Flyspray - The bug killer!

  • Status Unconfirmed
  • Percent Complete
    0%
  • Task Type Information
  • Category Backend/Core
  • Assigned To No-one
  • Operating System All
  • Severity Low
  • Priority Very Low
  • Reported Version 1.0-rc7
  • Due in Version Undecided
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Flyspray - The bug killer!
Opened by Lucas K - 10.08.2018

FS#2480 - Better file organization

Save public files inside public or public_html directories, and non-public files outside of those directories;

config file

vendor directory

setup logic

etc

This goes onto another question/point - why are you deleting files from the vendor directory? It happens during composer install, and again after installation? Those files will just get put back if the user ever runs composer install again...

Project Manager
peterdd commented on 10.08.2018 11:46

I think this is coming from the 'just unpack the release file on your web hosting and point your browser there to continue'.

If you mean the post-update-cmd in composer.json : I just removed unnecessary stuff from vendor/dapphp/securimage/ that could lower the securimage captcha security.

Also vendor/ contains a .htaccess that deny any access there now.
Every folder that doesn't require direct file access from browser should by denied. This is currently enforced by .htaccess files.

So if your apache config doesn't support .htaccess files, denying that directories must be done by apache config files. Same for people who try experimental tries with nginx.

Which files are deleted from vendor/ after installation?

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing