Tim Düsterhus [Mon, 20 Sep 2021 14:35:35 +0000 (16:35 +0200)]
Merge branch '5.4'
Tim Düsterhus [Mon, 20 Sep 2021 14:23:41 +0000 (16:23 +0200)]
Fix return type for SeekableIterator::* implementations
The `mixed` type is not available with our current minimum PHP version, thus
using ReturnTypeWillChange for these.
Tim Düsterhus [Mon, 20 Sep 2021 14:09:45 +0000 (16:09 +0200)]
Update composer dependencies
Tim Düsterhus [Mon, 20 Sep 2021 14:07:25 +0000 (16:07 +0200)]
Update scssphp/scssphp to 1.8.1
This is for PHP 8.1 compatibility.
Tim Düsterhus [Mon, 20 Sep 2021 14:07:04 +0000 (16:07 +0200)]
Merge branch '5.4'
Tim Düsterhus [Mon, 20 Sep 2021 14:01:02 +0000 (16:01 +0200)]
Move scssphp to the WoltLab fork
This is for PHP 8.1 compatibility.
Alexander Ebert [Mon, 20 Sep 2021 13:58:59 +0000 (15:58 +0200)]
Merge branch '5.4' of https://github.com/WoltLab/WCF into 5.4
Alexander Ebert [Mon, 20 Sep 2021 13:58:51 +0000 (15:58 +0200)]
Enable `X-Frame-Options` for the WCFSetup
This has the side effect of suppressing `SameSite=none` for the cookies, which fails on insecure connections because this attribute value is valid for secure cookies only.
Resolves #4499
Follow up for
2a9d48c4badc4de2e0f2d2fc73c3af2bee39cce8
Tim Düsterhus [Mon, 20 Sep 2021 13:48:48 +0000 (15:48 +0200)]
Merge branch '5.4'
Tim Düsterhus [Mon, 20 Sep 2021 13:48:03 +0000 (15:48 +0200)]
Fix return type of `count()` for the remaining classes implementing \Countable
see
3f6b343d10b044ab08d41fec525f69ffe0a95e49
Tim Düsterhus [Mon, 20 Sep 2021 13:44:14 +0000 (15:44 +0200)]
Fix PHP 8.1 compatibility in DatabaseObjectList
> Return type of wcf\data\DatabaseObjectList::count() should either be
> compatible with Countable::count(): int, or the #[ReturnTypeWillChange]
> attribute should be used to temporarily suppress the notice […]
Tim Düsterhus [Mon, 20 Sep 2021 13:36:51 +0000 (15:36 +0200)]
Merge branch '5.4'
Alexander Ebert [Mon, 20 Sep 2021 13:31:54 +0000 (15:31 +0200)]
Enable `X-Frame-Options` for the WCFSetup
This has the side effect of suppressing `SameSite=none` for the cookies, which fails on insecure connections because this attribute value is valid for secure cookies only.
Resolves #4499
Alexander Ebert [Mon, 20 Sep 2021 12:17:50 +0000 (14:17 +0200)]
Skip the default cover photo when rebuilding users
Fixes #4500
Tim Düsterhus [Mon, 20 Sep 2021 11:37:54 +0000 (13:37 +0200)]
Set the XSRF-Token cookie to SameSite=lax
As it turns out, `strict` is too strict for some use cases of the average user,
as it might suppress the cookie when the user researches something while
writing a post and ultimately comes back to the community via an external link.
This request will not have the XSRF-Token cookie attached due to violating the
`strict` policy, resulting in WoltLab Suite sending a fresh cookie in response.
This will then invalidate the token stored in the form where the user is in the
process of writing their post, ultimately resulting in an error message.
The `SameSite` value is meant as a defense in depth measure to protect the user
even if they current token leaked in some way. Reducing the strictness does not
reduce the security in a measurable way.
