From aeab19a6165fd7b8930564039d80a2a785735425 Mon Sep 17 00:00:00 2001 From: Covered123 <58715544+JavierLeon9966@users.noreply.github.com> Date: Tue, 4 Jan 2022 17:31:27 -0300 Subject: [PATCH 01/12] Fixed world spawn point not updating to players (#4699) closes #4383 --- src/world/World.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/world/World.php b/src/world/World.php index 6d3aa6712..be5e7c426 100644 --- a/src/world/World.php +++ b/src/world/World.php @@ -2258,6 +2258,11 @@ class World implements ChunkManager{ $previousSpawn = $this->getSpawnLocation(); $this->provider->getWorldData()->setSpawn($pos); (new SpawnChangeEvent($this, $previousSpawn))->call(); + + $location = Position::fromObject($pos, $this); + foreach($this->players as $player){ + $player->getNetworkSession()->syncWorldSpawnPoint($location); + } } /** From 68f3399cfd784f95927da7e90c72be952fde284a Mon Sep 17 00:00:00 2001 From: Dylan T Date: Tue, 4 Jan 2022 20:39:02 +0000 Subject: [PATCH 02/12] Merge pull request from GHSA-p62j-hrxm-xcxf This checks the following things: - Validity of UTF-8 encoding of title, author, and page content - Maximum soft and hard lengths of title, author, and page content (soft limits may be bypassed by uncancelling PlayerEditBookEvent; hard limits may not be bypassed) - Maximum number of pages. Books with more than 50 pages may still be edited, but may not have new pages added. --- src/pocketmine/Player.php | 51 +++++++++++++++++++++++++++++++++++---- 1 file changed, 46 insertions(+), 5 deletions(-) diff --git a/src/pocketmine/Player.php b/src/pocketmine/Player.php index 7721b4013..c4bcd651d 100644 --- a/src/pocketmine/Player.php +++ b/src/pocketmine/Player.php @@ -210,6 +210,7 @@ use function json_encode; use function json_last_error_msg; use function lcg_value; use function max; +use function mb_strlen; use function microtime; use function min; use function preg_match; @@ -217,6 +218,7 @@ use function round; use function spl_object_hash; use function sprintf; use function sqrt; +use function str_repeat; use function strlen; use function strpos; use function strtolower; @@ -3265,6 +3267,24 @@ class Player extends Human implements CommandSender, ChunkLoader, IPlayer{ return true; } + /** + * @throws \UnexpectedValueException + */ + private function checkBookText(string $string, string $fieldName, int $softLimit, int $hardLimit, bool &$cancel) : string{ + if(strlen($string) > $hardLimit){ + throw new \UnexpectedValueException(sprintf("Book %s must be at most %d bytes, but have %d bytes", $fieldName, $hardLimit, strlen($string))); + } + + $result = TextFormat::clean($string, false); + //strlen() is O(1), mb_strlen() is O(n) + if(strlen($result) > $softLimit * 4 || mb_strlen($result, 'UTF-8') > $softLimit){ + $cancel = true; + $this->server->getLogger()->debug(sprintf("Cancelled book edit by %s due to %s exceeded soft limit of %d chars", $this->getName(), $fieldName, $softLimit)); + } + + return $result; + } + public function handleBookEdit(BookEditPacket $packet) : bool{ /** @var WritableBook $oldBook */ $oldBook = $this->inventory->getItem($packet->inventorySlot); @@ -3274,10 +3294,11 @@ class Player extends Human implements CommandSender, ChunkLoader, IPlayer{ $newBook = clone $oldBook; $modifiedPages = []; - + $cancel = false; switch($packet->type){ case BookEditPacket::TYPE_REPLACE_PAGE: - $newBook->setPageText($packet->pageNumber, $packet->text); + $text = self::checkBookText($packet->text, "page text", 256, 