VendorHardeningPlugin
class VendorHardeningPlugin implements PluginInterface, EventSubscriberInterface (View source)
| internal |
A Composer plugin to clean out your project's vendor directory.
This plugin will remove directory paths within installed packages. You might use this in order to mitigate the security risks of having your vendor directory within an HTTP server's docroot.
Properties
| protected Composer | $composer | Composer object. |
|
| protected IOInterface | $io | IO object. |
|
| protected Config | $config | Configuration. | |
| protected string[] | $packagesAlreadyCleaned | List of projects already cleaned. |
Methods
{@inheritdoc}
{@inheritdoc}
{@inheritdoc}
{@inheritdoc}
POST_AUTOLOAD_DUMP event handler.
POST_UPDATE_CMD and POST_INSTALL_CMD event handler.
PRE_PACKAGE_INSTALL event handler.
PRE_PACKAGE_UPDATE event handler.
POST_PACKAGE_INSTALL event handler.
POST_PACKAGE_UPDATE event handler.
Remove bin config for packages that would have the bin file removed.
Find bin files which are inside cleanup directories.
Gets a list of all installed packages from Composer.
Gets the installed path for a package.
Clean all configured packages.
Clean a single package.
Clean the installed directories for a named package.
Place .htaccess and web.config files into the vendor directory.
Details
activate(Composer $composer, IOInterface $io)
{@inheritdoc}
deactivate(Composer $composer, IOInterface $io)
{@inheritdoc}
uninstall(Composer $composer, IOInterface $io)
{@inheritdoc}
static
getSubscribedEvents()
{@inheritdoc}
onPostAutoloadDump(Event $event)
POST_AUTOLOAD_DUMP event handler.
onPostCmd(Event $event)
POST_UPDATE_CMD and POST_INSTALL_CMD event handler.
onPrePackageInstall(PackageEvent $event)
PRE_PACKAGE_INSTALL event handler.
onPrePackageUpdate(PackageEvent $event)
PRE_PACKAGE_UPDATE event handler.
onPostPackageInstall(PackageEvent $event)
POST_PACKAGE_INSTALL event handler.
onPostPackageUpdate(PackageEvent $event)
POST_PACKAGE_UPDATE event handler.
protected
removeBinBeforeCleanup(BasePackage $package)
Remove bin config for packages that would have the bin file removed.
Where the configured bin files are in the directories to be removed, remove the bin config.
protected string[]
findBinOverlap(string[] $binaries, string[] $clean_paths)
Find bin files which are inside cleanup directories.
protected PackageInterface[]
getInstalledPackages()
Gets a list of all installed packages from Composer.
protected string
getInstallPathForPackage(PackageInterface $package)
Gets the installed path for a package.
cleanAllPackages()
Clean all configured packages.
This applies in the context of a post-command event.
cleanPackage(PackageInterface $package)
Clean a single package.
This applies in the context of a package post-install or post-update event.
protected
cleanPathsForPackage(PackageInterface $package, string $paths_for_package)
Clean the installed directories for a named package.
writeAccessRestrictionFiles(string $vendor_dir)
Place .htaccess and web.config files into the vendor directory.