Update development dependencies

Update phpunit deps to match framework

.cow.json

@@ -1,15 +1,19 @@
 {
   "github-slug": "silverstripe/silverstripe-installer",
+  "changelog-holder": "silverstripe/framework",
+  "changelog-path": "docs/en/04_Changelogs/{stability}/{version}.md",
   "child-stability-inherit": true,
-  "dependency-constraint": "loose",
+  "dependency-constraint": "exact",
   "vendors": [
     "silverstripe"
   ],
-  "tests": [
-    "vendor/bin/phpunit vendor/silverstripe/framework/tests/php",
-    "vendor/bin/phpunit vendor/silverstripe/cms/tests/php"
-  ],
-  "exclude": [
-    "silverstripe/recipe-plugin"
+  "archives": [
+    {
+      "recipe": "silverstripe/installer",
+      "files": [
+        "SilverStripe-cms-v{version}.zip",
+        "SilverStripe-cms-v{version}.tar.gz"
+      ]
+    }
   ]
 }

.cow/changelog.md.twig

@@ -1,79 +0,0 @@
-# {{ version }}
-
-## Overview
-
-A full list of module versions included in CMS Recipe {{ version }} is provided below. We recommend referencing recipes in your dependencies, rather than individual modules, to simplify version tracking. See [Recipes](/getting_started/).
-
-<details>
-<summary>Included module versions</summary>
-
-| Module | Version |
-| ------ | ------- |
-| silverstripe/admin | x.x.x |
-| silverstripe/asset-admin | x.x.x |
-| silverstripe/assets | x.x.x |
-| silverstripe/campaign-admin | x.x.x |
-| silverstripe/cms | x.x.x |
-| silverstripe/config | x.x.x |
-| silverstripe/errorpage | x.x.x |
-| silverstripe/framework | x.x.x |
-| silverstripe/graphql | x.x.x |
-| silverstripe/login-forms | x.x.x |
-| silverstripe/mimevalidator | x.x.x |
-| silverstripe/reports | x.x.x |
-| silverstripe/siteconfig | x.x.x |
-| silverstripe/versioned | x.x.x |
-| silverstripe/versioned-admin | x.x.x |
-
-</details>
-
-{% if version.stability == 'rc' %}
-
-## Release Candidate
-
-This version of Silverstripe CMS is a **release candidate** for an upcoming stable version, and should not be applied to production websites. We encourage developers to test this version in development / testing environments and [report any issues they encounter via GitHub](/contributing/issues_and_bugs/).
-
-{% elseif version.stable %}
-
-Upgrading to Recipe {{ version }} is recommended for all sites. This upgrade can be carried out by any development team familiar with Silverstripe.
-
-## Security considerations
-
-This release includes security fixes. Please see the release announcements for more detailed
-descriptions of each. We highly encourage upgrading your project to include the latest security patches nonetheless.
-
-We have provided a high-level severity rating of the vulnerabilities below based on the CVSS score, however please note this could vary based on the specifics of each project. You can [read the severity rating definitions in the Silverstripe CMS release process](/contributing/release_process/#severity-rating).
-
- * [CVE-0000-0000 The Issue Title](https://www.silverstripe.org/download/security-releases/CVE-0000-0000) Severity: {# Critical/ High/ Medium/ Low #}
- * [CVE-0000-0001 The Issue Title](https://www.silverstripe.org/download/security-releases/CVE-0000-0001) Severity: {# Critical/ High/ Medium/ Low #}
-
-## New features
-
-The [release announcement](#) includes the note worthy features, but be sure to review the change log for full detail.
-
-{# other upgrade notes here #}
-
-## Known issues
-
-{#
-* [Known issue](GitHub link)
-#}
-
-### Expected test failures
-
-The following PHPUnit test failures are expected and do not represent functional issues:
-
-{#
-* List test failures here
-#}
-
-```
-...
-```
-
-
-...
-
-{% endif %}
-
-{{ logs }}

.editorconfig

@@ -15,11 +15,12 @@ trim_trailing_whitespace = true
 [*.md]
 trim_trailing_whitespace = false
 
-[*.{yml,json}]
+[*.yml]
+indent_size = 2
+indent_style = space
+
+[{.travis.yml,package.json}]
 # The indent size used in the `package.json` file cannot be changed
 # https://github.com/npm/npm/pull/3180#issuecomment-16336516
 indent_size = 2
 indent_style = space
-
-[composer.json]
-indent_size = 4

.env.example

@@ -1,12 +0,0 @@
-# For a complete list of core environment variables see
-# https://docs.silverstripe.org/en/4/getting_started/environment_management/#core-environment-variables
-
-# DB credentials
-SS_DATABASE_CLASS="MySQLDatabase"
-SS_DATABASE_SERVER="localhost"
-SS_DATABASE_USERNAME="<user>"
-SS_DATABASE_PASSWORD="<password>"
-SS_DATABASE_NAME="<database>"
-
-# WARNING: in a live environment, change this to "live" instead of dev
-SS_ENVIRONMENT_TYPE="dev"