0x7fff, $cancel); + $newBook->setPageText($packet->pageNumber, $text); $modifiedPages[] = $packet->pageNumber; break; case BookEditPacket::TYPE_ADD_PAGE: @@ -3286,7 +3307,8 @@ class Player extends Human implements CommandSender, ChunkLoader, IPlayer{ //TODO: the client can send insert-before actions on trailing client-side pages which cause odd behaviour on the server return false; } - $newBook->insertPage($packet->pageNumber, $packet->text); + $text = self::checkBookText($packet->text, "page text", 256, 0x7fff, $cancel); + $newBook->insertPage($packet->pageNumber, $text); $modifiedPages[] = $packet->pageNumber; break; case BookEditPacket::TYPE_DELETE_PAGE: @@ -3305,17 +3327,36 @@ class Player extends Human implements CommandSender, ChunkLoader, IPlayer{ $modifiedPages = [$packet->pageNumber, $packet->secondaryPageNumber]; break; case BookEditPacket::TYPE_SIGN_BOOK: + $title = self::checkBookText($packet->title, "title", 16, 0x7fff, $cancel); + //this one doesn't have a limit in vanilla, so we have to improvise + $author = self::checkBookText($packet->author, "author", 256, 0x7fff, $cancel); + /** @var WrittenBook $newBook */ $newBook = Item::get(Item::WRITTEN_BOOK, 0, 1, $newBook->getNamedTag()); - $newBook->setAuthor($packet->author); - $newBook->setTitle($packet->title); + $newBook->setAuthor($author); + $newBook->setTitle($title); $newBook->setGeneration(WrittenBook::GENERATION_ORIGINAL); break; default: return false; } + /* + * Plugins may have created books with more than 50 pages; we allow plugins to do this, but not players. + * Don't allow the page count to grow past 50, but allow deleting, swapping or altering text of existing pages. + */ + $oldPageCount = count($oldBook->getPages()); + $newPageCount = count($newBook->getPages()); + if(($newPageCount > $oldPageCount && $newPageCount > 50)){ + $this->server->getLogger()->debug("Cancelled book edit by " . $this->getName() . " due to adding too many pages (new page count would be $newPageCount)"); + $cancel = true; + } + $event = new PlayerEditBookEvent($this, $oldBook, $newBook, $packet->type, $modifiedPages); + if($cancel){ + $event->setCancelled(); + } + $event->call(); if($event->isCancelled()){ return true; From 3ed57ce49a6b5ea49ced6d9622af04cf35120d79 Mon Sep 17 00:00:00 2001 From: Dylan T Date: Tue, 4 Jan 2022 20:39:02 +0000 Subject: [PATCH 03/12] Merge pull request from GHSA-p62j-hrxm-xcxf This checks the following things: - Validity of UTF-8 encoding of title, author, and page content - Maximum soft and hard lengths of title, author, and page content (soft limits may be bypassed by uncancelling PlayerEditBookEvent; hard limits may not be bypassed) - Maximum number of pages. Books with more than 50 pages may still be edited, but may not have new pages added. --- src/item/WritableBookPage.php | 17 +++++- src/item/WrittenBook.php | 9 +++ .../mcpe/handler/InGamePacketHandler.php | 56 +++++++++++++++++-- 3 files changed, 75 insertions(+), 7 deletions(-) diff --git a/src/item/WritableBookPage.php b/src/item/WritableBookPage.php index 62ebbcf50..95d5a6258 100644 --- a/src/item/WritableBookPage.php +++ b/src/item/WritableBookPage.php @@ -23,17 +23,32 @@ declare(strict_types=1); namespace pocketmine\item; +use pocketmine\utils\Limits; use pocketmine\utils\Utils; +use function sprintf; +use function strlen; class WritableBookPage{ + public const PAGE_LENGTH_HARD_LIMIT_BYTES = Limits::INT16_MAX; + public const PHOTO_NAME_LENGTH_HARD_LIMIT_BYTES = Limits::INT16_MAX; /** @var string */ private $text; /** @var string */ private $photoName; + /** + * @throws \InvalidArgumentException + */ + private static function checkLength(string $string, string $name, int $maxLength) : void{ + if(strlen($string) > $maxLength){ + throw new \InvalidArgumentException(sprintf("$name must be at most %d bytes, but have %d bytes", $maxLength, strlen($string))); + } + } + public function __construct(string $text, string $photoName = ""){ - //TODO: data validation + self::checkLength($text, "Text", self::PAGE_LENGTH_HARD_LIMIT_BYTES); + self::checkLength($photoName, "Photo name", self::PHOTO_NAME_LENGTH_HARD_LIMIT_BYTES); Utils::checkUTF8($text); $this->text = $text; $this->photoName = $photoName; diff --git a/src/item/WrittenBook.php b/src/item/WrittenBook.php index f356b1cd6..88352cdd1 100644 --- a/src/item/WrittenBook.php +++ b/src/item/WrittenBook.php @@ -24,7 +24,10 @@ declare(strict_types=1); namespace pocketmine\item; use pocketmine\nbt\tag\CompoundTag; +use pocketmine\utils\Limits; use pocketmine\utils\Utils; +use function sprintf; +use function strlen; class WrittenBook extends WritableBookBase{ @@ -85,6 +88,9 @@ class WrittenBook extends WritableBookBase{ * @return $this */ public function setAuthor(string $authorName) : self{ + if(strlen($authorName) > Limits::INT16_MAX){ + throw new \InvalidArgumentException(sprintf("Author must be at most %d bytes, but have %d bytes", Limits::INT16_MAX, strlen($authorName))); + } Utils::checkUTF8($authorName); $this->author = $authorName; return $this; @@ -103,6 +109,9 @@ class WrittenBook extends WritableBookBase{ * @return $this */ public function setTitle(string $title) : self{ + if(strlen($title) > Limits::INT16_MAX){ + throw new \InvalidArgumentException(sprintf("Title must be at most %d bytes, but have %d bytes", Limits::INT16_MAX, strlen($title))); + } Utils::checkUTF8($title); $this->title = $title; return $this; diff --git a/src/network/mcpe/handler/InGamePacketHandler.php b/src/network/mcpe/handler/InGamePacketHandler.php index 04e1c847b..cfa80738c 100644 --- a/src/network/mcpe/handler/InGamePacketHandler.php +++ b/src/network/mcpe/handler/InGamePacketHandler.php @@ -37,6 +37,7 @@ use pocketmine\inventory\transaction\TransactionException; use pocketmine\inventory\transaction\TransactionValidationException; use pocketmine\item\VanillaItems; use pocketmine\item\WritableBook; +use pocketmine\item\WritableBookPage; use pocketmine\item\WrittenBook; use pocketmine\math\Vector3; use pocketmine\nbt\tag\CompoundTag; @@ -96,6 +97,8 @@ use pocketmine\network\mcpe\protocol\types\PlayerAction; use pocketmine\network\PacketHandlingException; use pocketmine\player\Player; use pocketmine\utils\AssumptionFailedError; +use pocketmine\utils\Limits; +use pocketmine\utils\TextFormat; use function array_push; use function base64_encode; use function count; @@ -107,8 +110,10 @@ use function json_decode; use function json_encode; use function json_last_error_msg; use function max; +use function mb_strlen; use function microtime; use function preg_match; +use function sprintf; use function strlen; use function strpos; use function substr; @@ -711,6 +716,24 @@ class InGamePacketHandler extends PacketHandler{ return false; //TODO } + /** + * @throws PacketHandlingException + */ + private function checkBookText(string $string, string $fieldName, int $softLimit, int $hardLimit, bool &$cancel) : string{ + if(strlen($string) > $hardLimit){ + throw new PacketHandlingException(sprintf("Book %s must be at most %d bytes, but have %d bytes", $fieldName, $hardLimit, strlen($string))); + } + + $result = TextFormat::clean($string, false); + //strlen() is