Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • adaures/castopod
  • mkljczk/castopod-host
  • spaetz/castopod-host
  • PatrykMis/castopod
  • jonas/castopod
  • ajeremias/castopod
  • misuzu/castopod
  • KrzysztofDomanczyk/castopod
  • Behel/castopod
  • nebulon/castopod
  • ewen/castopod
  • NeoluxConsulting/castopod
  • nateritter/castopod-og
  • prcutler/castopod
14 results
Show changes
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 1519 additions and 621 deletions
CHANGELOG.md
View file @ 00870cef
This diff is collapsed.
docs/src/contributing/setup-development.md CONTRIBUTING-DEV.md
View file @ 00870cef
---
title: Development setup
sidebarDepth: 3
---
# Setup your development environment
## Introduction
......@@ -10,7 +5,7 @@ sidebarDepth: 3
Castopod is a web app based on the `php` framework
[CodeIgniter 4](https://codeigniter.com).
We use [Docker](https://www.docker.com/) quickly setup a dev environment. A
We use [Docker](https://www.docker.com/) to quickly setup a dev environment. A
`docker-compose.yml` and `Dockerfile` are included in the project's root folder
to help you kickstart your contribution.
......@@ -21,9 +16,9 @@ to help you kickstart your contribution.
### 1. Pre-requisites
0. Install [docker](https://docs.docker.com/get-docker).
0. Install [Docker](https://docs.docker.com/get-docker).
1. Clone Castopod project by running:
1. Clone the Castopod repository by running:
```bash
git clone https://code.castopod.org/adaures/castopod.git
......@@ -34,7 +29,7 @@ to help you kickstart your contribution.
```ini
CI_ENVIRONMENT="development"
# If set to development, you must run `npm run dev` to start the static assets server
# If set to development, you must run `pnpm run dev` to start the static assets server
vite.environment="development"
# By default, this is set to true in the app config.
......@@ -43,7 +38,6 @@ to help you kickstart your contribution.
app.forceGlobalSecureRequests=false
app.baseURL="http://localhost:8080/"
app.mediaBaseURL="http://localhost:8080/"
admin.gateway="cp-admin"
auth.gateway="cp-auth"
......@@ -57,23 +51,38 @@ to help you kickstart your contribution.
analytics.salt="DEV_ANALYTICS_SALT"
cache.handler="redis"
cache.redis.host = "redis"
cache.redis.host="redis"
# You may not want to use redis as your cache handler
# Comment/remove the two lines above and uncomment
# the next line for file caching.
# -----------------------
#cache.handler="file"
######################################
# Media config
######################################
media.baseURL="http://localhost:8080/"
# S3
# Uncomment to store s3 objects using adobe/s3mock service
# -----------------------
#media.fileManager="s3"
#media.s3.bucket="castopod"
#media.s3.endpoint="http://172.31.0.6:9090/"
#media.s3.pathStyleEndpoint=true
```
> _NB._ You can tweak your environment by setting more environment variables
> in your custom `.env` file. See the `env` for examples or the
> [!NOTE]
> You can tweak your environment by setting more environment variables in
> your custom `.env` file. See the `env` for examples or the
> [CodeIgniter4 User Guide](https://codeigniter.com/user_guide/index.html)
> for more info.
3. (for docker desktop) Add the repository you've cloned to docker desktop's
3. (for Docker desktop) Add the repository you've cloned to Docker desktop's
`Settings` > `Resources` > `File Sharing`
### 2. (recommended) Develop inside the app Container with VSCode
### 2. (recommended) Develop inside the app container with VSCode
If you're working in VSCode, you can take advantage of the `.devcontainer/`
folder. It defines a development environment (dev container) with preinstalled
......@@ -87,16 +96,16 @@ required services will be loaded automagically! 🪄
> The VSCode window will reload inside the dev container. Expect several
> minutes during first load as it is building all necessary services.
**Note**: The dev container will start by running Castopod's php server.
**Note**: The dev container will start by running Castopod's PHP server.
During development, you will have to start [Vite](https://vitejs.dev)'s dev
server for compiling the typescript code and styles:
```bash
# run Vite dev server
npm run dev
pnpm run dev
```
If there is any issue with the php server not running, you can restart them
If there is any issue with the PHP server not running, you can restart them
using the following commands:
```bash
......@@ -116,15 +125,15 @@ required services will be loaded automagically! 🪄
# Composer is installed
composer -V
# npm is installed
npm -v
# pnpm is installed
pnpm -v
# git is installed
git version
```
For more info, see
[VSCode Remote Containers](https://code.visualstudio.com/docs/remote/containers)
[Developing inside a Container](https://code.visualstudio.com/docs/devcontainers/containers)
### 3. Start hacking
......@@ -135,7 +144,12 @@ more insights.
To see your changes, go to:
- `http://localhost:8080/` for the Castopod app
- `http://localhost:8080/` for the Castopod website
- `http://localhost:8080/cp-admin` for the Castopod admin:
- email: **admin@castopod.local**
- password: **castopod**
- `http://localhost:8888/` for the phpmyadmin interface:
- username: **castopod**
......@@ -145,9 +159,9 @@ To see your changes, go to:
You do not wish to use the VSCode devcontainer? No problem!
1. Start docker containers manually:
1. Start the Docker containers manually:
Go to project's root folder and run:
Go to the project's root folder and run:
```bash
# starts all services declared in docker-compose.yml file
......@@ -162,7 +176,7 @@ You do not wish to use the VSCode devcontainer? No problem!
```
> The `docker-compose up -d` command will boot 4 containers in the
> The `docker-compose up -d` command will boot 5 containers in the
> background:
>
> - `castopod_app`: a php based container with Castopod requirements
......@@ -173,6 +187,7 @@ You do not wish to use the VSCode devcontainer? No problem!
> persistent data
> - `castopod_phpmyadmin`: a phpmyadmin server to visualize the mariadb
> database.
> - `castopod_s3`: a mock s3 server to work on the s3 fileManager
2. Run any command inside the containers by prefixing them with
`docker-compose run --rm app`:
......@@ -184,8 +199,8 @@ You do not wish to use the VSCode devcontainer? No problem!
# use Composer
docker-compose run --rm app composer -V
# use npm
docker-compose run --rm app npm -v
# use pnpm
docker-compose run --rm app pnpm -v
# use git
docker-compose run --rm app git version
......@@ -203,57 +218,46 @@ You do not wish to use the VSCode devcontainer? No problem!
composer install
```
::: info Note
The php dependencies aren't included in the repository. Composer will check
the `composer.json` and `composer.lock` files to download the packages with
the right versions. The dependencies will live under the `vendor/` folder.
For more info, check out the
[Composer documentation](https://getcomposer.org/doc/).
:::
> [!NOTE]
> The php dependencies aren't included in the repository. Composer will check
> the `composer.json` and `composer.lock` files to download the packages with
> the right versions. The dependencies will live under the `vendor/` folder.
> For more info, check out the
> [Composer documentation](https://getcomposer.org/doc/).
2. Install javascript dependencies with [npm](https://www.npmjs.com/)
2. Install JavaScript dependencies with [pnpm](https://pnpm.io/)
```bash
npm install
pnpm install
```
::: info Note
The javascript dependencies aren't included in the repository. Npm will check
the `package.json` and `package.lock` files to download the packages with the
right versions. The dependencies will live under the `node_module` folder.
For more info, check out the [NPM documentation](https://docs.npmjs.com/).
:::
> [!NOTE]
> The JavaScript dependencies aren't included in the repository. Pnpm will
> check the `package.json` and `pnpm-lock.yaml` files to download the
> packages with the right versions. The dependencies will live under the
> `node_module` folder. For more info, check out the
> [PNPM documentation](https://pnpm.io/motivation).