.gitattributes

@@ -1,11 +1,13 @@
-.github export-ignore
-.cow.json export-ignore
-.cow export-ignore
 .gitattributes export-ignore
-.travis.yml export-ignore
 behat.yml export-ignore
+build.properties.default export-ignore
 build.xml export-ignore
+changelog-definitions.default export-ignore
 CONTRIBUTING.md export-ignore
-LICENSE export-ignore
+dependent-modules.default export-ignore
+Makefile export-ignore
+phpunit.teamcity.mssql.xml export-ignore
+phpunit.teamcity.postgresql.xml export-ignore
+phpunit.teamcity.sqlite3.xml export-ignore
+phpunit.teamcity.xml export-ignore
 phpunit.xml.dist export-ignore
-README.md

.github/workflows/ci.yml

@@ -1,27 +0,0 @@
-name: CI
-
-on:
-  push:
-  pull_request:
-  workflow_dispatch:
-
-jobs:
-  ci:
-    name: CI
-    uses: silverstripe/gha-ci/.github/workflows/ci.yml@v1
-    with:
-      # installer contains a sample behat.yml file, though there are no behat tests to run
-      endtoend: false
-      # require the following in ci.yml rather than composer.json require-dev specifically for installer because unlike
-      # regular modules, require-dev will get installed to projects during `composer create-project silverstripe/installer`
-      composer_require_extra: silverstripe/recipe-testing:^2 silverstripe/frameworktest:^0.4.2 mikey179/vfsstream:^1.6.10
-      extra_jobs: |
-        - endtoend: true
-          endtoend_suite: admin
-          endtoend_config: vendor/silverstripe/admin/behat.yml
-        - endtoend: true
-          endtoend_suite: asset-admin
-          endtoend_config: vendor/silverstripe/asset-admin/behat.yml
-        - endtoend: true
-          endtoend_suite: cms
-          endtoend_config: vendor/silverstripe/cms/behat.yml

.github/workflows/dispatch-ci.yml

@@ -1,16 +0,0 @@
-name: Dispatch CI
-
-on:
-  # At 4:00 PM and 5:00 PM
-  schedule:
-    - cron: '0 16,17 * * *'
-
-jobs:
-  dispatch-ci:
-    name: Dispatch CI
-    # Only run cron on the silverstripe account
-    if: (github.event_name == 'schedule' && github.repository_owner == 'silverstripe') || (github.event_name != 'schedule')
-    runs-on: ubuntu-latest
-    steps:
-      - name: Dispatch CI
-        uses: silverstripe/gha-dispatch-ci@v1

.github/workflows/keepalive.yml

@@ -1,17 +0,0 @@
-name: Keepalive
-
-on:
-  workflow_dispatch:
-  # The 8th of every month at 4:50pm UTC
-  schedule:
-    - cron: '50 16 8 * *'
-
-jobs:
-  keepalive:
-    name: Keepalive
-    # Only run cron on the silverstripe account
-    if: (github.event_name == 'schedule' && github.repository_owner == 'silverstripe') || (github.event_name != 'schedule')
-    runs-on: ubuntu-latest
-    steps:
-      - name: Keepalive
-        uses: silverstripe/gha-keepalive@v1

.gitignore

@@ -1,8 +1,13 @@
+# ignore cache folder
 /silverstripe-cache/
-/.env
+
+# ignore all environment files
+_ss_environment.php
+
+# ignore composer vendor folder
 /vendor/
-/themes/simple/
-/_resources/
-/public/_resources/
-/.graphql-generated/
-/public/_graphql/
+/framework/
+/cms/
+/assets/
+/siteconfig/
+/reports/

.htaccess

@@ -1,2 +1,63 @@
+### SILVERSTRIPE START ###
+
+# Deny access to templates (but allow from localhost)
+<Files *.ss>
+	Order deny,allow
+	Deny from all
+	Allow from 127.0.0.1
+</Files>
+
+# Deny access to IIS configuration
+<Files web.config>
+	Order deny,allow
+	Deny from all
+</Files>
+
+# Deny access to YAML configuration files which might include sensitive information
+<Files ~ "\.ya?ml$">
+	Order allow,deny
+	Deny from all
+</Files>
+
+# Route errors to static pages automatically generated by SilverStripe
+ErrorDocument 404 /assets/error-404.html
+ErrorDocument 500 /assets/error-500.html
+
+<IfModule mod_env.c>
+	# Ensure that X-Forwarded-Host is only allowed to determine the request
+	# hostname for servers ips defined by SS_TRUSTED_PROXY_IPS in your _ss_environment.php
+	# Note that in a future release this setting will be always on.
+	SetEnv BlockUntrustedIPs true
+</IfModule>
+
+<IfModule mod_rewrite.c>
+
+	# Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
+	<IfModule mod_dir.c>
+		DirectoryIndex disabled
+	</IfModule>
+
+	SetEnv HTTP_MOD_REWRITE On
 	RewriteEngine On
-RewriteRule ^(.*)$ public/$1
+
+	# Enable HTTP Basic authentication workaround for PHP running in CGI mode
+	RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+	
+	# Deny access to potentially sensitive files and folders
+	RewriteRule ^vendor(/|$) - [F,L,NC]
+	RewriteRule silverstripe-cache(/|$) - [F,L,NC]
+	RewriteRule composer\.(json|lock) - [F,L,NC]
+	
+	# Process through SilverStripe if no file with the requested name exists.
+	# Pass through the original path as a query parameter, and retain the existing parameters.
+	RewriteCond %{REQUEST_URI} ^(.*)$
+	RewriteCond %{REQUEST_FILENAME} !-f
+	RewriteRule .* framework/main.php?url=%1 [QSA]
+	
+	# If framework isn't in a subdirectory, rewrite to installer
+	RewriteCond %{REQUEST_URI} ^(.*)/framework/main.php$
+	RewriteCond %{REQUEST_FILENAME} !-f
+	RewriteRule . %1/install.php? [R,L]
+
+</IfModule>
+### SILVERSTRIPE END ###

