jonny/jonnybarnes.uk
1
0
Fork 0
Code Issues 5 Pull requests Projects Releases 5 Packages Wiki Activity Actions

Merge branch 'release/0.0.10'

Browse source
This commit is contained in:
Jonny Barnes 2016-09-10 18:49:46 +01:00
commit 97c587c94c
8 changed files with 155 additions and 124 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.env.example
View file

@ -2,7 +2,6 @@ APP_ENV=local
APP_KEY=SomeRandomString
APP_DEBUG=true
APP_LOG_LEVEL=debug
APP_KEY=SomeRandomString
APP_TIMEZONE=UTC
APP_LANG=en
APP_LOG=daily

3
.travis.yml
View file

@ -20,7 +20,7 @@ matrix:
- php: nightly
before_install:
- phpenv config-rm xdebug.ini
- phpenv config-rm xdebug.ini || echo "xdebug already absent"
- travis_retry composer self-update --preview
install:
@ -40,3 +40,4 @@ before_script:
script:
- phpdbg -qrr vendor/bin/phpunit --coverage-text
- php artisan security:check

61
app/Console/Commands/SecurityCheck.php Normal file
View file

@ -0,0 +1,61 @@
<?php
namespace App\Console\Commands;
use Illuminate\Console\Command;
use SensioLabs\Security\SecurityChecker;
class SecurityCheck extends Command
{
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'security:check';
/**
* The console command description.
*
* @var string
*/
protected $description = 'Run the SensioLabs Security Check tool';
/**
* The Security Checker intergation service.
*
* @var SecurityChecker
*/
protected $securityChecker;
/**
* Create a new command instance.
*
* @param SecurityChecker $SecurityChecker
* @return void
*/
public function __construct(SecurityChecker $securityChecker)
{
parent::__construct();
$this->securityChecker = $securityChecker;
}
/**
* Execute the console command.
*
* @return mixed
*/
public function handle()
{
$alerts = $this->securityChecker->check(base_path() . '/composer.lock');
if (count($alerts) === 0) {
$this->info('No security vulnerabilities found.');
return 0;
}
$this->error('vulnerabilities found');
return 1;
}
}

2
app/Console/Kernel.php
View file

@ -13,7 +13,7 @@ class Kernel extends ConsoleKernel
* @var array
*/
protected $commands = [
//
Commands\SecurityCheck::class,
];
/**

31
app/Exceptions/Handler.php
View file

@ -3,8 +3,9 @@
namespace App\Exceptions;
use Exception;
use Illuminate\Support\Facades\Route;
use Illuminate\Auth\AuthenticationException;
use Symfony\Component\Debug\Exception\FlattenException;
use Illuminate\Session\TokenMismatchException;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
class Handler extends ExceptionHandler
@ -45,6 +46,10 @@ class Handler extends ExceptionHandler
*/
public function render($request, Exception $exception)
{
if ($exception instanceof TokenMismatchException) {
Route::getRoutes()->match($request);
}
return parent::render($request, $exception);
}
@ -63,28 +68,4 @@ class Handler extends ExceptionHandler
return redirect()->guest('login');
}
/**
* Render an exception using Whoops.
*
* @param \Exception $exc
* @return \Illuminate\Http\Response
*/
protected function renderExceptionWithWhoops(Exception $exception)
{
$whoops = new \Whoops\Run;
$handler = new \Whoops\Handler\PrettyPageHandler();
$handler->setEditor(function ($file, $line) {
return "atom://open?file=$file&line=$line";
});
$whoops->pushHandler($handler);
$flattened = FlattenException::create($exception);
return new \Illuminate\Http\Response(
$whoops->handleException($exc),
$flattened->getStatusCode(),
$flattened->getHeaders()
);
}
}

5
changelog.md
View file

@ -1,5 +1,10 @@
# Changelog
## Version 0.0.10 (2016-09-10)
- Add an artisan command for sensiolabs security check
- Remove `filp/whoops`, just use Laravels error reporting
- Better TokenMismatchException handling (issue#5)
## Version 0.0.9.2 (2016-09-08)
- Remove Piwik
- Updated some bower dependencies

6
composer.json
View file

@ -21,7 +21,8 @@
"spatie/laravel-medialibrary": "^4.0",
"league/flysystem-aws-s3-v3": "^1.0",
"phaza/laravel-postgis": "~3.1",
"lcobucci/jwt": "^3.1"
"lcobucci/jwt": "^3.1",
"sensiolabs/security-checker": "^3.0"
},
"require-dev": {
"fzaninotto/faker": "~1.4",
@ -29,8 +30,7 @@
"phpunit/phpunit": "~5.0",
"symfony/css-selector": "3.1.*",
"symfony/dom-crawler": "3.1.*",
"barryvdh/laravel-debugbar": "~2.0",
"filp/whoops": "~2.0"
"barryvdh/laravel-debugbar": "~2.0"
},
"autoload": {
"classmap": [

