Upgrade zend framework to 1.12.20 #8
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Zend_Validate_Hostname - Updated TLD list
It solves executing queries with subqueries in SELECT block. "New line" char (which is added in _renderFrom function while imploding joins) causes problem in regexp for "AS" case detection
…e a very rare case with raw subquery with "new line" chars inside
…pdate Zend_Validate_Hostname - updated TLD list to the version 2015102801
Fixed the null byte test for Zend_Db_Adapter_Pdo
…ditional space chars in it.
This patch fixes a potential entropy fixation vector with `Zend_Captcha_Word`. Prior to the fix, when selecting letters for the CAPTCHA, `array_rand()` was used, which does not use sufficient entropy during randomization. The patch backports randomization routines from ZF2 in order to provide a more cryptographically secure RNG.
Fix for ZF2015-09.
This allows us to easily switch between PHP versions down to 5.3 using the `newphp nn` command. You're on your own for installing PHPUnit though, it's easy enough with `composer global require phpunit/phpunit:~4.0` or whatever though.
Update FirePhp for different debug_backtrace on PHP 7
Skip Zend_Soap tests on Travis with PHP 5.4.37 because of segfaults
Update to 1.17
…orm-Elements docs
…ng documentation
Fixes zendframework#575 - Removes Zend_Gdata_YouTube which is based on Data API v2
Patch for ZF2016-01
- Updated VERSION constant to 1.12.18 - Updated README: - set stable version - set release date - added verbiage around ZF2016-01
1.12.18 readiness
- Updated README: set version, date, and changelog notes. - Updated `Zend_Version::VERSION` constant.
Patches ZF2016-02, and prepares for 1.12.19 release.
Resolves ZF2016-03 advisory.
- Updated README: - Updated version to stable - Set date for release - Added release notes including ZF2016-03 details - Updated VERSION constant
- Merge tag '1.12.16-patch3' into MAGETWO-65715-1.12.20
- Merge tag 'release-1.12.18' into MAGETWO-65715-1.12.20
- Merge tag 'release-1.12.19' into MAGETWO-65715-1.12.20
- Merge tag 'release-1.12.20' into MAGETWO-65715-1.12.20
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
BE CAREFUL!
Please, DO NOT tag this version as 1.12.X as it will break all previous Magento installations at least after next
composer updateon a client side. This will happen because Zend framework has dropped an ability to pass a string as expression into "ORDER BY" and "GROUP BY" statements in the patch release as a part of security fix. Now the only instance of the\Zend_Db_Exprshould be used for this case.AC discussed this case and we've decided that this release should be tagged as 1.13.0