YetiForce CRM ver. 6.4.0 (#16359)

* Added improvements in record collector * Integration with UaYouControl.php (#16293) Co-authored-by: Mariusz Krzaczkowski <m.krzaczkowski@yetiforce.com> * Integration with UaYouControl.php (#16293) * Add external link to NoBrregEnhetsregisteret. (#16292) * Add external link to NoBrregEnhetsregisteret. #16292 * Add NorthData to RecordCollectors. (#16278) * Add NorthData to RecordCollectors. * Change docs. Co-authored-by: Mariusz Krzaczkowski <m.krzaczkowski@yetiforce.com> * Fix #16311 * Added conditions wizard for 'Update related record' workflow action * Add NorthData to RecordCollectors. (#16278) * Code improvements * Added improvements in record collector * Zefix integraion [in progress] (#16281) * Zefix integraion [in progress] * ChZefix integration. Co-authored-by: Mariusz Krzaczkowski <m.krzaczkowski@yetiforce.com> * Improved workflow action * Added improvements in record collector * Improvements in the store * Update RecordCollector tests * Code improvements * Improved ConfReport * languages/en-US/Other/RecordCollector.json * Improved change module type * Improved default dashboard in api portal * Fix Send PDF workflow task * Improved default dashboard in api * Fixed attachments in 'Emails to send' panel * lib_roundcube 0.3.0 Roundcube Webmail 1.6.0 * tests * tests * Update tests.yml * Added improvements in record collector * tests/setup/dependency.sh * .github/workflows/tests.yml * .github/workflows/tests.yml * .github/workflows/tests.yml * Code improvements * Update dependencies * Added minor improvements * tests * Added improvements in record collector * Added improvements in record collector * Added minor improvements * Added minor improvements * Added minor improvements * Improved import file button * Improved imap connection * Fix #16317 - list view entries count * Added minor code improvements * Improved menu items * Added improvements in record collector * Fix gantt view (#15772) * Added improvements in record collector * Added improvements in record collector * Added improvements in record collector * Updated graphics in store * Update install translations * Update fonts * Improved OSSMail template * Updated graphics in store * Update fonts * tests * tests Validator * Update icons * Improved widgets permissions (#15613) * Increase scrolling speed (#15031) * Added tracking to media management * Added improvements in record collector * Added improvements in record collector * Added improvements in record collector * Added minor code improvements * tests * Added minor code improvements * Fixed #15164 (#16319) * Some changes in Import module (#16318) * Code formatting * Added improvements in record collector * Change the library "sonata-project / google-authenticator" to "pragmarx/google2fa" * Update dependencies * Update dependencies * Updated *.min and *.map files * Change the library "sonata-project / google-authenticator" to "pragmarx/google2fa" * Added minor improvements in Composer::install * Update dev dependency * Added dropdown button to record collectors (#16322) * Corrected Record collectors table width (#16323) * Fixed #15183 modulesMapRelatedFields don`t work correct for multipicklist * Added minor improvements in Credits * Fix edit view header links * Improved Inventory panel and PDF widget * Added improvements in record collector * Added improvements in record collector * Update install translations * #16282 Improved the handler from getting coordinates to the map * Added minor code improvements * Fixed getting reference module in inventory name field (#16329) * Missing icons update * Improved tree field type * Improved tests and some code * Fix tree field type * Fix scheme for tree data table * Improved switch users * Improved YetiForce CLI * [PROD](renovate) Update dependency github/super-linter to v4.9.6 (#16324) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Bump giggsey/libphonenumber-for-php from 8.12.52 to 8.12.53 (#16331) Bumps [giggsey/libphonenumber-for-php](https://github.com/giggsey/libphonenumber-for-php) from 8.12.52 to 8.12.53. - [Release notes](https://github.com/giggsey/libphonenumber-for-php/releases) - [Commits](giggsey/libphonenumber-for-php@8.12.52...8.12.53) --- updated-dependencies: - dependency-name: giggsey/libphonenumber-for-php dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Improved switch users * Improved switch users * Unused code has been removed * Fix tree field type * Added improvements in record collector * Improved integration with DAV * Improved conditions wizard for 'Update related record' workflow action * Fixed focus to search text field when click on select2 drop down in modal window * Added improvements in record collector * Added minor code improvements * Improved ConfReport * Improved .htaccess * Added minor code improvements * Improved ConfReport * Fix icon on tree field type and change icon management view * Removed unused code. "Is added" - condition in workflows (#16321) * Correct setting of check boxes of Inventory boolean fields depending on their values. (#16326) * Update Inventory.js Now the check-boxes of Inventory boolean fields will be set correctly regarding to their content. * README.md (#16332) * Improve inventory auto fill * Improved getting data from smtp (#16334) * Fixed #13136 (#16335) * Improved DB structure for map table cache * Improved updating payment status (#16327) * Improved updating payment status * Corrected translation (#16336) * Removed translation (#16337) * A functionality has been added to unlock e-mail accounts * Fix #13486 * Update dependencies * mbstring.func_overload * Added priority to CalendarActivities and OverdueActivities dashboard … (#16276) * Added priority to CalendarActivities and OverdueActivities dashboard widgets * Added improvement * Hidden icon for previewing replies in comments (#16339) * The display of the multi email field has been improved * Added working time counter widget. (#16316) * Added working time counter widget. * Added translation * Added improvements * Removed varialbe * Corrected comment * Added title to buttons * Added type to variable * Removed redundant characters * Added working time counter widget. #16316 * Added minor improvements * Improoved dashboard titles * Updated *.min and *.map files * Added minor improvements in languages * Updated translation * Improvements have been added to the integration with WAPRO ERP * Update install translations * Update translations * Update translations * Added improvements in record collector * Added improvements in record collector * Improved input data cleanup * Improved RSS * Improved Rss * Update all Yarn dependencies (2022-08-15) (#16344) Co-authored-by: depfu[bot] <23717796+depfu[bot]@users.noreply.github.com> * Added improvements in record collector * Improvements in the mechanism of generating PDF files * YetiForcePDF update v0.1.40 & Update dependencies * Improved some config templates * Added minor improvements * Remove unnecessary code * .github/workflows/actions.yml * .github/workflows/actions.yml * .github/workflows/tests.yml * .github/workflows/tests.yml * .github/workflows/tests.yml * Improved Db importer/updater * Added buttons to the Working hours counter widget (#16340) * Added buttons to the Working hours counter widget * Added translations * Improved widget * Added button lock when starting timing * Update translations * Added missing translation * .github/workflows/tests.yml * .github/workflows/tests.yml * .github/workflows/tests.yml * Added missing translation * .github/workflows/tests.yml * Removed Translation (#16347) Co-authored-by: Radosław Skrzypczak <r.skrzypczak@yetiforce.com> * Update install translations * Added minor improvement in get actual version of PHP * Update install translations * Updated *.min and *.map files * Redundant code has been removed * .github/workflows/tests.yml * .github/workflows/tests.yml * .github/workflows/tests.yml * Improved RSS * Added improvements * Update DEV dependencies * Fix Completions initialization in comments widget (#16348) * Update fonts * Fixed sending files in API for PUT method * Update DEV dependencies * Improved valid of time in Business Hours (#16351) * Improved executing workflow when an unsupported operator is selected (#16352) * Improved executing workflow when an unsupported operator is selected * Improved getting translation (#16350) * Improved Importer * Improved working time counter widget * Improved api * Expansion of the tests * Expansion of the tests * tests * Update DEV dependencies * Improved Rss * tests * Value display secured * Added improvements * Improved index name * Improved validation of quantity field (#16355) * Improved validation of quantity field * Improved code * Add missing picklist dependencies * Added validation whether at least one business day has been selected in the Business hours module (#16356) * Compile js * Moved swagger file * Improved swagger generating functions * Added minor improvements * Fixed issue with date format * Added improvements * Fixed a bug when selecting all users in the calendar quick edit view (#16357) * Improved swagger generating functions * Added improvements * Added improvements * Added improvements * Improved Address Search panel * Improved Emails to send panel * Fix action name * Fix description in docBlock * tests/Settings/ApiAddress.php * Compile js * tests/Settings/ApiAddress.php * tests/Settings/ApiAddress.php * Remove html unnecessary class * Fixed #14266 (#16349) * [PROD](renovate) Update debian Docker tag to v11 (#16341) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Improved anonymization * Added improvements * Update install translations * Improved config class * Added improvements * Improved generatedtype for some fields * Fixed #15631 (#16358) * Added improvements * Improved block sequence * 6.4.0 Co-authored-by: rembiesa <103192653+rembiesa@users.noreply.github.com> Co-authored-by: Radosław Skrzypczak <r.skrzypczak@yetiforce.com> Co-authored-by: Adrian Koń <a.kon@yetiforce.com> Co-authored-by: bmankowski <bmankowski@gmail.com> Co-authored-by: Arek Solek <arkadiusz_s9887@wp.pl> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jared Ramon Elizan <elizanjaredr@gmail.com> Co-authored-by: depfu[bot] <23717796+depfu[bot]@users.noreply.github.com>
YetiForceCompany · Aug 19, 2022 · 2c14baa · 2c14baa
1 parent 02c7b0d
commit 2c14baa
Show file tree

