Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
php-composer2.30901
php-composer2.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-composer2.spec of Package php-composer2.30901
# # spec file for package php-composer2 # # Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: php-composer2 Version: 2.2.3 Release: 0 Summary: Dependency Management for PHP License: MIT Group: Development/Libraries/Other URL: https://getcomposer.org/ Source0: https://getcomposer.org/download/%{version}/composer.phar # CVE-2022-24828 [bsc#1198494], Code injection vulnerability Patch0: php-composer2-CVE-2022-24828.patch # CVE-2023-43655 [bsc#1215859], Remote Code Execution via web-accessible composer.phar Patch1: php-composer2-CVE-2023-43655.patch Requires: php-curl Requires: php-json Requires: php-mbstring Requires: php-openssl Requires: php-phar Requires: php-zip Requires: php-zlib Requires(post): update-alternatives Requires(postun):update-alternatives Provides: composer = %{version} Provides: php-composer = %{version} Provides: php5-composer = %{version} Provides: php7-composer = %{version} Obsoletes: php-composer < %{version} BuildArch: noarch %if 0%{?sles_version} >= 10 BuildRequires: php53 >= 5.3.2 Requires: php53 >= 5.3.2 %else BuildRequires: php >= 5.3.2 Requires: php >= 5.3.2 %endif BuildRequires: php8-phar %description Composer is a dependency manager tracking local dependencies of your projects and libraries. %prep %setup -q -c -T mkdir SRC && cd SRC cp %{SOURCE0} . phar extract -f composer.phar # 1. patch files patch -p1 < %{PATCH0} patch -p1 < %{PATCH1} echo 'phar.readonly=Off' > ../php.ini # 2. add patched files into the phar PHPRC=../php.ini phar add -f composer.phar $(grep '+++' $(dirname %{PATCH0})/*.patch | sed -e 's:.*b/::' -e 's:\s.*::') cd .. %build %install # Install compiled phar file install -d -m 0750 %{buildroot}%{_bindir} install -m 0755 SRC/composer.phar %{buildroot}%{_bindir}/composer2 # Create a dummy target for /etc/alternatives/composer mkdir -p %{buildroot}%{_sysconfdir}/alternatives ln -s -f %{_sysconfdir}/alternatives/composer %{buildroot}%{_bindir}/composer %post update-alternatives --install \ %{_bindir}/composer composer %{_bindir}/composer2 2 %postun if [ ! -f %{_bindir}/composer2 ] ; then update-alternatives --remove composer %{_bindir}/composer2 fi %files %license SRC/LICENSE %defattr(-,root,root,0755) %{_bindir}/composer %{_bindir}/composer2 %ghost %_sysconfdir/alternatives/composer %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor