fix issue with migration that wouldn't run on MariaDB 10 by specifying a primary key

.editorconfig

@@ -34,6 +34,10 @@ trim_trailing_whitespace = false
 indent_style = space
 indent_size = 4
 
+[*.scss]
+indent_style = space
+indent_size = 2
+
 [*.sh]
 indent_style = tab
 indent_size = 4

.gitattributes

@@ -15,7 +15,6 @@
 /phpunit.xml.dist export-ignore
 /run_behat_tests.sh export-ignore
 /symfony.lock export-ignore
-/bin export-ignore
 /config export-ignore
 /docker export-ignore
 /public export-ignore

.github/ISSUE_TEMPLATE/2_Security_issue.md

@@ -6,9 +6,9 @@ about: Discovered a Security Issue in Bolt?
 ⚠️ PLEASE DON'T DISCLOSE SECURITY-RELATED ISSUES PUBLICLY, SEE BELOW.
 
 If you have found a security issue in Bolt, please send the details to
-security@bolt.cm and don't disclose it publicly until we can provide a fix for
-it. If you wish, we'll credit you for finding verified issues, when we release
-the patched version.
+security@boltcms.io and don't disclose it publicly until we can provide a fix 
+for it. If you wish, we'll credit you for finding verified issues, when we 
+release the patched version.
 
 A note on "Self XSS"
 --------------------

.github/workflows/a11y_tests.yaml

@@ -0,0 +1,58 @@
+name: Accessibility (a11y) Tests
+
+on:
+    pull_request:
+
+jobs:
+    a11y_tests:
+        strategy:
+            fail-fast: false
+            matrix:
+                php-version: ['7.2']
+                node-version: ['12.5']
+                actions:
+                    -
+                        name: Run pa11yci
+                        run: npm run a11y:ci
+
+        name: ${{ matrix.actions.name }}
+        runs-on: ubuntu-latest
+
+        steps:
+            -   uses: actions/checkout@v2
+
+            # see https://github.com/actions/starter-workflows/blob/main/ci/node.js.yml
+            -
+                name: Use Node.js 12.5
+                uses: actions/setup-node@v1
+                with:
+                    node-version: ${{ matrix.node-version }}
+                    coverage: none
+            -   uses: shivammathur/setup-php@v2
+                with:
+                    # test the lowest version, to make sure checks pass on it
+                    php-version: ${{ matrix.php-version }}
+                    extensions: json, mbstring, pdo, curl, pdo_sqlite
+                    coverage: none
+            -   name: Install dependencies
+                run: |
+                    sudo composer self-update -q
+                    sudo COMPOSER_MEMORY_LIMIT=-1 COMPOSER_PROCESS_TIMEOUT=60 composer update --prefer-dist --no-progress	
+                    ./bin/console bolt:info	--ansi
+                    npm set progress=false	
+                    npm ci	
+            -   name: Prepare environment
+                run: |
+                    # build assets	
+                    npm run build
+                    sudo chmod -R 777 config/ public/files/ public/theme/ public/thumbs/ var/	
+                    # prepare web server for e2e tests	
+                    ./bin/console doctrine:database:create	
+                    ./bin/console doctrine:schema:create	
+                    ./bin/console doctrine:fixtures:load --group=without-images -n	
+                    ./bin/console server:start 127.0.0.1:8088	
+                    # test if web server works	
+                    sleep 3	
+                    wget "http://127.0.0.1:8088/bolt/login"
+
+            -   run: ${{ matrix.actions.run }}

