mirror of
https://github.com/Combodo/iTop.git
synced 2026-04-24 11:08:45 +02:00
N°8017 - Security - dependabot - Symfony's VarDumper vulnerable to un… (#731)
Upgrade all Symfony components to last security fix (~6.4.0)
This commit is contained in:
Benjamin Dalsass
@@ -40,7 +40,7 @@ class CacheClearCommand extends Command
|
||||
private CacheClearerInterface $cacheClearer;
|
||||
private Filesystem $filesystem;
|
||||
|
||||
public function __construct(CacheClearerInterface $cacheClearer, Filesystem $filesystem = null)
|
||||
public function __construct(CacheClearerInterface $cacheClearer, ?Filesystem $filesystem = null)
|
||||
{
|
||||
parent::__construct();
|
||||
|
||||
@@ -146,6 +146,16 @@ EOF
|
||||
}
|
||||
$this->warmupOptionals($useBuildDir ? $realCacheDir : $warmupDir, $warmupDir, $io);
|
||||
}
|
||||
|
||||
// fix references to cached files with the real cache directory name
|
||||
$search = [$warmupDir, str_replace('/', '\\/', $warmupDir), str_replace('\\', '\\\\', $warmupDir)];
|
||||
$replace = str_replace('\\', '/', $realBuildDir);
|
||||
foreach (Finder::create()->files()->in($warmupDir) as $file) {
|
||||
$content = str_replace($search, $replace, file_get_contents($file), $count);
|
||||
if ($count) {
|
||||
file_put_contents($file, $content);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!$fs->exists($warmupDir.'/'.$containerDir)) {
|
||||
@@ -154,7 +164,7 @@ EOF
|
||||
}
|
||||
|
||||
if ($this->isNfs($realBuildDir)) {
|
||||
$io->note('For better performances, you should move the cache and log directories to a non-shared folder of the VM.');
|
||||
$io->note('For better performance, you should move the cache and log directories to a non-shared folder of the VM.');
|
||||
$fs->remove($realBuildDir);
|
||||
} else {
|
||||
$fs->rename($realBuildDir, $oldBuildDir);
|
||||
@@ -200,7 +210,7 @@ EOF
|
||||
|
||||
if (null === $mounts) {
|
||||
$mounts = [];
|
||||
if ('/' === \DIRECTORY_SEPARATOR && $files = @file('/proc/mounts')) {
|
||||
if ('/' === \DIRECTORY_SEPARATOR && @is_readable('/proc/mounts') && $files = @file('/proc/mounts')) {
|
||||
foreach ($files as $mount) {
|
||||
$mount = \array_slice(explode(' ', $mount), 1, -3);
|
||||
if (!\in_array(array_pop($mount), ['vboxsf', 'nfs'])) {
|
||||
@@ -227,16 +237,6 @@ EOF
|
||||
throw new \LogicException('Calling "cache:clear" with a kernel that does not implement "Symfony\Component\HttpKernel\RebootableInterface" is not supported.');
|
||||
}
|
||||
$kernel->reboot($warmupDir);
|
||||
|
||||
// fix references to cached files with the real cache directory name
|
||||
$search = [$warmupDir, str_replace('\\', '\\\\', $warmupDir)];
|
||||
$replace = str_replace('\\', '/', $realBuildDir);
|
||||
foreach (Finder::create()->files()->in($warmupDir) as $file) {
|
||||
$content = str_replace($search, $replace, file_get_contents($file), $count);
|
||||
if ($count) {
|
||||
file_put_contents($file, $content);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private function warmupOptionals(string $cacheDir, string $warmupDir, SymfonyStyle $io): void
|
||||
|
||||
@@ -38,7 +38,7 @@ final class CachePoolClearCommand extends Command
|
||||
/**
|
||||
* @param string[]|null $poolNames
|
||||
*/
|
||||
public function __construct(Psr6CacheClearer $poolClearer, array $poolNames = null)
|
||||
public function __construct(Psr6CacheClearer $poolClearer, ?array $poolNames = null)
|
||||
{
|
||||
parent::__construct();
|
||||
|
||||
@@ -72,7 +72,7 @@ EOF
|
||||
|
||||
$poolNames = $input->getArgument('pools');
|
||||
$excludedPoolNames = $input->getOption('exclude');
|
||||
if ($input->getOption('all')) {
|
||||
