From 303474af329df3edb66543986d903cfbe521139e Mon Sep 17 00:00:00 2001
From: Brian Henry <BrianHenryIE@gmail.com>
Date: Wed, 6 Jul 2022 23:40:05 -0700
Subject: [PATCH 1/3] Fix: using Composer to parse .json array was attempting
 to load unprivileged plugins

```
composer/installers contains a Composer plugin which is blocked by your allow-plugins config. You may add it to the list if you consider it safe.
You can run "composer config --no-plugins allow-plugins.composer/installers [true|false]" to enable it (true) or disable it explicitly and suppress this exception (false)
See https://getcomposer.org/allow-plugins%
```
---
 src/Composer/ComposerPackage.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Composer/ComposerPackage.php b/src/Composer/ComposerPackage.php
index 14d1bc74..76cbd9fb 100644
--- a/src/Composer/ComposerPackage.php
+++ b/src/Composer/ComposerPackage.php
@@ -83,7 +83,7 @@ public static function fromComposerJsonArray($jsonArray, array $overrideAutoload
     {
         $factory = new Factory();
         $io = new NullIO();
-        $composer = $factory->createComposer($io, $jsonArray);
+	    $composer = $factory->createComposer($io, $jsonArray, true);
 
         return new ComposerPackage($composer, $overrideAutoload);
     }

From c07814777f5d207ccc810ce92f71b5cf79b251f1 Mon Sep 17 00:00:00 2001
From: BrianHenryIE <BrianHenryIE@users.noreply.github.com>
Date: Thu, 7 Jul 2022 06:43:21 +0000
Subject: [PATCH 2/3] =?UTF-8?q?=F0=9F=A4=96=20PHPCBF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/Composer/ComposerPackage.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Composer/ComposerPackage.php b/src/Composer/ComposerPackage.php
index 76cbd9fb..2341c1f3 100644
--- a/src/Composer/ComposerPackage.php
+++ b/src/Composer/ComposerPackage.php
@@ -83,7 +83,7 @@ public static function fromComposerJsonArray($jsonArray, array $overrideAutoload
     {
         $factory = new Factory();
         $io = new NullIO();
-	    $composer = $factory->createComposer($io, $jsonArray, true);
+        $composer = $factory->createComposer($io, $jsonArray, true);
 
         return new ComposerPackage($composer, $overrideAutoload);
     }

From 3c2f489df3ad6003c35326f5712e0cc30284ae05 Mon Sep 17 00:00:00 2001
From: Brian Henry <BrianHenryIE@gmail.com>
Date: Thu, 7 Jul 2022 17:41:08 -0700
Subject: [PATCH 3/3] Disable plugins in two other spots.

---
 src/Composer/ComposerPackage.php        | 2 +-
 src/Composer/ProjectComposerPackage.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Composer/ComposerPackage.php b/src/Composer/ComposerPackage.php
index 76cbd9fb..fcf2d683 100644
--- a/src/Composer/ComposerPackage.php
+++ b/src/Composer/ComposerPackage.php
@@ -69,7 +69,7 @@ public static function fromFile(string $absolutePath, array $overrideAutoload =
             $absolutePath = rtrim($absolutePath, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . 'composer.json';
         }
 
-        $composer = Factory::create(new NullIO(), $absolutePath);
+        $composer = Factory::create(new NullIO(), $absolutePath, true);
 
         return new ComposerPackage($composer, $overrideAutoload);
     }
diff --git a/src/Composer/ProjectComposerPackage.php b/src/Composer/ProjectComposerPackage.php
index 0cad859f..d432f167 100644
--- a/src/Composer/ProjectComposerPackage.php
+++ b/src/Composer/ProjectComposerPackage.php
@@ -26,7 +26,7 @@ public function __construct(string $absolutePath, array $overrideAutoload = null
         }
         unset($absolutePath);
 
-        $composer = Factory::create(new NullIO(), $absolutePathFile);
+        $composer = Factory::create(new NullIO(), $absolutePathFile, true);
 
         parent::__construct($composer, $overrideAutoload);