Tim Düsterhus [Mon, 17 Apr 2023 17:27:24 +0000 (19:27 +0200)]
Merge pull request #5409 from WoltLab/pending-packages
Remove incorrect modification of `$pendingPackages` in PackageInstallationNodeBuilder::buildRequirementNodes()
Alexander Ebert [Mon, 17 Apr 2023 16:59:35 +0000 (18:59 +0200)]
Merge pull request #5336 from WoltLab/first-time-setup
Improve FirstTimeSetup
Tim Düsterhus [Fri, 14 Apr 2023 15:02:45 +0000 (17:02 +0200)]
Fix PHPDoc comments for first time setup
Tim Düsterhus [Fri, 14 Apr 2023 14:57:38 +0000 (16:57 +0200)]
Remove incorrect `.externalURL` in firstTimeSetupCompleted
Alexander Ebert [Fri, 14 Apr 2023 14:36:47 +0000 (16:36 +0200)]
Hide the container for the license credentials when a skip is requested
Alexander Ebert [Fri, 14 Apr 2023 14:36:00 +0000 (16:36 +0200)]
Add the final step of the first time setup
Alexander Ebert [Sat, 8 Apr 2023 15:26:13 +0000 (17:26 +0200)]
Improve the UI/UX of the license form
Tim Düsterhus [Tue, 7 Mar 2023 10:29:51 +0000 (11:29 +0100)]
Add description to first time setup option forms
Tim Düsterhus [Tue, 7 Mar 2023 10:15:15 +0000 (11:15 +0100)]
Add `page_description` to first time setup
Tim Düsterhus [Tue, 7 Mar 2023 10:13:01 +0000 (11:13 +0100)]
Split email options into a separate page during first time setup
Tim Düsterhus [Mon, 6 Mar 2023 14:16:33 +0000 (15:16 +0100)]
Add FirstTimeSetupLicenseForm
Tim Düsterhus [Mon, 6 Mar 2023 13:54:47 +0000 (14:54 +0100)]
Drop active menu item in FirstTimeSetupOptionsForm
Tim Düsterhus [Mon, 6 Mar 2023 13:52:56 +0000 (14:52 +0100)]
Disallow accessing FirstTimeSetupOptionsForm once first time setup is completed
Tim Düsterhus [Mon, 6 Mar 2023 13:51:14 +0000 (14:51 +0100)]
Remove “Index” button in first time setup options template
Tim Düsterhus [Mon, 6 Mar 2023 13:47:15 +0000 (14:47 +0100)]
Split first time setup into multiple pages
Tim Düsterhus [Mon, 6 Mar 2023 13:24:27 +0000 (14:24 +0100)]
Remove privacy options from first time setup
The defaults are fine.
Tim Düsterhus [Mon, 6 Mar 2023 13:23:08 +0000 (14:23 +0100)]
Remove reCAPTCHA options from first time setup
The administrator likely does not have them at hand. Showing these fields thus
is likely not actionable to them and easily overwhelming when starting with a
completely new software.
Tim Düsterhus [Mon, 6 Mar 2023 13:21:54 +0000 (14:21 +0100)]
Redirect ACP IndexPage to FirstTimeSetup until submitted
Tim Düsterhus [Mon, 6 Mar 2023 13:11:46 +0000 (14:11 +0100)]
Add `first_time_setup_state` option
Tim Düsterhus [Mon, 6 Mar 2023 13:14:49 +0000 (14:14 +0100)]
Disable offline mode when completing FirstTimeSetup
Tim Düsterhus [Mon, 6 Mar 2023 13:14:33 +0000 (14:14 +0100)]
Automatically disable offline mode in developer mode setup
Tim Düsterhus [Mon, 6 Mar 2023 13:14:14 +0000 (14:14 +0100)]
Enable offline mode by default
Alexander Ebert [Mon, 17 Apr 2023 16:43:21 +0000 (18:43 +0200)]
Add a hint for possible errors in the custom CSS for the dark mode
Fixes #5378
Alexander Ebert [Mon, 17 Apr 2023 16:37:45 +0000 (18:37 +0200)]
Mark the style description as optional
Fixes #5379
Alexander Ebert [Mon, 17 Apr 2023 16:36:47 +0000 (18:36 +0200)]
Fix the import of updated styles
Fixes #5363
Marcel Werk [Mon, 17 Apr 2023 16:05:43 +0000 (18:05 +0200)]
Merge branch 'master' of https://github.com/WoltLab/WCF
Marcel Werk [Mon, 17 Apr 2023 16:05:35 +0000 (18:05 +0200)]
Fix indentation
Marcel Werk [Mon, 17 Apr 2023 16:04:39 +0000 (18:04 +0200)]
Add additional template event in comment list
Alexander Ebert [Mon, 17 Apr 2023 16:01:23 +0000 (18:01 +0200)]
Update the CSS for the mobile unread indicator
The HTML was overhauled but the CSS itself was still targeting the previous markup.
