Commit Graph

330 Commits

Author SHA1 Message Date
Steve Boyd 9463aaf571 Merge branch '4.8' into 4 2021-06-08 11:49:01 +12:00
Steve Boyd 7f97734a20 [CVE-2020-25817] Prevent loading of xml entities 2021-06-02 16:24:17 +12:00
Ingo Schommer 8c0efd3980 Extension hooks for CsvBulkLoader
Required for versioned-snapshots integration
2021-05-21 11:17:46 +12:00
Ingo Schommer 5e2ca7f0a3 FIX Tidy extension and cli fix for tests
Wrap doesn't actually wrap in the tidy extension.
This causes tests to be flakey, for example some of `FormTest` fails
if you happen to have `ext-tidy` installed (which is the default on most systems).
This happened to me on PHP 7.4.19 with tidy 5.6.0 (OSX Homebrew).
Note that the tests aren't failing in Travis right now.

You'd expect `wrap => 0` to be honoured. It's documented as an integer
in the tidy docs: https://api.html-tidy.org/tidy/quickref_5.6.0.html#wrap.

Even tracked this down to the PHP source which appears to be doing the right thing:
https://github.com/php/php-src/blob/master/ext/tidy/tidy.c#L300

There's a bug from 2018 against PHP 7.2.8 which was closed as "not a bug" without comment:
https://bugs.php.net/bug.php?id=76683

You can see the behaviour in action in the following test.

```
<?php
$html = '<p>a really long string which should not be wrapped</p>';

echo "## With tidy extension" . PHP_EOL;
$tidy = new tidy();
$tidy->parseString(
    $html,
    [
        'output-xhtml' => true,
        'numeric-entities' => true,
        'wrap' => 0,
    ],
    'utf8'
);
$tidy->cleanRepair();
echo $tidy . PHP_EOL;

echo "## With tidy cli" . PHP_EOL;
$cmd = sprintf("echo " . escapeshellarg($html) . " | tidy --force-output 1 -n -q -utf8 -asxhtml -w 0 2> /dev/null");
echo shell_exec($cmd);
```

Long story short, setting it to 99999 fixes the issue.
2021-05-20 20:09:42 +12:00
Maxime Rainville 0da15f0f27 Merge branch '4.7' into 4 2021-01-19 15:33:56 +13:00
William Desportes c932d7e7fb
Fix the phpdoc blocks 2020-12-21 22:23:23 +01:00
Ingo Schommer b271d9dd89 FIX Don't swallow app init errors in test setup 2020-11-12 13:51:22 +13:00
Aaron Carlino 544b137328 Merge branch '4.6' into 4 2020-10-05 14:03:05 +13:00
Aaron Carlino 8053bc7a72 Merge branch '4.5' into 4.6 2020-10-05 13:49:06 +13:00
Aaron Carlino 2042d1c6b0
MINOR: Allow DevelopmentAdmin to have subclasses (#9702) 2020-09-26 21:21:16 +12:00
Robbie Averill 27bd5d12e3 ENH Replace E_USER_ERROR errors with exceptions 2020-09-24 23:51:21 -07:00
Dan Hensby ae0ece2b02
Merge pull request #9665 from creative-commoners/pulls/4/php8-fqcn-token 2020-09-18 20:44:22 +01:00
Maxime Rainville acce4c4ce7 BUG Remove old boostrap 3 CSS class 2020-09-16 11:03:27 +12:00
Sam Minnee b3dd27953b NEW: Allow league/csv ^9
Hopefully this has better PHP 8 support.
2020-09-15 17:40:42 +12:00
Sam Minnee 2143660c3f FIX: Add class_exists() guards to SapphireTest
This test helper has a number of hooks to other parts of the
and required many class_exists() guards to operate without them

This has come out of PoC development work as part of:
https://github.com/silverstripe/silverstripe-framework/issues/9679

But can stand-alone as a mergeable PR.
2020-09-14 13:49:21 +12:00
Jackson Darlow 699913406b
NEW Added a dev view to output the current config from dev/config (#9542)
* #3236 Added dev/config view

