From 51843230859ef39344c0b67daa9049ead87ec49c Mon Sep 17 00:00:00 2001 From: nsfisis Date: Tue, 2 Jun 2026 23:58:38 +0900 Subject: feat(resolver): port SecurityAdvisoryPoolFilter::filter Implement the security advisory pool filter end to end, plus the remaining actionable wirings it unblocked. - Unify the PartialSecurityAdvisory|SecurityAdvisory union as the PartialOrFullSecurityAdvisory enum and make the advisory types Clone, so advisories can be collected and stored; Pool.security_removed_versions now carries the union. This also unblocks PoolOptimizer's clone of the security-removed versions. - Thread the filter result through run_security_advisory_filter/build_pool as anyhow::Result. - Introduce typed PlatformRepositoryHandle and pass platform repos as handles through determine_requirements instead of &PlatformRepository. - Wire RuleSetGenerator's is_unacceptable_fixed_or_locked_package check and UpdateCommand's non-locked installed-packages branch. Co-Authored-By: Claude Opus 4.8 (1M context) --- crates/shirabe/src/repository/package_repository.rs | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) (limited to 'crates/shirabe/src/repository/package_repository.rs') diff --git a/crates/shirabe/src/repository/package_repository.rs b/crates/shirabe/src/repository/package_repository.rs index b88de78..b5280a8 100644 --- a/crates/shirabe/src/repository/package_repository.rs +++ b/crates/shirabe/src/repository/package_repository.rs @@ -1,15 +1,13 @@ //! ref: composer/src/Composer/Repository/PackageRepository.php -use crate::advisory::PartialSecurityAdvisory; use crate::advisory::SecurityAdvisory; +use crate::advisory::{PartialOrFullSecurityAdvisory, PartialSecurityAdvisory}; use crate::package::loader::ArrayLoader; use crate::package::loader::ValidatingArrayLoader; use crate::package::version::VersionParser; use crate::repository::ArrayRepository; use crate::repository::InvalidRepositoryException; -use crate::repository::{ - AdvisoryProviderInterface, PartialOrSecurityAdvisory, SecurityAdvisoryResult, -}; +use crate::repository::{AdvisoryProviderInterface, SecurityAdvisoryResult}; use indexmap::IndexMap; use shirabe_external_packages::composer::pcre::Preg; use shirabe_php_shim::{Exception, PhpMixed, RuntimeException, var_export}; @@ -97,7 +95,7 @@ impl AdvisoryProviderInterface for PackageRepository { let semver_parser = shirabe_semver::version_parser::VersionParser; let _ = parser; - let mut advisories: IndexMap> = IndexMap::new(); + let mut advisories: IndexMap> = IndexMap::new(); for (package_name, package_advisories) in &self.security_advisories { if !package_constraint_map.contains_key(package_name.as_str()) { continue; @@ -106,7 +104,7 @@ impl AdvisoryProviderInterface for PackageRepository { PhpMixed::List(list) => list, _ => continue, }; - let mut items: Vec = Vec::new(); + let mut items: Vec = Vec::new(); for data in list { let data_map: IndexMap = match data.as_ref() { PhpMixed::Array(m) => m.iter().map(|(k, v)| (k.clone(), *v.clone())).collect(), @@ -121,7 +119,7 @@ impl AdvisoryProviderInterface for PackageRepository { Err(_) => continue, }; if !allow_partial_advisories - && matches!(advisory, PartialOrSecurityAdvisory::Partial(_)) + && matches!(advisory, PartialOrFullSecurityAdvisory::Partial(_)) { return Err(anyhow::anyhow!(RuntimeException { message: format!( @@ -141,7 +139,7 @@ impl AdvisoryProviderInterface for PackageRepository { } let names_found: Vec = advisories.keys().cloned().collect(); - let advisories: IndexMap> = advisories + let advisories: IndexMap> = advisories .into_iter() .filter(|(_, adv)| !adv.is_empty()) .collect(); -- cgit v1.3.1