From e95901aa278e43d8745c95ff8b1a057ead7333f2 Mon Sep 17 00:00:00 2001
From: Kevin Cristiano <kcristiano@kcristiano.com>
Date: Wed, 21 Apr 2021 20:16:07 -0400
Subject: [PATCH] civicrm release
---
civicrm.php | 4 +-
civicrm/CRM/Contact/Form/DedupeRules.php | 1 -
civicrm/CRM/Core/Payment.php | 6 +-
civicrm/CRM/Core/Resources.php | 4 +-
civicrm/CRM/Member/Form.php | 2 +-
civicrm/CRM/Member/Form/Membership.php | 2 +-
civicrm/CRM/Price/BAO/PriceField.php | 15 +-
.../Upgrade/Incremental/sql/5.36.1.mysql.tpl | 1 +
civicrm/Civi/Api4/Query/Api4SelectQuery.php | 30 +++
civicrm/Civi/Api4/Service/Schema/Joiner.php | 11 +-
civicrm/api/v3/Generic/Getlist.php | 6 +-
civicrm/civicrm-version.php | 2 +-
civicrm/composer.lock | 250 ++++--------------
civicrm/release-notes.md | 19 ++
civicrm/release-notes/5.35.2.md | 39 +++
civicrm/release-notes/5.36.1.md | 51 ++++
civicrm/sql/civicrm_data.mysql | 2 +-
civicrm/sql/civicrm_generated.mysql | 2 +-
civicrm/vendor/autoload.php | 2 +-
civicrm/vendor/composer/autoload_real.php | 14 +-
civicrm/vendor/composer/autoload_static.php | 12 +-
civicrm/xml/version.xml | 2 +-
22 files changed, 247 insertions(+), 230 deletions(-)
create mode 100644 civicrm/CRM/Upgrade/Incremental/sql/5.36.1.mysql.tpl
create mode 100644 civicrm/release-notes/5.35.2.md
create mode 100644 civicrm/release-notes/5.36.1.md
diff --git a/civicrm.php b/civicrm.php
index eb63e3a982..7c9a2a8fc7 100644
--- a/civicrm.php
+++ b/civicrm.php
@@ -2,7 +2,7 @@
/**
* Plugin Name: CiviCRM
* Description: CiviCRM - Growing and Sustaining Relationships
- * Version: 5.36.0
+ * Version: 5.36.1
* Requires at least: 4.9
* Requires PHP: 7.2
* Author: CiviCRM LLC
@@ -54,7 +54,7 @@ if (!defined('ABSPATH')) {
}
// Set version here: when it changes, will force Javascript & CSS to reload.
-define('CIVICRM_PLUGIN_VERSION', '5.36.0');
+define('CIVICRM_PLUGIN_VERSION', '5.36.1');
// Store reference to this file.
if (!defined('CIVICRM_PLUGIN_FILE')) {
diff --git a/civicrm/CRM/Contact/Form/DedupeRules.php b/civicrm/CRM/Contact/Form/DedupeRules.php
index 1d6d2eb507..176214de81 100644
--- a/civicrm/CRM/Contact/Form/DedupeRules.php
+++ b/civicrm/CRM/Contact/Form/DedupeRules.php
@@ -143,7 +143,6 @@ class CRM_Contact_Form_DedupeRules extends CRM_Admin_Form {
if (!empty($fields["weight_$count"])) {
$actualThreshold += $fields["weight_$count"];
}
- break;
}
}
if (empty($fields['threshold'])) {
diff --git a/civicrm/CRM/Core/Payment.php b/civicrm/CRM/Core/Payment.php
index 74892574f8..3d694b7d54 100644
--- a/civicrm/CRM/Core/Payment.php
+++ b/civicrm/CRM/Core/Payment.php
@@ -1174,7 +1174,11 @@ abstract class CRM_Core_Payment {
* @throws \CRM_Core_Exception
*/
protected function getAmount($params = []) {
- return CRM_Utils_Money::format($params['amount'], NULL, NULL, TRUE);
+ if (!CRM_Utils_Rule::numeric($params['amount'])) {
+ CRM_Core_Error::deprecatedWarning('Passing Amount value that is not numeric is deprecated please report this in gitlab');
+ return CRM_Utils_Money::formatLocaleNumericRoundedByPrecision(filter_var($params['amount'], FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION), 2);
+ }
+ return CRM_Utils_Money::formatLocaleNumericRoundedByPrecision($params['amount'], 2);
}
/**
diff --git a/civicrm/CRM/Core/Resources.php b/civicrm/CRM/Core/Resources.php
index 77467b6120..faadb5c754 100644
--- a/civicrm/CRM/Core/Resources.php
+++ b/civicrm/CRM/Core/Resources.php
@@ -425,8 +425,8 @@ class CRM_Core_Resources implements CRM_Core_Resources_CollectionAdderInterface
$config = CRM_Core_Config::singleton();
$vars = [
'moneyFormat' => json_encode(CRM_Utils_Money::format(1234.56)),
- 'contactSearch' => json_encode($config->includeEmailInName ? ts('Start typing a name or email...') : ts('Start typing a name...')),
- 'otherSearch' => json_encode(ts('Enter search term...')),
+ 'contactSearch' => json_encode($config->includeEmailInName ? ts('Search by name/email or id...') : ts('Search by name or id...')),
+ 'otherSearch' => json_encode(ts('Enter search term or id...')),
'entityRef' => self::getEntityRefMetadata(),
'ajaxPopupsEnabled' => self::singleton()->ajaxPopupsEnabled,
'allowAlertAutodismissal' => (bool) Civi::settings()->get('allow_alert_autodismissal'),
diff --git a/civicrm/CRM/Member/Form.php b/civicrm/CRM/Member/Form.php
index d450a7ba40..741b5ad188 100644
--- a/civicrm/CRM/Member/Form.php
+++ b/civicrm/CRM/Member/Form.php
@@ -483,7 +483,7 @@ class CRM_Member_Form extends CRM_Contribute_Form_AbstractEditPayment {
if ($priceSetDetails[$this->order->getPriceSetID()]['is_quick_config'] && isset($formValues['total_amount'])) {
// Amount overrides only permitted on quick config.
