"config.allow-plugins = false" still prompts me for allowed plugins #10530
Description
My composer.json:
...
"config": {
"allow-plugins": false
},
...Output of composer diagnose:
composer diagnose
ocramius/package-versions contains a Composer plugin which is currently not in your allow-plugins config. See https://getcomposer.org/allow-plugins
Do you trust "ocramius/package-versions" to execute code and wish to enable it now? (writes "allow-plugins" to composer.json) [y,n,d,?] d
Checking composer.json: OK
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: OK
Checking https connectivity to packagist: OK
Checking HTTP proxy: OK
Checking github.com rate limit: OK
Checking disk free space: OK
Checking pubkeys:
Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0 87719BA6 8F3BB723 4E5D42D0 84A14642
Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B 0C708369 153E328C AD90147D AFE50952
OK
Checking composer version: OK
Composer version: 2.2.6
PHP version: 7.4.6 - Package overridden via config.platform, actual: 7.4.27
PHP binary path: /usr/bin/php7.4
OpenSSL version: OpenSSL 1.1.1 11 Sep 2018
cURL version: 7.58.0 libz 1.2.11 ssl OpenSSL/1.1.1d
zip: extension present, unzip present, 7-Zip not available
When I run this command:
composer install
I get the following output:
...
ocramius/package-versions contains a Composer plugin which is currently not in your allow-plugins config. See https://getcomposer.org/allow-plugins
Do you trust "ocramius/package-versions" to execute code and wish to enable it now? (writes "allow-plugins" to composer.json) [y,n,d,?]
And I expected this to happen:
I am not prompted for allowed plugins.