Merge pull request #92 from gomzyakov/patch-1

Fix Flarum logo in README.md

.editorconfig

@@ -15,5 +15,5 @@ indent_size = 2
 [*.{diff,md}]
 trim_trailing_whitespace = false
 
-[*.php]
+[*.{php,json}]
 indent_size = 4

.nginx.conf

@@ -3,6 +3,15 @@ location / {
   try_files $uri $uri/ /index.php?$query_string;
 }
 
+# Uncomment the following lines if you are not using a `public` directory
+# to prevent sensitive resources from being exposed.
+# <!-- BEGIN EXPOSED RESOURCES PROTECTION -->
+# location ~* ^/(\.git|composer\.(json|lock)|auth\.json|config\.php|flarum|storage|vendor) {
+#   deny all;
+#   return 404;
+# }
+# <!-- END EXPOSED RESOURCES PROTECTION -->
+
 # The following directives are based on best practices from H5BP Nginx Server Configs
 # https://github.com/h5bp/server-configs-nginx
 
@@ -55,6 +64,7 @@ gzip_types
     image/x-icon
     text/cache-manifest
     text/css
+    text/javascript
     text/plain
     text/vcard
     text/vnd.rim.location.xloc

CHANGELOG.md

@@ -1,5 +1,83 @@
 # Changelog
 
+## [1.8.0](https://github.com/flarum/flarum/compare/v1.7.0...v1.8.0)
+
+No changes.
+
+## [1.7.0](https://github.com/flarum/flarum/compare/v1.6.0...v1.7.0)
+
+No changes.
+
+## [1.6.0](https://github.com/flarum/flarum/compare/v1.5.0...v1.6.0)
+
+No changes.
+
+## [1.5.0](https://github.com/flarum/flarum/compare/v1.4.0...v1.5.0)
+
+### Changed
+
+- Update copyright [#85]
+- Link logo to official website [#84]
+
+## [1.4.0](https://github.com/flarum/flarum/compare/v1.3.0...v1.4.0)
+
+No changes.
+
+## [1.3.0](https://github.com/flarum/flarum/compare/v1.2.0...v1.3.0)
+
+No changes.
+
+## [1.2.0](https://github.com/flarum/flarum/compare/v1.1.0...v1.2.0)
+
+No changes.
+
+## [1.1.0](https://github.com/flarum/flarum/compare/v1.0.0...v1.1.0)
+
+No changes.
+
+## [1.0.0](https://github.com/flarum/flarum/compare/v0.1.0-beta.16...v1.0.0)
+
+### Changed
+- Updated constraints of core and bundled extensions for v1.0.0 stable release (https://github.com/flarum/flarum/pull/74)
+
+## [0.1.0-beta.16](https://github.com/flarum/flarum/compare/v0.1.0-beta.15...v0.1.0-beta.16)
+
+### Changed
+- Remove list of developers and refer to https://flarum.org/team (https://github.com/flarum/flarum/pull/71)
+
+### Fixed
+- Missing image on README.md (https://github.com/flarum/flarum/pull/72)
+
+## [0.1.0-beta.15](https://github.com/flarum/flarum/compare/v0.1.0-beta.14...v0.1.0-beta.15)
+
+### Added
+- Nicknames added to our bundled list (https://github.com/flarum/flarum/pull/70)
+
+## [0.1.0-beta.14](https://github.com/flarum/flarum/compare/v0.1.0-beta.13...v0.1.0-beta.14)
+
+### Added
+- Nginx rules to prevent access to sensitive files (#65)
+- IIS configuration added (#66)
+
+### Changed
+- Minimum PHP requirement is now 7.2+
+
+### Fixed
+- Logo path in readme didn't resolve correctly (#68) 
+
+### Removed
+- Social auth drivers removed (#67)
+
+## [0.1.0-beta.13](https://github.com/flarum/flarum/compare/v0.1.0-beta.12...v0.1.0-beta.13)
+
+### Changed
+- Prevent access to authorisation tokens saved by composer next to the composer.json file ([adada64](https://github.com/flarum/flarum/commit/adada6456f210ea5c94a805a39d88fa613a9e4a2)).
+
+## [0.1.0-beta.12](https://github.com/flarum/flarum/compare/v0.1.0-beta.8.1...v0.1.0-beta.12)
+
+### Changed
+- Consolidate site setup into shared file (#63).
+
 ## [0.1.0-beta.8.1](https://github.com/flarum/flarum/compare/v0.1.0-beta.8...v0.1.0-beta.8.1)
 
