Skip to content

Commit

Permalink
Add check command and fix dumpAutoloads for L5.1 (#32)
Browse files Browse the repository at this point in the history
  • Loading branch information
Jeroen-G committed Mar 11, 2017
1 parent a813e6d commit 9f5c2c9
Show file tree
Hide file tree
Showing 4 changed files with 60 additions and 5 deletions.
1 change: 1 addition & 0 deletions changelog.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ All Notable changes to Packager will be documented in this file.
### Added
- The `new` command now also accepts an option `--i` To interactively make a package and change all Skeleton placholders.
- Composer autoloads are dumped after installing or creating a package.
- The `packager:check` function to check the composer lockfile for security vulnerabilities.

### Fixed
- Replacing of the Skeleton placeholders.
Expand Down
3 changes: 2 additions & 1 deletion composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,8 @@
"illuminate/support": "~5",
"illuminate/console": "~5",
"illuminate/filesystem": "~5",
"guzzlehttp/guzzle": "~6"
"guzzlehttp/guzzle": "~6",
"sensiolabs/security-checker": "^4.0"
},
"autoload": {
"psr-4": {
Expand Down
52 changes: 52 additions & 0 deletions src/PackagerCheckCommand.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
<?php

namespace JeroenG\Packager;

use SensioLabs\Security\SecurityChecker;
use SensioLabs\Security\Formatters\SimpleFormatter;

use Illuminate\Console\Command;

/**
* List all locally installed packages.
*
* @package Packager
* @author JeroenG
*
**/
class PackagerCheckCommand extends Command
{
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'packager:check {vendor} {name}';

/**
* The console command description.
*
* @var string
*/
protected $description = 'Check the composer.lock for security vulnerabilities.';

/**
* Execute the console command.
*
* @return mixed
*/
public function handle()
{
$this->info('Using the SensioLabs Security Checker the composer.lock of the package is scanned for known security vulnerabilities in the dependencies.');
$this->info('Make sure you have a composer.lock file first (for example by running "composer install" in the folder');

$checker = new SecurityChecker();
$formatter = new SimpleFormatter($this->getHelperSet()->get('formatter'));
$vendor = $this->argument('vendor');
$name = $this->argument('name');
$lockfile = getcwd().'/packages/'.$vendor.'/'.$name.'/composer.lock';
$vulnerabilities = $checker->check($lockfile);

return $formatter->displayResults($this->output, $lockfile, $vulnerabilities);
}
}
9 changes: 5 additions & 4 deletions src/PackagerHelper.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
use ZipArchive;
use RuntimeException;
use GuzzleHttp\Client;
use Illuminate\Support\Composer;
//use Illuminate\Support\Composer;
use Illuminate\Filesystem\Filesystem;

/**
Expand All @@ -30,7 +30,7 @@ class PackagerHelper
public function __construct(Filesystem $files)
{
$this->files = $files;
$this->composer = new Composer($files);
//$this->composer = new Composer($files);
}

/**
Expand Down Expand Up @@ -195,6 +195,7 @@ public function cleanUp($zipFile)
*/
public function dumpAutoloads()
{
return $this->composer->dumpAutoloads();
//return $this->composer->dumpAutoloads();
shell_exec('composer dump-autoload');
}
}
}

0 comments on commit 9f5c2c9

Please sign in to comment.