Merge branch 'master' into pico-3.0

.github/stale.yml

@@ -1,17 +0,0 @@
-daysUntilStale: 7
-daysUntilClose: 2
-exemptLabels:
-  - "type: Bug"
-  - "type: Enhancement"
-  - "type: Feature"
-  - "type: Idea"
-  - "type: Release"
-  - "info: Pinned"
-staleLabel: "info: Stale"
-markComment: >
-  This issue has been automatically marked as stale because it has not had
-  recent activity. It will be closed in two days if no further activity
-  occurs. Thank you for your contributions! :+1:
-unmarkComment: false
-closeComment: false
-only: issues

.github/workflows/stale.yml

@@ -0,0 +1,28 @@
+name: "Mark or close stale issues and PRs"
+on:
+  schedule:
+    - cron: "0 12 * * *"
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v3
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          days-before-stale: 7
+          days-before-close: 2
+          stale-issue-message: >
+            This issue has been automatically marked as stale because it has not had
+            recent activity. It will be closed in two days if no further activity
+            occurs. Thank you for your contributions! :+1:
+          stale-pr-message: >
+            This pull request has been automatically marked as stale because it has not had
+            recent activity. It will be closed in two days if no further activity
+            occurs. Thank you for your contributions! :+1:
+          stale-pr-label: "info: Stale"
+          stale-issue-label: "info: Stale"
+          exempt-issue-labels: "type: Bug,type: Enhancement,type: Feature,type: Idea,type: Release,info: Pinned"
+          exempt-pr-labels: "type: Bug,type: Enhancement,type: Feature,type: Idea,type: Release,info: Pinned"
+          remove-stale-when-updated: true
+

CHANGELOG.md

@@ -27,6 +27,23 @@ Released: 2020-03-29
             update to Twig 3.0+ and Symfony YAML 5.0+ later
 ```
 
+### Version 2.1.4
+Released: 2020-08-29
+
+```
+* [Changed] Silence PHP errors in Parsedown
+* [Fixed] #560: Improve charset guessing for formatted date strings using
+          `strftime()` (Pico always uses UTF-8, but `strftime()` might not)
+```
+
+### Version 2.1.3
+Released: 2020-07-10
+
+```
+* [New] Add `locale` option to `config/config.yml`
+* [Changed] Improve Pico docs
+```
+
 ### Version 2.1.2
 Released: 2020-04-10
 

CONTRIBUTING.md

@@ -192,7 +192,7 @@ Issues and pull requests labeled with `info: Feedback Needed` indicate that feed
 
 - The `type: Release` label is used in the exact same way as `type: Feature` and indicates the primary pull request of a new Pico release (please refer to the *Branching* and *Build & Release process* sections above).
 
-- The `type: Notice`, `type: Question` and `type: Discussion` labels are used to indicate "fyi" issues, issues opened by users or developers asking questions, and issues with disucssions about arbitrary topics related to Pico. They are neither combined with `pri` labels, nor with `status` labels.
+- The `type: Notice`, `type: Support` and `type: Discussion` labels are used to indicate "fyi" issues, support-related issues (e.g. issues opened by users or developers asking questions), and issues with disucssions about arbitrary topics related to Pico. They are neither combined with `pri` labels, nor with `status` labels.
 
 - The `type: Duplicate` label is used when there is already another issue or pull request related to this problem or feature request. Issues labeled with `type: Duplicate` are immediately closed.
 
@@ -200,7 +200,7 @@ Issues and pull requests labeled with `info: Feedback Needed` indicate that feed
 
 The `status: Deferred` label might get added to any open issue or pull request to indicate that it is still unresolved and will be resolved later. This is also true for the `info: Pinned` label: It indicates a important issue or pull request that remains open on purpose.
 
-After resolving a issue, we usually keep it open for about a week to give users some more time for feedback and further questions. This is especially true for issues with the `type: Notice`, `type: Question`, `type: Discussion` and `type: Invalid` labels. After 7 days with no interaction, [Probot](https://probot.github.io/)'s [Stale](https://github.com/apps/stale) bot adds the `info: Stale` label to the issue to ask the participants whether the issue has been resolved. If no more activity occurs, the issue will be automatically closed by Stale bot 2 days later.
+After resolving a issue, we usually keep it open for about a week to give users some more time for feedback and further questions. This is especially true for issues with the `type: Notice`, `type: Support`, `type: Discussion` and `type: Invalid` labels. After 7 days with no interaction, [Probot](https://probot.github.io/)'s [Stale](https://github.com/apps/stale) bot adds the `info: Stale` label to the issue to ask the participants whether the issue has been resolved. If no more activity occurs, the issue will be automatically closed by Stale bot 2 days later.