Fixes #5390
Alexander Ebert [Mon, 17 Apr 2023 15:46:27 +0000 (17:46 +0200)]
Fix the comparison and storing of style variables
Fixes #5377
Alexander Ebert [Mon, 17 Apr 2023 15:45:51 +0000 (17:45 +0200)]
Move the helper method for dark mode sensitive variables
Alexander Ebert [Mon, 17 Apr 2023 15:06:42 +0000 (17:06 +0200)]
Improve the filter for variables with a dark mode variant
Alexander Ebert [Mon, 17 Apr 2023 14:57:12 +0000 (16:57 +0200)]
Discard intermediate values for the dark mode values
Fixes #5398
Tim Düsterhus [Thu, 6 Apr 2023 09:32:52 +0000 (11:32 +0200)]
Remove incorrect modification of `$pendingPackages` in PackageInstallationNodeBuilder::buildRequirementNodes()
Previously the `$pendingPackages` were only used to resolve dependencies, thus
the exact position for registering the new version does not really matter.
However with
5df3e65185d4d3f1be7464b1999b949946a5c765 the version is also used
to select the correct update instructions.
Thus the new package version must only be registered after the nodes for the
package in question have actually been built, similarly to the change in
2406351b19c5fac66b8413ba1f6660a376b7e18f.
In fact the registration in `buildRequirementNodes()` is completely redundant
since commit
7ddf2af9528be4c114d4ad83b804c3529769f24c, as the new version will
be registered in `->buildNodes()` a few lines afterwards. The
`$pendingPackages` variable is not read in-between. Thus this will be our fix:
The incorrect line is simply removed without replacement.
Tim Düsterhus [Mon, 17 Apr 2023 13:48:13 +0000 (15:48 +0200)]
Fix package uninstallation
see #5426
Alexander Ebert [Mon, 17 Apr 2023 13:57:15 +0000 (15:57 +0200)]
Drop the intermediate field for custom SCSS code
Fixes #5398
Marcel Werk [Mon, 17 Apr 2023 13:38:52 +0000 (15:38 +0200)]
Merge branch 'master' of https://github.com/WoltLab/WCF
Marcel Werk [Mon, 17 Apr 2023 13:38:50 +0000 (15:38 +0200)]
Remove obsolete code
The primary entity is already set by the statement `itemprop="mainEntity"`.
Tim Düsterhus [Mon, 17 Apr 2023 13:35:22 +0000 (15:35 +0200)]
Merge pull request #5426 from WoltLab/update-safety-check
Add package update safety check with regard to version numbers
Alexander Ebert [Mon, 17 Apr 2023 13:30:24 +0000 (15:30 +0200)]
Fix the recognition of non namespaced variable values when editing a style
See #5376
Alexander Ebert [Mon, 17 Apr 2023 12:09:26 +0000 (14:09 +0200)]
Fixed the compilation of styles when editing them
Fixes #5376
Tim Düsterhus [Mon, 17 Apr 2023 12:07:02 +0000 (14:07 +0200)]
Add package update safety check with regard to version numbers
During a multi-package update, e.g. when upgrading to a new major release, the
entire installation plan is built upfront. Do to so the package system needs to
keep track of the to-be-installed packages and package versions to properly
resolve update instructions and dependencies.
This is done using the `PackageInstallationNodeBuilder::$pendingPackages`
variable which needs to be updated at exactly the right locations. Historically
there were a few issues with incorrect versions being stored in that variable
which in turn might cause the installation to use the wrong instructions based
on the wrong assumed version number.
To ensure that such a broken installation plan does not cause havoc, the
assumed version is now stored within the start marker node. When it's time to
actually install the package this assumed version is compared to the actual
version. If there's a mismatch, the update is aborted at a safe point: The
previous package is fully installed. For the current package with the wrongly
selected instructions no actual installation logic was performed yet. The admin
can retry the update and now the installation process will (hopefully) select
correct instructions when starting from a clean state.
see #5409
Tim Düsterhus [Mon, 17 Apr 2023 11:35:33 +0000 (13:35 +0200)]
Update composer dependencies
Alexander Ebert [Sun, 16 Apr 2023 18:33:25 +0000 (20:33 +0200)]
Slightly increase the spacing between a category and its first item
Alexander Ebert [Fri, 14 Apr 2023 13:47:34 +0000 (15:47 +0200)]
Use CSS classes for text alignment
Fixes WoltLab/editor#31
Tim Düsterhus [Fri, 14 Apr 2023 13:39:53 +0000 (15:39 +0200)]
Update fileDelete.xml
Alexander Ebert [Fri, 14 Apr 2023 13:39:59 +0000 (15:39 +0200)]
Align the generated HTML of quotes with the editor’s expectations
Fixes WoltLab/editor#32
Tim Düsterhus [Fri, 14 Apr 2023 13:20:32 +0000 (15:20 +0200)]
Add proper types to various RouteHandler symbols
Tim Düsterhus [Fri, 14 Apr 2023 13:17:36 +0000 (15:17 +0200)]
Change `protected` to `private` in RouteHandler
The RouteHandler is final anyway.
Tim Düsterhus [Fri, 14 Apr 2023 13:13:27 +0000 (15:13 +0200)]
Fix the use of route values using a PSR request
Tim Düsterhus [Fri, 14 Apr 2023 13:05:43 +0000 (15:05 +0200)]
Fix submit button in editHistory.tpl
Tim Düsterhus [Fri, 14 Apr 2023 12:56:56 +0000 (14:56 +0200)]
Fix PHP codestyle
Tim Düsterhus [Fri, 14 Apr 2023 12:41:23 +0000 (14:41 +0200)]
Move the “exception escapes from middleware” detection further out
Since
abd060c56250c1a340732b8180c90efd49727ee9 there should not be such an
exception even during routing, not just after the middleware stack terminates.
Marcel Werk [Fri, 14 Apr 2023 12:35:43 +0000 (14:35 +0200)]
Merge branch 'master' of https://github.com/WoltLab/WCF
Marcel Werk [Fri, 14 Apr 2023 12:35:37 +0000 (14:35 +0200)]
Remove AMP relict
Tim Düsterhus [Fri, 14 Apr 2023 12:34:42 +0000 (14:34 +0200)]
Merge branch '5.5'
Marcel Werk [Fri, 14 Apr 2023 12:21:02 +0000 (14:21 +0200)]
Merge pull request #5425 from WoltLab/farewell-amp
Drop AMP support
Marcel Werk [Fri, 14 Apr 2023 12:07:39 +0000 (14:07 +0200)]
Drop support for AMP
Marcel Werk [Fri, 14 Apr 2023 12:07:20 +0000 (14:07 +0200)]
Redirect amp page to normal page
Alexander Ebert [Fri, 14 Apr 2023 12:05:55 +0000 (14:05 +0200)]
Release 5.5.11 dev 1
Tim Düsterhus [Fri, 14 Apr 2023 12:00:32 +0000 (14:00 +0200)]
Merge pull request #5418 from WoltLab/middleware-error-handling
Stop using Exceptions to return error responses outside of a controller
Tim Düsterhus [Fri, 14 Apr 2023 11:59:41 +0000 (13:59 +0200)]
Merge pull request #5424 from WoltLab/wcf-node-identifier-generation
Improve performance of `<wcfNode-*>` identifier generation
Tim Düsterhus [Thu, 13 Apr 2023 15:11:02 +0000 (17:11 +0200)]
Remove the final IllegalLinkException from RequestHandler::handle()
Tim Düsterhus [Thu, 13 Apr 2023 15:09:41 +0000 (17:09 +0200)]
Create the PSR request before checking if any route matches in RequestHandler::handle()
Tim Düsterhus [Thu, 13 Apr 2023 15:07:31 +0000 (17:07 +0200)]
Leverage the NotFoundHandler in RequestHandler::buildRequest()
Tim Düsterhus [Thu, 13 Apr 2023 14:51:46 +0000 (16:51 +0200)]
Prefer JSON error responses over HTML
Tim Düsterhus [Thu, 13 Apr 2023 14:45:49 +0000 (16:45 +0200)]
Send the exception in JSON response in error controllers
Tim Düsterhus [Thu, 13 Apr 2023 14:44:16 +0000 (16:44 +0200)]
Accept `exception` in JSON error responses
This is a replacement for the separate file, line, stacktrace and previous
fields and matches the HTML version of these error responses.
