Add allow-list config option to securitychecker_enlightn

phpro · Nov 19, 2022 · a93d611 · a93d611
1 parent 33449e8
commit a93d611
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 0 deletions.
diff --git a/src/Task/SecurityChecker.php b/src/Task/SecurityChecker.php
@@ -22,13 +22,15 @@ public static function getConfigurableOptions(): OptionsResolver
  'end_point' => null,
  'timeout' => null,
  'run_always' => false,
+ 'allow-list' => [],
  ]);
 
  $resolver->addAllowedTypes('lockfile', ['string']);
  $resolver->addAllowedTypes('format', ['null', 'string']);
  $resolver->addAllowedTypes('end_point', ['null', 'string']);
  $resolver->addAllowedTypes('timeout', ['null', 'int']);
  $resolver->addAllowedTypes('run_always', ['bool']);
+ $resolver->addAllowedTypes('allow-list', ['array']);
 
  return $resolver;
  }

diff --git a/src/Task/SecurityCheckerEnlightn.php b/src/Task/SecurityCheckerEnlightn.php
@@ -19,10 +19,12 @@ public static function getConfigurableOptions(): OptionsResolver
  $resolver->setDefaults([
  'lockfile' => './composer.lock',
  'run_always' => false,
+ 'allow-list' => []
  ]);
 
  $resolver->addAllowedTypes('lockfile', ['string']);
  $resolver->addAllowedTypes('run_always', ['bool']);
+ $resolver->addAllowedTypes('allow-list', ['array']);
 
  return $resolver;
  }
@@ -45,6 +47,9 @@ public function run(ContextInterface $context): TaskResultInterface
  $arguments = $this->processBuilder->createArgumentsForCommand('security-checker');
  $arguments->add('security:check');
  $arguments->addOptionalArgument('%s', $config['lockfile']);
+ foreach ($config['allow-list'] as $cve) {
+ $arguments->addOptionalArgument('--allow-list=%s', $cve);
+ }
 
  $process = $this->processBuilder->buildProcess($arguments);
  $process->run();

diff --git a/test/Unit/Task/SecurityCheckerEnlightnTest.php b/test/Unit/Task/SecurityCheckerEnlightnTest.php
@@ -27,6 +27,7 @@ public function provideConfigurableOptions(): iterable
  [
  'lockfile' => './composer.lock',
  'run_always' => false,
+ 'allow-list' => [],
  ]
  ];
  }