From fa107116cc36dab8940f475b2181fab45220af9a Mon Sep 17 00:00:00 2001 From: Jeremy Benoist Date: Mon, 2 Oct 2023 14:08:42 +0200 Subject: [PATCH] Prepare 2.6.7 release --- CHANGELOG.md | 11 ++ app/config/wallabag.yml | 2 +- composer.lock | 12 +- phpstan-baseline.neon | 2 +- .../Controller/ConfigController.php | 2 +- .../Form/Type/UserInformationType.php | 1 - .../Resources/views/Config/index.html.twig | 114 +++++++++--------- .../Controller/ConfigControllerTest.php | 6 +- 8 files changed, 80 insertions(+), 70 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index baa9ef0af2..4442dba806 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,16 @@ # Changelog +## [2.6.7](https://github.com/wallabag/wallabag/tree/2.6.7) +[Full Changelog](https://github.com/wallabag/wallabag/compare/2.6.6...2.6.7) + +### Security fix +* A user can disable her 2FA unintentionally by @kdecherf in https://github.com/wallabag/wallabag/commit/0cfdddc2eb0aee5ffb69bf499d377d75655ba157 + +### Fixes +* Fix deprecated null tag parameter by @Simounet in https://github.com/wallabag/wallabag/pull/6985 +* Full clickable card on mass action by @Simounet in https://github.com/wallabag/wallabag/pull/6991 +* Add tag form submit button always displayed by @Simounet in https://github.com/wallabag/wallabag/pull/6986 + ## [2.6.6](https://github.com/wallabag/wallabag/tree/2.6.6) [Full Changelog](https://github.com/wallabag/wallabag/compare/2.6.5...2.6.6) diff --git a/app/config/wallabag.yml b/app/config/wallabag.yml index 2bb3268b33..eddd566547 100644 --- a/app/config/wallabag.yml +++ b/app/config/wallabag.yml @@ -1,5 +1,5 @@ wallabag_core: - version: 2.6.6 + version: 2.6.7 paypal_url: "https://liberapay.com/wallabag/donate" languages: en: 'English' diff --git a/composer.lock b/composer.lock index 32a092b015..9706307e74 100644 --- a/composer.lock +++ b/composer.lock @@ -4604,16 +4604,16 @@ }, { "name": "j0k3r/graby-site-config", - "version": "1.0.176", + "version": "1.0.177", "source": { "type": "git", "url": "https://github.com/j0k3r/graby-site-config.git", - "reference": "77359be61295e15f08ad503c2ac37af6c9ff464c" + "reference": "cce11a0d0ec6fc06cebda65c340fcfb7c63ce78a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/j0k3r/graby-site-config/zipball/77359be61295e15f08ad503c2ac37af6c9ff464c", - "reference": "77359be61295e15f08ad503c2ac37af6c9ff464c", + "url": "https://api.github.com/repos/j0k3r/graby-site-config/zipball/cce11a0d0ec6fc06cebda65c340fcfb7c63ce78a", + "reference": "cce11a0d0ec6fc06cebda65c340fcfb7c63ce78a", "shasum": "" }, "require": { @@ -4642,9 +4642,9 @@ "description": "Graby site config files", "support": { "issues": "https://github.com/j0k3r/graby-site-config/issues", - "source": "https://github.com/j0k3r/graby-site-config/tree/1.0.176" + "source": "https://github.com/j0k3r/graby-site-config/tree/1.0.177" }, - "time": "2023-09-07T07:14:18+00:00" + "time": "2023-10-01T02:12:17+00:00" }, { "name": "j0k3r/httplug-ssrf-plugin", diff --git a/phpstan-baseline.neon b/phpstan-baseline.neon index a654630516..f41a7cbc3c 100644 --- a/phpstan-baseline.neon +++ b/phpstan-baseline.neon @@ -62,5 +62,5 @@ parameters: - message: "#^Method FOS\\\\UserBundle\\\\Model\\\\UserManagerInterface\\:\\:updateUser()#" - count: 7 + count: 6 path: src/Wallabag/CoreBundle/Controller/ConfigController.php diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index cfe992f594..1965542315 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -373,7 +373,7 @@ function ($backupCode) { * Cancelling 2FA using OTP app. * * @Route("/config/otp/app/cancel", name="config_otp_app_cancel") - * + * * XXX: commented until we rewrite 2fa with a real two-steps activation */ /*public function otpAppCancelAction() diff --git a/src/Wallabag/CoreBundle/Form/Type/UserInformationType.php b/src/Wallabag/CoreBundle/Form/Type/UserInformationType.php index cd5148db60..eaddb01ffb 100644 --- a/src/Wallabag/CoreBundle/Form/Type/UserInformationType.php +++ b/src/Wallabag/CoreBundle/Form/Type/UserInformationType.php @@ -4,7 +4,6 @@ use FOS\UserBundle\Form\Type\RegistrationFormType; use Symfony\Component\Form\AbstractType; -use Symfony\Component\Form\Extension\Core\Type\CheckboxType; use Symfony\Component\Form\Extension\Core\Type\EmailType; use Symfony\Component\Form\Extension\Core\Type\SubmitType; use Symfony\Component\Form\Extension\Core\Type\TextType; diff --git a/src/Wallabag/CoreBundle/Resources/views/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/Config/index.html.twig index 4d65e82ed4..d52aa4c511 100644 --- a/src/Wallabag/CoreBundle/Resources/views/Config/index.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/Config/index.html.twig @@ -210,65 +210,65 @@ {{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }} {{ form_widget(form.user._token) }} - - {{ form_end(form.user) }} - -
-
-
-
{{ 'config.otp.page_title'|trans }}
-

