Commit fc11c63f authored by Ines WALLON's avatar Ines WALLON
Browse files

drush sec

parent c2891cf4
stages:
- init
- Init
- Security
- Code quality PHP 7.4
# PḦP8 is not stable
#- Code quality PHP 8.0
......@@ -19,6 +20,7 @@ variables:
include:
- local: config/.gitlab/build_drupal.yml
- local: config/.gitlab/security.yml
- local: config/.gitlab/code_quality_default.yml
# PḦP8 is not stable actually
#- local: config/.gitlab/code_quality_php8.yml
......
......@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "112ddde224334f89017ff763134e52d9",
"content-hash": "937f39d4df3ec3b903774abbcd4f0786",
"packages": [
{
"name": "asm89/stack-cors",
......@@ -3098,7 +3098,7 @@
"source": {
"type": "git",
"url": "https://git.drupalcode.org/project/paragraphs_usage.git",
"reference": "7072d06718e9942064ad73937186df93c97edfb5"
"reference": "8100cd19916d2898ecc4846cf02a0d006f27ccfb"
},
"require": {
"drupal/core": "^8 || ^9",
......@@ -3110,8 +3110,8 @@
"dev-1.0.x": "1.0.x-dev"
},
"drupal": {
"version": "1.0.2+2-dev",
"datestamp": "1612173972",
"version": "1.0.2+5-dev",
"datestamp": "1613408187",
"security-coverage": {
"status": "not-covered",
"message": "Dev releases are not covered by Drupal security advisories."
......@@ -3280,8 +3280,8 @@
"dev-1.x": "1.x-dev"
},
"drupal": {
"version": "8.x-1.2+3-dev",
"datestamp": "1586902942",
"version": "8.x-1.x-dev",
"datestamp": "1612877691",
"security-coverage": {
"status": "not-covered",
"message": "Dev releases are not covered by Drupal security advisories."
......@@ -3379,16 +3379,16 @@
},
{
"name": "drush/drush",
"version": "10.3.6",
"version": "10.4.0",
"source": {
"type": "git",
"url": "https://github.com/drush-ops/drush.git",
"reference": "fc985a95c6010e04891a2dbcf3f39984b8c9ef0a"
"reference": "507cecd32b05850cf2f70c8922ddad247cd9ce10"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/drush-ops/drush/zipball/fc985a95c6010e04891a2dbcf3f39984b8c9ef0a",
"reference": "fc985a95c6010e04891a2dbcf3f39984b8c9ef0a",
"url": "https://api.github.com/repos/drush-ops/drush/zipball/507cecd32b05850cf2f70c8922ddad247cd9ce10",
"reference": "507cecd32b05850cf2f70c8922ddad247cd9ce10",
"shasum": ""
},
"require": {
......@@ -3399,6 +3399,7 @@
"consolidation/robo": "^1.4.11 || ^2",
"consolidation/site-alias": "^3.0.0@stable",
"consolidation/site-process": "^2.1 || ^4",
"enlightn/security-checker": "^1",
"ext-dom": "*",
"grasmash/yaml-expander": "^1.1.1",
"guzzlehttp/guzzle": "^6.3 || ^7.0",
......@@ -3413,6 +3414,10 @@
"webflo/drupal-finder": "^1.2",
"webmozart/path-util": "^2.1.0"
},
"conflict": {
"drupal/migrate_run": "*",
"drupal/migrate_tools": "<= 5"
},
"require-dev": {
"composer/installers": "^1.7",
"cweagans/composer-patches": "~1.0",
......@@ -3420,9 +3425,10 @@
"drupal/alinks": "1.0.0",
"drupal/core-recommended": "^8.8",
"lox/xhprof": "dev-master",
"phpunit/phpunit": "^4.8.36 || ^6.1",
"phpunit/phpunit": ">=7.5.20",
"squizlabs/php_codesniffer": "^2.7 || ^3",
"vlucas/phpdotenv": "^2.4"
"vlucas/phpdotenv": "^2.4",
"yoast/phpunit-polyfills": "^0.2.0"
},
"bin": [
"drush"
......@@ -3507,7 +3513,7 @@
"irc": "irc://irc.freenode.org/drush",
"issues": "https://github.com/drush-ops/drush/issues",
"slack": "https://drupal.slack.com/messages/C62H9CWQM",
"source": "https://github.com/drush-ops/drush/tree/10.3.6"
"source": "https://github.com/drush-ops/drush/tree/10.4.0"
},
"funding": [
{
......@@ -3515,7 +3521,7 @@
"type": "github"
}
],
"time": "2020-11-11T04:36:51+00:00"
"time": "2021-02-15T20:26:00+00:00"
},
{
"name": "egulias/email-validator",
......@@ -3585,6 +3591,70 @@
],
"time": "2020-12-29T14:50:06+00:00"
},
{
"name": "enlightn/security-checker",