 
 Issues and pull requests labeled with `info: Information Needed` indicate that we have asked one of the participants for further information and didn't receive any feedback yet. It is usually added after Stale bot adds the `info: Stale` label to give the participants some more days to give the necessary information.
 

README.md

@@ -4,13 +4,29 @@ Pico
 [![License](https://picocms.github.io/badges/pico-license.svg)](https://github.com/picocms/Pico/blob/master/LICENSE.md)
 [![Version](https://picocms.github.io/badges/pico-version.svg)](https://github.com/picocms/Pico/releases/latest)
 [![Build Status](https://api.travis-ci.org/picocms/Pico.svg?branch=master)](https://travis-ci.org/picocms/Pico)
-[![Freenode IRC Webchat](https://picocms.github.io/badges/pico-chat.svg)](https://webchat.freenode.net/?channels=%23picocms)
+[![Libera.Chat](https://picocms.github.io/badges/pico-chat.svg)](https://web.libera.chat/#picocms)
 [![Open Bounties on Bountysource](https://www.bountysource.com/badge/team?team_id=198139&style=bounties_received)](https://www.bountysource.com/teams/picocms)
 
 Pico is a stupidly simple, blazing fast, flat file CMS.
 
 Visit us at http://picocms.org/ and see http://picocms.org/about/ for more info.
 
+---
+
+### PHP 8.0+ Users
+
+Seeing an `Unparenthesized a ? b : c ? d : e is not supported.` error?
+
+Pico currently has issues with PHP versions newer than 8.0.  This is due to Pico's dependencies, and not Pico itself.  There's currently an "alpha" build of Pico you can download as a [Pre-Bundled Release](https://github.com/picocms/Pico/releases/tag/v3.0.0-alpha.2) that solves this issue.
+
+This "alpha" is **perfectly safe** to use in production, as the *only* changes are **updated dependencies and version number strings**.  If you're curious, you can confirm this by [comparing the changes](https://github.com/picocms/Pico/compare/pico-3.0-alpha) between branches.
+
+More work was intended to be done on this branch, hence the "3.0" label, but it hasn't happened yet.  There's an [on-going discussion](https://github.com/picocms/Pico/issues/608) about getting just these updated dependencies merged in as an official update (either Pico 2.2 or 3.0) as soon as possible.
+
+Sorry for the inconvenience, and thanks to all Pico users for your patience on the matter. ❤️
+
+---
+
 Screenshot
 ----------
 
@@ -77,7 +93,7 @@ Git is a very powerful distributed version-control system - and it can be used t
 
 ### I'm a developer
 
-So, you're one of these amazing folks making all of this possible? We love you guys! As a developer we recommend you to clone [Pico's Git repository][PicoGit] as well as the Git repositories of [Pico's default theme][PicoThemeGit] and the [`PicoDeprecated` plugin][PicoDeprecatedGit]. You can set up your workspace using [Pico's Composer starter project][PicoComposerGit] and include all of Pico's components using local packages.
+So, you're one of these amazing people making all of this possible? We love you folks! As a developer we recommend you to clone [Pico's Git repository][PicoGit] as well as the Git repositories of [Pico's default theme][PicoThemeGit] and the [`PicoDeprecated` plugin][PicoDeprecatedGit]. You can set up your workspace using [Pico's Composer starter project][PicoComposerGit] and include all of Pico's components using local packages.
 
 Using Pico's Git repositories is different from using one of the installation methods elucidated above. It gives you the current development version of Pico, what is likely *unstable* and *not ready for production use*!
 
@@ -189,7 +205,7 @@ If you're a developer, please refer to the "Contributing" section below and our
 
 #### You still need help or experience a problem with Pico?
 
-When the docs can't answer your question, you can get help by joining us on [#picocms on Freenode IRC][Freenode] ([logs][FreenodeLogs]). When you're experiencing problems with Pico, please don't hesitate to create a new [Issue][Issues] on GitHub. Concerning problems with plugins or themes, please refer to the website of the developer of this plugin or theme.
+When the docs can't answer your question, you can get help by joining us on [#picocms on Libera.Chat][LiberaChat] ([logs][LiberaChatLogs]). When you're experiencing problems with Pico, please don't hesitate to create a new [Issue][Issues] on GitHub. Concerning problems with plugins or themes, please refer to the website of the developer of this plugin or theme.
 
 **Before creating a new Issue,** please make sure the problem wasn't reported yet using [GitHubs search engine][IssuesSearch]. Please describe your issue as clear as possible and always include the *Pico version* you're using. Provided that you're using *plugins*, include a list of them too. We need information about the *actual and expected behavior*, the *steps to reproduce* the problem, and what steps you have taken to resolve the problem by yourself (i.e. *your own troubleshooting*).
