Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-16 15:30:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
12454 commits 2 branches 844 tags 122 MiB
Commit graph

1385 commits

Author SHA1 Message Date
Lauri Ojansivu
fc32a89292 Fixed per-card and per-board settings of showing checkist at minicard. 
Thanks to xet7 !
 2025-10-11 11:31:57 +03:00
Lauri Ojansivu
ae1f80a52c Added attachments API and admin panel attachment management for file storage backends settings. Fixed drag drop upload attachments from file manager to minicard or opened card. 
Thanks to xet7 !
 2025-10-11 11:05:46 +03:00
Lauri Ojansivu
74ccfea570 Add support for MongoDB 3-8, detecting which one is in use. 
Thanks to xet7 !
 2025-10-11 10:32:20 +03:00
Lauri Ojansivu
3ccdc2e307 Made possible to start WeKan immediately without running any database migrations. 
Thanks to xet7 !
 2025-10-11 10:15:08 +03:00
Lauri Ojansivu
7769124401 Fix DOMPurify paths. Part 2. 
Thanks to xet7 !
 2025-10-11 00:58:00 +03:00
Lauri Ojansivu
90899f0928 Fix DOMPurify paths. 
Thanks to xet7 !
 2025-10-11 00:49:43 +03:00
Lauri Ojansivu
f6591d7820 Security Fix usd-2022-0041: CWE-284 Improper Access Control. 
Thanks to Christian Pöschl of usd AG and xet7 !
 2025-10-10 23:19:58 +03:00
Lauri Ojansivu
ee79cab7b2 Security Fix JVN#86586539: Stored XSS. 
Thanks to Ryoya Koyama of Mitsui Bussan Secure Directions, Inc and xet7.
 2025-10-10 23:14:06 +03:00
Lauri Ojansivu
e1fa607f87 Security Fix JVN#74210258: Stored XSS. 
Thanks to Ryoya Koyama of Mitsui Bussan Secure Directions, Inc and xet7 !
 2025-10-10 23:06:06 +03:00
Lauri Ojansivu
9720e703fd Security Fix JVN#14269684: Broken access control. 
Thanks to Ryoya Koyama of Mitsui Bussan Secure Directions, Inc and xet7 !
 2025-10-10 22:59:20 +03:00
Lauri Ojansivu
30c1597b65 Security Fix FG-VD-22-078: Prevent SVG Billion Laughs Attack. 
Thanks to Nguyen Thanh Nguyen of Fortinet's FortiGuard Labs and xet7 !
 2025-10-10 22:16:47 +03:00
Lauri Ojansivu
d0f118e7af Security Fix: Computational Resource Abuse in Export endpoints. 
Thanks to Anynymous Security Researcher and xet7 !
 2025-10-10 22:09:27 +03:00
Lauri Ojansivu
b87cff1289 Security Fix: IDOR CWE-639 that affected WeKan 7.80-7.93. 
Thanks to apitech.fr and xet7 !
 2025-10-10 21:59:04 +03:00
Lauri Ojansivu
719ef87efc Make possible for lists to have different names at different swimlanes. Make possible to drag list from one swimlane to another swimlane. 
Thanks to xet7 !
 2025-10-10 21:14:44 +03:00
Lauri Ojansivu
a8de2f224f Use attachments from old CollectionFS database structure, when not yet migrated to Meteor-Files/ostrio-files, without needing to migrate database structure. 
Thanks to xet7 !
 2025-10-10 19:07:04 +03:00
Lauri Ojansivu
3e9481c5bd Drag any files from file manager to minicard or opened card. 
Thanks to xet7 !

Fixes #2936
 2025-10-10 18:52:30 +03:00
Lauri Ojansivu
752699d1c2 Mobile one board per row. Board zoom size percent. Board toggle mobile/desktop mode. In Progress. 
Thanks to xet7 !

Related #5902
 2025-10-09 05:48:41 +03:00
seve12
a5651c686f fix 22.9 Unable to download large PDF files attached to card issue fixed 2025-09-23 13:40:14 +03:00
Lauri Ojansivu
ae0d059b6f Feature: Added brute force login protection settings to Admin Panel/People/Locked Users. 
Added filtering of Admin Panel/People/People: All Users/Locked Users Only/Active/Not Active.
Added visual indicators: red lock icon for locked users, green check for active users, and red X for inactive users.
Added "Unlock All" button to quickly unlock all brute force locked users.
Added ability to toggle user active status directly from the People page.
Moved lockout settings from environment variables to database so admins can configure the lockout thresholds directly in the UI.

