Document templates Laravel package is intended for creating/managing user editable document template

Overview

Document Templates

Build Status Latest Version on Packagist Total Downloads GitHub

Introduction

Document templates Laravel package is intended for creating/managing user editable document templates, with ability to add placeholders, and fill them from various data sources (models, collections, arrays, objects). The package uses Twig as a main template engine, but it is possible to extend it with other template engines. Document templates can be used as a base for creating editable pdf documents such as invoices, reports etc., for email templates or any other editable, server generated documents. The user editable parts of the document template are secured using Twig Sandbox Extension. The sandbox behaviour can be configured in the config file. This package is part of the Business Workflow Framework. For a quick introduction on how to use the package please see this blog post.

Template editor Rendered template Edit and render

Getting started

Requirements

  • Laravel 5.7 or newer
  • Php 7.1

Installation

Install with composer

composer require 42coders/document-templates 

Publish the migrations, views, vue components and config:

php artisan vendor:publish --provider="BWF\DocumentTemplates\DocumentTemplatesServiceProvider"

There are separate publish groups if you don't need all the vendor files in your application. To publish only one group use the following command

php artisan vendor:publish --provider="BWF\DocumentTemplates\DocumentTemplatesServiceProvider --tag=group_name".

The following file groups are available for publishing:

  • migrations publishes the migration files to the database directory
  • views publishes the views for the basic administration of the document templates to the resources/views/vendor/document-templates
  • components publishes the views for the basic administration of the document templates to the resources/js/vendor/document-templates/components
  • config publishes the configuration file to the config directory
  • ckeditor publishes the ckeditor and the placeholders plugin for the ckeditor into the public/vendor/document-templates/js/lib/ckeditor and resources/js/vendor/document-templates/js/ckeditor respectively
  • js publishes the javascript for easier initialization of the administration gui

DANGER ZONE If you already published the files and want to overwrite them use the: --force argument. This command overwrites your changes in the published files, use it carefully.

Run the migration

php artisan migrate

Add the routes from the package to your routes file:

\BWF\DocumentTemplates\DocumentTemplates::routes(YourExtendedDocumentTemplatesController::class);

The routes function accepts 1 argument:

  1. Controller class name to use with the routes

Basics

DocumentTemplate

This trait is responsible for reading the layout files, handling the datasources and rendering the document with data. Can be applied to any class with the convention that the class has only optional parameters in the constructor. These classes represent the document types, create separate classes for Invoices, Letters, Registration Emails etc.

DocumentTemplateModel

The model responsible to store the document templates, the default table is: document_templates.

EditableTemplate

Editable template is the dynamic part in the layout that the user can modify.

Layout

The layouts are twig template files created by the developer, they can be used by document templates.

DocumentTemplatesController

The default controller for administration of the document templates.

Placeholders

Placeholders are twig template variables or expressions used in the editable templates to be replaced during the rendering, e.g. {{user.name}} or {% for user in users %}

Data Sources

Data sources are the objects that provide data to the document template, and replace the placeholders with actual data in the rendering process. Data sources can be created from Models, Objects, arrays, or from any scalar types (strings, integers).

Basic usage

Configuration

The configuration can be found in config/document_templates.

layout_path - path to the layout files, defaults to: resources/templates.

The twig sandbox can be configured with the settings below, read more about sandbox configuration here. The extended sandbox policy class adds support for allowing all object properties by setting wildcard * in the first position in the allowed properties array.

    'template_sandbox' => [
        'allowedTags' => ['for'],
        'allowedFilters' => ['escape'],
        'allowedMethods' => [],
        'allowedProperties' => ['*'],
        'allowedFunctions' => []
    ]

Twig environment options can be configured with the settings below, read more about the options here.

    'twig' => [
        'environment' => [
            'debug' => false,
            'charset' => 'utf-8',
            'base_template_class' => '\Twig\Template',
            'cache' => false,
            'auto_reload' => false,
            'strict_variables' => false,
            'autoescape' => false,
            'optimizations' => -1
        ]
    ]

Twig extensions can be loaded over twig.extensions by adding the extension's class to the array (which extends \Twig\Extension\AbstractExtension or implements \Twig\Extension\ExtensionInterface).

    'twig' => [
        'extensions' => []
    ]

The model class to be used with route model binding, and in the DocumentTemplatesController

    'model_class' => \BWF\DocumentTemplates\DocumentTemplates\DocumentTemplateModel::class,

Base url to use for generating the routes with DocumentTemplate::routes() (e.g /document-templates/, /document-templates/1/edit). These routes are also named by this base url, and they look like this: route('document-template.index')

    'base_url' => 'document-templates'

Configure if the package should load it's default routes

    'load_default_routes' => false

Creating the layout

Create a layout file in the configured layout path, the layout files should have .twig extension. The editable parts in the layout should be defined as blocks in the layout:

{% block title %} {% endblock %} {% block content %} {% endblock %} ">
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>
        {% block title %}
        {% endblock %}
    title>
head>
<body>
    {% block content %}
    {% endblock %}
body>
html>

The name of the block is used as the name of the editable template.

