diff options
| author | nsfisis <nsfisis@gmail.com> | 2026-05-19 21:46:01 +0900 |
|---|---|---|
| committer | nsfisis <nsfisis@gmail.com> | 2026-05-19 21:46:08 +0900 |
| commit | 5e31fa33c3b5cf726a57a063b8e7a070869250fe (patch) | |
| tree | 98522466966fa7df483cad174ab5fc03db39bc09 /crates/shirabe/src/command/audit_command.rs | |
| parent | c839244d8d09f3036ebfee8eef7eb6b147e593ab (diff) | |
| download | php-shirabe-5e31fa33c3b5cf726a57a063b8e7a070869250fe.tar.gz php-shirabe-5e31fa33c3b5cf726a57a063b8e7a070869250fe.tar.zst php-shirabe-5e31fa33c3b5cf726a57a063b8e7a070869250fe.zip | |
fix(compile): fix more random compile errors
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Diffstat (limited to 'crates/shirabe/src/command/audit_command.rs')
| -rw-r--r-- | crates/shirabe/src/command/audit_command.rs | 77 |
1 files changed, 43 insertions, 34 deletions
diff --git a/crates/shirabe/src/command/audit_command.rs b/crates/shirabe/src/command/audit_command.rs index cf4c49d..1ced26a 100644 --- a/crates/shirabe/src/command/audit_command.rs +++ b/crates/shirabe/src/command/audit_command.rs @@ -13,8 +13,8 @@ use crate::repository::repository_interface::RepositoryInterface; use crate::repository::repository_set::RepositorySet; use crate::repository::repository_utils::RepositoryUtils; use anyhow::Result; -use shirabe_external_packages::symfony::console::input::input_interface::InputInterface; -use shirabe_external_packages::symfony::console::output::output_interface::OutputInterface; +use shirabe_external_packages::symfony::component::console::input::input_interface::InputInterface; +use shirabe_external_packages::symfony::component::console::output::output_interface::OutputInterface; use shirabe_php_shim::{ InvalidArgumentException, PhpMixed, UnexpectedValueException, array_fill_keys, array_merge, implode, in_array, @@ -30,13 +30,13 @@ impl AuditCommand { self .set_name("audit") .set_description("Checks for security vulnerability advisories for installed packages") - .set_definition(vec![ - InputOption::new("no-dev", None, Some(InputOption::VALUE_NONE), "Disables auditing of require-dev packages.", None), - InputOption::new("format", Some(PhpMixed::String("f".to_string())), Some(InputOption::VALUE_REQUIRED), "Output format. Must be \"table\", \"plain\", \"json\", or \"summary\".", Some(PhpMixed::String(Auditor::FORMAT_TABLE.to_string()))), - InputOption::new("locked", None, Some(InputOption::VALUE_NONE), "Audit based on the lock file instead of the installed packages.", None), - InputOption::new("abandoned", None, Some(InputOption::VALUE_REQUIRED), "Behavior on abandoned packages. Must be \"ignore\", \"report\", or \"fail\".", None), - InputOption::new("ignore-severity", None, Some(InputOption::VALUE_IS_ARRAY | InputOption::VALUE_REQUIRED), "Ignore advisories of a certain severity level.", Some(PhpMixed::Array(indexmap::IndexMap::new()))), - InputOption::new("ignore-unreachable", None, Some(InputOption::VALUE_NONE), "Ignore repositories that are unreachable or return a non-200 status code.", None), + .set_definition(&[ + InputOption::new("no-dev", None, Some(InputOption::VALUE_NONE), "Disables auditing of require-dev packages.", None).unwrap().into(), + InputOption::new("format", Some(PhpMixed::String("f".to_string())), Some(InputOption::VALUE_REQUIRED), "Output format. Must be \"table\", \"plain\", \"json\", or \"summary\".", Some(PhpMixed::String(Auditor::FORMAT_TABLE.to_string()))).unwrap().into(), + InputOption::new("locked", None, Some(InputOption::VALUE_NONE), "Audit