From 77ba81a866b65dc67e1294faf8017287151070b3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Apr 2024 08:20:49 -0700 Subject: [PATCH 01/19] Bump drupal/search_api from 1.33.0 to 1.34.0 (#17787) Bumps drupal/search_api from 1.33.0 to 1.34.0. --- updated-dependencies: - dependency-name: drupal/search_api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Amanda Nantais-Austin --- composer.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/composer.lock b/composer.lock index 9d809f1438..f34a45c658 100644 --- a/composer.lock +++ b/composer.lock @@ -12233,17 +12233,17 @@ }, { "name": "drupal/search_api", - "version": "1.33.0", + "version": "1.34.0", "source": { "type": "git", "url": "https://git.drupalcode.org/project/search_api.git", - "reference": "8.x-1.33" + "reference": "8.x-1.34" }, "dist": { "type": "zip", - "url": "https://ftp.drupal.org/files/projects/search_api-8.x-1.33.zip", - "reference": "8.x-1.33", - "shasum": "6414709995217599839167bc638e0e49243ff714" + "url": "https://ftp.drupal.org/files/projects/search_api-8.x-1.34.zip", + "reference": "8.x-1.34", + "shasum": "dd08166888f90adaf01cc1a759266097709efe7c" }, "require": { "drupal/core": "^10.1 || ^11" @@ -12264,8 +12264,8 @@ "type": "drupal-module", "extra": { "drupal": { - "version": "8.x-1.33", - "datestamp": "1712242225", + "version": "8.x-1.34", + "datestamp": "1712400445", "security-coverage": { "status": "covered", "message": "Covered by Drupal's security advisory policy" From 7ad46d8d112dd39c4b302ea94b308dec0ff2b831 Mon Sep 17 00:00:00 2001 From: Edmund Dunn <109987005+edmund-dunn@users.noreply.github.com> Date: Tue, 9 Apr 2024 11:59:16 -0700 Subject: [PATCH 02/19] 17774 remove simplesamlphp salt and admin password from vagov cms and changes values (#17789) * VACMS-17774: refactored simplesamlphp params to us env variables * VACMS-17774: add comments --- .../config/config.php | 370 +++++++++--------- 1 file changed, 189 insertions(+), 181 deletions(-) diff --git a/simplesamlphp-config-metadata/config/config.php b/simplesamlphp-config-metadata/config/config.php index 19d0448b15..75deb174f9 100644 --- a/simplesamlphp-config-metadata/config/config.php +++ b/simplesamlphp-config-metadata/config/config.php @@ -1,15 +1,19 @@ 'https://'. $_SERVER['HTTP_HOST'] .'/simplesaml/', + 'baseurlpath' => 'https://' . $_SERVER['HTTP_HOST'] . '/simplesaml/', /* * The 'application' configuration array groups a set configuration options * relative to an application protected by SimpleSAMLphp. */ - 'application' => [ + 'application' => [ /* * The 'baseURL' configuration option allows you to specify a protocol, * host and optionally a port that serves as the canonical base for all @@ -52,7 +56,7 @@ * need to compute the right URLs yourself and pass them dynamically * to SimpleSAMLphp's API. */ - //'baseURL' => 'https://example.com', + // 'baseURL' => 'https://example.com', ], /* @@ -66,9 +70,9 @@ * When specified as a relative path, this is relative to the SimpleSAMLphp * root directory. */ - 'loggingdir' => 'log/', - 'datadir' => 'data/', - 'tempdir' => '/tmp/simplesaml', + 'loggingdir' => 'log/', + 'datadir' => 'data/', + 'tempdir' => '/tmp/simplesaml', /* @@ -89,7 +93,7 @@ * directory. Note that locations with no prefix included will be treated * as file locations. */ - 'certdir' => '/certs/', + 'certdir' => '/certs/', /* To load a certificate or key from the database, it should be specified * as 'pdo://' where is the identifier in the database table that @@ -115,19 +119,18 @@ * Defaults are shown below, to change them, uncomment the line and update as * needed */ - //'cert.pdo.table' => 'certificates', - //'cert.pdo.keytable' => 'private_keys', - //'cert.pdo.apply_prefix' => true, - //'cert.pdo.id_column' => 'id', - //'cert.pdo.data_column' => 'data', - + // 'cert.pdo.table' => 'certificates', + // 'cert.pdo.keytable' => 'private_keys', + // 'cert.pdo.apply_prefix' => true, + // 'cert.pdo.id_column' => 'id', + // 'cert.pdo.data_column' => 'data', /* * Some information about the technical persons running this installation. * The email address will be used as the recipient address for error reports, and * also as the technical contact in generated metadata. */ - 'technicalcontact_name' => 'VA.gov Administrator', - 'technicalcontact_email' => 'support@va-gov.atlassian.net', + 'technicalcontact_name' => 'VA.gov Administrator', + 'technicalcontact_email' => 'support@va-gov.atlassian.net', /* * (Optional) The method by which email is delivered. Defaults to mail which utilizes the @@ -135,8 +138,7 @@ * * Valid options are: mail, sendmail and smtp. */ - //'mail.transport.method' => 'smtp', - + // 'mail.transport.method' => 'smtp', /* * Set the transport options for the transport method specified. The valid settings are relative to the * selected transport method. @@ -156,15 +158,14 @@ 'mail.transport.options' => [ 'path' => '/usr/sbin/sendmail' // optional: defaults to php.ini path ], - */ + */ /* * The envelope from address for outgoing emails. * This should be in a domain that has your application's IP addresses in its SPF record * to prevent it from being rejected by mail filters. */ - //'sendmail_from' => 'no-reply@example.org', - + // 'sendmail_from' => 'no-reply@example.org', /* * The timezone of the server. This option should be set to the timezone you want * SimpleSAMLphp to report the time in. The default is to guess the timezone based @@ -172,12 +173,12 @@ * * See this page for a list of valid timezones: http://php.net/manual/en/timezones.php */ - 'timezone' => null, + 'timezone' => NULL, /********************************** - | SECURITY CONFIGURATION OPTIONS | + * | SECURITY CONFIGURATION OPTIONS | **********************************/ /* @@ -187,27 +188,33 @@ * * A possible way to generate a random salt is by running the following command from a unix shell: * LC_ALL=C tr -c -d '0123456789abcdefghijklmnopqrstuvwxyz' /dev/null;echo + * + * We pull the SimpleSAMLphp's salt and admin password from environment variables, + * which in turn are pulled from AWS Parameter Store during deployment. + * This prevents exposing the salt and password to the public. */ - 'secretsalt' => 'p97p6wmkz8flefjij0v4q1z643gxpa5j', + 'secretsalt' => getenv('SIMPLESAMLPHP_SECRETSALT'), /* * This password must be kept secret, and modified from the default value 123. * This password will give access to the installation page of SimpleSAMLphp with * metadata listing and diagnostics pages. * You can also put a hash here; run "bin/pwgen.php" to generate one. + * + * Pulled from environment variables for secrecy. See the comment on secretsalt above. */ - 'auth.adminpassword' => 'drupal8', + 'auth.adminpassword' => getenv('SIMPLESAMLPHP_ADMIN_PASSWORD'), /* * Set this option to true if you want to require administrator password to access the metadata. */ - 'admin.protectmetadata' => true, + 'admin.protectmetadata' => TRUE, /* * Set this option to false if you don't want SimpleSAMLphp to check for new stable releases when * visiting the configuration tab in the web interface. */ - 'admin.checkforupdates' => true, + 'admin.checkforupdates' => TRUE, /* * Array of domains that are allowed when generating links or redirects @@ -231,7 +238,7 @@ * Example: * 'trusted.url.domains' => ['sp.example.com', 'app.example.com'], */ - 'trusted.url.domains' => [], + 'trusted.url.domains' => [], /* * Enable regular expression matching of trusted.url.domains. @@ -242,7 +249,7 @@ * If enabled, the start and end delimiters ('^' and '$') will be added to * all regular expressions in trusted.url.domains. */ - 'trusted.url.regex' => false, + 'trusted.url.regex' => FALSE, /* * Enable secure POST from HTTPS to HTTP. @@ -255,7 +262,7 @@ * https://idp.example.org/ssp/, then * http://idp.example.org/ssp/module.php/core/postredirect.php must be accessible. */ - 'enable.http_post' => false, + 'enable.http_post' => FALSE, /* * Set the allowed clock skew between encrypting/decrypting assertions @@ -266,11 +273,11 @@ * Allowed range: 180 - 300 * Defaults to 180. */ - 'assertion.allowed_clock_skew' => 180, + 'assertion.allowed_clock_skew' => 180, /************************ - | ERRORS AND DEBUGGING | + * | ERRORS AND DEBUGGING | ************************/ /* @@ -304,11 +311,11 @@ * If you want to disable debugging completely, unset this option or set it to an * empty array. */ - 'debug' => [ - 'saml' => false, - 'backtraces' => true, - 'validatexml' => false, - ], + 'debug' => [ + 'saml' => FALSE, + 'backtraces' => TRUE, + 'validatexml' => FALSE, + ], /* * When 'showerrors' is enabled, all error messages and stack traces will be output @@ -317,8 +324,8 @@ * When 'errorreporting' is enabled, a form will be presented for the user to report * the error to 'technicalcontact_email'. */ - 'showerrors' => true, - 'errorreporting' => true, + 'showerrors' => TRUE, + 'errorreporting' => TRUE, /* * Custom error show function called from SimpleSAML\Error\Error::show. @@ -330,7 +337,7 @@ /************************** - | LOGGING AND STATISTICS | + * | LOGGING AND STATISTICS | **************************/ /* @@ -349,8 +356,8 @@ * must exist and be writable for SimpleSAMLphp. If set to something else, set * loggingdir above to 'null'. */ - 'logging.level' => SimpleSAML\Logger::NOTICE, - 'logging.handler' => 'syslog', + 'logging.level' => Logger::NOTICE, + 'logging.handler' => 'syslog', /* * Specify the format of the logs. Its use varies depending on the log handler used (for instance, you cannot @@ -378,8 +385,7 @@ * - %msg: the message to be logged. * */ - //'logging.format' => '%date{M j H:i:s} %process %level %stat[%trackid] %msg', - + // 'logging.format' => '%date{M j H:i:s} %process %level %stat[%trackid] %msg', /* * Choose which facility should be used when logging with syslog. * @@ -391,24 +397,24 @@ * * The default is to use LOG_LOCAL5 if available, and fall back to LOG_USER if not. */ - 'logging.facility' => defined('LOG_LOCAL5') ? constant('LOG_LOCAL5') : LOG_USER, + 'logging.facility' => defined('LOG_LOCAL5') ? constant('LOG_LOCAL5') : LOG_USER, /* * The process name that should be used when logging to syslog. * The value is also written out by the other logging handlers. */ - 'logging.processname' => 'simplesamlphp', + 'logging.processname' => 'simplesamlphp', /* * Logging: file - Logfilename in the loggingdir from above. */ - 'logging.logfile' => 'simplesamlphp.log', + 'logging.logfile' => 'simplesamlphp.log', /* * This is an array of outputs. Each output has at least a 'class' option, which * selects the output. */ - 'statistics.out' => [ + 'statistics.out' => [ // Log statistics to the normal log. /* [ @@ -428,7 +434,7 @@ /*********************** - | PROXY CONFIGURATION | + * | PROXY CONFIGURATION | ***********************/ /* @@ -437,19 +443,19 @@ * Example: * 'proxy' => 'tcp://proxy.example.com:5100' */ - 'proxy' => null, + 'proxy' => NULL, /* * Username/password authentication to proxy (Proxy-Authorization: Basic) * Example: * 'proxy.auth' = 'myuser:password' */ - //'proxy.auth' => 'myuser:password', + // 'proxy.auth' => 'myuser:password', /************************** - | DATABASE CONFIGURATION | + * | DATABASE CONFIGURATION | **************************/ /* @@ -463,29 +469,29 @@ * Ensure that you have the required PDO database driver installed * for your connection string. */ - 'database.dsn' => 'mysql:host=localhost;dbname=saml', + 'database.dsn' => 'mysql:host=localhost;dbname=saml', /* * SQL database credentials */ - 'database.username' => 'simplesamlphp', - 'database.password' => 'secret', - 'database.options' => [], + 'database.username' => 'simplesamlphp', + 'database.password' => 'secret', + 'database.options' => [], /* * (Optional) Table prefix */ - 'database.prefix' => '', + 'database.prefix' => '', /* * (Optional) Driver options */ - 'database.driver_options' => [], + 'database.driver_options' => [], /* * True or false if you would like a persistent database connection */ - 'database.persistent' => false, + 'database.persistent' => FALSE, /* * Database secondary configuration is optional as well. If you are only @@ -497,7 +503,7 @@ * options for the primary (shown above) with the exception of the table * prefix and driver options. */ - 'database.secondaries' => [ + 'database.secondaries' => [ /* [ 'dsn' => 'mysql:host=mysecondary;dbname=saml', @@ -511,7 +517,7 @@ /************* - | PROTOCOLS | + * | PROTOCOLS | *************/ /* @@ -519,8 +525,8 @@ * one of the functionalities below, but in some cases you could run multiple functionalities. * In example when you are setting up a federation bridge. */ - 'enable.saml20-idp' => true, - 'enable.adfs-idp' => false, + 'enable.saml20-idp' => TRUE, + 'enable.adfs-idp' => FALSE, /* * Whether SimpleSAMLphp should sign the response or the assertion in SAML 1.1 authentication * responses. @@ -529,11 +535,11 @@ * option to TRUE. It can also be overridden on a pr. SP basis by adding an option with the * same name to the metadata of the SP. */ - 'shib13.signresponse' => true, + 'shib13.signresponse' => TRUE, /*********** - | MODULES | + * | MODULES | ***********/ /* @@ -548,40 +554,43 @@ * ], */ - 'module.enable' => [ - 'exampleauth' => false, - 'core' => true, - 'admin' => true, - 'saml' => true - ], + 'module.enable' => [ + 'exampleauth' => FALSE, + 'core' => TRUE, + 'admin' => TRUE, + 'saml' => TRUE, + ], /************************* - | SESSION CONFIGURATION | + * | SESSION CONFIGURATION | *************************/ /* * This value is the duration of the session in seconds. Make sure that the time duration of * cookies both at the SP and the IdP exceeds this duration. */ - 'session.duration' => 8 * (60 * 60), // 8 hours. + // 8 hours. + 'session.duration' => 8 * (60 * 60), /* * Sets the duration, in seconds, data should be stored in the datastore. As the data store is used for * login and logout requests, this option will control the maximum time these operations can take. * The default is 4 hours (4*60*60) seconds, which should be more than enough for these operations. */ - 'session.datastore.timeout' => (4 * 60 * 60), // 4 hours + // 4 hours + 'session.datastore.timeout' => (4 * 60 * 60), /* * Sets the duration, in seconds, auth state should be stored. */ - 'session.state.timeout' => (60 * 60), // 1 hour + // 1 hour + 'session.state.timeout' => (60 * 60), /* * Option to override the default settings for the session cookie name */ - 'session.cookie.name' => 'SimpleSAMLSessionID', + 'session.cookie.name' => 'SimpleSAMLSessionID', /* * Expiration time for the session cookie, in seconds. @@ -591,7 +600,7 @@ * Example: * 'session.cookie.lifetime' => 30*60, */ - 'session.cookie.lifetime' => 0, + 'session.cookie.lifetime' => 0, /* * Limit the path of the cookies. @@ -601,7 +610,7 @@ * Example: * 'session.cookie.path' => '/simplesaml/', */ - 'session.cookie.path' => '/', + 'session.cookie.path' => '/', /* * Cookie domain. @@ -611,7 +620,7 @@ * Example: * 'session.cookie.domain' => '.example.org', */ - 'session.cookie.domain' => '.va.gov', + 'session.cookie.domain' => '.va.gov', /* * Set the secure flag in the cookie. @@ -620,7 +629,7 @@ * through https. If the user can access the service through * both http and https, this must be set to FALSE. */ - 'session.cookie.secure' => true, + 'session.cookie.secure' => TRUE, /* * Set the SameSite attribute in the cookie. @@ -639,19 +648,19 @@ * Example: * 'session.cookie.samesite' => 'None', */ - 'session.cookie.samesite' => $httpUtils->canSetSameSiteNone() ? 'None' : null, + 'session.cookie.samesite' => $httpUtils->canSetSameSiteNone() ? 'None' : NULL, /* * Options to override the default settings for php sessions. */ - 'session.phpsession.cookiename' => 'SimpleSAML', - 'session.phpsession.savepath' => null, - 'session.phpsession.httponly' => true, + 'session.phpsession.cookiename' => 'SimpleSAML', + 'session.phpsession.savepath' => NULL, + 'session.phpsession.httponly' => TRUE, /* * Option to override the default settings for the auth token cookie */ - 'session.authtoken.cookiename' => 'SimpleSAMLAuthToken', + 'session.authtoken.cookiename' => 'SimpleSAMLAuthToken', /* * Options for remember me feature for IdP sessions. Remember me feature @@ -666,9 +675,9 @@ * It's advised to use remember me feature with session checking function * defined with 'session.check_function' option. */ - 'session.rememberme.enable' => false, - 'session.rememberme.checked' => false, - 'session.rememberme.lifetime' => (14 * 86400), + 'session.rememberme.enable' => FALSE, + 'session.rememberme.checked' => FALSE, + 'session.rememberme.lifetime' => (14 * 86400), /* * Custom function for session checking called on session init and loading. @@ -681,7 +690,7 @@ /************************** - | MEMCACHE CONFIGURATION | + * | MEMCACHE CONFIGURATION | **************************/ /* @@ -767,11 +776,11 @@ * ], * */ - 'memcache_store.servers' => [ + 'memcache_store.servers' => [ [ ['hostname' => 'localhost'], ], - ], + ], /* * This value allows you to set a prefix for memcache-keys. The default @@ -781,7 +790,7 @@ * than one instance is using memcache, you probably want to assign * a unique value per instance to this setting to avoid data collision. */ - 'memcache_store.prefix' => '', + 'memcache_store.prefix' => '', /* * This value is the duration data should be stored in memcache. Data @@ -798,41 +807,42 @@ * Note: The oldest data will always be deleted if the memcache server * runs out of storage space. */ - 'memcache_store.expires' => 36 * (60 * 60), // 36 hours. + // 36 hours. + 'memcache_store.expires' => 36 * (60 * 60), /************************************* - | LANGUAGE AND INTERNATIONALIZATION | + * | LANGUAGE AND INTERNATIONALIZATION | *************************************/ /* * Languages available, RTL languages, and what language is the default. */ - 'language.available' => [ - 'en', 'no', 'nn', 'se', 'da', 'de', 'sv', 'fi', 'es', 'ca', 'fr', 'it', 'nl', 'lb', - 'cs', 'sk', 'sl', 'lt', 'hr', 'hu', 'pl', 'pt', 'pt-br', 'tr', 'ja', 'zh', 'zh-tw', - 'ru', 'et', 'he', 'id', 'sr', 'lv', 'ro', 'eu', 'el', 'af', 'zu', 'xh', 'st', - ], - 'language.rtl' => ['ar', 'dv', 'fa', 'ur', 'he'], - 'language.default' => 'en', + 'language.available' => [ + 'en', 'no', 'nn', 'se', 'da', 'de', 'sv', 'fi', 'es', 'ca', 'fr', 'it', 'nl', 'lb', + 'cs', 'sk', 'sl', 'lt', 'hr', 'hu', 'pl', 'pt', 'pt-br', 'tr', 'ja', 'zh', 'zh-tw', + 'ru', 'et', 'he', 'id', 'sr', 'lv', 'ro', 'eu', 'el', 'af', 'zu', 'xh', 'st', + ], + 'language.rtl' => ['ar', 'dv', 'fa', 'ur', 'he'], + 'language.default' => 'en', /* * Options to override the default settings for the language parameter */ - 'language.parameter.name' => 'language', - 'language.parameter.setcookie' => true, + 'language.parameter.name' => 'language', + 'language.parameter.setcookie' => TRUE, /* * Options to override the default settings for the language cookie */ - 'language.cookie.name' => 'language', - 'language.cookie.domain' => '', - 'language.cookie.path' => '/', - 'language.cookie.secure' => true, - 'language.cookie.httponly' => false, - 'language.cookie.lifetime' => (60 * 60 * 24 * 900), - 'language.cookie.samesite' => $httpUtils->canSetSameSiteNone() ? 'None' : null, + 'language.cookie.name' => 'language', + 'language.cookie.domain' => '', + 'language.cookie.path' => '/', + 'language.cookie.secure' => TRUE, + 'language.cookie.httponly' => FALSE, + 'language.cookie.lifetime' => (60 * 60 * 24 * 900), + 'language.cookie.samesite' => $httpUtils->canSetSameSiteNone() ? 