Updated translator & dependency attribution before release v25.11.6

For #5925
Added tests to cover.
Extracted existing test to place with similiar sessions tests

.env.example

@@ -26,6 +26,13 @@ DB_DATABASE=database_database
 DB_USERNAME=database_username
 DB_PASSWORD=database_user_password
 
+# Storage system to use
+# By default files are stored on the local filesystem, with images being placed in
+# public web space so they can be efficiently served directly by the web-server.
+# For other options with different security levels & considerations, refer to:
+# https://www.bookstackapp.com/docs/admin/upload-config/
+STORAGE_TYPE=local
+
 # Mail system to use
 # Can be 'smtp' or 'sendmail'
 MAIL_DRIVER=smtp

.github/translators.txt

@@ -511,3 +511,4 @@ MrCharlesIII :: Arabic
 David Olsen (dawin) :: Danish
 ltnzr :: French
 Frank Holler (holler.frank) :: German; German Informal
+Korab Arifi (korabidev) :: Albanian

.github/workflows/test-migrations.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-24.04
     strategy:
       matrix:
-        php: ['8.2', '8.3', '8.4']
+        php: ['8.2', '8.3', '8.4', '8.5']
     steps:
       - uses: actions/checkout@v4
 

.github/workflows/test-php.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-24.04
     strategy:
       matrix:
-        php: ['8.2', '8.3', '8.4']
+        php: ['8.2', '8.3', '8.4', '8.5']
     steps:
     - uses: actions/checkout@v4
 

app/Access/Controllers/OidcController.php

@@ -9,11 +9,9 @@ use Illuminate\Http\Request;
 
 class OidcController extends Controller
 {
-    protected OidcService $oidcService;
-
-    public function __construct(OidcService $oidcService)
-    {
-        $this->oidcService = $oidcService;
+    public function __construct(
+        protected OidcService $oidcService
+    ) {
         $this->middleware('guard:oidc');
     }
 
@@ -30,7 +28,7 @@ class OidcController extends Controller
             return redirect('/login');
         }
 
-        session()->flash('oidc_state', $loginDetails['state']);
+        session()->put('oidc_state', time() . ':' . $loginDetails['state']);
 
         return redirect($loginDetails['url']);
     }
@@ -41,10 +39,16 @@ class OidcController extends Controller
      */
     public function callback(Request $request)
     {
-        $storedState = session()->pull('oidc_state');
         $responseState = $request->query('state');
+        $splitState =  explode(':', session()->pull('oidc_state', ':'), 2);
+        if (count($splitState) !== 2) {
+            $splitState = [null, null];
+        }
 
-        if ($storedState !== $responseState) {
+        [$storedStateTime, $storedState] = $splitState;
+        $threeMinutesAgo = time() - 3 * 60;
+
+        if (!$storedState || $storedState !== $responseState || intval($storedStateTime) < $threeMinutesAgo) {
             $this->showErrorNotification(trans('errors.oidc_fail_authed', ['system' => config('oidc.name')]));
 
             return redirect('/login');
@@ -62,7 +66,7 @@ class OidcController extends Controller
     }
 
     /**
-     * Log the user out then start the OIDC RP-initiated logout process.
+     * Log the user out, then start the OIDC RP-initiated logout process.
      */
     public function logout()
     {

app/Activity/Models/Comment.php

@@ -41,7 +41,19 @@ class Comment extends Model implements Loggable, OwnableInterface
      */
     public function entity(): MorphTo
     {
-        return $this->morphTo('commentable');
+        // We specifically define null here to avoid the different name (commentable)
+        // being used by Laravel eager loading instead of the method name, which it was doing
+        // in some scenarios like when deserialized when going through the queue system.
+        // So we instead specify the type and id column names to use.
+        // Related to:
+        // https://github.com/laravel/framework/pull/24815
+        // https://github.com/laravel/framework/issues/27342
+        // https://github.com/laravel/framework/issues/47953
+        // (and probably more)
+
+        // Ultimately, we could just align the method name to 'commentable' but that would be a potential
+        // breaking change and not really worthwhile in a patch due to the risk of creating extra problems.
+        return $this->morphTo(null, 'commentable_type', 'commentable_id');
     }
 
     /**

app/Activity/Notifications/Handlers/BaseNotificationHandler.php

@@ -20,6 +20,7 @@ abstract class BaseNotificationHandler implements NotificationHandler
     {
         $users = User::query()->whereIn('id', array_unique($userIds))->get();
 
+        /** @var User $user */
         foreach ($users as $user) {
             // Prevent sending to the user that initiated the activity
             if ($user->id === $initiator->id) {

app/Exports/ZipExports/ZipExportReferences.php

@@ -15,6 +15,7 @@ use BookStack\Exports\ZipExports\Models\ZipExportPage;
 use BookStack\Permissions\Permission;
 use BookStack\Uploads\Attachment;
 use BookStack\Uploads\Image;
+use BookStack\Uploads\ImageService;
 
 class ZipExportReferences
 {
@@ -33,6 +34,7 @@ class ZipExportReferences
 
     public function __construct(
         protected ZipReferenceParser $parser,
+        protected ImageService $imageService,
     ) {
     }
 
@@ -133,10 +135,17 @@ class ZipExportReferences
                 return "[[bsexport:image:{$model->id}]]";
             }
 
-            // Find and include images if in visibility
+            // Get the page which we'll reference this image upon
             $page = $model->getPage();
-            $pageExportModel = $this->pages[$page->id] ?? ($exportModel instanceof ZipExportPage ? $exportModel : null);
-            if (isset($this->images[$model->id]) || ($page && $pageExportModel && userCan(Permission::PageView, $page))) {
+            $pageExportModel = null;
+            if ($page && isset($this->pages[$page->id])) {
+                $pageExportModel = $this->pages[$page->id];
+            } elseif ($exportModel instanceof ZipExportPage) {
+                $pageExportModel = $exportModel;
+            }
+
+            // Add the image to the export if it's accessible or just return the existing reference if already added
+            if (isset($this->images[$model->id]) || ($pageExportModel && $this->imageService->imageAccessible($model))) {
                 if (!isset($this->images[$model->id])) {
                     $exportImage = ZipExportImage::fromModel($model, $files);
                     $this->images[$model->id] = $exportImage;
@@ -144,6 +153,7 @@ class ZipExportReferences
                 }
                 return "[[bsexport:image:{$model->id}]]";
             }
+
             return null;
         }
 

app/Http/Middleware/StartSessionExtended.php

@@ -14,7 +14,10 @@ use Illuminate\Session\Middleware\StartSession as Middleware;
 class StartSessionExtended extends Middleware
 {
     protected static array $pathPrefixesExcludedFromHistory = [
-        'uploads/images/'
+        'uploads/images/',
+        'dist/',
+        'manifest.json',
+        'opensearch.xml',
     ];
 
     /**

app/Search/SearchIndex.php

@@ -126,7 +126,7 @@ class SearchIndex
         $termMap = $this->textToTermCountMap($text);
 
         foreach ($termMap as $term => $count) {
-            $termMap[$term] = floor($count * $scoreAdjustment);
+            $termMap[$term] = intval($count * $scoreAdjustment);
         }
 
         return $termMap;

app/Uploads/Image.php

@@ -18,7 +18,7 @@ use Illuminate\Database\Eloquent\Relations\HasMany;
  * @property string   $url
  * @property string   $path
  * @property string   $type
- * @property int    $uploaded_to
+ * @property int|null $uploaded_to
  * @property int      $created_by
  * @property int      $updated_by
  */

app/Uploads/ImageService.php

@@ -148,7 +148,7 @@ class ImageService
     }
 
     /**
-     * Destroy an image along with its revisions, thumbnails and remaining folders.
+     * Destroy an image along with its revisions, thumbnails, and remaining folders.
      *
      * @throws Exception
      */
@@ -252,16 +252,7 @@ class ImageService
     {
         $disk = $this->storage->getDisk('gallery');
 
-        if ($this->storage->usingSecureRestrictedImages() && !$this->checkUserHasAccessToRelationOfImageAtPath($imagePath)) {
-            return false;
-        }
-
-        // Check local_secure is active
-        return $disk->usingSecureImages()
-            // Check the image file exists
-            && $disk->exists($imagePath)
-            // Check the file is likely an image file
-            && str_starts_with($disk->mimeType($imagePath), 'image/');
+        return $disk->usingSecureImages() && $this->pathAccessible($imagePath);
     }
 
