From 51843230859ef39344c0b67daa9049ead87ec49c Mon Sep 17 00:00:00 2001 From: nsfisis Date: Tue, 2 Jun 2026 23:58:38 +0900 Subject: feat(resolver): port SecurityAdvisoryPoolFilter::filter Implement the security advisory pool filter end to end, plus the remaining actionable wirings it unblocked. - Unify the PartialSecurityAdvisory|SecurityAdvisory union as the PartialOrFullSecurityAdvisory enum and make the advisory types Clone, so advisories can be collected and stored; Pool.security_removed_versions now carries the union. This also unblocks PoolOptimizer's clone of the security-removed versions. - Thread the filter result through run_security_advisory_filter/build_pool as anyhow::Result. - Introduce typed PlatformRepositoryHandle and pass platform repos as handles through determine_requirements instead of &PlatformRepository. - Wire RuleSetGenerator's is_unacceptable_fixed_or_locked_package check and UpdateCommand's non-locked installed-packages branch. Co-Authored-By: Claude Opus 4.8 (1M context) --- crates/shirabe/src/repository/repository_set.rs | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'crates/shirabe/src/repository/repository_set.rs') diff --git a/crates/shirabe/src/repository/repository_set.rs b/crates/shirabe/src/repository/repository_set.rs index 843af80..ac904fc 100644 --- a/crates/shirabe/src/repository/repository_set.rs +++ b/crates/shirabe/src/repository/repository_set.rs @@ -13,8 +13,7 @@ use shirabe_semver::constraint::MatchAllConstraint; use shirabe_semver::constraint::MultiConstraint; use shirabe_semver::constraint::SimpleConstraint; -use crate::advisory::PartialSecurityAdvisory; -use crate::advisory::SecurityAdvisory; +use crate::advisory::{PartialOrFullSecurityAdvisory, PartialSecurityAdvisory, SecurityAdvisory}; use crate::dependency_resolver::Pool; use crate::dependency_resolver::PoolBuilder; use crate::dependency_resolver::PoolOptimizer; @@ -29,12 +28,12 @@ use crate::package::BasePackageHandle; use crate::package::CompleteAliasPackageHandle; use crate::package::PackageInterfaceHandle; use crate::package::version::StabilityFilter; +use crate::repository::AdvisoryProviderInterface; use crate::repository::CompositeRepository; use crate::repository::InstalledRepository; use crate::repository::InstalledRepositoryInterface; use crate::repository::LockArrayRepositoryHandle; use crate::repository::PlatformRepository; -use crate::repository::{AdvisoryProviderInterface, PartialOrSecurityAdvisory}; use crate::repository::{FindPackageConstraint, RepositoryInterface, RepositoryInterfaceHandle}; #[derive(Debug, Clone)] @@ -372,8 +371,8 @@ impl RepositorySet { allow_partial_advisories: bool, ignore_unreachable: bool, unreachable_repos: &mut Vec, - ) -> Result>> { - let mut repo_advisories: Vec>> = vec![]; + ) -> Result>> { + let mut repo_advisories: Vec>> = vec![]; for repository in &self.repositories { // TODO(phase-b): use anyhow::Result> to model PHP try/catch let attempt: Result<()> = (|| -> Result<()> { @@ -646,6 +645,6 @@ impl RepositorySet { #[derive(Debug)] pub struct SecurityAdvisoriesResult { - pub advisories: IndexMap>, + pub advisories: IndexMap>, pub unreachable_repos: Vec, } -- cgit v1.3.1