Merge pull request #1164 from luckyraul/composer_audit_abandoned

veewee · web-flow · commit 301863679d9e · 2024-12-12T15:02:29.000+01:00
Add composer audit abandoned behavior
diff --git a/doc/tasks/securitychecker/composeraudit.md b/doc/tasks/securitychecker/composeraudit.md
@@ -11,13 +11,20 @@ The task lives under the `securitychecker_composeraudit` namespace and has the f
 grumphp:
     tasks:
         securitychecker_composeraudit:
+            abandoned: null
             format: null
             locked: true
             no_dev: false
             run_always: false
             working_dir: null
 ```
 
+**abandoned**
+
+*Default: null*
+
+You can choose the behavior on abandoned packages. The available options are `ignore`, `report` and `fail`. By default, grumphp will use the `fail` behavior.
+
 **format**
 
 *Default: null*
diff --git a/src/Task/SecurityCheckerComposeraudit.php b/src/Task/SecurityCheckerComposeraudit.php
@@ -22,13 +22,15 @@ public static function getConfigurableOptions(): ConfigOptionsResolver
     {
         $resolver = new OptionsResolver();
         $resolver->setDefaults([
+            'abandoned' => null,
             'format' => null,
             'locked' => true,
             'no_dev' => false,
             'run_always' => false,
             'working_dir' => null,
         ]);
 
+        $resolver->addAllowedTypes('abandoned', ['null', 'string']);
         $resolver->addAllowedTypes('format', ['null', 'string']);
         $resolver->addAllowedTypes('locked', ['bool']);
         $resolver->addAllowedTypes('no_dev', ['bool']);
@@ -55,6 +57,7 @@ public function run(ContextInterface $context): TaskResultInterface
 
         $arguments = $this->processBuilder->createArgumentsForCommand('composer');
         $arguments->add('audit');
+        $arguments->addOptionalArgument('--abandoned=%s', $config['abandoned']);
         $arguments->addOptionalArgument('--format=%s', $config['format']);
         $arguments->addOptionalArgument('--locked', $config['locked']);
         $arguments->addOptionalArgument('--no-dev', $config['no_dev']);
diff --git a/test/Unit/Task/SecurityCheckerComposerauditTest.php b/test/Unit/Task/SecurityCheckerComposerauditTest.php
@@ -25,6 +25,7 @@ public function provideConfigurableOptions(): iterable
         yield 'defaults' => [
             [],
             [
+                'abandoned' => null,
                 'format' => null,
                 'locked' => true,
                 'no_dev' => false,
@@ -148,6 +149,19 @@ public function provideExternalTaskRuns(): iterable
             ]
         ];
 
+        yield 'abandoned' => [
+            [
+                'abandoned' => 'ignore',
+            ],
+            $this->mockContext(RunContext::class, ['composer.lock']),
+            'composer',
+            [
+                'audit',
+                '--abandoned=ignore',
+                '--locked',
+            ]
+        ];
+
         yield 'working-dir' => [
             [
                 'working_dir' => 'dir',
