-
previous/8.x-1.x/2020-12-22
Branch force pushed by sgourebi at 2020-12-22T10:37:52+00:00, 8.x-1.x moved from this tag to 85a53a9b9040fede55ebb1af71a71488801c1127
-
8.x-1.8
Multiple Bugfixes & features
-
8.x-1.7
Automated Drupal 9 compatibility fixes Send all emails by sendinblue Mail is not sent Api Key V3
-
8.x-1.6
Issue #3163308 by loicLEMEUT: Site crashes when trying to access the module
-
8.x-1.5
- Please use dependency injection in place of static calls to different services like database. - You should use a constant or configuration for the BASE_URL of the external URL (https://my.sendinblue.com). This should not be hardcoded at multiple places in code. - sendinblue_page_attachments(): why do you add you admin library to every page? You should only add it on the render array of admin pages? - SendinblueManager: do not call mail() directly, use Drupal's configured mail system instead. This is currently a blocker because developers expect that on a dev site no emails go out if they have configured a dev mail system. If you are using mail() directly then you are bypassing that assumption and a developer might send unintended mails from their dev site. - SignupAccessControlHandler: a default of allowing access at the end of the checkAccess() method is not a good idea. A default to deny access to avoid any access bypass problems is more secure. - class Signup: the doc blocks seems copied from an example module? Please replace all wrong example docs with real docs about your entity. - ConfigurationSendinblueForm::validateForm(): Du not change configuration in a validation method, that should be done in the submit method. - ConfigurationSendinblueForm::validateForm(): do not flush caches in a validation method, should also be done on submit only. drupal_flush_all_caches() s expensive, can you only flush the menu related caches? - class RegisteringUserForm: doc block talks about SMTP, but it looks like the class is dealing with user registrations? Please update all your class doc comments. - I double checked that the D7 permission related vulnerability is fixed on the 7.x-1.x branch, so we should be good there. - I fix all Drupal and DrupalPractice PHPCS
-
7.x-1.7
Issue #3094362 by loicLEMEUT: Module unsupported due to a security issue
-
-
-
-
-
-
-
-
-
-
-
-