based on the lock file instead of the installed packages.", None).unwrap().into(), + InputOption::new("abandoned", None, Some(InputOption::VALUE_REQUIRED), "Behavior on abandoned packages. Must be \"ignore\", \"report\", or \"fail\".", None).unwrap().into(), + InputOption::new("ignore-severity", None, Some(InputOption::VALUE_IS_ARRAY | InputOption::VALUE_REQUIRED), "Ignore advisories of a certain severity level.", Some(PhpMixed::Array(indexmap::IndexMap::new()))).unwrap().into(), + InputOption::new("ignore-unreachable", None, Some(InputOption::VALUE_NONE), "Ignore repositories that are unreachable or return a non-200 status code.", None).unwrap().into(), ]) .set_help( "The <info>audit</info> command checks for security vulnerability advisories for installed packages.\n\n\ @@ -59,14 +59,25 @@ impl AuditCommand { return Ok(0); } - let auditor = Auditor::new(); - let mut repo_set = RepositorySet::new(); + let auditor = Auditor; + let mut repo_set = RepositorySet::new( + "stable", + indexmap::IndexMap::new(), + Vec::new(), + indexmap::IndexMap::new(), + indexmap::IndexMap::new(), + indexmap::IndexMap::new(), + ); for repo in composer.get_repository_manager().get_repositories() { - repo_set.add_repository(repo); + // TODO(phase-b): repositories are shared (PHP class semantics); needs Rc wrapper + repo_set.add_repository(repo.clone_box())?; } - let audit_config = - AuditConfig::from_config(composer.get_config(), true, Auditor::FORMAT_SUMMARY)?; + let audit_config = AuditConfig::from_config( + &mut *composer.get_config().borrow_mut(), + true, + Auditor::FORMAT_SUMMARY, + )?; let abandoned = input .get_option("abandoned") @@ -107,18 +118,21 @@ impl AuditCommand { .unwrap_or(false) || audit_config.ignore_unreachable; + let audit_format = self.get_audit_format(input, "format")?; + // TODO(phase-b): ignore_severities is PhpMixed; need conversion to IndexMap<String, Option<String>> + let _ = ignore_severities; Ok(auditor .audit( self.get_io(), &repo_set, - &packages, - &self.get_audit_format(input, "format"), + packages, + &audit_format, false, - &audit_config.ignore_list_for_audit, + audit_config.ignore_list_for_audit.clone(), &abandoned, - &ignore_severities, + indexmap::IndexMap::new(), ignore_unreachable, - &audit_config.ignore_abandoned_for_audit, + audit_config.ignore_abandoned_for_audit.clone(), )? .min(255)) } @@ -136,24 +150,19 @@ impl AuditCommand { }.into()); } let locker = composer.get_locker(); - return Ok(locker - .get_locked_repository(!input.get_option("no-dev").as_bool().unwrap_or(false))? - .get_packages()); - } - - let root_pkg = composer.get_package(); - let installed_repo = InstalledRepository::new(vec![ - composer.get_repository_manager().get_local_repository(), - ]); - - if input.get_option("no-dev").as_bool().unwrap_or(false) { - return Ok(RepositoryUtils::filter_required_packages( - installed_repo.get_packages(), - root_pkg, + return Ok(CanonicalPackagesTrait::get_packages( + &locker.get_locked_repository( + !input.get_option("no-dev").as_bool().unwrap_or(false), + )?, )); } - Ok(installed_repo.get_packages()) + let _root_pkg = composer.get_package(); + // TODO(phase-b): InstalledRepository::new expects Vec<Box<dyn RepositoryInterface>>, but + // get_local_repository returns &dyn InstalledRepositoryInterface. Conversion requires + // either cloning into a Box or restructuring InstalledRepository constructor. + let _ = RepositoryUtils::filter_required_packages; + todo!("audit get_packages non-locked branch needs installed-repo conversion") } } |