Update bolt to 4.1.18

Author: bobdenotter

bin/post-create-project.php

@@ -0,0 +1,14 @@
+<?php
+
+if (!file_exists('.env')) {
+    copy('.env.dist', '.env');
+}
+
+if (file_exists('public/.gitignore')) {
+    unlink('public/.gitignore');
+}
+
+if (file_exists('README_project.md')) {
+    rename('README_project.md', 'README.md');
+}
+

composer.json

@@ -1,20 +1,21 @@
 {
+    "name": "bolt/project",
     "type": "project",
-    "license": "proprietary",
+    "description": "Bolt 4 standard project skeleton",
+    "license": "MIT",
     "require": {
-        "bobdenotter/weatherwidget": "^1.0",
-        "bolt/assets": "^4.0",
-        "bolt/core": "dev-master",
-        "bolt/newswidget": "^1.1",
-        "bolt/themes": "^3.1",
+        "bobdenotter/configuration-notices": "^1.0",
+        "bolt/assets": "^4.1",
+        "bolt/core": "^4.1",
+        "bolt/themes": "^3.3",
         "symfony/flex": "^1.6"
     },
     "autoload": {
         "psr-4": {
             "App\\": "src/"
         }
     },
-    "minimum-stability": "dev",
+    "minimum-stability": "stable",
     "prefer-stable": true,
     "scripts": {
         "auto-scripts": {
@@ -35,9 +36,6 @@
             "@auto-scripts",
             "php bin/console extensions:configure",
             "php bin/console bolt:info"
-        ],
-        "periodical-tasks": [
-            "security-checker security:check"
         ]
     },
     "extra": {

composer.lock

@@ -29,12 +29,9 @@ locale: en
 # settings, see: http://php.net/manual/en/timezones.php
 # timezone: UTC
 
-# Set maintenance mode on or off.
-#
-# The default for the Maintenance mode (503) page. Can be an (array of) template
-# names or identifiers for records, which will be tried until a match is found.
-maintenance_mode: false
-maintenance: [ blocks/503-maintenance-mode, 'helpers/page_503.html.twig' ]
+# Set the default time format used on this website. For a list of valid date
+# format settings, see: https://www.php.net/manual/en/function.date.php
+date_format: 'F j, Y H:i'
 
 # If your site is reachable under different urls (say, both blog.example.org/
 # as well as example.org/), its a good idea to set one of these as the
@@ -60,10 +57,29 @@ maintenance: [ blocks/503-maintenance-mode, 'helpers/page_503.html.twig' ]
 homepage: homepage/22
 homepage_template: index.twig
 
-# The default content for the 404 page. Can be an (array of) template names or
-# identifiers for records, which will be tried until a match is found.
+# The default content for the "Not Found" (404) page. Can be an (array of) template
+# names or identifiers for records, which will be tried until a match is found.
 notfound: [ blocks/404-not-found, 'helpers/page_404.html.twig' ]
 
+# Toggle maintenance mode on or off. Note: If you're logged in, you'll still see
+# the website as usual. Use an incognito window to see the "maintenance" page.
+maintenance_mode: false
+
+# The default for the "Maintenance mode" (503) page. Can be an (array of) template
+# names or identifiers for records, which will be tried until a match is found.
+maintenance: [ blocks/503-maintenance-mode, 'helpers/page_503.html.twig' ]
+
+# The default content for the "Forbidden" (403) page. Can be an (array of) template
+# names or identifiers for records, which will be tried until a match is found.
+forbidden: [ blocks/403-forbidden, 'helpers/page_403.html.twig' ]
+
+# The default content for the "Internal Server Error" (500) page. Can be an
+# (array of) template names or identifiers for records.
+# Note: Only used in `APP_ENV=prod` mode. You're advised to keep this as simple
+# as possible, because if an error occurs in this template, it can not be
+# handled, and you'll have a bad time debugging it!
+internal_server_error: [ 'helpers/page_500.html.twig' ]
+
 # The default template and amount of records to use for listing-pages on the
 # site.
 #
@@ -80,27 +96,22 @@ record_template: record.twig
 #
 # Can be overridden for each content type.
 #
-# Note 1: Sorting on TAXONOMY-pages will give unexpected results, if it has a
-#         pager.
-#         If you need sorting on those, make sure you display all the records on one
-#         page.
-#
-# Note 2: If you've changed the filename, and your changes do not show up on the
+# Note: If you've changed the filename, and your changes do not show up on the
 #         website, be sure to check for a config.yaml file in your themes
 #         folder. If a template is set there, it will override the setting here.
 listing_template: listing.twig
 listing_records: 6
 listing_sort: datepublish DESC
 
