-
v1.0.24a766910 · docs: typo ·
# v1.0.2, 2023.12.18 ### Fixed - test: allow to run Infection (mutation testing) - test(pkcs12 convertor): allow mutation testing - fix(convertHexadecimalToDecimal): remove hexadecimal prefix [ `0x` ] - fix(NormalizesDataForCertificate): remove special characters used by JSON format - fix(composer.json): unblock doctrine/orm version - test: add unit tests for new Symfony services and exceptions - refactor: add specific Symfony services (Certificate, CertificateAuthority, CfsslService, ...) - refactor: add dedicated exceptions - KeySizeRangeException - InvalidAlgorithmException - Pkcs12ConvertorFailed - InvalidPrivateKey - InvalidPublicKey - NotMatchingPrivateAndPublicKeys ### Dependancies - chore(composer.lock): upgrade `symfony` (`v6.4.0` => `v6.4.1`) - chore(composer.json): upgrade `symfony` (`v6.3.9` => `v6.4.0`) - chore(composer.lock): upgrade `symfony` (`v6.3.8` => `v6.3.9`) - chore(composer.lock): upgrade `phpunit`, `doctrine`, `nelmio/security-bundle`, `composer/ca-bundle`
-
v1.0.0-rc.2 Release: v1.0.0-rc.2
## v1.0.0-rc.2.0, 2023.10.31 ### Fixed - fix(ux): use browser native "minlength" attribute for password fields - fix(a11y): add a missing "nav" HTML tag ### Security - chore(composer.lock): update `monolog`, `symfony/*` (v6.3.6 => v6.3.7) <details> <summary> see: https://symfony.com/blog/symfony-6-3-7-released Update `symfony/*` (v6.3.6 => v6.3.7) : 0 installs, 18 updates, 0 removals </summary> Lock file operations: 0 installs, 18 updates, 0 removals - Upgrading monolog/monolog (3.4.0 => 3.5.0) - Upgrading symfony/doctrine-bridge (v6.3.6 => v6.3.7) - Upgrading symfony/doctrine-messenger (v6.3.6 => v6.3.7) - Upgrading symfony/dotenv (v6.3.0 => v6.3.7) - Upgrading symfony/flex (v2.4.0 => v2.4.1) - Upgrading symfony/form (v6.3.6 => v6.3.7) - Upgrading symfony/framework-bundle (v6.3.6 => v6.3.7) - Upgrading symfony/http-client (v6.3.6 => v6.3.7) - Upgrading symfony/http-foundation (v6.3.6 => v6.3.7) - Upgrading symfony/http-kernel (v6.3.6 => v6.3.7) - Upgrading symfony/intl (v6.3.2 => v6.3.7) - Upgrading symfony/messenger (v6.3.6 => v6.3.7) - Upgrading symfony/security-bundle (v6.3.6 => v6.3.7) - Upgrading symfony/security-core (v6.3.5 => v6.3.7) - Upgrading symfony/serializer (v6.3.6 => v6.3.7) - Upgrading symfony/translation (v6.3.6 => v6.3.7) - Upgrading symfony/validator (v6.3.6 => v6.3.7) - Upgrading symfony/yaml (v6.3.3 => v6.3.7) </details>
-
v1.0.0-rc.1.0 Release: v1.0.0-rc.1.0
## v1.0.0-rc.1.0, 2023.10.25 ### Added - feat(i18n): as an anonymous user, the interface is in French - feat(webperf): add HTTP "Cache-Control: immutable" headers for CSS and JS files
-
v0.17.0 Release: v0.17.0
## v0.17.0, 2023.10.25 ### Added - feat(i18n): as a manager, the interface is in French - feat(css): use AssetMapper to bust browser cache when css, js or images change - ci(release-build): add checksum of webapp files ### Changed #### Breaking change - ci(release): use lower file and directory permissions - feat(security)!: HTTPS is mandatory for PROD environment ### Fixed - fix: specify application language in HTML code ### Security - chore(composer.lock): update `symfony/*` (v6.3.5 => v6.3.6) <details> <summary> Update `symfony/*` (v6.3.5 => v6.3.6) : 0 installs, 21 updates, 0 removals </summary> Package operations: 0 installs, 21 updates, 0 removals - Upgrading php-webdriver/webdriver (1.15.0 => 1.15.1) - Upgrading symfony/cache (v6.3.5 => v6.3.6) - Upgrading symfony/doctrine-bridge (v6.3.5 => v6.3.6) - Upgrading symfony/doctrine-messenger (v6.3.1 => v6.3.6) - Upgrading symfony/flex (v2.3.3 => v2.4.0) - Upgrading symfony/form (v6.3.5 => v6.3.6) - Upgrading symfony/framework-bundle (v6.3.5 => v6.3.6) - Upgrading symfony/http-client (v6.3.5 => v6.3.6) - Upgrading symfony/http-foundation (v6.3.5 => v6.3.6) - Upgrading symfony/http-kernel (v6.3.5 => v6.3.6) - Upgrading symfony/messenger (v6.3.5 => v6.3.6) - Upgrading symfony/notifier (v6.3.0 => v6.3.6) - Upgrading symfony/phpunit-bridge (v6.3.2 => v6.3.6) - Upgrading symfony/security-bundle (v6.3.5 => v6.3.6) - Upgrading symfony/security-http (v6.3.5 => v6.3.6) - Upgrading symfony/serializer (v6.3.5 => v6.3.6) - Upgrading symfony/translation (v6.3.3 => v6.3.6) - Upgrading symfony/validator (v6.3.5 => v6.3.6) - Upgrading symfony/var-dumper (v6.3.5 => v6.3.6) - Upgrading symfony/var-exporter (v6.3.4 => v6.3.6) - Upgrading symfony/web-profiler-bundle (v6.3.2 => v6.3.6) </details>
-
v0.15.0 Release: v0.15.0
## v0.15.0, 2023.10.06 ### Added - feat: allow user to change password ### Changed - chore(composer.lock): update `doctrine/collections`, `egulias/email-validator` and `dbrekelmans/bdi` <details> <summary> Update `doctrine/collections`, `egulias/email-validator` and `dbrekelmans/bdi` : 0 installs, 3 updates, 0 removals </summary> - Upgrading dbrekelmans/bdi (1.0.5 => 1.1.0) - Upgrading doctrine/collections (2.1.3 => 2.1.4) - Upgrading egulias/email-validator (4.0.1 => 4.0.2) </details>
-
v0.14.0 Release: v0.14.0
## v0.14.0, 2023.10.02 ### Added - feat(admin): display missing configuration - feat(form): display min password length - feat(user): use minimum password length defined by env variable - feat(certificate): use minimum password length defined by env variable - feat(env): allow to configure minimum password length (user and certificate) - feat(env): allow to configure i18n default locale - feat(env): allow to configure lifetime of reset password token (default: 20 minutes) see `.env` file: ```bash WEBAPP_I18N_DEFAULT_LOCALE # User interface language (default: 'en') WEBAPP_USER_CONFIG_RESET_PASSWORD_TOKEN_LIFETIME # Lifetime of reset password token in seconds (default: 1200 = 20 minutes). WEBAPP_USER_CONFIG_MIN_PASSWORD_LENGTH # Minimum user password length (default: 12) WEBAPP_CERTIFICAT_CONFIG_MIN_PASSWORD_LENGTH # Minimum certificate password length (default: 12) ``` ### Fixed - test(manager): add tests for create certificate form ### Security - chore(composer.lock): update `symfony/*` (v6.3.4 => v6.3.5), `doctrine/*`, `phpdoc-parser` - chore(composer.lock): update `phpunit/*`, `symfony/maker-bundle` <details> <summary> Update `symfony/*` (v6.3.4 => v6.3.5), `doctrine/*`, `phpdoc-parser` : 0 installs, 24 updates, 0 removals </summary> see: https://symfony.com/blog/symfony-6-3-5-released - Upgrading symfony/http-foundation (v6.3.4 => v6.3.5) - Upgrading