**