Dan Brown
bc291bee78
Added inital phpstan/larastan setup
2021-11-05 16:18:06 +00:00
Dan Brown
d0aa10a8c3
Applied styleci changes
2021-11-05 00:28:41 +00:00
Dan Brown
06b5009842
Standardised laravel validation to be array based
...
Converted from string-only-based validation.
Array based validation works nicer once you have validation classess or
advanced validation options.
2021-11-05 00:26:55 +00:00
Dan Brown
0ba8541370
Updated npm deps
2021-11-04 23:07:36 +00:00
Dan Brown
22024df508
Merge branch 'master' of github.com:BookStackApp/BookStack
2021-11-04 22:58:15 +00:00
Dan Brown
de5322288c
Applied latest styleci changes
2021-11-04 22:57:49 +00:00
Dan Brown
9542509584
New Crowdin updates ( #3038 )
...
Just crowdin aligning string quote styles
2021-11-04 22:57:04 +00:00
Dan Brown
1eed8d6325
Removed style in discord logo to prevent clash with twitter logo
...
Both were using the same class names causing a quadrant of the slack logo
to be the discord brand color.
Related to #3032
2021-11-04 22:52:35 +00:00
Dan Brown
b9a58859a4
Merge branch 'modernize-3rd-party-service-logos' of https://github.com/na3shkw/BookStack into na3shkw-modernize-3rd-party-service-logos
2021-11-04 22:45:57 +00:00
Dan Brown
c9c4dbcb5b
Merge branch 'laravel_upgrade'
2021-11-04 22:42:35 +00:00
Dan Brown
6f75aa9cdc
Reverted shift change to old migration
2021-11-04 22:38:55 +00:00
Dan Brown
9c680efaad
Updated php packages, Added php8.1 to GH actions
2021-11-04 22:29:36 +00:00
Dan Brown
cccee0808f
Updated API examples with date format changes
...
Updated to full ISO-8601 to reflect change in Laravel 7.
2021-11-04 22:02:21 +00:00
Dan Brown
a17be959d8
Applied latest styleci changes
2021-11-01 13:26:02 +00:00
Dan Brown
ce3f489188
Merge branch '3027_attachment_vuln'
2021-11-01 13:25:12 +00:00
Dan Brown
f4201e5740
New Crowdin updates ( #3023 )
...
* New translations errors.php (Polish)
* New translations activities.php (Dutch)
* New translations auth.php (Dutch)
* New translations common.php (Dutch)
* New translations entities.php (Dutch)
* New translations auth.php (Dutch)
* New translations auth.php (Dutch)
* New translations auth.php (Dutch)
* New translations settings.php (Latvian)
2021-11-01 13:16:15 +00:00
na3shkw
7e2c1b31a1
Modernize third party services' logos
2021-11-01 12:41:23 +00:00
Dan Brown
bfbccbede1
Updated attachments to not be saved with a complete extension
...
Intended to limit impact in the event the storage path is potentially
exposed.
2021-11-01 11:32:00 +00:00
Dan Brown
4360da03d4
Ran a pass through image and attachment routes
...
Added some stronger types, formatting changes and simplifications along
the way.
2021-11-01 11:17:30 +00:00
Dan Brown
c7fea8fe08
Cleaned up logic within ImageRepo
...
- Moved out extension check to ImageService as that seems more relevant.
- Updated models to use static-style references instead of facade to align with common modern usage within the app.
- Updated custom image_extension validation rule to use shared logic in image service.
2021-11-01 00:24:42 +00:00
Dan Brown
43830a372f
Updated showImage file serving to not be traversable
...
For #3030
2021-10-31 23:53:17 +00:00
Dan Brown
ae155d6745
Added safe mime sniffing to prevent serving HTML
...
(Amoung other content types)
For #3027
2021-10-31 17:58:56 +00:00
Dan Brown
5c834f24a6
Updated AzureAD provider to use microsoft graph
...
Since AzureAD graph is going away.
Tested using old AzureAD graph usage for backwards-compatbility, did not
seem to break things. Could not test with conditional access though due
to azure never enforcing it no matter what I attempted.
Fpr #3028
2021-10-31 13:09:30 +00:00
Dan Brown
98b23fd7ab
Moved from debugbar to clockwork
2021-10-30 22:03:36 +01:00
Dan Brown
f139cded78
Laravel 8 shift squash & merge ( #3029 )
...
* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift
Co-authored-by: Shift <shift@laravelshift.com>
2021-10-30 21:29:59 +01:00
Dan Brown
85dc8d9791
Updated sponsor link
2021-10-30 11:51:49 +01:00
Dan Brown
5fd10e695a
Added sponsors to readme, updated license file
2021-10-29 21:37:10 +01:00
Dan Brown
e7bec79f25
New Crowdin updates ( #3014 )
...
* New translations entities.php (Estonian)
* New translations entities.php (Estonian)
2021-10-28 15:55:13 +01:00
Dan Brown
4f55fe2f8e
Made further changes to page image extraction validation
...
Fixes #3019
Increased testing to cover the failing case amoung others.
2021-10-28 15:54:00 +01:00
Dan Brown
3166541002
Added test to cover #3010
2021-10-27 12:29:01 +01:00
Dan Brown
b31fbf5ba8
Merge branch 'master' of https://github.com/haxatron/BookStack into haxatron_upload_issue
2021-10-27 12:21:27 +01:00
Dan Brown
624d55a773
New Crowdin updates ( #3006 )
...
* New translations auth.php (Latvian)
* New translations errors.php (Latvian)
* New translations auth.php (Latvian)
* New translations entities.php (Latvian)
* New translations settings.php (Latvian)
* New translations settings.php (Estonian)
* New translations entities.php (Estonian)
* New translations settings.php (Estonian)
* New translations validation.php (Estonian)
* New translations entities.php (Estonian)
* New translations settings.php (Spanish, Argentina)
* New translations settings.php (Vietnamese)
* New translations settings.php (Slovenian)
* New translations settings.php (Swedish)
* New translations settings.php (Turkish)
* New translations settings.php (Ukrainian)
* New translations settings.php (Chinese Simplified)
* New translations settings.php (Chinese Traditional)
* New translations settings.php (Portuguese, Brazilian)
* New translations settings.php (Russian)
* New translations settings.php (Indonesian)
* New translations settings.php (Persian)
* New translations settings.php (Croatian)
* New translations settings.php (Latvian)
* New translations settings.php (Bosnian)
* New translations settings.php (Norwegian Bokmal)
* New translations settings.php (Slovak)
* New translations settings.php (Portuguese)
* New translations settings.php (Polish)
* New translations settings.php (Catalan)
* New translations settings.php (Estonian)
* New translations settings.php (Japanese)
* New translations settings.php (French)
* New translations settings.php (Spanish)
* New translations settings.php (Arabic)
* New translations settings.php (Bulgarian)
* New translations settings.php (Czech)
* New translations settings.php (Dutch)
* New translations settings.php (Danish)
* New translations settings.php (German)
* New translations settings.php (Hebrew)
* New translations settings.php (Hungarian)
* New translations settings.php (Italian)
* New translations settings.php (Korean)
* New translations settings.php (Lithuanian)
* New translations settings.php (German Informal)
* New translations settings.php (Polish)
* New translations settings.php (French)
* New translations settings.php (German)
* New translations settings.php (German Informal)
2021-10-27 12:17:53 +01:00
Dan Brown
f77236aa38
Laravel 7.x Shift ( #3011 )
...
* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7
Co-authored-by: Shift <shift@laravelshift.com>
2021-10-26 22:04:18 +01:00
Dan Brown
42f0ba1875
Added security policy md file
2021-10-26 16:09:41 +01:00
Dan Brown
0d312e5348
Merge pull request #3008 from IndrekHaav/et-typo
...
Minor capitalisation fix for Estonian
2021-10-26 13:33:27 +01:00
Dan Brown
7b244ea012
Updated php deps
...
Also removes abandoned status of sebastian/resource-operations as per
issue #3007
2021-10-26 13:12:40 +01:00
Indrek Haav
538b5ef4eb
Minor capitalisation fix for Estonian
2021-10-26 15:09:38 +03:00
Haxatron
64937ab826
Update ImageRepo.php
...
fix image validation vulnerability
2021-10-26 09:39:16 +08:00
Dan Brown
a5401eb00a
New Crowdin updates ( #3005 )
...