+# Allow filtering on listing pages using query parameters, much like you would
+# with {% setcontent %}. E.g. /pages?order=id and /pages?title--like=voluptat
+# Useful for search.
+query_search: true
+
 # Maximum amount of items to show in a `<select>` for picking a record. For
 # example in `type: select`.
 maximum_listing_select: 1000
 
-# Because of limitations on how the underlying database queries work, there are
-# only two options for sorting on taxonomies. ASC for roughly "oldest first"
-# and DESC for roughly newest first.
-taxonomy_sort: DESC
-
 # Template for showing the search results. If not defined, uses the settings for
 # listing_template and listing_records.
 #
@@ -114,6 +125,36 @@ search_results_records: 10
 # for each content type.
 records_per_page: 8
 
+# Default settings for thumbnails.
+#
+# quality:       Quality should be between 0 (horrible, small file) and 100 (best, huge file).
+# fit:           One of either none, crop (= crop-center), crop-top-left, crop-top, crop-top-right, crop-left, crop-right, crop-bottom-left, crop-bottom or crop-bottom-right.
+# allow_upscale: Determines whether small images will be enlarged to fit
+#                the requested dimensions.
+# save_files:    Save files in the thumbs/ folder, so subsequent requests will serve file directly. Great for performance
+#
+# Note: If you change these values, you might need to clear the cache before
+#       they show up.
+thumbnails:
+    default_thumbnail: [ 320, 240 ]
+    default_image: [ 1000, 750 ]
+    quality: 80
+    cropping: crop
+    save_files: true
+    allow_upscale: false
+
+# File permissions for read/write/execute to set on folders and files that are
+# created. The exact permissions you should be setting depends on the system
+# user that PHP (and/or your webserver) is running as, and the user who owns the
+# actual folders/files.
+#
+# - If they are the same user, use `0o755` for folders and `0o644` for files.
+# - If they're in the same group, use use `0o775` for folders and `0o664` for files.
+# - If you don't know, or you can't make it work otherwise, then use `0o777` for folders and `0o666` for files.
+filepermissions:
+    folders: 0o775
+    files: 0o664
+
 # Define the HTML tags and attributes that are allowed in cleaned HTML. This
 # is used for sanitizing HTML, to make sure there are no undesirable elements
 # left in the content that is shown to users. For example, tags like `<script>`
@@ -124,62 +165,26 @@ records_per_page: 8
 htmlcleaner:
     allowed_tags: [ div, span, p, br, hr, s, u, strong, em, i, b, li, ul, ol, mark, blockquote, pre, code, tt, h1, h2, h3, h4, h5, h6, dd, dl, dt, table, tbody, thead, tfoot, th, td, tr, a, img, address, abbr, iframe, caption, sub, super, figure, figcaption ]
     allowed_attributes: [ id, class, style, name, value, href, src, alt, title, width, height, frameborder, allowfullscreen, scrolling, target, colspan, rowspan ]
+    allowed_frame_targets: [ _blank, _self, _parent, _top ]
 
