- Issue created by @yogesh.k
- ๐ฎ๐ณIndia vishal.kadam Mumbai
Thank you for applying!
Please read Review process for security advisory coverage: What to expect โ for more details and Security advisory coverage application checklist โ to understand what reviewers look for. Tips for ensuring a smooth review โ gives some hints for a smoother review.
The important notes are the following.
- If you have not done it yet, you should run
phpcs --standard=Drupal,DrupalPractice
on the project, which alone fixes most of what reviewers would report. - For the time this application is open, only your commits are allowed.
- The purpose of this application is giving you a new drupal.org role that allows you to opt projects into security advisory coverage, either projects you already created, or projects you will create. The project status won't be changed by this application and no other user will be able to opt projects into security advisory policy.
- We only accept an application per user. If you change your mind about the project to use for this application, or it is necessary to use a different project for the application, please update the issue summary with the link to the correct project and the issue title with the project name and the branch to review.
To the reviewers
Please read How to review security advisory coverage applications โ , Application workflow โ , What to cover in an application review โ , and Tools to use for reviews โ .
The important notes are the following.
- It is preferable to wait for a Code Review Administrator before commenting on newly created applications. Code Review Administrators will do some preliminary checks that are necessary before any change on the project files is suggested.
- Reviewers should show the output of a CLI tool โ only once per application.
- It may be best to have the applicant fix things before further review.
For new reviewers, I would also suggest to first read In which way the issue queue for coverage applications is different from other project queues โ .
- If you have not done it yet, you should run
- Status changed to Needs work
over 1 year ago 12:20pm 6 November 2023 - ๐ฎ๐นItaly apaderno Brescia, ๐ฎ๐น
revolt.theme
/** * @file * Functions to support theming in the VT theme. */
The theme name given in its .info.yml file is not VT.
/** * Implements theme_preprocess_page(). */ function revolt_preprocess_page(&$variables) {
That is a hook implementation; the description must be different.
/** * Implements hook_preprocess_HOOK() for page templates. */ function revolt_preprocess_views_view_fields(&$variables) {
/** * Implements hook_preprocess_views_view_list() for page templates. */ function revolt_preprocess_views_view_list(&$variables) {
/** * Implements hook_preprocess_views_view_list() for page templates. */ function revolt_preprocess_views_view_table(&$variables) {
Those are not hook implementations for page templates.
- ๐ฎ๐นItaly apaderno Brescia, ๐ฎ๐น
I am changing priority as per Issue priorities โ .
- Status changed to Closed: won't fix
8 months ago 7:15am 13 August 2024 - ๐ฎ๐ณIndia vishal.kadam Mumbai
This thread has been idle, in the Needs work state with no activity for several months. Therefore, I am assuming that you are no longer pursuing this application, and I marked it as Closed (won't fix).
If this is incorrect, and you are still pursuing this application, then please feel free to re-open it and set the issue status to Needs work or Needs review, depending on the current status of your code.
- Status changed to Needs review
4 months ago 5:56am 3 December 2024 - ๐ฎ๐ณIndia abhiyanshu
Hello there, Apologies for the delay. I wasnโt able to complete this task earlier,
but Iโve now added the new release: 1.1.6 โ
Repo : https://git.drupalcode.org/project/revolt/Please let me know if there's anything else I can assist with.
- ๐ฎ๐ณIndia rushiraval
This application is by yogesh.k so only yogesh.k can reply and commit code till application approved.
Please go through all link in comment#4 for more detials.
- ๐ฎ๐ณIndia yogesh.k Gurgaon
Thank you for your feedback! I'll review and make the necessary changes to fix the issues, ensuring the code follows Drupal's standards and best practices.
Please let me know if you have any further suggestions or if there's anything else I should be aware of while making these updates. - ๐ฎ๐ณIndia vishal.kadam Mumbai
Please read Review process for security advisory coverage: What to expect โ for more details and Security advisory coverage application checklist โ to understand what reviewers look for. Tips for ensuring a smooth review โ gives some hints for a smoother review.
- ๐ฎ๐ณIndia rushiraval
1.
main
is a wrong name for a branch. Release branch names always end with the literal .x as described in Release branches โ . - ๐ฆ๐นAustria klausi ๐ฆ๐น Vienna
manual review:
- The "raw" twig filter looks a bit suspicious in revolt/templates/form/form-element.html.twig , but I could not trigger it with an XSS attack. Looks like this label is already sanitized. Why do you need to print it raw here? Please add a comment in code.
- templates/layout/page.html.twig: the banner description is printed raw here, so could also be an XSS attack vector. But only trusted users can change theme settings, so this is also not a vulnerability.
Otherwise looks good to me.
Thanks for your contribution, Yogesh!
I updated your account so you can opt into security advisory coverage now.
Here are some recommended readings to help with excellent maintainership:
- Dries โ ' post on Responsible maintainers
- Best practices for creating and maintaining projects โ
- Maintaining a drupal.org project with Git โ
- Commit messages - providing history and credit โ
- Release naming conventions โ .
- Helping maintainers in the issue queues โ
You can find lots more contributors chatting on Slack โ or IRC โ in #drupal-contribute. So, come hang out and stay involved โ !
Thanks, also, for your patience with the review process. Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review โ . I encourage you to learn more about that process and join the group of reviewers.
Thanks to the dedicated reviewer(s) as well.
- Status changed to Fixed
about 2 months ago 11:24am 8 February 2025 Automatically closed - issue fixed for 2 weeks with no activity.