composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-25 11:38:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°8017 - Security - dependabot - Symfony's VarDumper vulnerable to un… (#731)

Browse Source 
Upgrade all Symfony components to last security fix (~6.4.0)
This commit is contained in:
Benjamin Dalsass
2025-08-06 08:54:56 +02:00
committed by GitHub
parent 603340b852
commit cdbcd14767
608 changed files with 5020 additions and 3793 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/symfony/framework-bundle/Resources/config/asset_mapper.php
View File

@@ -54,6 +54,8 @@ return static function (ContainerConfigurator $container) {
])
->alias(AssetMapperInterface::class, 'asset_mapper')
->alias('asset_mapper.http_client', 'http_client')
->set('asset_mapper.mapped_asset_factory', MappedAssetFactory::class)
->args([
service('asset_mapper.public_assets_path_resolver'),
@@ -75,6 +77,7 @@ return static function (ContainerConfigurator $container) {
param('kernel.project_dir'),
abstract_arg('array of excluded path patterns'),
abstract_arg('exclude dot files'),
param('kernel.debug'),
])
->set('asset_mapper.public_assets_path_resolver', PublicAssetsPathResolver::class)
@@ -196,7 +199,7 @@ return static function (ContainerConfigurator $container) {
])
->set('asset_mapper.importmap.resolver', JsDelivrEsmResolver::class)
->args([service('http_client')])
->args([service('asset_mapper.http_client')])
->set('asset_mapper.importmap.renderer', ImportMapRenderer::class)
->args([
@@ -211,12 +214,12 @@ return static function (ContainerConfigurator $container) {
->set('asset_mapper.importmap.auditor', ImportMapAuditor::class)
->args([
service('asset_mapper.importmap.config_reader'),
service('http_client'),
service('asset_mapper.http_client'),
])
->set('asset_mapper.importmap.update_checker', ImportMapUpdateChecker::class)
->args([
service('asset_mapper.importmap.config_reader'),
service('http_client'),
service('asset_mapper.http_client'),
])
->set('asset_mapper.importmap.command.require', ImportMapRequireCommand::class)

1
lib/symfony/framework-bundle/Resources/config/http_client.php
View File

@@ -39,6 +39,7 @@ return static function (ContainerConfigurator $container) {
->factory('current')
->args([[service('http_client.transport')]])
->tag('http_client.client')
->tag('kernel.reset', ['method' => 'reset', 'on_invalid' => 'ignore'])
->alias(HttpClientInterface::class, 'http_client')

6
lib/symfony/framework-bundle/Resources/config/mailer.php
View File

@@ -45,11 +45,7 @@ return static function (ContainerConfigurator $container) {
tagged_iterator('mailer.transport_factory'),
])
->set('mailer.default_transport', TransportInterface::class)
->factory([service('mailer.transport_factory'), 'fromString'])
->args([
abstract_arg('env(MAILER_DSN)'),
])
->alias('mailer.default_transport', 'mailer.transports')
->alias(TransportInterface::class, 'mailer.default_transport')
->set('mailer.messenger.message_handler', MessageHandler::class)

5
lib/symfony/framework-bundle/Resources/config/notifier.php
View File

@@ -73,7 +73,10 @@ return static function (ContainerConfigurator $container) {
->tag('notifier.channel', ['channel' => 'email'])
->set('notifier.channel.push', PushChannel::class)
->args([service('texter.transports'), service('messenger.default_bus')->ignoreOnInvalid()])
->args([
service('texter.transports'),
abstract_arg('message bus'),
])
->tag('notifier.channel', ['channel' => 'push'])
->set('notifier.monolog_handler', NotifierHandler::class)

7
lib/symfony/framework-bundle/Resources/config/profiling.php
View File

@@ -40,7 +40,7 @@ return static function (ContainerConfigurator $container) {
->set('console_profiler_listener', ConsoleProfilerListener::class)
->args([
service('profiler'),
service('.lazy_profiler'),
service('.virtual_request_stack'),
service('debug.stopwatch'),
param('kernel.runtime_mode.cli'),
@@ -48,6 +48,11 @@ return static function (ContainerConfigurator $container) {
])
->tag('kernel.event_subscriber')
->set('.lazy_profiler', Profiler::class)
->factory('current')
->args([[service('profiler')]])
->lazy()
->set('.virtual_request_stack', VirtualRequestStack::class)
->args([service('request_stack')])
->public()