Tim Düsterhus [Thu, 13 Apr 2023 14:22:36 +0000 (16:22 +0200)]
Stop wrapping selected exceptions into an AJAXException
These exceptions are converted into clean responses using the HandleExceptions
middleware.
Tim Düsterhus [Thu, 13 Apr 2023 14:18:42 +0000 (16:18 +0200)]
Do not require the `previous` array in JSON error responses
Tim Düsterhus [Thu, 13 Apr 2023 14:03:08 +0000 (16:03 +0200)]
Revert "Add FixAcceptHeader middleware"
This does not appear to be generally useful. The JavaScript was modified to
send appropriate headers now.
This reverts commit
fcdb3da3976359f8077c2f3a5ef2af5ebdd2d89c.
Tim Düsterhus [Thu, 13 Apr 2023 14:01:52 +0000 (16:01 +0200)]
Set explicit `Accept` header in Ajax/Request.ts
Tim Düsterhus [Thu, 13 Apr 2023 14:00:21 +0000 (16:00 +0200)]
Set explicit `accept` header in DboAction.ts
Tim Düsterhus [Thu, 13 Apr 2023 12:29:08 +0000 (14:29 +0200)]
Add a dummy exception in ErrorDetail::fromMessage()
Tim Düsterhus [Thu, 13 Apr 2023 11:53:53 +0000 (13:53 +0200)]
Detect exceptions that erroneously escape the middleware stack
Tim Düsterhus [Thu, 13 Apr 2023 10:46:04 +0000 (12:46 +0200)]
Add FixAcceptHeader middleware
Tim Düsterhus [Thu, 13 Apr 2023 12:18:05 +0000 (14:18 +0200)]
Add XsrfValidationFailedHandler
Tim Düsterhus [Fri, 14 Apr 2023 11:53:49 +0000 (13:53 +0200)]
Merge pull request #5423 from WoltLab/wcf-node-autoloader
Stop needlessly invoking the autoloader to `<wcfNode-*>` tags
Tim Düsterhus [Fri, 14 Apr 2023 11:53:33 +0000 (13:53 +0200)]
Merge pull request #5422 from WoltLab/script-pip-directory
Unify package directory calculation of database and script PIP with file pip
Alexander Ebert [Fri, 14 Apr 2023 11:45:11 +0000 (13:45 +0200)]
Remove the legacy jQuery based comment implementation
Marcel Werk [Fri, 14 Apr 2023 11:38:41 +0000 (13:38 +0200)]
Merge branch 'master' of https://github.com/WoltLab/WCF
Marcel Werk [Fri, 14 Apr 2023 11:38:39 +0000 (13:38 +0200)]
Add disabled appearance for icon inside disabled elements
Tim Düsterhus [Fri, 14 Apr 2023 10:50:19 +0000 (12:50 +0200)]
Remove legacy `-o` suffix from icon name in UploadFile::getIconName()
Fixes #5406
Tim Düsterhus [Fri, 14 Apr 2023 09:29:42 +0000 (11:29 +0200)]
Improve performance of `<wcfNode-*>` identifier generation
StringUtil::getRandomID() leverages the CSPRNG and constant time encoder to
generate IDs which is the secure, but slow, default choice.
