nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-27 01:13:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #288574 from drupol/php/composer/bump/2-7-1

Browse Source 
phpPackages.composer: 2.6.6 -> 2.7.1
This commit is contained in:
Thomas Gerbet 2024-03-05 20:40:26 +01:00 committed by GitHub
commit 6dc8cbe3cc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 46 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
pkgs/build-support/php/hooks/composer-install-hook.sh
View File

@ -83,28 +83,7 @@ composerInstallBuildHook() {
# Since this file cannot be generated in the composer-repository-hook.sh # Since this file cannot be generated in the composer-repository-hook.sh
# because the file contains hardcoded nix store paths, we generate it here. # because the file contains hardcoded nix store paths, we generate it here.
composer-local-repo-plugin --no-ansi build-local-repo -m "${composerRepository}" . composer-local-repo-plugin --no-ansi build-local-repo-lock -m "${composerRepository}" .
# Remove all the repositories of type "composer" and "vcs"
# from the composer.json file.
jq -r -c 'del(try .repositories[] | select(.type == "composer" or .type == "vcs"))' composer.json | sponge composer.json
# Configure composer to disable packagist and avoid using the network.
composer config repo.packagist false
# Configure composer to use the local repository.
composer config repo.composer composer file://"$PWD"/packages.json
# Since the composer.json file has been modified in the previous step, the
# composer.lock file needs to be updated.
composer \
--lock \
--no-ansi \
--no-install \
--no-interaction \
${composerNoDev:+--no-dev} \
${composerNoPlugins:+--no-plugins} \
${composerNoScripts:+--no-scripts} \
update
echo "Finished composerInstallBuildHook" echo "Finished composerInstallBuildHook"
} }
@ -112,26 +91,7 @@ composerInstallBuildHook() {
composerInstallCheckHook() { composerInstallCheckHook() {
echo "Executing composerInstallCheckHook" echo "Executing composerInstallCheckHook"
if ! composer validate --strict --no-ansi --no-interaction --quiet; then checkComposerValidate
if [ ! -z "${composerStrictValidation-}" ]; then
echo
echo -e "\e[31mERROR: composer files validation failed\e[0m"
echo
echo -e '\e[31mThe validation of the composer.json and composer.lock failed.\e[0m'
echo -e '\e[31mMake sure that the file composer.lock is consistent with composer.json.\e[0m'
echo
exit 1
else
echo
echo -e "\e[33mWARNING: composer files validation failed\e[0m"
echo
echo -e '\e[33mThe validation of the composer.json and composer.lock failed.\e[0m'
echo -e '\e[33mMake sure that the file composer.lock is consistent with composer.json.\e[0m'
echo
echo -e '\e[33mThis check is not blocking, but it is recommended to fix the issue.\e[0m'
echo
fi
fi
echo "Finished composerInstallCheckHook" echo "Finished composerInstallCheckHook"
} }
@ -151,9 +111,6 @@ composerInstallInstallHook() {
${composerNoScripts:+--no-scripts} \ ${composerNoScripts:+--no-scripts} \
install install
# Remove packages.json, we don't need it in the store.
rm packages.json
# Copy the relevant files only in the store. # Copy the relevant files only in the store.
mkdir -p "$out"/share/php/"${pname}" mkdir -p "$out"/share/php/"${pname}"
cp -r . "$out"/share/php/"${pname}"/ cp -r . "$out"/share/php/"${pname}"/

23
pkgs/build-support/php/hooks/composer-repository-hook.sh
View File

@ -63,7 +63,7 @@ composerRepositoryBuildHook() {
# Build the local composer repository # Build the local composer repository
# The command 'build-local-repo' is provided by the Composer plugin # The command 'build-local-repo' is provided by the Composer plugin
# nix-community/composer-local-repo-plugin. # nix-community/composer-local-repo-plugin.
composer-local-repo-plugin --no-ansi build-local-repo ${composerNoDev:+--no-dev} -r repository composer-local-repo-plugin --no-ansi build-local-repo-lock ${composerNoDev:+--no-dev} -r repository
echo "Finished composerRepositoryBuildHook" echo "Finished composerRepositoryBuildHook"
} }
@ -71,26 +71,7 @@ composerRepositoryBuildHook() {
composerRepositoryCheckHook() { composerRepositoryCheckHook() {
echo "Executing composerRepositoryCheckHook" echo "Executing composerRepositoryCheckHook"
if ! composer validate --strict --no-ansi --no-interaction --quiet; then checkComposerValidate
if [ ! -z "${composerStrictValidation-}" ]; then
echo
echo -e "\e[31mERROR: composer files validation failed\e[0m"
echo
echo -e '\e[31mThe validation of the composer.json and composer.lock failed.\e[0m'
echo -e '\e[31mMake sure that the file composer.lock is consistent with composer.json.\e[0m'
echo
exit 1
else
echo
echo -e "\e[33mWARNING: composer files validation failed\e[0m"
echo
echo -e '\e[33mThe validation of the composer.json and composer.lock failed.\e[0m'
echo -e '\e[33mMake sure that the file composer.lock is consistent with composer.json.\e[0m'
echo
echo -e '\e[33mThis check is not blocking, but it is recommended to fix the issue.\e[0m'
echo
fi
fi
echo "Finished composerRepositoryCheckHook" echo "Finished composerRepositoryCheckHook"
} }