Creating the document template class

Document Template class can be any class which is uses the DocumentTemplate trait and implements the DocumentTemplateInterface. When using the trait the dataSources method should be implemented, it defines the data used by the document.

The following example show the datasources method:

class DemoDocumentTemplate implements DocumentTemplateInterface
{
    use DocumentTemplate;

    protected function dataSources()
    {
        return [
            $this->dataSource($userModelInstance, 'user', true, 'users'),
            $this->dataSource($orderAssociativeArray, 'order', true, 'orders'),
            $this->dataSource($anyObject, 'test'),
            $this->dataSource('', 'text'),
            $this->dataSource(0, 'number'),
        ];
    }
}

The dataSource method accepts 4 arguments:

  • $data - instance of the data to use, it can be an empty instance, it is used to be able to show the possible placeholders when editing the document template in the admin area.
  • $name - defines the namespace for the data object e.g. $name = 'user'. The placeholders will be prefixed with the name: {{user.name}}. When using scalar data sources, the namespace is mandatory, for arrays and objects it can be omitted.
  • $isIterable - defines if the datasource can be used in a for loop in the template
  • $iterableName - defines the name of the iterable variable, which should be used in the template e.g. $iterableName = 'users' the placeholder for iteration would be {% for user in users %}

The signature if the dataSource method can be found below: protected function dataSource($data, $name = '', $isIterable = false, $iterableName = '')

Laravel models as data source

Laravel models can act as a data source for the document templates by using the ModelProvidesTemplateData trait and implementing the TemplateDataSourceInterface. The developer can define which fields can be used as a template placeholder by overriding the getTemplateFields method. Example model used as a data source, allowing the fillable attributes as placeholders:

class User implements TemplateDataSourceInterface
{
    use ModelProvidesTemplateData;

    /**
     * The attributes that are mass assignable.
     *
     * @var array
     */
    protected $fillable = [
        'name', 'email'
    ];

    protected function getTemplateFields()
    {
        return $this->fillable;
    }
}

Rendering template with data

The document template class can be instantiated with the DocumentTemplateFactory. The build method accepts one argument: the DocumentTemplateModel.

        $documentTemplateModel = DemoDocumentTemplateModel::findOrFail($id);
        $documentTemplate = DocumentTemplateFactory::build($documentTemplateModel);

Or the document template can be instantiated manually, in this case the init() method should be used to initialize the document template (it creates the document template by retrieving the first row from the database with the given document template class). Use the addTemplateData method to add the data which should replace the placeholders in the document. The arguments for the method are:

  • $data - the data object or collection of data sources e.g. User::all(), assuming the User model is implementing the TemplateDataSourceInterface
  • $name - The namespace used in the template, it should be the same as defined in dataSources method of the DocumentTemplate class.

The render method is used to render the document with the given data, returns the rendered document as string.

        $documentTemplate = new DemoDocumentTemplate();
        $documentTemplate->init();

        $documentTemplate->addTemplateData(User::all(), 'users');
        $documentTemplate->addTemplateData($ordersCollection, 'orders');
        $documentTemplate->addTemplateData($testObject, 'test');
        $documentTemplate->addTemplateData(42, 'number');
        $documentTemplate->addTemplateData('coders', 'text');

        echo $documentTemplate->render();

Generating PDF

The need for pdf generation is a quite common thing in web development. The package support pdf generation with dompdf, (using laravel-dompdf package) and pupeteeer (using spatie/browsershot package). The document template data should be set up the same way like for the simple rendering (see the previous section: Rendering template with data), but instead of the render method you should use the renderPdf method:

$pdf = $documentTemplate->renderPdf(storage_path( 'app/my_example.pdf'));

The only argument of the method is the desired path and file name, and it returns the path of the generated file.

The package supports multiple pdf renderers, the desired pdf renderer can be set up in the config/document-templates.php:

DomPdf:

    'pdf_renderer' => \BWF\DocumentTemplates\Renderers\DomPdfRenderer::class

If you would like to configure the dompdf package, publish the dompdf configuration with:

php artisan vendor:publish --provider="Barryvdh\DomPDF\ServiceProvider"

When published, the config file can be found in config/dompdf.php. For more details about the dompdf configuration please check the laravel-dompdf documentation.

Browsershot:

    'pdf_renderer' => \BWF\DocumentTemplates\Renderers\BrowsershotPdfRenderer::class

The browsershot package requires node 7.6.0 or higher and the Puppeteer Node library.

On MacOS you can install Puppeteer in your project via NPM:

npm install puppeteer

Or you could opt to just install it globally

npm install puppeteer --global

On a Forge provisioned Ubuntu 16.04 server you can install the latest stable version of Chrome like this:

curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
sudo apt-get install -y nodejs gconf-service libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget
sudo npm install --global --unsafe-perm puppeteer
sudo chmod -R o+rx /usr/lib/node_modules/puppeteer/.local-chromium

For more details please check the browsershot documentation.

Administration

This package includes Vue component and a resource controller as a starting point for the document template admin implementation. In order to use the components you have to use the Vue JavaScript framework. The component is published to resources/js/components/document-templates. Register the component in your application (app.js):

Vue.component('document-template-form', require('./vendor/document-templates/components/DocumentTemplateFormComponent.vue').default);

Please note that the pats may vary depending on your application's directory structure.