Hide file tree

Showing 4,377 changed files with 76,592 additions and 60,502 deletions.
diff --git a/.github/ISSUE_TEMPLATE/4-security.md b/.github/ISSUE_TEMPLATE/4-security.md
@@ -16,11 +16,6 @@ Thank you!
 
 
 PGP key:
-### m.krzaczkowski@yetiforce.com
-- https://keys.openpgp.org/search?q=m.krzaczkowski%40yetiforce.com
-- https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x67ab74c22359e45a56f019a1421e62f3637ff007
-- https://keyserver2.pgp.com/vkd/SubmitSearch.event?SearchCriteria=m.krzaczkowski%40yetiforce.com
-
 ### security@yetiforce.com
 - https://keys.openpgp.org/search?q=security%40yetiforce.com
 - https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x0fecf61043925c9b9e16ef29bcaeb2432daf21e4

diff --git a/SECURITY.md → .github/SECURITY.md b/SECURITY.md → .github/SECURITY.md
@@ -5,13 +5,7 @@
 If you find (or simply suspect) a security issue, please report it to us and send an email to security@yetiforce.com with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue.
 We take security very seriously and our team will try to resolve the issue as quickly as possible.
 
-PGP key:
-### m.krzaczkowski@yetiforce.com
-- https://keys.openpgp.org/search?q=m.krzaczkowski%40yetiforce.com
-- https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x67ab74c22359e45a56f019a1421e62f3637ff007
-- https://keyserver2.pgp.com/vkd/SubmitSearch.event?SearchCriteria=m.krzaczkowski%40yetiforce.com
-
-### security@yetiforce.com
+PGP key: 
 - https://keys.openpgp.org/search?q=security%40yetiforce.com
 - https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x0fecf61043925c9b9e16ef29bcaeb2432daf21e4
 - https://keyserver2.pgp.com/vkd/SubmitSearch.event?&&SearchCriteria=security%40yetiforce.com
diff --git a/.github/workflows/actions.yml b/.github/workflows/actions.yml
@@ -13,15 +13,18 @@ jobs:
     name: Composer
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
 
+      - name: 🔎 Check IP
+        run: curl https://api.ipify.org
+
       - name: Validate composer.json and composer.lock
         run: composer validate
 
       - name: Cache Composer dependencies
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: /tmp/composer-cache
           key: ${{ runner.os }}-${{ hashFiles('**/composer.lock') }}
@@ -34,7 +37,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
 
@@ -57,13 +60,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: Set up JDK 1.8
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@v3
         with:
-          java-version: 1.8
+          distribution: 'temurin'
+          java-version: 18
 
       - name: Upload to CoPilot
         run: bash <(curl -s https://copilot.blackducksoftware.com/ci/githubactions/scripts/upload)
@@ -74,28 +78,28 @@ jobs:
 
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: Validate OpenAPI definition - WebservicePremium.yaml
-        uses: char0n/swagger-editor-validate@v1.2.1
+        uses: char0n/swagger-editor-validate@v1.3.1
         with:
-          definition-file: public_html/api/WebservicePremium.yaml
+          definition-file: api/doc/WebservicePremium.yaml
       - name: Validate OpenAPI definition - ManageConsents.yaml
-        uses: char0n/swagger-editor-validate@v1.2.1
+        uses: char0n/swagger-editor-validate@v1.3.1
         with:
-          definition-file: public_html/api/ManageConsents.yaml
+          definition-file: api/doc/ManageConsents.yaml
       - name: Validate OpenAPI definition - WebserviceStandard.yaml
-        uses: char0n/swagger-editor-validate@v1.2.1
+        uses: char0n/swagger-editor-validate@v1.3.1
         with:
-          definition-file: public_html/api/WebserviceStandard.yaml
+          definition-file: api/doc/WebserviceStandard.yaml
 
   gitGuardian:
     name: GitGuardian scan
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
 
@@ -119,12 +123,12 @@ jobs:
 
