Merge pull request #50 from delyriand/feature/altcha-1.x

Author: maximehuran

.github/workflows/recipe.yaml

@@ -14,8 +14,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php: ['8.1', '8.2', '8.3']
-        sylius: ["~1.12.0", "~1.13.0", "1.14.0"]
+        php: ['8.2', '8.3']
+        sylius: ["~1.13.0", "1.14.0"]
 
     steps:
       - name: Setup PHP

.github/workflows/security.yaml

@@ -13,7 +13,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php: ['8.1', '8.2', '8.3']
+        php: ['8.2', '8.3']
 
     steps:
       - uses: actions/checkout@v3
@@ -49,5 +49,28 @@ jobs:
       - name: Install PHP dependencies
         run: composer update --prefer-dist
 
-      - uses: symfonycorp/security-checker-action@v4
+      - uses: symfonycorp/security-checker-action@v5
+        with:
+            disable-exit-code: 1
+        id: security-check
 
+      - name: Filter vulnerabilities
+        run: |
+          echo '${{ steps.security-check.outputs.vulns }}' \
+            | jq 'with_entries(
+                    .value.advisories |= map(
+                      select(.cve != "CVE-2025-31481" and .cve != "CVE-2025-31485")
+                    )
+                  )' \
+            > filtered.json
+          
+          cat filtered.json
+          
+          # Compter les vulnérabilités restantes
+          remaining=$(jq '[.[] | .advisories[]] | length' filtered.json)
+          if [ "$remaining" -gt 0 ]; then
+            echo "❌ Security issues found ($remaining remaining)"
+            exit 1
+          else
+            echo "✅ No relevant security issues"
+          fi

.github/workflows/tests.yaml

@@ -14,7 +14,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php: ['8.1', '8.2', '8.3']
+        php: ['8.2', '8.3']
+        node: ['20']
 
     env:
       SYMFONY_ARGS: --no-tls
@@ -25,7 +26,7 @@ jobs:
       - uses: actions/checkout@v2
       - uses: actions/setup-node@v2
         with:
-          node-version: '14'
+          node-version: ${{ matrix.node }}
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:

DEVELOPMENT.md

@@ -13,3 +13,14 @@ Be sure you have the Symfony binary on your machine.
 ```
  curl -sS https://get.symfony.com/cli/installer | bash 
  ```
+
+# Build assets
+
+Install dependencies
+`yarn install`
+
+While developing your JS, you can use :
+`yarn run watch`
+
+Then generate the final files and push it :
+`yarn run build`

README.md

@@ -1,4 +1,4 @@
-[![Banner of Sylius Anti Spam plugin](docs/images/banner.jpg)](https://monsieurbiz.com/agence-web-experte-sylius)
+[![Banner of Sylius Anti Spam plugin](docs/images/antispam-banner.jpg)](https://monsieurbiz.com/agence-web-experte-sylius)
 
 <h1 align="center">Anti Spam</h1>
 
@@ -11,11 +11,10 @@ This plugins adds captcha and allows you to manage your spams.
 
 ## Compatibility
 
-| Sylius Version | PHP Version     |
-|----------------|-----------------|
-| 1.12           | 8.1 - 8.2 - 8.3 |
-| 1.13           | 8.1 - 8.2 - 8.3 |
-| 1.14           | 8.1 - 8.2 - 8.3 |
+| Sylius Version | PHP Version |
+|----------------|-------------|
+| 1.13           | 8.2 - 8.3   |
+| 1.14           | 8.2 - 8.3   |
 