'None' : NULL, /** * Custom getLanguage function called from SimpleSAML\Locale\Language::getLanguage(). @@ -847,19 +857,19 @@ */ /************** - | APPEARANCE | + * | APPEARANCE | **************/ /* * Which theme directory should be used? */ - 'theme.use' => 'default', + 'theme.use' => 'default', /* * Set this option to the text you would like to appear at the header of each page. Set to false if you don't want * any text to appear in the header. */ - //'theme.header' => 'SimpleSAMLphp', + // 'theme.header' => 'SimpleSAMLphp', /** * A template controller, if any. @@ -868,8 +878,7 @@ * the 'theme.controller' configuration option to a class that implements the * \SimpleSAML\XHTML\TemplateControllerInterface interface to use it. */ - //'theme.controller' => '', - + // 'theme.controller' => '', /* * Templating options * @@ -877,15 +886,14 @@ * Set 'template.cache' to an absolute path pointing to a directory that * SimpleSAMLphp has read and write permissions to. */ - //'template.cache' => '', - + // 'template.cache' => '', /* * Set the 'template.auto_reload' to true if you would like SimpleSAMLphp to * recompile the templates (when using the template cache) if the templates * change. If you don't want to check the source templates for every request, * set it to false. */ - 'template.auto_reload' => false, + 'template.auto_reload' => FALSE, /* * Set this option to true to indicate that your installation of SimpleSAMLphp @@ -897,22 +905,22 @@ * * Defaults to true. */ - 'production' => true, + 'production' => TRUE, /* * SimpleSAMLphp modules can host static resources which are served through PHP. * The serving of the resources can be configured through these settings. */ - 'assets' => [ + 'assets' => [ /* * These settings adjust the caching headers that are sent * when serving static resources. */ - 'caching' => [ + 'caching' => [ /* * Amount of seconds before the resource should be fetched again */ - 'max_age' => 86400, + 'max_age' => 86400, /* * Calculate a checksum of every file and send it to the browser * This allows the browser to avoid downloading assets again in situations @@ -921,33 +929,33 @@ * * Defaults false */ - 'etag' => false, - ], + 'etag' => FALSE, ], + ], /** * Set to a full URL if you want to redirect users that land on SimpleSAMLphp's * front page to somewhere more useful. If left unset, a basic welcome message * is shown. */ - //'frontpage.redirect' => 'https://example.com/', + // 'frontpage.redirect' => 'https://example.com/', /********************* - | DISCOVERY SERVICE | + * | DISCOVERY SERVICE | *********************/ /* * Whether the discovery service should allow the user to save his choice of IdP. */ - 'idpdisco.enableremember' => true, - 'idpdisco.rememberchecked' => true, + 'idpdisco.enableremember' => TRUE, + 'idpdisco.rememberchecked' => TRUE, /* * The disco service only accepts entities it knows. */ - 'idpdisco.validate' => true, + 'idpdisco.validate' => TRUE, - 'idpdisco.extDiscoveryStorage' => null, + 'idpdisco.extDiscoveryStorage' => NULL, /* * IdP Discovery service look configuration. @@ -959,18 +967,18 @@ * * Options: [links,dropdown] */ - 'idpdisco.layout' => 'dropdown', + 'idpdisco.layout' => 'dropdown', /************************************* - | AUTHENTICATION PROCESSING FILTERS | + * | AUTHENTICATION PROCESSING FILTERS | *************************************/ /* * Authentication processing filters that will be executed for all IdPs */ - 'authproc.idp' => [ + 'authproc.idp' => [ /* Enable the authproc filter below to add URN prefixes to all attributes 10 => [ 'class' => 'core:AttributeMap', 'addurnprefix' @@ -980,19 +988,19 @@ 20 => 'core:TargetedID', */ - // Adopts language from attribute to use in UI - 30 => 'core:LanguageAdaptor', + // Adopts language from attribute to use in UI. + 30 => 'core:LanguageAdaptor', - 45 => [ - 'class' => 'core:StatisticsWithAttribute', - 'attributename' => 'realm', - 'type' => 'saml20-idp-SSO', - ], + 45 => [ + 'class' => 'core:StatisticsWithAttribute', + 'attributename' => 'realm', + 'type' => 'saml20-idp-SSO', + ], /* When called without parameters, it will fallback to filter attributes 'the old way' * by checking the 'attributes' parameter in metadata on IdP hosted and SP remote. */ - 50 => 'core:AttributeLimit', + 50 => 'core:AttributeLimit', /* * Search attribute "distinguishedName" for pattern and replaces if found @@ -1005,7 +1013,7 @@ 'subject' => 'distinguishedName', '%replace', ], - */ + */ /* * Consent module is enabled (with no permanent storage, using cookies). @@ -1017,15 +1025,15 @@ 'focus' => 'yes', 'checked' => true ], - */ + */ // If language is set in Consent module it will be added as an attribute. - 99 => 'core:LanguageAdaptor', - ], + 99 => 'core:LanguageAdaptor', + ], /* * Authentication processing filters that will be executed for all SPs */ - 'authproc.sp' => [ + 'authproc.sp' => [ /* 10 => [ 'class' => 'core:AttributeMap', 'removeurnprefix' @@ -1047,21 +1055,21 @@ ], */ - // Adopts language from attribute to use in UI - 90 => 'core:LanguageAdaptor', - ], + // Adopts language from attribute to use in UI. + 90 => 'core:LanguageAdaptor', + ], /************************** - | METADATA CONFIGURATION | + * | METADATA CONFIGURATION | **************************/ /* * This option allows you to specify a directory for your metadata outside of the standard metadata directory * included in the standard distribution of the software. */ - 'metadatadir' => 'metadata', + 'metadatadir' => 'metadata', /* * This option configures the metadata sources. The metadata sources is given as an array with @@ -1147,9 +1155,9 @@ * ['type' => 'flatfile'] * ], */ - 'metadata.sources' => [ + 'metadata.sources' => [ ['type' => 'flatfile'], - ], + ], /* * Should signing of generated metadata be enabled by default. @@ -1157,7 +1165,7 @@ * Metadata signing can also be enabled for a individual SP or IdP by setting the * same option in the metadata for the SP or IdP. */ - 'metadata.sign.enable' => false, + 'metadata.sign.enable' => FALSE, /* * The default key & certificate which should be used to sign generated metadata. These @@ -1169,14 +1177,14 @@ * the 'certificate' and 'privatekey' option in the metadata will be used. * if those aren't set, signing of metadata will fail. */ - 'metadata.sign.privatekey' => null, - 'metadata.sign.privatekey_pass' => null, - 'metadata.sign.certificate' => null, - 'metadata.sign.algorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', + 'metadata.sign.privatekey' => NULL, + 'metadata.sign.privatekey_pass' => NULL, + 'metadata.sign.certificate' => NULL, + 'metadata.sign.algorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', /**************************** - | DATA STORE CONFIGURATION | + * | DATA STORE CONFIGURATION | ****************************/ /* @@ -1189,7 +1197,7 @@ * * The default datastore is 'phpsession'. */ - 'store.type' => 'sql', + 'store.type' => 'sql', /* * The DSN the sql datastore should connect to. @@ -1197,29 +1205,29 @@ * See http://www.php.net/manual/en/pdo.drivers.php for the various * syntaxes. */ - 'store.sql.dsn' => "sqlite:{$_SERVER['DOCUMENT_ROOT']}/../samlsessiondb.sq3", + 'store.sql.dsn' => "sqlite:{$_SERVER['DOCUMENT_ROOT']}/../samlsessiondb.sq3", /* * The username and password to use when connecting to the database. */ - 'store.sql.username' => null, - 'store.sql.password' => null, + 'store.sql.username' => NULL, + 'store.sql.password' => NULL, /* * The prefix we should use on our tables. */ - 'store.sql.prefix' => 'SimpleSAMLphp', + 'store.sql.prefix' => 'SimpleSAMLphp', /* * The driver-options we should pass to the PDO-constructor. */ - 'store.sql.options' => [], + 'store.sql.options' => [], /* * The hostname and port of the Redis datastore instance. */ - 'store.redis.host' => 'localhost', - 'store.redis.port' => 6379, + 'store.redis.host' => 'localhost', + 'store.redis.port' => 6379, /* * The credentials to use when connecting to Redis. @@ -1232,8 +1240,8 @@ * Redis 6+) then you should provide both a username and a password. * See https://redis.io/docs/manual/security/acl/ */ - 'store.redis.username' => '', - 'store.redis.password' => '', + 'store.redis.username' => '', + 'store.redis.password' => '', /* * Communicate with Redis over a secure connection instead of plain TCP. @@ -1241,31 +1249,31 @@ * This setting affects both single host connections as * well as Sentinel mode. */ - 'store.redis.tls' => false, + 'store.redis.tls' => FALSE, /* * Verify the Redis server certificate. */ - 'store.redis.insecure' => false, + 'store.redis.insecure' => FALSE, /* * Files related to secure communication with Redis. * * Files are searched in the 'certdir' when using relative paths. */ - 'store.redis.ca_certificate' => null, - 'store.redis.certificate' => null, - 'store.redis.privatekey' => null, + 'store.redis.ca_certificate' => NULL, + 'store.redis.certificate' => NULL, + 'store.redis.privatekey' => NULL, /* * The prefix we should use on our Redis datastore. */ - 'store.redis.prefix' => 'SimpleSAMLphp', + 'store.redis.prefix' => 'SimpleSAMLphp', /* * The master group to use for Redis Sentinel. */ - 'store.redis.mastergroup' => 'mymaster', + 'store.redis.mastergroup' => 'mymaster', /* * The Redis Sentinel hosts. @@ -1279,10 +1287,10 @@ * Use 'tls' instead of 'tcp' in order to make use of the additional * TLS settings. */ - 'store.redis.sentinels' => [], + 'store.redis.sentinels' => [], /********************* - | IdP/SP PROXY MODE | + * | IdP/SP PROXY MODE | *********************/ /* @@ -1291,5 +1299,5 @@ * processed by the IdP/SP proxy or if it will be passed to the SP behind * the IdP/SP proxy. */ - 'proxymode.passAuthnContextClassRef' => false, + 'proxymode.passAuthnContextClassRef' => FALSE, ]; From 1d6f2c338c632ac50f42988179c2b41ba8f0c95a Mon Sep 17 00:00:00 2001 From: Jill Adams <85581471+jilladams@users.noreply.github.com> Date: Tue, 9 Apr 2024 15:29:18 -0700 Subject: [PATCH 03/19] [docs] Update tugboat.md --- READMES/tugboat.