Merge pull request #15 from magehost/feature-composerfile-option

Feature: specify path to composer.lock

Author: sbuzonas

.gitignore

@@ -1 +1,2 @@
+/.idea/
 /vendor/

src/Checker/HttpChecker.php

@@ -8,12 +8,12 @@ abstract class HttpChecker extends BaseChecker implements HttpCheckerInterface
 {
 
     protected $endpoint = HttpCheckerInterface::DEFAULT_ENDPOINT;
-    protected $timeout = 20;
+    protected $timeout = HttpCheckerInterface::DEFAULT_TIMEOUT;
 
     /**
      * {@inheritdoc}
      */
-    public function setTimeout($tiemout)
+    public function setTimeout($timeout)
     {
         $this->timeout = $timeout;
     }

src/Checker/HttpCheckerInterface.php

@@ -6,6 +6,7 @@ interface HttpCheckerInterface extends CheckerInterface
 {
 
     const DEFAULT_ENDPOINT = 'https://security.sensiolabs.org/check_lock';
+    const DEFAULT_TIMEOUT = 20;
 
     /**
      * Sets the HTTP timeout in seconds

src/Command/AuditCommand.php

@@ -5,6 +5,7 @@
 use Composer\Factory;
 use Composer\Command\BaseCommand;
 use FancyGuy\Composer\SecurityCheck\Checker\DefaultChecker;
+use FancyGuy\Composer\SecurityCheck\Checker\HttpCheckerInterface;
 use FancyGuy\Composer\SecurityCheck\Checker\OfflineChecker;
 use FancyGuy\Composer\SecurityCheck\Exception\ExceptionInterface;
 use FancyGuy\Composer\SecurityCheck\Formatter\JsonFormatter;
@@ -23,10 +24,11 @@ protected function configure()
         $this
             ->setName('audit')
             ->setDefinition(array(
-                new InputOption('audit-db', '', InputOption::VALUE_REQUIRED, 'The path to the advisory database'),
-                new InputOption('format', '', InputOption::VALUE_REQUIRED, 'The output format', 'text'),
-                new InputOption('endpoint', '', InputOption::VALUE_REQUIRED, 'The security checker server URL'),
-                new InputOption('timeout', '', InputOption::VALUE_REQUIRED, 'The HTTP timeout in seconds'),
+                new InputOption('audit-db', '', InputOption::VALUE_REQUIRED, 'Path to the advisory database'),
+                new InputOption('format', '', InputOption::VALUE_REQUIRED, 'Output format', 'text'),
+                new InputOption('endpoint', '', InputOption::VALUE_REQUIRED, 'Security checker server URL', HttpCheckerInterface::DEFAULT_ENDPOINT),
+                new InputOption('timeout', '', InputOption::VALUE_REQUIRED, 'HTTP timeout in seconds', HttpCheckerInterface::DEFAULT_TIMEOUT),
+                new InputOption('file', '', InputOption::VALUE_REQUIRED, 'Path to composer.lock file', './composer.lock'),
             ))
             ->setDescription('Checks security issues in your project dependencies')
             ->setHelp(<<<EOF
@@ -55,7 +57,9 @@ protected function execute(InputInterface $input, OutputInterface $output)
             }
         }
 
-        $composerFile = Factory::getComposerFile();
+        if (!$composerFile = $input->getOption('file')) {
+            $composerFile = Factory::getComposerFile();
+        }
 
         try {
             $vulnerabilities = $checker->check($composerFile);

src/SecurityCheckPlugin.php

@@ -91,7 +91,8 @@ public function onCommandEvent(CommandEvent $event)
                 break;
             case 'show':
             case 'validate':
-                $this->auditDependencies();
+                $fileArgument = $event->getInput()->getArgument('file');
+                $this->auditDependencies($fileArgument);
                 break;
         }
     }