From 6164426a1ae678072ff76a8c56045a485868e502 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20=C5=A0pa=C4=8Dek?= Date: Thu, 9 May 2024 04:18:20 +0200 Subject: [PATCH 1/4] Update packages - paragonie/constant_time_encoding updated from v2.6.3 to v3.0.0 major See changes: https://github.com/paragonie/constant_time_encoding/compare/v2.6.3...v3.0.0 Release notes: https://github.com/paragonie/constant_time_encoding/releases/tag/v3.0.0 - paragonie/halite updated from v5.1.1 to v5.1.2 patch See changes: https://github.com/paragonie/halite/compare/v5.1.1...v5.1.2 Release notes: https://github.com/paragonie/halite/releases/tag/v5.1.2 - paragonie/hidden-string updated from v2.0.0 to v2.2.0 minor See changes: https://github.com/paragonie/hidden-string/compare/v2.0.0...v2.2.0 Release notes: https://github.com/paragonie/hidden-string/releases/tag/v2.2.0 Replace #327 #329 #330 --- site/composer.lock | 49 ++++---- site/vendor/composer/installed.json | 57 ++++----- site/vendor/composer/installed.php | 18 +-- .../constant_time_encoding/README.md | 12 +- .../constant_time_encoding/composer.json | 6 +- .../constant_time_encoding/src/Base32.php | 56 ++++++--- .../constant_time_encoding/src/Base64.php | 43 ++++--- .../constant_time_encoding/src/Binary.php | 9 +- .../constant_time_encoding/src/Encoding.php | 108 ++++++++++++------ .../constant_time_encoding/src/Hex.php | 13 ++- .../constant_time_encoding/src/RFC4648.php | 62 ++++++---- .../paragonie/halite/.github/workflows/ci.yml | 2 +- .../halite/.github/workflows/psalm.yml | 2 +- site/vendor/paragonie/halite/CHANGELOG.md | 6 + site/vendor/paragonie/halite/composer.json | 2 +- site/vendor/paragonie/halite/psalm.xml | 1 + .../halite/src/Asymmetric/Crypto.php | 14 +++ .../src/Asymmetric/EncryptionSecretKey.php | 7 +- .../halite/src/Asymmetric/SecretKey.php | 7 +- .../src/Asymmetric/SignatureSecretKey.php | 7 +- site/vendor/paragonie/halite/src/Cookie.php | 8 +- .../halite/src/EncryptionKeyPair.php | 6 +- site/vendor/paragonie/halite/src/Password.php | 10 ++ .../paragonie/halite/src/SignatureKeyPair.php | 6 +- .../src/Symmetric/AuthenticationKey.php | 6 +- .../halite/src/Symmetric/EncryptionKey.php | 6 +- .../.github/workflows/.editorconfig | 2 + .../hidden-string/.github/workflows/ci.yml | 48 ++++++++ .../.github/workflows/static.yml | 13 +++ .../vendor/paragonie/hidden-string/.gitignore | 2 +- .../paragonie/hidden-string/.travis.yml | 24 ---- site/vendor/paragonie/hidden-string/README.md | 5 +- .../paragonie/hidden-string/composer.json | 7 +- site/vendor/paragonie/hidden-string/psalm.xml | 5 +- .../hidden-string/src/HiddenString.php | 51 +++++---- 35 files changed, 441 insertions(+), 239 deletions(-) create mode 100644 site/vendor/paragonie/hidden-string/.github/workflows/.editorconfig create mode 100644 site/vendor/paragonie/hidden-string/.github/workflows/ci.yml create mode 100644 site/vendor/paragonie/hidden-string/.github/workflows/static.yml delete mode 100644 site/vendor/paragonie/hidden-string/.travis.yml diff --git a/site/composer.lock b/site/composer.lock index c74214b10..5d4ca42bd 100644 --- a/site/composer.lock +++ b/site/composer.lock @@ -1410,24 +1410,24 @@ }, { "name": "paragonie/constant_time_encoding", - "version": "v2.6.3", + "version": "v3.0.0", "source": { "type": "git", "url": "https://github.com/paragonie/constant_time_encoding.git", - "reference": "58c3f47f650c94ec05a151692652a868995d2938" + "reference": "df1e7fde177501eee2037dd159cf04f5f301a512" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/58c3f47f650c94ec05a151692652a868995d2938", - "reference": "58c3f47f650c94ec05a151692652a868995d2938", + "url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/df1e7fde177501eee2037dd159cf04f5f301a512", + "reference": "df1e7fde177501eee2037dd159cf04f5f301a512", "shasum": "" }, "require": { - "php": "^7|^8" + "php": "^8" }, "require-dev": { - "phpunit/phpunit": "^6|^7|^8|^9", - "vimeo/psalm": "^1|^2|^3|^4" + "phpunit/phpunit": "^9", + "vimeo/psalm": "^4|^5" }, "type": "library", "autoload": { @@ -1473,25 +1473,25 @@ "issues": "https://github.com/paragonie/constant_time_encoding/issues", "source": "https://github.com/paragonie/constant_time_encoding" }, - "time": "2022-06-14T06:56:20+00:00" + "time": "2024-05-08T12:36:18+00:00" }, { "name": "paragonie/halite", - "version": "v5.1.1", + "version": "v5.1.2", "source": { "type": "git", "url": "https://github.com/paragonie/halite.git", - "reference": "a8f6c884db11fc6e4d3a533aa3ed596361a16221" + "reference": "aee234711b29cccb4a17aaaf6104fc542862fc1e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/paragonie/halite/zipball/a8f6c884db11fc6e4d3a533aa3ed596361a16221", - "reference": "a8f6c884db11fc6e4d3a533aa3ed596361a16221", + "url": "https://api.github.com/repos/paragonie/halite/zipball/aee234711b29cccb4a17aaaf6104fc542862fc1e", + "reference": "aee234711b29cccb4a17aaaf6104fc542862fc1e", "shasum": "" }, "require": { "ext-json": "*", - "paragonie/constant_time_encoding": "^2", + "paragonie/constant_time_encoding": "^2|^3", "paragonie/hidden-string": "^1|^2", "paragonie/sodium_compat": "^1|^2", "php": "^8.1" @@ -1542,32 +1542,31 @@ "support": { "docs": "https://github.com/paragonie/halite/tree/master/doc", "issues": "https://github.com/paragonie/halite/issues", - "source": "https://github.com/paragonie/halite/tree/v5.1.1" + "source": "https://github.com/paragonie/halite/tree/v5.1.2" }, - "time": "2024-04-19T23:29:37+00:00" + "time": "2024-05-08T12:59:43+00:00" }, { "name": "paragonie/hidden-string", - "version": "v2.0.0", + "version": "v2.2.0", "source": { "type": "git", "url": "https://github.com/paragonie/hidden-string.git", - "reference": "151e53d55bfc67dd58087cdf8762dd8177ea7575" + "reference": "87886ab8ed7abb61c8bcf8d67cd3d3527feedbf7" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/paragonie/hidden-string/zipball/151e53d55bfc67dd58087cdf8762dd8177ea7575", - "reference": "151e53d55bfc67dd58087cdf8762dd8177ea7575", + "url": "https://api.github.com/repos/paragonie/hidden-string/zipball/87886ab8ed7abb61c8bcf8d67cd3d3527feedbf7", + "reference": "87886ab8ed7abb61c8bcf8d67cd3d3527feedbf7", "shasum": "" }, "require": { - "paragonie/constant_time_encoding": "^2", - "paragonie/sodium_compat": "^1.6", + "paragonie/constant_time_encoding": "^2|^3", "php": "^7.4|^8" }, "require-dev": { - "phpunit/phpunit": "^6|^7|^8|^9", - "vimeo/psalm": "^3|^4" + "phpunit/phpunit": "^9.5", + "vimeo/psalm": "^4" }, "type": "library", "autoload": { @@ -1595,9 +1594,9 @@ ], "support": { "issues": "https://github.com/paragonie/hidden-string/issues", - "source": "https://github.com/paragonie/hidden-string/tree/v2.0.0" + "source": "https://github.com/paragonie/hidden-string/tree/v2.2.0" }, - "time": "2020-12-06T15:07:44+00:00" + "time": "2024-05-08T12:45:06+00:00" }, { "name": "php-parallel-lint/php-console-color", diff --git a/site/vendor/composer/installed.json b/site/vendor/composer/installed.json index 46eabcfe8..f447fc2ae 100644 --- a/site/vendor/composer/installed.json +++ b/site/vendor/composer/installed.json @@ -1704,27 +1704,27 @@ }, { "name": "paragonie/constant_time_encoding", - "version": "v2.6.3", - "version_normalized": "2.6.3.0", + "version": "v3.0.0", + "version_normalized": "3.0.0.0", "source": { "type": "git", "url": "https://github.com/paragonie/constant_time_encoding.git", - "reference": "58c3f47f650c94ec05a151692652a868995d2938" + "reference": "df1e7fde177501eee2037dd159cf04f5f301a512" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/58c3f47f650c94ec05a151692652a868995d2938", - "reference": "58c3f47f650c94ec05a151692652a868995d2938", + "url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/df1e7fde177501eee2037dd159cf04f5f301a512", + "reference": "df1e7fde177501eee2037dd159cf04f5f301a512", "shasum": "" }, "require": { - "php": "^7|^8" + "php": "^8" }, "require-dev": { - "phpunit/phpunit": "^6|^7|^8|^9", - "vimeo/psalm": "^1|^2|^3|^4" + "phpunit/phpunit": "^9", + "vimeo/psalm": "^4|^5" }, - "time": "2022-06-14T06:56:20+00:00", + "time": "2024-05-08T12:36:18+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -1774,22 +1774,22 @@ }, { "name": "paragonie/halite", - "version": "v5.1.1", - "version_normalized": "5.1.1.0", + "version": "v5.1.2", + "version_normalized": "5.1.2.0", "source": { "type": "git", "url": "https://github.com/paragonie/halite.git", - "reference": "a8f6c884db11fc6e4d3a533aa3ed596361a16221" + "reference": "aee234711b29cccb4a17aaaf6104fc542862fc1e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/paragonie/halite/zipball/a8f6c884db11fc6e4d3a533aa3ed596361a16221", - "reference": "a8f6c884db11fc6e4d3a533aa3ed596361a16221", + "url": "https://api.github.com/repos/paragonie/halite/zipball/aee234711b29cccb4a17aaaf6104fc542862fc1e", + "reference": "aee234711b29cccb4a17aaaf6104fc542862fc1e", "shasum": "" }, "require": { "ext-json": "*", - "paragonie/constant_time_encoding": "^2", + "paragonie/constant_time_encoding": "^2|^3", "paragonie/hidden-string": "^1|^2", "paragonie/sodium_compat": "^1|^2", "php": "^8.1" @@ -1798,7 +1798,7 @@ "phpunit/phpunit": "^9", "vimeo/psalm": "^4" }, - "time": "2024-04-19T23:29:37+00:00", + "time": "2024-05-08T12:59:43+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -1842,35 +1842,34 @@ "support": { "docs": "https://github.com/paragonie/halite/tree/master/doc", "issues": "https://github.com/paragonie/halite/issues", - "source": "https://github.com/paragonie/halite/tree/v5.1.1" + "source": "https://github.com/paragonie/halite/tree/v5.1.2" }, "install-path": "../paragonie/halite" }, { "name": "paragonie/hidden-string", - "version": "v2.0.0", - "version_normalized": "2.0.0.0", + "version": "v2.2.0", + "version_normalized": "2.2.0.0", "source": { "type": "git", "url": "https://github.com/paragonie/hidden-string.git", - "reference": "151e53d55bfc67dd58087cdf8762dd8177ea7575" + "reference": "87886ab8ed7abb61c8bcf8d67cd3d3527feedbf7" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/paragonie/hidden-string/zipball/151e53d55bfc67dd58087cdf8762dd8177ea7575", - "reference": "151e53d55bfc67dd58087cdf8762dd8177ea7575", + "url": "https://api.github.com/repos/paragonie/hidden-string/zipball/87886ab8ed7abb61c8bcf8d67cd3d3527feedbf7", + "reference": "87886ab8ed7abb61c8bcf8d67cd3d3527feedbf7", "shasum": "" }, "require": { - "paragonie/constant_time_encoding": "^2", - "paragonie/sodium_compat": "^1.6", + "paragonie/constant_time_encoding": "^2|^3", "php": "^7.4|^8" }, "require-dev": { - "phpunit/phpunit": "^6|^7|^8|^9", - "vimeo/psalm": "^3|^4" + "phpunit/phpunit": "^9.5", + "vimeo/psalm": "^4" }, - "time": "2020-12-06T15:07:44+00:00", + "time": "2024-05-08T12:45:06+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -1896,6 +1895,10 @@ "stack trace", "string" ], + "support": { + "issues": "https://github.com/paragonie/hidden-string/issues", + "source": "https://github.com/paragonie/hidden-string/tree/v2.2.0" + }, "install-path": "../paragonie/hidden-string" }, { diff --git a/site/vendor/composer/installed.php b/site/vendor/composer/installed.php index 9ecc9e7e2..ea8b0d469 100644 --- a/site/vendor/composer/installed.php +++ b/site/vendor/composer/installed.php @@ -260,27 +260,27 @@ 'dev_requirement' => false, ), 'paragonie/constant_time_encoding' => array( - 'pretty_version' => 'v2.6.3', - 'version' => '2.6.3.0', - 'reference' => '58c3f47f650c94ec05a151692652a868995d2938', + 'pretty_version' => 'v3.0.0', + 'version' => '3.0.0.0', + 'reference' => 'df1e7fde177501eee2037dd159cf04f5f301a512', 'type' => 'library', 'install_path' => __DIR__ . '/../paragonie/constant_time_encoding', 'aliases' => array(), 'dev_requirement' => false, ), 'paragonie/halite' => array( - 'pretty_version' => 'v5.1.1', - 'version' => '5.1.1.0', - 'reference' => 'a8f6c884db11fc6e4d3a533aa3ed596361a16221', + 'pretty_version' => 'v5.1.2', + 'version' => '5.1.2.0', + 'reference' => 'aee234711b29cccb4a17aaaf6104fc542862fc1e', 'type' => 'library', 'install_path' => __DIR__ . '/../paragonie/halite', 'aliases' => array(), 'dev_requirement' => false, ), 'paragonie/hidden-string' => array( - 'pretty_version' => 'v2.0.0', - 'version' => '2.0.0.0', - 'reference' => '151e53d55bfc67dd58087cdf8762dd8177ea7575', + 'pretty_version' => 'v2.2.0', + 'version' => '2.2.0.0', + 'reference' => '87886ab8ed7abb61c8bcf8d67cd3d3527feedbf7', 'type' => 'library', 'install_path' => __DIR__ . '/../paragonie/hidden-string', 'aliases' => array(), diff --git a/site/vendor/paragonie/constant_time_encoding/README.md b/site/vendor/paragonie/constant_time_encoding/README.md index cedddd863..211f0dc9f 100644 --- a/site/vendor/paragonie/constant_time_encoding/README.md +++ b/site/vendor/paragonie/constant_time_encoding/README.md @@ -1,6 +1,7 @@ # Constant-Time Encoding [![Build Status](https://github.com/paragonie/constant_time_encoding/actions/workflows/ci.yml/badge.svg)](https://github.com/paragonie/constant_time_encoding/actions) +[![Static Analysis](https://github.com/paragonie/constant_time_encoding/actions/workflows/psalm.yml/badge.svg)](https://github.com/paragonie/constant_time_encoding/actions) [![Latest Stable Version](https://poser.pugx.org/paragonie/constant_time_encoding/v/stable)](https://packagist.org/packages/paragonie/constant_time_encoding) [![Latest Unstable Version](https://poser.pugx.org/paragonie/constant_time_encoding/v/unstable)](https://packagist.org/packages/paragonie/constant_time_encoding) [![License](https://poser.pugx.org/paragonie/constant_time_encoding/license)](https://packagist.org/packages/paragonie/constant_time_encoding) @@ -11,7 +12,7 @@ this library aims to offer character encoding functions that do not leak information about what you are encoding/decoding via processor cache misses. Further reading on [cache-timing attacks](http://blog.ircmaxell.com/2014/11/its-all-about-time.html). -Our fork offers the following enchancements: +Our fork offers the following enhancements: * `mbstring.func_overload` resistance * Unit tests @@ -22,10 +23,13 @@ Our fork offers the following enchancements: ## PHP Version Requirements -Version 2 of this library should work on **PHP 7** or newer. For PHP 5 -support, see [the v1.x branch](https://github.com/paragonie/constant_time_encoding/tree/v1.x). +Version 3 of this library should work on **PHP 8** or newer. -If you are adding this as a dependency to a project intended to work on both PHP 5 and PHP 7, please set the required version to `^1|^2` instead of just `^1` or `^2`. +Version 2 of this library should work on **PHP 7** or newer. See [the v2.x branch](https://github.com/paragonie/constant_time_encoding/tree/v2.x). + +For PHP 5 support, see [the v1.x branch](https://github.com/paragonie/constant_time_encoding/tree/v1.x). + +If you are adding this as a dependency to a project intended to work on PHP 5 through 8.4, please set the required version to `^1|^2|^3`. ## How to Install diff --git a/site/vendor/paragonie/constant_time_encoding/composer.json b/site/vendor/paragonie/constant_time_encoding/composer.json index 2fe9717ad..5023095b4 100644 --- a/site/vendor/paragonie/constant_time_encoding/composer.json +++ b/site/vendor/paragonie/constant_time_encoding/composer.json @@ -37,11 +37,11 @@ "source": "https://github.com/paragonie/constant_time_encoding" }, "require": { - "php": "^7|^8" + "php": "^8" }, "require-dev": { - "phpunit/phpunit": "^6|^7|^8|^9", - "vimeo/psalm": "^1|^2|^3|^4" + "phpunit/phpunit": "^9", + "vimeo/psalm": "^4|^5" }, "autoload": { "psr-4": { diff --git a/site/vendor/paragonie/constant_time_encoding/src/Base32.php b/site/vendor/paragonie/constant_time_encoding/src/Base32.php index 7508b3df6..48d00b991 100644 --- a/site/vendor/paragonie/constant_time_encoding/src/Base32.php +++ b/site/vendor/paragonie/constant_time_encoding/src/Base32.php @@ -44,8 +44,11 @@ abstract class Base32 implements EncoderInterface * @param bool $strictPadding * @return string */ - public static function decode(string $encodedString, bool $strictPadding = false): string - { + public static function decode( + #[\SensitiveParameter] + string $encodedString, + bool $strictPadding = false + ): string { return static::doDecode($encodedString, false, $strictPadding); } @@ -56,8 +59,11 @@ public static function decode(string $encodedString, bool $strictPadding = false * @param bool $strictPadding * @return string */ - public static function decodeUpper(string $src, bool $strictPadding = false): string - { + public static function decodeUpper( + #[\SensitiveParameter] + string $src, + bool $strictPadding = false + ): string { return static::doDecode($src, true, $strictPadding); } @@ -68,10 +74,13 @@ public static function decodeUpper(string $src, bool $strictPadding = false): st * @return string * @throws TypeError */ - public static function encode(string $binString): string - { + public static function encode( + #[\SensitiveParameter] + string $binString + ): string { return static::doEncode($binString, false, true); } + /** * Encode into Base32 (RFC 4648) * @@ -79,8 +88,10 @@ public static function encode(string $binString): string * @return string * @throws TypeError */ - public static function encodeUnpadded(string $src): string - { + public static function encodeUnpadded( + #[\SensitiveParameter] + string $src + ): string { return static::doEncode($src, false, false); } @@ -91,8 +102,10 @@ public static function encodeUnpadded(string $src): string * @return string * @throws TypeError */ - public static function encodeUpper(string $src): string - { + public static function encodeUpper( + #[\SensitiveParameter] + string $src + ): string { return static::doEncode($src, true, true); } @@ -103,8 +116,10 @@ public static function encodeUpper(string $src): string * @return string * @throws TypeError */ - public static function encodeUpperUnpadded(string $src): string - { + public static function encodeUpperUnpadded( + #[\SensitiveParameter] + string $src + ): string { return static::doEncode($src, true, false); } @@ -191,8 +206,11 @@ protected static function encode5BitsUpper(int $src): string * @param bool $upper * @return string */ - public static function decodeNoPadding(string $encodedString, bool $upper = false): string - { + public static function decodeNoPadding( + #[\SensitiveParameter] + string $encodedString, + bool $upper = false + ): string { $srcLen = Binary::safeStrlen($encodedString); if ($srcLen === 0) { return ''; @@ -222,9 +240,9 @@ public static function decodeNoPadding(string $encodedString, bool $upper = fals * @return string * * @throws TypeError - * @psalm-suppress RedundantCondition */ protected static function doDecode( + #[\SensitiveParameter] string $src, bool $upper = false, bool $strictPadding = false @@ -434,8 +452,12 @@ protected static function doDecode( * @return string * @throws TypeError */ - protected static function doEncode(string $src, bool $upper = false, $pad = true): string - { + protected static function doEncode( + #[\SensitiveParameter] + string $src, + bool $upper = false, + $pad = true + ): string { // We do this to reduce code duplication: $method = $upper ? 'encode5BitsUpper' diff --git a/site/vendor/paragonie/constant_time_encoding/src/Base64.php b/site/vendor/paragonie/constant_time_encoding/src/Base64.php index f5716179f..2e3ecc859 100644 --- a/site/vendor/paragonie/constant_time_encoding/src/Base64.php +++ b/site/vendor/paragonie/constant_time_encoding/src/Base64.php @@ -47,8 +47,10 @@ abstract class Base64 implements EncoderInterface * * @throws TypeError */ - public static function encode(string $binString): string - { + public static function encode( + #[\SensitiveParameter] + string $binString + ): string { return static::doEncode($binString, true); } @@ -62,8 +64,10 @@ public static function encode(string $binString): string * * @throws TypeError */ - public static function encodeUnpadded(string $src): string - { + public static function encodeUnpadded( + #[\SensitiveParameter] + string $src + ): string { return static::doEncode($src, false); } @@ -74,8 +78,11 @@ public static function encodeUnpadded(string $src): string * * @throws TypeError */ - protected static function doEncode(string $src, bool $pad = true): string - { + protected static function doEncode( + #[\SensitiveParameter] + string $src, + bool $pad = true + ): string { $dest = ''; $srcLen = Binary::safeStrlen($src); // Main loop (no padding): @@ -129,10 +136,12 @@ protected static function doEncode(string $src, bool $pad = true): string * * @throws RangeException * @throws TypeError - * @psalm-suppress RedundantCondition */ - public static function decode(string $encodedString, bool $strictPadding = false): string - { + public static function decode( + #[\SensitiveParameter] + string $encodedString, + bool $strictPadding = false + ): string { // Remove padding $srcLen = Binary::safeStrlen($encodedString); if ($srcLen === 0) { @@ -227,25 +236,21 @@ public static function decode(string $encodedString, bool $strictPadding = false * @param string $encodedString * @return string */ - public static function decodeNoPadding(string $encodedString): string - { + public static function decodeNoPadding( + #[\SensitiveParameter] + string $encodedString + ): string { $srcLen = Binary::safeStrlen($encodedString); if ($srcLen === 0) { return ''; } if (($srcLen & 3) === 0) { - if ($encodedString[$srcLen - 1] === '=') { + // If $strLen is not zero, and it is divisible by 4, then it's at least 4. + if ($encodedString[$srcLen - 1] === '=' || $encodedString[$srcLen - 2] === '=') { throw new InvalidArgumentException( "decodeNoPadding() doesn't tolerate padding" ); } - if (($srcLen & 3) > 1) { - if ($encodedString[$srcLen - 2] === '=') { - throw new InvalidArgumentException( - "decodeNoPadding() doesn't tolerate padding" - ); - } - } } return static::decode( $encodedString, diff --git a/site/vendor/paragonie/constant_time_encoding/src/Binary.php b/site/vendor/paragonie/constant_time_encoding/src/Binary.php index 828f3e0f6..a958f2f7c 100644 --- a/site/vendor/paragonie/constant_time_encoding/src/Binary.php +++ b/site/vendor/paragonie/constant_time_encoding/src/Binary.php @@ -45,8 +45,10 @@ abstract class Binary * @param string $str * @return int */ - public static function safeStrlen(string $str): int - { + public static function safeStrlen( + #[\SensitiveParameter] + string $str + ): int { if (\function_exists('mb_strlen')) { // mb_strlen in PHP 7.x can return false. /** @psalm-suppress RedundantCast */ @@ -70,9 +72,10 @@ public static function safeStrlen(string $str): int * @throws TypeError */ public static function safeSubstr( + #[\SensitiveParameter] string $str, int $start = 0, - $length = null + ?int $length = null ): string { if ($length === 0) { return ''; diff --git a/site/vendor/paragonie/constant_time_encoding/src/Encoding.php b/site/vendor/paragonie/constant_time_encoding/src/Encoding.php index 8649f31fc..8b7e3878e 100644 --- a/site/vendor/paragonie/constant_time_encoding/src/Encoding.php +++ b/site/vendor/paragonie/constant_time_encoding/src/Encoding.php @@ -40,8 +40,10 @@ abstract class Encoding * @return string * @throws TypeError */ - public static function base32Encode(string $str): string - { + public static function base32Encode( + #[\SensitiveParameter] + string $str + ): string { return Base32::encode($str); } @@ -52,8 +54,10 @@ public static function base32Encode(string $str): string * @return string * @throws TypeError */ - public static function base32EncodeUpper(string $str): string - { + public static function base32EncodeUpper( + #[\SensitiveParameter] + string $str + ): string { return Base32::encodeUpper($str); } @@ -64,8 +68,10 @@ public static function base32EncodeUpper(string $str): string * @return string * @throws TypeError */ - public static function base32Decode(string $str): string - { + public static function base32Decode( + #[\SensitiveParameter] + string $str + ): string { return Base32::decode($str); } @@ -76,8 +82,10 @@ public static function base32Decode(string $str): string * @return string * @throws TypeError */ - public static function base32DecodeUpper(string $str): string - { + public static function base32DecodeUpper( + #[\SensitiveParameter] + string $str + ): string { return Base32::decodeUpper($str); } @@ -88,8 +96,10 @@ public static function base32DecodeUpper(string $str): string * @return string * @throws TypeError */ - public static function base32HexEncode(string $str): string - { + public static function base32HexEncode( + #[\SensitiveParameter] + string $str + ): string { return Base32Hex::encode($str); } @@ -100,8 +110,10 @@ public static function base32HexEncode(string $str): string * @return string * @throws TypeError */ - public static function base32HexEncodeUpper(string $str): string - { + public static function base32HexEncodeUpper( + #[\SensitiveParameter] + string $str + ): string { return Base32Hex::encodeUpper($str); } @@ -112,8 +124,10 @@ public static function base32HexEncodeUpper(string $str): string * @return string * @throws TypeError */ - public static function base32HexDecode(string $str): string - { + public static function base32HexDecode( + #[\SensitiveParameter] + string $str + ): string { return Base32Hex::decode($str); } @@ -124,8 +138,10 @@ public static function base32HexDecode(string $str): string * @return string * @throws TypeError */ - public static function base32HexDecodeUpper(string $str): string - { + public static function base32HexDecodeUpper( + #[\SensitiveParameter] + string $str + ): string { return Base32Hex::decodeUpper($str); } @@ -136,8 +152,10 @@ public static function base32HexDecodeUpper(string $str): string * @return string * @throws TypeError */ - public static function base64Encode(string $str): string - { + public static function base64Encode( + #[\SensitiveParameter] + string $str + ): string { return Base64::encode($str); } @@ -148,8 +166,10 @@ public static function base64Encode(string $str): string * @return string * @throws TypeError */ - public static function base64Decode(string $str): string - { + public static function base64Decode( + #[\SensitiveParameter] + string $str + ): string { return Base64::decode($str); } @@ -161,8 +181,10 @@ public static function base64Decode(string $str): string * @return string * @throws TypeError */ - public static function base64EncodeDotSlash(string $str): string - { + public static function base64EncodeDotSlash( + #[\SensitiveParameter] + string $str + ): string { return Base64DotSlash::encode($str); } @@ -176,8 +198,10 @@ public static function base64EncodeDotSlash(string $str): string * @throws \RangeException * @throws TypeError */ - public static function base64DecodeDotSlash(string $str): string - { + public static function base64DecodeDotSlash( + #[\SensitiveParameter] + string $str + ): string { return Base64DotSlash::decode($str); } @@ -189,8 +213,10 @@ public static function base64DecodeDotSlash(string $str): string * @return string * @throws TypeError */ - public static function base64EncodeDotSlashOrdered(string $str): string - { + public static function base64EncodeDotSlashOrdered( + #[\SensitiveParameter] + string $str + ): string { return Base64DotSlashOrdered::encode($str); } @@ -204,8 +230,10 @@ public static function base64EncodeDotSlashOrdered(string $str): string * @throws \RangeException * @throws TypeError */ - public static function base64DecodeDotSlashOrdered(string $str): string - { + public static function base64DecodeDotSlashOrdered( + #[\SensitiveParameter] + string $str + ): string { return Base64DotSlashOrdered::decode($str); } @@ -217,8 +245,10 @@ public static function base64DecodeDotSlashOrdered(string $str): string * @return string * @throws TypeError */ - public static function hexEncode(string $bin_string): string - { + public static function hexEncode( + #[\SensitiveParameter] + string $bin_string + ): string { return Hex::encode($bin_string); } @@ -230,8 +260,10 @@ public static function hexEncode(string $bin_string): string * @return string (raw binary) * @throws \RangeException */ - public static function hexDecode(string $hex_string): string - { + public static function hexDecode( + #[\SensitiveParameter] + string $hex_string + ): string { return Hex::decode($hex_string); } @@ -243,8 +275,10 @@ public static function hexDecode(string $hex_string): string * @return string * @throws TypeError */ - public static function hexEncodeUpper(string $bin_string): string - { + public static function hexEncodeUpper( + #[\SensitiveParameter] + string $bin_string + ): string { return Hex::encodeUpper($bin_string); } @@ -255,8 +289,10 @@ public static function hexEncodeUpper(string $bin_string): string * @param string $bin_string (raw binary) * @return string */ - public static function hexDecodeUpper(string $bin_string): string - { + public static function hexDecodeUpper( + #[\SensitiveParameter] + string $bin_string + ): string { return Hex::decode($bin_string); } } diff --git a/site/vendor/paragonie/constant_time_encoding/src/Hex.php b/site/vendor/paragonie/constant_time_encoding/src/Hex.php index a9e058cd3..97c2046f0 100644 --- a/site/vendor/paragonie/constant_time_encoding/src/Hex.php +++ b/site/vendor/paragonie/constant_time_encoding/src/Hex.php @@ -42,8 +42,10 @@ abstract class Hex implements EncoderInterface * @return string * @throws TypeError */ - public static function encode(string $binString): string - { + public static function encode( + #[\SensitiveParameter] + string $binString + ): string { $hex = ''; $len = Binary::safeStrlen($binString); for ($i = 0; $i < $len; ++$i) { @@ -69,8 +71,10 @@ public static function encode(string $binString): string * @return string * @throws TypeError */ - public static function encodeUpper(string $binString): string - { + public static function encodeUpper( + #[\SensitiveParameter] + string $binString + ): string { $hex = ''; $len = Binary::safeStrlen($binString); @@ -99,6 +103,7 @@ public static function encodeUpper(string $binString): string * @throws RangeException */ public static function decode( + #[\SensitiveParameter] string $encodedString, bool $strictPadding = false ): string { diff --git a/site/vendor/paragonie/constant_time_encoding/src/RFC4648.php b/site/vendor/paragonie/constant_time_encoding/src/RFC4648.php index f124d65bf..7cd2e9909 100644 --- a/site/vendor/paragonie/constant_time_encoding/src/RFC4648.php +++ b/site/vendor/paragonie/constant_time_encoding/src/RFC4648.php @@ -46,8 +46,10 @@ abstract class RFC4648 * * @throws TypeError */ - public static function base64Encode(string $str): string - { + public static function base64Encode( + #[\SensitiveParameter] + string $str + ): string { return Base64::encode($str); } @@ -61,8 +63,10 @@ public static function base64Encode(string $str): string * * @throws TypeError */ - public static function base64Decode(string $str): string - { + public static function base64Decode( + #[\SensitiveParameter] + string $str + ): string { return Base64::decode($str, true); } @@ -76,8 +80,10 @@ public static function base64Decode(string $str): string * * @throws TypeError */ - public static function base64UrlSafeEncode(string $str): string - { + public static function base64UrlSafeEncode( + #[\SensitiveParameter] + string $str + ): string { return Base64UrlSafe::encode($str); } @@ -91,8 +97,10 @@ public static function base64UrlSafeEncode(string $str): string * * @throws TypeError */ - public static function base64UrlSafeDecode(string $str): string - { + public static function base64UrlSafeDecode( + #[\SensitiveParameter] + string $str + ): string { return Base64UrlSafe::decode($str, true); } @@ -106,8 +114,10 @@ public static function base64UrlSafeDecode(string $str): string * * @throws TypeError */ - public static function base32Encode(string $str): string - { + public static function base32Encode( + #[\SensitiveParameter] + string $str + ): string { return Base32::encodeUpper($str); } @@ -121,8 +131,10 @@ public static function base32Encode(string $str): string * * @throws TypeError */ - public static function base32Decode(string $str): string - { + public static function base32Decode( + #[\SensitiveParameter] + string $str + ): string { return Base32::decodeUpper($str, true); } @@ -136,8 +148,10 @@ public static function base32Decode(string $str): string * * @throws TypeError */ - public static function base32HexEncode(string $str): string - { + public static function base32HexEncode( + #[\SensitiveParameter] + string $str + ): string { return Base32::encodeUpper($str); } @@ -151,8 +165,10 @@ public static function base32HexEncode(string $str): string * * @throws TypeError */ - public static function base32HexDecode(string $str): string - { + public static function base32HexDecode( + #[\SensitiveParameter] + string $str + ): string { return Base32::decodeUpper($str, true); } @@ -166,8 +182,10 @@ public static function base32HexDecode(string $str): string * * @throws TypeError */ - public static function base16Encode(string $str): string - { + public static function base16Encode( + #[\SensitiveParameter] + string $str + ): string { return Hex::encodeUpper($str); } @@ -179,8 +197,10 @@ public static function base16Encode(string $str): string * @param string $str * @return string */ - public static function base16Decode(string $str): string - { + public static function base16Decode( + #[\SensitiveParameter] + string $str + ): string { return Hex::decode($str, true); } -} \ No newline at end of file +} diff --git a/site/vendor/paragonie/halite/.github/workflows/ci.yml b/site/vendor/paragonie/halite/.github/workflows/ci.yml index 9ca94603e..7eba2b9e8 100644 --- a/site/vendor/paragonie/halite/.github/workflows/ci.yml +++ b/site/vendor/paragonie/halite/.github/workflows/ci.yml @@ -28,7 +28,7 @@ jobs: coverage: none - name: Install Composer dependencies - uses: "ramsey/composer-install@v2" + uses: "ramsey/composer-install@v3" - name: PHPUnit tests run: vendor/bin/phpunit \ No newline at end of file diff --git a/site/vendor/paragonie/halite/.github/workflows/psalm.yml b/site/vendor/paragonie/halite/.github/workflows/psalm.yml index f5bd5c58e..489eb959b 100644 --- a/site/vendor/paragonie/halite/.github/workflows/psalm.yml +++ b/site/vendor/paragonie/halite/.github/workflows/psalm.yml @@ -26,7 +26,7 @@ jobs: coverage: none - name: Install Composer dependencies - uses: "ramsey/composer-install@v2" + uses: "ramsey/composer-install@v3" with: composer-options: --no-dev diff --git a/site/vendor/paragonie/halite/CHANGELOG.md b/site/vendor/paragonie/halite/CHANGELOG.md index b4a7cc401..1a3daf268 100644 --- a/site/vendor/paragonie/halite/CHANGELOG.md +++ b/site/vendor/paragonie/halite/CHANGELOG.md @@ -1,5 +1,11 @@ # Changelog +## Version 5.1.2 (2024-05-08) + +* Use `#[SensitiveParameter]` annotation on some inputs + * This is defense in depth; we already wrapped most in `HiddenString` +* Updated dependencies + ## Version 5.1.1 (2024-04-19) * Support both sodium_compat v1 and v2. diff --git a/site/vendor/paragonie/halite/composer.json b/site/vendor/paragonie/halite/composer.json index e9937d53b..cae05136e 100644 --- a/site/vendor/paragonie/halite/composer.json +++ b/site/vendor/paragonie/halite/composer.json @@ -34,7 +34,7 @@ "require": { "php": "^8.1", "ext-json": "*", - "paragonie/constant_time_encoding": "^2", + "paragonie/constant_time_encoding": "^2|^3", "paragonie/hidden-string": "^1|^2", "paragonie/sodium_compat": "^1|^2" }, diff --git a/site/vendor/paragonie/halite/psalm.xml b/site/vendor/paragonie/halite/psalm.xml index 5d159e6a4..132ad1c50 100644 --- a/site/vendor/paragonie/halite/psalm.xml +++ b/site/vendor/paragonie/halite/psalm.xml @@ -11,6 +11,7 @@ + diff --git a/site/vendor/paragonie/halite/src/Asymmetric/Crypto.php b/site/vendor/paragonie/halite/src/Asymmetric/Crypto.php index 3f9362c9b..42c8baa30 100644 --- a/site/vendor/paragonie/halite/src/Asymmetric/Crypto.php +++ b/site/vendor/paragonie/halite/src/Asymmetric/Crypto.php @@ -84,7 +84,9 @@ final private function __construct() * @throws TypeError */ public static function encrypt( + #[\SensitiveParameter] HiddenString $plaintext, + #[\SensitiveParameter] EncryptionSecretKey $ourPrivateKey, EncryptionPublicKey $theirPublicKey, string|bool $encoding = Halite::ENCODE_BASE64URLSAFE @@ -118,9 +120,12 @@ public static function encrypt( * @throws TypeError */ public static function encryptWithAD( + #[\SensitiveParameter] HiddenString $plaintext, + #[\SensitiveParameter] EncryptionSecretKey $ourPrivateKey, EncryptionPublicKey $theirPublicKey, + #[\SensitiveParameter] string $additionalData = '', string|bool $encoding = Halite::ENCODE_BASE64URLSAFE ): string { @@ -163,6 +168,7 @@ public static function encryptWithAD( */ public static function decrypt( string $ciphertext, + #[\SensitiveParameter] EncryptionSecretKey $ourPrivateKey, EncryptionPublicKey $theirPublicKey, string|bool $encoding = Halite::ENCODE_BASE64URLSAFE @@ -198,8 +204,10 @@ public static function decrypt( */ public static function decryptWithAD( string $ciphertext, + #[\SensitiveParameter] EncryptionSecretKey $ourPrivateKey, EncryptionPublicKey $theirPublicKey, + #[\SensitiveParameter] string $additionalData = '', string|bool $encoding = Halite::ENCODE_BASE64URLSAFE ): HiddenString { @@ -241,6 +249,7 @@ public static function decryptWithAD( * @throws TypeError */ public static function getSharedSecret( + #[\SensitiveParameter] EncryptionSecretKey $privateKey, EncryptionPublicKey $publicKey, bool $get_as_object = false, @@ -291,6 +300,7 @@ public static function getSharedSecret( * @throws TypeError */ public static function seal( + #[\SensitiveParameter] HiddenString $plaintext, EncryptionPublicKey $publicKey, string|bool $encoding = Halite::ENCODE_BASE64URLSAFE @@ -321,6 +331,7 @@ public static function seal( */ public static function sign( string $message, + #[\SensitiveParameter] SignatureSecretKey $privateKey, string|bool $encoding = Halite::ENCODE_BASE64URLSAFE ): string { @@ -355,6 +366,7 @@ public static function sign( */ public static function signAndEncrypt( HiddenString $message, + #[\SensitiveParameter] SignatureSecretKey $secretKey, PublicKey $recipientPublicKey, string|bool $encoding = Halite::ENCODE_BASE64URLSAFE @@ -393,6 +405,7 @@ public static function signAndEncrypt( */ public static function unseal( string $ciphertext, + #[\SensitiveParameter] EncryptionSecretKey $privateKey, string|bool $encoding = Halite::ENCODE_BASE64URLSAFE ): HiddenString { @@ -505,6 +518,7 @@ public static function verify( public static function verifyAndDecrypt( string $ciphertext, SignaturePublicKey $senderPublicKey, + #[\SensitiveParameter] SecretKey $givenSecretKey, string|bool $encoding = Halite::ENCODE_BASE64URLSAFE ): HiddenString { diff --git a/site/vendor/paragonie/halite/src/Asymmetric/EncryptionSecretKey.php b/site/vendor/paragonie/halite/src/Asymmetric/EncryptionSecretKey.php index ede9f8b2a..c361ab153 100644 --- a/site/vendor/paragonie/halite/src/Asymmetric/EncryptionSecretKey.php +++ b/site/vendor/paragonie/halite/src/Asymmetric/EncryptionSecretKey.php @@ -28,8 +28,11 @@ final class EncryptionSecretKey extends SecretKey * @throws InvalidKey * @throws TypeError */ - public function __construct(HiddenString $keyMaterial, ?HiddenString $pk = null) - { + public function __construct( + #[\SensitiveParameter] + HiddenString $keyMaterial, + ?HiddenString $pk = null + ) { if (Binary::safeStrlen($keyMaterial->getString()) !== SODIUM_CRYPTO_BOX_SECRETKEYBYTES) { throw new InvalidKey( sprintf( diff --git a/site/vendor/paragonie/halite/src/Asymmetric/SecretKey.php b/site/vendor/paragonie/halite/src/Asymmetric/SecretKey.php index 6da48fa33..ee8d7f624 100644 --- a/site/vendor/paragonie/halite/src/Asymmetric/SecretKey.php +++ b/site/vendor/paragonie/halite/src/Asymmetric/SecretKey.php @@ -24,8 +24,11 @@ class SecretKey extends Key * * @throws TypeError */ - public function __construct(HiddenString $keyMaterial, ?HiddenString $pk = null) - { + public function __construct( + #[\SensitiveParameter] + HiddenString $keyMaterial, + ?HiddenString $pk = null + ) { parent::__construct($keyMaterial); if (!is_null($pk)) { $this->cachedPublicKey = $pk->getString(); diff --git a/site/vendor/paragonie/halite/src/Asymmetric/SignatureSecretKey.php b/site/vendor/paragonie/halite/src/Asymmetric/SignatureSecretKey.php index f834f6c02..355db43d4 100644 --- a/site/vendor/paragonie/halite/src/Asymmetric/SignatureSecretKey.php +++ b/site/vendor/paragonie/halite/src/Asymmetric/SignatureSecretKey.php @@ -33,8 +33,11 @@ final class SignatureSecretKey extends SecretKey * @throws InvalidKey * @throws TypeError */ - public function __construct(HiddenString $keyMaterial, ?HiddenString $pk = null) - { + public function __construct( + #[\SensitiveParameter] + HiddenString $keyMaterial, + ?HiddenString $pk = null + ) { if (Binary::safeStrlen($keyMaterial->getString()) !== SODIUM_CRYPTO_SIGN_SECRETKEYBYTES) { throw new InvalidKey( sprintf( diff --git a/site/vendor/paragonie/halite/src/Cookie.php b/site/vendor/paragonie/halite/src/Cookie.php index c905f1510..beb493b04 100644 --- a/site/vendor/paragonie/halite/src/Cookie.php +++ b/site/vendor/paragonie/halite/src/Cookie.php @@ -86,8 +86,10 @@ public function __debugInfo() * @throws SodiumException * @throws TypeError */ - public function fetch(string $name) - { + public function fetch( + #[\SensitiveParameter] + string $name + ) { if (!isset($_COOKIE[$name])) { return null; } @@ -165,7 +167,9 @@ protected static function getConfig(string $stored): SymmetricConfig * @psalm-suppress MixedArgument */ public function store( + #[\SensitiveParameter] string $name, + #[\SensitiveParameter] $value, int $expire = 0, string $path = '/', diff --git a/site/vendor/paragonie/halite/src/EncryptionKeyPair.php b/site/vendor/paragonie/halite/src/EncryptionKeyPair.php index 4b675d568..182c855af 100644 --- a/site/vendor/paragonie/halite/src/EncryptionKeyPair.php +++ b/site/vendor/paragonie/halite/src/EncryptionKeyPair.php @@ -131,8 +131,10 @@ public function __construct(Key ...