* Refactored use of echo to

* Added config/audit for matching missing property definitions in the current config

* Minor enhancements to dev/config implementation
2020-08-28 07:19:03 +12:00
Mojmir Fendek 7c84171d5b
NEW: Improved task runner UI. (#9540)
Co-authored-by: Sacha Judd <sjudd@silverstripe.com>
2020-08-26 11:11:13 +12:00
Steve Boyd 65c3295917 Merge branch '4.6' into 4 2020-08-05 10:52:49 +12:00
Steve Boyd b59f75dd50 FIX Handle DatabaseAdapterRegistry cache exception
Co-authored-by: Loz Calver <lozcalver@bigfork.co.uk>
2020-08-03 10:57:27 +12:00
Garion Herman d408a4e714 Merge branch '4.6' into 4 2020-07-13 12:28:14 +12:00
Garion Herman 2b9ef6be16 Merge tag '4.6.0' into 4.6
Release 4.6.0
2020-07-13 12:26:06 +12:00
Ingo Schommer 8d6a248431 Merge remote-tracking branch 'origin/4.6' into 4 2020-07-11 09:07:39 +12:00
Maxime Rainville cce2b16309 [CVE-2020-6164] Remove/deprecate unused controllers that can potentially give away some information about the underlying project. 2020-07-10 17:57:06 +12:00
Maxime Rainville 996c1b5719 [CVE-2020-6164] Remove/deprecate unused controllers that can potentially give away some information about the underlying project. 2020-07-10 15:03:18 +12:00
Maxime Rainville c3f0ac7718 Merge branch '4.5' into 4.6 2020-07-09 14:33:57 +12:00
Maxime Rainville f8360356e0 Merge branch '4.4' into 4.5 2020-07-09 14:28:28 +12:00
Maxime Rainville ec83959f2c API Remove UpgradeBootstrap (not part of our official API) 2020-06-30 21:35:51 +12:00
Aaron Carlino 658ca4deb1 MINOR: Add noindex metatag to debugview 2020-06-25 12:09:28 +12:00
Jackson Darlow 1edd8fd754
Added array declaration to `DevelopmentAdmin::$registered_controllers`
Co-authored-by: Robbie Averill <robbie@averill.co.nz>
2020-06-15 11:45:10 +12:00
Jackson Darlow 84235c6518 Adjusted missing definitions to only include definitions referenced by framework 2020-06-11 14:28:47 +12:00
Michal Kleiner 21129b1624
Use short array syntax across the framework's codebase 2020-05-16 10:34:45 +01:00
Daniel Hensby 237b2d5f74
Convert array delcarations to short array syntax 2020-04-20 18:58:09 +01:00
Loz Calver e08bf1cdd9
Merge pull request #9461 from creative-commoners/pulls/4/remove-db-config-glob
Cache results of _configure_database.php glob
2020-04-20 08:45:48 +01:00
Maxime Rainville 7da77be5ce Merge branch '4.5' into 4 2020-04-15 08:22:27 +12:00
Maxime Rainville 14bbaac1cb Merge tag '4.5.3' into 4.5
Release 4.5.3
2020-04-14 14:23:57 +12:00
Maxime Rainville de8fd82c55 Merge branch '4.4' into 4.5 2020-04-14 14:18:18 +12:00
Serge Latyntcev 9779e42963 BUG Register new sub tasks to fix files affected by CVE-2020-9280 and CVE-2019-12245 2020-04-13 19:43:53 +12:00
Serge Latyntcev b269d87490 BUG Register new sub tasks to fix files affected by CVE-2020-9280 and CVE-2019-12245 2020-04-13 17:16:57 +12:00
Steve Boyd 75d31c2cd3 Cache glob results for _configure_database.php 2020-04-10 23:15:12 +12:00
Dan Hensby 5bf2ac83ee
Merge branch '4.5' into 4 2020-04-01 19:23:47 +01:00
Steve Boyd 6d6cc65927 Update description 2020-03-06 09:57:31 +13:00
Garion Herman 29943f9049
API TestSession request methods now use the correct HTTP method (#8987)
* API TestSession request methods now use the correct HTTP method