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/READMES/tugboat.md b/READMES/tugboat.md index e00db64a2e..20759abae4 100644 --- a/READMES/tugboat.md +++ b/READMES/tugboat.md @@ -10,6 +10,13 @@ Tugboat contains **Projects**. Each Project can contain **Repositories** (not re * **Base Preview** Take the term Base to mean bottom or foundation: Base Preview is a container, built from a versioned state of the CMS code, with a production database snapshot baked in. Tugboat uses Base Previews to make PR Preview creation quick and disk storage efficient. After a 30-40min build, Base Previews are ready to layer va.gov-cms code changes on top and run post-deploy operations (updatedb, config:import). +## Access +In order to access the Tugboat UI, you must have SOCKS running on your machine, or be on the VA network (via CAG/Azure, on GFE, etc). + +Any Github user in the department-of-veterans-affairs organization can log into Tugboat using Github credentials. Access is provided automatically, no manual steps. + +Tugboat management has been limited to [@platform-cms-devops-engineers](https://github.com/orgs/department-of-veterans-affairs/teams/platform-cms-devops-engineers) historically. + ## VA Usage At VA, our lower environments are each built from a Tugboat Base Preview, in some fashion. Our Tugboat configuration is relevant to the discussion: From d1ca4de28c2deb4de065ee15b3cd91ac1fa39c82 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Apr 2024 18:06:26 -0700 Subject: [PATCH 04/19] Bump va-gov/content-build from 0.0.3477 to 0.0.3478 (#17799) Bumps [va-gov/content-build](https://github.com/department-of-veterans-affairs/content-build) from 0.0.3477 to 0.0.3478. - [Release notes](https://github.com/department-of-veterans-affairs/content-build/releases) - [Commits](https://github.com/department-of-veterans-affairs/content-build/compare/v0.0.3477...v0.0.3478) --- updated-dependencies: - dependency-name: va-gov/content-build dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- composer.json | 2 +- composer.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index 1297069dcc..25008f9199 100644 --- a/composer.json +++ b/composer.json @@ -223,7 +223,7 @@ "symfony/phpunit-bridge": "^5.1", "symfony/process": "^6.3", "symfony/routing": "^6.3", - "va-gov/content-build": "^0.0.3477", + "va-gov/content-build": "^0.0.3478", "vlucas/phpdotenv": "^5.3", "webflo/drupal-finder": "^1.0.0", "webmozart/path-util": "^2.3", diff --git a/composer.lock b/composer.lock index f34a45c658..3eaaaea6fa 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "c03b66fb3883e81edaf4cca3a9e07d8f", + "content-hash": "566bbaea8818a482c56fd800f1b518b9", "packages": [ { "name": "asm89/stack-cors", @@ -25860,16 +25860,16 @@ }, { "name": "va-gov/content-build", - "version": "v0.0.3477", + "version": "v0.0.3478", "source": { "type": "git", "url": "https://github.com/department-of-veterans-affairs/content-build.git", - "reference": "f16cb70b66ae855f54b5af2dc6a681d9e87c9be6" + "reference": "efd0485da50ba02b02b29ee80f84501ebbe3ec1c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/department-of-veterans-affairs/content-build/zipball/f16cb70b66ae855f54b5af2dc6a681d9e87c9be6", - "reference": "f16cb70b66ae855f54b5af2dc6a681d9e87c9be6", + "url": "https://api.github.com/repos/department-of-veterans-affairs/content-build/zipball/efd0485da50ba02b02b29ee80f84501ebbe3ec1c", + "reference": "efd0485da50ba02b02b29ee80f84501ebbe3ec1c", "shasum": "" }, "type": "node-project", @@ -25896,9 +25896,9 @@ "description": "Front-end for VA.gov. This repository contains the code that generates the www.va.gov website. It contains a Metalsmith static site builder that uses a Drupal CMS for content. This file is here to publish releases to https://packagist.org/packages/va-gov/content-build, so that the CMS CI system can install it and update it using standard composer processes, and so that we can run tests across both systems. See https://github.com/department-of-veterans-affairs/va.gov-cms for the CMS repo, and stand by for more documentation.", "support": { "issues": "https://github.com/department-of-veterans-affairs/content-build/issues", - "source": "https://github.com/department-of-veterans-affairs/content-build/tree/v0.0.3477" + "source": "https://github.com/department-of-veterans-affairs/content-build/tree/v0.0.3478" }, - "time": "2024-04-08T18:07:12+00:00" + "time": "2024-04-08T22:37:09+00:00" }, { "name": "vlucas/phpdotenv", From 2e985f7e932c03c57cf7d4fae595d84cd019b168 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 10 Apr 2024 11:08:35 -0700 Subject: [PATCH 05/19] Bump drupal/entity_clone from 2.0.0-beta5 to 2.0.0-beta6 (#17784) Bumps drupal/entity_clone from 2.0.0-beta5 to 2.0.0-beta6. --- updated-dependencies: - dependency-name: drupal/entity_clone dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Amanda Nantais-Austin --- composer.lock | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/composer.lock b/composer.lock index 3eaaaea6fa..6487dcf737 100644 --- a/composer.lock +++ b/composer.lock @@ -5590,17 +5590,17 @@ }, { "name": "drupal/entity_clone", - "version": "2.0.0-beta5", + "version": "2.0.0-beta6", "source": { "type": "git", "url": "https://git.drupalcode.org/project/entity_clone.git", - "reference": "2.0.0-beta5" + "reference": "2.0.0-beta6" }, "dist": { "type": "zip", - "url": "https://ftp.drupal.org/files/projects/entity_clone-2.0.0-beta5.zip", - "reference": "2.0.0-beta5", - "shasum": "86a9c1984fcb4d31dab5bf4ff4a1e6feb03274d7" + "url": "https://ftp.drupal.org/files/projects/entity_clone-2.0.0-beta6.zip", + "reference": "2.0.0-beta6", + "shasum": "afd98c1aeffc1d28b8a0b29c8cfb09de95debc9b" }, "require": { "drupal/core": "^8.8 || ^9 || ^10" @@ -5614,8 +5614,8 @@ "type": "drupal-module", "extra": { "drupal": { - "version": "2.0.0-beta5", - "datestamp": "1711543181", + "version": "2.0.0-beta6", + "datestamp": "1712549899", "security-coverage": { "status": "not-covered", "message": "Beta releases are not covered by Drupal security advisories." @@ -26881,7 +26881,6 @@ "drupal/components": 10, "drupal/danse_content_moderation": 10, "drupal/entity_block": 10, - "drupal/entity_clone": 15, "drupal/entity_diff_ui": 15, "drupal/entity_field_fetch": 10, "drupal/entity_reference_hierarchy": 10, From 8355a98c5347631321b34a49bdf68284f252d306 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 10 Apr 2024 14:09:31 -0700 Subject: [PATCH 06/19] Bump tar from 6.1.13 to 6.2.1 in /docroot/themes/custom/vagovclaro (#17800) Bumps [tar](https://github.com/isaacs/node-tar) from 6.1.13 to 6.2.1. - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](https://github.com/isaacs/node-tar/compare/v6.1.13...v6.2.1) --- updated-dependencies: - dependency-name: tar dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Amanda Nantais-Austin --- .../custom/vagovclaro/package-lock.json | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/docroot/themes/custom/vagovclaro/package-lock.json b/docroot/themes/custom/vagovclaro/package-lock.json index 33a1d1b175..8d40467f24 100644 --- a/docroot/themes/custom/vagovclaro/package-lock.json +++ b/docroot/themes/custom/vagovclaro/package-lock.json @@ -9833,16 +9833,16 @@ } }, "node_modules/tar": { - "version": "6.1.13", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.1.13.tgz", - "integrity": "sha512-jdIBIN6LTIe2jqzay/2vtYLlBHa3JF42ot3h1dW8Q0PaAG4v8rm0cvpVePtau5C6OKXGGcgO9q2AMNSWxiLqKw==", + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", + "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", "dev": true, "optional": true, "peer": true, "dependencies": { "chownr": "^2.0.0", "fs-minipass": "^2.0.0", - "minipass": "^4.0.0", + "minipass": "^5.0.0", "minizlib": "^2.1.1", "mkdirp": "^1.0.3", "yallist": "^4.0.0" @@ -9882,9 +9882,9 @@ } }, "node_modules/tar/node_modules/minipass": { - "version": "4.2.5", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-4.2.5.tgz", - "integrity": "sha512-+yQl7SX3bIT83Lhb4BVorMAHVuqsskxRdlmO9kTpyukp8vsm2Sn/fUOV9xlnG8/a5JsypJzap21lz/y3FBMJ8Q==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", + "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", "dev": true, "optional": true, "peer": true, @@ -18163,25 +18163,25 @@ "dev": true }, "tar": { - "version": "6.1.13", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.1.13.tgz", - "integrity": "sha512-jdIBIN6LTIe2jqzay/2vtYLlBHa3JF42ot3h1dW8Q0PaAG4v8rm0cvpVePtau5C6OKXGGcgO9q2AMNSWxiLqKw==", + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", + "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", "dev": true, "optional": true, "peer": true, "requires": { "chownr": "^2.0.0", "fs-minipass": "^2.0.0", - "minipass": "^4.0.0", + "minipass": "^5.0.0", "minizlib": "^2.1.1", "mkdirp": "^1.0.3", "yallist": "^4.0.0" }, "dependencies": { "minipass": { - "version": "4.2.5", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-4.2.5.tgz", - "integrity": "sha512-+yQl7SX3bIT83Lhb4BVorMAHVuqsskxRdlmO9kTpyukp8vsm2Sn/fUOV9xlnG8/a5JsypJzap21lz/y3FBMJ8Q==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", + "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", "dev": true, "optional": true, "peer": true From 785a3f5000996dde0263a115a85d7d2c933381a7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 10 Apr 2024 14:38:06 -0700 Subject: [PATCH 07/19] Bump tar from 6.2.0 to 6.2.1 in /docroot/design-system (#17801) Bumps [tar](https://github.com/isaacs/node-tar) from 6.2.0 to 6.2.1. - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](https://github.com/isaacs/node-tar/compare/v6.2.0...v6.2.1) --- updated-dependencies: - dependency-name: tar dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Amanda Nantais-Austin --- docroot/design-system/package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docroot/design-system/package-lock.json b/docroot/design-system/package-lock.json index 7036c59218..703fb68c2c 100644 --- a/docroot/design-system/package-lock.json +++ b/docroot/design-system/package-lock.json @@ -15381,9 +15381,9 @@ } }, "node_modules/tar": { - "version": "6.2.0", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.0.tgz", - "integrity": "sha512-/Wo7DcT0u5HUV486xg675HtjNd3BXZ6xDbzsCUZPt5iw8bTQ63bP0Raut3mvro9u+CUyq7YQd8Cx55fsZXxqLQ==", + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", + "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", "dev": true, "dependencies": { "chownr": "^2.0.0", @@ -27953,9 +27953,9 @@ "dev": true }, "tar": { - "version": "6.2.0", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.0.tgz", - "integrity": "sha512-/Wo7DcT0u5HUV486xg675HtjNd3BXZ6xDbzsCUZPt5iw8bTQ63bP0Raut3mvro9u+CUyq7YQd8Cx55fsZXxqLQ==", + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", + "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", "dev": true, "requires": { "chownr": "^2.0.0", From 23d807f28529c27ebff7ad6196b903f08bc4242b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 10 Apr 2024 15:37:15 -0700 Subject: [PATCH 08/19] Bump drupal/raven from 5.0.9 to 5.0.10 (#17798) Bumps drupal/raven from 5.0.9 to 5.0.10. --- updated-dependencies: - dependency-name: drupal/raven dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Amanda Nantais-Austin --- composer.