"version": "v1.5.0",
"source": {
"type": "git",
"url": "https://github.com/enlightn/security-checker.git",
"reference": "85ada478c641a304112ddd43e0c67dd18ce7c51e"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/enlightn/security-checker/zipball/85ada478c641a304112ddd43e0c67dd18ce7c51e",
"reference": "85ada478c641a304112ddd43e0c67dd18ce7c51e",
"shasum": ""
},
"require": {
"ext-json": "*",
"ext-zip": "*",
"guzzlehttp/guzzle": "^6.3|^7.0",
"php": ">=5.6",
"symfony/console": "^3.4|^4|^5",
"symfony/finder": "^3|^4|^5",
"symfony/yaml": "^3.4|^4|^5"
},
"require-dev": {
"phpunit/phpunit": "^5.5|^6|^7|^8|^9"
},
"bin": [
"security-checker"
],
"type": "library",
"autoload": {
"psr-4": {
"Enlightn\\SecurityChecker\\": "src"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Paras Malhotra",
"email": "paras@laravel-enlightn.com"
},
{
"name": "Miguel Piedrafita",
"email": "soy@miguelpiedrafita.com"
}
],
"description": "A PHP dependency vulnerabilities scanner based on the Security Advisories Database.",
"keywords": [
"package",
"php",
"scanner",
"security",
"security advisories",
"vulnerability scanner"
],
"support": {
"issues": "https://github.com/enlightn/security-checker/issues",
"source": "https://github.com/enlightn/security-checker/tree/v1.5.0"
},
"time": "2021-02-09T10:28:00+00:00"
},
{
"name": "grasmash/expander",
"version": "1.0.0",
......@@ -4635,16 +4705,16 @@
},
{
"name": "pear/archive_tar",
"version": "1.4.12",
"version": "1.4.13",
"source": {
"type": "git",
"url": "https://github.com/pear/Archive_Tar.git",
"reference": "19bb8e95490d3e3ad92fcac95500ca80bdcc7495"
"reference": "2b87b41178cc6d4ad3cba678a46a1cae49786011"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/pear/Archive_Tar/zipball/19bb8e95490d3e3ad92fcac95500ca80bdcc7495",
"reference": "19bb8e95490d3e3ad92fcac95500ca80bdcc7495",
"url": "https://api.github.com/repos/pear/Archive_Tar/zipball/2b87b41178cc6d4ad3cba678a46a1cae49786011",
"reference": "2b87b41178cc6d4ad3cba678a46a1cae49786011",
"shasum": ""
},
"require": {
......@@ -4711,7 +4781,7 @@
"type": "patreon"
}
],
"time": "2021-01-18T19:32:54+00:00"
"time": "2021-02-16T10:50:50+00:00"
},
{
"name": "pear/console_getopt",
......@@ -6318,7 +6388,7 @@
},
{
"name": "symfony/polyfill-ctype",
"version": "v1.22.0",
"version": "v1.22.1",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-ctype.git",
......@@ -6377,7 +6447,7 @@
"portable"
],
"support": {
"source": "https://github.com/symfony/polyfill-ctype/tree/v1.22.0"
"source": "https://github.com/symfony/polyfill-ctype/tree/v1.22.1"
},
"funding": [
{
......@@ -6397,16 +6467,16 @@
},
{
"name": "symfony/polyfill-iconv",
"version": "v1.22.0",
"version": "v1.22.1",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-iconv.git",
"reference": "b34bfb8c4c22650ac080d2662ae3502e5f2f4ae6"
"reference": "06fb361659649bcfd6a208a0f1fcaf4e827ad342"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/polyfill-iconv/zipball/b34bfb8c4c22650ac080d2662ae3502e5f2f4ae6",
"reference": "b34bfb8c4c22650ac080d2662ae3502e5f2f4ae6",
"url": "https://api.github.com/repos/symfony/polyfill-iconv/zipball/06fb361659649bcfd6a208a0f1fcaf4e827ad342",
"reference": "06fb361659649bcfd6a208a0f1fcaf4e827ad342",
"shasum": ""
},
"require": {
......@@ -6457,7 +6527,7 @@
"shim"
],
"support": {
"source": "https://github.com/symfony/polyfill-iconv/tree/v1.22.0"
"source": "https://github.com/symfony/polyfill-iconv/tree/v1.22.1"
},
"funding": [
{
......@@ -6473,20 +6543,20 @@
"type": "tidelift"
}
],
"time": "2021-01-07T16:49:33+00:00"
"time": "2021-01-22T09:19:47+00:00"
},
{
"name": "symfony/polyfill-intl-idn",
"version": "v1.22.0",
