Merge pull request #184 from UN-OCHA/release-versions/v3.4.11

release versions/v3.4.11
UN-OCHA · Feb 22, 2024 · 85f32a0 · 85f32a0
2 parents b302a89 + 845ff23
commit 85f32a0
Show file tree

Hide file tree

Showing 9 changed files with 198 additions and 603 deletions.
diff --git a/composer.json b/composer.json
@@ -88,7 +88,6 @@
         "drupal/replicate_ui": "^1.0",
         "drupal/social_auth_hid": "^3.1",
         "drupal/stage_file_proxy": "^2",
-        "drupal/upgrade_status": "^4.0",
         "drupal/user_expire": "^1.0",
         "drupal/username_enumeration_prevention": "^1.3",
         "drush/drush": "^12.0",

diff --git a/composer.lock b/composer.lock
diff --git a/composer.patches.json b/composer.patches.json
@@ -1,7 +1,7 @@
 {
     "patches": {
         "drupal/core": {
-            "https://www.drupal.org/project/drupal/issues/2544110": "./patches/2544110.patch",
+            "https://www.drupal.org/project/drupal/issues/2544110": "./patches/2544110-2024-02-15.patch",
             "Issue #3392572: strnatcasecmp(): Passing null to parameter #2 in LayoutPluginManager": "https://www.drupal.org/files/issues/2023-10-25/drupal-strnatcasecmp_string_only-3392572-10.patch",
             "Issue #3413079: Cannot read properties of null (reading 'nodeType') on node.page.body": "https://www.drupal.org/files/issues/2024-01-08/3413079-9.patch",
             "Issue #3413508: Admin page access denied even when access is given to child items": "./patches/3413508.patch"

diff --git a/config/admin_dialogs.settings.yml b/config/admin_dialogs.settings.yml
@@ -1,5 +1,5 @@
 _core:
   default_config_hash: srQdbmKHrvRxR6vFtEFbCHIT_Ae5obHqc-Hkh7b3_sw
-delete_ops: 1
-delete_buttons: 1
-other_buttons: 1
+delete_ops: true
+delete_buttons: true
+other_buttons: true
diff --git a/config/core.entity_view_display.paragraph.document_chapter.default.yml b/config/core.entity_view_display.paragraph.document_chapter.default.yml
@@ -24,16 +24,6 @@ content:
     third_party_settings: {  }
     weight: 2
     region: content
-  field_hide_from_navigation:
-    type: boolean
-    label: above
-    settings:
-      format: default
-      format_custom_false: ''
-      format_custom_true: ''
-    third_party_settings: {  }
-    weight: 3
-    region: content
   field_summary:
     type: basic_string
     label: hidden
@@ -50,5 +40,6 @@ content:
     weight: 0
     region: content
 hidden:
+  field_hide_from_navigation: true
   field_short_title: true
   field_tags: true
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -9,10 +9,9 @@ WORKDIR /srv/www
 
 # Clean up previous composer installation and run new one.
 RUN rm -rf ./vendor && \
-    # Update composer to avoid issues with missing drupal files.
-    # @see https://github.com/drupal-composer/drupal-project/issues/282
-    composer self-update && \
-    COMPOSER_MEMORY_LIMIT=-1 composer install --no-dev --no-interaction --prefer-dist
+    COMPOSER_ALLOW_SUPERUSER=1 \
+    COMPOSER_MEMORY_LIMIT=-1 \
+    composer install --no-dev --no-interaction --prefer-dist
 
 # Copy settings to default site location.
 RUN mkdir -m 0775 -p html/sites/default && \

diff --git a/patches/2544110.patch → patches/2544110-2024-02-15.patch b/patches/2544110.patch → patches/2544110-2024-02-15.patch
@@ -1,5 +1,15 @@
+From 3cf003dbb423405425d79c5dccde327669b801bc Mon Sep 17 00:00:00 2001
+From: Lucas D Hedding <[email protected]>
+Date: Tue, 26 Dec 2023 12:37:36 -0600
+Subject: [PATCH] rebase
+
+---
+ core/lib/Drupal/Component/Utility/Xss.php     | 107 +++++++++++++++---
+ .../Tests/Component/Utility/XssTest.php       |  97 +++++++++++++++-
+ 2 files changed, 190 insertions(+), 14 deletions(-)
+
 diff --git a/core/lib/Drupal/Component/Utility/Xss.php b/core/lib/Drupal/Component/Utility/Xss.php
-index 7480c3793eeba30cf8926df645d1d0f37bb9aa4b..e16f021b4d05b4e7b2ff3ffe9409227e5eb48d80 100644
+index 2c143cddf84b..b0e77605194f 100644
 --- a/core/lib/Drupal/Component/Utility/Xss.php
 +++ b/core/lib/Drupal/Component/Utility/Xss.php
 @@ -2,7 +2,7 @@
@@ -66,33 +76,33 @@ index 7480c3793eeba30cf8926df645d1d0f37bb9aa4b..e16f021b4d05b4e7b2ff3ffe9409227e
 
