From aae3ea7cbfa07f70b2a2ea421b09af8581aeac6a Mon Sep 17 00:00:00 2001 From: El RIDO Date: Mon, 1 Apr 2024 14:34:23 +0200 Subject: [PATCH 1/8] update documentation - clarify all template options & link to previews - document new ctype extension requirement --- cfg/conf.sample.php | 13 ++++++++----- doc/Installation.md | 1 + 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/cfg/conf.sample.php b/cfg/conf.sample.php index 141888f2..b128bf48 100644 --- a/cfg/conf.sample.php +++ b/cfg/conf.sample.php @@ -37,9 +37,12 @@ defaultformatter = "plaintext" ; size limit per paste or comment in bytes, defaults to 10 Mebibytes sizelimit = 10485760 -; template to include, default is "bootstrap" (tpl/bootstrap.php) -; Also available is a dark version ("bootstrap-dark",) and -; a theme that resembles the classic ZeroBin style ("page".) +; template to include, default is "bootstrap" (tpl/bootstrap.php), also +; available are "page" (tpl/page.php), the classic ZeroBin style and several +; bootstrap variants: "bootstrap-dark", "bootstrap-compact", "bootstrap-page", +; which can be combined with "-dark" and "-compact" for "bootstrap-dark-page" +; and finally "bootstrap-compact-page" - previews at: +; https://privatebin.info/screenshots.html template = "bootstrap" ; (optional) info text to display @@ -242,7 +245,7 @@ dir = PATH "data" ; - AWS_ACCESS_KEY_ID ; - AWS_SECRET_ACCESS_KEY ; - AWS_SESSION_TOKEN (if needed) -; for more details, see https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials.html#default-credential-chain +; for more details, see https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials.html#default-credential-chain ;class = S3Storage ;[model_options] ;region = "eu-central-1" @@ -264,4 +267,4 @@ dir = PATH "data" ; (optional) the "signature" (access key) issued by YOURLS for the using account ; signature = "" ; (optional) the URL of the YOURLS API, called to shorten a PrivateBin URL -; apiurl = "https://yourls.example.com/yourls-api.php" \ No newline at end of file +; apiurl = "https://yourls.example.com/yourls-api.php" diff --git a/doc/Installation.md b/doc/Installation.md index 77f79fbb..b09de9e1 100644 --- a/doc/Installation.md +++ b/doc/Installation.md @@ -22,6 +22,7 @@ for more information. ### Minimal Requirements - PHP version 7.3 or above +- ctype extension - GD extension (when using identicon or vizhash icons, jdenticon works without it) - zlib extension - some disk space or a database supported by [PDO](https://php.net/manual/book.pdo.php) From b9a9e7c3241fc5697701a00d5db73fee45afd605 Mon Sep 17 00:00:00 2001 From: El RIDO Date: Mon, 1 Apr 2024 14:34:55 +0200 Subject: [PATCH 2/8] bump versions of optional cloud storage dependencies --- composer.json | 4 ++-- tst/Bootstrap.php | 5 +++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/composer.json b/composer.json index bbd720ae..0d792ebf 100644 --- a/composer.json +++ b/composer.json @@ -30,8 +30,8 @@ "yzalis/identicon": "2.0.0" }, "suggest" : { - "google/cloud-storage" : "1.32.0", - "aws/aws-sdk-php" : "3.275.1" + "google/cloud-storage" : "1.41.0", + "aws/aws-sdk-php" : "3.302.0" }, "require-dev" : { "phpunit/phpunit" : "^9" diff --git a/tst/Bootstrap.php b/tst/Bootstrap.php index 7f4caa32..183d1b1d 100644 --- a/tst/Bootstrap.php +++ b/tst/Bootstrap.php @@ -508,6 +508,11 @@ class ConnectionInterfaceStub implements ConnectionInterface throw new BadMethodCallException('not supported by this stub'); } + public function restoreObject(array $args = array()) + { + throw new BadMethodCallException('not supported by this stub'); + } + public function copyObject(array $args = array()) { throw new BadMethodCallException('not supported by this stub'); From 6bcef2fa24e04b96e9f630c8b47fa91bb4ac95f8 Mon Sep 17 00:00:00 2001 From: El RIDO Date: Mon, 1 Apr 2024 14:40:23 +0200 Subject: [PATCH 3/8] handle PHP 8.2 deprecation PHP 8.2 deprecates implicit conversion from float to int if it loses precision, hence the explicit conversion. PHP 8.1 deprecates the (optional since PHP 8.0) 3rd parameter of imagefilledpolygon(), but 7.3 & 7.4 require it. --- lib/Vizhash16x16.