From 92179830a4bc086d47ba1721a4a7050cb3627ad8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Mon, 29 Jul 2024 12:53:17 +0200 Subject: [PATCH 01/14] Bump version number to 0.25.0-dev --- bc-security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bc-security.php b/bc-security.php index 3bf8336..8822f32 100644 --- a/bc-security.php +++ b/bc-security.php @@ -4,7 +4,7 @@ * Plugin Name: BC Security * Plugin URI: https://github.com/chesio/bc-security * Description: Helps keeping WordPress websites secure. - * Version: 0.24.0 + * Version: 0.25.0-dev * Author: Česlav Przywara * Author URI: https://www.chesio.com * Requires PHP: 8.1 From c38039674ed50100b06a92c67b8a474aa0ae2a2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Mon, 29 Jul 2024 12:53:39 +0200 Subject: [PATCH 02/14] Initialize CHANGELOG.md for version 0.25.0 --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0e8b1f7..b99c30e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # BC Security Changelog +## Upcoming version 0.25.0 (????-??-??) + +... + ## Version 0.24.0 (2024-07-29) WordPress 6.4 or newer is now required! From bd82ffee6d094d2d9b5da74be690c5c0affa97e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Mon, 14 Oct 2024 15:29:22 +0200 Subject: [PATCH 03/14] Update EOL dates for supported PHP versions Fixes #164. --- CHANGELOG.md | 4 +++- .../Modules/Checklist/Checks/PhpVersionSupported.php | 7 ++++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b99c30e..063a2b3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,9 @@ ## Upcoming version 0.25.0 (????-??-??) -... +### Changed + +* End-of-life dates for supported PHP versions have been updated [#164](https://github.com/chesio/bc-security/issues/164). ## Version 0.24.0 (2024-07-29) diff --git a/classes/BlueChip/Security/Modules/Checklist/Checks/PhpVersionSupported.php b/classes/BlueChip/Security/Modules/Checklist/Checks/PhpVersionSupported.php index 8b78ca1..e116894 100644 --- a/classes/BlueChip/Security/Modules/Checklist/Checks/PhpVersionSupported.php +++ b/classes/BlueChip/Security/Modules/Checklist/Checks/PhpVersionSupported.php @@ -14,9 +14,10 @@ class PhpVersionSupported extends Checklist\BasicCheck * @link https://www.php.net/supported-versions.php */ private const SUPPORTED_VERSIONS = [ - '8.1' => '2024-11-25', - '8.2' => '2025-12-08', - '8.3' => '2026-11-23', + '8.1' => '2025-12-31', + '8.2' => '2026-12-31', + '8.3' => '2027-12-31', + '8.4' => '2028-12-31', ]; From da66456012db2184b982e20cb9409cc426718275 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Mon, 14 Oct 2024 15:30:49 +0200 Subject: [PATCH 04/14] Run CI on PHP 8.4 as well See #163. --- .github/workflows/integrate.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/integrate.yml b/.github/workflows/integrate.yml index 3b9b30b..25a67f8 100644 --- a/.github/workflows/integrate.yml +++ b/.github/workflows/integrate.yml @@ -72,6 +72,7 @@ jobs: strategy: matrix: php-version: + - "8.4" - "8.3" - "8.2" - "8.1" From 295738ba2ed48e4c740f98644c3c9c036dbbc45f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Mon, 14 Oct 2024 15:41:57 +0200 Subject: [PATCH 05/14] Update PHPStan suite --- composer.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/composer.lock b/composer.lock index 90e13b9..d9ee56d 100644 --- a/composer.lock +++ b/composer.lock @@ -782,16 +782,16 @@ }, { "name": "php-stubs/wordpress-stubs", - "version": "v6.6.0", + "version": "v6.6.2", "source": { "type": "git", "url": "https://github.com/php-stubs/wordpress-stubs.git", - "reference": "86e8753e89d59849276dcdd91b9a7dd78bb4abe2" + "reference": "f50fd7ed45894d036e4fef9ab7e5bbbaff6a30cc" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/php-stubs/wordpress-stubs/zipball/86e8753e89d59849276dcdd91b9a7dd78bb4abe2", - "reference": "86e8753e89d59849276dcdd91b9a7dd78bb4abe2", + "url": "https://api.github.com/repos/php-stubs/wordpress-stubs/zipball/f50fd7ed45894d036e4fef9ab7e5bbbaff6a30cc", + "reference": "f50fd7ed45894d036e4fef9ab7e5bbbaff6a30cc", "shasum": "" }, "require-dev": { @@ -824,9 +824,9 @@ ], "support": { "issues": "https://github.com/php-stubs/wordpress-stubs/issues", - "source": "https://github.com/php-stubs/wordpress-stubs/tree/v6.6.0" + "source": "https://github.com/php-stubs/wordpress-stubs/tree/v6.6.2" }, - "time": "2024-07-17T08:50:38+00:00" + "time": "2024-09-30T07:10:48+00:00" }, { "name": "phpstan/phpdoc-parser", @@ -877,16 +877,16 @@ }, { "name": "phpstan/phpstan", - "version": "1.11.8", + "version": "1.12.6", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "6adbd118e6c0515dd2f36b06cde1d6da40f1b8ec" + "reference": "dc4d2f145a88ea7141ae698effd64d9df46527ae" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/6adbd118e6c0515dd2f36b06cde1d6da40f1b8ec", - "reference": "6adbd118e6c0515dd2f36b06cde1d6da40f1b8ec", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/dc4d2f145a88ea7141ae698effd64d9df46527ae", + "reference": "dc4d2f145a88ea7141ae698effd64d9df46527ae", "shasum": "" }, "require": { @@ -931,7 +931,7 @@ "type": "github" } ], - "time": "2024-07-24T07:01:22+00:00" + "time": "2024-10-06T15:03:59+00:00" }, { "name": "phpunit/php-code-coverage", @@ -2418,20 +2418,20 @@ }, { "name": "symfony/polyfill-php73", - "version": "v1.30.0", + "version": "v1.31.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php73.git", - "reference": "ec444d3f3f6505bb28d11afa41e75faadebc10a1" + "reference": "0f68c03565dcaaf25a890667542e8bd75fe7e5bb" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php73/zipball/ec444d3f3f6505bb28d11afa41e75faadebc10a1", - "reference": "ec444d3f3f6505bb28d11afa41e75faadebc10a1", + "url": "https://api.github.com/repos/symfony/polyfill-php73/zipball/0f68c03565dcaaf25a890667542e8bd75fe7e5bb", + "reference": "0f68c03565dcaaf25a890667542e8bd75fe7e5bb", "shasum": "" }, "require": { - "php": ">=7.1" + "php": ">=7.2" }, "type": "library", "extra": { @@ -2474,7 +2474,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php73/tree/v1.30.0" + "source": "https://github.com/symfony/polyfill-php73/tree/v1.31.0" }, "funding": [ { @@ -2490,7 +2490,7 @@ "type": "tidelift" } ], - "time": "2024-05-31T15:07:36+00:00" + "time": "2024-09-09T11:45:10+00:00" }, { "name": "szepeviktor/phpstan-wordpress", From eacd2eabe11f6aff2f1df5e29c6e5d871f8199cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Mon, 14 Oct 2024 15:42:07 +0200 Subject: [PATCH 06/14] Let PHPStan ignore lines where WordPress core files are required This avoids errors due to requireFile rule. See also: https://github.com/szepeviktor/phpstan-wordpress/issues/239 --- classes/BlueChip/Security/Helpers/Plugin.php | 2 +- .../Modules/InternalBlocklist/HtaccessSynchronizer.php | 4 ++-- .../BlueChip/Security/Modules/InternalBlocklist/Manager.php | 2 +- classes/BlueChip/Security/Modules/Log/Logger.php | 2 +- classes/BlueChip/Security/Modules/Login/Bookkeeper.php | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/classes/BlueChip/Security/Helpers/Plugin.php b/classes/BlueChip/Security/Helpers/Plugin.php index 14a6970..d8c8430 100644 --- a/classes/BlueChip/Security/Helpers/Plugin.php +++ b/classes/BlueChip/Security/Helpers/Plugin.php @@ -161,7 +161,7 @@ public static function getPluginsInstalledFromWordPressOrg(): array { // We're using some wp-admin stuff here, so make sure it's available. if (!\function_exists('get_plugins')) { - require_once ABSPATH . 'wp-admin/includes/plugin.php'; + require_once ABSPATH . 'wp-admin/includes/plugin.php'; // @phpstan-ignore-line } $wordpress_org_plugins = \array_filter( diff --git a/classes/BlueChip/Security/Modules/InternalBlocklist/HtaccessSynchronizer.php b/classes/BlueChip/Security/Modules/InternalBlocklist/HtaccessSynchronizer.php index eaa158f..05986cd 100644 --- a/classes/BlueChip/Security/Modules/InternalBlocklist/HtaccessSynchronizer.php +++ b/classes/BlueChip/Security/Modules/InternalBlocklist/HtaccessSynchronizer.php @@ -47,7 +47,7 @@ public function extract(): array } if (!\function_exists('extract_from_markers')) { - require_once ABSPATH . 'wp-admin/includes/misc.php'; + require_once ABSPATH . 'wp-admin/includes/misc.php'; // @phpstan-ignore-line } $lines = extract_from_markers($this->htaccess_file, self::MARKER); @@ -79,7 +79,7 @@ public function insert(array $blocked_ip_addresses): bool } if (!\function_exists('insert_with_markers')) { - require_once ABSPATH . 'wp-admin/includes/misc.php'; + require_once ABSPATH . 'wp-admin/includes/misc.php'; // @phpstan-ignore-line } // Prepare rules for given IP addresses. diff --git a/classes/BlueChip/Security/Modules/InternalBlocklist/Manager.php b/classes/BlueChip/Security/Modules/InternalBlocklist/Manager.php index cc5ac11..9b828ee 100644 --- a/classes/BlueChip/Security/Modules/InternalBlocklist/Manager.php +++ b/classes/BlueChip/Security/Modules/InternalBlocklist/Manager.php @@ -67,7 +67,7 @@ public function __construct(private wpdb $wpdb, private HtaccessSynchronizer $ht public function install(): void { // To have dbDelta() - require_once ABSPATH . 'wp-admin/includes/upgrade.php'; + require_once ABSPATH . 'wp-admin/includes/upgrade.php'; // @phpstan-ignore-line $charset_collate = $this->wpdb->get_charset_collate(); diff --git a/classes/BlueChip/Security/Modules/Log/Logger.php b/classes/BlueChip/Security/Modules/Log/Logger.php index 0b77b0a..e5480bb 100644 --- a/classes/BlueChip/Security/Modules/Log/Logger.php +++ b/classes/BlueChip/Security/Modules/Log/Logger.php @@ -59,7 +59,7 @@ public function __construct(private wpdb $wpdb, private string $remote_address, public function install(): void { // To have dbDelta() - require_once ABSPATH . 'wp-admin/includes/upgrade.php'; + require_once ABSPATH . 'wp-admin/includes/upgrade.php'; // @phpstan-ignore-line $charset_collate = $this->wpdb->get_charset_collate(); diff --git a/classes/BlueChip/Security/Modules/Login/Bookkeeper.php b/classes/BlueChip/Security/Modules/Login/Bookkeeper.php index 36936e9..073f1d2 100644 --- a/classes/BlueChip/Security/Modules/Login/Bookkeeper.php +++ b/classes/BlueChip/Security/Modules/Login/Bookkeeper.php @@ -45,7 +45,7 @@ public function __construct(private Settings $settings, private wpdb $wpdb) public function install(): void { // To have dbDelta() - require_once ABSPATH . 'wp-admin/includes/upgrade.php'; + require_once ABSPATH . 'wp-admin/includes/upgrade.php'; // @phpstan-ignore-line $charset_collate = $this->wpdb->get_charset_collate(); From 645f8b35dca0996219b59f06bdfa66cfbb76bf79 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Mon, 14 Oct 2024 15:47:24 +0200 Subject: [PATCH 07/14] Add changelog entry about PHP 8.4 support Fixes #163. --- CHANGELOG.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 063a2b3..7853218 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,12 @@ ## Upcoming version 0.25.0 (????-??-??) +This release has been tested with PHP 8.4. + +### Added + +* Plugin has been tested with PHP 8.4 [#163](https://github.com/chesio/bc-security/issues/163). + ### Changed * End-of-life dates for supported PHP versions have been updated [#164](https://github.com/chesio/bc-security/issues/164). From 3e6f5eb270c76f98de6d90cf739fdd1deaf991ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Mon, 14 Oct 2024 15:51:38 +0200 Subject: [PATCH 08/14] Update PHPUnit to version 10.5.36 (with all dependencies) --- composer.lock | 74 +++++++++++++++++++++++++-------------------------- 1 file changed, 37 insertions(+), 37 deletions(-) diff --git a/composer.lock b/composer.lock index d9ee56d..9be264a 100644 --- a/composer.lock +++ b/composer.lock @@ -545,16 +545,16 @@ }, { "name": "nikic/php-parser", - "version": "v5.1.0", + "version": "v5.3.1", "source": { "type": "git", "url": "https://github.com/nikic/PHP-Parser.git", - "reference": "683130c2ff8c2739f4822ff7ac5c873ec529abd1" + "reference": "8eea230464783aa9671db8eea6f8c6ac5285794b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/683130c2ff8c2739f4822ff7ac5c873ec529abd1", - "reference": "683130c2ff8c2739f4822ff7ac5c873ec529abd1", + "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/8eea230464783aa9671db8eea6f8c6ac5285794b", + "reference": "8eea230464783aa9671db8eea6f8c6ac5285794b", "shasum": "" }, "require": { @@ -597,9 +597,9 @@ ], "support": { "issues": "https://github.com/nikic/PHP-Parser/issues", - "source": "https://github.com/nikic/PHP-Parser/tree/v5.1.0" + "source": "https://github.com/nikic/PHP-Parser/tree/v5.3.1" }, - "time": "2024-07-01T20:03:41+00:00" + "time": "2024-10-08T18:51:32+00:00" }, { "name": "phar-io/manifest", @@ -935,32 +935,32 @@ }, { "name": "phpunit/php-code-coverage", - "version": "10.1.15", + "version": "10.1.16", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-code-coverage.git", - "reference": "5da8b1728acd1e6ffdf2ff32ffbdfd04307f26ae" + "reference": "7e308268858ed6baedc8704a304727d20bc07c77" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/5da8b1728acd1e6ffdf2ff32ffbdfd04307f26ae", - "reference": "5da8b1728acd1e6ffdf2ff32ffbdfd04307f26ae", + "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/7e308268858ed6baedc8704a304727d20bc07c77", + "reference": "7e308268858ed6baedc8704a304727d20bc07c77", "shasum": "" }, "require": { "ext-dom": "*", "ext-libxml": "*", "ext-xmlwriter": "*", - "nikic/php-parser": "^4.18 || ^5.0", + "nikic/php-parser": "^4.19.1 || ^5.1.0", "php": ">=8.1", - "phpunit/php-file-iterator": "^4.0", - "phpunit/php-text-template": "^3.0", - "sebastian/code-unit-reverse-lookup": "^3.0", - "sebastian/complexity": "^3.0", - "sebastian/environment": "^6.0", - "sebastian/lines-of-code": "^2.0", - "sebastian/version": "^4.0", - "theseer/tokenizer": "^1.2.0" + "phpunit/php-file-iterator": "^4.1.0", + "phpunit/php-text-template": "^3.0.1", + "sebastian/code-unit-reverse-lookup": "^3.0.0", + "sebastian/complexity": "^3.2.0", + "sebastian/environment": "^6.1.0", + "sebastian/lines-of-code": "^2.0.2", + "sebastian/version": "^4.0.1", + "theseer/tokenizer": "^1.2.3" }, "require-dev": { "phpunit/phpunit": "^10.1" @@ -972,7 +972,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "10.1-dev" + "dev-main": "10.1.x-dev" } }, "autoload": { @@ -1001,7 +1001,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/php-code-coverage/issues", "security": "https://github.com/sebastianbergmann/php-code-coverage/security/policy", - "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/10.1.15" + "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/10.1.16" }, "funding": [ { @@ -1009,7 +1009,7 @@ "type": "github" } ], - "time": "2024-06-29T08:25:15+00:00" + "time": "2024-08-22T04:31:57+00:00" }, { "name": "phpunit/php-file-iterator", @@ -1256,16 +1256,16 @@ }, { "name": "phpunit/phpunit", - "version": "10.5.28", + "version": "10.5.36", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "ff7fb85cdf88131b83e721fb2a327b664dbed275" + "reference": "aa0a8ce701ea7ee314b0dfaa8970dc94f3f8c870" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/ff7fb85cdf88131b83e721fb2a327b664dbed275", - "reference": "ff7fb85cdf88131b83e721fb2a327b664dbed275", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/aa0a8ce701ea7ee314b0dfaa8970dc94f3f8c870", + "reference": "aa0a8ce701ea7ee314b0dfaa8970dc94f3f8c870", "shasum": "" }, "require": { @@ -1279,14 +1279,14 @@ "phar-io/manifest": "^2.0.4", "phar-io/version": "^3.2.1", "php": ">=8.1", - "phpunit/php-code-coverage": "^10.1.15", + "phpunit/php-code-coverage": "^10.1.16", "phpunit/php-file-iterator": "^4.1.0", "phpunit/php-invoker": "^4.0.0", "phpunit/php-text-template": "^3.0.1", "phpunit/php-timer": "^6.0.0", "sebastian/cli-parser": "^2.0.1", "sebastian/code-unit": "^2.0.0", - "sebastian/comparator": "^5.0.1", + "sebastian/comparator": "^5.0.2", "sebastian/diff": "^5.1.1", "sebastian/environment": "^6.1.0", "sebastian/exporter": "^5.1.2", @@ -1337,7 +1337,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/phpunit/issues", "security": "https://github.com/sebastianbergmann/phpunit/security/policy", - "source": "https://github.com/sebastianbergmann/phpunit/tree/10.5.28" + "source": "https://github.com/sebastianbergmann/phpunit/tree/10.5.36" }, "funding": [ { @@ -1353,7 +1353,7 @@ "type": "tidelift" } ], - "time": "2024-07-18T14:54:16+00:00" + "time": "2024-10-08T15:36:51+00:00" }, { "name": "sebastian/cli-parser", @@ -1525,16 +1525,16 @@ }, { "name": "sebastian/comparator", - "version": "5.0.1", + "version": "5.0.2", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/comparator.git", - "reference": "2db5010a484d53ebf536087a70b4a5423c102372" + "reference": "2d3e04c3b4c1e84a5e7382221ad8883c8fbc4f53" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/2db5010a484d53ebf536087a70b4a5423c102372", - "reference": "2db5010a484d53ebf536087a70b4a5423c102372", + "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/2d3e04c3b4c1e84a5e7382221ad8883c8fbc4f53", + "reference": "2d3e04c3b4c1e84a5e7382221ad8883c8fbc4f53", "shasum": "" }, "require": { @@ -1545,7 +1545,7 @@ "sebastian/exporter": "^5.0" }, "require-dev": { - "phpunit/phpunit": "^10.3" + "phpunit/phpunit": "^10.4" }, "type": "library", "extra": { @@ -1590,7 +1590,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/comparator/issues", "security": "https://github.com/sebastianbergmann/comparator/security/policy", - "source": "https://github.com/sebastianbergmann/comparator/tree/5.0.1" + "source": "https://github.com/sebastianbergmann/comparator/tree/5.0.2" }, "funding": [ { @@ -1598,7 +1598,7 @@ "type": "github" } ], - "time": "2023-08-14T13:18:12+00:00" + "time": "2024-08-12T06:03:08+00:00" }, { "name": "sebastian/complexity", From a77546a4f800240cc9e5928ac55e1735b436e02a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Mon, 14 Oct 2024 15:52:22 +0200 Subject: [PATCH 09/14] Update Mockery to latest version --- composer.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/composer.lock b/composer.lock index 9be264a..8143f0a 100644 --- a/composer.lock +++ b/composer.lock @@ -402,16 +402,16 @@ }, { "name": "mockery/mockery", - "version": "1.6.11", + "version": "1.6.12", "source": { "type": "git", "url": "https://github.com/mockery/mockery.git", - "reference": "81a161d0b135df89951abd52296adf97deb0723d" + "reference": "1f4efdd7d3beafe9807b08156dfcb176d18f1699" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/mockery/mockery/zipball/81a161d0b135df89951abd52296adf97deb0723d", - "reference": "81a161d0b135df89951abd52296adf97deb0723d", + "url": "https://api.github.com/repos/mockery/mockery/zipball/1f4efdd7d3beafe9807b08156dfcb176d18f1699", + "reference": "1f4efdd7d3beafe9807b08156dfcb176d18f1699", "shasum": "" }, "require": { @@ -481,7 +481,7 @@ "security": "https://github.com/mockery/mockery/security/advisories", "source": "https://github.com/mockery/mockery" }, - "time": "2024-03-21T18:34:15+00:00" + "time": "2024-05-16T03:13:13+00:00" }, { "name": "myclabs/deep-copy", From 9cb4ed8f363b665674ea92e8489a29c33cab0cb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Mon, 14 Oct 2024 15:53:05 +0200 Subject: [PATCH 10/14] Update PHP-CS to latest version --- composer.