CONTRIBUTING.md

@@ -21,8 +21,8 @@ For submitting patches, please read our [guide to contributing code](http://doc.
  * [Forums](http://silverstripe.org/forums)
  * [Developer Mailinglist](https://groups.google.com/forum/#!forum/silverstripe-dev)
 
-## Copyright
+## Licensing
 
-**IMPORTANT: By supplying code to the SilverStripe core team in patches, tickets and pull requests, you agree to assign copyright of that code to SilverStripe Limited, on the condition that SilverStripe Limited releases that code under the BSD license.**
-
-We ask for this so that the ownership in the license is clear and unambiguous, and so that community involvement doesn't stop us from being able to continue supporting these projects. By releasing this code under a permissive license, this copyright assignment won't prevent you from using the code in any way you see fit.
+By supplying code in issues and pull requests created on github.com and other collaboration tools
+related to the SilverStripe project, you agree that is can be used in distributions and derivative works of 
+SilverStripe CMS and associated modules, under the BSD license.

LICENSE

@@ -1,17 +0,0 @@
-Copyright (c) 2007-2017, SilverStripe Limited - www.silverstripe.com
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
-
-    * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
-    * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the
-      documentation and/or other materials provided with the distribution.
-    * Neither the name of SilverStripe nor the names of its contributors may be used to endorse or promote products derived from this software
-      without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
-LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
-GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
-OF SUCH DAMAGE.

README.md

@@ -1,32 +1,52 @@
 ## Overview
 
-[![CI](https://github.com/silverstripe/silverstripe-installer/actions/workflows/ci.yml/badge.svg)](https://github.com/silverstripe/silverstripe-installer/actions/workflows/ci.yml)
-[![Silverstripe supported module](https://img.shields.io/badge/silverstripe-supported-0071C4.svg)](https://www.silverstripe.org/software/addons/silverstripe-commercially-supported-module-list/)
+Base project folder for a SilverStripe ([http://silverstripe.org](http://silverstripe.org)) installation. Requires additional modules to function:
 
-Base project folder for a Silverstripe ([http://silverstripe.org](http://silverstripe.org)) installation. Required modules are installed via [http://github.com/silverstripe/recipe-cms](http://github.com/silverstripe/recipe-cms). For information on how to change the dependencies in a recipe, please have a look at [https://github.com/silverstripe/recipe-plugin](https://github.com/silverstripe/recipe-plugin). In addition, installer includes [theme/simple](https://github.com/silverstripe-themes/silverstripe-simple) as a default theme.
+ * [`framework`](http://github.com/silverstripe/silverstripe-framework): Module including the base framework
+ * [`cms`](http://github.com/silverstripe/silverstripe-cms): Module including a Content Management System
+ * [`siteconfig`](http://github.com/silverstripe/silverstripe-siteconfig): Module providing a Settings tab in the admin section allowing users to set site wide global configuration.
+ * `themes/simple` (optional)
 
 ## Installation ##
 
-`composer create-project silverstripe/installer my-app`
-
-See [Getting Started](https://docs.silverstripe.org/en/4/getting_started/) for more information.
+See [installation on different platforms](http://doc.silverstripe.org/framework/en/installation/),
+and [installation from source](http://doc.silverstripe.org/framework/en/installation/from-source).
 
 ## Bugtracker ##
 
 Bugs are tracked on github.com ([framework issues](https://github.com/silverstripe/silverstripe-framework/issues),
 [cms issues](https://github.com/silverstripe/silverstripe-cms/issues)). 
-Please read our [issue reporting guidelines](https://docs.silverstripe.org/en/4/contributing/issues_and_bugs/).
+Please read our [issue reporting guidelines](http://doc.silverstripe.org/framework/en/misc/contributing/issues).
 