O(1), mb_strlen() is O(n) + if(strlen($result) > $softLimit * 4 || mb_strlen($result, 'UTF-8') > $softLimit){ + $cancel = true; + $this->session->getLogger()->debug("Cancelled book edit due to $fieldName exceeded soft limit of $softLimit chars"); + } + + return $result; + } + public function handleBookEdit(BookEditPacket $packet) : bool{ //TODO: break this up into book API things $oldBook = $this->player->getInventory()->getItem($packet->inventorySlot); @@ -720,10 +743,11 @@ class InGamePacketHandler extends PacketHandler{ $newBook = clone $oldBook; $modifiedPages = []; - + $cancel = false; switch($packet->type){ case BookEditPacket::TYPE_REPLACE_PAGE: - $newBook->setPageText($packet->pageNumber, $packet->text); + $text = self::checkBookText($packet->text, "page text", 256, WritableBookPage::PAGE_LENGTH_HARD_LIMIT_BYTES, $cancel); + $newBook->setPageText($packet->pageNumber, $text); $modifiedPages[] = $packet->pageNumber; break; case BookEditPacket::TYPE_ADD_PAGE: @@ -732,7 +756,8 @@ class InGamePacketHandler extends PacketHandler{ //TODO: the client can send insert-before actions on trailing client-side pages which cause odd behaviour on the server return false; } - $newBook->insertPage($packet->pageNumber, $packet->text); + $text = self::checkBookText($packet->text, "page text", 256, WritableBookPage::PAGE_LENGTH_HARD_LIMIT_BYTES, $cancel); + $newBook->insertPage($packet->pageNumber, $text); $modifiedPages[] = $packet->pageNumber; break; case BookEditPacket::TYPE_DELETE_PAGE: @@ -751,11 +776,14 @@ class InGamePacketHandler extends PacketHandler{ $modifiedPages = [$packet->pageNumber, $packet->secondaryPageNumber]; break; case BookEditPacket::TYPE_SIGN_BOOK: - /** @var WrittenBook $newBook */ + $title = self::checkBookText($packet->title, "title", 16, Limits::INT16_MAX, $cancel); + //this one doesn't have a limit in vanilla, so we have to improvise + $author = self::checkBookText($packet->author, "author", 256, Limits::INT16_MAX, $cancel); + $newBook = VanillaItems::WRITTEN_BOOK() ->setPages($oldBook->getPages()) - ->setAuthor($packet->author) - ->setTitle($packet->title) + ->setAuthor($author) + ->setTitle($title) ->setGeneration(WrittenBook::GENERATION_ORIGINAL); break; default: @@ -771,7 +799,23 @@ class InGamePacketHandler extends PacketHandler{ BookEditPacket::TYPE_SIGN_BOOK => PlayerEditBookEvent::ACTION_SIGN_BOOK, default => throw new AssumptionFailedError("We already filtered unknown types in the switch above") }; + + /* + * Plugins may have created books with more than 50 pages; we allow plugins to do this, but not players. + * Don't allow the page count to grow past 50, but allow deleting, swapping or altering text of existing pages. + */ + $oldPageCount = count($oldBook->getPages()); + $newPageCount = count($newBook->getPages()); + if(($newPageCount > $oldPageCount && $newPageCount > 50)){ + $this->session->getLogger()->debug("Cancelled book edit due to adding too many pages (new page count would be $newPageCount)"); + $cancel = true; + } + $event = new PlayerEditBookEvent($this->player, $oldBook, $newBook, $action, $modifiedPages); + if($cancel){ + $event->cancel(); + } + $event->call(); if($event->isCancelled()){ return true; From 958a9dbf0fe3131ab60319c5a939f5dfbfe5dfbb Mon Sep 17 00:00:00 2001 From: Dylan T Date: Tue, 4 Jan 2022 20:40:55 +0000 Subject: [PATCH 04/12] Merge pull request from GHSA-c6fg-99pr-25m9 * Skin: impose length limits on skinID, geometryName and geometryData fields * Skin: remove extra newline --- src/pocketmine/entity/Skin.php | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/pocketmine/entity/Skin.php b/src/pocketmine/entity/Skin.php index 98d1fdc4e..4effa390b 100644 --- a/src/pocketmine/entity/Skin.php +++ b/src/pocketmine/entity/Skin.php @@ -28,6 +28,7 @@ use function implode; use function in_array; use function json_encode; use function strlen; +use const INT32_MAX; class Skin{ public const ACCEPTED_SKIN_SIZES = [ @@ -67,10 +68,20 @@ class Skin{ } } + private static function checkLength(string $string, string $name, int $maxLength) : void{ + if(strlen($string) > $maxLength){ + throw new InvalidSkinException("$name must be at most $maxLength bytes, but have " . strlen($string) . " bytes"); + } + } + /** * @throws InvalidSkinException */ public function validate() : void{ + self::checkLength($this->skinId, "Skin ID", 32767); + self::checkLength($this->geometryName, "Geometry name", 32767); + self::checkLength($this->geometryData, "Geometry data", INT32_MAX); + if($this->skinId === ""){ throw new InvalidSkinException("Skin ID must not be empty"); } From 6492cac5c10f9fa8443ceddd2191a7b65b73f601 Mon Sep 17 00:00:00 2001 From: Dylan T Date: Tue, 4 Jan 2022 20:40:55 +0000 Subject: [PATCH 05/12] Merge pull request from GHSA-c6fg-99pr-25m9 --- src/entity/Skin.php | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/entity/Skin.php b/src/entity/Skin.php index 0542bd75a..68dfd6e7b 100644 --- a/src/entity/Skin.php +++ b/src/entity/Skin.php @@ -24,6 +24,7 @@ declare(strict_types=1); namespace pocketmine\entity; use Ahc\Json\Comment as CommentedJsonDecoder; +use pocketmine\utils\Limits; use function implode; use function in_array; use function json_encode; @@ -48,7 +49,17 @@ final class Skin{ /** @var string */ private $geometryData; + private static function checkLength(string $string, string $name, int $maxLength) : void{ + if(strlen($string) > $maxLength){ + throw new InvalidSkinException("$name must be at most $maxLength bytes, but have " . strlen($string) . " bytes"); + } + } + public function __construct(string $skinId, string $skinData, string $capeData = "", string $geometryName = "", string $geometryData = ""){ + self::checkLength($skinId, "Skin ID", Limits::INT16_MAX); + self::checkLength($geometryName, "Geometry name", Limits::INT16_MAX); + self::checkLength($geometryData, "Geometry data", Limits::INT32_MAX); + if($skinId === ""){ throw new InvalidSkinException("Skin ID must not be empty"); } From 8c4b8a90422566c262bb96c545fca9365f3a4226 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Tue, 4 Jan 2022 20:44:10 +0000 Subject: [PATCH 06/12] CS --- src/pocketmine/Player.php | 1 - 1 file changed, 1 deletion(-) diff --git a/src/pocketmine/Player.php b/src/pocketmine/Player.php index c4bcd651d..1bf11b1d6 100644 --- a/src/pocketmine/Player.php +++ b/src/pocketmine/Player.php @@ -218,7 +218,6 @@ use function round; use function spl_object_hash; use function sprintf; use function sqrt; -use function str_repeat; use function strlen; use function strpos; use function strtolower; From a4af1609eaf42eff5effe04b08f2c1402d408f3d Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Tue, 4 Jan 2022 20:47:31 +0000 Subject: [PATCH 07/12] Release 3.26.5 --- changelogs/3.26.md | 4 ++++ src/pocketmine/VersionInfo.php | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/changelogs/3.26.md b/changelogs/3.26.md index 35b840a98..102e68aad 100644 --- a/changelogs/3.26.md +++ b/changelogs/3.26.md @@ -26,3 +26,7 @@ Plugin developers should **only** update their required API to this version if y - Fixed skins appearing black when using RTX resource packs. - Fixed chunks containing furnaces in old worlds (pre-2017) being discarded as corrupted. - This was caused by a strict corruption check detecting bad data created by a bug in PocketMine-MP that was fixed in 2017. + +# 3.26.5 +- Fixed several denial-of-service attack vectors related to writable book text length and encoding. +- Fixed several denial-of-service attack vectors related to skin data field lengths. diff --git a/src/pocketmine/VersionInfo.php b/src/pocketmine/VersionInfo.php index ae075617b..8effa492f 100644 --- a/src/pocketmine/VersionInfo.php +++ b/src/pocketmine/VersionInfo.php @@ -34,5 +34,5 @@ const _VERSION_INFO_INCLUDED = true; const NAME = "PocketMine-MP"; const BASE_VERSION = "3.26.5"; -const IS_DEVELOPMENT_BUILD = true; +const IS_DEVELOPMENT_BUILD = false; const BUILD_CHANNEL = "pm3"; From e8893dd91f340b48e2072ebbba8d16a4cbd1ea82 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Tue, 4 Jan 2022 20:47:31 +0000 Subject: [PATCH 08/12] 3.26.6 is next --- src/pocketmine/VersionInfo.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/pocketmine/VersionInfo.php b/src/pocketmine/VersionInfo.php index 8effa492f..d2c0036be 100644 --- a/src/pocketmine/VersionInfo.php +++ b/src/pocketmine/VersionInfo.php @@ -33,6 +33,6 @@ if(defined('pocketmine\_VERSION_INFO_INCLUDED')){ const _VERSION_INFO_INCLUDED = true; const NAME = "PocketMine-MP"; -const BASE_VERSION = "3.26.5"; -const IS_DEVELOPMENT_BUILD = false; +const BASE_VERSION = "3.26.6"; +const IS_DEVELOPMENT_BUILD = true; const BUILD_CHANNEL = "pm3"; From e7d17eb4d327f6573ae702273e3838305844d2d6 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Tue, 4 Jan 2022 20:51:36 +0000 Subject: [PATCH 09/12] Release 4.0.5 --- changelogs/4.0.md | 11 ++++++++++- src/VersionInfo.php | 2 +- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/changelogs/4.0.md b/changelogs/4.0.md index 211b825e8..a12c11cd4 100644 --- a/changelogs/4.0.md +++ b/changelogs/4.0.md @@ -1590,4 +1590,13 @@ Released 1st January 2022. - Fixed message length limit for chat (now 512 instead of 255, and accounts for UTF-8). - Fixed incorrect message being displayed when trying to sleep in a bed which is too far away. - Fixed missing space between `Kicked by admin.` and `Reason` when using `/kick` to kick a player. -- Fixed client-side performance issue of entities with very large scale. \ No newline at end of file +- Fixed client-side performance issue of entities with very large scale. + +# 4.0.5 +Released 4th January 2022. + +## Fixes +- Fixed several denial-of-service attack vectors related to writable book text length and encoding. +- Fixed several denial-of-service attack vectors related to skin data field lengths. +- Fixed food bar desync when cancelling `PlayerItemConsumeEvent` in a plugin. +- Fixed compass needles not updating when the world spawn is changed. diff --git a/src/VersionInfo.php b/src/VersionInfo.php index 5cd6474d5..65bfbab9c 100644 --- a/src/VersionInfo.php +++ b/src/VersionInfo.php @@ -32,7 +32,7 @@ use function str_repeat; final class VersionInfo{ public const NAME = "PocketMine-MP"; public const BASE_VERSION = "4.0.5"; - public const IS_DEVELOPMENT_BUILD = true; + public const IS_DEVELOPMENT_BUILD = false; public const BUILD_CHANNEL = "stable"; private function __construct(){ From 35f205b476a3f44484ed026a8c97d38f03e30bf8 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Tue, 4 Jan 2022 20:51:37 +0000 Subject: [PATCH 10/12] 4.0.6 is next --- src/VersionInfo.