// Possibly Order object should enforce this...
- $this->order->setOverrideTotalAmount($formValues['total_amount']);
+ $this->order->setOverrideTotalAmount((float) $formValues['total_amount']);
}
$this->order->setOverrideFinancialTypeID((int) $formValues['financial_type_id']);
return $formValues;
diff --git a/civicrm/CRM/Member/Form/Membership.php b/civicrm/CRM/Member/Form/Membership.php
index 5a1c37eff2..7e0bd64505 100644
--- a/civicrm/CRM/Member/Form/Membership.php
+++ b/civicrm/CRM/Member/Form/Membership.php
@@ -1410,7 +1410,7 @@ DESC limit 1");
$membershipParams = array_merge($params, $membershipTypeValues[$lineItemValues['membership_type_id']]);
if (!empty($softParams)) {
- $membershipParams['soft_credit'] = $softParams;
+ $params['soft_credit'] = $softParams;
}
unset($membershipParams['contribution_status_id']);
$membershipParams['skipLineItem'] = TRUE;
diff --git a/civicrm/CRM/Price/BAO/PriceField.php b/civicrm/CRM/Price/BAO/PriceField.php
index 4827d2f132..bb5dd9c1b0 100644
--- a/civicrm/CRM/Price/BAO/PriceField.php
+++ b/civicrm/CRM/Price/BAO/PriceField.php
@@ -433,13 +433,6 @@ class CRM_Price_BAO_PriceField extends CRM_Price_DAO_PriceField {
if ($is_pay_later) {
$qf->add('text', 'txt-' . $elementName, $label, ['size' => '4']);
}
-
- // CRM-6902 - Add "max" option for a price set field
- if (in_array($opId, $freezeOptions)) {
- self::freezeIfEnabled($choice[$opId], $customOption[$opId]);
- // CRM-14696 - Improve display for sold out price set options
- $choice[$opt['id']] = '<span class="sold-out-option">' . $opt['label'] . ' (' . ts('Sold out') . ')</span>';
- }
}
if (!empty($qf->_membershipBlock) && $field->name == 'contribution_amount') {
$choice['-1'] = ts('No thank you');
@@ -467,6 +460,14 @@ class CRM_Price_BAO_PriceField extends CRM_Price_DAO_PriceField {
}
$element = &$qf->addRadio($elementName, $label, $choice, [], NULL, FALSE, $choiceAttrs);
+ foreach ($element->getElements() as $radioElement) {
+ // CRM-6902 - Add "max" option for a price set field
+ if (in_array($radioElement->getValue(), $freezeOptions)) {
+ self::freezeIfEnabled($radioElement, $customOption[$radioElement->getValue()]);
+ // CRM-14696 - Improve display for sold out price set options
+ $radioElement->setText('<span class="sold-out-option">' . $radioElement->getText() . ' (' . ts('Sold out') . ')</span>');
+ }
+ }
// make contribution field required for quick config when membership block is enabled
if (($field->name == 'membership_amount' || $field->name == 'contribution_amount')
diff --git a/civicrm/CRM/Upgrade/Incremental/sql/5.36.1.mysql.tpl b/civicrm/CRM/Upgrade/Incremental/sql/5.36.1.mysql.tpl
new file mode 100644
index 0000000000..be3c0315cc
--- /dev/null
+++ b/civicrm/CRM/Upgrade/Incremental/sql/5.36.1.mysql.tpl
@@ -0,0 +1 @@
+{* file to handle db changes in 5.36.1 during upgrade *}
diff --git a/civicrm/Civi/Api4/Query/Api4SelectQuery.php b/civicrm/Civi/Api4/Query/Api4SelectQuery.php
index e588e71085..894d14e07b 100644
--- a/civicrm/Civi/Api4/Query/Api4SelectQuery.php
+++ b/civicrm/Civi/Api4/Query/Api4SelectQuery.php
@@ -81,6 +81,11 @@ class Api4SelectQuery {
*/
private $explicitJoins = [];
+ /**
+ * @var array
+ */
+ private $entityAccess = [];
+
/**
* @param \Civi\Api4\Generic\DAOGetAction $apiGet
*/
@@ -100,6 +105,8 @@ class Api4SelectQuery {
$tableName = CoreUtil::getTableName($this->getEntity());
$this->query = \CRM_Utils_SQL_Select::from($tableName . ' ' . self::MAIN_TABLE_ALIAS);
+ $this->entityAccess[$this->getEntity()] = TRUE;
+
// Add ACLs first to avoid redundant subclauses
$baoName = CoreUtil::getBAOFromApiName($this->getEntity());
$this->query->where($this->getAclClause(self::MAIN_TABLE_ALIAS, $baoName));
@@ -566,6 +573,25 @@ class Api4SelectQuery {
return $field;
}
+ /**
+ * Check the "gatekeeper" permissions for performing "get" on a given entity.
+ *
+ * @param $entity
+ * @return bool
+ */
+ public function checkEntityAccess($entity) {
+ if (!$this->getCheckPermissions()) {
+ return TRUE;
+ }
+ if (!isset($this->entityAccess[$entity])) {
+ $this->entityAccess[$entity] = (bool) civicrm_api4($entity, 'getActions', [
+ 'where' => [['name', '=', 'get']],
+ 'select' => ['name'],
+ ])->first();
+ }
+ return $this->entityAccess[$entity];
+ }
+
/**
* Join onto other entities as specified by the api call.
*
@@ -578,6 +604,10 @@ class Api4SelectQuery {
$entity = array_shift($join);
// Which might contain an alias. Split on the keyword "AS"
list($entity, $alias) = array_pad(explode(' AS ', $entity), 2, NULL);
+ // Ensure permissions
+ if (!$this->checkEntityAccess($entity)) {
+ continue;
+ }
// Ensure alias is a safe string, and supply default if not given
$alias = $alias ? \CRM_Utils_String::munge($alias, '_', 256) : strtolower($entity);
// First item in the array is a boolean indicating if the join is required (aka INNER or LEFT).
diff --git a/civicrm/Civi/Api4/Service/Schema/Joiner.php b/civicrm/Civi/Api4/Service/Schema/Joiner.php
index a412d6571c..ce92405683 100644
--- a/civicrm/Civi/Api4/Service/Schema/Joiner.php
+++ b/civicrm/Civi/Api4/Service/Schema/Joiner.php
@@ -19,7 +19,9 @@
namespace Civi\Api4\Service\Schema;
+use Civi\API\Exception\UnauthorizedException;
use Civi\Api4\Query\Api4SelectQuery;
+use Civi\Api4\Utils\CoreUtil;
class Joiner {
/**
@@ -70,9 +72,14 @@ class Joiner {
foreach ($fullPath as $link) {
$target = $link->getTargetTable();
$alias = $link->getAlias();
- $bao = \CRM_Core_DAO_AllCoreTables::getBAOClassName(\CRM_Core_DAO_AllCoreTables::getClassForTable($target));
+ $joinEntity = CoreUtil::getApiNameFromTableName($target);
+
+ if ($joinEntity && !$query->checkEntityAccess($joinEntity)) {
+ throw new UnauthorizedException('Cannot join to ' . $joinEntity);
+ }
+
+ $bao = $joinEntity ? CoreUtil::getBAOFromApiName($joinEntity) : NULL;
$conditions = $link->getConditionsForJoin($baseTableAlias);
- // Custom fields do not have a bao, and currently do not have field-specific ACLs
if ($bao) {
$conditions = array_merge($conditions, $query->getAclClause($alias, $bao, $joinPath));
}
diff --git a/civicrm/api/v3/Generic/Getlist.php b/civicrm/api/v3/Generic/Getlist.php
index 917922806d..91a55b0aa3 100644
--- a/civicrm/api/v3/Generic/Getlist.php
+++ b/civicrm/api/v3/Generic/Getlist.php
@@ -24,7 +24,7 @@
function civicrm_api3_generic_getList($apiRequest) {
$entity = CRM_Core_DAO_AllCoreTables::convertEntityNameToLower($apiRequest['entity']);
$request = $apiRequest['params'];
- $meta = civicrm_api3_generic_getfields(['action' => 'get'] + $apiRequest, FALSE);
+ $meta = civicrm_api3_generic_getfields(['action' => 'get'] + $apiRequest, FALSE)['values'];
// If the user types an integer into the search
$forceIdSearch = empty($request['id']) && !empty($request['input']) && CRM_Utils_Rule::positiveInteger($request['input']);
@@ -40,7 +40,7 @@ function civicrm_api3_generic_getList($apiRequest) {
// Hey api, would you like to provide default values?
$fnName = "_civicrm_api3_{$entity}_getlist_defaults";
$defaults = function_exists($fnName) ? $fnName($request) : [];
- _civicrm_api3_generic_getList_defaults($entity, $request, $defaults, $meta['values']);
+ _civicrm_api3_generic_getList_defaults($entity, $request, $defaults, $meta);
// Hey api, would you like to format the search params?
$fnName = "_civicrm_api3_{$entity}_getlist_params";
@@ -78,7 +78,7 @@ function civicrm_api3_generic_getList($apiRequest) {
// Hey api, would you like to format the output?
