Merge pull request #332 from UN-OCHA/develop

chore: Prevent user enumeration, cleanup migrations and update workflows.
UN-OCHA · Jul 19, 2023 · a6bfe80 · a6bfe80
2 parents 7164399 + 00e3b3e
commit a6bfe80
Show file tree

Hide file tree

Showing 196 changed files with 4,184 additions and 13,550 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -4,7 +4,7 @@
 !docker
 !html/modules/custom
 !html/themes/custom
-!patches
+!PATCHES
 !scripts
 !composer.json
 !composer.lock

diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml
@@ -78,7 +78,7 @@ jobs:
         uses: docker/[email protected]
         with:
           registry: public.ecr.aws
-          username: ${{ secrets.ECR_AWS_ACCESS_KEY_I }}
+          username: ${{ secrets.ECR_AWS_ACCESS_KEY_ID }}
           password: ${{ secrets.ECR_AWS_SECRET_ACCESS_KEY }}
         env:
           AWS_REGION: us-east-1
@@ -169,7 +169,7 @@ jobs:
         id: fc
         if: ${{ !env.ACT }}
         with:
-          github: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           issue-number: ${{ github.event.pull_request.number }}
           comment-author: 'github-actions[bot]'
           body-includes: Build output
@@ -178,7 +178,7 @@ jobs:
         uses: peter-evans/create-or-update-comment@v2
         if: ${{ !env.ACT }}
         with:
-          github: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           comment-id: ${{ steps.fc.outputs.comment-id }}
           issue-number: ${{ github.event.pull_request.number }}
           body: |

