From 6abe5bf0089cd5cbc9891115b80b9ab67f095b9e Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Thu, 25 Jul 2024 10:04:56 +0200
Subject: [PATCH 1/5] Fix #20232: Fix regression introduced in
 `GHSA-cjcc-p67m-7qxm` while attaching behavior defined by `__class` array key

---
 framework/CHANGELOG.md                 | 3 +--
 framework/base/Component.php           | 2 +-
 tests/framework/base/ComponentTest.php | 3 +++
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/framework/CHANGELOG.md b/framework/CHANGELOG.md
index 96f41456dcc..0185dbb7835 100644
--- a/framework/CHANGELOG.md
+++ b/framework/CHANGELOG.md
@@ -4,8 +4,7 @@ Yii Framework 2 Change Log
 2.0.52 under development
 ------------------------
 
-- no changes in this release.
-
+- Bug #20232: Fix regression introduced in `GHSA-cjcc-p67m-7qxm` while attaching behavior defined by `__class` array key (erickskrauch)
 
 2.0.51 July 18, 2024
 --------------------
diff --git a/framework/base/Component.php b/framework/base/Component.php
index 2ad62f3259a..7cee3b0720d 100644
--- a/framework/base/Component.php
+++ b/framework/base/Component.php
@@ -190,7 +190,7 @@ public function __set($name, $value)
             $name = trim(substr($name, 3));
             if ($value instanceof Behavior) {
                 $this->attachBehavior($name, $value);
-            } elseif (isset($value['class']) && is_subclass_of($value['class'], Behavior::class, true)) {
+            } elseif ((isset($value['class']) && is_subclass_of($value['class'], Behavior::class)) || (isset($value['__class']) && is_subclass_of($value['__class'], Behavior::class))) {
                 $this->attachBehavior($name, Yii::createObject($value));
             } elseif (is_string($value) && is_subclass_of($value, Behavior::class, true)) {
                 $this->attachBehavior($name, Yii::createObject($value));
diff --git a/tests/framework/base/ComponentTest.php b/tests/framework/base/ComponentTest.php
index f01d21476f3..dca3c37bd91 100644
--- a/tests/framework/base/ComponentTest.php
+++ b/tests/framework/base/ComponentTest.php
@@ -341,6 +341,9 @@ public function testAttachBehavior()
         $this->assertTrue($component->hasProperty('p'));
         $component->test();
         $this->assertTrue($component->behaviorCalled);
+
+        $component->{'as c'} = ['__class' => NewBehavior::class];
+        $this->assertNotNull($component->getBehavior('c'));
     }
 
     public function testAttachBehaviors()

From 65a5e5210f03bf1d785f3e3a46982649bb55599b Mon Sep 17 00:00:00 2001
From: Alexandr Zeidlits <alexandros96@yandex.ru>
Date: Fri, 26 Jul 2024 22:05:44 +0600
Subject: [PATCH 2/5] Typo fix (#20236)

---
 docs/guide-ru/db-active-record.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/guide-ru/db-active-record.md b/docs/guide-ru/db-active-record.md
index 33479f3bce5..348dde0305b 100644
--- a/docs/guide-ru/db-active-record.md
+++ b/docs/guide-ru/db-active-record.md
@@ -537,7 +537,7 @@ $customer->loadDefaultValues();
 Можно также использовать условия для столбцов JSON:
 
 ```php
-$query->andWhere(['=', 'json', new ArrayExpression(['foo' => 'bar'])
+$query->andWhere(['=', 'json', new ArrayExpression(['foo' => 'bar'])])
 ```
 Дополнительные сведения о системе построения выражений см. [Query Builder – добавление пользовательских условий и выражений](db-query-builder.md#adding-custom-conditions-and-expressions)
 

From 0d0f77529afa85563145a9766a0a8915933c0a32 Mon Sep 17 00:00:00 2001
From: Bizley <pawel.bizley@gmail.com>
Date: Fri, 26 Jul 2024 18:06:32 +0200
Subject: [PATCH 3/5] Fix #20231: Fix regression introduced in #20167 in
 `yii\validators\FileValidator`

---
 framework/CHANGELOG.md                           |  1 +
 framework/validators/FileValidator.php           |  2 +-
 tests/framework/validators/FileValidatorTest.php | 16 ++++++++++------
 3 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/framework/CHANGELOG.md b/framework/CHANGELOG.md
index 0185dbb7835..c100209e75a 100644
--- a/framework/CHANGELOG.md
+++ b/framework/CHANGELOG.md
@@ -5,6 +5,7 @@ Yii Framework 2 Change Log
 ------------------------
 