$fnName = "_civicrm_api3_{$entity}_getlist_output";
$fnName = function_exists($fnName) ? $fnName : '_civicrm_api3_generic_getlist_output';
- $values = $fnName($result, $request, $entity, $meta['values']);
+ $values = $fnName($result, $request, $entity, $meta);
_civicrm_api3_generic_getlist_postprocess($result, $request, $values);
diff --git a/civicrm/civicrm-version.php b/civicrm/civicrm-version.php
index 56d1f9e34e..b9fdd61e0e 100644
--- a/civicrm/civicrm-version.php
+++ b/civicrm/civicrm-version.php
@@ -1,7 +1,7 @@
<?php
/** @deprecated */
function civicrmVersion( ) {
- return array( 'version' => '5.36.0',
+ return array( 'version' => '5.36.1',
'cms' => 'Wordpress',
'revision' => '' );
}
diff --git a/civicrm/composer.lock b/civicrm/composer.lock
index 156effe255..b8e248fbf5 100644
--- a/civicrm/composer.lock
+++ b/civicrm/composer.lock
@@ -24,6 +24,11 @@
"dflydev/apache-mime-types": "^1.0"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "Update gitignore to ensure that sites that manage via git don't miss out on the important db.json file": "https://patch-diff.githubusercontent.com/raw/adrienrn/php-mimetyper/pull/15.patch"
+ }
+ },
"autoload": {
"psr-4": {
"MimeTyper\\": "src/"
@@ -40,12 +45,7 @@
}
],
"description": "PHP mime type and extension mapping library: compatible with Symfony, powered by jshttp/mime-db",
- "time": "2018-09-27T09:45:05+00:00",
- "extra": {
- "patches_applied": {
- "Update gitignore to ensure that sites that manage via git don't miss out on the important db.json file": "https://patch-diff.githubusercontent.com/raw/adrienrn/php-mimetyper/pull/15.patch"
- }
- }
+ "time": "2018-09-27T09:45:05+00:00"
},
{
"name": "brick/math",
@@ -91,12 +91,6 @@
"brick",
"math"
],
- "funding": [
- {
- "url": "https://tidelift.com/funding/github/packagist/brick/math",
- "type": "tidelift"
- }
- ],
"time": "2020-04-15T15:59:35+00:00"
},
{
@@ -143,12 +137,6 @@
"currency",
"money"
],
- "funding": [
- {
- "url": "https://tidelift.com/funding/github/packagist/brick/money",
- "type": "tidelift"
- }
- ],
"time": "2020-05-31T14:17:02+00:00"
},
{
@@ -411,6 +399,10 @@
}
],
"description": "Define a 'compile' event for all packages in the dependency-graph",
+ "support": {
+ "issues": "https://github.com/civicrm/composer-compile-plugin/issues",
+ "source": "https://github.com/civicrm/composer-compile-plugin/tree/v0.15"
+ },
"time": "2021-01-13T05:12:30+00:00"
},
{
@@ -646,6 +638,11 @@
"shasum": ""
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "PHP7.4 Fix for array access using {} instead of []": "https://raw.githubusercontent.com/civicrm/civicrm-core/fe45bdfc4f3e3d3deb27e3d853cdbc7f616620a9/tools/scripts/composer/patches/php74_array_access_fix_phpquery.patch"
+ }
+ },
"autoload": {
"classmap": [
"phpQuery/"
@@ -669,12 +666,7 @@
],
"description": "phpQuery is a server-side, chainable, CSS3 selector driven Document Object Model (DOM) API based on jQuery JavaScript Library",
"homepage": "http://code.google.com/p/phpquery/",
- "time": "2013-03-21T12:39:33+00:00",
- "extra": {
- "patches_applied": {
- "PHP7.4 Fix for array access using {} instead of []": "https://raw.githubusercontent.com/civicrm/civicrm-core/fe45bdfc4f3e3d3deb27e3d853cdbc7f616620a9/tools/scripts/composer/patches/php74_array_access_fix_phpquery.patch"
- }
- }
+ "time": "2013-03-21T12:39:33+00:00"
},
{
"name": "firebase/php-jwt",
@@ -1381,6 +1373,11 @@
"pear/pear-core-minimal": "*"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "Apply CiviCRM Customisations for the pear:db package": "https://raw.githubusercontent.com/civicrm/civicrm-core/a48a43c2b5f6d694fff1cfb99d522c5d9e2459a0/tools/scripts/composer/pear_db_civicrm_changes.patch"
+ }
+ },
"autoload": {
"psr-0": {
"DB": "./"
@@ -1416,12 +1413,7 @@
}
],
"description": "More info available on: http://pear.php.net/package/DB",
- "time": "2020-04-19T19:45:59+00:00",
- "extra": {
- "patches_applied": {
- "Apply CiviCRM Customisations for the pear:db package": "https://raw.githubusercontent.com/civicrm/civicrm-core/a48a43c2b5f6d694fff1cfb99d522c5d9e2459a0/tools/scripts/composer/pear_db_civicrm_changes.patch"
- }
- }
+ "time": "2020-04-19T19:45:59+00:00"
},
{
"name": "pear/log",
@@ -1501,6 +1493,11 @@
"pear/net_smtp": "Install optionally via your project's composer.json"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "Apply CiviCRM Customisations for CRM-1367 and CRM-5946": "https://raw.githubusercontent.com/civicrm/civicrm-core/36319938a5bf26c1e7e2110a26a65db6a5979268/tools/scripts/composer/patches/pear-mail.patch"
+ }
+ },
