Fix Composer autoloader being hijackable by script/plugin event handlers#11955
Fix Composer autoloader being hijackable by script/plugin event handlers#11955Seldaek merged 2 commits intocomposer:mainfrom
Conversation
73c3a9c to
8db5678
Compare
|
Thanks, looks good. On my case it worked with in_array without the hash, but perhapt not for all possible options. I guess it makes sense to re-add the classloaders again at the end, but wouldn't that still make it possible to effect other scripts (eg multiple scripts running after each other)? Smart to check once we reach the end, not sure if an old === new compare would work to avoid the rest of the checks altogether, but that might be micro optimisation. |
|
Yes the normalization into strings is probably overkill, i mostly added this to be able to inspect better what was going on then just left it because it doesn't really hurt. And re-adding at the end is needed for BC i think, otherwise a script like laravel's where you have a post-autoload-dump and a post-install-cmd both running when you do na install.. The second one would run without autoloader which probably would end bad. |
|
Ah yes, makes sense. |
Fixes #11940
Closes #11948