joshuaruesweg [Mon, 20 Sep 2021 09:55:10 +0000 (11:55 +0200)]
Fix `sprintf` parameter types
Marcel Werk [Fri, 17 Sep 2021 13:23:39 +0000 (15:23 +0200)]
Merge pull request #4498 from WoltLab/5.5-notifications-for-comments-in-subscribed-article-categories
Notification about article comments by subscribing to the category
Marcel Werk [Fri, 17 Sep 2021 12:15:30 +0000 (14:15 +0200)]
Typo
joshuaruesweg [Mon, 13 Sep 2021 09:42:37 +0000 (11:42 +0200)]
Add notification for comments in subscribed article categories
joshuaruesweg [Mon, 13 Sep 2021 08:35:40 +0000 (10:35 +0200)]
Add `$user` parameter to `canRead()` for articles
joshuaruesweg [Mon, 13 Sep 2021 07:48:24 +0000 (09:48 +0200)]
Add `getSubscribedUserIDs()` function for article categories
Alexander Ebert [Sat, 11 Sep 2021 15:07:45 +0000 (17:07 +0200)]
Merge branch '5.4'
Alexander Ebert [Sat, 11 Sep 2021 15:07:28 +0000 (17:07 +0200)]
Merge branch '5.3' into 5.4
Alexander Ebert [Sat, 11 Sep 2021 15:05:59 +0000 (17:05 +0200)]
Merge pull request #4496 from mutec/tagfieldfdp1
fix id of `CustomFormDataProcessor` in `TagFormField`
mutec [Fri, 10 Sep 2021 14:49:57 +0000 (16:49 +0200)]
fix id of `CustomFormDataProcessor` in `TagFormField`
the id was `acl` which seems to be a copy paste-mistake
Alexander Ebert [Thu, 9 Sep 2021 12:35:17 +0000 (14:35 +0200)]
Removed unnecessary type assertions
Alexander Ebert [Thu, 9 Sep 2021 12:19:57 +0000 (14:19 +0200)]
Rebuilt the compiled JavaScript
Alexander Ebert [Thu, 9 Sep 2021 12:19:27 +0000 (14:19 +0200)]
Merge branch '5.4'
Alexander Ebert [Thu, 9 Sep 2021 11:47:17 +0000 (13:47 +0200)]
Incorrect code style
Alexander Ebert [Thu, 9 Sep 2021 11:42:47 +0000 (13:42 +0200)]
Adjusted the `tab_width` for *.css/*.scss
Alexander Ebert [Thu, 9 Sep 2021 11:35:31 +0000 (13:35 +0200)]
Explicitly reduce the indent size of *.css/*.scss
Joshua Rüsweg [Thu, 9 Sep 2021 10:21:24 +0000 (12:21 +0200)]
Merge pull request #4494 from WoltLab/5.5-sql-installation-cleanup
Force overwrite unknown database tables using a known prefix
Alexander Ebert [Thu, 9 Sep 2021 09:59:36 +0000 (11:59 +0200)]
Merge branch '5.4'
Alexander Ebert [Thu, 9 Sep 2021 09:58:15 +0000 (11:58 +0200)]
Merge branch '5.3' into 5.4
Alexander Ebert [Thu, 9 Sep 2021 09:58:00 +0000 (11:58 +0200)]
Merge branch '5.2' into 5.3
Alexander Ebert [Thu, 9 Sep 2021 09:56:06 +0000 (11:56 +0200)]
Merge branch '5.3' into 5.4
Alexander Ebert [Thu, 9 Sep 2021 09:50:40 +0000 (11:50 +0200)]
Merge pull request #4495 from Fabii547/patch-79
Fix writing `runStandalone` attribute to package.xml
Alexander Ebert [Thu, 9 Sep 2021 09:47:02 +0000 (11:47 +0200)]
Merge pull request #4493 from WoltLab/5.3-aclformfieldcleanup
Reset ACL field values within form cleanup
Fabii547 [Thu, 9 Sep 2021 08:28:36 +0000 (10:28 +0200)]
Fix writing `runStandalone` attribute to package.xml
joshuaruesweg [Wed, 8 Sep 2021 14:17:50 +0000 (16:17 +0200)]
Force overwrite unknown database tables using a known prefix
Closes #4410
Alexander Ebert [Wed, 8 Sep 2021 13:38:46 +0000 (15:38 +0200)]
Release 5.4.7
Alexander Ebert [Wed, 8 Sep 2021 12:13:30 +0000 (14:13 +0200)]
Release 5.3.14
Alexander Ebert [Wed, 8 Sep 2021 12:05:13 +0000 (14:05 +0200)]
Incorrect use of spaces for indentation in <5.4
Alexander Ebert [Sun, 8 Aug 2021 09:29:26 +0000 (11:29 +0200)]
Sandbox `foreachVars` in templates
Nesting the same template inside a `foreach` loop that is also accessed inside the nested call will overwrite the values from the outer template due to identical identifiers being used.
The sandbox did not protected `$this->foreachVars` despite being stateful.