symfony/var-dumper (v6.3.4 => v6.3.5) - Upgrading symfony/error-handler (v6.3.2 => v6.3.5) - Upgrading symfony/http-kernel (v6.3.4 => v6.3.5) - Upgrading symfony/doctrine-bridge (v6.3.4 => v6.3.5) - Upgrading symfony/dependency-injection (v6.3.4 => v6.3.5) - Upgrading symfony/string (v6.3.2 => v6.3.5) - Upgrading doctrine/deprecations (v1.1.1 => 1.1.2) - Upgrading doctrine/dbal (3.6.6 => 3.7.0) - Upgrading symfony/routing (v6.3.3 => v6.3.5) - Upgrading symfony/finder (v6.3.3 => v6.3.5) - Upgrading symfony/cache (v6.3.4 => v6.3.5) - Upgrading symfony/framework-bundle (v6.3.4 => v6.3.5) - Upgrading symfony/password-hasher (v6.3.0 => v6.3.5) - Upgrading symfony/security-core (v6.3.3 => v6.3.5) - Upgrading symfony/security-http (v6.3.4 => v6.3.5) - Upgrading phpstan/phpdoc-parser (1.24.1 => 1.24.2) - Upgrading symfony/twig-bridge (v6.3.2 => v6.3.5) - Upgrading symfony/messenger (v6.3.4 => v6.3.5) - Upgrading symfony/form (v6.3.2 => v6.3.5) - Upgrading symfony/mime (v6.3.3 => v6.3.5) - Upgrading symfony/mailer (v6.3.0 => v6.3.5) - Upgrading symfony/http-client (v6.3.2 => v6.3.5) - Upgrading symfony/security-bundle (v6.3.4 => v6.3.5) - Upgrading symfony/serializer (v6.3.4 => v6.3.5) - Upgrading symfony/validator (v6.3.4 => v6.3.5) </details>
-
v0.13.0 Release: v0.13.0
## v0.13.0, 2023.09.06 ### Added - feat: replace simple lists with paginated lists - feat(env): configure the number of items in paginated lists - see `WEBAPP_ADMIN_CONFIG_DEFAULT_MAX_USER_PER_PAGE` in .env file. - see `WEBAPP_ADMIN_CONFIG_DEFAULT_MAX_CERT_PER_PAGE` in .env file. - see `WEBAPP_MANAGER_CONFIG_DEFAULT_MAX_CERT_PER_PAGE` in .env file. ### Fixed - fix(template): remove an excess closing HTML tag ### Security - feat(security): strengthen the session fixation strategy - feat(security): send HTTP header to clear browsing data on logout - fix(security): enable by default CSRF protection
-
v0.12.1 Release: v0.12.1
## v0.12.1, 2023.09.01 ### Security - chore(composer.lock): update `symfony/*` (v6.3.2 => v6.3.3), `doctrine/*`, `twig/*`, ... <details> <summary> Update `symfony/*` (v6.3.2 => v6.3.4), `doctrine/*`, `twig/*`, ... : 0 installs, 32 updates, 0 removals </summary> see: <https://symfony.com/blog/symfony-6-3-4-released> - Upgrading composer/ca-bundle (1.3.6 => 1.3.7) - Upgrading doctrine/data-fixtures (1.6.6 => 1.6.7) - Upgrading doctrine/dbal (3.6.5 => 3.6.6) - Upgrading nikic/php-parser (v4.16.0 => v4.17.1) - Upgrading php-webdriver/webdriver (1.14.0 => 1.15.0) - Upgrading phpdocumentor/type-resolver (1.7.2 => 1.7.3) - Upgrading phpunit/phpunit (9.6.10 => 9.6.11) - Upgrading symfony/cache (v6.3.2 => v6.3.4) - Upgrading symfony/clock (v6.3.1 => v6.3.4) - Upgrading symfony/console (v6.3.2 => v6.3.4) - Upgrading symfony/dependency-injection (v6.3.2 => v6.3.4) - Upgrading symfony/doctrine-bridge (v6.3.2 => v6.3.4) - Upgrading symfony/dom-crawler (v6.3.1 => v6.3.4) - Upgrading symfony/framework-bundle (v6.3.2 => v6.3.4) - Upgrading symfony/http-foundation (v6.3.2 => v6.3.4) - Upgrading symfony/http-kernel (v6.3.3 => v6.3.4) - Upgrading symfony/messenger (v6.3.3 => v6.3.4) - Upgrading symfony/polyfill-intl-grapheme (v1.27.0 => v1.28.0) - Upgrading symfony/polyfill-intl-icu (v1.27.0 => v1.28.0) - Upgrading symfony/polyfill-intl-idn (v1.27.0 => v1.28.0) - Upgrading symfony/polyfill-intl-normalizer (v1.27.0 => v1.28.0) - Upgrading symfony/polyfill-mbstring (v1.27.0 => v1.28.0) - Upgrading symfony/polyfill-php83 (v1.27.0 => v1.28.0) - Upgrading symfony/process (v6.3.2 => v6.3.4) - Upgrading symfony/security-bundle (v6.3.3 => v6.3.4) - Upgrading symfony/security-http (v6.3.2 => v6.3.4) - Upgrading symfony/serializer (v6.3.3 => v6.3.4) - Upgrading symfony/validator (v6.3.2 => v6.3.4) - Upgrading symfony/var-dumper (v6.3.3 => v6.3.4) - Upgrading symfony/var-exporter (v6.3.2 => v6.3.4) - Upgrading twig/extra-bundle (v3.7.0 => v3.7.1) - Upgrading twig/twig (v3.7.0 => v3.7.1) </details>
-
v0.12.0772db1b4 · docs: typo ·
## v0.12.0, 2023.08.11 ### Added - feat: manager can see his created certficates and download PEM files - test: manager can see his created certficates and download PEM files - feat(env): allow to configure lifetime of the session (default: 3600 = 1 hour), see `WEBAPP_SESSION_LIFETIME` in .env file. ### Changed - ci(php_package-outdated): job is not allowed to fail ### Fixed - fix(ui): improve nav items (manager + admin) - fix: allow repeat phpunit tests - fix(deprecation): add some return type ### Security - fix: enable max lifetime of the session, see `WEBAPP_SESSION_LIFETIME` in .env file. - chore(composer.lock): update `symfony/*` (v6.3.1 => v6.3.2), `doctrine/*`, ... <details> <summary> Update `symfony/*` (v6.3.1 => v6.3.2), `doctrine/*`, ... : 0 installs, 42 updates, 0 removals </summary> - Upgrading symfony/flex (v2.3.1 => v2.3.3) - Upgrading symfony/runtime (v6.3.1 => v6.3.2) - Upgrading symfony/http-foundation (v6.3.1 => v6.3.2) - Upgrading symfony/event-dispatcher (v6.3.0 => v6.3.2) - Upgrading symfony/var-dumper (v6.3.1 => v6.3.3) - Upgrading symfony/error-handler (v6.3.0 => v6.3.2) - Upgrading symfony/http-kernel (v6.3.1 => v6.3.3) - Upgrading symfony/doctrine-bridge (v6.3.1 => v6.3.2) - Upgrading symfony/var-exporter (v6.3.0 => v6.3.2) - Upgrading symfony/dependency-injection (v6.3.1 => v6.3.2) - Upgrading symfony/string (v6.3.0 => v6.3.2) - Upgrading symfony/console (v6.3.0 => v6.3.2) - Upgrading symfony/config (v6.3.0 => v6.3.2) - Upgrading symfony/routing (v6.3.1 => v6.3.3) - Upgrading symfony/finder (v6.3.0 => v6.3.3) - Upgrading symfony/cache (v6.3.1 => v6.3.2) - Upgrading symfony/framework-bundle (v6.3.1 => v6.3.2) - Upgrading doctrine/doctrine-bundle (2.10.1 => 2.10.2) - Upgrading masterminds/html5 (2.8.0 => 2.8.1) - Upgrading symfony/yaml (v6.3.0 => v6.3.3) - Upgrading symfony/security-core (v6.3.0 => v6.3.3) - Upgrading symfony/property-access (v6.3.0 => v6.3.2) - Upgrading symfony/security-http (v6.3.1 => v6.3.2) - Upgrading symfony/security-csrf (v6.3.0 => v6.3.2) - Upgrading phpstan/phpdoc-parser (1.23.0 => 1.23.1) - Upgrading sebastian/global-state (5.0.5 => 5.0.6) - Upgrading symfony/css-selector (v6.3.0 => v6.3.2) - Upgrading symfony/twig-bridge (v6.3.0 => v6.3.2) - Upgrading symfony/debug-bundle (v6.3.0 => v6.3.2) - Upgrading symfony/messenger (v6.3.1 => v6.3.3) - Upgrading symfony/form (v6.3.0 => v6.3.2) - Upgrading symfony/intl (v6.3.1 => v6.3.2) - Upgrading