From c3484ea882d457422dcb94de539052359e997a52 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Wed, 30 Mar 2022 16:34:59 +0200 Subject: [PATCH] Avoid endless loop when input looks interactive but isnt, fixes #10648 --- src/Composer/Plugin/PluginManager.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/Composer/Plugin/PluginManager.php b/src/Composer/Plugin/PluginManager.php index 52c25d945..a2da6b9bd 100644 --- a/src/Composer/Plugin/PluginManager.php +++ b/src/Composer/Plugin/PluginManager.php @@ -713,8 +713,16 @@ class PluginManager $composer = $isGlobalPlugin && $this->globalComposer !== null ? $this->globalComposer : $this->composer; $this->io->writeError(''.$package.($isGlobalPlugin ? ' (installed globally)' : '').' contains a Composer plugin which is currently not in your allow-plugins config. See https://getcomposer.org/allow-plugins'); + $attempts = 0; while (true) { - switch ($answer = $this->io->ask('Do you trust "'.$package.'" to execute code and wish to enable it now? (writes "allow-plugins" to composer.json) [y,n,d,?] ', '?')) { + // do not allow more than 5 prints of the help message, at some point assume the + // input is not interactive and bail defaulting to a disabled plugin + $default = '?'; + if ($attempts > 5) { + $default = 'd'; + } + + switch ($answer = $this->io->ask('Do you trust "'.$package.'" to execute code and wish to enable it now? (writes "allow-plugins" to composer.json) [y,n,d,?] ', $default)) { case 'y': case 'n': case 'd': @@ -736,6 +744,7 @@ class PluginManager case '?': default: + $attempts++; $this->io->writeError(array( 'y - add package to allow-plugins in composer.json and let it run immediately', 'n - add package (as disallowed) to allow-plugins in composer.json to suppress further prompts',