diff --git a/.travis.yml b/.travis.yml index a3fd73f..92aea71 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,14 +1,11 @@ language: php -sudo: false -# only needed for PHP 5.5 support as of 2019-07 -dist: trusty php: - - '5.5' - '5.6' - '7.0' - '7.1' - '7.2' - '7.3' + - '7.4' # as this is a php project, node.js (for JS unit testing) isn't installed install: diff --git a/CHANGELOG.md b/CHANGELOG.md index 608716f..1b7523c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,7 @@ # PrivateBin version history * **1.4 (not yet released)** + * CHANGED: Minimum required PHP version is 5.6, due to a change in the identicon library and to use php's native hash_equals() * CHANGED: Upgrading libraries to: DOMpurify 2.0.8 * CHANGED: Several translations got updated with missing messages * CHANGED: Introduce HTML entity encoding on server side (#581) diff --git a/composer.json b/composer.json index 8df24e2..c7311a2 100644 --- a/composer.json +++ b/composer.json @@ -24,9 +24,9 @@ "docs" : "https://privatebin.info/codedoc/" }, "require" : { - "php" : "^5.5.0 || ^7.0", + "php" : "^5.6.0 || ^7.0", "paragonie/random_compat" : "2.0.18", - "yzalis/identicon" : "1.2.0" + "yzalis/identicon" : "2.0.0" }, "require-dev" : { "codacy/coverage" : "dev-master", @@ -41,4 +41,4 @@ "config" : { "autoloader-suffix" : "DontChange" } -} \ No newline at end of file +} diff --git a/composer.lock b/composer.lock index 45c323e..9e94eba 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "5a34d7babc027b5306652cf3a6d8eaeb", + "content-hash": "f40dd67214072fe0962989c04c851bd5", "packages": [ { "name": "paragonie/random_compat", @@ -57,16 +57,16 @@ }, { "name": "yzalis/identicon", - "version": "1.2.0", + "version": "2.0.0", "source": { "type": "git", "url": "https://github.com/yzalis/Identicon.git", - "reference": "228eca74299a45163be40fd82d334bf21e66b86b" + "reference": "ff5ed090129cab9bfa2a322857d4a01d107aa0ae" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/yzalis/Identicon/zipball/228eca74299a45163be40fd82d334bf21e66b86b", - "reference": "228eca74299a45163be40fd82d334bf21e66b86b", + "url": "https://api.github.com/repos/yzalis/Identicon/zipball/ff5ed090129cab9bfa2a322857d4a01d107aa0ae", + "reference": "ff5ed090129cab9bfa2a322857d4a01d107aa0ae", "shasum": "" }, "require": { @@ -105,7 +105,7 @@ "identicon", "image" ], - "time": "2017-08-01T14:39:05+00:00" + "time": "2019-10-14T09:30:57+00:00" } ], "packages-dev": [ @@ -115,20 +115,21 @@ "source": { "type": "git", "url": "https://github.com/codacy/php-codacy-coverage.git", - "reference": "629d1fd597f91fb072bd822830059fd5145ce49a" + "reference": "1852ca987c91ef466ebcfdbdd4e1788b653eaf1d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/codacy/php-codacy-coverage/zipball/629d1fd597f91fb072bd822830059fd5145ce49a", - "reference": "629d1fd597f91fb072bd822830059fd5145ce49a", + "url": "https://api.github.com/repos/codacy/php-codacy-coverage/zipball/1852ca987c91ef466ebcfdbdd4e1788b653eaf1d", + "reference": "1852ca987c91ef466ebcfdbdd4e1788b653eaf1d", "shasum": "" }, "require": { "gitonomy/gitlib": ">=1.0", "php": ">=5.3.3", - "symfony/console": "~2.5|~3.0|~4.0" + "symfony/console": "~2.5|~3.0|~4.0|~5.0" }, "require-dev": { + "clue/phar-composer": "^1.1", "phpunit/phpunit": "~6.5" }, "bin": [ @@ -152,7 +153,7 @@ ], "description": "Sends PHP test coverage information to Codacy.", "homepage": "https://github.com/codacy/php-codacy-coverage", - "time": "2018-04-30T16:23:12+00:00" + "time": "2020-01-10T10:52:12+00:00" }, { "name": "codeclimate/php-test-reporter", @@ -215,16 +216,16 @@ }, { "name": "composer/ca-bundle", - "version": "1.2.4", + "version": "1.2.6", "source": { "type": "git", "url": "https://github.com/composer/ca-bundle.git", - "reference": "10bb96592168a0f8e8f6dcde3532d9fa50b0b527" + "reference": "47fe531de31fca4a1b997f87308e7d7804348f7e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/composer/ca-bundle/zipball/10bb96592168a0f8e8f6dcde3532d9fa50b0b527", - "reference": "10bb96592168a0f8e8f6dcde3532d9fa50b0b527", + "url": "https://api.github.com/repos/composer/ca-bundle/zipball/47fe531de31fca4a1b997f87308e7d7804348f7e", + "reference": "47fe531de31fca4a1b997f87308e7d7804348f7e", "shasum": "" }, "require": { @@ -235,7 +236,7 @@ "require-dev": { "phpunit/phpunit": "^4.8.35 || ^5.7 || 6.5 - 8", "psr/log": "^1.0", - "symfony/process": "^2.5 || ^3.0 || ^4.0" + "symfony/process": "^2.5 || ^3.0 || ^4.0 || ^5.0" }, "type": "library", "extra": { @@ -267,20 +268,20 @@ "ssl", "tls" ], - "time": "2019-08-30T08:44:50+00:00" + "time": "2020-01-13T10:02:55+00:00" }, { "name": "doctrine/instantiator", - "version": "1.2.0", + "version": "1.3.0", "source": { "type": "git", "url": "https://github.com/doctrine/instantiator.git", - "reference": "a2c590166b2133a4633738648b6b064edae0814a" + "reference": "ae466f726242e637cebdd526a7d991b9433bacf1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/doctrine/instantiator/zipball/a2c590166b2133a4633738648b6b064edae0814a", - "reference": "a2c590166b2133a4633738648b6b064edae0814a", + "url": "https://api.github.com/repos/doctrine/instantiator/zipball/ae466f726242e637cebdd526a7d991b9433bacf1", + "reference": "ae466f726242e637cebdd526a7d991b9433bacf1", "shasum": "" }, "require": { @@ -323,28 +324,28 @@ "constructor", "instantiate" ], - "time": "2019-03-17T17:37:11+00:00" + "time": "2019-10-21T16:45:58+00:00" }, { "name": "gitonomy/gitlib", - "version": "v1.1.0", + "version": "v1.2.0", "source": { "type": "git", "url": "https://github.com/gitonomy/gitlib.git", - "reference": "49e599915eae04b734f31e6e88f773d32d921e2e" + "reference": "a0bea921266ad1c9626d712e7f8687dcc08ca528" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/gitonomy/gitlib/zipball/49e599915eae04b734f31e6e88f773d32d921e2e", - "reference": "49e599915eae04b734f31e6e88f773d32d921e2e", + "url": "https://api.github.com/repos/gitonomy/gitlib/zipball/a0bea921266ad1c9626d712e7f8687dcc08ca528", + "reference": "a0bea921266ad1c9626d712e7f8687dcc08ca528", "shasum": "" }, "require": { "php": "^5.6 || ^7.0", - "symfony/process": "^3.4|^4.0" + "symfony/process": "^3.4|^4.0|^5.0" }, "require-dev": { - "phpunit/phpunit": "^5.7|^6.5", + "phpunit/phpunit": "^5.7|^6.5|^7.0", "psr/log": "^1.0" }, "suggest": { @@ -353,7 +354,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.1-dev" + "dev-master": "1.2-dev" } }, "autoload": { @@ -367,19 +368,25 @@ ], "authors": [ { - "name": "Alexandre Salomé", - "email": "alexandre.salome@gmail.com", - "homepage": "http://alexandre-salome.fr" + "name": "Graham Campbell", + "email": "graham@alt-three.com" }, { - "name": "Julien DIDIER", - "email": "genzo.wm@gmail.com", - "homepage": "http://www.jdidier.net" + "name": "Julien Didier", + "email": "genzo.wm@gmail.com" + }, + { + "name": "Grégoire Pineau", + "email": "lyrixx@lyrixx.info" + }, + { + "name": "Alexandre Salomé", + "email": "alexandre.salome@gmail.com" } ], "description": "Library for accessing git", "homepage": "http://gitonomy.com", - "time": "2019-06-23T09:49:01+00:00" + "time": "2019-12-08T12:42:25+00:00" }, { "name": "guzzle/guzzle", @@ -476,16 +483,16 @@ }, { "name": "myclabs/deep-copy", - "version": "1.9.3", + "version": "1.9.5", "source": { "type": "git", "url": "https://github.com/myclabs/DeepCopy.git", - "reference": "007c053ae6f31bba39dfa19a7726f56e9763bbea" + "reference": "b2c28789e80a97badd14145fda39b545d83ca3ef" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/007c053ae6f31bba39dfa19a7726f56e9763bbea", - "reference": "007c053ae6f31bba39dfa19a7726f56e9763bbea", + "url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/b2c28789e80a97badd14145fda39b545d83ca3ef", + "reference": "b2c28789e80a97badd14145fda39b545d83ca3ef", "shasum": "" }, "require": { @@ -520,7 +527,7 @@ "object", "object graph" ], - "time": "2019-08-09T12:45:53+00:00" + "time": "2020-01-17T21:11:47+00:00" }, { "name": "padraic/humbug_get_contents", @@ -697,16 +704,16 @@ }, { "name": "phpdocumentor/reflection-docblock", - "version": "4.3.2", + "version": "4.3.4", "source": { "type": "git", "url": "https://github.com/phpDocumentor/ReflectionDocBlock.git", - "reference": "b83ff7cfcfee7827e1e78b637a5904fe6a96698e" + "reference": "da3fd972d6bafd628114f7e7e036f45944b62e9c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/b83ff7cfcfee7827e1e78b637a5904fe6a96698e", - "reference": "b83ff7cfcfee7827e1e78b637a5904fe6a96698e", + "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/da3fd972d6bafd628114f7e7e036f45944b62e9c", + "reference": "da3fd972d6bafd628114f7e7e036f45944b62e9c", "shasum": "" }, "require": { @@ -718,6 +725,7 @@ "require-dev": { "doctrine/instantiator": "^1.0.5", "mockery/mockery": "^1.0", + "phpdocumentor/type-resolver": "0.4.