Lauri Ojansivu
|
74f1dfde72
|
Fix copy move card at board and MultiSelect to have numbered target of board, card above or below. Added MultiSelect change color.
Thanks to mimZD and xet7 !
Fixes #6045
|
2025-12-29 19:09:45 +02:00 |
|
Lauri Ojansivu
|
db4b04d837
|
Fix find.sh work with spaces, for example: ./find.sh "Some text"
Thanks to xet7 !
|
2025-12-29 18:46:05 +02:00 |
|
Lauri Ojansivu
|
0b0e16c3ea
|
Security Fix 10: LDAP filter injection in LDAP auth.
Thanks to Joshua Rogers of joshua.hu, Twitter MegaManSec !
|
2025-12-29 17:13:32 +02:00 |
|
Lauri Ojansivu
|
1d16955b6d
|
Security Fix 9: Attachment upload not scoped to card/board relationship.
Thanks to Joshua Rogers of joshua.hu, Twitter MegaManSec !
|
2025-12-29 17:06:22 +02:00 |
|
Lauri Ojansivu
|
6dfa3beb2b
|
Security Fix 8: Attachments publication leaks metadata without auth.
Thanks to Joshua Rogers of joshua.hu, Twitter MegaManSec !
|
2025-12-29 17:03:02 +02:00 |
|
Lauri Ojansivu
|
5cd875813f
|
Security Fix 7: Checklist create IDOR: cardId not verified against boardId.
Thanks to Joshua Rogers of joshua.hu, Twitter MegaManSec !
|
2025-12-29 16:58:26 +02:00 |
|
Lauri Ojansivu
|
08a6f084eb
|
Security Fix 6: Checklist delete IDOR: checklist not verified against board/card.
Thanks to Joshua Rogers of joshua.hu, Twitter MegaManSec !
|
2025-12-29 16:54:04 +02:00 |
|
Lauri Ojansivu
|
181f837d8c
|
Security Fix 5: Read-only roles can still update cards.
Thanks to Joshua Rogers of joshua.hu, Twitter MegaManSec !
|
2025-12-29 16:47:11 +02:00 |
|
Lauri Ojansivu
|
198509e760
|
Security Fix 4: Cross-board card move without destination authorization.
Thanks to Joshua Rogers of joshua.hu, Twitter MegaManSec !
|
2025-12-29 16:39:23 +02:00 |
|
Lauri Ojansivu
|
67cb47173c
|
Security Fix 3: Card comment author spoofing (IDOR) via API.
Thanks to Joshua Rogers of joshua.hu, Twitter MegaManSec !
|
2025-12-29 16:34:00 +02:00 |
|
Lauri Ojansivu
|
7ed76c180e
|
Security Fix 2: Private-only board setting can be bypassed.
Thanks to Joshua Rogers of joshua.hu, Twitter MegaManSec !
|
2025-12-29 16:29:01 +02:00 |
|
Lauri Ojansivu
|
f244a43771
|
Security Fix 1: IDOR in setCreateTranslation. Non-admin could change Custom Translation.
Thanks to Joshua Rogers of joshua.hu, Twitter MegaManSec.
|
2025-12-29 16:20:17 +02:00 |
|
Lauri Ojansivu
|
48e856fca2
|
Updated translations.
|
2025-12-29 16:12:37 +02:00 |
|
Lauri Ojansivu
|
7d83cb3d0b
|
Updated ChangeLog.
|
2025-12-29 15:31:26 +02:00 |
|
Lauri Ojansivu
|
3af3c9a89d
|
Converted Gantt from js to Jade. Part 2.
Thanks to xet7 !
|
2025-12-29 15:26:16 +02:00 |
|
Lauri Ojansivu
|
2d3bef9033
|
Converted Gantt from js to Jade.
Thanks to xet7 !
|
2025-12-29 15:17:27 +02:00 |
|
Lauri Ojansivu
|
ce9afbcaca
|
Updated ChangeLog.
Docker / build (push) Waiting to run
Docker Image CI / build (push) Waiting to run
Release Charts / release (push) Waiting to run
Test suite / Meteor tests (push) Waiting to run
Test suite / Coverage report (push) Blocked by required conditions
|
2025-12-29 10:07:47 +02:00 |
|
Lauri Ojansivu
|
ba79d5389d
|
Updated ChangeLog.
|
2025-12-29 07:27:48 +02:00 |
|
Lauri Ojansivu
|
2f4c40c1db
|
Updated translations.
|
2025-12-29 07:25:26 +02:00 |
|
Lauri Ojansivu
|
6c9e8a4aa8
|
Merge pull request #6052 from Chostakovitch/6048-dnd-lists
Merge list component methods with same name
|
2025-12-29 07:19:35 +02:00 |
|
Lilou
|
223c38c50d
|
Set sortable methods of lists only once
|
2025-12-29 02:45:48 +01:00 |
|
Lilou
|
c1981dee9b
|
Merge list component methods with same name
Probably results in inconsistant behavior (which one overwrites the other?)
|
2025-12-29 01:48:33 +01:00 |
|
Lauri Ojansivu
|
45b3373145
|
Updated ChangeLog.
Docker / build (push) Waiting to run
Docker Image CI / build (push) Waiting to run
Release Charts / release (push) Waiting to run
Test suite / Meteor tests (push) Waiting to run
Test suite / Coverage report (push) Blocked by required conditions
|
2025-12-28 23:45:21 +02:00 |
|
Lauri Ojansivu
|
54a566cfb1
|
Merge pull request #6050 from Chostakovitch/6049-announcements
Re-add JS closing class to unicode close announcement symbol
|
2025-12-28 23:40:28 +02:00 |
|
Lilou
|
5a51c2940a
|
Re-add JS closing class to unicode close announcement symbol
|
2025-12-28 21:54:39 +01:00 |
|
Lauri Ojansivu
|
7232070bd1
|
Updated ChangeLog.
Docker / build (push) Waiting to run
Docker Image CI / build (push) Waiting to run
Release Charts / release (push) Waiting to run
Test suite / Meteor tests (push) Waiting to run
Test suite / Coverage report (push) Blocked by required conditions
|
2025-12-28 20:38:34 +02:00 |
|
Lauri Ojansivu
|
33ab8920ca
|
v8.18
|
2025-12-28 20:32:44 +02:00 |
|
Lauri Ojansivu
|
db4d47cc52
|
Updated ChangeLog.
|
2025-12-28 20:21:44 +02:00 |
|
Lauri Ojansivu
|
e210c9973b
|
Upgraded MongoDB to 7.0.28 to fix mongobleed at Snap Candidate.
Thanks to developers of MongoDB !
|
2025-12-28 19:59:36 +02:00 |
|
Lauri Ojansivu
|
98d05ce545
|
Updated translations
Docker / build (push) Has been cancelled
Docker Image CI / build (push) Has been cancelled
Release Charts / release (push) Has been cancelled
Test suite / Meteor tests (push) Has been cancelled
Test suite / Coverage report (push) Has been cancelled
|
2025-12-25 08:47:55 +02:00 |
|
Lauri Ojansivu
|
9268d80974
|
Updated translations.
|
2025-12-25 08:46:43 +02:00 |
|
Lauri Ojansivu
|
1a221a6967
|
Updated translations.
Docker / build (push) Has been cancelled
Docker Image CI / build (push) Has been cancelled
Release Charts / release (push) Has been cancelled
Test suite / Meteor tests (push) Has been cancelled
Test suite / Coverage report (push) Has been cancelled
|
2025-12-23 16:06:21 +02:00 |
|
Lauri Ojansivu
|
a039bb1066
|
Per-User and Board-level data save fixes. Part 3.
Docker / build (push) Waiting to run
Docker Image CI / build (push) Waiting to run
Release Charts / release (push) Waiting to run
Test suite / Meteor tests (push) Waiting to run
Test suite / Coverage report (push) Blocked by required conditions
Thanks to xet7 !
|
2025-12-23 09:03:41 +02:00 |
|
Lauri Ojansivu
|
90a7a61904
|
Updates
|
2025-12-23 08:03:04 +02:00 |
|
Lauri Ojansivu
|
58e970d685
|
Per-User and Board-level data save fixes. Part 2.
Thanks to xet7 !
|
2025-12-23 08:01:30 +02:00 |
|
Lauri Ojansivu
|
edf0f3c05b
|
Updated translations
|
2025-12-23 07:54:57 +02:00 |
|
Lauri Ojansivu
|
5bbf5e0dac
|
Updated ChangeLog.
|
2025-12-23 07:52:46 +02:00 |
|
Lauri Ojansivu
|
414b8dbf41
|
Per-User and Board-level data save fixes. Per-User is collapse, width, height. Per-Board is Swimlanes, Lists, Cards etc.
Thanks to xet7 !
Fixes #5997
|
2025-12-23 07:49:37 +02:00 |
|
Lauri Ojansivu
|
2e0e1e56b5
|
Updated translations.
|
2025-12-23 06:59:50 +02:00 |
|
Lauri Ojansivu
|
546dcdf1de
|
Updated ChangeLog.
|
2025-12-23 06:58:30 +02:00 |
|
Lauri Ojansivu
|
58f4884ad6
|
Collapse Swimlane, List, Opened Card. Opened Card window X and Y position can be moved freely from drag handle. Fix some dragging not possible. Fix iPhone Safari.
Thanks to xet7 !
Fixes #6040,
fixes #6027,
fixes #6021,
fixes #6002
|
2025-12-23 06:47:02 +02:00 |
|
Lauri Ojansivu
|
95d1625a9f
|
Updated translations.
Docker / build (push) Waiting to run
Docker Image CI / build (push) Waiting to run
Release Charts / release (push) Waiting to run
Test suite / Meteor tests (push) Waiting to run
Test suite / Coverage report (push) Blocked by required conditions
|
2025-12-23 01:45:40 +02:00 |
|
Lauri Ojansivu
|
05fbdd559f
|
Updated ChangeLog.
|
2025-12-23 01:32:50 +02:00 |
|
Lauri Ojansivu
|
300b653ea3
|
Right top User Settings / Grey Icons. Also fixed Change Language popup.
Thanks to xet7 !
|
2025-12-23 01:31:02 +02:00 |
|
Lauri Ojansivu
|
1808ea7384
|
fix(jade): simplify rules headers and conditions; add helpers to expose ruleName safely
|
2025-12-22 23:35:30 +02:00 |
|
Lauri Ojansivu
|
4408eae158
|
feat: grey unicode icons without UI freezes
|
2025-12-22 23:26:30 +02:00 |
|
Lauri Ojansivu
|
a68993d099
|
perf(unicode-icons): replace body-wide scans with added-nodes observer; prevent unresponsiveness while greying icons
|
2025-12-22 23:26:30 +02:00 |
|
Lauri Ojansivu
|
ecfb0f0fdf
|
Manually merged fixes from seve12.
Thanks to seve12 !
Related https://github.com/wekan/wekan/pull/5967
|
2025-12-22 23:18:01 +02:00 |
|
Lauri Ojansivu
|
fc3bb962f7
|
Updated translations.
|
2025-12-22 23:01:14 +02:00 |
|
Lauri Ojansivu
|
23630a4c67
|
Updated translations.
|
2025-12-22 22:49:53 +02:00 |
|