 ## Development and Contribution ##
 
-If you would like to make changes to the Silverstripe core codebase, we have an extensive [guide to contributing code](https://docs.silverstripe.org/en/4/contributing/code/).
+If you would like to make changes to the SilverStripe core codebase, we have an extensive [guide to contributing code](http://doc.silverstripe.org/framework/en/misc/contributing/code).
 
 ## Links ##
 
- * [Changelogs](https://docs.silverstripe.org/en/4/changelogs/)
+ * [Changelogs](http://doc.silverstripe.org/framework/en/changelogs/)
  * [Bugtracker: Framework](https://github.com/silverstripe/silverstripe-framework/issues)
  * [Bugtracker: CMS](https://github.com/silverstripe/silverstripe-cms/issues)
  * [Bugtracker: Installer](https://github.com/silverstripe/silverstripe-installer/issues)
  * [Forums](http://silverstripe.org/forums)
  * [Developer Mailinglist](https://groups.google.com/forum/#!forum/silverstripe-dev)
- * [License](./LICENSE)
+
+## License ##
+
+	Copyright (c) 2007-2013, SilverStripe Limited - www.silverstripe.com
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+
+	    * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+	    * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the 
+	      documentation and/or other materials provided with the distribution.
+	    * Neither the name of SilverStripe nor the names of its contributors may be used to endorse or promote products derived from this software 
+	      without specific prior written permission.
+
+	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+	IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 
+	LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE 
+	GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
+	STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY 
+	OF SUCH DAMAGE.

app/_config/assets.yml

@@ -1,26 +0,0 @@
-# SilverStripe 4.4 changes the way files are resolved. `silverstripe-assets` resolves files using a variety of formats
-# by default. When starting a brand new project on SilverStripe 4.4 or greater, those extra formats are not needed and
-# will slowdown file resolution requests a bit. This config removes those redundant formats.
-
----
-Name: project-assetsflysystem
-After: '#assetsflysystem'
----
-SilverStripe\Core\Injector\Injector:
-  # Define public resolution strategy
-  SilverStripe\Assets\FilenameParsing\FileResolutionStrategy.public:
-    class: SilverStripe\Assets\FilenameParsing\FileIDHelperResolutionStrategy
-    properties:
-      ResolutionFileIDHelpers:
-        - '%$SilverStripe\Assets\FilenameParsing\HashFileIDHelper'
-        - '%$SilverStripe\Assets\FilenameParsing\NaturalFileIDHelper'
-      DefaultFileIDHelper: '%$SilverStripe\Assets\FilenameParsing\NaturalFileIDHelper'
-      VersionedStage: Live
-  # Define protected resolution strategy
-  SilverStripe\Assets\FilenameParsing\FileResolutionStrategy.protected:
-    class: SilverStripe\Assets\FilenameParsing\FileIDHelperResolutionStrategy
-    properties:
-      DefaultFileIDHelper: '%$SilverStripe\Assets\FilenameParsing\HashFileIDHelper'
-      ResolutionFileIDHelpers:
-        - '%$SilverStripe\Assets\FilenameParsing\HashFileIDHelper'
-      VersionedStage: Stage

app/_config/email.yml

@@ -1,9 +0,0 @@
-# See https://docs.silverstripe.org/en/4/developer_guides/email/ for additional information about setting up email
----
-Name: project-emailconfig
-After:
-  - '#emailconfig'
----
-SilverStripe\Core\Injector\Injector:
-  Swift_Transport:
-    class: Swift_SendmailTransport

app/_config/theme.yml

@@ -1,8 +0,0 @@
----
-Name: mytheme
----
-SilverStripe\View\SSViewer:
-  themes:
-    - '$public'
-    - 'simple'
-    - '$default'

assets/.htaccess

@@ -0,0 +1,36 @@
+#
+# Whitelist appropriate assets files.
+# Note that you will need to maintain this whitelist yourself if you modify File::$allowed_extensions
+#
+# If you are not using Apache then you can ignore this file.
+# If you are using IIS then you should look at assets/web.config instead.
+#
+# To add an extension to the list, you need to put another string of the form "ext|" on the
+# FilesMatch line, inside the parentheses. 
+#
+# For example, to add *.exe files to list of downloadable assets, change this line: 
+#
+#   <FilesMatch "\.(?i:html|htm|xhtml...
+#
+# To this:
+#
+#   <FilesMatch "\.(?i:exe|html|htm|xhtml...
+#
+# Once you do this, visitors will be able to download *.exe files that are uploaded to the assets
+# directory.
+#
+# Please note Apache 1.3 does not support regular expression case insensitive matches using PCRE style.
+#
+Deny from all
+<FilesMatch "\.(?i:html|htm|xhtml|js|css|bmp|png|gif|jpg|jpeg|ico|pcx|tif|tiff|au|mid|midi|mpa|mp3|ogg|m4a|ra|wma|wav|cda|avi|mpg|mpeg|asf|wmv|m4v|mov|mkv|mp4|ogv|webm|swf|flv|ram|rm|doc|docx|dotx|dotm|txt|rtf|xls|xlsx|xltx|xltm|pages|ppt|pptx|potx|potm|pps|csv|cab|arj|tar|zip|zipx|sit|sitx|gz|tgz|bz2|ace|arc|pkg|dmg|hqx|jar|xml|pdf|gpx|kml)$">
+	Allow from all
+</FilesMatch>
+
+# We disable PHP via several methods
+# Replace the handler with the default plaintext handler
+AddHandler default-handler php phtml php3 php4 php5 inc
+
+<IfModule mod_php5.c>
+	# Turn the PHP engine off
+	php_flag engine off
+</IfModule>

behat.yml

@@ -1,21 +1,23 @@
-# Note: Currently chrome latest is recommended
-# Behat test setup requires an `.env` with `SS_BASE_URL` defined, as well
-# as each of the following commands to initiate a test run:
-# ========================================================================= #
-# composer require silverstripe/recipe-testing ^1
-# vendor/bin/behat-ss @<module>
-# ========================================================================= #
+# Behat integration test setup (see behat.org).
+# More information about running these tests can be found under
+# https://github.com/silverstripe-labs/silverstripe-behat-extension.
+# It is safe to remove this file for normal website operation.
 default:
-  suites: []
+  filters:
+    tags: "~@todo"
+  formatter:
+    name: pretty
+
   extensions:
+
     SilverStripe\BehatExtension\MinkExtension:
-      default_session: facebook_web_driver
-      javascript_session: facebook_web_driver
-      facebook_web_driver:
-        browser: chrome
-        wd_host: "http://127.0.0.1:9515" #chromedriver port
-      browser_name: chrome
-    SilverStripe\BehatExtension\Extension:
-      bootstrap_file: vendor/silverstripe/cms/tests/behat/serve-bootstrap.php
-      screenshot_path: '%paths.base%/artifacts/screenshots'
-      retry_seconds: 4 # default is 2
+      # Adjust "base_url" to your own website URL.
+      # Can be set via environment variables or _ss_environment.php/$_FILE_TO_URL_MAPPING as well.
+      # base_url:  http://localhost/
+      files_path: %behat.paths.base%/framework/tests/behat/features/files/
+      default_session: selenium2
+      javascript_session: selenium2
+      selenium2:
+        browser: firefox
+
+    SilverStripe\BehatExtension\Extension:  ~

composer.json

@@ -1,36 +1,20 @@
 {
     "name": "silverstripe/installer",
-    "type": "silverstripe-recipe",
     "description": "The SilverStripe Framework Installer",
     "require": {
-        "php": "^7.4 || ^8.0",
-        "silverstripe/recipe-plugin": "^1.2",
-        "silverstripe/recipe-cms": "4.x-dev",
-        "silverstripe-themes/simple": "~3.2.0",
-        "silverstripe/login-forms": "4.x-dev"
+        "php": ">=5.3.3",
+        "silverstripe/cms": "3.7.3@stable",
+        "silverstripe/framework": "3.7.3@stable",
+        "silverstripe/reports": "3.7.3@stable",
+        "silverstripe/siteconfig": "3.7.3@stable",
+        "silverstripe-themes/simple": "3.1.*"
     },
     "require-dev": {
-        "phpunit/phpunit": "^9.5"
-    },
-    "extra": {
-        "project-files": [
-            "app/_config/*",
-            ".env.example",
-            ".graphql-generated/*"
-        ],
-        "public-files": [
-            "assets/*",
-            "favicon.ico"
-        ],
-        "resources-dir": "_resources"
+        "phpunit/phpunit": "^3 || ^4 || ^5"
     },
+    "extra": [],
     "config": {
-        "process-timeout": 600,
-        "allow-plugins": {
-            "composer/installers": true,
-            "silverstripe/recipe-plugin": true,
-            "silverstripe/vendor-plugin": true
-        }
+        "process-timeout": 600
     },
     "prefer-stable": true,
     "minimum-stability": "dev"