 - Bug #20232: Fix regression introduced in `GHSA-cjcc-p67m-7qxm` while attaching behavior defined by `__class` array key (erickskrauch)
+- Bug #20231: Fix regression introduced in #20167 in `yii\validators\FileValidator` (bizley)
 
 2.0.51 July 18, 2024
 --------------------
diff --git a/framework/validators/FileValidator.php b/framework/validators/FileValidator.php
index 758c8242e2e..28a2df0fa32 100644
--- a/framework/validators/FileValidator.php
+++ b/framework/validators/FileValidator.php
@@ -209,7 +209,7 @@ public function validateAttribute($model, $attribute)
     {
         $files = $this->filterFiles(is_array($model->$attribute) ? $model->$attribute : [$model->$attribute]);
         $filesCount = count($files);
-        if ($filesCount === 0 && $this->minFiles > 0) {
+        if ($filesCount === 0) {
             $this->addError($model, $attribute, $this->uploadRequired);
 
             return;
diff --git a/tests/framework/validators/FileValidatorTest.php b/tests/framework/validators/FileValidatorTest.php
index 0b42b54967e..9e05edf4d23 100644
--- a/tests/framework/validators/FileValidatorTest.php
+++ b/tests/framework/validators/FileValidatorTest.php
@@ -115,10 +115,11 @@ public function testValidateAttributeMultiple()
         ]);
         $m = FakedValidationModel::createWithAttributes(['attr_files' => 'path']);
         $val->validateAttribute($m, 'attr_files');
-        $this->assertFalse($m->hasErrors('attr_files'));
+        $this->assertTrue($m->hasErrors('attr_files'));
         $m = FakedValidationModel::createWithAttributes(['attr_files' => []]);
         $val->validateAttribute($m, 'attr_files');
-        $this->assertFalse($m->hasErrors('attr_files'));
+        $this->assertTrue($m->hasErrors('attr_files'));
+        $this->assertSame($val->uploadRequired, current($m->getErrors('attr_files')));
 
         $m = FakedValidationModel::createWithAttributes(
             [
@@ -334,7 +335,7 @@ public function testValidateArrayAttributeWithMinMaxOneAndOneFile()
                     'type' => 'image/png',
                 ],
             ]
-        )[0];
+        )[0]; // <-- only one file
         $model = FakedValidationModel::createWithAttributes(['attr_images' => [$files]]);
 
         $validator->validateAttribute($model, 'attr_images');
@@ -422,7 +423,8 @@ public function testValidateAttribute()
         $val->validateAttribute($m, 'attr_files');
         $this->assertFalse($m->hasErrors());
         $val->validateAttribute($m, 'attr_files_empty');
-        $this->assertFalse($m->hasErrors('attr_files_empty'));
+        $this->assertTrue($m->hasErrors('attr_files_empty'));
+        $this->assertSame($val->uploadRequired, current($m->getErrors('attr_files_empty')));
 
         // single File with skipOnEmpty = false
         $val = new FileValidator(['skipOnEmpty' => false]);
@@ -430,7 +432,8 @@ public function testValidateAttribute()
         $val->validateAttribute($m, 'attr_files');
         $this->assertFalse($m->hasErrors());
         $val->validateAttribute($m, 'attr_files_empty');
-        $this->assertFalse($m->hasErrors('attr_files_empty'));
+        $this->assertTrue($m->hasErrors('attr_files_empty'));
+        $this->assertSame($val->uploadRequired, current($m->getErrors('attr_files_empty')));
         $m = $this->createModelForAttributeTest();
 
         // too big
@@ -689,7 +692,8 @@ public function testValidateMimeTypeCaseInsensitive($mask, $fileMimeType, $expec
         $this->assertEquals($expected, $validator->validate($file), sprintf('Mime type validate fail: "%s" / "%s"', $mask, $fileMimeType));
     }
 
-    public function mimeTypeCaseInsensitive() {
+    public function mimeTypeCaseInsensitive()
+    {
         return [
             ['Image/*', 'image/jp2', true],
             ['image/*', 'Image/jp2', true],

From 9fc8a2d37d600fed8229c8a7833d9aaff8c0b13e Mon Sep 17 00:00:00 2001
From: Nobuo Kihara <softark@gmail.com>
Date: Sun, 28 Jul 2024 16:18:36 +0900
Subject: [PATCH 4/5] japanese doc translation updated (#20237)

