Du Peng
|
da8fa6b996
|
Version 5.4.14
|
2022-08-01 18:25:06 +02:00 |
|
Du Peng
|
68dc18a68d
|
Merge remote-tracking branch 'origin/2pcjn0j-files-format-vulnerability' into dev
|
2022-08-01 18:18:06 +02:00 |
|
Du Peng
|
549a719413
|
Merge remote-tracking branch 'origin/2pcjmhw-xss-vulnerability' into dev
|
2022-08-01 18:17:08 +02:00 |
|
Du Peng
|
974894ecad
|
Merge remote-tracking branch 'origin/2p0y6jt-show-project-tags' into dev
|
2022-08-01 18:12:09 +02:00 |
|
Cyril
|
be53adb551
|
Display the tag and theme field on the detail view of a project
|
2022-08-01 17:44:36 +02:00 |
|
Nicolas Florentin
|
1d6a59dd67
|
improvement: add complexity check of the user password
|
2022-07-29 17:37:42 +02:00 |
|
Nicolas Florentin
|
98c7da492d
|
prevents users enumeration attacks by not giving any info about the validity of the email
|
2022-07-29 16:02:58 +02:00 |
|
Nicolas Florentin
|
792b899d29
|
improvement: adds redis-session-store to store session and improves session security
|
2022-07-29 15:28:57 +02:00 |
|
Nicolas Florentin
|
879a7ba33f
|
improvement: makes rmagick, minimagick and mime types less explicit to improve security
|
2022-07-29 14:53:08 +02:00 |
|
Sylvain
|
acbd327f6d
|
(test) Added a test for multiple reservations on the same space slot
|
2022-07-27 17:28:30 +02:00 |
|
Nicolas Florentin
|
a8d0df11d3
|
projects/index/json.jbuilder : sanitize project description
|
2022-07-27 17:16:48 +02:00 |
|
Nicolas Florentin
|
a7290147c7
|
adds missing tag style to action_view.sanitized_allowed_tags
|
2022-07-27 17:16:48 +02:00 |
|
Nicolas Florentin
|
e4fb068c12
|
fix xss vulnerability in projects
|
2022-07-27 17:16:38 +02:00 |
|
Nicolas Florentin
|
9bc2d4f96c
|
improves file validation, validation is now based on content of the file in addition of the validation of the extension
|
2022-07-27 17:14:15 +02:00 |
|
Sylvain
|
de5c5f7385
|
(security) Merge pull request #384 from sleede/dependabot/npm_and_yarn/moment-2.29.4
Bump moment from 2.29.2 to 2.29.4
|
2022-07-27 16:21:04 +02:00 |
|
dependabot[bot]
|
5f6a26e826
|
Bump moment from 2.29.2 to 2.29.4
Bumps [moment](https://github.com/moment/moment) from 2.29.2 to 2.29.4.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.29.2...2.29.4)
---
updated-dependencies:
- dependency-name: moment
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-07-27 14:01:15 +00:00 |
|
Sylvain
|
f4375242eb
|
Merge branch 'dev' for release 5.4.13
|
2022-07-27 16:00:12 +02:00 |
|
Sylvain
|
f09ea8446d
|
Version 5.4.13
|
2022-07-27 16:00:11 +02:00 |
|
Sylvain
|
bfb01d6420
|
Merge pull request #383 from sleede/l10n_dev
New Crowdin updates
|
2022-07-27 15:55:35 +02:00 |
|
Sylvain
|
5ceb06747f
|
New translations en.yml (Portuguese)
|
2022-07-27 15:36:31 +02:00 |
|
Sylvain
|
0d8914dd60
|
New translations mails.en.yml (Portuguese)
|
2022-07-27 15:36:30 +02:00 |
|
Sylvain
|
8bc933162a
|
New translations app.admin.en.yml (Portuguese)
