Shared security patch analysis results
AI Used: DEEPSEEK deepseek-chat--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Plugins/Import/ImportMediawikiTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Plugins/Import/ImportMediawikiTest.php@@ -60,23 +60,11 @@ public function testGetProperties(): void { $properties = $this->object->getProperties();- $this->assertEquals(- __('MediaWiki Table'),- $properties->getText()- );- $this->assertEquals(- 'txt',- $properties->getExtension()- );- $this->assertEquals(- 'text/plain',- $properties->getMimeType()- );- $this->assertNull($properties->getOptions());- $this->assertEquals(- __('Options'),- $properties->getOptionsText()- );+ self::assertSame(__('MediaWiki Table'), $properties->getText());+ self::assertSame('txt', $properties->getExtension());+ self::assertSame('text/plain', $properties->getMimeType());+ self::assertNull($properties->getOptions());+ self::assertSame(__('Options'), $properties->getOptionsText()); } /**@@ -115,14 +103,61 @@ */ //asset that all databases and tables are imported- $this->assertStringContainsString(+ self::assertStringContainsString( 'The following structures have either been created or altered.', $import_notice );- $this->assertStringContainsString('Go to database: `mediawiki_DB`', $import_notice);- $this->assertStringContainsString('Edit settings for `mediawiki_DB`', $import_notice);- $this->assertStringContainsString('Go to table: `pma_bookmarktest`', $import_notice);- $this->assertStringContainsString('Edit settings for `pma_bookmarktest`', $import_notice);- $this->assertTrue($GLOBALS['finished']);+ self::assertStringContainsString('Go to database: `mediawiki_DB`', $import_notice);+ self::assertStringContainsString('Edit settings for `mediawiki_DB`', $import_notice);+ self::assertStringContainsString('Go to table: `pma_bookmarktest`', $import_notice);+ self::assertStringContainsString('Edit settings for `pma_bookmarktest`', $import_notice);+ self::assertTrue($GLOBALS['finished']);+ }++ /**+ * Test for doImport+ *+ * @group medium+ */+ public function testDoImportWithEmptyTable(): void+ {+ //$import_notice will show the import detail result+ global $import_notice;++ //Mock DBI+ $dbi = $this->getMockBuilder(DatabaseInterface::class)+ ->disableOriginalConstructor()+ ->getMock();+ $GLOBALS['dbi'] = $dbi;++ $importHandle = new File('test/test_data/__slashes.mediawiki');+ $importHandle->open();++ //Test function called+ $this->object->doImport($importHandle);++ // If import successfully, PMA will show all databases and+ // tables imported as following HTML Page+ /*+ The following structures have either been created or altered. Here you+ can:+ View a structure's contents by clicking on its name+ Change any of its settings by clicking the corresponding "Options" link+ Edit structure by following the "Structure" link++ mediawiki_DB (Options)+ pma_bookmarktest (Structure) (Options)+ */++ //asset that all databases and tables are imported+ self::assertStringContainsString(+ 'The following structures have either been created or altered.',+ $import_notice+ );+ self::assertStringContainsString('Go to database: `mediawiki_DB`', $import_notice);+ self::assertStringContainsString('Edit settings for `mediawiki_DB`', $import_notice);+ self::assertStringContainsString('Go to table: `empty`', $import_notice);+ self::assertStringContainsString('Edit settings for `empty`', $import_notice);+ self::assertTrue($GLOBALS['finished']); } }
After analyzing the provided code diff, I don't find any security vulnerabilities being fixed. The changes appear to be test code improvements and additions, with the following notable changes:
1. The test assertions were changed from `assertEquals` to `assertSame` for more strict comparison
2. A new test case `testDoImportWithEmptyTable` was added
3. The changes are all related to test functionality and don't impact production code security
Here's the analysis following your requested format:
Vulnerability Existed: no
No security vulnerability found in test code changes [File] [Lines 60-115]
[Old test assertions using assertEquals]
[Fixed test assertions using assertSame]
Vulnerability Existed: no
No security vulnerability found in new test case [File] [Lines 103-161]
[No old code - new test case added]
[New test case for empty table import scenario]
The changes appear to be test code improvements and additions rather than security fixes. The modifications focus on making test assertions more strict and adding test coverage for empty table imports.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Plugins/Import/ImportOdsTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Plugins/Import/ImportOdsTest.php@@ -66,18 +66,9 @@ public function testGetProperties(): void { $properties = $this->object->getProperties();- $this->assertEquals(- __('OpenDocument Spreadsheet'),- $properties->getText()- );- $this->assertEquals(- 'ods',- $properties->getExtension()- );- $this->assertEquals(- __('Options'),- $properties->getOptionsText()- );+ self::assertSame(__('OpenDocument Spreadsheet'), $properties->getText());+ self::assertSame('ods', $properties->getExtension());+ self::assertSame(__('Options'), $properties->getOptionsText()); } /**@@ -104,31 +95,31 @@ //Test function called $this->object->doImport($importHandle);- $this->assertStringContainsString(+ self::assertStringContainsString( 'CREATE DATABASE IF NOT EXISTS `ODS_DB` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci', $sql_query );- $this->assertStringContainsString('CREATE TABLE IF NOT EXISTS `ODS_DB`.`pma_bookmark`', $sql_query);- $this->assertStringContainsString(+ self::assertStringContainsString('CREATE TABLE IF NOT EXISTS `ODS_DB`.`pma_bookmark`', $sql_query);+ self::assertStringContainsString( 'INSERT INTO `ODS_DB`.`pma_bookmark` (`A`, `B`, `C`, `D`) VALUES (1, \'dbbase\', NULL, \'ddd\');', $sql_query ); //asset that all databases and tables are imported- $this->assertStringContainsString(+ self::assertStringContainsString( 'The following structures have either been created or altered.', $import_notice );- $this->assertStringContainsString('Go to database: `ODS_DB`', $import_notice);- $this->assertStringContainsString('Edit settings for `ODS_DB`', $import_notice);- $this->assertStringContainsString('Go to table: `pma_bookmark`', $import_notice);- $this->assertStringContainsString('Edit settings for `pma_bookmark`', $import_notice);+ self::assertStringContainsString('Go to database: `ODS_DB`', $import_notice);+ self::assertStringContainsString('Edit settings for `ODS_DB`', $import_notice);+ self::assertStringContainsString('Go to table: `pma_bookmark`', $import_notice);+ self::assertStringContainsString('Edit settings for `pma_bookmark`', $import_notice); //asset that the import process is finished- $this->assertTrue($GLOBALS['finished']);- }-- public function dataProviderOdsEmptyRows(): array+ self::assertTrue($GLOBALS['finished']);+ }++ public static function dataProviderOdsEmptyRows(): array { return [ 'remove empty columns' => [true],@@ -173,73 +164,68 @@ //Test function called $this->object->doImport($importHandle);- $this->assertSame(- 'CREATE DATABASE IF NOT EXISTS `ODS_DB` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;;'- . 'CREATE TABLE IF NOT EXISTS `ODS_DB`.`Shop` ('- . '`Artikelnummer` varchar(7), `Name` varchar(41), `keywords` varchar(15), `EK_Preis` varchar(21),'- . ' `Preis` varchar(23), `Details` varchar(10), `addInfo` varchar(22), `Einheit` varchar(3),'- . ' `Wirkstoff` varchar(10), `verkuerztHaltbar` varchar(21), `kuehlkette` varchar(7),'- . ' `Gebinde` varchar(71), `Verbrauchsnachweis` varchar(7), `Genehmigungspflichtig` varchar(7),'- . ' `Gefahrstoff` varchar(11), `GefahrArbeitsbereich` varchar(14), `Verwendungszweck` varchar(10),'- . ' `Verbrauch` varchar(10), `showLagerbestand` varchar(7)) '- . 'DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;;'- . 'CREATE TABLE IF NOT EXISTS `ODS_DB`.`Feuille 1` (`value` varchar(19)) '- . 'DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;;'- . 'INSERT INTO `ODS_DB`.`Shop` ('- . '`Artikelnummer`, `Name`, `keywords`, `EK_Preis`, `Preis`, `Details`, `addInfo`, `Einheit`,'- . ' `Wirkstoff`, `verkuerztHaltbar`, `kuehlkette`, `Gebinde`, `Verbrauchsnachweis`,'- . ' `Genehmigungspflichtig`, `Gefahrstoff`, `GefahrArbeitsbereich`, `Verwendungszweck`,'- . ' `Verbrauch`, `showLagerbestand`) VALUES ('- . 'NULL, NULL, \'Schlüsselwörter\', \'Einkaufspreis (Netto)\', \'VK-Preis (Orientierung)\', NULL,'- . ' \'Hintergrundinformation\', \'VPE\', NULL, \'verkürzte Haltbarkeit\', \'ja/nein\','- . ' \'Stück,Rolle,Pack,Flasche,Sack,Eimer,Karton,Palette,Beutel,Kanister,Paar\', \'ja/nein\','- . ' \'ja/nein\', \'GHS01-GHS09\', \'Arbeitsbereich\', NULL, NULL, \'ja/nein\'),' . "\n"- . ' (\'1005\', \'Beatmungsfilter\', NULL, \'0.85\', \'1,2\', NULL, NULL, \'5\', NULL, NULL, \'nein\','- . ' \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"- . ' (\'04-3-06\', \'Absaugkatheter, CH06 grün\', NULL, \'0.13\', \'0,13\', NULL, NULL, \'1\','- . ' NULL, NULL,'- . ' NULL, \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"- . ' (\'04-3-10\', \'Absaugkatheter, CH10 schwarz\', NULL, \'0.13\', \'0,13\', NULL, NULL, \'1\','- . ' NULL, NULL, NULL, \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"- . ' (\'04-3-18\', \'Absaugkatheter, CH18 rot\', NULL, \'0.13\', \'0,13\', NULL, NULL, \'1\','- . ' NULL, NULL, NULL, \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"- . ' (\'06-38\', \'Bakterienfilter\', NULL, \'1.25\', \'1,25\', NULL, NULL, \'1\', NULL, NULL, NULL,'- . ' \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"- . ' (\'05-453\', \'Blockerspritze für Larynxtubus, Erwachsen\', NULL, \'2.6\', \'2,6\', NULL, NULL,'- . ' \'1\', NULL, NULL, NULL, \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"- . ' (\'04-402\', \'Absaugschlauch mit Fingertip für Accuvac\', NULL, \'1.7\', \'1,7\', NULL, NULL,'- . ' \'1\', NULL, NULL, NULL, \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"- . ' (\'02-580\', \'Einmalbeatmungsbeutel, Erwachsen\', NULL, \'8.9\', \'8,9\', NULL, NULL,'- . ' \'1\', NULL, NULL, NULL, \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\''- . $endOfSql- . 'INSERT INTO `ODS_DB`.`Feuille 1` (`value`) VALUES ('- . '\'[email protected]\'),' . "\n"- . ' (\'123 45\'),' . "\n"- . ' (\'123 \'),' . "\n"- . ' (\'[email protected]\'),' . "\n"- . ' (\'https://example.org\'),' . "\n"- . ' (\'example.txt\'),' . "\n"- . ' (\'\\\'Feuille 1\\\'!A1:A4\'),' . "\n"- . ' (\'1,50\'),' . "\n"- . ' (\'0.05\'),' . "\n"- . ' (\'true\'),' . "\n"- . ' (\'12\')'- . ($odsEmptyRowsMode ? '' : ',' . "\n" . ' (NULL)')- . ($odsEmptyRowsMode ? ';;' : ',' . "\n" . ' (NULL);;'),- $sql_query- );+ self::assertSame('CREATE DATABASE IF NOT EXISTS `ODS_DB` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;;'+ . 'CREATE TABLE IF NOT EXISTS `ODS_DB`.`Shop` ('+ . '`Artikelnummer` varchar(7), `Name` varchar(41), `keywords` varchar(15), `EK_Preis` varchar(21),'+ . ' `Preis` varchar(23), `Details` varchar(10), `addInfo` varchar(22), `Einheit` varchar(3),'+ . ' `Wirkstoff` varchar(10), `verkuerztHaltbar` varchar(21), `kuehlkette` varchar(7),'+ . ' `Gebinde` varchar(71), `Verbrauchsnachweis` varchar(7), `Genehmigungspflichtig` varchar(7),'+ . ' `Gefahrstoff` varchar(11), `GefahrArbeitsbereich` varchar(14), `Verwendungszweck` varchar(10),'+ . ' `Verbrauch` varchar(10), `showLagerbestand` varchar(7));;'+ . 'CREATE TABLE IF NOT EXISTS `ODS_DB`.`Feuille 1` (`value` varchar(19));;'+ . 'INSERT INTO `ODS_DB`.`Shop` ('+ . '`Artikelnummer`, `Name`, `keywords`, `EK_Preis`, `Preis`, `Details`, `addInfo`, `Einheit`,'+ . ' `Wirkstoff`, `verkuerztHaltbar`, `kuehlkette`, `Gebinde`, `Verbrauchsnachweis`,'+ . ' `Genehmigungspflichtig`, `Gefahrstoff`, `GefahrArbeitsbereich`, `Verwendungszweck`,'+ . ' `Verbrauch`, `showLagerbestand`) VALUES ('+ . 'NULL, NULL, \'Schlüsselwörter\', \'Einkaufspreis (Netto)\', \'VK-Preis (Orientierung)\', NULL,'+ . ' \'Hintergrundinformation\', \'VPE\', NULL, \'verkürzte Haltbarkeit\', \'ja/nein\','+ . ' \'Stück,Rolle,Pack,Flasche,Sack,Eimer,Karton,Palette,Beutel,Kanister,Paar\', \'ja/nein\','+ . ' \'ja/nein\', \'GHS01-GHS09\', \'Arbeitsbereich\', NULL, NULL, \'ja/nein\'),' . "\n"+ . ' (\'1005\', \'Beatmungsfilter\', NULL, \'0.85\', \'1,2\', NULL, NULL, \'5\', NULL, NULL, \'nein\','+ . ' \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"+ . ' (\'04-3-06\', \'Absaugkatheter, CH06 grün\', NULL, \'0.13\', \'0,13\', NULL, NULL, \'1\','+ . ' NULL, NULL,'+ . ' NULL, \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"+ . ' (\'04-3-10\', \'Absaugkatheter, CH10 schwarz\', NULL, \'0.13\', \'0,13\', NULL, NULL, \'1\','+ . ' NULL, NULL, NULL, \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"+ . ' (\'04-3-18\', \'Absaugkatheter, CH18 rot\', NULL, \'0.13\', \'0,13\', NULL, NULL, \'1\','+ . ' NULL, NULL, NULL, \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"+ . ' (\'06-38\', \'Bakterienfilter\', NULL, \'1.25\', \'1,25\', NULL, NULL, \'1\', NULL, NULL, NULL,'+ . ' \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"+ . ' (\'05-453\', \'Blockerspritze für Larynxtubus, Erwachsen\', NULL, \'2.6\', \'2,6\', NULL, NULL,'+ . ' \'1\', NULL, NULL, NULL, \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"+ . ' (\'04-402\', \'Absaugschlauch mit Fingertip für Accuvac\', NULL, \'1.7\', \'1,7\', NULL, NULL,'+ . ' \'1\', NULL, NULL, NULL, \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\'),' . "\n"+ . ' (\'02-580\', \'Einmalbeatmungsbeutel, Erwachsen\', NULL, \'8.9\', \'8,9\', NULL, NULL,'+ . ' \'1\', NULL, NULL, NULL, \'Stück\', \'nein\', \'nein\', NULL, NULL, NULL, NULL, \'ja\''+ . $endOfSql+ . 'INSERT INTO `ODS_DB`.`Feuille 1` (`value`) VALUES ('+ . '\'[email protected]\'),' . "\n"+ . ' (\'123 45\'),' . "\n"+ . ' (\'123 \'),' . "\n"+ . ' (\'[email protected]\'),' . "\n"+ . ' (\'https://example.org\'),' . "\n"+ . ' (\'example.txt\'),' . "\n"+ . ' (\'\\\'Feuille 1\\\'!A1:A4\'),' . "\n"+ . ' (\'1,50\'),' . "\n"+ . ' (\'0.05\'),' . "\n"+ . ' (\'true\'),' . "\n"+ . ' (\'12\')'+ . ($odsEmptyRowsMode ? '' : ',' . "\n" . ' (NULL)')+ . ($odsEmptyRowsMode ? ';;' : ',' . "\n" . ' (NULL);;'), $sql_query); //asset that all databases and tables are imported- $this->assertStringContainsString(+ self::assertStringContainsString( 'The following structures have either been created or altered.', $import_notice );- $this->assertStringContainsString('Go to database: `ODS_DB`', $import_notice);- $this->assertStringContainsString('Edit settings for `ODS_DB`', $import_notice);- $this->assertStringContainsString('Go to table: `Shop`', $import_notice);- $this->assertStringContainsString('Edit settings for `Shop`', $import_notice);+ self::assertStringContainsString('Go to database: `ODS_DB`', $import_notice);+ self::assertStringContainsString('Edit settings for `ODS_DB`', $import_notice);+ self::assertStringContainsString('Go to table: `Shop`', $import_notice);+ self::assertStringContainsString('Edit settings for `Shop`', $import_notice); //asset that the import process is finished- $this->assertTrue($GLOBALS['finished']);+ self::assertTrue($GLOBALS['finished']); } }
After analyzing the provided code diff, I don't identify any security vulnerabilities being fixed. The changes appear to be primarily test code improvements and refactoring. Here's the analysis:
1. Test Assertion Changes:
Vulnerability Existed: no
Test Assertion Improvements [File] [Lines 66-95]
[Old Code]
Various assertEquals() calls
[Fixed Code]
Changed to assertSame() and self::assert* calls
2. Test Method Modification:
Vulnerability Existed: no
Test Method Refactoring [File] [Lines 136-138]
[Old Code]
public function dataProviderOdsEmptyRows(): array
[Fixed Code]
public static function dataProviderOdsEmptyRows(): array
3. SQL Assertion Formatting:
Vulnerability Existed: no
Test Output Formatting [File] [Lines 164-227]
[Old Code]
Multi-line formatted SQL assertion
[Fixed Code]
More compact SQL assertion format
The changes are focused on:
1. Improving test assertions (using more strict assertSame instead of assertEquals)
2. Making test data provider static
3. Refactoring long SQL assertions for better readability
4. Using self::assert* instead of $this->assert* for consistency
No security-related vulnerabilities appear to have been addressed in this diff. The changes are test code improvements and refactoring.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Routing.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Routing.php@@ -9,7 +9,6 @@ use FastRoute\Dispatcher\GroupCountBased as DispatcherGroupCountBased; use FastRoute\RouteCollector; use FastRoute\RouteParser\Std as RouteParserStd;-use PhpMyAdmin\Controllers\HomeController; use PhpMyAdmin\Http\ServerRequest; use Psr\Container\ContainerInterface;@@ -17,7 +16,6 @@ use function file_exists; use function file_put_contents; use function htmlspecialchars;-use function is_array; use function is_readable; use function is_string; use function is_writable;@@ -73,12 +71,16 @@ // If skip cache is enabled, do not try to read the file // If no cache skipping then read it and use it- if (! $skipCache && file_exists(self::ROUTES_CACHE_FILE)) {+ if (+ ! $skipCache+ && file_exists(self::ROUTES_CACHE_FILE)+ && isset($_SESSION['isRoutesCacheFileValid'])+ && $_SESSION['isRoutesCacheFileValid']+ ) { /** @psalm-suppress MissingFile, UnresolvableInclude, MixedAssignment */ $dispatchData = require self::ROUTES_CACHE_FILE;- if (self::isRoutesCacheFileValid($dispatchData)) {- return new DispatcherGroupCountBased($dispatchData);- }++ return new DispatcherGroupCountBased($dispatchData); } $routeCollector = new RouteCollector(@@ -93,10 +95,14 @@ // If skip cache is enabled, do not try to write it // If no skip cache then try to write if write is possible if (! $skipCache && $canWriteCache) {- $writeWorks = self::writeCache(- '<?php return ' . var_export($dispatchData, true) . ';'- );- if (! $writeWorks) {+ /** @psalm-suppress MissingFile, UnresolvableInclude, MixedAssignment */+ $cachedDispatchData = file_exists(self::ROUTES_CACHE_FILE) ? require self::ROUTES_CACHE_FILE : [];+ $_SESSION['isRoutesCacheFileValid'] = $dispatchData === $cachedDispatchData;+ if (+ ! $_SESSION['isRoutesCacheFileValid']+ && ! self::writeCache(sprintf('<?php return %s;', var_export($dispatchData, true)))+ ) {+ $_SESSION['isRoutesCacheFileValid'] = false; trigger_error( sprintf( __(@@ -190,19 +196,4 @@ $controller = $container->get($controllerName); $controller($request, $vars); }-- /**- * @param mixed $dispatchData- *- * @psalm-assert-if-true array[] $dispatchData- */- private static function isRoutesCacheFileValid($dispatchData): bool- {- return is_array($dispatchData)- && isset($dispatchData[0], $dispatchData[1])- && is_array($dispatchData[0]) && is_array($dispatchData[1])- && isset($dispatchData[0]['GET']) && is_array($dispatchData[0]['GET'])- && isset($dispatchData[0]['GET']['/']) && is_string($dispatchData[0]['GET']['/'])- && $dispatchData[0]['GET']['/'] === HomeController::class;- } }
Here's the analysis of the provided code diff for security fixes:
1. Vulnerability Existed: yes
Session Validation Bypass [File] libraries/classes/Routing.php [Lines 73-81]
[Old Code]
if (! $skipCache && file_exists(self::ROUTES_CACHE_FILE)) {
/** @psalm-suppress MissingFile, UnresolvableInclude, MixedAssignment */
$dispatchData = require self::ROUTES_CACHE_FILE;
if (self::isRoutesCacheFileValid($dispatchData)) {
return new DispatcherGroupCountBased($dispatchData);
}
}
[Fixed Code]
if (
! $skipCache
&& file_exists(self::ROUTES_CACHE_FILE)
&& isset($_SESSION['isRoutesCacheFileValid'])
&& $_SESSION['isRoutesCacheFileValid']
) {
/** @psalm-suppress MissingFile, UnresolvableInclude, MixedAssignment */
$dispatchData = require self::ROUTES_CACHE_FILE;
return new DispatcherGroupCountBased($dispatchData);
}
2. Vulnerability Existed: yes
Cache Validation Improvement [File] libraries/classes/Routing.php [Lines 93-96]
[Old Code]
if (! $skipCache && $canWriteCache) {
$writeWorks = self::writeCache(
'<?php return ' . var_export($dispatchData, true) . ';'
);
if (! $writeWorks) {
[Fixed Code]
if (! $skipCache && $canWriteCache) {
/** @psalm-suppress MissingFile, UnresolvableInclude, MixedAssignment */
$cachedDispatchData = file_exists(self::ROUTES_CACHE_FILE) ? require self::ROUTES_CACHE_FILE : [];
$_SESSION['isRoutesCacheFileValid'] = $dispatchData === $cachedDispatchData;
if (
! $_SESSION['isRoutesCacheFileValid']
&& ! self::writeCache(sprintf('<?php return %s;', var_export($dispatchData, true)))
) {
The changes indicate:
1. The removal of the custom validation function `isRoutesCacheFileValid` and replacement with session-based validation suggests there might have been a vulnerability in the original validation logic that could be bypassed.
2. The addition of session state tracking (`isRoutesCacheFileValid`) and direct comparison of cached data suggests improvements in cache validation to prevent potential cache poisoning or invalid cache usage.
The changes appear to strengthen the security of route caching by:
- Moving validation to server-side session state rather than client-provided data
- Implementing more robust cache invalidation mechanisms
- Removing potentially vulnerable custom validation logic
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
Failed to fetch CVE description: 503 Server Error: Service Unavailable for url: https://nvd.nist.gov/vuln/detail/CVE-2025-24529
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Config/Settings/ConsoleTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Config/Settings/ConsoleTest.php@@ -49,7 +49,7 @@ $settings = new Console($actualValues); foreach (array_keys($expectedValues) as $key) {- $this->assertSame($expected[$key], $settings->$key);+ self::assertSame($expected[$key], $settings->$key); } }@@ -59,7 +59,7 @@ * @return mixed[][][][] * @psalm-return (array{0: string, 1: mixed, 2: mixed})[][][] */- public function providerForTestConstructor(): array+ public static function providerForTestConstructor(): array { return [ 'null values' => [
Based on the provided code diff, I don't see any security-related fixes. The changes appear to be test-related improvements. Here's the analysis:
1. First change:
Vulnerability Existed: no
Test Improvement [File] [Lines 49]
[Old Code] $this->assertSame($expected[$key], $settings->$key);
[Fixed Code] self::assertSame($expected[$key], $settings->$key);
2. Second change:
Vulnerability Existed: no
Test Method Modification [File] [Lines 59]
[Old Code] public function providerForTestConstructor(): array
[Fixed Code] public static function providerForTestConstructor(): array
These changes are related to test code quality and PHPUnit best practices (using self:: instead of $this-> for static assertions, and making a data provider static), not security fixes. No vulnerabilities appear to be addressed in this diff.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Import/AjaxTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Import/AjaxTest.php@@ -14,6 +14,6 @@ { public function testNopluginCheck(): void {- $this->assertTrue(Ajax::nopluginCheck());+ self::assertTrue(Ajax::nopluginCheck()); } }
Analyzing the provided code diff: 1. Vulnerability Existed: no No vulnerability found [File] test/classes/Import/AjaxTest.php [Lines] 14 [Old Code] $this->assertTrue(Ajax::nopluginCheck()); [Fixed Code] self::assertTrue(Ajax::nopluginCheck()); Additional Details: - The change is purely a test method improvement, switching from instance assertion ($this) to static assertion (self) - No security vulnerability is being addressed here - This appears to be a test code style/consistency improvement rather than a security fix - The functionality remains exactly the same, just using a different assertion style
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Language.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Language.php@@ -4,7 +4,6 @@ namespace PhpMyAdmin;-use function __; use function _bindtextdomain; use function _setlocale; use function _textdomain;@@ -192,17 +191,6 @@ $GLOBALS['text_dir'] = 'ltr'; }- /* TCPDF */- $GLOBALS['l'] = [];-- /* TCPDF settings */- $GLOBALS['l']['a_meta_charset'] = 'UTF-8';- $GLOBALS['l']['a_meta_dir'] = $GLOBALS['text_dir'];- $GLOBALS['l']['a_meta_language'] = $this->code;-- /* TCPDF translations */- $GLOBALS['l']['w_page'] = __('Page number:');- /* Show possible warnings from langauge selection */ LanguageManager::getInstance()->showWarnings(); }
Let me analyze the code diff for security fixes:
1. Vulnerability Existed: not sure
[Potential Information Exposure] [libraries/classes/Language.php] [Lines 192-201]
[Old Code]
/* TCPDF */
$GLOBALS['l'] = [];
/* TCPDF settings */
$GLOBALS['l']['a_meta_charset'] = 'UTF-8';
$GLOBALS['l']['a_meta_dir'] = $GLOBALS['text_dir'];
$GLOBALS['l']['a_meta_language'] = $this->code;
/* TCPDF translations */
$GLOBALS['l']['w_page'] = __('Page number:');
[Fixed Code]
[Removed in patch]
Additional Details:
- The diff shows removal of TCPDF-related global variable initialization
- While not clearly a security vulnerability, exposing document metadata through globals could potentially leak information
- The removal might be part of a refactoring to reduce global state usage rather than a direct security fix
- Without more context, we can't be certain if this was a security fix or just code cleanup
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/ReplicationGui.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/ReplicationGui.php@@ -76,7 +76,13 @@ if (! isset($_POST['repl_clear_scr'])) { $primaryStatusTable = $this->getHtmlForReplicationStatusTable('primary', true, false);- $replicas = $dbi->fetchResult('SHOW SLAVE HOSTS', null, null);+ if ($dbi->isMySql() && $dbi->getVersion() >= 80022) {+ $replicas = $dbi->fetchResult('SHOW REPLICAS', null, null);+ } elseif ($dbi->isMariaDB() && $dbi->getVersion() >= 100501) {+ $replicas = $dbi->fetchResult('SHOW REPLICA HOSTS', null, null);+ } else {+ $replicas = $dbi->fetchResult('SHOW SLAVE HOSTS', null, null);+ } $urlParams = $GLOBALS['urlParams']; $urlParams['primary_add_user'] = true;@@ -126,13 +132,32 @@ ): string { global $dbi;- $serverReplicaMultiReplication = $dbi->fetchResult('SHOW ALL SLAVES STATUS');+ $serverReplicaMultiReplication = [];+ if ($dbi->isMariaDB() && $dbi->getVersion() >= 100501) {+ $serverReplicaMultiReplication = $dbi->fetchResult('SHOW ALL REPLICAS STATUS');+ } elseif ($dbi->isMariaDB()) {+ $serverReplicaMultiReplication = $dbi->fetchResult('SHOW ALL SLAVES STATUS');+ }++ $isReplicaIoRunning = false;+ $isReplicaSqlRunning = false;+ if ($serverReplicaStatus) { $urlParams = $GLOBALS['urlParams']; $urlParams['sr_take_action'] = true; $urlParams['sr_replica_server_control'] = true;- if ($serverReplicaReplication[0]['Slave_IO_Running'] === 'No') {+ $isReplicaIoRunning = isset($serverReplicaReplication[0]['Slave_IO_Running'])+ && $serverReplicaReplication[0]['Slave_IO_Running'] !== 'No'+ || isset($serverReplicaReplication[0]['Replica_IO_Running'])+ && $serverReplicaReplication[0]['Replica_SQL_Running'] !== 'No';++ $isReplicaSqlRunning = isset($serverReplicaReplication[0]['Slave_SQL_Running'])+ && $serverReplicaReplication[0]['Slave_SQL_Running'] !== 'No'+ || isset($serverReplicaReplication[0]['Replica_SQL_Running'])+ && $serverReplicaReplication[0]['Replica_SQL_Running'] !== 'No';++ if (! $isReplicaIoRunning) { $urlParams['sr_replica_action'] = 'start'; } else { $urlParams['sr_replica_action'] = 'stop';@@ -141,7 +166,7 @@ $urlParams['sr_replica_control_param'] = 'IO_THREAD'; $replicaControlIoLink = Url::getCommon($urlParams, '', false);- if ($serverReplicaReplication[0]['Slave_SQL_Running'] === 'No') {+ if (! $isReplicaSqlRunning) { $urlParams['sr_replica_action'] = 'start'; } else { $urlParams['sr_replica_action'] = 'stop';@@ -150,10 +175,7 @@ $urlParams['sr_replica_control_param'] = 'SQL_THREAD'; $replicaControlSqlLink = Url::getCommon($urlParams, '', false);- if (- $serverReplicaReplication[0]['Slave_IO_Running'] === 'No'- || $serverReplicaReplication[0]['Slave_SQL_Running'] === 'No'- ) {+ if (! $isReplicaIoRunning || ! $isReplicaSqlRunning) { $urlParams['sr_replica_action'] = 'start'; } else { $urlParams['sr_replica_action'] = 'stop';@@ -177,9 +199,6 @@ $reconfigurePrimaryLink = Url::getCommon($urlParams, '', false); $replicaStatusTable = $this->getHtmlForReplicationStatusTable('replica', true, false);-- $replicaIoRunning = $serverReplicaReplication[0]['Slave_IO_Running'] !== 'No';- $replicaSqlRunning = $serverReplicaReplication[0]['Slave_SQL_Running'] !== 'No'; } return $this->template->render('server/replication/replica_configuration', [@@ -188,8 +207,8 @@ 'primary_connection' => $_POST['primary_connection'] ?? '', 'server_replica_status' => $serverReplicaStatus, 'replica_status_table' => $replicaStatusTable ?? '',- 'replica_sql_running' => $replicaSqlRunning ?? false,- 'replica_io_running' => $replicaIoRunning ?? false,+ 'replica_sql_running' => $isReplicaIoRunning,+ 'replica_io_running' => $isReplicaSqlRunning, 'replica_control_full_link' => $replicaControlFullLink ?? '', 'replica_control_reset_link' => $replicaControlResetLink ?? '', 'replica_control_sql_link' => $replicaControlSqlLink ?? '',@@ -261,27 +280,33 @@ $replicationInfo->load($_POST['primary_connection'] ?? null); $replicationVariables = $replicationInfo->primaryVariables;- $variablesAlerts = null;- $variablesOks = null;+ $variablesAlerts = [];+ $variablesOks = []; $serverReplication = $replicationInfo->getPrimaryStatus(); if ($type === 'replica') { $replicationVariables = $replicationInfo->replicaVariables; $variablesAlerts = [ 'Slave_IO_Running' => 'No', 'Slave_SQL_Running' => 'No',+ 'Replica_IO_Running' => 'No',+ 'Replica_SQL_Running' => 'No', ]; $variablesOks = [ 'Slave_IO_Running' => 'Yes', 'Slave_SQL_Running' => 'Yes',+ 'Replica_IO_Running' => 'Yes',+ 'Replica_SQL_Running' => 'Yes', ]; $serverReplication = $replicationInfo->getReplicaStatus(); } $variables = []; foreach ($replicationVariables as $variable) {- $serverReplicationVariable = isset($serverReplication[0])- ? $serverReplication[0][$variable]- : '';+ if (! isset($serverReplication[0], $serverReplication[0][$variable])) {+ continue;+ }++ $serverReplicationVariable = $serverReplication[0][$variable]; $variables[$variable] = [ 'name' => $variable,@@ -568,7 +593,12 @@ if ($_POST['sr_replica_action'] === 'reset') { $qStop = $this->replication->replicaControl('STOP', null, DatabaseInterface::CONNECT_USER);- $qReset = $dbi->tryQuery('RESET SLAVE;');+ if ($dbi->isMySql() && $dbi->getVersion() >= 80022 || $dbi->isMariaDB() && $dbi->getVersion() >= 100501) {+ $qReset = $dbi->tryQuery('RESET REPLICA;');+ } else {+ $qReset = $dbi->tryQuery('RESET SLAVE;');+ }+ $qStart = $this->replication->replicaControl('START', null, DatabaseInterface::CONNECT_USER); $result = $qStop !== false && $qStop !== -1 &&@@ -597,7 +627,12 @@ } $qStop = $this->replication->replicaControl('STOP', null, DatabaseInterface::CONNECT_USER);- $qSkip = $dbi->tryQuery('SET GLOBAL SQL_SLAVE_SKIP_COUNTER = ' . $count . ';');+ if ($dbi->isMySql() && $dbi->getVersion() >= 80400) {+ $qSkip = $dbi->tryQuery('SET GLOBAL SQL_REPLICA_SKIP_COUNTER = ' . $count . ';');+ } else {+ $qSkip = $dbi->tryQuery('SET GLOBAL SQL_SLAVE_SKIP_COUNTER = ' . $count . ';');+ }+ $qStart = $this->replication->replicaControl('START', null, DatabaseInterface::CONNECT_USER); return $qStop !== false && $qStop !== -1 &&
I'll analyze the code diff and provide the security findings following the specified format.
Vulnerability Existed: no
Deprecated MySQL Terminology Update [libraries/classes/ReplicationGui.php] [Lines 76-82, 126-136, 261-297, 568-597, 597-627]
[Old Code]
$replicas = $dbi->fetchResult('SHOW SLAVE HOSTS', null, null);
$serverReplicaMultiReplication = $dbi->fetchResult('SHOW ALL SLAVES STATUS');
$qReset = $dbi->tryQuery('RESET SLAVE;');
$qSkip = $dbi->tryQuery('SET GLOBAL SQL_SLAVE_SKIP_COUNTER = ' . $count . ';');
[Fixed Code]
Added version checks and updated to use new terminology:
- 'SHOW REPLICAS'/'SHOW REPLICA HOSTS' instead of 'SHOW SLAVE HOSTS'
- 'SHOW ALL REPLICAS STATUS' instead of 'SHOW ALL SLAVES STATUS'
- 'RESET REPLICA' instead of 'RESET SLAVE'
- 'SQL_REPLICA_SKIP_COUNTER' instead of 'SQL_SLAVE_SKIP_COUNTER'
Additional Details:
This appears to be a terminology update rather than a security fix. MySQL 8.0.22+ and MariaDB 10.5.1+ have deprecated the "slave" terminology in favor of "replica". The changes add version checks to use the appropriate commands based on the database version. While this improves compatibility and follows modern standards, it doesn't appear to address any specific security vulnerability.
Vulnerability Existed: no
Improved Variable Existence Checking [libraries/classes/ReplicationGui.php] [Lines 302-306]
[Old Code]
$serverReplicationVariable = isset($serverReplication[0])
? $serverReplication[0][$variable]
: '';
[Fixed Code]
if (! isset($serverReplication[0], $serverReplication[0][$variable])) {
continue;
}
$serverReplicationVariable = $serverReplication[0][$variable];
Additional Details:
This change improves the robustness of the code by properly checking for variable existence before accessing it, but it's not fixing a security vulnerability - just preventing potential undefined index notices.
Vulnerability Existed: no
Replication Status Check Enhancement [libraries/classes/ReplicationGui.php] [Lines 139-157]
[Old Code]
if ($serverReplicaReplication[0]['Slave_IO_Running'] === 'No')
[Fixed Code]
Added checks for both old and new terminology:
$isReplicaIoRunning = isset($serverReplicaReplication[0]['Slave_IO_Running'])
&& $serverReplicaReplication[0]['Slave_IO_Running'] !== 'No'
|| isset($serverReplicaReplication[0]['Replica_IO_Running'])
&& $serverReplicaReplication[0]['Replica_SQL_Running'] !== 'No';
Additional Details:
This is another compatibility improvement to handle both old and new terminology in replication status checks, not a security fix.
The changes appear to be focused on:
1. Updating deprecated terminology for newer MySQL/MariaDB versions
2. Improving code robustness
3. Adding better version compatibility
4. Making the code more maintainable
No actual security vulnerabilities were identified in this diff. The changes are primarily about terminology updates and improved compatibility checks.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/SqlTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/SqlTest.php@@ -12,6 +12,7 @@ use PhpMyAdmin\Sql; use PhpMyAdmin\Template; use PhpMyAdmin\Transformations;+use ReflectionMethod; use stdClass; use const MYSQLI_TYPE_SHORT;@@ -72,7 +73,7 @@ $GLOBALS['_SESSION']['tmpval']['max_rows'] = 2; $analyzed_sql_results = $this->parseAndAnalyze('SELECT * FROM test LIMIT 0, 10');- $this->assertEquals(+ self::assertSame( 'SELECT * FROM test LIMIT 1, 2 ', $this->callFunction($this->sql, Sql::class, 'getSqlWithLimitClause', [&$analyzed_sql_results]) );@@ -86,35 +87,25 @@ // Test environment. $GLOBALS['cfg']['RememberSorting'] = true;- $this->assertTrue(- $this->callFunction($this->sql, Sql::class, 'isRememberSortingOrder', [- $this->parseAndAnalyze('SELECT * FROM tbl'),- ])- );-- $this->assertFalse(- $this->callFunction($this->sql, Sql::class, 'isRememberSortingOrder', [- $this->parseAndAnalyze('SELECT col FROM tbl'),- ])- );-- $this->assertFalse(- $this->callFunction($this->sql, Sql::class, 'isRememberSortingOrder', [- $this->parseAndAnalyze('SELECT 1'),- ])- );-- $this->assertFalse(- $this->callFunction($this->sql, Sql::class, 'isRememberSortingOrder', [- $this->parseAndAnalyze('SELECT col1, col2 FROM tbl'),- ])- );-- $this->assertFalse(- $this->callFunction($this->sql, Sql::class, 'isRememberSortingOrder', [- $this->parseAndAnalyze('SELECT COUNT(*) from tbl'),- ])- );+ self::assertTrue($this->callFunction($this->sql, Sql::class, 'isRememberSortingOrder', [+ $this->parseAndAnalyze('SELECT * FROM tbl'),+ ]));++ self::assertFalse($this->callFunction($this->sql, Sql::class, 'isRememberSortingOrder', [+ $this->parseAndAnalyze('SELECT col FROM tbl'),+ ]));++ self::assertFalse($this->callFunction($this->sql, Sql::class, 'isRememberSortingOrder', [+ $this->parseAndAnalyze('SELECT 1'),+ ]));++ self::assertFalse($this->callFunction($this->sql, Sql::class, 'isRememberSortingOrder', [+ $this->parseAndAnalyze('SELECT col1, col2 FROM tbl'),+ ]));++ self::assertFalse($this->callFunction($this->sql, Sql::class, 'isRememberSortingOrder', [+ $this->parseAndAnalyze('SELECT COUNT(*) from tbl'),+ ])); } /**@@ -125,17 +116,13 @@ // Test environment. $GLOBALS['_SESSION']['tmpval']['max_rows'] = 10;- $this->assertTrue(- $this->callFunction($this->sql, Sql::class, 'isAppendLimitClause', [- $this->parseAndAnalyze('SELECT * FROM tbl'),- ])- );-- $this->assertFalse(- $this->callFunction($this->sql, Sql::class, 'isAppendLimitClause', [- $this->parseAndAnalyze('SELECT * from tbl LIMIT 0, 10'),- ])- );+ self::assertTrue($this->callFunction($this->sql, Sql::class, 'isAppendLimitClause', [+ $this->parseAndAnalyze('SELECT * FROM tbl'),+ ]));++ self::assertFalse($this->callFunction($this->sql, Sql::class, 'isAppendLimitClause', [+ $this->parseAndAnalyze('SELECT * from tbl LIMIT 0, 10'),+ ])); } public function testIsJustBrowsing(): void@@ -143,17 +130,17 @@ // Test environment. $GLOBALS['_SESSION']['tmpval']['max_rows'] = 10;- $this->assertTrue(Sql::isJustBrowsing(+ self::assertTrue(Sql::isJustBrowsing( $this->parseAndAnalyze('SELECT * FROM db.tbl'), null ));- $this->assertTrue(Sql::isJustBrowsing(+ self::assertTrue(Sql::isJustBrowsing( $this->parseAndAnalyze('SELECT * FROM tbl WHERE 1'), null ));- $this->assertFalse(Sql::isJustBrowsing(+ self::assertFalse(Sql::isJustBrowsing( $this->parseAndAnalyze('SELECT * from tbl1, tbl2 LIMIT 0, 10'), null ));@@ -164,23 +151,17 @@ */ public function testIsDeleteTransformationInfo(): void {- $this->assertTrue(- $this->callFunction($this->sql, Sql::class, 'isDeleteTransformationInfo', [- $this->parseAndAnalyze('ALTER TABLE tbl DROP COLUMN col'),- ])- );-- $this->assertTrue(- $this->callFunction($this->sql, Sql::class, 'isDeleteTransformationInfo', [- $this->parseAndAnalyze('DROP TABLE tbl'),- ])- );-- $this->assertFalse(- $this->callFunction($this->sql, Sql::class, 'isDeleteTransformationInfo', [- $this->parseAndAnalyze('SELECT * from tbl'),- ])- );+ self::assertTrue($this->callFunction($this->sql, Sql::class, 'isDeleteTransformationInfo', [+ $this->parseAndAnalyze('ALTER TABLE tbl DROP COLUMN col'),+ ]));++ self::assertTrue($this->callFunction($this->sql, Sql::class, 'isDeleteTransformationInfo', [+ $this->parseAndAnalyze('DROP TABLE tbl'),+ ]));++ self::assertFalse($this->callFunction($this->sql, Sql::class, 'isDeleteTransformationInfo', [+ $this->parseAndAnalyze('SELECT * from tbl'),+ ])); } /**@@ -188,29 +169,23 @@ */ public function testHasNoRightsToDropDatabase(): void {- $this->assertTrue(- $this->sql->hasNoRightsToDropDatabase(- $this->parseAndAnalyze('DROP DATABASE db'),- false,- false- )- );-- $this->assertFalse(- $this->sql->hasNoRightsToDropDatabase(- $this->parseAndAnalyze('DROP TABLE tbl'),- false,- false- )- );-- $this->assertFalse(- $this->sql->hasNoRightsToDropDatabase(- $this->parseAndAnalyze('SELECT * from tbl'),- false,- false- )- );+ self::assertTrue($this->sql->hasNoRightsToDropDatabase(+ $this->parseAndAnalyze('DROP DATABASE db'),+ false,+ false+ ));++ self::assertFalse($this->sql->hasNoRightsToDropDatabase(+ $this->parseAndAnalyze('DROP TABLE tbl'),+ false,+ false+ ));++ self::assertFalse($this->sql->hasNoRightsToDropDatabase(+ $this->parseAndAnalyze('SELECT * from tbl'),+ false,+ false+ )); } /**@@ -230,9 +205,7 @@ $col2, $col3, ];- $this->assertFalse(- $this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])- );+ self::assertFalse($this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])); // should not matter on where the odd column occurs $fields_meta = [@@ -240,18 +213,14 @@ $col3, $col1, ];- $this->assertFalse(- $this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])- );+ self::assertFalse($this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])); $fields_meta = [ $col3, $col1, $col2, ];- $this->assertFalse(- $this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])- );+ self::assertFalse($this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])); } /**@@ -271,9 +240,7 @@ $col3, ];- $this->assertTrue(- $this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])- );+ self::assertTrue($this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])); } /**@@ -294,9 +261,7 @@ $col2, $col3, ];- $this->assertTrue(- $this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])- );+ self::assertTrue($this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])); // should not matter on where the function column occurs $fields_meta = [@@ -304,18 +269,14 @@ $col3, $col1, ];- $this->assertTrue(- $this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])- );+ self::assertTrue($this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])); $fields_meta = [ $col3, $col1, $col2, ];- $this->assertTrue(- $this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])- );+ self::assertTrue($this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])); } /**@@ -336,9 +297,7 @@ $col3, ];- $this->assertFalse(- $this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])- );+ self::assertFalse($this->callFunction($this->sql, Sql::class, 'resultSetHasJustOneTable', [$fields_meta])); } /**@@ -353,7 +312,7 @@ return $analyzedSqlResults; }- public function dataProviderCountQueryResults(): array+ public static function dataProviderCountQueryResults(): array { // sql query // session tmpval@@ -370,9 +329,9 @@ 164056, 50, false,- 'SELECT COUNT(*) FROM (select * from game_auth_logs l join ('+ 'SELECT COUNT(*) FROM (SELECT 1 FROM game_auth_logs AS `l` JOIN (' . ' select al.user_id, max(al.id) as id from game_auth_logs al '- . 'where al.successfull = 1 group by al.user_id ) last_log on last_log.id = l.id'+ . 'where al.successfull = 1 group by al.user_id ) AS `last_log` ON last_log.id = l.id' . ' ) as cnt', ], 'join on SELECT results with alias.*' => [@@ -384,9 +343,9 @@ 267, 50, false,- 'SELECT COUNT(*) FROM (select l.* from game_auth_logs l join ('+ 'SELECT COUNT(*) FROM (SELECT 1 FROM game_auth_logs AS `l` JOIN (' . ' select al.user_id, max(al.id) as id from game_auth_logs al '- . 'where al.successfull = 1 group by al.user_id ) last_log on last_log.id = l.id'+ . 'where al.successfull = 1 group by al.user_id ) AS `last_log` ON last_log.id = l.id' . ' ) as cnt', ], [@@ -561,6 +520,22 @@ 20, 20,+ ],+ [+ 'SELECT DISTINCT country_id FROM city;',+ ['max_rows' => 25, 'pos' => 0],+ 25,+ 109,+ false,+ 'SELECT COUNT(*) FROM (SELECT DISTINCT country_id FROM city ) as cnt',+ ],+ [+ 'SELECT * FROM t1 UNION SELECT * FROM t2;',+ ['max_rows' => -1, 'pos' => 0],+ 25,+ 109,+ false,+ 'SELECT COUNT(*) FROM (SELECT * FROM t1 UNION SELECT * FROM t2 ) as cnt', ], ]; }@@ -605,7 +580,7 @@ $analyzed_sql_results, ] );- $this->assertSame($expectedNumRows, $result);+ self::assertSame($expectedNumRows, $result); $this->assertAllQueriesConsumed(); }@@ -772,13 +747,139 @@ 'SELECT * FROM `sakila`.`country` LIMIT 0, 3;', null );- $this->assertStringContainsString('Showing rows 0 - 2 (3 total', $actual);- $this->assertStringContainsString('SELECT * FROM `sakila`.`country` LIMIT 0, 3;', $actual);- $this->assertStringContainsString('Afghanistan', $actual);- $this->assertStringContainsString('Algeria', $actual);- $this->assertStringContainsString('American Samoa', $actual);- $this->assertStringContainsString('data-type="int"', $actual);- $this->assertStringContainsString('data-type="string"', $actual);- $this->assertStringContainsString('data-type="timestamp"', $actual);+ self::assertStringContainsString('Showing rows 0 - 2 (3 total', $actual);+ self::assertStringContainsString('SELECT * FROM `sakila`.`country` LIMIT 0, 3;', $actual);+ self::assertStringContainsString('Afghanistan', $actual);+ self::assertStringContainsString('Algeria', $actual);+ self::assertStringContainsString('American Samoa', $actual);+ self::assertStringContainsString('data-type="int"', $actual);+ self::assertStringContainsString('data-type="string"', $actual);+ self::assertStringContainsString('data-type="timestamp"', $actual);+ }++ public function testGetDetailedProfilingStatsWithoutData(): void+ {+ $method = new ReflectionMethod($this->sql, 'getDetailedProfilingStats');+ $method->setAccessible(true);+ self::assertSame(+ ['total_time' => 0, 'states' => [], 'chart' => [], 'profile' => []],+ $method->invoke($this->sql, [])+ );+ }++ public function testGetDetailedProfilingStatsWithData(): void+ {+ $method = new ReflectionMethod($this->sql, 'getDetailedProfilingStats');+ $method->setAccessible(true);+ $profiling = [+ ['Status' => 'Starting', 'Duration' => '0.000017'],+ ['Status' => 'checking permissions', 'Duration' => '0.000003'],+ ['Status' => 'Opening tables', 'Duration' => '0.000152'],+ ['Status' => 'After opening tables', 'Duration' => '0.000004'],+ ['Status' => 'System lock', 'Duration' => '0.000002'],+ ['Status' => 'table lock', 'Duration' => '0.000003'],+ ['Status' => 'Opening tables', 'Duration' => '0.000008'],+ ['Status' => 'After opening tables', 'Duration' => '0.000002'],+ ['Status' => 'System lock', 'Duration' => '0.000002'],+ ['Status' => 'table lock', 'Duration' => '0.000012'],+ ['Status' => 'Unlocking tables', 'Duration' => '0.000003'],+ ['Status' => 'closing tables', 'Duration' => '0.000005'],+ ['Status' => 'init', 'Duration' => '0.000007'],+ ['Status' => 'Optimizing', 'Duration' => '0.000004'],+ ['Status' => 'Statistics', 'Duration' => '0.000006'],+ ['Status' => 'Preparing', 'Duration' => '0.000006'],+ ['Status' => 'Executing', 'Duration' => '0.000002'],+ ['Status' => 'Sending data', 'Duration' => '0.000029'],+ ['Status' => 'End of update loop', 'Duration' => '0.000003'],+ ['Status' => 'Query end', 'Duration' => '0.000002'],+ ['Status' => 'Commit', 'Duration' => '0.000002'],+ ['Status' => 'closing tables', 'Duration' => '0.000002'],+ ['Status' => 'Unlocking tables', 'Duration' => '0.000001'],+ ['Status' => 'closing tables', 'Duration' => '0.000002'],+ ['Status' => 'Starting cleanup', 'Duration' => '0.000002'],+ ['Status' => 'Freeing items', 'Duration' => '0.000002'],+ ['Status' => 'Updating status', 'Duration' => '0.000007'],+ ['Status' => 'Reset for next command', 'Duration' => '0.000009'],+ ];+ $expected = [+ 'total_time' => 0.000299,+ 'states' => [+ 'Starting' => ['total_time' => '0.000017', 'calls' => 1],+ 'Checking Permissions' => ['total_time' => '0.000003', 'calls' => 1],+ 'Opening Tables' => ['total_time' => 0.00016, 'calls' => 2],+ 'After Opening Tables' => ['total_time' => 6.0E-6, 'calls' => 2],+ 'System Lock' => ['total_time' => 4.0E-6, 'calls' => 2],+ 'Table Lock' => ['total_time' => 1.5E-5, 'calls' => 2],+ 'Unlocking Tables' => ['total_time' => 4.0E-6, 'calls' => 2],+ 'Closing Tables' => ['total_time' => 9.0E-6, 'calls' => 3],+ 'Init' => ['total_time' => '0.000007', 'calls' => 1],+ 'Optimizing' => ['total_time' => '0.000004', 'calls' => 1],+ 'Statistics' => ['total_time' => '0.000006', 'calls' => 1],+ 'Preparing' => ['total_time' => '0.000006', 'calls' => 1],+ 'Executing' => ['total_time' => '0.000002', 'calls' => 1],+ 'Sending Data' => ['total_time' => '0.000029', 'calls' => 1],+ 'End Of Update Loop' => ['total_time' => '0.000003', 'calls' => 1],+ 'Query End' => ['total_time' => '0.000002', 'calls' => 1],+ 'Commit' => ['total_time' => '0.000002', 'calls' => 1],+ 'Starting Cleanup' => ['total_time' => '0.000002', 'calls' => 1],+ 'Freeing Items' => ['total_time' => '0.000002', 'calls' => 1],+ 'Updating Status' => ['total_time' => '0.000007', 'calls' => 1],+ 'Reset For Next Command' => ['total_time' => '0.000009', 'calls' => 1],+ ],+ 'chart' => [+ 'Starting' => '0.000017',+ 'Checking Permissions' => '0.000003',+ 'Opening Tables' => 0.00016,+ 'After Opening Tables' => 6.0E-6,+ 'System Lock' => 4.0E-6,+ 'Table Lock' => 1.5E-5,+ 'Unlocking Tables' => 4.0E-6,+ 'Closing Tables' => 9.0E-6,+ 'Init' => '0.000007',+ 'Optimizing' => '0.000004',+ 'Statistics' => '0.000006',+ 'Preparing' => '0.000006',+ 'Executing' => '0.000002',+ 'Sending Data' => '0.000029',+ 'End Of Update Loop' => '0.000003',+ 'Query End' => '0.000002',+ 'Commit' => '0.000002',+ 'Starting Cleanup' => '0.000002',+ 'Freeing Items' => '0.000002',+ 'Updating Status' => '0.000007',+ 'Reset For Next Command' => '0.000009',+ ],+ 'profile' => [+ ['status' => 'Starting', 'duration' => '17 µ', 'duration_raw' => '0.000017'],+ ['status' => 'Checking Permissions', 'duration' => '3 µ', 'duration_raw' => '0.000003'],+ ['status' => 'Opening Tables', 'duration' => '152 µ', 'duration_raw' => '0.000152'],+ ['status' => 'After Opening Tables', 'duration' => '4 µ', 'duration_raw' => '0.000004'],+ ['status' => 'System Lock', 'duration' => '2 µ', 'duration_raw' => '0.000002'],+ ['status' => 'Table Lock', 'duration' => '3 µ', 'duration_raw' => '0.000003'],+ ['status' => 'Opening Tables', 'duration' => '8 µ', 'duration_raw' => '0.000008'],+ ['status' => 'After Opening Tables', 'duration' => '2 µ', 'duration_raw' => '0.000002'],+ ['status' => 'System Lock', 'duration' => '2 µ', 'duration_raw' => '0.000002'],+ ['status' => 'Table Lock', 'duration' => '12 µ', 'duration_raw' => '0.000012'],+ ['status' => 'Unlocking Tables', 'duration' => '3 µ', 'duration_raw' => '0.000003'],+ ['status' => 'Closing Tables', 'duration' => '5 µ', 'duration_raw' => '0.000005'],+ ['status' => 'Init', 'duration' => '7 µ', 'duration_raw' => '0.000007'],+ ['status' => 'Optimizing', 'duration' => '4 µ', 'duration_raw' => '0.000004'],+ ['status' => 'Statistics', 'duration' => '6 µ', 'duration_raw' => '0.000006'],+ ['status' => 'Preparing', 'duration' => '6 µ', 'duration_raw' => '0.000006'],+ ['status' => 'Executing', 'duration' => '2 µ', 'duration_raw' => '0.000002'],+ ['status' => 'Sending Data', 'duration' => '29 µ', 'duration_raw' => '0.000029'],+ ['status' => 'End Of Update Loop', 'duration' => '3 µ', 'duration_raw' => '0.000003'],+ ['status' => 'Query End', 'duration' => '2 µ', 'duration_raw' => '0.000002'],+ ['status' => 'Commit', 'duration' => '2 µ', 'duration_raw' => '0.000002'],+ ['status' => 'Closing Tables', 'duration' => '2 µ', 'duration_raw' => '0.000002'],+ ['status' => 'Unlocking Tables', 'duration' => '1 µ', 'duration_raw' => '0.000001'],+ ['status' => 'Closing Tables', 'duration' => '2 µ', 'duration_raw' => '0.000002'],+ ['status' => 'Starting Cleanup', 'duration' => '2 µ', 'duration_raw' => '0.000002'],+ ['status' => 'Freeing Items', 'duration' => '2 µ', 'duration_raw' => '0.000002'],+ ['status' => 'Updating Status', 'duration' => '7 µ', 'duration_raw' => '0.000007'],+ ['status' => 'Reset For Next Command', 'duration' => '9 µ', 'duration_raw' => '0.000009'],+ ],+ ];+ self::assertSame($expected, $method->invoke($this->sql, $profiling)); } }
After analyzing the provided code diff, I don't find any security vulnerabilities being fixed. The changes appear to be primarily test improvements and code quality enhancements. Here's the analysis: 1. Vulnerability Existed: no The changes are test improvements including: - Changing assertEquals to assertSame for more strict comparisons - Adding ReflectionMethod import - Formatting test assertions more consistently - Adding new test cases for count query results - Adding test cases for profiling stats 2. Vulnerability Existed: no The changes include test case additions for: - DISTINCT queries - UNION queries - Profiling statistics handling - No security-related changes 3. Vulnerability Existed: no The changes include: - Making dataProviderCountQueryResults static - Adding detailed profiling test cases - No security fixes identified The diff shows test improvements and additional test coverage but no security vulnerability fixes. The changes are focused on: - Better test assertions (assertSame vs assertEquals) - Additional test cases - Code formatting improvements - Profiling functionality tests - No changes to production code that would indicate security fixes No security vulnerabilities were identified in this diff. The changes appear to be test-related improvements and additions.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/AbstractNetworkTestCase.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/AbstractNetworkTestCase.php@@ -90,7 +90,7 @@ $attrInstance = new ReflectionProperty(ResponseRenderer::class, 'instance'); $attrInstance->setAccessible(true);- $attrInstance->setValue($mockResponse);+ $attrInstance->setValue(null, $mockResponse); return $mockResponse; }@@ -103,7 +103,7 @@ parent::tearDown(); $response = new ReflectionProperty(ResponseRenderer::class, 'instance'); $response->setAccessible(true);- $response->setValue(null);+ $response->setValue(null, null); $response->setAccessible(false); } }
Here's the analysis of the provided code diff: 1. Vulnerability Existed: not sure [Potential Reflection Property Manipulation] [test/classes/AbstractNetworkTestCase.php] [Lines 90-90, 103-103] [Old Code] `$attrInstance->setValue($mockResponse);` `$response->setValue(null);` [Fixed Code] `$attrInstance->setValue(null, $mockResponse);` `$response->setValue(null, null);` Additional Details: The changes involve fixing the method calls to `ReflectionProperty::setValue()` to properly include both parameters (the object instance and the value). While this isn't a direct security vulnerability in the traditional sense, improper use of reflection could potentially lead to security issues if it allows unauthorized modification of properties. The fix ensures proper usage of the reflection API, which could prevent potential issues in test scenarios. However, since this is in test code, the security impact would be minimal.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/selenium/Database/EventsTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/selenium/Database/EventsTest.php@@ -125,31 +125,29 @@ // Refresh the page $this->webDriver->navigate()->refresh();- $this->assertTrue(- $this->isElementPresent(- 'xpath',- "//td[contains(., 'test_event')]"- )- );+ self::assertTrue($this->isElementPresent(+ 'xpath',+ "//td[contains(., 'test_event')]"+ )); $this->dbQuery( 'USE `' . $this->databaseName . '`;' . 'SHOW EVENTS WHERE Db=\'' . $this->databaseName . '\' AND Name=\'test_event\';', function (): void {- $this->assertTrue($this->isElementPresent('className', 'table_results'));- $this->assertEquals($this->databaseName, $this->getCellByTableClass('table_results', 1, 1));- $this->assertEquals('test_event', $this->getCellByTableClass('table_results', 1, 2));- $this->assertEquals('RECURRING', $this->getCellByTableClass('table_results', 1, 5));+ self::assertTrue($this->isElementPresent('className', 'table_results'));+ self::assertEquals($this->databaseName, $this->getCellByTableClass('table_results', 1, 1));+ self::assertEquals('test_event', $this->getCellByTableClass('table_results', 1, 2));+ self::assertEquals('RECURRING', $this->getCellByTableClass('table_results', 1, 5)); } ); sleep(2); $this->dbQuery(- 'SELECT val FROM `' . $this->databaseName . '`.`test_table`',- function (): void {- $this->assertTrue($this->isElementPresent('className', 'table_results'));+ 'SELECT * FROM `' . $this->databaseName . '`.`test_table`',+ function (): void {+ $this->scrollToElement($this->waitForElement('className', 'table_results'), 0, 20); // [ ] | Edit | Copy | Delete | 1 | <number>- $this->assertGreaterThan(2, (int) $this->getCellByTableClass('table_results', 1, 5));+ self::assertGreaterThan(2, (int) $this->getCellByTableClass('table_results', 1, 6)); } ); }@@ -183,11 +181,11 @@ sleep(2); $this->dbQuery(- 'SELECT val FROM `' . $this->databaseName . '`.`test_table`',- function (): void {- $this->assertTrue($this->isElementPresent('className', 'table_results'));+ 'SELECT * FROM `' . $this->databaseName . '`.`test_table`',+ function (): void {+ $this->scrollToElement($this->waitForElement('className', 'table_results'), 0, 20); // [ ] | Edit | Copy | Delete | 4- $this->assertGreaterThan(3, (int) $this->getCellByTableClass('table_results', 1, 5));+ self::assertGreaterThan(3, (int) $this->getCellByTableClass('table_results', 1, 6)); } ); }@@ -215,7 +213,8 @@ 'USE `' . $this->databaseName . '`;' . 'SHOW EVENTS WHERE Db=\'' . $this->databaseName . '\' AND Name=\'test_event\';', function (): void {- $this->assertFalse($this->isElementPresent('className', 'table_results'));+ self::assertTrue($this->isElementPresent('className', 'table_results'));+ self::assertFalse($this->isElementPresent('cssSelector', '.table_results tbody tr')); } ); }
After analyzing the provided code diff, I don't find any clear security vulnerabilities being fixed. The changes appear to be primarily focused on test assertions and minor test logic improvements. Here's the analysis: 1. Vulnerability Existed: no No security vulnerability found [File] test/selenium/Database/EventsTest.php [Lines] 125-217 The changes involve: - Changing assertion methods from $this->assert* to self::assert* - Modifying test queries from 'SELECT val' to 'SELECT *' - Adjusting test assertions for different table cell positions - Adding scroll functionality in tests - Improving event existence checks 2. Vulnerability Existed: no No SQL injection vulnerability found [File] test/selenium/Database/EventsTest.php [Lines] 125-217 The database queries use parameterized values through string concatenation, but since this is test code and the values are controlled test values, this doesn't represent a security issue. The changes appear to be test improvements rather than security fixes, focusing on: - Better test assertions - More robust element detection - Column position adjustments in test tables - Improved test reliability through scrolling and waiting No security-related vulnerabilities were identified in this diff.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Controllers/Sql/EnumValuesController.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Controllers/Sql/EnumValuesController.php@@ -11,9 +11,7 @@ use PhpMyAdmin\Template; use function __;-use function htmlentities;--use const ENT_COMPAT;+use function strval; final class EnumValuesController extends AbstractController {@@ -44,7 +42,7 @@ $this->checkUserPrivileges->getPrivileges(); $column = $_POST['column'];- $curr_value = $_POST['curr_value'];+ $currValue = $_POST['curr_value']; $values = $this->sql->getValuesForColumn($db, $table, $column); if ($values === null) {@@ -54,12 +52,9 @@ return; }- // Converts characters of $curr_value to HTML entities.- $convertedCurrentValue = htmlentities($curr_value, ENT_COMPAT, 'UTF-8');- $dropdown = $this->template->render('sql/enum_column_dropdown', [ 'values' => $values,- 'selected_values' => [$convertedCurrentValue],+ 'selected_values' => [strval($currValue)], ]); $this->response->addJSON('dropdown', $dropdown);
Here's the analysis following the required format: Vulnerability Existed: yes Cross-Site Scripting (XSS) Vulnerability [libraries/classes/Controllers/Sql/EnumValuesController.php] [Lines 44,54] [Old Code] $curr_value = $_POST['curr_value']; ... $convertedCurrentValue = htmlentities($curr_value, ENT_COMPAT, 'UTF-8'); ... 'selected_values' => [$convertedCurrentValue], [Fixed Code] $currValue = $_POST['curr_value']; ... 'selected_values' => [strval($currValue)], Analysis: 1. The vulnerability existed in the handling of user-supplied input ($_POST['curr_value']) which was being output in HTML context. 2. The old code used htmlentities() with ENT_COMPAT (which doesn't encode single quotes) for XSS protection, which might not be sufficient in all contexts. 3. The new code removes the htmlentities() call entirely and just uses strval(), suggesting the output context is now properly handled elsewhere or the value is being used in a non-HTML context. Note: While the fix removes the XSS protection, this might indicate the value is now being used in a different context where HTML escaping isn't needed (like JSON output). However, without seeing the template file, we can't be certain this is safe. The change suggests a context shift in how the value is used rather than a direct security fix.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/js/src/table/select.js+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/js/src/table/select.js@@ -161,7 +161,7 @@ $('#sqlqueryresultsouter').html(data.sql_query); } else { // results found $('#sqlqueryresultsouter').html(data.message);- $('.sqlqueryresults').trigger('makegrid');+ $('.sqlqueryresults').trigger('makeGrid'); } $('#tbl_search_form') // workaround for bug #3168569 - Issue on toggling the "Hide search criteria" in chrome.@@ -182,7 +182,7 @@ }); // Following section is related to the 'function based search' for geometry data types.- // Initially hide all the open_gis_editor spans+ // Initially hide all the open_search_gis_editor spans $('span.open_search_gis_editor').hide(); $('select.geom_func').on('change', function () {@@ -251,13 +251,15 @@ var field = 'Parameter'; // Column type var geomFunc = $span.parents('tr').find('.geom_func').val();- var type;- if (geomFunc === 'Envelope') {- type = 'polygon';- } else if (geomFunc === 'ExteriorRing') {- type = 'linestring';- } else {- type = 'point';+ var type = 'GEOMETRY';+ if (!value) {+ if (geomFunc === 'Envelope') {+ value = 'POLYGON()';+ } else if (geomFunc === 'ExteriorRing') {+ value = 'LINESTRING()';+ } else {+ value = 'POINT()';+ } } // Names of input field and null checkbox var inputName = $span.parent('td').children('input[type=\'text\']').attr('name');
Here's the analysis of the provided code diff for security fixes following the specified format:
1. Vulnerability Existed: not sure
[Potential Typo/Function Call Issue] [js/src/table/select.js] [Lines 161-164]
[Old Code]
$('.sqlqueryresults').trigger('makegrid');
[Fixed Code]
$('.sqlqueryresults').trigger('makeGrid');
Note: This appears to be a case-sensitivity fix for a function call, but it's unclear if this had any security implications.
2. Vulnerability Existed: not sure
[Comment Accuracy] [js/src/table/select.js] [Lines 182-183]
[Old Code]
// Initially hide all the open_gis_editor spans
[Fixed Code]
// Initially hide all the open_search_gis_editor spans
Note: This is a comment correction and doesn't appear to have security implications.
3. Vulnerability Existed: yes
[Potential XSS Vulnerability] [js/src/table/select.js] [Lines 251-262]
[Old Code]
var type;
if (geomFunc === 'Envelope') {
type = 'polygon';
} else if (geomFunc === 'ExteriorRing') {
type = 'linestring';
} else {
type = 'point';
}
[Fixed Code]
var type = 'GEOMETRY';
if (!value) {
if (geomFunc === 'Envelope') {
value = 'POLYGON()';
} else if (geomFunc === 'ExteriorRing') {
value = 'LINESTRING()';
} else {
value = 'POINT()';
}
}
Note: The changes suggest a more robust handling of geometry types and values, potentially preventing injection of malicious values. The old code might have allowed for improper type assignments that could be exploited.
The most significant change appears to be in the geometry handling code, which could potentially prevent injection attacks by ensuring proper value initialization and type handling. However, without more context about how these values are used, it's difficult to definitively classify the security implications.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Controllers/NavigationControllerTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Controllers/NavigationControllerTest.php@@ -119,49 +119,46 @@ $responseMessage = $this->getResponseJsonResult()['message'];- $this->assertStringContainsString('<div id=\'pma_navigation_tree_content\'>', $responseMessage);+ self::assertStringContainsString('<div id=\'pma_navigation_tree_content\'>', $responseMessage); // root.air-balloon_burner_dev2 // cm9vdA==.YWlyLWJhbGxvb25fYnVybmVyX2RldjI=- $this->assertStringContainsString(- '<div id=\'pma_navigation_tree_content\'>' . "\n"- . ' <ul>' . "\n"- . ' <li class="first database">' . "\n"- . ' <div class="block">' . "\n"- . ' <i class="first"></i>' . "\n"- . ' <b></b>' . "\n"- . ' <a class="expander" href="#">' . "\n"- . ' <span class="hide paths_nav" data-apath="cm9vdA==.YWlyLWJhbGxvb25fYnVybmVyX2RldjI="'- . ' data-vpath="cm9vdA==.YWlyLWJhbGxvb25fYnVybmVyX2RldjI="'- . ' data-pos="0"></span>' . "\n"- . ' <img src="themes/dot.gif" title="Expand/Collapse"'- . ' alt="Expand/Collapse" class="icon ic_b_plus">' . "\n"- . ' </a>' . "\n"- . ' </div>' . "\n"- . ' ' . "\n"- . ' <div class="block second">' . "\n"- . ' <a href="index.php?route=/database/operations'- . '&db=air-balloon_burner_dev2&lang=en">'- . '<img src="themes/dot.gif" title="Database operations"'- . ' alt="Database operations" class="icon ic_s_db"></a>' . "\n"- . ' </div>' . "\n"- . "\n"- . ' <a class="hover_show_full"'- . ' href="index.php?route=/database/structure&db=air-balloon_burner_dev2&lang=en"'- . ' title="Structure">air-balloon_burner_dev2</a>' . "\n"- . ' ' . "\n"- . ' ' . "\n"- . "\n"- . ' ' . "\n"- . ' <div class="clearfloat"></div>' . "\n"- . "\n"- . "\n"- . "\n"- . "\n"- . ' </ul>' . "\n"- . '</div>',- $responseMessage- );+ self::assertStringContainsString('<div id=\'pma_navigation_tree_content\'>' . "\n"+ . ' <ul>' . "\n"+ . ' <li class="first database">' . "\n"+ . ' <div class="block">' . "\n"+ . ' <i class="first"></i>' . "\n"+ . ' <b></b>' . "\n"+ . ' <a class="expander" href="#">' . "\n"+ . ' <span class="hide paths_nav" data-apath="cm9vdA==.YWlyLWJhbGxvb25fYnVybmVyX2RldjI="'+ . ' data-vpath="cm9vdA==.YWlyLWJhbGxvb25fYnVybmVyX2RldjI="'+ . ' data-pos="0"></span>' . "\n"+ . ' <img src="themes/dot.gif" title="Expand/Collapse"'+ . ' alt="Expand/Collapse" class="icon ic_b_plus">' . "\n"+ . ' </a>' . "\n"+ . ' </div>' . "\n"+ . ' ' . "\n"+ . ' <div class="block second">' . "\n"+ . ' <a href="index.php?route=/database/operations'+ . '&db=air-balloon_burner_dev2&lang=en">'+ . '<img src="themes/dot.gif" title="Database operations"'+ . ' alt="Database operations" class="icon ic_s_db"></a>' . "\n"+ . ' </div>' . "\n"+ . "\n"+ . ' <a class="hover_show_full"'+ . ' href="index.php?route=/database/structure&db=air-balloon_burner_dev2&lang=en"'+ . ' title="Structure">air-balloon_burner_dev2</a>' . "\n"+ . ' ' . "\n"+ . ' ' . "\n"+ . "\n"+ . ' ' . "\n"+ . ' <div class="clearfloat"></div>' . "\n"+ . "\n"+ . "\n"+ . "\n"+ . "\n"+ . ' </ul>' . "\n"+ . '</div>', $responseMessage); $this->assertAllQueriesConsumed(); }@@ -275,7 +272,7 @@ $responseMessage = $this->getResponseJsonResult()['message'];- $this->assertStringContainsString('<div id=\'pma_navigation_tree_content\'>', $responseMessage);+ self::assertStringContainsString('<div id=\'pma_navigation_tree_content\'>', $responseMessage); $dbTemplate = ' <li class="database database">' . "\n"@@ -368,68 +365,65 @@ // root.air-balloon_burner_dev2 // cm9vdA==.YWlyLWJhbGxvb25fYnVybmVyX2RldjI=- $this->assertStringContainsString(- '<div id=\'pma_navigation_tree_content\'>' . "\n"- . ' <ul>' . "\n"- . ' <li class="first navGroup">' . "\n"- . ' <div class="block">' . "\n"- . ' <i class="first"></i>' . "\n"- . ' <b></b>' . "\n"- . ' <a class="expander loaded container" href="#">' . "\n"- . ' <span class="hide paths_nav" data-apath="cm9vdA=="'- . ' data-vpath="cm9vdA==.YWlyLWJhbGxvb24="'- . ' data-pos="0"></span>' . "\n"- . ' <img src="themes/dot.gif" title="" alt="" class="icon ic_b_minus">' . "\n"- . ' </a>' . "\n"- . ' </div>' . "\n"- . ' <div class="fst-italic">' . "\n"- . ' ' . "\n"- . ' <div class="block second">' . "\n"- . ' <u><img src="themes/dot.gif" title="Groups" alt="Groups" class="icon ic_b_group"></u>' . "\n"- . ' </div>' . "\n"- . ' air-balloon' . "\n"- . ' ' . "\n"- . ' ' . "\n"- . "\n"- . ' </div>' . "\n"- . ' ' . "\n"- . ' <div class="clearfloat"></div>' . "\n"- . "\n"- . ' <div class="list_container">' . "\n"- . ' <ul>' . "\n"- . sprintf(- $dbTemplate,- 'cm9vdA==.YWlyLWJhbGxvb25fYnVybmVyX2Rldg==',- 'cm9vdA==.YWlyLWJhbGxvb24=.YnVybmVyX2Rldg==',- 'air-balloon_burner_dev',- 'air-balloon_burner_dev',- 'air-balloon_burner_dev'- ) . "\n"- . sprintf(- $dbTemplateExpanded,- 'cm9vdA==.YWlyLWJhbGxvb25fYnVybmVyX2RldjI=',- 'cm9vdA==.YWlyLWJhbGxvb24=.YnVybmVyX2RldjI=',- 'air-balloon_burner_dev2',- 'air-balloon_burner_dev2',- 'air-balloon_burner_dev2'- ) . "\n"- . sprintf(- $dbTemplateLast,- 'cm9vdA==.YWlyLWJhbGxvb25fZGV2',- 'cm9vdA==.YWlyLWJhbGxvb24=.ZGV2',- 'air-balloon_dev',- 'air-balloon_dev',- 'air-balloon_dev'- ) . "\n"- . "\n"- . ' </ul>' . "\n"- . ' </div>' . "\n"- . "\n"- . "\n"- . ' </ul>' . "\n"- . '</div>' . "\n",- $responseMessage- );+ self::assertStringContainsString('<div id=\'pma_navigation_tree_content\'>' . "\n"+ . ' <ul>' . "\n"+ . ' <li class="first navGroup">' . "\n"+ . ' <div class="block">' . "\n"+ . ' <i class="first"></i>' . "\n"+ . ' <b></b>' . "\n"+ . ' <a class="expander loaded container" href="#">' . "\n"+ . ' <span class="hide paths_nav" data-apath="cm9vdA=="'+ . ' data-vpath="cm9vdA==.YWlyLWJhbGxvb24="'+ . ' data-pos="0"></span>' . "\n"+ . ' <img src="themes/dot.gif" title="" alt="" class="icon ic_b_minus">' . "\n"+ . ' </a>' . "\n"+ . ' </div>' . "\n"+ . ' <div class="fst-italic">' . "\n"+ . ' ' . "\n"+ . ' <div class="block second">' . "\n"+ . ' <u><img src="themes/dot.gif" title="Groups" alt="Groups" class="icon ic_b_group"></u>' . "\n"+ . ' </div>' . "\n"+ . ' air-balloon' . "\n"+ . ' ' . "\n"+ . ' ' . "\n"+ . "\n"+ . ' </div>' . "\n"+ . ' ' . "\n"+ . ' <div class="clearfloat"></div>' . "\n"+ . "\n"+ . ' <div class="list_container">' . "\n"+ . ' <ul>' . "\n"+ . sprintf(+ $dbTemplate,+ 'cm9vdA==.YWlyLWJhbGxvb25fYnVybmVyX2Rldg==',+ 'cm9vdA==.YWlyLWJhbGxvb24=.YnVybmVyX2Rldg==',+ 'air-balloon_burner_dev',+ 'air-balloon_burner_dev',+ 'air-balloon_burner_dev'+ ) . "\n"+ . sprintf(+ $dbTemplateExpanded,+ 'cm9vdA==.YWlyLWJhbGxvb25fYnVybmVyX2RldjI=',+ 'cm9vdA==.YWlyLWJhbGxvb24=.YnVybmVyX2RldjI=',+ 'air-balloon_burner_dev2',+ 'air-balloon_burner_dev2',+ 'air-balloon_burner_dev2'+ ) . "\n"+ . sprintf(+ $dbTemplateLast,+ 'cm9vdA==.YWlyLWJhbGxvb25fZGV2',+ 'cm9vdA==.YWlyLWJhbGxvb24=.ZGV2',+ 'air-balloon_dev',+ 'air-balloon_dev',+ 'air-balloon_dev'+ ) . "\n"+ . "\n"+ . ' </ul>' . "\n"+ . ' </div>' . "\n"+ . "\n"+ . "\n"+ . ' </ul>' . "\n"+ . '</div>' . "\n", $responseMessage); $this->assertAllQueriesConsumed(); } }
After analyzing the provided code diff, I don't find any security-related fixes. The changes appear to be primarily test assertion updates and code formatting improvements. Here's the analysis: 1. Vulnerability Existed: no No security vulnerability found [File] test/classes/Controllers/NavigationControllerTest.php [Lines] Various The changes involve: - Changing `$this->assertStringContainsString()` to `self::assertStringContainsString()` - Reformatting long assertion strings for better readability - No changes to actual security-related functionality 2. Vulnerability Existed: no No security vulnerability found [File] test/classes/Controllers/NavigationControllerTest.php [Lines] Various The changes are test code improvements: - Reorganization of test assertions - No changes to production code or security mechanisms - No changes to input validation or output encoding The diff shows test code maintenance rather than security fixes. The base64-encoded strings (`cm9vdA==` etc.) appear to be test fixtures rather than security-related changes.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/CreateAddFieldTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/CreateAddFieldTest.php@@ -37,7 +37,7 @@ { $_POST = $request; $actual = $this->createAddField->getPartitionsDefinition();- $this->assertEquals($expected, $actual);+ self::assertSame($expected, $actual); } /**@@ -45,7 +45,7 @@ * * @return array */- public function providerGetPartitionsDefinition(): array+ public static function providerGetPartitionsDefinition(): array { return [ [@@ -238,7 +238,7 @@ { $_POST = $request; $actual = $this->createAddField->getTableCreationQuery($db, $table);- $this->assertEquals($expected, $actual);+ self::assertSame($expected, $actual); } /**@@ -246,7 +246,7 @@ * * @return array */- public function providerGetTableCreationQuery(): array+ public static function providerGetTableCreationQuery(): array { return [ [@@ -263,7 +263,24 @@ ], ], [- 'CREATE TABLE `db`.`table` () ENGINE = Inno\\\'DB CHARSET=armscii8 COMMENT = \'my \\\'table\';',+ 'CREATE TABLE `db`.`table` () ENGINE = dummy CHARSET=armscii8 COMMENT = \'my \\\'table\';',+ 'db',+ 'table',+ [+ 'field_name' => [],+ 'primary_indexes' => '{}',+ 'indexes' => '{}',+ 'unique_indexes' => '{}',+ 'fulltext_indexes' => '{}',+ 'spatial_indexes' => '{}',+ 'tbl_storage_engine' => 'dummy',+ 'tbl_collation' => 'armscii8',+ 'connection' => 'aaaa',+ 'comment' => 'my \'table',+ ],+ ],+ [+ 'CREATE TABLE `db`.`table` () CHARSET=armscii8 COMMENT = \'my \\\'table\';', 'db', 'table', [@@ -294,7 +311,7 @@ { $_POST = $request; $actual = $this->createAddField->getNumberOfFieldsFromRequest();- $this->assertEquals($expected, $actual);+ self::assertSame($expected, $actual); } /**@@ -302,7 +319,7 @@ * * @return array */- public function providerGetNumberOfFieldsFromRequest(): array+ public static function providerGetNumberOfFieldsFromRequest(): array { return [ [@@ -317,7 +334,7 @@ * * @return array[] */- public function providerGetColumnCreationQueryRequest(): array+ public static function providerGetColumnCreationQueryRequest(): array { return [ [@@ -508,6 +525,6 @@ { $_POST = $request; $sqlQuery = $this->createAddField->getColumnCreationQuery('my_table');- $this->assertEquals($expected, $sqlQuery);+ self::assertSame($expected, $sqlQuery); } }
After analyzing the provided code diff, here are the security-related findings: 1. Vulnerability Existed: not sure SQL Injection Vulnerability [test/classes/CreateAddFieldTest.php] [Lines 263-278] [Old Code] 'CREATE TABLE `db`.`table` () ENGINE = Inno\\\'DB CHARSET=armscii8 COMMENT = \'my \\\'table\';', [Fixed Code] 'CREATE TABLE `db`.`table` () ENGINE = dummy CHARSET=armscii8 COMMENT = \'my \\\'table\';', Additional Details: - The change replaces a potentially problematic engine name (Inno\\\'DB) with a simpler value (dummy) - While this appears to be test code, the original value contained escaped quotes which might indicate potential SQL injection testing - The fixed version uses a plain string without special characters 2. Vulnerability Existed: not sure Test Case Improvement [test/classes/CreateAddFieldTest.php] [Lines 263-294] [Old Code] Only included test case with ENGINE specification [Fixed Code] Added additional test case without ENGINE specification Additional Details: - The diff adds a new test case that verifies behavior when no storage engine is specified - This improves test coverage but doesn't appear to directly relate to a security vulnerability 3. Vulnerability Existed: no Test Assertion Improvement [test/classes/CreateAddFieldTest.php] [Multiple locations] [Old Code] $this->assertEquals($expected, $actual); [Fixed Code] self::assertSame($expected, $actual); Additional Details: - This change improves test assertions by using strict comparison (assertSame instead of assertEquals) - While this improves test reliability, it doesn't address any security vulnerability Note: The changes appear to be primarily test-related improvements rather than direct security fixes. The most security-relevant change is the modification of the test case involving the database engine name, but since this is test code, it's unclear if this relates to an actual vulnerability in the production code.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Controllers/Server/Status/Processes/RefreshControllerTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Controllers/Server/Status/Processes/RefreshControllerTest.php@@ -71,47 +71,32 @@ $controller(); $html = $response->getHTMLResult();- $this->assertStringContainsString('index.php?route=/server/status/processes', $html);+ self::assertStringContainsString('index.php?route=/server/status/processes', $html); $killProcess = 'data-post="' . Url::getCommon(['kill' => $process['Id']], '') . '"';- $this->assertStringContainsString($killProcess, $html);- $this->assertStringContainsString('ajax kill_process', $html);- $this->assertStringContainsString(- __('Kill'),- $html- );+ self::assertStringContainsString($killProcess, $html);+ self::assertStringContainsString('ajax kill_process', $html);+ self::assertStringContainsString(__('Kill'), $html); //validate 2: $process['User']- $this->assertStringContainsString(- htmlspecialchars($process['User']),- $html- );+ self::assertStringContainsString(htmlspecialchars($process['User']), $html); //validate 3: $process['Host']- $this->assertStringContainsString(- htmlspecialchars($process['Host']),- $html- );+ self::assertStringContainsString(htmlspecialchars($process['Host']), $html); //validate 4: $process['db']- $this->assertStringContainsString(- $process['Db'],- $html- );+ self::assertStringContainsString($process['Db'], $html); //validate 5: $process['Command']- $this->assertStringContainsString(- htmlspecialchars($process['Command']),- $html- );+ self::assertStringContainsString(htmlspecialchars($process['Command']), $html); //validate 6: $process['Time']- $this->assertStringContainsString($process['Time'], $html);+ self::assertStringContainsString($process['Time'], $html); //validate 7: $process['state']- $this->assertStringContainsString($process['State'], $html);+ self::assertStringContainsString($process['State'], $html); //validate 8: $process['info']- $this->assertStringContainsString($process['Info'], $html);+ self::assertStringContainsString($process['Info'], $html); } }
After analyzing the provided code diff, I don't see any security-related changes. The changes appear to be primarily stylistic and test assertion improvements (changing `$this->assert...` to `self::assert...` and making the code more concise). There are no changes to actual functionality or security-related fixes.
