Merge branch 'staging' into fix-parent-recursive-access-rule

.appveyor.yml

@@ -2,17 +2,37 @@ build: false
 platform:
   - x64
 clone_folder: C:\projects\joomla-cms
+
+branches:
+  except:
+    - /l10n_*/
+
 ## Build matrix for lowest and highest possible targets
 environment:
+  DLLVersion: "5.6.1"
+  PHPBuild: "x64"
+  VC: "vc15"
   matrix:
   - php_ver_target: 5.6
+    PHPBuild: "x86"
+    VC: "vc11"
+    WINCACHE: "1.3.7.12"
   - php_ver_target: 7.0
+    DLLVersion: "5.3.0"
+    VC: "vc14"
+    WINCACHE: "2.0.0.8"
   - php_ver_target: 7.1
+    DLLVersion: "5.3.0"
+    VC: "vc14"
+    WINCACHE: "2.0.0.8"
+  - php_ver_target: 7.2
+    DLLVersion: "5.3.0"
+  - php_ver_target: 7.3
 
 init:
   - SET PATH=C:\Program Files\OpenSSL;C:\tools\php;%PATH%
   - SET COMPOSER_NO_INTERACTION=1
-  - SET PHP=1 # This var relates to caching the php  install
+  - SET PHP=1 # This var relates to caching the php install
   - SET ANSICON=121x90 (121x90)
 services:
   - mssql2014
@@ -23,15 +43,14 @@ services:
 ## Install PHP and composer, and run the appropriate composer command
 install:
     - IF EXIST C:\tools\php (SET PHP=0)
+    # TODO: This is a workaround for https://github.com/chocolatey/choco/issues/1843. Once this is fixed we
+    #       should go back to latest version in appveyor saving ourselves test time
+    - ps: choco upgrade chocolatey -y --version 0.10.13 --allow-downgrade
     - ps: >-
         If ($env:php_ver_target -eq "5.6") {
           appveyor-retry cinst --params '""/InstallDir:C:\tools\php""' --ignore-checksums -y --forcex86 php --version ((choco search php --exact --all-versions -r | select-string -pattern $env:php_ver_target | sort { [version]($_ -split '\|' | select -last 1) } -Descending | Select-Object -first 1) -replace '[php|]','')
-          $VC = "vc11"
-          $PHPBuild = "x86"
         } Else {
           appveyor-retry cinst --params '""/InstallDir:C:\tools\php""' --ignore-checksums -y php --version ((choco search php --exact --all-versions -r | select-string -pattern $env:php_ver_target | sort { [version]($_ -split '\|' | select -last 1) } -Descending | Select-Object -first 1) -replace '[php|]','')
-          $VC = "vc14"
-          $PHPBuild = "x64"
         }
     - appveyor-retry cinst -y sqlite
     - cd C:\tools\php
@@ -48,20 +67,21 @@ install:
             copy SQLSRV\php_pdo_sqlsrv_56_nts.dll ext\php_pdo_sqlsrv_nts.dll
             Remove-Item C:\tools\php\* -include .zip
           } Else {
-            $DLLVersion = "4.3.0"
             cd c:\tools\php\ext
-            $source = "http://windows.php.net/downloads/pecl/releases/sqlsrv/$($DLLVersion)/php_sqlsrv-$($DLLVersion)-$($env:php_ver_target)-nts-vc14-x64.zip"
-            $destination = "c:\tools\php\ext\php_sqlsrv-$($DLLVersion)-$($env:php_ver_target)-nts-vc14-x64.zip"
+            $source = "https://windows.php.net/downloads/pecl/releases/sqlsrv/$($env:DLLVersion)/php_sqlsrv-$($env:DLLVersion)-$($env:php_ver_target)-nts-$($env:VC)-$($env:PHPBuild).zip"
+            $destination = "c:\tools\php\ext\php_sqlsrv-$($env:DLLVersion)-$($env:php_ver_target)-nts-$($env:VC)-$($env:PHPBuild).zip"
             Invoke-WebRequest $source -OutFile $destination
-            #appveyor-retry appveyor DownloadFile http://windows.php.net/downloads/pecl/releases/sqlsrv/$($DLLVersion)/php_sqlsrv-$($DLLVersion)-$($env:php_ver_target)-nts-vc14-x64.zip
-            7z x -y php_sqlsrv-$($DLLVersion)-$($env:php_ver_target)-nts-vc14-x64.zip > $null
-            $source = "http://windows.php.net/downloads/pecl/releases/pdo_sqlsrv/$($DLLVersion)/php_pdo_sqlsrv-$($DLLVersion)-$($env:php_ver_target)-nts-vc14-x64.zip"
-            $destination = "c:\tools\php\ext\php_pdo_sqlsrv-$($DLLVersion)-$($env:php_ver_target)-nts-vc14-x64.zip"
+            #appveyor-retry appveyor DownloadFile https://windows.php.net/downloads/pecl/releases/sqlsrv/$($env:DLLVersion)/php_sqlsrv-$($env:DLLVersion)-$($env:php_ver_target)-nts-$($env:VC)-$($env:PHPBuild).zip
+            7z x -y php_sqlsrv-$($env:DLLVersion)-$($env:php_ver_target)-nts-$($env:VC)-$($env:PHPBuild).zip > $null
+            $source = "https://windows.php.net/downloads/pecl/releases/pdo_sqlsrv/$($env:DLLVersion)/php_pdo_sqlsrv-$($env:DLLVersion)-$($env:php_ver_target)-nts-$($env:VC)-$($env:PHPBuild).zip"
+            $destination = "c:\tools\php\ext\php_pdo_sqlsrv-$($env:DLLVersion)-$($env:php_ver_target)-nts-$($env:VC)-$($env:PHPBuild).zip"
             Invoke-WebRequest $source -OutFile $destination
-            #appveyor-retry appveyor DownloadFile http://windows.php.net/downloads/pecl/releases/pdo_sqlsrv/$($DLLVersion)/php_pdo_sqlsrv-$($DLLVersion)-$($env:php_ver_target)-nts-vc14-x64.zip
-            7z x -y php_pdo_sqlsrv-$($DLLVersion)-$($env:php_ver_target)-nts-vc14-x64.zip > $null
+            #appveyor-retry appveyor DownloadFile https://windows.php.net/downloads/pecl/releases/pdo_sqlsrv/$($env:DLLVersion)/php_pdo_sqlsrv-$($env:DLLVersion)-$($env:php_ver_target)-nts-$($env:VC)-$($env:PHPBuild).zip
+            7z x -y php_pdo_sqlsrv-$($env:DLLVersion)-$($env:php_ver_target)-nts-$($env:VC)-$($env:PHPBuild).zip > $null
             Remove-Item c:\tools\php\ext* -include .zip
-            cd c:\tools\php}}
+            cd c:\tools\php
+          }
+        }
     - IF %PHP%==1 copy php.ini-production php.ini /Y
     - IF %PHP%==1 echo date.timezone="UTC" >> php.ini
     - IF %PHP%==1 echo extension_dir=ext >> php.ini
@@ -89,18 +109,19 @@ install:
     - IF %PHP%==1 echo extension=php_curl.dll >> php.ini
     # Get the Wincache DLLs
     - ps: >-
-        If ($env:PHP -eq "1") {
-          If ($env:php_ver_target -eq "5.6") {$wincache = "1.3.7.12"} Else {$wincache = "2.0.0.8"}
+        If ($env:PHP -eq "1" -and $env:WINCACHE) {
           cd c:\tools\php\ext
-          $source = "http://windows.php.net/downloads/pecl/releases/wincache/$($wincache)/php_wincache-$($wincache)-$($env:php_ver_target)-nts-$($VC)-$($PHPBuild).zip"
-          $destination = "c:\tools\php\ext\php_wincache-$($wincache)-$($env:php_ver_target)-nts-$($VC)-$($PHPBuild).zip"
+          $source = "https://windows.php.net/downloads/pecl/releases/wincache/$($env:WINCACHE)/php_wincache-$($env:WINCACHE)-$($env:php_ver_target)-nts-$($env:VC)-$($env:PHPBuild).zip"
+          $destination = "c:\tools\php\ext\php_wincache-$($env:WINCACHE)-$($env:php_ver_target)-nts-$($env:VC)-$($env:PHPBuild).zip"
           Invoke-WebRequest $source -OutFile $destination
-          #appveyor-retry appveyor DownloadFile http://windows.php.net/downloads/pecl/releases/wincache/$($wincache)/php_wincache-$($wincache)-$($env:php_ver_target)-nts-$($VC)-$($PHPBuild).zip
-          7z x -y php_wincache-$($wincache)-$($env:php_ver_target)-nts-$($VC)-$($PHPBuild).zip > $null
+          #appveyor-retry appveyor DownloadFile https://windows.php.net/downloads/pecl/releases/wincache/$($env:WINCACHE)/php_wincache-$($env:WINCACHE)-$($env:php_ver_target)-nts-$($env:VC)-$($env:PHPBuild).zip
+          7z x -y php_wincache-$($env:WINCACHE)-$($env:php_ver_target)-nts-$($env:VC)-$($env:PHPBuild).zip > $null
           Remove-Item C:\tools\php\ext* -include .zip
-          cd c:\tools\php}
-    - IF %PHP%==1 echo extension=php_wincache.dll >> php.ini
-    - IF %PHP%==1 echo wincache.enablecli = 1 >> php.ini
+          cd c:\tools\php
+          Add-Content php.ini "`nextension=php_wincache.dll"
+          Add-Content php.ini "`wincache.enablecli = 1"
+          Add-Content php.ini "`n"
+        }
     - IF %PHP%==1 echo zend_extension=php_opcache.dll >> php.ini
     - IF %PHP%==1 echo opcache.enable_cli=1 >> php.ini
     - IF %PHP%==1 echo extension=php_ldap.dll >> php.ini
@@ -130,4 +151,4 @@ before_test:
 
 test_script:
   - cd C:\projects\joomla-cms
-  - libraries/vendor/bin/phpunit -c appveyor-phpunit.xml
+  - ps: If ($env:php_ver_target -eq "5.6") {libraries/vendor/bin/phpunit -c appveyor-phpunit.xml --exclude-group not-on-windows } Else {libraries/vendor/bin/phpunit -c appveyor-phpunit.xml}

.drone.yml

@@ -1,21 +1,33 @@
-pipeline:
-  clone:
-    image: plugins/git
-    depth: 1
+---
+kind: pipeline
+name: default
 
-  phpcs:
-    image: joomlaprojects/docker-phpcs
+clone:
+  depth: 42
+
+steps:
+  - name: phpcs
+    image: joomlaprojects/docker-images:phpcs1.5
     commands:
       - echo $(date)
-      - /root/.composer/vendor/bin/phpcs --report=full --encoding=utf-8 --extensions=php -p --standard=build/phpcs/Joomla .
+      - /usr/local/vendor/bin/phpcs --report=full --encoding=utf-8 --extensions=php -p --standard=build/phpcs/Joomla .
       - echo $(date)
 
-  javascript:
-    image: joomlaprojects/docker-systemtests:latest
+  - name: restore-cache
+    image: drillster/drone-volume-cache
+    settings:
+      restore: true
+      mount:
+        - ./tests/javascript/node_modules
+      cache_key: [ DRONE_REPO_NAMESPACE, DRONE_REPO_NAME, DRONE_BRANCH, DRONE_STAGE_NUMBER ]
+    volumes:
+      - name: cache
+        path: /cache
+
+  - name: javascript
+    image: joomlaprojects/docker-images:systemtests
     commands:
       - echo $(date)
-      - apt-get install nodejs npm
-      - ln -s /usr/bin/nodejs /usr/bin/node
       - export DISPLAY=:0
       - Xvfb -screen 0 1024x768x24 -ac +extension GLX +render -noreset > /dev/null 2>&1 &
       - sleep 3
@@ -26,3 +38,41 @@ pipeline:
       - tests/javascript/node_modules/karma/bin/karma start karma.conf.js --single-run
       - echo $(date)
 