symfony/mime (v6.3.0 => v6.3.3) - Upgrading symfony/process (v6.3.0 => v6.3.2) - Upgrading symfony/http-client (v6.3.1 => v6.3.2) - Upgrading symfony/browser-kit (v6.3.0 => v6.3.2) - Upgrading symfony/phpunit-bridge (v6.3.1 => v6.3.2) - Upgrading symfony/security-bundle (v6.3.1 => v6.3.3) - Upgrading symfony/serializer (v6.3.1 => v6.3.3) - Upgrading symfony/translation (v6.3.0 => v6.3.3) - Upgrading symfony/validator (v6.3.1 => v6.3.2) - Upgrading symfony/web-profiler-bundle (v6.3.1 => v6.3.2) </details>
-
v0.11.0
## v0.11.0, 2023.07.28 ### Added - test: add "manager can create new certificate" - test: add "manager can only download certificate public key he created" - feat(dev): add fake CFSSL server - chore(make): add cfssl_run_fake_server cmd - ci(php8.1_tests): run fake CFSSL server ### Changed #### Breaking change - fix(UI): remove software version from footer (except for administrator) ### Fixed - fix(composer): use doctrine/orm 2.15.3, do not allow to use 2.15.4 ### Security - feat(security): add HTTP "Cross-Origin Opener|Resource|Embedder Policy" header - chore(composer): update `symfony/*` (v6.2 => v6.3), `doctrine/*`, `twig/*`, ... <details> <summary> Update `symfony/*` (v6.2 => v6.3), `doctrine/*`, `twig/*`, ... : 3 installs, 60 updates, 0 removals </summary> - Upgrading doctrine/dbal (3.6.4 => 3.6.5) - Upgrading doctrine/doctrine-bundle (2.10.0 => 2.10.1) - Upgrading doctrine/collections (2.1.2 => 2.1.3) - Upgrading phpstan/phpdoc-parser (1.22.0 => 1.23.0) - Upgrading phpunit/php-code-coverage (9.2.26 => 9.2.27) - Upgrading phpunit/phpunit (9.6.9 => 9.6.10) - Upgrading symfony/runtime (v6.2.12 => v6.3.1) - Installing symfony/polyfill-php83 (v1.27.0) - Upgrading symfony/http-foundation (v6.2.12 => v6.3.1) - Upgrading symfony/event-dispatcher (v6.2.8 => v6.3.0) - Upgrading symfony/var-dumper (v6.2.12 => v6.3.1) - Upgrading symfony/error-handler (v6.2.11 => v6.3.0) - Upgrading symfony/http-kernel (v6.2.12 => v6.3.1) - Upgrading symfony/doctrine-bridge (v6.2.12 => v6.3.1) - Upgrading symfony/var-exporter (v6.2.10 => v6.3.0) - Upgrading symfony/dependency-injection (v6.2.12 => v6.3.1) - Upgrading symfony/string (v6.2.8 => v6.3.0) - Upgrading symfony/console (v6.2.12 => v6.3.0) - Upgrading symfony/filesystem (v6.2.12 => v6.3.1) - Upgrading symfony/config (v6.2.7 => v6.3.0) - Upgrading symfony/routing (v6.2.12 => v6.3.1) - Upgrading symfony/finder (v6.2.7 => v6.3.0) - Upgrading symfony/cache (v6.2.12 => v6.3.1) - Upgrading symfony/framework-bundle (v6.2.12 => v6.3.1) - Upgrading symfony/stopwatch (v6.2.7 => v6.3.0) - Upgrading symfony/yaml (v6.2.10 => v6.3.0) - Upgrading symfony/password-hasher (v6.2.7 => v6.3.0) - Upgrading symfony/security-core (v6.2.8 => v6.3.0) - Upgrading symfony/property-info (v6.2.11 => v6.3.0) - Upgrading symfony/property-access (v6.2.11 => v6.3.0) - Upgrading symfony/security-http (v6.2.11 => v6.3.1) - Upgrading symfony/security-csrf (v6.2.7 => v6.3.0) - Installing psr/clock (1.0.0) - Upgrading symfony/asset (v6.2.7 => v6.3.0) - Upgrading symfony/css-selector (v6.2.7 => v6.3.0) - Upgrading symfony/twig-bridge (v6.2.8 => v6.3.0) - Upgrading symfony/debug-bundle (v6.2.7 => v6.3.0) - Installing