[stable32] build(deps): bump phpseclib/phpseclib from 2.0.47 to 2.0.52

.github/dependabot.yml

@@ -7,6 +7,8 @@ updates:
     include: "scope"
   schedule:
     interval: "monthly"
+  cooldown:
+    default-days: 7
 
 - package-ecosystem: composer
   directory: "/"
@@ -28,6 +30,8 @@ updates:
       applies-to: version-updates
       patterns:
         - "symfony/*"
+  cooldown:
+    default-days: 7
 
 - package-ecosystem: composer
   directory: "/"
@@ -53,6 +57,8 @@ updates:
       applies-to: version-updates
       patterns:
         - "symfony/*"
+  cooldown:
+    default-days: 7
 
 - package-ecosystem: composer
   directory: "/"
@@ -78,3 +84,5 @@ updates:
       applies-to: version-updates
       patterns:
         - "symfony/*"
+  cooldown:
+    default-days: 7

.github/workflows/composer-auto.yml

@@ -48,7 +48,7 @@ jobs:
       - name: Add reaction on start
         uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
         with:
-          token: ${{ secrets.COMMAND_BOT_PAT }}
+          token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env]
           repository: ${{ github.event.repository.full_name }}
           comment-id: ${{ github.event.comment.id }}
           reactions: '+1'
@@ -61,7 +61,7 @@ jobs:
         uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
         if: failure()
         with:
-          token: ${{ secrets.COMMAND_BOT_PAT }}
+          token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env]
           repository: ${{ github.event.repository.full_name }}
           comment-id: ${{ github.event.comment.id }}
           reactions: '-1'
@@ -72,10 +72,10 @@ jobs:
 
     steps:
       - name: Checkout ${{ needs.init.outputs.head_ref }}
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           persist-credentials: true
-          token: ${{ secrets.COMMAND_BOT_PAT }}
+          token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env]
           fetch-depth: 0
           ref: ${{ needs.init.outputs.head_ref }}
 
@@ -85,7 +85,7 @@ jobs:
           git config --local user.name 'nextcloud-command'
 
       - name: Set up php
-        uses: shivammathur/setup-php@ec406be512d7077f68eed36e63f4d91bc006edc4 # v2.35.4
+        uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
         with:
           php-version: 8.1
           coverage: none
@@ -115,7 +115,7 @@ jobs:
         uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
         if: failure()
         with:
-          token: ${{ secrets.COMMAND_BOT_PAT }}
+          token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env]
           repository: '${{ github.event.repository.full_name }}'
           comment-id: '${{ github.event.comment.id }}'
           reactions: '-1'

.github/workflows/composer.yml

@@ -17,12 +17,12 @@ jobs:
     name: Check vendor changes
     steps:
     - name: Checkout
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
       with:
         persist-credentials: false
 
     - name: Set up php
-      uses: shivammathur/setup-php@ec406be512d7077f68eed36e63f4d91bc006edc4 # v2.35.4
+      uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
       with:
         php-version: 8.1
         coverage: none

.github/workflows/lint-php.yml

@@ -25,12 +25,12 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           persist-credentials: false
 
       - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@0f7f1d08e3e32076e51cae65eb0b0c871405b16e #v2.34.1
+        uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
         with:
           php-version: ${{ matrix.php-versions }}
           extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite

composer.json

@@ -43,7 +43,7 @@
 		"pear/pear-core-minimal": "^1.10",
 		"php-http/guzzle7-adapter": "^1.1.0",
 		"php-opencloud/openstack": "^3.14",
-		"phpseclib/phpseclib": "^2.0.45",
+		"phpseclib/phpseclib": "^2.0.52",
 		"pimple/pimple": "^3.5.0",
 		"psr/clock": "^1.0",
 		"psr/container": "^2.0.2",