{{ 'config.form_user.two_factor_description'|trans }}

- - - - - - - - - + {{ form_end(form.user) }} - - - - - - - - - - - - -
{{ 'config.form_user.two_factor.table_method'|trans }}{{ 'config.form_user.two_factor.table_state'|trans }}{{ 'config.form_user.two_factor.table_action'|trans }}
{{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }}{% if app.user.isEmailTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %} -
- - - -
- {% if app.user.isEmailTwoFactor %} -
- - - -
- {% endif %} -
{{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }}{% if app.user.isGoogleTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %} -
- - - -
- {% if app.user.isGoogleTwoFactor %} -
- - - -
- {% endif %} -
-
+
+
+
+
{{ 'config.otp.page_title'|trans }}
+ +

{{ 'config.form_user.two_factor_description'|trans }}

+ + + + + + + + + + + + + + + + + + + + + + +
{{ 'config.form_user.two_factor.table_method'|trans }}{{ 'config.form_user.two_factor.table_state'|trans }}{{ 'config.form_user.two_factor.table_action'|trans }}
{{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }}{% if app.user.isEmailTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %} +
+ + + +
+ {% if app.user.isEmailTwoFactor %} +
+ + + +
+ {% endif %} +
{{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }}{% if app.user.isGoogleTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %} +
+ + + +
+ {% if app.user.isGoogleTwoFactor %} +
+ + + +
+ {% endif %} +
+
diff --git a/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php b/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php index c0d138dfaa..6c049e1dc6 100644 --- a/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php +++ b/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php @@ -1215,7 +1215,7 @@ public function testUserDisable2faEmail() $client->submit($form); $this->assertSame(302, $client->getResponse()->getStatusCode()); - + $this->assertStringContainsString('flashes.config.notice.otp_disabled', $client->getContainer()->get(SessionInterface::class)->getFlashBag()->get('notice')[0]); // restore user @@ -1264,7 +1264,7 @@ public function testUserDisable2faGoogle() ->getRepository(User::class) ->findOneByUsername('admin'); - $user->setGoogleAuthenticatorSecret("Google2FA"); + $user->setGoogleAuthenticatorSecret('Google2FA'); $em->persist($user); $em->flush(); @@ -1274,7 +1274,7 @@ public function testUserDisable2faGoogle() $client->submit($form); $this->assertSame(302, $client->getResponse()->getStatusCode()); - + $this->assertStringContainsString('flashes.config.notice.otp_disabled', $client->getContainer()->get(SessionInterface::class)->getFlashBag()->get('notice')[0]); // restore user