 # Define the file types (extensions to be exact) that are acceptable for upload
 # in either file fields or through the files screen.
-accept_file_types: [ twig, html, js, css, scss, gif, jpg, jpeg, png, ico, zip, tgz, txt, md, doc, docx, pdf, epub, xls, xlsx, ppt, pptx, mp3, ogg, wav, m4a, mp4, m4v, ogv, wmv, avi, webm, svg]
+accept_file_types: [ twig, html, js, css, scss, gif, jpg, jpeg, png, ico, zip, tgz, txt, md, doc, docx, pdf, epub, xls, xlsx, ppt, pptx, mp3, ogg, wav, m4a, mp4, m4v, ogv, wmv, avi, webm, svg, webp, avif]
 
 # Alternatively, if you wish to limit these, uncomment the following list
 # instead. It just includes file types / extensions that are harder to exploit.
-# accept_file_types: [ gif, jpg, jpeg, png, txt, md, pdf, epub, mp3, svg ]
+# accept_file_types: [ gif, jpg, jpeg, png, txt, md, pdf, epub, mp3 ]
 
-accept_media_types: [ gif, jpg, jpeg, png, svg, pdf, mp3, tiff ]
+accept_media_types: [ gif, jpg, jpeg, png, svg, pdf, mp3, tiff, avif, webp ]
 
-# If you want to brand the Bolt backend for a client, you can change some key
-# variables here, that determine the name of the backend, and adds a primary
-# support/contact link to the footer.  Add a scheme, like `mailto:` or
-# `https://` to the email or URL.
-#
-# Additionally you can change the mount point for the backend, either for
-# convenience or to obscure it from prying eyes.
-#
-# The Bolt backend is accessible as `/bolt/` by default. If you change it here,
-# it will only be accessible through the value set in path.
-# Keep the path simple: lowercase only, no extra slashes or other special
-# characters.
-# branding:
-#     name: SuperCMS
-#     path: /admin
-#     provided_by: [ [email protected], "Supercool Webdesign Co." ]
-
-# There are several options for giving editors more options to insert images,
-# video, etc in the WYSIWYG areas. But, as you give them more options, that
-# means they also have more ways of breaking the preciously designed layout.
-#
-# By default the most dangerous options are set to false. If you choose to
-# enable them for your editors, please instruct them thoroughly on their
-# responsibility not to break the layout.
-wysiwyg:
-    images: false            # Allow users to insert images in the content.
-    anchor: false            # Adds a button to create internal anchors to link to.
-    tables: false            # Adds a button to insert and modify tables in the content.
-    fontcolor: false         # Allow users to mess around with font coloring.
-    align: false             # Adds buttons for align left, align right, etc.
-    subsuper: false          # Adds buttons for subscript and superscript, using `<sub>` and `<sup>`.
-    embed: false             # Allows the user to insert embedded videos from Youtube, Vimeo, etc.
-    underline: false         # Adds a button to underline text, using the `<u>`-tag.
-    ruler: false             # Adds a button to add a horizontal ruler, using the `<hr>`-tag.
-    strike: false            # Adds a button to add stikethrough, using the `<s>`-tag.
-    blockquote: false        # Allows the user to insert blockquotes using the `<blockquote>`-tag.
-    codesnippet: false       # Allows the user to insert code snippets using `<pre><code>`-tags.
-    specialchar: false       # Adds a button to insert special chars like € or ™.
-    clipboard: false         # Adds buttons to undo and redo.
-    copypaste: false         # Adds buttons to cut, copy and paste.
-    ck:
-        autoParagraph: true  # If set to true, any pasted content is wrapped in `<p>`-tags for multiple line-breaks
-        disableNativeSpellChecker: true # If set to true it will stop browsers from underlining spelling mistakes
-        allowNbsp: false     # If set to false, the editor will strip out `&nbsp;` characters. If set to true, it will allow them. ¯\_(ツ)_/¯
-
-# Enforcing the use of SSL. If set, all pages will enforce an SSL connection,
-# and redirect to HTTPS if you attempt to visit plain HTTP pages.
-# enforce_ssl: true
+# Set the maximum upload size. Note, this can never exceed the settings for
+#`post_max_size` and `upload_max_filesize` in `php.ini`.
+accept_upload_size: 8M
+
+# Default location for uploading files.
+upload_location: "{contenttype}/{year}/{month}/"
+
+# Options to use with curl requests.
+# For all options, check the official curl documentation here https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
+curl_options:
+    verify_peer: true

