Merge remote-tracking branch 'mainline/2.3-develop' into 24239

Author: engcom-Foxtrot

.editorconfig

@@ -0,0 +1,12 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 4
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.md]
+trim_trailing_whitespace = false

app/code/Magento/AdminNotification/README.md

@@ -4,15 +4,25 @@ The Magento_AdminNotification module provides the ability to alert administrator
 
 ## Installation details
 
+The Magento_AdminNotification module creates the following tables in the database:
+- `adminnotification_inbox`
+- `admin_system_messages`
+
 Before disabling or uninstalling this module, note that the Magento_Indexer module depends on this module.
 
 For information about module installation in Magento 2, see [Enable or disable modules](https://devdocs.magento.com/guides/v2.3/install-gde/install/cli/install-cli-subcommands-enable.html).
 
+## Extensibility
+
+Extension developers can interact with the Magento_AdminNotification module. For more information about the Magento extension mechanism, see [Magento plug-ins](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/plugins.html).
+
+[The Magento dependency injection mechanism](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/depend-inj.html) enables you to override the functionality of the Magento_AdminNotification module.
+
 ### Events
 
 This module observes the following events:
 
- - `controller_action_predispatch` event in `Magento\AdminNotification\Observer\PredispatchAdminActionControllerObserver`
+ - `controller_action_predispatch` event in `Magento\AdminNotification\Observer\PredispatchAdminActionControllerObserver` file.
 
 ### Layouts
 

app/code/Magento/AdvancedPricingImportExport/README.md

@@ -2,3 +2,8 @@
 
 The Magento_AdvancedPricingImportExport module handles the import and export of the advanced pricing.
 
+## Extensibility
+
+Extension developers can interact with the Magento_AdvancedPricingImportExport module. For more information about the Magento extension mechanism, see [Magento plug-ins](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/plugins.html).
+
+[The Magento dependency injection mechanism](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/depend-inj.html) enables you to override the functionality of the Magento_AdvancedPricingImportExport module.

app/code/Magento/AdvancedSearch/README.md

@@ -1 +1,38 @@
-AdvancedSearch module introduces advanced search functionality and provides interfaces that allow to implement this functionality by 3rd party search engines
+# Magento_AdvancedSearch module
+The Magento_AdvancedSearch module introduces advanced search functionality and provides interfaces that allow third-party search engines to implement this functionality.
+
+## Installation details
+
+Before disabling or uninstalling this module, note that the following modules depends on this module:
+- Magento_Elasticsearch
+- Magento_Elasticsearch6
+
+For information about module installation in Magento 2, see [Enable or disable modules](https://devdocs.magento.com/guides/v2.3/install-gde/install/cli/install-cli-subcommands-enable.html).
+
+## Extensibility
+
+Extension developers can interact with the Magento_AdvancedSearch module. For more information about the Magento extension mechanism, see [Magento plug-ins](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/plugins.html).
+
+[The Magento dependency injection mechanism](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/depend-inj.html) enables you to override the functionality of the Magento_AdvancedSearch module.
+
+### Events
+
+This module observes the following event:
+
+ - `catalogsearch_query_save_after` in the `Magento\AdvancedSearch\Model\Recommendations\SaveSearchQueryRelationsObserver` file. 
+
+For information about an event in Magento 2, see [Events and observers](http://devdocs.magento.com/guides/v2.3/extension-dev-guide/events-and-observers.html#events).
+
+### Layouts
+
+The module interacts with the following layout handles in the `view/adminhtml/layout` directory:
+
+- `catalog_search_block`
+- `catalog_search_edit`
+- `catalog_search_relatedgrid`
+
+The module interacts with the following layout handles in the `view/frontend/layout` directory:
+
+- `catalogsearch_result_index`
+
+For more information about layouts in Magento 2, see the [Layout documentation](https://devdocs.magento.com/guides/v2.3/frontend-dev-guide/layouts/layout-overview.html).

app/code/Magento/Amqp/README.md

@@ -1,3 +1,9 @@
-# Amqp
+# Magento_Amqp module
 
-**Amqp** provides functionality to publish/consume messages with Amqp.
+Magento_Amqp module provides functionality to publish/consume messages with the Advanced Message Queuing Protocol (AMQP).
+
+## Extensibility
+
+Extension developers can interact with the Magento_Amqp module. For more information about the Magento extension mechanism, see [Magento plug-ins](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/plugins.html).
+
+[The Magento dependency injection mechanism](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/depend-inj.html) enables you to override the functionality of the Magento_Amqp module.

