Merge branch 'bugfix'

redaxo · May 17, 2023 · 25b6602 · 25b6602
2 parents 788a01b + f8ef62b
commit 25b6602
Show file tree

Hide file tree

Showing 21 changed files with 985 additions and 1,189 deletions.
diff --git a/.tools/psalm/baseline-taint.xml b/.tools/psalm/baseline-taint.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<files psalm-version="5.9.0@8b9ad1eb9e8b7d3101f949291da2b9f7767cd163">
+<files psalm-version="5.11.0@c9b192ab8400fdaf04b2b13d110575adc879aa90">
   <file src="redaxo/src/addons/backup/lib/backup.php">
     <TaintedFile>
       <code>$filename</code>

diff --git a/.tools/psalm/baseline.xml b/.tools/psalm/baseline.xml
@@ -1,9 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<files psalm-version="5.9.0@8b9ad1eb9e8b7d3101f949291da2b9f7767cd163">
+<files psalm-version="5.11.0@c9b192ab8400fdaf04b2b13d110575adc879aa90">
   <file src="redaxo/src/addons/backup/lib/backup.php">
-    <LessSpecificReturnStatement>
-      <code>$tables</code>
-    </LessSpecificReturnStatement>
     <MixedArgument>
       <code>$column</code>
       <code>$column</code>
@@ -26,9 +23,10 @@
       <code>$column</code>
       <code>$column</code>
     </MixedOperand>
-    <MoreSpecificReturnType>
+    <MixedReturnTypeCoercion>
+      <code>$tables</code>
       <code><![CDATA[list<string>]]></code>
-    </MoreSpecificReturnType>
+    </MixedReturnTypeCoercion>
   </file>
   <file src="redaxo/src/addons/backup/lib/cronjob.php">
     <MixedArgument>
@@ -72,6 +70,10 @@
       <code><![CDATA[$_FILES['FORM']['tmp_name']['importfile']]]></code>
       <code><![CDATA[$_FILES['FORM']['tmp_name']['importfile']]]></code>
     </MixedArgument>
+    <PossiblyFalseOperand>
+      <code>$filec</code>
+      <code>$filec</code>
+    </PossiblyFalseOperand>
   </file>
   <file src="redaxo/src/addons/backup/pages/import.upload.php">
     <InvalidArrayAccess>
@@ -105,6 +107,10 @@
       <code><![CDATA[$_SESSION['codemirror_reload']]]></code>
       <code><![CDATA[$_SESSION['codemirror_reload']]]></code>
     </MixedOperand>
+    <PossiblyFalseOperand>
+      <code><![CDATA[date('D, j M Y', strtotime('+1 week'))]]></code>
+      <code><![CDATA[date('D, j M Y', strtotime('+1 week'))]]></code>
+    </PossiblyFalseOperand>
     <PossiblyNullOperand>
       <code>rex_file::get($filename)</code>
       <code>rex_file::get($filename)</code>
@@ -909,9 +915,6 @@
     </PossiblyNullArgument>
   </file>
   <file src="redaxo/src/addons/mediapool/functions/function_rex_mediapool.php">
-    <ArgumentTypeCoercion>
-      <code>$data</code>
-    </ArgumentTypeCoercion>
     <InvalidArgument>
       <code>$data</code>
     </InvalidArgument>
@@ -923,6 +926,7 @@
       <code>$warning</code>
     </MixedArgument>
     <MixedArgumentTypeCoercion>
+      <code>$data</code>
       <code>$info</code>
       <code>$warning</code>
     </MixedArgumentTypeCoercion>
@@ -4113,19 +4117,19 @@
     <ArgumentTypeCoercion>
       <code>$password</code>
     </ArgumentTypeCoercion>
-    <InvalidArgument>
-      <code><![CDATA[[
-            'expires' => strtotime(rex_user_session::STAY_LOGGED_IN_DURATION.' months'),
-            'secure' => $sessionConfig['secure'] ?? false,
-            'samesite' => $sessionConfig['samesite'] ?? 'lax',
-        ]]]></code>
-    </InvalidArgument>
     <InvalidAttribute>
       <code>SensitiveParameter</code>
     </InvalidAttribute>
     <MixedArgument>
       <code><![CDATA[rex::getProperty('session_duration')]]></code>
     </MixedArgument>
+    <MixedArgumentTypeCoercion>
+      <code><![CDATA[[
+            'expires' => strtotime(rex_user_session::STAY_LOGGED_IN_DURATION.' months'),
+            'secure' => $sessionConfig['secure'] ?? false,
+            'samesite' => $sessionConfig['samesite'] ?? 'lax',
+        ]]]></code>
+    </MixedArgumentTypeCoercion>
     <MixedArrayAccess>
       <code>$_SESSION[static::getSessionNamespace()][self::SYSTEM_ID]</code>
       <code>$_SESSION[static::getSessionNamespace()][self::SYSTEM_ID]</code>
@@ -4898,8 +4902,6 @@
     <ArgumentTypeCoercion>
       <code>$args</code>
       <code>$args</code>
-      <code>func_get_args()</code>
-      <code>func_get_args()</code>
     </ArgumentTypeCoercion>
     <LessSpecificReturnStatement>
       <code>$lang</code>
@@ -4912,6 +4914,8 @@
     <MixedArgumentTypeCoercion>
       <code>$i18nFunction</code>
       <code>$i18nFunction</code>
+      <code>func_get_args()</code>
+      <code>func_get_args()</code>
     </MixedArgumentTypeCoercion>
     <MixedAssignment>
       <code>$array[$key]</code>
@@ -4937,13 +4941,13 @@
     </MethodSignatureMustProvideReturnType>
   </file>
   <file src="redaxo/src/core/lib/util/logger.php">
-    <InvalidArgument>
-      <code>$logData</code>
-    </InvalidArgument>
     <MixedArgument>
       <code>$level</code>
       <code>$level</code>
     </MixedArgument>
+    <MixedArgumentTypeCoercion>
+      <code>$logData</code>
+    </MixedArgumentTypeCoercion>
     <MixedAssignment>
       <code><![CDATA[$replace['{' . $key . '}']]]></code>
       <code>$val</code>

