View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 5766 | Composr | core | public | 2024-05-17 14:46 | 2024-11-12 03:21 |
| Reporter | PDStig | Assigned To | PDStig | ||
| Priority | high | Severity | minor | ||
| Status | resolved | Resolution | fixed | ||
| Product Version | 11.beta4 | ||||
| Summary | 5766: Many missing addon guards | ||||
| Description | There are many missing addon guards in v11 which cause critical errors and broken installs / upgrades when said addons do not exist. Improve the unit test for this by checking for instances of require_code / require_lang and ensuring they are within an addon guard. Perhaps do the same with function signatures. Go through the code and fix accordingly. | ||||
| Tags | Roadmap: v11 | ||||
| Attach Tags | |||||
| Attached Files | |||||
| Time estimation (hours) | |||||
| Sponsorship open | |||||
|
|
Automated message: This issue was created using the Report Issue Wizard on the Composr homesite. |
|
|
This may have a greater time than benefit ratio and not worth considering. |
|
|
I don't know about the stated resolution, but if there are a lot of issues we need to find/fix them somehow. |
|
|
This needs to be considered for get_option and $GET_OPTION as well. |
|
|
Automated response: Many missing addon guards This hotfix adds guards for addons based on get_option . There is no guarantee we got all of them. The addon_guards test has been modified to pick up on get_option (and ignore ones whose second parameter (missing_ok) is true). We still need to account for templates sometime. Also, the test should ideally be modified to be more concise... scan by function instead of by entire file (e.g. if one addon_installed check is detected, it determines the entire file as good even if the guard may actually be needed in another function). |
|
|
Fixed in Git commit 378fefda89 (https://gitlab.com/composr-foundation/composr/commit/378fefda89 - link will become active once code pushed to GitLab) |
|
|
A hotfix (a TAR of files to upload) has been uploaded to this issue. Only apply this hotfix if you absolutely need it and cannot wait until the next release of Composr (releases are more reliable and strictly tested). As of Composr version 11, the recommended way to apply a hotfix is by following the same steps as an upgrade (https://baseurl/upgrader.php, use the hotfix on the step “Transfer across new/updated files”). The upgrader will automatically skip files belonging to addons you do not have installed or that are newer on disk than in the hotfix. Otherwise, you can manually extract and replace these files (do not replace if your on-disk file is newer than the one in the hotfix). Always take backups of your site or at least files you are replacing before applying a hotfix. Not sure how to extract TAR files to your Windows computer? Try 7-zip (http://www.7-zip.org/). |
|
|
This addon_guards test has been made much more smart. While it is not perfect, it did catch many missing guards. Therefore, beta5 should be much more stable handling conditions where some addons are not installed. The modifications to addon_guards include the following: - Primarily, it now uses the phpdoc.php API function to parse code based on class and function. That way, we can check for guards by function and not by entire file. - The test is much more smart with smart exceptions to define cases where a class might define its guards in a specific function to be applied to all functions in the class (assumed). For example, info. - The test checks for, and fails on, use of !addon_installed when we should use !addon_installed__messaged. - The test checks for, and fails on, use of positive assertions for cohesion (instead, for stability, we should be using negative assertions towards the top of a function with a return). - When checking implicit code calls, the test keeps track of which addon guards are active by tokenising the code and storing the active guards in an array "stack", popping out as we close out of code blocks. Additionally, this check assumes negative assertions will always return, therefore it treats it as a positive assertion on the parent code block (e.g. one level up in the stack). Many, many fixes were implemented thanks to the changes to this test and what it detected. Again, not perfect, and the test cannot handle $missing_okay on get_option yet (nor does it check templates). But it's a big step forward. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-06-07 03:00 | PDStig | Note Added: 0008813 | |
| 2024-07-25 22:28 | Chris Graham | Tag Attached: Roadmap: v11 | |
| 2024-07-25 22:28 | Chris Graham | Note Added: 0008959 | |
| 2024-09-13 03:20 | PDStig | Tag Detached: Roadmap: v11 | |
| 2024-09-13 03:20 | PDStig | Tag Attached: Roadmap: Over the horizon | |
| 2024-10-18 01:24 | PDStig | Note Added: 0009513 | |
| 2024-10-18 01:25 | PDStig | Note Edited: 0009513 | |
| 2024-10-18 02:44 | PDStig | Status | Resolved => Assigned |
| 2024-11-12 03:13 | PDStig | Tag Attached: Roadmap: v11 | |
| 2024-11-12 03:13 | PDStig | Tag Detached: Roadmap: Over the horizon | |
| 2024-11-12 03:21 | PDStig | Status | Assigned => Resolved |
| 2024-11-12 03:21 | PDStig | Note Added: 0009558 |