10
lib/symfony/framework-bundle/Resources/config/schema/symfony-1.0.xsd
View File

@@ -266,6 +266,7 @@
<xsd:element name="static-method" type="xsd:string" />
<xsd:element name="mapping" type="file_mapping" />
<xsd:element name="auto-mapping" type="auto_mapping" />
<xsd:element name="not-compromised-password" type="not-compromised-password" />
</xsd:choice>
<xsd:attribute name="enabled" type="xsd:boolean" />
@@ -299,6 +300,11 @@
</xsd:restriction>
</xsd:simpleType>
<xsd:complexType name="not-compromised-password">
<xsd:attribute name="enabled" type="xsd:boolean" />
<xsd:attribute name="endpoint" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="annotations">
<xsd:attribute name="cache" type="xsd:string" />
<xsd:attribute name="debug" type="xsd:string" />
@@ -551,7 +557,7 @@
<xsd:complexType name="lock">
<xsd:sequence>
<xsd:element name="resource" type="lock_resource" minOccurs="1" maxOccurs="unbounded" />
<xsd:element name="resource" type="lock_resource" minOccurs="0" maxOccurs="unbounded" />
</xsd:sequence>
<xsd:attribute name="enabled" type="xsd:boolean" />
</xsd:complexType>
@@ -781,7 +787,7 @@
<xsd:complexType name="mailer_envelope">
<xsd:sequence>
<xsd:element name="sender" type="xsd:string" minOccurs="0" maxOccurs="1" />
<xsd:element name="recipients" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
<xsd:element name="recipient" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
</xsd:sequence>
</xsd:complexType>

6
lib/symfony/framework-bundle/Resources/config/serializer.php
View File

@@ -60,7 +60,7 @@ return static function (ContainerConfigurator $container) {
$container->services()
->set('serializer', Serializer::class)
->args([[], []])
->args([[], [], []])
->alias(SerializerInterface::class, 'serializer')
->alias(NormalizerInterface::class, 'serializer')
@@ -116,7 +116,7 @@ return static function (ContainerConfigurator $container) {
->set('serializer.normalizer.translatable', TranslatableNormalizer::class)
->args(['$translator' => service('translator')])
->tag('serializer.normalizer', ['priority' => -890])
->tag('serializer.normalizer', ['priority' => -920])
->set('serializer.normalizer.form_error', FormErrorNormalizer::class)
->tag('serializer.normalizer', ['priority' => -915])
@@ -129,6 +129,8 @@ return static function (ContainerConfigurator $container) {
service('property_info')->ignoreOnInvalid(),
service('serializer.mapping.class_discriminator_resolver')->ignoreOnInvalid(),
null,
null,
service('property_info')->ignoreOnInvalid(),
])
->tag('serializer.normalizer', ['priority' => -1000])

1
lib/symfony/framework-bundle/Resources/config/services.php
View File

@@ -100,6 +100,7 @@ return static function (ContainerConfigurator $container) {
->alias(HttpKernelInterface::class, 'http_kernel')
->set('request_stack', RequestStack::class)
->tag('kernel.reset', ['method' => 'resetRequestFormats', 'on_invalid' => 'ignore'])
->public()
->alias(RequestStack::class, 'request_stack')

1
lib/symfony/framework-bundle/Resources/config/session.php
View File

@@ -90,6 +90,7 @@ return static function (ContainerConfigurator $container) {
'session_factory' => service('session.factory')->ignoreOnInvalid(),
'logger' => service('logger')->ignoreOnInvalid(),
'session_collector' => service('data_collector.request.session_collector')->ignoreOnInvalid(),
'request_stack' => service('request_stack')->ignoreOnInvalid(),
]),
param('kernel.debug'),
param('session.storage.options'),