Commit Graph

8550 Commits

Author SHA1 Message Date
Jeremy Benoist
cc17b3acaf
Update deps
Mostly to free `symfony/phpunit-bridge`.

Also raise minimum version of node to 20, v16 is unmaintained since October 2023.
2023-12-22 14:41:05 +01:00
Jérémy Benoist
60623246ae
Merge pull request #7006 from wallabag/release/2.6.7
Prepare 2.6.7 release
2023-10-02 14:21:29 +02:00
Jeremy Benoist
fa107116cc
Prepare 2.6.7 release 2023-10-02 14:14:34 +02:00
Jérémy Benoist
0cfdddc2eb
Merge pull request from GHSA-56fm-hfp3-x3w3
Fix CSRF Vulnerability on 2FA endpoints
2023-10-02 13:51:41 +02:00
Kevin Decherf
aa06e8328e ConfigController: remove 2fa cancel step
This change annoys me, however this endpoint was anyway problematic:
- it was vulnerable to a CSRF attack, see GHSA-56fm-hfp3-x3w3
- it is useless as we don't really handle a two-steps validation

Still, if you send an incorrect code during the "activation" phase a
flash error will pop up but the 2fa will stay enabled. This need rework
when possible.

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2023-09-30 00:49:58 +02:00
Kevin Decherf
5240684be9 ConfigController: move OTP endpoints to POST method only
Fixes GHSA-56fm-hfp3-x3w3

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2023-09-30 00:49:58 +02:00
Nicolas Lœuillet
9ec351e8b6
Merge pull request #6986 from Simounet/feat/entry-tag-form-button
Add tag form submit button always displayed
2023-09-29 16:38:54 +02:00
Simounet
6fab27f3ce
Add tag form submit button always displayed 2023-09-29 15:35:33 +02:00
Nicolas Lœuillet
e4d69cafe4
Merge pull request #6991 from Simounet/feat/6971-mass-action-click-full-card
Fix #6971 - Full clickable card on mass action
2023-09-29 14:53:27 +02:00
Jérémy Benoist
34e51243d9
Merge pull request #6985 from Simounet/fix/tag-controller-null-value 2023-09-27 22:36:36 +02:00
Simounet
9bc026f343
Fix #6971 - Full clickable card on mass action 2023-09-27 19:25:16 +02:00
Simounet
a46fd5fc9f
Fix deprecated null parameter passed to explode() 2023-09-26 18:02:46 +02:00
Jérémy Benoist
f06a826c6d
Merge pull request #6926 from wallabag/release/2.6.6
Prepare 2.6.6 release
2023-09-07 09:26:33 +02:00
Jeremy Benoist
c7e5ba6dd0
Prepare 2.6.6 release 2023-09-07 09:18:56 +02:00
Jérémy Benoist
62ab325ad4
Merge pull request #6924 from wallabag/fix/secure-cookie
Force secure cookie on HTTPS connection
2023-09-06 12:45:23 +02:00
Jeremy Benoist
c5d21025c4
Force secure cookie on HTTPS connection 2023-09-06 12:39:40 +02:00
Jérémy Benoist
8ac80e934e
Merge pull request #6912 from Simounet/feat/tag-mass-action-improved
Mass action layout improved
2023-09-04 13:25:05 +02:00
Simounet
4b04cd5746
Mass action tag layout updated 2023-09-04 12:00:16 +02:00
Nicolas Lœuillet
dbed27f8d8
Merge pull request #6909 from Simounet/feat/homepage-perfs
Improve performance on homepage
2023-09-01 14:13:31 +02:00
Simounet
137c8ab756
Count queries simplified 2023-09-01 11:53:44 +02:00
Simounet
0fdffb0b96
Homepage form header layout updated 2023-08-31 22:26:08 +02:00
Simounet
2d7d16ee6c
Tag mass action layout updated 2023-09-01 14:16:27 +02:00
Simounet
18615738c0
Title removed from footer's stats element 2023-08-31 12:34:36 +02:00
Simounet
452362c17a
Untagged entries number removed from the filter's sidebar 2023-08-31 12:34:36 +02:00
Jérémy Benoist
ec4d23b584
Merge pull request #6899 from wallabag/fix/google-mailer
Add Google mailer
2023-08-29 09:34:39 +02:00
Jérémy Benoist
c0414355aa
Merge pull request #6897 from Simounet/fix/checkboxes-pointer-events-bis
Fix checkboxes pointer events issue
2023-08-28 18:01:48 +02:00
Jeremy Benoist
aaf4ab2d2a
Add Google mailer
SMTP is the default provider to send email.
But users tend to use Gmail from time to time. So, instead of a complex installation to allow it, we prefer to ship it with the default package.

