From 8ebd28f610fbd6b17c37bf5706df90132b52d339 Mon Sep 17 00:00:00 2001 From: JiaJia Ji Date: Fri, 26 Apr 2024 14:09:37 +0200 Subject: [PATCH 1/2] Update SECURITY.md (#534) --- SECURITY.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 6b6917f5..15268a00 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -4,7 +4,9 @@ If you think that you have found a security issue, don’t use the bug tracker and don’t publish it publicly. -Instead, all security issues must be reported via 📫 to [security-issue@pimcore.com](mailto:security-issue@pimcore.com). +Instead, all security issues must be reported via a private vulnerability report. + +Please follow the [instructions](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) to submit a private report. ## Resolving Process @@ -18,4 +20,3 @@ Every submitted security issue is handled with top priority by following these s 6. Patch reviewing 7. Tagging a new release for supported versions 8. Publish security announcement - From be8498ffb3b0a8af760928c499c16af3e54bbb12 Mon Sep 17 00:00:00 2001 From: Sebastian Blank Date: Fri, 7 Jun 2024 14:10:33 +0200 Subject: [PATCH 2/2] Add rybakit/twig-deferred-extension to composer.json (#531) --- composer.json | 14 +++++++++----- src/Resources/config/services_templating.yml | 7 ++++++- src/Resources/views/layout.html.twig | 4 ++-- 3 files changed, 17 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index afef31f2..9bdd41c6 100644 --- a/composer.json +++ b/composer.json @@ -14,13 +14,13 @@ }, "require": { "php": "~8.1.0 || ~8.2.0", - "openspout/openspout": "^4.0", "doctrine/dbal": "^3.4.2", "doctrine/migrations": "^3.0.2", "dragonmantank/cron-expression": "^3.0.2", "drewm/mailchimp-api": "^2.2", "guzzlehttp/guzzle": "^7.2", "knplabs/knp-components": "^4.0", + "openspout/openspout": "^4.0", "pear/archive_tar": "^1.4.14", "pimcore/newsletter-bundle": "^1.0", "pimcore/number-sequence-generator": "^2.0", @@ -29,6 +29,7 @@ "pimcore/pimcore": "^11.0", "pimcore/search-query-parser": "^1.3", "pimcore/personalization-bundle": "^1.0", + "rybakit/twig-deferred-extension": "^3.0", "symfony/asset": "^6.2", "symfony/config": "^6.2", "symfony/console": "^6.2", @@ -44,17 +45,20 @@ "symfony/stopwatch": "^6.2" }, "require-dev": { - "phpunit/phpunit": "^9.5", "codeception/codeception": "^5.0.3", "codeception/module-symfony": "^3.1.0", "codeception/phpunit-wrapper": "^9", "php-http/guzzle7-adapter": "^0.1.1", "phpstan/phpstan": "^1.9", - "phpstan/phpstan-symfony": "^1.2.14" + "phpstan/phpstan-symfony": "^1.2.14", + "phpunit/phpunit": "^9.5" + }, + "conflict": { + "twig/twig": "^3.9.0" }, "suggest": { - "php-http/httplug-bundle": "^1.20.0", - "php-http/guzzle7-adapter": "^0.1.1" + "php-http/guzzle7-adapter": "^0.1.1", + "php-http/httplug-bundle": "^1.20.0" }, "autoload": { "psr-4": { diff --git a/src/Resources/config/services_templating.yml b/src/Resources/config/services_templating.yml index 51afc04f..9901b224 100644 --- a/src/Resources/config/services_templating.yml +++ b/src/Resources/config/services_templating.yml @@ -6,4 +6,9 @@ services: CustomerManagementFrameworkBundle\Twig\Extension\CmfUrlUtilsExtension: autowire: true - tags: [ 'twig.extension' ] \ No newline at end of file + tags: [ 'twig.extension' ] + + # the deferred extension is needed for placeholder helpers to work + # as otherwise the placeholder block would be rendered before any + # content was added (e.g. headTitle) + Twig\DeferredExtension\DeferredExtension: ~ diff --git a/src/Resources/views/layout.html.twig b/src/Resources/views/layout.html.twig index b32093c4..57e7b388 100644 --- a/src/Resources/views/layout.html.twig +++ b/src/Resources/views/layout.html.twig @@ -13,7 +13,7 @@ {% endapply %} {% block head_stylesheets deferred %} - {{ pimcore_head_link() }} + {{ pimcore_head_link() }} {% endblock %} @@ -35,7 +35,7 @@ {% endapply %} {% block headscripts deferred %} -{{ pimcore_head_script() }} + {{ pimcore_head_script() }} {% endblock %}