Merge pull request #288574 from drupol/php/composer/bump/2-7-1
phpPackages.composer: 2.6.6 -> 2.7.1
This commit is contained in:
commit
6dc8cbe3cc
@ -83,28 +83,7 @@ composerInstallBuildHook() {
|
||||
|
||||
# Since this file cannot be generated in the composer-repository-hook.sh
|
||||
# because the file contains hardcoded nix store paths, we generate it here.
|
||||
composer-local-repo-plugin --no-ansi build-local-repo -m "${composerRepository}" .
|
||||
|
||||
# Remove all the repositories of type "composer" and "vcs"
|
||||
# from the composer.json file.
|
||||
jq -r -c 'del(try .repositories[] | select(.type == "composer" or .type == "vcs"))' composer.json | sponge composer.json
|
||||
|
||||
# Configure composer to disable packagist and avoid using the network.
|
||||
composer config repo.packagist false
|
||||
# Configure composer to use the local repository.
|
||||
composer config repo.composer composer file://"$PWD"/packages.json
|
||||
|
||||
# Since the composer.json file has been modified in the previous step, the
|
||||
# composer.lock file needs to be updated.
|
||||
composer \
|
||||
--lock \
|
||||
--no-ansi \
|
||||
--no-install \
|
||||
--no-interaction \
|
||||
${composerNoDev:+--no-dev} \
|
||||
${composerNoPlugins:+--no-plugins} \
|
||||
${composerNoScripts:+--no-scripts} \
|
||||
update
|
||||
composer-local-repo-plugin --no-ansi build-local-repo-lock -m "${composerRepository}" .
|
||||
|
||||
echo "Finished composerInstallBuildHook"
|
||||
}
|
||||
@ -112,26 +91,7 @@ composerInstallBuildHook() {
|
||||
composerInstallCheckHook() {
|
||||
echo "Executing composerInstallCheckHook"
|
||||
|
||||
if ! composer validate --strict --no-ansi --no-interaction --quiet; then
|
||||
if [ ! -z "${composerStrictValidation-}" ]; then
|
||||
echo
|
||||
echo -e "\e[31mERROR: composer files validation failed\e[0m"
|
||||
echo
|
||||
echo -e '\e[31mThe validation of the composer.json and composer.lock failed.\e[0m'
|
||||
echo -e '\e[31mMake sure that the file composer.lock is consistent with composer.json.\e[0m'
|
||||
echo
|
||||
exit 1
|
||||
else
|
||||
echo
|
||||
echo -e "\e[33mWARNING: composer files validation failed\e[0m"
|
||||
echo
|
||||
echo -e '\e[33mThe validation of the composer.json and composer.lock failed.\e[0m'
|
||||
echo -e '\e[33mMake sure that the file composer.lock is consistent with composer.json.\e[0m'
|
||||
echo
|
||||
echo -e '\e[33mThis check is not blocking, but it is recommended to fix the issue.\e[0m'
|
||||
echo
|
||||
fi
|
||||
fi
|
||||
checkComposerValidate
|
||||
|
||||
echo "Finished composerInstallCheckHook"
|
||||
}
|
||||
@ -151,9 +111,6 @@ composerInstallInstallHook() {
|
||||
${composerNoScripts:+--no-scripts} \
|
||||
install
|
||||
|
||||
# Remove packages.json, we don't need it in the store.
|
||||
rm packages.json
|
||||
|
||||
# Copy the relevant files only in the store.
|
||||
mkdir -p "$out"/share/php/"${pname}"
|
||||
cp -r . "$out"/share/php/"${pname}"/
|
||||
|
@ -63,7 +63,7 @@ composerRepositoryBuildHook() {
|
||||
# Build the local composer repository
|
||||
# The command 'build-local-repo' is provided by the Composer plugin
|
||||
# nix-community/composer-local-repo-plugin.
|
||||
composer-local-repo-plugin --no-ansi build-local-repo ${composerNoDev:+--no-dev} -r repository
|
||||
composer-local-repo-plugin --no-ansi build-local-repo-lock ${composerNoDev:+--no-dev} -r repository
|
||||
|
||||
echo "Finished composerRepositoryBuildHook"
|
||||
}
|
||||
@ -71,26 +71,7 @@ composerRepositoryBuildHook() {
|
||||
composerRepositoryCheckHook() {
|
||||
echo "Executing composerRepositoryCheckHook"
|
||||
|
||||
if ! composer validate --strict --no-ansi --no-interaction --quiet; then
|
||||
if [ ! -z "${composerStrictValidation-}" ]; then
|
||||
echo
|
||||
echo -e "\e[31mERROR: composer files validation failed\e[0m"
|
||||
echo
|
||||
echo -e '\e[31mThe validation of the composer.json and composer.lock failed.\e[0m'
|
||||
echo -e '\e[31mMake sure that the file composer.lock is consistent with composer.json.\e[0m'
|
||||
echo
|
||||
exit 1
|
||||
else
|
||||
echo
|
||||
echo -e "\e[33mWARNING: composer files validation failed\e[0m"
|
||||
echo
|
||||
echo -e '\e[33mThe validation of the composer.json and composer.lock failed.\e[0m'
|
||||
