From d944fb980ddaf2423643e06ca0a301b5558b8fe3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9o=20FIDRY?= <5175937+theofidry@users.noreply.github.com> Date: Thu, 9 Nov 2023 22:53:46 +0100 Subject: [PATCH 1/2] fix: Allow the info command to work on the old RequirementChecker (#1157) Closes #1126. --- fixtures/info/req-checker-old-req.phar | Bin 151562 -> 151518 bytes src/RequirementChecker/Requirement.php | 2 +- tests/Console/Command/InfoTest.php | 6 +++--- tests/RequirementChecker/RequirementTest.php | 20 +++++++++++++++++++ 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/fixtures/info/req-checker-old-req.phar b/fixtures/info/req-checker-old-req.phar index 13d1d6e30ecb2ce87e35c385011fbbacbc9bfc82..40676b02e465f061593ca054f0d87855d88e4390 100755 GIT binary patch delta 470 zcmeBLzGlwxuP(@9LGV0spl zEttN=WDllgn4KZ=%#L7s88bxu1+xv9ug>BNrps9%=Im#22lF{u-N1AZD@6YcRxdFB zDQh&Cc4i9)({tH^!1O1!C@}5M4v}BW4l(yHJ4C-Thc#HfkwXtmZ{mQs|1O6Wm@mbt z3#Pp|A?iAy^f68+usAmtMBbXq5X{eq(u=t)!TkGNN?@9W+XPHob3@EeSu{V#4iW!i?L+gqd#G$h=$pBWvL{k(PJU1VX=9Et6nnm)Qt3iNW2; G*9ibeRE-D# delta 503 zcmcaNpR;QL=Z1}p%n|mcleaKx3$!sYFaX)9Ao`d4KfTHC88yI?QcSL3I*G{?OwVGn z1=F{f?7_4Qvol1V*%3@HV}^*oV73AC)mePObU6#eoc%2BU_K|S8<-Aah3KEb>ILRM zWsL^Y&TQdedM;ZKnEu2T1*ZMkA@Xb4A?E&Nhv;|aum;OFa_E8SO&k#S-{r6Z^QAa- z!L%1AL|q4zKE~+;7U$-I$Xjz6g8BJSdNG$Jn17#32~4wan}BI+ZixA5+&WAn$T7)jyyh5mbg%IQR6+%o>wlb51Y%Lfb aep@SZ@e1ecUa>uaoK-PEs~Fs!e4PNP`HqSJ diff --git a/src/RequirementChecker/Requirement.php b/src/RequirementChecker/Requirement.php index f1ed580df..73feb9a7d 100644 --- a/src/RequirementChecker/Requirement.php +++ b/src/RequirementChecker/Requirement.php @@ -120,7 +120,7 @@ public static function fromArray(array $value): self return new self( RequirementType::from($value['type']), $value['condition'], - $value['source'], + $value['source'] ?? null, $value['message'], $value['helpMessage'], ); diff --git a/tests/Console/Command/InfoTest.php b/tests/Console/Command/InfoTest.php index 60d565937..b0761d7be 100644 --- a/tests/Console/Command/InfoTest.php +++ b/tests/Console/Command/InfoTest.php @@ -677,18 +677,18 @@ public static function inputProvider(): iterable Files Compression: None Signature: SHA-1 - Signature Hash: 92123D3800E1F6AD1CD1D4099B8D16BC51097A5C + Signature Hash: EEA3F86AA1B61484EE961055F43AA61805071CB1 Metadata: None - Timestamp: 1697988440 (2023-10-22T15:27:20+00:00) + Timestamp: 1699390728 (2023-11-07T20:58:48+00:00) RequirementChecker: Required: - PHP >=5.3 (root) - ext-phar (root) - Contents: 47 files (148.01KB) + Contents: 47 files (147.97KB) // Use the --list|-l option to list the content of the PHAR. diff --git a/tests/RequirementChecker/RequirementTest.php b/tests/RequirementChecker/RequirementTest.php index 2da959c8d..f65a58889 100644 --- a/tests/RequirementChecker/RequirementTest.php +++ b/tests/RequirementChecker/RequirementTest.php @@ -131,6 +131,26 @@ public function test_it_can_be_created_for_a_conflicting_extension_constraint_fo self::assertItCanBeCreatedFromItsArrayForm($requirement, $actual); } + public function test_it_can_be_created_for_a_legacy_requirement(): void + { + $expected = new Requirement( + RequirementType::EXTENSION_CONFLICT, + 'mbstring', + null, + 'The package "box/test" conflicts with the extension "mbstring".', + 'The package "box/test" conflicts with the extension "mbstring". You need to disable it in order to run this application.', + ); + + $actual = Requirement::fromArray([ + 'type' => 'extension-conflict', + 'condition' => 'mbstring', + 'message' => 'The package "box/test" conflicts with the extension "mbstring".', + 'helpMessage' => 'The package "box/test" conflicts with the extension "mbstring". You need to disable it in order to run this application.', + ]); + + self::assertEquals($expected, $actual); + } + private static function assertItCanBeCreatedFromItsArrayForm(Requirement $expected, array $arrayForm): void { $actual = Requirement::fromArray($arrayForm); From 39403a7f3dbbedbd6b117358059894b5630346e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9o=20FIDRY?= <5175937+theofidry@users.noreply.github.com> Date: Thu, 9 Nov 2023 23:08:30 +0100 Subject: [PATCH 2/2] feat: Change the default signing algorithm to SHA-512 (#1156) Closes #1136. --- src/Configuration/Configuration.php | 2 +- .../Configuration/ConfigurationSigningTest.php | 18 +++++++++--------- tests/Configuration/ConfigurationTest.php | 4 ++-- tests/Console/Command/CompileTest.php | 4 ++-- 4 files changed, 14 insertions(+), 14 deletions(-) diff --git a/src/Configuration/Configuration.php b/src/Configuration/Configuration.php index d66a22361..2495110b8 100644 --- a/src/Configuration/Configuration.php +++ b/src/Configuration/Configuration.php @@ -109,7 +109,7 @@ final class Configuration 'finder', ]; private const PHP_SCOPER_CONFIG = 'scoper.inc.php'; - private const DEFAULT_SIGNING_ALGORITHM = SigningAlgorithm::SHA1; + private const DEFAULT_SIGNING_ALGORITHM = SigningAlgorithm::SHA512; private const DEFAULT_ALIAS_PREFIX = 'box-auto-generated-alias-'; private const DEFAULT_IGNORED_ANNOTATIONS = [ diff --git a/tests/Configuration/ConfigurationSigningTest.php b/tests/Configuration/ConfigurationSigningTest.php index 00b6b15d3..6f221214f 100644 --- a/tests/Configuration/ConfigurationSigningTest.php +++ b/tests/Configuration/ConfigurationSigningTest.php @@ -32,9 +32,9 @@ */ class ConfigurationSigningTest extends ConfigurationTestCase { - public function test_the_default_signing_is_sha1(): void + public function test_the_default_signing_is_sha512(): void { - self::assertSame(SigningAlgorithm::SHA1, $this->config->getSigningAlgorithm()); + self::assertSame(SigningAlgorithm::SHA512, $this->config->getSigningAlgorithm()); self::assertNull($this->config->getPrivateKeyPath()); self::assertNull($this->config->getPrivateKeyPassphrase()); @@ -47,7 +47,7 @@ public function test_the_default_signing_is_sha1(): void public function test_a_recommendation_is_given_if_the_configured_algorithm_is_the_default_value(): void { $this->setConfig([ - 'algorithm' => 'SHA1', + 'algorithm' => 'SHA512', ]); self::assertSame( @@ -78,7 +78,7 @@ public function test_the_signing_algorithm_can_be_configured(string $algorithm, self::assertSame($expected, $this->config->getSigningAlgorithm()); - if (false === in_array($algorithm, ['SHA1', false], true)) { + if (false === in_array($algorithm, ['SHA512', false], true)) { self::assertSame([], $this->config->getRecommendations()); } self::assertSame([], $this->config->getWarnings()); @@ -126,7 +126,7 @@ public function test_it_generates_a_warning_when_a_key_pass_is_provided_but_the_ self::assertNull($this->config->getPrivateKeyPassphrase()); self::assertFalse($this->config->promptForPrivateKey()); - if (false === in_array($algorithm, ['SHA1', false], true)) { + if (false === in_array($algorithm, ['SHA512', false], true)) { self::assertSame([], $this->config->getRecommendations()); } self::assertSame( @@ -157,7 +157,7 @@ public function test_it_generates_a_warning_when_a_key_pass_is_provided_but_the_ ); } - if (in_array($algorithm, ['SHA1', false], true)) { + if (in_array($algorithm, ['SHA512', false], true)) { array_unshift( $expectedRecommendation, 'The "algorithm" setting can be omitted since is set to its default value', @@ -176,7 +176,7 @@ public function test_it_generates_a_warning_when_a_key_pass_is_provided_but_the_ self::assertNull($this->config->getPrivateKeyPassphrase()); self::assertFalse($this->config->promptForPrivateKey()); - if (false === in_array($algorithm, ['SHA1', false], true)) { + if (false === in_array($algorithm, ['SHA512', false], true)) { self::assertSame([], $this->config->getRecommendations()); } self::assertSame( @@ -199,7 +199,7 @@ public function test_it_generates_a_warning_when_a_key_path_is_provided_but_the_ self::assertNull($this->config->getPrivateKeyPath()); - if (false === in_array($algorithm, ['SHA1', false], true)) { + if (false === in_array($algorithm, ['SHA512', false], true)) { self::assertSame([], $this->config->getRecommendations()); } self::assertSame( @@ -218,7 +218,7 @@ public function test_it_generates_a_warning_when_a_key_path_is_provided_but_the_ 'The setting "key" has been set but is unnecessary since the signing algorithm is not "OPENSSL".', ]; - if (in_array($algorithm, ['SHA1', false], true)) { + if (in_array($algorithm, ['SHA512', false], true)) { array_unshift( $expectedRecommendation, 'The "algorithm" setting can be omitted since is set to its default value', diff --git a/tests/Configuration/ConfigurationTest.php b/tests/Configuration/ConfigurationTest.php index 1ddeeb2dc..6a290f795 100644 --- a/tests/Configuration/ConfigurationTest.php +++ b/tests/Configuration/ConfigurationTest.php @@ -2986,7 +2986,7 @@ public function test_it_can_be_created_with_only_default_values(): void self::assertNull($this->config->getPrivateKeyPath()); self::assertSame([], $this->config->getReplacements()); self::assertSame('#!/usr/bin/env php', $this->config->getShebang()); - self::assertSame(SigningAlgorithm::SHA1, $this->config->getSigningAlgorithm()); + self::assertSame(SigningAlgorithm::SHA512, $this->config->getSigningAlgorithm()); $version = self::$version; @@ -3096,7 +3096,7 @@ public function test_it_can_be_exported(): void -promptForPrivateKey: false -processedReplacements: [] -shebang: "#!/usr/bin/env php" - -signingAlgorithm: "SHA1" + -signingAlgorithm: "SHA512" -stubBannerContents: "My banner" -stubBannerPath: null -stubPath: null diff --git a/tests/Console/Command/CompileTest.php b/tests/Console/Command/CompileTest.php index e70348813..33f53ddfe 100644 --- a/tests/Console/Command/CompileTest.php +++ b/tests/Console/Command/CompileTest.php @@ -478,7 +478,7 @@ public function test_it_can_build_a_phar_without_any_configuration(): void $phar = new Phar('index.phar'); - self::assertSame('SHA-1', $phar->getSignature()['hash_type']); + self::assertSame('SHA-512', $phar->getSignature()['hash_type']); // Check PHAR content $actualStub = self::normalizeStub($phar->getStub()); @@ -1227,7 +1227,7 @@ public function test_it_can_build_a_phar_file_in_debug_mode(): void -promptForPrivateKey: false -processedReplacements: [] -shebang: "#!/usr/bin/env php" - -signingAlgorithm: "SHA1" + -signingAlgorithm: "SHA512" -stubBannerContents: "" -stubBannerPath: null -stubPath: null