diff --git a/.github/workflows/integrate.yml b/.github/workflows/integrate.yml index 3b9b30b..25a67f8 100644 --- a/.github/workflows/integrate.yml +++ b/.github/workflows/integrate.yml @@ -72,6 +72,7 @@ jobs: strategy: matrix: php-version: + - "8.4" - "8.3" - "8.2" - "8.1" diff --git a/CHANGELOG.md b/CHANGELOG.md index 0e8b1f7..6d061d2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,18 @@ # BC Security Changelog +## Version 0.25.0 (2024-10-28) + +This release has been tested with PHP 8.4. + +### Added + +* Plugin has been tested with PHP 8.4 [#163](https://github.com/chesio/bc-security/issues/163). +* Plugin has been tested with WordPress 6.7 [#162](https://github.com/chesio/bc-security/issues/162). + +### Changed + +* End-of-life dates for supported PHP versions have been updated [#164](https://github.com/chesio/bc-security/issues/164). + ## Version 0.24.0 (2024-07-29) WordPress 6.4 or newer is now required! diff --git a/README.md b/README.md index c7c9890..65d6598 100644 --- a/README.md +++ b/README.md @@ -123,7 +123,7 @@ BC Security allows you to: 1. Disable pingbacks 2. Disable XML RPC methods that require authentication 3. Disable application passwords -4. Prevent usernames discovery via [REST API requests](https://developer.wordpress.org/rest-api/reference/users/) and [username eumeration](https://hackertarget.com/wordpress-user-enumeration/) +4. Prevent usernames discovery via [REST API requests](https://developer.wordpress.org/rest-api/reference/users/) and [username enumeration](https://hackertarget.com/wordpress-user-enumeration/) 5. Disable login with email or login with username to reduce risk from brute-force or [credential stuffing attacks](https://owasp.org/www-community/attacks/Credential_stuffing). 6. Check and/or validate user passwords using [Pwned Passwords](https://haveibeenpwned.com/Passwords) database and [API](https://haveibeenpwned.com/API/v2#PwnedPasswords) diff --git a/bc-security.php b/bc-security.php index 3bf8336..d948eec 100644 --- a/bc-security.php +++ b/bc-security.php @@ -4,12 +4,12 @@ * Plugin Name: BC Security * Plugin URI: https://github.com/chesio/bc-security * Description: Helps keeping WordPress websites secure. - * Version: 0.24.0 + * Version: 0.25.0 * Author: Česlav Przywara * Author URI: https://www.chesio.com * Requires PHP: 8.1 * Requires at least: 6.4 - * Tested up to: 6.6 + * Tested up to: 6.7 * Text Domain: bc-security * GitHub Plugin URI: https://github.com/chesio/bc-security * Update URI: https://github.com/chesio/bc-security diff --git a/classes/BlueChip/Security/Helpers/Plugin.php b/classes/BlueChip/Security/Helpers/Plugin.php index 14a6970..d8c8430 100644 --- a/classes/BlueChip/Security/Helpers/Plugin.php +++ b/classes/BlueChip/Security/Helpers/Plugin.php @@ -161,7 +161,7 @@ public static function getPluginsInstalledFromWordPressOrg(): array { // We're using some wp-admin stuff here, so make sure it's available. if (!\function_exists('get_plugins')) { - require_once ABSPATH . 'wp-admin/includes/plugin.php'; + require_once ABSPATH . 