3. Generate static assets:
```bash
# build all static assets at once
npm run build:static
pnpm run build:static
# build specific assets
npm run build:icons
npm run build:svg
pnpm run build:icons
pnpm run build:svg
```
::: info Note
The static assets generated live under the `public/assets` folder, it
includes javascript, styles, images, fonts, icons and svg files.
:::
> [!NOTE]
> The static assets generated live under the `public/assets` folder, it
> includes JavaScript, styles, images, fonts, icons and svg files.
### Initialize and populate database
::: tip Tip
You may skip this section if you go through the install wizard (go to
`/cp-install`).
:::
> [!TIP]
> You may skip this section if you go through the install wizard (go to
> `/cp-install`).
1. Build the database with the migrate command:
......@@ -273,7 +277,7 @@ You may skip this section if you go through the install wizard (go to
```bash
# Populates all required data
php spark db:seed AppSeeder
php spark db:seed DevSeeder
```
You may choose to add data separately:
......@@ -285,20 +289,11 @@ You may skip this section if you go through the install wizard (go to
# Populates all Languages
php spark db:seed LanguageSeeder
# Populates all podcasts platforms
php spark db:seed PlatformSeeder
# Populates all Authentication data (roles definition…)
php spark db:seed AuthSeeder
# Adds a superadmin with [admin@castopod.local / castopod] credentials
php spark db:seed DevSuperadminSeeder
```
3. (optionnal) Populate the database with test data:
- Populate test data (login: admin / password: AGUehL3P)
```bash
php spark db:seed TestSeeder
```
3. (optional) Populate the database with test data:
- Populate with fake podcast analytics:
......@@ -312,11 +307,6 @@ You may skip this section if you go through the install wizard (go to
php spark db:seed FakeWebsiteAnalyticsSeeder
```
TestSeeder will add an active superadmin user with the following credentials:
- username: **admin**
- password: **AGUehL3P**
### Useful docker / docker-compose commands
- Monitor the app container:
......@@ -325,13 +315,13 @@ You may skip this section if you go through the install wizard (go to
docker-compose logs --tail 50 --follow --timestamps app
```
- Interact with redis server using included redis-cli command:
- Interact with the Redis server using included redis-cli command:
```bash
docker exec -it castopod_redis redis-cli
```
- Monitor the redis container:
- Monitor the Redis container:
```bash
docker-compose logs --tail 50 --follow --timestamps redis
......@@ -367,28 +357,52 @@ docker-compose down
docker-compose build app
```
Check [docker](https://docs.docker.com/engine/reference/commandline/docker/) and
Check [Docker](https://docs.docker.com/engine/reference/commandline/docker/) and
[docker-compose](https://docs.docker.com/compose/reference/) documentations for
more insights.
### Updating Documentation
Castopod's documentation is written in Markdown and uses the Astro Starlight
framework. To update Castopod's documentation, including the Getting Started
guide and User Guide:
1. Change directories to the `docs` directory and install the dependencies:
```bash
cd docs/
pnpm i
```
2. Start the documentation development server:
```bash
pnpm run dev --host
```
3. The documentation development server runs on port 4321. In your browser visit
`http://localhost:4321/docs`. If the page displays a 404 Not Found error,
click on the Castopod logo in the upper left hand corner of the page and the
documentation should load.
4. Edit the Markdown files with your documentation updates. The Astro Starlight
development server will automatically update each time you save a change.
## Known issues
### Allocation failed - JavaScript heap out of memory
This happens when running `npm install`.
This happens when running `pnpm install`.
👉 By default, docker might not have access to enough RAM. Allocate more memory
and run `npm install` again.
and run `pnpm install` again.
### (Linux) Files created inside container are attributed to root locally
You may use Linux user namespaces to fix this on your machine:
::: info Note
Replace "username" with your local username
:::
> [!NOTE]
> Replace "username" with your local username
1. Go to `/etc/docker/daemon.json` and add:
......@@ -412,7 +426,7 @@ Replace "username" with your local username
username:100000:65536
```
3. Restart docker:
3. Restart Docker:
```bash
sudo systemctl restart docker
......
CONTRIBUTING.md
View file @ 00870cef
# Contributing guidelines
# Contributing to Castopod
You may find the contributing guidelines in the
[Castopod documentation website](https://docs.castopod.org/contributing/guidelines.html).
Love Castopod and want to help? Thanks so much, there's something to do for
everybody!
> [!NOTE]
> Castopod follows the [all contributors](https://allcontributors.org/)
> specification in an effort to **recognize any kind of contribution**, not just
> code!
> If you've made a contribution and do not appear in the
> [contributors](../index.md#contributors-✨) list, please
> [let us know](../index.md#contact) so we can correct our mistake! 🙂
Please take a moment to review this document in order to make the contribution
process easy and effective for everyone involved.
Following these guidelines helps to communicate that you respect the time of the
developers managing and developing this open source project. In return, they
should reciprocate that respect in addressing your issue or assessing patches
and features.
## Translating Castopod
We use [Crowdin](https://translate.castopod.org/) to manage translation files
for [Castopod](https://code.castopod.org/), the
[documentation](https://docs.castopod.org/) and the
[landing](https://castopod.org/) websites.
Whether you'd like to correct a translation error, validate new translations or
include your language to Castopod, head into the
[crowdin project](https://translate.castopod.org/) to get started.
> [!NOTE]
> To prevent degrading user experience, new languages are included to Castopod
> when they reach a certain threshold (~90%).
## Using the issue tracker
The [issue tracker](https://code.castopod.org/adaures/castopod/-/issues) is the
preferred channel for [bug reports](#bug-reports),
[features requests](#feature-requests) and
[submitting pull requests](#pull-requests).
## ⚠️ Security issues and vulnerabilities
If you encounter any security issue or vulnerability in the Castopod source,
please contact us directly by email at
[security@castopod.org](mailto:security@castopod.org)
## Bug reports
A bug is a _demonstrable problem_ that is caused by the code in the repository.
Good bug reports are extremely helpful - thank you!
Guidelines for bug reports:
1. **Use the issue search** — check if the issue has already been
reported.
2. **Check if the issue has been fixed** — try to reproduce it using the
latest `main` branch in the repository.
3. **Isolate the problem** — ideally create a
[reduced test case](https://css-tricks.com/reduced-test-cases/) and a live
example.
A good bug report shouldn't leave others needing to chase you up for more
information. Please try to be as detailed as possible in your report. What is
your environment? What steps will reproduce the issue? What browser(s) and OS
experience the problem? What would you expect to be the outcome? All these
details will help people to fix any potential bugs.
> [!NOTE]
> [Issue templates](https://docs.gitlab.com/ee/user/project/description_templates.html#using-the-templates) have
> been created for this project. You may use them to help you follow those
> guidelines.
## Feature requests
Feature requests are welcome. But take a moment to find out whether your idea
fits with the scope and aims of the project. It's up to _you_ to make a strong
case to convince the project's developers of the merits of this feature. Please
provide as much detail and context as possible.
## Pull requests
Good pull requests - patches, improvements, new features - are a fantastic help.
They should remain focused in scope and avoid containing unrelated commits.
**Please ask first** before embarking on any significant pull request (e.g.
implementing features, refactoring code, porting to a different language),
otherwise you risk spending a lot of time working on something that the
project's developers might not want to merge into the project.
Please adhere to the coding conventions used throughout a project (indentation,
accurate comments, etc.) and any other requirements (such as test coverage).