 ### Fixed

LICENSE

@@ -1,6 +1,7 @@
 The MIT License (MIT)
 
-Copyright (c) Toby Zerner
+Copyright (c) 2019-2022 Stichting Flarum (Flarum Foundation)
+Copyright (c) 2014-2019 Toby Zerner (toby.zerner@gmail.com)
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,7 +1,8 @@
-<p align="center"><img src="https://flarum.org/img/logo.png"></p>
+<p align="center">
+<a href="https://flarum.org/"><img src="https://flarum.org/images/flarum.svg"></a>
+</p>
 
 <p align="center">
-<a href="https://travis-ci.org/flarum/core"><img src="https://travis-ci.org/flarum/core.svg" alt="Build Status"></a>
 <a href="https://packagist.org/packages/flarum/core"><img src="https://poser.pugx.org/flarum/core/d/total.svg" alt="Total Downloads"></a>
 <a href="https://packagist.org/packages/flarum/core"><img src="https://poser.pugx.org/flarum/core/v/stable.svg" alt="Latest Stable Version"></a>
 <a href="https://packagist.org/packages/flarum/core"><img src="https://poser.pugx.org/flarum/core/license.svg" alt="License"></a>
@@ -17,27 +18,21 @@
 
 * **Powerful and extensible.** Customize, extend, and integrate Flarum to suit your community. Flarum’s architecture is amazingly flexible, with a powerful Extension API.
 
-![screenshot](https://flarum.org/img/screenshot.png)
+![screenshot](https://flarum.org/assets/img/home-screenshot.png)
 
 ## Installation
 
-You must have SSH access to a server with **PHP 7.1+** and **MySQL 5.6+**, and install [Composer](https://getcomposer.org/).
-
-```
-composer create-project flarum/flarum . --stability=beta
-```
-
-Read the **[Installation guide](https://flarum.org/docs/install.html)** for more information. For support, refer to the [documentation](https://flarum.org/docs/), and ask questions on the [community forum](https://discuss.flarum.org/) or [Discord chat](https://flarum.org/discord/).
+Read the **[Installation guide](https://docs.flarum.org/install)** to get started. For support, refer to the [documentation](https://docs.flarum.org/), and ask questions on the [community forum](https://discuss.flarum.org/) or [Discord chat](https://flarum.org/discord/).
 
 ## Contributing
 
-Thank you for considering contributing to Flarum! Please read the **[Contributing guide](https://flarum.org/docs/contributing.html)** to learn how you can help.
+Thank you for considering contributing to Flarum! Please read the **[Contributing guide](https://docs.flarum.org/contributing)** to learn how you can help.
 
 This repository only holds the Flarum skeleton application. Most development happens in [flarum/core](https://github.com/flarum/core).
 
 ## Security Vulnerabilities
 
-If you discover a security vulnerability within Flarum, please send an e-mail to [security@flarum.org](mailto:security@flarum.org). All security vulnerabilities will be promptly addressed.
+If you discover a security vulnerability within Flarum, please follow our [security policy](https://github.com/flarum/core/security/policy) so we can address it promptly.
 
 ## License
 

composer.json

@@ -2,49 +2,45 @@
     "name": "flarum/flarum",
     "description": "Delightfully simple forum software.",
     "type": "project",
-    "keywords": ["forum", "discussion"],
+    "keywords": [
+        "forum",
+        "discussion"
+    ],
     "homepage": "https://flarum.org/",
     "license": "MIT",
     "authors": [
         {
-            "name": "Toby Zerner",
-            "email": "toby.zerner@gmail.com"
-        },
-        {
-            "name": "Franz Liedke",
-            "email": "franz@develophp.org"
+            "name": "Flarum",
+            "email": "info@flarum.org",
+            "homepage": "https://flarum.org/team"
         }
     ],
     "support": {
         "issues": "https://github.com/flarum/core/issues",
         "source": "https://github.com/flarum/flarum",
-        "docs": "https://flarum.org/docs/"
+        "docs": "https://docs.flarum.org/"
     },
     "require": {
-        "flarum/core": "^0.1.0",
-        "flarum/approval": "^0.1.0",
-        "flarum/auth-facebook": "^0.1.0",
-        "flarum/auth-github": "^0.1.0",
-        "flarum/auth-twitter": "^0.1.0",
-        "flarum/bbcode": "^0.1.0",
-        "flarum/emoji": "^0.1.0",
-        "flarum/lang-english": "^0.1.0",
-        "flarum/flags": "^0.1.0",
-        "flarum/likes": "^0.1.0",
-        "flarum/lock": "^0.1.0",
-        "flarum/markdown": "^0.1.0",
-        "flarum/mentions": "^0.1.0",
-        "flarum/pusher": "^0.1.0",
-        "flarum/statistics": "^0.1.0",
-        "flarum/sticky": "^0.1.0",
-        "flarum/subscriptions": "^0.1.0",
-        "flarum/suspend": "^0.1.0",
-        "flarum/tags": "^0.1.0"
+        "flarum/core": "^1.8",
+        "flarum/approval": "*",
+        "flarum/bbcode": "*",
+        "flarum/emoji": "*",
+        "flarum/lang-english": "*",
+        "flarum/flags": "*",
+        "flarum/likes": "*",
+        "flarum/lock": "*",
+        "flarum/markdown": "*",
+        "flarum/mentions": "*",
+        "flarum/nicknames": "*",
+        "flarum/pusher": "*",
+        "flarum/statistics": "*",
+        "flarum/sticky": "*",
+        "flarum/subscriptions": "*",
+        "flarum/suspend": "*",
+        "flarum/tags": "*"
     },
     "config": {
         "preferred-install": "dist",
         "sort-packages": true
-    },
-    "minimum-stability": "beta",
-    "prefer-stable": true
+    }
 }

extend.php

@@ -3,10 +3,8 @@
 /*
  * This file is part of Flarum.
  *
- * (c) Toby Zerner <toby.zerner@gmail.com>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
+ * For detailed copyright and license information, please view the
+ * LICENSE file that was distributed with this source code.
  */
 
 use Flarum\Extend;

flarum

@@ -1,22 +1,24 @@
 #!/usr/bin/env php
 <?php
+
 /*
  * This file is part of Flarum.
  *
- * (c) Toby Zerner <toby.zerner@gmail.com>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
+ * For detailed copyright and license information, please view the
+ * LICENSE file that was distributed with this source code.
  */
 
-require 'vendor/autoload.php';
+$site = require 'site.php';
 
-$server = new Flarum\Console\Server(
-    Flarum\Foundation\Site::fromPaths([
-        'base' => __DIR__,
-        'public' => __DIR__.'/public',
-        'storage' => __DIR__.'/storage',
-    ])
-);
+/*
+|-------------------------------------------------------------------------------
+| Interpret console arguments
+|-------------------------------------------------------------------------------
+|
+| Flarum's console interprets all command-line arguments to select and then
+| execute corresponding commands for certain administrative tasks.
+|
+*/
 
+$server = new Flarum\Console\Server($site);
 $server->listen();

public/.htaccess

@@ -6,12 +6,15 @@
 
   # Uncomment the following lines if you are not using a `public` directory
   # to prevent sensitive resources from being exposed.
+  # <!-- BEGIN EXPOSED RESOURCES PROTECTION -->
   # RewriteRule /\.git / [F,L]
+  # RewriteRule ^auth\.json$ / [F,L]
   # RewriteRule ^composer\.(lock|json)$ / [F,L]
   # RewriteRule ^config.php$ / [F,L]
   # RewriteRule ^flarum$ / [F,L]
   # RewriteRule ^storage/(.*)?$ / [F,L]
   # RewriteRule ^vendor/(.*)?$ / [F,L]
+  # <!-- END EXPOSED RESOURCES PROTECTION -->
 