*", "phpunit/phpunit": "^6.4" }, "type": "library", @@ -744,7 +752,7 @@ } ], "description": "With this component, a library can provide support for annotations via DocBlocks or otherwise retrieve information that is embedded in a DocBlock.", - "time": "2019-09-12T14:27:41+00:00" + "time": "2019-12-28T18:55:12+00:00" }, { "name": "phpdocumentor/type-resolver", @@ -795,33 +803,33 @@ }, { "name": "phpspec/prophecy", - "version": "1.8.1", + "version": "v1.10.2", "source": { "type": "git", "url": "https://github.com/phpspec/prophecy.git", - "reference": "1927e75f4ed19131ec9bcc3b002e07fb1173ee76" + "reference": "b4400efc9d206e83138e2bb97ed7f5b14b831cd9" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpspec/prophecy/zipball/1927e75f4ed19131ec9bcc3b002e07fb1173ee76", - "reference": "1927e75f4ed19131ec9bcc3b002e07fb1173ee76", + "url": "https://api.github.com/repos/phpspec/prophecy/zipball/b4400efc9d206e83138e2bb97ed7f5b14b831cd9", + "reference": "b4400efc9d206e83138e2bb97ed7f5b14b831cd9", "shasum": "" }, "require": { "doctrine/instantiator": "^1.0.2", "php": "^5.3|^7.0", - "phpdocumentor/reflection-docblock": "^2.0|^3.0.2|^4.0", - "sebastian/comparator": "^1.1|^2.0|^3.0", - "sebastian/recursion-context": "^1.0|^2.0|^3.0" + "phpdocumentor/reflection-docblock": "^2.0|^3.0.2|^4.0|^5.0", + "sebastian/comparator": "^1.2.3|^2.0|^3.0|^4.0", + "sebastian/recursion-context": "^1.0|^2.0|^3.0|^4.0" }, "require-dev": { - "phpspec/phpspec": "^2.5|^3.2", + "phpspec/phpspec": "^2.5 || ^3.2", "phpunit/phpunit": "^4.8.35 || ^5.7 || ^6.5 || ^7.1" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "1.8.x-dev" + "dev-master": "1.10.x-dev" } }, "autoload": { @@ -854,7 +862,7 @@ "spy", "stub" ], - "time": "2019-06-13T12:50:23+00:00" + "time": "2020-01-20T15:57:02+00:00" }, { "name": "phpunit/php-code-coverage", @@ -1298,16 +1306,16 @@ }, { "name": "psr/log", - "version": "1.1.0", + "version": "1.1.2", "source": { "type": "git", "url": "https://github.com/php-fig/log.git", - "reference": "6c001f1daafa3a3ac1d8ff69ee4db8e799a654dd" + "reference": "446d54b4cb6bf489fc9d75f55843658e6f25d801" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/php-fig/log/zipball/6c001f1daafa3a3ac1d8ff69ee4db8e799a654dd", - "reference": "6c001f1daafa3a3ac1d8ff69ee4db8e799a654dd", + "url": "https://api.github.com/repos/php-fig/log/zipball/446d54b4cb6bf489fc9d75f55843658e6f25d801", + "reference": "446d54b4cb6bf489fc9d75f55843658e6f25d801", "shasum": "" }, "require": { @@ -1316,7 +1324,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.0.x-dev" + "dev-master": "1.1.x-dev" } }, "autoload": { @@ -1341,7 +1349,7 @@ "psr", "psr-3" ], - "time": "2018-11-20T15:27:04+00:00" + "time": "2019-11-01T11:05:21+00:00" }, { "name": "satooshi/php-coveralls", @@ -1920,32 +1928,32 @@ }, { "name": "symfony/config", - "version": "v4.3.4", + "version": "v4.4.4", "source": { "type": "git", "url": "https://github.com/symfony/config.git", - "reference": "07d49c0f823e0bc367c6d84e35b61419188a5ece" + "reference": "4d3979f54472637169080f802dc82197e21fdcce" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/config/zipball/07d49c0f823e0bc367c6d84e35b61419188a5ece", - "reference": "07d49c0f823e0bc367c6d84e35b61419188a5ece", + "url": "https://api.github.com/repos/symfony/config/zipball/4d3979f54472637169080f802dc82197e21fdcce", + "reference": "4d3979f54472637169080f802dc82197e21fdcce", "shasum": "" }, "require": { "php": "^7.1.3", - "symfony/filesystem": "~3.4|~4.0", + "symfony/filesystem": "^3.4|^4.0|^5.0", "symfony/polyfill-ctype": "~1.8" }, "conflict": { "symfony/finder": "<3.4" }, "require-dev": { - "symfony/dependency-injection": "~3.4|~4.0", - "symfony/event-dispatcher": "~3.4|~4.0", - "symfony/finder": "~3.4|~4.0", - "symfony/messenger": "~4.1", - "symfony/yaml": "~3.4|~4.0" + "symfony/event-dispatcher": "^3.4|^4.0|^5.0", + "symfony/finder": "^3.4|^4.0|^5.0", + "symfony/messenger": "^4.1|^5.0", + "symfony/service-contracts": "^1.1|^2", + "symfony/yaml": "^3.4|^4.0|^5.0" }, "suggest": { "symfony/yaml": "To