From 94b55b264387e781c81a5d9de9a6af0a7993b6b3 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Wed, 5 Apr 2023 13:12:26 +0000 Subject: [PATCH] External Libraries: Update the Requests library to version 2.0.6. This is a maintenance release with minor changes: * Fix typo in deprecation notice. * Minor internal improvements for passing the correct type to function calls. * Confirmed compatibility with PHP 8.2. No changes were needed, so Requests 2.0.1 and higher can be considered compatible with PHP 8.2. * Various documentation improvements and other general housekeeping. References: * [https://github.com/WordPress/Requests/releases/tag/v2.0.6 Requests 2.0.6 release notes] * [https://github.com/WordPress/Requests/compare/v2.0.5...v2.0.6 Full list of changes in Requests 2.0.6] Follow-up to [54997], [55007], [55046], [55225], [55296]. Props jrf, costdev. Fixes #58079. Built from https://develop.svn.wordpress.org/trunk@55629 git-svn-id: http://core.svn.wordpress.org/trunk@55141 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/Requests/src/Autoload.php | 2 +- wp-includes/Requests/src/Capability.php | 2 +- wp-includes/Requests/src/Cookie.php | 25 +++++++++++-------- wp-includes/Requests/src/Cookie/Jar.php | 7 +++--- wp-includes/Requests/src/IdnaEncoder.php | 12 ++++----- wp-includes/Requests/src/Iri.php | 7 +++--- wp-includes/Requests/src/Requests.php | 10 +++++--- wp-includes/Requests/src/Response.php | 20 +++++++-------- wp-includes/Requests/src/Response/Headers.php | 9 ++++--- wp-includes/Requests/src/Transport/Curl.php | 4 +-- .../Requests/src/Transport/Fsockopen.php | 7 +++++- .../src/Utility/CaseInsensitiveDictionary.php | 2 +- .../Requests/src/Utility/FilteredIterator.php | 21 +++++++++++++--- wp-includes/class-requests.php | 2 +- wp-includes/version.php | 2 +- 15 files changed, 83 insertions(+), 49 deletions(-) diff --git a/wp-includes/Requests/src/Autoload.php b/wp-includes/Requests/src/Autoload.php index 26dd280ee8ab..669ddecafe9d 100644 --- a/wp-includes/Requests/src/Autoload.php +++ b/wp-includes/Requests/src/Autoload.php @@ -166,7 +166,7 @@ public static function load($class_name) { if (!defined('REQUESTS_SILENCE_PSR0_DEPRECATIONS') || REQUESTS_SILENCE_PSR0_DEPRECATIONS !== true) { // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_trigger_error trigger_error( - 'The PSR-0 `Requests_...` class names in the Request library are deprecated.' + 'The PSR-0 `Requests_...` class names in the Requests library are deprecated.' . ' Switch to the PSR-4 `WpOrg\Requests\...` class names at your earliest convenience.', E_USER_DEPRECATED ); diff --git a/wp-includes/Requests/src/Capability.php b/wp-includes/Requests/src/Capability.php index 87b8340a34e9..30572bab2ee7 100644 --- a/wp-includes/Requests/src/Capability.php +++ b/wp-includes/Requests/src/Capability.php @@ -28,7 +28,7 @@ interface Capability { * * Note: this does not automatically mean that the capability will be supported for your chosen transport! * - * @var array + * @var string[] */ const ALL = [ self::SSL, diff --git a/wp-includes/Requests/src/Cookie.php b/wp-includes/Requests/src/Cookie.php index ccbbc73dbc1c..6f971d6dbf2a 100644 --- a/wp-includes/Requests/src/Cookie.php +++ b/wp-includes/Requests/src/Cookie.php @@ -36,8 +36,8 @@ class Cookie { /** * Cookie attributes * - * Valid keys are (currently) path, domain, expires, max-age, secure and - * httponly. + * Valid keys are `'path'`, `'domain'`, `'expires'`, `'max-age'`, `'secure'` and + * `'httponly'`. * * @var \WpOrg\Requests\Utility\CaseInsensitiveDictionary|array Array-like object */ @@ -46,8 +46,7 @@ class Cookie { /** * Cookie flags * - * Valid keys are (currently) creation, last-access, persistent and - * host-only. + * Valid keys are `'creation'`, `'last-access'`, `'persistent'` and `'host-only'`. * * @var array */ @@ -66,11 +65,13 @@ class Cookie { /** * Create a new cookie object * - * @param string $name - * @param string $value + * @param string $name The name of the cookie. + * @param string $value The value for the cookie. * @param array|\WpOrg\Requests\Utility\CaseInsensitiveDictionary $attributes Associative array of attribute data - * @param array $flags - * @param int|null $reference_time + * @param array $flags The flags for the cookie. + * Valid keys are `'creation'`, `'last-access'`, + * `'persistent'` and `'host-only'`. + * @param int|null $reference_time Reference time for relative calculations. * * @throws \WpOrg\Requests\Exception\InvalidArgument When the passed $name argument is not a string. * @throws \WpOrg\Requests\Exception\InvalidArgument When the passed $value argument is not a string. @@ -279,7 +280,11 @@ public function path_matches($request_path) { public function normalize() { foreach ($this->attributes as $key => $value) { $orig_value = $value; - $value = $this->normalize_attribute($key, $value); + + if (is_string($key)) { + $value = $this->normalize_attribute($key, $value); + } + if ($value === null) { unset($this->attributes[$key]); continue; @@ -299,7 +304,7 @@ public function normalize() { * Handles parsing individual attributes from the cookie values. * * @param string $name Attribute name - * @param string|boolean $value Attribute value (string value, or true if empty/flag) + * @param string|int|bool $value Attribute value (string/integer value, or true if empty/flag) * @return mixed Value if available, or null if the attribute value is invalid (and should be skipped) */ protected function normalize_attribute($name, $value) { diff --git a/wp-includes/Requests/src/Cookie/Jar.php b/wp-includes/Requests/src/Cookie/Jar.php index dfbb8b739bd9..7633786b92ae 100644 --- a/wp-includes/Requests/src/Cookie/Jar.php +++ b/wp-includes/Requests/src/Cookie/Jar.php @@ -49,7 +49,8 @@ public function __construct($cookies = []) { /** * Normalise cookie data into a \WpOrg\Requests\Cookie * - * @param string|\WpOrg\Requests\Cookie $cookie + * @param string|\WpOrg\Requests\Cookie $cookie Cookie header value, possibly pre-parsed (object). + * @param string $key Optional. The name for this cookie. * @return \WpOrg\Requests\Cookie */ public function normalize_cookie($cookie, $key = '') { @@ -106,7 +107,7 @@ public function offsetSet($offset, $value) { /** * Unset the given header * - * @param string $offset + * @param string $offset The key for the item to unset. */ #[ReturnTypeWillChange] public function offsetUnset($offset) { @@ -171,7 +172,7 @@ public function before_request($url, &$headers, &$data, &$type, &$options) { /** * Parse all cookies from a response and attach them to the response * - * @param \WpOrg\Requests\Response $response + * @param \WpOrg\Requests\Response $response Response as received. */ public function before_redirect_check(Response $response) { $url = $response->url; diff --git a/wp-includes/Requests/src/IdnaEncoder.php b/wp-includes/Requests/src/IdnaEncoder.php index 094fff3d5231..4257a1acbeff 100644 --- a/wp-includes/Requests/src/IdnaEncoder.php +++ b/wp-includes/Requests/src/IdnaEncoder.php @@ -137,7 +137,7 @@ public static function to_ascii($text) { * * @internal (Testing found regex was the fastest implementation) * - * @param string $text + * @param string $text Text to examine. * @return bool Is the text string ASCII-only? */ protected static function is_ascii($text) { @@ -148,7 +148,7 @@ protected static function is_ascii($text) { * Prepare a text string for use as an IDNA name * * @todo Implement this based on RFC 3491 and the newer 5891 - * @param string $text + * @param string $text Text to prepare. * @return string Prepared string */ protected static function nameprep($text) { @@ -160,7 +160,7 @@ protected static function nameprep($text) { * * Based on \WpOrg\Requests\Iri::replace_invalid_with_pct_encoding() * - * @param string $input + * @param string $input Text to convert. * @return array Unicode code points * * @throws \WpOrg\Requests\Exception Invalid UTF-8 codepoint (`idna.invalidcodepoint`) @@ -329,10 +329,10 @@ public static function punycode_encode($input) { } // output the code point for digit t + ((q - t) mod (base - t)) - $digit = $t + (($q - $t) % (self::BOOTSTRAP_BASE - $t)); + $digit = (int) ($t + (($q - $t) % (self::BOOTSTRAP_BASE - $t))); $output .