From 9f199466c75776e625223c43479a4c4e4ade5165 Mon Sep 17 00:00:00 2001
From: Guy Sartorelli <guy.sartorelli@silverstripe.com>
Date: Thu, 14 Dec 2023 14:47:17 +1300
Subject: [PATCH 1/2] Replace Guzzle with generic PSR18 discovery

---
 composer.json                | 15 ++++++++--
 src/Packagist/Api/Client.php | 55 ++++++++++++++++++++++--------------
 2 files changed, 46 insertions(+), 24 deletions(-)

diff --git a/composer.json b/composer.json
index bb87705..ca5eb36 100644
--- a/composer.json
+++ b/composer.json
@@ -13,15 +13,19 @@
     ],
     "require": {
         "php": "^7.4 || ^8.0",
-        "guzzlehttp/guzzle": "^6.0 || ^7.0",
         "doctrine/inflector": "^1.0 || ^2.0",
         "ext-json": "*",
         "composer/metadata-minifier": "^1.0",
-        "composer/semver": "^1.0|^2.0|^3.0"
+        "composer/semver": "^1.0|^2.0|^3.0",
+        "php-http/discovery": "^1.12",
+        "php-http/client-common": "^2.3",
+        "psr/http-client-implementation": "^1.0",
+        "psr/http-factory-implementation": "^1.0"
     },
     "require-dev": {
         "phpspec/phpspec": "^6.0 || ^7.0",
-        "squizlabs/php_codesniffer": "^3.0"
+        "squizlabs/php_codesniffer": "^3.0",
+        "guzzlehttp/guzzle": "^6.0 || ^7.0"
     },
     "autoload": {
         "psr-4": {
@@ -41,5 +45,10 @@
     "scripts": {
         "lint": "vendor/bin/phpcs --standard=PSR12 src/",
         "test": "vendor/bin/phpspec run -f pretty"
+    },
+    "config": {
+        "allow-plugins": {
+            "php-http/discovery": true
+        }
     }
 }
diff --git a/src/Packagist/Api/Client.php b/src/Packagist/Api/Client.php
index 79b046b..aefd35e 100644
--- a/src/Packagist/Api/Client.php
+++ b/src/Packagist/Api/Client.php
@@ -5,12 +5,17 @@
 namespace Packagist\Api;
 
 use Composer\Semver\Semver;
-use GuzzleHttp\Client as HttpClient;
-use GuzzleHttp\ClientInterface;
-use GuzzleHttp\Exception\GuzzleException;
+use Exception;
+use Http\Client\Common\HttpMethodsClient;
+use Http\Client\Common\HttpMethodsClientInterface;
+use Http\Client\Common\PluginClientFactory;
+use Http\Discovery\Psr17FactoryDiscovery;
+use Http\Discovery\Psr18ClientDiscovery;
 use Packagist\Api\Result\Advisory;
 use Packagist\Api\Result\Factory;
 use Packagist\Api\Result\Package;
+use Psr\Http\Client\ClientInterface;
+use Psr\Http\Message\StreamInterface;
 
 /**
  * Packagist Api
@@ -19,7 +24,7 @@
  */
 class Client
 {
-    protected ClientInterface $httpClient;
+    protected HttpMethodsClientInterface $httpClient;
 
     protected Factory $resultFactory;
 
@@ -36,14 +41,18 @@ public function __construct(
         string $packagistUrl = 'https://packagist.org'
     ) {
         if (null === $httpClient) {
-            $httpClient = new HttpClient();
+            $httpClient = (new PluginClientFactory())->createClient(Psr18ClientDiscovery::find());
         }
 
         if (null === $resultFactory) {
             $resultFactory = new Factory();
         }
 
-        $this->httpClient = $httpClient;
+        $this->httpClient = new HttpMethodsClient(
+            $httpClient,
+            Psr17FactoryDiscovery::findRequestFactory(),
+            Psr17FactoryDiscovery::findStreamFactory()
+        );
         $this->resultFactory = $resultFactory;
         $this->packagistUrl = $packagistUrl;
     }
@@ -222,9 +231,11 @@ public function advisories(array $packages = [], ?int $updatedSince = null, bool
         if ($updatedSince !== null) {
             $query['updatedSince'] = $updatedSince;
         }
-        $options = [
+        $queryString = http_build_query([
             'query' => array_filter($query),
-        ];
+        ]);
+        $headers = [];
+        $body = null;
 