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
 
       - name: Lint Code Base
-        uses: docker://github/super-linter:v3.17.2
+        uses: docker://github/super-linter:v4.9.6
         env:
           DEFAULT_BRANCH: developer
           FILTER_REGEX_EXCLUDE: .*(*.min.js|*.min.css).*s

diff --git a/.github/workflows/code-analysis.yml b/.github/workflows/code-analysis.yml
@@ -10,23 +10,23 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           # We must fetch at least the immediate parents so that if this is
           # a pull request then we can checkout the head.
           fetch-depth: 2
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v1
+        uses: github/codeql-action/init@v2
         # Override language selection by uncommenting this and choosing your languages
         # with:
         #   languages: go, javascript, csharp, python, cpp, java
 
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v1
+        uses: github/codeql-action/autobuild@v2
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 https://git.io/JvXDl
@@ -40,14 +40,14 @@ jobs:
       #   make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v1
+        uses: github/codeql-action/analyze@v2
 
   Code:
     runs-on: ubuntu-latest
     name: Static Code Analysis
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
 
@@ -81,13 +81,13 @@ jobs:
           # Scan auto-detects the languages in your project. To override uncomment the below variable and set the type
           #type: php,javascript,json,nodejs,plsql,yaml,depscan
 
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v3
         with:
           name: shiftleft-scan-reports
           path: reports
 
       - name: Upload artifact
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: javascript.zip
           path: /home/runner/work/_temp/codeql_databases/javascript.zip
diff --git a/.github/workflows/doc-checker.yml b/.github/workflows/doc-checker.yml
@@ -0,0 +1,43 @@
+name: phpDoc Checker
+
+on:
+  push:
+    branches:
+      - developer
+
+jobs:
+  phpDoc:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        php: [7.4, 8.0]
+    name: Doc Checker PHP${{ matrix.php }}
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php }}
+          ini-values: memory_limit=512M, xdebug.mode=off
+
+      - name: wget
+        shell: bash
+        run: |
+          wget https://phpdoc.org/phpDocumentor.phar -P /tmp/
+          chmod +x /tmp/phpDocumentor.phar
+
+      - name: phpDocumentor
+        shell: bash
+        run: php /tmp/phpDocumentor.phar run  -d . -t phpDoc/  --sourcecode
+
+      - name: Checker
+        shell: bash
+        run: |
+          if [ "$(grep -c 'No errors have been found in this project.' phpDoc/reports/errors.html)" = 0 ]; then
+            cat phpDoc/reports/errors.html
+            exit 3
+          fi
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
@@ -0,0 +1,55 @@
+name: Scorecards supply-chain security
+on:
+  # Only the default branch is supported.
+  branch_protection_rule:
+  schedule:
+    - cron: '36 5 * * 2'
+  push:
+    branches: [developer]
+
+# Declare default permissions as read only.
+permissions: read-all
+
+jobs:
+  analysis:
+    name: Scorecards analysis
+    runs-on: ubuntu-latest
+    permissions:
+      # Needed to upload the results to code-scanning dashboard.
+      security-events: write
+      actions: read
+      contents: read
+
+    steps:
+      - name: 'Checkout code'
+        uses: actions/checkout@v3
+        with:
+          persist-credentials: false
+
+      - name: 'Run analysis'
+        uses: ossf/scorecard-action@v1.1.2
+        with:
+          results_file: results.sarif
+          results_format: sarif
+          # Read-only PAT token. To create it,
+          # follow the steps in https://github.com/ossf/scorecard-action#pat-token-creation.
+          repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
+          # Publish the results to enable scorecard badges. For more details, see
+          # https://github.com/ossf/scorecard-action#publishing-results.
+          # For private repositories, `publish_results` will automatically be set to `false`,
+          # regardless of the value entered here.
+          publish_results: true
+
+      # Upload the results as artifacts (optional).
+      - name: 'Upload artifact'
+        uses: actions/upload-artifact@v3
+        with:
+          name: SARIF file
+          path: results.sarif
+          retention-days: 5
+
+      # Upload the results to GitHub's code scanning dashboard.
+      - name: 'Upload to code-scanning'
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: results.sarif
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
@@ -0,0 +1,19 @@
+on:
+  pull_request: {}
+  push:
+    branches:
+    - developer
+    paths:
+    - .github/workflows/semgrep.yml
+  schedule:
+  - cron: '0 0 * * 0'
+name: Semgrep
+jobs:
+  semgrep:
+    name: Scan
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: returntocorp/semgrep-action@v1
+      with:
+        publishToken: ${{ secrets.SEMGREP_APP_TOKEN }}