if ($clearAll = $input->getOption('all')) {
|
||||
if (!$this->poolNames) {
|
||||
throw new InvalidArgumentException('Could not clear all cache pools, try specifying a specific pool or cache clearer.');
|
||||
}
|
||||
@@ -91,7 +91,7 @@ EOF
|
||||
foreach ($poolNames as $id) {
|
||||
if ($this->poolClearer->hasPool($id)) {
|
||||
$pools[$id] = $id;
|
||||
} else {
|
||||
} elseif (!$clearAll || $kernel->getContainer()->has($id)) {
|
||||
$pool = $kernel->getContainer()->get($id);
|
||||
|
||||
if ($pool instanceof CacheItemPoolInterface) {
|
||||
|
||||
@@ -35,7 +35,7 @@ final class CachePoolDeleteCommand extends Command
|
||||
/**
|
||||
* @param string[]|null $poolNames
|
||||
*/
|
||||
public function __construct(Psr6CacheClearer $poolClearer, array $poolNames = null)
|
||||
public function __construct(Psr6CacheClearer $poolClearer, ?array $poolNames = null)
|
||||
{
|
||||
parent::__construct();
|
||||
|
||||
|
||||
@@ -284,7 +284,9 @@ EOF
|
||||
return $matchingServices[0];
|
||||
}
|
||||
|
||||
return $io->choice('Select one of the following services to display its information', $matchingServices);
|
||||
natsort($matchingServices);
|
||||
|
||||
return $io->choice('Select one of the following services to display its information', array_values($matchingServices));
|
||||
}
|
||||
|
||||
private function findProperTagName(InputInterface $input, SymfonyStyle $io, ContainerBuilder $container, string $tagName): string
|
||||
@@ -302,7 +304,9 @@ EOF
|
||||
return $matchingTags[0];
|
||||
}
|
||||
|
||||
return $io->choice('Select one of the following tags to display its information', $matchingTags);
|
||||
natsort($matchingTags);
|
||||
|
||||
return $io->choice('Select one of the following tags to display its information', array_values($matchingTags));
|
||||
}
|
||||
|
||||
private function findServiceIdsContaining(ContainerBuilder $container, string $name, bool $showHidden): array
|
||||
|
||||
@@ -35,7 +35,7 @@ class DebugAutowiringCommand extends ContainerDebugCommand
|
||||
{
|
||||
private ?FileLinkFormatter $fileLinkFormatter;
|
||||
|
||||
public function __construct(string $name = null, FileLinkFormatter $fileLinkFormatter = null)
|
||||
public function __construct(?string $name = null, ?FileLinkFormatter $fileLinkFormatter = null)
|
||||
{
|
||||
$this->fileLinkFormatter = $fileLinkFormatter;
|
||||
parent::__construct($name);
|
||||
|
||||
@@ -42,7 +42,7 @@ class RouterDebugCommand extends Command
|
||||
private RouterInterface $router;
|
||||
private ?FileLinkFormatter $fileLinkFormatter;
|
||||
|
||||
public function __construct(RouterInterface $router, FileLinkFormatter $fileLinkFormatter = null)
|
||||
public function __construct(RouterInterface $router, ?FileLinkFormatter $fileLinkFormatter = null)
|
||||
{
|
||||
parent::__construct();
|
||||
|
||||
|
||||
@@ -31,7 +31,7 @@ final class SecretsDecryptToLocalCommand extends Command
|
||||
private AbstractVault $vault;
|
||||
private ?AbstractVault $localVault;
|
||||
|
||||
public function __construct(AbstractVault $vault, AbstractVault $localVault = null)
|
||||
public function __construct(AbstractVault $vault, ?AbstractVault $localVault = null)
|
||||
{
|
||||
$this->vault = $vault;
|
||||
$this->localVault = $localVault;
|
||||
@@ -48,7 +48,7 @@ The <info>%command.name%</info> command decrypts all secrets and copies them in
|
||||
|
||||
<info>%command.full_name%</info>
|
||||
|
||||
When the option <info>--force</info> is provided, secrets that already exist in the local vault are overriden.
|
||||
When the <info>--force</info> option is provided, secrets that already exist in the local vault are overridden.
