🇪🇸Spain @eduardo morales alberti

We have the following error with the gin dialog:

Symfony\Component\HttpKernel\Exception\BadRequestHttpException: Invalid filename. in Drupal\system\Controller\AssetControllerBase->getGroup() (line 236 of /docroot/core/modules/system/src/Controller/AssetControllerBase.php).

Seems similar to comment https://www.drupal.org/project/drupal/issues/3397713#comment-15360692 🐛 Aggregated URL hashes for assets can mismatch due to different order of library assets Active

CssAssetController tries to validate the request. It does this by expanding the list of assets into groups and verifying the requested group delta is good.
This is done by first asking AssetResolver->getCssAssets() for the assets associated with the libraries. AssetResolver reduces the list the list via ->getMinimalRepresentativeSubset(), which first reduces the list from 38 to 31, then expands it to include all dependencies for those to 62.
AssetResolver then finds all the CSS files needed for all 62 libraries, sorts them by weight.
CssAssetController takes the sorted assets then groups them via CssCollectionGrouper. It verifies the group delta requests actually exists. But the number of asset groups that CssCollectionGrouper returns is 3, not 4!
Request fails for the last aggregate as Drupal thinks that only 3 aggregate groups should be needed for the requested list of libraries.

There is a wrong order load on libraries or dependencies resolution, and it gives us an error when trying to generate the aggregated group because it does not exist.

By the time the only fix that worked for us was removed, the override from gin.info.yml

  core/drupal.dialog:
    - gin/dialog

We tried the patches, removing the weight from dialog, but it did not work. We are still working on finding the source.

We will use $host = parse_url($target_href, PHP_URL_HOST); and save the host on the database, in the entity_mesh table.

Ready to review

We will keep the www. on the domain

Ready to review

Working on it

eduardo morales alberti → made their first commit to this issue’s fork.

eduardo morales alberti → created an issue.

We found this issue because we use the same replace ajax command on our custom code, and after changing to replaceWith, the error is gone.
We also tested it with ultimate_cron and solved the issue.
RTBC!!

Ready to review

eduardo morales alberti → created an issue.

On our case we still need the patch. We have behat coverage and after upgrade to Drupal 11.2.3 the patch #2 did not applied and the multilanguage tests failed because the published states.
We use the hook node grants to alter those permissions, so it is important for us to respect the translations grants.

eduardo morales alberti → created an issue.

Any news on translation access iniciative?

As comment #30 said, we should decide what is the best option to control the access.

Create an MR with the patch from comment #18, on drupal 11.x the file core/modules/content_translation/tests/modules/content_translation_test/content_translation_test.module is not available.

eduardo morales alberti → made their first commit to this issue’s fork.

Deprecation:

    1 test triggered 1 deprecation that can be ignored on phpunit tests:
    
    1) /builds/issue/drupal-3091246/core/lib/Drupal/Core/Test/HttpClientMiddleware/TestHttpClientMiddleware.php:52
    Calling Drupal\Core\Menu\MenuLinkTree::__construct() without the $eventDispatcher argument is deprecated in drupal:11.1.0 and will be required in drupal:12.0.0. See https://www.drupal.org/node/3463907
    
    Triggered by:
    
    * Drupal\Tests\navigation\Functional\NavigationShortcutsBlockTest::testNavigationBlock (7 times)
      /builds/issue/drupal-3091246/core/modules/navigation/tests/src/Functional/NavigationShortcutsBlockTest.php:35

Failing:

    Options Widgets (Drupal\Tests\options\Functional\OptionsWidgets)
     ✔ Radio buttons
     ✔ Check boxes
     ✔ Select list single
     ✔ Select list required error attribute
     ✔ Select list multiple
     ✔ Select list float
     ✔ Empty value
     ✘ Options list alter
       ┐
       ├ Behat\Mink\Exception\ElementNotFoundException: Element matching xpath "//select[@id="edit-card-4"]//option[@value="" and text()="- Select something -"]" not found.
       │
       │ /builds/issue/drupal-1585930/vendor/behat/mink/src/WebAssert.php:465
       │ /builds/issue/drupal-1585930/core/modules/options/tests/src/Functional/OptionsWidgetsTest.php:691

Failed PHPUnit:

    Options Widgets (Drupal\Tests\options\Functional\OptionsWidgets)
     ✔ Radio buttons
     ✔ Check boxes
     ✔ Select list single
     ✘ Select list required error attribute
       ┐
       ├ Behat\Mink\Exception\ElementNotFoundException: Option with id|name|label|value "_none" not found.
       │
       │ /builds/issue/drupal-1585930/core/tests/Drupal/Tests/WebAssert.php:241
       │ /builds/issue/drupal-1585930/core/modules/options/tests/src/Functional/OptionsWidgetsTest.php:406
       ┴
     ✔ Select list multiple
     ✔ Select list float
     ✔ Empty value
     ✘ Options list alter
       ┐
       ├ Behat\Mink\Exception\ElementNotFoundException: Element matching xpath "//select[@id="edit-card-1"]//option[@value="_none" and text()="- None -"]" not found.
       │
       │ /builds/issue/drupal-1585930/vendor/behat/mink/src/WebAssert.php:465
       │ /builds/issue/drupal-1585930/core/modules/options/tests/src/Functional/OptionsWidgetsTest.php:689

We will open a MR to track the changes properly

@darktek some changes do not match the 93 patch:

Why do you replaced "$element['#value'] === ''" by "$element['#value'] == ''" or "if ($value !== '') {" by "if ($value != '') {"?

interdiff 1585930-93.patch 1585930-96.patch

diff -u b/core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsWidgetBase.php b/core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsWidgetBase.php
--- b/core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsWidgetBase.php
+++ b/core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsWidgetBase.php
@@ -90,7 +90,7 @@
    *   The form state.
    */
   public static function validateElement(array $element, FormStateInterface $form_state) {
-    if ($element['#required'] && $element['#value'] === '') {
+    if ($element['#required'] && $element['#value'] == '') {
       if (isset($element['#required_error'])) {
         $form_state->setError($element, $element['#required_error']);
       }
@@ -144,7 +144,7 @@
 
       // Add an empty option if the widget needs one.
       if ($empty_label = $this->getEmptyLabel()) {
-        $options = ['' => $empty_label] + $options;
+        $options = ['_none' => $empty_label] + $options;
       }
 
       $module_handler = \Drupal::moduleHandler();
diff -u b/core/modules/options/tests/src/Functional/OptionsSelectDynamicValuesTest.php b/core/modules/options/tests/src/Functional/OptionsSelectDynamicValuesTest.php
--- b/core/modules/options/tests/src/Functional/OptionsSelectDynamicValuesTest.php
+++ b/core/modules/options/tests/src/Functional/OptionsSelectDynamicValuesTest.php
@@ -36,7 +36,7 @@
     $this->assertCount(count($this->test) + 1, $options);
     foreach ($options as $option) {
       $value = $option->getValue();
-      if ($value !== '') {
+      if ($value != '') {
         $this->assertContains($value, $this->test);
       }
     }
diff -u b/core/modules/options/tests/src/Functional/OptionsWidgetsTest.php b/core/modules/options/tests/src/Functional/OptionsWidgetsTest.php
--- b/core/modules/options/tests/src/Functional/OptionsWidgetsTest.php
+++ b/core/modules/options/tests/src/Functional/OptionsWidgetsTest.php
@@ -613,7 +613,7 @@
 
     // Display form: check that empty '' option is present and has label.
     $this->drupalGet('entity_test/manage/' . $entity->id() . '/edit');
-    $this->assertNotEmpty($this->xpath('//div[@id=:id]//input[@value=:value]', [':id' => 'edit-card-1', ':value' => '']), 'A test radio button has a "None" choice.');
+       $this->assertNotEmpty($this->xpath('//div[@id=:id]//input[@value=:value]', [':id' => 'edit-card-1', ':value' => '']), 'A test radio button has a "None" choice.');
 
