Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-22 18:30:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
10806 commits 2 branches 844 tags 123 MiB
Commit graph

1296 commits

Author SHA1 Message Date
Lauri Ojansivu
47ac33d6c2 Security fix to ReactionBleed in WeKan. It is XSS in feature "Reaction to comment". 
Thanks to Alexander Starikov at Jet Infosystems (https://jetinfosystems.com/).
 2023-04-18 01:30:54 +03:00
Lauri Ojansivu
76ac070f9b Save files serverside with filename ObjectID, without filename. 
Thanks to g-roliveira, iamabrantes, Floaz, koelle25, scott-dunt, mfilser and xet7 !

Fixes #4416
 2023-04-17 23:42:56 +03:00
Lauri Ojansivu
f11650ece1 Added more descriptive times of attachment migrations and uploads. 
Thanks to xet7 !

Related https://github.com/wekan/wekan/issues/4891
 2023-04-14 15:16:50 +03:00
Lauri Ojansivu
e7122a9b36 Disable file validation temporarily, because it causes data loss of some attachments when upgrading. 
Thanks to xet7 !

Related https://github.com/wekan/wekan/issues/4891
 2023-04-14 14:20:39 +03:00
Lauri Ojansivu
fb37f48a86 Updated dependencies. 2023-04-12 08:23:22 +03:00
Gustav Engström
7d69bd5c46 Fixes broken add_board_member API call and fixes return value for remove_board_member. 2023-04-05 22:10:11 +02:00
Martin Filser
7de50c0f4b Bugfix, Avatar upload message "avatar-too-big" shows now the configured max filesize 2023-03-15 19:43:02 +01:00
Martin Filser
07926386ea Bugfix, Avatar Upload didn't work if AVATARS_UPLOAD_MAX_SIZE wasn't defined or lower or equal to 0 2023-03-15 19:43:02 +01:00
Lauri Ojansivu
5d79c231ed Try to fix some security issue. 
Thanks to Responsible Security Disclousure contributors and xet7 !
 2023-02-28 14:16:08 +02:00
Lauri Ojansivu
16ad6bf9fc Try to fix attachment migrations to ostrioFiles, allow existing files to be migrated. Part 2. 
Thanks to xet7 !

Related #4780,
related https://github.com/wekan/wekan/pull/4648
 2023-02-27 16:58:12 +02:00
Lauri Ojansivu
9216a69c05 Temporarily disable file validation, because it prevents migrating some attachments at wekan/server/migrations.js to ostrio Meteor-Files. 
Thanks to xet7 !

Related #4780,
related https://github.com/wekan/wekan/pull/4648
 2023-02-27 16:38:16 +02:00
Lauri Ojansivu
fd9478dc57 Try to fix build errors on some platforms. 
Thanks to xet7 !

Related #4842
 2023-02-21 21:27:34 +02:00
Lauri Ojansivu
382168a5b4 Try to fix some security issues. Part 2. 
Thanks to responsible security disclosure contributors and xet7 !
 2023-02-20 16:48:02 -05:00
Lauri Ojansivu
ff993e7c91 Try to fix some security issues. 
Thanks to responsible security disclosure contributors and xet7 !
 2023-02-20 01:21:33 +02:00
garciadavy
f8bc186252
Fix "Top 10 boards" metric order 2023-02-15 11:27:59 +01:00
garciadavy
962fb70b16
Fix double quotes around metric label 2023-02-09 17:20:17 +01:00
Lauri Ojansivu
beaa50551d Fix Customfields are not added to new cards created with the API. 
Thanks to HEMGDevelopment and xet7 !

Fixes #4810
 2023-01-17 23:09:51 +02:00
Lauri Ojansivu
eda2b3b406 Fix API Edit card function does nothing. 
Thanks to gu1ll0me, HEMGDevelopment and xet7 !

Fixes #4701
 2023-01-17 21:31:16 +02:00
Lauri Ojansivu
cd1750f368 Forked minio npm package to @wekanteam/minio to update package dependencies. S3/MinIO support In Progress. 
Thanks to xet7 !

Related #142
 2023-01-16 15:11:31 +02:00
Lauri Ojansivu
cc90291192 Try to fix User API. Part 2. 
Thanks to xet7 !

Fixes #4039
 2023-01-13 22:14:39 +02:00
Lauri Ojansivu
8092f8be28 Try to fix User API. 
Thanks to xet7 !

Fixes #4039
 2023-01-13 21:50:39 +02:00
Lauri Ojansivu
391607ec79 Store files to S3. Part 4. In Progress. 
Thanks to xet7 !
 2022-12-27 21:42:06 +02:00
Lauri Ojansivu
028633b00a Fix some S3 typos. 2022-12-26 05:01:15 +02:00
Lauri Ojansivu
21e2eabd60 Store files to S3. In Progress. 
Thanks to xet7 !

Related #142
 2022-12-21 23:48:47 +02:00
Martin Filser
f6d7377977 Remove duplicate IDs issue 2022-12-19 21:14:08 +01:00
Roy
85a51de703
The payload token is hashedToken. 2022-11-17 00:31:30 +03:00
Roy
f304c3ad52
Add delete token api 
If someone lost token, then admin user should be can delete a user token.
 2022-11-16 23:58:04 +03:00
Emile Ndagijimana
eb15751dae feat(wekan metrics): rename metrics key and add a new one 2022-10-21 18:13:53 +02:00
Lauri Ojansivu
551f57b03b Fix typos and translate comments to English. 
Thanks to xet7 !
 2022-09-22 14:45:41 +03:00
Emile Ndagijimana
d2436ba001 Refactoring(metrics KPI): Added some metrics KPI Datas 2022-09-21 15:34:22 +02:00
Emile Ndagijimana
d323c1e51e feat(metrics KPI): Added some metrics KPI Datas 2022-09-21 14:33:33 +02:00
helioguardabaxo
9dff09fbcf Added hide/show to show counters and members on All Boards (Admin Panel) 2022-09-16 11:02:25 -03:00
helioguardabaxo
d610d03423 Added help button with custom URL. 2022-09-12 21:36:31 -03:00
Lauri Ojansivu
1e4fba3ec8 Added back autologin, because reverting it broke Google OIDC login. 
Thanks to xet7 !
 2022-09-01 12:12:30 +03:00
Lauri Ojansivu
0d3b7ca041 Try to fix EasySearch. Part 3. 
Thanks to danielkaiser and xet7 !
 2022-08-31 22:00:09 +03:00
Lauri Ojansivu
43a7096753 Revert autologin, because it broke OIDC login with Keycloak. 
Thanks to wb9688 and xet7 !

Fixes #4660,
related https://github.com/wekan/wekan/pull/4588
 2022-08-30 23:12:23 +03:00
Lauri Ojansivu
a21883e3a1 Try 2 to fix EasySearch. 
Thanks to xet7 !
 2022-08-30 22:43:09 +03:00
Lauri Ojansivu
5ca84d2930 Try to fix EasySearch syntax. 
Thanks to xet7 !
 2022-08-28 12:26:22 -04:00
Martin Filser
f4e11ff7c5 Avatars, use same namingFunction as Attachments 2022-08-21 11:10:27 +02:00
Martin Filser
f6fbd0a5c2 Attachment, rename not needed anymore since Meteor-Files 2.3.0 
Thanks to @dr-dimitru
https://github.com/wekan/wekan/pull/4638#issuecomment-1217883870

00ab6f723b
 2022-08-21 11:10:27 +02:00
Martin Filser
25443926d3 Attachment, path was wrong if the file hasn't a extension 2022-08-21 11:10:27 +02:00
Tobias Wolf
24566ce853 Reset avatar if removed 2022-08-20 09:01:18 +02:00
Tobias Wolf
c64a221453 Add support to validate uploaded avatars 2022-08-20 08:46:41 +02:00
Tobias Wolf
469d81f8a5 Separate uploaded file validation logic from the model "Attachments" 2022-08-19 14:30:22 +02:00
Martin Filser
1516615934 Copy attachment copies now all versions 
- for now only the version "original" exists, but as other method already
  consider that other version's can exist
 2022-08-18 17:31:41 +02:00
Martin Filser
e37bf2b51d Copy card at card details copies now attachments 2022-08-18 17:31:41 +02:00
Martin Filser
03deeb6729 Copy many card dialog remembers now the last selected board 2022-08-16 23:26:37 +02:00
Lauri Ojansivu
c23f5dc858 Fix Validate attachment error at PR Meteor files 2.2.1 fixes + attachment view. 
Thanks to xet7 !

Fixes #4640
 2022-08-16 22:27:22 +03:00
Martin Filser
ea5025595a Server side code don't need a Meteor.call 2022-08-16 18:34:27 +02:00
Martin Filser
344aeb4051 Meteor-Files 2.2.1 changed the function "namingFunction" 
See also:
f872569be2
 2022-08-16 18:34:26 +02:00