composer/installed.json

@@ -2910,25 +2910,25 @@
         },
         {
             "name": "phpseclib/phpseclib",
-            "version": "2.0.47",
-            "version_normalized": "2.0.47.0",
+            "version": "2.0.52",
+            "version_normalized": "2.0.52.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phpseclib/phpseclib.git",
-                "reference": "b7d7d90ee7df7f33a664b4aea32d50a305d35adb"
+                "reference": "2552c4001631d1cc844332faea6a08a49c964b28"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/b7d7d90ee7df7f33a664b4aea32d50a305d35adb",
-                "reference": "b7d7d90ee7df7f33a664b4aea32d50a305d35adb",
+                "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/2552c4001631d1cc844332faea6a08a49c964b28",
+                "reference": "2552c4001631d1cc844332faea6a08a49c964b28",
                 "shasum": ""
             },
             "require": {
                 "php": ">=5.3.3"
             },
             "require-dev": {
                 "phing/phing": "~2.7",
-                "phpunit/phpunit": "^4.8.35|^5.7|^6.0|^9.4",
+                "phpunit/phpunit": "^4.8.35|^5.7|^6.0|^8.5|^9.4",
                 "squizlabs/php_codesniffer": "~2.0"
             },
             "suggest": {
@@ -2938,7 +2938,7 @@
                 "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations.",
                 "ext-xml": "Install the XML extension to load XML formatted public keys."
             },
-            "time": "2024-02-26T04:55:38+00:00",
+            "time": "2026-03-19T02:54:44+00:00",
             "type": "library",
             "installation-source": "dist",
             "autoload": {
@@ -3003,7 +3003,7 @@
             ],
             "support": {
                 "issues": "https://github.com/phpseclib/phpseclib/issues",
-                "source": "https://github.com/phpseclib/phpseclib/tree/2.0.47"
+                "source": "https://github.com/phpseclib/phpseclib/tree/2.0.52"
             },
             "funding": [
                 {

composer/installed.php

@@ -410,9 +410,9 @@
             'dev_requirement' => false,
         ),
         'phpseclib/phpseclib' => array(
-            'pretty_version' => '2.0.47',
-            'version' => '2.0.47.0',
-            'reference' => 'b7d7d90ee7df7f33a664b4aea32d50a305d35adb',
+            'pretty_version' => '2.0.52',
+            'version' => '2.0.52.0',
+            'reference' => '2552c4001631d1cc844332faea6a08a49c964b28',
             'type' => 'library',
             'install_path' => __DIR__ . '/../phpseclib/phpseclib',
             'aliases' => array(),

phpseclib/phpseclib/phpseclib/Crypt/Base.php

@@ -512,6 +512,11 @@ function __construct($mode = self::MODE_CBC)
 
         if (!defined('CRYPT_BASE_USE_REG_INTVAL')) {
             switch (true) {
+                // PHP 8.5, per https://www.php.net/manual/en/migration85.incompatible.php, now emits a warning
+                // "when casting floats (or strings that look like floats) to int if they cannot be represented as one"
+                case PHP_VERSION_ID >= 80500 && PHP_INT_SIZE == 4:
+                    define('CRYPT_BASE_USE_REG_INTVAL', false);
+                    break;
                 // PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster
                 case (PHP_OS & "\xDF\xDF\xDF") === 'WIN':
                 case !function_exists('php_uname'):
@@ -611,7 +616,6 @@ function getBlockLength()
      *
      * @access public
      * @param string $key
-     * @internal Could, but not must, extend by the child Crypt_* class
      */
     function setKey($key)
     {
@@ -2070,7 +2074,7 @@ function _unpad($text)
 
         $length = ord($text[strlen($text) - 1]);
 
-        if (!$length || $length > $this->block_size) {
+        if (!$length | ($length > $this->block_size)) {
             return false;
         }
 

phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php

@@ -401,11 +401,11 @@ function __construct($mode = self::MODE_CBC)
     {
         parent::__construct($mode);
 
-        $this->sbox0 = array_map('intval', $this->sbox0);
-        $this->sbox1 = array_map('intval', $this->sbox1);
-        $this->sbox2 = array_map('intval', $this->sbox2);
-        $this->sbox3 = array_map('intval', $this->sbox3);
-        $this->parray = array_map('intval', $this->parray);
+        $this->sbox0 = array_map(array($this, 'safe_intval'), $this->sbox0);
+        $this->sbox1 = array_map(array($this, 'safe_intval'), $this->sbox1);
+        $this->sbox2 = array_map(array($this, 'safe_intval'), $this->sbox2);
+        $this->sbox3 = array_map(array($this, 'safe_intval'), $this->sbox3);
+        $this->parray = array_map(array($this, 'safe_intval'), $this->parray);
     }
 
     /**

phpseclib/phpseclib/phpseclib/Crypt/DES.php

@@ -147,6 +147,14 @@ class DES extends Base
      */
     var $keys;
 