Editing the templates

The admin form component uses CKEditor for the user editable templates. The package ships with a custom built placeholders plugin for CKEditor. The placeholders plugin displays the placeholders as select boxes, every dataSource has it's own select box. The selected placeholders are automatically inserted into the editor's content as CKEditor inline widgets. The placeholder widgets can be moved across the text, and can be removed, but theirs content is read only to prevent rendering problems caused by incorrect/modified placeholders.

The CKEditor initialization using the placeholders plugin can be found below:

    CKEDITOR.replace(editorId, {
        customConfig: '',
        extraPlugins: 'richcombo,placeholder_select',
        toolbarGroups:[
            { name: 'basicstyles' },
            '/',
            { name: 'placeholder_select'}
        ],
        placeholder_select: {
            placeholders: _this.placeholders,
        }
    });

Inlcude all the necessary javascript at once

If you'd like to require/initialize all the necessary javascript automatically, you can use the document-template.js to do so. Add the following to the app.js:

require('./vendor/document-templates/js/document-templates');

It includes the ckeditor, the placeholder plugin for ckeditor, sets the ckeditor base path, and registers the Vue component.

Document Templates Controller

The package ships with a default controller for your convenience, to be able to quickly scaffold an administration interface for the package. You could extend the DocumentTemplatesController, and define the available document template classes, like below:

class DemoDocumentTemplatesController extends DocumentTemplatesController
{
    protected $documentClasses = [
        DemoDocumentTemplate::class,
        DemoDocumentTemplate2::class
    ];
}

These classes appear on the create/edit form for the document, every class should correspond to a document type (e.g. create separate classes for Invoices, Letters, Registration Emails etc.). If you need to change the default behaviour of the controller feel free to skip the extension and implement the necessary methods yourself. In this case you can still use the ManagesDocumentTemplates trait which contains the methods to get the data for the api endpoints used by the vue components, those endpoints are: /placeholders and /templates. If you use the trait you should implement the actions for these endpoints.

Demo application

Demo application can be found here: https://github.com/42coders/bwf-demo. You can use a symlinked version of the document templates package in the composer.json:

    "repositories": [
        {
            "type": "path",
            "url": "../document-templates",
            "options": {
                "symlink": true
            }
        }
    ],

As you can see from the repository configuration, the package should be cloned in the same directory as the demo app. Also the demo app requires app.js directly from the package 'require('./../../vendor/42coders/document-templates/resources/js/app');', this allows you to develop the package and check the changes in the demo app immediately, without the need for composer install, and vendor:publish.

Contribution

Every contribution is welcome. We should use the usual GitFlow like workflow: create branches for features and bug fixes, when the development has been finished create a pull request to the develop and it will be reviewed by other developer, and merged/commented/declined accordingly. It is important to create unit tests for all new features developed, and also for all bug fixes to keep the package stable and easy to use. For the new features it is recommended to add a demo of the feature to the demo application and extend the documentation as well.

Test

The php tests are using PHPUnit, to run the test you can use either vendor/bin/phpunit or composer test command. Test code coverage can be generated with composer test-coverage command. In order to generate coverage it is necessary to have Xdebug extension installed and enabled for php cli. The code coverage html report can be found in the tests/coverage directory. Javascript tests are using Jasmine test framework. Run the javascript test with the following command npm run test

Documentation

Api documentation can be generated with phpDox. To download and install phpDox please follow the instructions here. Once the phpDox is installed generate the api documentation by running composer build-docs. When the process is finished the documentation can be found in docs/html directory.

License

The Document Templates is free software licensed under the MIT license.

Comments
  • Bump spatie/browsershot from 3.52.3 to 3.57.3

    Bump spatie/browsershot from 3.52.3 to 3.57.3

    Bumps spatie/browsershot from 3.52.3 to 3.57.3.

    Release notes

    Sourced from spatie/browsershot's releases.

    3.57.3

    • Do not allow file:// to be used

    3.57.2

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.57.1...3.57.2

    3.57.1

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.57.0...3.57.1

    3.57.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.56.0...3.57.0

    3.56.0

    • add failedRequests method

    3.55.0

    What's Changed

    Full Changelog: https://github.com/spatie/browsershot/compare/3.54.0...3.55.0

    3.54.0

    What's Changed

    Full Changelog: https://github.com/spatie/browsershot/compare/3.53.0...3.54.0

    3.53.0

    What's Changed

    ... (truncated)

    Changelog

    Sourced from spatie/browsershot's changelog.

    3.57.3 - 2022-10-25

    • Do not allow file:// to be used

    3.57.2 - 2022-08-19

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.57.1...3.57.2

    3.57.1 - 2022-08-03

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.57.0...3.57.1

    3.57.0 - 2022-06-28

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.56.0...3.57.0

    3.56.0 - 2022-06-21

    • add failedRequests method

    3.55.0 - 2022-06-13

    What's Changed

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies php 
    opened by dependabot[bot] 1
  • Bump dompdf/dompdf from 1.2.0 to 1.2.1

    Bump dompdf/dompdf from 1.2.0 to 1.2.1

    Bumps dompdf/dompdf from 1.2.0 to 1.2.1.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies php 
    opened by dependabot[bot] 1
  • Bump twig/twig from 2.13.1 to 2.14.11

    Bump twig/twig from 2.13.1 to 2.14.11

    Bumps twig/twig from 2.13.1 to 2.14.11.

