Merge branch '11.x' into 12.x

Signed-off-by: Mior Muhammad Zaki <[email protected]>

Author: crynobone

.github/workflows/databases.yml

@@ -293,53 +293,53 @@ jobs:
           DB_USERNAME: SA
           DB_PASSWORD: Forge123
 
-  # mssql_2017:
-  #   runs-on: ubuntu-20.04
-  #   timeout-minutes: 5
-
-  #   services:
-  #     sqlsrv:
-  #       image: mcr.microsoft.com/mssql/server:2017-latest
-  #       env:
-  #         ACCEPT_EULA: Y
-  #         SA_PASSWORD: Forge123
-  #       ports:
-  #         - 1433:1433
-
-  #   strategy:
-  #     fail-fast: true
-
-  #   name: SQL Server 2017
-
-  #   steps:
-  #     - name: Checkout code
-  #       uses: actions/checkout@v4
-
-  #     - name: Setup PHP
-  #       uses: shivammathur/setup-php@v2
-  #       with:
-  #         php-version: 8.3
-  #         extensions: dom, curl, libxml, mbstring, zip, pcntl, sqlsrv, pdo, pdo_sqlsrv, odbc, pdo_odbc, :php-psr
-  #         tools: composer:v2
-  #         coverage: none
-
-  #     - name: Set Framework version
-  #       run: composer config version "12.x-dev"
-
-  #     - name: Install dependencies
-  #       uses: nick-fields/retry@v3
-  #       with:
-  #         timeout_minutes: 5
-  #         max_attempts: 5
-  #         command: composer update --prefer-stable --prefer-dist --no-interaction --no-progress
-
-  #     - name: Execute tests
-  #       run: vendor/bin/phpunit tests/Integration/Database
-  #       env:
-  #         DB_CONNECTION: sqlsrv
-  #         DB_DATABASE: master
-  #         DB_USERNAME: SA
-  #         DB_PASSWORD: Forge123
+  mssql_2017:
+    runs-on: ubuntu-22.04
+    timeout-minutes: 5
+
+    services:
+      sqlsrv:
+        image: mcr.microsoft.com/mssql/server:2017-latest
+        env:
+          ACCEPT_EULA: Y
+          SA_PASSWORD: Forge123
+        ports:
+          - 1433:1433
+
+    strategy:
+      fail-fast: true
+
+    name: SQL Server 2017
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: 8.3
+          extensions: dom, curl, libxml, mbstring, zip, pcntl, sqlsrv, pdo, pdo_sqlsrv, odbc, pdo_odbc, :php-psr
+          tools: composer:v2
+          coverage: none
+
+      - name: Set Framework version
+        run: composer config version "12.x-dev"
+
+      - name: Install dependencies
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 5
+          max_attempts: 5
+          command: composer update --prefer-stable --prefer-dist --no-interaction --no-progress
+
+      - name: Execute tests
+        run: vendor/bin/phpunit tests/Integration/Database
+        env:
+          DB_CONNECTION: sqlsrv
+          DB_DATABASE: master
+          DB_USERNAME: SA
+          DB_PASSWORD: Forge123
 
   sqlite:
     runs-on: ubuntu-24.04

src/Illuminate/Console/Application.php

@@ -8,7 +8,9 @@
 use Illuminate\Contracts\Container\Container;
 use Illuminate\Contracts\Events\Dispatcher;
 use Illuminate\Support\ProcessUtils;
+use ReflectionClass;
 use Symfony\Component\Console\Application as SymfonyApplication;
+use Symfony\Component\Console\Attribute\AsCommand;
 use Symfony\Component\Console\Command\Command as SymfonyCommand;
 use Symfony\Component\Console\Exception\CommandNotFoundException;
 use Symfony\Component\Console\Input\ArrayInput;
@@ -238,12 +240,18 @@ protected function addToParent(SymfonyCommand $command)
      */
     public function resolve($command)
     {
-        if (is_subclass_of($command, SymfonyCommand::class) && ($commandName = $command::getDefaultName())) {
-            foreach (explode('|', $commandName) as $name) {
-                $this->commandMap[$name] = $command;
-            }
+        if (is_subclass_of($command, SymfonyCommand::class)) {
+            $attribute = (new ReflectionClass($command))->getAttributes(AsCommand::class);
+
+            $commandName = ! empty($attribute) ? $attribute[0]->newInstance()->name : null;
 
