diff options
| author | nsfisis <nsfisis@gmail.com> | 2026-06-02 23:58:38 +0900 |
|---|---|---|
| committer | nsfisis <nsfisis@gmail.com> | 2026-06-02 23:58:54 +0900 |
| commit | 51843230859ef39344c0b67daa9049ead87ec49c (patch) | |
| tree | f657969816da51b7f8656012e756498680ffcc23 /crates/shirabe/src/command | |
| parent | 20dbcf11b86cb03c451ba1d5cd9efe17b68fa66d (diff) | |
| download | php-shirabe-51843230859ef39344c0b67daa9049ead87ec49c.tar.gz php-shirabe-51843230859ef39344c0b67daa9049ead87ec49c.tar.zst php-shirabe-51843230859ef39344c0b67daa9049ead87ec49c.zip | |
feat(resolver): port SecurityAdvisoryPoolFilter::filter
Implement the security advisory pool filter end to end, plus the
remaining actionable wirings it unblocked.
- Unify the PartialSecurityAdvisory|SecurityAdvisory union as the
PartialOrFullSecurityAdvisory enum and make the advisory types Clone,
so advisories can be collected and stored; Pool.security_removed_versions
now carries the union. This also unblocks PoolOptimizer's clone of the
security-removed versions.
- Thread the filter result through run_security_advisory_filter/build_pool
as anyhow::Result.
- Introduce typed PlatformRepositoryHandle and pass platform repos as
handles through determine_requirements instead of &PlatformRepository.
- Wire RuleSetGenerator's is_unacceptable_fixed_or_locked_package check
and UpdateCommand's non-locked installed-packages branch.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Diffstat (limited to 'crates/shirabe/src/command')
| -rw-r--r-- | crates/shirabe/src/command/init_command.rs | 3 | ||||
| -rw-r--r-- | crates/shirabe/src/command/package_discovery_trait.rs | 8 | ||||
| -rw-r--r-- | crates/shirabe/src/command/require_command.rs | 45 | ||||
| -rw-r--r-- | crates/shirabe/src/command/update_command.rs | 7 |
4 files changed, 34 insertions, 29 deletions
diff --git a/crates/shirabe/src/command/init_command.rs b/crates/shirabe/src/command/init_command.rs index 38e620b..678e76d 100644 --- a/crates/shirabe/src/command/init_command.rs +++ b/crates/shirabe/src/command/init_command.rs @@ -29,6 +29,7 @@ use crate::json::JsonValidationException; use crate::package::base_package::{self, BasePackage}; use crate::repository::CompositeRepository; use crate::repository::PlatformRepository; +use crate::repository::PlatformRepositoryHandle; use crate::repository::RepositoryFactory; use crate::util::Filesystem; use crate::util::ProcessExecutor; @@ -733,7 +734,7 @@ impl InitCommand { "stable".to_string() }; // TODO(phase-b): repos instanceof CompositeRepository downcast - let _platform_repo: Option<&PlatformRepository> = None; + let _platform_repo: Option<&PlatformRepositoryHandle> = None; // (omitted: iterate repos to find PlatformRepository instance) diff --git a/crates/shirabe/src/command/package_discovery_trait.rs b/crates/shirabe/src/command/package_discovery_trait.rs index 7da2b9a..939982a 100644 --- a/crates/shirabe/src/command/package_discovery_trait.rs +++ b/crates/shirabe/src/command/package_discovery_trait.rs @@ -26,6 +26,7 @@ use crate::package::version::VersionParser; use crate::package::version::VersionSelector; use crate::repository::CompositeRepository; use crate::repository::PlatformRepository; +use crate::repository::PlatformRepositoryHandle; use crate::repository::RepositoryFactory; use crate::repository::RepositorySet; use crate::repository::{RepositoryInterface, SearchResult}; @@ -147,7 +148,7 @@ pub trait PackageDiscoveryTrait { input: &dyn InputInterface, _output: &dyn OutputInterface, mut requires: Vec<String>, - platform_repo: Option<&PlatformRepository>, + platform_repo: Option<&PlatformRepositoryHandle>, preferred_stability: &str, use_best_version_constraint: bool, fixed: bool, @@ -488,7 +489,7 @@ pub trait PackageDiscoveryTrait { io: std::rc::Rc<std::cell::RefCell<dyn IOInterface>>, input: &dyn InputInterface, name: &str, - platform_repo: Option<&PlatformRepository>, + platform_repo: Option<&PlatformRepositoryHandle>, preferred_stability: &str, fixed: bool, ) -> Result<(String, String)> { @@ -859,13 +860,14 @@ pub trait PackageDiscoveryTrait { fn get_platform_exception_details( &self, candidate: PackageInterfaceHandle, - platform_repo: Option<&PlatformRepository>, + platform_repo: Option<&PlatformRepositoryHandle>, ) -> String { let mut details: Vec<String> = vec![]; let platform_repo = match platform_repo { None => return