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/Vizhash16x16.php b/lib/Vizhash16x16.php index b61fd56b..2d296af8 100644 --- a/lib/Vizhash16x16.php +++ b/lib/Vizhash16x16.php @@ -109,9 +109,9 @@ class Vizhash16x16 for ($i = 0; $i < 7; ++$i) { $action = $this->getInt(); $color = imagecolorallocate($image, $r, $g, $b); - $r = $r0 = ($r0 + $this->getInt() / 25) % 256; - $g = $g0 = ($g0 + $this->getInt() / 25) % 256; - $b = $b0 = ($b0 + $this->getInt() / 25) % 256; + $r = $r0 = ((int) $r0 + $this->getInt() / 25) % 256; + $g = $g0 = ((int) $g0 + $this->getInt() / 25) % 256; + $b = $b0 = ((int) $b0 + $this->getInt() / 25) % 256; $this->drawshape($image, $action, $color); } @@ -136,7 +136,7 @@ class Vizhash16x16 { $v = $this->VALUES[$this->VALUES_INDEX]; ++$this->VALUES_INDEX; - $this->VALUES_INDEX %= count($this->VALUES); // Warp around the array + $this->VALUES_INDEX %= count($this->VALUES); // Wrap around the array return $v; } @@ -148,7 +148,7 @@ class Vizhash16x16 */ private function getX() { - return $this->width * $this->getInt() / 256; + return (int) $this->width * $this->getInt() / 256; } /** @@ -159,7 +159,7 @@ class Vizhash16x16 */ private function getY() { - return $this->height * $this->getInt() / 256; + return (int) $this->height * $this->getInt() / 256; } /** @@ -190,9 +190,9 @@ class Vizhash16x16 ($color2[2] - $color1[2]) / $size, ); for ($i = 0; $i < $size; ++$i) { - $r = $color1[0] + ($diffs[0] * $i); - $g = $color1[1] + ($diffs[1] * $i); - $b = $color1[2] + ($diffs[2] * $i); + $r = $color1[0] + ((int) $diffs[0] * $i); + $g = $color1[1] + ((int) $diffs[1] * $i); + $b = $color1[2] + ((int) $diffs[2] * $i); if ($direction == 'h') { imageline($img, $i, 0, $i, $sizeinv, imagecolorallocate($img, $r, $g, $b)); } else { @@ -222,7 +222,7 @@ class Vizhash16x16 break; case 3: $points = array($this->getX(), $this->getY(), $this->getX(), $this->getY(), $this->getX(), $this->getY(), $this->getX(), $this->getY()); - imagefilledpolygon($image, $points, 4, $color); + version_compare(PHP_VERSION, '8.1', '<') ? imagefilledpolygon($image, $points, 4, $color) : imagefilledpolygon($image, $points, $color); break; default: $start = $this->getInt() * 360 / 256; From 027462a872c16b2a5e726031e62b43411b38ca2a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Apr 2024 11:06:39 +0000 Subject: [PATCH 4/8] Bump phpunit/phpunit from 9.6.18 to 9.6.19 Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) from 9.6.18 to 9.6.19. - [Release notes](https://github.com/sebastianbergmann/phpunit/releases) - [Changelog](https://github.com/sebastianbergmann/phpunit/blob/9.6.19/ChangeLog-9.6.md) - [Commits](https://github.com/sebastianbergmann/phpunit/compare/9.6.18...9.6.19) --- updated-dependencies: - dependency-name: phpunit/phpunit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- composer.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/composer.lock b/composer.lock index b455c50c..a08c960e 100644 --- a/composer.lock +++ b/composer.lock @@ -809,16 +809,16 @@ }, { "name": "phpunit/phpunit", - "version": "9.6.18", + "version": "9.6.19", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "32c2c2d6580b1d8ab3c10b1e9e4dc263cc69bb04" + "reference": "a1a54a473501ef4cdeaae4e06891674114d79db8" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/32c2c2d6580b1d8ab3c10b1e9e4dc263cc69bb04", - "reference": "32c2c2d6580b1d8ab3c10b1e9e4dc263cc69bb04", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/a1a54a473501ef4cdeaae4e06891674114d79db8", + "reference": "a1a54a473501ef4cdeaae4e06891674114d79db8", "shasum": "" }, "require": { @@ -892,7 +892,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/phpunit/issues", "security": "https://github.com/sebastianbergmann/phpunit/security/policy", - "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.18" + "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.19" }, "funding": [ { @@ -908,7 +908,7 @@ "type": "tidelift" } ], - "time": "2024-03-21T12:07:32+00:00" + "time": "2024-04-05T04:35:58+00:00" }, { "name": "sebastian/cli-parser", From 0311b4f527696282fea9138b5b58fb4053cceeac Mon Sep 17 00:00:00 2001 From: smonesi <63957397+smonesi@users.noreply.github.com> Date: Tue, 23 Apr 2024 11:35:32 +0200 Subject: [PATCH 5/8] Fix silly translation for burn-after-reading messages. --- i18n/it.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/i18n/it.json b/i18n/it.json index 65752765..15f7051b 100644 --- a/i18n/it.json +++ b/i18n/it.json @@ -215,6 +215,6 @@ "Trying to shorten a URL that isn't pointing at our instance.": "Tantativo in corso di accorciare un URL che non punta alla nostra istanza.", "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Errore nella chiamata a YOURLS. Probabilmente un problema di configurazione, come un \"apiurl\" o una \"signature\" sbagliati o mancanti.", "Error parsing YOURLS response.": "Errore nell'analizzare la risposta YOURLS.", - "This secret message can only be displayed once. Would you like to see it now?": "Messaggi di tipo Distruggi-dopo-lettura piovono essere visualizzata solo una volta al caricamento. Vuoi vederlo ora?", + "This secret message can only be displayed once. Would you like to see it now?": "Questo messaggio di tipo Distruggi-dopo-lettura può essere visualizzato solo una volta. Vuoi vederlo ora?", "Yes, see it": "Sì, vederlo" } From 2813dd2295cf57dc4fa40b4d4978c0a3ed8692ba Mon Sep 17 00:00:00 2001 From: smonesi <63957397+smonesi@users.noreply.github.com> Date: Tue, 23 Apr 2024 11:43:30 +0200 Subject: [PATCH 6/8] Another small translation fix --- i18n/it.