|
||||
|
||||
<info>%command.full_name% --force</info>
|
||||
EOF
|
||||
|
||||
@@ -30,7 +30,7 @@ final class SecretsEncryptFromLocalCommand extends Command
|
||||
private AbstractVault $vault;
|
||||
private ?AbstractVault $localVault;
|
||||
|
||||
public function __construct(AbstractVault $vault, AbstractVault $localVault = null)
|
||||
public function __construct(AbstractVault $vault, ?AbstractVault $localVault = null)
|
||||
{
|
||||
$this->vault = $vault;
|
||||
$this->localVault = $localVault;
|
||||
|
||||
@@ -33,7 +33,7 @@ final class SecretsGenerateKeysCommand extends Command
|
||||
private AbstractVault $vault;
|
||||
private ?AbstractVault $localVault;
|
||||
|
||||
public function __construct(AbstractVault $vault, AbstractVault $localVault = null)
|
||||
public function __construct(AbstractVault $vault, ?AbstractVault $localVault = null)
|
||||
{
|
||||
$this->vault = $vault;
|
||||
$this->localVault = $localVault;
|
||||
|
||||
@@ -34,7 +34,7 @@ final class SecretsListCommand extends Command
|
||||
private AbstractVault $vault;
|
||||
private ?AbstractVault $localVault;
|
||||
|
||||
public function __construct(AbstractVault $vault, AbstractVault $localVault = null)
|
||||
public function __construct(AbstractVault $vault, ?AbstractVault $localVault = null)
|
||||
{
|
||||
$this->vault = $vault;
|
||||
$this->localVault = $localVault;
|
||||
|
||||
@@ -35,7 +35,7 @@ final class SecretsRemoveCommand extends Command
|
||||
private AbstractVault $vault;
|
||||
private ?AbstractVault $localVault;
|
||||
|
||||
public function __construct(AbstractVault $vault, AbstractVault $localVault = null)
|
||||
public function __construct(AbstractVault $vault, ?AbstractVault $localVault = null)
|
||||
{
|
||||
$this->vault = $vault;
|
||||
$this->localVault = $localVault;
|
||||
|
||||
@@ -36,7 +36,7 @@ final class SecretsSetCommand extends Command
|
||||
private AbstractVault $vault;
|
||||
private ?AbstractVault $localVault;
|
||||
|
||||
public function __construct(AbstractVault $vault, AbstractVault $localVault = null)
|
||||
public function __construct(AbstractVault $vault, ?AbstractVault $localVault = null)
|
||||
{
|
||||
$this->vault = $vault;
|
||||
$this->localVault = $localVault;
|
||||
|
||||
@@ -59,7 +59,7 @@ class TranslationDebugCommand extends Command
|
||||
private array $codePaths;
|
||||
private array $enabledLocales;
|
||||
|
||||
public function __construct(TranslatorInterface $translator, TranslationReaderInterface $reader, ExtractorInterface $extractor, string $defaultTransPath = null, string $defaultViewsPath = null, array $transPaths = [], array $codePaths = [], array $enabledLocales = [])
|
||||
public function __construct(TranslatorInterface $translator, TranslationReaderInterface $reader, ExtractorInterface $extractor, ?string $defaultTransPath = null, ?string $defaultViewsPath = null, array $transPaths = [], array $codePaths = [], array $enabledLocales = [])
|
||||
{
|
||||
parent::__construct();
|
||||
|
||||
@@ -79,7 +79,7 @@ class TranslationDebugCommand extends Command
|
||||
->setDefinition([
|
||||
new InputArgument('locale', InputArgument::REQUIRED, 'The locale'),
|
||||
new InputArgument('bundle', InputArgument::OPTIONAL, 'The bundle name or directory where to load the messages'),
|
||||
new InputOption('domain', null, InputOption::VALUE_OPTIONAL, 'The messages domain'),
|
||||
new InputOption('domain', null, InputOption::VALUE_REQUIRED, 'The messages domain'),
|
||||
new InputOption('only-missing', null, InputOption::VALUE_NONE, 'Display only missing messages'),
|
||||
new InputOption('only-unused', null, InputOption::VALUE_NONE, 'Display only unused messages'),
|
||||
new InputOption('all', null, InputOption::VALUE_NONE, 'Load messages from all registered bundles'),
|
||||
|
||||
@@ -19,7 +19,6 @@ use Symfony\Component\Console\Exception\InvalidArgumentException;
|
||||
use Symfony\Component\Console\Input\InputArgument;
|
||||
use Symfony\Component\Console\Input\InputInterface;
|
||||