"autoload": {
"psr-0": {
"Mail": "./"
@@ -1532,12 +1529,7 @@
],
"description": "Class that provides multiple interfaces for sending emails.",
"homepage": "http://pear.php.net/package/Mail",
- "time": "2017-04-11T17:27:29+00:00",
- "extra": {
- "patches_applied": {
- "Apply CiviCRM Customisations for CRM-1367 and CRM-5946": "https://raw.githubusercontent.com/civicrm/civicrm-core/36319938a5bf26c1e7e2110a26a65db6a5979268/tools/scripts/composer/patches/pear-mail.patch"
- }
- }
+ "time": "2017-04-11T17:27:29+00:00"
},
{
"name": "pear/mail_mime",
@@ -1557,6 +1549,11 @@
"pear/pear-core-minimal": "*"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "Apply patch for CRM-3133 wordwrap body to be 750 characters to apply with RFC 2821": "https://raw.githubusercontent.com/civicrm/civicrm-core/74e25f27bb3be32519657539afe8a285c6c99a08/tools/scripts/composer/patches/mail_mime_crm_3133.patch"
+ }
+ },
"autoload": {
"psr-0": {
"Mail": "./"
@@ -1583,12 +1580,7 @@
],
"description": "Mail_Mime provides classes to create MIME messages",
"homepage": "http://pear.php.net/package/Mail_Mime",
- "time": "2020-06-27T08:35:27+00:00",
- "extra": {
- "patches_applied": {
- "Apply patch for CRM-3133 wordwrap body to be 750 characters to apply with RFC 2821": "https://raw.githubusercontent.com/civicrm/civicrm-core/74e25f27bb3be32519657539afe8a285c6c99a08/tools/scripts/composer/patches/mail_mime_crm_3133.patch"
- }
- }
+ "time": "2020-06-27T08:35:27+00:00"
},
{
"name": "pear/net_smtp",
@@ -1616,6 +1608,11 @@
"pear/auth_sasl": "Install optionally via your project's composer.json"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "Add in CiviCRM custom error message for CRM-8744": "https://raw.githubusercontent.com/civicrm/civicrm-core/a6a0ff13d2a155ad962529595dceaef728116f96/tools/scripts/composer/patches/net-smtp-patch.patch"
+ }
+ },
"autoload": {
"psr-0": {
"Net": "./"
@@ -1648,12 +1645,7 @@
"mail",
"smtp"
],
- "time": "2019-11-30T23:40:31+00:00",
- "extra": {
- "patches_applied": {
- "Add in CiviCRM custom error message for CRM-8744": "https://raw.githubusercontent.com/civicrm/civicrm-core/a6a0ff13d2a155ad962529595dceaef728116f96/tools/scripts/composer/patches/net-smtp-patch.patch"
- }
- }
+ "time": "2019-11-30T23:40:31+00:00"
},
{
"name": "pear/net_socket",
@@ -1955,6 +1947,11 @@
"squizlabs/php_codesniffer": "2.*"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "Fix handling of libxml_disable_entity_loader": "https://raw.githubusercontent.com/civicrm/civicrm-core/9d93748a36c7c5d44422911db1c98fb2f7067b34/tools/scripts/composer/patches/phpoffice-common-xml-entity-fix.patch"
+ }
+ },
"autoload": {
"psr-4": {
"PhpOffice\\Common\\": "src/Common/"
@@ -1981,12 +1978,7 @@
"office",
"php"
],
- "time": "2018-07-13T14:12:34+00:00",
- "extra": {
- "patches_applied": {
- "Fix handling of libxml_disable_entity_loader": "https://raw.githubusercontent.com/civicrm/civicrm-core/9d93748a36c7c5d44422911db1c98fb2f7067b34/tools/scripts/composer/patches/phpoffice-common-xml-entity-fix.patch"
- }
- }
+ "time": "2018-07-13T14:12:34+00:00"
},
{
"name": "phpoffice/phpword",
@@ -2102,16 +2094,16 @@
},
{
"name": "phpseclib/phpseclib",
- "version": "2.0.31",
+ "version": "2.0.29",
"source": {
"type": "git",
"url": "https://github.com/phpseclib/phpseclib.git",
- "reference": "233a920cb38636a43b18d428f9a8db1f0a1a08f4"
+ "reference": "497856a8d997f640b4a516062f84228a772a48a8"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/233a920cb38636a43b18d428f9a8db1f0a1a08f4",
- "reference": "233a920cb38636a43b18d428f9a8db1f0a1a08f4",
+ "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/497856a8d997f640b4a516062f84228a772a48a8",
+ "reference": "497856a8d997f640b4a516062f84228a772a48a8",
"shasum": ""
},
"require": {
@@ -2119,7 +2111,7 @@
},
"require-dev": {
"phing/phing": "~2.7",
- "phpunit/phpunit": "^4.8.35|^5.7|^6.0|^9.4",
+ "phpunit/phpunit": "^4.8.35|^5.7|^6.0",
"squizlabs/php_codesniffer": "~2.0"
},
"suggest": {
@@ -2203,7 +2195,7 @@
"type": "tidelift"
}
],
- "time": "2021-04-06T13:56:45+00:00"
+ "time": "2020-09-08T04:24:43+00:00"
},
{
"name": "psr/cache",
@@ -2654,20 +2646,6 @@
],
"description": "Symfony Config Component",
"homepage": "https://symfony.com",
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-04-12T14:33:46+00:00"
},
{
@@ -2739,20 +2717,6 @@
],
"description": "Symfony DependencyInjection Component",
"homepage": "https://symfony.com",
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-04-13T09:33:40+00:00"
},
{
@@ -2816,20 +2780,6 @@
],
"description": "Symfony EventDispatcher Component",