     /**
@@ -269,16 +260,51 @@ class ImageService
      */
     public function pathAccessible(string $imagePath): bool
     {
-        $disk = $this->storage->getDisk('gallery');
-
         if ($this->storage->usingSecureRestrictedImages() && !$this->checkUserHasAccessToRelationOfImageAtPath($imagePath)) {
             return false;
         }
 
-        // Check local_secure is active
-        return $disk->exists($imagePath)
-            // Check the file is likely an image file
-            && str_starts_with($disk->mimeType($imagePath), 'image/');
+        if ($this->blockedBySecureImages()) {
+            return false;
+        }
+
+        return $this->imageFileExists($imagePath, 'gallery');
+    }
+
+    /**
+     * Check if the given image should be accessible to the current user.
+     */
+    public function imageAccessible(Image $image): bool
+    {
+        if ($this->storage->usingSecureRestrictedImages() && !$this->checkUserHasAccessToRelationOfImage($image)) {
+            return false;
+        }
+
+        if ($this->blockedBySecureImages()) {
+            return false;
+        }
+
+        return $this->imageFileExists($image->path, $image->type);
+    }
+
+    /**
+     * Check if the current user should be blocked from accessing images based on if secure images are enabled
+     * and if public access is enabled for the application.
+     */
+    protected function blockedBySecureImages(): bool
+    {
+        $enforced = $this->storage->usingSecureImages() && !setting('app-public');
+
+        return $enforced && user()->isGuest();
+    }
+
+    /**
+     * Check if the given image path exists for the given image type and that it is likely an image file.
+     */
+    protected function imageFileExists(string $imagePath, string $imageType): bool
+    {
+        $disk = $this->storage->getDisk($imageType);
+        return $disk->exists($imagePath) && str_starts_with($disk->mimeType($imagePath), 'image/');
     }
 
     /**
@@ -307,6 +333,11 @@ class ImageService
             return false;
         }
 
+        return $this->checkUserHasAccessToRelationOfImage($image);
+    }
+
+    protected function checkUserHasAccessToRelationOfImage(Image $image): bool
+    {
         $imageType = $image->type;
 
         // Allow user or system (logo) images

app/Uploads/ImageStorage.php

@@ -34,6 +34,15 @@ class ImageStorage
         return config('filesystems.images') === 'local_secure_restricted';
     }
 
+    /**
+     * Check if "local secure" (Fetched behind auth, either with or without permissions enforced)
+     * is currently active in the instance.
+     */
+    public function usingSecureImages(): bool
+    {
+        return config('filesystems.images') === 'local_secure' || $this->usingSecureRestrictedImages();
+    }
+
     /**
      * Clean up an image file name to be both URL and storage safe.
      */
@@ -65,7 +74,7 @@ class ImageStorage
             return 'local';
         }
 
-        // Rename local_secure options to get our image specific storage driver which
+        // Rename local_secure options to get our image-specific storage driver, which
         // is scoped to the relevant image directories.
         if ($localSecureInUse) {
             return 'local_secure_images';

composer.json

@@ -29,7 +29,7 @@
         "league/flysystem-aws-s3-v3": "^3.0",
         "league/html-to-markdown": "^5.0.0",
         "league/oauth2-client": "^2.6",
-        "onelogin/php-saml": "^4.0",
+        "onelogin/php-saml": "^4.3.1",
         "phpseclib/phpseclib": "^3.0",
         "pragmarx/google2fa": "^8.0",
         "predis/predis": "^3.2",
@@ -93,6 +93,7 @@
             "@php artisan view:clear"
         ],
         "refresh-test-database": [
+            "@putenv APP_TIMEZONE=UTC",
             "@php artisan migrate:refresh --database=mysql_testing",
             "@php artisan db:seed --class=DummyContentSeeder --database=mysql_testing"
         ]

database/seeders/DummyContentSeeder.php

@@ -13,7 +13,6 @@ use BookStack\Search\SearchIndex;
 use BookStack\Users\Models\Role;
 use BookStack\Users\Models\User;
 use Illuminate\Database\Eloquent\Relations\HasMany;
-use Illuminate\Database\Eloquent\Relations\Relation;
 use Illuminate\Database\Seeder;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\Hash;
@@ -23,10 +22,8 @@ class DummyContentSeeder extends Seeder
 {
     /**
      * Run the database seeds.
-     *
-     * @return void
      */
-    public function run()
+    public function run(): void
     {
         // Create an editor user
         $editorUser = User::factory()->create();

dev/docs/development.md

@@ -7,7 +7,7 @@ When it's time for a release the `development` branch is merged into release wit
 