= self::digit_to_char($digit); // let q = (q - t) div (base - t) - $q = floor(($q - $t) / (self::BOOTSTRAP_BASE - $t)); + $q = (int) floor(($q - $t) / (self::BOOTSTRAP_BASE - $t)); } // end // output the code point for digit q $output .= self::digit_to_char($q); @@ -381,7 +381,7 @@ protected static function digit_to_char($digit) { * @param int $delta * @param int $numpoints * @param bool $firsttime - * @return int New bias + * @return int|float New bias * * function adapt(delta,numpoints,firsttime): */ diff --git a/wp-includes/Requests/src/Iri.php b/wp-includes/Requests/src/Iri.php index 244578d3448c..c452c7365b0f 100644 --- a/wp-includes/Requests/src/Iri.php +++ b/wp-includes/Requests/src/Iri.php @@ -395,11 +395,11 @@ protected function remove_dot_segments($input) { // preceding "/" (if any) from the output buffer; otherwise, elseif (strpos($input, '/../') === 0) { $input = substr($input, 3); - $output = substr_replace($output, '', strrpos($output, '/')); + $output = substr_replace($output, '', (strrpos($output, '/') ?: 0)); } elseif ($input === '/..') { $input = '/'; - $output = substr_replace($output, '', strrpos($output, '/')); + $output = substr_replace($output, '', (strrpos($output, '/') ?: 0)); } // D: if the input buffer consists only of "." or "..", then remove // that from the input buffer; otherwise, @@ -824,7 +824,8 @@ protected function set_authority($authority) { else { $iuserinfo = null; } - if (($port_start = strpos($remaining, ':', strpos($remaining, ']'))) !== false) { + + if (($port_start = strpos($remaining, ':', (strpos($remaining, ']') ?: 0))) !== false) { $port = substr($remaining, $port_start + 1); if ($port === false || $port === '') { $port = null; diff --git a/wp-includes/Requests/src/Requests.php b/wp-includes/Requests/src/Requests.php index a8d9d7e5391a..287bacaaa575 100644 --- a/wp-includes/Requests/src/Requests.php +++ b/wp-includes/Requests/src/Requests.php @@ -148,7 +148,7 @@ class Requests { * * @var string */ - const VERSION = '2.0.5'; + const VERSION = '2.0.6'; /** * Selected transport name @@ -642,12 +642,14 @@ public static function set_certificate_path($path) { /** * Set the default values * + * The $options parameter is updated with the results. + * * @param string $url URL to request * @param array $headers Extra headers to send with the request * @param array|null $data Data to send either as a query string for GET/HEAD requests, or in the body for POST requests * @param string $type HTTP request type * @param array $options Options for the request - * @return void $options is updated with the results + * @return void * * @throws \WpOrg\Requests\Exception When the $url is not an http(s) URL. */ @@ -824,9 +826,11 @@ protected static function parse_response($headers, $url, $req_headers, $req_data * Internal use only. Converts a raw HTTP response to a \WpOrg\Requests\Response * while still executing a multiple request. * + * `$response` is either set to a \WpOrg\Requests\Response instance, or a \WpOrg\Requests\Exception object + * * @param string $response Full response text including headers and body (will be overwritten with Response instance) * @param array $request Request data as passed into {@see \WpOrg\Requests\Requests::request_multiple()} - * @return void `$response` is either set to a \WpOrg\Requests\Response instance, or a \WpOrg\Requests\Exception object + * @return void */ public static function parse_multiple(&$response, $request) { try { diff --git a/wp-includes/Requests/src/Response.php