"version": "v1.22.1",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-intl-idn.git",
"reference": "0eb8293dbbcd6ef6bf81404c9ce7d95bcdf34f44"
"reference": "2d63434d922daf7da8dd863e7907e67ee3031483"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/polyfill-intl-idn/zipball/0eb8293dbbcd6ef6bf81404c9ce7d95bcdf34f44",
"reference": "0eb8293dbbcd6ef6bf81404c9ce7d95bcdf34f44",
"url": "https://api.github.com/repos/symfony/polyfill-intl-idn/zipball/2d63434d922daf7da8dd863e7907e67ee3031483",
"reference": "2d63434d922daf7da8dd863e7907e67ee3031483",
"shasum": ""
},
"require": {
......@@ -6544,7 +6614,7 @@
"shim"
],
"support": {
"source": "https://github.com/symfony/polyfill-intl-idn/tree/v1.22.0"
"source": "https://github.com/symfony/polyfill-intl-idn/tree/v1.22.1"
},
"funding": [
{
......@@ -6560,20 +6630,20 @@
"type": "tidelift"
}
],
"time": "2021-01-07T16:49:33+00:00"
"time": "2021-01-22T09:19:47+00:00"
},
{
"name": "symfony/polyfill-intl-normalizer",
"version": "v1.22.0",
"version": "v1.22.1",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-intl-normalizer.git",
"reference": "6e971c891537eb617a00bb07a43d182a6915faba"
"reference": "43a0283138253ed1d48d352ab6d0bdb3f809f248"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/polyfill-intl-normalizer/zipball/6e971c891537eb617a00bb07a43d182a6915faba",
"reference": "6e971c891537eb617a00bb07a43d182a6915faba",
"url": "https://api.github.com/repos/symfony/polyfill-intl-normalizer/zipball/43a0283138253ed1d48d352ab6d0bdb3f809f248",
"reference": "43a0283138253ed1d48d352ab6d0bdb3f809f248",
"shasum": ""
},
"require": {
......@@ -6628,7 +6698,7 @@
"shim"
],
"support": {
"source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.22.0"
"source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.22.1"
},
"funding": [
{
......@@ -6644,20 +6714,20 @@
"type": "tidelift"
}
],
"time": "2021-01-07T17:09:11+00:00"
"time": "2021-01-22T09:19:47+00:00"
},
{
"name": "symfony/polyfill-mbstring",
"version": "v1.22.0",
"version": "v1.22.1",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-mbstring.git",
"reference": "f377a3dd1fde44d37b9831d68dc8dea3ffd28e13"
"reference": "5232de97ee3b75b0360528dae24e73db49566ab1"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/f377a3dd1fde44d37b9831d68dc8dea3ffd28e13",
"reference": "f377a3dd1fde44d37b9831d68dc8dea3ffd28e13",
"url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/5232de97ee3b75b0360528dae24e73db49566ab1",
"reference": "5232de97ee3b75b0360528dae24e73db49566ab1",
"shasum": ""
},
"require": {
......@@ -6708,7 +6778,7 @@
"shim"
],
"support": {
"source": "https://github.com/symfony/polyfill-mbstring/tree/v1.22.0"
"source": "https://github.com/symfony/polyfill-mbstring/tree/v1.22.1"
},
"funding": [
{
......@@ -6724,11 +6794,11 @@
"type": "tidelift"
}
],
"time": "2021-01-07T16:49:33+00:00"
"time": "2021-01-22T09:19:47+00:00"
},
{
"name": "symfony/polyfill-php72",
"version": "v1.22.0",
"version": "v1.22.1",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-php72.git",
......@@ -6784,7 +6854,7 @@
"shim"
],
"support": {
"source": "https://github.com/symfony/polyfill-php72/tree/v1.22.0"
"source": "https://github.com/symfony/polyfill-php72/tree/v1.22.1"
},
"funding": [
{
......@@ -6804,7 +6874,7 @@
},
{
"name": "symfony/polyfill-php73",
"version": "v1.22.0",
"version": "v1.22.1",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-php73.git",
......@@ -6863,7 +6933,7 @@
"shim"
],
"support": {
"source": "https://github.com/symfony/polyfill-php73/tree/v1.22.0"
"source": "https://github.com/symfony/polyfill-php73/tree/v1.22.1"
},
"funding": [
{
......@@ -6883,7 +6953,7 @@
},
{
