diff --git a/magento-integration-tests/7.0/action.yml b/magento-integration-tests/7.0/action.yml index 859b448..779abfa 100644 --- a/magento-integration-tests/7.0/action.yml +++ b/magento-integration-tests/7.0/action.yml @@ -36,6 +36,10 @@ inputs: magento_post_install_script: description: 'Relative path to an optional script after Magento installation is run. Leave empty to use the default.' required: false + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-integration-tests-action:7.0-latest' diff --git a/magento-integration-tests/7.1/action.yml b/magento-integration-tests/7.1/action.yml index b3fc1f7..f00ced0 100644 --- a/magento-integration-tests/7.1/action.yml +++ b/magento-integration-tests/7.1/action.yml @@ -36,6 +36,10 @@ inputs: magento_post_install_script: description: 'Relative path to an optional script after Magento installation is run. Leave empty to use the default.' required: false + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-integration-tests-action:7.1-latest' diff --git a/magento-integration-tests/7.2/action.yml b/magento-integration-tests/7.2/action.yml index 87861ed..ab8f72b 100644 --- a/magento-integration-tests/7.2/action.yml +++ b/magento-integration-tests/7.2/action.yml @@ -36,6 +36,10 @@ inputs: magento_post_install_script: description: 'Relative path to an optional script after Magento installation is run. Leave empty to use the default.' required: false + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-integration-tests-action:7.2-latest' diff --git a/magento-integration-tests/7.3/action.yml b/magento-integration-tests/7.3/action.yml index 8740e38..6b75d67 100644 --- a/magento-integration-tests/7.3/action.yml +++ b/magento-integration-tests/7.3/action.yml @@ -36,6 +36,10 @@ inputs: magento_post_install_script: description: 'Relative path to an optional script after Magento installation is run. Leave empty to use the default.' required: false + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-integration-tests-action:7.3-latest' diff --git a/magento-integration-tests/7.4/action.yml b/magento-integration-tests/7.4/action.yml index 2557c75..2f32823 100644 --- a/magento-integration-tests/7.4/action.yml +++ b/magento-integration-tests/7.4/action.yml @@ -40,6 +40,10 @@ inputs: description: 'DEPREACATED. Composer v2 is now always used.' required: false default: '1' + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-integration-tests-action:7.4-latest' diff --git a/magento-integration-tests/8.1/action.yml b/magento-integration-tests/8.1/action.yml index 86e0400..7e049ea 100644 --- a/magento-integration-tests/8.1/action.yml +++ b/magento-integration-tests/8.1/action.yml @@ -40,6 +40,10 @@ inputs: description: 'DEPREACATED. Composer v2 is now always used.' required: false default: '1' + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-integration-tests-action:8.1-latest' diff --git a/magento-integration-tests/8.2/action.yml b/magento-integration-tests/8.2/action.yml index e3ce63d..74abfb2 100644 --- a/magento-integration-tests/8.2/action.yml +++ b/magento-integration-tests/8.2/action.yml @@ -40,6 +40,10 @@ inputs: description: 'DEPREACATED. Composer v2 is now always used.' required: false default: '2' + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-integration-tests-action:8.2-latest' diff --git a/magento-integration-tests/8.3/action.yml b/magento-integration-tests/8.3/action.yml index 0b39f6e..dcf2dcb 100644 --- a/magento-integration-tests/8.3/action.yml +++ b/magento-integration-tests/8.3/action.yml @@ -40,6 +40,10 @@ inputs: description: 'DEPREACATED. Composer v2 is now always used.' required: false default: '2' + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-integration-tests-action:8.3-latest' diff --git a/magento-integration-tests/8.4/action.yml b/magento-integration-tests/8.4/action.yml index da15a5e..f263070 100644 --- a/magento-integration-tests/8.4/action.yml +++ b/magento-integration-tests/8.4/action.yml @@ -40,6 +40,10 @@ inputs: description: 'DEPREACATED. Composer v2 is now always used.' required: false default: '2' + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-integration-tests-action:8.4-latest' diff --git a/magento-integration-tests/entrypoint.sh b/magento-integration-tests/entrypoint.sh index 2a9e6c0..07938ad 100755 --- a/magento-integration-tests/entrypoint.sh +++ b/magento-integration-tests/entrypoint.sh @@ -10,6 +10,7 @@ test -z "${PROJECT_NAME}" && PROJECT_NAME=$INPUT_PROJECT_NAME test -z "${ELASTICSEARCH}" && ELASTICSEARCH=$INPUT_ELASTICSEARCH test -z "${PHPUNIT_FILE}" && PHPUNIT_FILE=$INPUT_PHPUNIT_FILE test -z "${REPOSITORY_URL}" && REPOSITORY_URL=$INPUT_REPOSITORY_URL +test -z "${BLOCK_INSECURE}" && BLOCK_INSECURE=$INPUT_BLOCK_INSECURE # Maintain backwards-compatibility with old 'ce_version' input. test -z "${MAGENTO_VERSION}" && MAGENTO_VERSION=$INPUT_CE_VERSION @@ -19,6 +20,7 @@ test -z "$MAGENTO_VERSION" && MAGENTO_VERSION="2.4.3-p1" test -z "$PROJECT_NAME" && PROJECT_NAME="magento/project-community-edition" test -z "${REPOSITORY_URL}" && REPOSITORY_URL="https://repo-magento-mirror.fooman.co.nz/" test -z "$DISABLE_DATABASE_DUMP" && DISABLE_DATABASE_DUMP="1" +test -z "${BLOCK_INSECURE}" && BLOCK_INSECURE="true" if [[ "$MAGENTO_VERSION" == "2.4."* ]]; then ELASTICSEARCH=1 @@ -85,8 +87,11 @@ if [[ "$MAGENTO_VERSION" == "2.4.4" ]]; then composer require monolog/monolog:2.6.0 --no-update fi +echo "Configure Composer audit.block-insecure" +composer config audit.block-insecure "$BLOCK_INSECURE" + echo "Ignore known security advisories" -composer config --json audit.ignore '{"PKSA-z3gr-8qht-p93v": "Ignored for CI", "PKSA-rkkf-636k-qjb3": "Ignored for CI", "PKSA-wws7-mr54-jsny": "Ignored for CI"}' +composer config --json audit.ignore '{"PKSA-z3gr-8qht-p93v": "Ignored for CI", "PKSA-rkkf-636k-qjb3": "Ignored for CI", "PKSA-wws7-mr54-jsny": "Ignored for CI", "PKSA-db8d-773v-rd1n": "Ignored for CI"}' echo "Run installation" COMPOSER_MEMORY_LIMIT=-1 composer install --no-interaction --no-progress diff --git a/magento-phpstan/7.3/action.yml b/magento-phpstan/7.3/action.yml index 2f66674..40cdb34 100644 --- a/magento-phpstan/7.3/action.yml +++ b/magento-phpstan/7.3/action.yml @@ -19,6 +19,10 @@ inputs: magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' required: false + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: "true" runs: using: 'docker' image: 'docker://extdn/magento-phpstan-action:7.3-latest' diff --git a/magento-phpstan/7.4/action.yml b/magento-phpstan/7.4/action.yml index 2c4c904..e8795e7 100644 --- a/magento-phpstan/7.4/action.yml +++ b/magento-phpstan/7.4/action.yml @@ -19,6 +19,10 @@ inputs: magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' required: false + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: "true" runs: using: 'docker' image: 'docker://extdn/magento-phpstan-action:7.4-latest' diff --git a/magento-phpstan/8.1/action.yml b/magento-phpstan/8.1/action.yml index e59e9c4..3ca342c 100644 --- a/magento-phpstan/8.1/action.yml +++ b/magento-phpstan/8.1/action.yml @@ -19,6 +19,10 @@ inputs: magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' required: false + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: "true" runs: using: 'docker' image: 'docker://extdn/magento-phpstan-action:8.1-latest' diff --git a/magento-phpstan/8.2/action.yml