.github/workflows/behavioural_tests.yaml

@@ -0,0 +1,110 @@
+name: API & Behavioural Tests (Behat)
+
+on:
+    pull_request:
+
+jobs:
+    api:
+        name: API Tests
+        runs-on: ubuntu-latest
+        strategy:
+            fail-fast: false
+            matrix:
+                node-version: ['12.5']
+                php-version: ['7.2']
+        steps:
+            -   uses: actions/checkout@v2
+            -   uses: shivammathur/setup-php@v2
+                with:
+                    # test the lowest version, to make sure checks pass on it
+                    php-version: ${{ matrix.php-version }}
+                    extensions: json, mbstring, pdo, curl, pdo_sqlite
+                    coverage: none
+            # See https://github.community/t/sudo-apt-install-fails-with-failed-to-fetch-http-security-ubuntu-com-404-not-found-ip/17075
+            - run: sudo apt update
+            -   name: Install dependencies
+                run: |
+                    sudo composer self-update -q
+                    sudo COMPOSER_MEMORY_LIMIT=-1 COMPOSER_PROCESS_TIMEOUT=60 composer update --prefer-dist --no-progress	
+                    ./bin/console bolt:info	--ansi
+                    npm set progress=false	
+                    npm ci	
+                    mkdir -p ./var/log/e2e-reports/report/features/	
+                    touch ./var/log/e2e-reports/report/features/.gitkeep	
+                    # Install latest stable Chrome for e2e tests	
+                    sudo apt-get install libxss1 libappindicator1 libindicator7	
+                    wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb	
+                    sudo apt install ./google-chrome*.deb
+            -   name: Prepare environment
+                run: |
+                    # build assets	
+                    npm run build
+                    sudo chmod -R 777 config/ public/files/ public/theme/ public/thumbs/ var/	
+                    # prepare web server for e2e tests	
+                    ./bin/console doctrine:database:create	
+                    ./bin/console doctrine:schema:create	
+                    ./bin/console doctrine:fixtures:load --group=without-images -n	
+                    ./bin/console server:start 127.0.0.1:8088	
+                    # test if web server works	
+                    sleep 3	
+                    wget "http://127.0.0.1:8088/bolt/login"
+
+            - name: run API tests
+              run: make behat-api-quiet 
+    e2e:
+        name: E2E Tests
+        runs-on: ubuntu-latest
+        strategy:
+            fail-fast: false
+            matrix:
+                node-version: ['12.5']
+                php-version: ['7.2']
+        steps:
+            -   uses: actions/checkout@v2
+            -   uses: shivammathur/setup-php@v2
+                with:
+                    # test the lowest version, to make sure checks pass on it
+                    php-version: ${{ matrix.php-version }}
+                    extensions: json, mbstring, pdo, curl, pdo_sqlite
+                    coverage: none
+            -   uses: nanasess/setup-chromedriver@master
+            -   uses: actions/setup-node@v1
+                with:
+                    node-version: ${{ matrix.node-version }}
+            # See https://github.community/t/sudo-apt-install-fails-with-failed-to-fetch-http-security-ubuntu-com-404-not-found-ip/17075
+            -   run: sudo apt update
+            -   name: Install dependencies
+                run: |
+                    sudo composer self-update -q
+                    sudo COMPOSER_MEMORY_LIMIT=-1 COMPOSER_PROCESS_TIMEOUT=60 composer update --prefer-dist --no-progress	
+                    ./bin/console bolt:info	--ansi
+                    npm set progress=false	
+                    npm ci	
+                    mkdir -p ./var/log/e2e-reports/report/features/	
+                    touch ./var/log/e2e-reports/report/features/.gitkeep	
+                    # Install latest stable Chrome for e2e tests	
+                    sudo apt-get install libxss1 libappindicator1 libindicator7	
+                    wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb	
+                    sudo apt install ./google-chrome*.deb
+            -   name: Prepare environment
+                run: |
+                    # build assets	
+                    npm run build
+                    sudo chmod -R 777 config/ public/files/ public/theme/ public/thumbs/ var/	
+                    # prepare web server for e2e tests	
+                    ./bin/console doctrine:database:create	
+                    ./bin/console doctrine:schema:create	
+                    ./bin/console doctrine:fixtures:load --group=without-images -n	
+                    ./bin/console server:start 127.0.0.1:8088	
+                    # test if web server works	
+                    sleep 3	
+                    wget "http://127.0.0.1:8088/bolt/login"
+            -   name: Install latest Google Chrome (for e2e tests)
+                run: wget -q https://script.install.devinsideyou.com/google-chrome && chmod +x google-chrome
+
+            -   name: run e2e tests
+                run: ./run_behat_tests.sh && make behat-js-quiet
+
+            -   name: Upload Behat logs
+                run: ./bin/upload-textfiles "var/log/behat-reports/*.log"
+                if: always()

.github/workflows/code_analysis.yaml

@@ -11,6 +11,7 @@ jobs:
         strategy:
             fail-fast: false
             matrix:
+                php-version: ['7.2', '8.0']
                 actions:
                     -
                         name: Coding Standard
@@ -37,10 +38,6 @@ jobs:
                         name: Check XLIFF translation files
                         run: bin/console lint:xliff translations --ansi
 
-                    -
-                        name: Check dependencies for security vulnerabilities
-                        run: bin/console security:check --ansi
-
                     -
                         name: Check Doctrine Mapping
                         run: bin/console doctrine:schema:validate --skip-sync -vvv --no-interaction --ansi
@@ -51,10 +48,11 @@ jobs:
         steps:
             -   uses: actions/checkout@v2
             # see https://github.com/shivammathur/setup-php
-            -   uses: shivammathur/setup-php@v1
+            -   uses: shivammathur/setup-php@v2
                 with:
                     # test the lowest version, to make sure checks pass on it
-                    php-version: 7.2
+                    php-version: ${{ matrix.php-version }}
+                    extensions: json, mbstring, pdo, curl, pdo_sqlite
                     coverage: none
 
             -   run: composer install --no-progress --ansi

.github/workflows/unit_tests.yaml

@@ -0,0 +1,28 @@
+name: Unit Tests Checks
+
+on:
+    pull_request:
+
+jobs:
+    unittests:
+        strategy:
+            matrix:
+                php-version: [ '7.2', '8.0' ]
+        name: PHPUnit 
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v2
+            - uses: shivammathur/setup-php@v2
+              with:
+                # test the lowest version, to make sure checks pass on it
+                php-version: ${{ matrix.php-version }}
+                extensions: json, mbstring, pdo, curl, pdo_sqlite
+                coverage: none
+            - name: Initialise
+              run: |
+                  sudo composer self-update -q	
+            - name: Install dependencies
+              run: |
+                  sudo COMPOSER_MEMORY_LIMIT=-1 COMPOSER_PROCESS_TIMEOUT=60 composer update --prefer-dist --no-progress	
+            - name: run PHP Unit
+              run: ./vendor/bin/phpunit