+  - name: rebuild-cache
+    image: drillster/drone-volume-cache
+    settings:
+       rebuild: true
+       mount:
+        - ./tests/javascript/node_modules
+       cache_key: [ DRONE_REPO_NAMESPACE, DRONE_REPO_NAME, DRONE_BRANCH, DRONE_STAGE_NUMBER ]
+    volumes:
+      - name: cache
+        path: /cache
+
+  - name: analysis3x
+    image: rips/rips-cli:3.2.2
+    when:
+      branch: staging
+    commands:
+      - export RIPS_BASE_URI='https://api.rips.joomla.org'
+      - if [ $DRONE_REPO_NAMESPACE != 'joomla' ]; then echo "The analysis check only run on the main repos"; exit 0; fi
+      - rips-cli rips:list --table=scans -n -p filter='{"__and":[{"__lessThan":{"percent":100}}]}'
+      - rips-cli rips:scan:start -G -a 1 -t 1 -p $(pwd) -t 1 -R -k -T $DRONE_REPO_NAMESPACE-$DRONE_BRANCH ||  { echo "Please contact the security team at security@joomla.org"; exit 1; }
+    environment:
+      RIPS_EMAIL:
+        from_secret: RIPS_EMAIL
+      RIPS_PASSWORD:
+        from_secret: RIPS_PASSWORD
+
+volumes:
+- name: cache
+  host:
+    path: /tmp/cache
+
+branches:
+  exclude: [ l10n_* ]
+---
+kind: signature
+hmac: 7d1fbc23a21067e251bb5d22a875c5db23c88520d0384f1913a73aa0c992d017
+
+...

.editorconfig

@@ -0,0 +1,12 @@
+# EditorConfig is awesome: http://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+indent_style = tab
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true

.github/CODEOWNERS

@@ -7,18 +7,11 @@ plugins/fields/*  @laoneo
 plugins/systems/fields/*  @laoneo
 
 # Smart Search
-administrator/components/com_finder/*  @mbabker
-components/com_finder/*  @mbabker
-modules/mod_finder/*  @mbabker
-plugins/content/finder/*  @mbabker
-plugins/finder/*  @mbabker
-
-# Language strings
-administrator/language/en-GB/*  @brianteeman
-installation/language/en-GB/*  @brianteeman
-language/en-GB/*  @brianteeman
-README.md  @brianteeman
-README.txt  @brianteeman
+#administrator/components/com_finder/*
+#components/com_finder/*
+#modules/mod_finder/*
+#plugins/content/finder/*
+#plugins/finder/*
 
 # CodeMirror
 media/editors/codemirror/*  @okonomiyaki3000
@@ -28,33 +21,33 @@ plugins/editors/codemirror/*  @okonomiyaki3000
 plugins/system/stats/*  @mbabker @wilsonge
 
 # Release Tools
-build.xml  @mbabker
-build/build.php  @mbabker @rdeutz @wilsonge
-build/bump.php  @mbabker @rdeutz @wilsonge
-build/deleted_file_check.php  @mbabker @rdeutz @wilsonge
+build.xml  @wilsonge
+build/build.php  @rdeutz @wilsonge
+build/bump.php  @rdeutz @wilsonge
+build/deleted_file_check.php  @rdeutz @wilsonge
 
 # Core/Extension Install/Update Tools
-administrator/components/com_joomlaupdate/*  @mbabker @rdeutz @wilsonge @zero-24
-libraries/src/Installer/*  @mbabker @rdeutz @wilsonge @zero-24
-libraries/src/Updater/*  @mbabker @rdeutz @wilsonge @zero-24
+administrator/components/com_joomlaupdate/*  @rdeutz @wilsonge @zero-24
+libraries/src/Installer/*  @rdeutz @wilsonge @zero-24
+libraries/src/Updater/*  @rdeutz @wilsonge @zero-24
 
 # Automated Testing
-build/jenkins/*  @mbabker @rdeutz
-build/travis/*  @mbabker @rdeutz
+build/jenkins/*  @rdeutz
+build/travis/*  @rdeutz
 tests/codeception/*  @rdeutz
-tests/javascript/*  @dgt41 @rdeutz
-tests/unit/*  @mbabker @rdeutz
-.appveyor.yml  @mbabker @rdeutz
+tests/javascript/*  @wilsonge @rdeutz
+tests/unit/*  @rdeutz
+.appveyor.yml  @rdeutz
 .drone.yml  @rdeutz
-.hound.yml  @mbabker
-.travis.yml  @mbabker @rdeutz
-appveyor-phpunit.xml  @mbabker @rdeutz
+.hound.yml  @wilsonge
+.travis.yml  @rdeutz
+appveyor-phpunit.xml  @rdeutz
 codeception.yml  @rdeutz
-karma.conf.js  @dgt41 @rdeutz
-phpunit.xml.dist  @mbabker @rdeutz
+karma.conf.js  @wilsonge @rdeutz
+phpunit.xml.dist  @rdeutz
 RoboFile.dist.ini  @rdeutz
 RoboFile.php  @rdeutz
-travis-phpunit.xml  @mbabker @rdeutz
+travis-phpunit.xml  @rdeutz
 
