Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | missing files after composer updates | Mario | 2022-05-20 | 35 | -0/+1890 |
| | |||||
* | do not show deprecated warnings by default | Mario | 2022-05-19 | 1 | -1/+1 |
| | |||||
* | update composer libs | Mario | 2022-05-19 | 344 | -16726/+1116 |
| | |||||
* | update to remove core apps (wiki, cards, articles) which have been moved to ↵ | Mario | 2022-05-19 | 2 | -2/+25 |
| | | | | addons | ||||
* | add a hidden config for the hs2019 http sig algo | Mario | 2022-05-19 | 1 | -2/+5 |
| | |||||
* | rendering fixes | Mario | 2022-05-19 | 4 | -17/+22 |
| | |||||
* | implement starring of pubstream items | Mario | 2022-05-18 | 2 | -12/+27 |
| | |||||
* | make sure we use source.content when rendering events to correctly render ↵ | Mario | 2022-05-16 | 2 | -5/+12 |
| | | | | observer related content. fix wrong media types. | ||||
* | fix php errors | Mario | 2022-05-14 | 1 | -3/+3 |
| | |||||
* | add the title in forum post reshares | Mario | 2022-05-14 | 1 | -0/+1 |
| | |||||
* | do not set allowed to true if verb is ACTIVITY_SHARE and slightly changed ↵ | Mario | 2022-05-13 | 1 | -3/+7 |
| | | | | logic for conv fetches | ||||
* | do not stringify integer value | Mario | 2022-05-11 | 1 | -1/+1 |
| | |||||
* | update queries in mod search - fixes #1677 | Mario | 2022-05-11 | 2 | -27/+24 |
| | |||||
* | deal with pleroma reactions | Mario | 2022-05-10 | 1 | -0/+8 |
| | |||||
* | use rev instead of _updated and the unix timestamp is less likely to cause ↵ | Mario | 2022-05-09 | 1 | -1/+1 |
| | | | | issues in the future | ||||
* | use addr for webfinger and name for the real name in the userinfo array | Mario | 2022-05-09 | 1 | -1/+2 |
| | |||||
* | add the update date to the icon url. some platforms will not update if the ↵ | Mario | 2022-05-07 | 1 | -1/+1 |
| | | | | icon url remains static | ||||
* | cleanup channel apps | Mario | 2022-05-07 | 1 | -24/+0 |
| | |||||
* | more cleanup | Mario | 2022-05-06 | 3 | -13/+6 |
| | |||||
* | some cleanup after moving articles and cards to addons | Mario | 2022-05-06 | 3 | -85/+3 |
| | |||||
* | fix core issue #1676 and a liked/disliked/commented confusion | Mario | 2022-05-06 | 2 | -9/+40 |
| | |||||
* | move wiki to addons | Mario | 2022-05-06 | 8 | -2112/+0 |
| | |||||
* | move articles to addon - also remove the pdl | Mario | 2022-05-04 | 1 | -14/+0 |
| | |||||
* | move articles to addon | Mario | 2022-05-04 | 2 | -370/+0 |
| | |||||
* | move cards to addon | Mario | 2022-05-04 | 7 | -383/+11 |
| | |||||
* | changelog and version | Mario Vavti | 2022-04-26 | 2 | -1/+5 |
| | |||||
* | hubloc in AS has been moved from data to meta a while ago | Mario Vavti | 2022-04-26 | 1 | -2/+2 |
| | |||||
* | version bump | Mario Vavti | 2022-04-25 | 1 | -1/+1 |
| | |||||
* | more changelog | Mario Vavti | 2022-04-25 | 1 | -0/+1 |
| | |||||
* | changelog | Mario Vavti | 2022-04-25 | 1 | -0/+9 |
| | |||||
* | whitespace | Mario Vavti | 2022-04-25 | 1 | -1/+1 |
| | |||||
* | if we have not been provided a profile id set the profile id to the default ↵ | Mario Vavti | 2022-04-25 | 1 | -0/+4 |
| | | | | profile - fixes #1671 | ||||
* | Merge branch 'dev' of https://framagit.org/hubzilla/core into dev | Mario Vavti | 2022-04-23 | 1 | -3/+8 |
|\ | |||||
| * | check if addons have been removed from the filesystem and also remove them ↵ | Mario | 2022-04-22 | 1 | -3/+8 |
| | | | | | | | | from the db if that is the case | ||||
* | | fix regression with incoming poll answers from activitypub | Mario Vavti | 2022-04-23 | 1 | -1/+1 |
|/ | |||||
* | move AP addressing to pubcrawl | Mario Vavti | 2022-04-07 | 1 | -122/+14 |
| | | | (cherry picked from commit 1390e1db399c06cb76e191437eb5be24dd95a5c7) | ||||
* | fixes in regard to hub re-installs: dismiss deleted hublocs, make sure we ↵ | Mario | 2022-04-01 | 3 | -11/+11 |
| | | | | use the latest hubloc entry for addressing, in Queue::deliver() prefer primaries since their info is probably more accurate | ||||
* | fix PHP error | Mario | 2022-03-31 | 1 | -3/+6 |
| | |||||
* | update changelog | Mario Vavti | 2022-03-29 | 1 | -1/+1 |
| | |||||
* | Merge branch 'fix-changelog' into 'dev' | Mario | 2022-03-27 | 1 | -2/+3 |
|\ | | | | | | | | | Update changelog with missing fix and cve See merge request hubzilla/core!2018 | ||||
| * | Update changelog with missing fix and cve | Harald Eilertsen | 2022-03-25 | 1 | -2/+3 |
|/ | |||||
* | changelog | Mario | 2022-03-25 | 1 | -0/+38 |
| | |||||
* | bump dev version | Mario | 2022-03-23 | 1 | -1/+1 |
| | |||||
* | strings | Mario | 2022-03-23 | 2 | -860/+933 |
| | |||||
* | make sure to set comments_closed to the created date if nocomment is set | Mario Vavti | 2022-03-23 | 1 | -1/+1 |
| | |||||
* | streamline comment policy with downstream | Mario | 2022-03-23 | 2 | -33/+5 |
| | |||||
* | Merge branch 'security-fixes-lfi-xss-open-redirect' into 'dev' | Mario | 2022-03-23 | 15 | -50/+122 |
|\ | | | | | | | | | Security fixes See merge request hubzilla/core!2017 | ||||
| * | CVE-2022-27256: Open redirect via rpath query param. | Harald Eilertsen | 2022-03-20 | 10 | -27/+27 |
| | | | | | | | | | | | | | | | | Don't follow urls to external sites when submitting forms from the settings modules. This mitigates an Open Redirect vulnerability where an attacker could trick a user to go to an attacker controlled destination. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666 | ||||
| * | Add function is_local_url() to check if url is local. | Harald Eilertsen | 2022-03-20 | 2 | -0/+41 |
| | | |||||
| * | CVE-2022-27258: XSS via rpath query param. | Harald Eilertsen | 2022-03-20 | 10 | -20/+20 |
| | | | | | | | | | | | | | | | | | | | | Escape URLs provided by the rpath query param in settings modules. This prevents a possible Cross-Site scripting vulnerability, where an attacker could inject web scripts and html into the settings form via the rpath query parameter, and have a user execute the script by tricking them to clicking a link. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666 |