diff --git a/CHANGELOG.md b/CHANGELOG.md index f9a1401..7b31b3f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,18 @@ MONARC Changelog ================ +## 2.9.14 (2020-04-24) + +### Fix + +- "Edit impacts" in version 2.9.13 + ([#273](https://github.com/monarc-project/MonarcAppFO/issues/273)). +- Duplicate assets + ([#279](https://github.com/monarc-project/MonarcAppFO/issues/279)). +- Translation "Vulnerabilities" in the Knowledge Base + ([#275](https://github.com/monarc-project/MonarcAppFO/issues/275)). + + ## 2.9.13 (2020-04-14) ### Fix diff --git a/VERSION.json b/VERSION.json index a7d7178..d4e1ed6 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1 +1 @@ -{"major":2, "minor":9, "hotfix":13} +{"major":2, "minor":9, "hotfix":14} diff --git a/composer.lock b/composer.lock index ea71351..b9714d9 100644 --- a/composer.lock +++ b/composer.lock @@ -50,6 +50,12 @@ "brick", "math" ], + "funding": [ + { + "url": "https://tidelift.com/funding/github/packagist/brick/math", + "type": "tidelift" + } + ], "time": "2020-04-15T15:59:35+00:00" }, { @@ -816,6 +822,20 @@ "sqlserver", "sqlsrv" ], + "funding": [ + { + "url": "https://www.doctrine-project.org/sponsorship.html", + "type": "custom" + }, + { + "url": "https://www.patreon.com/phpdoctrine", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/doctrine%2Fdbal", + "type": "tidelift" + } + ], "time": "2020-04-20T17:19:26+00:00" }, { @@ -1355,6 +1375,20 @@ "database", "orm" ], + "funding": [ + { + "url": "https://www.doctrine-project.org/sponsorship.html", + "type": "custom" + }, + { + "url": "https://www.patreon.com/phpdoctrine", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/doctrine/orm", + "type": "tidelift" + } + ], "time": "2020-03-19T06:41:02+00:00" }, { @@ -1438,6 +1472,20 @@ "orm", "persistence" ], + "funding": [ + { + "url": "https://www.doctrine-project.org/sponsorship.html", + "type": "custom" + }, + { + "url": "https://www.patreon.com/phpdoctrine", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/doctrine%2Fpersistence", + "type": "tidelift" + } + ], "time": "2020-03-21T15:13:52+00:00" }, { @@ -2723,6 +2771,12 @@ "laminas", "mail" ], + "funding": [ + { + "url": "https://funding.communitybridge.org/projects/laminas-project", + "type": "community_bridge" + } + ], "time": "2020-04-21T16:42:19+00:00" }, { @@ -3618,20 +3672,26 @@ "laminas", "zf" ], + "funding": [ + { + "url": "https://funding.communitybridge.org/projects/laminas-project", + "type": "community_bridge" + } + ], "time": "2020-04-03T16:01:00+00:00" }, { "name": "monarc/core", - "version": "v2.9.17", + "version": "v2.9.18", "source": { "type": "git", "url": "https://github.com/monarc-project/zm-core.git", - "reference": "329104bb66c69ff27c11313851236fa254ee8714" + "reference": "bcb0b2bea8c83c55284ab77571ff4692268582ae" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/monarc-project/zm-core/zipball/329104bb66c69ff27c11313851236fa254ee8714", - "reference": "329104bb66c69ff27c11313851236fa254ee8714", + "url": "https://api.github.com/repos/monarc-project/zm-core/zipball/bcb0b2bea8c83c55284ab77571ff4692268582ae", + "reference": "bcb0b2bea8c83c55284ab77571ff4692268582ae", "shasum": "" }, "require": { @@ -3706,7 +3766,7 @@ } ], "description": "Core for monarc/monarc application", - "time": "2020-04-14T10:00:52+00:00" + "time": "2020-04-24T08:06:23+00:00" }, { "name": "monarc/frontoffice", @@ -4436,6 +4496,12 @@ "identifier", "uuid" ], + "funding": [ + { + "url": "https://github.com/ramsey", + "type": "github" + } + ], "time": "2020-03-29T20:13:32+00:00" }, { @@ -4626,6 +4692,20 @@ ], "description": "Symfony Config Component", "homepage": "https://symfony.com", + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], "time": "2020-03-27T16:56:45+00:00" }, { @@ -4702,6 +4782,20 @@ ], "description": "Symfony Console Component", "homepage": "https://symfony.com", + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], "time": "2020-03-30T11:42:42+00:00" }, { @@ -4752,6 +4846,20 @@ ], "description": "Symfony Filesystem Component", "homepage": "https://symfony.com", + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], "time": "2020-03-27T16:56:45+00:00" }, { @@ -5817,16 +5925,16 @@ }, { "name": "phpunit/phpunit", - "version": "8.5.3", + "version": "8.5.4", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "67750516bc02f300e2742fed2f50177f8f37bedf" + "reference": "8474e22d7d642f665084ba5ec780626cbd1efd23" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/67750516bc02f300e2742fed2f50177f8f37bedf", - "reference": "67750516bc02f300e2742fed2f50177f8f37bedf", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/8474e22d7d642f665084ba5ec780626cbd1efd23", + "reference": "8474e22d7d642f665084ba5ec780626cbd1efd23", "shasum": "" }, "require": { @@ -5896,7 +6004,17 @@ "testing", "xunit" ], - "time": "2020-03-31T08:52:04+00:00" + "funding": [ + { + "url": "https://phpunit.de/donate.html", + "type": "custom" + }, + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-04-23T04:39:42+00:00" }, { "name": "roave/security-advisories", @@ -5904,12 +6022,12 @@ "source": { "type": "git", "url": "https://github.com/Roave/SecurityAdvisories.git", - "reference": "2bdae3cc8428d637d5c86c8c33d0a3354ce93f7f" + "reference": "81541a731da2f245a08666de73169cb5da7ac573" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/2bdae3cc8428d637d5c86c8c33d0a3354ce93f7f", - "reference": "2bdae3cc8428d637d5c86c8c33d0a3354ce93f7f", + "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/81541a731da2f245a08666de73169cb5da7ac573", + "reference": "81541a731da2f245a08666de73169cb5da7ac573", "shasum": "" }, "conflict": { @@ -6045,7 +6163,7 @@ "silverstripe/userforms": "<3", "simple-updates/phpwhois": "<=1", "simplesamlphp/saml2": "<1.10.6|>=2,<2.3.8|>=3,<3.1.4", - "simplesamlphp/simplesamlphp": "<1.18.4", + "simplesamlphp/simplesamlphp": "<1.18.6", "simplesamlphp/simplesamlphp-module-infocard": "<1.0.1", "simplito/elliptic-php": "<1.0.6", "slim/slim": "<2.6", @@ -6162,7 +6280,17 @@ } ], "description": "Prevents installation of composer packages with known security vulnerabilities: no API, simply require it", - "time": "2020-04-21T14:24:08+00:00" + "funding": [ + { + "url": "https://github.com/Ocramius", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/roave/security-advisories", + "type": "tidelift" + } + ], + "time": "2020-04-23T00:01:30+00:00" }, { "name": "sebastian/code-unit-reverse-lookup", diff --git a/package.json b/package.json index 58c2723..b13221e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "MONARC", - "version": "2.9.13", + "version": "2.9.14", "description": "Monarc front office application", "private": true, "repository": { diff --git a/vagrant/Vagrantfile b/vagrant/Vagrantfile index 4ed7bb8..bba961f 100644 --- a/vagrant/Vagrantfile +++ b/vagrant/Vagrantfile @@ -12,7 +12,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| # Every Vagrant virtual environment requires a box to build off of. config.vm.box = "ubuntu/bionic64" config.disksize.size = "50GB" - config.vm.provision :shell, path: "bootstrap.sh" + config.vm.provision "shell", privileged: false, path: "bootstrap.sh" # Disable automatic box update checking. If you disable this, then # boxes will only be checked for updates when the user runs @@ -42,8 +42,8 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| # the path on the host to the actual folder. The second argument is # the path on the guest to mount the folder. And the optional third # argument is a set of non-required options. - config.vm.synced_folder "..", "/home/ubuntu/monarc", - owner: "www-data", group: "www-data", disabled: false + config.vm.synced_folder "..", "/home/vagrant/monarc", + owner: "vagrant", group: "vagrant", disabled: false, mount_options: ["dmode=777", "fmode=775"] # Provider-specific configuration so you can fine-tune various # backing providers for Vagrant. These expose provider-specific options. diff --git