Commit Graph

4157 Commits

Author SHA1 Message Date
Daniël Klabbers
a0152ffb18
Dw/huntr fix path traversal (#2931)
* Fix Huntr vuln with possible directory traversal
* Use `active_url` in Laravel validator
2021-06-21 10:14:15 +02:00
David Wheatley
d1e38558c5
Fix image avatar alignment in notifications (#2906) 2021-06-11 12:13:57 +01:00
Daniël Klabbers
0cca808275
minor improvements to the security policy 2021-06-10 21:56:30 +02:00
Daniël Klabbers
5ee5f82e3d
huntr.dev as first point for security vuln (#2918)
* huntr.dev as first point for security vuln

* add badge for huntr.dev
2021-06-10 16:26:40 +02:00
Daniël Klabbers
9077fef5b2 clean up of composer.json, added funding and more support links 2021-06-08 01:58:37 +02:00
Daniël Klabbers
93cebec0be remove tidelift, we stopped doing that 2021-06-08 01:54:11 +02:00
Daniël Klabbers
a4a81c0ec2 Remove [forum] prefix in some mails
fixes #2515
2021-06-08 01:28:04 +02:00
David Wheatley
50dcfdb2a6
Mark typings as generated code (#2886) 2021-06-07 13:12:43 +01:00
flarum-bot
8149397850 Bundled output for commit 1ced907e52
Includes transpiled JS/TS, and Typescript declaration files (typings).

[skip ci]
2021-06-06 01:50:56 +00:00
David Wheatley
1ced907e52 npm audit fix 2021-06-06 02:47:58 +01:00
David Wheatley
17c5a40740 Update changelog 2021-06-06 02:44:32 +01:00
David Wheatley
440bed81b8 Fix XSS vulnerability 2021-06-06 02:41:48 +01:00
David Wheatley
eeb8fe1443 Update version constant to 1.0.2 2021-06-06 02:09:03 +01:00
Daniel Klabbers
11b1ab5932 update version constant for 1.0.2-dev 2021-06-02 09:10:01 +02:00
Daniel Klabbers
6f34c43dc1 v1.0.1 changelog and constant 2021-06-02 09:05:36 +02:00
luceos
8ced9eef45 Apply fixes from StyleCI
[ci skip] [skip ci]
2021-05-31 14:08:49 +00:00
Daniel Klabbers
8af52153e4 ref #2890, no longer using process and dump 2021-05-31 16:08:15 +02:00
Daniel Klabbers
2c5e5f13dd Revert "Revert "Squash core migrations (#2842)""
This reverts commit 16f3ae9d1e.
2021-05-31 15:49:20 +02:00
Daniel Klabbers
1bbfea4aa3 updated version constraint string 2021-05-29 22:42:28 +02:00
Daniel Klabbers
16f3ae9d1e Revert "Squash core migrations (#2842)"
This reverts commit 6ecca9565a.
2021-05-29 22:38:25 +02:00
Daniel Klabbers
a976a2118a changelog and version constraint fix for flarum/testing 2021-05-25 23:01:54 +02:00
Daniël Klabbers
9cecbe407f
Version constant for 1.0.0 (#2885) 2021-05-25 15:00:21 +02:00
Alexander Skvortsov
b3de5157fe Apply fixes from StyleCI
[ci skip] [skip ci]
2021-05-18 07:08:50 +00:00
Alexander Skvortsov
188dc98c4a Fix onOneServer, withoutOverlapping console scheduling options
Flarum doesn't fully use Laravel's cache system, but rather
creates and binds a single cache store.
See \Flarum\Foundation\InstalledSite::registerCache
Since certain config options (e.g. withoutOverlapping, onOneServer)
need the cache, we must override the cache factory we give to the scheduling
mutexes so it returns our single custom cache.
2021-05-18 03:08:32 -04:00
flarum-bot
bcc4545ce7 Bundled output for commit 9ee3cd6a18
Includes transpiled JS/TS, and Typescript declaration files (typings).

[skip ci]
2021-05-18 05:39:33 +00:00
Alexander Skvortsov
9ee3cd6a18 Fix insertText
In dd8323ee36, insertText was modified from the original to work with reply mentioning. This was done due to a misunderstanding of the API: the selection range isn't the selection to replace, but rather the final selection state after replacing the *current* selection with the text. This commit restores the original, correct implementation of insertText and instead adjusts the `insertBetween`method of BasicEditorDriver to set selection state before executing `insertText`.

Fixes https://github.com/flarum/core/issues/2877
2021-05-18 01:37:19 -04:00
Alexander Skvortsov
a5182a1454 Fix filesystem wrong method call
The proper method is `exists`, not `has`.
2021-05-17 18:04:08 -04:00
Daniel Klabbers
be7581c432 fix missing import of container for resolving the queue connection from ioc 2021-05-17 21:13:30 +02:00
flarum-bot
e855c49824 Bundled output for commit e010cbc319
Includes transpiled JS/TS, and Typescript declaration files (typings).