index.php

@@ -0,0 +1,68 @@
+<?php
+
+/************************************************************************************
+ ************************************************************************************
+ **                                                                                **
+ **  If you can read this text in your browser then you don't have PHP installed.  **
+ **  Please install PHP 5.3.3 or higher, preferably PHP 5.3.4+.                    **
+ **                                                                                **
+ ************************************************************************************
+ ************************************************************************************/
+
+/**
+ * This script bolts on top of SilverStripe to allow access without the use of .htaccess
+ * rewriting rules.
+ */
+
+// This is the URL of the script that everything must be viewed with.
+define('BASE_SCRIPT_URL', 'index.php/');
+
+$ruLen = strlen($_SERVER['REQUEST_URI']);
+$snLen = strlen($_SERVER['SCRIPT_NAME']);
+
+$isIIS = (strpos($_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS') !== false);
+
+// IIS will populate server variables using one of these two ways
+if ($isIIS) {
+    if ($_SERVER['REQUEST_URI'] == $_SERVER['SCRIPT_NAME']) {
+        $url = "";
+    } elseif ($ruLen > $snLen && substr($_SERVER['REQUEST_URI'], 0, $snLen + 1) == ($_SERVER['SCRIPT_NAME'] . '/')) {
+        $url = substr($_SERVER['REQUEST_URI'], $snLen+1);
+        $url = strtok($url, '?');
+    } else {
+        $url = $_SERVER['REQUEST_URI'];
+        if ($url[0] == '/') {
+            $url = substr($url, 1);
+        }
+        $url = strtok($url, '?');
+    }
+
+// Apache will populate the server variables this way
+} else {
+    if ($ruLen > $snLen && substr($_SERVER['REQUEST_URI'], 0, $snLen+1) == ($_SERVER['SCRIPT_NAME'] . '/')) {
+        $url = substr($_SERVER['REQUEST_URI'], $snLen+1);
+        $url = strtok($url, '?');
+    } else {
+        $url = "";
+    }
+}
+
+$_GET['url'] = $_REQUEST['url'] = $url;
+
+$fileName = dirname($_SERVER['SCRIPT_FILENAME']) . '/' . $url;
+
+/**
+ * This code is a very simple wrapper for sending files
+ * Very quickly pass through references to files
+ */
+if ($url && file_exists($fileName)) {
+    $fileURL = (dirname($_SERVER['SCRIPT_NAME'])=='/'?'':dirname($_SERVER['SCRIPT_NAME'])) . '/' . $url;
+    if (isset($_SERVER['QUERY_STRING'])) {
+        $fileURL .= '?' . $_SERVER['QUERY_STRING'];
+    }
+    header($_SERVER['SERVER_PROTOCOL'] . ' 301 Moved Permanently');
+    header("Location: $fileURL");
+    die();
+}
+
+require_once 'framework/main.php';

install-frameworkmissing.html

@@ -0,0 +1,35 @@
+<html>
+	<head>
+		<title>The SilverStripe Framework is missing</title>
+		<link rel="stylesheet" type="text/css" href="framework/dev/install/css/install.css" />
+	</head>
+	<body>
+		<div id="BgContainer">
+			<div id="Container">
+				<div id="Header">
+					<h1>SilverStripe CMS Installation</h1>
+				</div>
+				
+				<div id="Navigation">&nbsp;</div>
+				<div class="clear"><!-- --></div>
+				
+				<div id="Layout">
+					<div class="typography">
+						<p><strong>The SilverStripe Framework is missing</strong> - To run the installer, at least the <strong>framework</strong> module is required.</p>
+		
+						<p>If you downloaded a pre-packaged zip or tar.gz, something might have gone wrong with the packaging
+						process. Please try re-downloading, or try an older version.</p>
+
+						<p>If you downloaded this from <a href="https://github.com/silverstripe">GitHub</a>, you need to install the <strong>framework</strong> module. You can do this manually, or by running the tools/new-project script from the command line.</p>
+					</div>
+				</div>
+				<div class="clear"><!-- --></div>
+			</div>
+			
+			<div id="Footer">
+				<div class="footerTop"><!-- --></div>
+				<p><a href="http://silverstripe.org">SilverStripe Open Source CMS</a> | Copyright &copy; 2008-2011 SilverStripe Limited</p>
+			</div>
+		</div>
+	</body>
+</html>

install.php

@@ -0,0 +1,16 @@
+<?php
+
+/************************************************************************************
+ ************************************************************************************
+ **                                                                                **
+ **  If you can read this text in your browser then you don't have PHP installed.  **
+ **  Please install PHP 5.3.3 or higher, preferably PHP 5.3.4+.                    **
+ **                                                                                **
+ ************************************************************************************
+ ************************************************************************************/
+
+if (!file_exists('framework') || !file_exists('framework/_config.php')) {
+    include 'install-frameworkmissing.html';
+} else {
+    include './framework/dev/install/install.php';
+}

mysite/.htaccess

@@ -0,0 +1,3 @@
+<FilesMatch "\.(php|php3|php4|php5|phtml|inc)$">
+	Deny from all
+</FilesMatch>

mysite/_config.php

@@ -0,0 +1,12 @@
+<?php
+
+global $project;
+$project = 'mysite';
+
+global $database;
+$database = '';
+
+require_once 'conf/ConfigureFromEnv.php';
+
+// Set the site locale
+i18n::set_locale('en_US');

mysite/_config/config.yml

@@ -0,0 +1,13 @@
+---
+Name: mysite
+After:
+  - 'framework/*'
+  - 'cms/*'
+---
+# YAML configuration for SilverStripe
+# See http://doc.silverstripe.org/framework/en/topics/configuration
+# Caution: Indentation through two spaces, not tabs
+SSViewer:
+  theme: 'simple'
+Debug:
+  friendly_error_httpcode: true

mysite/code/Page.php

@@ -0,0 +1,10 @@
+<?php
+
+class Page extends SiteTree
+{
+    private static $db = array(
+    );
+
+    private static $has_one = array(
+    );
+}