a/vagrant/bootstrap.sh b/vagrant/bootstrap.sh index d433810..0b217ec 100644 --- a/vagrant/bootstrap.sh +++ b/vagrant/bootstrap.sh @@ -1,6 +1,6 @@ #! /usr/bin/env bash -PATH_TO_MONARC='/home/ubuntu/monarc' +PATH_TO_MONARC='/home/vagrant/monarc' APPENV='local' ENVIRONMENT='development' @@ -23,36 +23,36 @@ session.gc_maxlifetime=604800 session.gc_probability=1 session.gc_divisor=1000 PHP_INI=/etc/php/7.2/apache2/php.ini -X_DEBUG_CFG=/etc/php/7.2/apache2/conf.d/20-xdebug.ini +XDEBUG_CFG=/etc/php/7.2/apache2/conf.d/20-xdebug.ini MARIA_DB_CFG=/etc/mysql/mariadb.conf.d/50-server.cnf export DEBIAN_FRONTEND=noninteractive export LANGUAGE=en_US.UTF-8 export LANG=en_US.UTF-8 export LC_ALL=en_US.UTF-8 -locale-gen en_US.UTF-8 -dpkg-reconfigure locales +sudo -E locale-gen en_US.UTF-8 +sudo -E dpkg-reconfigure locales echo -e "\n--- Installing now… ---\n" echo -e "\n--- Updating packages list… ---\n" -apt-get update && apt-get upgrade +sudo apt-get update && sudo apt-get upgrade echo -e "\n--- Install base packages… ---\n" -apt-get -y install vim zip unzip git gettext curl gsfonts > /dev/null +sudo apt-get -y install vim zip unzip git gettext curl gsfonts > /dev/null echo -e "\n--- Install MariaDB specific packages and settings… ---\n" -apt-get -y install mariadb-server mariadb-client > /dev/null +sudo apt-get -y install mariadb-server mariadb-client > /dev/null # Secure the MariaDB installation (especially by setting a strong root password) -systemctl restart mariadb.service > /dev/null +sudo systemctl restart mariadb.service > /dev/null sleep 5 -apt-get -y install expect > /dev/null +sudo apt-get -y install expect > /dev/null ## do we need to spawn mysql_secure_install with sudo in future? expect -f - <<-EOF set timeout 10 - spawn mysql_secure_installation + spawn sudo mysql_secure_installation expect "Enter current password for root (enter for none):" send -- "\r" expect "Set root password?" @@ -74,36 +74,36 @@ EOF sudo apt-get purge -y expect php-xdebug > /dev/null 2>&1 echo -e "\n--- Configuring… ---\n" -sed -i "s/skip-external-locking/#skip-external-locking/g" $MARIA_DB_CFG -sed -i "s/.*bind-address.*/bind-address = 0.0.0.0/" $MARIA_DB_CFG +sudo sed -i "s/skip-external-locking/#skip-external-locking/g" $MARIA_DB_CFG +sudo sed -i "s/.*bind-address.*/bind-address = 0.0.0.0/" $MARIA_DB_CFG echo -e "\n--- Setting up our MariaDB user for MONARC… ---\n" -mysql -u root -p$DBPASSWORD_ADMIN -e "CREATE USER '$DBUSER_MONARC'@'%' IDENTIFIED BY '$DBPASSWORD_MONARC';" -mysql -u root -p$DBPASSWORD_ADMIN -e "GRANT ALL PRIVILEGES ON * . * TO '$DBUSER_MONARC'@'%';" -mysql -u root -p$DBPASSWORD_ADMIN -e "FLUSH PRIVILEGES;" -systemctl restart mariadb.service > /dev/null +sudo mysql -u root -p$DBPASSWORD_ADMIN -e "CREATE USER '$DBUSER_MONARC'@'%' IDENTIFIED BY '$DBPASSWORD_MONARC';" +sudo mysql -u root -p$DBPASSWORD_ADMIN -e "GRANT ALL PRIVILEGES ON * . * TO '$DBUSER_MONARC'@'%';" +sudo mysql -u root -p$DBPASSWORD_ADMIN -e "FLUSH PRIVILEGES;" +sudo systemctl restart mariadb.service > /dev/null echo -e "\n--- Installing PHP-specific packages… ---\n" -apt-get -y install php apache2 libapache2-mod-php php-curl php-gd php-mysql php-pear php-apcu php-xml php-mbstring php-intl php-imagick php-zip php-xdebug > /dev/null +sudo apt-get -y install php apache2 libapache2-mod-php php-curl php-gd php-mysql php-pear php-apcu php-xml php-mbstring php-intl php-imagick php-zip php-xdebug > /dev/null echo -e "\n--- Configuring PHP… ---\n" for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit do - sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI + sudo sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI done echo -e "\n--- Configuring Xdebug for development ---\n" -cat > $X_DEBUG_CFG < $XDEBUG_CFG zend_extension=xdebug.so xdebug.remote_enable=1 xdebug.remote_connect_back=1 xdebug.idekey=IDEKEY -EOF +EOF" echo -e "\n--- Enabling mod-rewrite and ssl… ---\n" -a2enmod rewrite > /dev/null 2>&1 -a2enmod ssl > /dev/null 2>&1 -a2enmod