diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml new file mode 100644 index 000000000..5ec057795 --- /dev/null +++ b/.github/workflows/build.yaml @@ -0,0 +1,64 @@ +name: Release Builds + +on: + release: + types: [published] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: 7.1 + extensions: opcache, gd + coverage: none + + - name: Install Dependencies + run: | + sudo apt-get -y update -qq < /dev/null > /dev/null + sudo apt-get -y install -qq git zip < /dev/null > /dev/null + + - name: Retrieval of Builder Scripts + run: | + # Real Grav URL + curl --silent -H "Authorization: token ${{ secrets.GLOBAL_TOKEN }}" -H "Accept: application/vnd.github.v3.raw" ${{ secrets.BUILD_SCRIPT_URL }} --output build-grav.sh + + # Development Local URL + # curl ${{ secrets.BUILD_SCRIPT_URL }} --output build-grav.sh + + - name: Grav Builder + run: | + bash ./build-grav.sh + + - name: Upload Grav Release Assets + id: upload-release-asset + uses: alexellis/upload-assets@0.2.2 + env: + GITHUB_TOKEN: ${{ github.token }} + with: + asset_paths: '["./grav-dist/*.zip"]' + + slack: + name: Slack + needs: build + runs-on: ubuntu-latest + if: always() + steps: + - uses: technote-space/workflow-conclusion-action@v2 + - uses: 8398a7/action-slack@v3 + with: + status: failure + fields: repo,message,author,action + icon_emoji: ':octocat:' + author_name: 'Github Action Build' + text: '🚚 Automated Build Failure' + env: + GITHUB_TOKEN: ${{ github.token }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + if: env.WORKFLOW_CONCLUSION == 'failure' diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml new file mode 100644 index 000000000..94b417d51 --- /dev/null +++ b/.github/workflows/tests.yaml @@ -0,0 +1,67 @@ +name: PHP Tests + +on: + push: + branches: [ develop ] + pull_request: + branches: [ develop ] + +jobs: + + unit-tests: + + runs-on: ${{ matrix.os }} + + strategy: + matrix: + php: [ 7.4, 7.3, 7.2 ] + os: [ubuntu-latest] + + steps: + - uses: actions/checkout@v2 + + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: ${{ matrix.php }} + extensions: opcache, gd + coverage: none + + - name: Validate composer.json and composer.lock + run: composer validate + + - name: Get composer cache directory + id: composer-cache + run: echo "::set-output name=dir::$(composer config cache-files-dir)" + + - name: Cache dependencies + uses: actions/cache@v2 + with: + path: ${{ steps.composer-cache.outputs.dir }} + key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} + restore-keys: ${{ runner.os }}-composer- + + - name: Install dependencies + run: composer install --prefer-dist --no-progress + + - name: Run test suite + run: vendor/bin/codecept run + + slack: + name: Slack + needs: unit-tests + runs-on: ubuntu-latest + if: always() + steps: + - uses: technote-space/workflow-conclusion-action@v2 + - uses: 8398a7/action-slack@v3 + with: + status: failure + fields: repo,message,author,action + icon_emoji: ':octocat:' + author_name: 'Github Action Tests' + text: '💥 Automated Test Failure' + env: + GITHUB_TOKEN: ${{ github.token }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + if: env.WORKFLOW_CONCLUSION == 'failure' diff --git a/.travis.yml b/.travis.yml index 14b78b2d3..e7bc55645 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,8 +6,6 @@ php: - '7.4' branches: only: - - develop - - master - build_test notifications: email: @@ -46,8 +44,9 @@ before_install: - if [ $TRAVIS_BRANCH == 'develop' ] || [ $TRAVIS_PULL_REQUEST != 'false' ]; then composer install --dev --prefer-dist; fi - - if [ $TRAVIS_BRANCH != 'develop' ] && [ $TRAVIS_PHP_VERSION == "7.1" ] && [ $TRAVIS_PULL_REQUEST == "false" ]; then - export TRAVIS_TAG=$(curl --fail --user "${GH_API_USER}" -s https://api.github.com/repos/getgrav/grav/releases/latest | grep tag_name | head -n 1 | cut -d '"' -f 4); + - | + if [ $TRAVIS_BRANCH != 'develop' ] && [ $TRAVIS_PHP_VERSION == "7.1" ] && [ $TRAVIS_PULL_REQUEST == "false" ]; then + export TRAVIS_TAG=$(curl -H "Authorization: token ${GH_TOKEN}" --fail -s https://api.github.com/repos/getgrav/grav/releases/latest | grep tag_name | head -n 1 | cut -d '"' -f 4); eval "$(curl -sL https://raw.githubusercontent.com/travis-ci/gimme/master/gimme | GIMME_GO_VERSION=1.13 bash)"; go get github.com/github-release/github-release; git clone --quiet --depth=50 --branch=master https://${BB_TOKEN}bitbucket.org/rockettheme/grav-devtools.git $RT_DEVTOOLS &>/dev/null; diff --git a/CHANGELOG.md b/CHANGELOG.md index 7bd17c79c..57ef12da5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -539,6 +539,19 @@ * Optimization: Initialize debugbar only after the configuration has been loaded * Optimization: Combine some early Grav processors into a single one +# v1.6.31 +## mm/dd/2020 + +1. [](#bugfix) + * Fixed `pages` field escaping issues, needs admin update, too [admin#1990](https://github.com/getgrav/grav-plugin-admin/issues/1990) + +# v1.6.30 +## 12/03/2020 + +1. [](#bugfix) + * Rollback `samesite` cookie logic as it causes issues with PHP < 7.3 [#309](https://github.com/getgrav/grav/issues/3089) + * Fixed issue with `.travis.yml` due to GitHub API deprecated functionality + # v1.6.29 ## 12/02/2020 diff --git a/system/config/system.yaml b/system/config/system.yaml index 6484bc95d..27540ddd5 100644 --- a/system/config/system.yaml +++ b/system/config/system.yaml @@ -168,7 +168,6 @@ session: uniqueness: path # Should sessions be `path` based or `security.salt` based secure: false # Set session secure. If true, indicates that communication for this cookie must be over an encrypted transmission. Enable this only on sites that run exclusively on HTTPS httponly: true # Set session HTTP only. If true, indicates that cookies should be used only over HTTP, and JavaScript modification is not allowed. - samesite: # Set session SameSite. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite split: true # Sessions should be independent between site and plugins (such as admin) path: diff --git a/system/src/Grav/Common/Page/Pages.php b/system/src/Grav/Common/Page/Pages.php index bab0ccaec..51c298b44 100644 --- a/system/src/Grav/Common/Page/Pages.php +++ b/system/src/Grav/Common/Page/Pages.php @@ -1044,7 +1044,7 @@ class Pages } /** - * Get list of route/title of all pages. + * Get list of route/title of all pages. Title is in HTML. * * @param PageInterface|null $current * @param int $level @@ -1076,7 +1076,7 @@ class Pages } if ($showFullpath) { - $option = $current->route(); + $option = htmlspecialchars($current->route()); } else { $extra = $showSlug ? '(' . $current->slug() . ') ' : ''; $option = str_repeat('—-', $level). '▸ ' . $extra . htmlspecialchars($current->title()); diff --git a/system/src/Grav/Common/Service/SessionServiceProvider.php b/system/src/Grav/Common/Service/SessionServiceProvider.php index f9da5d253..2d4dffbc8 100644 --- a/system/src/Grav/Common/Service/SessionServiceProvider.php +++ b/system/src/Grav/Common/Service/SessionServiceProvider.php @@ -44,7 +44,6 @@ class SessionServiceProvider implements ServiceProviderInterface $cookie_httponly = (bool)$config->get('system.session.httponly', true); $cookie_lifetime = (int)$config->get('system.session.timeout', 1800); $cookie_path = $config->get('system.session.path'); - $cookie_samesite = $config->get('system.session.samesite'); if (null === $cookie_path) { $cookie_path = '/' . trim(Uri::filterPath($uri->rootUrl(false)), '/'); } @@ -96,14 +95,8 @@ class SessionServiceProvider implements ServiceProviderInterface 'cookie_path' => $cookie_path, 'cookie_domain' => $cookie_domain, 'cookie_secure' => $cookie_secure, - 'cookie_httponly' => $cookie_httponly, - ]; - - if ($cookie_samesite) { - $options['cookie_samesite'] = $cookie_samesite; - } - - $options += (array) $config->get('system.session.options'); + 'cookie_httponly' => $cookie_httponly + ] + (array) $config->get('system.session.options'); $session = new Session($options); $session->setAutoStart($enabled); diff --git a/system/src/Grav/Framework/Session/Session.php b/system/src/Grav/Framework/Session/Session.php index 20c41c04a..8f7af7e82 100644 --- a/system/src/Grav/Framework/Session/Session.php +++ b/system/src/Grav/Framework/Session/Session.php @@ -140,7 +140,6 @@ class Session implements SessionInterface 'use_strict_mode' => true, 'use_cookies' => true, 'use_only_cookies' => true, - 'cookie_samesite' => true, 'referer_check' => true, 'cache_limiter' => true, 'cache_expire' => true, @@ -244,19 +243,14 @@ class Session implements SessionInterface if ($sessionExists) { $params = session_get_cookie_params(); - $cookie_options = array ( - 'expires' => time() + $params['lifetime'], - 'path' => $params['path'], - 'domain' => $params['domain'], - 'secure' => $params['secure'], - 'httponly' => $params['httponly'], - 'samesite' => $params['samesite'] - ); - setcookie( $sessionName, session_id(), - $cookie_options + time() + $params['lifetime'], + $params['path'], + $params['domain'], + $params['secure'], + $params['httponly'] ); } @@ -315,20 +309,14 @@ class Session implements SessionInterface public function invalidate() { $params = session_get_cookie_params(); - - $cookie_options = array ( - 'expires' => time() - 42000, - 'path' => $params['path'], - 'domain' => $params['domain'], - 'secure' => $params['secure'], - 'httponly' => $params['httponly'], - 'samesite' => $params['samesite'] - ); - setcookie( session_name(), '', - $cookie_options + time() - 42000, + $params['path'], + $params['domain'], + $params['secure'], + $params['httponly'] ); if ($this->isSessionStarted()) {