- Log in or register to create an issue
- Advanced search
| Title | Status | Priority | Category | Version | Component | Replies |
Last updated |
Assigned to | Created |
|---|---|---|---|---|---|---|---|---|---|
| X-Frame-Options false negative | Closed (fixed) | Normal | Bug report | 3.1.3 | Code | 11 | 2 weeks 3 days | 5 months 1 week | |
| False positives header tests due to case sensitivity | Closed (fixed) | Major | Bug report | 3.1.x-dev | Code | 8 | 2 months 3 weeks | 3 months 4 weeks | |
| Make warnings or errors pop on Details page | Closed (fixed) | Normal | Feature request | 3.1.x-dev | User interface | 18 | 3 months 2 weeks | 5 months 2 weeks | |
| Add account creation check | Closed (fixed) | Normal | Feature request | 3.1.x-dev | Code | 36 | 3 months 2 weeks | smustgrave | 5 months 2 weeks |
| Check for CSP on private and public SVG files | Needs work | Normal | Feature request | 3.1.x-dev | Code | 12 | 3 months 2 weeks | 1 year 4 months | |
| Place most critical checks at the top | Closed (won't fix) | Normal | Feature request | 3.1.x-dev | User interface | 4 | 3 months 3 weeks | 3 months 4 weeks | |
| MissingMandatoryParametersException when viewing upload extensions help page | Closed (fixed) | Normal | Bug report | 3.1.x-dev | Code | 12 | 3 months 3 weeks | 5 months 3 weeks | |
| Checking test details before running test throws an exception | Closed (fixed) | Normal | Bug report | 3.1.x-dev | Code | 9 | 3 months 3 weeks | smustgrave | 5 months 1 week |
| Convert to Attributes | Closed (fixed) | Normal | Task | 3.1.x-dev | Code | 6 | 4 months 23 hours | 4 months 2 weeks | |
| SecRev can not be run with Drush on sites with non-english default language | Closed (fixed) | Major | Bug report | 3.1.x-dev | Code | 13 | 4 months 1 day | 5 months 2 weeks | |
| Add test coverage for VendorDirectory and UploadExtensions | Closed (fixed) | Normal | Task | 3.1.x-dev | Code | 7 | 4 months 1 day | 5 months 2 weeks | |
| Add better test coverage per check | Closed (fixed) | Normal | Plan | 3.1.x-dev | Code | 13 | 4 months 1 day | 1 year 5 months | |
| Add test coverage for FilePermissions | Closed (fixed) | Normal | Task | 3.1.x-dev | Code | 7 | 4 months 1 day | smustgrave | 5 months 2 weeks |
| Add test coverage for Headers, InputFormats, and LastCronRun | Closed (fixed) | Normal | Task | 3.1.x-dev | Code | 12 | 4 months 2 days | mdranove | 5 months 2 weeks |
| Whitelist views/displays in View access check | Closed (fixed) | Normal | Feature request | 3.1.x-dev | Code | 20 | 4 months 2 days | smustgrave | 4 years 11 months |
| Some Details links give Page not found | Closed (duplicate) | Normal | Bug report | 3.1.x-dev | Code | 10 | 4 months 3 days | 4 months 3 days | |
| There should be a new test for ownership of files and directories | Active | Normal | Feature request | 3.0.x-dev | Code | 18 | 4 months 4 days | c-logemann | 10 years 7 months |
| Checks using sub requests with guzzle get wrong results on 403 situations | Needs work | Normal | Bug report | 3.1.x-dev | Code | 17 | 4 months 5 days | 1 year 10 months | |
| CLI/Drush cannot do file checks directly | Active | Normal | Bug report | 3.1.x-dev | Code | 8 | 4 months 1 week | 1 year 10 months | |
| DB Log error - ArgumentCountError: Too few arguments to function Drupal\security_review\SecurityReview::__construct(), 4 passed | Closed (cannot reproduce) | Normal | Bug report | 3.1.1 | Code | 4 | 4 months 1 week | 5 months 1 week | |
| AJAX HTTP Error During Security Review Analysis and Multiple Errors on Settings Page | Closed (cannot reproduce) | Normal | Bug report | 3.1.x-dev | Code | 6 | 4 months 2 weeks | 1 year 3 months | |
| Error using drush "skip" option values where id and title are different | Closed (fixed) | Normal | Bug report | 3.1.x-dev | Code | 16 | 4 months 3 weeks | 9 months 6 days | |
| Add test coverage for TrustedHosts and TemporaryFiles | Closed (fixed) | Normal | Task | 3.1.x-dev | Code | 6 | 4 months 3 weeks | smustgrave | 5 months 1 week |
| Improve wording for Untrusted roles warning, or update the check | Closed (fixed) | Normal | Task | 3.1.x-dev | Miscellaneous | 13 | 5 months 2 hours | 5 months 2 weeks | |
| Add test coverage for ViewsAccess | Closed (fixed) | Normal | Task | 3.1.x-dev | Code | 7 | 5 months 20 hours | 5 months 2 weeks | |