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/composer.lock b/composer.lock index 6487dcf737..d8fef096ce 100644 --- a/composer.lock +++ b/composer.lock @@ -11654,17 +11654,17 @@ }, { "name": "drupal/raven", - "version": "5.0.9", + "version": "5.0.10", "source": { "type": "git", "url": "https://git.drupalcode.org/project/raven.git", - "reference": "5.0.9" + "reference": "5.0.10" }, "dist": { "type": "zip", - "url": "https://ftp.drupal.org/files/projects/raven-5.0.9.zip", - "reference": "5.0.9", - "shasum": "c1f33d6342264a7143fd121475b4ea5f39219c51" + "url": "https://ftp.drupal.org/files/projects/raven-5.0.10.zip", + "reference": "5.0.10", + "shasum": "218f13c726395ff67de5f4e9d67d5c772071a0cf" }, "require": { "drupal/core": "^10.1", @@ -11679,8 +11679,8 @@ "type": "drupal-module", "extra": { "drupal": { - "version": "5.0.9", - "datestamp": "1711141649", + "version": "5.0.10", + "datestamp": "1712692567", "security-coverage": { "status": "covered", "message": "Covered by Drupal's security advisory policy" From ee2a884a2815ff96e61674d7de548da294efdaae Mon Sep 17 00:00:00 2001 From: Jill Adams <85581471+jilladams@users.noreply.github.com> Date: Wed, 10 Apr 2024 16:04:05 -0700 Subject: [PATCH 09/19] [docs] Update sitewide-crew-member-onboarding.md --- .../sitewide-crew-member-onboarding.md | 50 ++++++++++--------- 1 file changed, 27 insertions(+), 23 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md b/.github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md index d69741ac3e..d2dab1481e 100644 --- a/.github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md +++ b/.github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md @@ -151,13 +151,11 @@ You can view team sprint boards using either the Github view with Zenhub browser * **CMS team**: also runs their sprints from the same repository, and any repo / workspace changes should be mindful of not impacting their [Github view](https://github.com/department-of-veterans-affairs/va.gov-cms/#workspaces/vagov-cms-team-5c0e7b864b5806bc2bfc2087/board), or [Zenhub webapp view](https://app.zenhub.com/workspaces/vagov-cms-team-5c0e7b864b5806bc2bfc2087/board) ### General VA Access -- [ ] Open a VA.gov [Platform orientation ticket](https://depo-platform-documentation.scrollhelp.site/getting-started/guidance-for-new-teams-and-team-members#Guidancefornewteamsandteammembers-NewVFSteammembers). - * The VA.gov Platform team manages VA.gov tooling and network access. In order to receive access to many tools you'll need day to day, you must access the SOCKS network proxy (described later). For SOCKS access, you must - 1. complete the steps described in the link above - 2. complete your eQip paperwork and receive/provide a screenshot of the email with your E-QIP transmittal date, - 3. Complete a virtual Platform orientation. - * When those steps are complete, the VA Platform team will add you to the VFS Team Roster located in [Atlas](https://www.va.gov/atlas/). This will allow you to get SOCKS access. +The VA.gov Platform team manages VA.gov tooling and network access. In order to receive access to many tools you'll need day to day, you must file a Platform orientation ticket and complete the required steps in that ticket. (There may be some overlap with steps in this ticket -- if you have feedback on how we could reduce overlap, send notes to your Delivery Manager!) +- [ ] Open a VA.gov [Platform orientation ticket](https://depo-platform-documentation.scrollhelp.site/getting-started/guidance-for-new-teams-and-team-members#Guidancefornewteamsandteammembers-NewVFSteammembers). + +**SOCKS proxy**: SOCKS is a VA Network proxy that will allow you to access some VA systems from your local machine, without being on the VA network or a virtual machine. To gain SOCKS access, you must complete your Platform orientation ticket. More details on SOCKS in the "After eQip Transmittal notice received" section. @@ -182,9 +180,29 @@ The goal for this week is to get you set up with the tools you need to be succes ## After eQip Transmittal notice received ### VA Network access -After you receive eQip Transmittal notice, you should receive an email confirming that you have been approved for remote access. - -If you need access prior to receiving your PIV card, You can contact Enterprise Service desk via provided instructions to set up your remote desktop access manually. +After you receive eQip Transmittal notice, you should receive an email confirming that you have been approved for remote access. The VA network is required in order to access Drupal CMS and other VA tools. VA Network access typically requires a VA Personal Identity Verification (PIV) card with a chip reader. + +### VA network: SOCKS proxy (after your Platform Orientation) +SOCKS is a VA Network proxy that will allow you to access some VA systems from your local machine, without being on the VA network or a virtual machine. Until your paperwork is approved and you receive a PIV card, using the SOCKS proxy can provide earlier access to some VA Network tools. Configuring SOCKS is the first priority when your eQip transmittal is received, for anyone who will require access to Drupal (UX, engineers, Product Management, etc.). If your role doesn't demand immediate access to the CMS, you may be able to wait until you receive a PIV. + +To gain SOCKS access, you must: + +1. Complete your Platform orientation ticket. When complete, the VA Platform team will add you to the VFS Team Roster located in [Atlas](https://www.va.gov/atlas/product_directory/team_members). This will allow you to get SOCKS access. +2. Complete your eQip paperwork +3. Receive an eQip transmittal confirmation via email + +When those are in place: +- [ ] Follow instructions in: https://depo-platform-documentation.scrollhelp.site/getting-started/accessing-internal-tools-via-socks-proxy to configure SOCKS. Read instructions closely: you'll need to file another ticket during the process, and include a screenshot of your eQip transmittal notice. +- [ ] Optional [Core Tunnel set up for SOCKS proxy on all browsers on Mac](https://www.youtube.com/watch?v=fSuN9LhkB5o) + +Setting up SOCKS can be a complex process. Post in #sitewide-program Slack channel if you need help from a current member - we're happy to help. + + + +### VA Network: Virtual Machines +The VA Network can also be accessed on Virtual Machines (VMs), using either the Citrix Access Gateway (CAG) or Azure. + +If you need virtual machine access prior to receiving your PIV card, You can contact Enterprise Service desk via provided instructions to set up your remote desktop access manually. Once you have a temporary password, you can get on the VA network to access the links below. See [VA network remote access options](https://www.oit.va.gov/resources/remote-access/index.cfm?). @@ -199,20 +217,6 @@ Mac users will also use Azure Virtual Desktop (AVD) _eventually._ As of Aug 2023 - [ ] 1. Azure web client: https://client.wvd.microsoft.com/arm/webclient/, IF you have a PIV card. There is an Azure desktop client but it won’t work on a mac because the mac application doesn’t support PIV authentication. . (Try using Firefox and make sure pop-ups are allowed, at least for the MS domain if not globally (they are not allowed by default). Enter your VA email address. Connect your PIV card reader to your computer, and insert the card in the reader. Select ‘Sign in using an X.509 certificate’. - [ ] 2. Citrix Access Gateway (CAG): use your Enterprise Service desk credentials or PIV card to log onto CAG and request an exemption [here](https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapps.gov.powerapps.us%2Fplay%2Fe%2Fdefault-e95f1b23-abaf-45ee-821d-b7ab251ab3bf%2Fa%2F5823591d-4113-4f49-ba75-ea95a5081b41%3FtenantId%3De95f1b23-abaf-45ee-821d-b7ab251ab3bf%26source%3Dportal&data=05%7C01%7C%7Cdec2e51d4f3b472b1dec08db921d522a%7Ce95f1b23abaf45ee821db7ab251ab3bf%7C0%7C0%7C638264426849490249%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=36fW8GZiUuh1AhaokCn47xqF41PolOoaT40f%2BfGsDBs%3D&reserved=0) -### SOCKS - VA network proxy (after your Platform Orientation) -The VA network is required in order to access Drupal CMS and other VA tools. VA Network access typically requires a VA Personal Identity Verification (PIV) card with a chip reader. Until your paperwork is approved and you receive a PIV card, using the SOCKS proxy can provide earlier access to some of these tools. - -**You cannot be approved for SOCKS access until your eQip is sent and you receive a "transmittal notice" confirming receipt.