Adhering to the following process is the best way to get your work included in
the project:
1. [Fork](https://docs.gitlab.com/ee/user/project/repository/forking_workflow.html)
the project, clone your fork, and configure the remotes:
```bash
# Clone your fork of the repo into the current directory
git clone https://code.castopod.org/<your-username>/castopod.git
# Navigate to the newly cloned directory
cd castopod
# Assign the original repo to a remote called "upstream"
git remote add upstream https://code.castopod.org/adaures/castopod.git
```
2. If you cloned a while ago, get the latest changes from upstream:
```bash
git checkout main
git pull upstream main
```
3. Create a new topic branch (off the `main` branch) to contain your feature,
change, or fix:
```bash
git checkout -b <topic-branch-name>
```
4. Commit your changes in logical chunks. Please adhere to these
[git commit message guidelines](https://conventionalcommits.org/) or your
code is unlikely be merged into the main project. Use Git's
[interactive rebase](https://help.github.com/articles/about-git-rebase/)
feature to tidy up your commits before making them public.
5. Locally merge (or rebase) the upstream dev branch into your topic branch:
```bash
git pull [--rebase] upstream main
```
6. Push your topic branch up to your fork:
```bash
git push origin <topic-branch-name>
```
7. [Open a Pull Request](https://docs.gitlab.com/ee/user/project/merge_requests/creating_merge_requests.html#new-merge-request-from-a-fork)
with a clear title and description.
> [!IMPORTANT]
> By submitting a patch, you agree to allow the project owners to license your
> work under the terms of the
> [GNU AGPLv3](https://code.castopod.org/adaures/castopod/-/blob/develop/LICENSE.md).
## Collaborating guidelines
There are few basic rules to ensure high quality of the project:
- Before merging, a PR requires at least two approvals from the collaborators
unless it's an architectural change, a large feature, etc. If it is, then at
least 50% of the core team have to agree to merge it, with every team member
having a full veto right. (i.e. every single one can block any PR)
- A PR should remain open for at least two days before merging (does not apply
for trivial contributions like fixing a typo). This way everyone has enough
time to look into it.
You are always welcome to discuss and propose improvements to this guideline.
DEPENDENCIES.md
View file @ 00870cef
......@@ -18,9 +18,9 @@ Javascript dependencies can be found in the [package.json](./package.json) file.
([Open Font License](https://scripts.sil.org/cms/scripts/page.php?site_id=nrsi&id=OFL))
- [RemixIcon](https://remixicon.com/)
([Apache License 2.0](https://github.com/Remix-Design/RemixIcon/blob/master/License))
- [OPAWG/User agent list](https://github.com/opawg/user-agents)
- [OPAWG/User agent list](https://github.com/opawg/user-agents-v2)
([by Open Podcast Analytics Working Group](https://github.com/opawg))
([MIT license](https://github.com/opawg/user-agents/blob/master/LICENSE))
([MIT license](https://github.com/opawg/user-agents-v2/blob/master/LICENSE))
- [OPAWG/podcast-rss-useragents](https://github.com/opawg/podcast-rss-useragents)
([by Open Podcast Analytics Working Group](https://github.com/opawg))
([MIT license](https://github.com/opawg/podcast-rss-useragents/blob/master/LICENSE))
......
README.md
View file @ 00870cef
This diff is collapsed.
app/.htaccess
View file @ 00870cef
<IfModule authz_core_module>
Require all denied
</IfModule>
<IfModule !authz_core_module>
Deny from all
</IfModule>
<IfModule authz_core_module> Require all denied </IfModule>
<IfModule !authz_core_module> Deny from all </IfModule>
app/Commands/EpisodesComputeDownloads.php 0 → 100644
View file @ 00870cef
<?php
declare(strict_types=1);
namespace App\Commands;
use App\Models\EpisodeModel;
use CodeIgniter\CLI\BaseCommand;
class EpisodesComputeDownloads extends BaseCommand
{
/**
* The Command's Group
*
* @var string
*/
protected $group = 'Episodes';
/**
* The Command's Name
*
* @var string
*/
protected $name = 'episodes:compute-downloads';
/**
* The Command's Description
*
* @var string
*/
protected $description = "Calculates all episodes downloads and stores results in episodes' downloads_count field.";
/**
* Actually execute a command.
*/
public function run(array $params): void
{
$episodesModel = new EpisodeModel();
$query = $episodesModel->builder()
->select('episodes.id as id, IFNULL(SUM(ape.hits),0) as downloads_count')
->join('analytics_podcasts_by_episode ape', 'episodes.id=ape.episode_id', 'left')
->groupBy('episodes.id');
$episodeModel2 = new EpisodeModel();
$episodeModel2->builder()
->setQueryAsData($query)
->onConstraint('id')
->updateBatch();
}
}
app/Common.php
View file @ 00870cef
......@@ -2,8 +2,6 @@
declare(strict_types=1);
use Config\Services;
use Config\View;
use ViewThemes\Theme;
/**
......@@ -14,7 +12,7 @@ use ViewThemes\Theme;
* This can be looked at as a `master helper` file that is loaded early on, and may also contain additional functions
* that you'd like to use throughout your entire application
*
* @link: https://codeigniter4.github.io/CodeIgniter4/
* @see: https://codeigniter.com/user_guide/extending/common.html
*/
if (! function_exists('view')) {
......@@ -38,7 +36,8 @@ if (! function_exists('view')) {
/** @var CodeIgniter\View\View $renderer */
$renderer = single_service('renderer', $path);
$saveData = config(View::class)->saveData;
$saveData = config('View')
->saveData;
if (array_key_exists('saveData', $options)) {
$saveData = (bool) $options['saveData'];
......@@ -49,42 +48,3 @@ if (! function_exists('view')) {
->render($name, $options, $saveData);
}
}
if (! function_exists('lang')) {
/**
* A convenience method to translate a string or array of them and format the result with the intl extension's
* MessageFormatter.
*
* Overwritten to include an escape parameter (escaped by default).
*
* @param array<int|string, string> $args
*
* TODO: remove, and escape args when necessary
*
* @return string|string[]
*/
function lang(string $line, array $args = [], ?string $locale = null, bool $escape = true): string | array
{
$language = Services::language();
// Get active locale
$activeLocale = $language->getLocale();
if ($locale && $locale !== $activeLocale) {
$language->setLocale($locale);
}
$line = $language->getLine($line, $args);
if (! $locale) {
return $escape ? esc($line) : $line;
}
if ($locale === $activeLocale) {
return $escape ? esc($line) : $line;
}
// Reset to active locale
$language->setLocale($activeLocale);
return $escape ? esc($line) : $line;
}
}
app/Config/App.php
View file @ 00870cef
......@@ -5,7 +5,7 @@ declare(strict_types=1);
namespace Config;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Session\Handlers\FileHandler;
use Override;
class App extends BaseConfig
{
......@@ -14,38 +14,34 @@ class App extends BaseConfig
* Base Site URL
* --------------------------------------------------------------------------
*
* URL to your CodeIgniter root. Typically this will be your base URL,
* URL to your CodeIgniter root. Typically, this will be your base URL,
* WITH a trailing slash:
*
* http://example.com/
*
* If this is not set then CodeIgniter will try guess the protocol, domain
* and path to your installation. However, you should always configure this
* explicitly and never rely on auto-guessing, especially in production
* environments.
* E.g., http://example.com/
*/
public string $baseURL = 'http://localhost:8080/';
/**
* --------------------------------------------------------------------------
* Media Base URL
* --------------------------------------------------------------------------
* Allowed Hostnames in the Site URL other than the hostname in the baseURL.
* If you want to accept multiple Hostnames, set this.
*
* URL to your media root. Typically this will be your base URL,
* WITH a trailing slash:
* E.g.,
* When your site URL ($baseURL) is 'http://example.com/', and your site
* also accepts 'http://media.example.com/' and 'http://accounts.example.com/':
* ['media.example.com', 'accounts.example.com']
*
* http://cdn.example.com/
* @var list<string>
*/
public string $mediaBaseURL = 'http://localhost:8080/';
public array $allowedHostnames = [];
/**
* --------------------------------------------------------------------------
* Index File
* --------------------------------------------------------------------------
*
* Typically this will be your index.php file, unless you've renamed it to
* something else. If you are using mod_rewrite to remove the page set this
* variable so that it is blank.
