Release/2.x/2.23.0 (#593)

* remove rdf * remove fixed patch * Update drupal/search_api_solr requirement from 4.2.7 to 4.2.8 Updates the requirements on drupal/search_api_solr to permit the latest version. --- updated-dependencies: - dependency-name: drupal/search_api_solr dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * [GOVCMSD9-695] Step1: Remove update_notifications_disable module from distribution * Update function names to reflect govcms_security module * add entity_embed patch * [GOVCMSD9-920] Enable media_file_delete module by default * Update drupal/ds requirement from 3.13.0 to 3.15.0 Updates the requirements on drupal/ds to permit the latest version. --- updated-dependencies: - dependency-name: drupal/ds dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Update drupal/embed requirement from 1.5 to 1.6.0 Updates the requirements on drupal/embed to permit the latest version. --- updated-dependencies: - dependency-name: drupal/embed dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * [GOVCMSD9-883] Lock Security.txt in GovCMS * Update drupal/paragraphs requirement from 1.14.0 to 1.15.0 Updates the requirements on drupal/paragraphs to permit the latest version. --- updated-dependencies: - dependency-name: drupal/paragraphs dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Update drupal/redirect requirement from 1.7.0 to 1.8.0 Updates the requirements on drupal/redirect to permit the latest version. --- updated-dependencies: - dependency-name: drupal/redirect dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Update drupal/key requirement from 1.15.0 to 1.16.0 Updates the requirements on drupal/key to permit the latest version. --- updated-dependencies: - dependency-name: drupal/key dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Update drupal/inline_entity_form requirement Updates the requirements on drupal/inline_entity_form to permit the latest version. --- updated-dependencies: - dependency-name: drupal/inline_entity_form dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Update drupal/environment_indicator requirement from 4.0.7 to 4.0.9 Updates the requirements on drupal/environment_indicator to permit the latest version. --- updated-dependencies: - dependency-name: drupal/environment_indicator dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * [GOVCMSD9-750] Apply updated patch to fix TFA module PHP warnings * Update drupal/dropzonejs requirement from 2.6.0 to 2.7.0 Updates the requirements on drupal/dropzonejs to permit the latest version. --- updated-dependencies: - dependency-name: drupal/dropzonejs dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Update drupal/captcha requirement from 1.4 to 1.5.0 Updates the requirements on drupal/captcha to permit the latest version. --- updated-dependencies: - dependency-name: drupal/captcha dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * [GOVCMSD9-904] Make GovCMS Bartik theme D10 compatible * [GOVCMSD9-883] Fix bug for Class "GovcmsSecurityInterface" not found * Update drupal/modifiers requirement from 1.4 to 1.5.0 Updates the requirements on drupal/modifiers to permit the latest version. --- updated-dependencies: - dependency-name: drupal/modifiers dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Update drupal/embed requirement from 1.5 to 1.6.0 Updates the requirements on drupal/embed to permit the latest version. --- updated-dependencies: - dependency-name: drupal/embed dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Update drupal/shield requirement from 1.6.0 to 1.7.0 Updates the requirements on drupal/shield to permit the latest version. --- updated-dependencies: - dependency-name: drupal/shield dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * add linkit patch * [GOVCMSD9-912] Remove patch for google_analytics deprecated warnings for PHP 8.1 compatibility * [GOVCMS-8404] Prepare GovCMS Distro release 2.23.0 Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Suhyeon Hong <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tara <[email protected]> Co-authored-by: Mingsong Hu <[email protected]> Co-authored-by: Mingsong Hu <[email protected]> Co-authored-by: Tara-Wij <[email protected]> Co-authored-by: ruwanl <[email protected]>
govCMS · Oct 17, 2022 · dab5080 · dab5080
1 parent fef78b3
commit dab5080
Show file tree