+    /**
+     * Key Cache "key"
+     *
+     * @see self::setupKey()
+     * @var array
+     */
+    var $kl;
+
     /**
      * Shuffle table.
      *
@@ -681,14 +689,14 @@ function _processBlock($block, $mode)
     {
         static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip;
         if (!$sbox1) {
-            $sbox1 = array_map("intval", $this->sbox1);
-            $sbox2 = array_map("intval", $this->sbox2);
-            $sbox3 = array_map("intval", $this->sbox3);
-            $sbox4 = array_map("intval", $this->sbox4);
-            $sbox5 = array_map("intval", $this->sbox5);
-            $sbox6 = array_map("intval", $this->sbox6);
-            $sbox7 = array_map("intval", $this->sbox7);
-            $sbox8 = array_map("intval", $this->sbox8);
+            $sbox1 = array_map(array($this, 'safe_intval'), $this->sbox1);
+            $sbox2 = array_map(array($this, 'safe_intval'), $this->sbox2);
+            $sbox3 = array_map(array($this, 'safe_intval'), $this->sbox3);
+            $sbox4 = array_map(array($this, 'safe_intval'), $this->sbox4);
+            $sbox5 = array_map(array($this, 'safe_intval'), $this->sbox5);
+            $sbox6 = array_map(array($this, 'safe_intval'), $this->sbox6);
+            $sbox7 = array_map(array($this, 'safe_intval'), $this->sbox7);
+            $sbox8 = array_map(array($this, 'safe_intval'), $this->sbox8);
             /* Merge $shuffle with $[inv]ipmap */
             for ($i = 0; $i < 256; ++$i) {
                 $shuffleip[]    =  $this->shuffle[$this->ipmap[$i]];
@@ -1252,9 +1260,9 @@ function _setupKey()
                       $pc2mapd3[($d >>  8) & 0xFF] | $pc2mapd4[ $d        & 0xFF];
 
                 // Reorder: odd bytes/even bytes. Push the result in key schedule.
-                $val1 = ( $cp        & intval(0xFF000000)) | (($cp <<  8) & 0x00FF0000) |
+                $val1 = ( $cp        & $this->safe_intval(0xFF000000)) | (($cp <<  8) & 0x00FF0000) |
                         (($dp >> 16) & 0x0000FF00) | (($dp >>  8) & 0x000000FF);
-                $val2 = (($cp <<  8) & intval(0xFF000000)) | (($cp << 16) & 0x00FF0000) |
+                $val2 = (($cp <<  8) & $this->safe_intval(0xFF000000)) | (($cp << 16) & 0x00FF0000) |
                         (($dp >>  8) & 0x0000FF00) | ( $dp        & 0x000000FF);
                 $keys[$des_round][self::ENCRYPT][       ] = $val1;
                 $keys[$des_round][self::DECRYPT][$ki - 1] = $val1;
@@ -1324,14 +1332,14 @@ function _setupInlineCrypt()
             // Init code for both, encrypt and decrypt.
             $init_crypt = 'static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip;
                 if (!$sbox1) {
-                    $sbox1 = array_map("intval", $self->sbox1);
-                    $sbox2 = array_map("intval", $self->sbox2);
-                    $sbox3 = array_map("intval", $self->sbox3);
-                    $sbox4 = array_map("intval", $self->sbox4);
-                    $sbox5 = array_map("intval", $self->sbox5);
-                    $sbox6 = array_map("intval", $self->sbox6);
-                    $sbox7 = array_map("intval", $self->sbox7);
-                    $sbox8 = array_map("intval", $self->sbox8);'
+                    $sbox1 = array_map(array($self, "safe_intval"), $self->sbox1);
+                    $sbox2 = array_map(array($self, "safe_intval"), $self->sbox2);
+                    $sbox3 = array_map(array($self, "safe_intval"), $self->sbox3);
+                    $sbox4 = array_map(array($self, "safe_intval"), $self->sbox4);
+                    $sbox5 = array_map(array($self, "safe_intval"), $self->sbox5);
+                    $sbox6 = array_map(array($self, "safe_intval"), $self->sbox6);
+                    $sbox7 = array_map(array($self, "safe_intval"), $self->sbox7);
+                    $sbox8 = array_map(array($self, "safe_intval"), $self->sbox8);'
                     /* Merge $shuffle with $[inv]ipmap */ . '
                     for ($i = 0; $i < 256; ++$i) {
                         $shuffleip[]    =  $self->shuffle[$self->ipmap[$i]];