* Typically, this will be your `index.php` file, unless you've renamed it to
* something else. If you have configured your web server to remove this file
* from your site URIs, set this variable to an empty string.
*/
public string $indexPage = '';
......@@ -55,17 +51,41 @@ class App extends BaseConfig
* --------------------------------------------------------------------------
*
* This item determines which server global should be used to retrieve the
* URI string. The default setting of 'REQUEST_URI' works for most servers.
* URI string. The default setting of 'REQUEST_URI' works for most servers.
* If your links do not seem to work, try one of the other delicious flavors:
*
* 'REQUEST_URI' Uses $_SERVER['REQUEST_URI']
* 'QUERY_STRING' Uses $_SERVER['QUERY_STRING']
* 'PATH_INFO' Uses $_SERVER['PATH_INFO']
* 'REQUEST_URI': Uses $_SERVER['REQUEST_URI']
* 'QUERY_STRING': Uses $_SERVER['QUERY_STRING']
* 'PATH_INFO': Uses $_SERVER['PATH_INFO']
*
* WARNING: If you set this to 'PATH_INFO', URIs will always be URL-decoded!
*/
public string $uriProtocol = 'REQUEST_URI';
/*
*--------------------------------------------------------------------------
* Allowed URL Characters
*--------------------------------------------------------------------------
*
* This lets you specify which characters are permitted within your URLs.
* When someone tries to submit a URL with disallowed characters they will
* get a warning message.
*
* As a security measure you are STRONGLY encouraged to restrict URLs to
* as few characters as possible.
*
* By default, only these are allowed: `a-z 0-9~%.:_-`
*
* Set an empty string to allow all characters -- but only if you are insane.
*
* The configured value is actually a regular expression character group
* and it will be used as: '/\A[<permittedURIChars>]+\z/iu'
*
* DO NOT CHANGE THIS UNLESS YOU FULLY UNDERSTAND THE REPERCUSSIONS!!
*
*/
public string $permittedURIChars = 'a-z 0-9~%.:_\-@';
/**
* --------------------------------------------------------------------------
* Default Locale
......@@ -99,9 +119,23 @@ class App extends BaseConfig
* by the application in descending order of priority. If no match is
* found, the first locale will be used.
*
* @var string[]
*/
public array $supportedLocales = ['en', 'fr', 'pl', 'de', 'pt-BR', 'nn-NO', 'es', 'zh-Hans', 'ca'];
* IncomingRequest::setLocale() also uses this list.
*
* @var list<string>
*/
public array $supportedLocales = [
'en',
'fr',
'pl',
'de',
'pt-br',
'nn-no',
'es',
'zh-hans',
'ca',
'br',
'sr-latn',
];
/**
* --------------------------------------------------------------------------
......@@ -110,6 +144,9 @@ class App extends BaseConfig
*
* The default timezone that will be used in your application to display
* dates with the date helper, and can be retrieved through app_timezone()
*
* @see https://www.php.net/manual/en/timezones.php for list of timezones
* supported by PHP.
*/
public string $appTimezone = 'UTC';
......@@ -133,170 +170,10 @@ class App extends BaseConfig
* If true, this will force every request made to this application to be
* made via a secure connection (HTTPS). If the incoming request is not
* secure, the user will be redirected to a secure version of the page
* and the HTTP Strict Transport Security header will be set.
* and the HTTP Strict Transport Security (HSTS) header will be set.
*/
public bool $forceGlobalSecureRequests = true;
/**
* --------------------------------------------------------------------------
* Session Driver
* --------------------------------------------------------------------------
*
* The session storage driver to use:
* - `CodeIgniter\Session\Handlers\FileHandler`
* - `CodeIgniter\Session\Handlers\DatabaseHandler`
* - `CodeIgniter\Session\Handlers\MemcachedHandler`
* - `CodeIgniter\Session\Handlers\RedisHandler`
*/
public string $sessionDriver = FileHandler::class;
/**
* --------------------------------------------------------------------------
* Session Cookie Name
* --------------------------------------------------------------------------
*
* The session cookie name, must contain only [0-9a-z_-] characters
*/
public string $sessionCookieName = 'ci_session';
/**
* --------------------------------------------------------------------------
* Session Expiration
* --------------------------------------------------------------------------
*
* The number of SECONDS you want the session to last.
* Setting to 0 (zero) means expire when the browser is closed.
*/
public int $sessionExpiration = 7200;
/**
* --------------------------------------------------------------------------
* Session Save Path
* --------------------------------------------------------------------------
*
* The location to save sessions to and is driver dependent.
*
* For the 'files' driver, it's a path to a writable directory.
* WARNING: Only absolute paths are supported!
*
* For the 'database' driver, it's a table name.
* Please read up the manual for the format with other session drivers.
*
* IMPORTANT: You are REQUIRED to set a valid save path!
*/
public string $sessionSavePath = WRITEPATH . 'session';
/**
* --------------------------------------------------------------------------
* Session Match IP
* --------------------------------------------------------------------------
*
* Whether to match the user's IP address when reading the session data.
*
* WARNING: If you're using the database driver, don't forget to update
* your session table's PRIMARY KEY when changing this setting.
*/
public bool $sessionMatchIP = false;
/**
* --------------------------------------------------------------------------
* Session Time to Update
* --------------------------------------------------------------------------
*
* How many seconds between CI regenerating the session ID.
*/
public int $sessionTimeToUpdate = 300;
/**
* --------------------------------------------------------------------------
* Session Regenerate Destroy
* --------------------------------------------------------------------------
*
* Whether to destroy session data associated with the old session ID
* when auto-regenerating the session ID. When set to FALSE, the data
* will be later deleted by the garbage collector.
*/
public bool $sessionRegenerateDestroy = false;
/**
* --------------------------------------------------------------------------
* Cookie Prefix
* --------------------------------------------------------------------------
*
* Set a cookie name prefix if you need to avoid collisions.
*
* @deprecated use Config\Cookie::$prefix property instead.
*/
public string $cookiePrefix = '';
/**
* --------------------------------------------------------------------------
* Cookie Domain
* --------------------------------------------------------------------------
*
* Set to `.your-domain.com` for site-wide cookies.
*
* @deprecated use Config\Cookie::$domain property instead.
*/
public string $cookieDomain = '';
/**
* --------------------------------------------------------------------------
* Cookie Path
* --------------------------------------------------------------------------
*
* Typically will be a forward slash.
*
* @deprecated use Config\Cookie::$path property instead.
*/
public string $cookiePath = '/';
/**
* --------------------------------------------------------------------------
* Cookie Secure
* --------------------------------------------------------------------------
*
* Cookie will only be set if a secure HTTPS connection exists.
*
* @deprecated use Config\Cookie::$secure property instead.
*/
public bool $cookieSecure = false;
/**
* --------------------------------------------------------------------------
* Cookie HttpOnly
* --------------------------------------------------------------------------
*
* Cookie will only be accessible via HTTP(S) (no JavaScript).
*
* @deprecated use Config\Cookie::$httponly property instead.
*/
public bool $cookieHTTPOnly = true;
/**
* --------------------------------------------------------------------------
* Cookie SameSite
* --------------------------------------------------------------------------
*
* Configure cookie SameSite setting. Allowed values are:
* - None
* - Lax
* - Strict
* - ''
*
* Alternatively, you can use the constant names:
* - `Cookie::SAMESITE_NONE`
* - `Cookie::SAMESITE_LAX`
* - `Cookie::SAMESITE_STRICT`
*
* Defaults to `Lax` for compatibility with modern browsers. Setting `''`
* (empty string) means default SameSite attribute set by browsers (`Lax`)
* will be set on cookies. If set to `None`, `$cookieSecure` must also be set.