b/wp-includes/Requests/src/Response.php index 8964521a81f8..86a0438bad54 100644 --- a/wp-includes/Requests/src/Response.php +++ b/wp-includes/Requests/src/Response.php @@ -137,16 +137,16 @@ public function throw_for_status($allow_redirects = true) { * * @link https://php.net/json-decode * - * @param ?bool $associative Optional. When `true`, JSON objects will be returned as associative arrays; - * When `false`, JSON objects will be returned as objects. - * When `null`, JSON objects will be returned as associative arrays - * or objects depending on whether `JSON_OBJECT_AS_ARRAY` is set in the flags. - * Defaults to `true` (in contrast to the PHP native default of `null`). - * @param int $depth Optional. Maximum nesting depth of the structure being decoded. - * Defaults to `512`. - * @param int $options Optional. Bitmask of JSON_BIGINT_AS_STRING, JSON_INVALID_UTF8_IGNORE, - * JSON_INVALID_UTF8_SUBSTITUTE, JSON_OBJECT_AS_ARRAY, JSON_THROW_ON_ERROR. - * Defaults to `0` (no options set). + * @param bool|null $associative Optional. When `true`, JSON objects will be returned as associative arrays; + * When `false`, JSON objects will be returned as objects. + * When `null`, JSON objects will be returned as associative arrays + * or objects depending on whether `JSON_OBJECT_AS_ARRAY` is set in the flags. + * Defaults to `true` (in contrast to the PHP native default of `null`). + * @param int $depth Optional. Maximum nesting depth of the structure being decoded. + * Defaults to `512`. + * @param int $options Optional. Bitmask of JSON_BIGINT_AS_STRING, JSON_INVALID_UTF8_IGNORE, + * JSON_INVALID_UTF8_SUBSTITUTE, JSON_OBJECT_AS_ARRAY, JSON_THROW_ON_ERROR. + * Defaults to `0` (no options set). * * @return array * diff --git a/wp-includes/Requests/src/Response/Headers.php b/wp-includes/Requests/src/Response/Headers.php index eb4f68736b8f..b4d0fcf91088 100644 --- a/wp-includes/Requests/src/Response/Headers.php +++ b/wp-includes/Requests/src/Response/Headers.php @@ -27,7 +27,7 @@ class Headers extends CaseInsensitiveDictionary { * Avoid using this where commas may be used unquoted in values, such as * Set-Cookie headers. * - * @param string $offset + * @param string $offset Name of the header to retrieve. * @return string|null Header value */ public function offsetGet($offset) { @@ -69,7 +69,7 @@ public function offsetSet($offset, $value) { /** * Get all values for a given header * - * @param string $offset + * @param string $offset Name of the header to retrieve. * @return array|null Header values * * @throws \WpOrg\Requests\Exception\InvalidArgument When the passed argument is not valid as an array key. @@ -79,7 +79,10 @@ public function getValues($offset) { throw InvalidArgument::create(1, '$offset', 'string|int', gettype($offset)); } - $offset = strtolower($offset); + if (is_string($offset)) { + $offset = strtolower($offset); + } + if (!isset($this->data[$offset])) { return null; } diff --git a/wp-includes/Requests/src/Transport/Curl.php b/wp-includes/Requests/src/Transport/Curl.php index 8b0a13080e43..7316987b5fae 100644 --- a/wp-includes/Requests/src/Transport/Curl.php +++ b/wp-includes/Requests/src/Transport/Curl.php @@ -465,7 +465,7 @@ private function setup_handle($url, $headers, $data, $options) { * @param string $response Response data from the body * @param array $options Request options * @return string|false HTTP response data including headers. False if non-blocking. - * @throws \WpOrg\Requests\Exception + * @throws \WpOrg\Requests\Exception If the request resulted in a cURL error. */ public function process_response($response, $options) { if ($options['blocking'] === false) { @@ -561,7 +561,7 @@ public function stream_body($handle, $data) { /** * Format a URL given GET data * - * @param string $url + * @param string $url Original URL. * @param array|object $data Data to build query using, see {@link https://www.php.net/http_build_query} * @return string