24
pkgs/build-support/php/hooks/php-script-utils.bash
View File

@ -1,4 +1,5 @@
declare version declare version
declare composerStrictValidation
setComposeRootVersion() { setComposeRootVersion() {
set +e # Disable exit on error set +e # Disable exit on error
@ -10,3 +11,26 @@ setComposeRootVersion() {
set -e set -e
} }
checkComposerValidate() {
if ! composer validate --strict --no-ansi --no-interaction; then
if [ "1" == "${composerStrictValidation-}" ]; then
echo
echo -e "\e[31mERROR: composer files validation failed\e[0m"
echo
echo -e '\e[31mThe validation of the composer.json and composer.lock failed.\e[0m'
echo -e '\e[31mMake sure that the file composer.lock is consistent with composer.json.\e[0m'
echo
exit 1
else
echo
echo -e "\e[33mWARNING: composer files validation failed\e[0m"
echo
echo -e '\e[33mThe validation of the composer.json and composer.lock failed.\e[0m'
echo -e '\e[33mMake sure that the file composer.lock is consistent with composer.json.\e[0m'
echo
echo -e '\e[33mThis check is not blocking, but it is recommended to fix the issue.\e[0m'
echo
fi
fi
}

4
pkgs/build-support/php/pkgs/composer-local-repo-plugin.nix
View File

@ -29,13 +29,13 @@ let
in in
stdenvNoCC.mkDerivation (finalAttrs: { stdenvNoCC.mkDerivation (finalAttrs: {
pname = "composer-local-repo-plugin"; pname = "composer-local-repo-plugin";
version = "1.0.3"; version = "1.1.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "nix-community"; owner = "nix-community";
repo = "composer-local-repo-plugin"; repo = "composer-local-repo-plugin";
rev = finalAttrs.version; rev = finalAttrs.version;
hash = "sha256-fLJlxcAQ7X28GDK8PVYKxJgTzbspfWxvgRmRK4NZRIA="; hash = "sha256-edbn07r/Uc1g0qOuVBZBs6N1bMN5kIfA1b4FCufdw5M=";
}; };
COMPOSER_CACHE_DIR = "/dev/null"; COMPOSER_CACHE_DIR = "/dev/null";

33
pkgs/development/php-packages/composer/default.nix
View File

@ -1,11 +1,22 @@
{ lib, callPackage, fetchFromGitHub, fetchpatch, php, unzip, _7zz, xz, git, curl, cacert, makeBinaryWrapper }: { lib
, callPackage
, fetchFromGitHub
, php
, unzip
, _7zz
, xz
, git
, curl
, cacert
, makeBinaryWrapper
}:
php.buildComposerProject (finalAttrs: { php.buildComposerProject (finalAttrs: {
# Hash used by ../../../build-support/php/pkgs/composer-phar.nix to # Hash used by ../../../build-support/php/pkgs/composer-phar.nix to
# use together with the version from this package to keep the # use together with the version from this package to keep the
# bootstrap phar file up-to-date together with the end user composer # bootstrap phar file up-to-date together with the end user composer
# package. # package.
passthru.pharHash = "sha256-cmACAcc8fEshjxwFEbNthTeWPjaq+iRHV/UjCfiFsxQ="; passthru.pharHash = "sha256-H/0L4/J+I3sa5H+ejyn5asf1CgvZ7vT4jNvpTdBL//A=";
composer = callPackage ../../../build-support/php/pkgs/composer-phar.nix { composer = callPackage ../../../build-support/php/pkgs/composer-phar.nix {
inherit (finalAttrs) version; inherit (finalAttrs) version;
@ -13,27 +24,15 @@ php.buildComposerProject (finalAttrs: {
}; };
pname = "composer"; pname = "composer";
version = "2.6.6"; version = "2.7.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "composer"; owner = "composer";
repo = "composer"; repo = "composer";
rev = finalAttrs.version; rev = finalAttrs.version;
hash = "sha256-KsTZi7dSlQcAxoen9rpofbptVdLYhK+bZeDSXQY7o5M="; hash = "sha256-OThWqY3m/pIas4qvR/kiYgc/2QrAbnsYEOxpHxKhDfM=";
}; };
patches = [
(fetchpatch {
name = "CVE-2024-24821.patch";
url = "https://github.com/composer/composer/commit/77e3982918bc1d886843dc3d5e575e7e871b27b7.patch";
hash = "sha256-Q7gkPLf59+p++DpfJZeOrAOiWePuGkdGYRaS/rK+Nv4=";
excludes = [
# Skipping test files, they are not included in the source tarball
"tests/*"
];
})
];
nativeBuildInputs = [ makeBinaryWrapper ]; nativeBuildInputs = [ makeBinaryWrapper ];
postInstall = '' postInstall = ''
@ -41,7 +40,7 @@ php.buildComposerProject (finalAttrs: {
--prefix PATH : ${lib.makeBinPath [ _7zz cacert curl git unzip xz ]} --prefix PATH : ${lib.makeBinPath [ _7zz cacert curl git unzip xz ]}
''; '';
vendorHash = "sha256-50M1yeAKl9KRsjs34cdb5ZTBFgbukgg0cMtHTYGJ/EM="; vendorHash = "sha256-NJa6nu60HQeBJr7dd79ATptjcekgY35Jq9V40SrN9Ds";
meta = { meta = {
changelog = "https://github.com/composer/composer/releases/tag/${finalAttrs.version}"; changelog = "https://github.com/composer/composer/releases/tag/${finalAttrs.version}";