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/composer.lock b/composer.lock index 8143f0a..1683957 100644 --- a/composer.lock +++ b/composer.lock @@ -2338,16 +2338,16 @@ }, { "name": "squizlabs/php_codesniffer", - "version": "3.10.2", + "version": "3.10.3", "source": { "type": "git", "url": "https://github.com/PHPCSStandards/PHP_CodeSniffer.git", - "reference": "86e5f5dd9a840c46810ebe5ff1885581c42a3017" + "reference": "62d32998e820bddc40f99f8251958aed187a5c9c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/PHPCSStandards/PHP_CodeSniffer/zipball/86e5f5dd9a840c46810ebe5ff1885581c42a3017", - "reference": "86e5f5dd9a840c46810ebe5ff1885581c42a3017", + "url": "https://api.github.com/repos/PHPCSStandards/PHP_CodeSniffer/zipball/62d32998e820bddc40f99f8251958aed187a5c9c", + "reference": "62d32998e820bddc40f99f8251958aed187a5c9c", "shasum": "" }, "require": { @@ -2414,7 +2414,7 @@ "type": "open_collective" } ], - "time": "2024-07-21T23:26:44+00:00" + "time": "2024-09-18T10:38:58+00:00" }, { "name": "symfony/polyfill-php73", From c291d85c02c6795b9e789058f4f816acb8910ec9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Thu, 17 Oct 2024 10:55:28 +0200 Subject: [PATCH 11/14] Fix typo in README Props @szepeviktor --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c7c9890..65d6598 100644 --- a/README.md +++ b/README.md @@ -123,7 +123,7 @@ BC Security allows you to: 1. Disable pingbacks 2. Disable XML RPC methods that require authentication 3. Disable application passwords -4. Prevent usernames discovery via [REST API requests](https://developer.wordpress.org/rest-api/reference/users/) and [username eumeration](https://hackertarget.com/wordpress-user-enumeration/) +4. Prevent usernames discovery via [REST API requests](https://developer.wordpress.org/rest-api/reference/users/) and [username enumeration](https://hackertarget.com/wordpress-user-enumeration/) 5. Disable login with email or login with username to reduce risk from brute-force or [credential stuffing attacks](https://owasp.org/www-community/attacks/Credential_stuffing). 6. Check and/or validate user passwords using [Pwned Passwords](https://haveibeenpwned.com/Passwords) database and [API](https://haveibeenpwned.com/API/v2#PwnedPasswords) From b06965af4253d6a1e1ee4d7a03bbdcebf80f31cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Fri, 25 Oct 2024 11:13:12 +0200 Subject: [PATCH 12/14] Mark the plugin as tested with WordPress 6.7 Fixes #162. --- CHANGELOG.md | 1 + bc-security.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7853218..5a3b353 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ This release has been tested with PHP 8.4. ### Added * Plugin has been tested with PHP 8.4 [#163](https://github.com/chesio/bc-security/issues/163). +* Plugin has been tested with WordPress 6.7 [#162](https://github.com/chesio/bc-security/issues/162). ### Changed diff --git a/bc-security.php b/bc-security.php index 8822f32..9f27d0d 100644 --- a/bc-security.php +++ b/bc-security.php @@ -9,7 +9,7 @@ * Author URI: https://www.chesio.com * Requires PHP: 8.1 * Requires at least: 6.4 - * Tested up to: 6.6 + * Tested up to: 6.7 * Text Domain: bc-security * GitHub Plugin URI: https://github.com/chesio/bc-security * Update URI: https://github.com/chesio/bc-security From ec20abcea266ea4c7ece0cb38a169ac966fa8317 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Mon, 28 Oct 2024 17:10:45 +0100 Subject: [PATCH 13/14] Bump version number to 0.25.0 --- bc-security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bc-security.php b/bc-security.php index 9f27d0d..d948eec 100644 --- a/bc-security.php +++ b/bc-security.php @@ -4,7 +4,7 @@ * Plugin Name: BC Security * Plugin URI: https://github.com/chesio/bc-security * Description: Helps keeping WordPress websites secure. - * Version: 0.25.0-dev + * Version: 0.25.0 * Author: Česlav Przywara * Author URI: https://www.chesio.com * Requires PHP: 8.1 From 03fa086fe309f63ac423103e0bad20e940b6eb19 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=8Ceslav=20Przywara?= Date: Mon, 28 Oct 2024 17:11:16 +0100 Subject: [PATCH 14/14] Update CHANGELOG for version 0.25.0 --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5a3b353..6d061d2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,6 @@ # BC Security Changelog -## Upcoming version 0.25.0 (????-??-??) +## Version 0.25.0 (2024-10-28) This release has been tested with PHP 8.4.