 
@@ -198,7 +214,7 @@ Contributing
 
 You want to contribute to Pico? We really appreciate that! You can help make Pico better by [contributing code][PullRequests] or [reporting issues][Issues], but please take note of our [contribution guidelines][ContributionGuidelines]. In general you can contribute in three different areas:
 
-1. Plugins & Themes: You're a plugin developer or theme designer? We love you guys! You can find tons of information about how to develop plugins and themes at http://picocms.org/development/. If you have created a plugin or theme, please add it to our [Wiki][], either on the [plugins][WikiPlugins] or [themes][WikiThemes] page. You may also [Submit][] it to our website, where it'll be displayed on the official [plugin][OfficialPlugins] or [theme][OfficialThemes] pages!
+1. Plugins & Themes: You're a plugin developer or theme designer? We love you folks! You can find tons of information about how to develop plugins and themes at http://picocms.org/development/. If you have created a plugin or theme, please add it to our [Wiki][], either on the [plugins][WikiPlugins] or [themes][WikiThemes] page. You may also [Submit][] it to our website, where it'll be displayed on the official [plugin][OfficialPlugins] or [theme][OfficialThemes] pages!
 
 2. Documentation: We always appreciate people improving our documentation. You can either improve the [inline user docs][EditInlineDocs] or the more extensive [user docs on our website][EditUserDocs]. You can also improve the [docs for plugin and theme developers][EditDevDocs]. Simply fork our website's Git repository from https://github.com/picocms/picocms.github.io, change the Markdown files and open a [pull request][PullRequestsWebsite].
 
@@ -245,8 +261,8 @@ Official Pico Contributors won't claim bounties on their own behalf, Pico will n
 [WikiThemes]: https://github.com/picocms/Pico/wiki/Pico-Themes
 [Issues]: https://github.com/picocms/Pico/issues
 [IssuesSearch]: https://github.com/picocms/Pico/search?type=Issues
-[Freenode]: https://webchat.freenode.net/?channels=%23picocms
-[FreenodeLogs]: http://picocms.org/irc-logs
+[LiberaChat]: https://web.libera.chat/#picocms
+[LiberaChatLogs]: http://picocms.org/irc-logs
 [PullRequests]: https://github.com/picocms/Pico/pulls
 [PullRequestsWebsite]: https://github.com/picocms/picocms.github.io/pulls
 [ContributionGuidelines]: https://github.com/picocms/Pico/blob/master/CONTRIBUTING.md

SECURITY.md

@@ -0,0 +1,15 @@
+# Security Policy
+
+## Supported Versions
+
+Only the most recent stable version of Pico is supported.
+
+## Reporting a Vulnerability
+
+To mitigate the impact of possible security issues we ask you to disclose any security issues with Pico privately first ("responsible disclosure"). To do so please send an email to Pico's lead developer:
+
+> Daniel Rudolf \<picocms.org@daniel-rudolf.de\>
+
+You should receive an answer within 48 hours.
+
+All messages with valid security reports will be puslished on GitHub in full text.

composer.json

@@ -32,6 +32,7 @@
     },
     "require": {
         "php": ">=7.2.5",
+        "ext-mbstring": "*",
         "twig/twig": "^3.0",
         "symfony/yaml" : "^5.0",
         "erusev/parsedown": "1.7.4",

config/config.yml.template

@@ -7,6 +7,7 @@ base_url: ~                         # Pico will try to guess its base URL, if th
 rewrite_url: ~                      # A boolean (true or false) indicating whether URL rewriting is forced
 debug: ~                            # Set this to true to enable Pico's debug mode
 timezone: ~                         # Your PHP installation might require you to manually specify a timezone
+locale: ~                           # Your PHP installation might require you to manually specify a locale to use
 
 ##
 # Theme

content-sample/_meta.md

@@ -5,8 +5,8 @@ Social:
     - title: Visit us on GitHub
       url: https://github.com/picocms/Pico
       icon: octocat
-    - title: Join us on Freenode IRC Webchat
-      url: https://webchat.freenode.net/?channels=%23picocms
+    - title: Join us on Libera.Chat
+      url: https://web.libera.chat/#picocms
       icon: chat
     - title: Help us by creating/collecting bounties and pledging to fundraisers
       url: https://www.bountysource.com/teams/picocms

content-sample/index.md

@@ -190,8 +190,7 @@ uses [Twig][] for template rendering. You can select your theme by setting the
 productive website, it's rather a starting point for creating your own theme.
 If the default theme isn't sufficient for you, and you don't want to create
 your own theme, you can use one of the great themes third-party developers and
-designers created in the past. As with plugins, you can find themes in
-[our Wiki][WikiThemes] and on [our website][OfficialThemes].