Also:
- update deps globally
- lock symfony/* deps to 4.4
2023-08-28 18:01:09 +02:00
Simounet
56983b01a8
Fix checkboxes pointer events issue 2023-08-28 14:21:34 +02:00
Nicolas Lœuillet
6b7e9ec1df
Merge pull request #6896 from wallabag/prepare-265
Prepare wallabag 2.6.5
2023-08-28 10:22:14 +02:00
Nicolas Lœuillet
f052f6f580
Prepare wallabag 2.6.5 2023-08-28 10:14:40 +02:00
Nicolas Lœuillet
16a92c54a7
Update j0k3r/graby-site-config 2023-08-28 10:08:09 +02:00
Simounet
13b2752e8d Autocapitalize disabled for domain input filter 2023-08-28 09:54:51 +02:00
Simounet
634997c9b5 Good HTML type for HTTP status input filter 2023-08-28 09:54:45 +02:00
Simounet
ca608ece65 Fix nav input styles 2023-08-28 09:54:12 +02:00
Simounet
027042cc1a Fix #6873 override materializecss checkbox pointer-events disabled 2023-08-28 09:53:56 +02:00
Nicolas Lœuillet
cf9243151a
Merge pull request #6871 from wallabag/prepare-264
Prepare wallabag 2.6.4
2023-08-22 15:43:27 +02:00
Nicolas Lœuillet
e9a837a0ac
Prepare wallabag 2.6.4 2023-08-22 15:37:04 +02:00
Nicolas Lœuillet
abef36fd2b
Merge pull request #6869 from wallabag/fix-api-token
Fix API token generation
2023-08-22 15:32:39 +02:00
Nicolas Lœuillet
2f86dd9c73
Fix API token generation 2023-08-22 13:35:27 +02:00
Nicolas Lœuillet
3d22442f8c
Merge pull request #6864 from wallabag/fix-checkbox
Fix checkboxes which were broken
2023-08-21 15:34:58 +02:00
Nicolas Lœuillet
c99a733aff
Fix checkboxes which were broken 2023-08-21 14:12:06 +02:00
Nicolas Lœuillet
85065b509f
Merge pull request #6862 from wallabag/prepare-263
Prepare wallabag 2.6.3
2023-08-21 11:57:10 +02:00
Nicolas Lœuillet
ca879c36de Prepare wallabag 2.6.3 2023-08-21 11:52:16 +02:00
Nicolas Lœuillet
ffcc5c9062
Merge pull request from GHSA-gjvc-55fw-v6vq
Replace GET way to POST way to delete API client
2023-08-21 11:08:47 +02:00
Nicolas Lœuillet
78b0b55c40
Merge pull request from GHSA-p8gp-899c-jvq9
Replace GET way to POST way to reset data user
2023-08-21 11:08:24 +02:00
Jérémy Benoist
94a6bc0dad
Merge pull request #6806 from wallabag/dependabot/composer/craue/config-bundle-2.7.0
Bump craue/config-bundle from 2.6.0 to 2.7.0
2023-08-21 10:57:10 +02:00
Nicolas Lœuillet
383dcc5c45
Merge pull request #6119 from Spoons/feat_referer_to_session_redirect
Fix: Use Session instead of Referrer for Redirection
2023-08-21 10:32:03 +02:00
dependabot[bot]
de5aa004cb Bump craue/config-bundle from 2.6.0 to 2.7.0
Bumps [craue/config-bundle](https://github.com/craue/CraueConfigBundle) from 2.6.0 to 2.7.0.
- [Changelog](https://github.com/craue/CraueConfigBundle/blob/master/CHANGELOG.md)
- [Commits](https://github.com/craue/CraueConfigBundle/compare/2.6.0...2.7.0)

---
updated-dependencies:
- dependency-name: craue/config-bundle
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-21 09:38:54 +02:00
github-actions[bot]
dca910e2a6
Merge pull request #6860 from wallabag/dependabot/npm_and_yarn/sass-1.66.1
Bump sass from 1.65.1 to 1.66.1
2023-08-21 03:08:38 +00:00
dependabot[bot]
bc491e3712
Bump sass from 1.65.1 to 1.66.1
Bumps [sass](https://github.com/sass/dart-sass) from 1.65.1 to 1.66.1.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.65.1...1.66.1)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-21 03:01:00 +00:00