Here's the structured response:
Vulnerability Existed: no
No security vulnerability found in this test file diff. The changes are stylistic/test assertion improvements.
The diff shows:
1. Changing assertion style from instance method (`$this->assert`) to static method (`self::assert`)
2. Making the code more concise by removing unnecessary line breaks in assertions
3. No changes to actual security-related functionality or data handling
No security vulnerabilities were fixed in this particular diff.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Plugins/Export/Helpers/TablePropertyTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Plugins/Export/Helpers/TablePropertyTest.php@@ -44,34 +44,28 @@ public function testConstructor(): void {- $this->assertEquals('name', $this->object->name);-- $this->assertEquals('int', $this->object->type);-- $this->assertEquals(1, $this->object->nullable);-- $this->assertEquals('PRI', $this->object->key);-- $this->assertEquals('0', $this->object->defaultValue);-- $this->assertEquals('mysql', $this->object->ext);+ self::assertSame('name', $this->object->name);++ self::assertSame('int', $this->object->type);++ self::assertEquals(1, $this->object->nullable);++ self::assertSame('PRI', $this->object->key);++ self::assertSame('0', $this->object->defaultValue);++ self::assertSame('mysql', $this->object->ext); } public function testGetPureType(): void { $this->object->type = 'int(10)';- $this->assertEquals(- 'int',- $this->object->getPureType()- );+ self::assertSame('int', $this->object->getPureType()); $this->object->type = 'char';- $this->assertEquals(- 'char',- $this->object->getPureType()- );+ self::assertSame('char', $this->object->getPureType()); } /**@@ -84,10 +78,7 @@ { $this->object->nullable = $nullable;- $this->assertEquals(- $expected,- $this->object->isNotNull()- );+ self::assertSame($expected, $this->object->isNotNull()); } /**@@ -95,7 +86,7 @@ * * @return array Test Data */- public function isNotNullProvider(): array+ public static function isNotNullProvider(): array { return [ [@@ -123,10 +114,7 @@ { $this->object->key = $key;- $this->assertEquals(- $expected,- $this->object->isUnique()- );+ self::assertSame($expected, $this->object->isUnique()); } /**@@ -134,7 +122,7 @@ * * @return array Test Data */- public function isUniqueProvider(): array+ public static function isUniqueProvider(): array { return [ [@@ -170,10 +158,7 @@ { $this->object->type = $type;- $this->assertEquals(- $expected,- $this->object->getDotNetPrimitiveType()- );+ self::assertSame($expected, $this->object->getDotNetPrimitiveType()); } /**@@ -181,7 +166,7 @@ * * @return array Test Data */- public function getDotNetPrimitiveTypeProvider(): array+ public static function getDotNetPrimitiveTypeProvider(): array { return [ [@@ -241,10 +226,7 @@ { $this->object->type = $type;- $this->assertEquals(- $expected,- $this->object->getDotNetObjectType()- );+ self::assertSame($expected, $this->object->getDotNetObjectType()); } /**@@ -252,7 +234,7 @@ * * @return array Test Data */- public function getDotNetObjectTypeProvider(): array+ public static function getDotNetObjectTypeProvider(): array { return [ [@@ -307,61 +289,42 @@ $this->object->name = "ä'7<ab>"; $this->object->key = 'PRI';- $this->assertEquals(- "index=\"ä'7<ab>\"",- $this->object->getIndexName()- );+ self::assertSame("index=\"ä'7<ab>\"", $this->object->getIndexName()); $this->object->key = '';- $this->assertEquals(- '',- $this->object->getIndexName()- );+ self::assertSame('', $this->object->getIndexName()); } public function testIsPK(): void { $this->object->key = 'PRI';- $this->assertTrue(- $this->object->isPK()- );+ self::assertTrue($this->object->isPK()); $this->object->key = '';- $this->assertFalse(- $this->object->isPK()- );+ self::assertFalse($this->object->isPK()); } public function testFormatCs(): void { $this->object->name = 'Name#name#123';- $this->assertEquals(- 'text123Namename',- $this->object->formatCs('text123#name#')- );+ self::assertSame('text123Namename', $this->object->formatCs('text123#name#')); } public function testFormatXml(): void { $this->object->name = '"a\'';- $this->assertEquals(- '"a\'index=""a\'"',- $this->object->formatXml('#name##indexName#')- );+ self::assertSame('"a\'index=""a\'"', $this->object->formatXml('#name##indexName#')); } public function testFormat(): void {- $this->assertEquals(- 'NameintInt32intfalsetrue',- $this->object->format(- '#ucfirstName##dotNetPrimitiveType##dotNetObjectType##type##notNull##unique#'- )- );+ self::assertSame('NameintInt32intfalsetrue', $this->object->format(+ '#ucfirstName##dotNetPrimitiveType##dotNetObjectType##type##notNull##unique#'+ )); } }
After analyzing the provided code diff, I don't find any security vulnerabilities being fixed. The changes appear to be primarily test code improvements and refactoring, with the main changes being: 1. Changing assertEquals() to assertSame() for more strict comparisons 2. Making test data providers static 3. Code formatting improvements Here's the analysis following your requested format: Vulnerability Existed: no No security vulnerabilities were fixed in this diff. The changes are test improvements and refactoring. The changes include: 1. Switching from assertEquals to assertSame for more strict type checking in assertions 2. Making test data provider methods static 3. Simplifying assertion syntax by removing unnecessary line breaks 4. No changes to actual security-related functionality were made The file modified is a test file (TablePropertyTest.php) and the changes don't affect production code or security features.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/js/vendor/bootstrap/bootstrap.bundle.min.js+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/js/vendor/bootstrap/bootstrap.bundle.min.js@@ -1,7 +1,7 @@ /*!- * Bootstrap v5.2.3 (https://getbootstrap.com/)- * Copyright 2011-2022 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)+ * Bootstrap v5.3.3 (https://getbootstrap.com/)+ * Copyright 2011-2024 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors) * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE) */-!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):(t="undefined"!=typeof globalThis?globalThis:t||self).bootstrap=e()}(this,(function(){"use strict";const t="transitionend",e=t=>{let e=t.getAttribute("data-bs-target");if(!e||"#"===e){let i=t.getAttribute("href");if(!i||!i.includes("#")&&!i.startsWith("."))return null;i.includes("#")&&!i.startsWith("#")&&(i=`#${i.split("#")[1]}`),e=i&&"#"!==i?i.trim():null}return e},i=t=>{const i=e(t);return i&&document.querySelector(i)?i:null},n=t=>{const i=e(t);return i?document.querySelector(i):null},s=e=>{e.dispatchEvent(new Event(t))},o=t=>!(!t||"object"!=typeof t)&&(void 0!==t.jquery&&(t=t[0]),void 0!==t.nodeType),r=t=>o(t)?t.jquery?t[0]:t:"string"==typeof t&&t.length>0?document.querySelector(t):null,a=t=>{if(!o(t)||0===t.getClientRects().length)return!1;const e="visible"===getComputedStyle(t).getPropertyValue("visibility"),i=t.closest("details:not([open])");if(!i)return e;if(i!==t){const e=t.closest("summary");if(e&&e.parentNode!==i)return!1;if(null===e)return!1}return e},l=t=>!t||t.nodeType!==Node.ELEMENT_NODE||!!t.classList.contains("disabled")||(void 0!==t.disabled?t.disabled:t.hasAttribute("disabled")&&"false"!==t.getAttribute("disabled")),c=t=>{if(!document.documentElement.attachShadow)return null;if("function"==typeof t.getRootNode){const e=t.getRootNode();return e instanceof ShadowRoot?e:null}return t instanceof ShadowRoot?t:t.parentNode?c(t.parentNode):null},h=()=>{},d=t=>{t.offsetHeight},u=()=>window.jQuery&&!document.body.hasAttribute("data-bs-no-jquery")?window.jQuery:null,f=[],p=()=>"rtl"===document.documentElement.dir,g=t=>{var e;e=()=>{const e=u();if(e){const i=t.NAME,n=e.fn[i];e.fn[i]=t.jQueryInterface,e.fn[i].Constructor=t,e.fn[i].noConflict=()=>(e.fn[i]=n,t.jQueryInterface)}},"loading"===document.readyState?(f.length||document.addEventListener("DOMContentLoaded",(()=>{for(const t of f)t()})),f.push(e)):e()},m=t=>{"function"==typeof t&&t()},_=(e,i,n=!0)=>{if(!n)return void m(e);const o=(t=>{if(!t)return 0;let{transitionDuration:e,transitionDelay:i}=window.getComputedStyle(t);const n=Number.parseFloat(e),s=Number.parseFloat(i);return n||s?(e=e.split(",")[0],i=i.split(",")[0],1e3*(Number.parseFloat(e)+Number.parseFloat(i))):0})(i)+5;let r=!1;const a=({target:n})=>{n===i&&(r=!0,i.removeEventListener(t,a),m(e))};i.addEventListener(t,a),setTimeout((()=>{r||s(i)}),o)},b=(t,e,i,n)=>{const s=t.length;let o=t.indexOf(e);return-1===o?!i&&n?t[s-1]:t[0]:(o+=i?1:-1,n&&(o=(o+s)%s),t[Math.max(0,Math.min(o,s-1))])},v=/[^.]*(?=\..*)\.|.*/,y=/\..*/,w=/::\d+$/,A={};let E=1;const T={mouseenter:"mouseover",mouseleave:"mouseout"},C=new Set(["click","dblclick","mouseup","mousedown","contextmenu","mousewheel","DOMMouseScroll","mouseover","mouseout","mousemove","selectstart","selectend","keydown","keypress","keyup","orientationchange","touchstart","touchmove","touchend","touchcancel","pointerdown","pointermove","pointerup","pointerleave","pointercancel","gesturestart","gesturechange","gestureend","focus","blur","change","reset","select","submit","focusin","focusout","load","unload","beforeunload","resize","move","DOMContentLoaded","readystatechange","error","abort","scroll"]);function O(t,e){return e&&`${e}::${E++}`||t.uidEvent||E++}function x(t){const e=O(t);return t.uidEvent=e,A[e]=A[e]||{},A[e]}function k(t,e,i=null){return Object.values(t).find((t=>t.callable===e&&t.delegationSelector===i))}function L(t,e,i){const n="string"==typeof e,s=n?i:e||i;let o=N(t);return C.has(o)||(o=t),[n,s,o]}function D(t,e,i,n,s){if("string"!=typeof e||!t)return;let[o,r,a]=L(e,i,n);if(e in T){const t=t=>function(e){if(!e.relatedTarget||e.relatedTarget!==e.delegateTarget&&!e.delegateTarget.contains(e.relatedTarget))return t.call(this,e)};r=t(r)}const l=x(t),c=l[a]||(l[a]={}),h=k(c,r,o?i:null);if(h)return void(h.oneOff=h.oneOff&&s);const d=O(r,e.replace(v,"")),u=o?function(t,e,i){return function n(s){const o=t.querySelectorAll(e);for(let{target:r}=s;r&&r!==this;r=r.parentNode)for(const a of o)if(a===r)return j(s,{delegateTarget:r}),n.oneOff&&P.off(t,s.type,e,i),i.apply(r,[s])}}(t,i,r):function(t,e){return function i(n){return j(n,{delegateTarget:t}),i.oneOff&&P.off(t,n.type,e),e.apply(t,[n])}}(t,r);u.delegationSelector=o?i:null,u.callable=r,u.oneOff=s,u.uidEvent=d,c[d]=u,t.addEventListener(a,u,o)}function S(t,e,i,n,s){const o=k(e[i],n,s);o&&(t.removeEventListener(i,o,Boolean(s)),delete e[i][o.uidEvent])}function I(t,e,i,n){const s=e[i]||{};for(const o of Object.keys(s))if(o.includes(n)){const n=s[o];S(t,e,i,n.callable,n.delegationSelector)}}function N(t){return t=t.replace(y,""),T[t]||t}const P={on(t,e,i,n){D(t,e,i,n,!1)},one(t,e,i,n){D(t,e,i,n,!0)},off(t,e,i,n){if("string"!=typeof e||!t)return;const[s,o,r]=L(e,i,n),a=r!==e,l=x(t),c=l[r]||{},h=e.startsWith(".");if(void 0===o){if(h)for(const i of Object.keys(l))I(t,l,i,e.slice(1));for(const i of Object.keys(c)){const n=i.replace(w,"");if(!a||e.includes(n)){const e=c[i];S(t,l,r,e.callable,e.delegationSelector)}}}else{if(!Object.keys(c).length)return;S(t,l,r,o,s?i:null)}},trigger(t,e,i){if("string"!=typeof e||!t)return null;const n=u();let s=null,o=!0,r=!0,a=!1;e!==N(e)&&n&&(s=n.Event(e,i),n(t).trigger(s),o=!s.isPropagationStopped(),r=!s.isImmediatePropagationStopped(),a=s.isDefaultPrevented());let l=new Event(e,{bubbles:o,cancelable:!0});return l=j(l,i),a&&l.preventDefault(),r&&t.dispatchEvent(l),l.defaultPrevented&&s&&s.preventDefault(),l}};function j(t,e){for(const[i,n]of Object.entries(e||{}))try{t[i]=n}catch(e){Object.defineProperty(t,i,{configurable:!0,get:()=>n})}return t}const M=new Map,H={set(t,e,i){M.has(t)||M.set(t,new Map);const n=M.get(t);n.has(e)||0===n.size?n.set(e,i):console.error(`Bootstrap doesn't allow more than one instance per element. Bound instance: ${Array.from(n.keys())[0]}.`)},get:(t,e)=>M.has(t)&&M.get(t).get(e)||null,remove(t,e){if(!M.has(t))return;const i=M.get(t);i.delete(e),0===i.size&&M.delete(t)}};function $(t){if("true"===t)return!0;if("false"===t)return!1;if(t===Number(t).toString())return Number(t);if(""===t||"null"===t)return null;if("string"!=typeof t)return t;try{return JSON.parse(decodeURIComponent(t))}catch(e){return t}}function W(t){return t.replace(/[A-Z]/g,(t=>`-${t.toLowerCase()}`))}const B={setDataAttribute(t,e,i){t.setAttribute(`data-bs-${W(e)}`,i)},removeDataAttribute(t,e){t.removeAttribute(`data-bs-${W(e)}`)},getDataAttributes(t){if(!t)return{};const e={},i=Object.keys(t.dataset).filter((t=>t.startsWith("bs")&&!t.startsWith("bsConfig")));for(const n of i){let i=n.replace(/^bs/,"");i=i.charAt(0).toLowerCase()+i.slice(1,i.length),e[i]=$(t.dataset[n])}return e},getDataAttribute:(t,e)=>$(t.getAttribute(`data-bs-${W(e)}`))};class F{static get Default(){return{}}static get DefaultType(){return{}}static get NAME(){throw new Error('You have to implement the static method "NAME", for each component!')}_getConfig(t){return t=this._mergeConfigObj(t),t=this._configAfterMerge(t),this._typeCheckConfig(t),t}_configAfterMerge(t){return t}_mergeConfigObj(t,e){const i=o(e)?B.getDataAttribute(e,"config"):{};return{...this.constructor.Default,..."object"==typeof i?i:{},...o(e)?B.getDataAttributes(e):{},..."object"==typeof t?t:{}}}_typeCheckConfig(t,e=this.constructor.DefaultType){for(const n of Object.keys(e)){const s=e[n],r=t[n],a=o(r)?"element":null==(i=r)?`${i}`:Object.prototype.toString.call(i).match(/\s([a-z]+)/i)[1].toLowerCase();if(!new RegExp(s).test(a))throw new TypeError(`${this.constructor.NAME.toUpperCase()}: Option "${n}" provided type "${a}" but expected type "${s}".`)}var i}}class z extends F{constructor(t,e){super(),(t=r(t))&&(this._element=t,this._config=this._getConfig(e),H.set(this._element,this.constructor.DATA_KEY,this))}dispose(){H.remove(this._element,this.constructor.DATA_KEY),P.off(this._element,this.constructor.EVENT_KEY);for(const t of Object.getOwnPropertyNames(this))this[t]=null}_queueCallback(t,e,i=!0){_(t,e,i)}_getConfig(t){return t=this._mergeConfigObj(t,this._element),t=this._configAfterMerge(t),this._typeCheckConfig(t),t}static getInstance(t){return H.get(r(t),this.DATA_KEY)}static getOrCreateInstance(t,e={}){return this.getInstance(t)||new this(t,"object"==typeof e?e:null)}static get VERSION(){return"5.2.3"}static get DATA_KEY(){return`bs.${this.NAME}`}static get EVENT_KEY(){return`.${this.DATA_KEY}`}static eventName(t){return`${t}${this.EVENT_KEY}`}}const q=(t,e="hide")=>{const i=`click.dismiss${t.EVENT_KEY}`,s=t.NAME;P.on(document,i,`[data-bs-dismiss="${s}"]`,(function(i){if(["A","AREA"].includes(this.tagName)&&i.preventDefault(),l(this))return;const o=n(this)||this.closest(`.${s}`);t.getOrCreateInstance(o)[e]()}))};class R extends z{static get NAME(){return"alert"}close(){if(P.trigger(this._element,"close.bs.alert").defaultPrevented)return;this._element.classList.remove("show");const t=this._element.classList.contains("fade");this._queueCallback((()=>this._destroyElement()),this._element,t)}_destroyElement(){this._element.remove(),P.trigger(this._element,"closed.bs.alert"),this.dispose()}static jQueryInterface(t){return this.each((function(){const e=R.getOrCreateInstance(this);if("string"==typeof t){if(void 0===e[t]||t.startsWith("_")||"constructor"===t)throw new TypeError(`No method named "${t}"`);e[t](this)}}))}}q(R,"close"),g(R);const V='[data-bs-toggle="button"]';class K extends z{static get NAME(){return"button"}toggle(){this._element.setAttribute("aria-pressed",this._element.classList.toggle("active"))}static jQueryInterface(t){return this.each((function(){const e=K.getOrCreateInstance(this);"toggle"===t&&e[t]()}))}}P.on(document,"click.bs.button.data-api",V,(t=>{t.preventDefault();const e=t.target.closest(V);K.getOrCreateInstance(e).toggle()})),g(K);const Q={find:(t,e=document.documentElement)=>[].concat(...Element.prototype.querySelectorAll.call(e,t)),findOne:(t,e=document.documentElement)=>Element.prototype.querySelector.call(e,t),children:(t,e)=>[].concat(...t.children).filter((t=>t.matches(e))),parents(t,e){const i=[];let n=t.parentNode.closest(e);for(;n;)i.push(n),n=n.parentNode.closest(e);return i},prev(t,e){let i=t.previousElementSibling;for(;i;){if(i.matches(e))return[i];i=i.previousElementSibling}return[]},next(t,e){let i=t.nextElementSibling;for(;i;){if(i.matches(e))return[i];i=i.nextElementSibling}return[]},focusableChildren(t){const e=["a","button","input","textarea","select","details","[tabindex]",'[contenteditable="true"]'].map((t=>`${t}:not([tabindex^="-"])`)).join(",");return this.find(e,t).filter((t=>!l(t)&&a(t)))}},X={endCallback:null,leftCallback:null,rightCallback:null},Y={endCallback:"(function|null)",leftCallback:"(function|null)",rightCallback:"(function|null)"};class U extends F{constructor(t,e){super(),this._element=t,t&&U.isSupported()&&(this._config=this._getConfig(e),this._deltaX=0,this._supportPointerEvents=Boolean(window.PointerEvent),this._initEvents())}static get Default(){return X}static get DefaultType(){return Y}static get NAME(){return"swipe"}dispose(){P.off(this._element,".bs.swipe")}_start(t){this._supportPointerEvents?this._eventIsPointerPenTouch(t)&&(this._deltaX=t.clientX):this._deltaX=t.touches[0].clientX}_end(t){this._eventIsPointerPenTouch(t)&&(this._deltaX=t.clientX-this._deltaX),this._handleSwipe(),m(this._config.endCallback)}_move(t){this._deltaX=t.touches&&t.touches.length>1?0:t.touches[0].clientX-this._deltaX}_handleSwipe(){const t=Math.abs(this._deltaX);if(t<=40)return;const e=t/this._deltaX;this._deltaX=0,e&&m(e>0?this._config.rightCallback:this._config.leftCallback)}_initEvents(){this._supportPointerEvents?(P.on(this._element,"pointerdown.bs.swipe",(t=>this._start(t))),P.on(this._element,"pointerup.bs.swipe",(t=>this._end(t))),this._element.classList.add("pointer-event")):(P.on(this._element,"touchstart.bs.swipe",(t=>this._start(t))),P.on(this._element,"touchmove.bs.swipe",(t=>this._move(t))),P.on(this._element,"touchend.bs.swipe",(t=>this._end(t))))}_eventIsPointerPenTouch(t){return this._supportPointerEvents&&("pen"===t.pointerType||"touch"===t.pointerType)}static isSupported(){return"ontouchstart"in document.documentElement||navigator.maxTouchPoints>0}}const G="next",J="prev",Z="left",tt="right",et="slid.bs.carousel",it="carousel",nt="active",st={ArrowLeft:tt,ArrowRight:Z},ot={interval:5e3,keyboard:!0,pause:"hover",ride:!1,touch:!0,wrap:!0},rt={interval:"(number|boolean)",keyboard:"boolean",pause:"(string|boolean)",ride:"(boolean|string)",touch:"boolean",wrap:"boolean"};class at extends z{constructor(t,e){super(t,e),this._interval=null,this._activeElement=null,this._isSliding=!1,this.touchTimeout=null,this._swipeHelper=null,this._indicatorsElement=Q.findOne(".carousel-indicators",this._element),this._addEventListeners(),this._config.ride===it&&this.cycle()}static get Default(){return ot}static get DefaultType(){return rt}static get NAME(){return"carousel"}next(){this._slide(G)}nextWhenVisible(){!document.hidden&&a(this._element)&&this.next()}prev(){this._slide(J)}pause(){this._isSliding&&s(this._element),this._clearInterval()}cycle(){this._clearInterval(),this._updateInterval(),this._interval=setInterval((()=>this.nextWhenVisible()),this._config.interval)}_maybeEnableCycle(){this._config.ride&&(this._isSliding?P.one(this._element,et,(()=>this.cycle())):this.cycle())}to(t){const e=this._getItems();if(t>e.length-1||t<0)return;if(this._isSliding)return void P.one(this._element,et,(()=>this.to(t)));const i=this._getItemIndex(this._getActive());if(i===t)return;const n=t>i?G:J;this._slide(n,e[t])}dispose(){this._swipeHelper&&this._swipeHelper.dispose(),super.dispose()}_configAfterMerge(t){return t.defaultInterval=t.interval,t}_addEventListeners(){this._config.keyboard&&P.on(this._element,"keydown.bs.carousel",(t=>this._keydown(t))),"hover"===this._config.pause&&(P.on(this._element,"mouseenter.bs.carousel",(()=>this.pause())),P.on(this._element,"mouseleave.bs.carousel",(()=>this._maybeEnableCycle()))),this._config.touch&&U.isSupported()&&this._addTouchEventListeners()}_addTouchEventListeners(){for(const t of Q.find(".carousel-item img",this._element))P.on(t,"dragstart.bs.carousel",(t=>t.preventDefault()));const t={leftCallback:()=>this._slide(this._directionToOrder(Z)),rightCallback:()=>this._slide(this._directionToOrder(tt)),endCallback:()=>{"hover"===this._config.pause&&(this.pause(),this.touchTimeout&&clearTimeout(this.touchTimeout),this.touchTimeout=setTimeout((()=>this._maybeEnableCycle()),500+this._config.interval))}};this._swipeHelper=new U(this._element,t)}_keydown(t){if(/input|textarea/i.test(t.target.tagName))return;const e=st[t.key];e&&(t.preventDefault(),this._slide(this._directionToOrder(e)))}_getItemIndex(t){return this._getItems().indexOf(t)}_setActiveIndicatorElement(t){if(!this._indicatorsElement)return;const e=Q.findOne(".active",this._indicatorsElement);e.classList.remove(nt),e.removeAttribute("aria-current");const i=Q.findOne(`[data-bs-slide-to="${t}"]`,this._indicatorsElement);i&&(i.classList.add(nt),i.setAttribute("aria-current","true"))}_updateInterval(){const t=this._activeElement||this._getActive();if(!t)return;const e=Number.parseInt(t.getAttribute("data-bs-interval"),10);this._config.interval=e||this._config.defaultInterval}_slide(t,e=null){if(this._isSliding)return;const i=this._getActive(),n=t===G,s=e||b(this._getItems(),i,n,this._config.wrap);if(s===i)return;const o=this._getItemIndex(s),r=e=>P.trigger(this._element,e,{relatedTarget:s,direction:this._orderToDirection(t),from:this._getItemIndex(i),to:o});if(r("slide.bs.carousel").defaultPrevented)return;if(!i||!s)return;const a=Boolean(this._interval);this.pause(),this._isSliding=!0,this._setActiveIndicatorElement(o),this._activeElement=s;const l=n?"carousel-item-start":"carousel-item-end",c=n?"carousel-item-next":"carousel-item-prev";s.classList.add(c),d(s),i.classList.add(l),s.classList.add(l),this._queueCallback((()=>{s.classList.remove(l,c),s.classList.add(nt),i.classList.remove(nt,c,l),this._isSliding=!1,r(et)}),i,this._isAnimated()),a&&this.cycle()}_isAnimated(){return this._element.classList.contains("slide")}_getActive(){return Q.findOne(".active.carousel-item",this._element)}_getItems(){return Q.find(".carousel-item",this._element)}_clearInterval(){this._interval&&(clearInterval(this._interval),this._interval=null)}_directionToOrder(t){return p()?t===Z?J:G:t===Z?G:J}_orderToDirection(t){return p()?t===J?Z:tt:t===J?tt:Z}static jQueryInterface(t){return this.each((function(){const e=at.getOrCreateInstance(this,t);if("number"!=typeof t){if("string"==typeof t){if(void 0===e[t]||t.startsWith("_")||"constructor"===t)throw new TypeError(`No method named "${t}"`);e[t]()}}else e.to(t)}))}}P.on(document,"click.bs.carousel.data-api","[data-bs-slide], [data-bs-slide-to]",(function(t){const e=n(this);if(!e||!e.classList.contains(it))return;t.preventDefault();const i=at.getOrCreateInstance(e),s=this.getAttribute("data-bs-slide-to");return s?(i.to(s),void i._maybeEnableCycle()):"next"===B.getDataAttribute(this,"slide")?(i.next(),void i._maybeEnableCycle()):(i.prev(),void i._maybeEnableCycle())})),P.on(window,"load.bs.carousel.data-api",(()=>{const t=Q.find('[data-bs-ride="carousel"]');for(const e of t)at.getOrCreateInstance(e)})),g(at);const lt="show",ct="collapse",ht="collapsing",dt='[data-bs-toggle="collapse"]',ut={parent:null,toggle:!0},ft={parent:"(null|element)",toggle:"boolean"};class pt extends z{constructor(t,e){super(t,e),this._isTransitioning=!1,this._triggerArray=[];const n=Q.find(dt);for(const t of n){const e=i(t),n=Q.find(e).filter((t=>t===this._element));null!==e&&n.length&&this._triggerArray.push(t)}this._initializeChildren(),this._config.parent||this._addAriaAndCollapsedClass(this._triggerArray,this._isShown()),this._config.toggle&&this.toggle()}static get Default(){return ut}static get DefaultType(){return ft}static get NAME(){return"collapse"}toggle(){this._isShown()?this.hide():this.show()}show(){if(this._isTransitioning||this._isShown())return;let t=[];if(this._config.parent&&(t=this._getFirstLevelChildren(".collapse.show, .collapse.collapsing").filter((t=>t!==this._element)).map((t=>pt.getOrCreateInstance(t,{toggle:!1})))),t.length&&t[0]._isTransitioning)return;if(P.trigger(this._element,"show.bs.collapse").defaultPrevented)return;for(const e of t)e.hide();const e=this._getDimension();this._element.classList.remove(ct),this._element.classList.add(ht),this._element.style[e]=0,this._addAriaAndCollapsedClass(this._triggerArray,!0),this._isTransitioning=!0;const i=`scroll${e[0].toUpperCase()+e.slice(1)}`;this._queueCallback((()=>{this._isTransitioning=!1,this._element.classList.remove(ht),this._element.classList.add(ct,lt),this._element.style[e]="",P.trigger(this._element,"shown.bs.collapse")}),this._element,!0),this._element.style[e]=`${this._element[i]}px`}hide(){if(this._isTransitioning||!this._isShown())return;if(P.trigger(this._element,"hide.bs.collapse").defaultPrevented)return;const t=this._getDimension();this._element.style[t]=`${this._element.getBoundingClientRect()[t]}px`,d(this._element),this._element.classList.add(ht),this._element.classList.remove(ct,lt);for(const t of this._triggerArray){const e=n(t);e&&!this._isShown(e)&&this._addAriaAndCollapsedClass([t],!1)}this._isTransitioning=!0,this._element.style[t]="",this._queueCallback((()=>{this._isTransitioning=!1,this._element.classList.remove(ht),this._element.classList.add(ct),P.trigger(this._element,"hidden.bs.collapse")}),this._element,!0)}_isShown(t=this._element){return t.classList.contains(lt)}_configAfterMerge(t){return t.toggle=Boolean(t.toggle),t.parent=r(t.parent),t}_getDimension(){return this._element.classList.contains("collapse-horizontal")?"width":"height"}_initializeChildren(){if(!this._config.parent)return;const t=this._getFirstLevelChildren(dt);for(const e of t){const t=n(e);t&&this._addAriaAndCollapsedClass([e],this._isShown(t))}}_getFirstLevelChildren(t){const e=Q.find(":scope .collapse .collapse",this._config.parent);return Q.find(t,this._config.parent).filter((t=>!e.includes(t)))}_addAriaAndCollapsedClass(t,e){if(t.length)for(const i of t)i.classList.toggle("collapsed",!e),i.setAttribute("aria-expanded",e)}static jQueryInterface(t){const e={};return"string"==typeof t&&/show|hide/.test(t)&&(e.toggle=!1),this.each((function(){const i=pt.getOrCreateInstance(this,e);if("string"==typeof t){if(void 0===i[t])throw new TypeError(`No method named "${t}"`);i[t]()}}))}}P.on(document,"click.bs.collapse.data-api",dt,(function(t){("A"===t.target.tagName||t.delegateTarget&&"A"===t.delegateTarget.tagName)&&t.preventDefault();const e=i(this),n=Q.find(e);for(const t of n)pt.getOrCreateInstance(t,{toggle:!1}).toggle()})),g(pt);var gt="top",mt="bottom",_t="right",bt="left",vt="auto",yt=[gt,mt,_t,bt],wt="start",At="end",Et="clippingParents",Tt="viewport",Ct="popper",Ot="reference",xt=yt.reduce((function(t,e){return t.concat([e+"-"+wt,e+"-"+At])}),[]),kt=[].concat(yt,[vt]).reduce((function(t,e){return t.concat([e,e+"-"+wt,e+"-"+At])}),[]),Lt="beforeRead",Dt="read",St="afterRead",It="beforeMain",Nt="main",Pt="afterMain",jt="beforeWrite",Mt="write",Ht="afterWrite",$t=[Lt,Dt,St,It,Nt,Pt,jt,Mt,Ht];function Wt(t){return t?(t.nodeName||"").toLowerCase():null}function Bt(t){if(null==t)return window;if("[object Window]"!==t.toString()){var e=t.ownerDocument;return e&&e.defaultView||window}return t}function Ft(t){return t instanceof Bt(t).Element||t instanceof Element}function zt(t){return t instanceof Bt(t).HTMLElement||t instanceof HTMLElement}function qt(t){return"undefined"!=typeof ShadowRoot&&(t instanceof Bt(t).ShadowRoot||t instanceof ShadowRoot)}const Rt={name:"applyStyles",enabled:!0,phase:"write",fn:function(t){var e=t.state;Object.keys(e.elements).forEach((function(t){var i=e.styles[t]||{},n=e.attributes[t]||{},s=e.elements[t];zt(s)&&Wt(s)&&(Object.assign(s.style,i),Object.keys(n).forEach((function(t){var e=n[t];!1===e?s.removeAttribute(t):s.setAttribute(t,!0===e?"":e)})))}))},effect:function(t){var e=t.state,i={popper:{position:e.options.strategy,left:"0",top:"0",margin:"0"},arrow:{position:"absolute"},reference:{}};return Object.assign(e.elements.popper.style,i.popper),e.styles=i,e.elements.arrow&&Object.assign(e.elements.arrow.style,i.arrow),function(){Object.keys(e.elements).forEach((function(t){var n=e.elements[t],s=e.attributes[t]||{},o=Object.keys(e.styles.hasOwnProperty(t)?e.styles[t]:i[t]).reduce((function(t,e){return t[e]="",t}),{});zt(n)&&Wt(n)&&(Object.assign(n.style,o),Object.keys(s).forEach((function(t){n.removeAttribute(t)})))}))}},requires:["computeStyles"]};function Vt(t){return t.split("-")[0]}var Kt=Math.max,Qt=Math.min,Xt=Math.round;function Yt(){var t=navigator.userAgentData;return null!=t&&t.brands?t.brands.map((function(t){return t.brand+"/"+t.version})).join(" "):navigator.userAgent}function Ut(){return!/^((?!chrome|android).)*safari/i.test(Yt())}function Gt(t,e,i){void 0===e&&(e=!1),void 0===i&&(i=!1);var n=t.getBoundingClientRect(),s=1,o=1;e&&zt(t)&&(s=t.offsetWidth>0&&Xt(n.width)/t.offsetWidth||1,o=t.offsetHeight>0&&Xt(n.height)/t.offsetHeight||1);var r=(Ft(t)?Bt(t):window).visualViewport,a=!Ut()&&i,l=(n.left+(a&&r?r.offsetLeft:0))/s,c=(n.top+(a&&r?r.offsetTop:0))/o,h=n.width/s,d=n.height/o;return{width:h,height:d,top:c,right:l+h,bottom:c+d,left:l,x:l,y:c}}function Jt(t){var e=Gt(t),i=t.offsetWidth,n=t.offsetHeight;return Math.abs(e.width-i)<=1&&(i=e.width),Math.abs(e.height-n)<=1&&(n=e.height),{x:t.offsetLeft,y:t.offsetTop,width:i,height:n}}function Zt(t,e){var i=e.getRootNode&&e.getRootNode();if(t.contains(e))return!0;if(i&&qt(i)){var n=e;do{if(n&&t.isSameNode(n))return!0;n=n.parentNode||n.host}while(n)}return!1}function te(t){return Bt(t).getComputedStyle(t)}function ee(t){return["table","td","th"].indexOf(Wt(t))>=0}function ie(t){return((Ft(t)?t.ownerDocument:t.document)||window.document).documentElement}function ne(t){return"html"===Wt(t)?t:t.assignedSlot||t.parentNode||(qt(t)?t.host:null)||ie(t)}function se(t){return zt(t)&&"fixed"!==te(t).position?t.offsetParent:null}function oe(t){for(var e=Bt(t),i=se(t);i&&ee(i)&&"static"===te(i).position;)i=se(i);return i&&("html"===Wt(i)||"body"===Wt(i)&&"static"===te(i).position)?e:i||function(t){var e=/firefox/i.test(Yt());if(/Trident/i.test(Yt())&&zt(t)&&"fixed"===te(t).position)return null;var i=ne(t);for(qt(i)&&(i=i.host);zt(i)&&["html","body"].indexOf(Wt(i))<0;){var n=te(i);if("none"!==n.transform||"none"!==n.perspective||"paint"===n.contain||-1!==["transform","perspective"].indexOf(n.willChange)||e&&"filter"===n.willChange||e&&n.filter&&"none"!==n.filter)return i;i=i.parentNode}return null}(t)||e}function re(t){return["top","bottom"].indexOf(t)>=0?"x":"y"}function ae(t,e,i){return Kt(t,Qt(e,i))}function le(t){return Object.assign({},{top:0,right:0,bottom:0,left:0},t)}function ce(t,e){return e.reduce((function(e,i){return e[i]=t,e}),{})}const he={name:"arrow",enabled:!0,phase:"main",fn:function(t){var e,i=t.state,n=t.name,s=t.options,o=i.elements.arrow,r=i.modifiersData.popperOffsets,a=Vt(i.placement),l=re(a),c=[bt,_t].indexOf(a)>=0?"height":"width";if(o&&r){var h=function(t,e){return le("number"!=typeof(t="function"==typeof t?t(Object.assign({},e.rects,{placement:e.placement})):t)?t:ce(t,yt))}(s.padding,i),d=Jt(o),u="y"===l?gt:bt,f="y"===l?mt:_t,p=i.rects.reference[c]+i.rects.reference[l]-r[l]-i.rects.popper[c],g=r[l]-i.rects.reference[l],m=oe(o),_=m?"y"===l?m.clientHeight||0:m.clientWidth||0:0,b=p/2-g/2,v=h[u],y=_-d[c]-h[f],w=_/2-d[c]/2+b,A=ae(v,w,y),E=l;i.modifiersData[n]=((e={})[E]=A,e.centerOffset=A-w,e)}},effect:function(t){var e=t.state,i=t.options.element,n=void 0===i?"[data-popper-arrow]":i;null!=n&&("string"!