     // Change it to the select widget.
     $display_repository->getFormDisplay('entity_test', 'entity_test')
diff -u b/core/modules/workspaces/tests/src/Functional/WorkspaceTestUtilities.php b/core/modules/workspaces/tests/src/Functional/WorkspaceTestUtilities.php
--- b/core/modules/workspaces/tests/src/Functional/WorkspaceTestUtilities.php
+++ b/core/modules/workspaces/tests/src/Functional/WorkspaceTestUtilities.php
@@ -52,12 +52,12 @@
    * @param string $id
    *   The ID of the workspace to create.
    * @param string $parent
-   *   (optional) The ID of the parent workspace. Defaults to ''.
+   *   (optional) The ID of the parent workspace. Defaults to '_none'.
    *
    * @return \Drupal\workspaces\WorkspaceInterface
    *   The workspace that was just created.
    */
-  protected function createWorkspaceThroughUi($label, $id, $parent = '') {
+  protected function createWorkspaceThroughUi($label, $id, $parent = '_none') {
     $this->drupalGet('/admin/config/workflow/workspaces/add');
     $this->submitForm([
       'id' => $id,
@@ -94,12 +94,12 @@
    * @param string|null $id
    *   The ID of the workspace to create.
    * @param string $parent
-   *   (optional) The ID of the parent workspace. Defaults to '_none'.
+   *   (optional) The ID of the parent workspace. Defaults to ''.
    *
    * @return \Drupal\workspaces\WorkspaceInterface
    *   The workspace that was just created.
    */
-  protected function createWorkspaceThroughUi(?string $label = NULL, ?string $id = NULL, string $parent = '_none') {
+  protected function createWorkspaceThroughUi(?string $label = NULL, ?string $id = NULL, string $parent = '') {
     $id ??= $this->randomMachineName();
     $label ??= $this->randomString();

Updated branch and solve bot messages

Added gitlabci and solve coding standard errors

eduardo morales alberti → made their first commit to this issue’s fork.

Merged! Fixed

Yes, true

Changes seems correct to me

As the user should assume that the name could be public, it should not be a risk, just a feature and something to take into account, and never use on a public field sensitive information like emails.

eduardo morales alberti → created an issue.

Ready to review

Added to the settings form config entities with canonical like webforms.

Ready to review

The problem can be related to the following code:

\Drupal\entity_mesh\EntityRender::setDataTargetFromRoute

-    // For other cases.
-    $route_parts = explode('.', $route_match['_route']);
-    if (count($route_parts) > 1) {
-      $entity = $route_parts[1];
-      $target->setEntityType($entity);
-      $target->setEntityId("");
     }

eduardo morales alberti → created an issue.

eduardo morales alberti → created an issue.

eduardo morales alberti → created an issue.

Any news? The last release was one year ago

Ready to review

Pending to separate on the settings form the external and internal links and the subcategories (iframe) and schemes (mailto, tel..) and then filter the targets by it.
Also, review the testing coverage.

eduardo morales alberti → created an issue.

Hi,

We already removed the module content_browser and replaced it with custom configuration based on the module on our projects, so we do not need to maintain it. Explanation on comment: https://www.drupal.org/project/content_browser/issues/3503979#comment-16... 📌 Drupla 11 compatibility Needs work

As a recommendation, it can be added a documentation to remove the dependency from the module and mark it as abandoned to be able to uninstall it without losing the functionality.

Or instead, if we want to keep the module maintained, use some kind of recipe to install the configuration to avoid the direct dependency.
The problem with the second option is that there is CSS and JavaScript.

eduardo morales alberti → created an issue.

Could you review the coding standard errors?

PHP CODE SNIFFER REPORT SUMMARY
----------------------------------------------------------------------
FILE                                                  ERRORS  WARNINGS
----------------------------------------------------------------------
entity_mesh.libraries.yml                             1       0
entity_mesh.permissions.yml                           1       0
entity_mesh.routing.yml                               1       0
src/DummyAccount.php                                  22      0
src/Repository.php                                    1       0
tests/src/Kernel/EntityMeshPermissionsTest.php        12      7
----------------------------------------------------------------------
A TOTAL OF 38 ERRORS AND 7 WARNINGS WERE FOUND IN 60 FILES
----------------------------------------------------------------------
PHPCBF CAN FIX 43 OF THESE SNIFF VIOLATIONS AUTOMATICALLY
----------------------------------------------------------------------
PHP CODE SNIFFER VIOLATION SOURCE SUMMARY
----------------------------------------------------------------------
    SOURCE                                                       COUNT
----------------------------------------------------------------------
[x] Drupal.Commenting.PostStatementComment.Found                 15
[x] Drupal.Commenting.InlineComment.InvalidEndChar               14
[x] Drupal.Classes.UnusedUseStatement.UnusedUse                  4
[x] Drupal.WhiteSpace.Comma.TooManySpaces                        4
[x] Drupal.Arrays.Array.CommaLastItem                            2
[x] Drupal.Files.EndFileNewline.TooMany                          2
[x] Drupal.Commenting.DocComment.TagGroupSpacing                 1
[ ] Drupal.Commenting.FunctionComment.MissingReturnComment       1
[x] Drupal.Files.EndFileNewline.NoneFound                        1
[ ] Drupal.Files.LineLength.TooLong                              1
----------------------------------------------------------------------
A TOTAL OF 45 SNIFF VIOLATIONS WERE FOUND IN 10 SOURCES
----------------------------------------------------------------------
PHPCBF CAN FIX THE 8 MARKED SOURCES AUTOMATICALLY (43 VIOLATIONS IN TOTAL)
----------------------------------------------------------------------