** If you have received an eQip transmittal notice, but not a PIV, please complete the steps for SOCKS access. This is the first priority for week two, especially for anyone who will require access to Drupal (UX, engineers, Product Management, etc.). If your role doesn't demand immediate access to the CMS, you may be able to wait until you receive a PIV. - -This can be a complex process. Post in #sitewide-program Slack channel if you need help from a current member - we're happy to help. - - [ ] Take a screenshot of your eQip transmittal notice. - - [ ] [Request a Github personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). You only need to do the "repo" panel in that form and leave the other panels as is. You'll need the output of this for your SOCKS request. - - [ ] File a [SOCKS proxy request](https://depo-platform-documentation.scrollhelp.site/getting-started/Internal-tools-access-via-SOCKS-proxy.1821081710.html) and select the label for your team. It may take a day or two for the SOCKS proxy request to be fulfilled before you can complete the rest of the SOCKS process. - - [ ] Attach your eQip transmittal notice screenshot. This is an acknowledgement that your paperwork is being processed from a security standpoint. You cannot receive SOCKS access prior to this point in your onboarding. - - [ ] Add a comment to note the status of your Platform orientation / link to your Platform orientation ticket. (This should have been requested on day one but is here as a reminder that this is a blocker for SOCKS access.) -- [ ] Optional [Core Tunnel set up for SOCKS proxy on all browsers on Mac](https://www.youtube.com/watch?v=fSuN9LhkB5o) - -You can file the SOCKS request before completing your Platform Orientation, but it may not be approved/fulfilled until after orientation is completed. ### Drupal Drupal is the VA's content management system (CMS) of choice. For anyone on our team, it's beneficial to have a CMS user account so you can login, look at settings, and understand how Drupal works at a high level. If you need help completing the technical steps here, schedule 30 mins with your Delivery Manager. From ac0037a1f0f2d752aff771b1a67b6b7f9662951d Mon Sep 17 00:00:00 2001 From: Jill Adams <85581471+jilladams@users.noreply.github.com> Date: Wed, 10 Apr 2024 16:08:15 -0700 Subject: [PATCH 10/19] [docs] Update sitewide-crew-member-onboarding.md --- .github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md b/.github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md index d2dab1481e..7be98d201a 100644 --- a/.github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md +++ b/.github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md @@ -300,10 +300,15 @@ Each repository includes READMEs to help with setup. - [ ] [Learn about the different Drupal environments](https://github.com/department-of-veterans-affairs/va.gov-cms/blob/main/READMES/environments.md) - explains the CMS > content build process and data source / snapshot timing for all lower environments - [ ] If you are using a non-VA laptop for development you will need [follow the instructions on Github](https://github.com/department-of-veterans-affairs/va.gov-cms/blob/main/READMES/https.md) to trust the VA Root Certificate Authority (CA) in your browser(s) -### Design system +### VA Design system (DS) +The VA Design System and our products are always iterating, so you'll find our products in various states of compliance with current Design System guidance. We expect that any new development in the front-end uses VA Design System components wherever possible, and that we identify opportunities to bring older products up to modern usage of the DS. It's important to get familiar with the DS to inform your work. + - [ ] Review the [VA.gov Design System](https://design.va.gov/) which includes [how to provide feedback]([https://design.va.gov/about/feedback](https://design.va.gov/about/feedback)) + - [ ] Review the VA DS [Storybook](https://design.va.gov/storybook/?path=/story/about-introduction--page) - [ ] CMS Design System: documentation TBD +If you ever see places we should be using the DS and aren't, surface those to your Product Manager! + ### Tools & Resources - [ ] [VA.gov tools overview](https://depo-platform-documentation.scrollhelp.site/getting-started/Request-access-to-tools.969605215.html) From 3468aee5e4da21a8bc50517b43495b7098ed3e2f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 10 Apr 2024 18:24:42 -0700 Subject: [PATCH 11/19] Bump va-gov/content-build from 0.0.3478 to 0.0.3480 (#17811) Bumps [va-gov/content-build](https://github.com/department-of-veterans-affairs/content-build) from 0.0.3478 to 0.0.3480. - [Release notes](https://github.com/department-of-veterans-affairs/content-build/releases) - [Commits](https://github.com/department-of-veterans-affairs/content-build/compare/v0.0.3478...v0.0.3480) --- updated-dependencies: - dependency-name: va-gov/content-build dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- composer.json | 2 +- composer.lock | 15 ++++++++------- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index 25008f9199..bee09257b8 100644 --- a/composer.json +++ b/composer.json @@ -223,7 +223,7 @@ "symfony/phpunit-bridge": "^5.1", "symfony/process": "^6.3", "symfony/routing": "^6.3", - "va-gov/content-build": "^0.0.3478", + "va-gov/content-build": "^0.0.3480", "vlucas/phpdotenv": "^5.3", "webflo/drupal-finder": "^1.0.0", "webmozart/path-util": "^2.3", diff --git a/composer.lock b/composer.lock index d8fef096ce..36ca97fe20 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "566bbaea8818a482c56fd800f1b518b9", + "content-hash": "5425427c4221d5622aa394d002cc470a", "packages": [ { "name": "asm89/stack-cors", @@ -25860,16 +25860,16 @@ }, { "name": "va-gov/content-build", - "version": "v0.0.3478", + "version": "v0.0.3480", "source": { "type": "git", "url": "https://github.com/department-of-veterans-affairs/content-build.git", - "reference": "efd0485da50ba02b02b29ee80f84501ebbe3ec1c" + "reference": "c6c8faa6db7c2079000daab3407b5b1b6ac6ec31" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/department-of-veterans-affairs/content-build/zipball/efd0485da50ba02b02b29ee80f84501ebbe3ec1c", - "reference": "efd0485da50ba02b02b29ee80f84501ebbe3ec1c", + "url": "https://api.github.com/repos/department-of-veterans-affairs/content-build/zipball/c6c8faa6db7c2079000daab3407b5b1b6ac6ec31", + "reference": "c6c8faa6db7c2079000daab3407b5b1b6ac6ec31", "shasum": "" }, "type": "node-project", @@ -25896,9 +25896,9 @@ "description": "Front-end for VA.gov. This repository contains the code that generates the www.va.gov website. It contains a Metalsmith static site builder that uses a Drupal CMS for content. This file is here to publish releases to https://packagist.org/packages/va-gov/content-build, so that the CMS CI system can install it and update it using standard composer processes, and so that we can run tests across both systems. See https://github.com/department-of-veterans-affairs/va.gov-cms for the CMS repo, and stand by for more documentation.", "support": { "issues": "https://github.com/department-of-veterans-affairs/content-build/issues", - "source": "https://github.com/department-of-veterans-affairs/content-build/tree/v0.0.3478" + "source": "https://github.com/department-of-veterans-affairs/content-build/tree/v0.0.3480" }, - "time": "2024-04-08T22:37:09+00:00" + "time": "2024-04-10T15:37:00+00:00" }, { "name": "vlucas/phpdotenv", @@ -26881,6 +26881,7 @@ "drupal/components": 10, "drupal/danse_content_moderation": 10, "drupal/entity_block": 10, + "drupal/entity_clone": 15, "drupal/entity_diff_ui": 15, "drupal/entity_field_fetch": 10, "drupal/entity_reference_hierarchy": 10, From 8152c3cda7979ca10547e0e61c3e974ef7a34d31 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Apr 2024 11:08:52 -0700 Subject: [PATCH 12/19] Bump drupal/password_policy from 4.0.0 to 4.0.1 (#17786) Bumps drupal/password_policy from 4.0.0 to 4.0.1. --- updated-dependencies: - dependency-name: drupal/password_policy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Amanda Nantais-Austin --- composer.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/composer.lock b/composer.lock index 36ca97fe20..38772019f4 100644 --- a/composer.lock +++ b/composer.lock @@ -11168,17 +11168,17 @@ }, { "name": "drupal/password_policy", - "version": "4.0.0", + "version": "4.0.1", "source": { "type": "git", "url": "https://git.drupalcode.org/project/password_policy.git", - "reference": "4.0.0" + "reference": "4.0.1" }, "dist": { "type": "zip", - "url": "https://ftp.drupal.org/files/projects/password_policy-4.0.0.zip", - "reference": "4.0.0", - "shasum": "ed55a1441bc7fad0dcb0aea7d2bfecc88a156c83" + "url": "https://ftp.drupal.org/files/projects/password_policy-4.0.1.zip", + "reference": "4.0.1", + "shasum": "a132988f77d02c28d5c0f8f6c84a2d37eaa36c1f" }, "require": { "drupal/core": "^9.1 || ^10" @@ -11186,8 +11186,8 @@ "type": "drupal-module", "extra": { "drupal": { - "version": "4.0.0", - "datestamp": "1668191689", + "version": "4.0.1", + "datestamp": "1712532453", "security-coverage": { "status": "covered", "message": "Covered by Drupal's security advisory policy" From c0a4eea44e2988d34a6704905a81243eafb99fc5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Apr 2024 11:47:41 -0700 Subject: [PATCH 13/19] Bump drupal/ckeditor_abbreviation from 4.0.0-alpha2 to 4.0.0-alpha3 (#17810) Bumps drupal/ckeditor_abbreviation from 4.0.0-alpha2 to 4.0.0-alpha3. --- updated-dependencies: - dependency-name: drupal/ckeditor_abbreviation dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Amanda Nantais-Austin --- composer.lock | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/composer.lock b/composer.lock index 38772019f4..6cd4641b5e 100644 --- a/composer.lock +++ b/composer.lock @@ -3007,26 +3007,29 @@ }, { "name": "drupal/ckeditor_abbreviation", - "version": "4.0.0-alpha2", + "version": "4.0.0-alpha3", "source": { "type": "git", "url": "https://git.drupalcode.org/project/ckeditor_abbreviation.git", - "reference": "4.0.0-alpha2" + "reference": "4.0.0-alpha3" }, "dist": { "type": "zip", - "url": "https://ftp.drupal.org/files/projects/ckeditor_abbreviation-4.0.0-alpha2.zip", - "reference": "4.0.0-alpha2", - "shasum": "ee6f19bf7356f65ba7743b2cb74677e7014d391d" + "url": "https://ftp.drupal.org/files/projects/ckeditor_abbreviation-4.0.0-alpha3.zip", + "reference": "4.0.0-alpha3", + "shasum": "2789cfeceeb8e0b35e2f7ee02a1b8416a3017203" }, "require": { "drupal/core": "^9.5 || ^10" }, + "require-dev": { + "drupal/ckeditor": "^1.0" + }, "type": "drupal-module", "extra": { "drupal": { - "version": "4.0.0-alpha2", - "datestamp": "1706449566", + "version": "4.0.0-alpha3", + "datestamp": "1712741148", "security-coverage": { "status": "not-covered", "message": "Alpha releases are not covered by Drupal security advisories." @@ -3035,7 +3038,7 @@ }, "notification-url": "https://packages.drupal.org/8/downloads", "license": [ - "GPL-2.0+" + "GPL-2.0-or-later" ], "authors": [ { @@ -26876,7 +26879,6 @@ "drupal/advancedqueue": 5, "drupal/cer": 10, "drupal/change_labels": 20, - "drupal/ckeditor_abbreviation": 15, "drupal/codit_menu_tools": 15, "drupal/components": 10, "drupal/danse_content_moderation": 10, From d1af1a5eeb8102dd7387a543b7ed7a5bf9257938 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Apr 2024 18:12:00 -0700 Subject: [PATCH 14/19] Bump va-gov/content-build from 0.0.3480 to 0.0.3481 (#17833) Bumps [va-gov/content-build](https://github.com/department-of-veterans-affairs/content-build) from 0.0.3480 to 0.0.3481. - [Release notes](https://github.com/department-of-veterans-affairs/content-build/releases) - [Commits](https://github.com/department-of-veterans-affairs/content-build/compare/v0.0.3480...v0.0.3481) --- updated-dependencies: - dependency-name: va-gov/content-build dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- composer.json | 2 +- composer.lock | 15 ++++++++------- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index bee09257b8..f64a17b1e3 100644 --- a/composer.json +++ b/composer.json @@ -223,7 +223,7 @@ "symfony/phpunit-bridge": "^5.1", "symfony/process": "^6.3", "symfony/routing": "^6.3", - "va-gov/content-build": "^0.0.3480", + "va-gov/content-build": "^0.0.3481", "vlucas/phpdotenv": "^5.3", "webflo/drupal-finder": "^1.0.0", "webmozart/path-util": "^2.3", diff --git a/composer.lock b/composer.lock index 6cd4641b5e..88b09ba026 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "5425427c4221d5622aa394d002cc470a", + "content-hash": "89a9c1d2e9735dae61dd799f78daa552", "packages": [ { "name": "asm89/stack-cors", @@ -25863,16 +25863,16 @@ }, { "name": "va-gov/content-build", - "version": "v0.0.3480", + "version": "v0.0.3481", "source": { "type": "git", "url": "https://github.com/department-of-veterans-affairs/content-build.git", - "reference": "c6c8faa6db7c2079000daab3407b5b1b6ac6ec31" + "reference": "267e8c01b81d33570a2d97cf9f71e93b23f996fb" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/department-of-veterans-affairs/content-build/zipball/c6c8faa6db7c2079000daab3407b5b1b6ac6ec31", - "reference": "c6c8faa6db7c2079000daab3407b5b1b6ac6ec31", + "url": "https://api.github.com/repos/department-of-veterans-affairs/content-build/zipball/267e8c01b81d33570a2d97cf9f71e93b23f996fb", + "reference": "267e8c01b81d33570a2d97cf9f71e93b23f996fb", "shasum": "" }, "type": "node-project", @@ -25899,9 +25899,9 @@ "description": "Front-end for VA.gov. This repository contains the code that generates the www.va.gov website. It contains a Metalsmith static site builder that uses a Drupal CMS for content. This file is here to publish releases to https://packagist.org/packages/va-gov/content-build, so that the CMS CI system can install it and update it using standard composer processes, and so that we can run tests across both systems. See https://github.com/department-of-veterans-affairs/va.gov-cms for the CMS repo, and stand by for more documentation.", "support": { "issues": "https://github.com/department-of-veterans-affairs/content-build/issues", - "source": "https://github.com/department-of-veterans-affairs/content-build/tree/v0.0.3480" + "source": "https://github.com/department-of-veterans-affairs/content-build/tree/v0.0.3481" }, - "time": "2024-04-10T15:37:00+00:00" + "time": "2024-04-10T19:15:38+00:00" }, { "name": "vlucas/phpdotenv", @@ -26879,6 +26879,7 @@ "drupal/advancedqueue": 5, "drupal/cer": 10, "drupal/change_labels": 20, + "drupal/ckeditor_abbreviation": 15, "drupal/codit_menu_tools": 15, "drupal/components": 10, "drupal/danse_content_moderation": 10, From 2f13d2379ff16aa215aac88d74b406a45c885f45 Mon Sep 17 00:00:00 2001 From: Jill Adams <85581471+jilladams@users.noreply.github.com> Date: Fri, 12 Apr 2024 11:32:38 -0700 Subject: [PATCH 15/19] Update sitewide-crew-member-onboarding.md --- .../ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md b/.github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md index 7be98d201a..b2abdd29a3 100644 --- a/.github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md +++ b/.github/ISSUE_TEMPLATE/sitewide-crew-member-onboarding.md @@ -363,11 +363,11 @@ Your discipline lead will assist with onboarding tasks / calls. -### Platform governance -The VA's Platform team provides guidance and oversight on quality for things like Research studies & recruitment, Design system implementation, Accessibility requirements, and requirements for launches. UX folks will actively participate in several steps of this cycle, so it's beneficial to get familiar with guidance documentation: - - [Collaboration Cycle](https://depo-platform-documentation.scrollhelp.site/collaboration-cycle/collaboration-cycle-kickoff) - - [Research Overview](https://depo-platform-documentation.scrollhelp.site/research-design/research-overview) - - [VA Design System](https://design.va.gov/) +### Platform governance Collaboration Cycle +The VA's Platform team uses a mechanism called the Collaboration Cycle (or Collab Cycle) to provide guidance and oversight on quality for things like Research studies & recruitment, Design system implementation, Accessibility requirements, and requirements for launches. UX folks will actively participate in several steps of this cycle, so it's beneficial to get familiar with guidance documentation. Read & bookmark these links: + - [ ] [Collaboration Cycle](https://depo-platform-documentation.scrollhelp.site/collaboration-cycle/collaboration-cycle-kickoff) + - [ ] [Research Overview](https://depo-platform-documentation.scrollhelp.site/research-design/research-overview) + - [ ] [VA Design System](https://design.va.gov/) ### Tools Install tools and request access from your DM, if not already provided @@ -386,6 +386,7 @@ Install tools and request access from your DM, if not already provided - [ ] Ask in #proj-sitewide team who could Github geek out with you to answer your burning questions -- guarantee someone will volunteer. ### Research specifics +- [ ] Review & bookmark the [VA OCTO Sitewide Public Websites & Facilities Research & Design Workflow (Mural)](https://app.mural.co/t/departmentofveteransaffairs9999/m/departmentofveteransaffairs9999/1696446576570/526d68b8fe6aa6c482cee4bd2bade5ae9e020889?sender=u0b235d03cbd64f7f93673243). This document explains the UX flow and expectations around research timelines for our teams at a high level. - [ ] Review https://depo-platform-documentation.scrollhelp.site/research-design/ - [ ] [Sign up for the next research and design orientation session](https://calendly.com/collaboration-cycle/design-orientation-for-va-gov-platform) - [ ] After orientation, you should be added to the [va.gov-research-repository](https://github.com/department-of-veterans-affairs/va.gov-research-repository). Verify your access. From 35873b1e99959737c868663cae2f530fd70beab7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 12 Apr 2024 17:29:43 -0700 Subject: [PATCH 16/19] Bump va-gov/content-build from 0.0.3481 to 0.0.3482 (#17842) Bumps [va-gov/content-build](https://github.com/department-of-veterans-affairs/content-build) from 0.0.3481 to 0.0.3482. - [Release notes](https://github.com/department-of-veterans-affairs/content-build/releases) - [Commits](https://github.com/department-of-veterans-affairs/content-build/compare/v0.0.3481...v0.0.3482) --- updated-dependencies: - dependency-name: va-gov/content-build dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- composer.json | 2 +- composer.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index f64a17b1e3..1b2817b886 100644 --- a/composer.json +++ b/composer.json @@ -223,7 +223,7 @@ "symfony/phpunit-bridge": "^5.1", "symfony/process": "^6.3", "symfony/routing": "^6.3", - "va-gov/content-build": "^0.0.3481", + "va-gov/content-build": "^0.0.3482", "vlucas/phpdotenv": "^5.3", "webflo/drupal-finder": "^1.0.0", "webmozart/path-util": "^2.3", diff --git a/composer.lock b/composer.lock index 88b09ba026..68f8054023 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "89a9c1d2e9735dae61dd799f78daa552", + "content-hash": "4cdcb2d11fbee16f091fb2bdda64a6e8", "packages": [ { "name": "asm89/stack-cors", @@ -25863,16 +25863,16 @@ }, { "name": "va-gov/content-build", - "version": "v0.0.3481", + "version": "v0.0.3482", "source": { "type": "git", "url": "https://github.com/department-of-veterans-affairs/content-build.git", - "reference": "267e8c01b81d33570a2d97cf9f71e93b23f996fb" + "reference": "0fd85ff6571ee0e0eac6f2dd662bb6920b298498" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/department-of-veterans-affairs/content-build/zipball/267e8c01b81d33570a2d97cf9f71e93b23f996fb", - "reference": "267e8c01b81d33570a2d97cf9f71e93b23f996fb", + "url": "https://api.github.com/repos/department-of-veterans-affairs/content-build/zipball/0fd85ff6571ee0e0eac6f2dd662bb6920b298498", + "reference": "0fd85ff6571ee0e0eac6f2dd662bb6920b298498", "shasum": "" }, "type": "node-project", @@ -25899,9 +25899,9 @@ "description": "Front-end for VA.gov. This repository contains the code that generates the www.va.gov website. It contains a Metalsmith static site builder that uses a Drupal CMS for content. This file is here to publish releases to https://packagist.org/packages/va-gov/content-build, so that the CMS CI system can install it and update it using standard composer processes, and so that we can run tests across both systems. See https://github.com/department-of-veterans-affairs/va.gov-cms for the CMS repo, and stand by for more documentation.", "support": { "issues": "https://github.com/department-of-veterans-affairs/content-build/issues", - "source": "https://github.com/department-of-veterans-affairs/content-build/tree/v0.0.3481" + "source": "https://github.com/department-of-veterans-affairs/content-build/tree/v0.0.3482" }, - "time": "2024-04-10T19:15:38+00:00" + "time": "2024-04-12T12:15:29+00:00" }, { "name": "vlucas/phpdotenv", From f4a207d8f2f6eb4a36430b59309b6a0bb4b6383f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Apr 2024 18:20:02 -0700 Subject: [PATCH 17/19] Bump va-gov/content-build from 0.0.3482 to 0.0.3483 (#17857) Bumps [va-gov/content-build](https://github.com/department-of-veterans-affairs/content-build) from 0.0.3482 to 0.0.3483. - [Release notes](https://github.com/department-of-veterans-affairs/content-build/releases) - [Commits](https://github.com/department-of-veterans-affairs/content-build/compare/v0.0.3482...v0.0.3483) --- updated-dependencies: - dependency-name: va-gov/content-build dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- composer.json | 2 +- composer.