Hide file tree

Showing 9 changed files with 132 additions and 24 deletions.
diff --git a/composer.json b/composer.json
@@ -53,7 +53,7 @@
         "drupal/adminimal_theme": "1.6.0",
         "drupal/bigmenu": "2.0.0-rc2",
         "drupal/block_place": "1.0",
-        "drupal/captcha": "1.4",
+        "drupal/captcha": "1.5.0",
         "drupal/chosen": "3.0.3",
         "drupal/components": "2.4.0",
         "drupal/config_filter": "2.4.0",
@@ -70,28 +70,28 @@
         "drupal/ctools": "3.11.0",
         "drupal/devel": "4.1.5",
         "drupal/diff": "1.0.0",
-        "drupal/dropzonejs": "2.6.0",
-        "drupal/ds": "3.13.0",
+        "drupal/dropzonejs": "2.7.0",
+        "drupal/ds": "3.15.0",
         "drupal/dynamic_entity_reference": "1.16.0",
-        "drupal/embed": "1.5",
+        "drupal/embed": "1.6.0",
         "drupal/encrypt": "3.0",
         "drupal/entity_browser": "2.8.0",
         "drupal/entity_class_formatter": "1.3",
         "drupal/entity_embed": "1.2.0",
         "drupal/entity_hierarchy": "3.3.1",
         "drupal/entity_reference_display": "1.4.0",
         "drupal/entity_reference_revisions": "1.10.0",
-        "drupal/environment_indicator": "4.0.7",
+        "drupal/environment_indicator": "4.0.9",
         "drupal/facets": "2.0.5",
         "drupal/features": "3.12.0",
         "drupal/field_group": "3.2.0",
         "drupal/focal_point": "1.5.0",
         "drupal/ga_login": "1.0.0-alpha6",
-        "drupal/google_analytics": "4.0.0",
+        "drupal/google_analytics": "4.0.2",
         "drupal/govcms_dlm": "1.4.0",
         "drupal/honeypot": "2.1.1",
-        "drupal/inline_entity_form": "1.0.0-rc12",
-        "drupal/key": "1.15.0",
+        "drupal/inline_entity_form": "1.0.0-rc14",
+        "drupal/key": "1.16.0",
         "drupal/layout_builder_modal": "1.1",
         "drupal/layout_builder_restrictions": "2.15.0",
         "drupal/linked_field": "1.3.0",
@@ -107,26 +107,26 @@
         "drupal/migrate_source_csv": "3.5.0",
         "drupal/migrate_tools": "6.0.0",
         "drupal/minisite": "1.3",
-        "drupal/modifiers": "1.4",
+        "drupal/modifiers": "1.5.0",
         "drupal/module_permissions": "3.1.0",
         "drupal/panelizer": "4.4",
         "drupal/panels": "4.6.0",
-        "drupal/paragraphs": "1.14.0",
+        "drupal/paragraphs": "1.15.0",
         "drupal/password_policy": "3.1.0",
         "drupal/pathauto": "1.11.0",
         "drupal/real_aes": "2.4.0",
         "drupal/recaptcha": "3.0",
-        "drupal/redirect": "1.7.0",
+        "drupal/redirect": "1.8.0",
         "drupal/rest_menu_items": "3.0.2",
         "drupal/robotstxt": "1.4",
         "drupal/role_delegation": "1.2.0",
         "drupal/scheduled_transitions": "2.2.1",
         "drupal/search_api": "1.25.0",
         "drupal/search_api_attachments": "9.0.0",
-        "drupal/search_api_solr": "4.2.7",
+        "drupal/search_api_solr": "4.2.8",
         "drupal/seckit": "2.0.0",
         "drupal/securitytxt": "1.2.0",
-        "drupal/shield": "1.6.0",
+        "drupal/shield": "1.7.0",
         "drupal/simple_oauth": "5.2.0",
         "drupal/simple_sitemap": "4.1.2",
         "drupal/swiftmailer": "2.2.0",
@@ -187,25 +187,25 @@
         "enable-patching": true,
         "composer-exit-on-patch-failure": true,
         "patches": {
-          "drupal/captcha": {
-              "Captcha point add label": "https://www.drupal.org/files/issues/2022-08-07/hook-3293710-3.patch"
-          },
-            "drupal/google_analytics": {
-                "Fix deprecated warnings for PHP 8.1 compatibility - https://www.drupal.org/project/google_analytics/issues/3258588": "https://www.drupal.org/files/issues/2022-06-03/google_analytics-jsonserialize-code-standard-fixes-3258588-20.patch"
-            },
             "drupal/metatag": {
                 "Unsetting metatags": "https://www.drupal.org/files/issues/2022-03-15/metatag-unset-2735195.patch"
             },
             "drupal/securitytxt": {
                 "Config variable contact_page_url doesn't exist in Form- https://www.drupal.org/project/securitytxt/issues/3292099": "https://www.drupal.org/files/issues/2022-06-23/3292099-config-variable-contactpageurl.patch"
             },
             "drupal/tfa": {
-                "Create Email one-time-code Validation Plugin & related Setup Plugin - https://www.drupal.org/project/tfa/issues/2930541": "https://www.drupal.org/files/issues/2020-10-19/tfa-2930541-22_0.patch",
+                "Create Email one-time-code Validation Plugin & related Setup Plugin - https://www.drupal.org/project/tfa/issues/2930541": "https://www.drupal.org/files/issues/2022-07-15/tfa-2930541-44.patch",
                 "Users' recovery codes exposed to admin users - https://www.drupal.org/project/tfa/issues/3075304": "https://www.drupal.org/files/issues/2021-01-14/tfa-3075304-15.patch",
                 "Set upper limit for number of skipped validation": "https://www.drupal.org/files/issues/2022-02-09/3263289-set-upper-limit.patch"
             },
             "drupal/twig_tweak": {
                 "sanitize input": "https://www.drupal.org/files/issues/2021-02-03/twig_tweak-token-xss.patch"
+            },
+            "drupal/entity_embed": {
+                "Construction of EntityEmbedDisplay plugin instances trigger strpos deprecation on PHP 8.1": "https://git.drupalcode.org/project/entity_embed/-/merge_requests/6.diff"
+            },
+            "drupal/linkit": {
+                "Deprecated function": "https://www.drupal.org/files/issues/2022-04-26/linkit-jsonserialize-3262401-11.patch"
             }
         }
     },