 ## Building CSS & JavaScript Assets
 
-This project uses SASS for CSS development and this is built, along with the JavaScript, using a range of npm scripts. The below npm commands can be used to install the dependencies & run the build tasks:
+This project uses SASS for CSS development which is built, along with the JavaScript, using a range of npm scripts. The below npm commands can be used to install the dependencies & run the build tasks:
 
 ``` bash
 # Install NPM Dependencies

dev/docs/php-testing.md

@@ -4,7 +4,7 @@ BookStack has many test cases defined within the `tests/` directory of the app.
 
 ## Setup
 
-The application tests are mostly functional, rather than unit tests, meaning they simulate user actions and system components and therefore these require use of the database. To avoid potential conflicts within your development environment, the tests use a separate database. This is defined via a specific `mysql_testing` database connection in our configuration, and expects to use the following database access details:
+The application tests are mostly functional, rather than unit tests, meaning they simulate user actions and system components, and therefore these require use of the database. To avoid potential conflicts within your development environment, the tests use a separate database. This is defined via a specific `mysql_testing` database connection in our configuration, and expects to use the following database access details:
 
 - Host: `127.0.0.1`
 - Username: `bookstack-test`

dev/licensing/js-library-licenses.txt

@@ -1,16 +1,3 @@
-abab
-License: BSD-3-Clause
-License File: node_modules/abab/LICENSE.md
-Source: git+https://github.com/jsdom/abab.git
-Link: https://github.com/jsdom/abab#readme
------------
-acorn-globals
-License: MIT
-License File: node_modules/acorn-globals/LICENSE
-Copyright: Copyright (c) 2014 Forbes Lindesay
-Source: https://github.com/ForbesLindesay/acorn-globals.git
-Link: https://github.com/ForbesLindesay/acorn-globals.git
------------
 acorn-jsx
 License: MIT
 License File: node_modules/acorn-jsx/LICENSE
@@ -34,8 +21,10 @@ Link: https://github.com/acornjs/acorn
 -----------
 agent-base
 License: MIT
-Source: git://github.com/TooTallNate/node-agent-base.git
-Link: git://github.com/TooTallNate/node-agent-base.git
+License File: node_modules/agent-base/LICENSE
+Copyright: Copyright (c) 2013 Nathan Rajlich <******@***********.***>
+Source: https://github.com/TooTallNate/proxy-agents.git
+Link: https://github.com/TooTallNate/proxy-agents.git
 -----------
 ajv
 License: MIT
@@ -54,7 +43,7 @@ Link: sindresorhus/ansi-escapes
 ansi-regex
 License: MIT
 License File: node_modules/ansi-regex/license
-Copyright: Copyright (c) Sindre Sorhus <************@*****.***> (sindresorhus.com)
+Copyright: Copyright (c) Sindre Sorhus <************@*****.***> (https://sindresorhus.com)
 Source: chalk/ansi-regex
 Link: chalk/ansi-regex
 -----------
@@ -134,20 +123,6 @@ Copyright: Copyright (c) 2016 EduardoRFS
 Source: git+https://github.com/ljharb/async-function.git
 Link: https://github.com/ljharb/async-function#readme
 -----------
-async
-License: MIT
-License File: node_modules/async/LICENSE
-Copyright: Copyright (c) 2010-2018 Caolan McMahon
-Source: https://github.com/caolan/async.git
-Link: https://caolan.github.io/async/
------------
-asynckit
-License: MIT
-License File: node_modules/asynckit/LICENSE
-Copyright: Copyright (c) 2016 Alex Indigo
-Source: git+https://github.com/alexindigo/asynckit.git
-Link: https://github.com/alexindigo/asynckit#readme
------------
 available-typed-arrays
 License: MIT
 License File: node_modules/available-typed-arrays/LICENSE
@@ -318,7 +293,7 @@ ci-info
 License: MIT
 License File: node_modules/ci-info/LICENSE
 Copyright: Copyright (c) 2016 Thomas Watson Steen
-Source: https://github.com/watson/ci-info.git
+Source: github:watson/ci-info
 Link: https://github.com/watson/ci-info
 -----------
 cjs-module-lexer
@@ -369,13 +344,6 @@ License File: node_modules/color-name/LICENSE
 Source: git@github.com:colorjs/color-name.git
 Link: https://github.com/colorjs/color-name
 -----------
-combined-stream
-License: MIT
-License File: node_modules/combined-stream/License
-Copyright: Copyright (c) 2011 Debuggable Limited <*****@**********.***>
-Source: git://github.com/felixge/node-combined-stream.git
-Link: https://github.com/felixge/node-combined-stream
------------
 concat-map
 License: MIT
 License File: node_modules/concat-map/LICENSE
@@ -390,13 +358,6 @@ All rights reserved.
 Source: git://github.com/thlorenz/convert-source-map.git
 Link: https://github.com/thlorenz/convert-source-map
 -----------
-create-jest
-License: MIT
-License File: node_modules/create-jest/LICENSE
-Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
-Source: https://github.com/jestjs/jest.git
-Link: https://github.com/jestjs/jest.git
------------
 create-require
 License: MIT
 License File: node_modules/create-require/LICENSE
@@ -418,13 +379,6 @@ Copyright: Copyright (c) 2018 Made With MOXY Lda <*****@****.******>
 Source: git@github.com:moxystudio/node-cross-spawn.git
 Link: https://github.com/moxystudio/node-cross-spawn
 -----------
-cssom
-License: MIT
-License File: node_modules/cssom/LICENSE.txt
-Copyright: Copyright (c) Nikita Vasilyev
-Source: NV/CSSOM
-Link: NV/CSSOM
------------
 cssstyle
 License: MIT
 License File: node_modules/cssstyle/LICENSE
@@ -515,13 +469,6 @@ Copyright: Copyright (C) 2015 Jordan Harband
 Source: git://github.com/ljharb/define-properties.git
 Link: git://github.com/ljharb/define-properties.git
 -----------
-delayed-stream
-License: MIT
-License File: node_modules/delayed-stream/License
-Copyright: Copyright (c) 2011 Debuggable Limited <*****@**********.***>
-Source: git://github.com/felixge/node-delayed-stream.git
-Link: https://github.com/felixge/node-delayed-stream
------------
 detect-libc
 License: Apache-2.0
 License File: node_modules/detect-libc/LICENSE
@@ -535,13 +482,6 @@ Copyright: Copyright (c) Sindre Sorhus <************@*****.***> (sindresorhus.co
 Source: sindresorhus/detect-newline
 Link: sindresorhus/detect-newline
 -----------
-diff-sequences
-License: MIT
-License File: node_modules/diff-sequences/LICENSE
-Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
-Source: https://github.com/jestjs/jest.git
-Link: https://github.com/jestjs/jest.git
------------
 diff
 License: BSD-3-Clause
 License File: node_modules/diff/LICENSE
@@ -555,12 +495,6 @@ License File: node_modules/doctrine/LICENSE
 Source: eslint/doctrine
 Link: https://github.com/eslint/doctrine
 -----------
-domexception
-License: MIT
-License File: node_modules/domexception/LICENSE.txt
-Source: jsdom/domexception
-Link: jsdom/domexception
------------
 dunder-proto
 License: MIT
 License File: node_modules/dunder-proto/LICENSE
@@ -568,11 +502,10 @@ Copyright: Copyright (c) 2024 ECMAScript Shims
 Source: git+https://github.com/es-shims/dunder-proto.git
 Link: https://github.com/es-shims/dunder-proto#readme
 -----------
-ejs
-License: Apache-2.0
-License File: node_modules/ejs/LICENSE
-Source: git://github.com/mde/ejs.git
-Link: https://github.com/mde/ejs
+eastasianwidth
+License: MIT
+Source: git://github.com/komagata/eastasianwidth.git
+Link: git://github.com/komagata/eastasianwidth.git
 -----------
 electron-to-chromium
 License: ISC
@@ -679,13 +612,6 @@ Copyright: Copyright (c) Sindre Sorhus <************@*****.***> (https://sindres
 Source: sindresorhus/escape-string-regexp
 Link: sindresorhus/escape-string-regexp
 -----------
-escodegen
-License: BSD-2-Clause
-License File: node_modules/escodegen/LICENSE.BSD
-Copyright: Copyright (C) 2012 Yusuke Suzuki (twitter: @Constellation) and other contributors.
-Source: http://github.com/estools/escodegen.git
-Link: http://github.com/estools/escodegen
------------
 eslint-import-resolver-node
 License: MIT
 License File: node_modules/eslint-import-resolver-node/LICENSE
@@ -772,9 +698,10 @@ Copyright: Copyright (c) Sindre Sorhus <************@*****.***> (https://sindres
 Source: sindresorhus/execa
 Link: sindresorhus/execa
 -----------
-exit
-Source: git://github.com/cowboy/node-exit.git
-Link: https://github.com/cowboy/node-exit
+exit-x
+License: MIT
+Source: git://github.com/gruntjs/node-exit-x.git
+Link: https://github.com/gruntjs/node-exit-x
 -----------
 expect
 License: MIT
@@ -817,11 +744,6 @@ Copyright: Copyright (c) Roy Riojas & Jared Wray
 Source: jaredwray/file-entry-cache
 Link: jaredwray/file-entry-cache
 -----------
-filelist
-License: Apache-2.0
-Source: git://github.com/mde/filelist.git
-Link: https://github.com/mde/filelist
------------
 fill-range
 License: MIT
 License File: node_modules/fill-range/LICENSE
@@ -857,12 +779,12 @@ Copyright: Copyright (c) 2012 Raynos.
 Source: https://github.com/Raynos/for-each.git
 Link: https://github.com/Raynos/for-each
 -----------
-form-data
-License: MIT
-License File: node_modules/form-data/License
-Copyright: Copyright (c) 2012 Felix Geisendörfer (*****@**********.***) and contributors
-Source: git://github.com/form-data/form-data.git
-Link: git://github.com/form-data/form-data.git
+foreground-child
+License: ISC
+License File: node_modules/foreground-child/LICENSE
+Copyright: Copyright (c) 2015-2023 Isaac Z. Schlueter and Contributors
+Source: git+https://github.com/tapjs/foreground-child.git
+Link: git+https://github.com/tapjs/foreground-child.git
 -----------
 fs.realpath
 License: ISC
@@ -951,7 +873,7 @@ Link: gulpjs/glob-parent
 glob
 License: ISC
 License File: node_modules/glob/LICENSE
-Copyright: Copyright (c) Isaac Z. Schlueter and Contributors
+Copyright: Copyright (c) 2009-2023 Isaac Z. Schlueter and Contributors
 Source: git://github.com/isaacs/node-glob.git
 Link: git://github.com/isaacs/node-glob.git
 -----------
@@ -983,6 +905,13 @@ Copyright: Copyright (c) 2011-2022 Isaac Z. Schlueter, Ben Noordhuis, and Contri
 Source: https://github.com/isaacs/node-graceful-fs
 Link: https://github.com/isaacs/node-graceful-fs
 -----------
+handlebars
+License: MIT
+License File: node_modules/handlebars/LICENSE
+Copyright: Copyright (C) 2011-2019 by Yehuda Katz
+Source: https://github.com/handlebars-lang/handlebars.js.git
+Link: https://www.handlebarsjs.com/
+-----------
 has-bigints
 License: MIT
 License File: node_modules/has-bigints/LICENSE
@@ -1054,13 +983,17 @@ Link: https://github.com/WebReflection/html-escaper
 -----------
 http-proxy-agent
 License: MIT
-Source: git://github.com/TooTallNate/node-http-proxy-agent.git
-Link: git://github.com/TooTallNate/node-http-proxy-agent.git
+License File: node_modules/http-proxy-agent/LICENSE
+Copyright: Copyright (c) 2013 Nathan Rajlich <******@***********.***>
+Source: https://github.com/TooTallNate/proxy-agents.git
+Link: https://github.com/TooTallNate/proxy-agents.git
 -----------
 https-proxy-agent
 License: MIT
-Source: git://github.com/TooTallNate/node-https-proxy-agent.git
-Link: git://github.com/TooTallNate/node-https-proxy-agent.git
+License File: node_modules/https-proxy-agent/LICENSE
+Copyright: Copyright (c) 2013 Nathan Rajlich <******@***********.***>
+Source: https://github.com/TooTallNate/proxy-agents.git
+Link: https://github.com/TooTallNate/proxy-agents.git
 -----------
 human-signals
 License: Apache-2.0
@@ -1398,10 +1331,11 @@ Copyright: Copyright 2012-2015 Yahoo! Inc.
 Source: git+ssh://git@github.com/istanbuljs/istanbuljs.git
 Link: https://istanbul.js.org/
 -----------
-jake
-License: Apache-2.0
-Source: git://github.com/jakejs/jake.git
-Link: git://github.com/jakejs/jake.git
+jackspeak
+License: BlueOak-1.0.0
+License File: node_modules/jackspeak/LICENSE.md
+Source: git+https://github.com/isaacs/jackspeak.git
+Link: git+https://github.com/isaacs/jackspeak.git
 -----------
 jest-changed-files
 License: MIT
@@ -1466,13 +1400,6 @@ Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
 Source: https://github.com/jestjs/jest.git
 Link: https://github.com/jestjs/jest.git
 -----------
-jest-get-type
-License: MIT
-License File: node_modules/jest-get-type/LICENSE
-Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
-Source: https://github.com/jestjs/jest.git
-Link: https://github.com/jestjs/jest.git
------------
 jest-haste-map
 License: MIT
 License File: node_modules/jest-haste-map/LICENSE
@@ -1608,8 +1535,8 @@ jsdom
 License: MIT
 License File: node_modules/jsdom/LICENSE.txt
 Copyright: Copyright (c) 2010 Elijah Insua
-Source: jsdom/jsdom
-Link: jsdom/jsdom
+Source: git+https://github.com/jsdom/jsdom.git
+Link: git+https://github.com/jsdom/jsdom.git
 -----------
 jsesc
 License: MIT
@@ -1664,13 +1591,6 @@ License: MIT
 Source: git+https://github.com/jaredwray/keyv.git
 Link: https://github.com/jaredwray/keyv
 -----------
-kleur
-License: MIT
-License File: node_modules/kleur/license
-Copyright: Copyright (c) Luke Edwards <****.*********@*****.***> (lukeed.com)
-Source: lukeed/kleur
-Link: lukeed/kleur
------------
 leven
 License: MIT
 License File: node_modules/leven/license
@@ -1827,22 +1747,6 @@ Copyright: Copyright (c) 2014-present, Jon Schlinkert.
 Source: micromatch/micromatch
 Link: https://github.com/micromatch/micromatch
 -----------
-mime-db
-License: MIT
-License File: node_modules/mime-db/LICENSE
-Copyright: Copyright (c) 2014 Jonathan Ong <**@***********.***>
-Copyright (c) 2015-2022 Douglas Christopher Wilson <****@*************.***>
-Source: jshttp/mime-db
-Link: jshttp/mime-db
------------
-mime-types
-License: MIT
-License File: node_modules/mime-types/LICENSE
-Copyright: Copyright (c) 2014 Jonathan Ong <**@***********.***>
-Copyright (c) 2015 Douglas Christopher Wilson <****@*************.***>
-Source: jshttp/mime-types
-Link: jshttp/mime-types
------------
 mimic-fn
 License: MIT
 License File: node_modules/mimic-fn/license
@@ -1863,6 +1767,13 @@ License File: node_modules/minimist/LICENSE
 Source: git://github.com/minimistjs/minimist.git
 Link: https://github.com/minimistjs/minimist
 -----------
+minipass
+License: ISC
+License File: node_modules/minipass/LICENSE
+Copyright: Copyright (c) 2017-2023 npm, Inc., Isaac Z. Schlueter, and Contributors
+Source: https://github.com/isaacs/minipass
+Link: https://github.com/isaacs/minipass
+-----------
 ms
 License: MIT
 License File: node_modules/ms/license.md
@@ -1870,11 +1781,26 @@ Copyright: Copyright (c) 2020 Vercel, Inc.
 Source: vercel/ms
 Link: vercel/ms
 -----------
+napi-postinstall
+License: MIT
+License File: node_modules/napi-postinstall/LICENSE
+Copyright: Copyright (c) 2021-present UnTS
+Source: git+https://github.com/un-ts/napi-postinstall.git
+Link: git+https://github.com/un-ts/napi-postinstall.git
+-----------
 natural-compare
 License: MIT
 Source: git://github.com/litejs/natural-compare-lite.git
 Link: git://github.com/litejs/natural-compare-lite.git
 -----------
+neo-async
+License: MIT
+License File: node_modules/neo-async/LICENSE
+Copyright: Copyright (c) 2014-2018 Suguru Motegi
+Based on Async.js, Copyright Caolan McMahon
+Source: git@github.com:suguru03/neo-async.git
+Link: https://github.com/suguru03/neo-async
+-----------
 nice-try
 License: MIT
 License File: node_modules/nice-try/LICENSE
@@ -2038,6 +1964,12 @@ Copyright: Copyright (c) Sindre Sorhus <************@*****.***> (sindresorhus.co
 Source: sindresorhus/p-try
 Link: sindresorhus/p-try
 -----------
+package-json-from-dist
+License: BlueOak-1.0.0
+License File: node_modules/package-json-from-dist/LICENSE.md
+Source: git+https://github.com/isaacs/package-json-from-dist.git
+Link: git+https://github.com/isaacs/package-json-from-dist.git
+-----------
 parent-module
 License: MIT
 License File: node_modules/parent-module/license
@@ -2087,6 +2019,12 @@ Copyright: Copyright (c) 2015 Javier Blanco
 Source: https://github.com/jbgutierrez/path-parse.git
 Link: https://github.com/jbgutierrez/path-parse#readme
 -----------
+path-scurry
+License: BlueOak-1.0.0
+License File: node_modules/path-scurry/LICENSE.md
+Source: git+https://github.com/isaacs/path-scurry
+Link: git+https://github.com/isaacs/path-scurry
+-----------
 path-type
 License: MIT
 License File: node_modules/path-type/license
@@ -2157,20 +2095,6 @@ Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
 Source: https://github.com/jestjs/jest.git
 Link: https://github.com/jestjs/jest.git
 -----------