b/magento-phpstan/8.2/action.yml index 1b87eac..c53ac8a 100644 --- a/magento-phpstan/8.2/action.yml +++ b/magento-phpstan/8.2/action.yml @@ -19,6 +19,10 @@ inputs: magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' required: false + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: "true" runs: using: 'docker' image: 'docker://extdn/magento-phpstan-action:8.2-latest' diff --git a/magento-phpstan/8.3/action.yml b/magento-phpstan/8.3/action.yml index caf375f..75faac3 100644 --- a/magento-phpstan/8.3/action.yml +++ b/magento-phpstan/8.3/action.yml @@ -19,6 +19,10 @@ inputs: magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' required: false + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: "true" runs: using: 'docker' image: 'docker://extdn/magento-phpstan-action:8.3-latest' diff --git a/magento-phpstan/8.4/action.yml b/magento-phpstan/8.4/action.yml index 37d05cd..f9f0989 100644 --- a/magento-phpstan/8.4/action.yml +++ b/magento-phpstan/8.4/action.yml @@ -19,6 +19,10 @@ inputs: magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' required: false + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: "true" runs: using: 'docker' image: 'docker://extdn/magento-phpstan-action:8.4-latest' diff --git a/magento-phpstan/Dockerfile:7.3 b/magento-phpstan/Dockerfile:7.3 index a43c5cb..23c4219 100644 --- a/magento-phpstan/Dockerfile:7.3 +++ b/magento-phpstan/Dockerfile:7.3 @@ -10,7 +10,7 @@ RUN composer config --unset repo.0 RUN composer config repo.foomanmirror composer https://repo-magento-mirror.fooman.co.nz/ RUN composer config --no-plugins allow-plugins true RUN composer require hoa/regex --no-update -RUN composer config --json audit.ignore '{"PKSA-z3gr-8qht-p93v": "Ignored for CI", "PKSA-rkkf-636k-qjb3": "Ignored for CI", "PKSA-wws7-mr54-jsny": "Ignored for CI"}' +RUN composer config --json audit.ignore '{"PKSA-z3gr-8qht-p93v": "Ignored for CI", "PKSA-rkkf-636k-qjb3": "Ignored for CI", "PKSA-wws7-mr54-jsny": "Ignored for CI", "PKSA-db8d-773v-rd1n": "Ignored for CI"}' RUN composer install --prefer-dist FROM extdn/magento-integration-tests-action:7.3-latest diff --git a/magento-phpstan/Dockerfile:7.4 b/magento-phpstan/Dockerfile:7.4 index 56ffa31..c8b8cfa 100644 --- a/magento-phpstan/Dockerfile:7.4 +++ b/magento-phpstan/Dockerfile:7.4 @@ -10,7 +10,7 @@ RUN composer config --unset repo.0 RUN composer config repo.foomanmirror composer https://repo-magento-mirror.fooman.co.nz/ RUN composer config --no-plugins allow-plugins true RUN composer require hoa/regex --no-update -RUN composer config --json audit.ignore '{"PKSA-z3gr-8qht-p93v": "Ignored for CI", "PKSA-rkkf-636k-qjb3": "Ignored for CI", "PKSA-wws7-mr54-jsny": "Ignored for CI"}' +RUN composer config --json audit.ignore '{"PKSA-z3gr-8qht-p93v": "Ignored for CI", "PKSA-rkkf-636k-qjb3": "Ignored for CI", "PKSA-wws7-mr54-jsny": "Ignored for CI", "PKSA-db8d-773v-rd1n": "Ignored for CI"}' RUN composer install --prefer-dist FROM extdn/magento-integration-tests-action:7.4-latest diff --git a/magento-phpstan/action.yml b/magento-phpstan/action.yml index df452b9..7628eee 100644 --- a/magento-phpstan/action.yml +++ b/magento-phpstan/action.yml @@ -19,6 +19,10 @@ inputs: magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' required: false + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: "true" runs: using: 'docker' image: 'docker://extdn/magento-phpstan-action:latest' diff --git a/magento-phpstan/entrypoint.sh b/magento-phpstan/entrypoint.sh index 55f942c..3753eef 100755 --- a/magento-phpstan/entrypoint.sh +++ b/magento-phpstan/entrypoint.sh @@ -4,6 +4,8 @@ set -e test -z "${MODULE_SOURCE}" && MODULE_SOURCE=$INPUT_MODULE_SOURCE