diff --git a/config/install/user.role.govcms_site_administrator.yml b/config/install/user.role.govcms_site_administrator.yml
@@ -39,6 +39,7 @@ permissions:
   - 'administer node fields'
   - 'administer node form display'
   - 'administer nodes'
+  - 'administer securitytxt'
   - 'administer shortcuts'
   - 'administer taxonomy'
   - 'administer taxonomy_term display'

diff --git a/govcms.info.yml b/govcms.info.yml
@@ -3,7 +3,7 @@ type: profile
 description: 'A GovCMS Drupal Distribution for government and the public sector in Australia.'
 project: govcms
 core_version_requirement: ^9
-version: '2.22.0'
+version: '2.23.0'
 
 distribution:
   name: GovCMS
@@ -21,13 +21,13 @@ install:
   - field_ui
   - help
   - layout_builder
+  - media_file_delete
   - media_library
   - menu_ui
   - node
   - options
   - page_cache
   - path
-  - rdf
   - securitytxt
   - settings_tray
   - shortcut

diff --git a/govcms.install b/govcms.install
@@ -179,3 +179,29 @@ function govcms_update_9001() {
     \Drupal::keyValue('system.schema')->delete($stub_module);
   }
 }
+
+/**
+ * Issue GOVCMSD9-695: Remove update_notifications_disable module from distribution.
+ */
+function govcms_update_9002() {
+  $disabling_modules = [
+    'update_notifications_disable',
+  ];
+
+  $extension_config = \Drupal::configFactory()->getEditable('core.extension');
+  $module = $extension_config->get('module');
+
+  foreach($disabling_modules as $disabling_module) {
+    if (isset($module[$disabling_module])) {
+      unset($module[$disabling_module]);
+    }
+  }
+
+  $extension_config->set('module', $module);
+  $extension_config->save();
+
+  // Remove update_notifications_disable module from system.schema.
+  foreach($disabling_modules as $disabling_module) {
+    \Drupal::keyValue('system.schema')->delete($disabling_module);
+  }
+}
diff --git a/modules/custom/core/govcms_security/govcms_security.info.yml b/modules/custom/core/govcms_security/govcms_security.info.yml
@@ -19,5 +19,4 @@ dependencies:
   - seckit:seckit
   - securitytxt
   - tfa
-  - update_notifications_disable:update_notifications_disable
   - username_enumeration_prevention:username_enumeration_prevention
diff --git a/modules/custom/core/govcms_security/govcms_security.install b/modules/custom/core/govcms_security/govcms_security.install
@@ -4,6 +4,7 @@
  * @file
  * Contains install and update functions for the module.
  */
+use Drupal\govcms_security\GovcmsSecurityInterface;
 use Drupal\user\RoleInterface;
 
