[horde] General Status Update on H6 and notorious htmlspecialchars error

Tue May 13 10:31:45 UTC 2025

On Fri, 9 May 2025 at 14:46, Ralf Lang <ralf.lang at ralf-lang.de> wrote:
>
> Hello,
>
> before we get to the actual meat:
>
> I have caught a bunch of cases where the notorious htmlspecialchars()
> could happen. Please update to
> https://github.com/horde/View/releases/tag/v3.0.0alpha6 to test.

Hi Ralf,

Thanks!  I need a bit of help though.  My runguide has these instructions...

To Update Horde
sudo -u www-data composer update

sudo -u www-data composer update horde/bundle

Individual apps
sudo -u www-data composer update horde/kronolith

To update the DB
/usr/share/2024-composer-horde6/vendor/bin/horde-db-migrate up

I have no idea how to use git to test a release.

But that is an amazing list of achievements below - thank you!

Simon

> *Achievements of the past two weeks:*
>
> - The horde/components release tool now can read conventional commits
> https://www.conventionalcommits.org/en/v1.0.0/ and turn them into
> changelog and version info.
> - I have modernized the developer container setup to run php 8.4,
> mariadb, ldap and generally provide a more useful developer experience.
> A developer horde can environment can now be set up in less than 5
> minutes though it's still somewhat lacking. Notably, no dovecot email
> components (imp webmail, ingo mail filter).
> - The horde ldap driver seems to be compatible with php 8.4 now. At
> least the way I tested it which does not mean much.
> - Several apps and libraries now run without spamming the logs with
> deprecation warnings just for being installed. Among them are whups
> (tickets), nag (tasks), mnemo (notes), turba (contacts) and kronolith
> (calendar). Testing is very superficial and there is still a lot to do.
> - Some places in the horde base app have been made more resilient
> against missing sections of configuration. You now have a better chance
> of actually using the admin UI when configuring horde.
> - New library horde/phpconfigfile for programmatically editing what it
> says on the tin. This is a building block towards making initial setup
> more pleasant.
> - Some updates in the wiki
>
> This is a team effort. Nobody can drive such a project alone. There's so
> much left to do.
>
> *Contribution
> *
>
> If you want to contribute bug fixes, please open PRs and specifically
> highlight Torben (@tdannhauer) and me (@ralflang). We will probably be
> back to having a stream of activities and PRs across all repos by next
> week but for now that extra notification can help speed up things.
>
> If you want to report issues, please use the mailing list for now. Some
> components have the "issues" feature enabled on github. We also watch
> the known issues wiki page.
>
> *git branch or alpha versions?*
>
> With the tool chain improving, we tend to release new tagged versions as
> soon as a block of work is finished. Thus there is less and less
> incentive to run directly off the development branches.
>
> *The currently recommended settings are:
> *
> composer config minimum-stability dev
> composer config prefer-stable true
>
> You might need to run with an additional switch -W
>    -W, --with-all-dependencies                          Update also
> dependencies of packages in the argument list, including those which are
> root requirement
>
> composer update -W
>
> --
> Horde mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org