mysite/code/Page_Controller.php

@@ -0,0 +1,29 @@
+<?php
+
+class Page_Controller extends ContentController
+{
+    /**
+     * An array of actions that can be accessed via a request. Each array element should be an action name, and the
+     * permissions or conditions required to allow the user to access it.
+     *
+     * <code>
+     * array (
+     *     'action', // anyone can access this action
+     *     'action' => true, // same as above
+     *     'action' => 'ADMIN', // you must have ADMIN permissions to access this action
+     *     'action' => '->checkAction' // you can only access this action if $this->checkAction() returns true
+     * );
+     * </code>
+     *
+     * @var array
+     */
+    private static $allowed_actions = array(
+    );
+
+    public function init()
+    {
+        parent::init();
+        // You can include any CSS or JS required by your project here.
+        // See: http://doc.silverstripe.org/framework/en/reference/requirements
+    }
+}

phpcs.xml.dist

@@ -1,8 +1,6 @@
 <?xml version="1.0"?>
 <ruleset name="SS3">
-    <description>Coding standard for SilverStripe 4.x</description>
-
-    <file>app</file>
+    <description>Coding standard for SilverStripe 3.x</description>
 
     <!-- Don't sniff third party libraries -->
     <exclude-pattern>*/vendor/*</exclude-pattern>

phpunit.teamcity.mssql.xml

@@ -0,0 +1,33 @@
+<phpunit bootstrap="framework/tests/bootstrap.php" colors="false" backupGlobals="false" backupStaticAttributes="false" convertErrorsToExceptions="true" convertNoticesToExceptions="true" convertWarningsToExceptions="true" processIsolation="false" stopOnError="false" stopOnFailure="false" stopOnIncomplete="false" stopOnSkipped="false" syntaxCheck="false" verbose="true" strict="true">
+
+	<testsuite name="Default">
+		<directory>mysite/tests</directory>
+		<directory>cms/tests</directory>
+		<directory>framework/tests</directory>
+		<directory>mssql/tests</directory>
+	</testsuite>
+
+	<listeners>
+		<listener class="SS_TestListener" file="framework/dev/TestListener.php" />
+    	<listener class="TeamCityListener" file="framework/dev/TeamCityListener.php"/>
+	</listeners>
+
+	<groups>
+		<exclude>
+			<group>sanitychecks</group>
+		</exclude>
+	</groups>
+
+	<php>
+		<!-- 
+			Set different database connection.
+			Relies on the presence of the 'zframeworktest_dbswitcher' module
+			(https://github.com/silverstripe-labs/zframeworktest_dbswitcher),
+			as well as on constants in _ss_environment.php (see module README).
+		-->
+	  <get name="db" value="mssql"/>
+	  <!-- Always flush the manifest -->
+	  <get name="flush" value="1"/>
+	</php>
+
+</phpunit>

phpunit.xml.dist

@@ -1,16 +1,14 @@
-<?xml version="1.0" encoding="UTF-8"?>
 <!-- 
 	PHPUnit configuration for SilverStripe
 
-	Requires PHPUnit 9+
+	Requires PHPUnit 3.5+
 
 	Usage: 
-	 - "vendor/bin/phpunit": Runs all tests in all folders
-	 - "vendor/bin/phpunit vendor/silverstripe/framework/tests/": Run all tests of the framework module
-	 - "vendor/bin/phpunit vendor/silverstripe/framework/tests/filesystem": Run all filesystem tests within framework
-	 - "vendor/bin/phpunit vendor/silverstripe/framework/tests/filesystem/FolderTest.php": Run a single test
-	 - "vendor/bin/phpunit <dash><dash>coverage-html assets/": Generate coverage report (replace
-	                                                           <dash> with "-", requires xdebug or phpdbg)
+	 - "phpunit": Runs all tests in all folders
+	 - "phpunit framework/tests/": Run all tests of the framework module
+	 - "phpunit framework/tests/filesystem": Run all filesystem tests within the framework module
+	 - "phpunit framework/tests/filesystem/FolderTest.php": Run a single test
+	 - "phpunit <dash><dash>coverage-html assets/": Generate coverage report (replace <dash> with "-", requires xdebug)
 	
 	More information:
 	- http://www.phpunit.de/manual/current/en/textui.html
@@ -18,42 +16,22 @@
 
 	It is safe to remove this file for normal website operation.
 -->
-<phpunit bootstrap="vendor/silverstripe/framework/tests/bootstrap.php" colors="true">
-    <testsuites>
+<phpunit bootstrap="framework/tests/bootstrap.php" colors="true">
+
 	<testsuite name="Default">
-            <directory>app/tests</directory>
-            <directory>vendor/silverstripe/cms/tests/php</directory>
-            <directory>vendor/silverstripe/framework/tests/php</directory>
+		<directory>mysite/tests</directory>
+		<directory>cms/tests</directory>
+		<directory>framework/tests</directory>
+		<directory>framework/admin/tests</directory>
 	</testsuite>
 	