---
 docs/guide-ja/db-active-record.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/docs/guide-ja/db-active-record.md b/docs/guide-ja/db-active-record.md
index 2d149e531d8..6d3ff6cd935 100644
--- a/docs/guide-ja/db-active-record.md
+++ b/docs/guide-ja/db-active-record.md
@@ -650,6 +650,16 @@ Customer::deleteAll(['status' => Customer::STATUS_INACTIVE]);
 > - [[yii\db\ActiveRecord::updateCounters()]] 
 > - [[yii\db\ActiveRecord::updateAllCounters()]] 
 
+> Note: パフォーマンスを考慮して、DI(依存注入) はデフォルトではサポートされていません。必要であれば、
+> [[Yii::createObject()]] によってクラスのインスタンス生成をするように [[yii\db\ActiveRecord::instantiate()|instantiate()]] メソッドをオーバーライドして、サポートを追加することが出来ます。
+> 
+> ```php
+> public static function instantiate($row)
+> {
+>     return Yii::createObject(static::class);
+> }
+> ```
+
 ### データをリフレッシュする際のライフサイクル <span id="refreshing-data-life-cycle"></span>
 
 [[yii\db\ActiveRecord::refresh()|refresh()]] を呼んでアクティブ・レコード・インスタンスをリフレッシュする際は、リフレッシュが成功してメソッドが `true` を返すと

From 34d2396920a34534fb19cc342b5f4fe863c6e3ac Mon Sep 17 00:00:00 2001
From: Wilmer Arambula <42547589+terabytesoftw@users.noreply.github.com>
Date: Mon, 5 Aug 2024 15:55:45 -0400
Subject: [PATCH 5/5] Update PHP and MSSQL versions in CI workflow. (#20240)

---
 .github/workflows/ci-mssql.yml | 36 +++++++++++++++++++++-------------
 1 file changed, 22 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/ci-mssql.yml b/.github/workflows/ci-mssql.yml
index 169d5a4b9d9..08ce49057bb 100644
--- a/.github/workflows/ci-mssql.yml
+++ b/.github/workflows/ci-mssql.yml
@@ -10,7 +10,7 @@ concurrency:
 
 jobs:
   tests:
-    name: PHP ${{ matrix.php }}-mssql-${{ matrix.mssql }}
+    name: PHP ${{ matrix.php }}-mssql-${{ matrix.mssql.version }}
 
     env:
       EXTENSIONS: pdo, pdo_sqlsrv
@@ -21,37 +21,45 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
+        php:
+          - 7.4
+          - 8.0
+          - 8.1
+          - 8.2
+          - 8.3
+          - 8.4
+
+        mssql:
+          - version: server:2022-latest
+            mssql-tool: /opt/mssql-tools18/bin/sqlcmd -C
+
         include:
           - php: 7.4
-            mssql: server:2017-latest
+            mssql:
+              version: server:2017-latest
+              mssql-tool: /opt/mssql-tools/bin/sqlcmd
           - php: 8.0
-            mssql: server:2019-latest
-          - php: 8.1
-            mssql: server:2019-latest
-          - php: 8.2
-            mssql: server:2022-latest
-          - php: 8.3
-            mssql: server:2022-latest
-          - php: 8.4
-            mssql: server:2022-latest
+            mssql:
+              version: server:2019-latest
+              mssql-tool: /opt/mssql-tools18/bin/sqlcmd -C
 
     services:
       mssql:
-          image: mcr.microsoft.com/mssql/${{ matrix.mssql }}
+          image: mcr.microsoft.com/mssql/${{ matrix.mssql.version }}
           env:
               SA_PASSWORD: YourStrong!Passw0rd
               ACCEPT_EULA: Y
               MSSQL_PID: Developer
           ports:
               - 1433:1433
-          options: --name=mssql --health-cmd="/opt/mssql-tools/bin/sqlcmd -S localhost -U SA -P 'YourStrong!Passw0rd' -Q 'SELECT 1'" --health-interval=10s --health-timeout=5s --health-retries=3
+          options: --name=mssql --health-cmd="${{ matrix.mssql.mssql-tool }} -S localhost -U SA -P 'YourStrong!Passw0rd' -Q 'SELECT 1'" --health-interval=10s --health-timeout=5s --health-retries=3
 
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
       - name: Create MS SQL Database
-        run: docker exec -i mssql /opt/mssql-tools/bin/sqlcmd -S localhost -U SA -P 'YourStrong!Passw0rd' -Q 'CREATE DATABASE yiitest'
+        run: docker exec -i mssql ${{ matrix.mssql.mssql-tool }} -S localhost -U SA -P 'YourStrong!Passw0rd' -Q 'CREATE DATABASE yiitest'
 
       - name: Install PHP with extensions
         uses: shivammathur/setup-php@v2