 ## Installation
 
@@ -25,17 +24,87 @@ If you want to use our recipes, you can configure your composer.json by running:
 composer config --no-plugins --json extra.symfony.endpoint '["https://api.github.com/repos/monsieurbiz/symfony-recipes/contents/index.json?ref=flex/master","flex://defaults"]'
 ```
 
-⚙️ To Be Defined.
+```bash
+composer require monsieurbiz/sylius-anti-spam-plugin
+```
+
+Run post installation command
+```bash
+cp -r vendor/monsieurbiz/sylius-anti-spam-plugin/dist/config config/
+```
+
+<details>
+<summary>For the installation without flex, follow these additional steps</summary>
+<p>
+
+Change your `config/bundles.php` file to add the line for the plugin :
+
+```php
+<?php
+
+return [
+    //..
+    MonsieurBiz\SyliusRichEditorPlugin\MonsieurBizSyliusAntiSpamPlugin::class => ['all' => true],
+];
+```
+
+Then create the config file in `config/packages/monsieurbiz_sylius_anti_spam_plugin.yaml` :
+
+```yaml
+imports:
+    - { resource: "@MonsieurBizSyliusAntiSpamPlugin/Resources/config/config.yaml" }
+
+services:
+    # Add the "monsieurbiz_anti_spam.quarantineable" tag on the quarantineable entity (not autoconfigure the entity…)
+    App\Entity\Customer\Customer:
+        tags: ['monsieurbiz_anti_spam.quarantineable']
+```
+
+Finally import the routes in `config/routes/monsieurbiz_sylius_anti_spam_plugin.yaml` :
+
+```yaml
+monsieurbiz_sylius_anti_spam_admin:
+    resource: "@MonsieurBizSyliusAntiSpamPlugin/Resources/config/routes/admin.yaml"
+    prefix: /%sylius_admin.path_name%
+```
+</p>
+</details>
+
+**Update customer entity**
+
+Your `Customer` entity should implement `MonsieurBiz\SyliusAntiSpamPlugin\Entity\QuarantineItemAwareInterface` and use the `MonsieurBiz\SyliusAntiSpamPlugin\Entity\QuarantineItemAwareTrait` trait.
+
+```diff
+namespace App\Entity\Customer;
 
-<!--
-1. Use the trait `\MonsieurBiz\SyliusAntiSpamPlugin\Entity\CustomerQuarantineItemAwareTrait` in your Customer entity. 
+use Doctrine\ORM\Mapping as ORM;
++ use MonsieurBiz\SyliusAntiSpamPlugin\Entity\QuarantineItemAwareInterface;
++ use MonsieurBiz\SyliusAntiSpamPlugin\Entity\QuarantineItemAwareTrait;
+use Sylius\Component\Core\Model\Customer as BaseCustomer;
 
-2. Update your env vars with your Recaptcha site key and secret : 
+#[ORM\Entity]
+#[ORM\Table(name: 'sylius_customer')]
+- class Customer extends BaseCustomer
++ class Customer extends BaseCustomer implements QuarantineItemAwareInterface
+{
++     use QuarantineItemAwareTrait
+}
+```
+
+**Update your database schema**
+
+Update your database schema with the plugin migrations:
+
+```bash
+bin/console doctrine:migrations:migrate
+```
 
-RECAPTCHA3_KEY=my_site_key
-RECAPTCHA3_SECRET=my_secret
+Generate the migration and update your database schema with the new customer entity field:
 
--->
+```bash
+bin/console doctrine:migrations:diff
+bin/console doctrine:migrations:migrate
+```
 
 ## Documentation
 

UPGRADE-1.4.md

@@ -0,0 +1,22 @@
+# UPGRADE FROM `1.3.1` TO `1.4.0`
+
+- Preconditions: PHP 8.2 support
+
+- Copy config files from dist files, run the command:
+```
+cp -r vendor/monsieurbiz/sylius-anti-spam-plugin/dist/config config/
+```
+
+- Create env vars:
+
+```
+RECAPTCHA3_SCORE_THRESHOLD=0.5
+RECAPTCHA3_ENABLED=true
+ALTCHA_ENABLED=false
+ALTCHA_SECRET=CHANGEME
+```
+
+- If you want to switch on Atcha, you can set `ALTCHA_ENABLED` to `true` and set the `ALTCHA_SECRET` to your secret key.
+
+You can generate `ALTCHA_SECRET` with command `openssl rand -hex 32`
+

assets/js/altcha-i18n.js

@@ -0,0 +1,11 @@
+import 'altcha/i18n/all';
+
+globalThis.altchaI18n.set("fr-fr", {
+  ...globalThis.altchaI18n.get("fr-fr"),
+  label: "Je ne suis pas un robot",
+});
+
+globalThis.altchaI18n.set("fr-ca", {
+  ...globalThis.altchaI18n.get("fr-ca"),
+  label: "Je ne suis pas un robot",
+});

assets/js/altcha.js

@@ -0,0 +1 @@
+import 'altcha';

composer.json

@@ -6,8 +6,9 @@
     "license": "MIT",
     "require": {
         "karser/karser-recaptcha3-bundle": "~0.1.16",
-        "php": "^8.1",
-        "sylius/sylius": ">=1.12 <2.0"
+        "php": "^8.2",
+        "sylius/sylius": ">=1.12 <2.0",
+        "huluti/altcha-bundle": "^1.7.3"
     },
     "require-dev": {
         "friendsofphp/php-cs-fixer": "^3.16",
@@ -37,7 +38,7 @@
     },
     "extra": {
         "branch-alias": {
-            "dev-master": "1.2-dev"
+            "dev-master": "1.4-dev"
         },
         "symfony": {
             "docker": false,

dist/config/packages/huluti_altcha.yaml

@@ -0,0 +1,11 @@
+huluti_altcha:
+    enable: '%env(bool:ALTCHA_ENABLED)%'
+    hmacKey: '%env(ALTCHA_SECRET)%'
+    floating: false
+    use_stimulus: false
+    altcha_js_path: /bundles/monsieurbizsyliusantispamplugin/js/altcha.js
+    altcha_js_i18n_path: /bundles/monsieurbizsyliusantispamplugin/js/altcha-i18n.js
+
+when@test:
+    huluti_altcha:
+        enable: false