host/julienmonnerie
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update to Kirby 4.7.0

Browse source
This commit is contained in:
Paul Nicoué 2025-04-21 18:57:21 +02:00
parent 02a9ab387c
commit ba25a9a198
509 changed files with 26604 additions and 14872 deletions
Download patch file Download diff file Expand all files Collapse all files

13
kirby/vendor/laminas/laminas-escaper/composer.json vendored
View file

@ -29,17 +29,16 @@
"extra": {
},
"require": {
"php": "~8.1.0 || ~8.2.0 || ~8.3.0",
"php": "~8.1.0 || ~8.2.0 || ~8.3.0 || ~8.4.0",
"ext-ctype": "*",
"ext-mbstring": "*"
},
"require-dev": {
"infection/infection": "^0.27.0",
"laminas/laminas-coding-standard": "~2.5.0",
"maglnet/composer-require-checker": "^3.8.0",
"phpunit/phpunit": "^9.6.7",
"psalm/plugin-phpunit": "^0.18.4",
"vimeo/psalm": "^5.9"
"infection/infection": "^0.29.8",
"laminas/laminas-coding-standard": "~3.0.1",
"phpunit/phpunit": "^10.5.45",
"psalm/plugin-phpunit": "^0.19.2",
"vimeo/psalm": "^6.6.2"
},
"autoload": {
"psr-4": {

39
kirby/vendor/laminas/laminas-escaper/src/Escaper.php vendored
View file

@ -4,11 +4,13 @@ declare(strict_types=1);
namespace Laminas\Escaper;
use function assert;
use function bin2hex;
use function ctype_digit;
use function hexdec;
use function htmlspecialchars;
use function in_array;
use function is_string;
use function mb_convert_encoding;
use function ord;
use function preg_match;
@ -25,6 +27,8 @@ use const ENT_SUBSTITUTE;
/**
* Context specific methods for use in secure output escaping
*
* @final
*/
class Escaper
{
@ -49,7 +53,7 @@ class Escaper
* Current encoding for escaping. If not UTF-8, we convert strings from this encoding
* pre-escaping and back to this encoding post-escaping.
*
* @var string
* @var non-empty-string
*/
protected $encoding = 'utf-8';
@ -88,7 +92,7 @@ class Escaper
/**
* List of all encoding supported by this class
*
* @var array
* @var list<non-empty-string>
*/
protected $supportedEncodings = [
'iso-8859-1',
@ -131,6 +135,7 @@ class Escaper
* Constructor: Single parameter allows setting of global encoding for use by
* the current object.
*
* @param non-empty-string|null $encoding
* @throws Exception\InvalidArgumentException
*/
public function __construct(?string $encoding = null)
@ -159,25 +164,19 @@ class Escaper
// set matcher callbacks
$this->htmlAttrMatcher =
/** @param array<array-key, string> $matches */
function (array $matches): string {
return $this->htmlAttrMatcher($matches);
};
fn(array $matches): string => $this->htmlAttrMatcher($matches);
$this->jsMatcher =
/** @param array<array-key, string> $matches */
function (array $matches): string {
return $this->jsMatcher($matches);
};
fn(array $matches): string => $this->jsMatcher($matches);
$this->cssMatcher =
/** @param array<array-key, string> $matches */
function (array $matches): string {
return $this->cssMatcher($matches);
};
fn(array $matches): string => $this->cssMatcher($matches);
}
/**
* Return the encoding that all output/input is expected to be encoded in.
*
* @return string
* @return non-empty-string
*/
public function getEncoding()
{
@ -188,7 +187,7 @@ class Escaper
* Escape a string for the HTML Body context where there are very few characters
* of special meaning. Internally this will use htmlspecialchars().
*
* @return string
* @return ($string is non-empty-string ? non-empty-string : string)
*/
public function escapeHtml(string $string)
{
@ -200,7 +199,7 @@ class Escaper
* to escape that are not covered by htmlspecialchars() to cover cases where an attribute
* might be unquoted or quoted illegally (e.g. backticks are valid quotes for IE).
*
* @return string
* @return ($string is non-empty-string ? non-empty-string : string)
*/
public function escapeHtmlAttr(string $string)
{
@ -210,6 +209,8 @@ class Escaper
}
$result = preg_replace_callback('/[^a-z0-9,\.\-_]/iSu', $this->htmlAttrMatcher, $string);
assert(is_string($result));
return $this->fromUtf8($result);
}
@ -222,7 +223,7 @@ class Escaper
* Backslash escaping is not used as it still leaves the escaped character as-is and so
* is not useful in a HTML context.
*
* @return string
* @return ($string is non-empty-string ? non-empty-string : string)
*/
public function escapeJs(string $string)
{
@ -232,6 +233,8 @@ class Escaper
}
$result = preg_replace_callback('/[^a-z0-9,\._]/iSu', $this->jsMatcher, $string);
assert(is_string($result));
return $this->fromUtf8($result);
}
@ -240,7 +243,7 @@ class Escaper
* an entire URI - only a subcomponent being inserted. The function is a simple proxy
* to rawurlencode() which now implements RFC 3986 since PHP 5.3 completely.
*
* @return string
* @return ($string is non-empty-string ? non-empty-string : string)
*/
public function escapeUrl(string $string)
{
@ -251,7 +254,7 @@ class Escaper
* Escape a string for the CSS context. CSS escaping can be applied to any string being
* inserted into CSS and escapes everything except alphanumerics.
*
* @return string
* @return ($string is non-empty-string ? non-empty-string : string)
*/
public function escapeCss(string $string)
{
@ -261,6 +264,8 @@ class Escaper
}
$result = preg_replace_callback('/[^a-z0-9]/iSu', $this->cssMatcher, $string);
assert(is_string($result));
return $this->fromUtf8($result);
}