Make it possible to always allow direct

composer.json

@@ -32,7 +32,7 @@
         "violinist-dev/slug-from-url": "^1",
         "violinist-dev/symfony-cloud-security-checker": "^2",
         "violinist-dev/timeframe-handler": "^1.0",
-        "violinist-dev/violinist-config": "^2.0",
+        "violinist-dev/violinist-config": "^2.1",
         "violinist-dev/violinist-messages": "^1.6.0",
         "wa72/simplelogger": "^1.0"
     },

src/CosyComposer.php

@@ -843,6 +843,16 @@ public function run()
         }
         // Only update the ones in the allow list, if indicated.
         $handler = AllowListHandler::createFromConfig($config);
+        if ($config->shouldAlwaysAllowDirect()) {
+            $require_list = [];
+            if (!empty($composer_json_data->require)) {
+                $require_list = array_keys(get_object_vars($composer_json_data->require));
+            }
+            if (!empty($composer_json_data->{'require-dev'})) {
+                $require_list = array_merge($require_list, array_keys(get_object_vars($composer_json_data->require)));
+            }
+            $handler = AllowListHandler::createFromArray(array_merge($require_list, $config->getAllowList()));
+        }
         $handler->setLogger($this->getLogger());
         $data = $handler->applyToItems($data);
         // Remove non-security packages, if indicated.