🔃 [Magento Community Engineering] Community Contributions - 2.3-develop expedited

Accepted Community Pull Requests:
 - #23067: Create Security.md file to show on GitHub Security/Policy page (by @piotrekkaminski)
 - #23046: Add more descriptive exception when data patch fails to apply. (by @ashsmith)
 - #22821: Customer Account Forgot Password page title fix (by @textarea)
 - #22884:  Show exception message during SCD failure (by @ihor-sviziev)
 - #23040: Don't create a new account-nav block - use existing instead. (by @vovayatsyuk)
 - #23036: [Framework] Reassign fields variable after converting to array (by @Den4ik)
 - #22989: Properly transliterate German Umlauts (by @amenk)


Fixed GitHub Issues:
 - #23045: Exceptions from data patches do not show root cause (reported by @ashsmith) has been fixed in #23046 by @ashsmith in 2.3-develop branch
   Related commits:
     1. 199887d
     2. c0d920d

 - #22882: Static content deploy - Don't shows error message, just stack trace (reported by @ihor-sviziev) has been fixed in #22884 by @ihor-sviziev in 2.3-develop branch
   Related commits:
     1. 881e927

Author: magento-engcom-team

SECURITY.md

@@ -0,0 +1,10 @@
+# Reporting Security Issues
+
+Magento values the contributions of the security research community, and we look forward to working with you to minimize risk to Magento merchants. 
+
+## Where should I report security issues?
+
+We strongly encourage you to report all security issues privately via our [bug bounty program](https://hackerone.com/magento).  Please provide us with relevant technical details and repro steps to expedite our investigation.  If you prefer not to use HackerOne, email us directly at `psirt@adobe.com` with details and repro steps.  
+
+## Learning More About Security
+To learn more about securing a Magento store, please visit the [Security Center](https://magento.com/security).

app/code/Magento/Customer/view/frontend/layout/customer_account_forgotpassword.xml

@@ -7,7 +7,7 @@
 -->
 <page xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" layout="1column" xsi:noNamespaceSchemaLocation="urn:magento:framework:View/Layout/etc/page_configuration.xsd">
     <head>
-        <title>Forgot Your Password</title>
+        <title>Forgot Your Password?</title>
     </head>
     <body>
         <referenceBlock name="root">

app/code/Magento/Deploy/Service/DeployPackage.php

@@ -107,6 +107,8 @@ function () use ($package, $options, $skipLogging) {
     }
 
     /**
+     * Execute package deploy procedure when area already emulated
+     *
      * @param Package $package
      * @param array $options
      * @param bool $skipLogging
@@ -136,7 +138,9 @@ public function deployEmulated(Package $package, array $options, $skipLogging =
                 $this->errorsCount++;
                 $this->logger->critical($errorMessage);
             } catch (\Exception $exception) {
-                $this->logger->critical($exception->getTraceAsString());
+                $this->logger->critical(
+                    'Compilation from source ' . $file->getSourcePath() . ' failed' . PHP_EOL . (string)$exception
+                );
                 $this->errorsCount++;
             }
         }
@@ -219,7 +223,9 @@ private function checkIfCanCopy(PackageFile $file, Package $package, Package $pa
     private function checkFileSkip($filePath, array $options)
     {
         if ($filePath !== '.') {
+            // phpcs:ignore Magento2.Functions.DiscouragedFunction
             $ext = strtolower(pathinfo($filePath, PATHINFO_EXTENSION));
+            // phpcs:ignore Magento2.Functions.DiscouragedFunction
             $basename = pathinfo($filePath, PATHINFO_BASENAME);
             if ($ext === 'less' && strpos($basename, '_') === 0) {
                 return true;