    Changelog

    Sourced from twig/twig's changelog.

    2.14.11 (2022-02-04)

    • Fix a security issue when in a sandbox: the sort filter must require a Closure for the arrow parameter

    2.14.10 (2022-01-03)

    • Allow more null arguments when Twig expects a string (for better 8.1 support)

    2.14.9 (2022-01-03)

    • Allow null when Twig expects a string (for better 8.1 support)
    • Add support for PHP 7.1 back
    • Make some performance optimizations
    • Allow Symfony translation contract v3+

    2.14.8 (2021-11-25)

    • Bump minimum supported Symfony component versions
    • Fix a deprecated message

    2.14.7 (2021-09-17)

    • Allow Symfony 6
    • Improve compatibility with PHP 8.1
    • Explicitly specify the encoding for mb_ord in JS escaper

    2.14.6 (2021-05-16)

    • Revert "Throw a proper exception when a template name is an absolute path (as it has never been supported)"

    2.14.5 (2021-05-12)

    • Fix PHP 8.1 compatibility
    • Throw a proper exception when a template name is an absolute path (as it has never been supported)

    2.14.4 (2021-03-10)

    • Add the slug filter

    2.14.3 (2021-01-05)

    • Fix extra bundle compat with older versions of Symfony

    2.14.2 (2021-01-05)

    • Fix "odd" not working for negative numbers

    2.14.1 (2020-10-27)

    • Fix "include(template_from_string())"

    ... (truncated)

    Commits
    • 66baa66 Prepare the 2.14.11 release
    • 22b9dc3 bug #3641 Disallow non closures in sort filter when the sanbox mode is enab...
    • 2eb3308 Disallow non closures in sort filter when the sanbox mode is enabled
    • e056e63 bug #3638 Fix call to deprecated "convertToHtml" method (jderusse)
    • 779fdd0 Fix call to deprecated "convertToHtml" method
    • bbc3377 minor #3629 Fix map example output (alexander-schranz)
    • 9741173 Fix map example output
    • 9984a6e minor #3628 Rename variables used in map method (alexander-schranz)
    • b74cf2a Rename variables used in map method
    • e8068a9 bug #3626 The deprecated null value for the method round has been changed to ...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies php 
    opened by dependabot[bot] 1
  • Bump doctrine/dbal from 3.0.0 to 3.1.4

    Bump doctrine/dbal from 3.0.0 to 3.1.4

    Bumps doctrine/dbal from 3.0.0 to 3.1.4.

    Release notes

    Sourced from doctrine/dbal's releases.

    3.1.4

    Release 3.1.4

    SECURITY RELEASE: All users are advised to upgrade when using doctrine/dbal 3.0.0 - 3.1.3 due to a critical SQL injection that was fixed: https://github.com/doctrine/dbal/security/advisories/GHSA-r7cj-8hjg-x622

    3.1.4

    • Total issues resolved: 6
    • Total pull requests resolved: 20
    • Total contributors: 13

    Bug,oci8

    Connections,Test Suite

    Bug,QueryBuilder

    Bug,Prepared Statements,Regression,SQL Parser

    Documentation

    Bug,MySQL,Schema Introspection

    CI

    Bug,Connections,Test Suite,pdo_oci

    ... (truncated)

    Commits
    • 821b4f0 Merge pull request #4995 from derrabus/bugfix/oci8-server-version
    • f804b21 Fix getServerVersion for OCI8 when assertions are disabled
    • fa27901 Merge pull request #4991 from morozov/optimize-sharing-test-connection
    • 8fb8105 Close the non-shared connection instead of marking it non-reusable
    • 06f5925 Optimize sharing test connection
    • 10df50f Merge pull request #4978 from AndreasA/bugfix/4971
    • 1b768e9 Use correct column order for composite foreign keys
    • 4c63afa Merge branch '2.13.x' into 3.1.x
    • 483a518 Merge pull request #4984 from morozov/cast-limit-offset-to-int
    • 0ae1aa5 Bump to 2.13.6
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies php 
    opened by dependabot[bot] 1
  • Bump laravel/framework from 8.34.0 to 8.40.0

    Bump laravel/framework from 8.34.0 to 8.40.0

    Bumps laravel/framework from 8.34.0 to 8.40.0.

