Alexander Ebert [Mon, 18 Sep 2023 13:07:28 +0000 (15:07 +0200)]
Merge branch '5.4' into 5.5
Alexander Ebert [Mon, 18 Sep 2023 12:22:14 +0000 (14:22 +0200)]
Release 5.4.32
Alexander Ebert [Mon, 18 Sep 2023 12:15:08 +0000 (14:15 +0200)]
Improve the visuals of outstanding updates
Tim Düsterhus [Fri, 15 Sep 2023 08:52:36 +0000 (10:52 +0200)]
Update `@types` dependencies
Marcel Werk [Wed, 13 Sep 2023 14:54:09 +0000 (16:54 +0200)]
Fix search issue when some types are not accessible
ref https://www.woltlab.com/community/thread/301563-suchbereich-alles-funktioniert-in-bestimmten-konstellationen-nicht/
Alexander Ebert [Mon, 11 Sep 2023 17:11:30 +0000 (19:11 +0200)]
Merge pull request #5649 from WoltLab/experimental-upgrade
Enable the experimental upgrade to 6.0
Alexander Ebert [Mon, 11 Sep 2023 15:13:04 +0000 (17:13 +0200)]
Permit insecure access to the package servers for 5.5
Alexander Ebert [Mon, 11 Sep 2023 13:29:39 +0000 (15:29 +0200)]
Stop caring about PHP 7.2/7.3
Alexander Ebert [Mon, 11 Sep 2023 13:27:08 +0000 (15:27 +0200)]
Add checks for `Memcached` and the attachment storage
Alexander Ebert [Mon, 11 Sep 2023 12:16:50 +0000 (14:16 +0200)]
Add the license agreement for CKEditor 5
Alexander Ebert [Mon, 11 Sep 2023 12:12:40 +0000 (14:12 +0200)]
Add a check for legacy multi domain setups
Alexander Ebert [Mon, 11 Sep 2023 12:08:35 +0000 (14:08 +0200)]
Add support for the test upgrade from 5.5 to 6.0
Alexander Ebert [Mon, 11 Sep 2023 12:05:17 +0000 (14:05 +0200)]
Update the pre-upgrade checks for 6.0
Tim Düsterhus [Tue, 5 Sep 2023 15:13:42 +0000 (17:13 +0200)]
Upgrade to `actions/checkout@v4`
Tim Düsterhus [Tue, 5 Sep 2023 12:55:39 +0000 (14:55 +0200)]
Update to `psr/http-message` 1.1
Tim Düsterhus [Fri, 1 Sep 2023 09:49:41 +0000 (11:49 +0200)]
Update tslib
Tim Düsterhus [Fri, 1 Sep 2023 09:48:41 +0000 (11:48 +0200)]
Update npm dependencies
Olaf Braun [Fri, 1 Sep 2023 09:40:28 +0000 (11:40 +0200)]
Fix UploadFormField::maximumImageHeight() (#5638)
`$maximumImageWidth` instead of `$maximumImageHeight` was overwritten.