config/bolt/config.yaml

@@ -8,13 +8,15 @@ tags:
     postfix: "Add some freeform tags. Start a new tag by typing a comma or space."
     allow_spaces: false
     #listing_template: tag-listing.twig #custom template
+    required: false
 
 groups:
     slug: groups
     singular_slug: group
     behaves_like: grouping
     options: { main: "The main group", meta: "Meta group", other: "The other stuff" }
     has_sortorder: true
+    required: false
 
 categories:
     name: Categories
@@ -24,3 +26,4 @@ categories:
     behaves_like: categories
     multiple: true
     options: [ news, events, movies, music, books, life, love, fun ]
+    required: false

config/bolt/taxonomy.yaml

@@ -20,7 +20,7 @@ doctrine:
 
     orm:
         auto_generate_proxy_classes: '%kernel.debug%'
-        naming_strategy: doctrine.orm.naming_strategy.underscore
+        naming_strategy: doctrine.orm.naming_strategy.underscore_number_aware
         auto_mapping: true
         mappings:
             App:
@@ -38,7 +38,8 @@ doctrine:
         dql:
             string_functions:
                 JSON_EXTRACT: Bolt\Doctrine\Functions\JsonExtract
-                CAST: DoctrineExtensions\Query\Mysql\Cast
+                JSON_GET_TEXT: Scienta\DoctrineJsonFunctions\Query\AST\Functions\Postgresql\JsonGetText
+                CAST: Bolt\Doctrine\Query\Cast
             numeric_functions:
                 RAND: Bolt\Doctrine\Functions\Rand
 

config/packages/dev/security_checker.yaml

@@ -7,7 +7,13 @@ twig:
     paths:
         # Since the name of the theme folder is dynamic, we shouldn't set it here, but dynamically
         # See TwigAwareController::setTwigLoader()
-        # '%kernel.project_dir%/public/theme/%bolt.theme%': ''
+        
+        # The following line is commented out by default (for now), because enabling it
+        # breaks the installation process: It breaks because `base-2021` isn't copied yet, 
+        # and the command to copy `base-2021` breaks, because the folder doesn't exist yet.
+        # @see: https://github.com/bolt/project/pull/37
+        # '%kernel.project_dir%/public/theme/%bolt.theme%': 'theme'
+        
         '%kernel.project_dir%/vendor/bolt/core/templates/': 'bolt'
     default_path: '%kernel.project_dir%/vendor/bolt/core/templates'
     globals:

config/packages/doctrine.yaml

@@ -61,6 +61,10 @@ services:
         tags:
             - { name: doctrine.event_listener, event: loadClassMetadata }
 
+    Bolt\Event\Listener\TaxonomyFillListener:
+        tags:
+            - { name: doctrine.event_listener, event: postLoad }
+
     Bolt\Extension\RoutesLoader:
         tags: [routing.loader]
 

config/packages/twig.yaml

@@ -7,9 +7,6 @@ services:
     App\:
         resource: '../src/*'
         exclude: '../src/{Entity,Exception}'
-    BobdenOtter\WeatherWidget\:
-        resource: '../vendor/bobdenotter/weatherwidget/src/*'
-        exclude: '../vendor/bobdenotter/weatherwidget/src/{Entity,Exception}'
-    Bolt\NewsWidget\:
-        resource: '../vendor/bolt/newswidget/src/*'
-        exclude: '../vendor/bolt/newswidget/src/{Entity,Exception}'
+    BobdenOtter\ConfigurationNotices\:
+        resource: '../vendor/bobdenotter/configuration-notices/src/*'
+        exclude: '../vendor/bobdenotter/configuration-notices/src/{Entity,Exception}'