    Release notes

    Sourced from laravel/framework's releases.

    v8.39.0

    Added

    • Added Illuminate\Collections\Collection::sole() method (#37034)
    • Support url for php artisan db command (#37064)
    • Added Illuminate\Foundation\Bus\DispatchesJobs::dispatchSync() (#37063)
    • Added Illuminate\Cookie\CookieJar::expire() (#37072, fa3a14f)
    • Added Illuminate\Database\DatabaseManager::setApplication() (#37068)
    • Added Illuminate\Support\Stringable::whenNotEmpty() (#37080)
    • Added Illuminate\Auth\SessionGuard::attemptWhen() (#37090, e3fcd97)
    • Added password validation rule (#36960)

    Fixed

    • Fixed JsonResponse::fromJasonString() double encoding string (#37076)
    • Fallback to primary key if owner key doesnt exist on model at all in MorphTo relation (a011109)
    • Fixes for PHP 8.1 (#37087, #37101)
    • Do not execute beforeSending callbacks twice in HTTP client (#37116)
    • Fixed nullable values for required_if (#37128, 86fd558)

    Changed

    • Schedule list timezone command (#37117)

    v8.38.0

    Added

    • Added a wordCount() string helper (#36990)
    • Allow anonymous and class based migration coexisting (#37006)
    • Added Illuminate\Broadcasting\Broadcasters\PusherBroadcaster::setPusher() (#37033)

    Fixed

    • Fixed required_if boolean validation (#36969)
    • Correctly merge object payload data in Illuminate\Queue\Queue::createObjectPayload() (#36998)
    • Allow the use of temporary views for Blade testing on Windows machines (#37044)
    • Fixed Http::withBody() not being sent (#37057)

    v8.37.0

    Added

    • Allow to retry jobs by queue name (#36898, f2d9b59, c351a30)
    • Added strings to the DetectsLostConnections.php (4210258)
    • Allow testing of Blade components that return closures (#36919)
    • Added anonymous migrations (#36906)
    • Added Session\Store::missing() method (#36937)
    • Handle concurrent asynchronous requests in the HTTP client (#36948, 245a712)
    • Added tinyText data type to Blueprint and to available database grammars (#36949)
    • Added a method to remove a resolved view engine (#36955)
    • Added Illuminate\Database\Eloquent\Model::getAttributesForInsert() protected method (9a9f59f, 314bf87)

    Fixed

    • Fixed clone() on EloquentBuilder (#36924)

    Changed

    ... (truncated)

    Changelog

    Sourced from laravel/framework's changelog.

    Release Notes for 8.x

    Unreleased

    v8.39.0 (2021-04-27)

    Added

    • Added Illuminate\Collections\Collection::sole() method (#37034)
    • Support url for php artisan db command (#37064)
    • Added Illuminate\Foundation\Bus\DispatchesJobs::dispatchSync() (#37063)
    • Added Illuminate\Cookie\CookieJar::expire() (#37072, fa3a14f)
    • Added Illuminate\Database\DatabaseManager::setApplication() (#37068)
    • Added Illuminate\Support\Stringable::whenNotEmpty() (#37080)
    • Added Illuminate\Auth\SessionGuard::attemptWhen() (#37090, e3fcd97)
    • Added password validation rule (#36960)

    Fixed

    • Fixed JsonResponse::fromJasonString() double encoding string (#37076)
    • Fallback to primary key if owner key doesnt exist on model at all in MorphTo relation (a011109)
    • Fixes for PHP 8.1 (#37087, #37101)
    • Do not execute beforeSending callbacks twice in HTTP client (#37116)
    • Fixed nullable values for required_if (#37128, 86fd558)

    Changed

    • Schedule list timezone command (#37117)

    v8.38.0 (2021-04-20)

    Added

    • Added a wordCount() string helper (#36990)
    • Allow anonymous and class based migration coexisting (#37006)
    • Added Illuminate\Broadcasting\Broadcasters\PusherBroadcaster::setPusher() (#37033)

    Fixed

    • Fixed required_if boolean validation (#36969)
    • Correctly merge object payload data in Illuminate\Queue\Queue::createObjectPayload() (#36998)
    • Allow the use of temporary views for Blade testing on Windows machines (#37044)
    • Fixed Http::withBody() not being sent (#37057)

    v8.37.0 (2021-04-13)

    Added

    • Allow to retry jobs by queue name (#36898, f2d9b59, c351a30)
    • Added strings to the DetectsLostConnections.php (4210258)
    • Allow testing of Blade components that return closures (#36919)
    • Added anonymous migrations (#36906)
    • Added Session\Store::missing() method (#36937)

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies php 
    opened by dependabot[bot] 1
  • This Project cost me 3 full days of work + CPU time :-/

    This Project cost me 3 full days of work + CPU time :-/

    I have a regrettable tale concerning this project :-/

    I am the maintainer of Bettergist. It's my sworn mission to test and catalog the code quality fitness of every single package on packagist.org.

    I recently finished v2.0 and got to the point where it was ready to start combing thru every project, checking them out from GitHub/et. al, running composer install, and then a smattering of analyses, including phpunit and phpstan.

    After much trial, error, and sweat equity, it finally was running unchecked. It took 3 days, because I was running PHPUnit against every major version of PHP 7.1 thru 8.0.

    I had catelogged packagist stats and code stats (lines of code, cyclometic complexity, etc.) of exactly 112,991 packages (everything up to L), which took about a full day itself.

    It did the first 765 projects pretty successfully.

    Then, all of a sudden, I received this startling error:

    Postgres: TABLE "packages" DOES NOT EXIST

    WELLL!!!! THAT WAS CERTAINLY UNEXPECTED!!!