[Tim: Rewritten the commit message]
Olaf Braun [Tue, 29 Aug 2023 10:03:19 +0000 (12:03 +0200)]
Fix validation in UploadFormField::maximumImageWidth()
Closes #5636
[Tim: rewritten the commit message]
Olaf Braun [Tue, 29 Aug 2023 10:02:41 +0000 (12:02 +0200)]
Fix validation in UploadFormField::maximumImageHeight()
see #5636
[Tim: rewritten the commit message]
Alexander Ebert [Fri, 25 Aug 2023 11:33:45 +0000 (13:33 +0200)]
Merge pull request #5629 from WoltLab/attachment-thumbnail-underflow
Prevent attempts to generate thumbnails for underflowing images
Alexander Ebert [Thu, 24 Aug 2023 16:10:14 +0000 (18:10 +0200)]
Prevent attempts to generate thumbnails for underflowing images
Alexander Ebert [Thu, 24 Aug 2023 16:09:55 +0000 (18:09 +0200)]
Reformat the condition to work around a formatter issue
Marcel Werk [Mon, 21 Aug 2023 09:51:26 +0000 (11:51 +0200)]
Add support for new Twitter (X) links
Alexander Ebert [Mon, 14 Aug 2023 09:55:01 +0000 (11:55 +0200)]
Merge branch '5.4' into 5.5
Alexander Ebert [Mon, 14 Aug 2023 09:54:27 +0000 (11:54 +0200)]
Fix the check of the maximum image height
See https://www.woltlab.com/community/thread/301107-fehler-in-uploadformfield/
Alexander Ebert [Fri, 4 Aug 2023 11:32:02 +0000 (13:32 +0200)]
Update the `aria-expanded` attribute when implicitly closing drop-down menus
Fixes #5553
Alexander Ebert [Fri, 4 Aug 2023 11:16:43 +0000 (13:16 +0200)]
Fix the handling of `NULL` values
See https://www.woltlab.com/community/thread/300917-neue-benutzergruppe-anlegen-funktioniert-nicht-mit-php-8-1x/
Alexander Ebert [Thu, 3 Aug 2023 11:40:42 +0000 (13:40 +0200)]
Prevent parallel executions of the store code installation
See https://www.woltlab.com/community/thread/300905/
Alexander Ebert [Thu, 3 Aug 2023 11:24:21 +0000 (13:24 +0200)]
Explicitly cast the thumbnail dimensions into int
The requested dimensions could be a result of a calculation that yields float values. `Imagick::thumbnailImage()` expects integers and will throw in PHP 8.1+ if it cannot safely cast them to int.
Tim Düsterhus [Wed, 2 Aug 2023 15:19:34 +0000 (17:19 +0200)]
Add `permissions` to GitHub Action Workflows
Tim Düsterhus [Wed, 2 Aug 2023 13:14:31 +0000 (15:14 +0200)]
Update some `@types` npm dependencies
Tim Düsterhus [Wed, 2 Aug 2023 13:00:30 +0000 (15:00 +0200)]
Stop abusing enums in Image/ExifUtil.ts
Tim Düsterhus [Wed, 2 Aug 2023 12:47:33 +0000 (14:47 +0200)]
Satisfy ESLint
Tim Düsterhus [Wed, 2 Aug 2023 12:33:27 +0000 (14:33 +0200)]
Upgrade typescript-eslint
Tim Düsterhus [Fri, 28 Jul 2023 13:59:45 +0000 (15:59 +0200)]
Update tslib
Tim Düsterhus [Fri, 28 Jul 2023 13:01:05 +0000 (15:01 +0200)]
Add missing `static` to FileUtil::extensionAllowsPhpExecution() definition
see #5593
Tim Düsterhus [Fri, 28 Jul 2023 12:34:45 +0000 (14:34 +0200)]
Merge pull request #5593 from WoltLab/fileutil-extensionAllowsPhpExecution
Add FileUtil::extensionAllowsPhpExecution()
Tim Düsterhus [Fri, 28 Jul 2023 11:57:50 +0000 (13:57 +0200)]
Perform a case-insensitive match in FileUtil::extensionAllowsPhpExecution()
Tim Düsterhus [Tue, 25 Jul 2023 14:32:10 +0000 (16:32 +0200)]
Add FileUtil::extensionAllowsPhpExecution()
see WoltLab/com.woltlab.gallery@
708e0a8707508c3e45b08ab6a8ae5083eabf00b7
Alexander Ebert [Tue, 25 Jul 2023 14:07:42 +0000 (16:07 +0200)]
Release 5.5.15
Alexander Ebert [Tue, 25 Jul 2023 14:07:16 +0000 (16:07 +0200)]
Merge branch '5.4' into 5.5
Alexander Ebert [Tue, 25 Jul 2023 14:06:36 +0000 (16:06 +0200)]
Release 5.4.31
Alexander Ebert [Tue, 25 Jul 2023 14:03:23 +0000 (16:03 +0200)]
Allow the news feed to open links in a new window
Marcel Werk [Tue, 25 Jul 2023 13:37:36 +0000 (15:37 +0200)]
When the month has 6 weeks the selected date was not marked correctly
Alexander Ebert [Tue, 25 Jul 2023 11:22:18 +0000 (13:22 +0200)]
Release 5.5.14
WoltLab [Tue, 25 Jul 2023 11:21:08 +0000 (11:21 +0000)]
Updating minified JavaScript files
Alexander Ebert [Tue, 25 Jul 2023 11:19:37 +0000 (13:19 +0200)]
Merge branch '5.4' into 5.5
Alexander Ebert [Tue, 25 Jul 2023 10:06:26 +0000 (12:06 +0200)]
Release 5.4.30
WoltLab [Tue, 25 Jul 2023 10:03:02 +0000 (10:03 +0000)]
Updating minified JavaScript files
Alexander Ebert [Tue, 25 Jul 2023 09:38:23 +0000 (11:38 +0200)]
Merge branch '5.4' into 5.5
Alexander Ebert [Tue, 25 Jul 2023 09:38:17 +0000 (11:38 +0200)]
Decrease the height of the news widget
Tim Düsterhus [Tue, 25 Jul 2023 09:22:46 +0000 (11:22 +0200)]
Merge branch '5.4' into 5.5
Tim Düsterhus [Tue, 25 Jul 2023 09:20:28 +0000 (11:20 +0200)]
Fix comma detection in Ui/ItemList/Static
This got broken during the TypeScript migration in
c04fd6ce08b40262c660d38dbd491c37aed49a89.
see https://www.woltlab.com/community/thread/300812-itemlist-static-separierung-per-komma-funktioniert-nicht/
Tim Düsterhus [Fri, 14 Jul 2023 08:28:50 +0000 (10:28 +0200)]
Fix truncation of Unicode string query parameters in Benchmark
This needs to use `mb_substr()`, as we checked UTF-8 validity before to use
`UNHEX()` with binary strings. Previously UTF-8 sequences might've been cut
short and the resulting invalid sequence cannot be JSON encoded, as JSON
requires strings to be valid UTF-8.
see https://www.woltlab.com/community/thread/298853-schwer-reproduzierbar-fehlermeldungen-beim-importieren-von-sprachdateien/
Alexander Ebert [Mon, 10 Jul 2023 10:04:39 +0000 (12:04 +0200)]
Merge branch '5.4' into 5.5
Alexander Ebert [Mon, 10 Jul 2023 09:59:31 +0000 (11:59 +0200)]
Migrate the ACP news from Twitter to woltlab.com
Tim Düsterhus [Tue, 4 Jul 2023 08:07:05 +0000 (10:07 +0200)]
Update tslib
Tim Düsterhus [Tue, 4 Jul 2023 07:59:09 +0000 (09:59 +0200)]
Update npm dependencies
Marcel Werk [Fri, 23 Jun 2023 15:25:19 +0000 (17:25 +0200)]
Fix typo
Tim Düsterhus [Wed, 21 Jun 2023 12:58:35 +0000 (14:58 +0200)]
Merge branch '5.4' into 5.5
Alexander Ebert [Wed, 21 Jun 2023 09:34:16 +0000 (11:34 +0200)]
Release 5.4.29
Alexander Ebert [Tue, 20 Jun 2023 11:49:04 +0000 (13:49 +0200)]
Release 5.5.13
Alexander Ebert [Tue, 20 Jun 2023 11:39:24 +0000 (13:39 +0200)]
Merge branch '5.4' into 5.5
Alexander Ebert [Tue, 20 Jun 2023 11:38:01 +0000 (13:38 +0200)]
Release 5.4.28
Marcel Werk [Mon, 19 Jun 2023 13:57:54 +0000 (15:57 +0200)]
Fixed bug when blocking an avatar, signature or cover photo
The error occurred when the "Permanently Block" checkbox was not set and no "Unblocking Date" was set.