symfony/clock (v6.3.1) - Upgrading symfony/messenger (v6.2.12 => v6.3.1) - Upgrading symfony/doctrine-messenger (v6.2.12 => v6.3.1) - Upgrading symfony/dotenv (v6.2.8 => v6.3.0) - Upgrading symfony/expression-language (v6.2.7 => v6.3.0) - Upgrading symfony/options-resolver (v6.2.7 => v6.3.0) - Upgrading symfony/form (v6.2.11 => v6.3.0) - Upgrading symfony/intl (v6.2.12 => v6.3.1) - Upgrading symfony/mime (v6.2.10 => v6.3.0) - Upgrading symfony/mailer (v6.2.12 => v6.3.0) - Upgrading symfony/process (v6.2.11 => v6.3.0) - Upgrading symfony/maker-bundle (v1.49.0 => v1.50.0) - Upgrading symfony/monolog-bridge (v6.2.8 => v6.3.1) - Upgrading symfony/notifier (v6.2.8 => v6.3.0) - Upgrading symfony/http-client (v6.2.12 => v6.3.1) - Upgrading symfony/dom-crawler (v6.2.12 => v6.3.1) - Upgrading symfony/browser-kit (v6.2.7 => v6.3.0) - Upgrading symfony/security-bundle (v6.2.12 => v6.3.1) - Upgrading symfony/serializer (v6.2.12 => v6.3.1) - Upgrading symfony/translation (v6.2.11 => v6.3.0) - Upgrading symfony/validator (v6.2.12 => v6.3.1) - Upgrading symfony/web-link (v6.2.7 => v6.3.0) - Upgrading symfony/twig-bundle (v6.2.7 => v6.3.0) - Upgrading symfony/web-profiler-bundle (v6.2.12 => v6.3.1) - Upgrading twig/twig (v3.6.1 => v3.7.0) - Upgrading twig/extra-bundle (v3.6.1 => v3.7.0) </details>
-
v0.10.0 Release: v0.10.0
## v0.10.0, 2023.06.20 ### Added - feat(user story): allow admin to display creator (manager) of each certificate (#38) - feat(user story): allow admin to display end-user of each certificate (#35) - feat(user story): allow admin to download PEM file (public key) of each certificate (#34) ### Fixed - fix(admin): display more certificates (last 150 instead of 12) - fix(UX): visually differentiate breadcrumb for admins - test: add unit tests for legacy certificate convertor (Pem to Pkcs12) via shell cmd (#39) - try to convert pem certificate to pkcs 12 with not valid public key - try to convert pem certificate to pkcs 12 with not valid private key - try to convert pem certificate to pkcs 12 with private key not corresponded to public key - convert pem certificate to pkcs 12 without password - convert pem certificate to pkcs 12 with empty password - convert pem certificate to pkcs 12 with password ### Security - feat(security): add HTTP `Permissions-Policy` header, via `.htaccess` rules (#33)
-
v0.9.2 Release: v0.9.2
## v0.9.2, 2023.05.12 ### Added - feat: add robots.txt files (by default: block all web crawlers from all content) - feat: add public/contribute.json file ### Fixed - chore(security): add HTTP strict-transport-security header (prod) - chore(security/csp): add frame-ancestors and form-action rules - chore: add empty index.html files into public/(...)/ directories - chore: update some outdated PHP packages
-
v0.9.0 Release: v0.9.0
## v0.9.0, 2023.04.20 ### Added - feat(env): allow to configure time zone of webapp (default is "Europe/Paris"), see `WEBAPP_TIMEZONE` in .env file - feat(env): allow administrator to DEBUG certificates (default is disabled), see `DEBUG_CERT_BY_ADMIN` in .env file - feat(log): enable log rotating ### Fixed - pkcs12 convertor: use Pkcs12ConvertorViaShellCmd() with legacy option