$keys) * @throws InvalidKey * @throws \TypeError */ - protected function setupKeyPair(EncryptionSecretKey $secret): void - { + protected function setupKeyPair( + #[\SensitiveParameter] + EncryptionSecretKey $secret + ): void { $this->secretKey = $secret; $this->publicKey = $this->secretKey->derivePublicKey(); } diff --git a/site/vendor/paragonie/halite/src/Password.php b/site/vendor/paragonie/halite/src/Password.php index 8acd6d5f1..ba8dda97b 100644 --- a/site/vendor/paragonie/halite/src/Password.php +++ b/site/vendor/paragonie/halite/src/Password.php @@ -64,9 +64,12 @@ final class Password * @throws TypeError */ public static function hash( + #[\SensitiveParameter] HiddenString $password, + #[\SensitiveParameter] EncryptionKey $secretKey, string $level = KeyFactory::INTERACTIVE, + #[\SensitiveParameter] string $additionalData = '' ): string { $kdfLimits = KeyFactory::getSecurityLevels($level); @@ -105,9 +108,12 @@ public static function hash( * @throws TypeError */ public static function needsRehash( + #[\SensitiveParameter] string $stored, + #[\SensitiveParameter] EncryptionKey $secretKey, string $level = KeyFactory::INTERACTIVE, + #[\SensitiveParameter] string $additionalData = '' ): bool { $config = self::getConfig($stored); @@ -203,9 +209,13 @@ protected static function getConfig(string $stored): SymmetricConfig * @throws TypeError */ public static function verify( + #[\SensitiveParameter] HiddenString $password, + #[\SensitiveParameter] string $stored, + #[\SensitiveParameter] EncryptionKey $secretKey, + #[\SensitiveParameter] string $additionalData = '' ): bool { $config = self::getConfig($stored); diff --git a/site/vendor/paragonie/halite/src/SignatureKeyPair.php b/site/vendor/paragonie/halite/src/SignatureKeyPair.php index d36386d5c..721b9e9df 100644 --- a/site/vendor/paragonie/halite/src/SignatureKeyPair.php +++ b/site/vendor/paragonie/halite/src/SignatureKeyPair.php @@ -157,8 +157,10 @@ public function getEncryptionKeyPair(): EncryptionKeyPair * @throws InvalidKey * @throws SodiumException */ - protected function setupKeyPair(SignatureSecretKey $secret): void - { + protected function setupKeyPair( + #[\SensitiveParameter] + SignatureSecretKey $secret + ): void { $this->secretKey = $secret; $this->publicKey = $this->secretKey->derivePublicKey(); } diff --git a/site/vendor/paragonie/halite/src/Symmetric/AuthenticationKey.php b/site/vendor/paragonie/halite/src/Symmetric/AuthenticationKey.php index 3ef8f517d..a53a69b69 100644 --- a/site/vendor/paragonie/halite/src/Symmetric/AuthenticationKey.php +++ b/site/vendor/paragonie/halite/src/Symmetric/AuthenticationKey.php @@ -27,8 +27,10 @@ final class AuthenticationKey extends SecretKey * @throws InvalidKey * @throws TypeError */ - public function __construct(HiddenString $keyMaterial) - { + public function __construct( + #[\SensitiveParameter] + HiddenString $keyMaterial + ) { if (Binary::safeStrlen($keyMaterial->getString()) !== SODIUM_CRYPTO_AUTH_KEYBYTES) { throw new InvalidKey( sprintf( diff --git a/site/vendor/paragonie/halite/src/Symmetric/EncryptionKey.php b/site/vendor/paragonie/halite/src/Symmetric/EncryptionKey.php index 24439803d..ea8fee2db 100644 --- a/site/vendor/paragonie/halite/src/Symmetric/EncryptionKey.php +++ b/site/vendor/paragonie/halite/src/Symmetric/EncryptionKey.php @@ -25,8 +25,10 @@ final class EncryptionKey extends SecretKey * @throws InvalidKey * @throws TypeError */ - public function __construct(HiddenString $keyMaterial) - { + public function __construct( + #[\SensitiveParameter] + HiddenString $keyMaterial + ) { if (Binary::safeStrlen($keyMaterial->getString()) !== SODIUM_CRYPTO_STREAM_KEYBYTES) { throw new InvalidKey( sprintf( diff --git a/site/vendor/paragonie/hidden-string/.github/workflows/.editorconfig b/site/vendor/paragonie/hidden-string/.github/workflows/.editorconfig new file mode 100644 index 000000000..7bd3346f2 --- /dev/null +++ b/site/vendor/paragonie/hidden-string/.github/workflows/.editorconfig @@ -0,0 +1,2 @@ +[*.yml] +indent_size = 2 diff --git a/site/vendor/paragonie/hidden-string/.github/workflows/ci.yml b/site/vendor/paragonie/hidden-string/.github/workflows/ci.yml new file mode 100644 index 000000000..35b4f8aca --- /dev/null +++ b/site/vendor/paragonie/hidden-string/.github/workflows/ci.yml @@ -0,0 +1,48 @@ +name: Tests +on: [push, pull_request] + +jobs: + build: + name: PHPUnit + runs-on: ubuntu-22.04 + strategy: + max-parallel: 10 + matrix: + php: ['7.4', '8.0', '8.1', '8.2', '8.3', '8.4'] + + steps: + - name: Set up PHP + uses: shivammathur/setup-php@2.9.0 + with: + php-version: ${{ matrix.php }} + coverage: none + + - name: Checkout code + uses: actions/checkout@v2 + + - name: Download dependencies + env: + PHP_VERSION: ${{ matrix.php }} + run: composer update + + - name: Run tests + run: ./vendor/bin/phpunit + + lowest: + name: Lowest deps + runs-on: ubuntu-latest + steps: + - name: Set up PHP + uses: shivammathur/setup-php@2.1.0 + with: + php-version: 7.4 + coverage: none + + - name: Checkout code + uses: actions/checkout@v2 + + - name: Download dependencies + run: composer update --no-interaction --prefer-dist --prefer-stable --prefer-lowest + + - name: Run tests + run: ./vendor/bin/phpunit diff --git a/site/vendor/paragonie/hidden-string/.github/workflows/static.yml b/site/vendor/paragonie/hidden-string/.github/workflows/static.yml new file mode 100644 index 000000000..7b8abb6ca --- /dev/null +++ b/site/vendor/paragonie/hidden-string/.github/workflows/static.yml @@ -0,0 +1,13 @@ +on: [push, pull_request] +name: Static analysis + +jobs: + psalm: + name: Psalm + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Psalm + uses: docker://vimeo/psalm-github-actions diff --git a/site/vendor/paragonie/hidden-string/.gitignore b/site/vendor/paragonie/hidden-string/.gitignore index 36d167dd0..cda0e5b89 100644 --- a/site/vendor/paragonie/hidden-string/.gitignore +++ b/site/vendor/paragonie/hidden-string/.gitignore @@ -1,4 +1,4 @@ /vendor/ /.idea/ /composer.lock - +/composer.phar diff --git a/site/vendor/paragonie/hidden-string/.travis.yml b/site/vendor/paragonie/hidden-string/.travis.yml deleted file mode 100644 index ec5c856d4..000000000 --- a/site/vendor/paragonie/hidden-string/.travis.yml +++ /dev/null @@ -1,24 +0,0 @@ -language: php -sudo: false - -matrix: - fast_finish: true - include: - - php: "7.4" - - php: "8.0" - - php: "nightly" - - php: "master" - allow_failures: - - php: "nightly" - - php: "master" - -before_install: - - phpenv config-rm xdebug.ini - -install: - - composer self-update - - composer update - -script: - - vendor/bin/phpunit - - vendor/bin/psalm diff --git a/site/vendor/paragonie/hidden-string/README.md b/site/vendor/paragonie/hidden-string/README.md index d2f73d94f..fa63b374a 100644 --- a/site/vendor/paragonie/hidden-string/README.md +++ b/site/vendor/paragonie/hidden-string/README.md @@ -1,10 +1,11 @@ # HiddenString -[![Build Status](https://travis-ci.org/paragonie/hidden-string.svg?branch=master)](https://travis-ci.org/paragonie/hidden-string) +[![Build Status](https://github.com/paragonie/hidden-string/actions/workflows/ci.yml/badge.svg)](https://github.com/paragonie/hidden-string/actions) +[![Psalm Status](https://github.com/paragonie/hidden-string/actions/workflows/static.yml/badge.svg)](https://github.com/paragonie/hidden-string/actions) [![Latest Stable Version](https://poser.pugx.org/paragonie/hidden-string/v/stable)](https://packagist.org/packages/paragonie/hidden-string) [![Latest Unstable Version](https://poser.pugx.org/paragonie/hidden-string/v/unstable)](https://packagist.org/packages/paragonie/hidden-string) [![License](https://poser.pugx.org/paragonie/hidden-string/license)](https://packagist.org/packages/paragonie/hidden-string) [![Downloads](https://img.shields.io/packagist/dt/paragonie/hidden-string.svg)](https://packagist.org/packages/paragonie/hidden-string) This package extracts the HiddenString class originally used in [Halite](https://github.com/paragonie/halite). -**Requires PHP 7.** +**Requires PHP 7 or newer.** diff --git a/site/vendor/paragonie/hidden-string/composer.json b/site/vendor/paragonie/hidden-string/composer.json index be5348f3f..b716db491 100644 --- a/site/vendor/paragonie/hidden-string/composer.json +++ b/site/vendor/paragonie/hidden-string/composer.json @@ -18,8 +18,7 @@ ], "require": { "php": "^7.4|^8", - "paragonie/constant_time_encoding": "^2", - "paragonie/sodium_compat": "^1.6" + "paragonie/constant_time_encoding": "^2|^3" }, "autoload": { "psr-4": { @@ -27,8 +26,8 @@ } }, "require-dev": { - "phpunit/phpunit": "^6|^7|^8|^9", - "vimeo/psalm": "^3|^4" + "phpunit/phpunit": "^9.5", + "vimeo/psalm": "^4" }, "config": { "preferred-install": "dist", diff --git a/site/vendor/paragonie/hidden-string/psalm.xml b/site/vendor/paragonie/hidden-string/psalm.xml index 774e21d8f..6b328c9d4 100644 --- a/site/vendor/paragonie/hidden-string/psalm.xml +++ b/site/vendor/paragonie/hidden-string/psalm.xml @@ -1,6 +1,5 @@ + + + + diff --git a/site/vendor/paragonie/hidden-string/src/HiddenString.php b/site/vendor/paragonie/hidden-string/src/HiddenString.php index f6765f3bd..079a0edb8 100644 --- a/site/vendor/paragonie/hidden-string/src/HiddenString.php +++ b/site/vendor/paragonie/hidden-string/src/HiddenString.php @@ -3,6 +3,12 @@ namespace ParagonIE\HiddenString; use ParagonIE\ConstantTime\Binary; +use Throwable; +use TypeError; +use function + hash_equals, + sodium_memzero, + str_repeat; /** * Class HiddenString @@ -21,34 +27,30 @@ */ final class HiddenString { - /** - * @var string - */ protected string $internalStringValue = ''; /** * Disallow the contents from being