*
* @deprecated `Config\Cookie` $samesite property is used.
*/
public string $cookieSameSite = 'Lax';
/**
* --------------------------------------------------------------------------
* Reverse Proxy IPs
......@@ -304,103 +181,21 @@ class App extends BaseConfig
*
* If your server is behind a reverse proxy, you must whitelist the proxy
* IP addresses from which CodeIgniter should trust headers such as
* HTTP_X_FORWARDED_FOR and HTTP_CLIENT_IP in order to properly identify
* X-Forwarded-For or Client-IP in order to properly identify
* the visitor's IP address.
*
* You can use both an array or a comma-separated list of proxy addresses,
* as well as specifying whole subnets. Here are a few examples:
*
* Comma-separated: '10.0.1.200,192.168.5.0/24'
* Array: ['10.0.1.200', '192.168.5.0/24']
*
* @var string|string[]
*/
public string | array $proxyIPs = '';
/**
* --------------------------------------------------------------------------
* CSRF Token Name
* --------------------------------------------------------------------------
*
* The token name.
*
* @deprecated Use `Config\Security` $tokenName property instead of using this property.
*/
public string $CSRFTokenName = 'csrf_test_name';
/**
* --------------------------------------------------------------------------
* CSRF Header Name
* --------------------------------------------------------------------------
*
* The header name.
*
* @deprecated Use `Config\Security` $headerName property instead of using this property.
*/
public string $CSRFHeaderName = 'X-CSRF-TOKEN';
/**
* --------------------------------------------------------------------------
* CSRF Cookie Name
* --------------------------------------------------------------------------
*
* The cookie name.
*
* @deprecated Use `Config\Security` $cookieName property instead of using this property.
*/
public string $CSRFCookieName = 'csrf_cookie_name';
/**
* --------------------------------------------------------------------------
* CSRF Expire
* --------------------------------------------------------------------------
* You need to set a proxy IP address or IP address with subnets and
* the HTTP header for the client IP address.
*
* The number in seconds the token should expire.
* Here are some examples:
* [
* '10.0.1.200' => 'X-Forwarded-For',
* '192.168.5.0/24' => 'X-Real-IP',
* ]
*
* @deprecated Use `Config\Security` $expire property instead of using this property.
* @var array<string, string>|string
*/
public int $CSRFExpire = 7200;
/**
* --------------------------------------------------------------------------
* CSRF Regenerate
* --------------------------------------------------------------------------
*
* Regenerate token on every submission?
*
* @deprecated Use `Config\Security` $regenerate property instead of using this property.
*/
public bool $CSRFRegenerate = true;
/**
* --------------------------------------------------------------------------
* CSRF Redirect
* --------------------------------------------------------------------------
*
* Redirect to previous page with error on failure?
*
* @deprecated Use `Config\Security` $redirect property instead of using this property.
*/
public bool $CSRFRedirect = true;
/**
* --------------------------------------------------------------------------
* CSRF SameSite
* --------------------------------------------------------------------------
*
* Setting for CSRF SameSite cookie token. Allowed values are:
* - None
* - Lax
* - Strict
* - ''
*
* Defaults to `Lax` as recommended in this link:
*
* @see https://portswigger.net/web-security/csrf/samesite-cookies
*
* @deprecated Use `Config\Security` $samesite property instead of using this property.
*/
public string $CSRFSameSite = 'Lax';
public $proxyIPs = [];
/**
* --------------------------------------------------------------------------
......@@ -420,14 +215,6 @@ class App extends BaseConfig
*/
public bool $CSPEnabled = false;
/**
* --------------------------------------------------------------------------
* Media root folder
* --------------------------------------------------------------------------
* Defines the root folder for media files storage
*/
public string $mediaRoot = 'media';
/**
* --------------------------------------------------------------------------
* Instance / Site Config
......@@ -444,7 +231,7 @@ class App extends BaseConfig
*/
public array $siteIcon = [
'ico' => '/favicon.ico',
'64' => '/icon-64.png',
'64' => '/icon-64.png',
'180' => '/icon-180.png',
'192' => '/icon-192.png',
'512' => '/icon-512.png',
......@@ -457,5 +244,43 @@ class App extends BaseConfig
*/
public ?int $storageLimit = null;
/**
* Bandwidth limit (per month) in Gigabytes
*/
public ?int $bandwidthLimit = null;
public ?string $legalNoticeURL = null;
/**
* AuthToken Config Constructor
*/
public function __construct()
{
parent::__construct();
if (is_string($this->proxyIPs)) {
$array = json_decode($this->proxyIPs, true);
if (is_array($array)) {
$this->proxyIPs = $array;
}
}
}
/**
* Override parent initEnvValue() to allow for direct setting to array properties values from ENV
*
* In order to set array properties via ENV vars we need to set the property to a string value first.
*
* @param mixed $property
*/
#[Override]
protected function initEnvValue(&$property, string $name, string $prefix, string $shortPrefix): void
{
// if attempting to set property from ENV, first set to empty string
if ($name === 'proxyIPs' && $this->getEnvValue($name, $prefix, $shortPrefix) !== null) {
$property = '';
}
parent::initEnvValue($property, $name, $prefix, $shortPrefix);
}
}
app/Config/Autoload.php
View file @ 00870cef
......@@ -16,6 +16,8 @@ use CodeIgniter\Config\AutoloadConfig;
*
* NOTE: If you use an identical key in $psr4 or $classmap, then
* the values in this file will overwrite the framework's values.
*
* @immutable
*/
class Autoload extends AutoloadConfig
{
......@@ -27,43 +29,39 @@ class Autoload extends AutoloadConfig
* their location on the file system. These are used by the autoloader
* to locate files the first time they have been instantiated.
*
* The '/app' and '/system' directories are already mapped for you.
* you may change the name of the 'App' namespace if you wish,
* The 'Config' (APPPATH . 'Config') and 'CodeIgniter' (SYSTEMPATH) are
* already mapped for you.
*
* You may change the name of the 'App' namespace if you wish,
* but this should be done prior to creating any namespaced classes,
* else you will need to modify all of those classes for this to work.
*
* Prototype:
*
* $psr4 = [
* 'CodeIgniter' => SYSTEMPATH,
* 'App' => APPPATH
* ];
*
* @var array<string, string>
* @var array<string, list<string>|string>
*/
public $psr4 = [
APP_NAMESPACE => APPPATH,
'Modules' => ROOTPATH . 'modules/',
'Modules\Admin' => ROOTPATH . 'modules/Admin/',
'Modules\Auth' => ROOTPATH . 'modules/Auth/',
'Modules\Analytics' => ROOTPATH . 'modules/Analytics/',
'Modules\Install' => ROOTPATH . 'modules/Install/',
'Modules\Update' => ROOTPATH . 'modules/Update/',
'Modules\Fediverse' => ROOTPATH . 'modules/Fediverse/',
'Modules\WebSub' => ROOTPATH . 'modules/WebSub/',
'Modules\Api\Rest\V1' => ROOTPATH . 'modules/Api/Rest/V1',
APP_NAMESPACE => APPPATH,
'Modules' => ROOTPATH . 'modules/',
'Modules\Admin' => ROOTPATH . 'modules/Admin/',
'Modules\Analytics' => ROOTPATH . 'modules/Analytics/',
'Modules\Api\Rest\V1' => ROOTPATH . 'modules/Api/Rest/V1',
'Modules\Auth' => ROOTPATH . 'modules/Auth/',
'Modules\Fediverse' => ROOTPATH . 'modules/Fediverse/',
'Modules\Install' => ROOTPATH . 'modules/Install/',
'Modules\Media' => ROOTPATH . 'modules/Media/',
'Modules\MediaClipper' => ROOTPATH . 'modules/MediaClipper/',
'Modules\Platforms' => ROOTPATH . 'modules/Platforms/',
'Modules\Plugins' => ROOTPATH . 'modules/Plugins/',
'Modules\PodcastImport' => ROOTPATH . 'modules/PodcastImport/',
'Modules\PremiumPodcasts' => ROOTPATH . 'modules/PremiumPodcasts/',
'Config' => APPPATH . 'Config/',
'ViewComponents' => APPPATH . 'Libraries/ViewComponents/',
'ViewThemes' => APPPATH . 'Libraries/ViewThemes/',
'MediaClipper' => APPPATH . 'Libraries/MediaClipper/',
'Vite' => APPPATH . 'Libraries/Vite/',
'Themes' => ROOTPATH . 'themes',
'Modules\Update' => ROOTPATH . 'modules/Update/',
'Modules\WebSub' => ROOTPATH . 'modules/WebSub/',
'Themes' => ROOTPATH . 'themes',
'ViewComponents' => APPPATH . 'Libraries/ViewComponents/',
'ViewThemes' => APPPATH . 'Libraries/ViewThemes/',
];
/**
* -------------------------------------------------------------------
* Class Map
* -------------------------------------------------------------------
* The class map provides a map of class names and their exact
* location on the drive. Classes loaded in this manner will have
......@@ -90,12 +88,25 @@ class Autoload extends AutoloadConfig
* or for loading functions.