* DOCS Update requests section in Functional Testing to reflect API change
2020-02-14 16:01:06 +13:00
Loz Calver a42249b6fc Minor performance improvement in DatabaseAdapterRegistry::autoconfigure() 2019-12-19 14:39:46 +00:00
Serge Latyntcev 7873efde9c Merge branch '4.4' into 4 2019-10-18 10:58:19 +13:00
Damian Mooyman d7752b7945
Run PSR2 Lint cleaner 2019-10-04 13:26:31 +13:00
Aaron Carlino da6582f593 NEW: Remove web installer, move to separate package (#9231)
* Remove installer

* Remove exposed install files

* Replace Dev/Install classes still in use

* Update changelog

* FIX make the grid field actions consistent to what they look like on pages

Resolves https://github.com/silverstripe/silverstripe-admin/issues/904

* Docs changes
2019-09-11 13:10:25 +12:00
Maxime Rainville dd40d53e6b Merge branch '4.4' into 4 2019-09-04 09:46:33 +12:00
Maxime Rainville 24015c7767 Merge branch '4.3' into 4.4 2019-09-04 09:42:09 +12:00
Robbie Averill 77ba8391c4 FIX Byte Order Marks (BOM) are now stripped when importing CSV files 2019-08-29 14:54:57 +12:00
Robbie Averill 89eb6c88b2 FIX Do not try and load fixtures from directories, fixes PHP 7.4 build errors 2019-07-26 10:13:47 +02:00
Robbie Averill 79fa61edf8 FIX Type safety on nullable argument, fixes PHP 7.4 test 2019-07-19 12:05:27 +02:00
Robbie Averill 2a1394bed7 Merge branch '4.4' into 4 2019-07-19 10:46:00 +02:00
Robbie Averill 40f06fafa9 Merge branch '4.3' into 4.4 2019-07-19 10:45:44 +02:00
Robbie Averill c7b15eaef5 Merge branch '4.2' into 4.3 2019-07-19 10:45:29 +02:00
Mario Sommereder 260c89fd54 Fix of delimiter not used bug
See issue https://github.com/silverstripe/silverstripe-framework/issues/8881
2019-06-20 11:11:27 +12:00
Sam Minnee 27ace03273 NEW: Deprecated PDO in favour of native drivers
https://github.com/silverstripe/silverstripe-framework/issues/8598
2019-06-11 16:17:30 +12:00
Aaron Carlino d04e54c1be Merge branch '4.4' into 4 2019-06-10 17:33:30 +12:00
Aaron Carlino c747b1f8d3 Merge branch '4.3' into 4.4 2019-06-10 17:32:07 +12:00
Aaron Carlino f766555d61 Merge branch '4.2' into 4.3 2019-06-10 17:27:05 +12:00
Serge Latyntcev ca56e8d78e [CVE-2019-12246] Denial of Service on flush and development URL tools 2019-06-10 17:23:56 +12:00
Aaron Carlino e2da7b0dc4 Merge branch '4.4' into 4 2019-06-10 16:37:16 +12:00
Ingo Schommer f4cdfb06c8 Update environment timeouts
See https://github.com/silverstripe/silverstripe-framework/issues/9029
2019-06-06 15:18:12 +12:00
Ingo Schommer b21e5d9e57 Moved time limit increases from individual job
Should apply to all file migration subtasks, not just the first one (see silverstripe/assets)
2019-06-05 15:10:46 +12:00
Ingo Schommer 2d4711de01 Fixed logging
Broke loggers attached by queuedjobs because it wasn't using the global service.
Since the stderr handler was set to bubble=false, those messages weren't picked up by queuedjobs.
Removed preformatted handler since there's no longer an ability to run this stuff via web
2019-06-05 15:09:58 +12:00
Ingo Schommer 7301b375b8 NEW Clearer file migration output with colours 2019-06-05 11:41:06 +12:00
Robbie Averill 6678f92681
Merge pull request #9025 from taoceanz/4
Removed unused use BadMethodCallException statement.
2019-05-30 09:38:47 +12:00
Robbie Averill 00fd74a0a1 Merge branch '4.4' into 4
# Conflicts:
 #	src/Dev/Tasks/MigrateFileTask.php
2019-05-30 09:36:42 +12:00
Robbie Averill 3e2fc6aa0b Automated phpcbf linting 2019-05-30 09:34:34 +12:00
Thomas Ocean e30483a7dc Removed unused use BadMethodCallException statement. 2019-05-30 09:08:33 +12:00
Andre Kiste 2c8c643ce3 MigrateFileTask now outputs "Done" when it has finished running (#8995) 2019-05-28 09:45:13 +12:00
Maxime Rainville 4f39e59aff BUG Enable file hash caching when running the file migration task (#8993) 2019-05-28 09:37:45 +12:00
Maxime Rainville 5b6d0946f4 API Add extension points to MigrateFileTask (#8994)
* API Add extension points to MigrateFileTask

* Apply suggestions from code review

Co-Authored-By: Guy Marriott <guy@scopey.co.nz>
2019-05-28 09:24:01 +12:00
Maxime Rainville 7ef604807c BUG Enable file hash caching when running the file migration task (#8993) 2019-05-28 09:21:11 +12:00
Maxime Rainville 9bfce8c1a4 API Add extension points to MigrateFileTask (#8994)
* API Add extension points to MigrateFileTask

* Apply suggestions from code review

Co-Authored-By: Guy Marriott <guy@scopey.co.nz>
2019-05-28 09:19:05 +12:00
Ingo Schommer 1f78e8ae80 NEW Clean up secureassets module artefacts (#8948)
See https://github.com/silverstripe/silverstripe-assets/issues/231
2019-05-02 21:05:19 +12:00
Andre Kiste 48db515fbd NEW Fix folder permissions (#8950)
* Add `FixFilePermissionsHelper` subtask
* Changed name to folder permissions, added more loggin
2019-05-02 16:28:57 +12:00
Ingo Schommer 0696045e59 NEW Legacy thumbnail migration task (#8924)
* NEW Legacy thumbnail migration task

See https://github.com/silverstripe/silverstripe-assets/issues/235
Makes a start at https://github.com/silverstripe/silverstripe-assets/issues/219 as well

* API Removed migrate_legacy_file support

For the vast majority of sites, you really don't want to run your file migration as part of dev build.
The step is involved enough to warrant it's own task.
I don't think this is an API change, since the setting won't have affect
for anyone who has already enabled it - they would've already done the one-off migration.

See https://github.com/silverstripeltd/open-sourcerers/issues/91
and https://github.com/silverstripe/silverstripe-assets/issues/235
2019-05-02 09:33:53 +12:00
Andre Kiste 2bcf8b5ff3 More verbose file migration logging
See https://github.com/silverstripeltd/open-sourcerers/issues/91