app/code/Magento/AsynchronousOperations/README.md

@@ -1 +1,48 @@
- This component is designed  to provide response for client who launched the bulk operation as soon as possible and postpone handling of operations moving them to background handler.
+# Magento_AsynchronousOperations module
+
+This component is designed to provide a response for a client that launched the bulk operation as soon as possible and postpone handling of operations moving them to the background handler.
+
+## Installation details
+
+The Magento_AsynchronousOperations module creates the following tables in the database:
+
+- `magento_bulk`
+- `magento_operation`
+- `magento_acknowledged_bulk`
+
+Before disabling or uninstalling this module, note that the following modules depends on this module:
+
+- Magento_WebapiAsync 
+
+For information about module installation in Magento 2, see [Enable or disable modules](https://devdocs.magento.com/guides/v2.3/install-gde/install/cli/install-cli-subcommands-enable.html).
+
+## Extensibility
+
+Extension developers can interact with the Magento_AsynchronousOperations module. For more information about the Magento extension mechanism, see [Magento plug-ins](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/plugins.html).
+
+[The Magento dependency injection mechanism](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/depend-inj.html) enables you to override the functionality of the Magento_AsynchronousOperations module.
+
+### Layouts
+
+This module introduces the following layouts and layout handles in the `view/adminhtml/layout` directory:
+
+- `bulk_bulk_details`
+- `bulk_bulk_details_modal`
+- `bulk_index_index`
+
+For more information about layouts in Magento 2, see the [Layout documentation](https://devdocs.magento.com/guides/v2.3/frontend-dev-guide/layouts/layout-overview.html).
+
+### UI components
+
+You can extend Magento_AsynchronousOperations module using the following configuration files in the `view/adminhtml/ui_component/` directory:
+
+- `bulk_details_form`
+- `bulk_details_form_modal`
+- `bulk_listing`
+- `failed_operation_listing`
+- `failed_operation_modal_listing`
+- `notification_area`
+- `retriable_operation_listing`
+- `retriable_operation_modal_listing`
+
+For information about UI components in Magento 2, see [Overview of UI components](https://devdocs.magento.com/guides/v2.3/ui_comp_guide/bk-ui_comps.html).

app/code/Magento/Authorization/README.md

@@ -1,4 +1,20 @@
-# Authorization
+# Magento_Authorization module
 
-**Authorization** enables management of access control list roles and
-rules in the application.
+The Magento_Authorization module enables management of access control list roles and rules in the application.
+
+## Installation details
+
+The Magento_AdminNotification module creates the following tables in the database:
+
+- `authorization_role`
+- `authorization_rule`
+
+Before disabling or uninstalling this module, note that the Magento_GraphQl module depends on this module.
+
+For information about module installation in Magento 2, see [Enable or disable modules](https://devdocs.magento.com/guides/v2.3/install-gde/install/cli/install-cli-subcommands-enable.html).
+
+## Extensibility
+
+Extension developers can interact with the Magento_Authorization module. For more information about the Magento extension mechanism, see [Magento plug-ins](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/plugins.html).
+
+[The Magento dependency injection mechanism](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/depend-inj.html) enables you to override the functionality of the Magento_Authorization module.

app/code/Magento/AuthorizenetAcceptjs/README.md

@@ -1 +1,29 @@
+# Magento_AuthorizenetAcceptjs module
+
 The Magento_AuthorizenetAcceptjs module implements the integration with the Authorize.Net payment gateway and makes the latter available as a payment method in Magento.
+
+## Installation details
+
+Before disabling or uninstalling this module, note that the `Magento_AuthorizenetCardinal` module depends on this module.
+
+For information about module installation in Magento 2, see [Enable or disable modules](https://devdocs.magento.com/guides/v2.3/install-gde/install/cli/install-cli-subcommands-enable.html).
+
+## Structure
+
+`Gateway/` - the directory that contains payment gateway command interfaces and service classes.
+
+For information about typical file structure of a module in Magento 2, see [Module file structure](http://devdocs.magento.com/guides/v2.3/extension-dev-guide/build/module-file-structure.html#module-file-structure).
+
+## Extensibility
+
+Extension developers can interact with the Magento_AuthorizenetAcceptjs module. For more information about the Magento extension mechanism, see [Magento plug-ins](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/plugins.html).
+
+[The Magento dependency injection mechanism](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/depend-inj.html) enables you to override the functionality of the Magento_AuthorizenetAcceptjs module.
+
+### Events
+
+This module observes the following events:
+
+- `payment_method_assign_data_authorizenet_acceptjs` event in the `Magento\AuthorizenetAcceptjs\Observer\DataAssignObserver` file.
+
+For information about an event in Magento 2, see [Events and observers](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/events-and-observers.html#events).

