Displaying 1 - 50 of 341
Title Status Priority Category Version Component Replies Last updatedsort ascending Assigned to Created
Automated Drupal 11 compatibility fixes for security_review Needs review Normal Task 3.0.0 Code 3 4 days 11 hours 4 days 11 hours
Port views access batch to new plugin mechanism Closed (fixed) Normal Task 3.0.x-dev Code 10 6 days 19 hours 1 month 1 week
Port upload extensions batch to new plugin mechanism Closed (fixed) Normal Task 3.0.x-dev Code 9 6 days 20 hours 1 month 1 week
State should be cleaned on uninstall Closed (fixed) Normal Bug report 3.0.x-dev Code 15 1 week 17 hours 1 month 6 days
META 3.0.0 Fixed Normal Plan 3.0.x-dev Code 32 1 week 2 days 3 months 1 week
Scan freezes on File permissions. Guzzle Error Fixed Normal Task 3.0.0-rc4 Code 12 1 week 6 days 2 weeks 4 days
\Drupal calls should be avoided in classes, use dependency injection instead Closed (works as designed) Normal Task 3.0.x-dev Code 4 2 weeks 22 hours 2 weeks 1 day
Batchify and optimize field scan (dangerous tags in content) Needs review Normal Task 3.0.x-dev Code 6 2 weeks 4 days 1 month 6 days
A more specific state variable should be used for storing the last run time Closed (fixed) Normal Task 3.0.x-dev Code 20 3 weeks 1 day 1 month 1 week
name / passwords check not working as expected Closed (fixed) Normal Bug report 3.0.0-rc2 Code 7 3 weeks 2 days 1 month 2 weeks
Warning: Undefined array key "result" in security_review_requirements() (line 51 of security_review.install) Closed (fixed) Normal Bug report 3.0.0-rc2 Code 7 3 weeks 2 days 1 month 1 week
Move batch functionality into check plugin Closed (fixed) Normal Task 3.0.x-dev Code 14 3 weeks 3 days 1 month 1 week
Reduce number of dependencies in SecurityCheckBase Closed (fixed) Normal Task 3.0.x-dev Code 14 3 weeks 3 days 1 month 1 week
State should be cleaned on uninstall Closed (fixed) Normal Bug report 2.0.2 Code 5 4 weeks 19 hours 1 month 1 week
Message TypeError: array_key_exists(): Argument #2 ($array) must be of type array, null given in array_key_exists() Closed (outdated) Normal Bug report 3.0.x-dev Code 14 1 month 1 week 2 months 2 weeks
security_review.checks.yml fails blt yaml validation Closed (works as designed) Major Bug report 3.0.x-dev Code 8 1 month 3 weeks 1 month 4 weeks
Include check for X-Frame-Options header/click-jacking Closed (fixed) Normal Feature request 2.0.x-dev Code 10 2 months 4 days 10 years 2 months
Readd and update tests Closed (fixed) Normal Task 3.0.x-dev Code 3 2 months 4 days 3 months 1 week
Long field names which are shortened by Drupal doesn't work. Closed (fixed) Normal Bug report 2.0.x-dev Code 18 2 months 5 days 3 years 6 months
[Meta] - Hush Check Closed (fixed) Normal Plan 3.0.x-dev Code 5 2 months 1 week 1 year 1 month
Add the ability to hush specific fields for "Unsafe file extensions allowed in uploads" check Closed (fixed) Normal Feature request 3.0.x-dev Code 12 2 months 2 weeks 1 year 1 month
"Files writable by the server"-Repair instructions should NOT be server specific Closed (fixed) Major Task 3.0.x-dev User interface 5 2 months 2 weeks 6 years 1 month
Make security checks into plugins Closed (fixed) Normal Task 3.0.x-dev Code 19 2 months 2 weeks 8 years 4 months
Explore additional ways to load large number of items Closed (fixed) Normal Feature request 3.0.x-dev Code 7 2 months 2 weeks 11 months 3 weeks
Error: Call to a member function isAdmin() on null in Drupal\security_review\Security->rolePermissions() Closed (fixed) Normal Bug report 2.0.0 Code 9 2 months 2 weeks 4 years 8 months