diff --git a/..._code_property_migration-3082364-13.patch → ..._code_property_migration-3082364-13.patch b/..._code_property_migration-3082364-13.patch → ..._code_property_migration-3082364-13.patch
diff --git a/...ink-Integration-with-LinkIt-2958532.patch → ...ink-Integration-with-LinkIt-2958532.patch b/...ink-Integration-with-LinkIt-2958532.patch → ...ink-Integration-with-LinkIt-2958532.patch
diff --git a/...ing_issue_in_link_dialog-2986268-11.patch → ...ing_issue_in_link_dialog-2986268-11.patch b/...ing_issue_in_link_dialog-2986268-11.patch → ...ing_issue_in_link_dialog-2986268-11.patch
diff --git a/patches/ckeditor/2642808-69.patch → PATCHES/ckeditor/2642808-69.patch b/patches/ckeditor/2642808-69.patch → PATCHES/ckeditor/2642808-69.patch
diff --git a/patches/core/CoreError.patch → PATCHES/core/CoreError.patch b/patches/core/CoreError.patch → PATCHES/core/CoreError.patch
diff --git a/patches/csp-log-format.patch → PATCHES/csp-log-format.patch b/patches/csp-log-format.patch → PATCHES/csp-log-format.patch
diff --git a/...rowser/entity_browser-key-2914385-6.patch → ...rowser/entity_browser-key-2914385-6.patch b/...rowser/entity_browser-key-2914385-6.patch → ...rowser/entity_browser-key-2914385-6.patch
diff --git a/...google_analytics/3170816-migrate_d9.patch → ...google_analytics/3170816-migrate_d9.patch b/...google_analytics/3170816-migrate_d9.patch → ...google_analytics/3170816-migrate_d9.patch
diff --git a/..._tag/3250315-google-tag-nfs-locks-5.patch → ..._tag/3250315-google-tag-nfs-locks-5.patch b/..._tag/3250315-google-tag-nfs-locks-5.patch → ..._tag/3250315-google-tag-nfs-locks-5.patch
diff --git a/patches/ocha_snap/timeout_update.patch → PATCHES/ocha_snap/timeout_update.patch b/patches/ocha_snap/timeout_update.patch → PATCHES/ocha_snap/timeout_update.patch
diff --git a/...expire/customize-notification-email.patch → ...expire/customize-notification-email.patch b/...expire/customize-notification-email.patch → ...expire/customize-notification-email.patch
diff --git a/...re/reset-expiration-on-reactivation.patch → ...re/reset-expiration-on-reactivation.patch b/...re/reset-expiration-on-reactivation.patch → ...re/reset-expiration-on-reactivation.patch
diff --git a/PATCHES/username_enumeration_prevention-user-login-block-form-3312288.patch b/PATCHES/username_enumeration_prevention-user-login-block-form-3312288.patch
@@ -0,0 +1,20 @@
+diff --git a/username_enumeration_prevention.module b/username_enumeration_prevention.module
+index 1038f75b1d823887965f79df9d3b76fc396031a1..075abaa22c8392f810093e066990934328fdd01c 100644
+--- a/username_enumeration_prevention.module
++++ b/username_enumeration_prevention.module
+@@ -86,3 +86,15 @@ function username_enumeration_prevention_pass_submit($form, FormStateInterface $
+   \Drupal::messenger()->addMessage(t('If the username or email address exists and is active, further instructions have been sent to your email address.'));
+   $form_state->setRedirect('user.page');
+ }
++
++/**
++ * Implements hook_js_settings_alter().
++ *
++ * Remove drupalSettings.path.currentPath on 404 responses.
++ */
++function username_enumeration_prevention_js_settings_alter(&$settings) {
++  if (\Drupal::routeMatch()->getRouteName() === "system.404" ) {
++    $settings['path']['currentPath'] = '';
++  }
++}
++
diff --git a/composer.json b/composer.json
@@ -1,6 +1,6 @@
 {
-    "name": "unocha/starterkit",
-    "description": "Starterkit",
+    "name": "unocha/gms-site",
+    "description": "GMS Site",
     "type": "project",
     "license": "GPL-2.0-or-later",
     "authors": [
@@ -97,7 +97,6 @@
         "ckeditor-plugin/panelbutton": "^4.11",
         "composer/installers": "^1.10",
         "cweagans/composer-patches": "^1.7",
-        "drupal-composer/preserve-paths": "^0.1.6",
         "drupal/acl": "^1.0@beta",
         "drupal/admin_denied": "^2",
         "drupal/admin_toolbar": "^3.1",
@@ -146,10 +145,6 @@
         "drupal/menu_firstchild": "^2.0",
         "drupal/menu_link_attributes": "^1.2",
         "drupal/metatag": "^1.16",
-        "drupal/migrate_file": "^2.0",
-        "drupal/migrate_plus": "^5.1",
-        "drupal/migrate_tools": "^5.0",
-        "drupal/migrate_upgrade": "^3.2",
         "drupal/modules_weight": "^1.9",
         "drupal/noreqnewpass": "^1.2",
         "drupal/onomasticon": "^2.0",
@@ -167,9 +162,10 @@
         "drupal/superfish": "^1.4",
         "drupal/tb_megamenu": "^1.3",
         "drupal/token": "^1.9",
-        "drupal/token_filter": "^1.2",
+        "drupal/token_filter": "^2.0",
         "drupal/tome": "^1.4",
         "drupal/user_expire": "^1.0",
+        "drupal/username_enumeration_prevention": "^1.3",
         "drupal/userprotect": "^1.1",
         "drupal/video_embed_field": "^2.4",
         "drupal/views_base_url": "^2.0@beta",
@@ -206,7 +202,6 @@
             "composer/installers": true,
             "cweagans/composer-patches": true,
             "dealerdirect/phpcodesniffer-composer-installer": true,
-            "drupal-composer/preserve-paths": true,
             "drupal/core-composer-scaffold": true,
             "drupal/core-project-message": true,
             "drupal/console-extend-plugin": true,
@@ -231,6 +226,8 @@
             "html/modules/contrib/{$name}": ["type:drupal-module"],
             "html/profiles/contrib/{$name}": ["type:drupal-profile"],
             "html/themes/contrib/{$name}": ["type:drupal-theme"],
+            "html/modules/custom/{$name}": ["type:drupal-custom-module"],
+            "html/themes/custom/{$name}": ["type:drupal-custom-theme"],
             "drush/Commands/{$name}": ["type:drupal-drush"]
         },
         "drupal-scaffold": {
@@ -253,11 +250,6 @@
             "replace": false,
             "merge-extra": false
         },
-        "preserve-paths": [
-            "html/modules/custom",
-            "html/themes/custom",
-            "html/sites/default"
-        ],
         "patches-file": "composer.patches.json",
         "composer-exit-on-patch-failure": true
     },