=typeof n||(n=e.elements.popper.querySelector(n)))&&Zt(e.elements.popper,n)&&(e.elements.arrow=n)},requires:["popperOffsets"],requiresIfExists:["preventOverflow"]};function de(t){return t.split("-")[1]}var ue={top:"auto",right:"auto",bottom:"auto",left:"auto"};function fe(t){var e,i=t.popper,n=t.popperRect,s=t.placement,o=t.variation,r=t.offsets,a=t.position,l=t.gpuAcceleration,c=t.adaptive,h=t.roundOffsets,d=t.isFixed,u=r.x,f=void 0===u?0:u,p=r.y,g=void 0===p?0:p,m="function"==typeof h?h({x:f,y:g}):{x:f,y:g};f=m.x,g=m.y;var _=r.hasOwnProperty("x"),b=r.hasOwnProperty("y"),v=bt,y=gt,w=window;if(c){var A=oe(i),E="clientHeight",T="clientWidth";A===Bt(i)&&"static"!==te(A=ie(i)).position&&"absolute"===a&&(E="scrollHeight",T="scrollWidth"),(s===gt||(s===bt||s===_t)&&o===At)&&(y=mt,g-=(d&&A===w&&w.visualViewport?w.visualViewport.height:A[E])-n.height,g*=l?1:-1),s!==bt&&(s!==gt&&s!==mt||o!==At)||(v=_t,f-=(d&&A===w&&w.visualViewport?w.visualViewport.width:A[T])-n.width,f*=l?1:-1)}var C,O=Object.assign({position:a},c&&ue),x=!0===h?function(t){var e=t.x,i=t.y,n=window.devicePixelRatio||1;return{x:Xt(e*n)/n||0,y:Xt(i*n)/n||0}}({x:f,y:g}):{x:f,y:g};return f=x.x,g=x.y,l?Object.assign({},O,((C={})[y]=b?"0":"",C[v]=_?"0":"",C.transform=(w.devicePixelRatio||1)<=1?"translate("+f+"px, "+g+"px)":"translate3d("+f+"px, "+g+"px, 0)",C)):Object.assign({},O,((e={})[y]=b?g+"px":"",e[v]=_?f+"px":"",e.transform="",e))}const pe={name:"computeStyles",enabled:!0,phase:"beforeWrite",fn:function(t){var e=t.state,i=t.options,n=i.gpuAcceleration,s=void 0===n||n,o=i.adaptive,r=void 0===o||o,a=i.roundOffsets,l=void 0===a||a,c={placement:Vt(e.placement),variation:de(e.placement),popper:e.elements.popper,popperRect:e.rects.popper,gpuAcceleration:s,isFixed:"fixed"===e.options.strategy};null!=e.modifiersData.popperOffsets&&(e.styles.popper=Object.assign({},e.styles.popper,fe(Object.assign({},c,{offsets:e.modifiersData.popperOffsets,position:e.options.strategy,adaptive:r,roundOffsets:l})))),null!=e.modifiersData.arrow&&(e.styles.arrow=Object.assign({},e.styles.arrow,fe(Object.assign({},c,{offsets:e.modifiersData.arrow,position:"absolute",adaptive:!1,roundOffsets:l})))),e.attributes.popper=Object.assign({},e.attributes.popper,{"data-popper-placement":e.placement})},data:{}};var ge={passive:!0};const me={name:"eventListeners",enabled:!0,phase:"write",fn:function(){},effect:function(t){var e=t.state,i=t.instance,n=t.options,s=n.scroll,o=void 0===s||s,r=n.resize,a=void 0===r||r,l=Bt(e.elements.popper),c=[].concat(e.scrollParents.reference,e.scrollParents.popper);return o&&c.forEach((function(t){t.addEventListener("scroll",i.update,ge)})),a&&l.addEventListener("resize",i.update,ge),function(){o&&c.forEach((function(t){t.removeEventListener("scroll",i.update,ge)})),a&&l.removeEventListener("resize",i.update,ge)}},data:{}};var _e={left:"right",right:"left",bottom:"top",top:"bottom"};function be(t){return t.replace(/left|right|bottom|top/g,(function(t){return _e[t]}))}var ve={start:"end",end:"start"};function ye(t){return t.replace(/start|end/g,(function(t){return ve[t]}))}function we(t){var e=Bt(t);return{scrollLeft:e.pageXOffset,scrollTop:e.pageYOffset}}function Ae(t){return Gt(ie(t)).left+we(t).scrollLeft}function Ee(t){var e=te(t),i=e.overflow,n=e.overflowX,s=e.overflowY;return/auto|scroll|overlay|hidden/.test(i+s+n)}function Te(t){return["html","body","#document"].indexOf(Wt(t))>=0?t.ownerDocument.body:zt(t)&&Ee(t)?t:Te(ne(t))}function Ce(t,e){var i;void 0===e&&(e=[]);var n=Te(t),s=n===(null==(i=t.ownerDocument)?void 0:i.body),o=Bt(n),r=s?[o].concat(o.visualViewport||[],Ee(n)?n:[]):n,a=e.concat(r);return s?a:a.concat(Ce(ne(r)))}function Oe(t){return Object.assign({},t,{left:t.x,top:t.y,right:t.x+t.width,bottom:t.y+t.height})}function xe(t,e,i){return e===Tt?Oe(function(t,e){var i=Bt(t),n=ie(t),s=i.visualViewport,o=n.clientWidth,r=n.clientHeight,a=0,l=0;if(s){o=s.width,r=s.height;var c=Ut();(c||!c&&"fixed"===e)&&(a=s.offsetLeft,l=s.offsetTop)}return{width:o,height:r,x:a+Ae(t),y:l}}(t,i)):Ft(e)?function(t,e){var i=Gt(t,!1,"fixed"===e);return i.top=i.top+t.clientTop,i.left=i.left+t.clientLeft,i.bottom=i.top+t.clientHeight,i.right=i.left+t.clientWidth,i.width=t.clientWidth,i.height=t.clientHeight,i.x=i.left,i.y=i.top,i}(e,i):Oe(function(t){var e,i=ie(t),n=we(t),s=null==(e=t.ownerDocument)?void 0:e.body,o=Kt(i.scrollWidth,i.clientWidth,s?s.scrollWidth:0,s?s.clientWidth:0),r=Kt(i.scrollHeight,i.clientHeight,s?s.scrollHeight:0,s?s.clientHeight:0),a=-n.scrollLeft+Ae(t),l=-n.scrollTop;return"rtl"===te(s||i).direction&&(a+=Kt(i.clientWidth,s?s.clientWidth:0)-o),{width:o,height:r,x:a,y:l}}(ie(t)))}function ke(t){var e,i=t.reference,n=t.element,s=t.placement,o=s?Vt(s):null,r=s?de(s):null,a=i.x+i.width/2-n.width/2,l=i.y+i.height/2-n.height/2;switch(o){case gt:e={x:a,y:i.y-n.height};break;case mt:e={x:a,y:i.y+i.height};break;case _t:e={x:i.x+i.width,y:l};break;case bt:e={x:i.x-n.width,y:l};break;default:e={x:i.x,y:i.y}}var c=o?re(o):null;if(null!=c){var h="y"===c?"height":"width";switch(r){case wt:e[c]=e[c]-(i[h]/2-n[h]/2);break;case At:e[c]=e[c]+(i[h]/2-n[h]/2)}}return e}function Le(t,e){void 0===e&&(e={});var i=e,n=i.placement,s=void 0===n?t.placement:n,o=i.strategy,r=void 0===o?t.strategy:o,a=i.boundary,l=void 0===a?Et:a,c=i.rootBoundary,h=void 0===c?Tt:c,d=i.elementContext,u=void 0===d?Ct:d,f=i.altBoundary,p=void 0!==f&&f,g=i.padding,m=void 0===g?0:g,_=le("number"!=typeof m?m:ce(m,yt)),b=u===Ct?Ot:Ct,v=t.rects.popper,y=t.elements[p?b:u],w=function(t,e,i,n){var s="clippingParents"===e?function(t){var e=Ce(ne(t)),i=["absolute","fixed"].indexOf(te(t).position)>=0&&zt(t)?oe(t):t;return Ft(i)?e.filter((function(t){return Ft(t)&&Zt(t,i)&&"body"!==Wt(t)})):[]}(t):[].concat(e),o=[].concat(s,[i]),r=o[0],a=o.reduce((function(e,i){var s=xe(t,i,n);return e.top=Kt(s.top,e.top),e.right=Qt(s.right,e.right),e.bottom=Qt(s.bottom,e.bottom),e.left=Kt(s.left,e.left),e}),xe(t,r,n));return a.width=a.right-a.left,a.height=a.bottom-a.top,a.x=a.left,a.y=a.top,a}(Ft(y)?y:y.contextElement||ie(t.elements.popper),l,h,r),A=Gt(t.elements.reference),E=ke({reference:A,element:v,strategy:"absolute",placement:s}),T=Oe(Object.assign({},v,E)),C=u===Ct?T:A,O={top:w.top-C.top+_.top,bottom:C.bottom-w.bottom+_.bottom,left:w.left-C.left+_.left,right:C.right-w.right+_.right},x=t.modifiersData.offset;if(u===Ct&&x){var k=x[s];Object.keys(O).forEach((function(t){var e=[_t,mt].indexOf(t)>=0?1:-1,i=[gt,mt].indexOf(t)>=0?"y":"x";O[t]+=k[i]*e}))}return O}function De(t,e){void 0===e&&(e={});var i=e,n=i.placement,s=i.boundary,o=i.rootBoundary,r=i.padding,a=i.flipVariations,l=i.allowedAutoPlacements,c=void 0===l?kt:l,h=de(n),d=h?a?xt:xt.filter((function(t){return de(t)===h})):yt,u=d.filter((function(t){return c.indexOf(t)>=0}));0===u.length&&(u=d);var f=u.reduce((function(e,i){return e[i]=Le(t,{placement:i,boundary:s,rootBoundary:o,padding:r})[Vt(i)],e}),{});return Object.keys(f).sort((function(t,e){return f[t]-f[e]}))}const Se={name:"flip",enabled:!0,phase:"main",fn:function(t){var e=t.state,i=t.options,n=t.name;if(!e.modifiersData[n]._skip){for(var s=i.mainAxis,o=void 0===s||s,r=i.altAxis,a=void 0===r||r,l=i.fallbackPlacements,c=i.padding,h=i.boundary,d=i.rootBoundary,u=i.altBoundary,f=i.flipVariations,p=void 0===f||f,g=i.allowedAutoPlacements,m=e.options.placement,_=Vt(m),b=l||(_!==m&&p?function(t){if(Vt(t)===vt)return[];var e=be(t);return[ye(t),e,ye(e)]}(m):[be(m)]),v=[m].concat(b).reduce((function(t,i){return t.concat(Vt(i)===vt?De(e,{placement:i,boundary:h,rootBoundary:d,padding:c,flipVariations:p,allowedAutoPlacements:g}):i)}),[]),y=e.rects.reference,w=e.rects.popper,A=new Map,E=!0,T=v[0],C=0;C<v.length;C++){var O=v[C],x=Vt(O),k=de(O)===wt,L=[gt,mt].indexOf(x)>=0,D=L?"width":"height",S=Le(e,{placement:O,boundary:h,rootBoundary:d,altBoundary:u,padding:c}),I=L?k?_t:bt:k?mt:gt;y[D]>w[D]&&(I=be(I));var N=be(I),P=[];if(o&&P.push(S[x]<=0),a&&P.push(S[I]<=0,S[N]<=0),P.every((function(t){return t}))){T=O,E=!1;break}A.set(O,P)}if(E)for(var j=function(t){var e=v.find((function(e){var i=A.get(e);if(i)return i.slice(0,t).every((function(t){return t}))}));if(e)return T=e,"break"},M=p?3:1;M>0&&"break"!==j(M);M--);e.placement!==T&&(e.modifiersData[n]._skip=!0,e.placement=T,e.reset=!0)}},requiresIfExists:["offset"],data:{_skip:!1}};function Ie(t,e,i){return void 0===i&&(i={x:0,y:0}),{top:t.top-e.height-i.y,right:t.right-e.width+i.x,bottom:t.bottom-e.height+i.y,left:t.left-e.width-i.x}}function Ne(t){return[gt,_t,mt,bt].some((function(e){return t[e]>=0}))}const Pe={name:"hide",enabled:!0,phase:"main",requiresIfExists:["preventOverflow"],fn:function(t){var e=t.state,i=t.name,n=e.rects.reference,s=e.rects.popper,o=e.modifiersData.preventOverflow,r=Le(e,{elementContext:"reference"}),a=Le(e,{altBoundary:!0}),l=Ie(r,n),c=Ie(a,s,o),h=Ne(l),d=Ne(c);e.modifiersData[i]={referenceClippingOffsets:l,popperEscapeOffsets:c,isReferenceHidden:h,hasPopperEscaped:d},e.attributes.popper=Object.assign({},e.attributes.popper,{"data-popper-reference-hidden":h,"data-popper-escaped":d})}},je={name:"offset",enabled:!0,phase:"main",requires:["popperOffsets"],fn:function(t){var e=t.state,i=t.options,n=t.name,s=i.offset,o=void 0===s?[0,0]:s,r=kt.reduce((function(t,i){return t[i]=function(t,e,i){var n=Vt(t),s=[bt,gt].indexOf(n)>=0?-1:1,o="function"==typeof i?i(Object.assign({},e,{placement:t})):i,r=o[0],a=o[1];return r=r||0,a=(a||0)*s,[bt,_t].indexOf(n)>=0?{x:a,y:r}:{x:r,y:a}}(i,e.rects,o),t}),{}),a=r[e.placement],l=a.x,c=a.y;null!=e.modifiersData.popperOffsets&&(e.modifiersData.popperOffsets.x+=l,e.modifiersData.popperOffsets.y+=c),e.modifiersData[n]=r}},Me={name:"popperOffsets",enabled:!0,phase:"read",fn:function(t){var e=t.state,i=t.name;e.modifiersData[i]=ke({reference:e.rects.reference,element:e.rects.popper,strategy:"absolute",placement:e.placement})},data:{}},He={name:"preventOverflow",enabled:!0,phase:"main",fn:function(t){var e=t.state,i=t.options,n=t.name,s=i.mainAxis,o=void 0===s||s,r=i.altAxis,a=void 0!==r&&r,l=i.boundary,c=i.rootBoundary,h=i.altBoundary,d=i.padding,u=i.tether,f=void 0===u||u,p=i.tetherOffset,g=void 0===p?0:p,m=Le(e,{boundary:l,rootBoundary:c,padding:d,altBoundary:h}),_=Vt(e.placement),b=de(e.placement),v=!b,y=re(_),w="x"===y?"y":"x",A=e.modifiersData.popperOffsets,E=e.rects.reference,T=e.rects.popper,C="function"==typeof g?g(Object.assign({},e.rects,{placement:e.placement})):g,O="number"==typeof C?{mainAxis:C,altAxis:C}:Object.assign({mainAxis:0,altAxis:0},C),x=e.modifiersData.offset?e.modifiersData.offset[e.placement]:null,k={x:0,y:0};if(A){if(o){var L,D="y"===y?gt:bt,S="y"===y?mt:_t,I="y"===y?"height":"width",N=A[y],P=N+m[D],j=N-m[S],M=f?-T[I]/2:0,H=b===wt?E[I]:T[I],$=b===wt?-T[I]:-E[I],W=e.elements.arrow,B=f&&W?Jt(W):{width:0,height:0},F=e.modifiersData["arrow#persistent"]?e.modifiersData["arrow#persistent"].padding:{top:0,right:0,bottom:0,left:0},z=F[D],q=F[S],R=ae(0,E[I],B[I]),V=v?E[I]/2-M-R-z-O.mainAxis:H-R-z-O.mainAxis,K=v?-E[I]/2+M+R+q+O.mainAxis:$+R+q+O.mainAxis,Q=e.elements.arrow&&oe(e.elements.arrow),X=Q?"y"===y?Q.clientTop||0:Q.clientLeft||0:0,Y=null!=(L=null==x?void 0:x[y])?L:0,U=N+K-Y,G=ae(f?Qt(P,N+V-Y-X):P,N,f?Kt(j,U):j);A[y]=G,k[y]=G-N}if(a){var J,Z="x"===y?gt:bt,tt="x"===y?mt:_t,et=A[w],it="y"===w?"height":"width",nt=et+m[Z],st=et-m[tt],ot=-1!==[gt,bt].indexOf(_),rt=null!=(J=null==x?void 0:x[w])?J:0,at=ot?nt:et-E[it]-T[it]-rt+O.altAxis,lt=ot?et+E[it]+T[it]-rt-O.altAxis:st,ct=f&&ot?function(t,e,i){var n=ae(t,e,i);return n>i?i:n}(at,et,lt):ae(f?at:nt,et,f?lt:st);A[w]=ct,k[w]=ct-et}e.modifiersData[n]=k}},requiresIfExists:["offset"]};function $e(t,e,i){void 0===i&&(i=!1);var n,s,o=zt(e),r=zt(e)&&function(t){var e=t.getBoundingClientRect(),i=Xt(e.width)/t.offsetWidth||1,n=Xt(e.height)/t.offsetHeight||1;return 1!==i||1!==n}(e),a=ie(e),l=Gt(t,r,i),c={scrollLeft:0,scrollTop:0},h={x:0,y:0};return(o||!o&&!i)&&(("body"!==Wt(e)||Ee(a))&&(c=(n=e)!==Bt(n)&&zt(n)?{scrollLeft:(s=n).scrollLeft,scrollTop:s.scrollTop}:we(n)),zt(e)?((h=Gt(e,!0)).x+=e.clientLeft,h.y+=e.clientTop):a&&(h.x=Ae(a))),{x:l.left+c.scrollLeft-h.x,y:l.top+c.scrollTop-h.y,width:l.width,height:l.height}}function We(t){var e=new Map,i=new Set,n=[];function s(t){i.add(t.name),[].concat(t.requires||[],t.requiresIfExists||[]).forEach((function(t){if(!i.has(t)){var n=e.get(t);n&&s(n)}})),n.push(t)}return t.forEach((function(t){e.set(t.name,t)})),t.forEach((function(t){i.has(t.name)||s(t)})),n}var Be={placement:"bottom",modifiers:[],strategy:"absolute"};function Fe(){for(var t=arguments.length,e=new Array(t),i=0;i<t;i++)e[i]=arguments[i];return!e.some((function(t){return!(t&&"function"==typeof t.getBoundingClientRect)}))}function ze(t){void 0===t&&(t={});var e=t,i=e.defaultModifiers,n=void 0===i?[]:i,s=e.defaultOptions,o=void 0===s?Be:s;return function(t,e,i){void 0===i&&(i=o);var s,r,a={placement:"bottom",orderedModifiers:[],options:Object.assign({},Be,o),modifiersData:{},elements:{reference:t,popper:e},attributes:{},styles:{}},l=[],c=!1,h={state:a,setOptions:function(i){var s="function"==typeof i?i(a.options):i;d(),a.options=Object.assign({},o,a.options,s),a.scrollParents={reference:Ft(t)?Ce(t):t.contextElement?Ce(t.contextElement):[],popper:Ce(e)};var r,c,u=function(t){var e=We(t);return $t.reduce((function(t,i){return t.concat(e.filter((function(t){return t.phase===i})))}),[])}((r=[].concat(n,a.options.modifiers),c=r.reduce((function(t,e){var i=t[e.name];return t[e.name]=i?Object.assign({},i,e,{options:Object.assign({},i.options,e.options),data:Object.assign({},i.data,e.data)}):e,t}),{}),Object.keys(c).map((function(t){return c[t]}))));return a.orderedModifiers=u.filter((function(t){return t.enabled})),a.orderedModifiers.forEach((function(t){var e=t.name,i=t.options,n=void 0===i?{}:i,s=t.effect;if("function"==typeof s){var o=s({state:a,name:e,instance:h,options:n});l.push(o||function(){})}})),h.update()},forceUpdate:function(){if(!c){var t=a.elements,e=t.reference,i=t.popper;if(Fe(e,i)){a.rects={reference:$e(e,oe(i),"fixed"===a.options.strategy),popper:Jt(i)},a.reset=!1,a.placement=a.options.placement,a.orderedModifiers.forEach((function(t){return a.modifiersData[t.name]=Object.assign({},t.data)}));for(var n=0;n<a.orderedModifiers.length;n++)if(!0!==a.reset){var s=a.orderedModifiers[n],o=s.fn,r=s.options,l=void 0===r?{}:r,d=s.name;"function"==typeof o&&(a=o({state:a,options:l,name:d,instance:h})||a)}else a.reset=!1,n=-1}}},update:(s=function(){return new Promise((function(t){h.forceUpdate(),t(a)}))},function(){return r||(r=new Promise((function(t){Promise.resolve().then((function(){r=void 0,t(s())}))}))),r}),destroy:function(){d(),c=!0}};if(!Fe(t,e))return h;function d(){l.forEach((function(t){return t()})),l=[]}return h.setOptions(i).then((function(t){!c&&i.onFirstUpdate&&i.onFirstUpdate(t)})),h}}var qe=ze(),Re=ze({defaultModifiers:[me,Me,pe,Rt]}),Ve=ze({defaultModifiers:[me,Me,pe,Rt,je,Se,He,he,Pe]});const Ke=Object.freeze(Object.defineProperty({__proto__:null,popperGenerator:ze,detectOverflow:Le,createPopperBase:qe,createPopper:Ve,createPopperLite:Re,top:gt,bottom:mt,right:_t,left:bt,auto:vt,basePlacements:yt,start:wt,end:At,clippingParents:Et,viewport:Tt,popper:Ct,reference:Ot,variationPlacements:xt,placements:kt,beforeRead:Lt,read:Dt,afterRead:St,beforeMain:It,main:Nt,afterMain:Pt,beforeWrite:jt,write:Mt,afterWrite:Ht,modifierPhases:$t,applyStyles:Rt,arrow:he,computeStyles:pe,eventListeners:me,flip:Se,hide:Pe,offset:je,popperOffsets:Me,preventOverflow:He},Symbol.toStringTag,{value:"Module"})),Qe="dropdown",Xe="ArrowUp",Ye="ArrowDown",Ue="click.bs.dropdown.data-api",Ge="keydown.bs.dropdown.data-api",Je="show",Ze='[data-bs-toggle="dropdown"]:not(.disabled):not(:disabled)',ti=`${Ze}.show`,ei=".dropdown-menu",ii=p()?"top-end":"top-start",ni=p()?"top-start":"top-end",si=p()?"bottom-end":"bottom-start",oi=p()?"bottom-start":"bottom-end",ri=p()?"left-start":"right-start",ai=p()?"right-start":"left-start",li={autoClose:!0,boundary:"clippingParents",display:"dynamic",offset:[0,2],popperConfig:null,reference:"toggle"},ci={autoClose:"(boolean|string)",boundary:"(string|element)",display:"string",offset:"(array|string|function)",popperConfig:"(null|object|function)",reference:"(string|element|object)"};class hi extends z{constructor(t,e){super(t,e),this._popper=null,this._parent=this._element.parentNode,this._menu=Q.next(this._element,ei)[0]||Q.prev(this._element,ei)[0]||Q.findOne(ei,this._parent),this._inNavbar=this._detectNavbar()}static get Default(){return li}static get DefaultType(){return ci}static get NAME(){return Qe}toggle(){return this._isShown()?this.hide():this.show()}show(){if(l(this._element)||this._isShown())return;const t={relatedTarget:this._element};if(!P.trigger(this._element,"show.bs.dropdown",t).defaultPrevented){if(this._createPopper(),"ontouchstart"in document.documentElement&&!this._parent.closest(".navbar-nav"))for(const t of[].concat(...document.body.children))P.on(t,"mouseover",h);this._element.focus(),this._element.setAttribute("aria-expanded",!0),this._menu.classList.add(Je),this._element.classList.add(Je),P.trigger(this._element,"shown.bs.dropdown",t)}}hide(){if(l(this._element)||!this._isShown())return;const t={relatedTarget:this._element};this._completeHide(t)}dispose(){this._popper&&this._popper.destroy(),super.dispose()}update(){this._inNavbar=this._detectNavbar(),this._popper&&this._popper.update()}_completeHide(t){if(!P.trigger(this._element,"hide.bs.dropdown",t).defaultPrevented){if("ontouchstart"in document.documentElement)for(const t of[].concat(...document.body.children))P.off(t,"mouseover",h);this._popper&&this._popper.destroy(),this._menu.classList.remove(Je),this._element.classList.remove(Je),this._element.setAttribute("aria-expanded","false"),B.removeDataAttribute(this._menu,"popper"),P.trigger(this._element,"hidden.bs.dropdown",t)}}_getConfig(t){if("object"==typeof(t=super._getConfig(t)).reference&&!o(t.reference)&&"function"!=typeof t.reference.getBoundingClientRect)throw new TypeError(`${Qe.toUpperCase()}: Option "reference" provided type "object" without a required "getBoundingClientRect" method.`);return t}_createPopper(){if(void 0===Ke)throw new TypeError("Bootstrap's dropdowns require Popper (https://popper.js.org)");let t=this._element;"parent"===this._config.reference?t=this._parent:o(this._config.reference)?t=r(this._config.reference):"object"==typeof this._config.reference&&(t=this._config.reference);const e=this._getPopperConfig();this._popper=Ve(t,this._menu,e)}_isShown(){return this._menu.classList.contains(Je)}_getPlacement(){const t=this._parent;if(t.classList.contains("dropend"))return ri;if(t.classList.contains("dropstart"))return ai;if(t.classList.contains("dropup-center"))return"top";if(t.classList.contains("dropdown-center"))return"bottom";const e="end"===getComputedStyle(this._menu).getPropertyValue("--bs-position").trim();return t.classList.contains("dropup")?e?ni:ii:e?oi:si}_detectNavbar(){return null!==this._element.closest(".navbar")}_getOffset(){const{offset:t}=this._config;return"string"==typeof t?t.split(",").map((t=>Number.parseInt(t,10))):"function"==typeof t?e=>t(e,this._element):t}_getPopperConfig(){const t={placement:this._getPlacement(),modifiers:[{name:"preventOverflow",options:{boundary:this._config.boundary}},{name:"offset",options:{offset:this._getOffset()}}]};return(this._inNavbar||"static"===this._config.display)&&(B.setDataAttribute(this._menu,"popper","static"),t.modifiers=[{name:"applyStyles",enabled:!1}]),{...t,..."function"==typeof this._config.popperConfig?this._config.popperConfig(t):this._config.popperConfig}}_selectMenuItem({key:t,target:e}){const i=Q.find(".dropdown-menu .dropdown-item:not(.disabled):not(:disabled)",this._menu).filter((t=>a(t)));i.length&&b(i,e,t===Ye,!i.includes(e)).focus()}static jQueryInterface(t){return this.each((function(){const e=hi.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===e[t])throw new TypeError(`No method named "${t}"`);e[t]()}}))}static clearMenus(t){if(2===t.button||"keyup"===t.type&&"Tab"!==t.key)return;const e=Q.find(ti);for(const i of e){const e=hi.getInstance(i);if(!e||!1===e._config.autoClose)continue;const n=t.composedPath(),s=n.includes(e._menu);if(n.includes(e._element)||"inside"===e._config.autoClose&&!s||"outside"===e._config.autoClose&&s)continue;if(e._menu.contains(t.target)&&("keyup"===t.type&&"Tab"===t.key||/input|select|option|textarea|form/i.test(t.target.tagName)))continue;const o={relatedTarget:e._element};"click"===t.type&&(o.clickEvent=t),e._completeHide(o)}}static dataApiKeydownHandler(t){const e=/input|textarea/i.test(t.target.tagName),i="Escape"===t.key,n=[Xe,Ye].includes(t.key);if(!n&&!i)return;if(e&&!i)return;t.preventDefault();const s=this.matches(Ze)?this:Q.prev(this,Ze)[0]||Q.next(this,Ze)[0]||Q.findOne(Ze,t.delegateTarget.parentNode),o=hi.getOrCreateInstance(s);if(n)return t.stopPropagation(),o.show(),void o._selectMenuItem(t);o._isShown()&&(t.stopPropagation(),o.hide(),s.focus())}}P.on(document,Ge,Ze,hi.dataApiKeydownHandler),P.on(document,Ge,ei,hi.dataApiKeydownHandler),P.on(document,Ue,hi.clearMenus),P.on(document,"keyup.bs.dropdown.data-api",hi.clearMenus),P.on(document,Ue,Ze,(function(t){t.preventDefault(),hi.getOrCreateInstance(this).toggle()})),g(hi);const di=".fixed-top, .fixed-bottom, .is-fixed, .sticky-top",ui=".sticky-top",fi="padding-right",pi="margin-right";class gi{constructor(){this._element=document.body}getWidth(){const t=document.documentElement.clientWidth;return Math.abs(window.innerWidth-t)}hide(){const t=this.getWidth();this._disableOverFlow(),this._setElementAttributes(this._element,fi,(e=>e+t)),this._setElementAttributes(di,fi,(e=>e+t)),this._setElementAttributes(ui,pi,(e=>e-t))}reset(){this._resetElementAttributes(this._element,"overflow"),this._resetElementAttributes(this._element,fi),this._resetElementAttributes(di,fi),this._resetElementAttributes(ui,pi)}isOverflowing(){return this.getWidth()>0}_disableOverFlow(){this._saveInitialAttribute(this._element,"overflow"),this._element.style.overflow="hidden"}_setElementAttributes(t,e,i){const n=this.getWidth();this._applyManipulationCallback(t,(t=>{if(t!==this._element&&window.innerWidth>t.clientWidth+n)return;this._saveInitialAttribute(t,e);const s=window.getComputedStyle(t).getPropertyValue(e);t.style.setProperty(e,`${i(Number.parseFloat(s))}px`)}))}_saveInitialAttribute(t,e){const i=t.style.getPropertyValue(e);i&&B.setDataAttribute(t,e,i)}_resetElementAttributes(t,e){this._applyManipulationCallback(t,(t=>{const i=B.getDataAttribute(t,e);null!==i?(B.removeDataAttribute(t,e),t.style.setProperty(e,i)):t.style.removeProperty(e)}))}_applyManipulationCallback(t,e){if(o(t))e(t);else for(const i of Q.find(t,this._element))e(i)}}const mi="show",_i="mousedown.bs.backdrop",bi={className:"modal-backdrop",clickCallback:null,isAnimated:!1,isVisible:!0,rootElement:"body"},vi={className:"string",clickCallback:"(function|null)",isAnimated:"boolean",isVisible:"boolean",rootElement:"(element|string)"};class yi extends F{constructor(t){super(),this._config=this._getConfig(t),this._isAppended=!1,this._element=null}static get Default(){return bi}static get DefaultType(){return vi}static get NAME(){return"backdrop"}show(t){if(!this._config.isVisible)return void m(t);this._append();const e=this._getElement();this._config.isAnimated&&d(e),e.classList.add(mi),this._emulateAnimation((()=>{m(t)}))}hide(t){this._config.isVisible?(this._getElement().classList.remove(mi),this._emulateAnimation((()=>{this.dispose(),m(t)}))):m(t)}dispose(){this._isAppended&&(P.off(this._element,_i),this._element.remove(),this._isAppended=!1)}_getElement(){if(!this._element){const t=document.createElement("div");t.className=this._config.className,this._config.isAnimated&&t.classList.add("fade"),this._element=t}return this._element}_configAfterMerge(t){return t.rootElement=r(t.rootElement),t}_append(){if(this._isAppended)return;const t=this._getElement();this._config.rootElement.append(t),P.on(t,_i,(()=>{m(this._config.clickCallback)})),this._isAppended=!0}_emulateAnimation(t){_(t,this._getElement(),this._config.isAnimated)}}const wi=".bs.focustrap",Ai="backward",Ei={autofocus:!0,trapElement:null},Ti={autofocus:"boolean",trapElement:"element"};class Ci extends F{constructor(t){super(),this._config=this._getConfig(t),this._isActive=!1,this._lastTabNavDirection=null}static get Default(){return Ei}static get DefaultType(){return Ti}static get NAME(){return"focustrap"}activate(){this._isActive||(this._config.autofocus&&this._config.trapElement.focus(),P.off(document,wi),P.on(document,"focusin.bs.focustrap",(t=>this._handleFocusin(t))),P.on(document,"keydown.tab.bs.focustrap",(t=>this._handleKeydown(t))),this._isActive=!0)}deactivate(){this._isActive&&(this._isActive=!1,P.off(document,wi))}_handleFocusin(t){const{trapElement:e}=this._config;if(t.target===document||t.target===e||e.contains(t.target))return;const i=Q.focusableChildren(e);0===i.length?e.focus():this._lastTabNavDirection===Ai?i[i.length-1].focus():i[0].focus()}_handleKeydown(t){"Tab"===t.key&&(this._lastTabNavDirection=t.shiftKey?Ai:"forward")}}const Oi="hidden.bs.modal",xi="show.bs.modal",ki="modal-open",Li="show",Di="modal-static",Si={backdrop:!0,focus:!0,keyboard:!0},Ii={backdrop:"(boolean|string)",focus:"boolean",keyboard:"boolean"};class Ni extends z{constructor(t,e){super(t,e),this._dialog=Q.findOne(".modal-dialog",this._element),this._backdrop=this._initializeBackDrop(),this._focustrap=this._initializeFocusTrap(),this._isShown=!1,this._isTransitioning=!1,this._scrollBar=new gi,this._addEventListeners()}static get Default(){return Si}static get DefaultType(){return Ii}static get NAME(){return"modal"}toggle(t){return this._isShown?this.hide():this.show(t)}show(t){this._isShown||this._isTransitioning||P.trigger(this._element,xi,{relatedTarget:t}).defaultPrevented||(this._isShown=!0,this._isTransitioning=!0,this._scrollBar.hide(),document.body.classList.add(ki),this._adjustDialog(),this._backdrop.show((()=>this._showElement(t))))}hide(){this._isShown&&!this._isTransitioning&&(P.trigger(this._element,"hide.bs.modal").defaultPrevented||(this._isShown=!1,this._isTransitioning=!0,this._focustrap.deactivate(),this._element.classList.remove(Li),this._queueCallback((()=>this._hideModal()),this._element,this._isAnimated())))}dispose(){for(const t of[window,this._dialog])P.off(t,".bs.modal");this._backdrop.dispose(),this._focustrap.deactivate(),super.dispose()}handleUpdate(){this._adjustDialog()}_initializeBackDrop(){return new yi({isVisible:Boolean(this._config.backdrop),isAnimated:this._isAnimated()})}_initializeFocusTrap(){return new Ci({trapElement:this._element})}_showElement(t){document.body.contains(this._element)||document.body.append(this._element),this._element.style.display="block",this._element.removeAttribute("aria-hidden"),this._element.setAttribute("aria-modal",!0),this._element.setAttribute("role","dialog"),this._element.scrollTop=0;const e=Q.findOne(".modal-body",this._dialog);e&&(e.scrollTop=0),d(this._element),this._element.classList.add(Li),this._queueCallback((()=>{this._config.focus&&this._focustrap.activate(),this._isTransitioning=!1,P.trigger(this._element,"shown.bs.modal",{relatedTarget:t})}),this._dialog,this._isAnimated())}_addEventListeners(){P.on(this._element,"keydown.dismiss.bs.modal",(t=>{if("Escape"===t.key)return this._config.keyboard?(t.preventDefault(),void this.hide()):void this._triggerBackdropTransition()})),P.on(window,"resize.bs.modal",(()=>{this._isShown&&!this._isTransitioning&&this._adjustDialog()})),P.on(this._element,"mousedown.dismiss.bs.modal",(t=>{P.one(this._element,"click.dismiss.bs.modal",(e=>{this._element===t.target&&this._element===e.target&&("static"!==this._config.backdrop?this._config.backdrop&&this.hide():this._triggerBackdropTransition())}))}))}_hideModal(){this._element.style.display="none",this._element.setAttribute("aria-hidden",!0),this._element.removeAttribute("aria-modal"),this._element.removeAttribute("role"),this._isTransitioning=!1,this._backdrop.hide((()=>{document.body.classList.remove(ki),this._resetAdjustments(),this._scrollBar.reset(),P.trigger(this._element,Oi)}))}_isAnimated(){return this._element.classList.contains("fade")}_triggerBackdropTransition(){if(P.trigger(this._element,"hidePrevented.bs.modal").defaultPrevented)return;const t=this._element.scrollHeight>document.documentElement.clientHeight,e=this._element.style.overflowY;"hidden"===e||this._element.classList.contains(Di)||(t||(this._element.style.overflowY="hidden"),this._element.classList.add(Di),this._queueCallback((()=>{this._element.classList.remove(Di),this._queueCallback((()=>{this._element.style.overflowY=e}),this._dialog)}),this._dialog),this._element.focus())}_adjustDialog(){const t=this._element.scrollHeight>document.documentElement.clientHeight,e=this._scrollBar.getWidth(),i=e>0;if(i&&!t){const t=p()?"paddingLeft":"paddingRight";this._element.style[t]=`${e}px`}if(!i&&t){const t=p()?"paddingRight":"paddingLeft";this._element.style[t]=`${e}px`}}_resetAdjustments(){this._element.style.paddingLeft="",this._element.style.paddingRight=""}static jQueryInterface(t,e){return this.each((function(){const i=Ni.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===i[t])throw new TypeError(`No method named "${t}"`);i[t](e)}}))}}P.on(document,"click.bs.modal.data-api",'[data-bs-toggle="modal"]',(function(t){const e=n(this);["A","AREA"].includes(this.tagName)&&t.preventDefault(),P.one(e,xi,(t=>{t.defaultPrevented||P.one(e,Oi,(()=>{a(this)&&this.focus()}))}));const i=Q.findOne(".modal.show");i&&Ni.getInstance(i).hide(),Ni.getOrCreateInstance(e).toggle(this)})),q(Ni),g(Ni);const Pi="show",ji="showing",Mi="hiding",Hi=".offcanvas.show",$i="hidePrevented.bs.offcanvas",Wi="hidden.bs.offcanvas",Bi={backdrop:!0,keyboard:!0,scroll:!1},Fi={backdrop:"(boolean|string)",keyboard:"boolean",scroll:"boolean"};class zi extends z{constructor(t,e){super(t,e),this._isShown=!1,this._backdrop=this._initializeBackDrop(),this._focustrap=this._initializeFocusTrap(),this._addEventListeners()}static get Default(){return Bi}static get DefaultType(){return Fi}static get NAME(){return"offcanvas"}toggle(t){return this._isShown?this.hide():this.show(t)}show(t){this._isShown||P.trigger(this._element,"show.bs.offcanvas",{relatedTarget:t}).defaultPrevented||(this._isShown=!0,this._backdrop.show(),this._config.scroll||(new gi).hide(),this._element.setAttribute("aria-modal",!0),this._element.setAttribute("role","dialog"),this._element.classList.add(ji),this._queueCallback((()=>{this._config.scroll&&!this._config.backdrop||this._focustrap.activate(),this._element.classList.add(Pi),this._element.classList.remove(ji),P.trigger(this._element,"shown.bs.offcanvas",{relatedTarget:t})}),this._element,!0))}hide(){this._isShown&&(P.trigger(this._element,"hide.bs.offcanvas").defaultPrevented||(this._focustrap.deactivate(),this._element.blur(),this._isShown=!1,this._element.classList.add(Mi),this._backdrop.hide(),this._queueCallback((()=>{this._element.classList.remove(Pi,Mi),this._element.removeAttribute("aria-modal"),this._element.removeAttribute("role"),this._config.scroll||(new gi).reset(),P.trigger(this._element,Wi)}),this._element,!0)))}dispose(){this._backdrop.dispose(),this._focustrap.deactivate(),super.dispose()}_initializeBackDrop(){const t=Boolean(this._config.backdrop);return new yi({className:"offcanvas-backdrop",isVisible:t,isAnimated:!0,rootElement:this._element.parentNode,clickCallback:t?()=>{"static"!==this._config.backdrop?this.hide():P.trigger(this._element,$i)}:null})}_initializeFocusTrap(){return new Ci({trapElement:this._element})}_addEventListeners(){P.on(this._element,"keydown.dismiss.bs.offcanvas",(t=>{"Escape"===t.key&&(this._config.keyboard?this.hide():P.trigger(this._element,$i))}))}static jQueryInterface(t){return this.each((function(){const e=zi.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===e[t]||t.startsWith("_")||"constructor"===t)throw new TypeError(`No method named "${t}"`);e[t](this)}}))}}P.on(document,"click.bs.offcanvas.data-api",'[data-bs-toggle="offcanvas"]',(function(t){const e=n(this);if(["A","AREA"].includes(this.tagName)&&t.preventDefault(),l(this))return;P.one(e,Wi,(()=>{a(this)&&this.focus()}));const i=Q.findOne(Hi);i&&i!==e&&zi.getInstance(i).hide(),zi.getOrCreateInstance(e).toggle(this)})),P.on(window,"load.bs.offcanvas.data-api",(()=>{for(const t of Q.find(Hi))zi.getOrCreateInstance(t).show()})),P.on(window,"resize.bs.offcanvas",(()=>{for(const t of Q.find("[aria-modal][class*=show][class*=offcanvas-]"))"fixed"!==getComputedStyle(t).position&&zi.getOrCreateInstance(t).hide()})),q(zi),g(zi);const qi=new Set(["background","cite","href","itemtype","longdesc","poster","src","xlink:href"]),Ri=/^(?:(?:https?|mailto|ftp|tel|file|sms):|[^#&/:?]*(?:[#/?]|$))/i,Vi=/^data:(?:image\/(?:bmp|gif|jpeg|jpg|png|tiff|webp)|video\/(?:mpeg|mp4|ogg|webm)|audio\/(?:mp3|oga|ogg|opus));base64,[\d+/a-z]+=*$/i,Ki=(t,e)=>{const i=t.nodeName.toLowerCase();return e.includes(i)?!qi.has(i)||Boolean(Ri.test(t.nodeValue)||Vi.test(t.nodeValue)):e.filter((t=>t instanceof RegExp)).some((t=>t.test(i)))},Qi={"*":["class","dir","id","lang","role",/^aria-[\w-]*$/i],a:["target","href","title","rel"],area:[],b:[],br:[],col:[],code:[],div:[],em:[],hr:[],h1:[],h2:[],h3:[],h4:[],h5:[],h6:[],i:[],img:["src","srcset","alt","title","width","height"],li:[],ol:[],p:[],pre:[],s:[],small:[],span:[],sub:[],sup:[],strong:[],u:[],ul:[]},Xi={allowList:Qi,content:{},extraClass:"",html:!1,sanitize:!0,sanitizeFn:null,template:"<div></div>"},Yi={allowList:"object",content:"object",extraClass:"(string|function)",html:"boolean",sanitize:"boolean",sanitizeFn:"(null|function)",template:"string"},Ui={entry:"(string|element|function|null)",selector:"(string|element)"};class Gi extends F{constructor(t){super(),this._config=this._getConfig(t)}static get Default(){return Xi}static get DefaultType(){return Yi}static get NAME(){return"TemplateFactory"}getContent(){return Object.values(this._config.content).map((t=>this._resolvePossibleFunction(t))).filter(Boolean)}hasContent(){return this.getContent().length>0}changeContent(t){return this._checkContent(t),this._config.content={...this._config.content,...t},this}toHtml(){const t=document.createElement("div");t.innerHTML=this._maybeSanitize(this._config.template);for(const[e,i]of Object.entries(this._config.content))this._setContent(t,i,e);const e=t.children[0],i=this._resolvePossibleFunction(this._config.extraClass);return i&&e.classList.add(...i.split(" ")),e}_typeCheckConfig(t){super._typeCheckConfig(t),this._checkContent(t.content)}_checkContent(t){for(const[e,i]of Object.entries(t))super._typeCheckConfig({selector:e,entry:i},Ui)}_setContent(t,e,i){const n=Q.findOne(i,t);n&&((e=this._resolvePossibleFunction(e))?o(e)?this._putElementInTemplate(r(e),n):this._config.html?n.innerHTML=this._maybeSanitize(e):n.textContent=e:n.remove())}_maybeSanitize(t){return this._config.sanitize?function(t,e,i){if(!t.length)return t;if(i&&"function"==typeof i)return i(t);const n=(new window.DOMParser).parseFromString(t,"text/html"),s=[].concat(...n.body.querySelectorAll("*"));for(const t of s){const i=t.nodeName.toLowerCase();if(!Object.keys(e).includes(i)){t.remove();continue}const n=[].concat(...t.attributes),s=[].concat(e["*"]||[],e[i]||[]);for(const e of n)Ki(e,s)||t.removeAttribute(e.nodeName)}return n.body.innerHTML}(t,this._config.allowList,this._config.sanitizeFn):t}_resolvePossibleFunction(t){return"function"==typeof t?t(this):t}_putElementInTemplate(t,e){if(this._config.html)return e.innerHTML="",void e.append(t);e.textContent=t.textContent}}const Ji=new Set(["sanitize","allowList","sanitizeFn"]),Zi="fade",tn="show",en=".modal",nn="hide.bs.modal",sn="hover",on="focus",rn={AUTO:"auto",TOP:"top",RIGHT:p()?"left":"right",BOTTOM:"bottom",LEFT:p()?"right":"left"},an={allowList:Qi,animation:!0,boundary:"clippingParents",container:!1,customClass:"",delay:0,fallbackPlacements:["top","right","bottom","left"],html:!1,offset:[0,0],placement:"top",popperConfig:null,sanitize:!0,sanitizeFn:null,selector:!1,template:'<div class="tooltip" role="tooltip"><div class="tooltip-arrow"></div><div class="tooltip-inner"></div></div>',title:"",trigger:"hover focus"},ln={allowList:"object",animation:"boolean",boundary:"(string|element)",container:"(string|element|boolean)",customClass:"(string|function)",delay:"(number|object)",fallbackPlacements:"array",html:"boolean",offset:"(array|string|function)",placement:"(string|function)",popperConfig:"(null|object|function)",sanitize:"boolean",sanitizeFn:"(null|function)",selector:"(string|boolean)",template:"string",title:"(string|element|function)",trigger:"string"};class cn extends z{constructor(t,e){if(void 0===Ke)throw new TypeError("Bootstrap's tooltips require Popper (https://popper.js.org)");super(t,e),this._isEnabled=!0,this._timeout=0,this._isHovered=null,this._activeTrigger={},this._popper=null,this._templateFactory=null,this._newContent=null,this.tip=null,this._setListeners(),this._config.selector||this._fixTitle()}static get Default(){return an}static get DefaultType(){return ln}static get NAME(){return"tooltip"}enable(){this._isEnabled=!0}disable(){this._isEnabled=!1}toggleEnabled(){this._isEnabled=!this._isEnabled}toggle(){this._isEnabled&&(this._activeTrigger.click=!this._activeTrigger.click,this._isShown()?this._leave():this._enter())}dispose(){clearTimeout(this._timeout),P.off(this._element.closest(en),nn,this._hideModalHandler),this._element.getAttribute("data-bs-original-title")&&this._element.setAttribute("title",this._element.getAttribute("data-bs-original-title")),this._disposePopper(),super.dispose()}show(){if("none"===this._element.style.display)throw new Error("Please use show on visible elements");if(!this._isWithContent()||!this._isEnabled)return;const t=P.trigger(this._element,this.constructor.eventName("show")),e=(c(this._element)||this._element.ownerDocument.documentElement).contains(this._element);if(t.defaultPrevented||!e)return;this._disposePopper();const i=this._getTipElement();this._element.setAttribute("aria-describedby",i.getAttribute("id"));const{container:n}=this._config;if(this._element.ownerDocument.documentElement.contains(this.tip)||(n.append(i),P.trigger(this._element,this.constructor.eventName("inserted"))),this._popper=this._createPopper(i),i.classList.add(tn),"ontouchstart"in document.documentElement)for(const t of[].concat(...document.body.children))P.on(t,"mouseover",h);this._queueCallback((()=>{P.trigger(this._element,this.constructor.eventName("shown")),!1===this._isHovered&&this._leave(),this._isHovered=!1}),this.tip,this._isAnimated())}hide(){if(this._isShown()&&!P.trigger(this._element,this.constructor.eventName("hide")).defaultPrevented){if(this._getTipElement().classList.remove(tn),"ontouchstart"in document.documentElement)for(const t of[].concat(...document.body.children))P.off(t,"mouseover",h);this._activeTrigger.click=!1,this._activeTrigger.focus=!1,this._activeTrigger.hover=!1,this._isHovered=null,this._queueCallback((()=>{this._isWithActiveTrigger()||(this._isHovered||this._disposePopper(),this._element.removeAttribute("aria-describedby"),P.trigger(this._element,this.constructor.eventName("hidden")))}),this.tip,this._isAnimated())}}update(){this._popper&&this._popper.update()}_isWithContent(){return Boolean(this._getTitle())}_getTipElement(){return this.tip||(this.tip=this._createTipElement(this._newContent||this._getContentForTemplate())),this.tip}_createTipElement(t){const e=this._getTemplateFactory(t).toHtml();if(!e)return null;e.classList.remove(Zi,tn),e.classList.add(`bs-${this.constructor.NAME}-auto`);const i=(t=>{do{t+=Math.floor(1e6*Math.random())}while(document.getElementById(t));return t})(this.constructor.NAME).toString();return e.setAttribute("id",i),this._isAnimated()&&e.classList.add(Zi),e}setContent(t){this._newContent=t,this._isShown()&&(this._disposePopper(),this.show())}_getTemplateFactory(t){return this._templateFactory?this._templateFactory.changeContent(t):this._templateFactory=new Gi({...this._config,content:t,extraClass:this._resolvePossibleFunction(this._config.customClass)}),this._templateFactory}_getContentForTemplate(){return{".tooltip-inner":this._getTitle()}}_getTitle(){return this._resolvePossibleFunction(this._config.title)||this._element.getAttribute("data-bs-original-title")}_initializeOnDelegatedTarget(t){return this.constructor.getOrCreateInstance(t.delegateTarget,this._getDelegateConfig())}_isAnimated(){return this._config.animation||this.tip&&this.tip.classList.contains(Zi)}_isShown(){return this.tip&&this.tip.classList.contains(tn)}_createPopper(t){const e="function"==typeof this._config.placement?this._config.placement.call(this,t,this._element):this._config.placement,i=rn[e.toUpperCase()];return Ve(this._element,t,this._getPopperConfig(i))}_getOffset(){const{offset:t}=this._config;return"string"==typeof t?t.split(",").map((t=>Number.parseInt(t,10))):"function"==typeof t?e=>t(e,this._element):t}_resolvePossibleFunction(t){return"function"==typeof t?t.call(this._element):t}_getPopperConfig(t){const e={placement:t,modifiers:[{name:"flip",options:{fallbackPlacements:this._config.fallbackPlacements}},{name:"offset",options:{offset:this._getOffset()}},{name:"preventOverflow",options:{boundary:this._config.boundary}},{name:"arrow",options:{element:`.${this.constructor.NAME}-arrow`}},{name:"preSetPlacement",enabled:!0,phase:"beforeMain",fn:t=>{this._getTipElement().setAttribute("data-popper-placement",t.state.placement)}}]};return{...e,..."function"==typeof this._config.popperConfig?this._config.popperConfig(e):this._config.popperConfig}}_setListeners(){const t=this._config.trigger.split(" ");for(const e of t)if("click"===e)P.on(this._element,this.constructor.eventName("click"),this._config.selector,(t=>{this._initializeOnDelegatedTarget(t).toggle()}));else if("manual"!==e){const t=e===sn?this.constructor.eventName("mouseenter"):this.constructor.eventName("focusin"),i=e===sn?this.constructor.eventName("mouseleave"):this.constructor.eventName("focusout");P.on(this._element,t,this._config.selector,(t=>{const e=this._initializeOnDelegatedTarget(t);e._activeTrigger["focusin"===t.type?on:sn]=!0,e._enter()})),P.on(this._element,i,this._config.selector,(t=>{const e=this._initializeOnDelegatedTarget(t);e._activeTrigger["focusout"===t.type?on:sn]=e._element.contains(t.relatedTarget),e._leave()}))}this._hideModalHandler=()=>{this._element&&this.hide()},P.on(this._element.closest(en),nn,this._hideModalHandler)}_fixTitle(){const t=this._element.getAttribute("title");t&&(this._element.getAttribute("aria-label")||this._element.textContent.trim()||this._element.setAttribute("aria-label",t),this._element.setAttribute("data-bs-original-title",t),this._element.removeAttribute("title"))}_enter(){this._isShown()||this._isHovered?this._isHovered=!0:(this._isHovered=!0,this._setTimeout((()=>{this._isHovered&&this.show()}),this._config.delay.show))}_leave(){this._isWithActiveTrigger()||(this._isHovered=!1,this._setTimeout((()=>{this._isHovered||this.hide()}),this._config.delay.hide))}_setTimeout(t,e){clearTimeout(this._timeout),this._timeout=setTimeout(t,e)}_isWithActiveTrigger(){return Object.values(this._activeTrigger).includes(!0)}_getConfig(t){const e=B.getDataAttributes(this._element);for(const t of Object.keys(e))Ji.has(t)&&delete e[t];return t={...e,..."object"==typeof t&&t?t:{}},t=this._mergeConfigObj(t),t=this._configAfterMerge(t),this._typeCheckConfig(t),t}_configAfterMerge(t){return t.container=!1===t.container?document.body:r(t.container),"number"==typeof t.delay&&(t.delay={show:t.delay,hide:t.delay}),"number"==typeof t.title&&(t.title=t.title.toString()),"number"==typeof t.content&&(t.content=t.content.toString()),t}_getDelegateConfig(){const t={};for(const e in this._config)this.constructor.Default[e]!==this._config[e]&&(t[e]=this._config[e]);return t.selector=!1,t.trigger="manual",t}_disposePopper(){this._popper&&(this._popper.destroy(),this._popper=null),this.tip&&(this.tip.remove(),this.tip=null)}static jQueryInterface(t){return this.each((function(){const e=cn.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===e[t])throw new TypeError(`No method named "${t}"`);e[t]()}}))}}g(cn);const hn={...cn.Default,content:"",offset:[0,8],placement:"right",template:'<div class="popover" role="tooltip"><div class="popover-arrow"></div><h3 class="popover-header"></h3><div class="popover-body"></div></div>',trigger:"click"},dn={...cn.DefaultType,content:"(null|string|element|function)"};class un extends cn{static get Default(){return hn}static get DefaultType(){return dn}static get NAME(){return"popover"}_isWithContent(){return this._getTitle()||this._getContent()}_getContentForTemplate(){return{".popover-header":this._getTitle(),".popover-body":this._getContent()}}_getContent(){return this._resolvePossibleFunction(this._config.content)}static jQueryInterface(t){return this.each((function(){const e=un.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===e[t])throw new TypeError(`No method named "${t}"`);e[t]()}}))}}g(un);const fn="click.bs.scrollspy",pn="active",gn="[href]",mn={offset:null,rootMargin:"0px 0px -25%",smoothScroll:!1,target:null,threshold:[.1,.5,1]},_n={offset:"(number|null)",rootMargin:"string",smoothScroll:"boolean",target:"element",threshold:"array"};class bn extends z{constructor(t,e){super(t,e),this._targetLinks=new Map,this._observableSections=new Map,this._rootElement="visible"===getComputedStyle(this._element).overflowY?null:this._element,this._activeTarget=null,this._observer=null,this._previousScrollData={visibleEntryTop:0,parentScrollTop:0},this.refresh()}static get Default(){return mn}static get DefaultType(){return _n}static get NAME(){return"scrollspy"}refresh(){this._initializeTargetsAndObservables(),this._maybeEnableSmoothScroll(),this._observer?this._observer.disconnect():this._observer=this._getNewObserver();for(const t of this._observableSections.values())this._observer.observe(t)}dispose(){this._observer.disconnect(),super.dispose()}_configAfterMerge(t){return t.target=r(t.target)||document.body,t.rootMargin=t.offset?`${t.offset}px 0px -30%`:t.rootMargin,"string"==typeof t.threshold&&(t.threshold=t.threshold.split(",").map((t=>Number.parseFloat(t)))),t}_maybeEnableSmoothScroll(){this._config.smoothScroll&&(P.off(this._config.target,fn),P.on(this._config.target,fn,gn,(t=>{const e=this._observableSections.get(t.target.hash);if(e){t.preventDefault();const i=this._rootElement||window,n=e.offsetTop-this._element.offsetTop;if(i.scrollTo)return void i.scrollTo({top:n,behavior:"smooth"});i.scrollTop=n}})))}_getNewObserver(){const t={root:this._rootElement,threshold:this._config.threshold,rootMargin:this._config.rootMargin};return new IntersectionObserver((t=>this._observerCallback(t)),t)}_observerCallback(t){const e=t=>this._targetLinks.get(`#${t.target.id}`),i=t=>{this._previousScrollData.visibleEntryTop=t.target.offsetTop,this._process(e(t))},n=(this._rootElement||document.documentElement).scrollTop,s=n>=this._previousScrollData.parentScrollTop;this._previousScrollData.parentScrollTop=n;for(const o of t){if(!o.isIntersecting){this._activeTarget=null,this._clearActiveClass(e(o));continue}const t=o.target.offsetTop>=this._previousScrollData.visibleEntryTop;if(s&&t){if(i(o),!n)return}else s||t||i(o)}}_initializeTargetsAndObservables(){this._targetLinks=new Map,this._observableSections=new Map;const t=Q.find(gn,this._config.target);for(const e of t){if(!e.hash||l(e))continue;const t=Q.findOne(e.hash,this._element);a(t)&&(this._targetLinks.set(e.hash,e),this._observableSections.set(e.hash,t))}}_process(t){this._activeTarget!==t&&(this._clearActiveClass(this._config.target),this._activeTarget=t,t.classList.add(pn),this._activateParents(t),P.trigger(this._element,"activate.bs.scrollspy",{relatedTarget:t}))}_activateParents(t){if(t.classList.contains("dropdown-item"))Q.findOne(".dropdown-toggle",t.closest(".dropdown")).classList.add(pn);else for(const e of Q.parents(t,".nav, .list-group"))for(const t of Q.prev(e,".nav-link, .nav-item > .nav-link, .list-group-item"))t.classList.add(pn)}_clearActiveClass(t){t.classList.remove(pn);const e=Q.find("[href].active",t);for(const t of e)t.classList.remove(pn)}static jQueryInterface(t){return this.each((function(){const e=bn.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===e[t]||t.startsWith("_")||"constructor"===t)throw new TypeError(`No method named "${t}"`);e[t]()}}))}}P.on(window,"load.bs.scrollspy.data-api",(()=>{for(const t of Q.find('[data-bs-spy="scroll"]'))bn.getOrCreateInstance(t)})),g(bn);const vn="ArrowLeft",yn="ArrowRight",wn="ArrowUp",An="ArrowDown",En="active",Tn="fade",Cn="show",On='[data-bs-toggle="tab"], [data-bs-toggle="pill"], [data-bs-toggle="list"]',xn=`.nav-link:not(.dropdown-toggle), .list-group-item:not(.dropdown-toggle), [role="tab"]:not(.dropdown-toggle), ${On}`;class kn extends z{constructor(t){super(t),this._parent=this._element.closest('.list-group, .nav, [role="tablist"]'),this._parent&&(this._setInitialAttributes(this._parent,this._getChildren()),P.on(this._element,"keydown.bs.tab",(t=>this._keydown(t))))}static get NAME(){return"tab"}show(){const t=this._element;if(this._elemIsActive(t))return;const e=this._getActiveElem(),i=e?P.trigger(e,"hide.bs.tab",{relatedTarget:t}):null;P.trigger(t,"show.bs.tab",{relatedTarget:e}).defaultPrevented||i&&i.defaultPrevented||(this._deactivate(e,t),this._activate(t,e))}_activate(t,e){t&&(t.classList.add(En),this._activate(n(t)),this._queueCallback((()=>{"tab"===t.getAttribute("role")?(t.removeAttribute("tabindex"),t.setAttribute("aria-selected",!0),this._toggleDropDown(t,!0),P.trigger(t,"shown.bs.tab",{relatedTarget:e})):t.classList.add(Cn)}),t,t.classList.contains(Tn)))}_deactivate(t,e){t&&(t.classList.remove(En),t.blur(),this._deactivate(n(t)),this._queueCallback((()=>{"tab"===t.getAttribute("role")?(t.setAttribute("aria-selected",!1),t.setAttribute("tabindex","-1"),this._toggleDropDown(t,!1),P.trigger(t,"hidden.bs.tab",{relatedTarget:e})):t.classList.remove(Cn)}),t,t.classList.contains(Tn)))}_keydown(t){if(![vn,yn,wn,An].includes(t.key))return;t.stopPropagation(),t.preventDefault();const e=[yn,An].includes(t.key),i=b(this._getChildren().filter((t=>!l(t))),t.target,e,!0);i&&(i.focus({preventScroll:!0}),kn.getOrCreateInstance(i).show())}_getChildren(){return Q.find(xn,this._parent)}_getActiveElem(){return this._getChildren().find((t=>this._elemIsActive(t)))||null}_setInitialAttributes(t,e){this._setAttributeIfNotExists(t,"role","tablist");for(const t of e)this._setInitialAttributesOnChild(t)}_setInitialAttributesOnChild(t){t=this._getInnerElement(t);const e=this._elemIsActive(t),i=this._getOuterElement(t);t.setAttribute("aria-selected",e),i!==t&&this._setAttributeIfNotExists(i,"role","presentation"),e||t.setAttribute("tabindex","-1"),this._setAttributeIfNotExists(t,"role","tab"),this._setInitialAttributesOnTargetPanel(t)}_setInitialAttributesOnTargetPanel(t){const e=n(t);e&&(this._setAttributeIfNotExists(e,"role","tabpanel"),t.id&&this._setAttributeIfNotExists(e,"aria-labelledby",`#${t.id}`))}_toggleDropDown(t,e){const i=this._getOuterElement(t);if(!i.classList.contains("dropdown"))return;const n=(t,n)=>{const s=Q.findOne(t,i);s&&s.classList.toggle(n,e)};n(".dropdown-toggle",En),n(".dropdown-menu",Cn),i.setAttribute("aria-expanded",e)}_setAttributeIfNotExists(t,e,i){t.hasAttribute(e)||t.setAttribute(e,i)}_elemIsActive(t){return t.classList.contains(En)}_getInnerElement(t){return t.matches(xn)?t:Q.findOne(xn,t)}_getOuterElement(t){return t.closest(".nav-item, .list-group-item")||t}static jQueryInterface(t){return this.each((function(){const e=kn.getOrCreateInstance(this);if("string"==typeof t){if(void 0===e[t]||t.startsWith("_")||"constructor"===t)throw new TypeError(`No method named "${t}"`);e[t]()}}))}}P.on(document,"click.bs.tab",On,(function(t){["A","AREA"].includes(this.tagName)&&t.preventDefault(),l(this)||kn.getOrCreateInstance(this).show()})),P.on(window,"load.bs.tab",(()=>{for(const t of Q.find('.active[data-bs-toggle="tab"], .active[data-bs-toggle="pill"], .active[data-bs-toggle="list"]'))kn.getOrCreateInstance(t)})),g(kn);const Ln="hide",Dn="show",Sn="showing",In={animation:"boolean",autohide:"boolean",delay:"number"},Nn={animation:!0,autohide:!0,delay:5e3};class Pn extends z{constructor(t,e){super(t,e),this._timeout=null,this._hasMouseInteraction=!1,this._hasKeyboardInteraction=!1,this._setListeners()}static get Default(){return Nn}static get DefaultType(){return In}static get NAME(){return"toast"}show(){P.trigger(this._element,"show.bs.toast").defaultPrevented||(this._clearTimeout(),this._config.animation&&this._element.classList.add("fade"),this._element.classList.remove(Ln),d(this._element),this._element.classList.add(Dn,Sn),this._queueCallback((()=>{this._element.classList.remove(Sn),P.trigger(this._element,"shown.bs.toast"),this._maybeScheduleHide()}),this._element,this._config.animation))}hide(){this.isShown()&&(P.trigger(this._element,"hide.bs.toast").defaultPrevented||(this._element.classList.add(Sn),this._queueCallback((()=>{this._element.classList.add(Ln),this._element.classList.remove(Sn,Dn),P.trigger(this._element,"hidden.bs.toast")}),this._element,this._config.animation)))}dispose(){this._clearTimeout(),this.isShown()&&this._element.classList.remove(Dn),super.dispose()}isShown(){return this._element.classList.contains(Dn)}_maybeScheduleHide(){this._config.autohide&&(this._hasMouseInteraction||this._hasKeyboardInteraction||(this._timeout=setTimeout((()=>{this.hide()}),this._config.delay)))}_onInteraction(t,e){switch(t.type){case"mouseover":case"mouseout":this._hasMouseInteraction=e;break;case"focusin":case"focusout":this._hasKeyboardInteraction=e}if(e)return void this._clearTimeout();const i=t.relatedTarget;this._element===i||this._element.contains(i)||this._maybeScheduleHide()}_setListeners(){P.on(this._element,"mouseover.bs.toast",(t=>this._onInteraction(t,!0))),P.on(this._element,"mouseout.bs.toast",(t=>this._onInteraction(t,!1))),P.on(this._element,"focusin.bs.toast",(t=>this._onInteraction(t,!0))),P.on(this._element,"focusout.bs.toast",(t=>this._onInteraction(t,!1)))}_clearTimeout(){clearTimeout(this._timeout),this._timeout=null}static jQueryInterface(t){return this.each((function(){const e=Pn.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===e[t])throw new TypeError(`No method named "${t}"`);e[t](this)}}))}}return q(Pn),g(Pn),{Alert:R,Button:K,Carousel:at,Collapse:pt,Dropdown:hi,Modal:Ni,Offcanvas:zi,Popover:un,ScrollSpy:bn,Tab:kn,Toast:Pn,Tooltip:cn}}));+!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):(t="undefined"!=typeof globalThis?globalThis:t||self).bootstrap=e()}(this,(function(){"use strict";const t=new Map,e={set(e,i,n){t.has(e)||t.set(e,new Map);const s=t.get(e);s.has(i)||0===s.size?s.set(i,n):console.error(`Bootstrap doesn't allow more than one instance per element. Bound instance: ${Array.from(s.keys())[0]}.`)},get:(e,i)=>t.has(e)&&t.get(e).get(i)||null,remove(e,i){if(!t.has(e))return;const n=t.get(e);n.delete(i),0===n.size&&t.delete(e)}},i="transitionend",n=t=>(t&&window.CSS&&window.CSS.escape&&(t=t.replace(/#([^\s"#']+)/g,((t,e)=>`#${CSS.escape(e)}`))),t),s=t=>{t.dispatchEvent(new Event(i))},o=t=>!(!t||"object"!=typeof t)&&(void 0!==t.jquery&&(t=t[0]),void 0!==t.nodeType),r=t=>o(t)?t.jquery?t[0]:t:"string"==typeof t&&t.length>0?document.querySelector(n(t)):null,a=t=>{if(!o(t)||0===t.getClientRects().length)return!1;const e="visible"===getComputedStyle(t).getPropertyValue("visibility"),i=t.closest("details:not([open])");if(!i)return e;if(i!==t){const e=t.closest("summary");if(e&&e.parentNode!==i)return!1;if(null===e)return!1}return e},l=t=>!t||t.nodeType!==Node.ELEMENT_NODE||!!t.classList.contains("disabled")||(void 0!==t.disabled?t.disabled:t.hasAttribute("disabled")&&"false"!==t.getAttribute("disabled")),c=t=>{if(!document.documentElement.attachShadow)return null;if("function"==typeof t.getRootNode){const e=t.getRootNode();return e instanceof ShadowRoot?e:null}return t instanceof ShadowRoot?t:t.parentNode?c(t.parentNode):null},h=()=>{},d=t=>{t.offsetHeight},u=()=>window.jQuery&&!document.body.hasAttribute("data-bs-no-jquery")?window.jQuery:null,f=[],p=()=>"rtl"===document.documentElement.dir,m=t=>{var e;e=()=>{const e=u();if(e){const i=t.NAME,n=e.fn[i];e.fn[i]=t.jQueryInterface,e.fn[i].Constructor=t,e.fn[i].noConflict=()=>(e.fn[i]=n,t.jQueryInterface)}},"loading"===document.readyState?(f.length||document.addEventListener("DOMContentLoaded",(()=>{for(const t of f)t()})),f.push(e)):e()},g=(t,e=[],i=t)=>"function"==typeof t?t(...e):i,_=(t,e,n=!0)=>{if(!n)return void g(t);const o=(t=>{if(!t)return 0;let{transitionDuration:e,transitionDelay:i}=window.getComputedStyle(t);const n=Number.parseFloat(e),s=Number.parseFloat(i);return n||s?(e=e.split(",")[0],i=i.split(",")[0],1e3*(Number.parseFloat(e)+Number.parseFloat(i))):0})(e)+5;let r=!1;const a=({target:n})=>{n===e&&(r=!0,e.removeEventListener(i,a),g(t))};e.addEventListener(i,a),setTimeout((()=>{r||s(e)}),o)},b=(t,e,i,n)=>{const s=t.length;let o=t.indexOf(e);return-1===o?!i&&n?t[s-1]:t[0]:(o+=i?1:-1,n&&(o=(o+s)%s),t[Math.max(0,Math.min(o,s-1))])},v=/[^.]*(?=\..*)\.|.*/,y=/\..*/,w=/::\d+$/,A={};let E=1;const T={mouseenter:"mouseover",mouseleave:"mouseout"},C=new Set(["click","dblclick","mouseup","mousedown","contextmenu","mousewheel","DOMMouseScroll","mouseover","mouseout","mousemove","selectstart","selectend","keydown","keypress","keyup","orientationchange","touchstart","touchmove","touchend","touchcancel","pointerdown","pointermove","pointerup","pointerleave","pointercancel","gesturestart","gesturechange","gestureend","focus","blur","change","reset","select","submit","focusin","focusout","load","unload","beforeunload","resize","move","DOMContentLoaded","readystatechange","error","abort","scroll"]);function O(t,e){return e&&`${e}::${E++}`||t.uidEvent||E++}function x(t){const e=O(t);return t.uidEvent=e,A[e]=A[e]||{},A[e]}function k(t,e,i=null){return Object.values(t).find((t=>t.callable===e&&t.delegationSelector===i))}function L(t,e,i){const n="string"==typeof e,s=n?i:e||i;let o=I(t);return C.has(o)||(o=t),[n,s,o]}function S(t,e,i,n,s){if("string"!=typeof e||!t)return;let[o,r,a]=L(e,i,n);if(e in T){const t=t=>function(e){if(!e.relatedTarget||e.relatedTarget!==e.delegateTarget&&!e.delegateTarget.contains(e.relatedTarget))return t.call(this,e)};r=t(r)}const l=x(t),c=l[a]||(l[a]={}),h=k(c,r,o?i:null);if(h)return void(h.oneOff=h.oneOff&&s);const d=O(r,e.replace(v,"")),u=o?function(t,e,i){return function n(s){const o=t.querySelectorAll(e);for(let{target:r}=s;r&&r!==this;r=r.parentNode)for(const a of o)if(a===r)return P(s,{delegateTarget:r}),n.oneOff&&N.off(t,s.type,e,i),i.apply(r,[s])}}(t,i,r):function(t,e){return function i(n){return P(n,{delegateTarget:t}),i.oneOff&&N.off(t,n.type,e),e.apply(t,[n])}}(t,r);u.delegationSelector=o?i:null,u.callable=r,u.oneOff=s,u.uidEvent=d,c[d]=u,t.addEventListener(a,u,o)}function D(t,e,i,n,s){const o=k(e[i],n,s);o&&(t.removeEventListener(i,o,Boolean(s)),delete e[i][o.uidEvent])}function $(t,e,i,n){const s=e[i]||{};for(const[o,r]of Object.entries(s))o.includes(n)&&D(t,e,i,r.callable,r.delegationSelector)}function I(t){return t=t.replace(y,""),T[t]||t}const N={on(t,e,i,n){S(t,e,i,n,!1)},one(t,e,i,n){S(t,e,i,n,!0)},off(t,e,i,n){if("string"!=typeof e||!t)return;const[s,o,r]=L(e,i,n),a=r!==e,l=x(t),c=l[r]||{},h=e.startsWith(".");if(void 0===o){if(h)for(const i of Object.keys(l))$(t,l,i,e.slice(1));for(const[i,n]of Object.entries(c)){const s=i.replace(w,"");a&&!e.includes(s)||D(t,l,r,n.callable,n.delegationSelector)}}else{if(!Object.keys(c).length)return;D(t,l,r,o,s?i:null)}},trigger(t,e,i){if("string"!=typeof e||!t)return null;const n=u();let s=null,o=!0,r=!0,a=!1;e!==I(e)&&n&&(s=n.Event(e,i),n(t).trigger(s),o=!s.isPropagationStopped(),r=!s.isImmediatePropagationStopped(),a=s.isDefaultPrevented());const l=P(new Event(e,{bubbles:o,cancelable:!0}),i);return a&&l.preventDefault(),r&&t.dispatchEvent(l),l.defaultPrevented&&s&&s.preventDefault(),l}};function P(t,e={}){for(const[i,n]of Object.entries(e))try{t[i]=n}catch(e){Object.defineProperty(t,i,{configurable:!0,get:()=>n})}return t}function j(t){if("true"===t)return!0;if("false"===t)return!1;if(t===Number(t).toString())return Number(t);if(""===t||"null"===t)return null;if("string"!=typeof t)return t;try{return JSON.parse(decodeURIComponent(t))}catch(e){return t}}function M(t){return t.replace(/[A-Z]/g,(t=>`-${t.toLowerCase()}`))}const F={setDataAttribute(t,e,i){t.setAttribute(`data-bs-${M(e)}`,i)},removeDataAttribute(t,e){t.removeAttribute(`data-bs-${M(e)}`)},getDataAttributes(t){if(!t)return{};const e={},i=Object.keys(t.dataset).filter((t=>t.startsWith("bs")&&!t.startsWith("bsConfig")));for(const n of i){let i=n.replace(/^bs/,"");i=i.charAt(0).toLowerCase()+i.slice(1,i.length),e[i]=j(t.dataset[n])}return e},getDataAttribute:(t,e)=>j(t.getAttribute(`data-bs-${M(e)}`))};class H{static get Default(){return{}}static get DefaultType(){return{}}static get NAME(){throw new Error('You have to implement the static method "NAME", for each component!')}_getConfig(t){return t=this._mergeConfigObj(t),t=this._configAfterMerge(t),this._typeCheckConfig(t),t}_configAfterMerge(t){return t}_mergeConfigObj(t,e){const i=o(e)?F.getDataAttribute(e,"config"):{};return{...this.constructor.Default,..."object"==typeof i?i:{},...o(e)?F.getDataAttributes(e):{},..."object"==typeof t?t:{}}}_typeCheckConfig(t,e=this.constructor.DefaultType){for(const[n,s]of Object.entries(e)){const e=t[n],r=o(e)?"element":null==(i=e)?`${i}`:Object.prototype.toString.call(i).match(/\s([a-z]+)/i)[1].toLowerCase();if(!new RegExp(s).test(r))throw new TypeError(`${this.constructor.NAME.toUpperCase()}: Option "${n}" provided type "${r}" but expected type "${s}".`)}var i}}class W extends H{constructor(t,i){super(),(t=r(t))&&(this._element=t,this._config=this._getConfig(i),e.set(this._element,this.constructor.DATA_KEY,this))}dispose(){e.remove(this._element,this.constructor.DATA_KEY),N.off(this._element,this.constructor.EVENT_KEY);for(const t of Object.getOwnPropertyNames(this))this[t]=null}_queueCallback(t,e,i=!0){_(t,e,i)}_getConfig(t){return t=this._mergeConfigObj(t,this._element),t=this._configAfterMerge(t),this._typeCheckConfig(t),t}static getInstance(t){return e.get(r(t),this.DATA_KEY)}static getOrCreateInstance(t,e={}){return this.getInstance(t)||new this(t,"object"==typeof e?e:null)}static get VERSION(){return"5.3.3"}static get DATA_KEY(){return`bs.${this.NAME}`}static get EVENT_KEY(){return`.${this.DATA_KEY}`}static eventName(t){return`${t}${this.EVENT_KEY}`}}const B=t=>{let e=t.getAttribute("data-bs-target");if(!e||"#"===e){let i=t.getAttribute("href");if(!i||!i.includes("#")&&!i.startsWith("."))return null;i.includes("#")&&!i.startsWith("#")&&(i=`#${i.split("#")[1]}`),e=i&&"#"!