*
* Prototype:
* ```
*
* $files = [
* '/path/to/my/file.php',
* ];
* ```
* @var array<int, string>
*
* @var list<string>
*/
public $files = [];
/**
* -------------------------------------------------------------------
* Helpers
* -------------------------------------------------------------------
* Prototype:
* $helpers = [
* 'form',
* ];
*
* @var list<string>
*/
public $files = [APPPATH . 'Libraries/ViewComponents/Helpers/view_components_helper.php'];
public $helpers = ['auth', 'setting', 'plugins'];
}
app/Config/Boot/development.php
View file @ 00870cef
......@@ -9,8 +9,10 @@ declare(strict_types=1);
* In development, we want to show as many errors as possible to help
* make sure they don't make it to production. And save us hours of
* painful debugging.
*
* If you set 'display_errors' to '1', CI4's detailed error report will show.
*/
error_reporting(-1);
error_reporting(E_ALL);
ini_set('display_errors', '1');
/**
......
app/Config/Boot/production.php
View file @ 00870cef
......@@ -8,9 +8,13 @@ declare(strict_types=1);
* --------------------------------------------------------------------------
* Don't show ANY in production environments. Instead, let the system catch
* it and display a generic error message.
*
* If you set 'display_errors' to '1', CI4's detailed error report will show.
*/
error_reporting(E_ALL & ~E_DEPRECATED);
// If you want to suppress more types of errors.
// error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT & ~E_USER_NOTICE & ~E_USER_DEPRECATED);
ini_set('display_errors', '0');
error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT & ~E_USER_NOTICE & ~E_USER_DEPRECATED);
/**
* --------------------------------------------------------------------------
......
app/Config/Boot/testing.php
View file @ 00870cef
......@@ -2,6 +2,12 @@
declare(strict_types=1);
/*
* The environment testing is reserved for PHPUnit testing. It has special
* conditions built into the framework at various places to assist with that.
* You can’t use it for your development.
*/
/**
* --------------------------------------------------------------------------
* ERROR DISPLAY
......@@ -10,7 +16,7 @@ declare(strict_types=1);
* make sure they don't make it to production. And save us hours of
* painful debugging.
*/
error_reporting(-1);
error_reporting(E_ALL);
ini_set('display_errors', '1');
/**
......
app/Config/CURLRequest.php
View file @ 00870cef
......@@ -18,5 +18,5 @@ class CURLRequest extends BaseConfig
* If true, all the options won't be reset between requests.
* It may cause an error request with unnecessary headers.
*/
public bool $shareOptions = true;
public bool $shareOptions = false;
}
app/Config/Cache.php
View file @ 00870cef
......@@ -4,6 +4,7 @@ declare(strict_types=1);
namespace Config;
use CodeIgniter\Cache\CacheInterface;
use CodeIgniter\Cache\Handlers\DummyHandler;
use CodeIgniter\Cache\Handlers\FileHandler;
use CodeIgniter\Cache\Handlers\MemcachedHandler;
......@@ -35,37 +36,6 @@ class Cache extends BaseConfig
*/
public string $backupHandler = 'dummy';
/**
* --------------------------------------------------------------------------
* Cache Directory Path
* --------------------------------------------------------------------------
*
* The path to where cache files should be stored, if using a file-based
* system.
*
* @deprecated Use the driver-specific variant under $file
*/
public string $storePath = WRITEPATH . 'cache/';
/**
* --------------------------------------------------------------------------
* Cache Include Query String
* --------------------------------------------------------------------------
*
* Whether to take the URL query string into consideration when generating
* output cache files. Valid options are:
*
* false = Disabled
* true = Enabled, take all query parameters into account.
* Please be aware that this may result in numerous cache
* files generated for the same page over and over again.
* array('q') = Enabled, but only take into account the specified list
* of query parameters.
*
* @var boolean|string[]
*/
public bool | array $cacheQueryString = false;
/**
* --------------------------------------------------------------------------
* Key Prefix
......@@ -97,6 +67,7 @@ class Cache extends BaseConfig
* A string of reserved characters that will not be allowed in keys or tags.
* Strings that violate this restriction will cause handlers to throw.
* Default: {}()/\@:
*
* Note: The default set is required for PSR-6 compliance.
*/
public string $reservedCharacters = '{}()/\@:';
......@@ -105,6 +76,7 @@ class Cache extends BaseConfig
* --------------------------------------------------------------------------
* File settings
* --------------------------------------------------------------------------
*
* Your file storage preferences can be specified below, if you are using
* the File driver.
*
......@@ -112,25 +84,26 @@ class Cache extends BaseConfig
*/
public array $file = [
'storePath' => WRITEPATH . 'cache/',
'mode' => 0640,
'mode' => 0640,
];
/**
* -------------------------------------------------------------------------
* Memcached settings
* -------------------------------------------------------------------------
*
* Your Memcached servers can be specified below, if you are using
* the Memcached drivers.
*
* @see https://codeigniter.com/user_guide/libraries/caching.html#memcached
*
* @var array<string, string|int|boolean>
* @var array<string, string|int|bool>
*/
public array $memcached = [
'host' => '127.0.0.1',
'port' => 11211,
'host' => '127.0.0.1',
'port' => 11211,
'weight' => 1,
'raw' => false,
'raw' => false,
];
/**
......@@ -143,10 +116,10 @@ class Cache extends BaseConfig
* @var array<string, string|int|null>
*/
public array $redis = [
'host' => '127.0.0.1',
'host' => '127.0.0.1',
'password' => null,
'port' => 6379,
'timeout' => 0,
'port' => 6379,
'timeout' => 0,
'database' => 0,
];
......@@ -158,14 +131,33 @@ class Cache extends BaseConfig
* This is an array of cache engine alias' and class names. Only engines
* that are listed here are allowed to be used.
*
* @var array<string, string>
* @var array<string, class-string<CacheInterface>>
*/
public array $validHandlers = [
'dummy' => DummyHandler::class,
'file' => FileHandler::class,
'dummy' => DummyHandler::class,
'file' => FileHandler::class,
'memcached' => MemcachedHandler::class,
'predis' => PredisHandler::class,
'redis' => RedisHandler::class,
'wincache' => WincacheHandler::class,
'predis' => PredisHandler::class,
'redis' => RedisHandler::class,
'wincache' => WincacheHandler::class,
];
/**
* --------------------------------------------------------------------------
* Web Page Caching: Cache Include Query String
* --------------------------------------------------------------------------
*
* Whether to take the URL query string into consideration when generating
* output cache files. Valid options are:
*
* false = Disabled
* true = Enabled, take all query parameters into account.
