From 0de1e21233be5825abc19d2b5431b84fc92dc7dc Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Wed, 29 Nov 2017 15:05:19 +0100 Subject: [PATCH 1/3] Make create-project install dependencies following optimize-autoloader config setting, fixes #6722 --- src/Composer/Command/CreateProjectCommand.php | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/Composer/Command/CreateProjectCommand.php b/src/Composer/Command/CreateProjectCommand.php index 965ead17a..4f58a4a77 100644 --- a/src/Composer/Command/CreateProjectCommand.php +++ b/src/Composer/Command/CreateProjectCommand.php @@ -169,7 +169,9 @@ EOT $composer->getEventDispatcher()->dispatchScript(ScriptEvents::POST_ROOT_PACKAGE_INSTALL, $installDevPackages); } - list($preferSource, $preferDist) = $this->getPreferredInstallOptions($composer->getConfig(), $input); + // use the new config including the newly installed project + $config = $composer->getConfig(); + list($preferSource, $preferDist) = $this->getPreferredInstallOptions($config, $input); // install dependencies of the created project if ($noInstall === false) { @@ -179,7 +181,8 @@ EOT ->setDevMode($installDevPackages) ->setRunScripts(!$noScripts) ->setIgnorePlatformRequirements($ignorePlatformReqs) - ->setSuggestedPackagesReporter($this->suggestedPackagesReporter); + ->setSuggestedPackagesReporter($this->suggestedPackagesReporter) + ->setOptimizeAutoloader($config->get('optimize-autoloader')); if ($disablePlugins) { $installer->disablePlugins(); @@ -238,10 +241,10 @@ EOT } chdir($oldCwd); - $vendorComposerDir = $composer->getConfig()->get('vendor-dir').'/composer'; + $vendorComposerDir = $config->get('vendor-dir').'/composer'; if (is_dir($vendorComposerDir) && $fs->isDirEmpty($vendorComposerDir)) { Silencer::call('rmdir', $vendorComposerDir); - $vendorDir = $composer->getConfig()->get('vendor-dir'); + $vendorDir = $config->get('vendor-dir'); if (is_dir($vendorDir) && $fs->isDirEmpty($vendorDir)) { Silencer::call('rmdir', $vendorDir); } From 128e424c90b9aad4ed7a86dd43b182aaddfd60d1 Mon Sep 17 00:00:00 2001 From: Maarten Balliauw Date: Wed, 29 Nov 2017 15:32:32 +0100 Subject: [PATCH 2/3] Avoid sending Authorization header to another domain on redirect, fixes #6716 --- src/Composer/Util/RemoteFilesystem.php | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/src/Composer/Util/RemoteFilesystem.php b/src/Composer/Util/RemoteFilesystem.php index cc6709b48..82526e303 100644 --- a/src/Composer/Util/RemoteFilesystem.php +++ b/src/Composer/Util/RemoteFilesystem.php @@ -247,6 +247,17 @@ class RemoteFilesystem unset($tempAdditionalOptions); $userlandFollow = isset($options['http']['follow_location']) && !$options['http']['follow_location']; + if ($isRedirect && $this->io->hasAuthentication($this->originUrl)) { + // Redirecting away from originUrl domain? Then remove the auth headers. + $redirectHost = parse_url($this->fileUrl, PHP_URL_HOST); + if ($this->originUrl != $redirectHost && stripos($redirectHost, '.' . $this->originUrl) === false) { + // Strip off authentication + $options['http']['header'] = array_filter($options['http']['header'], function($value){ + return stripos($value, 'Authorization') !== 0; + }); + } + } + $origFileUrl = $fileUrl; if (isset($options['github-token'])) { @@ -744,10 +755,6 @@ class RemoteFilesystem $headers[] = 'Connection: close'; } - if (isset($userlandFollow)) { - $options['http']['follow_location'] = 0; - } - if ($this->io->hasAuthentication($originUrl)) { $auth = $this->io->getAuthentication($originUrl); if ('github.com' === $originUrl && 'x-oauth-basic' === $auth['password']) { @@ -768,6 +775,11 @@ class RemoteFilesystem $authStr = base64_encode($auth['username'] . ':' . $auth['password']); $headers[] = 'Authorization: Basic '.$authStr; } + $userlandFollow = true; // always perform userland follow (to be able to change headers when redirected) + } + + if (isset($userlandFollow)) { + $options['http']['follow_location'] = 0; } if (isset($options['http']['header']) && !is_array($options['http']['header'])) { From 743153e862b7b82bd71f09be9775f460ca8d6ac0 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Wed, 29 Nov 2017 15:56:45 +0100 Subject: [PATCH 3/3] Tweak so that we allow authentication for domains we redirect to, refs #6717 --- src/Composer/Util/RemoteFilesystem.php | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/src/Composer/Util/RemoteFilesystem.php b/src/Composer/Util/RemoteFilesystem.php index 82526e303..1ace44c96 100644 --- a/src/Composer/Util/RemoteFilesystem.php +++ b/src/Composer/Util/RemoteFilesystem.php @@ -247,17 +247,6 @@ class RemoteFilesystem unset($tempAdditionalOptions); $userlandFollow = isset($options['http']['follow_location']) && !$options['http']['follow_location']; - if ($isRedirect && $this->io->hasAuthentication($this->originUrl)) { - // Redirecting away from originUrl domain? Then remove the auth headers. - $redirectHost = parse_url($this->fileUrl, PHP_URL_HOST); - if ($this->originUrl != $redirectHost && stripos($redirectHost, '.' . $this->originUrl) === false) { - // Strip off authentication - $options['http']['header'] = array_filter($options['http']['header'], function($value){ - return stripos($value, 'Authorization') !== 0; - }); - } - } - $origFileUrl = $fileUrl; if (isset($options['github-token'])) { @@ -775,7 +764,7 @@ class RemoteFilesystem $authStr = base64_encode($auth['username'] . ':' . $auth['password']); $headers[] = 'Authorization: Basic '.$authStr; } - $userlandFollow = true; // always perform userland follow (to be able to change headers when redirected) + $userlandFollow = true; // always perform userland follow (to be able to change Authorization headers when redirected) } if (isset($userlandFollow)) { @@ -822,7 +811,7 @@ class RemoteFilesystem $additionalOptions['redirects'] = $this->redirects; - return $this->get($this->originUrl, $targetUrl, $additionalOptions, $this->fileName, $this->progress); + return $this->get(parse_url($targetUrl, PHP_URL_HOST), $targetUrl, $additionalOptions, $this->fileName, $this->progress); } if (!$this->retry) {