==i?i.trim():null}return e?e.split(",").map((t=>n(t))).join(","):null},z={find:(t,e=document.documentElement)=>[].concat(...Element.prototype.querySelectorAll.call(e,t)),findOne:(t,e=document.documentElement)=>Element.prototype.querySelector.call(e,t),children:(t,e)=>[].concat(...t.children).filter((t=>t.matches(e))),parents(t,e){const i=[];let n=t.parentNode.closest(e);for(;n;)i.push(n),n=n.parentNode.closest(e);return i},prev(t,e){let i=t.previousElementSibling;for(;i;){if(i.matches(e))return[i];i=i.previousElementSibling}return[]},next(t,e){let i=t.nextElementSibling;for(;i;){if(i.matches(e))return[i];i=i.nextElementSibling}return[]},focusableChildren(t){const e=["a","button","input","textarea","select","details","[tabindex]",'[contenteditable="true"]'].map((t=>`${t}:not([tabindex^="-"])`)).join(",");return this.find(e,t).filter((t=>!l(t)&&a(t)))},getSelectorFromElement(t){const e=B(t);return e&&z.findOne(e)?e:null},getElementFromSelector(t){const e=B(t);return e?z.findOne(e):null},getMultipleElementsFromSelector(t){const e=B(t);return e?z.find(e):[]}},R=(t,e="hide")=>{const i=`click.dismiss${t.EVENT_KEY}`,n=t.NAME;N.on(document,i,`[data-bs-dismiss="${n}"]`,(function(i){if(["A","AREA"].includes(this.tagName)&&i.preventDefault(),l(this))return;const s=z.getElementFromSelector(this)||this.closest(`.${n}`);t.getOrCreateInstance(s)[e]()}))},q=".bs.alert",V=`close${q}`,K=`closed${q}`;class Q extends W{static get NAME(){return"alert"}close(){if(N.trigger(this._element,V).defaultPrevented)return;this._element.classList.remove("show");const t=this._element.classList.contains("fade");this._queueCallback((()=>this._destroyElement()),this._element,t)}_destroyElement(){this._element.remove(),N.trigger(this._element,K),this.dispose()}static jQueryInterface(t){return this.each((function(){const e=Q.getOrCreateInstance(this);if("string"==typeof t){if(void 0===e[t]||t.startsWith("_")||"constructor"===t)throw new TypeError(`No method named "${t}"`);e[t](this)}}))}}R(Q,"close"),m(Q);const X='[data-bs-toggle="button"]';class Y extends W{static get NAME(){return"button"}toggle(){this._element.setAttribute("aria-pressed",this._element.classList.toggle("active"))}static jQueryInterface(t){return this.each((function(){const e=Y.getOrCreateInstance(this);"toggle"===t&&e[t]()}))}}N.on(document,"click.bs.button.data-api",X,(t=>{t.preventDefault();const e=t.target.closest(X);Y.getOrCreateInstance(e).toggle()})),m(Y);const U=".bs.swipe",G=`touchstart${U}`,J=`touchmove${U}`,Z=`touchend${U}`,tt=`pointerdown${U}`,et=`pointerup${U}`,it={endCallback:null,leftCallback:null,rightCallback:null},nt={endCallback:"(function|null)",leftCallback:"(function|null)",rightCallback:"(function|null)"};class st extends H{constructor(t,e){super(),this._element=t,t&&st.isSupported()&&(this._config=this._getConfig(e),this._deltaX=0,this._supportPointerEvents=Boolean(window.PointerEvent),this._initEvents())}static get Default(){return it}static get DefaultType(){return nt}static get NAME(){return"swipe"}dispose(){N.off(this._element,U)}_start(t){this._supportPointerEvents?this._eventIsPointerPenTouch(t)&&(this._deltaX=t.clientX):this._deltaX=t.touches[0].clientX}_end(t){this._eventIsPointerPenTouch(t)&&(this._deltaX=t.clientX-this._deltaX),this._handleSwipe(),g(this._config.endCallback)}_move(t){this._deltaX=t.touches&&t.touches.length>1?0:t.touches[0].clientX-this._deltaX}_handleSwipe(){const t=Math.abs(this._deltaX);if(t<=40)return;const e=t/this._deltaX;this._deltaX=0,e&&g(e>0?this._config.rightCallback:this._config.leftCallback)}_initEvents(){this._supportPointerEvents?(N.on(this._element,tt,(t=>this._start(t))),N.on(this._element,et,(t=>this._end(t))),this._element.classList.add("pointer-event")):(N.on(this._element,G,(t=>this._start(t))),N.on(this._element,J,(t=>this._move(t))),N.on(this._element,Z,(t=>this._end(t))))}_eventIsPointerPenTouch(t){return this._supportPointerEvents&&("pen"===t.pointerType||"touch"===t.pointerType)}static isSupported(){return"ontouchstart"in document.documentElement||navigator.maxTouchPoints>0}}const ot=".bs.carousel",rt=".data-api",at="next",lt="prev",ct="left",ht="right",dt=`slide${ot}`,ut=`slid${ot}`,ft=`keydown${ot}`,pt=`mouseenter${ot}`,mt=`mouseleave${ot}`,gt=`dragstart${ot}`,_t=`load${ot}${rt}`,bt=`click${ot}${rt}`,vt="carousel",yt="active",wt=".active",At=".carousel-item",Et=wt+At,Tt={ArrowLeft:ht,ArrowRight:ct},Ct={interval:5e3,keyboard:!0,pause:"hover",ride:!1,touch:!0,wrap:!0},Ot={interval:"(number|boolean)",keyboard:"boolean",pause:"(string|boolean)",ride:"(boolean|string)",touch:"boolean",wrap:"boolean"};class xt extends W{constructor(t,e){super(t,e),this._interval=null,this._activeElement=null,this._isSliding=!1,this.touchTimeout=null,this._swipeHelper=null,this._indicatorsElement=z.findOne(".carousel-indicators",this._element),this._addEventListeners(),this._config.ride===vt&&this.cycle()}static get Default(){return Ct}static get DefaultType(){return Ot}static get NAME(){return"carousel"}next(){this._slide(at)}nextWhenVisible(){!document.hidden&&a(this._element)&&this.next()}prev(){this._slide(lt)}pause(){this._isSliding&&s(this._element),this._clearInterval()}cycle(){this._clearInterval(),this._updateInterval(),this._interval=setInterval((()=>this.nextWhenVisible()),this._config.interval)}_maybeEnableCycle(){this._config.ride&&(this._isSliding?N.one(this._element,ut,(()=>this.cycle())):this.cycle())}to(t){const e=this._getItems();if(t>e.length-1||t<0)return;if(this._isSliding)return void N.one(this._element,ut,(()=>this.to(t)));const i=this._getItemIndex(this._getActive());if(i===t)return;const n=t>i?at:lt;this._slide(n,e[t])}dispose(){this._swipeHelper&&this._swipeHelper.dispose(),super.dispose()}_configAfterMerge(t){return t.defaultInterval=t.interval,t}_addEventListeners(){this._config.keyboard&&N.on(this._element,ft,(t=>this._keydown(t))),"hover"===this._config.pause&&(N.on(this._element,pt,(()=>this.pause())),N.on(this._element,mt,(()=>this._maybeEnableCycle()))),this._config.touch&&st.isSupported()&&this._addTouchEventListeners()}_addTouchEventListeners(){for(const t of z.find(".carousel-item img",this._element))N.on(t,gt,(t=>t.preventDefault()));const t={leftCallback:()=>this._slide(this._directionToOrder(ct)),rightCallback:()=>this._slide(this._directionToOrder(ht)),endCallback:()=>{"hover"===this._config.pause&&(this.pause(),this.touchTimeout&&clearTimeout(this.touchTimeout),this.touchTimeout=setTimeout((()=>this._maybeEnableCycle()),500+this._config.interval))}};this._swipeHelper=new st(this._element,t)}_keydown(t){if(/input|textarea/i.test(t.target.tagName))return;const e=Tt[t.key];e&&(t.preventDefault(),this._slide(this._directionToOrder(e)))}_getItemIndex(t){return this._getItems().indexOf(t)}_setActiveIndicatorElement(t){if(!this._indicatorsElement)return;const e=z.findOne(wt,this._indicatorsElement);e.classList.remove(yt),e.removeAttribute("aria-current");const i=z.findOne(`[data-bs-slide-to="${t}"]`,this._indicatorsElement);i&&(i.classList.add(yt),i.setAttribute("aria-current","true"))}_updateInterval(){const t=this._activeElement||this._getActive();if(!t)return;const e=Number.parseInt(t.getAttribute("data-bs-interval"),10);this._config.interval=e||this._config.defaultInterval}_slide(t,e=null){if(this._isSliding)return;const i=this._getActive(),n=t===at,s=e||b(this._getItems(),i,n,this._config.wrap);if(s===i)return;const o=this._getItemIndex(s),r=e=>N.trigger(this._element,e,{relatedTarget:s,direction:this._orderToDirection(t),from:this._getItemIndex(i),to:o});if(r(dt).defaultPrevented)return;if(!i||!s)return;const a=Boolean(this._interval);this.pause(),this._isSliding=!0,this._setActiveIndicatorElement(o),this._activeElement=s;const l=n?"carousel-item-start":"carousel-item-end",c=n?"carousel-item-next":"carousel-item-prev";s.classList.add(c),d(s),i.classList.add(l),s.classList.add(l),this._queueCallback((()=>{s.classList.remove(l,c),s.classList.add(yt),i.classList.remove(yt,c,l),this._isSliding=!1,r(ut)}),i,this._isAnimated()),a&&this.cycle()}_isAnimated(){return this._element.classList.contains("slide")}_getActive(){return z.findOne(Et,this._element)}_getItems(){return z.find(At,this._element)}_clearInterval(){this._interval&&(clearInterval(this._interval),this._interval=null)}_directionToOrder(t){return p()?t===ct?lt:at:t===ct?at:lt}_orderToDirection(t){return p()?t===lt?ct:ht:t===lt?ht:ct}static jQueryInterface(t){return this.each((function(){const e=xt.getOrCreateInstance(this,t);if("number"!=typeof t){if("string"==typeof t){if(void 0===e[t]||t.startsWith("_")||"constructor"===t)throw new TypeError(`No method named "${t}"`);e[t]()}}else e.to(t)}))}}N.on(document,bt,"[data-bs-slide], [data-bs-slide-to]",(function(t){const e=z.getElementFromSelector(this);if(!e||!e.classList.contains(vt))return;t.preventDefault();const i=xt.getOrCreateInstance(e),n=this.getAttribute("data-bs-slide-to");return n?(i.to(n),void i._maybeEnableCycle()):"next"===F.getDataAttribute(this,"slide")?(i.next(),void i._maybeEnableCycle()):(i.prev(),void i._maybeEnableCycle())})),N.on(window,_t,(()=>{const t=z.find('[data-bs-ride="carousel"]');for(const e of t)xt.getOrCreateInstance(e)})),m(xt);const kt=".bs.collapse",Lt=`show${kt}`,St=`shown${kt}`,Dt=`hide${kt}`,$t=`hidden${kt}`,It=`click${kt}.data-api`,Nt="show",Pt="collapse",jt="collapsing",Mt=`:scope .${Pt} .${Pt}`,Ft='[data-bs-toggle="collapse"]',Ht={parent:null,toggle:!0},Wt={parent:"(null|element)",toggle:"boolean"};class Bt extends W{constructor(t,e){super(t,e),this._isTransitioning=!1,this._triggerArray=[];const i=z.find(Ft);for(const t of i){const e=z.getSelectorFromElement(t),i=z.find(e).filter((t=>t===this._element));null!==e&&i.length&&this._triggerArray.push(t)}this._initializeChildren(),this._config.parent||this._addAriaAndCollapsedClass(this._triggerArray,this._isShown()),this._config.toggle&&this.toggle()}static get Default(){return Ht}static get DefaultType(){return Wt}static get NAME(){return"collapse"}toggle(){this._isShown()?this.hide():this.show()}show(){if(this._isTransitioning||this._isShown())return;let t=[];if(this._config.parent&&(t=this._getFirstLevelChildren(".collapse.show, .collapse.collapsing").filter((t=>t!==this._element)).map((t=>Bt.getOrCreateInstance(t,{toggle:!1})))),t.length&&t[0]._isTransitioning)return;if(N.trigger(this._element,Lt).defaultPrevented)return;for(const e of t)e.hide();const e=this._getDimension();this._element.classList.remove(Pt),this._element.classList.add(jt),this._element.style[e]=0,this._addAriaAndCollapsedClass(this._triggerArray,!0),this._isTransitioning=!0;const i=`scroll${e[0].toUpperCase()+e.slice(1)}`;this._queueCallback((()=>{this._isTransitioning=!1,this._element.classList.remove(jt),this._element.classList.add(Pt,Nt),this._element.style[e]="",N.trigger(this._element,St)}),this._element,!0),this._element.style[e]=`${this._element[i]}px`}hide(){if(this._isTransitioning||!this._isShown())return;if(N.trigger(this._element,Dt).defaultPrevented)return;const t=this._getDimension();this._element.style[t]=`${this._element.getBoundingClientRect()[t]}px`,d(this._element),this._element.classList.add(jt),this._element.classList.remove(Pt,Nt);for(const t of this._triggerArray){const e=z.getElementFromSelector(t);e&&!this._isShown(e)&&this._addAriaAndCollapsedClass([t],!1)}this._isTransitioning=!0,this._element.style[t]="",this._queueCallback((()=>{this._isTransitioning=!1,this._element.classList.remove(jt),this._element.classList.add(Pt),N.trigger(this._element,$t)}),this._element,!0)}_isShown(t=this._element){return t.classList.contains(Nt)}_configAfterMerge(t){return t.toggle=Boolean(t.toggle),t.parent=r(t.parent),t}_getDimension(){return this._element.classList.contains("collapse-horizontal")?"width":"height"}_initializeChildren(){if(!this._config.parent)return;const t=this._getFirstLevelChildren(Ft);for(const e of t){const t=z.getElementFromSelector(e);t&&this._addAriaAndCollapsedClass([e],this._isShown(t))}}_getFirstLevelChildren(t){const e=z.find(Mt,this._config.parent);return z.find(t,this._config.parent).filter((t=>!e.includes(t)))}_addAriaAndCollapsedClass(t,e){if(t.length)for(const i of t)i.classList.toggle("collapsed",!e),i.setAttribute("aria-expanded",e)}static jQueryInterface(t){const e={};return"string"==typeof t&&/show|hide/.test(t)&&(e.toggle=!1),this.each((function(){const i=Bt.getOrCreateInstance(this,e);if("string"==typeof t){if(void 0===i[t])throw new TypeError(`No method named "${t}"`);i[t]()}}))}}N.on(document,It,Ft,(function(t){("A"===t.target.tagName||t.delegateTarget&&"A"===t.delegateTarget.tagName)&&t.preventDefault();for(const t of z.getMultipleElementsFromSelector(this))Bt.getOrCreateInstance(t,{toggle:!1}).toggle()})),m(Bt);var zt="top",Rt="bottom",qt="right",Vt="left",Kt="auto",Qt=[zt,Rt,qt,Vt],Xt="start",Yt="end",Ut="clippingParents",Gt="viewport",Jt="popper",Zt="reference",te=Qt.reduce((function(t,e){return t.concat([e+"-"+Xt,e+"-"+Yt])}),[]),ee=[].concat(Qt,[Kt]).reduce((function(t,e){return t.concat([e,e+"-"+Xt,e+"-"+Yt])}),[]),ie="beforeRead",ne="read",se="afterRead",oe="beforeMain",re="main",ae="afterMain",le="beforeWrite",ce="write",he="afterWrite",de=[ie,ne,se,oe,re,ae,le,ce,he];function ue(t){return t?(t.nodeName||"").toLowerCase():null}function fe(t){if(null==t)return window;if("[object Window]"!==t.toString()){var e=t.ownerDocument;return e&&e.defaultView||window}return t}function pe(t){return t instanceof fe(t).Element||t instanceof Element}function me(t){return t instanceof fe(t).HTMLElement||t instanceof HTMLElement}function ge(t){return"undefined"!=typeof ShadowRoot&&(t instanceof fe(t).ShadowRoot||t instanceof ShadowRoot)}const _e={name:"applyStyles",enabled:!0,phase:"write",fn:function(t){var e=t.state;Object.keys(e.elements).forEach((function(t){var i=e.styles[t]||{},n=e.attributes[t]||{},s=e.elements[t];me(s)&&ue(s)&&(Object.assign(s.style,i),Object.keys(n).forEach((function(t){var e=n[t];!1===e?s.removeAttribute(t):s.setAttribute(t,!0===e?"":e)})))}))},effect:function(t){var e=t.state,i={popper:{position:e.options.strategy,left:"0",top:"0",margin:"0"},arrow:{position:"absolute"},reference:{}};return Object.assign(e.elements.popper.style,i.popper),e.styles=i,e.elements.arrow&&Object.assign(e.elements.arrow.style,i.arrow),function(){Object.keys(e.elements).forEach((function(t){var n=e.elements[t],s=e.attributes[t]||{},o=Object.keys(e.styles.hasOwnProperty(t)?e.styles[t]:i[t]).reduce((function(t,e){return t[e]="",t}),{});me(n)&&ue(n)&&(Object.assign(n.style,o),Object.keys(s).forEach((function(t){n.removeAttribute(t)})))}))}},requires:["computeStyles"]};function be(t){return t.split("-")[0]}var ve=Math.max,ye=Math.min,we=Math.round;function Ae(){var t=navigator.userAgentData;return null!=t&&t.brands&&Array.isArray(t.brands)?t.brands.map((function(t){return t.brand+"/"+t.version})).join(" "):navigator.userAgent}function Ee(){return!/^((?!chrome|android).)*safari/i.test(Ae())}function Te(t,e,i){void 0===e&&(e=!1),void 0===i&&(i=!1);var n=t.getBoundingClientRect(),s=1,o=1;e&&me(t)&&(s=t.offsetWidth>0&&we(n.width)/t.offsetWidth||1,o=t.offsetHeight>0&&we(n.height)/t.offsetHeight||1);var r=(pe(t)?fe(t):window).visualViewport,a=!Ee()&&i,l=(n.left+(a&&r?r.offsetLeft:0))/s,c=(n.top+(a&&r?r.offsetTop:0))/o,h=n.width/s,d=n.height/o;return{width:h,height:d,top:c,right:l+h,bottom:c+d,left:l,x:l,y:c}}function Ce(t){var e=Te(t),i=t.offsetWidth,n=t.offsetHeight;return Math.abs(e.width-i)<=1&&(i=e.width),Math.abs(e.height-n)<=1&&(n=e.height),{x:t.offsetLeft,y:t.offsetTop,width:i,height:n}}function Oe(t,e){var i=e.getRootNode&&e.getRootNode();if(t.contains(e))return!0;if(i&&ge(i)){var n=e;do{if(n&&t.isSameNode(n))return!0;n=n.parentNode||n.host}while(n)}return!1}function xe(t){return fe(t).getComputedStyle(t)}function ke(t){return["table","td","th"].indexOf(ue(t))>=0}function Le(t){return((pe(t)?t.ownerDocument:t.document)||window.document).documentElement}function Se(t){return"html"===ue(t)?t:t.assignedSlot||t.parentNode||(ge(t)?t.host:null)||Le(t)}function De(t){return me(t)&&"fixed"!==xe(t).position?t.offsetParent:null}function $e(t){for(var e=fe(t),i=De(t);i&&ke(i)&&"static"===xe(i).position;)i=De(i);return i&&("html"===ue(i)||"body"===ue(i)&&"static"===xe(i).position)?e:i||function(t){var e=/firefox/i.test(Ae());if(/Trident/i.test(Ae())&&me(t)&&"fixed"===xe(t).position)return null;var i=Se(t);for(ge(i)&&(i=i.host);me(i)&&["html","body"].indexOf(ue(i))<0;){var n=xe(i);if("none"!==n.transform||"none"!==n.perspective||"paint"===n.contain||-1!==["transform","perspective"].indexOf(n.willChange)||e&&"filter"===n.willChange||e&&n.filter&&"none"!==n.filter)return i;i=i.parentNode}return null}(t)||e}function Ie(t){return["top","bottom"].indexOf(t)>=0?"x":"y"}function Ne(t,e,i){return ve(t,ye(e,i))}function Pe(t){return Object.assign({},{top:0,right:0,bottom:0,left:0},t)}function je(t,e){return e.reduce((function(e,i){return e[i]=t,e}),{})}const Me={name:"arrow",enabled:!0,phase:"main",fn:function(t){var e,i=t.state,n=t.name,s=t.options,o=i.elements.arrow,r=i.modifiersData.popperOffsets,a=be(i.placement),l=Ie(a),c=[Vt,qt].indexOf(a)>=0?"height":"width";if(o&&r){var h=function(t,e){return Pe("number"!=typeof(t="function"==typeof t?t(Object.assign({},e.rects,{placement:e.placement})):t)?t:je(t,Qt))}(s.padding,i),d=Ce(o),u="y"===l?zt:Vt,f="y"===l?Rt:qt,p=i.rects.reference[c]+i.rects.reference[l]-r[l]-i.rects.popper[c],m=r[l]-i.rects.reference[l],g=$e(o),_=g?"y"===l?g.clientHeight||0:g.clientWidth||0:0,b=p/2-m/2,v=h[u],y=_-d[c]-h[f],w=_/2-d[c]/2+b,A=Ne(v,w,y),E=l;i.modifiersData[n]=((e={})[E]=A,e.centerOffset=A-w,e)}},effect:function(t){var e=t.state,i=t.options.element,n=void 0===i?"[data-popper-arrow]":i;null!=n&&("string"!=typeof n||(n=e.elements.popper.querySelector(n)))&&Oe(e.elements.popper,n)&&(e.elements.arrow=n)},requires:["popperOffsets"],requiresIfExists:["preventOverflow"]};function Fe(t){return t.split("-")[1]}var He={top:"auto",right:"auto",bottom:"auto",left:"auto"};function We(t){var e,i=t.popper,n=t.popperRect,s=t.placement,o=t.variation,r=t.offsets,a=t.position,l=t.gpuAcceleration,c=t.adaptive,h=t.roundOffsets,d=t.isFixed,u=r.x,f=void 0===u?0:u,p=r.y,m=void 0===p?0:p,g="function"==typeof h?h({x:f,y:m}):{x:f,y:m};f=g.x,m=g.y;var _=r.hasOwnProperty("x"),b=r.hasOwnProperty("y"),v=Vt,y=zt,w=window;if(c){var A=$e(i),E="clientHeight",T="clientWidth";A===fe(i)&&"static"!==xe(A=Le(i)).position&&"absolute"===a&&(E="scrollHeight",T="scrollWidth"),(s===zt||(s===Vt||s===qt)&&o===Yt)&&(y=Rt,m-=(d&&A===w&&w.visualViewport?w.visualViewport.height:A[E])-n.height,m*=l?1:-1),s!==Vt&&(s!==zt&&s!==Rt||o!==Yt)||(v=qt,f-=(d&&A===w&&w.visualViewport?w.visualViewport.width:A[T])-n.width,f*=l?1:-1)}var C,O=Object.assign({position:a},c&&He),x=!0===h?function(t,e){var i=t.x,n=t.y,s=e.devicePixelRatio||1;return{x:we(i*s)/s||0,y:we(n*s)/s||0}}({x:f,y:m},fe(i)):{x:f,y:m};return f=x.x,m=x.y,l?Object.assign({},O,((C={})[y]=b?"0":"",C[v]=_?"0":"",C.transform=(w.devicePixelRatio||1)<=1?"translate("+f+"px, "+m+"px)":"translate3d("+f+"px, "+m+"px, 0)",C)):Object.assign({},O,((e={})[y]=b?m+"px":"",e[v]=_?f+"px":"",e.transform="",e))}const Be={name:"computeStyles",enabled:!0,phase:"beforeWrite",fn:function(t){var e=t.state,i=t.options,n=i.gpuAcceleration,s=void 0===n||n,o=i.adaptive,r=void 0===o||o,a=i.roundOffsets,l=void 0===a||a,c={placement:be(e.placement),variation:Fe(e.placement),popper:e.elements.popper,popperRect:e.rects.popper,gpuAcceleration:s,isFixed:"fixed"===e.options.strategy};null!=e.modifiersData.popperOffsets&&(e.styles.popper=Object.assign({},e.styles.popper,We(Object.assign({},c,{offsets:e.modifiersData.popperOffsets,position:e.options.strategy,adaptive:r,roundOffsets:l})))),null!=e.modifiersData.arrow&&(e.styles.arrow=Object.assign({},e.styles.arrow,We(Object.assign({},c,{offsets:e.modifiersData.arrow,position:"absolute",adaptive:!1,roundOffsets:l})))),e.attributes.popper=Object.assign({},e.attributes.popper,{"data-popper-placement":e.placement})},data:{}};var ze={passive:!0};const Re={name:"eventListeners",enabled:!0,phase:"write",fn:function(){},effect:function(t){var e=t.state,i=t.instance,n=t.options,s=n.scroll,o=void 0===s||s,r=n.resize,a=void 0===r||r,l=fe(e.elements.popper),c=[].concat(e.scrollParents.reference,e.scrollParents.popper);return o&&c.forEach((function(t){t.addEventListener("scroll",i.update,ze)})),a&&l.addEventListener("resize",i.update,ze),function(){o&&c.forEach((function(t){t.removeEventListener("scroll",i.update,ze)})),a&&l.removeEventListener("resize",i.update,ze)}},data:{}};var qe={left:"right",right:"left",bottom:"top",top:"bottom"};function Ve(t){return t.replace(/left|right|bottom|top/g,(function(t){return qe[t]}))}var Ke={start:"end",end:"start"};function Qe(t){return t.replace(/start|end/g,(function(t){return Ke[t]}))}function Xe(t){var e=fe(t);return{scrollLeft:e.pageXOffset,scrollTop:e.pageYOffset}}function Ye(t){return Te(Le(t)).left+Xe(t).scrollLeft}function Ue(t){var e=xe(t),i=e.overflow,n=e.overflowX,s=e.overflowY;return/auto|scroll|overlay|hidden/.test(i+s+n)}function Ge(t){return["html","body","#document"].indexOf(ue(t))>=0?t.ownerDocument.body:me(t)&&Ue(t)?t:Ge(Se(t))}function Je(t,e){var i;void 0===e&&(e=[]);var n=Ge(t),s=n===(null==(i=t.ownerDocument)?void 0:i.body),o=fe(n),r=s?[o].concat(o.visualViewport||[],Ue(n)?n:[]):n,a=e.concat(r);return s?a:a.concat(Je(Se(r)))}function Ze(t){return Object.assign({},t,{left:t.x,top:t.y,right:t.x+t.width,bottom:t.y+t.height})}function ti(t,e,i){return e===Gt?Ze(function(t,e){var i=fe(t),n=Le(t),s=i.visualViewport,o=n.clientWidth,r=n.clientHeight,a=0,l=0;if(s){o=s.width,r=s.height;var c=Ee();(c||!c&&"fixed"===e)&&(a=s.offsetLeft,l=s.offsetTop)}return{width:o,height:r,x:a+Ye(t),y:l}}(t,i)):pe(e)?function(t,e){var i=Te(t,!1,"fixed"===e);return i.top=i.top+t.clientTop,i.left=i.left+t.clientLeft,i.bottom=i.top+t.clientHeight,i.right=i.left+t.clientWidth,i.width=t.clientWidth,i.height=t.clientHeight,i.x=i.left,i.y=i.top,i}(e,i):Ze(function(t){var e,i=Le(t),n=Xe(t),s=null==(e=t.ownerDocument)?void 0:e.body,o=ve(i.scrollWidth,i.clientWidth,s?s.scrollWidth:0,s?s.clientWidth:0),r=ve(i.scrollHeight,i.clientHeight,s?s.scrollHeight:0,s?s.clientHeight:0),a=-n.scrollLeft+Ye(t),l=-n.scrollTop;return"rtl"===xe(s||i).direction&&(a+=ve(i.clientWidth,s?s.clientWidth:0)-o),{width:o,height:r,x:a,y:l}}(Le(t)))}function ei(t){var e,i=t.reference,n=t.element,s=t.placement,o=s?be(s):null,r=s?Fe(s):null,a=i.x+i.width/2-n.width/2,l=i.y+i.height/2-n.height/2;switch(o){case zt:e={x:a,y:i.y-n.height};break;case Rt:e={x:a,y:i.y+i.height};break;case qt:e={x:i.x+i.width,y:l};break;case Vt:e={x:i.x-n.width,y:l};break;default:e={x:i.x,y:i.y}}var c=o?Ie(o):null;if(null!=c){var h="y"===c?"height":"width";switch(r){case Xt:e[c]=e[c]-(i[h]/2-n[h]/2);break;case Yt:e[c]=e[c]+(i[h]/2-n[h]/2)}}return e}function ii(t,e){void 0===e&&(e={});var i=e,n=i.placement,s=void 0===n?t.placement:n,o=i.strategy,r=void 0===o?t.strategy:o,a=i.boundary,l=void 0===a?Ut:a,c=i.rootBoundary,h=void 0===c?Gt:c,d=i.elementContext,u=void 0===d?Jt:d,f=i.altBoundary,p=void 0!==f&&f,m=i.padding,g=void 0===m?0:m,_=Pe("number"!=typeof g?g:je(g,Qt)),b=u===Jt?Zt:Jt,v=t.rects.popper,y=t.elements[p?b:u],w=function(t,e,i,n){var s="clippingParents"===e?function(t){var e=Je(Se(t)),i=["absolute","fixed"].indexOf(xe(t).position)>=0&&me(t)?$e(t):t;return pe(i)?e.filter((function(t){return pe(t)&&Oe(t,i)&&"body"!==ue(t)})):[]}(t):[].concat(e),o=[].concat(s,[i]),r=o[0],a=o.reduce((function(e,i){var s=ti(t,i,n);return e.top=ve(s.top,e.top),e.right=ye(s.right,e.right),e.bottom=ye(s.bottom,e.bottom),e.left=ve(s.left,e.left),e}),ti(t,r,n));return a.width=a.right-a.left,a.height=a.bottom-a.top,a.x=a.left,a.y=a.top,a}(pe(y)?y:y.contextElement||Le(t.elements.popper),l,h,r),A=Te(t.elements.reference),E=ei({reference:A,element:v,strategy:"absolute",placement:s}),T=Ze(Object.assign({},v,E)),C=u===Jt?T:A,O={top:w.top-C.top+_.top,bottom:C.bottom-w.bottom+_.bottom,left:w.left-C.left+_.left,right:C.right-w.right+_.right},x=t.modifiersData.offset;if(u===Jt&&x){var k=x[s];Object.keys(O).forEach((function(t){var e=[qt,Rt].indexOf(t)>=0?1:-1,i=[zt,Rt].indexOf(t)>=0?"y":"x";O[t]+=k[i]*e}))}return O}function ni(t,e){void 0===e&&(e={});var i=e,n=i.placement,s=i.boundary,o=i.rootBoundary,r=i.padding,a=i.flipVariations,l=i.allowedAutoPlacements,c=void 0===l?ee:l,h=Fe(n),d=h?a?te:te.filter((function(t){return Fe(t)===h})):Qt,u=d.filter((function(t){return c.indexOf(t)>=0}));0===u.length&&(u=d);var f=u.reduce((function(e,i){return e[i]=ii(t,{placement:i,boundary:s,rootBoundary:o,padding:r})[be(i)],e}),{});return Object.keys(f).sort((function(t,e){return f[t]-f[e]}))}const si={name:"flip",enabled:!0,phase:"main",fn:function(t){var e=t.state,i=t.options,n=t.name;if(!e.modifiersData[n]._skip){for(var s=i.mainAxis,o=void 0===s||s,r=i.altAxis,a=void 0===r||r,l=i.fallbackPlacements,c=i.padding,h=i.boundary,d=i.rootBoundary,u=i.altBoundary,f=i.flipVariations,p=void 0===f||f,m=i.allowedAutoPlacements,g=e.options.placement,_=be(g),b=l||(_!==g&&p?function(t){if(be(t)===Kt)return[];var e=Ve(t);return[Qe(t),e,Qe(e)]}(g):[Ve(g)]),v=[g].concat(b).reduce((function(t,i){return t.concat(be(i)===Kt?ni(e,{placement:i,boundary:h,rootBoundary:d,padding:c,flipVariations:p,allowedAutoPlacements:m}):i)}),[]),y=e.rects.reference,w=e.rects.popper,A=new Map,E=!0,T=v[0],C=0;C<v.length;C++){var O=v[C],x=be(O),k=Fe(O)===Xt,L=[zt,Rt].indexOf(x)>=0,S=L?"width":"height",D=ii(e,{placement:O,boundary:h,rootBoundary:d,altBoundary:u,padding:c}),$=L?k?qt:Vt:k?Rt:zt;y[S]>w[S]&&($=Ve($));var I=Ve($),N=[];if(o&&N.push(D[x]<=0),a&&N.push(D[$]<=0,D[I]<=0),N.every((function(t){return t}))){T=O,E=!1;break}A.set(O,N)}if(E)for(var P=function(t){var e=v.find((function(e){var i=A.get(e);if(i)return i.slice(0,t).every((function(t){return t}))}));if(e)return T=e,"break"},j=p?3:1;j>0&&"break"!==P(j);j--);e.placement!==T&&(e.modifiersData[n]._skip=!0,e.placement=T,e.reset=!0)}},requiresIfExists:["offset"],data:{_skip:!1}};function oi(t,e,i){return void 0===i&&(i={x:0,y:0}),{top:t.top-e.height-i.y,right:t.right-e.width+i.x,bottom:t.bottom-e.height+i.y,left:t.left-e.width-i.x}}function ri(t){return[zt,qt,Rt,Vt].some((function(e){return t[e]>=0}))}const ai={name:"hide",enabled:!0,phase:"main",requiresIfExists:["preventOverflow"],fn:function(t){var e=t.state,i=t.name,n=e.rects.reference,s=e.rects.popper,o=e.modifiersData.preventOverflow,r=ii(e,{elementContext:"reference"}),a=ii(e,{altBoundary:!0}),l=oi(r,n),c=oi(a,s,o),h=ri(l),d=ri(c);e.modifiersData[i]={referenceClippingOffsets:l,popperEscapeOffsets:c,isReferenceHidden:h,hasPopperEscaped:d},e.attributes.popper=Object.assign({},e.attributes.popper,{"data-popper-reference-hidden":h,"data-popper-escaped":d})}},li={name:"offset",enabled:!0,phase:"main",requires:["popperOffsets"],fn:function(t){var e=t.state,i=t.options,n=t.name,s=i.offset,o=void 0===s?[0,0]:s,r=ee.reduce((function(t,i){return t[i]=function(t,e,i){var n=be(t),s=[Vt,zt].indexOf(n)>=0?-1:1,o="function"==typeof i?i(Object.assign({},e,{placement:t})):i,r=o[0],a=o[1];return r=r||0,a=(a||0)*s,[Vt,qt].indexOf(n)>=0?{x:a,y:r}:{x:r,y:a}}(i,e.rects,o),t}),{}),a=r[e.placement],l=a.x,c=a.y;null!=e.modifiersData.popperOffsets&&(e.modifiersData.popperOffsets.x+=l,e.modifiersData.popperOffsets.y+=c),e.modifiersData[n]=r}},ci={name:"popperOffsets",enabled:!0,phase:"read",fn:function(t){var e=t.state,i=t.name;e.modifiersData[i]=ei({reference:e.rects.reference,element:e.rects.popper,strategy:"absolute",placement:e.placement})},data:{}},hi={name:"preventOverflow",enabled:!0,phase:"main",fn:function(t){var e=t.state,i=t.options,n=t.name,s=i.mainAxis,o=void 0===s||s,r=i.altAxis,a=void 0!==r&&r,l=i.boundary,c=i.rootBoundary,h=i.altBoundary,d=i.padding,u=i.tether,f=void 0===u||u,p=i.tetherOffset,m=void 0===p?0:p,g=ii(e,{boundary:l,rootBoundary:c,padding:d,altBoundary:h}),_=be(e.placement),b=Fe(e.placement),v=!b,y=Ie(_),w="x"===y?"y":"x",A=e.modifiersData.popperOffsets,E=e.rects.reference,T=e.rects.popper,C="function"==typeof m?m(Object.assign({},e.rects,{placement:e.placement})):m,O="number"==typeof C?{mainAxis:C,altAxis:C}:Object.assign({mainAxis:0,altAxis:0},C),x=e.modifiersData.offset?e.modifiersData.offset[e.placement]:null,k={x:0,y:0};if(A){if(o){var L,S="y"===y?zt:Vt,D="y"===y?Rt:qt,$="y"===y?"height":"width",I=A[y],N=I+g[S],P=I-g[D],j=f?-T[$]/2:0,M=b===Xt?E[$]:T[$],F=b===Xt?-T[$]:-E[$],H=e.elements.arrow,W=f&&H?Ce(H):{width:0,height:0},B=e.modifiersData["arrow#persistent"]?e.modifiersData["arrow#persistent"].padding:{top:0,right:0,bottom:0,left:0},z=B[S],R=B[D],q=Ne(0,E[$],W[$]),V=v?E[$]/2-j-q-z-O.mainAxis:M-q-z-O.mainAxis,K=v?-E[$]/2+j+q+R+O.mainAxis:F+q+R+O.mainAxis,Q=e.elements.arrow&&$e(e.elements.arrow),X=Q?"y"===y?Q.clientTop||0:Q.clientLeft||0:0,Y=null!=(L=null==x?void 0:x[y])?L:0,U=I+K-Y,G=Ne(f?ye(N,I+V-Y-X):N,I,f?ve(P,U):P);A[y]=G,k[y]=G-I}if(a){var J,Z="x"===y?zt:Vt,tt="x"===y?Rt:qt,et=A[w],it="y"===w?"height":"width",nt=et+g[Z],st=et-g[tt],ot=-1!==[zt,Vt].indexOf(_),rt=null!=(J=null==x?void 0:x[w])?J:0,at=ot?nt:et-E[it]-T[it]-rt+O.altAxis,lt=ot?et+E[it]+T[it]-rt-O.altAxis:st,ct=f&&ot?function(t,e,i){var n=Ne(t,e,i);return n>i?i:n}(at,et,lt):Ne(f?at:nt,et,f?lt:st);A[w]=ct,k[w]=ct-et}e.modifiersData[n]=k}},requiresIfExists:["offset"]};function di(t,e,i){void 0===i&&(i=!1);var n,s,o=me(e),r=me(e)&&function(t){var e=t.getBoundingClientRect(),i=we(e.width)/t.offsetWidth||1,n=we(e.height)/t.offsetHeight||1;return 1!==i||1!==n}(e),a=Le(e),l=Te(t,r,i),c={scrollLeft:0,scrollTop:0},h={x:0,y:0};return(o||!o&&!i)&&(("body"!==ue(e)||Ue(a))&&(c=(n=e)!==fe(n)&&me(n)?{scrollLeft:(s=n).scrollLeft,scrollTop:s.scrollTop}:Xe(n)),me(e)?((h=Te(e,!0)).x+=e.clientLeft,h.y+=e.clientTop):a&&(h.x=Ye(a))),{x:l.left+c.scrollLeft-h.x,y:l.top+c.scrollTop-h.y,width:l.width,height:l.height}}function ui(t){var e=new Map,i=new Set,n=[];function s(t){i.add(t.name),[].concat(t.requires||[],t.requiresIfExists||[]).forEach((function(t){if(!i.has(t)){var n=e.get(t);n&&s(n)}})),n.push(t)}return t.forEach((function(t){e.set(t.name,t)})),t.forEach((function(t){i.has(t.name)||s(t)})),n}var fi={placement:"bottom",modifiers:[],strategy:"absolute"};function pi(){for(var t=arguments.length,e=new Array(t),i=0;i<t;i++)e[i]=arguments[i];return!e.some((function(t){return!(t&&"function"==typeof t.getBoundingClientRect)}))}function mi(t){void 0===t&&(t={});var e=t,i=e.defaultModifiers,n=void 0===i?[]:i,s=e.defaultOptions,o=void 0===s?fi:s;return function(t,e,i){void 0===i&&(i=o);var s,r,a={placement:"bottom",orderedModifiers:[],options:Object.assign({},fi,o),modifiersData:{},elements:{reference:t,popper:e},attributes:{},styles:{}},l=[],c=!1,h={state:a,setOptions:function(i){var s="function"==typeof i?i(a.options):i;d(),a.options=Object.assign({},o,a.options,s),a.scrollParents={reference:pe(t)?Je(t):t.contextElement?Je(t.contextElement):[],popper:Je(e)};var r,c,u=function(t){var e=ui(t);return de.reduce((function(t,i){return t.concat(e.filter((function(t){return t.phase===i})))}),[])}((r=[].concat(n,a.options.modifiers),c=r.reduce((function(t,e){var i=t[e.name];return t[e.name]=i?Object.assign({},i,e,{options:Object.assign({},i.options,e.options),data:Object.assign({},i.data,e.data)}):e,t}),{}),Object.keys(c).map((function(t){return c[t]}))));return a.orderedModifiers=u.filter((function(t){return t.enabled})),a.orderedModifiers.forEach((function(t){var e=t.name,i=t.options,n=void 0===i?{}:i,s=t.effect;if("function"==typeof s){var o=s({state:a,name:e,instance:h,options:n});l.push(o||function(){})}})),h.update()},forceUpdate:function(){if(!c){var t=a.elements,e=t.reference,i=t.popper;if(pi(e,i)){a.rects={reference:di(e,$e(i),"fixed"===a.options.strategy),popper:Ce(i)},a.reset=!1,a.placement=a.options.placement,a.orderedModifiers.forEach((function(t){return a.modifiersData[t.name]=Object.assign({},t.data)}));for(var n=0;n<a.orderedModifiers.length;n++)if(!0!==a.reset){var s=a.orderedModifiers[n],o=s.fn,r=s.options,l=void 0===r?{}:r,d=s.name;"function"==typeof o&&(a=o({state:a,options:l,name:d,instance:h})||a)}else a.reset=!1,n=-1}}},update:(s=function(){return new Promise((function(t){h.forceUpdate(),t(a)}))},function(){return r||(r=new Promise((function(t){Promise.resolve().then((function(){r=void 0,t(s())}))}))),r}),destroy:function(){d(),c=!0}};if(!pi(t,e))return h;function d(){l.forEach((function(t){return t()})),l=[]}return h.setOptions(i).then((function(t){!c&&i.onFirstUpdate&&i.onFirstUpdate(t)})),h}}var gi=mi(),_i=mi({defaultModifiers:[Re,ci,Be,_e]}),bi=mi({defaultModifiers:[Re,ci,Be,_e,li,si,hi,Me,ai]});const vi=Object.freeze(Object.defineProperty({__proto__:null,afterMain:ae,afterRead:se,afterWrite:he,applyStyles:_e,arrow:Me,auto:Kt,basePlacements:Qt,beforeMain:oe,beforeRead:ie,beforeWrite:le,bottom:Rt,clippingParents:Ut,computeStyles:Be,createPopper:bi,createPopperBase:gi,createPopperLite:_i,detectOverflow:ii,end:Yt,eventListeners:Re,flip:si,hide:ai,left:Vt,main:re,modifierPhases:de,offset:li,placements:ee,popper:Jt,popperGenerator:mi,popperOffsets:ci,preventOverflow:hi,read:ne,reference:Zt,right:qt,start:Xt,top:zt,variationPlacements:te,viewport:Gt,write:ce},Symbol.toStringTag,{value:"Module"})),yi="dropdown",wi=".bs.dropdown",Ai=".data-api",Ei="ArrowUp",Ti="ArrowDown",Ci=`hide${wi}`,Oi=`hidden${wi}`,xi=`show${wi}`,ki=`shown${wi}`,Li=`click${wi}${Ai}`,Si=`keydown${wi}${Ai}`,Di=`keyup${wi}${Ai}`,$i="show",Ii='[data-bs-toggle="dropdown"]:not(.disabled):not(:disabled)',Ni=`${Ii}.${$i}`,Pi=".dropdown-menu",ji=p()?"top-end":"top-start",Mi=p()?"top-start":"top-end",Fi=p()?"bottom-end":"bottom-start",Hi=p()?"bottom-start":"bottom-end",Wi=p()?"left-start":"right-start",Bi=p()?"right-start":"left-start",zi={autoClose:!0,boundary:"clippingParents",display:"dynamic",offset:[0,2],popperConfig:null,reference:"toggle"},Ri={autoClose:"(boolean|string)",boundary:"(string|element)",display:"string",offset:"(array|string|function)",popperConfig:"(null|object|function)",reference:"(string|element|object)"};class qi extends W{constructor(t,e){super(t,e),this._popper=null,this._parent=this._element.parentNode,this._menu=z.next(this._element,Pi)[0]||z.prev(this._element,Pi)[0]||z.findOne(Pi,this._parent),this._inNavbar=this._detectNavbar()}static get Default(){return zi}static get DefaultType(){return Ri}static get NAME(){return yi}toggle(){return this._isShown()?this.hide():this.show()}show(){if(l(this._element)||this._isShown())return;const t={relatedTarget:this._element};if(!N.trigger(this._element,xi,t).defaultPrevented){if(this._createPopper(),"ontouchstart"in document.documentElement&&!this._parent.closest(".navbar-nav"))for(const t of[].concat(...document.body.children))N.on(t,"mouseover",h);this._element.focus(),this._element.setAttribute("aria-expanded",!0),this._menu.classList.add($i),this._element.classList.add($i),N.trigger(this._element,ki,t)}}hide(){if(l(this._element)||!this._isShown())return;const t={relatedTarget:this._element};this._completeHide(t)}dispose(){this._popper&&this._popper.destroy(),super.dispose()}update(){this._inNavbar=this._detectNavbar(),this._popper&&this._popper.update()}_completeHide(t){if(!N.trigger(this._element,Ci,t).defaultPrevented){if("ontouchstart"in document.documentElement)for(const t of[].concat(...document.body.children))N.off(t,"mouseover",h);this._popper&&this._popper.destroy(),this._menu.classList.remove($i),this._element.classList.remove($i),this._element.setAttribute("aria-expanded","false"),F.removeDataAttribute(this._menu,"popper"),N.trigger(this._element,Oi,t)}}_getConfig(t){if("object"==typeof(t=super._getConfig(t)).reference&&!o(t.reference)&&"function"!=typeof t.reference.getBoundingClientRect)throw new TypeError(`${yi.toUpperCase()}: Option "reference" provided type "object" without a required "getBoundingClientRect" method.`);return t}_createPopper(){if(void 0===vi)throw new TypeError("Bootstrap's dropdowns require Popper (https://popper.js.org)");let t=this._element;"parent"===this._config.reference?t=this._parent:o(this._config.reference)?t=r(this._config.reference):"object"==typeof this._config.reference&&(t=this._config.reference);const e=this._getPopperConfig();this._popper=bi(t,this._menu,e)}_isShown(){return this._menu.classList.contains($i)}_getPlacement(){const t=this._parent;if(t.classList.contains("dropend"))return Wi;if(t.classList.contains("dropstart"))return Bi;if(t.classList.contains("dropup-center"))return"top";if(t.classList.contains("dropdown-center"))return"bottom";const e="end"===getComputedStyle(this._menu).getPropertyValue("--bs-position").trim();return t.classList.contains("dropup")?e?Mi:ji:e?Hi:Fi}_detectNavbar(){return null!==this._element.closest(".navbar")}_getOffset(){const{offset:t}=this._config;return"string"==typeof t?t.split(",").map((t=>Number.parseInt(t,10))):"function"==typeof t?e=>t(e,this._element):t}_getPopperConfig(){const t={placement:this._getPlacement(),modifiers:[{name:"preventOverflow",options:{boundary:this._config.boundary}},{name:"offset",options:{offset:this._getOffset()}}]};return(this._inNavbar||"static"===this._config.display)&&(F.setDataAttribute(this._menu,"popper","static"),t.modifiers=[{name:"applyStyles",enabled:!1}]),{...t,...g(this._config.popperConfig,[t])}}_selectMenuItem({key:t,target:e}){const i=z.find(".dropdown-menu .dropdown-item:not(.disabled):not(:disabled)",this._menu).filter((t=>a(t)));i.length&&b(i,e,t===Ti,!i.includes(e)).focus()}static jQueryInterface(t){return this.each((function(){const e=qi.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===e[t])throw new TypeError(`No method named "${t}"`);e[t]()}}))}static clearMenus(t){if(2===t.button||"keyup"===t.type&&"Tab"!==t.key)return;const e=z.find(Ni);for(const i of e){const e=qi.getInstance(i);if(!e||!1===e._config.autoClose)continue;const n=t.composedPath(),s=n.includes(e._menu);if(n.includes(e._element)||"inside"===e._config.autoClose&&!s||"outside"===e._config.autoClose&&s)continue;if(e._menu.contains(t.target)&&("keyup"===t.type&&"Tab"===t.key||/input|select|option|textarea|form/i.test(t.target.tagName)))continue;const o={relatedTarget:e._element};"click"===t.type&&(o.clickEvent=t),e._completeHide(o)}}static dataApiKeydownHandler(t){const e=/input|textarea/i.test(t.target.tagName),i="Escape"===t.key,n=[Ei,Ti].includes(t.key);if(!n&&!i)return;if(e&&!i)return;t.preventDefault();const s=this.matches(Ii)?this:z.prev(this,Ii)[0]||z.next(this,Ii)[0]||z.findOne(Ii,t.delegateTarget.parentNode),o=qi.getOrCreateInstance(s);if(n)return t.stopPropagation(),o.show(),void o._selectMenuItem(t);o._isShown()&&(t.stopPropagation(),o.hide(),s.focus())}}N.on(document,Si,Ii,qi.dataApiKeydownHandler),N.on(document,Si,Pi,qi.dataApiKeydownHandler),N.on(document,Li,qi.clearMenus),N.on(document,Di,qi.clearMenus),N.on(document,Li,Ii,(function(t){t.preventDefault(),qi.getOrCreateInstance(this).toggle()})),m(qi);const Vi="backdrop",Ki="show",Qi=`mousedown.bs.${Vi}`,Xi={className:"modal-backdrop",clickCallback:null,isAnimated:!1,isVisible:!0,rootElement:"body"},Yi={className:"string",clickCallback:"(function|null)",isAnimated:"boolean",isVisible:"boolean",rootElement:"(element|string)"};class Ui extends H{constructor(t){super(),this._config=this._getConfig(t),this._isAppended=!1,this._element=null}static get Default(){return Xi}static get DefaultType(){return Yi}static get NAME(){return Vi}show(t){if(!this._config.isVisible)return void g(t);this._append();const e=this._getElement();this._config.isAnimated&&d(e),e.classList.add(Ki),this._emulateAnimation((()=>{g(t)}))}hide(t){this._config.isVisible?(this._getElement().classList.remove(Ki),this._emulateAnimation((()=>{this.dispose(),g(t)}))):g(t)}dispose(){this._isAppended&&(N.off(this._element,Qi),this._element.remove(),this._isAppended=!1)}_getElement(){if(!this._element){const t=document.createElement("div");t.className=this._config.className,this._config.isAnimated&&t.classList.add("fade"),this._element=t}return this._element}_configAfterMerge(t){return t.rootElement=r(t.rootElement),t}_append(){if(this._isAppended)return;const t=this._getElement();this._config.rootElement.append(t),N.on(t,Qi,(()=>{g(this._config.clickCallback)})),this._isAppended=!0}_emulateAnimation(t){_(t,this._getElement(),this._config.isAnimated)}}const Gi=".bs.focustrap",Ji=`focusin${Gi}`,Zi=`keydown.tab${Gi}`,tn="backward",en={autofocus:!0,trapElement:null},nn={autofocus:"boolean",trapElement:"element"};class sn extends H{constructor(t){super(),this._config=this._getConfig(t),this._isActive=!1,this._lastTabNavDirection=null}static get Default(){return en}static get DefaultType(){return nn}static get NAME(){return"focustrap"}activate(){this._isActive||(this._config.autofocus&&this._config.trapElement.focus(),N.off(document,Gi),N.on(document,Ji,(t=>this._handleFocusin(t))),N.on(document,Zi,(t=>this._handleKeydown(t))),this._isActive=!0)}deactivate(){this._isActive&&(this._isActive=!1,N.off(document,Gi))}_handleFocusin(t){const{trapElement:e}=this._config;if(t.target===document||t.target===e||e.contains(t.target))return;const i=z.focusableChildren(e);0===i.length?e.focus():this._lastTabNavDirection===tn?i[i.length-1].focus():i[0].focus()}_handleKeydown(t){"Tab"===t.key&&(this._lastTabNavDirection=t.shiftKey?tn:"forward")}}const on=".fixed-top, .fixed-bottom, .is-fixed, .sticky-top",rn=".sticky-top",an="padding-right",ln="margin-right";class cn{constructor(){this._element=document.body}getWidth(){const t=document.documentElement.clientWidth;return Math.abs(window.innerWidth-t)}hide(){const t=this.getWidth();this._disableOverFlow(),this._setElementAttributes(this._element,an,(e=>e+t)),this._setElementAttributes(on,an,(e=>e+t)),this._setElementAttributes(rn,ln,(e=>e-t))}reset(){this._resetElementAttributes(this._element,"overflow"),this._resetElementAttributes(this._element,an),this._resetElementAttributes(on,an),this._resetElementAttributes(rn,ln)}isOverflowing(){return this.getWidth()>0}_disableOverFlow(){this._saveInitialAttribute(this._element,"overflow"),this._element.style.overflow="hidden"}_setElementAttributes(t,e,i){const n=this.getWidth();this._applyManipulationCallback(t,(t=>{if(t!==this._element&&window.innerWidth>t.clientWidth+n)return;this._saveInitialAttribute(t,e);const s=window.getComputedStyle(t).getPropertyValue(e);t.style.setProperty(e,`${i(Number.parseFloat(s))}px`)}))}_saveInitialAttribute(t,e){const i=t.style.getPropertyValue(e);i&&F.setDataAttribute(t,e,i)}_resetElementAttributes(t,e){this._applyManipulationCallback(t,(t=>{const i=F.getDataAttribute(t,e);null!==i?(F.removeDataAttribute(t,e),t.style.setProperty(e,i)):t.style.removeProperty(e)}))}_applyManipulationCallback(t,e){if(o(t))e(t);else for(const i of z.find(t,this._element))e(i)}}const hn=".bs.modal",dn=`hide${hn}`,un=`hidePrevented${hn}`,fn=`hidden${hn}`,pn=`show${hn}`,mn=`shown${hn}`,gn=`resize${hn}`,_n=`click.dismiss${hn}`,bn=`mousedown.dismiss${hn}`,vn=`keydown.dismiss${hn}`,yn=`click${hn}.data-api`,wn="modal-open",An="show",En="modal-static",Tn={backdrop:!0,focus:!0,keyboard:!0},Cn={backdrop:"(boolean|string)",focus:"boolean",keyboard:"boolean"};class On extends W{constructor(t,e){super(t,e),this._dialog=z.findOne(".modal-dialog",this._element),this._backdrop=this._initializeBackDrop(),this._focustrap=this._initializeFocusTrap(),this._isShown=!1,this._isTransitioning=!1,this._scrollBar=new cn,this._addEventListeners()}static get Default(){return Tn}static get DefaultType(){return Cn}static get NAME(){return"modal"}toggle(t){return this._isShown?this.hide():this.show(t)}show(t){this._isShown||this._isTransitioning||N.trigger(this._element,pn,{relatedTarget:t}).defaultPrevented||(this._isShown=!0,this._isTransitioning=!0,this._scrollBar.hide(),document.body.classList.add(wn),this._adjustDialog(),this._backdrop.show((()=>this._showElement(t))))}hide(){this._isShown&&!this._isTransitioning&&(N.trigger(this._element,dn).defaultPrevented||(this._isShown=!1,this._isTransitioning=!0,this._focustrap.deactivate(),this._element.classList.remove(An),this._queueCallback((()=>this._hideModal()),this._element,this._isAnimated())))}dispose(){N.off(window,hn),N.off(this._dialog,hn),this._backdrop.dispose(),this._focustrap.deactivate(),super.dispose()}handleUpdate(){this._adjustDialog()}_initializeBackDrop(){return new Ui({isVisible:Boolean(this._config.backdrop),isAnimated:this._isAnimated()})}_initializeFocusTrap(){return new sn({trapElement:this._element})}_showElement(t){document.body.contains(this._element)||document.body.append(this._element),this._element.style.display="block",this._element.removeAttribute("aria-hidden"),this._element.setAttribute("aria-modal",!0),this._element.setAttribute("role","dialog"),this._element.scrollTop=0;const e=z.findOne(".modal-body",this._dialog);e&&(e.scrollTop=0),d(this._element),this._element.classList.add(An),this._queueCallback((()=>{this._config.focus&&this._focustrap.activate(),this._isTransitioning=!1,N.trigger(this._element,mn,{relatedTarget:t})}),this._dialog,this._isAnimated())}_addEventListeners(){N.on(this._element,vn,(t=>{"Escape"===t.key&&(this._config.keyboard?this.hide():this._triggerBackdropTransition())})),N.on(window,gn,(()=>{this._isShown&&!this._isTransitioning&&this._adjustDialog()})),N.on(this._element,bn,(t=>{N.one(this._element,_n,(e=>{this._element===t.target&&this._element===e.target&&("static"!==this._config.backdrop?this._config.backdrop&&this.hide():this._triggerBackdropTransition())}))}))}_hideModal(){this._element.style.display="none",this._element.setAttribute("aria-hidden",!0),this._element.removeAttribute("aria-modal"),this._element.removeAttribute("role"),this._isTransitioning=!1,this._backdrop.hide((()=>{document.body.classList.remove(wn),this._resetAdjustments(),this._scrollBar.reset(),N.trigger(this._element,fn)}))}_isAnimated(){return this._element.classList.contains("fade")}_triggerBackdropTransition(){if(N.trigger(this._element,un).defaultPrevented)return;const t=this._element.scrollHeight>document.documentElement.clientHeight,e=this._element.style.overflowY;"hidden"===e||this._element.classList.contains(En)||(t||(this._element.style.overflowY="hidden"),this._element.classList.add(En),this._queueCallback((()=>{this._element.classList.remove(En),this._queueCallback((()=>{this._element.style.overflowY=e}),this._dialog)}),this._dialog),this._element.focus())}_adjustDialog(){const t=this._element.scrollHeight>document.documentElement.clientHeight,e=this._scrollBar.getWidth(),i=e>0;if(i&&!t){const t=p()?"paddingLeft":"paddingRight";this._element.style[t]=`${e}px`}if(!i&&t){const t=p()?"paddingRight":"paddingLeft";this._element.style[t]=`${e}px`}}_resetAdjustments(){this._element.style.paddingLeft="",this._element.style.paddingRight=""}static jQueryInterface(t,e){return this.each((function(){const i=On.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===i[t])throw new TypeError(`No method named "${t}"`);i[t](e)}}))}}N.on(document,yn,'[data-bs-toggle="modal"]',(function(t){const e=z.getElementFromSelector(this);["A","AREA"].includes(this.tagName)&&t.preventDefault(),N.one(e,pn,(t=>{t.defaultPrevented||N.one(e,fn,(()=>{a(this)&&this.focus()}))}));const i=z.findOne(".modal.show");i&&On.getInstance(i).hide(),On.getOrCreateInstance(e).toggle(this)})),R(On),m(On);const xn=".bs.offcanvas",kn=".data-api",Ln=`load${xn}${kn}`,Sn="show",Dn="showing",$n="hiding",In=".offcanvas.show",Nn=`show${xn}`,Pn=`shown${xn}`,jn=`hide${xn}`,Mn=`hidePrevented${xn}`,Fn=`hidden${xn}`,Hn=`resize${xn}`,Wn=`click${xn}${kn}`,Bn=`keydown.dismiss${xn}`,zn={backdrop:!0,keyboard:!0,scroll:!1},Rn={backdrop:"(boolean|string)",keyboard:"boolean",scroll:"boolean"};class qn extends W{constructor(t,e){super(t,e),this._isShown=!1,this._backdrop=this._initializeBackDrop(),this._focustrap=this._initializeFocusTrap(),this._addEventListeners()}static get Default(){return zn}static get DefaultType(){return Rn}static get NAME(){return"offcanvas"}toggle(t){return this._isShown?this.hide():this.show(t)}show(t){this._isShown||N.trigger(this._element,Nn,{relatedTarget:t}).defaultPrevented||(this._isShown=!0,this._backdrop.show(),this._config.scroll||(new cn).hide(),this._element.setAttribute("aria-modal",!0),this._element.setAttribute("role","dialog"),this._element.classList.add(Dn),this._queueCallback((()=>{this._config.scroll&&!this._config.backdrop||this._focustrap.activate(),this._element.classList.add(Sn),this._element.classList.remove(Dn),N.trigger(this._element,Pn,{relatedTarget:t})}),this._element,!0))}hide(){this._isShown&&(N.trigger(this._element,jn).defaultPrevented||(this._focustrap.deactivate(),this._element.blur(),this._isShown=!1,this._element.classList.add($n),this._backdrop.hide(),this._queueCallback((()=>{this._element.classList.remove(Sn,$n),this._element.removeAttribute("aria-modal"),this._element.removeAttribute("role"),this._config.scroll||(new cn).reset(),N.trigger(this._element,Fn)}),this._element,!0)))}dispose(){this._backdrop.dispose(),this._focustrap.deactivate(),super.dispose()}_initializeBackDrop(){const t=Boolean(this._config.backdrop);return new Ui({className:"offcanvas-backdrop",isVisible:t,isAnimated:!0,rootElement:this._element.parentNode,clickCallback:t?()=>{"static"!==this._config.backdrop?this.hide():N.trigger(this._element,Mn)}:null})}_initializeFocusTrap(){return new sn({trapElement:this._element})}_addEventListeners(){N.on(this._element,Bn,(t=>{"Escape"===t.key&&(this._config.keyboard?this.hide():N.trigger(this._element,Mn))}))}static jQueryInterface(t){return this.each((function(){const e=qn.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===e[t]||t.startsWith("_")||"constructor"===t)throw new TypeError(`No method named "${t}"`);e[t](this)}}))}}N.on(document,Wn,'[data-bs-toggle="offcanvas"]',(function(t){const e=z.getElementFromSelector(this);if(["A","AREA"].includes(this.tagName)&&t.preventDefault(),l(this))return;N.one(e,Fn,(()=>{a(this)&&this.focus()}));const i=z.findOne(In);i&&i!==e&&qn.getInstance(i).hide(),qn.getOrCreateInstance(e).toggle(this)})),N.on(window,Ln,(()=>{for(const t of z.find(In))qn.getOrCreateInstance(t).show()})),N.on(window,Hn,(()=>{for(const t of z.find("[aria-modal][class*=show][class*=offcanvas-]"))"fixed"!==getComputedStyle(t).position&&qn.getOrCreateInstance(t).hide()})),R(qn),m(qn);const Vn={"*":["class","dir","id","lang","role",/^aria-[\w-]*$/i],a:["target","href","title","rel"],area:[],b:[],br:[],col:[],code:[],dd:[],div:[],dl:[],dt:[],em:[],hr:[],h1:[],h2:[],h3:[],h4:[],h5:[],h6:[],i:[],img:["src","srcset","alt","title","width","height"],li:[],ol:[],p:[],pre:[],s:[],small:[],span:[],sub:[],sup:[],strong:[],u:[],ul:[]},Kn=new Set(["background","cite","href","itemtype","longdesc","poster","src","xlink:href"]),Qn=/^(?!javascript:)(?:[a-z0-9+.-]+:|[^&:/?#]*(?:[/?#]|$))/i,Xn=(t,e)=>{const i=t.nodeName.toLowerCase();return e.includes(i)?!Kn.has(i)||Boolean(Qn.test(t.nodeValue)):e.filter((t=>t instanceof RegExp)).some((t=>t.test(i)))},Yn={allowList:Vn,content:{},extraClass:"",html:!1,sanitize:!0,sanitizeFn:null,template:"<div></div>"},Un={allowList:"object",content:"object",extraClass:"(string|function)",html:"boolean",sanitize:"boolean",sanitizeFn:"(null|function)",template:"string"},Gn={entry:"(string|element|function|null)",selector:"(string|element)"};class Jn extends H{constructor(t){super(),this._config=this._getConfig(t)}static get Default(){return Yn}static get DefaultType(){return Un}static get NAME(){return"TemplateFactory"}getContent(){return Object.values(this._config.content).map((t=>this._resolvePossibleFunction(t))).filter(Boolean)}hasContent(){return this.getContent().length>0}changeContent(t){return this._checkContent(t),this._config.content={...this._config.content,...t},this}toHtml(){const t=document.createElement("div");t.innerHTML=this._maybeSanitize(this._config.template);for(const[e,i]of Object.entries(this._config.content))this._setContent(t,i,e);const e=t.children[0],i=this._resolvePossibleFunction(this._config.extraClass);return i&&e.classList.add(...i.split(" ")),e}_typeCheckConfig(t){super._typeCheckConfig(t),this._checkContent(t.content)}_checkContent(t){for(const[e,i]of Object.entries(t))super._typeCheckConfig({selector:e,entry:i},Gn)}_setContent(t,e,i){const n=z.findOne(i,t);n&&((e=this._resolvePossibleFunction(e))?o(e)?this._putElementInTemplate(r(e),n):this._config.html?n.innerHTML=this._maybeSanitize(e):n.textContent=e:n.remove())}_maybeSanitize(t){return this._config.sanitize?function(t,e,i){if(!t.length)return t;if(i&&"function"==typeof i)return i(t);const n=(new window.DOMParser).parseFromString(t,"text/html"),s=[].concat(...n.body.querySelectorAll("*"));for(const t of s){const i=t.nodeName.toLowerCase();if(!Object.keys(e).includes(i)){t.remove();continue}const n=[].concat(...t.attributes),s=[].concat(e["*"]||[],e[i]||[]);for(const e of n)Xn(e,s)||t.removeAttribute(e.nodeName)}return n.body.innerHTML}(t,this._config.allowList,this._config.sanitizeFn):t}_resolvePossibleFunction(t){return g(t,[this])}_putElementInTemplate(t,e){if(this._config.html)return e.innerHTML="",void e.append(t);e.textContent=t.textContent}}const Zn=new Set(["sanitize","allowList","sanitizeFn"]),ts="fade",es="show",is=".modal",ns="hide.bs.modal",ss="hover",os="focus",rs={AUTO:"auto",TOP:"top",RIGHT:p()?"left":"right",BOTTOM:"bottom",LEFT:p()?"right":"left"},as={allowList:Vn,animation:!0,boundary:"clippingParents",container:!1,customClass:"",delay:0,fallbackPlacements:["top","right","bottom","left"],html:!1,offset:[0,6],placement:"top",popperConfig:null,sanitize:!0,sanitizeFn:null,selector:!1,template:'<div class="tooltip" role="tooltip"><div class="tooltip-arrow"></div><div class="tooltip-inner"></div></div>',title:"",trigger:"hover focus"},ls={allowList:"object",animation:"boolean",boundary:"(string|element)",container:"(string|element|boolean)",customClass:"(string|function)",delay:"(number|object)",fallbackPlacements:"array",html:"boolean",offset:"(array|string|function)",placement:"(string|function)",popperConfig:"(null|object|function)",sanitize:"boolean",sanitizeFn:"(null|function)",selector:"(string|boolean)",template:"string",title:"(string|element|function)",trigger:"string"};class cs extends W{constructor(t,e){if(void 0===vi)throw new TypeError("Bootstrap's tooltips require Popper (https://popper.js.org)");super(t,e),this._isEnabled=!0,this._timeout=0,this._isHovered=null,this._activeTrigger={},this._popper=null,this._templateFactory=null,this._newContent=null,this.tip=null,this._setListeners(),this._config.selector||this._fixTitle()}static get Default(){return as}static get DefaultType(){return ls}static get NAME(){return"tooltip"}enable(){this._isEnabled=!0}disable(){this._isEnabled=!1}toggleEnabled(){this._isEnabled=!this._isEnabled}toggle(){this._isEnabled&&(this._activeTrigger.click=!this._activeTrigger.click,this._isShown()?this._leave():this._enter())}dispose(){clearTimeout(this._timeout),N.off(this._element.closest(is),ns,this._hideModalHandler),this._element.getAttribute("data-bs-original-title")&&this._element.setAttribute("title",this._element.getAttribute("data-bs-original-title")),this._disposePopper(),super.dispose()}show(){if("none"===this._element.style.display)throw new Error("Please use show on visible elements");if(!this._isWithContent()||!this._isEnabled)return;const t=N.trigger(this._element,this.constructor.eventName("show")),e=(c(this._element)||this._element.ownerDocument.documentElement).contains(this._element);if(t.defaultPrevented||!e)return;this._disposePopper();const i=this._getTipElement();this._element.setAttribute("aria-describedby",i.getAttribute("id"));const{container:n}=this._config;if(this._element.ownerDocument.documentElement.contains(this.tip)||(n.append(i),N.trigger(this._element,this.constructor.eventName("inserted"))),this._popper=this._createPopper(i),i.classList.add(es),"ontouchstart"in document.documentElement)for(const t of[].concat(...document.body.children))N.on(t,"mouseover",h);this._queueCallback((()=>{N.trigger(this._element,this.constructor.eventName("shown")),!1===this._isHovered&&this._leave(),this._isHovered=!1}),this.tip,this._isAnimated())}hide(){if(this._isShown()&&!N.trigger(this._element,this.constructor.eventName("hide")).defaultPrevented){if(this._getTipElement().classList.remove(es),"ontouchstart"in document.documentElement)for(const t of[].concat(...document.body.children))N.off(t,"mouseover",h);this._activeTrigger.click=!1,this._activeTrigger[os]=!1,this._activeTrigger[ss]=!1,this._isHovered=null,this._queueCallback((()=>{this._isWithActiveTrigger()||(this._isHovered||this._disposePopper(),this._element.removeAttribute("aria-describedby"),N.trigger(this._element,this.constructor.eventName("hidden")))}),this.tip,this._isAnimated())}}update(){this._popper&&this._popper.update()}_isWithContent(){return Boolean(this._getTitle())}_getTipElement(){return this.tip||(this.tip=this._createTipElement(this._newContent||this._getContentForTemplate())),this.tip}_createTipElement(t){const e=this._getTemplateFactory(t).toHtml();if(!e)return null;e.classList.remove(ts,es),e.classList.add(`bs-${this.constructor.NAME}-auto`);const i=(t=>{do{t+=Math.floor(1e6*Math.random())}while(document.getElementById(t));return t})(this.constructor.NAME).toString();return e.setAttribute("id",i),this._isAnimated()&&e.classList.add(ts),e}setContent(t){this._newContent=t,this._isShown()&&(this._disposePopper(),this.show())}_getTemplateFactory(t){return this._templateFactory?this._templateFactory.changeContent(t):this._templateFactory=new Jn({...this._config,content:t,extraClass:this._resolvePossibleFunction(this._config.customClass)}),this._templateFactory}_getContentForTemplate(){return{".tooltip-inner":this._getTitle()}}_getTitle(){return this._resolvePossibleFunction(this._config.title)||this._element.getAttribute("data-bs-original-title")}_initializeOnDelegatedTarget(t){return this.constructor.getOrCreateInstance(t.delegateTarget,this._getDelegateConfig())}_isAnimated(){return this._config.animation||this.tip&&this.tip.classList.contains(ts)}_isShown(){return this.tip&&this.tip.classList.contains(es)}_createPopper(t){const e=g(this._config.placement,[this,t,this._element]),i=rs[e.toUpperCase()];return bi(this._element,t,this._getPopperConfig(i))}_getOffset(){const{offset:t}=this._config;return"string"==typeof t?t.split(",").map((t=>Number.parseInt(t,10))):"function"==typeof t?e=>t(e,this._element):t}_resolvePossibleFunction(t){return g(t,[this._element])}_getPopperConfig(t){const e={placement:t,modifiers:[{name:"flip",options:{fallbackPlacements:this._config.fallbackPlacements}},{name:"offset",options:{offset:this._getOffset()}},{name:"preventOverflow",options:{boundary:this._config.boundary}},{name:"arrow",options:{element:`.${this.constructor.NAME}-arrow`}},{name:"preSetPlacement",enabled:!0,phase:"beforeMain",fn:t=>{this._getTipElement().setAttribute("data-popper-placement",t.state.placement)}}]};return{...e,...g(this._config.popperConfig,[e])}}_setListeners(){const t=this._config.trigger.split(" ");for(const e of t)if("click"===e)N.on(this._element,this.constructor.eventName("click"),this._config.selector,(t=>{this._initializeOnDelegatedTarget(t).toggle()}));else if("manual"!==e){const t=e===ss?this.constructor.eventName("mouseenter"):this.constructor.eventName("focusin"),i=e===ss?this.constructor.eventName("mouseleave"):this.constructor.eventName("focusout");N.on(this._element,t,this._config.selector,(t=>{const e=this._initializeOnDelegatedTarget(t);e._activeTrigger["focusin"===t.type?os:ss]=!0,e._enter()})),N.on(this._element,i,this._config.selector,(t=>{const e=this._initializeOnDelegatedTarget(t);e._activeTrigger["focusout"===t.type?os:ss]=e._element.contains(t.relatedTarget),e._leave()}))}this._hideModalHandler=()=>{this._element&&this.hide()},N.on(this._element.closest(is),ns,this._hideModalHandler)}_fixTitle(){const t=this._element.getAttribute("title");t&&(this._element.getAttribute("aria-label")||this._element.textContent.trim()||this._element.setAttribute("aria-label",t),this._element.setAttribute("data-bs-original-title",t),this._element.removeAttribute("title"))}_enter(){this._isShown()||this._isHovered?this._isHovered=!0:(this._isHovered=!0,this._setTimeout((()=>{this._isHovered&&this.show()}),this._config.delay.show))}_leave(){this._isWithActiveTrigger()||(this._isHovered=!1,this._setTimeout((()=>{this._isHovered||this.hide()}),this._config.delay.hide))}_setTimeout(t,e){clearTimeout(this._timeout),this._timeout=setTimeout(t,e)}_isWithActiveTrigger(){return Object.values(this._activeTrigger).includes(!0)}_getConfig(t){const e=F.getDataAttributes(this._element);for(const t of Object.keys(e))Zn.has(t)&&delete e[t];return t={...e,..."object"==typeof t&&t?t:{}},t=this._mergeConfigObj(t),t=this._configAfterMerge(t),this._typeCheckConfig(t),t}_configAfterMerge(t){return t.container=!1===t.container?document.body:r(t.container),"number"==typeof t.delay&&(t.delay={show:t.delay,hide:t.delay}),"number"==typeof t.title&&(t.title=t.title.toString()),"number"==typeof t.content&&(t.content=t.content.toString()),t}_getDelegateConfig(){const t={};for(const[e,i]of Object.entries(this._config))this.constructor.Default[e]!==i&&(t[e]=i);return t.selector=!1,t.trigger="manual",t}_disposePopper(){this._popper&&(this._popper.destroy(),this._popper=null),this.tip&&(this.tip.remove(),this.tip=null)}static jQueryInterface(t){return this.each((function(){const e=cs.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===e[t])throw new TypeError(`No method named "${t}"`);e[t]()}}))}}m(cs);const hs={...cs.Default,content:"",offset:[0,8],placement:"right",template:'<div class="popover" role="tooltip"><div class="popover-arrow"></div><h3 class="popover-header"></h3><div class="popover-body"></div></div>',trigger:"click"},ds={...cs.DefaultType,content:"(null|string|element|function)"};class us extends cs{static get Default(){return hs}static get DefaultType(){return ds}static get NAME(){return"popover"}_isWithContent(){return this._getTitle()||this._getContent()}_getContentForTemplate(){return{".popover-header":this._getTitle(),".popover-body":this._getContent()}}_getContent(){return this._resolvePossibleFunction(this._config.content)}static jQueryInterface(t){return this.each((function(){const e=us.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===e[t])throw new TypeError(`No method named "${t}"`);e[t]()}}))}}m(us);const fs=".bs.scrollspy",ps=`activate${fs}`,ms=`click${fs}`,gs=`load${fs}.data-api`,_s="active",bs="[href]",vs=".nav-link",ys=`${vs}, .nav-item > ${vs}, .list-group-item`,ws={offset:null,rootMargin:"0px 0px -25%",smoothScroll:!1,target:null,threshold:[.1,.5,1]},As={offset:"(number|null)",rootMargin:"string",smoothScroll:"boolean",target:"element",threshold:"array"};class Es extends W{constructor(t,e){super(t,e),this._targetLinks=new Map,this._observableSections=new Map,this._rootElement="visible"===getComputedStyle(this._element).overflowY?null:this._element,this._activeTarget=null,this._observer=null,this._previousScrollData={visibleEntryTop:0,parentScrollTop:0},this.refresh()}static get Default(){return ws}static get DefaultType(){return As}static get NAME(){return"scrollspy"}refresh(){this._initializeTargetsAndObservables(),this._maybeEnableSmoothScroll(),this._observer?this._observer.disconnect():this._observer=this._getNewObserver();for(const t of this._observableSections.values())this._observer.observe(t)}dispose(){this._observer.disconnect(),super.dispose()}_configAfterMerge(t){return t.target=r(t.target)||document.body,t.rootMargin=t.offset?