summaryrefslogtreecommitdiffstats
path: root/php-sensiolabs-security-checker.spec
blob: ab8a41b2445df9c7113a53519750dd228c684617 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
# remirepo/fedora spec file for php-sensiolabs-security-checker
#
# Copyright (c) 2019 Remi Collet
# License: CC-BY-SA
# http://creativecommons.org/licenses/by-sa/4.0/
#
# Please, preserve the changelog entries
#
# Github
%global gh_commit    a576c01520d9761901f269c4934ba55448be4a54
%global gh_short     %(c=%{gh_commit}; echo ${c:0:7})
%global gh_owner     sensiolabs
%global gh_project   security-checker
# Packagist
%global pk_vendor    %{gh_owner}
%global pk_name      %{gh_project}
# PSR-0 namespace
%global ns_vendor    SensioLabs
%global ns_project   Security

Name:           php-%{pk_vendor}-%{pk_name}
Version:        6.0.3
Release:        1%{?dist}
Summary:        A security checker for your composer.lock

License:        MIT
URL:            https://github.com/%{gh_owner}/%{gh_project}
Source0:        https://github.com/%{gh_owner}/%{gh_project}/archive/%{gh_commit}/%{name}-%{version}-%{gh_short}.tar.gz

# Fix autoloader path
Patch0:         %{name}-rpm.patch

BuildArch:      noarch
# Autoloader
BuildRequires:  php-fedora-autoloader-devel
# For check
BuildRequires:  php(language) >= 7.1.3
BuildRequires:  php-json
BuildRequires:  php-pcre
BuildRequires:  php-spl
BuildRequires:  php-cli
# remirepo:1
%if 0%{?fedora} >= 27 || 0%{?rhel} >= 8
BuildRequires: (php-composer(symfony/console)     >= 4.3   with php-composer(symfony/console)     < 6)
BuildRequires: (php-composer(symfony/http-client) >= 4.3   with php-composer(symfony/http-client) < 6)
BuildRequires: (php-composer(symfony/mime)        >= 4.3   with php-composer(symfony/mime)        < 6)
# remirepo:5
%else
BuildRequires:  php-symfony3-console     > 4.3
BuildRequires:  php-symfony4-http-client > 4.3
BuildRequires:  php-symfony4-mime        > 4.3
%endif

# From composer.json, "require": {
#        "php": ">=7.1.3",
#        "symfony/console": "^2.8|^3.4|^4.2|^5.0",
#        "symfony/http-client": "^4.3|^5.0",
#        "symfony/mime": "^4.3|^5.0",
#        "symfony/polyfill-ctype": "^1.11"
Requires:       php(language) >= 7.1.3
# remirepo:1
%if 0%{?fedora} >= 27 || 0%{?rhel} >= 8
Requires:      (php-composer(symfony/console)     >= 4.3   with php-composer(symfony/console)     < 6)
Requires:      (php-composer(symfony/http-client) >= 4.3   with php-composer(symfony/http-client) < 6)
Requires:      (php-composer(symfony/mime)        >= 4.3   with php-composer(symfony/mime)        < 6)
# remirepo:5
%else
Requires:       php-symfony4-console     > 4.3
Requires:       php-symfony4-http-client > 4.3
Requires:       php-symfony4-mime        > 4.3
%endif

# From phpcompatifo report for 5.0.3
Requires:       php-json
Requires:       php-pcre
Requires:       php-spl
# Autoloader
Requires:       php-composer(fedora/autoloader)

Provides:       php-composer(%{pk_vendor}/%{pk_name}) = %{version}


%description
The SensioLabs Security Checker is a command line tool that checks if your
application uses dependencies with known security vulnerabilities. It uses
the Security Check Web service and the Security Advisories Database.

Autoloader: %{_datadir}/php/%{ns_vendor}/%{ns_project}/autoload.php


%prep
%setup -q -n %{gh_project}-%{gh_commit}
%patch0 -p1 -b .rpm


%build
: Generate a simple autoloader
%{_bindir}/phpab -t fedora -o %{ns_vendor}/%{ns_project}/autoload.php %{ns_vendor}/%{ns_project}

cat << 'EOF' | tee -a %{ns_vendor}/%{ns_project}/autoload.php
\Fedora\Autoloader\Dependencies::required([
    [
        '%{_datadir}/php/Symfony5/Component/Console/autoload.php',
        '%{_datadir}/php/Symfony4/Component/Console/autoload.php',
    ],
    [
        '%{_datadir}/php/Symfony5/Component/HttpClient/autoload.php',
        '%{_datadir}/php/Symfony4/Component/HttpClient/autoload.php',
    ],
    [
        '%{_datadir}/php/Symfony5/Component/Mime/autoload.php',
        '%{_datadir}/php/Symfony4/Component/Mime/autoload.php',
    ],
]);
EOF



%install
mkdir -p            %{buildroot}%{_datadir}/php
cp -pr %{ns_vendor} %{buildroot}%{_datadir}/php/%{ns_vendor}

install -Dpm 755 security-checker %{buildroot}%{_bindir}/%{name}


%check
: Ensure our autoloader is ok.
sed -e 's:%{_datadir}:%{buildroot}%{_datadir}:' security-checker >test
%{_bindir}/php test --version


%files
# remirepo:1
%{!?_licensedir:%global license %%doc}
%license LICENSE
%doc *.md
%doc composer.json
%{_datadir}/php/%{ns_vendor}
%{_bindir}/%{name}


%changelog
* Mon Nov 25 2019 Remi Collet <remi@remirepo.net> - 6.0.3-1
- update to 6.0.3
- raise dependency on PHP 7.1
- raise dependency on Symfony version 4.3 and allow version 5
- drop dependency on composer/ca-bundle

* Thu Jan  3 2019 Remi Collet <remi@remirepo.net> - 5.0.3-1
- initial package, version 5.0.3