Related issue https://www.drupal.org/project/drupal/issues/3384789 ✨ Allow user admins to choose the user cancellation method on the user deletion confirmation form (rather than having a single sitewide setting) Needs work

Ready to review!!

Reverting the latest commit and applying the schema again, as it had too many changes not related to the issue

All threads solved!! Ready to review

All threads solved but one, pending to review

Pending review PHPUnit test after applying suggestions

Ready to review, we removed the insight to avoid excessive loads on status page

We will remove the insight as it takes to much time to process on the status report

My comment was incomplete; we were trying to update the module from 11.1.8, and we were stuck on 2.2.6.

RTBC!! Thank you!!

Why the module is not compatible with 11.1.X on version 2.3.0?

Update MR

Solve MR conflict with Drupal 11

RTBC!!!
Before patch (shows modules only enabled on prod config split):

After the patch, it only shows the content install module (it is only installed once on a site setup to create default content and then uninstalled):

Fixed coding standard

Pending to solve the following errors:

FILE: modules/styleguide_static/src/StaticGenerator.php
------------------------------------------------------------------------------------------------------------------------
FOUND 4 ERRORS AND 2 WARNINGS AFFECTING 6 LINES
------------------------------------------------------------------------------------------------------------------------
  53 | ERROR   | [x] Multi-line function declarations must have a trailing comma after the last parameter
     |         |     (Drupal.Functions.MultiLineFunctionDeclaration.MissingTrailingComma)
  57 | WARNING | [x] '@TODO: These should be cached.' should match the format '@todo Fix problem X here.'
     |         |     (Drupal.Commenting.TodoComment.TodoFormat)
  58 | WARNING | [x] '@TODO: Add hooks for extensibility.' should match the format '@todo Fix problem X here.'
     |         |     (Drupal.Commenting.TodoComment.TodoFormat)
 100 | ERROR   | [ ] Missing short description in doc comment (Drupal.Commenting.DocComment.MissingShort)
 101 | ERROR   | [ ] Description for the @return value is missing
     |         |     (Drupal.Commenting.FunctionComment.MissingReturnComment)
 139 | ERROR   | [x] Expected 1 space after FOR keyword; 0 found
     |         |     (Drupal.ControlStructures.ControlSignature.SpaceAfterKeyword)

Working on our side, ready to review

Updated branch with the last commits on 2.x and created a merge request

eduardo morales alberti → made their first commit to this issue’s fork.

We simplified the code and removed the table "xray_audit_insight", and we recalculated the external resources status on the xray audit and on the insights.

Could you provide steps to reproduce it?
We have logged the same error, but we were unable to reproduce it.

RTBC!! We tested it using the debug configuration, and now it only processes the saved translation once (not the default language). Take into account that the process entity is called from the node save, so it will take as reference the language of the saved node, not the default translation.

The current maintainer is not working with Drupal anymore, so it is possible that we will not get any response.

We uninstalled the module and replaced the configuration.

Steps to it:

• Create a new content display with the same configuration as content_browser display, we called it entity_browser.
• On views, replace content browser field, by a render field using the new entity_browser display.
• Replace any custom styling or twig from content_browser to entity_browser, example node--content-browser.html.twig => node--entity-browser.html.twig
• Once it is replaced, uninstall the module and check if any configuration needs to be recovered (it should not, as we removed all dependencies of content_browser from views and node display)

When the module is uninstalled it will remove the views with the content_browser field, and the entity_browsers with those views, so it is important to replace the field before uninstall it, also it will remove the content_browser display, that's why we created a new one with the same config.

