Skip to content

Commit 5f96c16

Browse files
committed
Merge branch '4.x' into 4.next
2 parents d90098e + df823af commit 5f96c16

File tree

10 files changed

+63
-36
lines changed

10 files changed

+63
-36
lines changed

.github/dependabot.yml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
version: 2
2+
updates:
3+
- package-ecosystem: composer
4+
directory: "/"
5+
schedule:
6+
interval: weekly
7+
open-pull-requests-limit: 10
8+
- package-ecosystem: github-actions
9+
directory: "/"
10+
schedule:
11+
interval: weekly
12+
open-pull-requests-limit: 10

.github/workflows/ci.yml

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,9 @@ on:
1010
branches:
1111
- '*'
1212

13+
permissions:
14+
contents: read
15+
1316
jobs:
1417
testsuite:
1518
runs-on: ubuntu-18.04
@@ -20,7 +23,7 @@ jobs:
2023
name: PHP ${{ matrix.php-version }}
2124

2225
steps:
23-
- uses: actions/checkout@v2
26+
- uses: actions/checkout@v3
2427

2528
- name: Setup PHP
2629
uses: shivammathur/setup-php@v2
@@ -50,7 +53,7 @@ jobs:
5053
runs-on: ubuntu-18.04
5154

5255
steps:
53-
- uses: actions/checkout@v2
56+
- uses: actions/checkout@v3
5457

5558
- name: Setup PHP
5659
uses: shivammathur/setup-php@v2
@@ -70,7 +73,7 @@ jobs:
7073
runs-on: ubuntu-18.04
7174

7275
steps:
73-
- uses: actions/checkout@v2
76+
- uses: actions/checkout@v3
7477

7578
- name: Setup PHP
7679
uses: shivammathur/setup-php@v2

.github/workflows/stale.yml

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,13 +4,19 @@ on:
44
schedule:
55
- cron: "0 0 * * *"
66

7+
permissions:
8+
contents: read
9+
710
jobs:
811
stale:
912

13+
permissions:
14+
issues: write # for actions/stale to close stale issues
15+
pull-requests: write # for actions/stale to close stale PRs
1016
runs-on: ubuntu-latest
1117

1218
steps:
13-
- uses: actions/stale@v1
19+
- uses: actions/stale@v5
1420
with:
1521
repo-token: ${{ secrets.GITHUB_TOKEN }}
1622
stale-issue-message: 'This issue is stale because it has been open for 120 days with no activity. Remove the `stale` label or comment or this will be closed in 15 days'
@@ -19,5 +25,5 @@ jobs:
1925
stale-pr-label: 'stale'
2026
days-before-stale: 120
2127
days-before-close: 15
22-
exempt-issue-label: 'pinned'
23-
exempt-pr-label: 'pinned'
28+
exempt-issue-labels: 'pinned'
29+
exempt-pr-labels: 'pinned'

config/bootstrap.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,8 +34,8 @@
3434
use Cake\Cache\Cache;
3535
use Cake\Core\Configure;
3636
use Cake\Core\Configure\Engine\PhpConfig;
37-
use Cake\Database\TypeFactory;
3837
use Cake\Database\Type\StringType;
38+
use Cake\Database\TypeFactory;
3939
use Cake\Datasource\ConnectionManager;
4040
use Cake\Error\ErrorTrap;
4141
use Cake\Error\ExceptionTrap;

config/requirements.php

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,10 @@
3535
* You can remove this if you are confident you have proper version of intl.
3636
*/
3737
if (version_compare(INTL_ICU_VERSION, '50.1', '<')) {
38-
trigger_error('ICU >= 50.1 is needed to use CakePHP. Please update the `libicu` package of your system.' . PHP_EOL, E_USER_ERROR);
38+
trigger_error(
39+
'ICU >= 50.1 is needed to use CakePHP. Please update the `libicu` package of your system.' . PHP_EOL,
40+
E_USER_ERROR
41+
);
3942
}
4043

4144
/*

src/Application.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -98,7 +98,7 @@ public function middleware(MiddlewareQueue $middlewareQueue): MiddlewareQueue
9898
->add(new BodyParserMiddleware())
9999

100100
// Cross Site Request Forgery (CSRF) Protection Middleware
101-
// https://book.cakephp.org/4/en/controllers/middleware.html#cross-site-request-forgery-csrf-middleware
101+
// https://book.cakephp.org/4/en/security/csrf.html#cross-site-request-forgery-csrf-middleware
102102
->add(new CsrfProtectionMiddleware([
103103
'httponly' => true,
104104
]));

templates/Pages/home.php

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -47,15 +47,14 @@
4747
);
4848
endif;
4949

50-
$cakeDescription = 'CakePHP: the rapid development PHP framework';
5150
?>
5251
<!DOCTYPE html>
5352
<html>
5453
<head>
5554
<?= $this->Html->charset() ?>
5655
<meta name="viewport" content="width=device-width, initial-scale=1">
5756
<title>
58-
<?= $cakeDescription ?>:
57+
CakePHP: the rapid development PHP framework:
5958
<?= $this->fetch('title') ?>
6059
</title>
6160
<?= $this->Html->meta('icon') ?>
@@ -75,7 +74,7 @@
7574
<img alt="CakePHP" src="https://cakephp.org/v2/img/logos/CakePHP_Logo.svg" width="350" />
7675
</a>
7776
<h1>
78-
Welcome to CakePHP <?= Configure::version() ?> Strawberry (🍓)
77+
Welcome to CakePHP <?= h(Configure::version()) ?> Strawberry (🍓)
7978
</h1>
8079
</div>
8180
</header>
@@ -147,7 +146,7 @@
147146