    I launched psql bettergist and did a \d+ and to my abject horror, there were only two tables:

    bettergist=> \d+
                               List of relations
     Schema |        Name        |   Type   |  Owner   |    Size    | Description 
    --------+--------------------+----------+----------+------------+-------------
     public | migrations         | table    | phppro   | 8192 bytes | 
     public | migrations_id_seq  | sequence | phppro   | 8192 bytes | 
     public | document_templates | table    | phppro   | 8192 bytes |
    

    Since I was still processing packages in small batches, I knew for sure that the package's vendor started with a 4. In a few more minutes, I had narrowed it down to this package.

    I'm still very much confused on how a phpunit subprocess in a different PWD managed to grab my Laravel-Zero project's .env, but it did...

    I am not going to fault you or anything. My project is way on the leading vanguard of human progress, and I have Laravel projects myself which would have tripped this up.

    My main reason for writing this is as a cautionary tale: Frequently backup databases so you cannot possibly lose critical work.

    I now have a /etc/cron.hourly/bettergist-backup:

    #!/bin/bash
    
    cd /code/bettergist-collector
    sudo -u postgres pg_dump bettergist > xz -9 --threads=0 > bettergist-$(date +"%Y%m%d.%H").sql.xz
    

    So when this happens again, somewhere among the other 260,000+ composer packages, I'll be ready ;-)


    Oh oh! I solved the problem of your project (and others) hijacking my .env and database by doing all analysis from within a docker image, using my phpexperts/dockerize-php project. It can't even connect to the host's postgresql database and no package can manipulate anything other than redis. All file system changes disappear when the docker container stops running.

    opened by hopeseekr 1
  • Bump symfony/http-foundation from 4.4.4 to 4.4.7

    Bump symfony/http-foundation from 4.4.4 to 4.4.7

    Bumps symfony/http-foundation from 4.4.4 to 4.4.7.

    Release notes

    Sourced from symfony/http-foundation's releases.

    v4.4.7

    Changelog (https://github.com/symfony/http-foundation/compare/v4.4.6...v4.4.7)

    • no changes

    v4.4.6

    Changelog (https://github.com/symfony/http-foundation/compare/v4.4.5...v4.4.6)

    • bug #36173 Fix clear cookie samesite (guillbdx)
    • bug #36103 fix preloading script generation (nicolas-grekas)

    v4.4.5

    Changelog (https://github.com/symfony/http-foundation/compare/v4.4.4...v4.4.5)

    • bug #35709 fix not sending Content-Type header for 204 responses (Tobion)
    • bug #35583 Add missing use statements (fabpot)
    Commits
    • 62f9250 [HttpFoundation] Do not set the default Content-Type based on the Accept header
    • 67d0196 add missing gitattributes for phpunit-bridge
    • 0a3b771 Merge branch '3.4' into 4.4
    • a8833c5 [Http Foundation] Fix clear cookie samesite
    • 109ac25 [DI] fix preloading script generation
    • ff006c7 Fix more quotes in exception messages
    • f4dc52b Fix quotes in exception messages
    • 2d4d118 Merge branch '3.4' into 4.4
    • 13f9b08 Fix quotes in exception messages
    • 01887e8 Add missing dots at the end of exception messages
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies php 
    opened by dependabot[bot] 1
  • Bump lodash from 4.17.11 to 4.17.15

    Bump lodash from 4.17.11 to 4.17.15

    ⚠️ Dependabot is rebasing this PR ⚠️

    If you make any changes to it yourself then they will take precedence over the rebase.


    Bumps lodash from 4.17.11 to 4.17.15.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump mixin-deep from 1.3.1 to 1.3.2

    Bump mixin-deep from 1.3.1 to 1.3.2

    ⚠️ Dependabot is rebasing this PR ⚠️

    If you make any changes to it yourself then they will take precedence over the rebase.


    Bumps mixin-deep from 1.3.1 to 1.3.2.

    Commits
    Maintainer changes

    This version was pushed to npm by doowb, a new releaser for mixin-deep since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump twig/twig from 2.14.11 to 2.15.3

    Bump twig/twig from 2.14.11 to 2.15.3

    Bumps twig/twig from 2.14.11 to 2.15.3.

    Changelog

    Sourced from twig/twig's changelog.

    2.15.3 (2022-09-28)

    • Fix a security issue on filesystem loader (possibility to load a template outside a configured directory)

    2.15.2 (2022-08-12)

    • Allow inherited magic method to still run with calling class
    • Fix CallExpression::reflectCallable() throwing TypeError
    • Fix typo in naming (currency_code)

    2.15.1 (2022-05-17)

    • Fix optimizing non-public named closures

    2.15.0 (2022-05-15)

    • Add support for named closures

    2.14.13 (2022-04-06)

    • Enable bytecode invalidation when auto_reload is enabled

    2.14.12 (2022-03-25)