 /**
@@ -35,6 +36,33 @@ function govcms_security_update_9001() {
   }
 }
 
+/**
+ * Issue GOVCMSD9-883: Grant 'administer securitytxt' permission to site administrator.
+ */
+function govcms_security_update_9002() {
+  $module_handler = \Drupal::moduleHandler();
+  if ($module_handler) {
+    // We have to make sure the security text module is installed,
+    // before granting the permission to user roles.
+    if (!($module_handler->moduleExists('securitytxt'))) {
+      // The Security Text module hasn't been installed,
+      // then we install that module here.
+      if (!(\Drupal::service('module_installer')->install(['securitytxt']))) {
+        // In case the Security Text module wasn't installed successfully,
+        // maybe due to that module doesn't exist in the file system.
+        // Here return a message to indicate that the critical module isn't installed.
+        return t('"security.txt" module has not been installed.');
+      }
+    }
+    // Grant the "administer securitytxt" permission to user roles.
+    if ($module_handler->moduleExists('user')) {
+      // Govcms site administrator role.
+      user_role_grant_permissions(GovcmsSecurityInterface::GOVCMS_SITE_ADMIN_ROLE, [
+        'administer securitytxt']);
+    }
+  }
+}
+
 /**
  * Implements hook_requirements
  */
@@ -80,3 +108,13 @@ function govcms_security_requirements($phase) {
   }
   return $requirements;
 }
+
+/**
+ * Implements hook_install().
+ *
+ * Ensure that the Available releases array is empty so it never checks them.
+ */
+function govcms_security_install($is_syncing) {
+  \Drupal::keyValueExpirable('update_available_releases')->deleteAll();
+  \Drupal::keyValueExpirable('update_available_releases')->setMultiple([]);
+}
diff --git a/modules/custom/core/govcms_security/govcms_security.module b/modules/custom/core/govcms_security/govcms_security.module
@@ -36,6 +36,17 @@ function govcms_security_form_user_admin_settings_alter(&$form, FormStateInterfa
   $form['admin_role']['#access'] = FALSE;
 }
 
+/**
+ * Implements hook_form_FORM_ID_alter().
+ */
+function govcms_security_form_securitytxt_configure_alter(&$form, &$form_state) {
+  // Security.txt must be enabled.
+  $form['enabled']['#default_value'] = 1;
+  // Hide the 'enable' check box, so that no one can change it,
+  // via the form.
+  $form['enabled']['#access'] = FALSE;
+}
+
 /**
  * Implements hook_form_FORM_ID_alter().
  */
@@ -184,3 +195,23 @@ function govcms_security_hide_permissions_default() {
     'administer module_permissions',
   ];
 }
+
+/**
+ * Implements hook_update_projects_alter().
+ * Disables updates from all modules
+ */
+function govcms_security_update_projects_alter(&$projects) {
+  \Drupal::keyValueExpirable('update_available_releases')->deleteAll();
+  \Drupal::keyValueExpirable('update_available_releases')->setMultiple([]);
+  $projects = [];
+}
+
+/**
+ * Implements hook_cron().
+ *
+ * Make sure that when cron runs, available data is not fetched.
+ */
+function govcms_security_cron() {
+  \Drupal::keyValueExpirable('update_available_releases')->deleteAll();
+  \Drupal::keyValueExpirable('update_available_releases')->setMultiple([]);
+}
diff --git a/modules/custom/core/govcms_security/src/GovcmsSecurityInterface.php b/modules/custom/core/govcms_security/src/GovcmsSecurityInterface.php
@@ -0,0 +1,13 @@
+<?php
+
+namespace Drupal\govcms_security;
+
+/**
+ * Provides an interface for GovCMS secruity constants.
+ */
+interface GovcmsSecurityInterface {
+  /**
+   * Role ID for GovCMS Site Administrator role.
+   */
+  const GOVCMS_SITE_ADMIN_ROLE = 'govcms_site_administrator';
+}
diff --git a/themes/custom/govcms_bartik/govcms_bartik.info.yml b/themes/custom/govcms_bartik/govcms_bartik.info.yml
@@ -1,7 +1,7 @@
 name: 'GovCMS Bartik'
 type: theme
 description: 'A prototype theme from Drupal Bartik.'
-core_version_requirement: ^9
+core_version_requirement: ^9 || ^10
 base theme: bartik
 package: 'GovCMS'
 regions: