Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
| * | | Remove link to "Contents" from the help table of contect sidebar. | Harald Eilertsen | 2024-09-29 | 1 | -2/+4 | |
| |/ | | | | | | | | | Changes the element where the jQuery.toc plugin looks for headings to only include the actual help contents, not the toc itself. | |||||
* | | Merge branch 'security/update/smarty' into 'dev' | Mario | 2024-09-30 | 13 | -106/+95 | |
|\ \ | |/ |/| | | | | | deps: Upgrade smarty/smarty to version 4.5.4 See merge request hubzilla/core!2143 | |||||
| * | deps: Upgrade smarty/smarty to version 4.5.4 | Harald Eilertsen | 2024-09-28 | 13 | -106/+95 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This eliminates a potential vulnerability where an template author could inject arbitrary PHP files to be run via the 'extends' tag. See: - https://github.com/smarty-php/smarty/security/advisories/GHSA-4rmg-292m-wg3w - https://github.com/smarty-php/smarty/commit/0be92bc8a6fb83e6e0d883946f7e7c09ba4e857a Impact assessment: In our case I would consider this a low severity issue as we don't allow users to dynamically add or edit smarty templates. Templates has to be updated via merge requests, or by installing a theme. In both cases a malicious attacker already has easier ways to inject whatever code they want. Further, the extend tag is not in use in any of our core templates. | |||||
* | | Merge branch 'cherry-pick-d1811ea1' into 'dev' | Mario | 2024-09-27 | 2 | -13199/+13329 | |
|\ \ | | | | | | | | | | | | | Update Spanish strings See merge request hubzilla/core!2142 | |||||
| * | | Update Spanish strings | Manuel Jiménez Friaza | 2024-09-27 | 2 | -13199/+13329 | |
| | | | | | | | | | | | | | | | (cherry picked from commit d1811ea1f3f7249023c51104154d680f09df8572) Co-authored-by: mjfriaza:4GF~eYj,-iAv <mjfriaza@disroot.org> | |||||
* | | | adjust post app icon and remove obsolete arguments | Mario | 2024-09-27 | 1 | -3/+3 | |
|/ / | ||||||
* / | update changelog | Mario | 2024-09-25 | 1 | -1/+1 | |
|/ | ||||||
* | Merge branch 'dev' of https://framagit.org/hubzilla/core into dev | Mario | 2024-09-25 | 4 | -10/+16 | |
|\ | ||||||
| * | Merge branch 'remove-tests-from-autoload' into 'dev' | Mario | 2024-09-25 | 4 | -10/+16 | |
| |\ | | | | | | | | | | | | | Don't autoload test cases using composer. See merge request hubzilla/core!2141 | |||||
| | * | Don't autoload test cases using composer. | Harald Eilertsen | 2024-09-24 | 4 | -10/+16 | |
| |/ | | | | | | | | | | | | | Introduces a bootstrap file that ensures that the base test case classes are loaded and available instead. This reduces the number of warnings when running composer install. | |||||
* / | update changelog | Mario | 2024-09-25 | 1 | -0/+3 | |
|/ | ||||||
* | mod help: only abort requests without topic if we have not got a search request | Mario | 2024-09-24 | 1 | -1/+2 | |
| | ||||||
* | update changelog | Mario | 2024-09-24 | 1 | -0/+4 | |
| | ||||||
* | notes: make sure we set App::$profile_uid in the module - issue #1865 and ↵ | Mario Vavti | 2024-09-22 | 2 | -15/+24 | |