+designers created in the past. As with plugins, you can find themes on [our website][OfficialThemes].
 
 All themes must include an `index.twig` file to define the HTML structure of
 the theme, and a `pico-theme.yml` to set the necessary config parameters. Just
@@ -486,24 +485,23 @@ url.rewrite-if-not-file = (
 
 ## Documentation
 
-For more help have a look at the Pico documentation at http://picocms.org/docs.
+For more help have a look at the Pico documentation at https://picocms.org/docs/.
 
-[Pico]: http://picocms.org/
+[Pico]: https://picocms.org/
 [PicoTheme]: https://github.com/picocms/pico-theme
 [SampleContents]: https://github.com/picocms/Pico/tree/master/content-sample
-[Markdown]: http://daringfireball.net/projects/markdown/syntax
+[Markdown]: https://daringfireball.net/projects/markdown/syntax
 [MarkdownExtra]: https://michelf.ca/projects/php-markdown/extra/
 [YAML]: https://en.wikipedia.org/wiki/YAML
-[Twig]: http://twig.sensiolabs.org/documentation
-[UnixTimestamp]: https://en.wikipedia.org/wiki/Unix_timestamp
+[Twig]: https://twig.symfony.com/doc/
+[UnixTimestamp]: https://en.wikipedia.org/wiki/Unix_time
 [Composer]: https://getcomposer.org/
-[FeaturesHttpParams]: http://picocms.org/in-depth/features/http-params/
-[FeaturesPageTree]: http://picocms.org/in-depth/features/page-tree/
-[FeaturesPagesFunction]: http://picocms.org/in-depth/features/pages-function/
-[WikiThemes]: https://github.com/picocms/Pico/wiki/Pico-Themes
+[FeaturesHttpParams]: https://picocms.org/in-depth/features/http-params/
+[FeaturesPageTree]: https://picocms.org/in-depth/features/page-tree/
+[FeaturesPagesFunction]: https://picocms.org/in-depth/features/pages-function/
 [WikiPlugins]: https://github.com/picocms/Pico/wiki/Pico-Plugins
-[OfficialThemes]: http://picocms.org/themes/
-[PluginUpgrade]: http://picocms.org/development/#upgrade
+[OfficialThemes]: https://picocms.org/themes/
+[PluginUpgrade]: https://picocms.org/development/#migrating-plugins
 [ModRewrite]: https://httpd.apache.org/docs/current/mod/mod_rewrite.html
 [AllowOverride]: https://httpd.apache.org/docs/current/mod/core.html#allowoverride
-[NginxConfig]: http://picocms.org/in-depth/nginx/
+[NginxConfig]: https://picocms.org/in-depth/nginx/

lib/Pico.php

@@ -940,6 +940,7 @@ class Pico
             'rewrite_url' => null,
             'debug' => null,
             'timezone' => null,
+            'locale' => null,
             'theme' => 'default',
             'theme_config' => null,
             'theme_meta' => null,
@@ -978,6 +979,10 @@ class Pico
         }
         date_default_timezone_set($this->config['timezone']);
 
+        if ($this->config['locale'] !== null) {
+            setlocale(LC_ALL, $this->config['locale']);
+        }
+
         if (!$this->config['plugins_url']) {
             $this->config['plugins_url'] = $this->getUrlFromPath($this->getPluginsDir());
         } else {
@@ -1523,8 +1528,17 @@ class Pico
             }
 
             if (empty($meta['date_formatted'])) {
-                $dateFormat = $this->getConfig('date_format');
-                $meta['date_formatted'] = $meta['time'] ? utf8_encode(strftime($dateFormat, $meta['time'])) : '';
+                if ($meta['time']) {
+                    $encodingList = mb_detect_order();
+                    if ($encodingList === array('ASCII', 'UTF-8')) {
+                        $encodingList[] = 'Windows-1252';
+                    }
+
+                    $rawFormattedDate = strftime($this->getConfig('date_format'), $meta['time']);
+                    $meta['date_formatted'] = mb_convert_encoding($rawFormattedDate, 'UTF-8', $encodingList);
+                } else {
+                    $meta['date_formatted'] = '';
+                }
             }
         } else {
             // guarantee array key existance
@@ -1688,7 +1702,7 @@ class Pico
     public function parseFileContent($markdown, $singleLine = false)
     {
         $markdownParser = $this->getParsedown();
-        return !$singleLine ? $markdownParser->text($markdown) : $markdownParser->line($markdown);
+        return !$singleLine ? @$markdownParser->text($markdown) : @$markdownParser->line($markdown);
     }
 
     /**