Add blacklist option as a mechanism prevent undesirable packages from…

… deps.
inspire-develop · Oct 15, 2019 · 35c0860 · 35c0860
1 parent 6e50c07
commit 35c0860
Show file tree

Hide file tree

Showing 4 changed files with 56 additions and 0 deletions.
diff --git a/docs/config.md b/docs/config.md
@@ -135,6 +135,10 @@ If true, will only resolve and add dependencies, not the root projects listed in
 
 Useful with require-dependencies, returns a minimal set of dependencies resulting in a constrained package list.
 
+### blacklist
+
+Define a list of packages and versions to suppress in the final packages list. Takes the same format as the `require` section.
+
 ### require-dependency-filter
 
 If false, will include versions matching a dependency.

diff --git a/res/satis-schema.json b/res/satis-schema.json
@@ -120,6 +120,15 @@
                 "description": "A valid Package name"
             }
         },
+        "blacklist": {
+            "type": "object",
+            "description": "Packages and versions to exclude as blacklisted.",
+            "minProperties": 1,
+            "additionalProperties": {
+                "type": "string",
+                "description": "A valid version constraint."
+            }
+        },
         "require-all": {
             "type": "boolean",
             "description": "If true, selects all versions of all packages in the repositories defined."

diff --git a/src/Console/Command/BuildCommand.php b/src/Console/Command/BuildCommand.php
@@ -91,6 +91,7 @@ protected function configure()
   building the html output.
 - <info>"abandoned"</info>: Packages that are abandoned. As the key use the
   package name, as the value use true or the replacement package.
+- <info>"blacklist"</info>: Packages and versions which should be excluded from the final package list.
 - <info>"notify-batch"</info>: Allows you to specify a URL that will
   be called every time a user installs a package, see
   https://getcomposer.org/doc/05-repositories.md#notify-batch

diff --git a/src/PackageSelection/PackageSelection.php b/src/PackageSelection/PackageSelection.php
@@ -28,6 +28,7 @@
 use Composer\Repository\PlatformRepository;
 use Composer\Repository\RepositoryInterface;
 use Composer\Semver\Constraint\EmptyConstraint;
+use Composer\Semver\VersionParser;
 use Composer\Util\Filesystem;
 use Symfony\Component\Console\Output\OutputInterface;
 
@@ -84,6 +85,9 @@ class PackageSelection
     /** @var array A list of packages marked as abandoned */
     private $abandoned = [];
 
+    /** @var array A list of blacklisted package/constraints. */
+    private $blacklist = [];
+
     /** @var array|bool Patterns from strip-hosts. */
     private $stripHosts = false;
 
@@ -113,6 +117,11 @@ public function hasRepositoryFilter(): bool
         return null !== $this->repositoryFilter;
     }
 
+    public function hasBlacklist(): bool
+    {
+        return count($this->blacklist) > 0;
+    }
+
     public function setPackagesFilter(array $packagesFilter = []): void
     {
         $this->packagesFilter = $packagesFilter;
@@ -187,6 +196,8 @@ public function select(Composer $composer, bool $verbose): array
 
         $this->setSelectedAsAbandoned();
 
+        $this->pruneBlacklisted($pool, $verbose);
+
         ksort($this->selected, SORT_STRING);
 
         return $this->selected;
@@ -306,6 +317,7 @@ private function fetchOptions(array $config): void
         $this->minimumStability = $config['minimum-stability'] ?? 'dev';
         $this->minimumStabilityPerPackage = $config['minimum-stability-per-package'] ?? [];
         $this->abandoned = $config['abandoned'] ?? [];
+        $this->blacklist = $config['blacklist'] ?? [];
 
         $this->stripHosts = $this->createStripHostsPatterns($config['strip-hosts'] ?? false);
         $this->archiveEndpoint = isset($config['archive']['directory']) ? ($config['archive']['prefix-url'] ?? $config['homepage']) . '/' : null;
@@ -532,6 +544,36 @@ private function setSelectedAsAbandoned(): void
     }
 
     /**
+     * Removes selected packages which are blacklisted in configuration.
+     *
+     * @param Pool $pool for computing constraint matches.
+     *
+     * @return Array of packages that were blacklisted.
+     */
+    private function pruneBlacklisted($pool, $verbose)
+    {
+        $blacklisted = [];
+        if ($this->hasBlacklist()) {
+            $parser = new VersionParser();
+            foreach ($this->selected as $selectedKey => $package) {
+                foreach ($this->blacklist as $blacklistName => $blacklistConstraint) {
+                    $constraint = $parser->parseConstraints($blacklistConstraint);
+                    if ($pool::MATCH === $pool->match($package, $blacklistName, $constraint, FALSE)) {
+                       if ($verbose) {
+                          $this->output->writeln('Blacklisted ' . $package->getPrettyName() . ' (' . $package->getPrettyVersion() . ')');
+                       }
+                       $blacklisted[$selectedKey] = $package;
+                       unset($this->selected[$selectedKey]);
+                    }
+                }
+            }
+        }
+        return $blacklisted;
+    }
+
+    /**
+     * Gets a list of filtered Links.
+     *
      * @param Composer $composer
      *
      * @return Link[]