    • Fix custom escapers when using multiple Twig environments
    • Do not reuse internally generated variable names during parsing
    Commits
    • ab40267 Prepare the 2.15.3 release
    • fc18c2e Update CHANGELOG
    • d6ea14a Merge branch '1.x' into 2.x
    • 35f3035 security #cve- Fix a security issue on filesystem loader (possibility to load...
    • 9170edf Fix doc CS
    • fab3e0f minor #3744 Adding installation instructions for Symfony (ThomasLandauer)
    • c034c1d Adding installation instructions for Symfony
    • 226b73c minor #3735 Use the PHP doc builder instead of Sphinx in CI (fabpot)
    • fcf65bd Use the PHP doc builder instead of Sphinx in CI
    • 6fe9edf minor #3734 Make doc clearer for the replace filter (fabpot)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies php 
    opened by dependabot[bot] 0
  • Bump dompdf/dompdf from 1.2.0 to 1.2.2

    Bump dompdf/dompdf from 1.2.0 to 1.2.2

    Bumps dompdf/dompdf from 1.2.0 to 1.2.2.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies php 
    opened by dependabot[bot] 0
  • Bump json5 from 2.1.3 to 2.2.3

    Bump json5 from 2.1.3 to 2.2.3

    Bumps json5 from 2.1.3 to 2.2.3.

    Release notes

    Sourced from json5's releases.

    v2.2.3

    v2.2.2

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)
    Changelog

    Sourced from json5's changelog.

    v2.2.3 [code, diff]

    v2.2.2 [code, diff]

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1 [code, diff]

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0 [code, diff]

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)
    Commits
    • c3a7524 2.2.3
    • 94fd06d docs: update CHANGELOG for v2.2.3
    • 3b8cebf docs(security): use GitHub security advisories
    • f0fd9e1 docs: publish a security policy
    • 6a91a05 docs(template): bug -> bug report
    • 14f8cb1 2.2.2
    • 10cc7ca docs: update CHANGELOG for v2.2.2
    • 7774c10 fix: add proto to objects and arrays
    • edde30a Readme: slight tweak to intro
    • 97286f8 Improve example in readme
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump spatie/browsershot from 3.52.3 to 3.57.4

    Bump spatie/browsershot from 3.52.3 to 3.57.4

    Bumps spatie/browsershot from 3.52.3 to 3.57.4.

    Release notes

    Sourced from spatie/browsershot's releases.

    3.57.4

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.57.3...3.57.4

    3.57.3

    • Do not allow file:// to be used

    3.57.2

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.57.1...3.57.2

    3.57.1

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.57.0...3.57.1

    3.57.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.56.0...3.57.0

    3.56.0

    • add failedRequests method

    3.55.0

    What's Changed

    Full Changelog: https://github.com/spatie/browsershot/compare/3.54.0...3.55.0

    3.54.0

    ... (truncated)

    Changelog

    Sourced from spatie/browsershot's changelog.

    3.57.4 - 2022-11-21

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.57.3...3.57.4

    3.57.3 - 2022-10-25

    • Do not allow file:// to be used

    3.57.2 - 2022-08-19

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.57.1...3.57.2

    3.57.1 - 2022-08-03

    What's Changed

    New Contributors

    Full Changelog: https://github.com/spatie/browsershot/compare/3.57.0...3.57.1

    3.57.0 - 2022-06-28

    What's Changed

    New Contributors

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies php 
    opened by dependabot[bot] 0
  • Bump minimist and extract-zip

    Bump minimist and extract-zip

    Bumps minimist and extract-zip. These dependencies needed to be updated together. Updates minimist from 1.2.5 to 1.2.7

    Changelog

    Sourced from minimist's changelog.

    v1.2.7 - 2022-10-10

    Commits

    • [meta] add auto-changelog 0ebf4eb
    • [actions] add reusable workflows e115b63
    • [eslint] add eslint; rules to enable later are warnings f58745b
    • [Dev Deps] switch from covert to nyc ab03356
    • [readme] rename and add badges 236f4a0
    • [meta] create FUNDING.yml; add funding in package.json 783a49b
    • [meta] use npmignore to autogenerate an npmignore file f81ece6
    • Only apps should have lockfiles 56cad44
    • [Dev Deps] update covert, tape; remove unnecessary tap 49c5f9f
    • [Tests] add aud in posttest 228ae93
    • [meta] add safe-publish-latest 01fc23f
    • [meta] update repo URLs 6b164c7

    v1.2.6 - 2022-03-21

    Commits

    • test from prototype pollution PR bc8ecee
    • isConstructorOrProto adapted from PR c2b9819
    • security notice for additional prototype pollution issue ef88b93
    Commits
    • c590d75 v1.2.7
    • 0ebf4eb [meta] add auto-changelog
    • e115b63 [actions] add reusable workflows
    • 01fc23f [meta] add safe-publish-latest
    • f58745b [eslint] add eslint; rules to enable later are warnings
    • 228ae93 [Tests] add aud in posttest
    • 236f4a0 [readme] rename and add badges
    • ab03356 [Dev Deps] switch from covert to nyc
    • 49c5f9f [Dev Deps] update covert, tape; remove unnecessary tap
    • 783a49b [meta] create FUNDING.yml; add funding in package.json
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


    Updates extract-zip from 1.6.7 to 1.7.0

    Release notes

    Sourced from extract-zip's releases.