"homepage": "https://symfony.com",
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-03-15T09:38:08+00:00"
},
{
@@ -2880,20 +2830,6 @@
],
"description": "Symfony Filesystem Component",
"homepage": "https://symfony.com",
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-04-12T16:54:01+00:00"
},
{
@@ -3001,20 +2937,6 @@
"polyfill",
"portable"
],
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-05-12T16:14:59+00:00"
},
{
@@ -3074,20 +2996,6 @@
"portable",
"shim"
],
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-05-12T16:47:27+00:00"
},
{
@@ -3150,20 +3058,6 @@
"portable",
"shim"
],
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-05-12T16:47:27+00:00"
},
{
@@ -3292,20 +3186,6 @@
"portable",
"shim"
],
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-05-12T16:47:27+00:00"
},
{
@@ -3355,20 +3235,6 @@
],
"description": "Symfony Process Component",
"homepage": "https://symfony.com",
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-04-12T14:33:46+00:00"
},
{
@@ -3969,6 +3835,11 @@
"zetacomponents/unit-test": "*"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "CiviCRM Custom Patches for ZetaCompoents mail": "https://raw.githubusercontent.com/civicrm/civicrm-core/9d93748a36c7c5d44422911db1c98fb2f7067b34/tools/scripts/composer/patches/civicrm-custom-patches-zetacompoents-mail.patch"
+ }
+ },
"autoload": {
"classmap": [
"src"
@@ -4021,12 +3892,7 @@
],
"description": "The component allows you construct and/or parse Mail messages conforming to the mail standard. It has support for attachments, multipart messages and HTML mail. It also interfaces with SMTP to send mail or IMAP, POP3 or mbox to retrieve e-mail.",
"homepage": "https://github.com/zetacomponents",
- "time": "2020-06-13T12:38:26+00:00",
- "extra": {
- "patches_applied": {
- "CiviCRM Custom Patches for ZetaCompoents mail": "https://raw.githubusercontent.com/civicrm/civicrm-core/9d93748a36c7c5d44422911db1c98fb2f7067b34/tools/scripts/composer/patches/civicrm-custom-patches-zetacompoents-mail.patch"
- }
- }
+ "time": "2020-06-13T12:38:26+00:00"
}
],
"packages-dev": [],
diff --git a/civicrm/release-notes.md b/civicrm/release-notes.md
index d89c4d61ae..ba3f5d08e8 100644
--- a/civicrm/release-notes.md
+++ b/civicrm/release-notes.md
@@ -15,6 +15,25 @@ Other resources for identifying changes are:
* https://github.com/civicrm/civicrm-joomla
* https://github.com/civicrm/civicrm-wordpress
+## CiviCRM 5.36.1
+
+Released April 21, 2021
+
+- **[Synopsis](release-notes/5.36.1.md#synopsis)**
+- **[Security advisories](release-notes/5.36.1.md#security)**
+- **[Bugs resolved](release-notes/5.36.1.md#bugs)**
+- **[Credits](release-notes/5.36.1.md#credits)**
+- **[Feedback](release-notes/5.36.1.md#feedback)**
+
+## CiviCRM 5.35.2
+
+Released April 21, 2021
+
+- **[Synopsis](release-notes/5.35.2.md#synopsis)**
+- **[Security advisories](release-notes/5.35.2.md#security)**
+- **[Credits](release-notes/5.35.2.md#credits)**
+- **[Feedback](release-notes/5.35.2.md#feedback)**
+
## CiviCRM 5.36.0
Released April 7, 2021
diff --git a/civicrm/release-notes/5.35.2.md b/civicrm/release-notes/5.35.2.md
new file mode 100644
index 0000000000..ba71f7fb99
--- /dev/null
+++ b/civicrm/release-notes/5.35.2.md
@@ -0,0 +1,39 @@
+# CiviCRM 5.35.2
+
+Released April 21, 2021
+
+- **[Synopsis](#synopsis)**
+- **[Bugs resolved](#bugs)**
+- **[Credits](#credits)**
+- **[Feedback](#feedback)**
+
+## <a name="synopsis"></a>Synopsis
+
+| *Does this version...?* | |
+| --------------------------------------------------------------- | -------- |
+| Change the database schema? | no |
+| Alter the API? | no |
+| Require attention to configuration options? | no |
+| Fix problems installing or upgrading to a previous version? | no |
+| Introduce features? | no |
+| **Fix bugs?** | **yes** |
+
+## <a name="security"></a>Security advisories
+
+- **[CIVI-SA-2021-08](https://civicrm.org/advisory/civi-sa-2021-08-access-bypass-apiv4)**: Access Bypass in APIv4
+
+## <a name="credits"></a>Credits
+
+Special support from Deutsche Gesellschaft für Internationale Zusammenarbeit
+GmbH contributed significantly to this release and other contemporaneous
+security improvements.
+
+This release was developed by the following authors and reviewers:
+
+JMA Consulting - Seamus Lee; CiviCRM - Coleman Watts;
+
+## <a name="feedback"></a>Feedback
+
+These release notes are edited by Tim Otten and Andrew Hunt. If you'd like to
+provide feedback on them, please login to https://chat.civicrm.org/civicrm and
+contact `@agh1`.