-prompts
-License: MIT
-License File: node_modules/prompts/license
-Copyright: Copyright (c) 2018 Terkel Gjervig Nielsen
-Source: terkelg/prompts
-Link: terkelg/prompts
------------
-psl
-License: MIT
-License File: node_modules/psl/LICENSE
-Copyright: Copyright (c) 2017 Lupo Montero ***********@*****.***
-Source: git@github.com:lupomontero/psl.git
-Link: git@github.com:lupomontero/psl.git
------------
 punycode.js
 License: MIT
 License File: node_modules/punycode.js/LICENSE-MIT.txt
@@ -2190,13 +2114,6 @@ Copyright: Copyright (c) 2018 Nicolas DUBIEN
 Source: git+https://github.com/dubzzz/pure-rand.git
 Link: https://github.com/dubzzz/pure-rand#readme
 -----------
-querystringify
-License: MIT
-License File: node_modules/querystringify/LICENSE
-Copyright: Copyright (c) 2015 Unshift.io, Arnout Kazemier,  the Contributors.
-Source: https://github.com/unshiftio/querystringify
-Link: https://github.com/unshiftio/querystringify
------------
 react-is
 License: MIT
 License File: node_modules/react-is/LICENSE
@@ -2246,13 +2163,6 @@ Copyright: Copyright (c) 2016, Contributors
 Source: git+ssh://git@github.com/yargs/require-main-filename.git
 Link: https://github.com/yargs/require-main-filename#readme
 -----------
-requires-port
-License: MIT
-License File: node_modules/requires-port/LICENSE
-Copyright: Copyright (c) 2015 Unshift.io, Arnout Kazemier,  the Contributors.
-Source: https://github.com/unshiftio/requires-port
-Link: https://github.com/unshiftio/requires-port
------------
 resolve-cwd
 License: MIT
 License File: node_modules/resolve-cwd/license
@@ -2267,13 +2177,6 @@ Copyright: Copyright (c) Sindre Sorhus <************@*****.***> (sindresorhus.co
 Source: sindresorhus/resolve-from
 Link: sindresorhus/resolve-from
 -----------
-resolve.exports
-License: MIT
-License File: node_modules/resolve.exports/license
-Copyright: Copyright (c) Luke Edwards <****.*********@*****.***> (lukeed.com)
-Source: lukeed/resolve.exports
-Link: lukeed/resolve.exports
------------
 resolve
 License: MIT
 License File: node_modules/resolve/LICENSE
@@ -2281,6 +2184,13 @@ Copyright: Copyright (c) 2012 James Halliday
 Source: git://github.com/browserify/resolve.git
 Link: git://github.com/browserify/resolve.git
 -----------
+rrweb-cssom
+License: MIT
+License File: node_modules/rrweb-cssom/LICENSE.txt
+Copyright: Copyright (c) Nikita Vasilyev
+Source: rrweb-io/CSSOM
+Link: rrweb-io/CSSOM
+-----------
 safe-array-concat
 License: MIT
 License File: node_modules/safe-array-concat/LICENSE
@@ -2412,13 +2322,6 @@ Copyright: Copyright (c) 2015, Contributors
 Source: https://github.com/tapjs/signal-exit.git
 Link: https://github.com/tapjs/signal-exit
 -----------
-sisteransi
-License: MIT
-License File: node_modules/sisteransi/license
-Copyright: Copyright (c) 2018 Terkel Gjervig Nielsen
-Source: https://github.com/terkelg/sisteransi
-Link: https://github.com/terkelg/sisteransi
------------
 slash
 License: MIT
 License File: node_modules/slash/license
@@ -2516,6 +2419,13 @@ Link: sindresorhus/string-length
 -----------
 string-width
 License: MIT
+License File: node_modules/string-width-cjs/license
+Copyright: Copyright (c) Sindre Sorhus <************@*****.***> (sindresorhus.com)
+Source: sindresorhus/string-width
+Link: sindresorhus/string-width
+-----------
+string-width
+License: MIT
 License File: node_modules/string-width/license
 Copyright: Copyright (c) Sindre Sorhus <************@*****.***> (sindresorhus.com)
 Source: sindresorhus/string-width
@@ -2551,11 +2461,18 @@ Link: git://github.com/es-shims/String.prototype.trimStart.git
 -----------
 strip-ansi
 License: MIT
-License File: node_modules/strip-ansi/license
+License File: node_modules/strip-ansi-cjs/license
 Copyright: Copyright (c) Sindre Sorhus <************@*****.***> (sindresorhus.com)
 Source: chalk/strip-ansi
 Link: chalk/strip-ansi
 -----------
+strip-ansi
+License: MIT
+License File: node_modules/strip-ansi/license
+Copyright: Copyright (c) Sindre Sorhus <************@*****.***> (https://sindresorhus.com)
+Source: chalk/strip-ansi
+Link: chalk/strip-ansi
+-----------
 strip-bom
 License: MIT
 License File: node_modules/strip-bom/license
@@ -2605,6 +2522,13 @@ Copyright: Copyright (c) 2015 Joris van der Wel
 Source: https://github.com/jsdom/js-symbol-tree.git
 Link: https://github.com/jsdom/js-symbol-tree#symbol-tree
 -----------
+synckit
+License: MIT
+License File: node_modules/synckit/LICENSE
+Copyright: Copyright (c) 2021 UnTS
+Source: https://github.com/un-ts/synckit.git
+Link: https://github.com/un-ts/synckit.git
+-----------
 test-exclude
 License: ISC
 License File: node_modules/test-exclude/LICENSE.txt
@@ -2612,6 +2536,20 @@ Copyright: Copyright (c) 2016, Contributors
 Source: git+https://github.com/istanbuljs/test-exclude.git
 Link: https://istanbul.js.org/
 -----------
+tldts-core
+License: MIT
+License File: node_modules/tldts-core/LICENSE
+Copyright: Copyright (c) 2017 Thomas Parisot, 2018 Rémi Berson
+Source: git+ssh://git@github.com/remusao/tldts.git
+Link: https://github.com/remusao/tldts#readme
+-----------
+tldts
+License: MIT
+License File: node_modules/tldts/LICENSE
+Copyright: Copyright (c) 2017 Thomas Parisot, 2018 Rémi Berson
+Source: git+ssh://git@github.com/remusao/tldts.git
+Link: https://github.com/remusao/tldts#readme
+-----------
 tmpl
 License: BSD-3-Clause
 License File: node_modules/tmpl/license
@@ -2722,6 +2660,13 @@ License File: node_modules/uc.micro/LICENSE.txt
 Source: markdown-it/uc.micro
 Link: markdown-it/uc.micro
 -----------
+uglify-js
+License: BSD-2-Clause
+License File: node_modules/uglify-js/LICENSE
+Copyright: Copyright 2012-2024 (c) Mihai Bazon <*****.*****@*****.***>
+Source: mishoo/UglifyJS
+Link: mishoo/UglifyJS
+-----------
 unbox-primitive
 License: MIT
 License File: node_modules/unbox-primitive/LICENSE
@@ -2736,12 +2681,10 @@ Copyright: Copyright (c) Matteo Collina and Undici contributors
 Source: git+https://github.com/nodejs/undici.git
 Link: https://undici.nodejs.org
 -----------
-universalify
+unrs-resolver
 License: MIT
-License File: node_modules/universalify/LICENSE
-Copyright: Copyright (c) 2017, Ryan Zimmerman <*******@*******.***>
-Source: git+https://github.com/RyanZim/universalify.git
-Link: https://github.com/RyanZim/universalify#readme
+Source: git+https://github.com/unrs/unrs-resolver.git
+Link: https://github.com/unrs/unrs-resolver#readme
 -----------
 update-browserslist-db
 License: MIT
@@ -2757,13 +2700,6 @@ Copyright: Copyright 2011 Gary Court. All rights reserved.
 Source: http://github.com/garycourt/uri-js
 Link: https://github.com/garycourt/uri-js
 -----------
-url-parse
-License: MIT
-License File: node_modules/url-parse/LICENSE
-Copyright: Copyright (c) 2015 Unshift.io, Arnout Kazemier,  the Contributors.
-Source: https://github.com/unshiftio/url-parse.git
-Link: https://github.com/unshiftio/url-parse.git
------------
 v8-compile-cache-lib
 License: MIT
 License File: node_modules/v8-compile-cache-lib/LICENSE
@@ -2880,6 +2816,19 @@ Copyright: Copyright (c) 2014-2016, Jon Schlinkert
 Source: jonschlinkert/word-wrap
 Link: https://github.com/jonschlinkert/word-wrap
 -----------
+wordwrap
+License: MIT
+License File: node_modules/wordwrap/LICENSE
+Source: git://github.com/substack/node-wordwrap.git
+Link: git://github.com/substack/node-wordwrap.git
+-----------
+wrap-ansi
+License: MIT
+License File: node_modules/wrap-ansi-cjs/license
+Copyright: Copyright (c) Sindre Sorhus <************@*****.***> (https://sindresorhus.com)
+Source: chalk/wrap-ansi
+Link: chalk/wrap-ansi
+-----------
 wrap-ansi
 License: MIT
 License File: node_modules/wrap-ansi/license
@@ -2971,6 +2920,31 @@ License File: node_modules/@ampproject/remapping/LICENSE
 Source: git+https://github.com/ampproject/remapping.git
 Link: git+https://github.com/ampproject/remapping.git
 -----------
+@asamuzakjp/css-color
+License: MIT
+License File: node_modules/@asamuzakjp/css-color/LICENSE
+Copyright: Copyright (c) 2024 asamuzaK (Kazz)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+Source: git+https://github.com/asamuzaK/cssColor.git
+Link: https://github.com/asamuzaK/cssColor#readme