headers > /dev/null 2>&1 +sudo a2enmod rewrite > /dev/null 2>&1 +sudo a2enmod ssl > /dev/null 2>&1 +sudo a2enmod headers > /dev/null 2>&1 echo -e "\n--- Allowing Apache override to all ---\n" sudo sed -i "s/AllowOverride None/AllowOverride All/g" /etc/apache2/apache2.conf @@ -115,7 +115,7 @@ if [ $? -ne 0 ]; then echo "\nERROR: unable to install composer\n" exit 1; fi -composer self-update +# sudo composer self-update echo -e "\n--- Installing MONARC… ---\n" cd $PATH_TO_MONARC @@ -128,40 +128,35 @@ composer install -o # Make modules symlinks. mkdir -p module/Monarc cd module/Monarc -ln -s ./../../vendor/monarc/core Core -ln -s ./../../vendor/monarc/frontoffice FrontOffice +ln -sfn ./../../vendor/monarc/core Core +ln -sfn ./../../vendor/monarc/frontoffice FrontOffice cd $PATH_TO_MONARC -mkdir -p $PATH_TO_MONARC/data/cache -mkdir -p $PATH_TO_MONARC/data/LazyServices/Proxy -mkdir -p $PATH_TO_MONARC/data/DoctrineORMModule/Proxy -chown -R www-data data -chmod -R 777 data - # Front-end -mkdir node_modules +mkdir -p node_modules cd node_modules -git clone --config core.fileMode=false https://github.com/monarc-project/ng-client.git ng_client > /dev/null 2>&1 +if [ ! -d "ng_client" ]; then + git clone --config core.fileMode=false https://github.com/monarc-project/ng-client.git ng_client > /dev/null 2>&1 +fi if [ $? -ne 0 ]; then echo "\nERROR: unable to clone the ng-client repository\n" exit 1; fi -git clone --config core.fileMode=false https://github.com/monarc-project/ng-anr.git ng_anr > /dev/null 2>&1 +if [ ! -d "ng_anr" ]; then + git clone --config core.fileMode=false https://github.com/monarc-project/ng-anr.git ng_anr > /dev/null 2>&1 +fi if [ $? -ne 0 ]; then echo "\nERROR: unable to clone the ng-anr repository\n" exit 1; fi cd .. -chown -R www-data $PATH_TO_MONARC -chgrp -R www-data $PATH_TO_MONARC -chmod -R 700 $PATH_TO_MONARC echo -e "\n--- Add a VirtualHost for MONARC ---\n" -cat > /etc/apache2/sites-enabled/000-default.conf < /etc/apache2/sites-enabled/000-default.conf ServerName localhost DocumentRoot $PATH_TO_MONARC/public @@ -174,7 +169,7 @@ cat > /etc/apache2/sites-enabled/000-default.conf < Header always set X-Content-Type-Options nosniff - Header always set X-XSS-Protection "1; mode=block" + Header always set X-XSS-Protection '1; mode=block' Header always set X-Robots-Tag none Header always set X-Frame-Options SAMEORIGIN @@ -182,23 +177,16 @@ cat > /etc/apache2/sites-enabled/000-default.conf < -EOF +EOF" echo -e "\n--- Restarting Apache… ---\n" -systemctl restart apache2.service > /dev/null +sudo systemctl restart apache2.service > /dev/null echo -e "\n--- Configuration of MONARC database connection ---\n" -cat > config/autoload/local.php < config/autoload/local.php array( 'connection' => array( @@ -239,7 +227,7 @@ return array( */ 'activeLanguages' => array('fr','en','de','nl',), - 'appVersion' => \$package_json['version'], + 'appVersion' => '-master', 'checkVersion' => false, 'appCheckingURL' => 'https://version.monarc.lu/check/MONARC', @@ -256,7 +244,7 @@ return array( 'salt' => '', // private salt for password encryption ), ); -EOF +EOF" echo -e "\n--- Creation of the data bases… ---\n" @@ -276,9 +264,22 @@ sudo npm install -g grunt-cli +echo -e "\n--- Creating cache folders for backend… ---\n" +mkdir -p $PATH_TO_MONARC/data/cache +mkdir -p $PATH_TO_MONARC/data/LazyServices/Proxy +mkdir -p $PATH_TO_MONARC/data/DoctrineORMModule/Proxy + + + +echo -e "\n--- Adjusting user mod… ---\n" +sudo usermod -aG www-data vagrant +sudo usermod -aG vagrant www-data + + echo -e "\n--- Update the project… ---\n" -/bin/bash ./scripts/update-all.sh > /dev/null +sudo chown -R $USER:$(id -gn $USER) /home/vagrant/.config +./scripts/update-all.sh > /dev/null @@ -290,7 +291,7 @@ php ./bin/phinx seed:run -c ./module/Monarc/FrontOffice/migrations/phinx.php echo -e "\n--- Restarting Apache… ---\n" -systemctl restart apache2.service > /dev/null +sudo systemctl restart apache2.service > /dev/null