[pull] master from YOURLS:master#36
Open
pull[bot] wants to merge 353 commits into
Open
Conversation
Co-authored-by: ozh <ozh@users.noreply.github.com>
Co-authored-by: ozh <ozh@users.noreply.github.com>
[skip ci]
Fixes #3523 Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>
[skip ci]
[skip ci]
Co-authored-by: ozh <ozh@users.noreply.github.com>
Co-authored-by: ozh <ozh@users.noreply.github.com>
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4 to 5. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@v4...v5) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.24.0 to 2.25.0. - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](shivammathur/setup-php@2.24.0...2.25.0) --- updated-dependencies: - dependency-name: shivammathur/setup-php dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.25.0 to 2.25.1. - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](shivammathur/setup-php@2.25.0...2.25.1) --- updated-dependencies: - dependency-name: shivammathur/setup-php dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.25.1 to 2.25.2. - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](shivammathur/setup-php@2.25.1...2.25.2) --- updated-dependencies: - dependency-name: shivammathur/setup-php dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: ozh <ozh@users.noreply.github.com>
Co-authored-by: ozh <ozh@users.noreply.github.com>
Check if `click_limit` is empty
Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.25.2 to 2.25.4. - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](shivammathur/setup-php@2.25.2...2.25.4) --- updated-dependencies: - dependency-name: shivammathur/setup-php dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.25.4 to 2.25.5. - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](shivammathur/setup-php@2.25.4...2.25.5) --- updated-dependencies: - dependency-name: shivammathur/setup-php dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: ozh <ozh@users.noreply.github.com>
Co-authored-by: ozh <ozh@users.noreply.github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 1 to 2. - [Release notes](https://github.com/tibdex/github-app-token/releases) - [Commits](tibdex/github-app-token@v1...v2) --- updated-dependencies: - dependency-name: tibdex/github-app-token dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
* Fix debug log messages with correct function * debug mode and log improvements - yourls_get_debug_mode() gets actual debug mode, not just the CONST value - yourls_debug_log() only logs if debug mode is true Fixes #4041 * Don't enforce twice the error reporting it's already taken care of in yourls_db_connect() Also : code style * Don't force debug after install As a result unit tests were always running with debug mode on * Update tests Everything must run the same no matter the value of YOURLS_DEBUG
Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.37.0 to 2.37.1. - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](shivammathur/setup-php@2.37.0...2.37.1) --- updated-dependencies: - dependency-name: shivammathur/setup-php dependency-version: 2.37.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Make tests debugging easier * Remove displayDetailsOnPhpunitNotices because PHPUnit 10 & 11 trip up
* Prevent XSS in referrers * Add tests for yourls_get_domain()
Empty file and not referenced anywhere
* New action to allow custom redirect logging Closes #3990 --------- Co-authored-by: dgw <dgw@technobabbl.es>
* Implement cookie prefixes * Add tests
Bumps the composer group with 1 update in the /tests directory: [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit). Updates `phpunit/phpunit` from 11.5.50 to 12.5.22 - [Release notes](https://github.com/sebastianbergmann/phpunit/releases) - [Changelog](https://github.com/sebastianbergmann/phpunit/blob/12.5.22/ChangeLog-12.5.md) - [Commits](sebastianbergmann/phpunit@11.5.50...12.5.22) --- updated-dependencies: - dependency-name: phpunit/phpunit dependency-version: 12.5.22 dependency-type: direct:production dependency-group: composer ... Signed-off-by: dependabot[bot] <support@github.com>
* Update checks for min PHP & MySQL requirements * Update unit test comment as well
* Deprecated md5 and weak algos in API sig * Remove md5 info from tools.php * Warn user about md5 in config.php * Hashing password: don't force PASSWORD_BCRYPT. Instead, use PASSWORD_DEFAULT, which is bcrypt as of writing, but may evolve in future PHP releases. * Replace `===` with `hash_equals()` where needed * Enforce REMOTE_ADDR unless trusted proxy * Increase API sig length. Make it filterable and customizable * Escape HTML everywhere * Introduce a new function to escape content except those whitelisted * Decouple API and Cookie * Remove those stupid "since 0.1" that make no sense * Update all tests accordingly Remaining md5() are kept for backward compat, and advertised as deprecated, or kept in test to ensure backward compat tests. To be mentioned in the changelog and blog post: API signatures and cookie values now use separate values, to ensure purpose separation. Existing sessions will be invalidated (users will need to log in again) and API signatures will be regenerated (get new value from your admin/tools.php)
Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.37.1 to 2.37.2. - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](shivammathur/setup-php@2.37.1...2.37.2) --- updated-dependencies: - dependency-name: shivammathur/setup-php dependency-version: 2.37.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Fix early yourls_esc_html() * Update includes/functions-html.php --------- Co-authored-by: dgw <dgw@technobabbl.es>
Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v6...v7) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
* Restore limited HTML in plugin list * Add unit tests for this Co-authored-by: dgw <dgw@technobabbl.es>
* Update dependencies - Upgrading composer/ca-bundle (1.5.5 => 1.5.12) - Upgrading maxmind-db/reader (v1.12.0 => v1.13.1) - Upgrading maxmind/web-service-common (v0.10.0 => v0.11.1) - Upgrading ozh/bookmarkletgen (1.2.2 => 1.3) - Upgrading rmccue/requests (v2.0.15 => v2.0.18) - Upgrading symfony/polyfill-intl-idn (v1.31.0 => v1.38.1) - Upgrading symfony/polyfill-intl-normalizer (v1.31.0 => v1.38.0) - Upgrading symfony/polyfill-mbstring (v1.31.0 => v1.38.1) * composer config platform-check false
…tters (#4124) * Make tests independent of YOURLS_UNIQUE_URLS * Tests are independent of YOURLS_PRIVATE * Make tests independent of YOURLS_URL_CONVERT * Make tests independent of YOURLS_FLOOD_* * Introduce filtered getters for YOURLS_FLOOD_DELAY_SECONDS and YOURLS_FLOOD_IP_WHITELIST. * Tests are independent of YOURLS_HOURS_OFFSET * Tests are independent of YOURLS_COOKIEKEY * Speed up a bit the hash tests * More tests with a few easy functions * Trickier tests: yourls_page() and yourls_die() * Remove constants from Config.php and from test config sample. Closes #4068
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )