Resolve Dependabot Alerts

.circleci/config.yml

@@ -7,7 +7,7 @@ version: 2.1
 executors:
   rocky8: &rocky8-executor
     docker:
-      - image: tools-ext-01.ccr.xdmod.org/xdmod-10.5.0-x86_64:rockylinux8.5-0.3
+      - image: tools-ext-01.ccr.xdmod.org/xdmod:x86_64-rockylinux8.9.20231119-v11.0.0-1.0-03
 jobs:
   build:
     parameters:
@@ -85,7 +85,15 @@ jobs:
       - run: ./tests/integration/runtests.sh --junit-output-dir ~/phpunit
       - run: ./tests/regression/post_ingest_test.sh --junit-output-dir ~/phpunit
       - run: ./tests/component/runtests.sh --junit-output-dir ~/phpunit
-      - run: pushd $HOME && rm -f chromedriver_linux64.zip && wget https://chromedriver.storage.googleapis.com/106.0.5249.61/chromedriver_linux64.zip && popd
+      - run:
+          name: 'Install Chromium 99'
+          command: |
+            pushd $HOME && \
+            rm -rf chrome-linux && \
+            wget -O chrome-linux.zip "https://www.googleapis.com/download/storage/v1/b/chromium-browser-snapshots/o/Linux_x64%2F961656%2Fchrome-linux.zip?generation=1642723767466615&alt=media" && \
+            unzip chrome-linux.zip && \
+            ln -s /root/chrome-linux/chrome /usr/local/bin/google-chrome && \
+            popd
       - run:
           name: 'Bodge the nodejs version to run an older one for the webdriver tests'
           command: |

classes/DataWarehouse/Access/ReportGenerator.php

@@ -10,7 +10,7 @@ class ReportGenerator extends Common
     const REPORT_DATE_REGEX =  '/^[0-9]{4}(-[0-9]{2}){2}$/';
     const REPORT_FORMATS_REGEX = '/^doc|pdf$/';
     const REPORT_SCHEDULE_REGEX = '/^Once|Daily|Weekly|Monthly|Quarterly|Semi-annually|Annually$/';
-    const REPORT_DELIVERY_REGEX = '/^E-Mail$/';
+    const REPORT_DELIVERY_REGEX = '/^E-mail$/';
 
     /* Patterns related to report charts */
     const REPORT_CHART_TYPE_REGEX = '/^chart_pool|volatile|report|cached$/';

classes/OpenXdmod/Migration/Version1100To1150/ConfigFilesMigration.php

@@ -0,0 +1,22 @@
+<?php
+/**
+ * Update config files from version 11.0.0 to 11.5.0
+ */
+
+namespace OpenXdmod\Migration\Version1100To1150;
+
+use OpenXdmod\Migration\ConfigFilesMigration as AbstractConfigFilesMigration;
+
+class ConfigFilesMigration extends AbstractConfigFilesMigration
+{
+    /**
+     * Update portal_settings.ini with the new version number.
+     */
+    public function execute()
+    {
+        $this->assertPortalSettingsIsWritable();
+        $this->assertModulePortalSettingsAreWritable();
+        $this->writePortalSettingsFile();
+        $this->writeModulePortalSettingsFiles();
+    }
+}

classes/OpenXdmod/Setup/AdminUserSetup.php

@@ -40,7 +40,7 @@ public function handle()
                 $lastName,
                 array(ROLE_ID_MANAGER, ROLE_ID_USER),
                 ROLE_ID_MANAGER,
-                null,
+                -1,
                 -1
             );
 

classes/Rest/Controllers/BaseControllerProvider.php

@@ -8,7 +8,7 @@
 use Rest\Utilities\Authorization;
 use Silex\Application;
 use Silex\ControllerCollection;
-use Silex\ControllerProviderInterface;
+use Silex\Api\ControllerProviderInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\ResponseHeaderBag;

classes/Rest/XdmodApplicationFactory.php

@@ -7,7 +7,6 @@
 use Rest\Controllers\BaseControllerProvider;
 use Rest\Utilities\Authentication;
 use Silex\Application;
-use Silex\Provider\UrlGeneratorServiceProvider;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 
@@ -64,7 +63,7 @@ public static function getInstance()
         $app['debug'] = filter_var(\xd_utilities\getConfiguration('general', 'debug_mode'), FILTER_VALIDATE_BOOLEAN);
 
         // REGISTER: a URL Generator.
-        $app->register(new UrlGeneratorServiceProvider());
+        $app->register(new \Silex\Provider\RoutingServiceProvider());
 
         // SET: the regex that will be used to filter the API_SYMBOL in a route.
         //      in this case we're using it as our base url.
@@ -74,14 +73,14 @@ public static function getInstance()
         // representing the latest version.
         $app['controllers']->value(self::API_SYMBOL, 'latest');
 
-        $app['logger.db'] = $app->share(function () {
+        $app['logger.db'] = function () {
             return \CCR\Log::factory('rest.logger.db', array(
                 'console' => false,
                 'file' => false,
                 'mail' => false,
                 'dbLogLevel' => \CCR\Log::INFO
             ));
-        });
+        };
 
         $app->before(function (Request $request, Application $app) {
             $request->attributes->set('timing.start', microtime(true));
@@ -226,7 +225,7 @@ public static function getInstance()
         }
 
         // SETUP: error handler
-        $app->error(function (\Exception $e, $code) use ($app) {
+        $app->error(function (\Exception $e, Request $request, $code) {
             if($code == 405 && strtoupper($_SERVER['REQUEST_METHOD']) === 'OPTIONS' && array_key_exists('HTTP_ORIGIN', $_SERVER)){
                 try {
                     $corsDomains = \xd_utilities\getConfiguration('cors', 'domains');

classes/XDUser.php

@@ -832,9 +832,9 @@ public function getUpdateQuery($updateToken = false, $includePassword = false)
     {
         $result = 'UPDATE moddb.Users SET username = :username,  email_address = :email_address, first_name = :first_name, middle_name = :middle_name, last_name = :last_name, account_is_active = :account_is_active, person_id = :person_id, organization_id = :organization_id, field_of_science = :field_of_science, user_type = :user_type, sticky = :sticky WHERE id = :id';
         if ($updateToken && $includePassword) {
-            $result = 'UPDATE moddb.Users SET username = :username, password = :password, email_address = :email_address, first_name = :first_name, middle_name = :middle_name, last_name = :last_name, account_is_active = :account_is_active, person_id = :person_id, organization_id = :organization_id, field_of_science = :field_of_science, token = :token, user_type = :user_type, password_last_updated = :password_last_updated, sticky = :sticky WHERE id = :id';
+            $result = 'UPDATE moddb.Users SET username = :username, password = :password, email_address = :email_address, first_name = :first_name, middle_name = :middle_name, last_name = :last_name, account_is_active = :account_is_active, person_id = :person_id, organization_id = :organization_id, field_of_science = :field_of_science, token = :token, user_type = :user_type, password_last_updated = NOW(), sticky = :sticky WHERE id = :id';
         } else if (!$updateToken && $includePassword) {
-            $result = 'UPDATE moddb.Users SET username = :username, password = :password, email_address = :email_address, first_name = :first_name, middle_name = :middle_name, last_name = :last_name, account_is_active = :account_is_active, person_id = :person_id, organization_id = :organization_id, field_of_science = :field_of_science, user_type = :user_type, password_last_updated = :password_last_updated, sticky = :sticky WHERE id = :id';
+            $result = 'UPDATE moddb.Users SET username = :username, password = :password, email_address = :email_address, first_name = :first_name, middle_name = :middle_name, last_name = :last_name, account_is_active = :account_is_active, person_id = :person_id, organization_id = :organization_id, field_of_science = :field_of_science, user_type = :user_type, password_last_updated = NOW(), sticky = :sticky WHERE id = :id';
         } else if ($updateToken && !$includePassword) {
             $result = 'UPDATE moddb.Users SET username = :usernam, email_address = :email_address, first_name = :first_name, middle_name = :middle_name, last_name = :last_name, account_is_active = :account_is_active, person_id = :person_id, organization_id = :organization_id, field_of_science = :field_of_science, token = :token, user_type = :user_type, sticky = :sticky WHERE id = :id';
         }
@@ -857,9 +857,9 @@ public function getInsertQuery($updateToken = false, $includePassword = false)
     {
         $result = 'INSERT INTO moddb.Users (username, email_address, first_name, middle_name, last_name, account_is_active, person_id, organization_id, field_of_science, user_type, sticky) VALUES (:username, :email_address, :first_name, :middle_name, :last_name, :account_is_active, :person_id, :organization_id, :field_of_science, :user_type, :sticky)';
         if ($updateToken && $includePassword) {
-            $result = 'INSERT INTO moddb.Users (username, password, password_last_updated, email_address, first_name, middle_name, last_name, account_is_active, person_id, organization_id, field_of_science, token, user_type, sticky) VALUES (:username, :password, :password_last_updated, :email_address, :first_name, :middle_name, :last_name, :account_is_active, :person_id, :organization_id, :field_of_science, :token, :user_type, :sticky)';
+            $result = 'INSERT INTO moddb.Users (username, password, password_last_updated, email_address, first_name, middle_name, last_name, account_is_active, person_id, organization_id, field_of_science, token, user_type, sticky) VALUES (:username, :password, NOW(), :email_address, :first_name, :middle_name, :last_name, :account_is_active, :person_id, :organization_id, :field_of_science, :token, :user_type, :sticky)';
         } else if (!$updateToken && $includePassword) {
-            $result = 'INSERT INTO moddb.Users (username, password, password_last_updated,  email_address, first_name, middle_name, last_name, account_is_active, person_id, organization_id, field_of_science, user_type, sticky) VALUES (:username, :password, :password_last_updated, :email_address, :first_name, :middle_name, :last_name, :account_is_active, :person_id, :organization_id, :field_of_science, :user_type, :sticky)';
+            $result = 'INSERT INTO moddb.Users (username, password, password_last_updated,  email_address, first_name, middle_name, last_name, account_is_active, person_id, organization_id, field_of_science, user_type, sticky) VALUES (:username, :password, NOW(), :email_address, :first_name, :middle_name, :last_name, :account_is_active, :person_id, :organization_id, :field_of_science, :user_type, :sticky)';
         } else if ($updateToken && !$includePassword) {
             $result = 'INSERT INTO moddb.Users (username, email_address, first_name, middle_name, last_name, account_is_active, person_id, organization_id, field_of_science, token, user_type, sticky) VALUES (:username, :email_address, :first_name, :middle_name, :last_name, :account_is_active, :person_id, :organization_id, :field_of_science, :token, :user_type, :sticky)';
         }
@@ -963,7 +963,6 @@ public function saveUser()
                 $this->_password = password_hash($this->_password, PASSWORD_DEFAULT);
                 $update_data['password'] = $this->_password;
             }
-            $update_data['password_last_updated'] = 'NOW()';
         }
         $update_data['email_address'] = ($this->_email);
         $update_data['first_name'] = ($this->_firstName);

composer.json

@@ -16,7 +16,7 @@
         "phpmailer/phpmailer": "~6.9",
         "robrichards/xmlseclibs": "~3.0",
         "sencha/extjs-gpl": "3.4.*",
-        "silex/silex": "~1.2",
+        "silex/silex": "v2.3.0",
         "simplesamlphp/simplesamlphp": "^1.16",
         "symfony/polyfill-php56": "~1.11",
         "symfony/process": "~2.0",
@@ -30,7 +30,7 @@
         "kassner/log-parser": "~1.5",
         "geoip2/geoip2": "~2.0",
         "ua-parser/uap-php": "^3.9",
-        "mongodb/mongodb": "^1.14"
+        "mongodb/mongodb": "^1.19.0"
     },
     "require-dev": {
         "phpunit/phpunit": "^9.0",