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index 1b2817b886..a67f159bc0 100644 --- a/composer.json +++ b/composer.json @@ -223,7 +223,7 @@ "symfony/phpunit-bridge": "^5.1", "symfony/process": "^6.3", "symfony/routing": "^6.3", - "va-gov/content-build": "^0.0.3482", + "va-gov/content-build": "^0.0.3483", "vlucas/phpdotenv": "^5.3", "webflo/drupal-finder": "^1.0.0", "webmozart/path-util": "^2.3", diff --git a/composer.lock b/composer.lock index 68f8054023..6b0881b82f 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "4cdcb2d11fbee16f091fb2bdda64a6e8", + "content-hash": "6a2dd9bbf53a08a709f3565144768c7f", "packages": [ { "name": "asm89/stack-cors", @@ -25863,16 +25863,16 @@ }, { "name": "va-gov/content-build", - "version": "v0.0.3482", + "version": "v0.0.3483", "source": { "type": "git", "url": "https://github.com/department-of-veterans-affairs/content-build.git", - "reference": "0fd85ff6571ee0e0eac6f2dd662bb6920b298498" + "reference": "80fa75960d9561e2424ee950e5c89d8a6db1064d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/department-of-veterans-affairs/content-build/zipball/0fd85ff6571ee0e0eac6f2dd662bb6920b298498", - "reference": "0fd85ff6571ee0e0eac6f2dd662bb6920b298498", + "url": "https://api.github.com/repos/department-of-veterans-affairs/content-build/zipball/80fa75960d9561e2424ee950e5c89d8a6db1064d", + "reference": "80fa75960d9561e2424ee950e5c89d8a6db1064d", "shasum": "" }, "type": "node-project", @@ -25899,9 +25899,9 @@ "description": "Front-end for VA.gov. This repository contains the code that generates the www.va.gov website. It contains a Metalsmith static site builder that uses a Drupal CMS for content. This file is here to publish releases to https://packagist.org/packages/va-gov/content-build, so that the CMS CI system can install it and update it using standard composer processes, and so that we can run tests across both systems. See https://github.com/department-of-veterans-affairs/va.gov-cms for the CMS repo, and stand by for more documentation.", "support": { "issues": "https://github.com/department-of-veterans-affairs/content-build/issues", - "source": "https://github.com/department-of-veterans-affairs/content-build/tree/v0.0.3482" + "source": "https://github.com/department-of-veterans-affairs/content-build/tree/v0.0.3483" }, - "time": "2024-04-12T12:15:29+00:00" + "time": "2024-04-15T03:00:37+00:00" }, { "name": "vlucas/phpdotenv", From 9d9d74a53c4832cd52f656848f507548619979d6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 16 Apr 2024 18:19:03 -0700 Subject: [PATCH 18/19] Bump va-gov/content-build from 0.0.3483 to 0.0.3484 (#17877) Bumps [va-gov/content-build](https://github.com/department-of-veterans-affairs/content-build) from 0.0.3483 to 0.0.3484. - [Release notes](https://github.com/department-of-veterans-affairs/content-build/releases) - [Commits](https://github.com/department-of-veterans-affairs/content-build/compare/v0.0.3483...v0.0.3484) --- updated-dependencies: - dependency-name: va-gov/content-build dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- composer.json | 2 +- composer.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index a67f159bc0..6850dbfa8e 100644 --- a/composer.json +++ b/composer.json @@ -223,7 +223,7 @@ "symfony/phpunit-bridge": "^5.1", "symfony/process": "^6.3", "symfony/routing": "^6.3", - "va-gov/content-build": "^0.0.3483", + "va-gov/content-build": "^0.0.3484", "vlucas/phpdotenv": "^5.3", "webflo/drupal-finder": "^1.0.0", "webmozart/path-util": "^2.3", diff --git a/composer.lock b/composer.lock index 6b0881b82f..95ed59aa95 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "6a2dd9bbf53a08a709f3565144768c7f", + "content-hash": "cdbe1708a5ba1d496f95104efe0f872b", "packages": [ { "name": "asm89/stack-cors", @@ -25863,16 +25863,16 @@ }, { "name": "va-gov/content-build", - "version": "v0.0.3483", + "version": "v0.0.3484", "source": { "type": "git", "url": "https://github.com/department-of-veterans-affairs/content-build.git", - "reference": "80fa75960d9561e2424ee950e5c89d8a6db1064d" + "reference": "09e2ec71407b35c6721a8c009983d8ad849ac2b5" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/department-of-veterans-affairs/content-build/zipball/80fa75960d9561e2424ee950e5c89d8a6db1064d", - "reference": "80fa75960d9561e2424ee950e5c89d8a6db1064d", + "url": "https://api.github.com/repos/department-of-veterans-affairs/content-build/zipball/09e2ec71407b35c6721a8c009983d8ad849ac2b5", + "reference": "09e2ec71407b35c6721a8c009983d8ad849ac2b5", "shasum": "" }, "type": "node-project", @@ -25899,9 +25899,9 @@ "description": "Front-end for VA.gov. This repository contains the code that generates the www.va.gov website. It contains a Metalsmith static site builder that uses a Drupal CMS for content. This file is here to publish releases to https://packagist.org/packages/va-gov/content-build, so that the CMS CI system can install it and update it using standard composer processes, and so that we can run tests across both systems. See https://github.com/department-of-veterans-affairs/va.gov-cms for the CMS repo, and stand by for more documentation.", "support": { "issues": "https://github.com/department-of-veterans-affairs/content-build/issues", - "source": "https://github.com/department-of-veterans-affairs/content-build/tree/v0.0.3483" + "source": "https://github.com/department-of-veterans-affairs/content-build/tree/v0.0.3484" }, - "time": "2024-04-15T03:00:37+00:00" + "time": "2024-04-16T16:24:19+00:00" }, { "name": "vlucas/phpdotenv", From bc7f0913aa897a1a8aaff76bf2403bdfd7737095 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Apr 2024 10:47:00 -0700 Subject: [PATCH 19/19] Bump drupal/flood_control from 2.3.3 to 2.3.4 (#17876) Bumps drupal/flood_control from 2.3.3 to 2.3.4. --- updated-dependencies: - dependency-name: drupal/flood_control dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Edmund Dunn <109987005+edmund-dunn@users.noreply.github.com> --- composer.lock | 55 +++++++++++++++++++++++++++++---------------------- 1 file changed, 31 insertions(+), 24 deletions(-) diff --git a/composer.lock b/composer.lock index 95ed59aa95..00260ff69d 100644 --- a/composer.lock +++ b/composer.lock @@ -1766,16 +1766,16 @@ }, { "name": "doctrine/common", - "version": "3.4.3", + "version": "3.4.4", "source": { "type": "git", "url": "https://github.com/doctrine/common.git", - "reference": "8b5e5650391f851ed58910b3e3d48a71062eeced" + "reference": "0aad4b7ab7ce8c6602dfbb1e1a24581275fb9d1a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/doctrine/common/zipball/8b5e5650391f851ed58910b3e3d48a71062eeced", - "reference": "8b5e5650391f851ed58910b3e3d48a71062eeced", + "url": "https://api.github.com/repos/doctrine/common/zipball/0aad4b7ab7ce8c6602dfbb1e1a24581275fb9d1a", + "reference": "0aad4b7ab7ce8c6602dfbb1e1a24581275fb9d1a", "shasum": "" }, "require": { @@ -1837,7 +1837,7 @@ ], "support": { "issues": "https://github.com/doctrine/common/issues", - "source": "https://github.com/doctrine/common/tree/3.4.3" + "source": "https://github.com/doctrine/common/tree/3.4.4" }, "funding": [ { @@ -1853,7 +1853,7 @@ "type": "tidelift" } ], - "time": "2022-10-09T11:47:59+00:00" + "time": "2024-04-16T13:35:33+00:00" }, { "name": "doctrine/deprecations", @@ -6713,17 +6713,17 @@ }, { "name": "drupal/flood_control", - "version": "2.3.3", + "version": "2.3.4", "source": { "type": "git", "url": "https://git.drupalcode.org/project/flood_control.git", - "reference": "2.3.3" + "reference": "2.3.4" }, "dist": { "type": "zip", - "url": "https://ftp.drupal.org/files/projects/flood_control-2.3.3.zip", - "reference": "2.3.3", - "shasum": "51ff0fa2d5e6df675e32b276465b4ba17a666f22" + "url": "https://ftp.drupal.org/files/projects/flood_control-2.3.4.zip", + "reference": "2.3.4", + "shasum": "dcb5d8dd52501489caff222b3d7f66e80bf6b044" }, "require": { "drupal/core": "^9 || ^10" @@ -6731,8 +6731,8 @@ "type": "drupal-module", "extra": { "drupal": { - "version": "2.3.3", - "datestamp": "1695975407", + "version": "2.3.4", + "datestamp": "1713292696", "security-coverage": { "status": "covered", "message": "Covered by Drupal's security advisory policy" @@ -18424,28 +18424,35 @@ }, { "name": "phpdocumentor/reflection-docblock", - "version": "5.3.0", + "version": "5.4.0", "source": { "type": "git", "url": "https://github.com/phpDocumentor/ReflectionDocBlock.git", - "reference": "622548b623e81ca6d78b721c5e029f4ce664f170" + "reference": "298d2febfe79d03fe714eb871d5538da55205b1a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/622548b623e81ca6d78b721c5e029f4ce664f170", - "reference": "622548b623e81ca6d78b721c5e029f4ce664f170", + "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/298d2febfe79d03fe714eb871d5538da55205b1a", + "reference": "298d2febfe79d03fe714eb871d5538da55205b1a", "shasum": "" }, "require": { + "doctrine/deprecations": "^1.1", "ext-filter": "*", - "php": "^7.2 || ^8.0", + "php": "^7.4 || ^8.0", "phpdocumentor/reflection-common": "^2.2", - "phpdocumentor/type-resolver": "^1.3", + "phpdocumentor/type-resolver": "^1.7", + "phpstan/phpdoc-parser": "^1.7", "webmozart/assert": "^1.9.1" }, "require-dev": { - "mockery/mockery": "~1.3.2", - "psalm/phar": "^4.8" + "mockery/mockery": "~1.3.5", + "phpstan/extension-installer": "^1.1", + "phpstan/phpstan": "^1.8", + "phpstan/phpstan-mockery": "^1.1", + "phpstan/phpstan-webmozart-assert": "^1.2", + "phpunit/phpunit": "^9.5", + "vimeo/psalm": "^5.13" }, "type": "library", "extra": { @@ -18469,15 +18476,15 @@ }, { "name": "Jaap van Otterdijk", - "email": "account@ijaap.nl" + "email": "opensource@ijaap.nl" } ], "description": "With this component, a library can provide support for annotations via DocBlocks or otherwise retrieve information that is embedded in a DocBlock.", "support": { "issues": "https://github.com/phpDocumentor/ReflectionDocBlock/issues", - "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/5.3.0" + "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/5.4.0" }, - "time": "2021-10-19T17:43:47+00:00" + "time": "2024-04-09T21:13:58+00:00" }, { "name": "phpdocumentor/type-resolver",