Thanks to xet7.
 2025-08-05 00:31:43 +03:00
Yang, Bo
6d7c20f397 Add API endpoint to edit a list with various properties 2025-07-16 22:09:58 +00:00
Yang, Bo
0a969c59d3
Avoid calling ReactiveCache.getCard twice 2025-07-15 14:58:21 -07:00
Yang, Bo
fc77d0d201 Add REST API endpoint to retrieve a card by ID 2025-07-15 21:40:43 +00:00
Yang, Bo
6cc746df8b fix: correct return type in API documentation for custom fields 2025-07-09 15:43:20 +00:00
Yang, Bo
f399b5119f feat: enhance API documentation and add board-related endpoints 
Previously, boards.js contains a `?.` operator, which is not supported by esprima, therefore boards.js is skipped.

This PR fixes the API generation for borads.js by removing `?.`.

See https://github.com/jquery/esprima/issues/2112
 2025-06-23 20:01:38 +00:00
Omar Abid
2ab9bd3172 Add email notifications language localization feature 2025-05-13 19:45:08 +01:00
Lauri Ojansivu
908a5fc60d Comment out error message of non-existing Custom Field. 
Thanks to xet7 !

Related #5684
 2025-03-08 19:50:00 +02:00
Lauri Ojansivu
38e57d3635 Merge branch 'CopyCard_FixError' of github.com:Firas-Git/wekan into Firas-Git-CopyCard_FixError 2025-03-08 19:46:19 +02:00
Firas Saidi
14167b19b9 cards file 2025-03-08 18:02:03 +01:00
Lauri Ojansivu
563a508e26 Added missing ) character. 
Thanks to xet7 !
 2025-02-11 22:12:57 +02:00
salleman
874abf2c41
Update metrics.js 
Add possibility to use a token in place of ipaddress to access metrics route
 2025-02-11 12:06:23 +01:00
Lauri Ojansivu
0b1e0bd395 Fixed env variable METRICS_ACCEPTED_IP_ADDRESS to be same as at docs. 
Thanks to salleman33 !

Fixes #5671
 2025-01-29 13:38:40 +02:00
Nadav Tasher
99e579f47d Add week of year toggle state in user model 2025-01-01 21:12:04 +02:00
Lauri Ojansivu
b537f9b20a
Merge pull request #5643 from NadavTasher/feature/optional-vertical-scrollbars 
Allow vertical scrollbars to be disabled (new preference)
 2024-12-30 23:44:33 +02:00
Nadav Tasher
3e01231874 Allow vertical scrollbars to be disabled (user preferences, visible by default) 2024-12-30 23:22:54 +02:00
Nadav Tasher
189ebd4201 Enable keyboard shortcuts by default 2024-12-30 20:15:52 +02:00
Lauri Ojansivu
955a46ca60 Fixes keyboard shortcuts defaults, icons and texts to be more understandable. 
Thanks to xet7 !

Fixes https://github.com/wekan/wekan/pull/5628
 2024-12-25 04:59:15 +02:00
Nadav Tasher
658e43ab54 Add profile.keyboardShortcuts to User model 2024-12-25 00:22:37 +02:00
Nadav Tasher
17f4bbde20 Changed the default maximum list width 2024-12-10 21:23:12 +02:00
Lauri Ojansivu
a4ec20a7c8 Merge remote-tracking branch 'origin/feature-accessibility' 2024-12-08 17:07:39 +02:00
Nadav Tasher
9576f6807b Add missing functions to users model for auto-width 2024-12-07 18:59:30 +02:00
Nadav Tasher
efe50a65ee Add list constraint support in set-width popup 2024-12-07 18:59:01 +02:00
Nadav Tasher
fb34dd6114 Add auto-width board-header toggle 2024-12-07 18:57:34 +02:00
Nadav Tasher
0097674fc0 Added initial support for auto-width lists option 2024-12-05 21:46:35 +02:00
Lauri Ojansivu
729d8fb435 Accessibility statement. Part 1. In Progress. 
Thanks to xet7 !
 2024-12-02 14:17:58 +02:00
Martin Filser
0783b733b0 Checklist, hide all checklist items possible, regardless if the checklist item is finished or not 2024-11-15 21:00:06 +01:00
Martin Filser
bb17feaa17 Checklist, hide checked checklist items (configureable at each checklist) 2024-11-15 21:00:06 +01:00
Martin Filser
8448068d22 hide empty checklist if checklist items are hidden 
conditions are:
- the checklist must have at least 1 checklist item
- all checklist items have to be finished
- the option "hide checked checklist items" is set at card details
 2024-11-15 20:35:18 +01:00
Martin Filser
9fa36c3991 hide checklist-items per card now 
- performance relevant
- more granular setting
 2024-11-15 20:35:18 +01:00
Martin Filser
d949753d54 preparation hide checklist-items per card 2024-11-15 20:35:17 +01:00
Martin Filser
8a446de3e9 added comment section on card details to avoid loading the card comment activities from the server 
- and added to show only the activities a card

- to display the card comments a connection to the server was needed to get the activities of the card comments, now, it's not necessary
- also performance relevant. until now there were a lot of activities loaded, now only of the current card
 2024-11-15 19:55:07 +01:00