@stefan.korn on Issue 🐛 Function file_validate_image_resolution is deprecated in drupal:10.2.0 and is removed from drupal:11.0.0. Active you have a more complete solution compatible with Drupal 10 and 11.

We created a new module to remove the EXIF information, but just because some images save geolocation about where it was taken and device information, but is optional and not related to exif_orientation, it is just to give an option to strip the information without losing the rotation.

There are more vulnerable packages https://www.drupal.org/project/gin/issues/3529722 🐛 Update Vulnerable npm Packages Active

+ ddev exec COLUMNS=200 cd web/themes/contrib/gin; npm audit

[31mFailed to execute command `COLUMNS=200 cd web/themes/contrib/gin; npm audit`: exit status 1[0m
# npm audit report

@babel/helpers  <7.26.10
Severity: moderate
Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups - https://github.com/advisories/GHSA-968p-4wvh-cqc8
fix available via `npm audit fix`
node_modules/@babel/helpers

@babel/runtime  <7.26.10
Severity: moderate
Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups - https://github.com/advisories/GHSA-968p-4wvh-cqc8
fix available via `npm audit fix`
node_modules/@babel/runtime

brace-expansion  2.0.1 - 4.0.0
brace-expansion Regular Expression Denial of Service vulnerability - https://github.com/advisories/GHSA-v6h2-p8h4-qcjw
fix available via `npm audit fix`
node_modules/svg-spritemap-webpack-plugin/node_modules/brace-expansion
  minimatch  5.0.0 - 9.0.5 || >=10.0.1
  Depends on vulnerable versions of brace-expansion
  node_modules/svg-spritemap-webpack-plugin/node_modules/minimatch
    glob  8.0.1 - 10.4.5
    Depends on vulnerable versions of minimatch
    node_modules/svg-spritemap-webpack-plugin/node_modules/glob
      svg-spritemap-webpack-plugin  >=4.4.1
      Depends on vulnerable versions of glob
      node_modules/svg-spritemap-webpack-plugin

cross-spawn  <6.0.6 || >=7.0.0 <7.0.5
Severity: high
Regular Expression Denial of Service (ReDoS) in cross-spawn - https://github.com/advisories/GHSA-3xgq-45jj-v275
Regular Expression Denial of Service (ReDoS) in cross-spawn - https://github.com/advisories/GHSA-3xgq-45jj-v275
fix available via `npm audit fix`
node_modules/cross-spawn
node_modules/webpack-cli/node_modules/cross-spawn

elliptic  <=6.6.0
Severity: critical
Valid ECDSA signatures erroneously rejected in Elliptic - https://github.com/advisories/GHSA-fc9h-whq2-v747
Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) - https://github.com/advisories/GHSA-vjh7-7g9h-fjfh
fix available via `npm audit fix`
node_modules/elliptic

nanoid  <3.3.8
Severity: moderate
Predictable results in nanoid generation when given non-integer values - https://github.com/advisories/GHSA-mwcw-c2x4-8c55
fix available via `npm audit fix`
node_modules/nanoid

postcss  <=8.4.30
Severity: moderate
Regular Expression Denial of Service in postcss - https://github.com/advisories/GHSA-566m-qj78-rww5
PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j
No fix available
node_modules/postcss-perfectionist/node_modules/postcss
node_modules/postcss-scss/node_modules/postcss
  postcss-perfectionist  *
  Depends on vulnerable versions of postcss
  Depends on vulnerable versions of postcss-scss
  node_modules/postcss-perfectionist
  postcss-scss  <=1.0.6
  Depends on vulnerable versions of postcss
  node_modules/postcss-scss

12 vulnerabilities (4 low, 6 moderate, 1 high, 1 critical)

To address issues that do not require attention, run:
  npm audit fix

Duplicated of https://www.drupal.org/project/gin/issues/3529723 🐛 Update Vulnerable npm Packages Active

eduardo morales alberti → created an issue.

eduardo morales alberti → created an issue.

Hi!
Any news on this issue?
We had the same problem on our Drupal with duplicated users

@sdhruvi5142 We are not sure if the test failed because the reCAPTCHA is for testing purposes on your video.

It is possible that is an error related to the static analysis from https://www.drupal.org/project/paragraphs/issues/3492718 🐛 Call to deprecated method loadRevision() of class Drupal\Core\Entity\EntityStorageInterface errors Active

eduardo morales alberti → created an issue.

eduardo morales alberti → created an issue.