Skip to content

Commit b658e1b

Browse files
Merge pull request #45 from youwe-petervanderwal/feat/security-checker-allow-list
feat: add an allow list to security checker
2 parents e319a78 + 1781bc5 commit b658e1b

File tree

6 files changed

+17
-2
lines changed

6 files changed

+17
-2
lines changed

CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
1717
- Migration docs for migration from v2 to v3 of the testing suite.
1818
- Option to use PHP CS Fixer instead of PHPCS
1919
- Pimcore coding standards with [PER coding standards](https://www.php-fig.org/per/coding-style/)
20+
- Added support for an Allow List within the Security Checker.
2021

2122
### Changed
2223
- [BREAKING] The composer.json configurations `config.youwe-testing-suite.type` and `config.mediact-testing-suite.type`

composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@
3232
"php-cs-fixer/shim": "@stable",
3333
"php-parallel-lint/php-parallel-lint": "^1.4",
3434
"phpmd/phpmd": "^2.15",
35-
"phpro/grumphp-shim": "^2.12",
35+
"phpro/grumphp-shim": "^2.15",
3636
"phpstan/phpstan": "@stable",
3737
"squizlabs/php_codesniffer": "^3.12.0",
3838
"youwe/composer-dependency-installer": "^2.0",

config/default/grumphp.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,7 @@ parameters:
5151

5252
securitychecker.lockfile: ./composer.lock
5353
securitychecker.run_always: true
54+
securitychecker.allow_list: []
5455

5556
git_blacklist.keywords:
5657
- "die("
@@ -149,3 +150,4 @@ grumphp:
149150
securitychecker_enlightn:
150151
lockfile: '%securitychecker.lockfile%'
151152
run_always: '%securitychecker.run_always%'
153+
allow_list: '%securitychecker.allow_list%'

config/drupal/grumphp.yml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,4 +3,8 @@ imports:
33

44
# Extend git triggers with common Drupal constructs
55
parameters:
6-
git_blacklist.triggered_by: [ 'php', 'js', 'twig' ]
6+
git_blacklist.triggered_by: [ 'php', 'js', 'twig' ]
7+
8+
# securitychecker.allow_list:
9+
# - CVE-2002-0121 # Add a jira ticket indicating when this vulnerability will be fixed (update/upgrade will be
10+
# performed). Within that ticket explain this (new) vulnerability.

config/magento2/grumphp.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,3 +17,7 @@ parameters:
1717
- "<?php echo"
1818
- "Magento\\\\Framework\\\\App\\\\ObjectManager"
1919
git_blacklist.triggered_by: [ 'php', 'js', 'phtml' ]
20+
21+
# securitychecker.allow_list:
22+
# - CVE-2002-0121 # Add a jira ticket indicating when this vulnerability will be fixed (update/upgrade will be
23+
# performed). Within that ticket explain this (new) vulnerability.

config/pimcore/grumphp.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,3 +8,7 @@ parameters:
88
# Disable PHPCS (which is enabled by default) in favour of PHP CS Fixer
99
phpcs.enabled: false
1010
phpcsfixer.enabled: true
11+
12+
# securitychecker.allow_list:
13+
# - CVE-2002-0121 # Add a jira ticket indicating when this vulnerability will be fixed (update/upgrade will be
14+
# performed). Within that ticket explain this (new) vulnerability.

0 commit comments

Comments
 (0)