For generation of the identifiers of `<wcfNode-*>` it is not required that the
values are absolutely unguessable, instead uniqueness and reasonable
unpredictability is sufficient, especially as the values are regenerated for
every request.
For content with a large number of BBCodes the overhead of a secure ID
generation can add up:
For a post with 300 BBCodes that is rendered 50 times the old ID generator
resulted in ~3300ms total rendering time, whereas the new ID generator with PHP
8.2 (thus leveraging xoshiro256**) is down to ~2500ms, a 25% reduction. However
even with PHP 8.1 the new generator will be faster, because it does not use the
constant time encoder. It will become even faster if PHP 8.2 is required and
the extra `$engine` closure can be removed.
Tim Düsterhus [Fri, 14 Apr 2023 08:31:46 +0000 (10:31 +0200)]
Stop needlessly invoking the autoloader to `<wcfNode-*>` tags
These node names are randomly generated and will never match an existing class.
In fact the tag name transformation did not even result in valid classnames in
the majority of cases, because the randomly generated ID might start with a
number, thus including a hyphen in the classname.
Stop needlessly invoking the autoloader, and thus accessing the disk, for these
tags.
Tim Düsterhus [Fri, 14 Apr 2023 08:03:14 +0000 (10:03 +0200)]
Unify package directory calculation of database and script PIP with file pip
Fixes #5392
Alexander Ebert [Thu, 13 Apr 2023 13:24:44 +0000 (15:24 +0200)]
Merge branch '5.5'
Alexander Ebert [Thu, 13 Apr 2023 13:24:30 +0000 (15:24 +0200)]
Merge pull request #5420 from darkwood-studios/5.5
added new articleLikeButtons template event to article template
Tim Düsterhus [Thu, 13 Apr 2023 09:29:09 +0000 (11:29 +0200)]
Replace the use of Exceptions in middlewares
This is problematic, because Exceptions will skip the response direction of the
middleware stack. Instead appropriate responses are either generated directly
or forwarded to an appropriate request handler.
Tim Düsterhus [Wed, 12 Apr 2023 13:25:13 +0000 (15:25 +0200)]
Add HandleExceptions middleware with request handlers to generate error responses
This allows controllers to still leverage Exception, but prevents the
Exceptions from skipping the response direction of the middleware stack.
Tim Düsterhus [Thu, 13 Apr 2023 10:25:49 +0000 (12:25 +0200)]
Fix JavaScript relocation in HTML responses in middlewares
Tim Düsterhus [Thu, 13 Apr 2023 07:49:45 +0000 (09:49 +0200)]
Add HeaderUtil::parseOutputStream()
Tim Düsterhus [Thu, 13 Apr 2023 08:58:27 +0000 (10:58 +0200)]
Merge branch '5.5'
Tim Düsterhus [Thu, 13 Apr 2023 08:57:20 +0000 (10:57 +0200)]
Re-randomize cronjobs when upgrading to 6.0
see #5202
see #4678
daniel [Thu, 13 Apr 2023 07:46:30 +0000 (09:46 +0200)]
added new articleLikeButtons template event to article template
WoltLab [Thu, 13 Apr 2023 07:20:19 +0000 (07:20 +0000)]
Updating minified JavaScript files
Alexander Ebert [Wed, 12 Apr 2023 15:18:35 +0000 (17:18 +0200)]
Merge pull request #5410 from WoltLab/ckeditor5-translations
Add the localization files for CKEditor 5
Alexander Ebert [Wed, 12 Apr 2023 13:22:35 +0000 (15:22 +0200)]
Improve the readability of the code for CKEditor localizations
Alexander Ebert [Fri, 7 Apr 2023 20:23:13 +0000 (22:23 +0200)]
Explicitly force the editor language
CKEditor implicitly detects an available translation, but only if it is defined first. Explicitly setting the language avoids any race conditions that could take place.
Alexander Ebert [Fri, 7 Apr 2023 16:02:50 +0000 (18:02 +0200)]
Rebuild the CKEditor 5 bundle to match the exported localization