      while (strlen($attributes) != 0) {
        // Was the last operation successful?
-@@ -229,17 +270,16 @@ protected static function attributes($attributes) {
+@@ -229,18 +270,16 @@ protected static function attributes($attributes) {
              // starting with "javascript:"). However, for some non-URI
              // attributes performing this filtering causes valid and safe data
              // to be mangled. We prevent this by skipping protocol filtering on
 -            // such attributes.
 +            // such attributes. Adding check to skip angular attributes (ng).
              // @see \Drupal\Component\Utility\UrlHelper::filterBadProtocol()
              // @see http://www.w3.org/TR/html4/index/attributes.html
--            $skip_protocol_filtering = substr($attribute_name, 0, 5) === 'data-' || in_array($attribute_name, [
+-            $skip_protocol_filtering = str_starts_with($attribute_name, 'data-') || in_array($attribute_name, [
 -              'title',
 -              'alt',
 -              'rel',
 -              'property',
 -              'class',
 -              'datetime',
 -            ]);
-+            $skip_protocol_filtering = substr($attribute_name, 0, 5) === 'data-' ||
-+              substr($attribute_name, 0, 3) === 'ng-' ||
++            $skip_protocol_filtering = str_starts_with($attribute_name, 'data-') ||
++              str_starts_with($attribute_name, 'ng-') ||
 +              in_array($attribute_name, static::$safeAttributes);
-+
+ 
 +            // There are also certain attributes that we want to make sure we
 +            // filter no matter what.
 +            $enforce_protocol_filtering = in_array($attribute_name, static::$unSafeAttributes);
-
              $working = $mode = 1;
              $attributes = preg_replace('/^[-a-zA-Z][-a-zA-Z0-9]*/', '', $attributes);
-@@ -272,7 +312,12 @@ protected static function attributes($attributes) {
+           }
+@@ -272,7 +311,12 @@ protected static function attributes($attributes) {
            $working = 1;
            // Attribute value, a URL after href= for instance.
            if (preg_match('/^"([^"]*)"(\s+|$)/', $attributes, $match)) {
@@ -106,7 +116,7 @@ index 7480c3793eeba30cf8926df645d1d0f37bb9aa4b..e16f021b4d05b4e7b2ff3ffe9409227e
 
              if (!$skip) {
                $attributes_array[] = "$attribute_name=\"$value\"";
-@@ -282,7 +327,12 @@ protected static function attributes($attributes) {
+@@ -282,7 +326,12 @@ protected static function attributes($attributes) {
            }
 
            if (preg_match("/^'([^']*)'(\s+|$)/", $attributes, $match)) {
@@ -120,7 +130,7 @@ index 7480c3793eeba30cf8926df645d1d0f37bb9aa4b..e16f021b4d05b4e7b2ff3ffe9409227e
 
              if (!$skip) {
                $attributes_array[] = "$attribute_name='$value'";
-@@ -292,7 +342,12 @@ protected static function attributes($attributes) {
+@@ -292,7 +341,12 @@ protected static function attributes($attributes) {
            }
 
            if (preg_match("%^([^\s\"']+)(\s+|$)%", $attributes, $match)) {
@@ -134,7 +144,7 @@ index 7480c3793eeba30cf8926df645d1d0f37bb9aa4b..e16f021b4d05b4e7b2ff3ffe9409227e
 
              if (!$skip) {
                $attributes_array[] = "$attribute_name=\"$value\"";
-@@ -341,6 +396,33 @@ protected static function needsRemoval(array $html_tags, $elem) {
+@@ -341,6 +395,33 @@ protected static function needsRemoval(array $html_tags, $elem) {
      return !isset($html_tags[strtolower($elem)]);
    }
 
@@ -169,7 +179,7 @@ index 7480c3793eeba30cf8926df645d1d0f37bb9aa4b..e16f021b4d05b4e7b2ff3ffe9409227e
     * Gets the list of HTML tags allowed by Xss::filterAdmin().
     *
 diff --git a/core/tests/Drupal/Tests/Component/Utility/XssTest.php b/core/tests/Drupal/Tests/Component/Utility/XssTest.php
-index 2cf89d233e6aa1656a09ae1b1386dd5a414f2c4b..63a5a0bef36f837ebeaddad0cf3f1e48fd6667e7 100644
+index 0f242959ebee..6c024b0ac818 100644
 --- a/core/tests/Drupal/Tests/Component/Utility/XssTest.php
 +++ b/core/tests/Drupal/Tests/Component/Utility/XssTest.php
 @@ -8,10 +8,11 @@
@@ -300,3 +310,6 @@ index 2cf89d233e6aa1656a09ae1b1386dd5a414f2c4b..63a5a0bef36f837ebeaddad0cf3f1e48
      ];
    }
 
+-- 
+GitLab
+
diff --git a/scripts/composer/ScriptHandler.php b/scripts/composer/ScriptHandler.php
@@ -10,6 +10,7 @@
 use Composer\Script\Event;
 use Composer\Semver\Comparator;
 use Drupal\Core\Site\Settings;
+use Drupal\Core\Site\SettingsEditor;
 use DrupalFinder\DrupalFinder;
 use Symfony\Component\Filesystem\Filesystem;
 use Symfony\Component\Filesystem\Exception\IOException;
@@ -49,7 +50,10 @@ public static function createRequiredFiles(Event $event) {
           'required' => TRUE,
         ],
       ];
-      drupal_rewrite_settings($settings, $drupalRoot . '/sites/default/settings.php');
+      SettingsEditor::rewrite(
+        $drupalRoot . '/sites/default/settings.php',
+        $settings
+      );
       $fs->chmod($drupalRoot . '/sites/default/settings.php', 0666);
       $event->getIO()->write("Create a sites/default/settings.php file with chmod 0666");
 

diff --git a/symfony.lock b/symfony.lock
@@ -35,9 +35,6 @@
     "composer/xdebug-handler": {
         "version": "1.4.5"
     },
-    "container-interop/container-interop": {
-        "version": "1.2.0"
-    },
     "cweagans/composer-patches": {
         "version": "1.7.1"
     },