app/design/frontend/Magento/luma/Magento_Customer/layout/customer_account.xml

@@ -7,52 +7,12 @@
 -->
 <page layout="2columns-left" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:View/Layout/etc/page_configuration.xsd">
     <body>
-        <referenceContainer name="sidebar.main">
-            <block class="Magento\Framework\View\Element\Template" name="customer_account_navigation_block" template="Magento_Theme::html/collapsible.phtml" before="-">
-                <arguments>
-                    <argument name="block_title" translate="true" xsi:type="string">My Account</argument>
-                    <argument name="block_css" xsi:type="string">block-collapsible-nav</argument>
-                </arguments>
-                <block class="Magento\Customer\Block\Account\Navigation" name="customer_account_navigation" before="-">
-                    <arguments>
-                        <argument name="css_class" xsi:type="string">nav items</argument>
-                    </arguments>
-                    <block class="Magento\Customer\Block\Account\SortLinkInterface" name="customer-account-navigation-account-link">
-                        <arguments>
-                            <argument name="label" xsi:type="string" translate="true">My Account</argument>
-                            <argument name="path" xsi:type="string">customer/account</argument>
-                            <argument name="sortOrder" xsi:type="number">250</argument>
-                        </arguments>
-                    </block>
-                    <block class="Magento\Customer\Block\Account\Delimiter" name="customer-account-navigation-delimiter-1"
-                           template="Magento_Customer::account/navigation-delimiter.phtml">
-                        <arguments>
-                            <argument name="sortOrder" xsi:type="number">200</argument>
-                        </arguments>
-                    </block>
-                    <block class="Magento\Customer\Block\Account\SortLinkInterface" name="customer-account-navigation-address-link">
-                        <arguments>
-                            <argument name="label" xsi:type="string" translate="true">Address Book</argument>
-                            <argument name="path" xsi:type="string">customer/address</argument>
-                            <argument name="sortOrder" xsi:type="number">190</argument>
-                        </arguments>
-                    </block>
-                    <block class="Magento\Customer\Block\Account\SortLinkInterface" name="customer-account-navigation-account-edit-link">
-                        <arguments>
-                            <argument name="label" xsi:type="string" translate="true">Account Information</argument>
-                            <argument name="path" xsi:type="string">customer/account/edit</argument>
-                            <argument name="sortOrder" xsi:type="number">180</argument>
-                        </arguments>
-                    </block>
-                    <block class="Magento\Customer\Block\Account\Delimiter" name="customer-account-navigation-delimiter-2"
-                           template="Magento_Customer::account/navigation-delimiter.phtml">
-                        <arguments>
-                            <argument name="sortOrder" xsi:type="number">130</argument>
-                        </arguments>
-                    </block>
-                </block>
-            </block>
-        </referenceContainer>
+        <referenceBlock name="sidebar.main.account_nav">
+            <arguments>
+                <argument name="block_title" translate="true" xsi:type="string">My Account</argument>
+                <argument name="block_css" xsi:type="string">block-collapsible-nav</argument>
+            </arguments>
+        </referenceBlock>
         <move element="page.main.title" destination="content.top" before="-"/>
     </body>
 </page>

lib/internal/Magento/Framework/Filter/Test/Unit/TranslitTest.php

@@ -5,6 +5,9 @@
  */
 namespace Magento\Framework\Filter\Test\Unit;
 
+/**
+ * Translit test.
+ */
 class TranslitTest extends \PHPUnit\Framework\TestCase
 {
     /**
@@ -45,8 +48,8 @@ public function filterDataProvider()
             ['привет мир', 'privet mir', 'privet mir', $isIconv],
             [
                 'Weiß, Goldmann, Göbel, Weiss, Göthe, Goethe und Götz',
-                'Weiss, Goldmann, Gobel, Weiss, Gothe, Goethe und Gotz',
-                'Weiss, Goldmann, Gobel, Weiss, Gothe, Goethe und Gotz',
+                'Weiss, Goldmann, Goebel, Weiss, Goethe, Goethe und Goetz',
+                'Weiss, Goldmann, Goebel, Weiss, Goethe, Goethe und Goetz',
                 $isIconv
             ],
             [

lib/internal/Magento/Framework/Filter/Test/Unit/TranslitUrlTest.php

@@ -5,6 +5,9 @@
  */
 namespace Magento\Framework\Filter\Test\Unit;
 
+/**
+ * Translit url test.
+ */
 class TranslitUrlTest extends \PHPUnit\Framework\TestCase
 {
     /**
@@ -45,8 +48,8 @@ public function filterDataProvider()
             ['привет мир', 'privet-mir', 'privet-mir', $isIconv],
             [
                 'Weiß, Goldmann, Göbel, Weiss, Göthe, Goethe und Götz',
-                'weiss-goldmann-gobel-weiss-gothe-goethe-und-gotz',
-                'weiss-goldmann-gobel-weiss-gothe-goethe-und-gotz',
+                'weiss-goldmann-goebel-weiss-goethe-goethe-und-goetz',
+                'weiss-goldmann-goebel-weiss-goethe-goethe-und-goetz',
                 $isIconv
             ],
             [

lib/internal/Magento/Framework/Filter/Translit.php

@@ -25,7 +25,7 @@ class Translit implements \Zend_Filter_Interface
         'À' => 'a',
         'Á' => 'a',
         'Â' => 'a',
-        'Ä' => 'a',
+        'Ä' => 'ae',
         'Å' => 'a',
         'Æ' => 'ae',
         'Ç' => 'c',
@@ -40,18 +40,18 @@ class Translit implements \Zend_Filter_Interface
         'Ó' => 'o',
         'Ô' => 'o',
         'Õ' => 'o',
-        'Ö' => 'o',
+        'Ö' => 'oe',
         'Ø' => 'o',
         'Ù' => 'u',
         'Ú' => 'u',
         'Û' => 'u',
-        'Ü' => 'u',
+        'Ü' => 'ue',
         'Ý' => 'y',
         'ß' => 'ss',
         'à' => 'a',
         'á' => 'a',
         'â' => 'a',
-        'ä' => 'a',
+        'ä' => 'ae',
         'å' => 'a',
         'æ' => 'ae',
         'ç' => 'c',
@@ -67,12 +67,12 @@ class Translit implements \Zend_Filter_Interface
         'ó' => 'o',
         'ô' => 'o',
         'õ' => 'o',
-        'ö' => 'o',
+        'ö' => 'oe',
         'ø' => 'o',
         'ù' => 'u',
         'ú' => 'u',
         'û' => 'u',
-        'ü' => 'u',
+        'ü' => 'ue',
         'ý' => 'y',
         'þ' => 'p',
         'ÿ' => 'y',