`${t.offset}px 0px -30%`:t.rootMargin,"string"==typeof t.threshold&&(t.threshold=t.threshold.split(",").map((t=>Number.parseFloat(t)))),t}_maybeEnableSmoothScroll(){this._config.smoothScroll&&(N.off(this._config.target,ms),N.on(this._config.target,ms,bs,(t=>{const e=this._observableSections.get(t.target.hash);if(e){t.preventDefault();const i=this._rootElement||window,n=e.offsetTop-this._element.offsetTop;if(i.scrollTo)return void i.scrollTo({top:n,behavior:"smooth"});i.scrollTop=n}})))}_getNewObserver(){const t={root:this._rootElement,threshold:this._config.threshold,rootMargin:this._config.rootMargin};return new IntersectionObserver((t=>this._observerCallback(t)),t)}_observerCallback(t){const e=t=>this._targetLinks.get(`#${t.target.id}`),i=t=>{this._previousScrollData.visibleEntryTop=t.target.offsetTop,this._process(e(t))},n=(this._rootElement||document.documentElement).scrollTop,s=n>=this._previousScrollData.parentScrollTop;this._previousScrollData.parentScrollTop=n;for(const o of t){if(!o.isIntersecting){this._activeTarget=null,this._clearActiveClass(e(o));continue}const t=o.target.offsetTop>=this._previousScrollData.visibleEntryTop;if(s&&t){if(i(o),!n)return}else s||t||i(o)}}_initializeTargetsAndObservables(){this._targetLinks=new Map,this._observableSections=new Map;const t=z.find(bs,this._config.target);for(const e of t){if(!e.hash||l(e))continue;const t=z.findOne(decodeURI(e.hash),this._element);a(t)&&(this._targetLinks.set(decodeURI(e.hash),e),this._observableSections.set(e.hash,t))}}_process(t){this._activeTarget!==t&&(this._clearActiveClass(this._config.target),this._activeTarget=t,t.classList.add(_s),this._activateParents(t),N.trigger(this._element,ps,{relatedTarget:t}))}_activateParents(t){if(t.classList.contains("dropdown-item"))z.findOne(".dropdown-toggle",t.closest(".dropdown")).classList.add(_s);else for(const e of z.parents(t,".nav, .list-group"))for(const t of z.prev(e,ys))t.classList.add(_s)}_clearActiveClass(t){t.classList.remove(_s);const e=z.find(`${bs}.${_s}`,t);for(const t of e)t.classList.remove(_s)}static jQueryInterface(t){return this.each((function(){const e=Es.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===e[t]||t.startsWith("_")||"constructor"===t)throw new TypeError(`No method named "${t}"`);e[t]()}}))}}N.on(window,gs,(()=>{for(const t of z.find('[data-bs-spy="scroll"]'))Es.getOrCreateInstance(t)})),m(Es);const Ts=".bs.tab",Cs=`hide${Ts}`,Os=`hidden${Ts}`,xs=`show${Ts}`,ks=`shown${Ts}`,Ls=`click${Ts}`,Ss=`keydown${Ts}`,Ds=`load${Ts}`,$s="ArrowLeft",Is="ArrowRight",Ns="ArrowUp",Ps="ArrowDown",js="Home",Ms="End",Fs="active",Hs="fade",Ws="show",Bs=".dropdown-toggle",zs=`:not(${Bs})`,Rs='[data-bs-toggle="tab"], [data-bs-toggle="pill"], [data-bs-toggle="list"]',qs=`.nav-link${zs}, .list-group-item${zs}, [role="tab"]${zs}, ${Rs}`,Vs=`.${Fs}[data-bs-toggle="tab"], .${Fs}[data-bs-toggle="pill"], .${Fs}[data-bs-toggle="list"]`;class Ks extends W{constructor(t){super(t),this._parent=this._element.closest('.list-group, .nav, [role="tablist"]'),this._parent&&(this._setInitialAttributes(this._parent,this._getChildren()),N.on(this._element,Ss,(t=>this._keydown(t))))}static get NAME(){return"tab"}show(){const t=this._element;if(this._elemIsActive(t))return;const e=this._getActiveElem(),i=e?N.trigger(e,Cs,{relatedTarget:t}):null;N.trigger(t,xs,{relatedTarget:e}).defaultPrevented||i&&i.defaultPrevented||(this._deactivate(e,t),this._activate(t,e))}_activate(t,e){t&&(t.classList.add(Fs),this._activate(z.getElementFromSelector(t)),this._queueCallback((()=>{"tab"===t.getAttribute("role")?(t.removeAttribute("tabindex"),t.setAttribute("aria-selected",!0),this._toggleDropDown(t,!0),N.trigger(t,ks,{relatedTarget:e})):t.classList.add(Ws)}),t,t.classList.contains(Hs)))}_deactivate(t,e){t&&(t.classList.remove(Fs),t.blur(),this._deactivate(z.getElementFromSelector(t)),this._queueCallback((()=>{"tab"===t.getAttribute("role")?(t.setAttribute("aria-selected",!1),t.setAttribute("tabindex","-1"),this._toggleDropDown(t,!1),N.trigger(t,Os,{relatedTarget:e})):t.classList.remove(Ws)}),t,t.classList.contains(Hs)))}_keydown(t){if(![$s,Is,Ns,Ps,js,Ms].includes(t.key))return;t.stopPropagation(),t.preventDefault();const e=this._getChildren().filter((t=>!l(t)));let i;if([js,Ms].includes(t.key))i=e[t.key===js?0:e.length-1];else{const n=[Is,Ps].includes(t.key);i=b(e,t.target,n,!0)}i&&(i.focus({preventScroll:!0}),Ks.getOrCreateInstance(i).show())}_getChildren(){return z.find(qs,this._parent)}_getActiveElem(){return this._getChildren().find((t=>this._elemIsActive(t)))||null}_setInitialAttributes(t,e){this._setAttributeIfNotExists(t,"role","tablist");for(const t of e)this._setInitialAttributesOnChild(t)}_setInitialAttributesOnChild(t){t=this._getInnerElement(t);const e=this._elemIsActive(t),i=this._getOuterElement(t);t.setAttribute("aria-selected",e),i!==t&&this._setAttributeIfNotExists(i,"role","presentation"),e||t.setAttribute("tabindex","-1"),this._setAttributeIfNotExists(t,"role","tab"),this._setInitialAttributesOnTargetPanel(t)}_setInitialAttributesOnTargetPanel(t){const e=z.getElementFromSelector(t);e&&(this._setAttributeIfNotExists(e,"role","tabpanel"),t.id&&this._setAttributeIfNotExists(e,"aria-labelledby",`${t.id}`))}_toggleDropDown(t,e){const i=this._getOuterElement(t);if(!i.classList.contains("dropdown"))return;const n=(t,n)=>{const s=z.findOne(t,i);s&&s.classList.toggle(n,e)};n(Bs,Fs),n(".dropdown-menu",Ws),i.setAttribute("aria-expanded",e)}_setAttributeIfNotExists(t,e,i){t.hasAttribute(e)||t.setAttribute(e,i)}_elemIsActive(t){return t.classList.contains(Fs)}_getInnerElement(t){return t.matches(qs)?t:z.findOne(qs,t)}_getOuterElement(t){return t.closest(".nav-item, .list-group-item")||t}static jQueryInterface(t){return this.each((function(){const e=Ks.getOrCreateInstance(this);if("string"==typeof t){if(void 0===e[t]||t.startsWith("_")||"constructor"===t)throw new TypeError(`No method named "${t}"`);e[t]()}}))}}N.on(document,Ls,Rs,(function(t){["A","AREA"].includes(this.tagName)&&t.preventDefault(),l(this)||Ks.getOrCreateInstance(this).show()})),N.on(window,Ds,(()=>{for(const t of z.find(Vs))Ks.getOrCreateInstance(t)})),m(Ks);const Qs=".bs.toast",Xs=`mouseover${Qs}`,Ys=`mouseout${Qs}`,Us=`focusin${Qs}`,Gs=`focusout${Qs}`,Js=`hide${Qs}`,Zs=`hidden${Qs}`,to=`show${Qs}`,eo=`shown${Qs}`,io="hide",no="show",so="showing",oo={animation:"boolean",autohide:"boolean",delay:"number"},ro={animation:!0,autohide:!0,delay:5e3};class ao extends W{constructor(t,e){super(t,e),this._timeout=null,this._hasMouseInteraction=!1,this._hasKeyboardInteraction=!1,this._setListeners()}static get Default(){return ro}static get DefaultType(){return oo}static get NAME(){return"toast"}show(){N.trigger(this._element,to).defaultPrevented||(this._clearTimeout(),this._config.animation&&this._element.classList.add("fade"),this._element.classList.remove(io),d(this._element),this._element.classList.add(no,so),this._queueCallback((()=>{this._element.classList.remove(so),N.trigger(this._element,eo),this._maybeScheduleHide()}),this._element,this._config.animation))}hide(){this.isShown()&&(N.trigger(this._element,Js).defaultPrevented||(this._element.classList.add(so),this._queueCallback((()=>{this._element.classList.add(io),this._element.classList.remove(so,no),N.trigger(this._element,Zs)}),this._element,this._config.animation)))}dispose(){this._clearTimeout(),this.isShown()&&this._element.classList.remove(no),super.dispose()}isShown(){return this._element.classList.contains(no)}_maybeScheduleHide(){this._config.autohide&&(this._hasMouseInteraction||this._hasKeyboardInteraction||(this._timeout=setTimeout((()=>{this.hide()}),this._config.delay)))}_onInteraction(t,e){switch(t.type){case"mouseover":case"mouseout":this._hasMouseInteraction=e;break;case"focusin":case"focusout":this._hasKeyboardInteraction=e}if(e)return void this._clearTimeout();const i=t.relatedTarget;this._element===i||this._element.contains(i)||this._maybeScheduleHide()}_setListeners(){N.on(this._element,Xs,(t=>this._onInteraction(t,!0))),N.on(this._element,Ys,(t=>this._onInteraction(t,!1))),N.on(this._element,Us,(t=>this._onInteraction(t,!0))),N.on(this._element,Gs,(t=>this._onInteraction(t,!1)))}_clearTimeout(){clearTimeout(this._timeout),this._timeout=null}static jQueryInterface(t){return this.each((function(){const e=ao.getOrCreateInstance(this,t);if("string"==typeof t){if(void 0===e[t])throw new TypeError(`No method named "${t}"`);e[t](this)}}))}}return R(ao),m(ao),{Alert:Q,Button:Y,Carousel:xt,Collapse:Bt,Dropdown:qi,Modal:On,Offcanvas:qn,Popover:us,ScrollSpy:Es,Tab:Ks,Toast:ao,Tooltip:cs}})); //# sourceMappingURL=bootstrap.bundle.min.js.map=========test/classes/TransformationsTest.php========--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/TransformationsTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/TransformationsTest.php@@ -51,16 +51,13 @@ */ public function testGetOptions(string $input, array $expected): void {- $this->assertEquals(- $expected,- $this->transformations->getOptions($input)- );+ self::assertSame($expected, $this->transformations->getOptions($input)); } /** * Data provided for parsing options */- public function getOptionsData(): array+ public static function getOptionsData(): array { return [ [@@ -104,88 +101,85 @@ */ public function testGetTypes(): void {- $this->assertEquals(- [- 'mimetype' => [- 'Application/Octetstream' => 'Application/Octetstream',- 'Image/JPEG' => 'Image/JPEG',- 'Image/PNG' => 'Image/PNG',- 'Text/Plain' => 'Text/Plain',- 'Text/Octetstream' => 'Text/Octetstream',- ],- 'transformation' => [- 0 => 'Application/Octetstream: Download',- 1 => 'Application/Octetstream: Hex',- 2 => 'Image/JPEG: Inline',- 3 => 'Image/JPEG: Link',- 4 => 'Image/PNG: Inline',- 5 => 'Text/Octetstream: Sql',- 6 => 'Text/Plain: Binarytoip',- 7 => 'Text/Plain: Bool2Text',- 8 => 'Text/Plain: Dateformat',- 9 => 'Text/Plain: External',- 10 => 'Text/Plain: Formatted',- 11 => 'Text/Plain: Imagelink',- 12 => 'Text/Plain: Json',- 13 => 'Text/Plain: Sql',- 14 => 'Text/Plain: Xml',- 15 => 'Text/Plain: Link',- 16 => 'Text/Plain: Longtoipv4',- 17 => 'Text/Plain: PreApPend',- 18 => 'Text/Plain: Substring',- ],- 'transformation_file' => [- 0 => 'Output/Application_Octetstream_Download.php',- 1 => 'Output/Application_Octetstream_Hex.php',- 2 => 'Output/Image_JPEG_Inline.php',- 3 => 'Output/Image_JPEG_Link.php',- 4 => 'Output/Image_PNG_Inline.php',- 5 => 'Output/Text_Octetstream_Sql.php',- 6 => 'Output/Text_Plain_Binarytoip.php',- 7 => 'Output/Text_Plain_Bool2Text.php',- 8 => 'Output/Text_Plain_Dateformat.php',- 9 => 'Output/Text_Plain_External.php',- 10 => 'Output/Text_Plain_Formatted.php',- 11 => 'Output/Text_Plain_Imagelink.php',- 12 => 'Output/Text_Plain_Json.php',- 13 => 'Output/Text_Plain_Sql.php',- 14 => 'Output/Text_Plain_Xml.php',- 15 => 'Text_Plain_Link.php',- 16 => 'Text_Plain_Longtoipv4.php',- 17 => 'Text_Plain_PreApPend.php',- 18 => 'Text_Plain_Substring.php',- ],- 'input_transformation' => [- 'Image/JPEG: Upload',- 'Text/Plain: FileUpload',- 'Text/Plain: Iptobinary',- 'Text/Plain: Iptolong',- 'Text/Plain: JsonEditor',- 'Text/Plain: RegexValidation',- 'Text/Plain: SqlEditor',- 'Text/Plain: XmlEditor',- 'Text/Plain: Link',- 'Text/Plain: Longtoipv4',- 'Text/Plain: PreApPend',- 'Text/Plain: Substring',- ],- 'input_transformation_file' => [- 'Input/Image_JPEG_Upload.php',- 'Input/Text_Plain_FileUpload.php',- 'Input/Text_Plain_Iptobinary.php',- 'Input/Text_Plain_Iptolong.php',- 'Input/Text_Plain_JsonEditor.php',- 'Input/Text_Plain_RegexValidation.php',- 'Input/Text_Plain_SqlEditor.php',- 'Input/Text_Plain_XmlEditor.php',- 'Text_Plain_Link.php',- 'Text_Plain_Longtoipv4.php',- 'Text_Plain_PreApPend.php',- 'Text_Plain_Substring.php',- ],- ],- $this->transformations->getAvailableMimeTypes()- );+ self::assertEquals([+ 'mimetype' => [+ 'Application/Octetstream' => 'Application/Octetstream',+ 'Image/JPEG' => 'Image/JPEG',+ 'Image/PNG' => 'Image/PNG',+ 'Text/Plain' => 'Text/Plain',+ 'Text/Octetstream' => 'Text/Octetstream',+ ],+ 'transformation' => [+ 0 => 'Application/Octetstream: Download',+ 1 => 'Application/Octetstream: Hex',+ 2 => 'Image/JPEG: Inline',+ 3 => 'Image/JPEG: Link',+ 4 => 'Image/PNG: Inline',+ 5 => 'Text/Octetstream: Sql',+ 6 => 'Text/Plain: Binarytoip',+ 7 => 'Text/Plain: Bool2Text',+ 8 => 'Text/Plain: Dateformat',+ 9 => 'Text/Plain: External',+ 10 => 'Text/Plain: Formatted',+ 11 => 'Text/Plain: Imagelink',+ 12 => 'Text/Plain: Json',+ 13 => 'Text/Plain: Sql',+ 14 => 'Text/Plain: Xml',+ 15 => 'Text/Plain: Link',+ 16 => 'Text/Plain: Longtoipv4',+ 17 => 'Text/Plain: PreApPend',+ 18 => 'Text/Plain: Substring',+ ],+ 'transformation_file' => [+ 0 => 'Output/Application_Octetstream_Download.php',+ 1 => 'Output/Application_Octetstream_Hex.php',+ 2 => 'Output/Image_JPEG_Inline.php',+ 3 => 'Output/Image_JPEG_Link.php',+ 4 => 'Output/Image_PNG_Inline.php',+ 5 => 'Output/Text_Octetstream_Sql.php',+ 6 => 'Output/Text_Plain_Binarytoip.php',+ 7 => 'Output/Text_Plain_Bool2Text.php',+ 8 => 'Output/Text_Plain_Dateformat.php',+ 9 => 'Output/Text_Plain_External.php',+ 10 => 'Output/Text_Plain_Formatted.php',+ 11 => 'Output/Text_Plain_Imagelink.php',+ 12 => 'Output/Text_Plain_Json.php',+ 13 => 'Output/Text_Plain_Sql.php',+ 14 => 'Output/Text_Plain_Xml.php',+ 15 => 'Text_Plain_Link.php',+ 16 => 'Text_Plain_Longtoipv4.php',+ 17 => 'Text_Plain_PreApPend.php',+ 18 => 'Text_Plain_Substring.php',+ ],+ 'input_transformation' => [+ 'Image/JPEG: Upload',+ 'Text/Plain: FileUpload',+ 'Text/Plain: Iptobinary',+ 'Text/Plain: Iptolong',+ 'Text/Plain: JsonEditor',+ 'Text/Plain: RegexValidation',+ 'Text/Plain: SqlEditor',+ 'Text/Plain: XmlEditor',+ 'Text/Plain: Link',+ 'Text/Plain: Longtoipv4',+ 'Text/Plain: PreApPend',+ 'Text/Plain: Substring',+ ],+ 'input_transformation_file' => [+ 'Input/Image_JPEG_Upload.php',+ 'Input/Text_Plain_FileUpload.php',+ 'Input/Text_Plain_Iptobinary.php',+ 'Input/Text_Plain_Iptolong.php',+ 'Input/Text_Plain_JsonEditor.php',+ 'Input/Text_Plain_RegexValidation.php',+ 'Input/Text_Plain_SqlEditor.php',+ 'Input/Text_Plain_XmlEditor.php',+ 'Text_Plain_Link.php',+ 'Text_Plain_Longtoipv4.php',+ 'Text_Plain_PreApPend.php',+ 'Text_Plain_Substring.php',+ ],+ ], $this->transformations->getAvailableMimeTypes()); } /**@@ -200,27 +194,24 @@ 'trackingwork' => true, 'column_info' => 'column_info', ])->toArray();- $this->assertEquals(- [- 'o' => [- 'column_name' => 'o',- 'mimetype' => 'Text/plain',- 'transformation' => 'Sql',- 'transformation_options' => '',- 'input_transformation' => 'regex',- 'input_transformation_options' => '/pma/i',- ],- 'col' => [- 'column_name' => 'col',- 'mimetype' => 'T',- 'transformation' => 'O/P',- 'transformation_options' => '',- 'input_transformation' => 'i/p',- 'input_transformation_options' => '',- ],- ],- $this->transformations->getMime('pma_test', 'table1')- );+ self::assertSame([+ 'o' => [+ 'column_name' => 'o',+ 'mimetype' => 'Text/plain',+ 'transformation' => 'Sql',+ 'transformation_options' => '',+ 'input_transformation' => 'regex',+ 'input_transformation_options' => '/pma/i',+ ],+ 'col' => [+ 'column_name' => 'col',+ 'mimetype' => 'T',+ 'transformation' => 'O/P',+ 'transformation_options' => '',+ 'input_transformation' => 'i/p',+ 'input_transformation_options' => '',+ ],+ ], $this->transformations->getMime('pma_test', 'table1')); } /**@@ -239,7 +230,7 @@ // Case 1 : no configuration storage $actual = $this->transformations->clear('db');- $this->assertFalse($actual);+ self::assertFalse($actual); $_SESSION['relation'] = []; $_SESSION['relation'][$GLOBALS['server']] = RelationParameters::fromArray([@@ -250,15 +241,15 @@ // Case 2 : database delete $actual = $this->transformations->clear('db');- $this->assertTrue($actual);+ self::assertTrue($actual); // Case 3 : table delete $actual = $this->transformations->clear('db', 'table');- $this->assertTrue($actual);+ self::assertTrue($actual); // Case 4 : column delete $actual = $this->transformations->clear('db', 'table', 'col');- $this->assertTrue($actual);+ self::assertTrue($actual); } /**@@ -269,13 +260,10 @@ */ public function testFixup(string $value, string $expected): void {- $this->assertEquals(- $expected,- $this->transformations->fixUpMime($value)- );- }-- public function fixupData(): array+ self::assertSame($expected, $this->transformations->fixUpMime($value));+ }++ public static function fixupData(): array { return [ [@@ -311,13 +299,10 @@ */ public function testGetDescription(string $file, string $expectedDescription): void {- $this->assertEquals(- $expectedDescription,- $this->transformations->getDescription($file)- );- }-- public function providerGetDescription(): array+ self::assertSame($expectedDescription, $this->transformations->getDescription($file));+ }++ public static function providerGetDescription(): array { return [ [@@ -345,13 +330,10 @@ */ public function testGetName(string $file, string $expectedName): void {- $this->assertEquals(- $expectedName,- $this->transformations->getName($file)- );- }-- public function providerGetName(): array+ self::assertSame($expectedName, $this->transformations->getName($file));+ }++ public static function providerGetName(): array { return [ [
Vulnerability Existed: no
No vulnerabilities found in the provided code diff.
The changes include:
1. Updated Bootstrap version from v5.2.3 to v5.3.3 in js/vendor/bootstrap/bootstrap.bundle.min.js
2. Various test improvements in test/classes/TransformationsTest.php including:
- Using self::assertSame() instead of assertEquals() where appropriate
- Making test data providers static
- Formatting improvements
- No security-related changes found
The changes appear to be focused on library updates and test improvements without introducing any security vulnerabilities.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/ReplicationInfo.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/ReplicationInfo.php@@ -3,6 +3,8 @@ declare(strict_types=1); namespace PhpMyAdmin;++use PhpMyAdmin\Query\Compatibility; use function count; use function explode;@@ -21,17 +23,26 @@ /** @var string[] */ public $replicaVariables = [ 'Slave_IO_State',+ 'Replica_IO_State', 'Master_Host',+ 'Source_Host', 'Master_User',+ 'Source_User', 'Master_Port',+ 'Source_Port', 'Connect_Retry', 'Master_Log_File',+ 'Source_Log_File', 'Read_Master_Log_Pos',+ 'Read_Source_Log_Pos', 'Relay_Log_File', 'Relay_Log_Pos', 'Relay_Master_Log_File',+ 'Relay_Source_Log_File', 'Slave_IO_Running',+ 'Replica_IO_Running', 'Slave_SQL_Running',+ 'Replica_SQL_Running', 'Replicate_Do_DB', 'Replicate_Ignore_DB', 'Replicate_Do_Table',@@ -42,17 +53,25 @@ 'Last_Error', 'Skip_Counter', 'Exec_Master_Log_Pos',+ 'Exec_Source_Log_Pos', 'Relay_Log_Space', 'Until_Condition', 'Until_Log_File', 'Until_Log_Pos', 'Master_SSL_Allowed',+ 'Source_SSL_Allowed', 'Master_SSL_CA_File',+ 'Source_SSL_CA_File', 'Master_SSL_CA_Path',+ 'Source_SSL_CA_Path', 'Master_SSL_Cert',+ 'Source_SSL_Cert', 'Master_SSL_Cipher',+ 'Source_SSL_Cipher', 'Master_SSL_Key',+ 'Source_SSL_Key', 'Seconds_Behind_Master',+ 'Seconds_Behind_Source', ]; /** @var array */@@ -100,7 +119,7 @@ private function setPrimaryStatus(): void {- $this->primaryStatus = $this->dbi->fetchResult('SHOW MASTER STATUS');+ $this->primaryStatus = $this->dbi->fetchResult(Compatibility::getShowBinLogStatusStmt($this->dbi)); } public function getPrimaryStatus(): array@@ -110,7 +129,14 @@ private function setReplicaStatus(): void {- $this->replicaStatus = $this->dbi->fetchResult('SHOW SLAVE STATUS');+ if (+ $this->dbi->isMySql() && $this->dbi->getVersion() >= 80022+ || $this->dbi->isMariaDB() && $this->dbi->getVersion() >= 100501+ ) {+ $this->replicaStatus = $this->dbi->fetchResult('SHOW REPLICA STATUS');+ } else {+ $this->replicaStatus = $this->dbi->fetchResult('SHOW SLAVE STATUS');+ } } public function getReplicaStatus(): array@@ -120,7 +146,12 @@ private function setMultiPrimaryStatus(): void {- $this->multiPrimaryStatus = $this->dbi->fetchResult('SHOW ALL SLAVES STATUS');+ $this->multiPrimaryStatus = [];+ if ($this->dbi->isMariaDB() && $this->dbi->getVersion() >= 100501) {+ $this->multiPrimaryStatus = $this->dbi->fetchResult('SHOW ALL REPLICAS STATUS');+ } elseif ($this->dbi->isMariaDB()) {+ $this->multiPrimaryStatus = $this->dbi->fetchResult('SHOW ALL SLAVES STATUS');+ } } private function setDefaultPrimaryConnection(string $connection): void
Based on the provided code diff, I'll analyze it for security vulnerabilities:
1. Vulnerability Existed: not sure
[Deprecated MySQL Terminology Update] [File] [Lines 21-72]
[Old Code]
Various slave/master terminology
[Fixed Code]
Updated to replica/source terminology
Note: This appears to be a terminology update rather than a security fix, following MySQL's move away from master/slave terminology.
2. Vulnerability Existed: yes
[SQL Injection Prevention] [File] [Lines 100-102]
[Old Code]
$this->primaryStatus = $this->dbi->fetchResult('SHOW MASTER STATUS');
[Fixed Code]
$this->primaryStatus = $this->dbi->fetchResult(Compatibility::getShowBinLogStatusStmt($this->dbi));
Note: The change moves from a direct SQL string to using a prepared statement method, which helps prevent potential SQL injection.
3. Vulnerability Existed: yes
[Version-Specific Command Handling] [File] [Lines 129-136]
[Old Code]
$this->replicaStatus = $this->dbi->fetchResult('SHOW SLAVE STATUS');
[Fixed Code]
Version-checked implementation with 'SHOW REPLICA STATUS' for newer versions
Note: This improves compatibility and security by using appropriate commands for different database versions.
4. Vulnerability Existed: not sure
[Improved MariaDB Compatibility] [File] [Lines 146-152]
[Old Code]
$this->multiPrimaryStatus = $this->dbi->fetchResult('SHOW ALL SLAVES STATUS');
[Fixed Code]
Version-checked implementation with 'SHOW ALL REPLICAS STATUS' for newer MariaDB versions
Note: While primarily a compatibility improvement, it could also help prevent errors that might expose sensitive information.
The most significant security improvement appears to be the move to using prepared statements for database queries, which helps prevent SQL injection vulnerabilities. The other changes mainly improve compatibility and terminology, which may have indirect security benefits by ensuring proper command execution across different database versions.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Query/CompatibilityTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Query/CompatibilityTest.php@@ -5,6 +5,7 @@ namespace PhpMyAdmin\Tests\Query; use PhpMyAdmin\DatabaseInterface;+use PhpMyAdmin\Dbal\DbalInterface; use PhpMyAdmin\Query\Compatibility; use PHPUnit\Framework\TestCase;@@ -18,14 +19,14 @@ */ public function testHasAccountLocking(bool $expected, bool $isMariaDb, int $version): void {- $this->assertSame($expected, Compatibility::hasAccountLocking($isMariaDb, $version));+ self::assertSame($expected, Compatibility::hasAccountLocking($isMariaDb, $version)); } /** * @return array[] * @psalm-return array<string, array{bool, bool, int}> */- public function providerForTestHasAccountLocking(): array+ public static function providerForTestHasAccountLocking(): array { return [ 'MySQL 5.7.5' => [false, false, 50705],@@ -47,14 +48,14 @@ $dbiStub->method('isMariaDB')->willReturn($isMariaDb); $dbiStub->method('getVersion')->willReturn($version);- $this->assertSame($expected, Compatibility::isUUIDSupported($dbiStub));+ self::assertSame($expected, Compatibility::isUUIDSupported($dbiStub)); } /** * @return array[] * @psalm-return array<string, array{bool, bool, int}> */- public function providerForTestIsUUIDSupported(): array+ public static function providerForTestIsUUIDSupported(): array { return [ 'MySQL 5.7.5' => [false, false, 50705],@@ -63,4 +64,24 @@ 'MariaDB 10.7.0' => [true, true, 100700], ]; }++ /** @dataProvider showBinLogStatusProvider */+ public function testGetShowBinLogStatusStmt(string $serverName, int $version, string $expected): void+ {+ $dbal = self::createStub(DbalInterface::class);+ $dbal->method('isMySql')->willReturn($serverName === 'MySQL');+ $dbal->method('isMariaDB')->willReturn($serverName === 'MariaDB');+ $dbal->method('getVersion')->willReturn($version);+ self::assertSame($expected, Compatibility::getShowBinLogStatusStmt($dbal));+ }++ /** @return iterable<int, array{string, int, string}> */+ public static function showBinLogStatusProvider(): iterable+ {+ yield ['MySQL', 80200, 'SHOW BINARY LOG STATUS'];+ yield ['MariaDB', 100502, 'SHOW BINLOG STATUS'];+ yield ['MySQL', 80199, 'SHOW MASTER STATUS'];+ yield ['MariaDB', 100501, 'SHOW MASTER STATUS'];+ yield ['MySQL', 100502, 'SHOW BINARY LOG STATUS'];+ } }
Based on the provided code diff, I don't see any security vulnerabilities being fixed. The changes appear to be primarily test-related improvements and additions. Here's the analysis: 1. Vulnerability Existed: no No security vulnerability found [File] test/classes/Query/CompatibilityTest.php [Lines] Various The changes include: - Added use statement for DbalInterface - Changed $this->assertSame() to self::assertSame() in test methods - Made test data provider methods static - Added new test method testGetShowBinLogStatusStmt and its data provider These changes appear to be test improvements and additions rather than security fixes. The modifications focus on: 1. Better test organization (static data providers) 2. Consistency in test assertions (using self:: instead of $this->) 3. Adding new test coverage for binlog status functionality No security-related patterns (like input validation, output encoding, authentication checks, etc.) were modified in this diff.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Plugins/Auth/AuthenticationSignonTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Plugins/Auth/AuthenticationSignonTest.php@@ -60,9 +60,9 @@ $this->object->showLoginForm(); $result = ob_get_clean();- $this->assertIsString($result);-- $this->assertStringContainsString('You must set SignonURL!', $result);+ self::assertIsString($result);++ self::assertStringContainsString('You must set SignonURL!', $result); } public function testAuthLogoutURL(): void@@ -91,9 +91,7 @@ $GLOBALS['cfg']['Server']['SignonURL'] = 'https://example.com/SignonURL'; $_SESSION['LAST_SIGNON_URL'] = 'https://example.com/SignonDiffURL';- $this->assertFalse(- $this->object->readCredentials()- );+ self::assertFalse($this->object->readCredentials()); } public function testAuthCheckSession(): void@@ -107,15 +105,13 @@ $GLOBALS['cfg']['Server']['port'] = '80'; $GLOBALS['cfg']['Server']['user'] = 'user';- $this->assertTrue(- $this->object->readCredentials()- );-- $this->assertEquals('user', $this->object->user);-- $this->assertEquals('password', $this->object->password);-- $this->assertEquals('https://example.com/SignonURL', $_SESSION['LAST_SIGNON_URL']);+ self::assertTrue($this->object->readCredentials());++ self::assertSame('user', $this->object->user);++ self::assertSame('password', $this->object->password);++ self::assertSame('https://example.com/SignonURL', $_SESSION['LAST_SIGNON_URL']); } public function testAuthCheckToken(): void@@ -142,30 +138,21 @@ $this->object->logOut();- $this->assertEquals(- [- 'SignonURL' => 'https://example.com/SignonURL',- 'SignonScript' => '',- 'SignonSession' => 'session123',- 'SignonCookieParams' => [],- 'host' => 'localhost',- 'port' => '80',- 'user' => 'user',- ],- $GLOBALS['cfg']['Server']- );-- $this->assertEquals(- $sessionName,- session_name()- );-- $this->assertEquals(- $sessionID,- session_id()- );-- $this->assertArrayNotHasKey('LAST_SIGNON_URL', $_SESSION);+ self::assertEquals([+ 'SignonURL' => 'https://example.com/SignonURL',+ 'SignonScript' => '',+ 'SignonSession' => 'session123',+ 'SignonCookieParams' => [],+ 'host' => 'localhost',+ 'port' => '80',+ 'user' => 'user',+ ], $GLOBALS['cfg']['Server']);++ self::assertSame($sessionName, session_name());++ self::assertSame($sessionID, session_id());++ self::assertArrayNotHasKey('LAST_SIGNON_URL', $_SESSION); } public function testAuthCheckKeep(): void@@ -186,13 +173,11 @@ $_SESSION['PMA_single_signon_cfgupdate'] = ['foo' => 'bar']; $_SESSION['PMA_single_signon_token'] = 'pmaToken';- $this->assertTrue(- $this->object->readCredentials()- );-- $this->assertEquals('user123', $this->object->user);-- $this->assertEquals('pass123', $this->object->password);+ self::assertTrue($this->object->readCredentials());++ self::assertSame('user123', $this->object->user);++ self::assertSame('pass123', $this->object->password); } public function testAuthSetUser(): void@@ -200,13 +185,11 @@ $this->object->user = 'testUser123'; $this->object->password = 'testPass123';- $this->assertTrue(- $this->object->storeCredentials()- );-- $this->assertEquals('testUser123', $GLOBALS['cfg']['Server']['user']);-- $this->assertEquals('testPass123', $GLOBALS['cfg']['Server']['password']);+ self::assertTrue($this->object->storeCredentials());++ self::assertSame('testUser123', $GLOBALS['cfg']['Server']['user']);++ self::assertSame('testPass123', $GLOBALS['cfg']['Server']['password']); } public function testAuthFailsForbidden(): void@@ -224,7 +207,7 @@ $this->object->showFailure('empty-denied');- $this->assertEquals(+ self::assertSame( 'Login without a password is forbidden by configuration (see AllowNoPassword)', $_SESSION['PMA_single_signon_error_message'] );@@ -245,7 +228,7 @@ $this->object->showFailure('allow-denied');- $this->assertEquals('Access denied!', $_SESSION['PMA_single_signon_error_message']);+ self::assertSame('Access denied!', $_SESSION['PMA_single_signon_error_message']); } public function testAuthFailsTimeout(): void@@ -265,12 +248,9 @@ $this->object->showFailure('no-activity');- $this->assertEquals(- 'You have been automatically logged out due to inactivity of'- . ' 1440 seconds. Once you log in again, you should be able to'- . ' resume the work where you left off.',- $_SESSION['PMA_single_signon_error_message']- );+ self::assertSame('You have been automatically logged out due to inactivity of'+ . ' 1440 seconds. Once you log in again, you should be able to'+ . ' resume the work where you left off.', $_SESSION['PMA_single_signon_error_message']); } public function testAuthFailsMySQLError(): void@@ -298,7 +278,7 @@ $this->object->showFailure('');- $this->assertEquals('error<123>', $_SESSION['PMA_single_signon_error_message']);+ self::assertSame('error<123>', $_SESSION['PMA_single_signon_error_message']); } public function testAuthFailsConnect(): void@@ -327,7 +307,7 @@ $this->object->showFailure('');- $this->assertEquals('Cannot log in to the MySQL server', $_SESSION['PMA_single_signon_error_message']);+ self::assertSame('Cannot log in to the MySQL server', $_SESSION['PMA_single_signon_error_message']); } public function testSetCookieParamsDefaults(): void@@ -352,9 +332,6 @@ unset($defaultOptions['samesite']); }- $this->assertSame(- $defaultOptions,- session_get_cookie_params()- );+ self::assertSame($defaultOptions, session_get_cookie_params()); } }
After analyzing the provided code diff, I don't find any security vulnerabilities being fixed. The changes appear to be primarily test code improvements and assertions being updated from `$this->assert*` to `self::assert*` style, along with some code formatting changes. Here's the analysis following your requested format: 1. Vulnerability Existed: no No security vulnerability found File: test/classes/Plugins/Auth/AuthenticationSignonTest.php Changes are test code improvements and assertion style updates The changes include: - Changing assertion methods from instance style (`$this->assert*`) to static style (`self::assert*`) - Formatting improvements (e.g., multi-line arrays being collapsed to single line) - Changing some `assertEquals` to `assertSame` for stricter comparisons - No changes to actual security-related functionality or vulnerability fixes These changes appear to be test code quality improvements rather than security fixes. The test cases themselves verify security-related functionality (like authentication failures and error messages), but the diff doesn't show any security vulnerabilities being addressed.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.