CRM-18098. Move TCPDF from packages to composer.

author Chris Burgess <chris@giantrobot.co.nz>

Thu, 25 Feb 2016 14:20:41 +0000 (03:20 +1300)

committer Chris Burgess <chris@giantrobot.co.nz>

Thu, 25 Feb 2016 14:20:41 +0000 (03:20 +1300)
author Chris Burgess <chris@giantrobot.co.nz>
Thu, 25 Feb 2016 14:20:41 +0000 (03:20 +1300)
committer Chris Burgess <chris@giantrobot.co.nz>
Thu, 25 Feb 2016 14:20:41 +0000 (03:20 +1300)
diff --git a/composer.json b/composer.json

index 0ab390e96a5d71351a511a13de54d142f136110a..92171d39529999b5319c1b6494160b0c6f650a18 100644 (file)
--- a/composer.json
+++ b/composer.json
@@ -15,6 +15,7 @@
      "symfony/process": "~2.5.0",
      "psr/log": "1.0.0",
      "symfony/finder": "~2.5.0",
+    "tecnickcom/tcpdf" : "6.2.*",
      "totten/ca-config": "~13.02",
      "civicrm/civicrm-cxn-rpc": "~0.15.12.04",
      "zetacomponents/base": "1.7.*",
diff --git a/tools/scripts/composer/tcpdf-cleanup.sh b/tools/scripts/composer/tcpdf-cleanup.sh

new file mode 100755 (executable)

index 0000000..69629f3
--- /dev/null
+++ b/tools/scripts/composer/tcpdf-cleanup.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+## Cleanup the vendor tree. The main issue here is that civi Civi is
+## deployed as a module inside a CMS, so all its source-code gets published.
+## Some libraries distribute admin tools and sample files which should not
+## be published.
+##
+## This script should be idempotent -- if you rerun it several times, it
+## should always produce the same post-condition.
+
+##############################################################################
+## usage: safe_delete <relpath...>
+function safe_delete() {
+  for file in "$@" ; do
+    if [ -z "$file" ]; then
+      echo "Skip: empty file name"
+    elif [ -e "$file" ]; then
+      rm -rf "$file"
+    fi
+  done
+}
+
+##############################################################################
+## Remove example/CLI scripts. They're not needed and increase the attack-surface.
+safe_delete vendor/tecnickcom/tcpdf/examples
+safe_delete vendor/tecnickcom/tcpdf/tools
+
+## Remove all fonts not included before CRM-18098.
+safe_delete vendor/tecnickcom/tcpdf/fonts/a*
+safe_delete vendor/tecnickcom/tcpdf/fonts/ci*
+safe_delete vendor/tecnickcom/tcpdf/fonts/courierb*
+safe_delete vendor/tecnickcom/tcpdf/fonts/courieri*
+safe_delete vendor/tecnickcom/tcpdf/fonts/dejavu-fonts-ttf-2.33
+safe_delete vendor/tecnickcom/tcpdf/fonts/dejavusansb*
+safe_delete vendor/tecnickcom/tcpdf/fonts/dejavusansc*
+safe_delete vendor/tecnickcom/tcpdf/fonts/dejavusanse*
+safe_delete vendor/tecnickcom/tcpdf/fonts/dejavusansi*
+safe_delete vendor/tecnickcom/tcpdf/fonts/dejavusansm*
+safe_delete vendor/tecnickcom/tcpdf/fonts/dejavuserif*
+safe_delete vendor/tecnickcom/tcpdf/fonts/free*
+safe_delete vendor/tecnickcom/tcpdf/fonts/helveticab*
+safe_delete vendor/tecnickcom/tcpdf/fonts/helveticai*
+safe_delete vendor/tecnickcom/tcpdf/fonts/k*
+safe_delete vendor/tecnickcom/tcpdf/fonts/m*
+safe_delete vendor/tecnickcom/tcpdf/fonts/p*
+safe_delete vendor/tecnickcom/tcpdf/fonts/s*
+safe_delete vendor/tecnickcom/tcpdf/fonts/t*
+safe_delete vendor/tecnickcom/tcpdf/fonts/u*
+safe_delete vendor/tecnickcom/tcpdf/fonts/z*
author	Chris Burgess <chris@giantrobot.co.nz>
	Thu, 25 Feb 2016 14:20:41 +0000 (03:20 +1300)
committer	Chris Burgess <chris@giantrobot.co.nz>
	Thu, 25 Feb 2016 14:20:41 +0000 (03:20 +1300)
composer.json		patch \| blob \| blame \| history
tools/scripts/composer/tcpdf-cleanup.sh	[new file with mode: 0755]	patch \| blob