See #4431
Fixes #4444
joshuaruesweg [Wed, 8 Sep 2021 11:53:42 +0000 (13:53 +0200)]
Reset ACL field values within form cleanup
joshuaruesweg [Wed, 8 Sep 2021 11:51:29 +0000 (13:51 +0200)]
Remove empty lines
Alexander Ebert [Tue, 7 Sep 2021 21:01:22 +0000 (23:01 +0200)]
Release 5.4.7 RC 2
Alexander Ebert [Tue, 7 Sep 2021 21:00:29 +0000 (23:00 +0200)]
Replaced a hard-wired color value, Safari fix
Alexander Ebert [Tue, 7 Sep 2021 11:33:58 +0000 (13:33 +0200)]
Release 5.4.7 RC 1
Alexander Ebert [Tue, 7 Sep 2021 11:32:43 +0000 (13:32 +0200)]
Merge branch '5.4' of https://github.com/WoltLab/WCF into 5.4
WoltLab [Tue, 7 Sep 2021 11:30:44 +0000 (11:30 +0000)]
Updating minified JavaScript files
Alexander Ebert [Tue, 7 Sep 2021 11:28:49 +0000 (13:28 +0200)]
Removed the upgrade instructions for 5.3.*
This greatly reduces the size of the update packages. Upgrade from 5.3 will still work, but will upgrade to 5.4.6 only and then apply the remaining updates.
Alexander Ebert [Tue, 7 Sep 2021 11:21:01 +0000 (13:21 +0200)]
Check against the current menu item during editing only
Joshua Rüsweg [Tue, 7 Sep 2021 10:28:25 +0000 (12:28 +0200)]
Merge pull request #4492 from WoltLab/5.5-packageExcludeSpecification
5.5 package exclude specification
Joshua Rüsweg [Tue, 7 Sep 2021 10:28:18 +0000 (12:28 +0200)]
Make condition more readable
Co-authored-by: Alexander Ebert <ebert@woltlab.com>
joshuaruesweg [Mon, 6 Sep 2021 14:21:50 +0000 (16:21 +0200)]
Add explicit support for `*` in excludedPackages
Closes #4149
joshuaruesweg [Mon, 6 Sep 2021 13:35:31 +0000 (15:35 +0200)]
Add validation for the version of excluded packages
See #4149
Joshua Rüsweg [Sat, 4 Sep 2021 10:24:10 +0000 (12:24 +0200)]
Merge pull request #4491 from Fighter456/devtools-language-fix
Fix miswording in language variable of devtools
Dennis Kraffczyk [Sat, 4 Sep 2021 10:11:50 +0000 (12:11 +0200)]
Fix miswording in language variable of devtools
The german language variable `wcf.acp.pip.page.name.description` uses the word `Boxname` but is used in the `PagePackageInstallationPlugin`.
joshuaruesweg [Fri, 3 Sep 2021 15:26:27 +0000 (17:26 +0200)]
Create page conditions during page add/edit
Marcel Werk [Thu, 2 Sep 2021 13:55:21 +0000 (15:55 +0200)]
Merge branch '5.3' into 5.4
Marcel Werk [Thu, 2 Sep 2021 13:54:36 +0000 (15:54 +0200)]
New link format for Facebook videos
Alexander Ebert [Thu, 2 Sep 2021 13:30:30 +0000 (15:30 +0200)]
Merge pull request #4489 from WoltLab/5.5-boxen-condition-system
Box Visibility Conditions
joshuaruesweg [Thu, 2 Sep 2021 09:37:18 +0000 (11:37 +0200)]
Add file delete update instructions for `LikeUserRebuildDataWorker`
See
7e3ae784ddaaaa77721f96958c86bcdeb2381070
joshuaruesweg [Thu, 2 Sep 2021 09:35:18 +0000 (11:35 +0200)]
Delete `LikeUserRebuildDataWorker`
Closes #4418
joshuaruesweg [Thu, 2 Sep 2021 09:05:36 +0000 (11:05 +0200)]
Apply suggestions from code review
joshuaruesweg [Wed, 1 Sep 2021 13:29:23 +0000 (15:29 +0200)]
Fix reverse logic logic
joshuaruesweg [Wed, 1 Sep 2021 13:14:00 +0000 (15:14 +0200)]
Add update script for box conditions
Alexander Ebert [Tue, 31 Aug 2021 20:31:14 +0000 (22:31 +0200)]
`exif` was not listed as a required extension
