Some extensions cant update

luceos

Mirzaagha yes write the command in the terminal, in the flarum root installation path, where the config.php is as well.

Mirzaagha

luceos

Mirzaagha your config.php is there, but not the flarum file. That's very odd and implies a broken installation, how did you install it? And what does the flarum directory contain?

Mirzaagha

luceos when i installed all these files were in /flarum folder. But I didn't want it to be site.com/flarum and I moved all the files and folders outside the /flarum folder. I didn't do anything because my site was working.

luceos

Mirzaagha if that's the case, you must have missed a file called flarum. Make sure it's also uploaded into your installation directory.

Mirzaagha

Do you think the correct form is in the /flarum folder? If so, if I return it, will there be no problem with it? But I don't want the site.com/flarum. Your advice will be useful for me. Thank you.

Mirzaagha

luceos If I move the twm files to the /flarum folder, will there be a problem? Well, I don't want my site to be like site.com/flarum. How should I edit this?

clarkwinkelmann

Mirzaagha if you are unsure, the best would probably be to download the "public path: no" version of Flarum as an archive https://docs.flarum.org/install#installing-by-unpacking-an-archive This way it's already properly configured correctly.

If you have an existing forum, just replace the config.php file and the assets folder in the new installation with what you had before in the old forum (you might be able to rename the existing Flarum directory to another temporary name, that way you still have all the previous files to copy from)

Mirzaagha

clarkwinkelmann
When I installed flarum, all the files were in /flaum folder. I moved all the files out of the /flarum folder to avoid site.com/flarum. The site is still working. You say that is not right?

Then, if I move all the files back into the /flarum folder with the same, will it work correctly?

Even if it works I don't want it to be site.com/flarum.

Generally you can solve it.

I have customized many settings in my project, installed many extensions, I don't want to restart them.

Mirzaagha

have a diffrent way?

Mirzaagha

[codestac@az-s3 public_html]$ composer update v17development/flarum-blog
Loading composer repositories with package information
Updating dependencies
Nothing to modify in lock file
Installing dependencies from lock file (including require-dev)
Nothing to install, update or remove
Package askvortsov/flarum-auto-moderator is abandoned, you should avoid using it. Use askvortsov/flarum-automod instead.
Package swiftmailer/swiftmailer is abandoned, you should avoid using it. Use symfony/mailer instead.
Generating autoload files
118 packages you are using are looking for funding.
Use the composer fund command to find out more!
Found 2 security vulnerability advisories affecting 2 packages.
Run "composer audit" for a full list of advisories.
[codestac@az-s3 public_html]$ ^C
[codestac@az-s3 public_html]$ ^C
[codestac@az-s3 public_html]$ composer audit
The new audit.abandoned setting (currently defaulting to "report" will default to "fail" in Composer 2.7, make sure to set it to "report" or "ignore" explicitly by then if you do not want this.
Found 2 security vulnerability advisories affecting 2 packages:
+-------------------+----------------------------------------------------------------------------------+
| Package | symfony/http-foundation |
| CVE | CVE-2024-50345 |
| Title | CVE-2024-50345: Open redirect via browser-sanitized URLs |
| URL | https://symfony.com/cve-2024-50345 |
| Affected versions | >=2.0.0,<3.0.0|>=3.0.0,<4.0.0|>=4.0.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2 |
| | .0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.46|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,< |
| | 6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.14|>=7.0.0,<7.1.0|>=7.1.0,<7.1.7 |
| Reported at | 2024-11-05T08:00:00+00:00 |
+-------------------+----------------------------------------------------------------------------------+
+-------------------+----------------------------------------------------------------------------------+
| Package | symfony/process |
| CVE | CVE-2024-51736 |
| Title | CVE-2024-51736: Command execution hijack on Windows with Process class |
| URL | https://symfony.com/cve-2024-51736 |
| Affected versions | >=2.0.0,<3.0.0|>=3.0.0,<4.0.0|>=4.0.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2 |
| | .0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.46|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,< |
| | 6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.14|>=7.0.0,<7.1.0|>=7.1.0,<7.1.7 |
| Reported at | 2024-11-05T08:00:00+00:00 |
+-------------------+----------------------------------------------------------------------------------+
Found 2 abandoned packages:
+----------------------------------+----------------------------------------------------------------------------------+
| Abandoned Package | Suggested Replacement |
+----------------------------------+----------------------------------------------------------------------------------+
| askvortsov/flarum-auto-moderator | askvortsov/flarum-automod |
| swiftmailer/swiftmailer | symfony/mailer |
+----------------------------------+----------------------------------------------------------------------------------+

luceos

Mirzaagha you can upgrade dependencies using composer update --prefer-dist --no-dev -a, it should get rid of the vulnerable dependencies. Understand that the vulnerabilities affect Flarum less because we pretty much wrap everything in our own code.

Mirzaagha

luceos Thank u for supports.

Mirzaagha

but now have this error

Mirzaagha

and l wantwhen update one extension. Start update symfony and other all extensions.