diff --git a/README.md b/README.md index 2ef098cb..2dcac3c9 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,7 @@ It has been extracted as a separate project to make maintenance easier and enabl * ecs - [Sets up and runs coding standard checks](https://github.com/Symplify/EasyCodingStandard) * infection - [AST based PHP Mutation Testing Framework](https://infection.github.io/) * larastan - [PHPStan extension for Laravel](https://github.com/nunomaduro/larastan) +* local-php-security-checker - [Checks composer dependencies for known security vulnerabilities](https://github.com/fabpot/local-php-security-checker) * parallel-lint - [Checks PHP file syntax](https://github.com/JakubOnderka/PHP-Parallel-Lint) * paratest - [Parallel testing for PHPUnit](https://github.com/paratestphp/paratest) * pdepend - [Static Analysis Tool](https://pdepend.org/) @@ -77,7 +78,6 @@ It has been extracted as a separate project to make maintenance easier and enabl * psecio-parse - [Scans code for potential security-related issues](https://github.com/psecio/parse) * rector - [Tool for instant code upgrades and refactoring](https://github.com/rectorphp/rector) * roave-backward-compatibility-check - [Tool to compare two revisions of a class API to check for BC breaks](https://github.com/Roave/BackwardCompatibilityCheck) -* security-checker - [Checks composer dependencies for known security vulnerabilities](https://github.com/sensiolabs/security-checker) * simple-phpunit - [Provides utilities to report legacy tests and usage of deprecated code](https://symfony.com/doc/current/components/phpunit_bridge.html) * twig-lint - [Standalone twig linter](https://github.com/asm89/twig-lint) * twigcs - [The missing checkstyle for twig!](https://github.com/friendsoftwig/twigcs) @@ -88,8 +88,9 @@ It has been extracted as a separate project to make maintenance easier and enabl * composer-normalize - [Composer plugin to normalize composer.json files](https://github.com/localheinz/composer-normalize) * design-pattern - [Detects design patterns](https://github.com/Halleck45/DesignPatternDetector) * phpcf - [Finds usage of deprecated features](http://wapmorgan.github.io/PhpCodeFixer/) -* testability - [Analyses and reports testability issues of a php codebase](https://github.com/edsonmedina/php_testability) * phpstan-localheinz-rules - [Additional rules for PHPstan](https://github.com/localheinz/phpstan-rules) +* security-checker - [Checks composer dependencies for known security vulnerabilities](https://github.com/sensiolabs/security-checker) +* testability - [Analyses and reports testability issues of a php codebase](https://github.com/edsonmedina/php_testability) ## Installation diff --git a/resources/security.json b/resources/security.json index d4bae735..aa7c53b1 100644 --- a/resources/security.json +++ b/resources/security.json @@ -15,16 +15,19 @@ "tags": ["security"] }, { - "name": "security-checker", + "name": "local-php-security-checker", "summary": "Checks composer dependencies for known security vulnerabilities", - "website": "https://github.com/sensiolabs/security-checker", + "website": "https://github.com/fabpot/local-php-security-checker", "command": { - "phar-download": { - "phar": "http://get.sensiolabs.org/security-checker.phar", - "bin": "%target-dir%/security-checker" + "file-download": { + "url": "https://github.com/fabpot/local-php-security-checker/releases/download/v1.0.0/local-php-security-checker_1.0.0_linux_amd64", + "file": "%target-dir%/local-php-security-checker" + }, + "sh": { + "command": "chmod +x %target-dir%/local-php-security-checker" } }, - "test": "security-checker", + "test": "local-php-security-checker --help", "tags": ["featured", "security"] } ] diff --git a/src/UseCase/InstallTools.php b/src/UseCase/InstallTools.php index ebacb2c0..fbf1bb4b 100644 --- a/src/UseCase/InstallTools.php +++ b/src/UseCase/InstallTools.php @@ -10,6 +10,7 @@ use Zalas\Toolbox\Tool\Command\ComposerGlobalInstallCommand; use Zalas\Toolbox\Tool\Command\ComposerGlobalMultiInstallCommand; use Zalas\Toolbox\Tool\Command\ComposerInstallCommand; +use Zalas\Toolbox\Tool\Command\FileDownloadCommand; use Zalas\Toolbox\Tool\Command\MultiStepCommand; use Zalas\Toolbox\Tool\Command\OptimisedComposerBinPluginCommand; use Zalas\Toolbox\Tool\Command\PharDownloadCommand; @@ -38,6 +39,7 @@ public function __invoke(Filter $filter): Command return new MultiStepCommand( $installationCommands ->merge($commandFilter(ShCommand::class)) + ->merge($commandFilter(FileDownloadCommand::class)) ->merge($commandFilter(PharDownloadCommand::class)) ->merge($commandFilter(MultiStepCommand::class)) ->merge($this->groupComposerGlobalInstallCommands($commandFilter(ComposerGlobalInstallCommand::class))) diff --git a/tests/UseCase/InstallToolsTest.php b/tests/UseCase/InstallToolsTest.php index 9803cee0..848483c9 100644 --- a/tests/UseCase/InstallToolsTest.php +++ b/tests/UseCase/InstallToolsTest.php @@ -12,6 +12,7 @@ use Zalas\Toolbox\Tool\Command\ComposerBinPluginCommand; use Zalas\Toolbox\Tool\Command\ComposerGlobalInstallCommand; use Zalas\Toolbox\Tool\Command\ComposerInstallCommand; +use Zalas\Toolbox\Tool\Command\FileDownloadCommand; use Zalas\Toolbox\Tool\Command\MultiStepCommand; use Zalas\Toolbox\Tool\Command\PharDownloadCommand; use Zalas\Toolbox\Tool\Command\ShCommand; @@ -158,6 +159,17 @@ public function test_it_includes_phar_download_commands() $this->assertMatchesRegularExpression('#curl[^&]*?deptrac-0.2.0.phar#', (string)$command); } + public function test_it_includes_file_download_commands() + { + $this->tools->all(Argument::type(Filter::class))->willReturn(Collection::create([ + $this->tool(new FileDownloadCommand('https://github.com/fabpot/local-php-security-checker/releases/download/v1.0.0/local-php-security-checker_1.0.0_linux_amd64', '/tools/security-checker')), + ])); + + $command = $this->useCase->__invoke($this->filter()); + + $this->assertMatchesRegularExpression('#curl[^&]*?local-php-security-checker_1.0.0_linux_amd64#', (string)$command); + } + private function filter(): Filter { return new Filter([], []);