echo -e '\e[33mMake sure that the file composer.lock is consistent with composer.json.\e[0m'
|
||||
echo
|
||||
echo -e '\e[33mThis check is not blocking, but it is recommended to fix the issue.\e[0m'
|
||||
echo
|
||||
fi
|
||||
fi
|
||||
checkComposerValidate
|
||||
|
||||
echo "Finished composerRepositoryCheckHook"
|
||||
}
|
||||
|
@ -1,4 +1,5 @@
|
||||
declare version
|
||||
declare composerStrictValidation
|
||||
|
||||
setComposeRootVersion() {
|
||||
set +e # Disable exit on error
|
||||
@ -10,3 +11,26 @@ setComposeRootVersion() {
|
||||
|
||||
set -e
|
||||
}
|
||||
|
||||
checkComposerValidate() {
|
||||
if ! composer validate --strict --no-ansi --no-interaction; then
|
||||
if [ "1" == "${composerStrictValidation-}" ]; then
|
||||
echo
|
||||
echo -e "\e[31mERROR: composer files validation failed\e[0m"
|
||||
echo
|
||||
echo -e '\e[31mThe validation of the composer.json and composer.lock failed.\e[0m'
|
||||
echo -e '\e[31mMake sure that the file composer.lock is consistent with composer.json.\e[0m'
|
||||
echo
|
||||
exit 1
|
||||
else
|
||||
echo
|
||||
echo -e "\e[33mWARNING: composer files validation failed\e[0m"
|
||||
echo
|
||||
echo -e '\e[33mThe validation of the composer.json and composer.lock failed.\e[0m'
|
||||
echo -e '\e[33mMake sure that the file composer.lock is consistent with composer.json.\e[0m'
|
||||
echo
|
||||
echo -e '\e[33mThis check is not blocking, but it is recommended to fix the issue.\e[0m'
|
||||
echo
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
@ -29,13 +29,13 @@ let
|
||||
in
|
||||
stdenvNoCC.mkDerivation (finalAttrs: {
|
||||
pname = "composer-local-repo-plugin";
|
||||
version = "1.0.3";
|
||||
version = "1.1.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "nix-community";
|
||||
repo = "composer-local-repo-plugin";
|
||||
rev = finalAttrs.version;
|
||||
hash = "sha256-fLJlxcAQ7X28GDK8PVYKxJgTzbspfWxvgRmRK4NZRIA=";
|
||||
hash = "sha256-edbn07r/Uc1g0qOuVBZBs6N1bMN5kIfA1b4FCufdw5M=";
|
||||
};
|
||||
|
||||
COMPOSER_CACHE_DIR = "/dev/null";
|
||||
|
@ -1,11 +1,22 @@
|
||||
{ lib, callPackage, fetchFromGitHub, fetchpatch, php, unzip, _7zz, xz, git, curl, cacert, makeBinaryWrapper }:
|
||||
{ lib
|
||||
, callPackage
|
||||
, fetchFromGitHub
|
||||
, php
|
||||
, unzip
|
||||
, _7zz
|
||||
, xz
|
||||
, git
|
||||
, curl
|
||||
, cacert
|
||||
, makeBinaryWrapper
|
||||
}:
|
||||
|
||||
php.buildComposerProject (finalAttrs: {
|
||||
# Hash used by ../../../build-support/php/pkgs/composer-phar.nix to
|
||||
# use together with the version from this package to keep the
|
||||
# bootstrap phar file up-to-date together with the end user composer
|
||||
# package.
|
||||
passthru.pharHash = "sha256-cmACAcc8fEshjxwFEbNthTeWPjaq+iRHV/UjCfiFsxQ=";
|
||||
passthru.pharHash = "sha256-H/0L4/J+I3sa5H+ejyn5asf1CgvZ7vT4jNvpTdBL//A=";
|
||||
|
||||
composer = callPackage ../../../build-support/php/pkgs/composer-phar.nix {
|
||||
inherit (finalAttrs) version;
|
||||
@ -13,27 +24,15 @@ php.buildComposerProject (finalAttrs: {
|
||||
};
|
||||
|
||||
pname = "composer";
|
||||
version = "2.6.6";
|
||||
version = "2.7.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "composer";
|
||||
repo = "composer";
|
||||
rev = finalAttrs.version;
|
||||
hash = "sha256-KsTZi7dSlQcAxoen9rpofbptVdLYhK+bZeDSXQY7o5M=";
|
||||
hash = "sha256-OThWqY3m/pIas4qvR/kiYgc/2QrAbnsYEOxpHxKhDfM=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "CVE-2024-24821.patch";
|
||||
url = "https://github.com/composer/composer/commit/77e3982918bc1d886843dc3d5e575e7e871b27b7.patch";
|
||||
hash = "sha256-Q7gkPLf59+p++DpfJZeOrAOiWePuGkdGYRaS/rK+Nv4=";
|
||||
excludes = [
|
||||
# Skipping test files, they are not included in the source tarball
|
||||
"tests/*"
|
||||
];
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ makeBinaryWrapper ];
|
||||
|
||||
postInstall = ''
|
||||
@ -41,7 +40,7 @@ php.buildComposerProject (finalAttrs: {
|
||||
--prefix PATH : ${lib.makeBinPath [ _7zz cacert curl git unzip xz ]}
|
||||
'';
|
||||
|
||||
vendorHash = "sha256-50M1yeAKl9KRsjs34cdb5ZTBFgbukgg0cMtHTYGJ/EM=";
|
||||
vendorHash = "sha256-NJa6nu60HQeBJr7dd79ATptjcekgY35Jq9V40SrN9Ds";
|
||||
|
||||
meta = {
|
||||
changelog = "https://github.com/composer/composer/releases/tag/${finalAttrs.version}";
|
||||
|
Loading…
Reference in New Issue
Block a user