test -z "${COMPOSER_NAME}" && COMPOSER_NAME=$INPUT_COMPOSER_NAME test -z "${PHPSTAN_LEVEL}" && PHPSTAN_LEVEL=$INPUT_PHPSTAN_LEVEL +test -z "${BLOCK_INSECURE}" && BLOCK_INSECURE=$INPUT_BLOCK_INSECURE +test -z "${BLOCK_INSECURE}" && BLOCK_INSECURE="true" MAGENTO_ROOT=/var/www/magento2ce test -d "${MAGENTO_ROOT}" || (test -d /var/www/magento2ce && MAGENTO_ROOT=/tmp/m2) @@ -26,6 +28,9 @@ if [ -n "$INPUT_MAGENTO_PRE_INSTALL_SCRIPT" ] && [ -f "${GITHUB_WORKSPACE}"/"$IN . "${GITHUB_WORKSPACE}"/"$INPUT_MAGENTO_PRE_INSTALL_SCRIPT"; fi; +echo "Configure Composer audit.block-insecure" +composer config audit.block-insecure "$BLOCK_INSECURE" + echo "Installing module" COMPOSER_MIRROR_PATH_REPOS=1 composer require $COMPOSER_NAME:@dev --no-interaction --dev || exit diff --git a/magento-quick-integration-tests/action.yml b/magento-quick-integration-tests/action.yml index 2ce4aff..04686dd 100644 --- a/magento-quick-integration-tests/action.yml +++ b/magento-quick-integration-tests/action.yml @@ -24,6 +24,10 @@ inputs: description: 'Relative path to your own PHPUnit file. Leave empty to use the default.' magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://yireo/github-actions-magento-quick-integration-tests:latest' diff --git a/magento-quick-integration-tests/entrypoint.sh b/magento-quick-integration-tests/entrypoint.sh index c4630ad..dcbda77 100755 --- a/magento-quick-integration-tests/entrypoint.sh +++ b/magento-quick-integration-tests/entrypoint.sh @@ -7,10 +7,12 @@ test -z "${MAGENTO_VERSION}" && MAGENTO_VERSION=$INPUT_MAGENTO_VERSION test -z "${MODULE_NAME}" && MODULE_NAME=$INPUT_MODULE_NAME test -z "${MODULE_SOURCE}" && MODULE_SOURCE=$INPUT_MODULE_SOURCE test -z "${PROJECT_NAME}" && PROJECT_NAME=$INPUT_PROJECT_NAME +test -z "${BLOCK_INSECURE}" && BLOCK_INSECURE=$INPUT_BLOCK_INSECURE # Maintain backwards-compatibility with old 'ce_version' input. test -z "${MAGENTO_VERSION}" && MAGENTO_VERSION=$INPUT_CE_VERSION test -z "${MAGENTO_VERSION}" && MAGENTO_VERSION=$CE_VERSION +test -z "${BLOCK_INSECURE}" && BLOCK_INSECURE="true" test -z "${MODULE_NAME}" && (echo "'module_name' is not set in your GitHub Actions YAML file" && exit 1) test -z "${COMPOSER_NAME}" && (echo "'composer_name' is not set in your GitHub Actions YAML file" && exit 1) @@ -54,8 +56,11 @@ if [[ ! -z "$INPUT_MAGENTO_PRE_INSTALL_SCRIPT" && -f "${GITHUB_WORKSPACE}/$INPUT . ${GITHUB_WORKSPACE}/$INPUT_MAGENTO_PRE_INSTALL_SCRIPT fi +echo "Configure Composer audit.block-insecure" +composer config audit.block-insecure "$BLOCK_INSECURE" + echo "Ignore known security advisories" -composer config --json audit.ignore '{"PKSA-z3gr-8qht-p93v": "Ignored for CI", "PKSA-rkkf-636k-qjb3": "Ignored for CI", "PKSA-wws7-mr54-jsny": "Ignored for CI"}' +composer config --json audit.ignore '{"PKSA-z3gr-8qht-p93v": "Ignored for CI", "PKSA-rkkf-636k-qjb3": "Ignored for CI", "PKSA-wws7-mr54-jsny": "Ignored for CI", "PKSA-db8d-773v-rd1n": "Ignored for CI"}' echo "Run installation" COMPOSER_MEMORY_LIMIT=-1 composer install --prefer-dist --no-interaction --no-progress diff --git a/magento-unit-tests/7.3/action.yml b/magento-unit-tests/7.3/action.yml index 07ae918..e4b8df2 100644 --- a/magento-unit-tests/7.3/action.yml +++ b/magento-unit-tests/7.3/action.yml @@ -26,6 +26,10 @@ inputs: description: 'Relative path to your own PHPUnit file. Leave empty to use the default.' magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-unit-tests-action:7.3-latest' diff --git a/magento-unit-tests/7.4/action.yml b/magento-unit-tests/7.4/action.yml index e168c9a..703136f 100644 --- a/magento-unit-tests/7.4/action.yml +++ b/magento-unit-tests/7.4/action.yml @@ -26,6 +26,10 @@ inputs: description: 'Relative path to your own PHPUnit file. Leave empty to use the default.' magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-unit-tests-action:7.4-latest' diff --git a/magento-unit-tests/8.1/action.yml b/magento-unit-tests/8.1/action.yml index 4d23003..761884f 100644 --- a/magento-unit-tests/8.1/action.yml +++ b/magento-unit-tests/8.1/action.yml @@ -26,6 +26,10 @@ inputs: description: 'Relative path to your own PHPUnit file. Leave empty to use the default.' magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-unit-tests-action:8.1-latest' diff --git a/magento-unit-tests/8.2/action.yml b/magento-unit-tests/8.2/action.yml index 0d8629e..bfb03ca 100644 --- a/magento-unit-tests/8.2/action.yml +++ b/magento-unit-tests/8.2/action.yml @@ -26,6 +26,10 @@ inputs: description: 'Relative path to your own PHPUnit file. Leave empty to use the default.' magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-unit-tests-action:8.2-latest' diff --git a/magento-unit-tests/8.3/action.yml b/magento-unit-tests/8.3/action.yml index 1eca46e..c1b771f 100644 --- a/magento-unit-tests/8.3/action.yml +++ b/magento-unit-tests/8.3/action.yml @@ -26,6 +26,10 @@ inputs: description: 'Relative path to your own PHPUnit file. Leave empty to use the default.' magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-unit-tests-action:8.3-latest' diff --git a/magento-unit-tests/8.4/action.yml b/magento-unit-tests/8.4/action.yml index 0dbbc56..ceef277 100644 --- a/magento-unit-tests/8.4/action.yml +++ b/magento-unit-tests/8.4/action.yml @@ -26,6 +26,10 @@ inputs: description: 'Relative path to your own PHPUnit file. Leave empty to use the default.' magento_pre_install_script: description: 'Relative path to an optional script before Magento installation is run. Leave empty to use the default.' + block_insecure: + description: 'Whether Composer should block insecure packages during audit. Set to false to allow insecure packages.' + required: false + default: 'true' runs: using: 'docker' image: 'docker://extdn/magento-unit-tests-action:8.4-latest' diff --git a/magento-unit-tests/entrypoint.sh b/magento-unit-tests/entrypoint.sh index bcc3768..1ed674d 100755 --- a/magento-unit-tests/entrypoint.sh +++ b/magento-unit-tests/entrypoint.sh @@ -8,9 +8,11 @@ test -z "${COMPOSER_NAME}" && COMPOSER_NAME=$INPUT_COMPOSER_NAME test -z "${MAGENTO_VERSION}" && MAGENTO_VERSION=$INPUT_MAGENTO_VERSION test -z "${PROJECT_NAME}" && PROJECT_NAME=$INPUT_PROJECT_NAME test -z "${PHPUNIT_FILE}" && PHPUNIT_FILE=$INPUT_PHPUNIT_FILE +test -z "${BLOCK_INSECURE}" && BLOCK_INSECURE=$INPUT_BLOCK_INSECURE test -z "$MAGENTO_VERSION" && MAGENTO_VERSION="2.4.4" test -z "$PROJECT_NAME" && PROJECT_NAME="magento/project-community-edition" +test -z "${BLOCK_INSECURE}" && BLOCK_INSECURE="true" test -z "${MODULE_NAME}" && (echo "'module_name' is not set" && exit 1) test -z "${COMPOSER_NAME}" && (echo "'composer_name' is not set" && exit 1) @@ -50,8 +52,11 @@ fi echo "Allow composer plugins" composer config --no-plugins allow-plugins true +echo "Configure Composer audit.block-insecure" +composer config audit.block-insecure "$BLOCK_INSECURE" + echo "Ignore known security advisories" -composer config --json audit.ignore '{"PKSA-z3gr-8qht-p93v": "Ignored for CI", "PKSA-rkkf-636k-qjb3": "Ignored for CI", "PKSA-wws7-mr54-jsny": "Ignored for CI"}' +composer config --json audit.ignore '{"PKSA-z3gr-8qht-p93v": "Ignored for CI", "PKSA-rkkf-636k-qjb3": "Ignored for CI", "PKSA-wws7-mr54-jsny": "Ignored for CI", "PKSA-db8d-773v-rd1n": "Ignored for CI"}' echo "Run installation" COMPOSER_MEMORY_LIMIT=-1 composer install --prefer-dist --no-interaction --no-progress