+-----------
 @babel/code-frame
 License: MIT
 License File: node_modules/@babel/code-frame/LICENSE
@@ -3335,6 +3309,40 @@ Copyright: Copyright (c) 2014 Evan Wallace
 Source: https://github.com/cspotcode/node-source-map-support
 Link: https://github.com/cspotcode/node-source-map-support
 -----------
+@csstools/color-helpers
+License: MIT-0
+License File: node_modules/@csstools/color-helpers/LICENSE.md
+Source: git+https://github.com/csstools/postcss-plugins.git
+Link: https://github.com/csstools/postcss-plugins/tree/main/packages/color-helpers#readme
+-----------
+@csstools/css-calc
+License: MIT
+License File: node_modules/@csstools/css-calc/LICENSE.md
+Copyright: Copyright 2022 Romain Menke, Antonio Laguna <*******@******.**>
+Source: git+https://github.com/csstools/postcss-plugins.git
+Link: https://github.com/csstools/postcss-plugins/tree/main/packages/css-calc#readme
+-----------
+@csstools/css-color-parser
+License: MIT
+License File: node_modules/@csstools/css-color-parser/LICENSE.md
+Copyright: Copyright 2022 Romain Menke, Antonio Laguna <*******@******.**>
+Source: git+https://github.com/csstools/postcss-plugins.git
+Link: https://github.com/csstools/postcss-plugins/tree/main/packages/css-color-parser#readme
+-----------
+@csstools/css-parser-algorithms
+License: MIT
+License File: node_modules/@csstools/css-parser-algorithms/LICENSE.md
+Copyright: Copyright 2022 Romain Menke, Antonio Laguna <*******@******.**>
+Source: git+https://github.com/csstools/postcss-plugins.git
+Link: https://github.com/csstools/postcss-plugins/tree/main/packages/css-parser-algorithms#readme
+-----------
+@csstools/css-tokenizer
+License: MIT
+License File: node_modules/@csstools/css-tokenizer/LICENSE.md
+Copyright: Copyright 2022 Romain Menke, Antonio Laguna <*******@******.**>
+Source: git+https://github.com/csstools/postcss-plugins.git
+Link: https://github.com/csstools/postcss-plugins/tree/main/packages/css-tokenizer#readme
+-----------
 @esbuild/linux-x64
 License: MIT
 Source: git+https://github.com/evanw/esbuild.git
@@ -3420,6 +3428,13 @@ License File: node_modules/@humanwhocodes/retry/LICENSE
 Source: git+https://github.com/humanwhocodes/retry.git
 Link: git+https://github.com/humanwhocodes/retry.git
 -----------
+@isaacs/cliui
+License: ISC
+License File: node_modules/@isaacs/cliui/LICENSE.txt
+Copyright: Copyright (c) 2015, Contributors
+Source: yargs/cliui
+Link: yargs/cliui
+-----------
 @istanbuljs/load-nyc-config
 License: ISC
 License File: node_modules/@istanbuljs/load-nyc-config/LICENSE
@@ -3448,6 +3463,20 @@ Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
 Source: https://github.com/jestjs/jest.git
 Link: https://jestjs.io/
 -----------
+@jest/diff-sequences
+License: MIT
+License File: node_modules/@jest/diff-sequences/LICENSE
+Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
+Source: https://github.com/jestjs/jest.git
+Link: https://github.com/jestjs/jest.git
+-----------
+@jest/environment-jsdom-abstract
+License: MIT
+License File: node_modules/@jest/environment-jsdom-abstract/LICENSE
+Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
+Source: https://github.com/jestjs/jest.git
+Link: https://github.com/jestjs/jest.git
+-----------
 @jest/environment
 License: MIT
 License File: node_modules/@jest/environment/LICENSE
@@ -3476,6 +3505,13 @@ Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
 Source: https://github.com/jestjs/jest.git
 Link: https://github.com/jestjs/jest.git
 -----------
+@jest/get-type
+License: MIT
+License File: node_modules/@jest/get-type/LICENSE
+Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
+Source: https://github.com/jestjs/jest.git
+Link: https://github.com/jestjs/jest.git
+-----------
 @jest/globals
 License: MIT
 License File: node_modules/@jest/globals/LICENSE
@@ -3483,6 +3519,13 @@ Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
 Source: https://github.com/jestjs/jest.git
 Link: https://github.com/jestjs/jest.git
 -----------
+@jest/pattern
+License: MIT
+License File: node_modules/@jest/pattern/LICENSE
+Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
+Source: https://github.com/jestjs/jest.git
+Link: https://github.com/jestjs/jest.git
+-----------
 @jest/reporters
 License: MIT
 License File: node_modules/@jest/reporters/LICENSE
@@ -3497,6 +3540,13 @@ Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
 Source: https://github.com/jestjs/jest.git
 Link: https://github.com/jestjs/jest.git
 -----------
+@jest/snapshot-utils
+License: MIT
+License File: node_modules/@jest/snapshot-utils/LICENSE
+Copyright: Copyright (c) Meta Platforms, Inc. and affiliates.
+Source: https://github.com/jestjs/jest.git
+Link: https://github.com/jestjs/jest.git
+-----------
 @jest/source-map
 License: MIT
 License File: node_modules/@jest/source-map/LICENSE
@@ -3665,6 +3715,17 @@ Copyright: Copyright (c) 2017-present Devon Govett
 Source: https://github.com/parcel-bundler/watcher.git
 Link: https://github.com/parcel-bundler/watcher.git
 -----------
+@pkgjs/parseargs
+License: MIT
+License File: node_modules/@pkgjs/parseargs/LICENSE
+Source: git@github.com:pkgjs/parseargs.git
+Link: https://github.com/pkgjs/parseargs#readme
+-----------
+@pkgr/core
+License: MIT
+Source: git+https://github.com/un-ts/pkgr.git
+Link: https://github.com/un-ts/pkgr/blob/master/packages/core
+-----------
 @rtsao/scc
 License: MIT
 License File: node_modules/@rtsao/scc/LICENSE
@@ -3690,7 +3751,7 @@ Link: https://github.com/sinonjs/commons#readme
 License: BSD-3-Clause
 License File: node_modules/@sinonjs/fake-timers/LICENSE
 Copyright: Copyright (c) 2010-2014, Christian Johansen, *********@*********.**. All rights reserved.
-Source: https://github.com/sinonjs/fake-timers.git
+Source: git+https://github.com/sinonjs/fake-timers.git
 Link: https://github.com/sinonjs/fake-timers
 -----------
 @ssddanbrown/codemirror-lang-smarty
@@ -3703,13 +3764,6 @@ License: MIT
 License File: node_modules/@ssddanbrown/codemirror-lang-twig/LICENSE
 Copyright: Copyright (C) 2023 by Dan Brown, Marijn Haverbeke and others
 -----------
-@tootallnate/once
-License: MIT
-License File: node_modules/@tootallnate/once/LICENSE
-Copyright: Copyright (c) 2020 Nathan Rajlich
-Source: git://github.com/TooTallNate/once.git
-Link: git://github.com/TooTallNate/once.git
------------
 @tsconfig/node10
 License: MIT
 License File: node_modules/@tsconfig/node10/LICENSE
@@ -3773,13 +3827,6 @@ Copyright: Copyright (c) Microsoft Corporation.
 Source: https://github.com/DefinitelyTyped/DefinitelyTyped.git
 Link: https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/estree
 -----------
-@types/graceful-fs
-License: MIT
-License File: node_modules/@types/graceful-fs/LICENSE
-Copyright: Copyright (c) Microsoft Corporation.
-Source: https://github.com/DefinitelyTyped/DefinitelyTyped.git
-Link: https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/graceful-fs
------------
 @types/istanbul-lib-coverage
 License: MIT
 License File: node_modules/@types/istanbul-lib-coverage/LICENSE
@@ -3889,3 +3936,20 @@ License File: node_modules/@types/yargs/LICENSE
 Copyright: Copyright (c) Microsoft Corporation.
 Source: https://github.com/DefinitelyTyped/DefinitelyTyped.git
 Link: https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/yargs
+-----------
+@ungap/structured-clone
+License: ISC
+License File: node_modules/@ungap/structured-clone/LICENSE
+Copyright: Copyright (c) 2021, Andrea Giammarchi, @WebReflection
+Source: git+https://github.com/ungap/structured-clone.git
+Link: https://github.com/ungap/structured-clone#readme
+-----------
+@unrs/resolver-binding-linux-x64-gnu
+License: MIT
+Source: git+https://github.com/unrs/unrs-resolver.git
+Link: https://github.com/unrs/unrs-resolver#readme
+-----------
+@unrs/resolver-binding-linux-x64-musl
+License: MIT
+Source: git+https://github.com/unrs/unrs-resolver.git
+Link: https://github.com/unrs/unrs-resolver#readme

dev/licensing/php-library-licenses.txt

@@ -13,7 +13,7 @@ Link: http://aws.amazon.com/sdkforphp
 bacon/bacon-qr-code
 License: BSD-2-Clause
 License File: vendor/bacon/bacon-qr-code/LICENSE