'wp-admin/includes/plugin.php'; // @phpstan-ignore-line } $wordpress_org_plugins = \array_filter( diff --git a/classes/BlueChip/Security/Modules/Checklist/Checks/PhpVersionSupported.php b/classes/BlueChip/Security/Modules/Checklist/Checks/PhpVersionSupported.php index 8b78ca1..e116894 100644 --- a/classes/BlueChip/Security/Modules/Checklist/Checks/PhpVersionSupported.php +++ b/classes/BlueChip/Security/Modules/Checklist/Checks/PhpVersionSupported.php @@ -14,9 +14,10 @@ class PhpVersionSupported extends Checklist\BasicCheck * @link https://www.php.net/supported-versions.php */ private const SUPPORTED_VERSIONS = [ - '8.1' => '2024-11-25', - '8.2' => '2025-12-08', - '8.3' => '2026-11-23', + '8.1' => '2025-12-31', + '8.2' => '2026-12-31', + '8.3' => '2027-12-31', + '8.4' => '2028-12-31', ]; diff --git a/classes/BlueChip/Security/Modules/InternalBlocklist/HtaccessSynchronizer.php b/classes/BlueChip/Security/Modules/InternalBlocklist/HtaccessSynchronizer.php index eaa158f..05986cd 100644 --- a/classes/BlueChip/Security/Modules/InternalBlocklist/HtaccessSynchronizer.php +++ b/classes/BlueChip/Security/Modules/InternalBlocklist/HtaccessSynchronizer.php @@ -47,7 +47,7 @@ public function extract(): array } if (!\function_exists('extract_from_markers')) { - require_once ABSPATH . 'wp-admin/includes/misc.php'; + require_once ABSPATH . 'wp-admin/includes/misc.php'; // @phpstan-ignore-line } $lines = extract_from_markers($this->htaccess_file, self::MARKER); @@ -79,7 +79,7 @@ public function insert(array $blocked_ip_addresses): bool } if (!\function_exists('insert_with_markers')) { - require_once ABSPATH . 'wp-admin/includes/misc.php'; + require_once ABSPATH . 'wp-admin/includes/misc.php'; // @phpstan-ignore-line } // Prepare rules for given IP addresses. diff --git a/classes/BlueChip/Security/Modules/InternalBlocklist/Manager.php b/classes/BlueChip/Security/Modules/InternalBlocklist/Manager.php index cc5ac11..9b828ee 100644 --- a/classes/BlueChip/Security/Modules/InternalBlocklist/Manager.php +++ b/classes/BlueChip/Security/Modules/InternalBlocklist/Manager.php @@ -67,7 +67,7 @@ public function __construct(private wpdb $wpdb, private HtaccessSynchronizer $ht public function install(): void { // To have dbDelta() - require_once ABSPATH . 'wp-admin/includes/upgrade.php'; + require_once ABSPATH . 'wp-admin/includes/upgrade.php'; // @phpstan-ignore-line $charset_collate = $this->wpdb->get_charset_collate(); diff --git a/classes/BlueChip/Security/Modules/Log/Logger.php b/classes/BlueChip/Security/Modules/Log/Logger.php index 0b77b0a..e5480bb 100644 --- a/classes/BlueChip/Security/Modules/Log/Logger.php +++ b/classes/BlueChip/Security/Modules/Log/Logger.php @@ -59,7 +59,7 @@ public function __construct(private wpdb $wpdb, private string $remote_address, public function install(): void { // To have dbDelta() - require_once ABSPATH . 'wp-admin/includes/upgrade.php'; + require_once ABSPATH . 'wp-admin/includes/upgrade.php'; // @phpstan-ignore-line $charset_collate = $this->wpdb->get_charset_collate(); diff --git a/classes/BlueChip/Security/Modules/Login/Bookkeeper.php b/classes/BlueChip/Security/Modules/Login/Bookkeeper.php index 36936e9..073f1d2 100644 --- a/classes/BlueChip/Security/Modules/Login/Bookkeeper.php +++ b/classes/BlueChip/Security/Modules/Login/Bookkeeper.php @@ -45,7 +45,7 @@ public function __construct(private Settings $settings, private wpdb $wpdb) public function install(): void { // To have dbDelta() - require_once ABSPATH . 'wp-admin/includes/upgrade.php'; + require_once ABSPATH . 