use the yaml reference dumper" @@ -1953,7 +1961,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "4.3-dev" + "dev-master": "4.4-dev" } }, "autoload": { @@ -1980,31 +1988,32 @@ ], "description": "Symfony Config Component", "homepage": "https://symfony.com", - "time": "2019-08-26T08:26:39+00:00" + "time": "2020-01-04T13:00:46+00:00" }, { "name": "symfony/console", - "version": "v4.3.4", + "version": "v4.4.4", "source": { "type": "git", "url": "https://github.com/symfony/console.git", - "reference": "de63799239b3881b8a08f8481b22348f77ed7b36" + "reference": "f512001679f37e6a042b51897ed24a2f05eba656" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/console/zipball/de63799239b3881b8a08f8481b22348f77ed7b36", - "reference": "de63799239b3881b8a08f8481b22348f77ed7b36", + "url": "https://api.github.com/repos/symfony/console/zipball/f512001679f37e6a042b51897ed24a2f05eba656", + "reference": "f512001679f37e6a042b51897ed24a2f05eba656", "shasum": "" }, "require": { "php": "^7.1.3", "symfony/polyfill-mbstring": "~1.0", "symfony/polyfill-php73": "^1.8", - "symfony/service-contracts": "^1.1" + "symfony/service-contracts": "^1.1|^2" }, "conflict": { "symfony/dependency-injection": "<3.4", - "symfony/event-dispatcher": "<4.3", + "symfony/event-dispatcher": "<4.3|>=5", + "symfony/lock": "<4.4", "symfony/process": "<3.3" }, "provide": { @@ -2012,12 +2021,12 @@ }, "require-dev": { "psr/log": "~1.0", - "symfony/config": "~3.4|~4.0", - "symfony/dependency-injection": "~3.4|~4.0", + "symfony/config": "^3.4|^4.0|^5.0", + "symfony/dependency-injection": "^3.4|^4.0|^5.0", "symfony/event-dispatcher": "^4.3", - "symfony/lock": "~3.4|~4.0", - "symfony/process": "~3.4|~4.0", - "symfony/var-dumper": "^4.3" + "symfony/lock": "^4.4|^5.0", + "symfony/process": "^3.4|^4.0|^5.0", + "symfony/var-dumper": "^4.3|^5.0" }, "suggest": { "psr/log": "For using the console logger", @@ -2028,7 +2037,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "4.3-dev" + "dev-master": "4.4-dev" } }, "autoload": { @@ -2055,20 +2064,20 @@ ], "description": "Symfony Console Component", "homepage": "https://symfony.com", - "time": "2019-08-26T08:26:39+00:00" + "time": "2020-01-25T12:44:29+00:00" }, { "name": "symfony/event-dispatcher", - "version": "v4.3.4", + "version": "v4.4.4", "source": { "type": "git", "url": "https://github.com/symfony/event-dispatcher.git", - "reference": "429d0a1451d4c9c4abe1959b2986b88794b9b7d2" + "reference": "9e3de195e5bc301704dd6915df55892f6dfc208b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/429d0a1451d4c9c4abe1959b2986b88794b9b7d2", - "reference": "429d0a1451d4c9c4abe1959b2986b88794b9b7d2", + "url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/9e3de195e5bc301704dd6915df55892f6dfc208b", + "reference": "9e3de195e5bc301704dd6915df55892f6dfc208b", "shasum": "" }, "require": { @@ -2084,12 +2093,12 @@ }, "require-dev": { "psr/log": "~1.0", - "symfony/config": "~3.4|~4.0", - "symfony/dependency-injection": "~3.4|~4.0", - "symfony/expression-language": "~3.4|~4.0", - "symfony/http-foundation": "^3.4|^4.0", - "symfony/service-contracts": "^1.1", - "symfony/stopwatch": "~3.4|~4.0" + "symfony/config": "^3.4|^4.0|^5.0", + "symfony/dependency-injection": "^3.4|^4.0|^5.0", + "symfony/expression-language": "^3.4|^4.0|^5.0", + "symfony/http-foundation": "^3.4|^4.0|^5.0", + "symfony/service-contracts": "^1.1|^2", + "symfony/stopwatch": "^3.4|^4.0|^5.0" }, "suggest": { "symfony/dependency-injection": "", @@ -2098,7 +2107,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "4.3-dev" + "dev-master": "4.4-dev" } }, "autoload": { @@ -2125,20 +2134,20 @@ ], "description": "Symfony