From 92f2ffb3c6b2ec321c660f88c207683587fbc0f0 Mon Sep 17 00:00:00 2001 From: Martin Kopp Date: Sun, 14 Apr 2024 12:13:18 +0200 Subject: [PATCH] Joomla! 4.4.4 Stable --- administrator/manifests/files/joomla.xml | 2 +- ...4.4-2024-04-13_php-laminas-diactoros.patch | 11 +++ composer.json | 14 ++- composer.lock | 64 ++++++++++++-- libraries/src/Version.php | 8 +- package-lock.json | 88 +++++++++++-------- package.json | 2 +- 7 files changed, 136 insertions(+), 53 deletions(-) create mode 100644 build/composer_patches/4.4.4-2024-04-13_php-laminas-diactoros.patch diff --git a/administrator/manifests/files/joomla.xml b/administrator/manifests/files/joomla.xml index 9654ba19b85..94ee0392373 100644 --- a/administrator/manifests/files/joomla.xml +++ b/administrator/manifests/files/joomla.xml @@ -6,7 +6,7 @@ www.joomla.org (C) 2019 Open Source Matters, Inc. GNU General Public License version 2 or later; see LICENSE.txt - 4.4.4-rc3-dev + 4.4.4 2024-04 FILES_JOOMLA_XML_DESCRIPTION diff --git a/build/composer_patches/4.4.4-2024-04-13_php-laminas-diactoros.patch b/build/composer_patches/4.4.4-2024-04-13_php-laminas-diactoros.patch new file mode 100644 index 00000000000..57ac8f4d040 --- /dev/null +++ b/build/composer_patches/4.4.4-2024-04-13_php-laminas-diactoros.patch @@ -0,0 +1,11 @@ +--- a/src/HeaderSecurity.php ++++ b/src/HeaderSecurity.php +@@ -155,7 +155,7 @@ public static function assertValidName($name): void + is_object($name) ? $name::class : gettype($name) + )); + } +- if (! preg_match('/^[a-zA-Z0-9\'`#$%&*+.^_|~!-]+$/', $name)) { ++ if (! preg_match('/^[a-zA-Z0-9\'`#$%&*+.^_|~!-]+$/D', $name)) { + throw new Exception\InvalidArgumentException(sprintf( + '"%s" is not valid header name', + $name diff --git a/composer.json b/composer.json index 50eddd315e0..7a1c7c97d3d 100644 --- a/composer.json +++ b/composer.json @@ -16,7 +16,8 @@ "vendor-dir": "libraries/vendor", "github-protocols": ["https"], "allow-plugins": { - "dealerdirect/phpcodesniffer-composer-installer": true + "dealerdirect/phpcodesniffer-composer-installer": true, + "cweagans/composer-patches": true } }, "support": { @@ -102,7 +103,8 @@ "web-token/signature-pack": "^2.2.11", "phpseclib/bcmath_compat": "^2.0.1", "jfcherng/php-diff": "^6.10.14", - "voku/portable-utf8": "6.0.12 as 5.4.0" + "voku/portable-utf8": "6.0.12 as 5.4.0", + "cweagans/composer-patches": "^1.7" }, "require-dev": { "phpunit/phpunit": "^8.5.34", @@ -116,6 +118,14 @@ "replace": { "paragonie/random_compat": "9.99.99" }, + "extra": { + "composer-exit-on-patch-failure": true, + "patches": { + "laminas/laminas-diactoros": { + "Fixes HTTP Multiline Header Termination": "./build/composer_patches/4.4.4-2024-04-13_php-laminas-diactoros.patch" + } + } + }, "scripts": { "post-install-cmd": [ "php build/update_fido_cache.php" diff --git a/composer.lock b/composer.lock index 35e4e56471b..0006556399a 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "42465ec1c271f017d4e38a4f6ab0f2f9", + "content-hash": "8a6ccc2f744185dbb773078c6fd570a1", "packages": [ { "name": "algo26-matthias/idna-convert", @@ -261,6 +261,54 @@ ], "time": "2023-08-30T09:31:38+00:00" }, + { + "name": "cweagans/composer-patches", + "version": "1.7.3", + "source": { + "type": "git", + "url": "https://github.com/cweagans/composer-patches.git", + "reference": "e190d4466fe2b103a55467dfa83fc2fecfcaf2db" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/cweagans/composer-patches/zipball/e190d4466fe2b103a55467dfa83fc2fecfcaf2db", + "reference": "e190d4466fe2b103a55467dfa83fc2fecfcaf2db", + "shasum": "" + }, + "require": { + "composer-plugin-api": "^1.0 || ^2.0", + "php": ">=5.3.0" + }, + "require-dev": { + "composer/composer": "~1.0 || ~2.0", + "phpunit/phpunit": "~4.6" + }, + "type": "composer-plugin", + "extra": { + "class": "cweagans\\Composer\\Patches" + }, + "autoload": { + "psr-4": { + "cweagans\\Composer\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Cameron Eagans", + "email": "me@cweagans.net" + } + ], + "description": "Provides a way to patch Composer packages.", + "support": { + "issues": "https://github.com/cweagans/composer-patches/issues", + "source": "https://github.com/cweagans/composer-patches/tree/1.7.3" + }, + "time": "2022-12-20T22:53:13+00:00" + }, { "name": "defuse/php-encryption", "version": "v2.4.0", @@ -3193,16 +3241,16 @@ }, { "name": "phpseclib/phpseclib", - "version": "3.0.34", + "version": "3.0.37", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "56c79f16a6ae17e42089c06a2144467acc35348a" + "reference": "cfa2013d0f68c062055180dd4328cc8b9d1f30b8" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/56c79f16a6ae17e42089c06a2144467acc35348a", - "reference": "56c79f16a6ae17e42089c06a2144467acc35348a", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/cfa2013d0f68c062055180dd4328cc8b9d1f30b8", + "reference": "cfa2013d0f68c062055180dd4328cc8b9d1f30b8", "shasum": "" }, "require": { @@ -3283,7 +3331,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.34" + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.37" }, "funding": [ { @@ -3299,7 +3347,7 @@ "type": "tidelift" } ], - "time": "2023-11-27T11:13:31+00:00" + "time": "2024-03-03T02:14:58+00:00" }, { "name": "psr/container", @@ -9921,5 +9969,5 @@ "platform-overrides": { "php": "7.2.5" }, - "plugin-api-version": "2.3.0" + "plugin-api-version": "2.2.0" } diff --git a/libraries/src/Version.php b/libraries/src/Version.php index be8d44d46e6..f891964a916 100644 --- a/libraries/src/Version.php +++ b/libraries/src/Version.php @@ -66,7 +66,7 @@ final class Version * @var string * @since 3.8.0 */ - public const EXTRA_VERSION = 'rc3-dev'; + public const EXTRA_VERSION = ''; /** * Development status. @@ -74,7 +74,7 @@ final class Version * @var string * @since 3.5 */ - public const DEV_STATUS = 'Development'; + public const DEV_STATUS = 'Stable'; /** * Code name. @@ -90,7 +90,7 @@ final class Version * @var string * @since 3.5 */ - public const RELDATE = '9-April-2024'; + public const RELDATE = '16-April-2024'; /** * Release time. @@ -98,7 +98,7 @@ final class Version * @var string * @since 3.5 */ - public const RELTIME = '20:01'; + public const RELTIME = '16:00'; /** * Release timezone. diff --git a/package-lock.json b/package-lock.json index a2ac2cfaa1e..b9589d7db4a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "joomla", - "version": "4.4.1", + "version": "4.4.4", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "joomla", - "version": "4.4.1", + "version": "4.4.4", "hasInstallScript": true, "license": "GPL-2.0-or-later", "dependencies": { @@ -6510,17 +6510,29 @@ "dev": true }, "node_modules/libmime": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/libmime/-/libmime-5.2.1.tgz", - "integrity": "sha512-A0z9O4+5q+ZTj7QwNe/Juy1KARNb4WaviO4mYeFC4b8dBT2EEqK2pkM+GC8MVnkOjqhl5nYQxRgnPYRRTNmuSQ==", + "version": "5.3.4", + "resolved": "https://registry.npmjs.org/libmime/-/libmime-5.3.4.tgz", + "integrity": "sha512-TsqPdercr6DHrnoQx1F0nS2Y4yPT+fWuOjEP2rqzvV77hMYWomTe/rpm0u9JORQ/FavEXybAGcBJsQbLr9+hjA==", "dev": true, "dependencies": { "encoding-japanese": "2.0.0", "iconv-lite": "0.6.3", - "libbase64": "1.2.1", - "libqp": "2.0.1" + "libbase64": "1.3.0", + "libqp": "2.1.0" } }, + "node_modules/libmime/node_modules/libbase64": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/libbase64/-/libbase64-1.3.0.tgz", + "integrity": "sha512-GgOXd0Eo6phYgh0DJtjQ2tO8dc0IVINtZJeARPeiIJqge+HdsWSuaDTe8ztQ7j/cONByDZ3zeB325AHiv5O0dg==", + "dev": true + }, + "node_modules/libmime/node_modules/libqp": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/libqp/-/libqp-2.1.0.tgz", + "integrity": "sha512-O6O6/fsG5jiUVbvdgT7YX3xY3uIadR6wEZ7+vy9u7PKHAlSEB6blvC1o5pHBjgsi95Uo0aiBBdkyFecj6jtb7A==", + "dev": true + }, "node_modules/libqp": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/libqp/-/libqp-2.0.1.tgz", @@ -6741,12 +6753,12 @@ "dev": true }, "node_modules/linkify-it": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-4.0.1.tgz", - "integrity": "sha512-C7bfi1UZmoj8+PQx22XyeXCuBlokoyWQL5pWSP+EI6nzRylyThouddufc2c1NDIcP9k5agmN9fLpA7VNJfIiqw==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-5.0.0.tgz", + "integrity": "sha512-5aHCbzQRADcdP+ATqnDuhhJ/MRIqDkZX5pyjFHRRysS8vZ5AbqGEoFIb6pYHPZ+L/OC2Lc+xT8uHVVR5CAK/wQ==", "dev": true, "dependencies": { - "uc.micro": "^1.0.1" + "uc.micro": "^2.0.0" } }, "node_modules/listr2": { @@ -7007,20 +7019,21 @@ } }, "node_modules/mailparser": { - "version": "3.6.5", - "resolved": "https://registry.npmjs.org/mailparser/-/mailparser-3.6.5.tgz", - "integrity": "sha512-nteTpF0Khm5JLOnt4sigmzNdUH/6mO7PZ4KEnvxf4mckyXYFFhrtAWZzbq/V5aQMH+049gA7ZjfLdh+QiX2Uqg==", + "version": "3.7.0", + "resolved": "https://registry.npmjs.org/mailparser/-/mailparser-3.7.0.tgz", + "integrity": "sha512-yFo1+4r3gHhTcazVGCv3D/uX5VJyyrx4iWkzKtJh8mujYIUm92kpG5BjKpZIJgEoKcKxbJVd4CPs+IImE1sKlQ==", "dev": true, "dependencies": { "encoding-japanese": "2.0.0", "he": "1.2.0", "html-to-text": "9.0.5", "iconv-lite": "0.6.3", - "libmime": "5.2.1", - "linkify-it": "4.0.1", + "libmime": "5.3.4", + "linkify-it": "5.0.0", "mailsplit": "5.4.0", - "nodemailer": "6.9.3", - "tlds": "1.240.0" + "nodemailer": "6.9.11", + "punycode": "2.3.1", + "tlds": "1.250.0" } }, "node_modules/mailsplit": { @@ -7292,9 +7305,9 @@ "dev": true }, "node_modules/nodemailer": { - "version": "6.9.3", - "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.9.3.tgz", - "integrity": "sha512-fy9v3NgTzBngrMFkDsKEj0r02U7jm6XfC3b52eoNV+GCrGj+s8pt5OqhiJdWKuw51zCTdiNR/IUD1z33LIIGpg==", + "version": "6.9.11", + "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.9.11.tgz", + "integrity": "sha512-UiAkgiERuG94kl/3bKfE8o10epvDnl0vokNEtZDPTq9BWzIl6EFT9336SbIT4oaTBD8NmmUTLsQyXHV82eXSWg==", "dev": true, "engines": { "node": ">=6.0.0" @@ -7854,9 +7867,9 @@ } }, "node_modules/punycode": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", - "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==", + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz", + "integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==", "engines": { "node": ">=6" } @@ -8841,23 +8854,24 @@ "dev": true }, "node_modules/smtp-server": { - "version": "3.13.0", - "resolved": "https://registry.npmjs.org/smtp-server/-/smtp-server-3.13.0.tgz", - "integrity": "sha512-thVFqpwrHIJ25rXjXA6RYFUO35el2O+X7WJ006qMVAyFs5Ss6XGPJASg7Fh1QvT28ADIv9hGGXmgR+kaSEikwQ==", + "version": "3.13.4", + "resolved": "https://registry.npmjs.org/smtp-server/-/smtp-server-3.13.4.tgz", + "integrity": "sha512-BbElv5UP+HgPtCZtcRW35N/GFoc4DzPkrbSMLioXsrVMmQT1mMBoO0k+egl264hxWaWczoVvadSPY2pLUINFXg==", "dev": true, "dependencies": { "base32.js": "0.1.0", "ipv6-normalize": "1.0.1", - "nodemailer": "6.9.4" + "nodemailer": "6.9.13", + "punycode": "2.3.1" }, "engines": { "node": ">=12.0.0" } }, "node_modules/smtp-server/node_modules/nodemailer": { - "version": "6.9.4", - "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.9.4.tgz", - "integrity": "sha512-CXjQvrQZV4+6X5wP6ZIgdehJamI63MFoYFGGPtHudWym9qaEHDNdPzaj5bfMCvxG1vhAileSWW90q7nL0N36mA==", + "version": "6.9.13", + "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.9.13.tgz", + "integrity": "sha512-7o38Yogx6krdoBf3jCAqnIN4oSQFx+fMa0I7dK1D+me9kBxx12D+/33wSb+fhOCtIxvYJ+4x4IMEhmhCKfAiOA==", "dev": true, "engines": { "node": ">=6.0.0" @@ -9417,9 +9431,9 @@ } }, "node_modules/tlds": { - "version": "1.240.0", - "resolved": "https://registry.npmjs.org/tlds/-/tlds-1.240.0.tgz", - "integrity": "sha512-1OYJQenswGZSOdRw7Bql5Qu7uf75b+F3HFBXbqnG/ifHa0fev1XcG+3pJf3pA/KC6RtHQzfKgIf1vkMlMG7mtQ==", + "version": "1.250.0", + "resolved": "https://registry.npmjs.org/tlds/-/tlds-1.250.0.tgz", + "integrity": "sha512-rWsBfFCWKrjM/o2Q1TTUeYQv6tHSd/umUutDjVs6taTuEgRDIreVYIBgWRWW4ot7jp6n0UVUuxhTLWBtUmPu/w==", "dev": true, "bin": { "tlds": "bin.js" @@ -9628,9 +9642,9 @@ } }, "node_modules/uc.micro": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.6.tgz", - "integrity": "sha512-8Y75pvTYkLJW2hWQHXxoqRgV7qb9B+9vFEtidML+7koHUFapnVJAZ6cKs+Qjz5Aw3aZWHMC6u0wJE3At+nSGwA==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-2.1.0.tgz", + "integrity": "sha512-ARDJmphmdvUk6Glw7y9DQ2bFkKBHwQHLi2lsaH6PPmz/Ka9sFOBsBluozhDltWmnv9u/cF6Rt87znRTPV+yp/A==", "dev": true }, "node_modules/unbox-primitive": { diff --git a/package.json b/package.json index 1abf203cd93..4c89cb8ee65 100644 --- a/package.json +++ b/package.json @@ -59,7 +59,7 @@ "mark.js": "^8.11.1", "mediaelement": "^5.1.1", "metismenujs": "^1.4.0", - "punycode": "^2.3.0", + "punycode": "^2.3.1", "qrcode-generator": "^1.4.4", "roboto-fontface": "^0.10.0", "shepherd.js": "^11.2.0",