Alexander Ebert [Tue, 31 Aug 2021 20:29:15 +0000 (22:29 +0200)]
Typo (missing comma)
Alexander Ebert [Tue, 31 Aug 2021 20:04:47 +0000 (22:04 +0200)]
Merge pull request #4487 from WoltLab/npm
Upgrade npm dependencies
Alexander Ebert [Tue, 31 Aug 2021 14:52:04 +0000 (16:52 +0200)]
Release 5.4.6
Alexander Ebert [Tue, 31 Aug 2021 14:33:48 +0000 (16:33 +0200)]
Release 5.4.5
Alexander Ebert [Tue, 31 Aug 2021 14:20:29 +0000 (16:20 +0200)]
Release 5.4.5
joshuaruesweg [Tue, 31 Aug 2021 14:09:44 +0000 (16:09 +0200)]
Cleanup code
Alexander Ebert [Tue, 31 Aug 2021 13:57:40 +0000 (15:57 +0200)]
Merge branch '5.3' into 5.4
Alexander Ebert [Tue, 31 Aug 2021 12:49:21 +0000 (14:49 +0200)]
Release 5.3.13
WoltLab [Tue, 31 Aug 2021 12:35:22 +0000 (12:35 +0000)]
Updating minified JavaScript files
Alexander Ebert [Tue, 31 Aug 2021 12:32:44 +0000 (14:32 +0200)]
Merge branch '5.2' into 5.3
Alexander Ebert [Tue, 31 Aug 2021 11:40:31 +0000 (13:40 +0200)]
Release 5.2.15
Alexander Ebert [Tue, 31 Aug 2021 11:31:31 +0000 (13:31 +0200)]
Merge branch '3.1' into 5.2
Alexander Ebert [Tue, 31 Aug 2021 10:32:33 +0000 (12:32 +0200)]
Release 3.1.23
joshuaruesweg [Tue, 31 Aug 2021 09:59:08 +0000 (11:59 +0200)]
Specify condition methods
joshuaruesweg [Tue, 31 Aug 2021 08:25:25 +0000 (10:25 +0200)]
Replace page selections with condition selection
Tim Düsterhus [Mon, 30 Aug 2021 10:33:04 +0000 (12:33 +0200)]
Satisfy eslint
Tim Düsterhus [Mon, 30 Aug 2021 10:08:35 +0000 (12:08 +0200)]
Run prettier
Tim Düsterhus [Mon, 30 Aug 2021 09:50:56 +0000 (11:50 +0200)]
Upgrade TypeScript
Tim Düsterhus [Mon, 30 Aug 2021 09:48:16 +0000 (11:48 +0200)]
Update all npm dependendencies except TypeScript itself
joshuaruesweg [Mon, 30 Aug 2021 08:28:33 +0000 (10:28 +0200)]
Add condition handling for boxes
Tim Düsterhus [Mon, 30 Aug 2021 07:36:43 +0000 (09:36 +0200)]
Merge pull request #4485 from WoltLab/deprecated-request-isexecuted
Deprecate Request::isExecuted()
Tim Düsterhus [Fri, 27 Aug 2021 14:35:20 +0000 (16:35 +0200)]
Deprecate Request::isExecuted()
Tim Düsterhus [Fri, 27 Aug 2021 13:00:46 +0000 (15:00 +0200)]
Merge pull request #4477 from WoltLab/xfo-deprecated
Deprecate HTTP_SEND_X_FRAME_OPTIONS
Tim Düsterhus [Fri, 27 Aug 2021 12:56:17 +0000 (14:56 +0200)]
Add warning to IndexPage if HTTP_SEND_X_FRAME_OPTIONS is disabled
Tim Düsterhus [Wed, 25 Aug 2021 10:20:45 +0000 (12:20 +0200)]
Deprecate HTTP_SEND_X_FRAME_OPTIONS
Resolves #4474
Tim Düsterhus [Fri, 27 Aug 2021 11:57:26 +0000 (13:57 +0200)]
Call `finalizeLog` for all exceptions within a chain
Tim Düsterhus [Fri, 27 Aug 2021 11:56:54 +0000 (13:56 +0200)]
Make ILoggingAwareException extend the \Throwable interface
Tim Düsterhus [Fri, 27 Aug 2021 11:32:51 +0000 (13:32 +0200)]
Merge pull request #4483 from WoltLab/search-exception
Add SearchFailed exception
Tim Düsterhus [Fri, 27 Aug 2021 11:32:44 +0000 (13:32 +0200)]
Merge pull request #4482 from WoltLab/innodb-search
Remove checks for InnoDB search engine
Alexander Ebert [Fri, 27 Aug 2021 10:43:18 +0000 (12:43 +0200)]
Release 5.4.5 RC 1
Tim Düsterhus [Fri, 27 Aug 2021 10:06:07 +0000 (12:06 +0200)]
Clean up the objectTypes emptiness check in MysqlSearchEngine
projects / GitHub / WoltLab / WCF.git / log