EventDispatcher Component", "homepage": "https://symfony.com", - "time": "2019-08-26T08:55:16+00:00" + "time": "2020-01-10T21:54:01+00:00" }, { "name": "symfony/event-dispatcher-contracts", - "version": "v1.1.5", + "version": "v1.1.7", "source": { "type": "git", "url": "https://github.com/symfony/event-dispatcher-contracts.git", - "reference": "c61766f4440ca687de1084a5c00b08e167a2575c" + "reference": "c43ab685673fb6c8d84220c77897b1d6cdbe1d18" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/event-dispatcher-contracts/zipball/c61766f4440ca687de1084a5c00b08e167a2575c", - "reference": "c61766f4440ca687de1084a5c00b08e167a2575c", + "url": "https://api.github.com/repos/symfony/event-dispatcher-contracts/zipball/c43ab685673fb6c8d84220c77897b1d6cdbe1d18", + "reference": "c43ab685673fb6c8d84220c77897b1d6cdbe1d18", "shasum": "" }, "require": { @@ -2183,30 +2192,30 @@ "interoperability", "standards" ], - "time": "2019-06-20T06:46:26+00:00" + "time": "2019-09-17T09:54:03+00:00" }, { "name": "symfony/filesystem", - "version": "v4.3.4", + "version": "v5.0.4", "source": { "type": "git", "url": "https://github.com/symfony/filesystem.git", - "reference": "9abbb7ef96a51f4d7e69627bc6f63307994e4263" + "reference": "3afadc0f57cd74f86379d073e694b0f2cda2a88c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/filesystem/zipball/9abbb7ef96a51f4d7e69627bc6f63307994e4263", - "reference": "9abbb7ef96a51f4d7e69627bc6f63307994e4263", + "url": "https://api.github.com/repos/symfony/filesystem/zipball/3afadc0f57cd74f86379d073e694b0f2cda2a88c", + "reference": "3afadc0f57cd74f86379d073e694b0f2cda2a88c", "shasum": "" }, "require": { - "php": "^7.1.3", + "php": "^7.2.5", "symfony/polyfill-ctype": "~1.8" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "4.3-dev" + "dev-master": "5.0-dev" } }, "autoload": { @@ -2233,20 +2242,20 @@ ], "description": "Symfony Filesystem Component", "homepage": "https://symfony.com", - "time": "2019-08-20T14:07:54+00:00" + "time": "2020-01-21T08:40:24+00:00" }, { "name": "symfony/polyfill-ctype", - "version": "v1.12.0", + "version": "v1.13.1", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-ctype.git", - "reference": "550ebaac289296ce228a706d0867afc34687e3f4" + "reference": "f8f0b461be3385e56d6de3dbb5a0df24c0c275e3" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/550ebaac289296ce228a706d0867afc34687e3f4", - "reference": "550ebaac289296ce228a706d0867afc34687e3f4", + "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/f8f0b461be3385e56d6de3dbb5a0df24c0c275e3", + "reference": "f8f0b461be3385e56d6de3dbb5a0df24c0c275e3", "shasum": "" }, "require": { @@ -2258,7 +2267,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.12-dev" + "dev-master": "1.13-dev" } }, "autoload": { @@ -2291,20 +2300,20 @@ "polyfill", "portable" ], - "time": "2019-08-06T08:03:45+00:00" + "time": "2019-11-27T13:56:44+00:00" }, { "name": "symfony/polyfill-mbstring", - "version": "v1.12.0", + "version": "v1.13.1", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-mbstring.git", - "reference": "b42a2f66e8f1b15ccf25652c3424265923eb4f17" + "reference": "7b4aab9743c30be783b73de055d24a39cf4b954f" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/b42a2f66e8f1b15ccf25652c3424265923eb4f17", - "reference": "b42a2f66e8f1b15ccf25652c3424265923eb4f17", + "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/7b4aab9743c30be783b73de055d24a39cf4b954f", + "reference": "7b4aab9743c30be783b73de055d24a39cf4b954f", "shasum": "" }, "require": { @@ -2316,7 +2325,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.12-dev" + "dev-master": "1.13-dev" } }, "autoload": { @@ -2350,20 +2359,20 @@ "portable", "shim" ], - "time": "2019-08-06T08:03:45+00:00" + "time": "2019-11-27T14:18:11+00:00" }, { "name": "symfony/polyfill-php73", - "version": "v1.12.0", + "version": "v1.13.1", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php73.git", - "reference": "2ceb49eaccb9352bff54d22570276bb75ba4a188" + "reference": "4b0e2222c55a25b4541305a053013d5647d3a25f" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php73/zipball/2ceb49eaccb9352bff54d22570276bb75ba4a188", - "reference": "2ceb49eaccb9352bff54d22570276bb75ba4a188", + "url": "https://api.github.com/repos/symfony/polyfill-php73/zipball/4b0e2222c55a25b4541305a053013d5647d3a25f", + "reference": "4b0e2222c55a25b4541305a053013d5647d3a25f", "shasum": "" }, "require": { @@ -2372,7 +2381,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.12-dev" + "dev-master": "1.13-dev" } }, "autoload": { @@ -2408,29 +2417,29 @@ "portable", "shim" ], - "time": "2019-08-06T08:03:45+00:00" + "time": "2019-11-27T16:25:15+00:00" }, { "name": "symfony/process", - "version": "v4.3.4", + "version": "v5.0.4", "source": { "type": "git", "url": "https://github.com/symfony/process.git", - "reference": "e89969c00d762349f078db1128506f7f3dcc0d4a" + "reference": "f9ffd870f5ac01abec7b2b5e15f904ca9400ecd1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/process/zipball/e89969c00d762349f078db1128506f7f3dcc0d4a", - "reference": "e89969c00d762349f078db1128506f7f3dcc0d4a", + "url": "https://api.github.com/repos/symfony/process/zipball/f9ffd870f5ac01abec7b2b5e15f904ca9400ecd1", + "reference": "f9ffd870f5ac01abec7b2b5e15f904ca9400ecd1", "shasum": "" }, "require": { - "php": "^7.1.3" + "php": "^7.2.5" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "4.3-dev" + "dev-master": "5.0-dev" } }, "autoload": { @@ -2457,24 +2466,24 @@ ], "description": "Symfony Process Component", "homepage": "https://symfony.com", - "time": "2019-08-26T08:26:39+00:00" + "time": "2020-01-09T09:53:06+00:00" }, { "name": "symfony/service-contracts", - "version": "v1.1.6", + "version": "v2.0.1", "source": { "type": "git", "url": "https://github.com/symfony/service-contracts.git", - "reference": "ea7263d6b6d5f798b56a45a5b8d686725f2719a3" + "reference": "144c5e51266b281231e947b51223ba14acf1a749" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/service-contracts/zipball/ea7263d6b6d5f798b56a45a5b8d686725f2719a3", - "reference": "ea7263d6b6d5f798b56a45a5b8d686725f2719a3", + "url": "https://api.github.com/repos/symfony/service-contracts/zipball/144c5e51266b281231e947b51223ba14acf1a749", + "reference": "144c5e51266b281231e947b51223ba14acf1a749", "shasum": "" }, "require": { - "php": "^7.1.3", + "php": "^7.2.5", "psr/container": "^1.0" }, "suggest": { @@ -2483,7 +2492,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.1-dev" + "dev-master": "2.0-dev" } }, "autoload": { @@ -2515,30 +2524,30 @@ "interoperability", "standards" ], - "time": "2019-08-20T14:44:19+00:00" + "time": "2019-11-18T17:27:11+00:00" }, { "name": "symfony/stopwatch", - "version": "v4.3.4", + "version": "v4.4.4", "source": { "type": "git", "url": "https://github.com/symfony/stopwatch.git", - "reference": "1e4ff456bd625be5032fac9be4294e60442e9b71" + "reference": "abc08d7c48987829bac301347faa10f7e8bbf4fb" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/stopwatch/zipball/1e4ff456bd625be5032fac9be4294e60442e9b71", - "reference": "1e4ff456bd625be5032fac9be4294e60442e9b71", + "url": "https://api.github.com/repos/symfony/stopwatch/zipball/abc08d7c48987829bac301347faa10f7e8bbf4fb", + "reference": "abc08d7c48987829bac301347faa10f7e8bbf4fb", "shasum": "" }, "require": { "php": "^7.1.3", - "symfony/service-contracts": "^1.0" + "symfony/service-contracts": "^1.0|^2" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "4.3-dev" + "dev-master": "4.4-dev" } }, "autoload": { @@ -2565,20 +2574,20 @@ ], "description": "Symfony Stopwatch Component", "homepage": "https://symfony.com", - "time": "2019-08-07T11:52:19+00:00" + "time": "2020-01-04T13:00:46+00:00" }, { "name": "symfony/yaml", - "version": "v4.3.4", + "version": "v4.4.4", "source": { "type": "git", "url": "https://github.com/symfony/yaml.git", - "reference": "5a0b7c32dc3ec56fd4abae8a4a71b0cf05013686" + "reference": "cd014e425b3668220adb865f53bff64b3ad21767" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/yaml/zipball/5a0b7c32dc3ec56fd4abae8a4a71b0cf05013686", - "reference": "5a0b7c32dc3ec56fd4abae8a4a71b0cf05013686", + "url": "https://api.github.com/repos/symfony/yaml/zipball/cd014e425b3668220adb865f53bff64b3ad21767", + "reference": "cd014e425b3668220adb865f53bff64b3ad21767", "shasum": "" }, "require": { @@ -2589,7 +2598,7 @@ "symfony/console": "<3.4" }, "require-dev": { - "symfony/console": "~3.4|~4.0" + "symfony/console": "^3.4|^4.0|^5.0" }, "suggest": { "symfony/console": "For validating YAML files using the lint command" @@ -2597,7 +2606,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "4.3-dev" + "dev-master": "4.4-dev" } }, "autoload": { @@ -2624,35 +2633,33 @@ ], "description": "Symfony Yaml Component", "homepage": "https://symfony.com", - "time": "2019-08-20T14:27:59+00:00" + "time": "2020-01-21T11:12:16+00:00" }, { "name": "webmozart/assert", - "version": "1.5.0", + "version": "1.6.0", "source": { "type": "git", "url": "https://github.com/webmozart/assert.git", - "reference": "88e6d84706d09a236046d686bbea96f07b3a34f4" + "reference": "573381c0a64f155a0d9a23f4b0c797194805b925" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/webmozart/assert/zipball/88e6d84706d09a236046d686bbea96f07b3a34f4", - "reference": "88e6d84706d09a236046d686bbea96f07b3a34f4", + "url": "https://api.github.com/repos/webmozart/assert/zipball/573381c0a64f155a0d9a23f4b0c797194805b925", + "reference": "573381c0a64f155a0d9a23f4b0c797194805b925", "shasum": "" }, "require": { "php": "^5.3.3 || ^7.0", "symfony/polyfill-ctype": "^1.8" }, + "conflict": { + "vimeo/psalm": "<3.6.0" + }, "require-dev": { "phpunit/phpunit": "^4.8.36 || ^7.5.13" }, "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.3-dev" - } - }, "autoload": { "psr-4": { "Webmozart\\Assert\\": "src/" @@ -2674,7 +2681,7 @@ "check", "validate" ], - "time": "2019-08-24T08:43:50+00:00" + "time": "2019-11-24T13:36:37+00:00" } ], "aliases": [], @@ -2686,7 +2693,7 @@ "prefer-stable": false, "prefer-lowest": false, "platform": { - "php": "^5.5.0 || ^7.0" + "php": "^5.6.0 || ^7.0" }, "platform-dev": [] } diff --git a/lib/Controller.php b/lib/Controller.php index a10ffb4..0a3e69c 100644 --- a/lib/Controller.php +++ b/lib/Controller.php @@ -35,7 +35,7 @@ class Controller * * @const string */ - const MIN_PHP_VERSION = '5.5.0'; + const MIN_PHP_VERSION = '5.6.0'; /** * show the same error message if the paste expired or does not exist @@ -276,9 +276,7 @@ class Controller // accessing this method ensures that the paste would be // deleted if it has already expired $paste->get(); - if ( - Filter::slowEquals($deletetoken, $paste->getDeleteToken()) - ) { + if (hash_equals($paste->getDeleteToken(), $deletetoken)) { // Paste exists and deletion token is valid: Delete the paste. $paste->delete(); $this->_status = 'Paste was properly deleted.'; diff --git a/lib/Filter.php b/lib/Filter.php index fd0e11e..cc4a6a2 100644 --- a/lib/Filter.php +++ b/lib/Filter.php @@ -68,23 +68,4 @@ class Filter } return number_format($size, ($i ? 2 : 0), '.', ' ') . ' ' . I18n::_($iec[$i]); } - - /** - * fixed time string comparison operation to prevent timing attacks - * https://crackstation.net/hashing-security.htm?=rd#slowequals - * - * @access public - * @static - * @param string $a - * @param string $b - * @return bool - */ - public static function slowEquals($a, $b) - { - $diff = strlen($a) ^ strlen($b); - for ($i = 0; $i < strlen($a) && $i < strlen($b); ++$i) { - $diff |= ord($a[$i]) ^ ord($b[$i]); - } - return $diff === 0; - } } diff --git a/tst/FilterTest.php b/tst/FilterTest.php index 96097a0..284802f 100644 --- a/tst/FilterTest.php +++ b/tst/FilterTest.php @@ -56,18 +56,4 @@ class FilterTest extends PHPUnit_Framework_TestCase $this->assertEquals('1.00 YiB', Filter::formatHumanReadableSize(1024 * $exponent)); $this->assertEquals('1.21 YiB', Filter::formatHumanReadableSize(1234 * $exponent)); } - - public function testSlowEquals() - { - $this->assertTrue(Filter::slowEquals('foo', 'foo'), 'same string'); - $this->assertFalse(Filter::slowEquals('foo', true), 'string and boolean'); - $this->assertFalse(Filter::slowEquals('foo', 0), 'string and integer'); - $this->assertFalse(Filter::slowEquals('123foo', 123), 'string and integer'); - $this->assertFalse(Filter::slowEquals('123foo', '123'), 'different