lib/internal/Magento/Framework/Model/ResourceModel/Db/AbstractDb.php

@@ -18,6 +18,7 @@
  * @SuppressWarnings(PHPMD.NumberOfChildren)
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
  * @SuppressWarnings(PHPMD.ExcessiveClassComplexity)
+ * phpcs:disable Magento2.Classes.AbstractApi
  * @api
  */
 abstract class AbstractDb extends AbstractResource
@@ -604,7 +605,7 @@ protected function _checkUnique(\Magento\Framework\Model\AbstractModel $object)
         $fields = $this->getUniqueFields();
         if (!empty($fields)) {
             if (!is_array($fields)) {
-                $this->_uniqueFields = [['field' => $fields, 'title' => $fields]];
+                $fields = $this->_uniqueFields = [['field' => $fields, 'title' => $fields]];
             }
 
             $data = new \Magento\Framework\DataObject($this->_prepareDataForSave($object));

lib/internal/Magento/Framework/Setup/Patch/PatchApplier.php

@@ -10,7 +10,7 @@
 use Magento\Framework\Module\ModuleList;
 use Magento\Framework\ObjectManagerInterface;
 use Magento\Framework\Phrase;
-use Magento\Framework\Setup\Exception;
+use Magento\Framework\Setup\Exception as SetupException;
 use Magento\Framework\Setup\ModuleDataSetupInterface;
 
 /**
@@ -129,8 +129,8 @@ public function __construct(
     /**
      * Apply all patches for one module
      *
-     * @param null | string $moduleName
-     * @throws Exception
+     * @param null|string $moduleName
+     * @throws SetupException
      */
     public function applyDataPatch($moduleName = null)
     {
@@ -149,7 +149,7 @@ public function applyDataPatch($moduleName = null)
                 ['moduleDataSetup' => $this->moduleDataSetup]
             );
             if (!$dataPatch instanceof DataPatchInterface) {
-                throw new Exception(
+                throw new SetupException(
                     new Phrase("Patch %1 should implement DataPatchInterface", [get_class($dataPatch)])
                 );
             }
@@ -164,7 +164,17 @@ public function applyDataPatch($moduleName = null)
                     $this->moduleDataSetup->getConnection()->commit();
                 } catch (\Exception $e) {
                     $this->moduleDataSetup->getConnection()->rollBack();
-                    throw new Exception(new Phrase($e->getMessage()));
+                    throw new SetupException(
+                        new Phrase(
+                            'Unable to apply data patch %1 for module %2. Original exception message: %3',
+                            [
+                                get_class($dataPatch),
+                                $moduleName,
+                                $e->getMessage()
+                            ]
+                        ),
+                        $e
+                    );
                 } finally {
                     unset($dataPatch);
                 }
@@ -173,8 +183,7 @@ public function applyDataPatch($moduleName = null)
     }
 
     /**
-     * Register all patches in registry in order to manipulate chains and dependencies of patches
-     * of patches
+     * Register all patches in registry in order to manipulate chains and dependencies of patches of patches
      *
      * @param string $moduleName
      * @param string $patchType
@@ -207,8 +216,8 @@ private function prepareRegistry($moduleName, $patchType)
      *
      * Please note: that schema patches are not revertable
      *
-     * @param null | string $moduleName
-     * @throws Exception
+     * @param null|string $moduleName
+     * @throws SetupException
      */
     public function applySchemaPatch($moduleName = null)
     {
@@ -229,7 +238,7 @@ public function applySchemaPatch($moduleName = null)
                 $schemaPatch->apply();
                 $this->patchHistory->fixPatch(get_class($schemaPatch));
             } catch (\Exception $e) {
-                throw new Exception(
+                throw new SetupException(
                     new Phrase(
                         'Unable to apply patch %1 for module %2. Original exception message: %3',
                         [
@@ -248,8 +257,8 @@ public function applySchemaPatch($moduleName = null)
     /**
      * Revert data patches for specific module
      *
-     * @param null | string $moduleName
-     * @throws Exception
+     * @param null|string $moduleName
+     * @throws SetupException
      */
     public function revertDataPatches($moduleName = null)
     {
@@ -270,7 +279,7 @@ public function revertDataPatches($moduleName = null)
                     $adapter->commit();
                 } catch (\Exception $e) {
                     $adapter->rollBack();
-                    throw new Exception(new Phrase($e->getMessage()));
+                    throw new SetupException(new Phrase($e->getMessage()));
                 } finally {
                     unset($dataPatch);
                 }