accessed via __toString()? - * - * @var bool */ protected bool $disallowInline = true; /** * Disallow the contents from being accessed via __sleep()? - * - * @var bool */ protected bool $disallowSerialization = true; /** * HiddenString constructor. + * * @param string $value + * * @param bool $disallowInline * @param bool $disallowSerialization * - * @throws \TypeError + * @throws TypeError */ public function __construct( + #[\SensitiveParameter] string $value, bool $disallowInline = true, bool $disallowSerialization = true @@ -60,12 +62,14 @@ public function __construct( /** * @param HiddenString $other + * * @return bool - * @throws \TypeError + * + * @throws TypeError */ public function equals(HiddenString $other) { - return \hash_equals( + return hash_equals( $this->getString(), $other->getString() ); @@ -92,15 +96,16 @@ public function __debugInfo() /** * Wipe it from memory after it's been used. + * * @return void */ public function __destruct() { - if (\is_callable('sodium_memzero')) { + if (is_callable('sodium_memzero')) { try { - \sodium_memzero($this->internalStringValue); + sodium_memzero($this->internalStringValue); return; - } catch (\Throwable $ex) { + } catch (Throwable $ex) { } } if (is_null($this->internalStringValue)) { @@ -109,7 +114,7 @@ public function __destruct() // Last-ditch attempt to wipe existing values if libsodium is not // available. Don't rely on this. - $zero = \str_repeat("\0", Binary::safeStrlen($this->internalStringValue)); + $zero = str_repeat("\0", Binary::safeStrlen($this->internalStringValue)); $this->internalStringValue = $this->internalStringValue ^ ( $zero ^ $this->internalStringValue ); @@ -121,7 +126,8 @@ public function __destruct() * Explicit invocation -- get the raw string value * * @return string - * @throws \TypeError + * + * @throws TypeError */ public function getString(): string { @@ -133,8 +139,9 @@ public function getString(): string * Optionally, it can return an empty string. * * @return string + * * @throws MisuseException - * @throws \TypeError + * @throws TypeError */ public function __toString(): string { @@ -148,6 +155,7 @@ public function __toString(): string /** * @return array + * * @throws MisuseException */ public function __sleep(): array @@ -169,14 +177,17 @@ public function __sleep(): array * the original string. * * @param string $string + * * @return string - * @throws \TypeError + * + * @throws TypeError */ - public static function safeStrcpy(string $string): string - { + public static function safeStrcpy( + #[\SensitiveParameter] + string $string + ): string { $length = Binary::safeStrlen($string); $return = ''; - /** @var int $chunk */ $chunk = $length >> 1; if ($chunk < 1) { $chunk = 1; From af610a0ef685fbd3c944826d160f54c5ef89fd66 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20=C5=A0pa=C4=8Dek?= Date: Thu, 9 May 2024 04:19:39 +0200 Subject: [PATCH 2/4] Update packages - phpstan/phpdoc-parser updated from 1.28.0 to 1.29.0 minor See changes: https://github.com/phpstan/phpdoc-parser/compare/1.28.0...1.29.0 Release notes: https://github.com/phpstan/phpdoc-parser/releases/tag/1.29.0 Replace #332 --- site/composer.lock | 12 ++++----- site/vendor/composer/installed.json | 14 +++++----- site/vendor/composer/installed.php | 6 ++--- .../src/Ast/Type/OffsetAccessTypeNode.php | 1 - .../phpdoc-parser/src/Parser/TypeParser.php | 26 +++++++++++++------ .../phpdoc-parser/src/Printer/Printer.php | 2 -- 6 files changed, 34 insertions(+), 27 deletions(-) diff --git a/site/composer.lock b/site/composer.lock index 5d4ca42bd..6d1b24a3c 100644 --- a/site/composer.lock +++ b/site/composer.lock @@ -3428,16 +3428,16 @@ }, { "name": "phpstan/phpdoc-parser", - "version": "1.28.0", + "version": "1.29.0", "source": { "type": "git", "url": "https://github.com/phpstan/phpdoc-parser.git", - "reference": "cd06d6b1a1b3c75b0b83f97577869fd85a3cd4fb" + "reference": "536889f2b340489d328f5ffb7b02bb6b183ddedc" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/cd06d6b1a1b3c75b0b83f97577869fd85a3cd4fb", - "reference": "cd06d6b1a1b3c75b0b83f97577869fd85a3cd4fb", + "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/536889f2b340489d328f5ffb7b02bb6b183ddedc", + "reference": "536889f2b340489d328f5ffb7b02bb6b183ddedc", "shasum": "" }, "require": { @@ -3469,9 +3469,9 @@ "description": "PHPDoc parser with support for nullable, intersection and generic types", "support": { "issues": "https://github.com/phpstan/phpdoc-parser/issues", - "source": "https://github.com/phpstan/phpdoc-parser/tree/1.28.0" + "source": "https://github.com/phpstan/phpdoc-parser/tree/1.29.0" }, - "time": "2024-04-03T18:51:33+00:00" + "time": "2024-05-06T12:04:23+00:00" }, { "name": "phpstan/phpstan", diff --git a/site/vendor/composer/installed.json b/site/vendor/composer/installed.json index f447fc2ae..e647e3d9e 100644 --- a/site/vendor/composer/installed.json +++ b/site/vendor/composer/installed.json @@ -2074,17 +2074,17 @@ }, { "name": "phpstan/phpdoc-parser", - "version": "1.28.0", - "version_normalized": "1.28.0.0", + "version": "1.29.0", + "version_normalized": "1.29.0.0", "source": { "type": "git", "url": "https://github.com/phpstan/phpdoc-parser.git", - "reference": "cd06d6b1a1b3c75b0b83f97577869fd85a3cd4fb" + "reference": "536889f2b340489d328f5ffb7b02bb6b183ddedc" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/cd06d6b1a1b3c75b0b83f97577869fd85a3cd4fb", - "reference": "cd06d6b1a1b3c75b0b83f97577869fd85a3cd4fb", + "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/536889f2b340489d328f5ffb7b02bb6b183ddedc", + "reference": "536889f2b340489d328f5ffb7b02bb6b183ddedc", "shasum": "" }, "require": { @@ -2101,7 +2101,7 @@ "phpunit/phpunit": "^9.5", "symfony/process": "^5.2" }, - "time": "2024-04-03T18:51:33+00:00", + "time": "2024-05-06T12:04:23+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -2118,7 +2118,7 @@ "description": "PHPDoc parser with support for nullable, intersection and generic types", "support": { "issues": "https://github.com/phpstan/phpdoc-parser/issues", - "source": "https://github.com/phpstan/phpdoc-parser/tree/1.28.0" + "source": "https://github.com/phpstan/phpdoc-parser/tree/1.29.0" }, "install-path": "../phpstan/phpdoc-parser" }, diff --git a/site/vendor/composer/installed.php b/site/vendor/composer/installed.php index ea8b0d469..d5c353573 100644 --- a/site/vendor/composer/installed.php +++ b/site/vendor/composer/installed.php @@ -332,9 +332,9 @@ ), ), 'phpstan/phpdoc-parser' => array( - 'pretty_version' => '1.28.0', - 'version' => '1.28.0.0', - 'reference' => 'cd06d6b1a1b3c75b0b83f97577869fd85a3cd4fb', + 'pretty_version' => '1.29.0', + 'version' => '1.29.0.0', + 'reference' => '536889f2b340489d328f5ffb7b02bb6b183ddedc', 'type' => 'library', 'install_path' => __DIR__ . '/../phpstan/phpdoc-parser', 'aliases' => array(), diff --git a/site/vendor/phpstan/phpdoc-parser/src/Ast/Type/OffsetAccessTypeNode.php b/site/vendor/phpstan/phpdoc-parser/src/Ast/Type/OffsetAccessTypeNode.php index 39e83dfec..c27ec0a3e 100644 --- a/site/vendor/phpstan/phpdoc-parser/src/Ast/Type/OffsetAccessTypeNode.php +++ b/site/vendor/phpstan/phpdoc-parser/src/Ast/Type/OffsetAccessTypeNode.php @@ -25,7 +25,6 @@ public function __toString(): string { if ( $this->type instanceof CallableTypeNode - || $this->type instanceof ConstTypeNode || $this->type instanceof NullableTypeNode ) { return '(' . $this->type . ')[' . $this->offset . ']'; diff --git a/site/vendor/phpstan/phpdoc-parser/src/Parser/TypeParser.php b/site/vendor/phpstan/phpdoc-parser/src/Parser/TypeParser.php index ebc2fbab4..5669fe45d 100644 --- a/site/vendor/phpstan/phpdoc-parser/src/Parser/TypeParser.php +++ b/site/vendor/phpstan/phpdoc-parser/src/Parser/TypeParser.php @@ -232,7 +232,17 @@ private function parseAtomic(TokenIterator $tokens): Ast\Type\TypeNode ); } - return $this->enrichWithAttributes($tokens, new Ast\Type\ConstTypeNode($constExpr), $startLine, $startIndex); + $type = $this->enrichWithAttributes( + $tokens, + new Ast\Type\ConstTypeNode($constExpr), + $startLine, + $startIndex + ); + if ($tokens->isCurrentTokenType(Lexer::TOKEN_OPEN_SQUARE_BRACKET)) { + $type = $this->tryParseArrayOrOffsetAccess($tokens, $type); + } + + return $type; } catch (LogicException $e) { throw new ParserException( $currentTokenValue, @@ -733,14 +743,14 @@ private function parseCallableReturnType(TokenIterator $tokens): Ast\Type\TypeNo ); } - $type = new Ast\Type\ConstTypeNode($constExpr); + $type = $this->enrichWithAttributes( + $tokens, + new Ast\Type\ConstTypeNode($constExpr), + $startLine, + $startIndex + ); if ($tokens->isCurrentTokenType(Lexer::TOKEN_OPEN_SQUARE_BRACKET)) { - $type = $this->tryParseArrayOrOffsetAccess($tokens, $this->enrichWithAttributes( - $tokens, - $type, - $startLine, - $startIndex - )); + $type = $this->tryParseArrayOrOffsetAccess($tokens, $type); } return $type; diff --git a/site/vendor/phpstan/phpdoc-parser/src/Printer/Printer.php b/site/vendor/phpstan/phpdoc-parser/src/Printer/Printer.php index b17699323..044d07f88 100644 --- a/site/vendor/phpstan/phpdoc-parser/src/Printer/Printer.php +++ b/site/vendor/phpstan/phpdoc-parser/src/Printer/Printer.php @@ -141,7 +141,6 @@ final class Printer CallableTypeNode::class, UnionTypeNode::class, IntersectionTypeNode::class, - ConstTypeNode::class, NullableTypeNode::class, ], ]; @@ -512,7 +511,6 @@ private function printOffsetAccessType(TypeNode $type): string $type instanceof CallableTypeNode || $type instanceof UnionTypeNode || $type instanceof IntersectionTypeNode - || $type instanceof ConstTypeNode || $type instanceof NullableTypeNode ) { return $this->wrapInParentheses($type); From 608a99b6dbd66ccc868afcb700d7577aac2aedee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20=C5=A0pa=C4=8Dek?