170
composer.lock generated
View file

@ -4,8 +4,8 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
"hash": "7a7231eebef62c0fb518cf030d531d95",
"content-hash": "3815acce9215a64c27a68ada0123dc48",
"hash": "b65fffcf4b32d065494b01ada5391976",
"content-hash": "86faec8ac49549630fc60578bcd085cc",
"packages": [
{
"name": "anahkiasen/underscore-php",
@ -59,16 +59,16 @@
},
{
"name": "aws/aws-sdk-php",
"version": "3.19.4",
"version": "3.19.6",
"source": {
"type": "git",
"url": "https://github.com/aws/aws-sdk-php.git",
"reference": "f67bc37fa4b76d85423052eae2a9577aab99adc1"
"reference": "34060bf0db260031697b17dbb37fa1bbec92f1c4"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/f67bc37fa4b76d85423052eae2a9577aab99adc1",
"reference": "f67bc37fa4b76d85423052eae2a9577aab99adc1",
"url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/34060bf0db260031697b17dbb37fa1bbec92f1c4",
"reference": "34060bf0db260031697b17dbb37fa1bbec92f1c4",
"shasum": ""
},
"require": {
@ -135,7 +135,7 @@
"s3",
"sdk"
],
"time": "2016-09-01 21:37:32"
"time": "2016-09-08 20:27:15"
},
{
"name": "barnabywalters/mf-cleaner",
@ -597,16 +597,16 @@
},
{
"name": "doctrine/dbal",
"version": "v2.5.4",
"version": "v2.5.5",
"source": {
"type": "git",
"url": "https://github.com/doctrine/dbal.git",
"reference": "abbdfd1cff43a7b99d027af3be709bc8fc7d4769"
"reference": "9f8c05cd5225a320d56d4bfdb4772f10d045a0c9"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/doctrine/dbal/zipball/abbdfd1cff43a7b99d027af3be709bc8fc7d4769",
"reference": "abbdfd1cff43a7b99d027af3be709bc8fc7d4769",
"url": "https://api.github.com/repos/doctrine/dbal/zipball/9f8c05cd5225a320d56d4bfdb4772f10d045a0c9",
"reference": "9f8c05cd5225a320d56d4bfdb4772f10d045a0c9",
"shasum": ""
},
"require": {
@ -615,7 +615,7 @@
},
"require-dev": {
"phpunit/phpunit": "4.*",
"symfony/console": "2.*"
"symfony/console": "2.*||^3.0"
},
"suggest": {
"symfony/console": "For helpful console commands such as SQL execution and import of files."
@ -664,7 +664,7 @@
"persistence",
"queryobject"
],
"time": "2016-01-05 22:11:12"
"time": "2016-09-09 19:13:33"
},
{
"name": "doctrine/inflector",
@ -1533,16 +1533,16 @@
},
{
"name": "laravel/framework",
"version": "v5.3.6",
"version": "v5.3.8",
"source": {
"type": "git",
"url": "https://github.com/laravel/framework.git",
"reference": "c63a7fb7066fea2bce91ace5c830c01d503abe6c"
"reference": "99c74afc0b99e1af1984cb55dc242ab28a0e496b"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/laravel/framework/zipball/c63a7fb7066fea2bce91ace5c830c01d503abe6c",
"reference": "c63a7fb7066fea2bce91ace5c830c01d503abe6c",
"url": "https://api.github.com/repos/laravel/framework/zipball/99c74afc0b99e1af1984cb55dc242ab28a0e496b",
"reference": "99c74afc0b99e1af1984cb55dc242ab28a0e496b",
"shasum": ""
},
"require": {
@ -1656,7 +1656,7 @@
"framework",
"laravel"
],
"time": "2016-09-01 14:06:47"
"time": "2016-09-09 16:33:59"
},
{
"name": "lcobucci/jwt",
@ -2793,6 +2793,50 @@
],
"time": "2016-08-02 18:39:32"
},
{
"name": "sensiolabs/security-checker",
"version": "v3.0.2",
"source": {
"type": "git",
"url": "https://github.com/sensiolabs/security-checker.git",
"reference": "21696b0daa731064c23cfb694c60a2584a7b6e93"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sensiolabs/security-checker/zipball/21696b0daa731064c23cfb694c60a2584a7b6e93",
"reference": "21696b0daa731064c23cfb694c60a2584a7b6e93",
"shasum": ""
},
"require": {
"symfony/console": "~2.0|~3.0"
},
"bin": [
"security-checker"
],
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "3.0-dev"
}
},
"autoload": {
"psr-0": {
"SensioLabs\\Security": ""
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Fabien Potencier",
"email": "fabien.potencier@gmail.com"
}
],
"description": "A security checker for your composer.lock",