-Copyright: Copyright (c) 2017, Ben Scholzen 'DASPRiD'
+Copyright: Copyright (c) 2017-present, Ben Scholzen 'DASPRiD'
 All rights reserved.
 Source: https://github.com/Bacon/BaconQrCode.git
 Link: https://github.com/Bacon/BaconQrCode
@@ -176,7 +176,7 @@ License: MIT
 License File: vendor/intervention/image/LICENSE
 Copyright: Copyright (c) 2013-present Oliver Vogel
 Source: https://github.com/Intervention/image.git
-Link: https://image.intervention.io/
+Link: https://image.intervention.io
 -----------
 knplabs/knp-snappy
 License: MIT
@@ -592,6 +592,13 @@ Copyright: Copyright (c) 2018-present Fabien Potencier
 Source: https://github.com/symfony/event-dispatcher-contracts.git
 Link: https://symfony.com
 -----------
+symfony/filesystem
+License: MIT
+License File: vendor/symfony/filesystem/LICENSE
+Copyright: Copyright (c) 2004-present Fabien Potencier
+Source: https://github.com/symfony/filesystem.git
+Link: https://symfony.com
+-----------
 symfony/finder
 License: MIT
 License File: vendor/symfony/finder/LICENSE

lang/sq/common.php

@@ -89,8 +89,8 @@ return [
     'homepage' => 'Homepage',
     'header_menu_expand' => 'Expand Header Menu',
     'profile_menu' => 'Profile Menu',
-    'view_profile' => 'View Profile',
-    'edit_profile' => 'Edit Profile',
+    'view_profile' => 'Shiko profilin',
+    'edit_profile' => 'Ndrysho profilin',
     'dark_mode' => 'Dark Mode',
     'light_mode' => 'Light Mode',
     'global_search' => 'Global Search',

tests/Activity/CommentsApiTest.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Activity;
+namespace Tests\Activity;
 
 use BookStack\Activity\Models\Comment;
 use BookStack\Permissions\Permission;

tests/Api/ApiDocsTest.php

@@ -22,7 +22,7 @@ class ApiDocsTest extends TestCase
         $resp->assertStatus(200);
         $resp->assertSee(url('/api/docs.json'));
         $resp->assertSee('Show a JSON view of the API docs data.');
-        $resp->assertHeader('Content-Type', 'text/html; charset=UTF-8');
+        $resp->assertHeader('Content-Type', 'text/html; charset=utf-8');
     }
 
     public function test_docs_json_endpoint_returns_json()

tests/Auth/OidcTest.php

@@ -138,7 +138,7 @@ class OidcTest extends TestCase
     {
         // Start auth
         $this->post('/oidc/login');
-        $state = session()->get('oidc_state');
+        $state = explode(':', session()->get('oidc_state'), 2)[1];
 
         $transactions = $this->mockHttpClient([$this->getMockAuthorizationResponse([
             'email' => 'benny@example.com',
@@ -190,6 +190,35 @@ class OidcTest extends TestCase
         $this->assertSessionError('Login using SingleSignOn-Testing failed, system did not provide successful authorization');
     }
 
+    public function test_callback_works_even_if_other_request_made_by_session()
+    {
+        $this->mockHttpClient([$this->getMockAuthorizationResponse([
+            'email' => 'benny@example.com',
+            'sub'   => 'benny1010101',
+        ])]);
+
+        $this->post('/oidc/login');
+        $state = explode(':', session()->get('oidc_state'), 2)[1];
+
+        $this->get('/');
+
+        $resp = $this->get("/oidc/callback?code=SplxlOBeZQQYbYS6WxSbIA&state={$state}");
+        $resp->assertRedirect('/');
+    }
+
+    public function test_callback_fails_if_state_timestamp_is_too_old()
+    {
+        $this->post('/oidc/login');
+        $state = explode(':', session()->get('oidc_state'), 2)[1];
+        session()->put('oidc_state', (time() - 60 * 4) . ':' . $state);
+
+        $this->get('/');
+
+        $resp = $this->get("/oidc/callback?code=SplxlOBeZQQYbYS6WxSbIA&state={$state}");
+        $resp->assertRedirect('/login');
+        $this->assertSessionError('Login using SingleSignOn-Testing failed, system did not provide successful authorization');
+    }
+
     public function test_dump_user_details_option_outputs_as_expected()
     {
         config()->set('oidc.dump_user_details', true);
@@ -797,7 +826,7 @@ class OidcTest extends TestCase
     {
         // Start auth
         $resp = $this->post('/oidc/login');
-        $state = session()->get('oidc_state');
+        $state = explode(':', session()->get('oidc_state'), 2)[1];
 
         $pkceCode = session()->get('oidc_pkce_code');
         $this->assertGreaterThan(30, strlen($pkceCode));
@@ -825,7 +854,7 @@ class OidcTest extends TestCase
     {
         config()->set('oidc.display_name_claims', 'first_name|last_name');
         $this->post('/oidc/login');
-        $state = session()->get('oidc_state');
+        $state = explode(':', session()->get('oidc_state'), 2)[1];
 
         $client = $this->mockHttpClient([
             $this->getMockAuthorizationResponse(['name' => null]),
@@ -973,7 +1002,7 @@ class OidcTest extends TestCase
         ]);
 
         $this->post('/oidc/login');
-        $state = session()->get('oidc_state');
+        $state = explode(':', session()->get('oidc_state'), 2)[1];
         $client = $this->mockHttpClient([$this->getMockAuthorizationResponse([
             'groups' => [],
         ])]);
@@ -999,7 +1028,7 @@ class OidcTest extends TestCase
     protected function runLogin($claimOverrides = [], $additionalHttpResponses = []): TestResponse
     {
         $this->post('/oidc/login');
-        $state = session()->get('oidc_state');
+        $state = explode(':', session()->get('oidc_state'), 2)[1] ?? '';
         $this->mockHttpClient([$this->getMockAuthorizationResponse($claimOverrides), ...$additionalHttpResponses]);
 
         return $this->get('/oidc/callback?code=SplxlOBeZQQYbYS6WxSbIA&state=' . $state);

tests/Auth/Saml2Test.php

@@ -36,7 +36,7 @@ class Saml2Test extends TestCase
     public function test_metadata_endpoint_displays_xml_as_expected()
     {
         $req = $this->get('/saml2/metadata');
-        $req->assertHeader('Content-Type', 'text/xml; charset=UTF-8');
+        $req->assertHeader('Content-Type', 'text/xml; charset=utf-8');
         $req->assertSee('md:EntityDescriptor');
         $req->assertSee(url('/saml2/acs'));
     }
@@ -51,7 +51,7 @@ class Saml2Test extends TestCase
 
         $req = $this->get('/saml2/metadata');
         $req->assertOk();
-        $req->assertHeader('Content-Type', 'text/xml; charset=UTF-8');
+        $req->assertHeader('Content-Type', 'text/xml; charset=utf-8');
         $req->assertSee('md:EntityDescriptor');
     }
 

tests/Entity/EntityQueryTest.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Entity;
+namespace Tests\Entity;
 
 use BookStack\Entities\Models\Book;
 use Illuminate\Database\Eloquent\Builder;

tests/Exports/ZipExportTest.php

@@ -374,6 +374,54 @@ class ZipExportTest extends TestCase
         $this->assertStringContainsString("<a href=\"{$ref}\">Original URL</a><a href=\"{$ref}\">Storage URL</a>", $pageData['html']);
     }
 
+    public function test_orphaned_images_can_be_used_on_default_local_storage()
+    {
+        $this->asEditor();
+        $page = $this->entities->page();
+        $result = $this->files->uploadGalleryImageToPage($this, $page);
+        $displayThumb = $result['response']->thumbs->gallery ?? '';
+        $page->html = '<p><img src="' . $displayThumb . '" alt="My image"></p>';
+        $page->save();
+
+        $image = Image::findOrFail($result['response']->id);
+        $image->uploaded_to = null;
+        $image->save();
+
+        $zipResp = $this->asEditor()->get($page->getUrl("/export/zip"));
+        $zipResp->assertOk();
+        $zip = ZipTestHelper::extractFromZipResponse($zipResp);
+        $pageData = $zip->data['page'];
+
+        $this->assertCount(1, $pageData['images']);
+        $imageData = $pageData['images'][0];
+        $this->assertEquals($image->id, $imageData['id']);
+
+        $this->assertEquals('<p><img src="[[bsexport:image:' . $imageData['id'] . ']]" alt="My image"></p>', $pageData['html']);
+    }
+
+    public function test_orphaned_images_cannot_be_used_on_local_secure_restricted()
+    {
+        config()->set('filesystems.images', 'local_secure_restricted');
+
+        $this->asEditor();
+        $page = $this->entities->page();
+        $result = $this->files->uploadGalleryImageToPage($this, $page);