app/code/Magento/AuthorizenetCardinal/README.md

@@ -1 +1,23 @@
-The AuthorizenetCardinal module provides a possibility to enable 3-D Secure 2.0 support for AuthorizenetAcceptjs payment integration.
+# Magento_AuthorizenetCardinal module
+
+Use the Magento_AuthorizenetCardinal module to enable 3D Secure 2.0 support for AuthorizenetAcceptjs payment integrations.
+
+## Structure
+
+`Gateway/` - the directory that contains payment gateway command interfaces and service classes.
+
+For information about typical file structure of a module in Magento 2, see [Module file structure](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/build/module-file-structure.html#module-file-structure).
+
+## Extensibility
+
+Extension developers can interact with the Magento_AuthorizenetCardinal module. For more information about the Magento extension mechanism, see [Magento plug-ins](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/plugins.html).
+
+[The Magento dependency injection mechanism](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/depend-inj.html) enables you to override the functionality of the Magento_AuthorizenetCardinal module.
+
+### Events
+   
+This module observes the following events:
+
+- `payment_method_assign_data_authorizenet_acceptjs` event in the `Magento\AuthorizenetCardinal\Observer\DataAssignObserver` file.
+
+For information about an event in Magento 2, see [Events and observers](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/events-and-observers.html#events).

app/code/Magento/AuthorizenetGraphQl/README.md

@@ -1,3 +1,9 @@
-# AuthorizenetGraphQl
+# Magento_AuthorizenetGraphQl module
 
- **AuthorizenetGraphQl** defines the data types needed to pass payment information data from the client to Magento.
+The Magento_AuthorizenetGraphQl module defines the data types needed to pass payment information data from the client to Magento.
+
+## Extensibility
+
+Extension developers can interact with the Magento_AuthorizenetGraphQl module. For more information about the Magento extension mechanism, see [Magento plug-ins](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/plugins.html).
+
+[The Magento dependency injection mechanism](https://devdocs.magento.com/guides/v2.3/extension-dev-guide/depend-inj.html) enables you to override the functionality of the Magento_AuthorizenetGraphQl module.

app/code/Magento/Backend/Block/Widget/Grid/Massaction/Extended.php

@@ -3,17 +3,19 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
 namespace Magento\Backend\Block\Widget\Grid\Massaction;
 
+use Magento\Framework\Data\Collection\AbstractDb;
+use Magento\Framework\DB\Select;
+
 /**
  * Grid widget massaction block
  *
  * @api
  * @deprecated 100.2.0 in favour of UI component implementation
  * @method \Magento\Quote\Model\Quote setHideFormElement(boolean $value) Hide Form element to prevent IE errors
  * @method boolean getHideFormElement()
- * @author      Magento Core Team <core@magentocommerce.com>
+ * @author Magento Core Team <core@magentocommerce.com>
  * @TODO MAGETWO-31510: Remove deprecated class
  * @since 100.0.2
  */
@@ -156,7 +158,7 @@ public function getItemsJson()
      */
     public function getCount()
     {
-        return sizeof($this->_items);
+        return count($this->_items);
     }
 
     /**
@@ -248,6 +250,8 @@ public function getApplyButtonHtml()
     }
 
     /**
+     * Get mass action javascript code
+     *
      * @return string
      */
     public function getJavaScript()
@@ -264,6 +268,8 @@ public function getJavaScript()
     }
 
     /**
+     * Get grid ids in JSON format
+     *
      * @return string
      */
     public function getGridIdsJson()
@@ -281,15 +287,24 @@ public function getGridIdsJson()
             $massActionIdField = $this->getParentBlock()->getMassactionIdField();
         }
 
-        $gridIds = $allIdsCollection->setPageSize(0)->getColumnValues($massActionIdField);
-
-        if (!empty($gridIds)) {
-            return join(",", $gridIds);
+        if ($allIdsCollection instanceof AbstractDb) {
+            $idsSelect = clone $allIdsCollection->getSelect();
+            $idsSelect->reset(Select::ORDER);
+            $idsSelect->reset(Select::LIMIT_COUNT);
+            $idsSelect->reset(Select::LIMIT_OFFSET);
+            $idsSelect->reset(Select::COLUMNS);
+            $idsSelect->columns($massActionIdField);
+            $idList = $allIdsCollection->getConnection()->fetchCol($idsSelect);
+        } else {
+            $idList = $allIdsCollection->setPageSize(0)->getColumnValues($massActionIdField);
         }
-        return '';
+
+        return implode(',', $idList);
     }
 