-        <!-- Framework ORM tests are split up to run in parallel -->
-        <testsuite name="framework-core">
-            <directory>vendor/silverstripe/framework/tests/php</directory>
-            <exclude>vendor/silverstripe/framework/tests/php/ORM</exclude>
-        </testsuite>
-        <testsuite name="framework-orm">
-            <directory>vendor/silverstripe/framework/tests/php/ORM</directory>
-        </testsuite>
+	<listeners>
+		<listener class="SS_TestListener" file="framework/dev/TestListener.php" />
+	</listeners>
 	
-        <!-- other core components -->
-        <testsuite name="core">
-            <directory>vendor/silverstripe/assets/tests/php/</directory>
-            <directory>vendor/silverstripe/versioned/tests/php/</directory>
-        </testsuite>
-
-        <!-- admin components -->
-        <testsuite name="admin">
-            <directory>vendor/silverstripe/admin/tests/php/</directory>
-            <directory>vendor/silverstripe/asset-admin/tests/php/</directory>
-            <directory>vendor/silverstripe/campaign-admin/tests/php/</directory>
-            <directory>vendor/silverstripe/cms/tests/</directory>
-            <directory>vendor/silverstripe/config/tests/</directory>
-            <directory>vendor/silverstripe/errorpage/tests/</directory>
-            <directory>vendor/silverstripe/graphql/tests/</directory>
-            <directory>vendor/silverstripe/login-forms/tests/php/</directory>
-            <directory>vendor/silverstripe/mimevalidator/tests/</directory>
-            <directory>vendor/silverstripe/reports/tests/</directory>
-            <directory>vendor/silverstripe/siteconfig/tests/php/</directory>
-        </testsuite>
-    </testsuites>
+	<groups>
+		<exclude>
+			<group>sanitychecks</group>
+		</exclude>
+	</groups>
 </phpunit>

public/assets/.htaccess

@@ -1,35 +0,0 @@
-#
-# Whitelist appropriate assets files.
-# This file is automatically generated via File.allowed_extensions configuration
-# See AssetAdapter::renderTemplate() for reference.
-#
-
-# We disable PHP via several methods
-# Replace the handler with the default plaintext handler
-AddHandler default-handler php phtml php3 php4 php5 inc
-
-<IfModule mod_php5.c>
-    # Turn the PHP engine off
-    php_flag engine off
-</IfModule>
-
-<IfModule mod_rewrite.c>
-    <IfModule mod_env.c>
-        SetEnv HTTP_MOD_REWRITE On
-    </IfModule>
-
-    RewriteEngine On
-
-    # Allow error pages
-    RewriteCond %{REQUEST_FILENAME} -f
-    RewriteRule error[^\\/]*\.html$ - [L]
-
-    # Block invalid file extensions
-    RewriteCond %{REQUEST_URI} !^[^.]*\.(?i:css|js|ace|arc|arj|asf|au|avi|bmp|bz2|cab|cda|csv|dmg|doc|docx|dotx|flv|gif|gpx|gz|hqx|ico|jpeg|jpg|kml|m4a|m4v|mid|midi|mkv|mov|mp3|mp4|mpa|mpeg|mpg|ogg|ogv|pages|pcx|pdf|png|pps|ppt|pptx|potx|ra|ram|rm|rtf|sit|sitx|tar|tgz|tif|tiff|txt|wav|webm|wma|wmv|xls|xlsx|xltx|zip|zipx)$
-    RewriteRule .* - [F]
-
-    # Non-existent files passed to requesthandler
-    RewriteCond %{REQUEST_URI} ^(.*)$
-    RewriteCond %{REQUEST_FILENAME} !-f
-    RewriteRule .* ../index.php [QSA]
-</IfModule>

web.config

@@ -1,23 +1,19 @@
 <!-- Routing configuration for Microsoft IIS web server -->
 <configuration>
 	<system.webServer>
-        <rewrite>
-            <rules>
-                <rule name="SilverStripe Global URLs">
-                    <match url="^(.*)$" />
-                    <conditions>
-                        <add input="{R:1}" matchType="Pattern" pattern="public(/|$)" negate="true" />
-                    </conditions>
-                    <action type="Rewrite" url="public/{R:1}" appendQueryString="true" />
-                </rule>
-                <rule name="SilverStripe Preprocessed URLs" stopProcessing="true">
-                    <match url="^(.*)$" />
-                    <conditions>
-                        <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
-                    </conditions>
-                    <action type="Rewrite" url="public/index.php" appendQueryString="true" />
-                </rule>
-            </rules>
-        </rewrite>
+		<security>
+			<requestFiltering>
+				<hiddenSegments>
+					<add segment="silverstripe-cache" />
+					<add segment="vendor" />
+					<add segment="composer.json" />
+					<add segment="composer.lock" />
+				</hiddenSegments>
+				<fileExtensions allowUnlisted="true" >
+					<add fileExtension=".ss" allowed="false"/>
+					<add fileExtension=".yml" allowed="false"/>
+				</fileExtensions>
+			</requestFiltering>
+		</security>
 	</system.webServer>
 </configuration>