PrivateFiles check may fail or give misleading results for alternate stream wrappers Needs work Normal Bug report 3.0.x-dev Code 9 2 months 2 weeks 6 months 2 weeks
Clean up toggle functionality Closed (fixed) Normal Task 3.0.x-dev Code 3 2 months 3 weeks 3 months 1 week
PHP 8.1 Warning: Array to string conversion Closed (fixed) Normal Bug report 2.0.x-dev Code 10 2 months 4 weeks 4 months 2 days
Address phpstan issues Closed (fixed) Normal Task 3.0.x-dev Code 7 2 months 4 weeks 4 months 2 weeks
Remove drush.inc file Closed (fixed) Normal Task 3.0.x-dev Code 10 2 months 4 weeks 3 months 2 weeks
Merge Check::evaluate() and Check::evaluatePlain() Closed (fixed) Normal Task 3.0.x-dev Code 8 2 months 4 weeks 8 years 4 months
Executable PHP in files directory - false negative Closed (outdated) Normal Bug report 7.x-1.3 Code 21 3 months 2 weeks 9 years 9 months
Add gitlab file and addressing findings Closed (fixed) Normal Task 2.0.x-dev Code 5 4 months 6 days 4 months 2 weeks
SQL syntax error in Field check when run on PostgreSQL Closed (fixed) Normal Bug report 2.0.x-dev Code 8 4 months 6 days 6 months 2 weeks
Remove the TD and TABLE tags as particularly dangerous - needs discussion Closed (fixed) Normal Feature request 2.0.x-dev Code 12 4 months 6 days 8 months 3 weeks
Port Security Review to Drupal 8 Closed (fixed) Normal Task 8.x-1.x-dev Code 63 4 months 1 week 9 years 4 months
[Meta] 2.0.2 Release Closed (outdated) Normal Plan 2.0.x-dev Code 4 4 months 2 weeks 1 year 1 month
Is this module supposed to be used in a production environment? Closed (fixed) Normal Support request 2.0.1 Documentation 7 5 months 3 weeks 6 months 1 week
Clean install does not comply with security review Closed (works as designed) Normal Support request 7.x-1.x-dev Miscellaneous 3 6 months 1 week 6 months 1 week
PHP warning: in_array() expects parameter 2 to be array Closed (fixed) Normal Bug report 8.x-1.x-dev Code 16 6 months 2 weeks 5 years 1 month
"VendorDirectory" help text issues Closed (fixed) Minor Bug report 2.0.x-dev User interface 7 6 months 2 weeks 8 months 1 week
"Base table or view not found" when running report with CiviCRM on Drupal 9. Closed (duplicate) Normal Bug report 2.0.x-dev Code 4 6 months 2 weeks 8 months 3 weeks
TypeError: Drupal\security_review\CheckResult::__construct(): Argument #6 ($hushedFindings) must be of type array, null given Closed (outdated) Normal Bug report 2.0.1 Code 7 6 months 2 weeks 1 year 1 week
Table is empty, broken query Closed (duplicate) Normal Bug report 2.0.1 Code 4 6 months 4 weeks 7 months 18 hours
Unsafe file upload extensions Details page throws an exception Closed (duplicate) Critical Bug report 2.0.1 Code 3 6 months 4 weeks 10 months 3 weeks
Check for spam content in hidden parts of comments Closed (outdated) Normal Feature request 2.0.x-dev Code 2 6 months 4 weeks 10 years 6 months
t() calls should be avoided in classes, use \Drupal\Core\StringTranslation\StringTranslationTrait and $this->t() instead Closed (won't fix) Normal Task 2.0.x-dev Code 4 8 months 3 weeks 9 months 4 days
Fix the issues reported by phpcs Closed (won't fix) Minor Task 2.0.x-dev Code 4 8 months 3 weeks 8 months 3 weeks
Unused variable $test. Closed (outdated) Normal Task 2.0.x-dev Code 7 9 months 4 days 9 months 4 days
New Checks/NamePasswords does not scale with a large number of user accounts Closed (fixed) Normal Bug report 2.0.1 Code 16 11 months 1 week 1 year 2 months

Pages

Subscribe with RSS Subscribe to Issues for Security Review