"name": "symfony/polyfill-php80",
"version": "v1.22.0",
"version": "v1.22.1",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-php80.git",
......@@ -6946,7 +7016,7 @@
"shim"
],
"support": {
"source": "https://github.com/symfony/polyfill-php80/tree/v1.22.0"
"source": "https://github.com/symfony/polyfill-php80/tree/v1.22.1"
},
"funding": [
{
......@@ -10517,16 +10587,16 @@
},
{
"name": "phpstan/phpstan",
"version": "0.12.75",
"version": "0.12.76",
"source": {
"type": "git",
"url": "https://github.com/phpstan/phpstan.git",
"reference": "2e4738cd67e0163861a065180eff7eb5c8417d6e"
"reference": "7aaaf9a759a29795e8f46d48041af1c1f1b23d38"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phpstan/phpstan/zipball/2e4738cd67e0163861a065180eff7eb5c8417d6e",
"reference": "2e4738cd67e0163861a065180eff7eb5c8417d6e",
"url": "https://api.github.com/repos/phpstan/phpstan/zipball/7aaaf9a759a29795e8f46d48041af1c1f1b23d38",
"reference": "7aaaf9a759a29795e8f46d48041af1c1f1b23d38",
"shasum": ""
},
"require": {
......@@ -10557,7 +10627,7 @@
"description": "PHPStan - PHP Static Analysis Tool",
"support": {
"issues": "https://github.com/phpstan/phpstan/issues",
"source": "https://github.com/phpstan/phpstan/tree/0.12.75"
"source": "https://github.com/phpstan/phpstan/tree/0.12.76"
},
"funding": [
{
......@@ -10573,7 +10643,7 @@
"type": "tidelift"
}
],
"time": "2021-02-11T13:58:47+00:00"
"time": "2021-02-13T11:47:44+00:00"
},
{
"name": "phpunit/php-code-coverage",
......@@ -11052,12 +11122,12 @@
"source": {
"type": "git",
"url": "https://github.com/Roave/SecurityAdvisories.git",
"reference": "5f40d4d577a71466f9723122251b46bdaf634709"
"reference": "1e48e1beacb6122df93aa61a6cc291254984be2a"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/5f40d4d577a71466f9723122251b46bdaf634709",
"reference": "5f40d4d577a71466f9723122251b46bdaf634709",
"url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/1e48e1beacb6122df93aa61a6cc291254984be2a",
"reference": "1e48e1beacb6122df93aa61a6cc291254984be2a",
"shasum": ""
},
"conflict": {
......@@ -11299,6 +11369,7 @@
"ua-parser/uap-php": "<3.8",
"usmanhalalit/pixie": "<1.0.3|>=2,<2.0.2",
"verot/class.upload.php": "<=1.0.3|>=2,<=2.0.4",
"vrana/adminer": "<4.7.9",
"wallabag/tcpdf": "<6.2.22",
"willdurand/js-translation-bundle": "<2.1.1",
"yii2mod/yii2-cms": "<1.9.2",
......@@ -11369,7 +11440,7 @@
"type": "tidelift"
}
],
"time": "2021-02-10T03:02:31+00:00"
"time": "2021-02-16T17:17:25+00:00"
},
{
"name": "sebastian/cli-parser",
......
'Build Drupal':
stage: init
stage: Init
image: libert/drupal-php-dev:7.4
tags:
- spud
......
.security:
stage: Test
needs: ['Build Drupal']
image: docker/compose:latest
before_script:
- docker login -u $HUB_USERNAME -p $HUB_PASSWORD
- sed -i "s/FIXUID=1000/FIXUID=0/g" .env
- sed -i "s/FIXGID=1000/FIXGID=0/g" .env
- sed -i '/COMPOSER_AUTH/d' .env
- echo COMPOSER_AUTH=$COMPOSER_AUTH >> .env
- echo CMIS_URL_NUXEO=$CMIS_URL_NUXEO >> .env
- echo CMIS_URL_ALFRESCO=$CMIS_URL_ALFRESCO >> .env
- docker network create drupalci_nw
- docker-compose up -d
- sleep 30
- $WEB_CONTAINER composer update
- $WEB_CONTAINER bash /project/scripts/install.sh "skeletond9" "d9@example.com"
rules:
- if: $CI_COMMIT_BRANCH == "contrib_modules"
'pm:security':
extends: .security
tags:
- spud
script:
- $WEB_CONTAINER drush pm:security --format=xml > security.xml
artifacts:
when: on_failure
reports:
junit: security.xml
'pm:security-php':
extends: .security
tags:
- spud
script:
- $WEB_CONTAINER drush pm:security-php --format=xml > security-php.xml
artifacts:
when: on_failure
reports:
junit: security-php.xml
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment