devol/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2024-12-28 08:20:00 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,299 Commits 14 Branches 100 Tags 197 MiB
dc02c679d2
Commit Graph

27 Commits

Author SHA1 Message Date
Jeremy Benoist
66b7bdd07c
Merge remote-tracking branch 'origin/2.5.x' 2023-04-24 14:36:32 +02:00
Jeremy Benoist
b795622f06
Prepare 2.5.3 2023-02-01 09:51:02 +01:00
Kevin Decherf
0fdd9aa991 ExportController: fix improper authorization vulnerability 
We fix the improper authorization by duplicating the check done by
the private method EntryController::checkUserAction().

We also replace the ParamConverter used to get the requested Entry with
an explicit call to EntryRepository in order to prevent a resource
enumeration through response discrepancy. Thus, we get the same
exception whether the requested resource does not exist or is not owned
by the requester.

Fixes GHSA-qwx8-mxxx-mg96

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-20 15:09:38 +01:00
Kevin Decherf
2f2cfa2c2a Add prefix for tag slugs 
This should be considered as a temporary fix, we may deprecate tag
slugs in the future.

Fixes #6048

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-11 23:20:13 +01:00
Jeremy Benoist
aa5c7f05b8
Upgrade to Symfony 4.4 
- disable autowiring for Event (because the Entry entity was injected)
- rename `getClient()` for test to `getTestClient()` to avoid error while overriding (from `BrowserKitAssertionsTrait`)
 2022-11-29 18:01:46 -08:00
Yassine Guedidi
eb43c78720 Use FQCN instead of service alias 2022-09-01 09:07:19 +02:00
Yassine Guedidi
8b7b4975d6 Migrate getRepository with entities 2022-08-26 17:47:46 +02:00
Kevin Decherf
1608bf5a4e Replace iconv() calls with Transliterator 
See https://stackoverflow.com/a/35178027/954513

Closes #5377

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2022-03-21 22:12:11 +01:00
Jeremy Benoist
732ec8a2eb
Fix deprecated method in tests 2020-06-15 14:21:35 +02:00
Jeremy Benoist
7332d1f4e5
Remove support for PHP < 7.2 
Updating deps

  - Removing electrolinux/php-html5lib (0.1.0)
  - Updating doctrine/inflector (1.3.1 => 1.4.3)
  - Updating doctrine/lexer (1.0.2 => 1.2.1)
  - Installing symfony/polyfill-php80 (v1.17.0)
  - Updating symfony/service-contracts (v1.1.8 => v2.1.2)
  - Installing symfony/deprecation-contracts (v2.1.2)
  - Updating symfony/mime (v4.4.8 => v5.1.1)
  - Updating friendsofsymfony/rest-bundle (2.7.4 => 2.8.0)
  - Updating doctrine/instantiator (1.3.0 => 1.3.1)
  - Updating ocramius/proxy-manager (2.1.1 => 2.2.3)
  - Updating php-http/discovery (1.7.4 => 1.8.0)
  - Updating symfony/http-client-contracts (v1.1.8 => v2.1.2)
  - Updating symfony/http-client (v4.4.8 => v5.1.1)
  - Updating php-http/httplug-bundle (1.16.0 => 1.18.0)
  - Updating symfony/phpunit-bridge (v4.3.11 => v5.1.1)
  - Updating doctrine/data-fixtures (1.3.3 => 1.4.3)
  - Updating composer/xdebug-handler (1.4.1 => 1.4.2)
  - Updating masterminds/html5 (2.7.0 => 2.7.1)
  - Updating j0k3r/php-readability (1.2.4 => 1.2.5)
  - Updating phpoption/phpoption (1.7.3 => 1.7.4)
  - Updating nikic/php-parser (v4.4.0 => v4.5.0)
  - Installing thecodingmachine/safe (v1.1.1)
  - Updating spomky-labs/otphp (v9.1.4 => v10.0.1)
  - Updating pagerfanta/pagerfanta (v2.1.3 => v2.3.0)

Package white-october/pagerfanta-bundle is abandoned, you should avoid using it. Use babdev/pagerfanta-bundle instead.

  - Removing white-october/pagerfanta-bundle (v1.3.2)
  - Installing babdev/pagerfanta-bundle (v2.4.2)

Upgrading PHPStan to 0.12 and use extension installer

  - Removing phpstan/phpdoc-parser (0.3.5)
  - Removing nette/utils (v3.1.2)
  - Removing nette/schema (v1.0.2)
  - Removing nette/robot-loader (v3.2.3)
  - Removing nette/php-generator (v3.4.0)
  - Removing nette/neon (v3.1.2)
  - Removing nette/finder (v2.5.2)
  - Removing nette/di (v3.0.4)
  - Removing nette/bootstrap (v3.0.2)
  - Updating phpstan/phpstan (0.11.19 => 0.12.29)
  - Updating phpstan/phpstan-doctrine (0.11.6 => 0.12.16)
  - Updating phpstan/phpstan-phpunit (0.11.2 => 0.12.11)
  - Updating phpstan/phpstan-symfony (0.11.6 => 0.12.6)
  - Installing phpstan/extension-installer (1.0.4)

Upgrading jms/serializer-bundle to version 3 (and willdurand/hateoas-bundle to version 2)

  - Removing phpoption/phpoption (1.7.4)
  - Removing phpcollection/phpcollection (0.5.0)
  - Removing jms/parser-lib (1.0.0)
  - Updating jms/metadata (1.7.0 => 2.3.0)
  - Updating jms/serializer (1.14.1 => 3.7.0)
  - Updating jms/serializer-bundle (2.4.4 => 3.6.0)
  - Updating willdurand/hateoas (2.12.0 => 3.6.0)
  - Updating willdurand/hateoas-bundle (1.4.0 => 2.1.0)

Upgrading dama/doctrine-test-bundle to version 6

  - Updating dama/doctrine-test-bundle (v5.0.3 => v6.2.0)
 2020-06-15 08:25:59 +02:00
Kevin Decherf
93c5b47e88 ExportController: fix entries export from search view 
Fixes #4240

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2020-02-23 00:43:21 +01:00
Jeremy Benoist
1e0d8ad7b7
Enable PHPStan 
- Fix error for level 0 & 1 (level 7 has 699 errors...)
- Add `updated_at` to site_credential (so the `timestamps()` method applies correctly)
 2019-01-18 15:25:50 +01:00
Kevin Decherf
dac93644e8 EntriesExport: sanitize filename and fix tests 
Filename will now only use a-zA-Z0-9-' and space.

Fixes remaining filename issue on #3811

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2019-01-08 15:13:35 +01:00
Kevin Decherf
2a1ceb67b4 php-cs-fixer 
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2018-09-05 14:25:32 +02:00
Jeremy Benoist
33264c2d02
Fix tests 2017-09-06 22:49:16 +02:00
Jeremy Benoist
7c04b7396a
Multiple tag search was broken from API 
First, the setParameter() were done on the same parameter which in fact
just duplicated the condition in the SQL query (like `where t.label =
'test' and t.label = 'test'`.

Changed the parameter doesn't help because the query was then wrong.

Changing the way to match associated tags for an entry and it worked.
 2017-09-06 22:49:15 +02:00
Jeremy Benoist
38520658ad
Fix tests 2017-07-03 07:30:54 +02:00
Jeremy Benoist
f808b01692
Add a real configuration for CS-Fixer 2017-07-01 09:52:38 +02:00
adev
7ab5eb9508 Isolated tests 
Use https://github.com/dmaicher/doctrine-test-bundle to have test isolation.
 2017-05-31 16:03:54 +02:00
Nicolas Lœuillet
a162b1a99b
Changed export test 2017-05-03 10:53:10 +02:00
Nicolas Lœuillet
fdd725f58c Added notmatches operator for tagging rule 2017-04-20 15:17:02 +02:00
Nicolas Lœuillet
c8de7ab94c
Fixed export by tags with a tag which contains space 2016-12-27 21:26:53 +01:00
Nicolas Lœuillet
794ac861cb
Added test for export by filtering with tag 2016-10-29 14:03:55 +02:00
Jeremy Benoist
74e1f7433a
Fix tag test 2016-10-07 07:43:48 +02:00
Jeremy Benoist
b0458874c8
Fix relations export for Entry 
Tags & Annotations weren’t really well exported.
This is now fixed (+ tests)
 2016-10-07 07:43:19 +02:00
Jeremy Benoist
9401696fe4
Export dates from entries 2016-09-08 16:49:21 +02:00
Jeremy Benoist
23634d5d84 Jump to Symfony 3.1 2016-06-22 17:59:35 +02:00