148147
<?php $settings = Cache::getConfig('_cake_core_'); ?>
149148
<?php if (!empty($settings)) : ?>
150-
<li class="bullet success">The <em><?= $settings['className'] ?>Engine</em> is being used for core caching. To change the config edit config/app.php</li>
149+
<li class="bullet success">The <em><?= h($settings['className']) ?></em> is being used for core caching. To change the config edit config/app.php</li>
151150
<?php else : ?>
152151
<li class="bullet problem">Your cache is NOT working. Please check the settings in config/app.php</li>
153152
<?php endif; ?>
@@ -165,7 +164,7 @@
165164
<?php if ($result['connected']) : ?>
166165
<li class="bullet success">CakePHP is able to connect to the database.</li>
167166
<?php else : ?>
168-
<li class="bullet problem">CakePHP is NOT able to connect to the database.<br /><?= $result['error'] ?></li>
167+
<li class="bullet problem">CakePHP is NOT able to connect to the database.<br /><?= h($result['error']) ?></li>
169168
<?php endif; ?>
170169
</ul>
171170
</div>

tests/TestCase/ApplicationTest.php

Lines changed: 21 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717
namespace App\Test\TestCase;
1818

1919
use App\Application;
20+
use Cake\Core\Configure;
2021
use Cake\Error\Middleware\ErrorHandlerMiddleware;
2122
use Cake\Http\MiddlewareQueue;
2223
use Cake\Routing\Middleware\AssetMiddleware;
@@ -33,19 +34,35 @@ class ApplicationTest extends TestCase
3334
use IntegrationTestTrait;
3435

3536
/**
36-
* testBootstrap
37+
* Test bootstrap in production.
3738
*
3839
* @return void
3940
*/
4041
public function testBootstrap()
4142
{
43+
Configure::write('debug', false);
4244
$app = new Application(dirname(dirname(__DIR__)) . '/config');
4345
$app->bootstrap();
4446
$plugins = $app->getPlugins();
4547

46-
$this->assertTrue($plugins->has('Bake'), 'plugins has Bake');
47-
$this->assertTrue($plugins->has('DebugKit'), 'plugins has DebugKit');
48-
$this->assertTrue($plugins->has('Migrations'), 'plugins has Migrations');
48+
$this->assertTrue($plugins->has('Bake'), 'plugins has Bake?');
49+
$this->assertFalse($plugins->has('DebugKit'), 'plugins has DebugKit?');
50+
$this->assertTrue($plugins->has('Migrations'), 'plugins has Migrations?');
51+
}
52+
53+
/**
54+
* Test bootstrap add DebugKit plugin in debug mode.
55+
*
56+
* @return void
57+
*/
58+
public function testBootstrapInDebug()
59+
{
60+
Configure::write('debug', true);
61+
$app = new Application(dirname(dirname(__DIR__)) . '/config');
62+
$app->bootstrap();
63+
$plugins = $app->getPlugins();
64+
65+
$this->assertTrue($plugins->has('DebugKit'), 'plugins has DebugKit?');
4966
}
5067

5168
/**

tests/TestCase/Controller/PagesControllerTest.php

Lines changed: 4 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717
namespace App\Test\TestCase\Controller;
1818

1919
use Cake\Core\Configure;
20+
use Cake\TestSuite\Constraint\Response\StatusCode;
2021
use Cake\TestSuite\IntegrationTestTrait;
2122
use Cake\TestSuite\TestCase;
2223

@@ -29,26 +30,14 @@ class PagesControllerTest extends TestCase
2930
{
3031
use IntegrationTestTrait;
3132

32-
/**
33-
* testMultipleGet method
34-
*
35-
* @return void
36-
*/
37-
public function testMultipleGet()
38-
{
39-
$this->get('/');
40-
$this->assertResponseOk();
41-
$this->get('/');
42-
$this->assertResponseOk();
43-
}
44-
4533
/**
4634
* testDisplay method
4735
*
4836
* @return void
4937
*/
5038
public function testDisplay()
5139
{
40+
Configure::write('debug', true);
5241
$this->get('/pages/home');
5342
$this->assertResponseOk();
5443
$this->assertResponseContains('CakePHP');
@@ -120,7 +109,7 @@ public function testCsrfAppliedOk()
120109
$this->enableCsrfToken();
121110
$this->post('/pages/home', ['hello' => 'world']);
122111

123-
$this->assertResponseCode(200);
124-
$this->assertResponseContains('CakePHP');
112+
$this->assertThat(403, $this->logicalNot(new StatusCode($this->_response)));
113+
$this->assertResponseNotContains('CSRF');
125114
}
126115
}

tests/bootstrap.php

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -29,9 +29,7 @@
2929

3030
require dirname(__DIR__) . '/config/bootstrap.php';
3131

32-
$_SERVER['PHP_SELF'] = '/';
33-
34-
if (empty($_SERVER['HTTP_HOST'])) {
32+
if (empty($_SERVER['HTTP_HOST']) && !Configure::read('App.fullBaseUrl')) {
3533
Configure::write('App.fullBaseUrl', 'http://localhost');
3634
}
3735

0 commit comments

Comments
 (0)