| | | | | minor code cleanup | |||||
* | bump dev version | Mario Vavti | 2024-09-20 | 1 | -1/+1 | |
| | ||||||
* | version 9.4RC, strings, autoload dump | Mario Vavti | 2024-09-20 | 2 | -7969/+8106 | |
| | ||||||
* | changelog | Mario | 2024-09-20 | 1 | -0/+30 | |
| | ||||||
* | whitespace | Mario | 2024-09-19 | 1 | -1/+0 | |
| | ||||||
* | prefer token if available | Mario | 2024-09-19 | 2 | -16/+15 | |
| | ||||||
* | display title only for toplevel items | Mario | 2024-09-18 | 1 | -1/+1 | |
| | ||||||
* | Adjust fix_attached_permissions() so that if we got a token, we will just ↵ | Mario | 2024-09-18 | 2 | -8/+18 | |
| | | | | add the token to the original ACL instead of rewriting the ACL to theitem ACL - it probably makes much more sense that way | |||||
* | remove garbage | Mario | 2024-09-18 | 1 | -5/+0 | |
| | ||||||
* | not yet ready for primetime | Mario | 2024-09-18 | 2 | -1/+6 | |
| | ||||||
* | allow uploading to comments if ocap tokens are enabled | Mario | 2024-09-18 | 1 | -7/+13 | |
| | ||||||
* | refactor get_security_ids() to remove some legacy code from the zot/zot6 ↵ | Mario | 2024-09-18 | 1 | -36/+41 | |
| | | | | transition and re-add scope sql to item_permissions_sql() | |||||
* | fa2bi fixes | Mario | 2024-09-05 | 2 | -5/+5 | |
| | ||||||
* | fa2bi fixes | Mario | 2024-08-28 | 1 | -2/+2 | |
| | ||||||
* | fa2bi fixes | Mario | 2024-08-09 | 1 | -1/+1 | |
| | ||||||
* | fa2bi fixes | Mario | 2024-08-09 | 1 | -7/+7 | |
| | ||||||
* | fa2bi fixes | Mario | 2024-08-09 | 2 | -2/+3 | |
| | ||||||
* | bump version | Mario | 2024-08-08 | 1 | -1/+1 | |
| | ||||||
* | remove fork awesome | Mario | 2024-08-08 | 12 | -6438/+0 | |
| | ||||||
* | fa2bi fix | Mario | 2024-08-08 | 1 | -14/+1 | |
| | ||||||
* | missing class | Mario | 2024-08-08 | 1 | -1/+1 | |
| | ||||||
* | fa2bi fixes | Mario | 2024-08-05 | 4 | -5/+5 | |
| | ||||||
* | improved content and comment collapse/expand rendering | Mario | 2024-08-04 | 6 | -14/+30 | |
| | ||||||
* | add support for inbound locations | Mario | 2024-08-02 | 1 | -0/+7 | |
| | ||||||
* | streamline location rendering | Mario | 2024-08-02 | 5 | -20/+24 | |
| | ||||||
* | fa2bi fixes | Mario | 2024-08-02 | 6 | -18/+9 | |
| | ||||||
* | fa2bi: catch some remains | Mario | 2024-08-02 | 10 | -23/+23 | |
| | ||||||
* | fa2bi: fix directory sort icon | Mario | 2024-08-02 | 1 | -1/+1 | |
| | ||||||
* | fa2bi: some sed woodoo on templates and manual fixes in js and php files | Mario | 2024-08-02 | 115 | -464/+468 | |
| | ||||||
* | fix html2bbcode table and add test | Mario | 2024-08-02 | 2 | -5/+6 | |
| | ||||||
* | fa2bi continued | Mario | 2024-07-31 | 2 | -52/+52 | |
| | ||||||
* | fa2bi continued | Mario | 2024-07-31 | 1 | -5/+5 | |
| | ||||||
* | fa2bi continued | Mario | 2024-07-30 | 1 | -2/+2 | |
| | ||||||
* | fa2bi continued | Mario | 2024-07-30 | 1 | -18/+7 | |
| | ||||||
* | fa2bi continued | Mario | 2024-07-30 | 1 | -1/+1 | |
| | ||||||
* | fa2bi continued | Mario | 2024-07-30 | 2 | -29/+29 | |
| | ||||||
* | streamline calendar icon | Mario | 2024-07-30 | 1 | -1/+1 | |
| |