From b7e8c8fb47eb44c400d9ab36e37c63d1860f9aaa Mon Sep 17 00:00:00 2001 From: naomi Date: Tue, 21 Sep 2021 10:42:12 +0100 Subject: [PATCH] security review settings, and disabled some html input options --- composer.lock | 26 +++++++++---------- config/editor.editor.basic_html.yml | 2 +- config/filter.format.basic_html.yml | 2 +- config/filter.format.restricted_html.yml | 2 +- ...ew.check.security_review-trusted_hosts.yml | 2 ++ config/security_review.checks.yml | 1 + config/security_review.settings.yml | 6 +++-- 7 files changed, 23 insertions(+), 18 deletions(-) create mode 100644 config/security_review.checks.yml diff --git a/composer.lock b/composer.lock index ff45037..286258e 100644 --- a/composer.lock +++ b/composer.lock @@ -1795,16 +1795,16 @@ }, { "name": "drupal/core", - "version": "8.9.18", + "version": "8.9.19", "source": { "type": "git", "url": "https://github.com/drupal/core.git", - "reference": "e536176c45d9d75ec57f7a12c0e3c0aead856841" + "reference": "96eb83b31d950f020cbc079ab960159c3735a033" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/drupal/core/zipball/e536176c45d9d75ec57f7a12c0e3c0aead856841", - "reference": "e536176c45d9d75ec57f7a12c0e3c0aead856841", + "url": "https://api.github.com/repos/drupal/core/zipball/96eb83b31d950f020cbc079ab960159c3735a033", + "reference": "96eb83b31d950f020cbc079ab960159c3735a033", "shasum": "" }, "require": { @@ -2022,11 +2022,11 @@ "GPL-2.0-or-later" ], "description": "Drupal is an open source content management platform powering millions of websites and applications.", - "time": "2021-08-12T17:48:42+00:00" + "time": "2021-09-14T22:08:18+00:00" }, { "name": "drupal/core-composer-scaffold", - "version": "8.9.18", + "version": "8.9.19", "source": { "type": "git", "url": "https://github.com/drupal/core-composer-scaffold.git", @@ -2073,7 +2073,7 @@ }, { "name": "drupal/core-project-message", - "version": "8.9.18", + "version": "8.9.19", "source": { "type": "git", "url": "https://github.com/drupal/core-project-message.git", @@ -2111,16 +2111,16 @@ }, { "name": "drupal/core-recommended", - "version": "8.9.18", + "version": "8.9.19", "source": { "type": "git", "url": "https://github.com/drupal/core-recommended.git", - "reference": "71839bb9799b70f449b76294b461877ba1e9ff2c" + "reference": "880335bafeeba6d29454053bd24f253a219c2cfc" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/drupal/core-recommended/zipball/71839bb9799b70f449b76294b461877ba1e9ff2c", - "reference": "71839bb9799b70f449b76294b461877ba1e9ff2c", + "url": "https://api.github.com/repos/drupal/core-recommended/zipball/880335bafeeba6d29454053bd24f253a219c2cfc", + "reference": "880335bafeeba6d29454053bd24f253a219c2cfc", "shasum": "" }, "require": { @@ -2132,7 +2132,7 @@ "doctrine/common": "v2.7.3", "doctrine/inflector": "v1.2.0", "doctrine/lexer": "1.0.2", - "drupal/core": "8.9.18", + "drupal/core": "8.9.19", "easyrdf/easyrdf": "0.9.1", "egulias/email-validator": "2.1.17", "guzzlehttp/guzzle": "6.5.4", @@ -2189,7 +2189,7 @@ "GPL-2.0-or-later" ], "description": "Locked core dependencies; require this project INSTEAD OF drupal/core.", - "time": "2021-08-12T17:48:42+00:00" + "time": "2021-09-14T22:08:18+00:00" }, { "name": "drupal/ctools", diff --git a/config/editor.editor.basic_html.yml b/config/editor.editor.basic_html.yml index e7deaf0..beca06c 100644 --- a/config/editor.editor.basic_html.yml +++ b/config/editor.editor.basic_html.yml @@ -1,6 +1,6 @@ uuid: bce05a02-b793-466b-a492-1febe92d1f85 langcode: en -status: true +status: false dependencies: config: - filter.format.basic_html diff --git a/config/filter.format.basic_html.yml b/config/filter.format.basic_html.yml index 9d29bc3..109fef8 100644 --- a/config/filter.format.basic_html.yml +++ b/config/filter.format.basic_html.yml @@ -1,6 +1,6 @@ uuid: 4b8e98d8-da03-48f8-a3cc-4525b628f5a5 langcode: en -status: true +status: false dependencies: module: - editor diff --git a/config/filter.format.restricted_html.yml b/config/filter.format.restricted_html.yml index e4a8d3c..f04a397 100644 --- a/config/filter.format.restricted_html.yml +++ b/config/filter.format.restricted_html.yml @@ -1,6 +1,6 @@ uuid: e2433365-4de4-44cf-a519-9a22c3a656a7 langcode: en -status: true +status: false dependencies: { } _core: default_config_hash: oz6NyPDAB4HB6N9hgH2LwNVtCd-sXbMG1fbn5KsRIDI diff --git a/config/security_review.check.security_review-trusted_hosts.yml b/config/security_review.check.security_review-trusted_hosts.yml index f529411..f2d542d 100644 --- a/config/security_review.check.security_review-trusted_hosts.yml +++ b/config/security_review.check.security_review-trusted_hosts.yml @@ -1 +1,3 @@ id: security_review-trusted_hosts +settings: + method: token diff --git a/config/security_review.checks.yml b/config/security_review.checks.yml new file mode 100644 index 0000000..f7bcb87 --- /dev/null +++ b/config/security_review.checks.yml @@ -0,0 +1 @@ +{ } \ No newline at end of file diff --git a/config/security_review.settings.yml b/config/security_review.settings.yml index da6d2b0..26d773d 100644 --- a/config/security_review.settings.yml +++ b/config/security_review.settings.yml @@ -1,5 +1,7 @@ -configured: false -untrusted_roles: { } +configured: true +untrusted_roles: + - anonymous + - authenticated log: true _core: default_config_hash: ylcsF3ZfWc6Ua1nUaTXyVy2TNwupiRAtBA6w_whTMGg