search

crowdsecurity / cs-wordpress-bouncer

CrowdSec is an open-source cyber security tool. This plugin blocks detected attackers or display them a captcha to check they are not bots.
https://wordpress.org/plugins/crowdsec/
MIT License
34 stars 6 forks source link

[BUG] new plugin update conflict with other plugin #153

Closed volfadar closed 3 months ago

volfadar commented 3 months ago

conflict with fontsampler plugin https://wordpress.org/plugins/fontsampler/

[18-Jun-2024 02:23:01 UTC] PHP Fatal error:  Cannot redeclare twig_cycle() (previously declared in ROOT_FOLDER/plugins/fontsampler/vendor/twig/twig/src/Extension/CoreExtension.php:324) in ROOT_FOLDER/wp-content/plugins/crowdsec_/vendor/twig/twig/src/Resources/core.php on line 20
julienloizelet commented 3 months ago

Hi @volfadar,

Thanks for your message.

To be honest, I don’t know how to handle this issue.

To me it seems the likely cause is two different plugins using the same library and possibly different versions of it.

The CrowdSec plugin has a dependency on twig, and I suppose it is the same for the fontsampler plugin.

When you say "new plugin update conflict", does it mean that it was working with an older version of the CrowdSec plugin ? If yes, can you tell me which version it was, so I will be able to compare.

Thanks

volfadar commented 3 months ago

Hi @volfadar,

Thanks for your message.

To be honest, I don’t know how to handle this issue.

To me it seems the likely cause is two different plugins using the same library and possibly different versions of it.

The CrowdSec plugin has a dependency on twig, and I suppose it is the same for the fontsampler plugin.

When you say "new plugin update conflict", does it mean that it was working with an older version of the CrowdSec plugin ? If yes, can you tell me which version it was, so I will be able to compare.

Thanks

So Twig is not the new thing? That's very strange because it was working in the previous version. I've downgraded to an earlier version (2.6.3), and it's still working perfectly.

julienloizelet commented 3 months ago

So Twig is not the new thing?

Twig has been introduced in release 1.10.0 (2022-12-01).

But the code of such a library evolves, and, as far as I understand, the last update ends up with a conflict between this plugin and the fontsampler one.

Looking at the diff between release 2.6.3 and 2.6.4, I can see that Twig has been updated from 3.8.0 to 3.10.3: we could force the version to always be 3.8.0, but then we might miss some important updates (such as security updates).

Furthermore, setting the twig version to 3.8.0 won't protect us from potential conflicts with other plugins.

I'll ask the team for their opinion and see what we can do.

Thanks

P.S: it appears that the fontsampler plugin is not updated (is it still maintained ?) and conflicts with other plugins using Twig:

P.S2: the most robust solution should be to implement scoping solution :

julienloizelet commented 3 months ago

Hi @volfadar ,

I've just published a new 2.6.6 release: CrowdSec plugin does not use Twig anymore to render html.

This should eliminate any conflict with the fontsampler plugin. (and all other plugins and themes using Twig)

Could you try and let me know if it is ok for you ?

Thanks again

volfadar commented 2 months ago

Hi @volfadar ,

I've just published a new 2.6.6 release: CrowdSec plugin does not use Twig anymore to render html.

This should eliminate any conflict with the fontsampler plugin. (and all other plugins and themes using Twig)

Could you try and let me know if it is ok for you ?

Thanks again

Wow, amazing! I've tested the update, and it doesn't break or conflict with any of the plugins I have. Fontsampler may not be well-maintained, but it's still working until now. I specialize in web development for font creators, so I have many websites that depend on Fontsampler. I really appreciate the effort—great job, team! Anyway, sorry for the late reply; I've been busy this past week.