Alexander Ebert [Fri, 16 Jun 2023 13:10:27 +0000 (15:10 +0200)]
Release 5.5.13 dev 1
WoltLab [Fri, 16 Jun 2023 12:49:42 +0000 (12:49 +0000)]
Updating minified JavaScript files
Tim Düsterhus [Thu, 15 Jun 2023 13:15:49 +0000 (15:15 +0200)]
Merge branch '5.4' into 5.5
Tim Düsterhus [Wed, 10 May 2023 13:25:38 +0000 (15:25 +0200)]
Drop the SameSite attribute from the XSRF-Token cookie to work around WebKit Bug 255524
It appears that Safari 16.4+ sometimes loses SameSite cookies without explicit
expiry when performing subrequests, e.g. to load JavaScript or when using
`fetch()`. The conditions apply to the XSRF-Token cookie. Now if one of the
subrequests hits the application, the application will hand out a fresh
XSRF-Token cookie, due to the cookie being missing. This results in spurious
changes of the XSRF-Token and thus error messages for the user.
According to comments in the WebKit Bug a workaround for the issue is not
providing a SameSite attribute at all and we leverage this workaround for the
time being: The SameSite attribute on the XSRF-Token cookie is a defense in
depth measure.
see https://bugs.webkit.org/show_bug.cgi?id=255524
see https://www.woltlab.com/community/thread/299769-fehlerhafter-xsrf-token/
(cherry picked from commit
832de3617df81b357430f8d99527dc34efd277a7)
Tim Düsterhus [Thu, 15 Jun 2023 07:43:10 +0000 (09:43 +0200)]
Fix wcf.acp.group.option.user.signature.maxLength in en.xml
see
32f9c5d95163e06c351ae63c700a25aac37a3d95
see
854c03cce023034ae43f252b2ca560aeeda7ca56
see https://www.woltlab.com/community/thread/300146-language-wcf-acp-group-option-user-signature-maxlength/
Tim Düsterhus [Wed, 14 Jun 2023 14:27:16 +0000 (16:27 +0200)]
Fix typo in de.xml
see https://www.woltlab.com/community/thread/300142-tippfehler-im-blockieren-dialog/
Tim Düsterhus [Tue, 13 Jun 2023 07:28:25 +0000 (09:28 +0200)]
Remove duplicated spaces in phrases
see https://www.woltlab.com/community/thread/300126-language-wcf-moderation-activation-notification-commentresponse-mail-html/
Alexander Ebert [Mon, 12 Jun 2023 17:23:35 +0000 (19:23 +0200)]
Add the missing plural s
See https://www.woltlab.com/community/thread/300065-language-wcf-user-notification-com-woltlab-wcf-page/
Alexander Ebert [Mon, 12 Jun 2023 15:24:30 +0000 (17:24 +0200)]
Update the embed code for Instagram
Tim Düsterhus [Tue, 6 Jun 2023 08:15:56 +0000 (10:15 +0200)]
Unify password to “Kennwort” in de.xml
Tim Düsterhus [Tue, 6 Jun 2023 08:13:23 +0000 (10:13 +0200)]
Fix `<label>` targets in userAdd.tpl
Tim Düsterhus [Mon, 5 Jun 2023 08:15:11 +0000 (10:15 +0200)]
Fix HTML syntax in pageHeaderUser.tpl
see
6e5b36526f992eb1f04fb4ebc28f3ae38bed6aff
Fixes #5532
Tim Düsterhus [Mon, 5 Jun 2023 07:23:33 +0000 (09:23 +0200)]
Fix incorrect quotation mark in en.xml
see https://www.woltlab.com/community/thread/300024-language-wcf-acp-user-sendmail-from-description/
Marcel Werk [Mon, 29 May 2023 11:51:36 +0000 (13:51 +0200)]
Fix multiple consistency issues in language phrases
Tim Düsterhus [Mon, 22 May 2023 10:22:25 +0000 (12:22 +0200)]
Update tslib
Tim Düsterhus [Fri, 19 May 2023 13:32:44 +0000 (15:32 +0200)]
Allow `style-src 'unsafe-inline'` in AttachmentPage
Marcel Werk [Wed, 17 May 2023 16:26:08 +0000 (18:26 +0200)]
Fix multiple consistency issues in language phrases