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/i18n/it.json b/i18n/it.json index 15f7051b..a0076938 100644 --- a/i18n/it.json +++ b/i18n/it.json @@ -216,5 +216,5 @@ "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Errore nella chiamata a YOURLS. Probabilmente un problema di configurazione, come un \"apiurl\" o una \"signature\" sbagliati o mancanti.", "Error parsing YOURLS response.": "Errore nell'analizzare la risposta YOURLS.", "This secret message can only be displayed once. Would you like to see it now?": "Questo messaggio di tipo Distruggi-dopo-lettura può essere visualizzato solo una volta. Vuoi vederlo ora?", - "Yes, see it": "Sì, vederlo" + "Yes, see it": "Sì, visualizzalo" } From ad19f8cfe604e1e06fcdb8e65bfc64375d0fae55 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Apr 2024 11:43:14 +0000 Subject: [PATCH 7/8] Bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0 Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.10.0 to 2.0.0. - [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases) - [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md) - [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.10.0...v2.0.0) --- updated-dependencies: - dependency-name: slsa-framework/slsa-github-generator dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 53e047f9..3d858651 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -43,7 +43,7 @@ jobs: actions: read id-token: write contents: write - uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0 + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0 with: base64-subjects: "${{ needs.release.outputs.hashes }}" draft-release: true From 22166c91d7a09e46457700015ab03ba7627a53bd Mon Sep 17 00:00:00 2001 From: PrivateBin Translator Bot <72346835+privatebin-translator@users.noreply.github.com> Date: Fri, 3 May 2024 04:18:56 +0200 Subject: [PATCH 8/8] New translations en.json (Turkish) --- i18n/tr.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/i18n/tr.json b/i18n/tr.json index f4dbcd65..d2b7606e 100644 --- a/i18n/tr.json +++ b/i18n/tr.json @@ -3,7 +3,7 @@ "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s sunucunun burada paylaştığınız veriyi görmediği, minimal, açık kaynak bir pastebindir. Veriler tarayıcıda 256 bit AES kullanılarak şifrelenir/çözülür.", "More information on the project page.": "Daha fazla bilgi için proje sayfası'na göz atabilirsiniz.", "Because ignorance is bliss": "Çünkü, cehalet mutluluktur", - "Paste does not exist, has expired or has been deleted.": "Paste does not exist, has expired or has been deleted.", + "Paste does not exist, has expired or has been deleted.": "Bu mevcut değil, süresi dolmuş veya silinmiş.", "%s requires php %s or above to work. Sorry.": "%s PHP %s veya daha üstünü gerektirir.", "%s requires configuration section [%s] to be present in configuration file.": "%s konfigürasyon bölümünün [%s] bulunmasını gerektir.", "Please wait %d seconds between each post.": [ @@ -188,7 +188,7 @@ "Decrypting paste…": "Yazı şifresi çözülüyor…", "Preparing new paste…": "Yeni yazı hazırlanıyor…", "In case this message never disappears please have a look at this FAQ for information to troubleshoot.": "In case this message never disappears please have a look at this FAQ for information to troubleshoot.", - "+++ no paste text +++": "+++ no paste text +++", + "+++ no paste text +++": "+++ yazı içeriği yok +++", "Could not get paste data: %s": "Yazı verisi alınamıyor: %s", "QR code": "QR kodu", "This website is using an insecure HTTP connection! Please use it only for testing.": "This website is using an insecure HTTP connection! Please use it only for testing.", @@ -216,5 +216,5 @@ "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".", "Error parsing YOURLS response.": "Error parsing YOURLS response.", "This secret message can only be displayed once. Would you like to see it now?": "This secret message can only be displayed once. Would you like to see it now?", - "Yes, see it": "Yes, see it" + "Yes, see it": "Evet, görüyorum" }