| .htaccess file is writable, using the current Securing file permissions and ownership doc page | Closed (fixed) | Normal | Task | 3.1.x-dev | Documentation | 19 | 5 months 1 day | 6 months 3 weeks | |
| Add test coverage for NamePasswords, PrivateFiles, and QueryErrors | Closed (fixed) | Normal | Task | 3.1.x-dev | Code | 6 | 5 months 1 day | smustgrave | 5 months 2 weeks |
| Add test coverage for fields plugin | Closed (fixed) | Normal | Task | 3.1.x-dev | Code | 8 | 5 months 1 day | smustgrave | 5 months 2 weeks |
| Create tests for AdminUser, ErrorReporting, ExecutablePhp, FailedLogin | Closed (fixed) | Normal | Task | 3.1.x-dev | Code | 6 | 5 months 3 days | smustgrave | 5 months 2 weeks |
| Fix fatal error when pressing Run checklist button | Closed (fixed) | Normal | Bug report | 3.0.x-dev | Code | 18 | 5 months 2 weeks | 1 year 9 months | |
| Headers check should be lowercase | Closed (works as designed) | Normal | Bug report | 3.1.x-dev | Code | 5 | 5 months 2 weeks | mdranove | 1 year 4 months |
| Add "restrict access" to the "access security review list" permission | Closed (fixed) | Normal | Task | 3.1.x-dev | Code | 10 | 8 months 3 weeks | smustgrave | 1 year 4 months |
| Fields::getDetails() can return a TranslatableMarkup object | Closed (fixed) | Normal | Bug report | 3.1.1 | Code | 5 | 8 months 3 weeks | 10 months 4 days | |
| In valid array in Security.php on scan null given in in_array() | Closed (outdated) | Normal | Bug report | 2.0.2 | Code | 6 | 9 months 6 days | 12 months 6 hours | |
| TypeError: array_key_exists(): Argument #2 ($array) must be of type array, null given in array_key_exists() (line 203 of modules/contrib/security_review/src/SecurityReview.php). | Closed (cannot reproduce) | Normal | Bug report | 3.0.3 | Code | 8 | 1 year 2 months | 1 year 5 months | |
| Move from state API tot dedicated key/value collection | Active | Normal | Task | 3.1.x-dev | Code | 5 | 1 year 3 months | 1 year 6 months | |
| False Negative for Writeable .htaccess on NGINX | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 28 | 1 year 3 months | 11 years 3 months | |
| Add test for adminPermission Plugin + start testbase | Closed (fixed) | Normal | Task | 3.1.x-dev | Code | 5 | 1 year 4 months | 1 year 4 months | |
| Long field names which are shortened by Drupal doesn't work. | Closed (fixed) | Normal | Bug report | 2.0.x-dev | Code | 20 | 1 year 4 months | 5 years 8 months | |
| file check is problematic "green" when not test with chmod | Closed (fixed) | Normal | Bug report | 3.1.x-dev | Code | 17 | 1 year 5 months | 1 year 10 months | |
| TypeError: Drupal\user\UserAuthentication::authenticateAccount(): Argument #1 (closed) ($account) must be of type Drupal\user\UserInterface, bool given | Closed (fixed) | Normal | Bug report | 3.1.x-dev | Code | 9 | 1 year 5 months | 1 year 5 months | |
| Once failed but skipped checks shown as warning on status page | Closed (fixed) | Normal | Bug report | 3.1.x-dev | Code | 6 | 1 year 5 months | 1 year 6 months | |
| Update 3.0.4 > 3.1.0 | Closed (works as designed) | Normal | Bug report | 3.1.0 | Miscellaneous | 5 | 1 year 5 months | 1 year 5 months | |
| Validate schema | Closed (fixed) | Normal | Task | 3.1.x-dev | Code | 5 | 1 year 5 months | smustgrave | 1 year 6 months |
| Problem with Mail Login || Deprecation of UserAuthInterface | Closed (fixed) | Normal | Bug report | 3.1.x-dev | Code | 15 | 1 year 5 months | 1 year 9 months | |
| Hashes in dangerous tags in content exclude list not working | Closed (fixed) | Normal | Bug report | 3.0.3 | Code | 5 | 1 year 5 months | 1 year 7 months | |
| Drush command does not display checks anymore | Closed (fixed) | Normal | Bug report | 3.0.2 | Code | 7 | 1 year 5 months | 1 year 9 months | |
| views_access check is broken | Closed (fixed) | Normal | Bug report | 3.0.2 | Code | 15 | 1 year 8 months | 1 year 9 months | |
| Private files path is not detected correctly | Closed (fixed) | Normal | Bug report | 3.0.2 | Code | 8 | 1 year 8 months | 1 year 9 months | |
| [error] Message: Error executable_php, access was denied to the file. | Closed (fixed) | Normal | Bug report | 3.0.x-dev | Code | 15 | 1 year 8 months | 1 year 11 months |
Pages
Subscribe with RSS 