diff --git a/app/Console/Commands/Upgrade/UpgradeDatabase.php b/app/Console/Commands/Upgrade/UpgradeDatabase.php index 49d7a4c9eb..bb42563c06 100644 --- a/app/Console/Commands/Upgrade/UpgradeDatabase.php +++ b/app/Console/Commands/Upgrade/UpgradeDatabase.php @@ -105,6 +105,7 @@ class UpgradeDatabase extends Command // instructions 'firefly:instructions update', + 'firefly-iii:verify-security-alerts' ]; $args = []; if ($this->option('force')) { diff --git a/app/Console/Commands/VerifySecurityAlerts.php b/app/Console/Commands/VerifySecurityAlerts.php index c9e4cc736e..6ec0ebf651 100644 --- a/app/Console/Commands/VerifySecurityAlerts.php +++ b/app/Console/Commands/VerifySecurityAlerts.php @@ -4,6 +4,7 @@ namespace FireflyIII\Console\Commands; use Illuminate\Console\Command; use Storage; +use Log; /** * Class VerifySecurityAlerts @@ -49,6 +50,7 @@ class VerifySecurityAlerts extends Command $version = config('firefly.version'); $disk = Storage::disk('resources'); if (!$disk->has('alerts.json')) { + Log::debug('No alerts.json file present.'); return 0; } $content = $disk->get('alerts.json'); @@ -56,24 +58,27 @@ class VerifySecurityAlerts extends Command /** @var array $array */ foreach ($json as $array) { - // overrule array: if ($version === $array['version'] && true === $array['advisory']) { + Log::debug(sprintf('Version %s has an alert!', $array['version'])); // add advisory to configuration. app('fireflyconfig')->set('upgrade_security_message', $array['message']); app('fireflyconfig')->set('upgrade_security_level', $array['level']); // depends on level if ('info' === $array['level']) { + Log::debug('INFO level alert'); $this->info($array['message']); return 0; } if ('warning' === $array['level']) { + Log::debug('WARNING level alert'); $this->warn('------------------------ :o'); $this->warn($array['message']); $this->warn('------------------------ :o'); return 0; } if ('danger' === $array['level']) { + Log::debug('DANGER level alert'); $this->error('------------------------ :-('); $this->error($array['message']); $this->error('------------------------ :-('); @@ -83,6 +88,7 @@ class VerifySecurityAlerts extends Command return 0; } } + Log::debug('This version is not mentioned.'); return 0; } diff --git a/app/Http/Controllers/System/InstallController.php b/app/Http/Controllers/System/InstallController.php index 6740e11ba4..ddeeafa4e3 100644 --- a/app/Http/Controllers/System/InstallController.php +++ b/app/Http/Controllers/System/InstallController.php @@ -111,6 +111,7 @@ class InstallController extends Controller // final command to set latest version in DB 'firefly-iii:set-latest-version' => ['--james-is-cool' => true], + 'firefly-iii:verify-security-alerts' => [], ]; $this->lastError = ''; diff --git a/composer.json b/composer.json index 330c6702ac..d002a0b699 100644 --- a/composer.json +++ b/composer.json @@ -200,10 +200,12 @@ "@php artisan firefly-iii:restore-oauth-keys", "@php artisan firefly-iii:set-latest-version --james-is-cool", "@php artisan firefly:instructions update", + "@php artisan firefly-iii:verify-security-alerts", "@php artisan passport:install" ], "post-install-cmd": [ - "@php artisan firefly:instructions install" + "@php artisan firefly:instructions install", + "@php artisan firefly-iii:verify-security-alerts" ] }, "config": { diff --git a/composer.lock b/composer.lock index 181c5dee3f..2d856e50c2 100644 --- a/composer.lock +++ b/composer.lock @@ -1680,16 +1680,16 @@ }, { "name": "laravel/framework", - "version": "v8.45.1", + "version": "v8.46.0", "source": { "type": "git", "url": "https://github.com/laravel/framework.git", - "reference": "dc2f0bb02c3eb4b27669d626bb3e810db8e7749d" + "reference": "a18266c612e0e6aba5e0174b3c873d2d217dccfb" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/laravel/framework/zipball/dc2f0bb02c3eb4b27669d626bb3e810db8e7749d", - "reference": "dc2f0bb02c3eb4b27669d626bb3e810db8e7749d", + "url": "https://api.github.com/repos/laravel/framework/zipball/a18266c612e0e6aba5e0174b3c873d2d217dccfb", + "reference": "a18266c612e0e6aba5e0174b3c873d2d217dccfb", "shasum": "" }, "require": { @@ -1844,7 +1844,7 @@ "issues": "https://github.com/laravel/framework/issues", "source": "https://github.com/laravel/framework" }, - "time": "2021-06-03T16:39:17+00:00" + "time": "2021-06-08T13:36:46+00:00" }, { "name": "laravel/passport", @@ -2831,16 +2831,16 @@ }, { "name": "nesbot/carbon", - "version": "2.48.1", + "version": "2.49.0", "source": { "type": "git", "url": "https://github.com/briannesbitt/Carbon.git", - "reference": "8d1f50f1436fb4b05e7127360483dd9c6e73da16" + "reference": "93d9db91c0235c486875d22f1e08b50bdf3e6eee" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/8d1f50f1436fb4b05e7127360483dd9c6e73da16", - "reference": "8d1f50f1436fb4b05e7127360483dd9c6e73da16", + "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/93d9db91c0235c486875d22f1e08b50bdf3e6eee", + "reference": "93d9db91c0235c486875d22f1e08b50bdf3e6eee", "shasum": "" }, "require": { @@ -2920,7 +2920,7 @@ "type": "tidelift" } ], - "time": "2021-05-26T22:08:38+00:00" + "time": "2021-06-02T07:31:40+00:00" }, { "name": "nyholm/psr7", @@ -7285,16 +7285,16 @@ }, { "name": "composer/ca-bundle", - "version": "1.2.9", + "version": "1.2.10", "source": { "type": "git", "url": "https://github.com/composer/ca-bundle.git", - "reference": "78a0e288fdcebf92aa2318a8d3656168da6ac1a5" + "reference": "9fdb22c2e97a614657716178093cd1da90a64aa8" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/composer/ca-bundle/zipball/78a0e288fdcebf92aa2318a8d3656168da6ac1a5", - "reference": "78a0e288fdcebf92aa2318a8d3656168da6ac1a5", + "url": "https://api.github.com/repos/composer/ca-bundle/zipball/9fdb22c2e97a614657716178093cd1da90a64aa8", + "reference": "9fdb22c2e97a614657716178093cd1da90a64aa8", "shasum": "" }, "require": { @@ -7341,7 +7341,7 @@ "support": { "irc": "irc://irc.freenode.org/composer", "issues": "https://github.com/composer/ca-bundle/issues", - "source": "https://github.com/composer/ca-bundle/tree/1.2.9" + "source": "https://github.com/composer/ca-bundle/tree/1.2.10" }, "funding": [ { @@ -7357,20 +7357,20 @@ "type": "tidelift" } ], - "time": "2021-01-12T12:10:35+00:00" + "time": "2021-06-07T13:58:28+00:00" }, { "name": "composer/composer", - "version": "2.1.1", + "version": "2.1.3", "source": { "type": "git", "url": "https://github.com/composer/composer.git", - "reference": "e338749d4e6cc97e1136c210ce0212d4a59e3a58" + "reference": "fc5c4573aafce3a018eb7f1f8f91cea423970f2e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/composer/composer/zipball/e338749d4e6cc97e1136c210ce0212d4a59e3a58", - "reference": "e338749d4e6cc97e1136c210ce0212d4a59e3a58", + "url": "https://api.github.com/repos/composer/composer/zipball/fc5c4573aafce3a018eb7f1f8f91cea423970f2e", + "reference": "fc5c4573aafce3a018eb7f1f8f91cea423970f2e", "shasum": "" }, "require": { @@ -7439,7 +7439,7 @@ "support": { "irc": "irc://irc.freenode.org/composer", "issues": "https://github.com/composer/composer/issues", - "source": "https://github.com/composer/composer/tree/2.1.1" + "source": "https://github.com/composer/composer/tree/2.1.3" }, "funding": [ { @@ -7455,7 +7455,7 @@ "type": "tidelift" } ], - "time": "2021-06-04T06:46:46+00:00" + "time": "2021-06-09T14:31:20+00:00" }, { "name": "composer/metadata-minifier", @@ -8839,16 +8839,16 @@ }, { "name": "phpstan/phpstan", - "version": "0.12.88", + "version": "0.12.89", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "464d1a81af49409c41074aa6640ed0c4cbd9bb68" + "reference": "54c0f5a6c30511b77128d58b6369f718df250542" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/464d1a81af49409c41074aa6640ed0c4cbd9bb68", - "reference": "464d1a81af49409c41074aa6640ed0c4cbd9bb68", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/54c0f5a6c30511b77128d58b6369f718df250542", + "reference": "54c0f5a6c30511b77128d58b6369f718df250542", "shasum": "" }, "require": { @@ -8879,13 +8879,17 @@ "description": "PHPStan - PHP Static Analysis Tool", "support": { "issues": "https://github.com/phpstan/phpstan/issues", - "source": "https://github.com/phpstan/phpstan/tree/0.12.88" + "source": "https://github.com/phpstan/phpstan/tree/0.12.89" }, "funding": [ { "url": "https://github.com/ondrejmirtes", "type": "github" }, + { + "url": "https://github.com/phpstan", + "type": "github" + }, { "url": "https://www.patreon.com/phpstan", "type": "patreon" @@ -8895,7 +8899,7 @@ "type": "tidelift" } ], - "time": "2021-05-17T12:24:49+00:00" + "time": "2021-06-09T20:23:49+00:00" }, { "name": "phpstan/phpstan-deprecation-rules", @@ -9425,18 +9429,19 @@ "source": { "type": "git", "url": "https://github.com/Roave/SecurityAdvisories.git", - "reference": "9460a22455b82b353d2212fecedebcf73b141baa" + "reference": "ba841897ca44f2ef8eff82d0edf3d6681f0e9875" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/9460a22455b82b353d2212fecedebcf73b141baa", - "reference": "9460a22455b82b353d2212fecedebcf73b141baa", + "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/ba841897ca44f2ef8eff82d0edf3d6681f0e9875", + "reference": "ba841897ca44f2ef8eff82d0edf3d6681f0e9875", "shasum": "" }, "conflict": { "3f/pygmentize": "<1.2", "adodb/adodb-php": "<5.20.12", "alterphp/easyadmin-extension-bundle": ">=1.2,<1.2.11|>=1.3,<1.3.1", + "amazing/media2click": ">=1,<1.3.3", "amphp/artax": "<1.0.6|>=2,<2.0.6", "amphp/http": "<1.0.1", "amphp/http-client": ">=4,<4.4", @@ -9446,7 +9451,7 @@ "bagisto/bagisto": "<0.1.5", "barrelstrength/sprout-base-email": "<1.2.7", "barrelstrength/sprout-forms": "<3.9", - "baserproject/basercms": ">=4,<=4.3.6|>=4.4,<4.4.1", + "baserproject/basercms": "<4.4.5", "bk2k/bootstrap-package": ">=7.1,<7.1.2|>=8,<8.0.8|>=9,<9.0.4|>=9.1,<9.1.3|>=10,<10.0.10|>=11,<11.0.3", "bolt/bolt": "<3.7.2", "bolt/core": "<4.1.13", @@ -9456,7 +9461,7 @@ "cakephp/cakephp": ">=1.3,<1.3.18|>=2,<2.4.99|>=2.5,<2.5.99|>=2.6,<2.6.12|>=2.7,<2.7.6|>=3,<3.5.18|>=3.6,<3.6.15|>=3.7,<3.7.7", "cart2quote/module-quotation": ">=4.1.6,<=4.4.5|>=5,<5.4.4", "cartalyst/sentry": "<=2.1.6", - "centreon/centreon": "<18.10.8|>=19,<19.4.5", + "centreon/centreon": "<20.10.7", "cesnet/simplesamlphp-module-proxystatistics": "<3.1", "codeigniter/framework": "<=3.0.6", "composer/composer": "<1.10.22|>=2-alpha.1,<2.0.13", @@ -9501,7 +9506,9 @@ "ezsystems/repository-forms": ">=2.3,<2.3.2.1", "ezyang/htmlpurifier": "<4.1.1", "facade/ignition": "<1.16.14|>=2,<2.4.2|>=2.5,<2.5.2", + "feehi/cms": "<=2.1.1", "firebase/php-jwt": "<2", + "flarum/core": ">=1,<=1.0.1", "flarum/sticky": ">=0.1-beta.14,<=0.1-beta.15", "flarum/tags": "<=0.1-beta.13", "fluidtypo3/vhs": "<5.1.1", @@ -9514,7 +9521,7 @@ "friendsofsymfony/user-bundle": ">=1.2,<1.3.5", "friendsoftypo3/mediace": ">=7.6.2,<7.6.5", "fuel/core": "<1.8.1", - "getgrav/grav": "<1.7.11", + "getgrav/grav": "<=1.7.10", "getkirby/cms": "<3.5.4", "getkirby/panel": "<2.5.14", "gos/web-socket-bundle": "<1.10.4|>=2,<2.6.1|>=3,<3.3", @@ -9537,6 +9544,7 @@ "klaviyo/magento2-extension": ">=1,<3", "kreait/firebase-php": ">=3.2,<3.8.1", "la-haute-societe/tcpdf": "<6.2.22", + "laminas/laminas-http": "<2.14.2", "laravel/framework": "<6.20.26|>=7,<8.40", "laravel/socialite": ">=1,<1.0.99|>=2,<2.0.10", "league/commonmark": "<0.18.3", @@ -9624,7 +9632,7 @@ "silverstripe/comments": ">=1.3,<1.9.99|>=2,<2.9.99|>=3,<3.1.1", "silverstripe/forum": "<=0.6.1|>=0.7,<=0.7.3", "silverstripe/framework": "<4.4.7|>=4.5,<4.5.4", - "silverstripe/graphql": ">=2,<2.0.5|>=3,<3.1.2|>=3.2,<3.2.4", + "silverstripe/graphql": "<=3.5", "silverstripe/registry": ">=2.1,<2.1.2|>=2.2,<2.2.1", "silverstripe/restfulserver": ">=1,<1.0.9|>=2,<2.0.4", "silverstripe/subsites": ">=2,<2.1.1", @@ -9682,12 +9690,14 @@ "symfony/var-exporter": ">=4.2,<4.2.12|>=4.3,<4.3.8", "symfony/web-profiler-bundle": ">=2,<2.3.19|>=2.4,<2.4.9|>=2.5,<2.5.4", "symfony/yaml": ">=2,<2.0.22|>=2.1,<2.1.7", + "t3/dce": ">=2.2,<2.6.2", "t3g/svg-sanitizer": "<1.0.3", "tecnickcom/tcpdf": "<6.2.22", "thelia/backoffice-default-template": ">=2.1,<2.1.2", "thelia/thelia": ">=2.1-beta.1,<2.1.3", "theonedemon/phpwhois": "<=4.2.5", "titon/framework": ">=0,<9.9.99", + "tribalsystems/zenario": "<8.8.53370", "truckersmp/phpwhois": "<=4.3.1", "twig/twig": "<1.38|>=2,<2.7", "typo3/cms": ">=6.2,<6.2.30|>=7,<7.6.32|>=8,<8.7.38|>=9,<9.5.25|>=10,<10.4.14|>=11,<11.1.1", @@ -9736,7 +9746,7 @@ "zendframework/zend-validator": ">=2.3,<2.3.6", "zendframework/zend-view": ">=2,<2.2.7|>=2.3,<2.3.1", "zendframework/zend-xmlrpc": ">=2.1,<2.1.6|>=2.2,<2.2.6", - "zendframework/zendframework": "<2.5.1", + "zendframework/zendframework": "<=3", "zendframework/zendframework1": "<1.12.20", "zendframework/zendopenid": ">=2,<2.0.2", "zendframework/zendxml": ">=1,<1.0.1", @@ -9778,7 +9788,7 @@ "type": "tidelift" } ], - "time": "2021-06-01T22:04:47+00:00" + "time": "2021-06-10T17:35:36+00:00" }, { "name": "sebastian/cli-parser", @@ -10286,16 +10296,16 @@ }, { "name": "sebastian/global-state", - "version": "5.0.2", + "version": "5.0.3", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/global-state.git", - "reference": "a90ccbddffa067b51f574dea6eb25d5680839455" + "reference": "23bd5951f7ff26f12d4e3242864df3e08dec4e49" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/a90ccbddffa067b51f574dea6eb25d5680839455", - "reference": "a90ccbddffa067b51f574dea6eb25d5680839455", + "url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/23bd5951f7ff26f12d4e3242864df3e08dec4e49", + "reference": "23bd5951f7ff26f12d4e3242864df3e08dec4e49", "shasum": "" }, "require": { @@ -10338,7 +10348,7 @@ ], "support": { "issues": "https://github.com/sebastianbergmann/global-state/issues", - "source": "https://github.com/sebastianbergmann/global-state/tree/5.0.2" + "source": "https://github.com/sebastianbergmann/global-state/tree/5.0.3" }, "funding": [ { @@ -10346,7 +10356,7 @@ "type": "github" } ], - "time": "2020-10-26T15:55:19+00:00" + "time": "2021-06-11T13:31:12+00:00" }, { "name": "sebastian/lines-of-code", @@ -11115,5 +11125,5 @@ "ext-xml": "*" }, "platform-dev": [], - "plugin-api-version": "2.0.0" + "plugin-api-version": "2.1.0" }