strings'); - $this->assertFalse(Filter::slowEquals('6', ' 6'), 'strings with space'); - $this->assertFalse(Filter::slowEquals('4.2', '4.20'), 'floats as strings'); - $this->assertFalse(Filter::slowEquals('1e3', '1000'), 'integers as strings'); - $this->assertFalse(Filter::slowEquals('9223372036854775807', '9223372036854775808'), 'large integers as strings'); - $this->assertFalse(Filter::slowEquals('61529519452809720693702583126814', '61529519452809720000000000000000'), 'larger integers as strings'); - } } diff --git a/vendor/yzalis/identicon/src/Identicon/Generator/SvgGenerator.php b/vendor/yzalis/identicon/src/Identicon/Generator/SvgGenerator.php index d654a95..7e753e8 100644 --- a/vendor/yzalis/identicon/src/Identicon/Generator/SvgGenerator.php +++ b/vendor/yzalis/identicon/src/Identicon/Generator/SvgGenerator.php @@ -46,25 +46,28 @@ class SvgGenerator extends BaseGenerator implements GeneratorInterface // prepare image $w = $this->getPixelRatio() * 5; $h = $this->getPixelRatio() * 5; - $svg = ''; + $svg = ''; - $backgroundColor = '#FFFFFF'; + $backgroundColor = '#FFF'; $rgbBackgroundColor = $this->getBackgroundColor(); if (!is_null($rgbBackgroundColor)) { $backgroundColor = $this->_toUnderstandableColor($rgbBackgroundColor); } - $svg .= ''; - $rgbColor = $this->_toUnderstandableColor($this->getColor()); + $svg .= ''; + + $rects = []; // draw content foreach ($this->getArrayOfSquare() as $lineKey => $lineValue) { foreach ($lineValue as $colKey => $colValue) { if (true === $colValue) { - $svg .= ''; + $rects[] = 'M'.$colKey.','.$lineKey.'h1v1h-1v-1'; } } } + $rgbColor = $this->_toUnderstandableColor($this->getColor()); + $svg .= ''; $svg .= ''; $this->generatedImage = $svg; @@ -80,7 +83,7 @@ class SvgGenerator extends BaseGenerator implements GeneratorInterface protected function _toUnderstandableColor($color) { if (is_array($color)) { - return 'rgb('.implode(', ', $color).')'; + return sprintf('#%X%X%X', $color[0], $color[1], $color[2]); } return $color; diff --git a/vendor/yzalis/identicon/src/Identicon/Identicon.php b/vendor/yzalis/identicon/src/Identicon/Identicon.php index 08d32f5..7a8e088 100644 --- a/vendor/yzalis/identicon/src/Identicon/Identicon.php +++ b/vendor/yzalis/identicon/src/Identicon/Identicon.php @@ -46,10 +46,10 @@ class Identicon /** * Display an Identicon image. * - * @param string $string - * @param int $size - * @param string $color - * @param string $backgroundColor + * @param string $string + * @param int $size + * @param string|array $color + * @param string $backgroundColor */ public function displayImage($string, $size = 64, $color = null, $backgroundColor = null) { @@ -60,10 +60,10 @@ class Identicon /** * Get an Identicon PNG image data. * - * @param string $string - * @param int $size - * @param string $color - * @param string $backgroundColor + * @param string $string + * @param int $size + * @param string|array $color + * @param string $backgroundColor * * @return string */ @@ -75,10 +75,10 @@ class Identicon /** * Get an Identicon PNG image resource. * - * @param string $string - * @param int $size - * @param string $color - * @param string $backgroundColor + * @param string $string + * @param int $size + * @param string|array $color + * @param string $backgroundColor * * @return string */ @@ -90,10 +90,10 @@ class Identicon /** * Get an Identicon PNG image data as base 64 encoded. * - * @param string $string - * @param int $size - * @param string $color - * @param string $backgroundColor + * @param string $string + * @param int $size + * @param string|array $color + * @param string $backgroundColor * * @return string */ @@ -101,13 +101,13 @@ class Identicon { return sprintf('data:%s;base64,%s', $this->generator->getMimeType(), base64_encode($this->getImageData($string, $size, $color, $backgroundColor))); } - + /** * Get the color of the Identicon * * Returns an array with RGB values of the Identicon's color. Colors may be NULL if no image has been generated * so far (e.g., when calling the method on a new Identicon()). - * + * * @return array */ public function getColor()