"time": "2015-11-07 08:07:40"
},
{
"name": "spatie/laravel-glide",
"version": "3.0.1",
@ -2905,16 +2949,16 @@
},
{
"name": "spatie/pdf-to-image",
"version": "1.2.0",
"version": "1.2.1",
"source": {
"type": "git",
"url": "https://github.com/spatie/pdf-to-image.git",
"reference": "c08dac65f0f857dd4d467d40794772be5a75d6de"
"reference": "4dfb2bc86af254d9a1dbd2a96939777a99fcc817"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/spatie/pdf-to-image/zipball/c08dac65f0f857dd4d467d40794772be5a75d6de",
"reference": "c08dac65f0f857dd4d467d40794772be5a75d6de",
"url": "https://api.github.com/repos/spatie/pdf-to-image/zipball/4dfb2bc86af254d9a1dbd2a96939777a99fcc817",
"reference": "4dfb2bc86af254d9a1dbd2a96939777a99fcc817",
"shasum": ""
},
"require": {
@ -2951,7 +2995,7 @@
"pdf-to-image",
"spatie"
],
"time": "2016-04-29 08:02:56"
"time": "2016-09-08 09:26:02"
},
{
"name": "spatie/string",
@ -4084,66 +4128,6 @@
],
"time": "2015-06-14 21:17:01"
},
{
"name": "filp/whoops",
"version": "2.1.3",
"source": {
"type": "git",
"url": "https://github.com/filp/whoops.git",
"reference": "8828aaa2178e0a19325522e2a45282ff0a14649b"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/filp/whoops/zipball/8828aaa2178e0a19325522e2a45282ff0a14649b",
"reference": "8828aaa2178e0a19325522e2a45282ff0a14649b",
"shasum": ""
},
"require": {
"php": ">=5.5.9"
},
"require-dev": {
"mockery/mockery": "0.9.*",
"phpunit/phpunit": "^4.8 || ^5.0",
"symfony/var-dumper": "~3.0"
},
"suggest": {
"symfony/var-dumper": "Pretty print complex values better with var-dumper available",
"whoops/soap": "Formats errors as SOAP responses"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "2.0-dev"
}
},
"autoload": {
"psr-4": {
"Whoops\\": "src/Whoops/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Filipe Dobreira",
"homepage": "https://github.com/filp",
"role": "Developer"
}
],
"description": "php error handling for cool kids",
"homepage": "https://github.com/filp/whoops",
"keywords": [
"error",
"exception",
"handling",
"library",
"whoops",
"zf2"
],
"time": "2016-05-06 18:25:35"
},
{
"name": "fzaninotto/faker",
"version": "v1.6.0",
@ -4365,16 +4349,16 @@
},
{
"name": "myclabs/deep-copy",
"version": "1.5.1",
"version": "1.5.2",
"source": {
"type": "git",
"url": "https://github.com/myclabs/DeepCopy.git",
"reference": "a8773992b362b58498eed24bf85005f363c34771"
"reference": "da8529775f14f4fdae33f916eb0cf65f6afbddbc"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/a8773992b362b58498eed24bf85005f363c34771",
"reference": "a8773992b362b58498eed24bf85005f363c34771",
"url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/da8529775f14f4fdae33f916eb0cf65f6afbddbc",
"reference": "da8529775f14f4fdae33f916eb0cf65f6afbddbc",
"shasum": ""
},
"require": {
@ -4403,7 +4387,7 @@
"object",
"object graph"
],
"time": "2015-11-20 12:04:31"
"time": "2016-09-06 16:07:05"
},
{
"name": "phpdocumentor/reflection-common",
@ -4937,16 +4921,16 @@
},
{
"name": "phpunit/phpunit-mock-objects",
"version": "3.2.6",
"version": "3.2.7",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/phpunit-mock-objects.git",
"reference": "46b249b43fd2ed8e127aa0fdb3cbcf56e9bc0e49"
"reference": "546898a2c0c356ef2891b39dd7d07f5d82c8ed0a"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit-mock-objects/zipball/46b249b43fd2ed8e127aa0fdb3cbcf56e9bc0e49",
"reference": "46b249b43fd2ed8e127aa0fdb3cbcf56e9bc0e49",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit-mock-objects/zipball/546898a2c0c356ef2891b39dd7d07f5d82c8ed0a",
"reference": "546898a2c0c356ef2891b39dd7d07f5d82c8ed0a",
"shasum": ""
},
"require": {
@ -4992,7 +4976,7 @@
"mock",
"xunit"
],
"time": "2016-08-26 05:51:59"
"time": "2016-09-06 16:07:45"
},
{
"name": "sebastian/code-unit-reverse-lookup",