I have a module on drupal.org. I have noticed that automated tests for it have started failing with the following errors--
cweagans/composer-patches contains a Composer plugin which is blocked by your allow-plugins config. You may add it to the lis
t if you consider it safe.
You can run "composer config --no-plugins allow-plugins.cweagans/composer-patches [true|false]" to enable it (true) or disabl
e it explicitly and suppress this exception (false)
See https://getcomposer.org/allow-plugins
As per my understanding, this is happening due to a security update for composer.
I have been able to replicate this error on my local machine as well, by installing a fresh ddev drupal 9 and running the following command--
/usr/local/bin/composer require 'drupal/block_field:dev-1.x' --prefer-stable --no-progress --prefer-dist --no-suggest --no-interaction --working-dir /var/www/html
Most of the solutions online suggest updating the core composer.json file. This i think is not possible since the tests are failing on drupal.org.
We have tested using various combinations of php/drupal. An example is "PHP8.0 & MySQL 5.7, Drupal 9.5.x".
Any leads are greatly appreciated!
I have tried the following--
- Including cweagans/composer-patches in my modules composer.json.
- editing modules drupalci.yml file
- Adding an "allow-plugins" entry into modules composer.json
In all three solutions above, I was hoping that the error would be fixed, and the plugins would not be blocked.