    1.7.0

    Added

    • Error handler for zipfile object (#67)

    Changed

    • Don't pin dependency requirements to specific versions (#88)

    1.6.8

    Dependencies

    • Update mkdirp to 0.5.4.
    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump minimatch from 3.0.4 to 3.1.2

    Bump minimatch from 3.0.4 to 3.1.2

    Bumps minimatch from 3.0.4 to 3.1.2.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Add translation support

    Add translation support

    Crete a twig function as a wrapper to Laravel translation function __()

    Currently the following class can be used as a workaround:

    class TwigTranslator
    {
        public function __($key, $replace = [], $locale = null)
        {
            return app('translator')->getFromJson($key, $replace, $locale);
        }
    }
    
            $twigTranlator = new TwigTranslator();
    .
    .
    .
            $documentTemplate->addTemplateData($twigTranlator, 'trans')
    
    
    enhancement 
    opened by daniel-werner 0
Owner
42coders
Laravel Agency
42coders
SilverStripe live templates - Speed up development with SilverStripe live templates for PhpStorm and WebStorm

SilverStripe live templates My collection of live templates for WebStorm and PhpStorm, following PSR-2, using PHPDoc, and utilizing PHP 5.4 array shor

North Creation Agency 3 Feb 1, 2022
PHP template engine for native PHP templates

FOIL PHP template engine, for PHP templates. Foil brings all the flexibility and power of modern template engines to native PHP templates. Write simpl

Foil PHP 167 Dec 3, 2022
Foil brings all the flexibility and power of modern template engines to native PHP templates

Foil brings all the flexibility and power of modern template engines to native PHP templates. Write simple, clean and concise templates with nothing more than PHP.

Foil PHP 167 Dec 3, 2022
PHP Template Attribute Language — template engine for XSS-proof well-formed XHTML and HTML5 pages

PHPTAL - Template Attribute Language for PHP Requirements If you want to use the builtin internationalisation system (I18N), the php-gettext extension

PHPTAL 175 Dec 13, 2022
A template abstraction prototype for PHP template engines

Schranz Templating A template abstraction prototype for PHP template engines. This project should help to find a way for a general Template Render Int

Schranz Templating 16 Dec 7, 2022
Laravel Live Templates for PhpStorm

Laravel Live Templates for PhpStorm How to: Go to Preferences | Tools | Settings Repository Add Read-only Source https://github.com/koomai/phpstorm-la

Sid 1.2k Dec 22, 2022
Contao extension to provide content templates for pages.

Contao Content Templates In Contao, the regular content of a page can be made up of different articles, each assigned to different sections of a page

inspiredminds 7 Oct 11, 2022
Renders Mithril components to HTML for use in blade templates

Flarum Mithril2Html Uses Chrome Puppeteer via Spatie Browsershot to render Mithril components as static HTML. Follow Browsershot instructions to setup

Clark Winkelmann 3 Nov 13, 2022
Qiq templates for PHP 8.

Qiq Templates for PHP 8 This package provides a PHP 8.0 implementation of the TemplateView and TwoStepView patterns using PHP itself as the templating

null 18 Nov 24, 2022
Yii2 Gii Extended templates and generators

model template with TimestampBehavior and BlameableBehavior according to columns

潘文斌 1 Feb 12, 2020
Laravel package template

REPLACE Simple and flexible package template. Usage Replace all occurances of REPLACE (case sensitive) with the name of the package namespace. E.g. th

ARCHTECH 56 Aug 15, 2022
Provides a GitHub repository template for a PHP package, using GitHub actions.

php-package-template Installation ?? This is a great place for showing how to install the package, see below: Run $ composer require ergebnis/php-pack

null 280 Dec 27, 2022
View template engine of PHP extracted from Laravel

Blade 【简体中文】 This is a view templating engine which is extracted from Laravel. It's independent without relying on Laravel's Container or any others.

刘小乐 143 Dec 13, 2022
Twig, the flexible, fast, and secure template language for PHP

Twig, the flexible, fast, and secure template language for PHP Twig is a template language for PHP, released under the new BSD license (code and docum

Twig 7.7k Jan 1, 2023
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic.

Smarty 3 template engine smarty.net Documentation For documentation see www.smarty.net/docs/en/ Requirements Smarty can be run with PHP 5.2 to PHP 7.4

Smarty PHP Template Engine 2.1k Jan 1, 2023
Native PHP template system

Plates Plates is a native PHP template system that's fast, easy to use and easy to extend. It's inspired by the excellent Twig template engine and str

The League of Extraordinary Packages 1.3k Jan 7, 2023
☕ Latte: the intuitive and fast template engine for those who want the most secure PHP sites.

Latte: amazing template engine for PHP Introduction Latte is a template engine for PHP which eases your work and ensures the output is protected again

Nette Foundation 898 Dec 25, 2022
A lightweight template parser used by PyroCMS.

Lex Lex is a lightweight template parser. Lex is released under the MIT License and is Copyrighted 2011 - 2014 PyroCMS Team. Change Log 2.3.2 Convert

PyroCMS 102 Dec 21, 2022
A complete and fully-functional implementation of the Jade template language for PHP

Tale Jade for PHP Finally a fully-functional, complete and clean port of the Jade language to PHP — Abraham Lincoln The Tale Jade Template Engine brin

Talesoft 91 Dec 27, 2022