Make HtaccessTest composer fixtures valid json to avoid breaking tooling

Created on 21 May 2020, about 4 years ago
Updated 17 February 2023, over 1 year ago

HtaccessTest includes a number of empty file fixtures used to detect if the htaccess file is correctly configured - among those are composer.json and composer.lock.

There are many security, compliance, license policy and other tools that recursively scan for package management manifests (since they need to work in a variety of environments and on tools with multiple/nested software stacks).

Having an empty file can break these tools - for example Trivy fails with failed to get libraries: error with var/www/html/html/core/modules/system/tests/fixtures/HtaccessTest/composer.lock: EOF. Composer (which may be called with composer outdated --minor-only for example) with "./composer.json" does not contain valid JSON.

Having files exist that breaks tooling raises the barrier for adoption and leads to workarounds - adding 2 characters to each file doesn't affect the function of HtaccessTest.

πŸ› Bug report
Status

Fixed

Version

10.1 ✨

Component
SystemΒ  β†’

Last updated about 23 hours ago

No maintainer
Created by

πŸ‡ΊπŸ‡ΈUnited States Owen Barton

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.69.0 2024