 # Core JS
-media/*/js/*  @dgt41
+media/*/js/*  @wilsonge

.github/CONTRIBUTING.md

@@ -19,7 +19,6 @@ There are other branches available which serve specific purposes.
 
 | Branch | Purpose |
 | ------ | ------- |
-| staging | Current codebase. Branch for the next minor Joomla version. New backward compatible features go into this branch. |
-| 3.9-dev | Branch for the next minor Joomla version. The 3.9.0 release will include the Privacy Tools Suite features. Commits to staging will be applied to this branch as well. |
+| staging | Current codebase. Branch for the next minor Joomla version. New backward compatible features go into this branch. The 3.9.0 release will include the Privacy Tools Suite features. |
 | 3.10-dev | Branch for the next minor Joomla version. The 3.10.0 release will only include compatibility features for 4.0. Commits to staging will be applied to this branch as well. |
 | 4.0-dev | Branch for the next major Joomla version. New features go into this branch. Commits to staging will be applied to this branch as well. |

.github/FUNDING.yml

@@ -0,0 +1 @@
+custom: https://community.joomla.org/sponsorship-campaigns.html

SECURITY.md → .github/SECURITY.md

@@ -9,9 +9,7 @@ This document outlines security procedures and policies for the `Joomla! Project
 
 ## Reporting a Bug
 
-The `Joomla` team and community take all security bugs in `Joomla` seriously.
-
-The Joomla! Project takes security vulnerabilities very seriously. As such, the Joomla! Security Strike Team (JSST) oversees the project's security issues and follows some specific procedures when dealing with these issues.
+The `Joomla` team and community take all security bugs in `Joomla` seriously. The Joomla! Security Strike Team (JSST) oversees the project's security issues and follows some specific procedures when dealing with these issues.
 
 If you find a possible vulnerability, please report it to the JSST using the [online form](https://developer.joomla.org/security/contact-the-team.html) or via email at security@joomla.org 
 
@@ -25,7 +23,7 @@ Thank you for improving the security of `Joomla`.
 
 ## Response Handling
 
-The JSST aims to ensure all issues are handled in a timely manner and for clear communication between the team and issue reporters. As such, we have established the following guidelines for responding to issue reports:
+The JSST aims to ensure all issues are handled in a timely manner and for clear communication between the team and issue reporters. We have established the following guidelines for responding to issue reports:
 
 * Within 24 hours every report gets acknowledged
 * Within 7 days every report gets a further response stating either

.github/SUPPORT.md

@@ -1,8 +1,8 @@
 Where can you get support and help?
 ====================
-* [The Joomla! Documentation](https://docs.joomla.org/Special:MyLanguage/Main_Page);
-* [Frequently Asked Questions](https://docs.joomla.org/Special:MyLanguage/Category:FAQ) (FAQ);
-* Find the [information you need](https://docs.joomla.org/Special:MyLanguage/Start_here);
-* Find [help and other users](https://www.joomla.org/about-joomla/create-and-share.html);
-* Post questions at [our forums](https://forum.joomla.org);
+* [The Joomla! Documentation](https://docs.joomla.org/Special:MyLanguage/Main_Page).
+* [Frequently Asked Questions](https://docs.joomla.org/Special:MyLanguage/Category:FAQ) (FAQ).
+* Find the [information you need](https://docs.joomla.org/Special:MyLanguage/Start_here).
+* Find [help and other users](https://www.joomla.org/about-joomla/create-and-share.html).
+* Post questions at [our forums](https://forum.joomla.org).
 * [Joomla Resources Directory](https://resources.joomla.org) (JRD).