     /**
+     * Retrieve massaction block js object name
+     *
      * @return string
      */
     public function getHtmlId()

app/code/Magento/Backend/etc/adminhtml/system.xml

@@ -145,7 +145,9 @@
                 <field id="allow_symlink" translate="label comment" type="select" sortOrder="10" showInDefault="1" showInWebsite="1" showInStore="1">
                     <label>Allow Symlinks</label>
                     <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
-                    <comment>Warning! Enabling this feature is not recommended on production environments because it represents a potential security risk.</comment>
+                    <comment>
+                        <![CDATA[<strong style="color:red">Warning!</strong> Enabling this feature is not recommended on production environments because it represents a potential security risk.]]>
+                    </comment>
                 </field>
                 <field id="minify_html" translate="label comment" type="select" sortOrder="25" showInDefault="1" showInWebsite="1" showInStore="1" canRestore="1">
                     <label>Minify Html</label>
@@ -435,7 +437,7 @@
                     <label>Admin Session Lifetime (seconds)</label>
                     <comment>Please enter at least 60 and at most 31536000 (one year).</comment>
                     <backend_model>Magento\Backend\Model\Config\SessionLifetime\BackendModel</backend_model>
-                    <validate>validate-digits</validate>
+                    <validate>validate-digits validate-digits-range digits-range-60-31536000</validate>
                 </field>
             </group>
             <group id="dashboard" translate="label" sortOrder="40" showInDefault="1" showInWebsite="0" showInStore="0">
@@ -536,7 +538,7 @@
                     <label>Enable HTTP Strict Transport Security (HSTS)</label>
                     <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
                     <backend_model>Magento\Config\Model\Config\Backend\Secure</backend_model>
-                    <comment><![CDATA[See <a href="https://www.owasp.org/index.php/HTTP_Strict_Transport_Security" target="_blank">HTTP Strict Transport Security</a> page for details.]]></comment>
+                    <comment><![CDATA[See <a href="https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html" target="_blank">HTTP Strict Transport Security</a> page for details.]]></comment>
                     <depends>
                         <field id="use_in_frontend">1</field>
                         <field id="use_in_adminhtml">1</field>

app/code/Magento/Backend/i18n/en_US.csv

@@ -333,7 +333,7 @@ Debug,Debug
 "Add Block Names to Hints","Add Block Names to Hints"
 "Template Settings","Template Settings"
 "Allow Symlinks","Allow Symlinks"
-"Warning! Enabling this feature is not recommended on production environments because it represents a potential security risk.","Warning! Enabling this feature is not recommended on production environments because it represents a potential security risk."
+"<strong style=""color:red"">Warning!</strong> Enabling this feature is not recommended on production environments because it represents a potential security risk.","<strong style=""color:red"">Warning!</strong> Enabling this feature is not recommended on production environments because it represents a potential security risk."
 "Minify Html","Minify Html"
 "Minification is not applied in developer mode.","Minification is not applied in developer mode."
 "Translate Inline","Translate Inline"

app/code/Magento/Backend/view/adminhtml/templates/admin/access_denied.phtml

@@ -21,10 +21,10 @@
         <li>
             <span><?= $block->escapeHtml(__('Return to ')) ?>
                 <?php if (isset($_SERVER['HTTP_REFERER'])) : ?>
-                    <a href="<?= $block->escapeUrl(__($_SERVER['HTTP_REFERER'])) ?>">
+                    <a href="<?= $block->escapeUrl($_SERVER['HTTP_REFERER']) ?>">
                         <?= $block->escapeHtml(__('previous page')) ?></a><?= $block->escapeHtml(__('.')) ?>
                 <?php else : ?>
-                    <a href="<?= $block->escapeHtmlAttr(__('javascript:history.back()')) ?>">
+                    <a href="<?= $block->escapeHtmlAttr('javascript:history.back()') ?>">
                         <?= $block->escapeHtml(__('previous page')) ?></a><?= $block->escapeHtml(__('.')) ?>
                 <?php endif ?>
             </span>

app/code/Magento/Bundle/Plugin/UpdatePriceInQuoteItemOptions.php

@@ -42,7 +42,7 @@ public function afterCalcRowTotal(OrigQuoteItem $subject, AbstractItem $result)
     {
         $bundleAttributes = $result->getProduct()->getCustomOption('bundle_selection_attributes');
         if ($bundleAttributes !== null) {
-            $actualPrice = $result->getPrice();
+            $actualPrice = (float)$result->getPrice();
             $parsedValue = $this->serializer->unserialize($bundleAttributes->getValue());
             if (is_array($parsedValue) && array_key_exists('price', $parsedValue)) {
                 $parsedValue['price'] = $actualPrice;