URL with data */ diff --git a/wp-includes/Requests/src/Transport/Fsockopen.php b/wp-includes/Requests/src/Transport/Fsockopen.php index c3bd4a63d5db..2b53d0c10c4b 100644 --- a/wp-includes/Requests/src/Transport/Fsockopen.php +++ b/wp-includes/Requests/src/Transport/Fsockopen.php @@ -51,6 +51,11 @@ final class Fsockopen implements Transport { */ private $max_bytes = false; + /** + * Cache for received connection errors. + * + * @var string + */ private $connect_error = ''; /** @@ -405,7 +410,7 @@ private static function accept_encoding() { /** * Format a URL given GET data * - * @param array $url_parts + * @param array $url_parts Array of URL parts as received from {@link https://www.php.net/parse_url} * @param array|object $data Data to build query using, see {@link https://www.php.net/http_build_query} * @return string URL with data */ diff --git a/wp-includes/Requests/src/Utility/CaseInsensitiveDictionary.php b/wp-includes/Requests/src/Utility/CaseInsensitiveDictionary.php index 3c24cebd4fc5..0e1a914cd64a 100644 --- a/wp-includes/Requests/src/Utility/CaseInsensitiveDictionary.php +++ b/wp-includes/Requests/src/Utility/CaseInsensitiveDictionary.php @@ -95,7 +95,7 @@ public function offsetSet($offset, $value) { /** * Unset the given header * - * @param string $offset + * @param string $offset The key for the item to unset. */ #[ReturnTypeWillChange] public function offsetUnset($offset) { diff --git a/wp-includes/Requests/src/Utility/FilteredIterator.php b/wp-includes/Requests/src/Utility/FilteredIterator.php index 973a5d25a515..4865966c41e9 100644 --- a/wp-includes/Requests/src/Utility/FilteredIterator.php +++ b/wp-includes/Requests/src/Utility/FilteredIterator.php @@ -28,7 +28,7 @@ final class FilteredIterator extends ArrayIterator { /** * Create a new iterator * - * @param array $data + * @param array $data The array or object to be iterated on. * @param callable $callback Callback to be called on each value * * @throws \WpOrg\Requests\Exception\InvalidArgument When the passed $data argument is not iterable. @@ -46,14 +46,25 @@ public function __construct($data, $callback) { } /** - * @inheritdoc + * Prevent unserialization of the object for security reasons. * * @phpcs:disable PHPCompatibility.FunctionNameRestrictions.NewMagicMethods.__unserializeFound + * + * @param array $data Restored array of data originally serialized. + * + * @return void */ #[ReturnTypeWillChange] public function __unserialize($data) {} // phpcs:enable + /** + * Perform reinitialization tasks. + * + * Prevents a callback from being injected during unserialization of an object. + * + * @return void + */ public function __wakeup() { unset($this->callback); } @@ -75,7 +86,11 @@ public function current() { } /** - * @inheritdoc + * Prevent creating a PHP value from a stored representation of the object for security reasons. + * + * @param string $data The serialized string. + * + * @return void */ #[ReturnTypeWillChange] public function unserialize($data) {} diff --git a/wp-includes/class-requests.php b/wp-includes/class-requests.php index 47ef04ff621b..4b062525b956 100644 --- a/wp-includes/class-requests.php +++ b/wp-includes/class-requests.php @@ -19,7 +19,7 @@ if (!defined('REQUESTS_SILENCE_PSR0_DEPRECATIONS') || REQUESTS_SILENCE_PSR0_DEPRECATIONS !== true) { // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_trigger_error trigger_error( - 'The PSR-0 `Requests_...` class names in the Request library are deprecated.' + 'The PSR-0 `Requests_...` class names in the Requests library are deprecated.' . ' Switch to the PSR-4 `WpOrg\Requests\...` class names at your earliest convenience.', E_USER_DEPRECATED ); diff --git a/wp-includes/version.php b/wp-includes/version.php index ed626250bc0d..9c404e5b7598 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '6.3-alpha-55628'; +$wp_version = '6.3-alpha-55629'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.