Merge branch 'release-0.25.0'

.github/workflows/integrate.yml

@@ -72,6 +72,7 @@ jobs:
     strategy:
       matrix:
         php-version:
+          - "8.4"
           - "8.3"
           - "8.2"
           - "8.1"

CHANGELOG.md

@@ -1,5 +1,18 @@
 # BC Security Changelog
 
+## Version 0.25.0 (2024-10-28)
+
+This release has been tested with PHP 8.4.
+
+### Added
+
+* Plugin has been tested with PHP 8.4 [#163](https://github.com/chesio/bc-security/issues/163).
+* Plugin has been tested with WordPress 6.7 [#162](https://github.com/chesio/bc-security/issues/162).
+
+### Changed
+
+* End-of-life dates for supported PHP versions have been updated [#164](https://github.com/chesio/bc-security/issues/164).
+
 ## Version 0.24.0 (2024-07-29)
 
 WordPress 6.4 or newer is now required!

README.md

@@ -123,7 +123,7 @@ BC Security allows you to:
 1. Disable pingbacks
 2. Disable XML RPC methods that require authentication
 3. Disable application passwords
-4. Prevent usernames discovery via [REST API requests](https://developer.wordpress.org/rest-api/reference/users/) and [username eumeration](https://hackertarget.com/wordpress-user-enumeration/)
+4. Prevent usernames discovery via [REST API requests](https://developer.wordpress.org/rest-api/reference/users/) and [username enumeration](https://hackertarget.com/wordpress-user-enumeration/)
 5. Disable login with email or login with username to reduce risk from brute-force or [credential stuffing attacks](https://owasp.org/www-community/attacks/Credential_stuffing).
 6. Check and/or validate user passwords using [Pwned Passwords](https://haveibeenpwned.com/Passwords) database and [API](https://haveibeenpwned.com/API/v2#PwnedPasswords)
 

bc-security.php

@@ -4,12 +4,12 @@
  * Plugin Name: BC Security
  * Plugin URI: https://github.com/chesio/bc-security
  * Description: Helps keeping WordPress websites secure.
- * Version: 0.24.0
+ * Version: 0.25.0
  * Author: Česlav Przywara <[email protected]>
  * Author URI: https://www.chesio.com
  * Requires PHP: 8.1
  * Requires at least: 6.4
- * Tested up to: 6.6
+ * Tested up to: 6.7
  * Text Domain: bc-security
  * GitHub Plugin URI: https://github.com/chesio/bc-security
  * Update URI: https://github.com/chesio/bc-security

classes/BlueChip/Security/Helpers/Plugin.php

@@ -161,7 +161,7 @@ public static function getPluginsInstalledFromWordPressOrg(): array
     {
         // We're using some wp-admin stuff here, so make sure it's available.
         if (!\function_exists('get_plugins')) {
-            require_once ABSPATH . 'wp-admin/includes/plugin.php';
+            require_once ABSPATH . 'wp-admin/includes/plugin.php'; // @phpstan-ignore-line
         }
 
         $wordpress_org_plugins = \array_filter(

classes/BlueChip/Security/Modules/Checklist/Checks/PhpVersionSupported.php

@@ -14,9 +14,10 @@ class PhpVersionSupported extends Checklist\BasicCheck
      * @link https://www.php.net/supported-versions.php
      */
     private const SUPPORTED_VERSIONS = [
-        '8.1' => '2024-11-25',
-        '8.2' => '2025-12-08',
-        '8.3' => '2026-11-23',
+        '8.1' => '2025-12-31',
+        '8.2' => '2026-12-31',
+        '8.3' => '2027-12-31',
+        '8.4' => '2028-12-31',
     ];
 
 

classes/BlueChip/Security/Modules/InternalBlocklist/HtaccessSynchronizer.php

@@ -47,7 +47,7 @@ public function extract(): array
         }
 
         if (!\function_exists('extract_from_markers')) {
-            require_once ABSPATH . 'wp-admin/includes/misc.php';
+            require_once ABSPATH . 'wp-admin/includes/misc.php'; // @phpstan-ignore-line
         }
 
         $lines = extract_from_markers($this->htaccess_file, self::MARKER);
@@ -79,7 +79,7 @@ public function insert(array $blocked_ip_addresses): bool
         }
 
         if (!\function_exists('insert_with_markers')) {
-            require_once ABSPATH . 'wp-admin/includes/misc.php';
+            require_once ABSPATH . 'wp-admin/includes/misc.php'; // @phpstan-ignore-line
         }
 
         // Prepare rules for given IP addresses.

classes/BlueChip/Security/Modules/InternalBlocklist/Manager.php

@@ -67,7 +67,7 @@ public function __construct(private wpdb $wpdb, private HtaccessSynchronizer $ht
     public function install(): void
     {
         // To have dbDelta()
-        require_once ABSPATH . 'wp-admin/includes/upgrade.php';
+        require_once ABSPATH . 'wp-admin/includes/upgrade.php'; // @phpstan-ignore-line
 
         $charset_collate = $this->wpdb->get_charset_collate();
 

classes/BlueChip/Security/Modules/Log/Logger.php

@@ -59,7 +59,7 @@ public function __construct(private wpdb $wpdb, private string $remote_address,
     public function install(): void
     {
         // To have dbDelta()
-        require_once ABSPATH . 'wp-admin/includes/upgrade.php';
+        require_once ABSPATH . 'wp-admin/includes/upgrade.php'; // @phpstan-ignore-line
 
         $charset_collate = $this->wpdb->get_charset_collate();
 

classes/BlueChip/Security/Modules/Login/Bookkeeper.php

@@ -45,7 +45,7 @@ public function __construct(private Settings $settings, private wpdb $wpdb)
     public function install(): void
     {
         // To have dbDelta()
-        require_once ABSPATH . 'wp-admin/includes/upgrade.php';
+        require_once ABSPATH . 'wp-admin/includes/upgrade.php'; // @phpstan-ignore-line
 
         $charset_collate = $this->wpdb->get_charset_collate();