feat(*): Enable admin bounce by default (#161)

* feat(admin): Enable protection by default on admin

* test(end to end): Disable protection on admin for test

* fix(captcha): Patch Gregwar Captcha to avoid deprecated error in PHP 8.4

* feat(*): Prepare release 2.8.0

Author: julienloizelet

.github/workflows/release.yml

@@ -161,211 +161,3 @@ jobs:
                     draft: false
                     prerelease: false
 
-    end-to-end-release-zip-test:
-        strategy:
-            fail-fast: false
-            # First and last minor versions of each major version
-            # Highest compatible PHP version
-            matrix:
-                include:
-                    - wp-version: '4.9'
-                      php-version: '7.2'
-                    - wp-version: '5.0'
-                      php-version: '7.2'
-                    - wp-version: '5.9'
-                      php-version: '7.2'
-                    - wp-version: '5.9'
-                      php-version: '8.0'
-                    - wp-version: '6.0'
-                      php-version: '7.2'
-                    - wp-version: '6.0'
-                      php-version: '8.0'
-                    - wp-version: '6.7'
-                      php-version: '7.2'
-                    - wp-version: '6.7'
-                      php-version: '8.3'
-
-        name: End-to-end release test suite
-        runs-on: ubuntu-latest
-        if: success()
-        needs: [ deploy-create-release ]
-
-        env:
-            EXTENSION_NAME: "CrowdSec_Bouncer"
-            EXTENSION_PATH: "wp-content/plugins/crowdsec"
-            GITHUB_ORIGIN: "crowdsecurity/cs-wordpress-bouncer"
-
-        steps:
-
-            - name: Install DDEV
-                # @see https://ddev.readthedocs.io/en/stable/#installationupgrade-script-linux-and-macos-armarm64-and-amd64-architectures
-              run: |
-                  curl -fsSL https://apt.fury.io/drud/gpg.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/ddev.gpg > /dev/null
-                  echo "deb [signed-by=/etc/apt/trusted.gpg.d/ddev.gpg] https://apt.fury.io/drud/ * *" | sudo tee /etc/apt/sources.list.d/ddev.list
-                  sudo apt-get -q update
-                  sudo apt-get -q -y install libnss3-tools ddev
-                  mkcert -install
-                  ddev config global --instrumentation-opt-in=false --omit-containers=ddev-ssh-agent
-
-            - name: Set WP_VERSION_CODE env
-                # used in some directory path and conventional file naming
-                # Example : 5.6.5 => wp565
-              id: set-wp-version-code
-              run: |
-                  echo "wp_version_code=$(echo wp${{ matrix.wp-version }} | sed 's/\.//g' )" >> $GITHUB_OUTPUT
-
-            - name: Create empty WordPress DDEV project (with Apache)
-              run: ddev config --project-type=wordpress --project-name=${{ steps.set-wp-version-code.outputs.wp_version_code }} --php-version=${{ matrix.php-version }} --webserver-type=apache-fpm
-
-            - name: Disable automatic update
-              run: |
-                  # @see https://wordpress.org/documentation/article/configuring-automatic-background-updates/#constant-to-disable-all-updates
-                  sed -i -e 's/#ddev-generated//g' wp-config-ddev.php
-                  echo "define( 'AUTOMATIC_UPDATER_DISABLED', true );" >> wp-config-ddev.php
-
-            - name: Add Redis, Memcached, Crowdsec and Playwright
-              run: |
-                  ddev get ddev/ddev-redis
-                  ddev get ddev/ddev-memcached
-                  ddev get julienloizelet/ddev-playwright
-                  # override redis.conf
-                  ddev get julienloizelet/ddev-tools
-                  ddev get julienloizelet/ddev-crowdsec-php
-
-            - name: Start DDEV
-              uses: nick-fields/retry@v3
-              with:
-                  timeout_minutes: 5
-                  max_attempts: 3
-                  shell: bash
-                  command: |
-                      ddev start
-
-            - name: Download WordPress
-              run: ddev wp core download --version=${{ matrix.wp-version }}
-
-            - name: Setup WordPress ${{ matrix.wp-version }} with PHP ${{ matrix.php-version }}
-              run: |
-                  ddev exec wp core install --url='https://${{ steps.set-wp-version-code.outputs.wp_version_code }}.ddev.site' --title='WordPress' --admin_user='admin' --admin_password='admin123' --admin_email='admin@admin.com' 
-
-            - name: Set LAST_TAG env
-              id: set-last-tag
-              run: |
-                  echo "last_tag=$(curl -Ls -o /dev/null -w %{url_effective} https://github.com/${{ env.GITHUB_ORIGIN }}/releases/latest | grep -oP "\/tag\/v\K(.*)$")" >> $GITHUB_OUTPUT
-
-            - name: Clone files from last release
-              uses: actions/checkout@v4
-              with:
-                  path: raw_sources
-                  ref: "v${{ steps.set-last-tag.outputs.last_tag }}"
-                  repository: "${{ env.GITHUB_ORIGIN }}"
-
-            - name: Retrieve last stable release zip
-              run: |
-                  curl -fL https://downloads.wordpress.org/plugin/crowdsec.${{ steps.set-last-tag.outputs.last_tag }}.zip -o crowdsec.$LAST_TAG.zip
-                  unzip crowdsec.${{ steps.set-last-tag.outputs.last_tag }}.zip -d ${{ github.workspace }}/wp-content/plugins
-
-            - name: Copy needed tests files
-              run: |
-                  cp -r raw_sources/tests wp-content/plugins/crowdsec
-                  cp -r raw_sources/.github wp-content/plugins/crowdsec
-
-            - name: Prepare for playwright test
-              run: |
-                  ddev exec -s crowdsec apk add iproute2
-                  cp .ddev/okaeli-add-on/wordpress/custom_files/crowdsec/php/wp_appsec_custom_upload.php wp_appsec_custom_upload.php
-                  cat .ddev/okaeli-add-on/wordpress/custom_files/crowdsec/html/appsec-upload.html | ddev wp post create --post_type=page --post_status=publish --post_title="AppSec Upload" -
-                  cat .ddev/okaeli-add-on/wordpress/custom_files/crowdsec/html/appsec-post.html | ddev wp post create --post_type=page --post_status=publish --post_title="AppSec" -
-                  ddev wp rewrite structure "/%postname%/"
-                  mkdir -p crowdsec/tls
-                  mkdir -p crowdsec/geolocation
-                  cp .ddev/okaeli-add-on/wordpress/custom_files/crowdsec/php/cache-actions-with-wordpress-load.php cache-actions.php
-                  cp -r .ddev/okaeli-add-on/custom_files/crowdsec/cfssl/* crowdsec/tls
-                  ddev maxmind-download DEFAULT GeoLite2-City crowdsec/geolocation
-                  ddev maxmind-download DEFAULT GeoLite2-Country crowdsec/geolocation
-                  cd crowdsec/geolocation
-                  sha256sum -c GeoLite2-Country.tar.gz.sha256.txt
-                  sha256sum -c GeoLite2-City.tar.gz.sha256.txt
-                  tar -xf GeoLite2-Country.tar.gz
-                  tar -xf GeoLite2-City.tar.gz
-                  rm GeoLite2-Country.tar.gz GeoLite2-Country.tar.gz.sha256.txt GeoLite2-City.tar.gz GeoLite2-City.tar.gz.sha256.txt
-                  cd ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev/__scripts__
-                  chmod +x test-init.sh
-                  ./test-init.sh
-                  chmod +x run-tests.sh
-
-            - name: Some DEBUG information
-              run: |
-                  ddev --version
-                  ddev exec php -v
-                  ddev exec -s crowdsec crowdsec -version
-
-            - name: Run Plugin activation tests
-              uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
-              with:
-                  test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
-                  file_path: 1-activate-plugin.js
-
-            - name: Configure CrowdSec and Wordpress bouncer plugin
-              run: |
-                  ddev crowdsec-config
-
-            - name: Run Live mode remediation tests
-              uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
-              with:
-                  test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
-                  file_path: 2-live-mode-remediations.js
-
-            - name: Run more Live mode remediation tests
-              uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
-              with:
-                  test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
-                  file_path: 3-live-mode-more.js
-
-            - name: Run Live mode cache tests
-              uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
-              with:
-                  test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
-                  file_path: 4-live-mode-cache.js
-
-            - name: Prepare cron usage
-              run: |
-                  sed -i  's/fastcgi_finish_request/\/\/fastcgi_finish_request/g' wp-cron.php
-
-            - name: Run Stream mode tests
-              uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
-              with:
-                  test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
-                  file_path: 5-stream-mode.js
-
-            - name: Run Redis tests
-              uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
-              with:
-                  test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
-                  file_path: 6-redis.js
-
-            - name: Run Memcached tests
-              uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
-              with:
-                  test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
-                  file_path: 7-memcached.js
-
-            - name: Run Geolocation tests
-              uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
-              with:
-                  test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
-                  file_path: 8-geolocation.js
-
-            - name: Run AppSec tests
-              uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
-              with:
-                  test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
-                  file_path: 11-appsec.js
-
-            - name: tmate debugging session
-              uses: mxschmitt/action-tmate@v3
-              with:
-                  limit-access-to-actor: true
-                  github-token: ${{ secrets.GITHUB_TOKEN }}
-              timeout-minutes: 30
-              if: failure()