         // Add packages if appropriate
         if (count($packages) > 0) {
@@ -235,13 +246,13 @@ public function advisories(array $packages = [], ?int $updatedSince = null, bool
                 }
                 $content['packages'][] = $package;
             }
-            $options['headers']['Content-type'] = 'application/x-www-form-urlencoded';
-            $options['body'] = http_build_query($content);
+            $headers['Content-type'] = 'application/x-www-form-urlencoded';
+            $body = http_build_query($content);
         }
 
         // Get advisories from API
         /** @var Advisory[] $advisories */
-        $advisories = $this->respondPost($this->url('/api/security-advisories/'), $options);
+        $advisories = $this->respondPost($this->url('/api/security-advisories/?' . $queryString), $headers, $body);
 
         // Filter advisories if necessary
         if (count($advisories) > 0 && $filterByVersion) {
@@ -308,12 +319,13 @@ protected function respond(string $url)
      * Execute the POST request and parse the response
      *
      * @param string $url
-     * @param array $option
+     * @param array $headers
+     * @param string|StreamInterface|null $body
      * @return array|Package
      */
-    protected function respondPost(string $url, array $options)
+    protected function respondPost(string $url, array $headers = [], string|StreamInterface|null $body = null)
     {
-        $response = $this->postRequest($url, $options);
+        $response = $this->postRequest($url, $headers, $body);
         $response = $this->parse($response);
 
         return $this->create($response);
@@ -352,14 +364,15 @@ protected function multiRespond(string $url1, string $url2)
      * Execute the POST request
      *
      * @param string $url
-     * @param array $options
+     * @param array $headers
+     * @param string|StreamInterface|null $body
      * @return string
-     * @throws GuzzleException
+     * @throws Exception
      */
-    protected function postRequest(string $url, array $options): string
+    protected function postRequest(string $url, array $headers = [], string|StreamInterface|null $body = null): string
     {
         return $this->httpClient
-            ->request('POST', $url, $options)
+            ->post($url, $headers, $body)
             ->getBody()
             ->getContents();
     }
@@ -370,16 +383,16 @@ protected function postRequest(string $url, array $options): string
      * @param string $url
      * @return string
      * @throws PackageNotFoundException
-     * @throws GuzzleException
+     * @throws Exception
      */
     protected function request(string $url): string
     {
         try {
             return $this->httpClient
-                ->request('GET', $url)
+                ->get($url)
                 ->getBody()
                 ->getContents();
-        } catch (GuzzleException $e) {
+        } catch (Exception $e) {
             if ($e->getCode() === 404) {
                 throw new PackageNotFoundException('The requested package was not found.', 404);
             }

From a338f6f2124a888c9ae27e0996c174ebc545bc4d Mon Sep 17 00:00:00 2001
From: Guy Sartorelli <guy.sartorelli@silverstripe.com>
Date: Mon, 15 Jan 2024 18:14:32 +1300
Subject: [PATCH 2/2] Bump PHP dependency to ^8.1

---
 .github/workflows/test.yml | 2 +-
 composer.json              | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 66ad4cc..1eb2d15 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -8,7 +8,7 @@ jobs:
 
     strategy:
       matrix:
-        php-versions: ['7.4', '8.0', '8.1', '8.2']
+        php-versions: ['8.1', '8.2']
 
     name: PHP ${{ matrix.php-versions }}
 
diff --git a/composer.json b/composer.json
index ca5eb36..9df2ca8 100644
--- a/composer.json
+++ b/composer.json
@@ -12,7 +12,7 @@
         }
     ],
     "require": {
-        "php": "^7.4 || ^8.0",
+        "php": "^8.1",
         "doctrine/inflector": "^1.0 || ^2.0",
         "ext-json": "*",
         "composer/metadata-minifier": "^1.0",