diff --git a/composer.json b/composer.json
@@ -13,20 +13,19 @@
     "require-dev": {
         "friendsofphp/php-cs-fixer": "v3.16.0",
         "friendsofredaxo/linter": "1.4.0",
-        "j13k/yaml-lint": "@dev",
         "jetbrains/phpstorm-attributes": "^1.0",
-        "phpstan/extension-installer": "1.2.0",
-        "phpstan/phpstan": "1.10.12",
+        "phpstan/extension-installer": "1.3.0",
+        "phpstan/phpstan": "1.10.15",
         "phpstan/phpstan-deprecation-rules": "1.1.3",
         "phpstan/phpstan-phpunit": "1.3.11",
-        "phpstan/phpstan-symfony": "1.2.25",
+        "phpstan/phpstan-symfony": "1.3.2",
         "phpunit/phpunit": "^10.0.7",
         "psalm/plugin-phpunit": "0.18.4",
-        "psalm/plugin-symfony": "v5.0.2",
-        "rector/rector": "0.15.24",
+        "psalm/plugin-symfony": "v5.0.3",
+        "rector/rector": "0.16.0",
         "redaxo/php-cs-fixer-config": "2.1.2",
         "redaxo/psalm-plugin": "2.0.0",
-        "vimeo/psalm": "5.9.0"
+        "vimeo/psalm": "5.11.0"
     },
     "replace": {
         "erusev/parsedown": "1.7.4",
@@ -42,16 +41,16 @@
         "ramsey/http-range": "1.1.0",
         "scssphp/scssphp": "v1.11.0",
         "splitbrain/php-archive": "1.3.1",
-        "symfony/console": "v6.2.8",
+        "symfony/console": "v6.2.10",
         "symfony/deprecation-contracts": "v3.2.1",
-        "symfony/http-foundation": "v6.2.8",
+        "symfony/http-foundation": "v6.2.10",
         "symfony/polyfill-ctype": "*",
         "symfony/polyfill-php80": "*",
         "symfony/polyfill-php81": "*",
         "symfony/service-contracts": "v3.2.1",
         "symfony/string": "v6.2.8",
-        "symfony/var-dumper": "v6.2.8",
-        "symfony/yaml": "v6.2.7",
+        "symfony/var-dumper": "v6.2.10",
+        "symfony/yaml": "v6.2.10",
         "voku/anti-xss": "4.1.41",
         "voku/portable-ascii": "2.0.1",
         "voku/portable-utf8": "6.0.13"

diff --git a/redaxo/src/addons/structure/lib/service_category.php b/redaxo/src/addons/structure/lib/service_category.php
@@ -340,7 +340,7 @@ public static function categoryStatus($categoryId, $clang, $status = null)
             $EKAT->setTable(rex::getTablePrefix() . 'article');
             $EKAT->setWhere(['id' => $categoryId,  'clang_id' => $clang, 'startarticle' => 1]);
             $EKAT->setValue('status', $newstatus);
-            $EKAT->addGlobalCreateFields(self::getUser());
+            $EKAT->addGlobalUpdateFields(self::getUser());
 
             try {
                 $EKAT->update();