Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2026-01-11 12:08:50 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
5144 commits 1 branch 846 tags 133 MiB
Commit graph

5144 commits

This branch
This branch
All branches
Author SHA1 Message Date
Lauri Ojansivu
87a81789d1 Update ChangeLog. 2020-03-24 11:10:15 +02:00
Lauri Ojansivu
12ab8fac5d Fix Rich editor can not be disabled, regression from changes yesterday at Wekan v3.85. 
Thanks to uusijani, vjrj and xet7 !

Closes #2967,
closes #104
 2020-03-24 11:04:04 +02:00
Lauri Ojansivu
10b09b2da1 Fix typo. 2020-03-24 02:01:08 +02:00
Lauri Ojansivu
7c5f4a3849 v3.85 2020-03-23 23:01:58 +02:00
Lauri Ojansivu
ec71849d84 Update ChangeLog. 2020-03-23 22:49:28 +02:00
Lauri Ojansivu
482682e500 SECURITY VULNERABILITY FIX: Fix XSS bug reported today 4 hours ago by Cyb3rjunky. 
Logged in users could run javascript in input fields.
This affects Wekan versions v3.12-v3.84.
In [Wekan v3.12](https://github.com/wekan/wekan/blob/master/CHANGELOG.md#v312-2019-08-09-wekan-release)
there was [changes for XSS filter to allow inserting images, videos etc
on comment WYSIWYG editor](https://github.com/wekan/wekan/pull/2593)
so features related to that are now removed.
After this fix, Javascript in input fields is not executed.

Thanks to Cyb3rjunky and xet7 !
 2020-03-23 22:29:20 +02:00
Lauri Ojansivu
3a6303e5c2 Update translations. 2020-03-23 22:25:08 +02:00
Lauri Ojansivu
81635d9217 Revert: Fix Pasting text into a card is adding a line before and after 
(and multiplies by pasting more) by disabling WYSIWYG comment editor
for everyone.

Thanks to xet7.

TODO later: Fix wysiwyg editor paste bug.

Opens #2890
 2020-03-23 22:23:31 +02:00
Lauri Ojansivu
e8f89a8c4c Update translations. 2020-03-20 14:03:11 +02:00
Lauri Ojansivu
393482315f Fix typo. 2020-03-20 14:02:29 +02:00
Lauri Ojansivu
cb67af02d7 Update ChangeLog. 2020-03-20 13:57:44 +02:00
Lauri Ojansivu
a064b8d643 Fix Pasting text into a card is adding a line before and after 
(and multiplies by pasting more) by disabling WYSIWYG comment editor
for everyone.

Closes #2890
 2020-03-20 13:52:27 +02:00
Lauri Ojansivu
556621e60e Meteor 1.8 only in use at Sandstorm. 2020-03-17 14:04:50 +02:00
Lauri Ojansivu
0f95a513bf Meteor 1.8 only in use at Sandstorm. 2020-03-17 14:02:43 +02:00
Lauri Ojansivu
dce624486f Merge branch 'master' of github.com:wekan/wekan 2020-03-17 13:35:00 +02:00
Lauri Ojansivu
64e76af8de Fix snap syntax. 2020-03-17 13:34:34 +02:00
Lauri Ojansivu
acf2ede94e Fix typo. 2020-03-16 10:11:20 -04:00
Lauri Ojansivu
b3a7c4dc88 For Sandstorm version of Wekan, leep stylus in 1.1.0, because building v2 takes extra 52 minutes. 
Thanks to zodern !
 2020-03-16 10:01:28 -04:00
Lauri Ojansivu
8d83c641e3 v3.84 2020-03-16 14:04:18 +02:00
Lauri Ojansivu
c1aa0047c6 Update ChangeLog. 2020-03-16 13:55:39 +02:00
Lauri Ojansivu
7af4fe75ba Update ChangeLog. 2020-03-16 13:53:12 +02:00
Lauri Ojansivu
ea6baa5c2b Update minimist. 2020-03-16 13:42:29 +02:00
Lauri Ojansivu
8183b7bdaa Update prettier-eslint 2020-03-16 13:33:08 +02:00
Lauri Ojansivu
51514ae22c Update prettier-eslint 2020-03-16 13:29:44 +02:00
Lauri Ojansivu
14b8610837 Update ostrio:cookies 2020-03-16 13:24:39 +02:00
Lauri Ojansivu
369a29707b Update acorn. 2020-03-16 13:22:16 +02:00
Lauri Ojansivu
ae240af323 Update translations. 2020-03-16 13:16:47 +02:00
Lauri Ojansivu
2a715ec6c6 Update ChangeLog. 2020-03-15 03:02:08 +02:00
Lauri Ojansivu
fca4cdcebf Downgrade stylus to v1.1.0 to speed up building Wekan. 
https://github.com/meteor/meteor/issues/10881#issuecomment-599152333

Thanks to zodern !
 2020-03-15 02:49:53 +02:00
Lauri Ojansivu
49bbfef3ec Update dependencies. 2020-03-15 02:00:11 +02:00
Lauri Ojansivu
f968109e73 Add profiling to build script. 2020-03-15 00:44:03 +02:00
Lauri Ojansivu
c0349c1ff9 Update dependencies. 2020-03-15 00:06:09 +02:00
Lauri Ojansivu
e009bcf06e Update dependencies. 2020-03-14 17:00:21 +02:00
Lauri Ojansivu
8aae812aa4
Merge pull request #2959 from daMihe/add-current-description-ldap-groups 
Added some descriptions for ldap-group authentication
 2020-03-14 16:59:37 +02:00
Michael Wodniok
0b8f1cabef Added some descriptions for ldap-group authentication 2020-03-14 15:38:19 +01:00
Lauri Ojansivu
e80d3ac79a Update dependencies. 2020-03-14 14:30:59 +02:00
Lauri Ojansivu
ed9ba169fe Update dependencies. 2020-03-14 14:08:48 +02:00
Lauri Ojansivu
4720a6fbc3 Fix to be valid JSON. 2020-03-14 14:07:15 +02:00
Lauri Ojansivu
ad45f82e27 Update ChangeLog. 2020-03-14 13:21:44 +02:00
Lauri Ojansivu
2174936613 Update acorn. 2020-03-14 13:19:54 +02:00
Lauri Ojansivu
a6d7388919 Update ChangeLog. 2020-03-14 13:09:29 +02:00
Lauri Ojansivu
f4e2bc0d32 Update dependencies. 2020-03-14 13:06:17 +02:00
Lauri Ojansivu
2f13141907 Update dependencies. 2020-03-14 12:36:12 +02:00
Lauri Ojansivu
365eded5c4 Update ChangeLog. 2020-03-14 12:22:28 +02:00
Lauri Ojansivu
ed365c3d41 Update translations. 2020-03-14 12:10:33 +02:00
Lauri Ojansivu
e16c65babc Upgrade to Meteor 1.10.1 2020-03-14 12:05:48 +02:00
Lauri Ojansivu
6e0fa78022 Update markdown. 2020-03-14 12:03:34 +02:00
Lauri Ojansivu
06fb201d80 Update translations. 2020-03-11 08:48:11 +02:00
Lauri Ojansivu
62e5622523 Update ChangeLog. 2020-03-06 03:59:09 +02:00
Lauri Ojansivu
2b26bbe78a Fix: img tag did not allow width and height. 
Removed swipebox from markdown editor img tag and
updated marked markdown to newest version.

Thanks to hradec and xet7 !

Closes #2956
 2020-03-06 03:52:12 +02:00