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/VersionInfo.php b/src/VersionInfo.php index 65bfbab9c..366709e4b 100644 --- a/src/VersionInfo.php +++ b/src/VersionInfo.php @@ -31,8 +31,8 @@ use function str_repeat; final class VersionInfo{ public const NAME = "PocketMine-MP"; - public const BASE_VERSION = "4.0.5"; - public const IS_DEVELOPMENT_BUILD = false; + public const BASE_VERSION = "4.0.6"; + public const IS_DEVELOPMENT_BUILD = true; public const BUILD_CHANNEL = "stable"; private function __construct(){ From 230a3c98390f2c285359a0d6831582943f21d991 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 5 Jan 2022 13:49:29 +0000 Subject: [PATCH 11/12] Bump phpstan/phpstan from 1.2.0 to 1.3.1 (#4702) Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 1.2.0 to 1.3.1. - [Release notes](https://github.com/phpstan/phpstan/releases) - [Changelog](https://github.com/phpstan/phpstan/blob/master/CHANGELOG.md) - [Commits](https://github.com/phpstan/phpstan/compare/1.2.0...1.3.1) --- updated-dependencies: - dependency-name: phpstan/phpstan dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- composer.json | 2 +- composer.lock | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/composer.json b/composer.json index 8c2f8902a..4b870b112 100644 --- a/composer.json +++ b/composer.json @@ -53,7 +53,7 @@ "webmozart/path-util": "^2.3" }, "require-dev": { - "phpstan/phpstan": "1.2.0", + "phpstan/phpstan": "1.3.1", "phpstan/phpstan-phpunit": "^1.0.0", "phpstan/phpstan-strict-rules": "^1.0.0", "phpunit/phpunit": "^9.2" diff --git a/composer.lock b/composer.lock index be9b3c6eb..69e9f4733 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "5dc75b1eaa0493544081f223d3e2304c", + "content-hash": "21dbdd29be952db47b97d8f3c8752b98", "packages": [ { "name": "adhocore/json-comment", @@ -1900,16 +1900,16 @@ }, { "name": "phpstan/phpstan", - "version": "1.2.0", + "version": "1.3.1", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "cbe085f9fdead5b6d62e4c022ca52dc9427a10ee" + "reference": "c3e7a5837829b3cd5907b895da73a4da084a9f8f" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/cbe085f9fdead5b6d62e4c022ca52dc9427a10ee", - "reference": "cbe085f9fdead5b6d62e4c022ca52dc9427a10ee", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/c3e7a5837829b3cd5907b895da73a4da084a9f8f", + "reference": "c3e7a5837829b3cd5907b895da73a4da084a9f8f", "shasum": "" }, "require": { @@ -1925,7 +1925,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.2-dev" + "dev-master": "1.3-dev" } }, "autoload": { @@ -1940,7 +1940,7 @@ "description": "PHPStan - PHP Static Analysis Tool", "support": { "issues": "https://github.com/phpstan/phpstan/issues", - "source": "https://github.com/phpstan/phpstan/tree/1.2.0" + "source": "https://github.com/phpstan/phpstan/tree/1.3.1" }, "funding": [ { @@ -1960,7 +1960,7 @@ "type": "tidelift" } ], - "time": "2021-11-18T14:09:01+00:00" + "time": "2022-01-04T17:12:37+00:00" }, { "name": "phpstan/phpstan-phpunit", From 86beeb82559c98558d2a97e92a431a6dc3851d6c Mon Sep 17 00:00:00 2001 From: Dylan T Date: Thu, 6 Jan 2022 17:11:03 +0000 Subject: [PATCH 12/12] readme: update badge links [ci skip] --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 402558916..4d376751c 100644 --- a/README.md +++ b/README.md @@ -4,13 +4,13 @@

- CI - GitHub release (latest SemVer) + CI + GitHub release (latest SemVer) Docker image version (latest semver) Discord
- GitHub all releases - GitHub release (latest by SemVer) + GitHub all releases + GitHub release (latest by SemVer)

## Getting started