[skip ci]
2021-05-17 00:29:54 +00:00
David Wheatley
e010cbc319
Fix Badge className not being correctly set
Fixes group icons on Admin permissions page
2021-05-17 01:27:30 +01:00
David Wheatley
70f0c5b728
Update copyright date (#2863) 2021-05-16 19:10:33 -04:00
flarum-bot
1a34b85250 Bundled output for commit 1b8c77d034
Includes transpiled JS/TS, and Typescript declaration files (typings).

[skip ci]
2021-05-16 23:04:41 +00:00
SychO9
1b8c77d034 Remove Beta leftover warning code 2021-05-17 00:02:21 +01:00
Alexander Skvortsov
07b1a974cf Bump composer reqs for 1.0.0 2021-05-16 18:27:36 -04:00
flarum-bot
54319c0466 Bundled output for commit 9040e62c0e
Includes transpiled JS/TS, and Typescript declaration files (typings).

[skip ci]
2021-05-16 00:14:08 +00:00
Alexander Skvortsov
9040e62c0e Drop JS copyright blocks 2021-05-15 20:11:38 -04:00
flarum-bot
763bd7d244 Bundled output for commit 9b76c8f611
Includes transpiled JS/TS, and Typescript declaration files (typings).

[skip ci]
2021-05-15 23:09:46 +00:00
Alexander Skvortsov
9b76c8f611
Merge pull request #2867 from flarum/as/1.0-qa-fixes
Assorted 1.0 QA fixes
2021-05-15 19:07:41 -04:00
Alexander Skvortsov
fede3f9fc7 Fix glitchy group editing
Currently, when groups are edited, the new groups flicker, but the UI soon reverts to the old groups. This is because the returned API response has the old group values. This, in turn, is because we eager load groups, and when we sync the new group relation, that doesn't update the groups saved in memory. By unsetting the relation, we make sure the right groups are returned (and also available to the GroupsChanged event).

See https://github.com/flarum/core/issues/2514
2021-05-15 02:30:03 -04:00
Alexander Skvortsov
9eb74fdc8a Fix CustomFooterModal Appearance
The textarea in the CustomFooterModal was much larger than in the other appearance page modals, and did not use a monospaced font. Turns out the other 2 were explicitly specified in the less. This commit adds a class that can be applied to all these modals for simpler maintenance.

Fixes https://github.com/flarum/core/issues/2865
2021-05-14 21:36:06 -04:00
Alexander Skvortsov
05dda5b083 Fix KeyboardNavigatable
In b2d053f686, I tried to be clever and create a new KeyboardNavigatable object as a return value for `when`. My approach to cloning was incorrect, and caused the util to break entirely.

My original intent for having this "clone"-based behavior is that a single KeyboardNavigatable instance could be created with multiple listeners, and then "cloned" like this with different "activators" registered via "then" calls. In hindsight, this change introduces more issues than it solves: outside of just not working, the cloned "KeyboardNavigatable" instances have shared internal state (the set of callbacks), and each has write access to this internal state. This is a recipe for unpredictable behavior and confusing bugs, so best to keep things simple for now, and maybe introduce more functional behavior in later releases.

Fixes https://github.com/flarum/QualityAssurance/issues/25
2021-05-14 21:21:58 -04:00
Alexander Skvortsov
d1e987a240 Fix 0s in notification dropdown
By casting the length int to a bool, if there are no badges, we don't display a  0. It seems that mithril will render integers, but not booleans.

Fixes https://github.com/flarum/QualityAssurance/issues/28
2021-05-14 21:08:48 -04:00
Alexander Skvortsov
8ffeac4315 NotificationListState separate content method
This fixes an error where an empty notification list wouldn't show the "empty" text.

It also simplifies flow of logic and breaks the component up a bit for readability.
2021-05-14 21:04:26 -04:00
David Wheatley
dd3c203827
Update copyright year 2021-05-15 00:45:09 +01:00
flarum-bot
fc06c76e2c Bundled output for commit 13d341e014
Includes transpiled JS/TS, and Typescript declaration files (typings).

[skip ci]
2021-05-14 22:37:39 +00:00
Sami Mazouz
13d341e014
Use slugs for user pages (#2864) 2021-05-14 23:35:50 +01:00
Alexander Skvortsov
1d5d0688aa Fix "add numbered list" styleSelectedText action
Looks like I missed the `numberedLines` function used by the `orderedList` function in dd8323ee36
2021-05-14 18:35:11 -04:00
Sami Mazouz
1a19856c0c
Fix version update page (#2862)
* Binding closures only get the container instance as argument
2021-05-14 16:10:05 +01:00
SychO9
0236e1529e Update Application version constant to 1.0.0-dev 2021-05-13 22:19:01 +01:00
flarum-bot
947613a7e2 Bundled output for commit 88df26d722
Includes transpiled JS/TS, and Typescript declaration files (typings).

[skip ci]
2021-05-13 19:58:41 +00:00