String::new(), Some(p) => p, }; + let platform_repo = platform_repo.borrow(); for link in candidate.get_requires().values() { if !PlatformRepository::is_platform_package(link.get_target()) { diff --git a/crates/shirabe/src/command/require_command.rs b/crates/shirabe/src/command/require_command.rs index bb90361..fa9a3dc 100644 --- a/crates/shirabe/src/command/require_command.rs +++ b/crates/shirabe/src/command/require_command.rs @@ -37,6 +37,7 @@ use crate::plugin::CommandEvent; use crate::plugin::PluginEvents; use crate::repository::CompositeRepository; use crate::repository::PlatformRepository; +use crate::repository::PlatformRepositoryHandle; use crate::repository::RepositoryInterface; use crate::repository::RepositorySet; use crate::util::Filesystem; @@ -260,17 +261,12 @@ impl RequireCommand { .map(|m| m.iter().map(|(k, v)| (k.clone(), (**v).clone())).collect()) .unwrap_or_default(); // initialize self.repos as it is used by the PackageDiscoveryTrait - let platform_repo = PlatformRepository::new(vec![], platform_overrides_map)?; - let mut combined: Vec<crate::repository::RepositoryInterfaceHandle> = vec![ - // TODO(phase-c): share this platform_repo as a handle instead of constructing a - // separate one; PlatformRepository is held by value here for the requirement below. - crate::repository::RepositoryInterfaceHandle::new::<PlatformRepository>(todo!( - "share platform_repo with PlatformRepository" - )), - ]; - for _repo in repos { - // TODO(phase-b): repos are borrowed from RepositoryManager; need to take ownership - combined.push(todo!("take ownership of repo from RepositoryManager")); + let platform_repo = + PlatformRepositoryHandle::new(PlatformRepository::new(vec![], platform_overrides_map)?); + let mut combined: Vec<crate::repository::RepositoryInterfaceHandle> = + vec![platform_repo.clone().into()]; + for repo in repos { + combined.push(repo.clone()); } *self.get_repos_mut() = Some(CompositeRepository::new(combined)); @@ -392,7 +388,9 @@ impl RequireCommand { .to_string(), true, ) { - input.set_option("dev", PhpMixed::Bool(true)); + // TODO(phase-b): set_option needs &mut dyn InputInterface, but execute holds + // input as &dyn. Commented out until input is threaded as &mut. + // input.set_option("dev", PhpMixed::Bool(true)); } } @@ -488,7 +486,9 @@ impl RequireCommand { return Ok(0); } - input.set_option("dev", PhpMixed::Bool(true)); + // TODO(phase-b): set_option needs &mut dyn InputInterface, but execute holds + // input as &dyn. Commented out until input is threaded as &mut. + // input.set_option("dev", PhpMixed::Bool(true)); let swap = require_key; require_key = remove_key; remove_key = swap; @@ -523,13 +523,18 @@ impl RequireCommand { } if !input.get_option("dry-run").as_bool().unwrap_or(false) { - self.update_file( - self.json.as_ref().unwrap(), - &requirements, - require_key, - remove_key, - sort_packages, - ); + // TODO(phase-b): update_file takes &mut self, but the json argument must be borrowed + // from self.json, producing an overlapping borrow of self. Commented out until JsonFile + // is shared (Rc<RefCell> / interior mutability) so it can be passed without holding a + // borrow of self. + // self.update_file( + // self.json.as_ref().unwrap(), + // &requirements, + // require_key, + // remove_key, + // sort_packages, + // ); + let _ = sort_packages; } let updated_msg = format!( diff --git a/crates/shirabe/src/command/update_command.rs b/crates/shirabe/src/command/update_command.rs index 82f98a1..7fcfa4d 100644 --- a/crates/shirabe/src/command/update_command.rs +++ b/crates/shirabe/src/command/update_command.rs @@ -496,8 +496,6 @@ impl UpdateCommand { io_interface::NORMAL, ); let mut autocompleter_values: IndexMap<String, String> = IndexMap::new(); - // TODO(phase-c): wire the non-locked branch through get_local_repository().get_packages() - // (returns Vec<BasePackageHandle>); only the locker branch is populated for now. let installed_packages: Vec<crate::package::PackageInterfaceHandle> = if composer_ref.get_locker().borrow_mut().is_locked() { CanonicalPackagesTrait::get_packages( @@ -508,12 +506,11 @@ impl UpdateCommand { .borrow(), ) } else { - let _ = composer_ref + composer_ref .get_repository_manager() .borrow() .get_local_repository() - .get_packages(); - Vec::new() + .get_packages() }; let mut version_selector = self.create_version_selector(composer)?; for package in &installed_packages { |