From 07f4a47b3f6020fe00209caf57e134ea86ba972e Mon Sep 17 00:00:00 2001 From: Stephan Vock Date: Wed, 19 Jan 2022 10:19:36 +0000 Subject: [PATCH 1/4] ArrayLoader: handle non string values for version/version_normalized --- src/Composer/Package/Loader/ArrayLoader.php | 6 +++--- .../Composer/Test/Package/Loader/ArrayLoaderTest.php | 11 +++++++++++ 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/src/Composer/Package/Loader/ArrayLoader.php b/src/Composer/Package/Loader/ArrayLoader.php index f7f677e1b5cd..f0cdaeaeba55 100644 --- a/src/Composer/Package/Loader/ArrayLoader.php +++ b/src/Composer/Package/Loader/ArrayLoader.php @@ -113,12 +113,12 @@ private function createObject(array $config, $class) if (!isset($config['name'])) { throw new \UnexpectedValueException('Unknown package has no name defined ('.json_encode($config).').'); } - if (!isset($config['version'])) { + if (!isset($config['version']) || !is_scalar($config['version'])) { throw new \UnexpectedValueException('Package '.$config['name'].' has no version defined.'); } // handle already normalized versions - if (isset($config['version_normalized'])) { + if (isset($config['version_normalized']) && is_string($config['version_normalized'])) { $version = $config['version_normalized']; // handling of existing repos which need to remain composer v1 compatible, in case the version_normalized contained VersionParser::DEFAULT_BRANCH_ALIAS, we renormalize it @@ -129,7 +129,7 @@ private function createObject(array $config, $class) $version = $this->versionParser->normalize($config['version']); } - return new $class($config['name'], $version, $config['version']); + return new $class($config['name'], $version, (string) $config['version']); } /** diff --git a/tests/Composer/Test/Package/Loader/ArrayLoaderTest.php b/tests/Composer/Test/Package/Loader/ArrayLoaderTest.php index 829fc633edd6..d1f42d11b300 100644 --- a/tests/Composer/Test/Package/Loader/ArrayLoaderTest.php +++ b/tests/Composer/Test/Package/Loader/ArrayLoaderTest.php @@ -314,4 +314,15 @@ public function testPluginApiVersionDoesSupportSelfVersion() $this->assertArrayHasKey('composer-plugin-api', $links); $this->assertSame('6.6.6', $links['composer-plugin-api']->getConstraint()->getPrettyString()); } + + public function testNoneStringVersion() + { + $config = array( + 'name' => 'acme/package', + 'version' => 1, + ); + + $package = $this->loader->load($config); + $this->assertSame('1', $package->getPrettyVersion()); + } } From 22ff0f64b8d36e16256c6b4d9e1fde12100fdb93 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Fri, 21 Jan 2022 13:01:23 +0100 Subject: [PATCH 2/4] Ensure the version is always a string as soon as possible --- src/Composer/Package/Loader/ArrayLoader.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/Composer/Package/Loader/ArrayLoader.php b/src/Composer/Package/Loader/ArrayLoader.php index f0cdaeaeba55..bc4a14139d2b 100644 --- a/src/Composer/Package/Loader/ArrayLoader.php +++ b/src/Composer/Package/Loader/ArrayLoader.php @@ -116,6 +116,9 @@ private function createObject(array $config, $class) if (!isset($config['version']) || !is_scalar($config['version'])) { throw new \UnexpectedValueException('Package '.$config['name'].' has no version defined.'); } + if (!is_string($config['version'])) { + $config['version'] = (string) $config['version']; + } // handle already normalized versions if (isset($config['version_normalized']) && is_string($config['version_normalized'])) { @@ -129,7 +132,7 @@ private function createObject(array $config, $class) $version = $this->versionParser->normalize($config['version']); } - return new $class($config['name'], $version, (string) $config['version']); + return new $class($config['name'], $version, $config['version']); } /** From d21c1f7015c82f53ab8db5f9e0edddf76d8faf63 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Fri, 21 Jan 2022 13:04:02 +0100 Subject: [PATCH 3/4] Validate that version is a scalar in validating array loader --- .../Package/Loader/ValidatingArrayLoader.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/src/Composer/Package/Loader/ValidatingArrayLoader.php b/src/Composer/Package/Loader/ValidatingArrayLoader.php index 3b180139db39..36d632d78519 100644 --- a/src/Composer/Package/Loader/ValidatingArrayLoader.php +++ b/src/Composer/Package/Loader/ValidatingArrayLoader.php @@ -71,11 +71,15 @@ public function load(array $config, $class = 'Composer\Package\CompletePackage') } if (!empty($this->config['version'])) { - try { - $this->versionParser->normalize($this->config['version']); - } catch (\Exception $e) { - $this->errors[] = 'version : invalid value ('.$this->config['version'].'): '.$e->getMessage(); - unset($this->config['version']); + if (!is_scalar($this->config['version'])) { + $this->validateString('version'); + } else { + try { + $this->versionParser->normalize($this->config['version']); + } catch (\Exception $e) { + $this->errors[] = 'version : invalid value ('.$this->config['version'].'): '.$e->getMessage(); + unset($this->config['version']); + } } } From 4eec9ad6e9f554714081d6752585adf0e8185157 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Fri, 21 Jan 2022 13:05:13 +0100 Subject: [PATCH 4/4] Also cast ASAP in validating array loader --- src/Composer/Package/Loader/ValidatingArrayLoader.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/Composer/Package/Loader/ValidatingArrayLoader.php b/src/Composer/Package/Loader/ValidatingArrayLoader.php index 36d632d78519..7fb2c3b793ee 100644 --- a/src/Composer/Package/Loader/ValidatingArrayLoader.php +++ b/src/Composer/Package/Loader/ValidatingArrayLoader.php @@ -74,6 +74,9 @@ public function load(array $config, $class = 'Composer\Package\CompletePackage') if (!is_scalar($this->config['version'])) { $this->validateString('version'); } else { + if (!is_string($this->config['version'])) { + $this->config['version'] = (string) $this->config['version']; + } try { $this->versionParser->normalize($this->config['version']); } catch (\Exception $e) {