= Date: Thu, 9 May 2024 04:22:25 +0200 Subject: [PATCH 3/4] Update packages - roave/security-advisories updated from dev-latest@ddcd0a7 to dev-latest@99ba399 See changes: https://github.com/Roave/SecurityAdvisories/compare/ddcd0a7...99ba399 --- site/composer.lock | 16 ++++++++-------- site/vendor/composer/installed.json | 16 ++++++++-------- site/vendor/composer/installed.php | 2 +- 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/site/composer.lock b/site/composer.lock index 6d1b24a3c..731d97723 100644 --- a/site/composer.lock +++ b/site/composer.lock @@ -3682,12 +3682,12 @@ "source": { "type": "git", "url": "https://github.com/Roave/SecurityAdvisories.git", - "reference": "ddcd0a72eec2dd32a4a4bb719a95201f753f12e8" + "reference": "99ba3993d1441627081b78b6a844776fc9ef264f" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/ddcd0a72eec2dd32a4a4bb719a95201f753f12e8", - "reference": "ddcd0a72eec2dd32a4a4bb719a95201f753f12e8", + "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/99ba3993d1441627081b78b6a844776fc9ef264f", + "reference": "99ba3993d1441627081b78b6a844776fc9ef264f", "shasum": "" }, "conflict": { @@ -3901,7 +3901,7 @@ "getkirby/panel": "<2.5.14", "getkirby/starterkit": "<=3.7.0.2", "gilacms/gila": "<=1.15.4", - "gleez/cms": "<=1.2|==2", + "gleez/cms": "<=1.3|==2", "globalpayments/php-sdk": "<2", "gogentooss/samlbase": "<1.2.7", "google/protobuf": "<3.15", @@ -3969,7 +3969,7 @@ "kelvinmo/simplexrd": "<3.1.1", "kevinpapst/kimai2": "<1.16.7", "khodakhah/nodcms": "<=3", - "kimai/kimai": "<2.13", + "kimai/kimai": "<2.16", "kitodo/presentation": "<3.2.3|>=3.3,<3.3.4", "klaviyo/magento2-extension": ">=1,<3", "knplabs/knp-snappy": "<=1.4.2", @@ -4134,7 +4134,7 @@ "pimcore/demo": "<10.3", "pimcore/ecommerce-framework-bundle": "<1.0.10", "pimcore/perspective-editor": "<1.5.1", - "pimcore/pimcore": "<11.2.3", + "pimcore/pimcore": "<11.1.6.5-dev|>=11.2,<11.2.3", "pixelfed/pixelfed": "<0.11.11", "plotly/plotly.js": "<2.25.2", "pocketmine/bedrock-protocol": "<8.0.2", @@ -4312,7 +4312,7 @@ "topthink/thinkphp": "<=3.2.3", "torrentpier/torrentpier": "<=2.4.1", "tpwd/ke_search": "<4.0.3|>=4.1,<4.6.6|>=5,<5.0.2", - "tribalsystems/zenario": "<=9.4.59197", + "tribalsystems/zenario": "<9.5.60602", "truckersmp/phpwhois": "<=4.3.1", "ttskch/pagination-service-provider": "<1", "twig/twig": "<1.44.7|>=2,<2.15.3|>=3,<3.4.3", @@ -4466,7 +4466,7 @@ "type": "tidelift" } ], - "time": "2024-05-03T21:04:13+00:00" + "time": "2024-05-08T14:04:15+00:00" }, { "name": "shipmonk/composer-dependency-analyser", diff --git a/site/vendor/composer/installed.json b/site/vendor/composer/installed.json index e647e3d9e..fa81e4def 100644 --- a/site/vendor/composer/installed.json +++ b/site/vendor/composer/installed.json @@ -2505,12 +2505,12 @@ "source": { "type": "git", "url": "https://github.com/Roave/SecurityAdvisories.git", - "reference": "ddcd0a72eec2dd32a4a4bb719a95201f753f12e8" + "reference": "99ba3993d1441627081b78b6a844776fc9ef264f" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/ddcd0a72eec2dd32a4a4bb719a95201f753f12e8", - "reference": "ddcd0a72eec2dd32a4a4bb719a95201f753f12e8", + "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/99ba3993d1441627081b78b6a844776fc9ef264f", + "reference": "99ba3993d1441627081b78b6a844776fc9ef264f", "shasum": "" }, "conflict": { @@ -2724,7 +2724,7 @@ "getkirby/panel": "<2.5.14", "getkirby/starterkit": "<=3.7.0.2", "gilacms/gila": "<=1.15.4", - "gleez/cms": "<=1.2|==2", + "gleez/cms": "<=1.3|==2", "globalpayments/php-sdk": "<2", "gogentooss/samlbase": "<1.2.7", "google/protobuf": "<3.15", @@ -2792,7 +2792,7 @@ "kelvinmo/simplexrd": "<3.1.1", "kevinpapst/kimai2": "<1.16.7", "khodakhah/nodcms": "<=3", - "kimai/kimai": "<2.13", + "kimai/kimai": "<2.16", "kitodo/presentation": "<3.2.3|>=3.3,<3.3.4", "klaviyo/magento2-extension": ">=1,<3", "knplabs/knp-snappy": "<=1.4.2", @@ -2957,7 +2957,7 @@ "pimcore/demo": "<10.3", "pimcore/ecommerce-framework-bundle": "<1.0.10", "pimcore/perspective-editor": "<1.5.1", - "pimcore/pimcore": "<11.2.3", + "pimcore/pimcore": "<11.1.6.5-dev|>=11.2,<11.2.3", "pixelfed/pixelfed": "<0.11.11", "plotly/plotly.js": "<2.25.2", "pocketmine/bedrock-protocol": "<8.0.2", @@ -3135,7 +3135,7 @@ "topthink/thinkphp": "<=3.2.3", "torrentpier/torrentpier": "<=2.4.1", "tpwd/ke_search": "<4.0.3|>=4.1,<4.6.6|>=5,<5.0.2", - "tribalsystems/zenario": "<=9.4.59197", + "tribalsystems/zenario": "<9.5.60602", "truckersmp/phpwhois": "<=4.3.1", "ttskch/pagination-service-provider": "<1", "twig/twig": "<1.44.7|>=2,<2.15.3|>=3,<3.4.3", @@ -3253,7 +3253,7 @@ "zfr/zfr-oauth2-server-module": "<0.1.2", "zoujingli/thinkadmin": "<=6.1.53" }, - "time": "2024-05-03T21:04:13+00:00", + "time": "2024-05-08T14:04:15+00:00", "default-branch": true, "type": "metapackage", "notification-url": "https://packagist.org/downloads/", diff --git a/site/vendor/composer/installed.php b/site/vendor/composer/installed.php index d5c353573..28b2a7820 100644 --- a/site/vendor/composer/installed.php +++ b/site/vendor/composer/installed.php @@ -418,7 +418,7 @@ 'roave/security-advisories' => array( 'pretty_version' => 'dev-latest', 'version' => 'dev-latest', - 'reference' => 'ddcd0a72eec2dd32a4a4bb719a95201f753f12e8', + 'reference' => '99ba3993d1441627081b78b6a844776fc9ef264f', 'type' => 'metapackage', 'install_path' => null, 'aliases' => array( From 97ea749eea5c2370993907eec6f9b68423622572 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20=C5=A0pa=C4=8Dek?= Date: Thu, 9 May 2024 04:26:31 +0200 Subject: [PATCH 4/4] Remove the polyfills that are not needed anymore --- site/composer.json | 4 ---- site/composer.lock | 2 +- site/vendor/composer/installed.php | 24 ------------------------ 3 files changed, 1 insertion(+), 29 deletions(-) diff --git a/site/composer.json b/site/composer.json index dd8eb0159..89eaf08e9 100644 --- a/site/composer.json +++ b/site/composer.json @@ -50,13 +50,9 @@ }, "replace": { "nette/finder": "3.0", - "paragonie/random_compat": "9.99.99", "paragonie/sodium_compat": "*", "symfony/polyfill-ctype": "*", "symfony/polyfill-mbstring": "*", - "symfony/polyfill-php73": "*", - "symfony/polyfill-php80": "*", - "symfony/polyfill-php81": "*", "symfony/process": "*" }, "require-dev": { diff --git a/site/composer.lock b/site/composer.lock index 731d97723..a53bb631a 100644 --- a/site/composer.lock +++ b/site/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "bf719fcc7a3be141218bb2928e776d8e", + "content-hash": "4edf39c1cf1f00fd1141d354484c9acc", "packages": [ { "name": "contributte/translation", diff --git a/site/vendor/composer/installed.php b/site/vendor/composer/installed.php index 28b2a7820..ad34df844 100644 --- a/site/vendor/composer/installed.php +++ b/site/vendor/composer/installed.php @@ -286,12 +286,6 @@ 'aliases' => array(), 'dev_requirement' => false, ), - 'paragonie/random_compat' => array( - 'dev_requirement' => false, - 'replaced' => array( - 0 => '9.99.99', - ), - ), 'paragonie/sodium_compat' => array( 'dev_requirement' => false, 'replaced' => array( @@ -630,24 +624,6 @@ 0 => '*', ), ), - 'symfony/polyfill-php73' => array( - 'dev_requirement' => false, - 'replaced' => array( - 0 => '*', - ), - ), - 'symfony/polyfill-php80' => array( - 'dev_requirement' => false, - 'replaced' => array( - 0 => '*', - ), - ), - 'symfony/polyfill-php81' => array( - 'dev_requirement' => false, - 'replaced' => array( - 0 => '*', - ), - ), 'symfony/process' => array( 'dev_requirement' => false, 'replaced' => array(