* New translations settings.php (Spanish, Argentina)
* New translations settings.php (Polish)
* New translations settings.php (Estonian)
* New translations errors.php (Spanish, Argentina)
* New translations settings.php (Japanese)
* New translations activities.php (German Informal)
* New translations auth.php (German Informal)
* New translations settings.php (French)
* New translations settings.php (Spanish)
* New translations settings.php (Arabic)
* New translations settings.php (Bulgarian)
* New translations settings.php (Catalan)
* New translations settings.php (Norwegian Bokmal)
* New translations settings.php (German Informal)
* New translations settings.php (Bosnian)
* New translations settings.php (Czech)
* New translations settings.php (Slovak)
* New translations settings.php (Danish)
* New translations settings.php (German)
* New translations settings.php (Hebrew)
* New translations settings.php (Hungarian)
* New translations settings.php (Italian)
* New translations settings.php (Korean)
* New translations settings.php (Lithuanian)
* New translations settings.php (Dutch)
* New translations settings.php (Portuguese)
* New translations settings.php (Russian)
* New translations settings.php (Slovenian)
* New translations settings.php (Latvian)
* New translations settings.php (Swedish)
* New translations settings.php (Turkish)
* New translations settings.php (Ukrainian)
* New translations settings.php (Chinese Simplified)
* New translations settings.php (Chinese Traditional)
* New translations settings.php (Vietnamese)
* New translations settings.php (Portuguese, Brazilian)
* New translations settings.php (Indonesian)
* New translations settings.php (Persian)
* New translations settings.php (Croatian)
* New translations validation.php (German Informal)
2021-10-25 15:01:32 +01:00
Dan Brown
fa466139f0
Updated translators before v21.10 release
2021-10-25 14:49:21 +01:00
Dan Brown
a75cfd1f25
Added estonian to language logic
2021-10-25 14:49:03 +01:00
Dan Brown
9c2b8057ab
New Crowdin updates ( #2983 )
...
* New translations auth.php (Polish)
* New translations common.php (Polish)
* New translations entities.php (Polish)
* New translations auth.php (Polish)
* New translations common.php (Polish)
* New translations settings.php (Polish)
* New translations validation.php (Polish)
* New translations activities.php (Estonian)
* New translations auth.php (Estonian)
* New translations common.php (Estonian)
* New translations components.php (Estonian)
* New translations entities.php (Estonian)
* New translations errors.php (Estonian)
* New translations pagination.php (Estonian)
* New translations passwords.php (Estonian)
* New translations settings.php (Estonian)
* New translations validation.php (Estonian)
* New translations activities.php (Estonian)
* New translations activities.php (Estonian)
* New translations auth.php (Estonian)
* New translations common.php (Estonian)
* New translations components.php (Estonian)
* New translations entities.php (Estonian)
* New translations pagination.php (Estonian)
* New translations passwords.php (Estonian)
* New translations entities.php (Estonian)
* New translations errors.php (Estonian)
* New translations validation.php (Estonian)
* New translations settings.php (Estonian)
* New translations auth.php (Estonian)
* New translations entities.php (Estonian)
* New translations passwords.php (Estonian)
* New translations settings.php (Estonian)
* New translations auth.php (Estonian)
* New translations entities.php (Estonian)
* New translations errors.php (Estonian)
* New translations settings.php (Estonian)
* New translations settings.php (Estonian)
* New translations errors.php (German)
* New translations errors.php (Portuguese, Brazilian)
* New translations errors.php (Swedish)
* New translations errors.php (Turkish)
* New translations errors.php (Ukrainian)
* New translations errors.php (Chinese Simplified)
* New translations errors.php (Chinese Traditional)
* New translations errors.php (Vietnamese)
* New translations errors.php (Indonesian)
* New translations errors.php (Slovak)
* New translations errors.php (Persian)
* New translations errors.php (Spanish, Argentina)
* New translations errors.php (Croatian)
* New translations errors.php (Latvian)
* New translations errors.php (Bosnian)
* New translations errors.php (Norwegian Bokmal)
* New translations errors.php (Slovenian)
* New translations errors.php (Russian)
* New translations errors.php (Estonian)
* New translations errors.php (Danish)
* New translations errors.php (French)
* New translations errors.php (Spanish)
* New translations errors.php (Arabic)
* New translations errors.php (Bulgarian)
* New translations errors.php (Catalan)
* New translations errors.php (Czech)
* New translations errors.php (Hebrew)
* New translations errors.php (Portuguese)
* New translations errors.php (Hungarian)
* New translations errors.php (Italian)
* New translations errors.php (Japanese)
* New translations errors.php (Korean)
* New translations errors.php (Lithuanian)
* New translations errors.php (Dutch)
* New translations errors.php (Polish)
* New translations errors.php (German Informal)
* New translations errors.php (Spanish)
* New translations auth.php (Estonian)
* New translations entities.php (Estonian)
* New translations errors.php (Estonian)
* New translations activities.php (Japanese)
* New translations activities.php (Japanese)
* New translations auth.php (Japanese)
* New translations components.php (Japanese)
* New translations passwords.php (Japanese)
* New translations errors.php (Estonian)
* New translations settings.php (Estonian)
* New translations validation.php (Estonian)
* New translations errors.php (French)
* New translations activities.php (Japanese)
* New translations settings.php (Japanese)
* New translations entities.php (Japanese)
* New translations settings.php (Japanese)
* New translations common.php (Japanese)
* New translations settings.php (Japanese)
* New translations settings.php (Japanese)
* New translations entities.php (Japanese)
* New translations settings.php (Japanese)
* New translations settings.php (Japanese)
* New translations entities.php (Japanese)
* New translations settings.php (Japanese)
* New translations common.php (Japanese)
* New translations errors.php (Polish)
* New translations auth.php (Estonian)
* New translations components.php (Estonian)
* New translations entities.php (Estonian)
* New translations validation.php (Estonian)
* New translations errors.php (Estonian)
* New translations settings.php (Estonian)
* New translations errors.php (Chinese Simplified)
* New translations auth.php (Japanese)
* New translations auth.php (Japanese)
* New translations common.php (Japanese)
* New translations entities.php (Japanese)
* New translations errors.php (Italian)
* New translations common.php (Japanese)
* New translations auth.php (Italian)
* New translations entities.php (Italian)
* New translations entities.php (Japanese)
* New translations settings.php (Japanese)
* New translations common.php (Japanese)
* New translations entities.php (Japanese)
* New translations entities.php (Estonian)
* New translations settings.php (Estonian)
* New translations validation.php (Japanese)
* New translations errors.php (Japanese)
* New translations validation.php (Japanese)
* New translations auth.php (Japanese)
* New translations settings.php (Japanese)
* New translations activities.php (Indonesian)
* New translations auth.php (Indonesian)
* New translations validation.php (Estonian)
* New translations settings.php (Estonian)
2021-10-25 13:51:27 +01:00
Dan Brown
31ba972cfc
Tweaked sidepart list item padding, Review of #3000
...
- Scoped padding change to just entity-list-items within the sidebar
side reduction of right-hand-padding to zero was causing other
entity-list-items, such as those in the homepage listing, would then
have no padding.
- Updated styles to use css logical properties to retain support for RTL
languages such as Arabic, where the whole interface flips around.
Related: https://css-tricks.com/css-logical-properties-and-values/
2021-10-23 22:03:03 +01:00
Dan Brown
f73b82ee57
Merge branch 'fix_sidebar_css' of https://github.com/ffranchina/BookStack into ffranchina-fix_sidebar_css
2021-10-23 21:54:25 +01:00
Dan Brown
98072ba4a9
Reviewed SAML SLS changes for ADFS, #2902
...
- Migrated env usages to config.
- Removed potentially unneeded config options or auto-set signed options
based upon provision of certificate.
- Aligned SP certificate env option naming with similar IDP option.
Tested via AFDS on windows server 2019. To test on other providers.
2021-10-23 17:26:01 +01:00
Francesco Franchina
0b15e2bf1c
Fixes padding issues of the sidebar's items
2021-10-22 01:34:41 +02:00
Dan Brown
2e9ac21b38
Merge branch 'master' of https://github.com/theodor-franke/BookStack into theodor-franke-master
2021-10-21 14:04:23 +01:00
Dan Brown
129f3286d9
Applied styleci changes
2021-10-20 13:40:27 +01:00
Dan Brown
fe07cdaa06
Merge pull request #2996 from BookStackApp/saml2_acs_session
...
Updated SAML ACS post to retain user session
2021-10-20 13:38:35 +01:00
Dan Brown
cdef1b3ab0
Updated SAML ACS post to retain user session
...
Session was being lost due to the callback POST request cookies
not being provided due to samesite=lax. This instead adds an additional
hop in the flow to route the request via a GET request so the session is
retained. SAML POST data is stored encrypted in cache via a unique ID
then pulled out straight afterwards, and restored into POST for the SAML
toolkit to validate.
Updated testing to cover.
2021-10-20 13:34:00 +01:00