+        $displayThumb = $result['response']->thumbs->gallery ?? '';
+        $page->html = '<p><img src="' . $displayThumb . '" alt="My image"></p>';
+        $page->save();
+
+        $image = Image::findOrFail($result['response']->id);
+        $image->uploaded_to = null;
+        $image->save();
+
+        $zipResp = $this->asEditor()->get($page->getUrl("/export/zip"));
+        $zipResp->assertOk();
+        $zip = ZipTestHelper::extractFromZipResponse($zipResp);
+        $pageData = $zip->data['page'];
+
+        $this->assertCount(0, $pageData['images']);
+    }
+
     public function test_cross_reference_links_external_to_export_are_not_converted()
     {
         $page = $this->entities->page();

tests/SessionTest.php

@@ -0,0 +1,53 @@
+<?php
+
+namespace Tests;
+
+class SessionTest extends TestCase
+{
+    public function test_secure_images_not_tracked_in_session_history()
+    {
+        config()->set('filesystems.images', 'local_secure');
+        $this->asEditor();
+        $page = $this->entities->page();
+        $result = $this->files->uploadGalleryImageToPage($this, $page);
+        $expectedPath = storage_path($result['path']);
+        $this->assertFileExists($expectedPath);
+
+        $this->get('/books');
+        $this->assertEquals(url('/books'), session()->previousUrl());
+
+        $resp = $this->get($result['path']);
+        $resp->assertOk();
+        $resp->assertHeader('Content-Type', 'image/png');
+
+        $this->assertEquals(url('/books'), session()->previousUrl());
+
+        if (file_exists($expectedPath)) {
+            unlink($expectedPath);
+        }
+    }
+
+    public function test_pwa_manifest_is_not_tracked_in_session_history()
+    {
+        $this->asEditor()->get('/books');
+        $this->get('/manifest.json');
+
+        $this->assertEquals(url('/books'), session()->previousUrl());
+    }
+
+    public function test_dist_dir_access_is_not_tracked_in_session_history()
+    {
+        $this->asEditor()->get('/books');
+        $this->get('/dist/sub/hello.txt');
+
+        $this->assertEquals(url('/books'), session()->previousUrl());
+    }
+
+    public function test_opensearch_is_not_tracked_in_session_history()
+    {
+        $this->asEditor()->get('/books');
+        $this->get('/opensearch.xml');
+
+        $this->assertEquals(url('/books'), session()->previousUrl());
+    }
+}

tests/ThemeTest.php

@@ -478,7 +478,7 @@ END;
 
             $resp = $this->asAdmin()->get("/theme/{$themeFolderName}/file.txt");
             $resp->assertStreamedContent($text);
-            $resp->assertHeader('Content-Type', 'text/plain; charset=UTF-8');
+            $resp->assertHeader('Content-Type', 'text/plain; charset=utf-8');
             $resp->assertHeader('Cache-Control', 'max-age=86400, private');
 
             $resp = $this->asAdmin()->get("/theme/{$themeFolderName}/image.png");
@@ -487,7 +487,7 @@ END;
 
             $resp = $this->asAdmin()->get("/theme/{$themeFolderName}/file.css");
             $resp->assertStreamedContent($css);
-            $resp->assertHeader('Content-Type', 'text/css; charset=UTF-8');
+            $resp->assertHeader('Content-Type', 'text/css; charset=utf-8');
             $resp->assertHeader('Cache-Control', 'max-age=86400, private');
         });
     }

tests/Uploads/AttachmentTest.php

@@ -323,7 +323,7 @@ class AttachmentTest extends TestCase
 
         $attachmentGet = $this->get($attachment->getUrl(true));
         // http-foundation/Response does some 'fixing' of responses to add charsets to text responses.
-        $attachmentGet->assertHeader('Content-Type', 'text/plain; charset=UTF-8');
+        $attachmentGet->assertHeader('Content-Type', 'text/plain; charset=utf-8');
         $attachmentGet->assertHeader('Content-Disposition', 'inline; filename="upload_test_file.txt"');
         $attachmentGet->assertHeader('X-Content-Type-Options', 'nosniff');
 
@@ -339,7 +339,7 @@ class AttachmentTest extends TestCase
 
         $attachmentGet = $this->get($attachment->getUrl(true));
         // http-foundation/Response does some 'fixing' of responses to add charsets to text responses.
-        $attachmentGet->assertHeader('Content-Type', 'text/plain; charset=UTF-8');
+        $attachmentGet->assertHeader('Content-Type', 'text/plain; charset=utf-8');
         $attachmentGet->assertHeader('Content-Disposition', 'inline; filename="test_file.html"');
 
         $this->files->deleteAllAttachmentFiles();

tests/Uploads/ImageTest.php

@@ -5,6 +5,8 @@ namespace Tests\Uploads;
 use BookStack\Entities\Repos\PageRepo;
 use BookStack\Uploads\Image;
 use BookStack\Uploads\ImageService;
+use BookStack\Uploads\UserAvatars;
+use BookStack\Users\Models\Role;
 use Illuminate\Support\Str;
 use Tests\TestCase;
 
@@ -427,29 +429,6 @@ class ImageTest extends TestCase
         }
     }
 
-    public function test_secure_images_not_tracked_in_session_history()
-    {
-        config()->set('filesystems.images', 'local_secure');
-        $this->asEditor();
-        $page = $this->entities->page();
-        $result = $this->files->uploadGalleryImageToPage($this, $page);
-        $expectedPath = storage_path($result['path']);
-        $this->assertFileExists($expectedPath);
-
-        $this->get('/books');
-        $this->assertEquals(url('/books'), session()->previousUrl());
-
-        $resp = $this->get($result['path']);
-        $resp->assertOk();
-        $resp->assertHeader('Content-Type', 'image/png');
-
-        $this->assertEquals(url('/books'), session()->previousUrl());
-
-        if (file_exists($expectedPath)) {
-            unlink($expectedPath);
-        }
-    }
-
     public function test_system_images_remain_public_with_local_secure_restricted()
     {
         config()->set('filesystems.images', 'local_secure_restricted');
@@ -467,6 +446,26 @@ class ImageTest extends TestCase
         }
     }
 
+    public function test_avatar_images_visible_only_when_public_access_enabled_with_local_secure_restricted()
+    {
+        config()->set('filesystems.images', 'local_secure_restricted');
+        $user = $this->users->admin();
+        $avatars = $this->app->make(UserAvatars::class);
+        $avatars->assignToUserFromExistingData($user, $this->files->pngImageData(), 'png');
+
+        $avatarUrl = $user->getAvatar();
+
+        $resp = $this->get($avatarUrl);
+        $resp->assertRedirect('/login');
+
+        $this->permissions->makeAppPublic();
+
+        $resp = $this->get($avatarUrl);
+        $resp->assertOk();
+
+        $this->files->deleteAtRelativePath($user->avatar->path);
+    }
+
     public function test_secure_restricted_images_inaccessible_without_relation_permission()
     {
         config()->set('filesystems.images', 'local_secure_restricted');
@@ -491,6 +490,38 @@ class ImageTest extends TestCase
         }
     }
 
+    public function test_secure_restricted_images_accessible_with_public_guest_access()
+    {
+        config()->set('filesystems.images', 'local_secure_restricted');
+        $this->permissions->makeAppPublic();
+
+        $this->asEditor();
+        $page = $this->entities->page();
+        $this->files->uploadGalleryImageToPage($this, $page);
+        $image = Image::query()->where('type', '=', 'gallery')
+            ->where('uploaded_to', '=', $page->id)
+            ->first();
+
+        $expectedUrl = url($image->path);
+        $expectedPath = storage_path($image->path);
+        auth()->logout();
+
+        $this->get($expectedUrl)->assertOk();
+
+        $this->permissions->setEntityPermissions($page, [], []);
+
+        $resp = $this->get($expectedUrl);
+        $resp->assertNotFound();
+
+        $this->permissions->setEntityPermissions($page, ['view'], [Role::getSystemRole('public')]);
+
+        $this->get($expectedUrl)->assertOk();
+
+        if (file_exists($expectedPath)) {
+            unlink($expectedPath);
+        }
+    }
+
     public function test_thumbnail_path_handled_by_secure_restricted_images()
     {
         config()->set('filesystems.images', 'local_secure_restricted');

version

@@ -1 +1 @@
-v25.02-dev
+v25.11-dev