Alexander Ebert [Tue, 16 May 2023 15:02:52 +0000 (17:02 +0200)]
Release 5.5.12
Luke [Tue, 16 May 2023 14:22:10 +0000 (16:22 +0200)]
Fix missing informal variant in de.xml
Resolves #5511
[Tim: Opted to choose a slightly different fix and reworded the commit message]
Alexander Ebert [Sun, 12 Mar 2023 22:56:03 +0000 (23:56 +0100)]
Add a button to discard a selected icon
Fixes #5207
Alexander Ebert [Fri, 12 May 2023 16:27:19 +0000 (18:27 +0200)]
Release 5.5.12 dev 2
WoltLab [Fri, 12 May 2023 16:19:53 +0000 (16:19 +0000)]
Updating minified JavaScript files
Alexander Ebert [Fri, 12 May 2023 15:01:31 +0000 (17:01 +0200)]
Release 5.5.12 dev 1
Tim Düsterhus [Fri, 12 May 2023 09:00:23 +0000 (11:00 +0200)]
Merge pull request #5504 from WoltLab/mailbox-name
Improve handling of Mailboxes with empty names
Tim Düsterhus [Fri, 12 May 2023 07:37:40 +0000 (09:37 +0200)]
Do not emit empty names in Mailbox::__toString()
Likely depending on the MUA this will either emit the email address in the best
case or show an empty field. In any case, this will likely look a little odd to
spam filters and thus should be simplified to just the email address.
Tim Düsterhus [Fri, 12 May 2023 07:35:58 +0000 (09:35 +0200)]
Trim the human readable name of a Mailbox
Whitespace around the name is going to be a little wonky and this is in
preparation of a future change that detects and suppresses empty names.
Tim Düsterhus [Wed, 10 May 2023 13:25:38 +0000 (15:25 +0200)]
Drop the SameSite attribute from the XSRF-Token cookie to work around WebKit Bug 255524
It appears that Safari 16.4+ sometimes loses SameSite cookies without explicit
expiry when performing subrequests, e.g. to load JavaScript or when using
`fetch()`. The conditions apply to the XSRF-Token cookie. Now if one of the
subrequests hits the application, the application will hand out a fresh
XSRF-Token cookie, due to the cookie being missing. This results in spurious
changes of the XSRF-Token and thus error messages for the user.
According to comments in the WebKit Bug a workaround for the issue is not
providing a SameSite attribute at all and we leverage this workaround for the
time being: The SameSite attribute on the XSRF-Token cookie is a defense in
depth measure.
see https://bugs.webkit.org/show_bug.cgi?id=255524
see https://www.woltlab.com/community/thread/299769-fehlerhafter-xsrf-token/
Tim Düsterhus [Wed, 10 May 2023 11:54:05 +0000 (13:54 +0200)]
Update @types/google.maps
Tim Düsterhus [Wed, 10 May 2023 11:32:58 +0000 (13:32 +0200)]
Merge pull request #5501 from WoltLab/contentInteraction-print
Hide `.contentInteraction` in print CSS
Tim Düsterhus [Wed, 10 May 2023 10:21:22 +0000 (12:21 +0200)]
Hide `.contentInteraction` in print CSS
Marcel Werk [Tue, 9 May 2023 10:18:34 +0000 (12:18 +0200)]
Merge pull request #5496 from WoltLab/avatar-validation
Fix multiple validation issues during the avatar upload
Marcel Werk [Mon, 8 May 2023 15:18:26 +0000 (17:18 +0200)]
Fix validation of the image file type
Previously it was possible to upload any image (e.g. bmp) as avatars using a faked file extension.
Marcel Werk [Mon, 8 May 2023 15:15:40 +0000 (17:15 +0200)]
Proper handling of the case that no image was uploaded
Tim Düsterhus [Mon, 8 May 2023 10:09:37 +0000 (12:09 +0200)]
Fix titlecasing of “with” in page.xml
projects / GitHub / WoltLab / WCF.git / log