* Please be aware that this may result in numerous cache
* files generated for the same page over and over again.
* ['q'] = Enabled, but only take into account the specified list
* of query parameters.
*
* @var bool|list<string>
*/
public $cacheQueryString = false;
}
app/Config/Colors.php
View file @ 00870cef
......@@ -14,136 +14,136 @@ class Colors extends BaseConfig
public array $themes = [
/* Castopod's brand color */
'pine' => [
'accent-base' => [174, 100, 29],
'accent-hover' => [172, 100, 17],
'accent-muted' => [131, 100, 12],
'accent-base' => [174, 100, 29],
'accent-hover' => [172, 100, 17],
'accent-muted' => [131, 100, 12],
'accent-contrast' => [0, 0, 100],
'heading-foreground' => [172, 100, 17],
'heading-background' => [111, 64, 94],
'background-elevated' => [0, 0, 100],
'background-base' => [173, 44, 96],
'background-elevated' => [0, 0, 100],
'background-base' => [173, 44, 96],
'background-navigation' => [172, 100, 17],
'background-header' => [172, 100, 17],
'background-highlight' => [111, 64, 94],
'background-backdrop' => [0, 0, 50],
'background-header' => [172, 100, 17],
'background-highlight' => [111, 64, 94],
'background-backdrop' => [0, 0, 50],
'border-subtle' => [111, 42, 86],
'border-contrast' => [0, 0, 0],
'border-subtle' => [111, 42, 86],
'border-contrast' => [0, 0, 0],
'border-navigation' => [131, 100, 12],
'text-base' => [158, 8, 3],
'text-base' => [158, 8, 3],
'text-muted' => [172, 8, 38],
],
/* Red / Rose color */
'crimson' => [
'accent-base' => [350, 87, 61],
'accent-hover' => [348, 75, 40],
'accent-muted' => [348, 73, 32],
'accent-base' => [350, 87, 61],
'accent-hover' => [348, 75, 40],
'accent-muted' => [348, 73, 32],
'accent-contrast' => [0, 0, 100],
'heading-foreground' => [348, 73, 32],
'heading-background' => [344, 79, 96],
'background-elevated' => [0, 0, 100],
'background-base' => [350, 44, 96],
'background-header' => [348, 75, 40],
'background-elevated' => [0, 0, 100],
'background-base' => [350, 44, 96],
'background-header' => [348, 75, 40],
'background-highlight' => [344, 79, 96],
'background-backdrop' => [0, 0, 50],
'background-backdrop' => [0, 0, 50],
'border-subtle' => [348, 42, 86],
'border-subtle' => [348, 42, 86],
'border-contrast' => [0, 0, 0],
'text-base' => [340, 8, 3],
'text-base' => [340, 8, 3],
'text-muted' => [345, 8, 38],
],
/* Blue color */
'lake' => [
'accent-base' => [194, 100, 44],
'accent-hover' => [194, 100, 22],
'accent-muted' => [195, 100, 11],
'accent-base' => [194, 100, 44],
'accent-hover' => [194, 100, 22],
'accent-muted' => [195, 100, 11],
'accent-contrast' => [0, 0, 100],
'heading-foreground' => [194, 100, 22],
'heading-background' => [195, 100, 92],
'background-elevated' => [0, 0, 100],
'background-base' => [196, 44, 96],
'background-header' => [194, 100, 22],
'background-elevated' => [0, 0, 100],
'background-base' => [196, 44, 96],
'background-header' => [194, 100, 22],
'background-highlight' => [195, 100, 92],
'background-backdrop' => [0, 0, 50],
'background-backdrop' => [0, 0, 50],
'border-subtle' => [195, 42, 86],
'border-subtle' => [195, 42, 86],
'border-contrast' => [0, 0, 0],
'text-base' => [194, 8, 3],
'text-base' => [194, 8, 3],
'text-muted' => [195, 8, 38],
],
/* Orange color */
'amber' => [
'accent-base' => [17, 100, 57],
'accent-hover' => [17, 100, 35],
'accent-muted' => [17, 100, 24],
'accent-base' => [17, 100, 57],
'accent-hover' => [17, 100, 35],
'accent-muted' => [17, 100, 24],
'accent-contrast' => [0, 0, 100],
'heading-foreground' => [17, 100, 35],
'heading-background' => [17, 100, 89],
'background-elevated' => [0, 0, 100],
'background-base' => [15, 44, 96],
'background-header' => [17, 100, 35],
'background-elevated' => [0, 0, 100],
'background-base' => [15, 44, 96],
'background-header' => [17, 100, 35],
'background-highlight' => [17, 100, 89],
'background-backdrop' => [0, 0, 50],
'background-backdrop' => [0, 0, 50],
'border-subtle' => [17, 42, 86],
'border-subtle' => [17, 42, 86],
'border-contrast' => [0, 0, 0],
'text-base' => [15, 8, 3],
'text-base' => [15, 8, 3],
'text-muted' => [17, 8, 38],
],
/* Violet color */
'jacaranda' => [
'accent-base' => [254, 72, 52],
'accent-hover' => [254, 73, 30],
'accent-muted' => [254, 71, 19],
'accent-base' => [254, 72, 52],
'accent-hover' => [254, 73, 30],
'accent-muted' => [254, 71, 19],
'accent-contrast' => [0, 0, 100],
'heading-foreground' => [254, 73, 30],
'heading-background' => [254, 73, 84],
'background-elevated' => [0, 0, 100],
'background-base' => [253, 44, 96],
'background-header' => [254, 73, 30],
'background-elevated' => [0, 0, 100],
'background-base' => [253, 44, 96],
'background-header' => [254, 73, 30],
'background-highlight' => [254, 88, 91],
'background-backdrop' => [0, 0, 50],
'background-backdrop' => [0, 0, 50],
'border-subtle' => [254, 42, 86],
'border-subtle' => [254, 42, 86],
'border-contrast' => [0, 0, 0],
'text-base' => [253, 8, 3],
'text-base' => [253, 8, 3],
'text-muted' => [254, 8, 38],
],
/* Black color */
'onyx' => [
'accent-base' => [240, 17, 2],
'accent-hover' => [240, 17, 17],
'accent-muted' => [240, 17, 17],
'accent-base' => [240, 17, 2],
'accent-hover' => [240, 17, 17],
'accent-muted' => [240, 17, 17],
'accent-contrast' => [0, 0, 100],
'heading-foreground' => [240, 17, 17],
'heading-background' => [240, 17, 94],
'background-elevated' => [0, 0, 100],
'background-base' => [240, 17, 96],
'background-header' => [240, 12, 17],
'background-elevated' => [0, 0, 100],
'background-base' => [240, 17, 96],
'background-header' => [240, 12, 17],
'background-highlight' => [240, 17, 94],
'background-backdrop' => [0, 0, 50],
'background-backdrop' => [0, 0, 50],
'border-subtle' => [240, 17, 86],
'border-subtle' => [240, 17, 86],
'border-contrast' => [0, 0, 0],
'text-base' => [240, 8, 3],
'text-base' => [240, 8, 3],
'text-muted' => [240, 8, 38],
],
];
......
app/Config/Constants.php
View file @ 00870cef
......@@ -11,7 +11,7 @@ declare(strict_types=1);
|
| NOTE: this constant is updated upon release with Continuous Integration.