'wp-admin/includes/upgrade.php'; // @phpstan-ignore-line $charset_collate = $this->wpdb->get_charset_collate(); diff --git a/composer.lock b/composer.lock index 90e13b9..1683957 100644 --- a/composer.lock +++ b/composer.lock @@ -402,16 +402,16 @@ }, { "name": "mockery/mockery", - "version": "1.6.11", + "version": "1.6.12", "source": { "type": "git", "url": "https://github.com/mockery/mockery.git", - "reference": "81a161d0b135df89951abd52296adf97deb0723d" + "reference": "1f4efdd7d3beafe9807b08156dfcb176d18f1699" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/mockery/mockery/zipball/81a161d0b135df89951abd52296adf97deb0723d", - "reference": "81a161d0b135df89951abd52296adf97deb0723d", + "url": "https://api.github.com/repos/mockery/mockery/zipball/1f4efdd7d3beafe9807b08156dfcb176d18f1699", + "reference": "1f4efdd7d3beafe9807b08156dfcb176d18f1699", "shasum": "" }, "require": { @@ -481,7 +481,7 @@ "security": "https://github.com/mockery/mockery/security/advisories", "source": "https://github.com/mockery/mockery" }, - "time": "2024-03-21T18:34:15+00:00" + "time": "2024-05-16T03:13:13+00:00" }, { "name": "myclabs/deep-copy", @@ -545,16 +545,16 @@ }, { "name": "nikic/php-parser", - "version": "v5.1.0", + "version": "v5.3.1", "source": { "type": "git", "url": "https://github.com/nikic/PHP-Parser.git", - "reference": "683130c2ff8c2739f4822ff7ac5c873ec529abd1" + "reference": "8eea230464783aa9671db8eea6f8c6ac5285794b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/683130c2ff8c2739f4822ff7ac5c873ec529abd1", - "reference": "683130c2ff8c2739f4822ff7ac5c873ec529abd1", + "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/8eea230464783aa9671db8eea6f8c6ac5285794b", + "reference": "8eea230464783aa9671db8eea6f8c6ac5285794b", "shasum": "" }, "require": { @@ -597,9 +597,9 @@ ], "support": { "issues": "https://github.com/nikic/PHP-Parser/issues", - "source": "https://github.com/nikic/PHP-Parser/tree/v5.1.0" + "source": "https://github.com/nikic/PHP-Parser/tree/v5.3.1" }, - "time": "2024-07-01T20:03:41+00:00" + "time": "2024-10-08T18:51:32+00:00" }, { "name": "phar-io/manifest", @@ -782,16 +782,16 @@ }, { "name": "php-stubs/wordpress-stubs", - "version": "v6.6.0", + "version": "v6.6.2", "source": { "type": "git", "url": "https://github.com/php-stubs/wordpress-stubs.git", - "reference": "86e8753e89d59849276dcdd91b9a7dd78bb4abe2" + "reference": "f50fd7ed45894d036e4fef9ab7e5bbbaff6a30cc" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/php-stubs/wordpress-stubs/zipball/86e8753e89d59849276dcdd91b9a7dd78bb4abe2", - "reference": "86e8753e89d59849276dcdd91b9a7dd78bb4abe2", + "url": "https://api.github.com/repos/php-stubs/wordpress-stubs/zipball/f50fd7ed45894d036e4fef9ab7e5bbbaff6a30cc", + "reference": "f50fd7ed45894d036e4fef9ab7e5bbbaff6a30cc", "shasum": "" }, "require-dev": { @@ -824,9 +824,9 @@ ], "support": { "issues": "https://github.com/php-stubs/wordpress-stubs/issues", - "source": "https://github.com/php-stubs/wordpress-stubs/tree/v6.6.0" + "source": "https://github.com/php-stubs/wordpress-stubs/tree/v6.6.2" }, - "time": "2024-07-17T08:50:38+00:00" + "time": "2024-09-30T07:10:48+00:00" }, { "name": "phpstan/phpdoc-parser", @@ -877,16 +877,16 @@ }, { "name": "phpstan/phpstan", - "version": "1.11.8", + "version": "1.12.6", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "6adbd118e6c0515dd2f36b06cde1d6da40f1b8ec" + "reference": "dc4d2f145a88ea7141ae698effd64d9df46527ae" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/6adbd118e6c0515dd2f36b06cde1d6da40f1b8ec", - "reference": "6adbd118e6c0515dd2f36b06cde1d6da40f1b8ec", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/dc4d2f145a88ea7141ae698effd64d9df46527ae", + "reference": "dc4d2f145a88ea7141ae698effd64d9df46527ae", "shasum": "" }, "require": { @@ -931,36 +931,36 @@ "type": "github" } ], - "time": "2024-07-24T07:01:22+00:00" + "time": "2024-10-06T15:03:59+00:00" }, { "name": "phpunit/php-code-coverage", - "version": "10.1.15", + "version": "10.1.16", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-code-coverage.git", - "reference": "5da8b1728acd1e6ffdf2ff32ffbdfd04307f26ae" + "reference": "7e308268858ed6baedc8704a304727d20bc07c77" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/5da8b1728acd1e6ffdf2ff32ffbdfd04307f26ae", - "reference": "5da8b1728acd1e6ffdf2ff32ffbdfd04307f26ae", + "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/7e308268858ed6baedc8704a304727d20bc07c77", + "reference": "7e308268858ed6baedc8704a304727d20bc07c77", "shasum": "" }, "require": { "ext-dom": "*", "ext-libxml": "*", "ext-xmlwriter": "*", - "nikic/php-parser": "^4.18 || ^5.0", + "nikic/php-parser": "^4.19.1 || ^5.1.0", "php": ">=8.1", - "phpunit/php-file-iterator": "^4.0", - "phpunit/php-text-template": "^3.0", - "sebastian/code-unit-reverse-lookup": "^3.0", - "sebastian/complexity": "^3.0", - "sebastian/environment": "^6.0", - "sebastian/lines-of-code": "^2.0", - "sebastian/version": "^4.0", - "theseer/tokenizer": "^1.2.0" + "phpunit/php-file-iterator": "^4.1.0", + "phpunit/php-text-template": "^3.0.1", + "sebastian/code-unit-reverse-lookup": "^3.0.0", + "sebastian/complexity": "^3.2.0", + "sebastian/environment": "^6.1.0", + "sebastian/lines-of-code": "^2.0.2", + "sebastian/version": "^4.0.1", + "theseer/tokenizer": "^1.2.3" }, "require-dev": { "phpunit/phpunit": "^10.1" @@ -972,7 +972,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "10.1-dev" + "dev-main": "10.1.x-dev" } }, "autoload": { @@ -1001,7 +1001,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/php-code-coverage/issues", "security": "https://github.com/sebastianbergmann/php-code-coverage/security/policy", - "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/10.1.15" + "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/10.1.16" }, "funding": [ { @@ -1009,7 +1009,7 @@ "type": "github" } ], - "time": "2024-06-29T08:25:15+00:00" + "time": "2024-08-22T04:31:57+00:00" }, { "name": "phpunit/php-file-iterator", @@ -1256,16 +1256,16 @@ }, { "name": "phpunit/phpunit", - "version": "10.5.28", + "version": "10.5.36", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "ff7fb85cdf88131b83e721fb2a327b664dbed275" + "reference": "aa0a8ce701ea7ee314b0dfaa8970dc94f3f8c870" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/ff7fb85cdf88131b83e721fb2a327b664dbed275", - "reference": "ff7fb85cdf88131b83e721fb2a327b664dbed275", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/aa0a8ce701ea7ee314b0dfaa8970dc94f3f8c870", + "reference": "aa0a8ce701ea7ee314b0dfaa8970dc94f3f8c870", "shasum": "" }, "require": { @@ -1279,14 +1279,14 @@ "phar-io/manifest": "^2.0.4", "phar-io/version": "^3.2.1", "php": ">=8.1", - "phpunit/php-code-coverage": "^10.1.15", + "phpunit/php-code-coverage": "^10.1.16", "phpunit/php-file-iterator": "^4.1.0", "phpunit/php-invoker": "^4.0.0", "phpunit/php-text-template": "^3.0.1", "phpunit/php-timer": "^6.0.0", "sebastian/cli-parser": "^2.0.1", "sebastian/code-unit": "^2.0.0", - "sebastian/comparator": "^5.0.1", + "sebastian/comparator": "^5.0.2", "sebastian/diff": "^5.1.1", "sebastian/environment": "^6.1.0", "sebastian/exporter": "^5.1.2", @@ -1337,7 +1337,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/phpunit/issues", "security": "https://github.com/sebastianbergmann/phpunit/security/policy", - "source": "https://github.com/sebastianbergmann/phpunit/tree/10.5.28" + "source": "https://github.com/sebastianbergmann/phpunit/tree/10.5.36" }, "funding": [ { @@ -1353,7 +1353,7 @@ "type": "tidelift" } ], - "time": "2024-07-18T14:54:16+00:00" + "time": "2024-10-08T15:36:51+00:00" }, { "name": "sebastian/cli-parser", @@ -1525,16 +1525,16 @@ }, { "name": "sebastian/comparator", - "version": "5.0.1", + "version": "5.0.2", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/comparator.git", - "reference": "2db5010a484d53ebf536087a70b4a5423c102372" + "reference": "2d3e04c3b4c1e84a5e7382221ad8883c8fbc4f53" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/2db5010a484d53ebf536087a70b4a5423c102372", - "reference": "2db5010a484d53ebf536087a70b4a5423c102372", + "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/2d3e04c3b4c1e84a5e7382221ad8883c8fbc4f53", + "reference": "2d3e04c3b4c1e84a5e7382221ad8883c8fbc4f53", "shasum": "" }, "require": { @@ -1545,7 +1545,7 @@ "sebastian/exporter": "^5.0" }, "require-dev": { - "phpunit/phpunit": "^10.3" + "phpunit/phpunit": "^10.4" }, "type": "library", "extra": { @@ -1590,7 +1590,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/comparator/issues", "security": "https://github.com/sebastianbergmann/comparator/security/policy", - "source": "https://github.com/sebastianbergmann/comparator/tree/5.0.1" + "source": "https://github.com/sebastianbergmann/comparator/tree/5.0.2" }, "funding": [ { @@ -1598,7 +1598,7 @@ "type": "github" } ], - "time": "2023-08-14T13:18:12+00:00" + "time": "2024-08-12T06:03:08+00:00" }, { "name": "sebastian/complexity", @@ -2338,16 +2338,16 @@ }, { "name": "squizlabs/php_codesniffer", - "version": "3.10.2", + "version": "3.10.3", "source": { "type": "git", "url": "https://github.com/PHPCSStandards/PHP_CodeSniffer.git", - "reference": "86e5f5dd9a840c46810ebe5ff1885581c42a3017" + "reference": "62d32998e820bddc40f99f8251958aed187a5c9c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/PHPCSStandards/PHP_CodeSniffer/zipball/86e5f5dd9a840c46810ebe5ff1885581c42a3017", - "reference": "86e5f5dd9a840c46810ebe5ff1885581c42a3017", + "url": "https://api.github.com/repos/PHPCSStandards/PHP_CodeSniffer/zipball/62d32998e820bddc40f99f8251958aed187a5c9c", + "reference": "62d32998e820bddc40f99f8251958aed187a5c9c", "shasum": "" }, "require": { @@ -2414,24 +2414,24 @@ "type": "open_collective" } ], - "time": "2024-07-21T23:26:44+00:00" + "time": "2024-09-18T10:38:58+00:00" }, { "name": "symfony/polyfill-php73", - "version": "v1.30.0", + "version": "v1.31.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php73.git", - "reference": "ec444d3f3f6505bb28d11afa41e75faadebc10a1" + "reference": "0f68c03565dcaaf25a890667542e8bd75fe7e5bb" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php73/zipball/ec444d3f3f6505bb28d11afa41e75faadebc10a1", - "reference": "ec444d3f3f6505bb28d11afa41e75faadebc10a1", + "url": "https://api.github.com/repos/symfony/polyfill-php73/zipball/0f68c03565dcaaf25a890667542e8bd75fe7e5bb", + "reference": "0f68c03565dcaaf25a890667542e8bd75fe7e5bb", "shasum": "" }, "require": { - "php": ">=7.1" + "php": ">=7.2" }, "type": "library", "extra": { @@ -2474,7 +2474,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php73/tree/v1.30.0" + "source": "https://github.com/symfony/polyfill-php73/tree/v1.31.0" }, "funding": [ { @@ -2490,7 +2490,7 @@ "type": "tidelift" } ], - "time": "2024-05-31T15:07:36+00:00" + "time": "2024-09-09T11:45:10+00:00" }, { "name": "szepeviktor/phpstan-wordpress",