[horde] General Status Update on H6 and notorious htmlspecialchars error
Ralf Lang
ralf.lang at ralf-lang.de
Fri May 9 14:45:42 UTC 2025
Hello,
before we get to the actual meat:
I have caught a bunch of cases where the notorious htmlspecialchars()
could happen. Please update to
https://github.com/horde/View/releases/tag/v3.0.0alpha6 to test.
*Achievements of the past two weeks:*
- The horde/components release tool now can read conventional commits
https://www.conventionalcommits.org/en/v1.0.0/ and turn them into
changelog and version info.
- I have modernized the developer container setup to run php 8.4,
mariadb, ldap and generally provide a more useful developer experience.
A developer horde can environment can now be set up in less than 5
minutes though it's still somewhat lacking. Notably, no dovecot email
components (imp webmail, ingo mail filter).
- The horde ldap driver seems to be compatible with php 8.4 now. At
least the way I tested it which does not mean much.
- Several apps and libraries now run without spamming the logs with
deprecation warnings just for being installed. Among them are whups
(tickets), nag (tasks), mnemo (notes), turba (contacts) and kronolith
(calendar). Testing is very superficial and there is still a lot to do.
- Some places in the horde base app have been made more resilient
against missing sections of configuration. You now have a better chance
of actually using the admin UI when configuring horde.
- New library horde/phpconfigfile for programmatically editing what it
says on the tin. This is a building block towards making initial setup
more pleasant.
- Some updates in the wiki
This is a team effort. Nobody can drive such a project alone. There's so
much left to do.
*Contribution
*
If you want to contribute bug fixes, please open PRs and specifically
highlight Torben (@tdannhauer) and me (@ralflang). We will probably be
back to having a stream of activities and PRs across all repos by next
week but for now that extra notification can help speed up things.
If you want to report issues, please use the mailing list for now. Some
components have the "issues" feature enabled on github. We also watch
the known issues wiki page.
*git branch or alpha versions?*
With the tool chain improving, we tend to release new tagged versions as
soon as a block of work is finished. Thus there is less and less
incentive to run directly off the development branches.
*The currently recommended settings are:
*
composer config minimum-stability dev
composer config prefer-stable true
You might need to run with an additional switch -W
-W, --with-all-dependencies Update also
dependencies of packages in the argument list, including those which are
root requirement
composer update -W
More information about the horde
mailing list