CHANGELOG.md

@@ -6,6 +6,22 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ---
 
+
+## [2.8.0](https://github.com/crowdsecurity/cs-wordpress-bouncer/releases/tag/v2.8.0) - 2024-12-13
+[_Compare with previous release_](https://github.com/crowdsecurity/cs-wordpress-bouncer/compare/v2.7.0...v2.8.0)
+
+
+### Changed
+
+- Set the "Public website only" setting to OFF by default
+
+### Fixed
+
+- Fix deprecated warning in PHP 8.4 for Captcha
+
+---
+
+
 ## [2.7.0](https://github.com/crowdsecurity/cs-wordpress-bouncer/releases/tag/v2.7.0) - 2024-12-12
 [_Compare with previous release_](https://github.com/crowdsecurity/cs-wordpress-bouncer/compare/v2.6.7...v2.7.0)
 

composer.json

@@ -16,13 +16,17 @@
 	"config" : {
 		"platform": {
 			"php": "7.2.5"
+		},
+		"allow-plugins": {
+			"cweagans/composer-patches": true
 		}
 	},
 	"require": {
 		"crowdsec/bouncer": "^3.2.0",
 		"symfony/cache": "5.4.40",
 		"symfony/polyfill-mbstring": "^1.31.0",
-		"symfony/service-contracts": "^2.5.3"
+		"symfony/service-contracts": "^2.5.3",
+		"cweagans/composer-patches": "^1.7"
 	},
 	"replace": {
 		"twig/twig": "*"
@@ -31,5 +35,12 @@
 		"psr-4": {
 			"CrowdSecWordPressBouncer\\": "./inc/"
 		}
+	},
+	"extra": {
+		"patches": {
+			"gregwar/captcha": {
+				"Fix deprecation in CaptchaBuilder constructor": "patches/gregwar-captcha-constructor.patch"
+			}
+		}
 	}
 }