use Symfony\Component\Console\Input\InputOption;
|
||||
use Symfony\Component\Console\Output\ConsoleOutputInterface;
|
||||
use Symfony\Component\Console\Output\OutputInterface;
|
||||
use Symfony\Component\Console\Style\SymfonyStyle;
|
||||
use Symfony\Component\HttpKernel\KernelInterface;
|
||||
@@ -60,10 +59,14 @@ class TranslationUpdateCommand extends Command
|
||||
private array $codePaths;
|
||||
private array $enabledLocales;
|
||||
|
||||
public function __construct(TranslationWriterInterface $writer, TranslationReaderInterface $reader, ExtractorInterface $extractor, string $defaultLocale, string $defaultTransPath = null, string $defaultViewsPath = null, array $transPaths = [], array $codePaths = [], array $enabledLocales = [])
|
||||
public function __construct(TranslationWriterInterface $writer, TranslationReaderInterface $reader, ExtractorInterface $extractor, string $defaultLocale, ?string $defaultTransPath = null, ?string $defaultViewsPath = null, array $transPaths = [], array $codePaths = [], array $enabledLocales = [])
|
||||
{
|
||||
parent::__construct();
|
||||
|
||||
if (!method_exists($writer, 'getFormats')) {
|
||||
throw new \InvalidArgumentException(sprintf('The writer class "%s" does not implement the "getFormats()" method.', $writer::class));
|
||||
}
|
||||
|
||||
$this->writer = $writer;
|
||||
$this->reader = $reader;
|
||||
$this->extractor = $extractor;
|
||||
@@ -81,14 +84,14 @@ class TranslationUpdateCommand extends Command
|
||||
->setDefinition([
|
||||
new InputArgument('locale', InputArgument::REQUIRED, 'The locale'),
|
||||
new InputArgument('bundle', InputArgument::OPTIONAL, 'The bundle name or directory where to load the messages'),
|
||||
new InputOption('prefix', null, InputOption::VALUE_OPTIONAL, 'Override the default prefix', '__'),
|
||||
new InputOption('format', null, InputOption::VALUE_OPTIONAL, 'Override the default output format', 'xlf12'),
|
||||
new InputOption('prefix', null, InputOption::VALUE_REQUIRED, 'Override the default prefix', '__'),
|
||||
new InputOption('format', null, InputOption::VALUE_REQUIRED, 'Override the default output format', 'xlf12'),
|
||||
new InputOption('dump-messages', null, InputOption::VALUE_NONE, 'Should the messages be dumped in the console'),
|
||||
new InputOption('force', null, InputOption::VALUE_NONE, 'Should the extract be done'),
|
||||
new InputOption('clean', null, InputOption::VALUE_NONE, 'Should clean not found messages'),
|
||||
new InputOption('domain', null, InputOption::VALUE_OPTIONAL, 'Specify the domain to extract'),
|
||||
new InputOption('domain', null, InputOption::VALUE_REQUIRED, 'Specify the domain to extract'),
|
||||
new InputOption('sort', null, InputOption::VALUE_OPTIONAL, 'Return list of messages sorted alphabetically (only works with --dump-messages)', 'asc'),
|
||||
new InputOption('as-tree', null, InputOption::VALUE_OPTIONAL, 'Dump the messages as a tree-like structure: The given value defines the level where to switch to inline YAML'),
|
||||
new InputOption('as-tree', null, InputOption::VALUE_REQUIRED, 'Dump the messages as a tree-like structure: The given value defines the level where to switch to inline YAML'),
|
||||
])
|
||||
->setHelp(<<<'EOF'
|
||||
The <info>%command.name%</info> command extracts translation strings from templates
|
||||
@@ -124,13 +127,6 @@ EOF
|
||||
|
||||
protected function execute(InputInterface $input, OutputInterface $output): int
|
||||
{
|
||||
$io = new SymfonyStyle($input, $output);
|
||||
$errorIo = $output instanceof ConsoleOutputInterface ? new SymfonyStyle($input, $output->getErrorOutput()) : $io;
|
||||
|
||||
if ('translation:update' === $input->getFirstArgument()) {
|
||||
$errorIo->caution('Command "translation:update" is deprecated since version 5.4 and will be removed in Symfony 6.0. Use "translation:extract" instead.');
|
||||
}
|
||||
|
||||
$io = new SymfonyStyle($input, $output);
|
||||
$errorIo = $io->getErrorStyle();
|
||||
|
||||
|
||||
Reference in New Issue
Block a user