* Add `PreformattedEchoHandler`

cherry-picked from 4c3f3e6bea99b46b689e5b23d1bd1498a4ac696c

* Batch log messages for every 100 file.
Also make logger work for stdout

* Update src/Logging/PreformattedEchoHandler.php

Co-Authored-By: bergice <bergice@users.noreply.github.com>
2019-04-30 08:54:48 +12:00
Robbie Averill 8a06682e31 Merge branch '4.3' into 4
# Conflicts:
 #	src/ORM/Connect/DBSchemaManager.php
2019-04-11 11:24:17 +12:00
Robbie Averill 55cbacca86 Merge branch '4.2' into 4.3
# Conflicts:
 #	src/Forms/GridField/GridFieldLevelup.php
 #	src/includes/constants.php
2019-04-11 11:21:42 +12:00
Ingo Schommer afb3c825c9
Merge pull request #8890 from open-sausages/pulls/4/get-installer-to-self-create-assets-folder
BUG Update installer to create the assets folder if its missing
2019-04-05 14:41:01 +13:00
Ian Patel 759968bbe2 Fix Undefined variable: result when catch Exception 2019-04-05 11:33:01 +13:00
Guy Marriott a9d57f5bfb
Merge pull request #8241 from creative-commoners/pulls/4.3/separate-logging
Separate core error logging from standard LoggerInterface
2019-04-05 08:49:09 +13:00
Maxime Rainville c84ad4278f BUG Update installer to create the assets folder if its missing 2019-03-29 17:56:39 +13:00
Robbie Averill 7ab55a4948 Add LoggerState to disble user-configured logging during PHPUnit tests 2019-02-22 11:43:01 +07:00
Robbie Averill 3e90fdf42f Merge branch '4.3' into 4 2019-02-19 08:41:05 +07:00
Robbie Averill ed74549c4f Merge branch '4.2' into 4.3 2019-02-19 08:39:59 +07:00
Robbie Averill 79e44b42fa Merge branch '4.1' into 4.2 2019-02-19 08:37:07 +07:00
Robbie Averill cb7f15a681 Merge branch '4.0' into 4.1 2019-02-19 08:36:41 +07:00
Damian Mooyman b8122f88c5
Merge pull request #8174 from creative-commoners/pulls/4.2/deprecated-fixture-state
MINOR Replace use of deprecated getFixtureFactory() with FixtureTestState
2019-02-11 14:16:37 +13:00
Benedikt Seidl d530bc2fb6 fix user feedback when jquery could not be loaded 2019-01-24 20:51:48 +01:00
Maxime Rainville 39297b8640 MINOR Add message to inform user that the task can be run again without issue 2019-01-23 18:40:15 +13:00
Damian Mooyman 34ac228029
BUG Fix issue with assertListEquals() ignoring field getters 2019-01-11 11:35:11 +13:00
Maxime Rainville 1e01deea39 NEW Make resources dir configurable (#8519)
* NEW Make resources dir configurable.

* Removing reference to old `resources` and updating doc #8519

* Rrtarget to 4.4 release.

* DOC Reference SS_RESOURCES_DIR in Environment doc.

* API Add a Resources method to SilverStripe\Core\Manifest\Module to read the resources-dir from composer.json

* Clean up reference to SS_RESOURCES_DIR env var

* Set default resources-dir

* Update test to use RESOURCES_DIR const in expected resource url method

* Correcting typos

Co-Authored-By: maxime-rainville <maxime@rainville.me>

* MINOR Correctubg minor typos

* DOCS Document the intricacies of exposing static assets.
2019-01-09 15:35:45 +13:00
Robbie Averill 41dc9229bf FIX Reverting ExtensionTestState and Extensible extra methods modifications to prevent PHP 5.6 segfault (#8581)
* API Revert addition of Extensible::flush_extra_methods_cache() and change to ExtensionTestState

This reverts the changes from #8465 and #8505 that relate to ExtensionTestState and the
tracking of extra methods between unit tests. The existing test from #8465 testing
overloaded Extensions after extra_methods are populated has been updated to show that you
must re-add the extension to flush the extra_methods cache if you need this behaviour.

* Revert change to InjectorTest::testExtendedExtensions

* Revert "Add failing test to show that overloaded extensions are broken in Extensible"

This reverts commit 55e79ffdfd.

* DOCS Add docs for extending extensions, and upgrade guide note to 4.3 to avoid using PHP config to do so
2018-11-26 12:00:02 +13:00
Robbie Averill 9aabe0a0f7 [SS-2018-018] Ignore arguments in mysqli::real_connect backtrace calls 2018-11-07 11:33:24 +13:00
Robbie Averill 5425195238 [SS-2018-018] Ignore arguments in mysqli::real_connect backtrace calls 2018-11-07 11:32:55 +13:00
Robbie Averill 214e28127f [SS-2018-018] Ignore arguments in mysqli::real_connect backtrace calls 2018-11-07 11:31:33 +13:00
Robbie Averill 637b4225c6 [SS-2018-018] Ignore arguments in mysqli::real_connect backtrace calls 2018-11-07 11:24:51 +13:00
Robbie Averill 7f6f5c9ec9 FIX Flush extra methods cache on DataObjects after each unit test class has finished 2018-10-20 13:59:03 +02:00