]> git.p6c8.net - jirafeau/jirafeau.git/commitdiff
Merge branch 'md5_to_sha256' into 'next-release'
authorPatrick Canterino <patrick@patrick-canterino.de>
Fri, 5 Jun 2026 14:01:33 +0000 (16:01 +0200)
committerPatrick Canterino <patrick@patrick-canterino.de>
Fri, 5 Jun 2026 14:01:33 +0000 (16:01 +0200)
Md5 to sha256

See merge request jirafeau/Jirafeau!33

.gitlab-ci.yml
CHANGELOG.md

index 627ed17edeafe41783446928a7827acd4a27ba9b..613ab9b6e3d819a399ed152c4000ba77d8bc8c47 100644 (file)
@@ -3,10 +3,12 @@ cache:
   paths:
     - vendor/
 
-# Run tests for php:8.2
-job_lint_app_82:
-  image: php:8.2
-  before_script: &before_linter_script
+# Aliases and Anchors for reuse
+
+.linter_script: &linter_script
+    - ./vendor/bin/parallel-lint --gitlab --exclude vendor .
+    - ./vendor/bin/php-cs-fixer -vvv check . --using-cache=no --rules=@PSR12,-single_space_around_construct
+.before_script: &before_linter_script
     # Install git, the docker php image doesn't have it installed by default
     - apt-get update -yqq
     - apt-get install git -yqq
@@ -17,24 +19,63 @@ job_lint_app_82:
     - curl -sS https://getcomposer.org/installer | php
     # Create composer.json file manually, since this is a project without any non-dev dependencies yet
     - php composer.phar require --dev php-parallel-lint/php-parallel-lint
-    - php composer.phar require --dev friendsofphp/php-cs-fixer:3.64.0
+    - php composer.phar require --dev friendsofphp/php-cs-fixer:3.93.1
     # Install all project dependencies
     - php composer.phar install
-  script: &linter_script
-    - ./vendor/bin/parallel-lint --exclude vendor .
-    - ./vendor/bin/php-cs-fixer -vvv check . --using-cache=no --rules=@PSR12,-single_space_around_construct
+
+.enableWarningOnFailure: &linter_warning
+  allow_failure:
+      exit_codes:
+        - 1
+
+
+# Run tests for php:8.5
+job_lint_app_85:
+  image: php:8.5
+  before_script: *before_linter_script
+  script: *linter_script
+
+# Run tests for php:8.4
+job_lint_app_84:
+  image: php:8.4
+  before_script: *before_linter_script
+  script: *linter_script
+
+job_lint_app_83:
+  image: php:8.3
+  before_script: *before_linter_script
+  script: *linter_script
+
+# Run tests for php:8.2
+job_lint_app_82:
+  image: php:8.2
+  before_script: *before_linter_script
+  script: *linter_script
+
+
+# =================
+# Deprecated ones START
+# =================
 
 # Run tests for php:8.1
 job_lint_app_81:
   image: php:8.1
   before_script: *before_linter_script
   script: *linter_script
+  <<: *linter_warning
+  
+
 
 # Run tests for php:7.4
 job_lint_app_74:
   image: php:7.4
   before_script: *before_linter_script
   script: *linter_script
+  <<: *linter_warning
+
+# =================
+# Deprecated ones END
+# =================
 
 publish:
   image: docker:latest
index ed7b7417ab3ff6afc1689e9da3b9f9aaef6c30a2..5e614eca4483fc51d6424ecfbda137f00409cc5d 100644 (file)
@@ -19,7 +19,7 @@
 
 ## Version 4.7.1
 
-- Fixed another possibility to bypass the checks for [CVE-2022-30110](https://www.cve.org/CVERecord?id=CVE-2022-30110), [CVE-2024-12326](https://www.cve.org/CVERecord?id=CVE-2024-12326) and [CVE-2025-7066](https://www.cve.org/CVERecord?id=CVE-2025-7066) (prevent preview of SVG images and other critical files) by sending a manipulated HTTP request with a MIME type like "image". When doing the preview, the browser tries to automatically detect the MIME type resulting in detecting SVG and possibly executing JavaScript code. To prevent this, MIME sniffing is disabled.
+- Fixed another possibility to bypass the checks for [CVE-2022-30110](https://www.cve.org/CVERecord?id=CVE-2022-30110), [CVE-2024-12326](https://www.cve.org/CVERecord?id=CVE-2024-12326) and [CVE-2025-7066](https://www.cve.org/CVERecord?id=CVE-2025-7066) (prevent preview of SVG images and other critical files) by sending a manipulated HTTP request with a MIME type like "image". When doing the preview, the browser tries to automatically detect the MIME type resulting in detecting SVG and possibly executing JavaScript code. To prevent this, MIME sniffing is disabled. This issue has subsequently been reported as [CVE-2026-1466](https://www.cve.org/CVERecord?id=CVE-2026-1466).
 - The default value of `max_upload_chunk_size_bytes` was set to `5000000`. Higher values could trigger a bug Chromium-based browsers on servers with HTTP/3 enabled, causing asynchronous uploads to fail.
 - Docker image: Updated PHP to 8.3 and removed `mime-types.conf` from `lighttpd.conf`
 - Upgrade from 4.7.0: in-place upgrade, you also should set `max_upload_chunk_size_bytes` to `5000000` in your `config.local.php`!

patrick-canterino.de