diff --git a/civicrm/release-notes/5.36.1.md b/civicrm/release-notes/5.36.1.md
new file mode 100644
index 0000000000..5025300a5f
--- /dev/null
+++ b/civicrm/release-notes/5.36.1.md
@@ -0,0 +1,51 @@
+# CiviCRM 5.36.1
+
+Released April 21, 2021
+
+- **[Synopsis](#synopsis)**
+- **[Bugs resolved](#bugs)**
+- **[Credits](#credits)**
+- **[Feedback](#feedback)**
+
+## <a name="synopsis"></a>Synopsis
+
+| *Does this version...?* | |
+| --------------------------------------------------------------- | -------- |
+| Change the database schema? | no |
+| Alter the API? | no |
+| Require attention to configuration options? | no |
+| **Fix problems installing or upgrading to a previous version?** | **yes** |
+| Introduce features? | no |
+| **Fix bugs?** | **yes** |
+
+## <a name="security"></a>Security advisories
+
+- **[CIVI-SA-2021-08](https://civicrm.org/advisory/civi-sa-2021-08-access-bypass-apiv4)**: Access Bypass in APIv4
+
+## <a name="bugs"></a>Bugs resolved
+
+* **_CiviContribute_: Fix incorrect truncation of payment amount on certain processors ([dev/core#2493](https://lab.civicrm.org/dev/core/-/issues/2493): [#20040](https://github.com/civicrm/civicrm-core/pull/20040))**
+* **_CiviEvent_: Fix issue with "Sold Out" options not being properly frozen when options are displayed as radio ([dev/event#53](https://lab.civicrm.org/dev/event/-/issues/53): [#20073](https://github.com/civicrm/civicrm-core/pull/20073))**
+* **_CiviMember_: Fix soft crediting for memberships when created via back office form ([#20025](https://github.com/civicrm/civicrm-core/pull/20025))**
+* **_CiviMember_: Fix editing memberships when no payments have been created ([dev/core#2543](https://lab.civicrm.org/dev/core/-/issues/2543): [#20083](https://github.com/civicrm/civicrm-core/pull/20083))**
+* **_Dedupe_: Fix saving of dedupe rules ([dev/core#2498](https://lab.civicrm.org/dev/core/-/issues/2498): [#20071](https://github.com/civicrm/civicrm-core/pull/20071))**
+* **_Search Kit_: Fix finding Soft Credit Contact by contact ID ([dev/core#2532](https://lab.civicrm.org/dev/core/-/issues/2532): [#20050](https://github.com/civicrm/civicrm-core/pull/20050))**
+
+## <a name="credits"></a>Credits
+
+Special support from Deutsche Gesellschaft für Internationale Zusammenarbeit
+GmbH contributed significantly to this release and other contemporaneous
+security improvements.
+
+This release was developed by the following authors and reviewers:
+
+Wikimedia Foundation - Eileen McNaughton; MJW Consulting - Matthew Wire; Korlon - Stuart
+Gaston; Greenleaf Advancement Partners - Bruce Thompson; JMA Consulting - Seamus Lee;
+Fuzion - Jitendra Purohit; Coop SymbioTIC - Stéphane Lussier, Mathieu Lutfy; CiviCRM -
+Tim Otten, Coleman Watts; Agileware - Justin Freeman
+
+## <a name="feedback"></a>Feedback
+
+These release notes are edited by Tim Otten and Andrew Hunt. If you'd like to
+provide feedback on them, please login to https://chat.civicrm.org/civicrm and
+contact `@agh1`.
diff --git a/civicrm/sql/civicrm_data.mysql b/civicrm/sql/civicrm_data.mysql
index ec08e922a5..39dfb4422c 100644
--- a/civicrm/sql/civicrm_data.mysql
+++ b/civicrm/sql/civicrm_data.mysql
@@ -23873,4 +23873,4 @@ INSERT INTO `civicrm_report_instance`
( `domain_id`, `title`, `report_id`, `description`, `permission`, `form_values`)
VALUES
( @domainID, 'Survey Details', 'survey/detail', 'Detailed report for canvassing, phone-banking, walk lists or other surveys.', 'access CiviReport', 'a:39:{s:6:"fields";a:2:{s:9:"sort_name";s:1:"1";s:6:"result";s:1:"1";}s:22:"assignee_contact_id_op";s:2:"eq";s:25:"assignee_contact_id_value";s:0:"";s:12:"sort_name_op";s:3:"has";s:15:"sort_name_value";s:0:"";s:17:"street_number_min";s:0:"";s:17:"street_number_max";s:0:"";s:16:"street_number_op";s:3:"lte";s:19:"street_number_value";s:0:"";s:14:"street_name_op";s:3:"has";s:17:"street_name_value";s:0:"";s:15:"postal_code_min";s:0:"";s:15:"postal_code_max";s:0:"";s:14:"postal_code_op";s:3:"lte";s:17:"postal_code_value";s:0:"";s:7:"city_op";s:3:"has";s:10:"city_value";s:0:"";s:20:"state_province_id_op";s:2:"in";s:23:"state_province_id_value";a:0:{}s:13:"country_id_op";s:2:"in";s:16:"country_id_value";a:0:{}s:12:"survey_id_op";s:2:"in";s:15:"survey_id_value";a:0:{}s:12:"status_id_op";s:2:"eq";s:15:"status_id_value";s:1:"1";s:11:"custom_1_op";s:2:"in";s:14:"custom_1_value";a:0:{}s:11:"custom_2_op";s:2:"in";s:14:"custom_2_value";a:0:{}s:17:"custom_3_relative";s:1:"0";s:13:"custom_3_from";s:0:"";s:11:"custom_3_to";s:0:"";s:11:"description";s:75:"Detailed report for canvassing, phone-banking, walk lists or other surveys.";s:13:"email_subject";s:0:"";s:8:"email_to";s:0:"";s:8:"email_cc";s:0:"";s:10:"permission";s:17:"access CiviReport";s:6:"groups";s:0:"";s:9:"domain_id";i:1;}');
-UPDATE civicrm_domain SET version = '5.36.0';
+UPDATE civicrm_domain SET version = '5.36.1';
diff --git a/civicrm/sql/civicrm_generated.mysql b/civicrm/sql/civicrm_generated.mysql
index 71b8c6a6ad..d31287bcc0 100644
--- a/civicrm/sql/civicrm_generated.mysql
+++ b/civicrm/sql/civicrm_generated.mysql
@@ -399,7 +399,7 @@ UNLOCK TABLES;
LOCK TABLES `civicrm_domain` WRITE;
/*!40000 ALTER TABLE `civicrm_domain` DISABLE KEYS */;
-INSERT INTO `civicrm_domain` (`id`, `name`, `description`, `version`, `contact_id`, `locales`, `locale_custom_strings`) VALUES (1,'Default Domain Name',NULL,'5.36.0',1,NULL,'a:1:{s:5:\"en_US\";a:0:{}}');
+INSERT INTO `civicrm_domain` (`id`, `name`, `description`, `version`, `contact_id`, `locales`, `locale_custom_strings`) VALUES (1,'Default Domain Name',NULL,'5.36.1',1,NULL,'a:1:{s:5:\"en_US\";a:0:{}}');
/*!40000 ALTER TABLE `civicrm_domain` ENABLE KEYS */;
UNLOCK TABLES;
diff --git a/civicrm/vendor/autoload.php b/civicrm/vendor/autoload.php
index cf671454a1..9b7fe927fe 100644
--- a/civicrm/vendor/autoload.php
+++ b/civicrm/vendor/autoload.php
@@ -4,4 +4,4 @@
require_once __DIR__ . '/composer/autoload_real.php';
-return ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6::getLoader();
+return ComposerAutoloaderInit0dbc77f5b64a42583beba4f4cba7283d::getLoader();
diff --git a/civicrm/vendor/composer/autoload_real.php b/civicrm/vendor/composer/autoload_real.php
index 06abcf17a6..800c33e862 100644
--- a/civicrm/vendor/composer/autoload_real.php
+++ b/civicrm/vendor/composer/autoload_real.php
@@ -2,7 +2,7 @@
// autoload_real.php @generated by Composer
-class ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6
+class ComposerAutoloaderInit0dbc77f5b64a42583beba4f4cba7283d
{
private static $loader;
@@ -19,9 +19,9 @@ class ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6
return self::$loader;
}
- spl_autoload_register(array('ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6', 'loadClassLoader'), true, true);
+ spl_autoload_register(array('ComposerAutoloaderInit0dbc77f5b64a42583beba4f4cba7283d', 'loadClassLoader'), true, true);
self::$loader = $loader = new \Composer\Autoload\ClassLoader();
- spl_autoload_unregister(array('ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6', 'loadClassLoader'));
+ spl_autoload_unregister(array('ComposerAutoloaderInit0dbc77f5b64a42583beba4f4cba7283d', 'loadClassLoader'));
$includePaths = require __DIR__ . '/include_paths.php';
$includePaths[] = get_include_path();
@@ -31,7 +31,7 @@ class ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6
if ($useStaticLoader) {
require_once __DIR__ . '/autoload_static.php';
- call_user_func(\Composer\Autoload\ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::getInitializer($loader));
+ call_user_func(\Composer\Autoload\ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::getInitializer($loader));
} else {
$map = require __DIR__ . '/autoload_namespaces.php';
foreach ($map as $namespace => $path) {
@@ -52,19 +52,19 @@ class ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6
$loader->register(true);
if ($useStaticLoader) {
- $includeFiles = Composer\Autoload\ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::$files;
+ $includeFiles = Composer\Autoload\ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::$files;
} else {
$includeFiles = require __DIR__ . '/autoload_files.php';
}
foreach ($includeFiles as $fileIdentifier => $file) {
- composerRequirea14ae5914bcd3e4eec4eb20d17f602b6($fileIdentifier, $file);
+ composerRequire0dbc77f5b64a42583beba4f4cba7283d($fileIdentifier, $file);
}
return $loader;
}
}
-function composerRequirea14ae5914bcd3e4eec4eb20d17f602b6($fileIdentifier, $file)
+function composerRequire0dbc77f5b64a42583beba4f4cba7283d($fileIdentifier, $file)
{
if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
require $file;
diff --git a/civicrm/vendor/composer/autoload_static.php b/civicrm/vendor/composer/autoload_static.php
index dc1ca3a4db..1346d90af9 100644
--- a/civicrm/vendor/composer/autoload_static.php
+++ b/civicrm/vendor/composer/autoload_static.php
@@ -4,7 +4,7 @@
namespace Composer\Autoload;
-class ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6
+class ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d
{
public static $files = array (
'320cde22f66dd4f5d3fd621d3e88b98f' => __DIR__ . '/..' . '/symfony/polyfill-ctype/bootstrap.php',
@@ -575,11 +575,11 @@ class ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6
public static function getInitializer(ClassLoader $loader)
{
return \Closure::bind(function () use ($loader) {
- $loader->prefixLengthsPsr4 = ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::$prefixLengthsPsr4;
- $loader->prefixDirsPsr4 = ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::$prefixDirsPsr4;
- $loader->prefixesPsr0 = ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::$prefixesPsr0;
- $loader->fallbackDirsPsr0 = ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::$fallbackDirsPsr0;
- $loader->classMap = ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::$classMap;
+ $loader->prefixLengthsPsr4 = ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::$prefixLengthsPsr4;
+ $loader->prefixDirsPsr4 = ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::$prefixDirsPsr4;
+ $loader->prefixesPsr0 = ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::$prefixesPsr0;
+ $loader->fallbackDirsPsr0 = ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::$fallbackDirsPsr0;
+ $loader->classMap = ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::$classMap;
}, null, ClassLoader::class);
}
diff --git a/civicrm/xml/version.xml b/civicrm/xml/version.xml
index e9905f2fe6..b1d5876048 100644
--- a/civicrm/xml/version.xml
+++ b/civicrm/xml/version.xml
@@ -1,4 +1,4 @@
<?xml version="1.0" encoding="iso-8859-1" ?>
<version>
- <version_no>5.36.0</version_no>
+ <version_no>5.36.1</version_no>
</version>
--
GitLab