|
2022-07-27 15:36:29 +02:00 |
|
Sylvain
|
3f84c2dfa1
|
(bug) ics description not using new methdod
|
2022-07-27 13:58:52 +02:00 |
|
Du Peng
|
677b796d32
|
fix bug: user validation required alert is displayed and disappears instantly
|
2022-07-27 13:16:51 +02:00 |
|
Sylvain
|
5d6dc2a142
|
Merge pull request #382 from sleede/l10n_dev
New Crowdin updates
|
2022-07-27 12:08:52 +02:00 |
|
Sylvain
|
055bfcbb66
|
New translations en.yml (French)
|
2022-07-27 12:08:24 +02:00 |
|
Sylvain
|
71b86fdeaa
|
New translations en.yml (Zulu)
|
2022-07-27 12:06:55 +02:00 |
|
Sylvain
|
d68b40e3ea
|
New translations en.yml (Portuguese)
|
2022-07-27 12:06:53 +02:00 |
|
Sylvain
|
11e82a6a53
|
New translations en.yml (Norwegian)
|
2022-07-27 12:06:52 +02:00 |
|
Sylvain
|
dbe00672bc
|
New translations en.yml (German)
|
2022-07-27 12:06:51 +02:00 |
|
Sylvain
|
0f8e4af6ff
|
New translations en.yml (Spanish)
|
2022-07-27 12:06:50 +02:00 |
|
Sylvain
|
fba9ce8d94
|
New translations en.yml (French)
|
2022-07-27 12:06:48 +02:00 |
|
Sylvain
|
445e63b44c
|
(feature) Improved attached ICS file texts, in reservations emails
|
2022-07-27 12:04:23 +02:00 |
|
Sylvain
|
28e9d69237
|
Merge pull request #381 from sleede/l10n_dev
New Crowdin updates
|
2022-07-27 10:50:35 +02:00 |
|
Sylvain
|
52f91ab465
|
New translations app.admin.en.yml (French)
|
2022-07-27 10:13:22 +02:00 |
|
Sylvain
|
722e29224d
|
New translations en.yml (French)
|
2022-07-27 10:13:12 +02:00 |
|
Sylvain
|
eb530a90f5
|
New translations app.admin.en.yml (Zulu)
|
2022-07-27 10:11:51 +02:00 |
|
Sylvain
|
4d0958e5e8
|
New translations app.admin.en.yml (Norwegian)
|
2022-07-27 10:11:50 +02:00 |
|
Sylvain
|
ea31759df2
|
New translations app.admin.en.yml (German)
|
2022-07-27 10:11:49 +02:00 |
|
Sylvain
|
d3f308db2a
|
New translations app.admin.en.yml (Spanish)
|
2022-07-27 10:11:47 +02:00 |
|
Sylvain
|
87a4510f29
|
New translations app.admin.en.yml (French)
|
2022-07-27 10:11:44 +02:00 |
|
Sylvain
|
3f683fd070
|
New translations en.yml (Zulu)
|
2022-07-27 10:11:34 +02:00 |
|
Sylvain
|
39042791f5
|
New translations en.yml (Portuguese)
|
2022-07-27 10:11:33 +02:00 |
|
Sylvain
|
72d7cdf801
|
New translations en.yml (Norwegian)
|
2022-07-27 10:11:32 +02:00 |
|
Sylvain
|
750a5b75b1
|
New translations en.yml (German)
|
2022-07-27 10:11:31 +02:00 |
|
Sylvain
|
7542c52f57
|
New translations en.yml (Spanish)
|
2022-07-27 10:11:30 +02:00 |
|
Sylvain
|
fb2bd127e7
|
New translations en.yml (French)
|
2022-07-27 10:11:28 +02:00 |
|
Sylvain
|
f943f68d7b
|
New translations app.admin.en.yml (Portuguese)
|
2022-07-27 10:11:25 +02:00 |
|
Sylvain
|
986063b134
|
updated changelog (#377)
|
2022-07-27 10:09:05 +02:00 |
|
Sylvain
|
7fa9414527
|
Merge pull request #377 from Guichaguri/fix/ignore-empty-from-sso
(bug) Fix SSO data being overridden when it is empty and the user can change it
|
2022-07-27 10:08:00 +02:00 |
|