|
6 | 6 |
|
7 | 7 | use PHPCensor\Common\Build\BuildErrorInterface; |
8 | 8 | use PHPCensor\Common\Build\BuildInterface; |
| 9 | +use PHPCensor\Common\Exception\Exception; |
9 | 10 | use PHPCensor\Common\Plugin\Plugin; |
10 | 11 | use PHPCensor\Common\Plugin\ZeroConfigPluginInterface; |
11 | 12 | use SensioLabs\Security\SecurityChecker as SensiolabsSecurityChecker; |
@@ -38,9 +39,30 @@ public static function getName(): string |
38 | 39 | */ |
39 | 40 | public function execute(): bool |
40 | 41 | { |
41 | | - $success = true; |
42 | | - $checker = new SensiolabsSecurityChecker(); |
43 | | - $result = $checker->check($this->build->getBuildPath() . 'composer.lock'); |
| 42 | + $success = true; |
| 43 | + if (\in_array('symfony', $this->binaryNames, true)) { |
| 44 | + $lockFile = $this->build->getBuildPath() . 'composer.lock'; |
| 45 | + if (!\is_file($lockFile)) { |
| 46 | + throw new Exception('Lock file (composer.lock) does not exist.'); |
| 47 | + } |
| 48 | + |
| 49 | + $cmd = '%s check:security --format=json --dir=%s'; |
| 50 | + $executable = $this->commandExecutor->findBinary($this->binaryNames, $this->binaryPath); |
| 51 | + if (!$this->build->isDebug()) { |
| 52 | + $this->commandExecutor->disableCommandOutput(); |
| 53 | + } |
| 54 | + |
| 55 | + // works with dir, composer.lock, composer.json |
| 56 | + $this->commandExecutor->executeCommand($cmd, $executable, $lockFile); |
| 57 | + |
| 58 | + $this->commandExecutor->enableCommandOutput(); |
| 59 | + |
| 60 | + $result = $this->commandExecutor->getLastCommandOutput(); |
| 61 | + } else { |
| 62 | + $checker = new SensiolabsSecurityChecker(); |
| 63 | + $result = $checker->check($this->build->getBuildPath() . 'composer.lock'); |
| 64 | + } |
| 65 | + |
44 | 66 | $warnings = \json_decode((string)$result, true); |
45 | 67 |
|
46 | 68 | if ($warnings) { |
|
0 commit comments