aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * | Remove link to "Contents" from the help table of contect sidebar.Harald Eilertsen2024-09-291-2/+4
| |/ | | | | | | | | Changes the element where the jQuery.toc plugin looks for headings to only include the actual help contents, not the toc itself.
* | Merge branch 'security/update/smarty' into 'dev'Mario2024-09-3013-106/+95
|\ \ | |/ |/| | | | | deps: Upgrade smarty/smarty to version 4.5.4 See merge request hubzilla/core!2143
| * deps: Upgrade smarty/smarty to version 4.5.4Harald Eilertsen2024-09-2813-106/+95
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This eliminates a potential vulnerability where an template author could inject arbitrary PHP files to be run via the 'extends' tag. See: - https://github.com/smarty-php/smarty/security/advisories/GHSA-4rmg-292m-wg3w - https://github.com/smarty-php/smarty/commit/0be92bc8a6fb83e6e0d883946f7e7c09ba4e857a Impact assessment: In our case I would consider this a low severity issue as we don't allow users to dynamically add or edit smarty templates. Templates has to be updated via merge requests, or by installing a theme. In both cases a malicious attacker already has easier ways to inject whatever code they want. Further, the extend tag is not in use in any of our core templates.
* | Merge branch 'cherry-pick-d1811ea1' into 'dev'Mario2024-09-272-13199/+13329
|\ \ | | | | | | | | | | | | Update Spanish strings See merge request hubzilla/core!2142
| * | Update Spanish stringsManuel Jiménez Friaza2024-09-272-13199/+13329
| | | | | | | | | | | | | | | (cherry picked from commit d1811ea1f3f7249023c51104154d680f09df8572) Co-authored-by: mjfriaza:4GF~eYj,-iAv <mjfriaza@disroot.org>
* | | adjust post app icon and remove obsolete argumentsMario2024-09-271-3/+3
|/ /
* / update changelogMario2024-09-251-1/+1
|/
* Merge branch 'dev' of https://framagit.org/hubzilla/core into devMario2024-09-254-10/+16
|\
| * Merge branch 'remove-tests-from-autoload' into 'dev'Mario2024-09-254-10/+16
| |\ | | | | | | | | | | | | Don't autoload test cases using composer. See merge request hubzilla/core!2141
| | * Don't autoload test cases using composer.Harald Eilertsen2024-09-244-10/+16
| |/ | | | | | | | | | | | | Introduces a bootstrap file that ensures that the base test case classes are loaded and available instead. This reduces the number of warnings when running composer install.
* / update changelogMario2024-09-251-0/+3
|/
* mod help: only abort requests without topic if we have not got a search requestMario2024-09-241-1/+2
|
* update changelogMario2024-09-241-0/+4
|
* notes: make sure we set App::$profile_uid in the module - issue #1865 and ↵Mario Vavti2024-09-222-15/+24
| | | | minor code cleanup
* bump dev versionMario Vavti2024-09-201-1/+1
|
* version 9.4RC, strings, autoload dumpMario Vavti2024-09-202-7969/+8106
|
* changelogMario2024-09-201-0/+30
|
* whitespaceMario2024-09-191-1/+0
|
* prefer token if availableMario2024-09-192-16/+15
|
* display title only for toplevel itemsMario2024-09-181-1/+1
|
* Adjust fix_attached_permissions() so that if we got a token, we will just ↵Mario2024-09-182-8/+18
| | | | add the token to the original ACL instead of rewriting the ACL to theitem ACL - it probably makes much more sense that way
* remove garbageMario2024-09-181-5/+0
|
* not yet ready for primetimeMario2024-09-182-1/+6
|
* allow uploading to comments if ocap tokens are enabledMario2024-09-181-7/+13
|
* refactor get_security_ids() to remove some legacy code from the zot/zot6 ↵Mario2024-09-181-36/+41
| | | | transition and re-add scope sql to item_permissions_sql()
* fa2bi fixesMario2024-09-052-5/+5
|
* fa2bi fixesMario2024-08-281-2/+2
|
* fa2bi fixesMario2024-08-091-1/+1
|
* fa2bi fixesMario2024-08-091-7/+7
|
* fa2bi fixesMario2024-08-092-2/+3
|
* bump versionMario2024-08-081-1/+1
|
* remove fork awesomeMario2024-08-0812-6438/+0
|
* fa2bi fixMario2024-08-081-14/+1
|
* missing classMario2024-08-081-1/+1
|
* fa2bi fixesMario2024-08-054-5/+5
|
* improved content and comment collapse/expand renderingMario2024-08-046-14/+30
|
* add support for inbound locationsMario2024-08-021-0/+7
|
* streamline location renderingMario2024-08-025-20/+24
|
* fa2bi fixesMario2024-08-026-18/+9
|
* fa2bi: catch some remainsMario2024-08-0210-23/+23
|
* fa2bi: fix directory sort iconMario2024-08-021-1/+1
|
* fa2bi: some sed woodoo on templates and manual fixes in js and php filesMario2024-08-02115-464/+468
|
* fix html2bbcode table and add testMario2024-08-022-5/+6
|
* fa2bi continuedMario2024-07-312-52/+52
|
* fa2bi continuedMario2024-07-311-5/+5
|
* fa2bi continuedMario2024-07-301-2/+2
|
* fa2bi continuedMario2024-07-301-18/+7
|
* fa2bi continuedMario2024-07-301-1/+1
|
* fa2bi continuedMario2024-07-302-29/+29
|
* streamline calendar iconMario2024-07-301-1/+1
|