   # Pass requests that don't refer directly to files in the filesystem to index.php
   RewriteCond %{REQUEST_FILENAME} !-f

public/index.php

@@ -3,20 +3,24 @@
 /*
  * This file is part of Flarum.
  *
- * (c) Toby Zerner <toby.zerner@gmail.com>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
+ * For detailed copyright and license information, please view the
+ * LICENSE file that was distributed with this source code.
  */
 
-require '../vendor/autoload.php';
+$site = require '../site.php';
 
-$server = new Flarum\Http\Server(
-    Flarum\Foundation\Site::fromPaths([
-        'base' => __DIR__.'/..',
-        'public' => __DIR__.'/../public',
-        'storage' => __DIR__.'/../storage',
-    ])
-);
+/*
+|-------------------------------------------------------------------------------
+| Accept incoming HTTP requests
+|-------------------------------------------------------------------------------
+|
+| Every HTTP request pointed to the web server that cannot be served by simply
+| responding with one of the files in the "public" directory will be sent to
+| this file. Now is the time to boot up Flarum's internal HTTP server, which
+| will try its best to interpret the request and return the appropriate
+| response, which could be a JSON document (for API responses) or a lot of HTML.
+|
+*/
 
+$server = new Flarum\Http\Server($site);
 $server->listen();

public/web.config

@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+  <system.webServer>
+        <defaultDocument>
+            <files>
+                <clear />
+                <add value="Index.php" />
+            </files>
+        </defaultDocument>
+        <rewrite>
+            <rules>
+                <!-- Changed `enabled=` to true in the rule below if you are not using the `public` directory to
+                prevent sensitive resources from being exposed -->
+                <rule name="Disallow sensitive directories" enabled="false" stopProcessing="true">
+                    <match url="^/(\.git|composer\.(json|lock)|auth\.json|config\.php|flarum|storage|vendor)" ignoreCase="false" />
+                    <action type="CustomResponse" url="/" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
+                </rule>
+                <rule name="Handle index.php re-write" stopProcessing="true">
+                    <match url="^" ignoreCase="false" />
+                    <conditions logicalGrouping="MatchAll">
+                        <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
+                        <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
+                    </conditions>
+                    <action type="Rewrite" url="index.php" appendQueryString="true" />
+                </rule>
+            </rules>
+        </rewrite>
+  </system.webServer>
+</configuration>

site.php

@@ -0,0 +1,50 @@
+<?php
+
+/*
+ * This file is part of Flarum.
+ *
+ * For detailed copyright and license information, please view the
+ * LICENSE file that was distributed with this source code.
+ */
+
+/*
+|-------------------------------------------------------------------------------
+| Load the autoloader
+|-------------------------------------------------------------------------------
+|
+| First, let's include the autoloader, which is generated automatically by
+| Composer (PHP's package manager) after installing our dependencies.
+| From now on, all classes in our dependencies will be usable without
+| explicitly loading any files.
+|
+*/
+
+require __DIR__.'/vendor/autoload.php';
+
+/*
+|-------------------------------------------------------------------------------
+| Configure the site
+|-------------------------------------------------------------------------------
+|
+| A Flarum site represents your local installation of Flarum. It can be
+| configured with a bunch of paths:
+|
+| - The *base path* is Flarum's root directory and contains important files
+|   such as config.php and extend.php.
+| - The *public path* is the directory that serves as document root for the
+|   web server. Files in this place are accessible to the public internet.
+|   This is where assets such as JavaScript files or CSS stylesheets need to
+|   be stored in a default install.
+| - The *storage path* is a place for Flarum to store files it generates during
+|   runtime. This could be caches, session data or other temporary files.
+|
+| The fully configured site instance is returned to the including script, which
+| then uses it to boot up the Flarum application and e.g. accept web requests.
+|
+*/
+
+return Flarum\Foundation\Site::fromPaths([
+    'base' => __DIR__,
+    'public' => __DIR__.'/public',
+    'storage' => __DIR__.'/storage',
+]);