Update Twig from 1.35.0 to 1.42.4 (PHP 5.5 is now required!)

This fixes some errors on PHP 7.4 and contains even more fixes Also bumped PHP version to 5.5 as Twig requires it.
2025-10-15 10:14:55 +02:00 · 2020-02-15 05:41:38 +01:00
parent d9e449b6cf
commit 8021308822
414 changed files with 9276 additions and 5531 deletions
--- a/system/libs/Twig/NodeVisitor/SafeAnalysisNodeVisitor.php
+++ b/system/libs/Twig/NodeVisitor/SafeAnalysisNodeVisitor.php
@@ -0,0 +1,164 @@
+<?php
+
+/*
+ * This file is part of Twig.
+ *
+ * (c) Fabien Potencier
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Twig\NodeVisitor;
+
+use Twig\Environment;
+use Twig\Node\Expression\BlockReferenceExpression;
+use Twig\Node\Expression\ConditionalExpression;
+use Twig\Node\Expression\ConstantExpression;
+use Twig\Node\Expression\FilterExpression;
+use Twig\Node\Expression\FunctionExpression;
+use Twig\Node\Expression\GetAttrExpression;
+use Twig\Node\Expression\MethodCallExpression;
+use Twig\Node\Expression\NameExpression;
+use Twig\Node\Expression\ParentExpression;
+use Twig\Node\Node;
+
+/**
+ * @final
+ */
+class SafeAnalysisNodeVisitor extends AbstractNodeVisitor
+{
+    protected $data = [];
+    protected $safeVars = [];
+
+    public function setSafeVars($safeVars)
+    {
+        $this->safeVars = $safeVars;
+    }
+
+    public function getSafe(\Twig_NodeInterface $node)
+    {
+        $hash = spl_object_hash($node);
+        if (!isset($this->data[$hash])) {
+            return;
+        }
+
+        foreach ($this->data[$hash] as $bucket) {
+            if ($bucket['key'] !== $node) {
+                continue;
+            }
+
+            if (\in_array('html_attr', $bucket['value'])) {
+                $bucket['value'][] = 'html';
+            }
+
+            return $bucket['value'];
+        }
+    }
+
+    protected function setSafe(\Twig_NodeInterface $node, array $safe)
+    {
+        $hash = spl_object_hash($node);
+        if (isset($this->data[$hash])) {
+            foreach ($this->data[$hash] as &$bucket) {
+                if ($bucket['key'] === $node) {
+                    $bucket['value'] = $safe;
+
+                    return;
+                }
+            }
+        }
+        $this->data[$hash][] = [
+            'key' => $node,
+            'value' => $safe,
+        ];
+    }
+
+    protected function doEnterNode(Node $node, Environment $env)
+    {
+        return $node;
+    }
+
+    protected function doLeaveNode(Node $node, Environment $env)
+    {
+        if ($node instanceof ConstantExpression) {
+            // constants are marked safe for all
+            $this->setSafe($node, ['all']);
+        } elseif ($node instanceof BlockReferenceExpression) {
+            // blocks are safe by definition
+            $this->setSafe($node, ['all']);
+        } elseif ($node instanceof ParentExpression) {
+            // parent block is safe by definition
+            $this->setSafe($node, ['all']);
+        } elseif ($node instanceof ConditionalExpression) {
+            // intersect safeness of both operands
+            $safe = $this->intersectSafe($this->getSafe($node->getNode('expr2')), $this->getSafe($node->getNode('expr3')));
+            $this->setSafe($node, $safe);
+        } elseif ($node instanceof FilterExpression) {
+            // filter expression is safe when the filter is safe
+            $name = $node->getNode('filter')->getAttribute('value');
+            $args = $node->getNode('arguments');
+            if (false !== $filter = $env->getFilter($name)) {
+                $safe = $filter->getSafe($args);
+                if (null === $safe) {
+                    $safe = $this->intersectSafe($this->getSafe($node->getNode('node')), $filter->getPreservesSafety());
+                }
+                $this->setSafe($node, $safe);
+            } else {
+                $this->setSafe($node, []);
+            }
+        } elseif ($node instanceof FunctionExpression) {
+            // function expression is safe when the function is safe
+            $name = $node->getAttribute('name');
+            $args = $node->getNode('arguments');
+            $function = $env->getFunction($name);
+            if (false !== $function) {
+                $this->setSafe($node, $function->getSafe($args));
+            } else {
+                $this->setSafe($node, []);
+            }
+        } elseif ($node instanceof MethodCallExpression) {
+            if ($node->getAttribute('safe')) {
+                $this->setSafe($node, ['all']);
+            } else {
+                $this->setSafe($node, []);
+            }
+        } elseif ($node instanceof GetAttrExpression && $node->getNode('node') instanceof NameExpression) {
+            $name = $node->getNode('node')->getAttribute('name');
+            // attributes on template instances are safe
+            if ('_self' == $name || \in_array($name, $this->safeVars)) {
+                $this->setSafe($node, ['all']);
+            } else {
+                $this->setSafe($node, []);
+            }
+        } else {
+            $this->setSafe($node, []);
+        }
+
+        return $node;
+    }
+
+    protected function intersectSafe(array $a = null, array $b = null)
+    {
+        if (null === $a || null === $b) {
+            return [];
+        }
+
+        if (\in_array('all', $a)) {
+            return $b;
+        }
+
+        if (\in_array('all', $b)) {
+            return $a;
+        }
+
+        return array_intersect($a, $b);
+    }
+
+    public function getPriority()
+    {
+        return 0;
+    }
+}
+
+class_alias('Twig\NodeVisitor\SafeAnalysisNodeVisitor', 'Twig_NodeVisitor_SafeAnalysis');