*/
defined('CP_VERSION') || define('CP_VERSION', '1.1.2');
defined('CP_VERSION') || define('CP_VERSION', '2.0.0-next.3');
/*
| --------------------------------------------------------------------
......@@ -24,10 +24,23 @@ defined('CP_VERSION') || define('CP_VERSION', '1.1.2');
| classes should use.
|
| NOTE: changing this will require manually modifying the
| existing namespaces of App\* namespaced-classes.
| existing namespaces of App* namespaced-classes.
*/
defined('APP_NAMESPACE') || define('APP_NAMESPACE', 'App');
/*
| --------------------------------------------------------------------
| Plugins Path
| --------------------------------------------------------------------
|
| This defines the folder in which plugins will live.
*/
defined('PLUGINS_PATH') ||
define('PLUGINS_PATH', ROOTPATH . 'plugins' . DIRECTORY_SEPARATOR);
defined('PLUGINS_KEY_PATTERN') ||
define('PLUGINS_KEY_PATTERN', '[a-z0-9]([_.-]?[a-z0-9]+)*\/[a-z0-9]([_.-]?[a-z0-9]+)*');
/*
| --------------------------------------------------------------------------
| Composer Path
......@@ -91,18 +104,3 @@ defined('EXIT_USER_INPUT') || define('EXIT_USER_INPUT', 7); // invalid user inpu
defined('EXIT_DATABASE') || define('EXIT_DATABASE', 8); // database error
defined('EXIT__AUTO_MIN') || define('EXIT__AUTO_MIN', 9); // lowest automatically-assigned error code
defined('EXIT__AUTO_MAX') || define('EXIT__AUTO_MAX', 125); // highest automatically-assigned error code
/**
* @deprecated Use \CodeIgniter\Events\Events::PRIORITY_LOW instead.
*/
define('EVENT_PRIORITY_LOW', 200);
/**
* @deprecated Use \CodeIgniter\Events\Events::PRIORITY_NORMAL instead.
*/
define('EVENT_PRIORITY_NORMAL', 100);
/**
* @deprecated Use \CodeIgniter\Events\Events::PRIORITY_HIGH instead.
*/
define('EVENT_PRIORITY_HIGH', 10);
app/Config/ContentSecurityPolicy.php
View file @ 00870cef
......@@ -35,28 +35,28 @@ class ContentSecurityPolicy extends BaseConfig
/**
* Will default to self if not overridden
*
* @var string|string[]|null
* @var list<string>|string|null
*/
public string | array | null $defaultSrc = null;
/**
* Lists allowed scripts' URLs.
*
* @var string|string[]
* @var list<string>|string
*/
public string | array $scriptSrc = 'self';
/**
* Lists allowed stylesheets' URLs.
*
* @var string|string[]
* @var list<string>|string
*/
public string | array $styleSrc = 'self';
/**
* Defines the origins from which images can be loaded.
*
* @var string|string[]
* @var list<string>|string
*/
public string | array $imageSrc = 'self';
......@@ -65,35 +65,35 @@ class ContentSecurityPolicy extends BaseConfig
*
* Will default to self if not overridden
*
* @var string|string[]|null
* @var list<string>|string|null
*/
public string | array | null $baseURI = null;
/**
* Lists the URLs for workers and embedded frame contents
*
* @var string|string[]
* @var list<string>|string
*/
public string | array $childSrc = 'self';
/**
* Limits the origins that you can connect to (via XHR, WebSockets, and EventSource).
*
* @var string|string[]
* @var list<string>|string
*/
public string | array $connectSrc = 'self';
/**
* Specifies the origins that can serve web fonts.
*
* @var string|string[]
* @var list<string>|string
*/
public string | array $fontSrc;
/**
* Lists valid endpoints for submission from `<form>` tags.
*
* @var string|string[]
* @var list<string>|string
*/
public string | array $formAction = 'self';
......@@ -102,47 +102,47 @@ class ContentSecurityPolicy extends BaseConfig
* `<embed>`, and `<applet>` tags. This directive can't be used in `<meta>` tags and applies only to non-HTML
* resources.
*
* @var string|string[]|null
* @var list<string>|string|null
*/
public string | array | null $frameAncestors = null;
/**
* The frame-src directive restricts the URLs which may be loaded into nested browsing contexts.
*
* @var string[]|string|null
* @var list<string>|string|null
*/
public string | array | null $frameSrc = null;
/**
* Restricts the origins allowed to deliver video and audio.
*
* @var string|string[]|null
* @var list<string>|string|null
*/
public string | array | null $mediaSrc = null;
/**
* Allows control over Flash and other plugins.
*
* @var string|string[]
* @var list<string>|string
*/
public string | array $objectSrc = 'self';
/**
* @var string|string[]|null
* @var list<string>|string|null
*/
public string | array | null $manifestSrc = null;
/**
* Limits the kinds of plugins a page may invoke.
*
* @var string|string[]|null
* @var list<string>|string|null
*/
public string | array | null $pluginTypes = null;
/**
* List of actions allowed.
*
* @var string|string[]|null
* @var list<string>|string|null
*/
public string | array | null $sandbox = null;
......
app/Config/Cookie.php
View file @ 00870cef
......@@ -84,6 +84,8 @@ class Cookie extends BaseConfig
* Defaults to `Lax` for compatibility with modern browsers. Setting `''`
* (empty string) means default SameSite attribute set by browsers (`Lax`)
* will be set on cookies. If set to `None`, `$secure` must also be set.
*
* @phpstan-var 'None'|'Lax'|'Strict'|''
*/
public string $samesite = 'Lax';
......
app/Config/Cors.php 0 → 100644
View file @ 00870cef
<?php
declare(strict_types=1);
namespace Config;
use CodeIgniter\Config\BaseConfig;
/**
* Cross-Origin Resource Sharing (CORS) Configuration
*
* @see https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
*/
class Cors extends BaseConfig
{
/**
* The default CORS configuration.
*
* @var array{
* allowedOrigins: list<string>,
* allowedOriginsPatterns: list<string>,
* supportsCredentials: bool,
* allowedHeaders: list<string>,
* exposedHeaders: list<string>,
* allowedMethods: list<string>,
* maxAge: int,
* }
*/
public array $default = [
/**
* Origins for the `Access-Control-Allow-Origin` header.
*
* @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
*
* E.g.:
* - ['http://localhost:8080']
* - ['https://www.example.com']
*/
'allowedOrigins' => [],
/**
* Origin regex patterns for the `Access-Control-Allow-Origin` header.
*
* @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
*
* NOTE: A pattern specified here is part of a regular expression. It will
* be actually `#\A<pattern>\z#`.
*
* E.g.:
* - ['https://\w+\.example\.com']
*/
'allowedOriginsPatterns' => [],
/**
* Weather to send the `Access-Control-Allow-Credentials` header.
*
* The Access-Control-Allow-Credentials response header tells browsers whether
* the server allows cross-origin HTTP requests to include credentials.
*
* @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
*/
'supportsCredentials' => false,
/**
* Set headers to allow.
*
* The Access-Control-Allow-Headers response header is used in response to
* a preflight request which includes the Access-Control-Request-Headers to
* indicate which HTTP headers can be used during the actual request.
*
* @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
*/
'allowedHeaders' => [],
/**
* Set headers to expose.
*
* The Access-Control-Expose-Headers response header allows a server to
* indicate which response headers should be made available to scripts running
* in the browser, in response to a cross-origin request.
*
* @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers
*/
'exposedHeaders' => [],
/**
* Set methods to allow.
*
* The Access-Control-Allow-Methods response header specifies one or more
* methods allowed when accessing a resource in response to a preflight
* request.
*
* E.g.:
* - ['GET', 'POST', 'PUT', 'DELETE']
*
* @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
*/
'allowedMethods' => [],
/**
* Set how many seconds the results of a preflight request can be cached.
*
* @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age
*/
'maxAge' => 7200,
];
}