-            return null;
+            if (! is_null($commandName)) {
+                foreach (explode('|', $commandName) as $name) {
+                    $this->commandMap[$name] = $command;
+                }
+
+                return null;
+            }
         }
 
         if ($command instanceof Command) {

src/Illuminate/Foundation/Console/AboutCommand.php

@@ -183,7 +183,7 @@ protected function gatherApplicationInformation()
             'Config' => static::format($this->laravel->configurationIsCached(), console: $formatCachedStatus),
             'Events' => static::format($this->laravel->eventsAreCached(), console: $formatCachedStatus),
             'Routes' => static::format($this->laravel->routesAreCached(), console: $formatCachedStatus),
-            'Views' => static::format($this->hasPhpFiles($this->laravel->storagePath('framework/views')), console: $formatCachedStatus),
+            'Views' => static::format($this->hasPhpFiles(config('view.compiled')), console: $formatCachedStatus),
         ]);
 
         static::addToSection('Drivers', fn () => array_filter([

src/Illuminate/Foundation/Testing/Concerns/InteractsWithTestCaseLifecycle.php

@@ -23,9 +23,11 @@
 use Illuminate\Foundation\Testing\WithoutMiddleware;
 use Illuminate\Http\Middleware\TrustHosts;
 use Illuminate\Http\Middleware\TrustProxies;
+use Illuminate\Mail\Markdown;
 use Illuminate\Queue\Console\WorkCommand;
 use Illuminate\Queue\Queue;
 use Illuminate\Support\Carbon;
+use Illuminate\Support\EncodedHtmlString;
 use Illuminate\Support\Facades\Facade;
 use Illuminate\Support\Facades\ParallelTesting;
 use Illuminate\Support\Once;
@@ -171,8 +173,10 @@ protected function tearDownTheTestEnvironment(): void
         Component::forgetFactory();
         ConvertEmptyStringsToNull::flushState();
         Factory::flushState();
+        EncodedHtmlString::flushState();
         EncryptCookies::flushState();
         HandleExceptions::flushState();
+        Markdown::flushState();
         Migrator::withoutMigrations([]);
         Once::flush();
         PreventRequestsDuringMaintenance::flushState();

src/Illuminate/Mail/Mailable.php

@@ -13,6 +13,7 @@
 use Illuminate\Contracts\Support\Renderable;
 use Illuminate\Contracts\Translation\HasLocalePreference;
 use Illuminate\Support\Collection;
+use Illuminate\Support\EncodedHtmlString;
 use Illuminate\Support\HtmlString;
 use Illuminate\Support\Str;
 use Illuminate\Support\Traits\Conditionable;
@@ -1371,7 +1372,7 @@ public function assertHasSubject($subject)
      */
     public function assertSeeInHtml($string, $escape = true)
     {
-        $string = $escape ? e($string) : $string;
+        $string = $escape ? EncodedHtmlString::convert($string, withQuote: isset($this->markdown)) : $string;
 
         [$html, $text] = $this->renderForAssertions();
 
@@ -1393,7 +1394,7 @@ public function assertSeeInHtml($string, $escape = true)
      */
     public function assertDontSeeInHtml($string, $escape = true)
     {
-        $string = $escape ? e($string) : $string;
+        $string = $escape ? EncodedHtmlString::convert($string, withQuote: isset($this->markdown)) : $string;
 
         [$html, $text] = $this->renderForAssertions();
 
@@ -1415,7 +1416,9 @@ public function assertDontSeeInHtml($string, $escape = true)
      */
     public function assertSeeInOrderInHtml($strings, $escape = true)
     {
-        $strings = $escape ? array_map(e(...), $strings) : $strings;
+        $strings = $escape ? array_map(function ($string) {
+            return EncodedHtmlString::convert($string, withQuote: isset($this->markdown));
+        }, $strings) : $strings;
 
         [$html, $text] = $this->renderForAssertions();
 

src/Illuminate/Mail/Markdown.php

@@ -3,6 +3,7 @@
 namespace Illuminate\Mail;
 
 use Illuminate\Contracts\View\Factory as ViewFactory;
+use Illuminate\Support\EncodedHtmlString;
 use Illuminate\Support\HtmlString;
 use Illuminate\Support\Str;
 use League\CommonMark\Environment\Environment;
@@ -34,6 +35,13 @@ class Markdown
      */
     protected $componentPaths = [];
 
+    /**
+     * Indicates if secure encoding should be enabled.
+     *
+     * @var bool
+     */
+    protected static $withSecuredEncoding = false;
+
     /**
      * Create a new Markdown renderer instance.
      *
@@ -59,9 +67,37 @@ public function render($view, array $data = [], $inliner = null)
     {
         $this->view->flushFinderCache();
 
-        $contents = $this->view->replaceNamespace(
-            'mail', $this->htmlComponentPaths()
-        )->make($view, $data)->render();
+        $bladeCompiler = $this->view
+            ->getEngineResolver()
+            ->resolve('blade')
+            ->getCompiler();
+
+        $contents = $bladeCompiler->usingEchoFormat(
+            'new \Illuminate\Support\EncodedHtmlString(%s)',
+            function () use ($view, $data) {
+                if (static::$withSecuredEncoding === true) {
+                    EncodedHtmlString::encodeUsing(function ($value) {
+                        $replacements = [
+                            '[' => '\[',
+                            '<' => '&lt;',
+                            '>' => '&gt;',
+                        ];
+
+                        return str_replace(array_keys($replacements), array_values($replacements), $value);
+                    });
+                }
+
+                try {
+                    $contents = $this->view->replaceNamespace(
+                        'mail', $this->htmlComponentPaths()
+                    )->make($view, $data)->render();
+                } finally {
+                    EncodedHtmlString::flushState();
+                }
+
+                return $contents;
+            }
+        );
 
         if ($this->view->exists($customTheme = Str::start($this->theme, 'mail.'))) {
             $theme = $customTheme;
@@ -72,7 +108,7 @@ public function render($view, array $data = [], $inliner = null)
         }
 
         return new HtmlString(($inliner ?: new CssToInlineStyles)->convert(
-            $contents, $this->view->make($theme, $data)->render()
+            str_replace('\[', '[', $contents), $this->view->make($theme, $data)->render()
         ));
     }
 
@@ -100,20 +136,59 @@ public function renderText($view, array $data = [])
      * Parse the given Markdown text into HTML.
      *
      * @param  string  $text
+     * @param  bool  $encoded
      * @return \Illuminate\Support\HtmlString
      */
-    public static function parse($text)
+    public static function parse($text, bool $encoded = false)
     {
-        $environment = new Environment([
+        if ($encoded === false) {
+            return new HtmlString(static::converter()->convert($text)->getContent());
+        }
+
+        if (static::$withSecuredEncoding === true || $encoded === true) {
+            EncodedHtmlString::encodeUsing(function ($value) {
+                $replacements = [
+                    '[' => '\[',
+                    '<' => '\<',
+                ];
+
+                $html = str_replace(array_keys($replacements), array_values($replacements), $value);
+
+                return static::converter([
+                    'html_input' => 'escape',
+                ])->convert($html)->getContent();
+            });
+        }
+
+        $html = '';
+
+        try {
+            $html = static::converter()->convert($text)->getContent();
+        } finally {
+            EncodedHtmlString::flushState();
+        }
+
+        return new HtmlString($html);
+    }
+
+    /**
+     * Get a Markdown converter instance.
+     *
+     * @internal
+     *
+     * @param  array<string, mixed>  $config
+     * @return \League\CommonMark\MarkdownConverter
+     */
+    public static function converter(array $config = [])
+    {
+        $environment = new Environment(array_merge([
             'allow_unsafe_links' => false,
-        ]);
+        ], $config));
 
         $environment->addExtension(new CommonMarkCoreExtension);
         $environment->addExtension(new TableExtension);
 
-        $converter = new MarkdownConverter($environment);
-
-        return new HtmlString($converter->convert($text)->getContent());
+        return new MarkdownConverter($environment);
     }
 
     /**
@@ -185,4 +260,34 @@ public function getTheme()
     {
         return $this->theme;
     }
+
+    /**
+     * Enable secured encoding when parsing Markdown.
+     *
+     * @return void
+     */
+    public static function withSecuredEncoding()
+    {
+        static::$withSecuredEncoding = true;
+    }
+
+    /**
+     * Disable secured encoding when parsing Markdown.
+     *
+     * @return void
+     */
+    public static function withoutSecuredEncoding()
+    {
+        static::$withSecuredEncoding = false;
+    }
+
+    /**
+     * Flush the class's global state.
+     *
+     * @return void
+     */
+    public static function flushState()
+    {
+        static::$withSecuredEncoding = false;
+    }
 }

src/Illuminate/Mail/resources/views/html/button.blade.php

@@ -12,7 +12,7 @@
 <table border="0" cellpadding="0" cellspacing="0" role="presentation">
 <tr>
 <td>
-<a href="{{ $url }}" class="button button-{{ $color }}" target="_blank" rel="noopener">{{ $slot }}</a>
+<a href="{{ $url }}" class="button button-{{ $color }}" target="_blank" rel="noopener">{!! $slot !!}</a>
 </td>
 </tr>
 </table>

src/Illuminate/Mail/resources/views/html/header.blade.php

@@ -5,7 +5,7 @@
 @if (trim($slot) === 'Laravel')
 <img src="https://laravel.com/img/notification-logo.png" class="logo" alt="Laravel Logo">
 @else
-{{ $slot }}
+{!! $slot !!}
 @endif
 </a>
 </td>