msb-public/wiki - wiki - 马士兵教育代码仓库

Commit Graph

Author	SHA1	Message	Date
Kolega.dev	d14b0a5509	fix: authenticate GraphQL subscription WebSocket connections (#7922 ) The onConnect handler for GraphQL subscriptions was empty, allowing any client to establish a WebSocket connection and subscribe to loggingLiveTrail without authentication. Added JWT verification in onConnect using the same RS256 credentials and permission checks (manage:system) used elsewhere. Co-authored-by: kolega.dev <faizan@kolega.ai>	1 week ago
Kolega.dev	7ae6635d16	fix: validate loginRedirect cookie to prevent open redirect (#7923 ) The loginRedirect cookie value was used directly in res.redirect() and window.location.replace() without validation, allowing redirection to arbitrary external URLs. Added validation to ensure the redirect target is a relative path before use. Co-authored-by: kolega.dev <faizan@kolega.ai>	1 week ago
mod242	6ae53bf1bd	feat: map OIDC/OAuth2 avatar claims to user pictureUrl (#7908 )	4 weeks ago
Felix Eckhofer	3dcf20ab6f	fix: diagram svg styling add `!important` qualifier for light scheme (#7905 ) This is required, because the <svg> element has an inline style with `color-scheme: light dark`, which has higher specificity than our css rule.	1 month ago
Felix Eckhofer	3ba58f754d	fix: apply theme style to embedded diagram svg (#7903 ) * fix: Apply theme style to embedded diagram (#7903) When diagrams are created with "adaptive colors" they automatically change to light-/darkmode depending on the browser preference. This leads to rendering problems when the settings in the browser differ from the wiki.js theme setting. Fixes #7677 * fix: Update color scheme for SVG in diagram class Refactor SVG color scheme handling in diagram class. * fix: remove duplicate svg first-child class Removed unnecessary direction property from first SVG in diagram. --------- Co-authored-by: Nicolas Giard <github@ngpixel.com>	1 month ago
NGPixel	85c304f583	fix: add cookie secure flag when site is using https (client-side)	1 month ago
NGPixel	1d0d87af6e	fix: add cookie secure flag when site is using https	1 month ago
NGPixel	7d4627ba0b	fix: rocketchat auth prototype pollution via userProfile function	1 month ago
NGPixel	857c1720b1	fix: css editor in page properties dialog not loading	1 month ago
NGPixel	19c26e58c9	fix: handle breadcrumb locale prefix correctly	1 month ago
Felix Eckhofer	b950e065e9	fix: stop dompurify from breaking draw.io diagrams (#7888 ) Newer versions of dompurify strip <foreignobject> tags if not explicitly allowed. See https://github.com/cure53/DOMPurify/issues/1040 Fixes #7744	2 months ago
NGPixel	028dcd5656	fix: use promisified pipeline from stream	2 months ago
Nicolas Giard	29c8671ab2	fix: breadcrumb path generation	2 months ago
NGPixel	af839795ae	chore: update dependencies	2 months ago
NGPixel	4eb9dabb63	refactor: update docker images to Node 24 and fix promisify calls	2 months ago
NGPixel	f68d1f60ca	fix: hide unfinished features	2 months ago
StofnerP	077ac97b2d	fix: add locale to home icon breadcrumb nav (#7825 )	2 months ago
Mia Moir	8b358fc264	fix: Update keycloak authentication definition hints (#7809 ) Update keycloak authentication definition to match endpoints recommended by keycloak at https://www.keycloak.org/securing-apps/oidc-layers	2 months ago
Wingqvist	326974cdd5	fix(profile): Prevent autofill on header search bar (#7688 ) This commit resolves the recurring issue where password managers incorrectly autofill the header search bar when viewing the user profile page. This is achieved by wrapping the password change fields in a <form> element, properly scoping them for browser autofill logic, and using modern, standard `autocomplete` attributes. This addresses the root cause of the issue, whereas previous attempts tried to mitigate the symptom in the search bar. Fixes #2324 Closes #3327	2 months ago
Karl Berggren	5c80184a1d	feat: add support for database connection via socketPath when using mysql2 driver (#7839 ) * Added support for database socketPath in configure file when using dbClient mysql2 (mysql or mariadb) * refactor: mysql dbConfig to conditionally set socketPath Updated database configuration to conditionally include socketPath from WIKI.config. * fix: socketPath assignment typo --------- Co-authored-by: Nicolas Giard <github@ngpixel.com>	2 months ago
ss033	a02e0131c1	fix: enhance logging for Google and GitHub OAuth2 authentication (#7848 ) Co-authored-by: Nicolas Giard <github@ngpixel.com>	2 months ago
scottnursten-22	407aacfa19	fix(search): always ensure pg_trgm extension availability for PostgreSQL search (#7845 ) * fix(search): ensure pg_trgm extension availability for PostgreSQL search - Move pg_trgm extension creation to initialization phase to ensure availability - Add error handling for similarity search queries that depend on pg_trgm - Add proper logging for debugging search-related issues Fixes issues where PostgreSQL search suggestions fail due to missing or improperly initialized pg_trgm extension, particularly in containerized environments where extension creation timing matters. * fix: Simplify error handling in search suggestion logic Refactor error handling for search suggestions to simplify code. --------- Co-authored-by: Nicolas Giard <github@ngpixel.com>	3 months ago
Benoît des Ligneris	54d21ae538	fix: add tor1 region to DigitalOcean spaces list (#7832 )	4 months ago
Nicolas Giard	dd48f28827	docs: update README	5 months ago
dhulripos	b49c00226c	fix: Add missing status code on unauthorized access (#7785 ) * fix status code on unauthorized * Remove unnecessary line breaks	5 months ago
Lyz	9f481221ab	ci(helm): add custom environment variables to the deployment (#7784 ) Co-authored-by: jmp <jmp@icij.org>	5 months ago
Craig Reyenga	cd77f36120	fix: requests without user-agent causing error 500 (#7749 )	6 months ago
Nicolas Giard	1b6c67ee77	fix: force wrap for code blocks in print view	6 months ago
Ole Christian Tvedt	c093423307	feat: set groups based on Azure groups (#7736 ) Co-authored-by: Ole Christian Tvedt <ole.christian.tvedt@defa.com>	6 months ago
Nicolas Giard	86abfea7f6	fix: update dompurify dependency + add cross-env	6 months ago
Nicolas Giard	07855ab329	docs: Update README.md	7 months ago
Nicolas Giard	d96bbaf42c	docs: Update SECURITY.md	9 months ago
Nadia Santalla	41d3ba4312	chore(helm): render external database URL if it is set (#7036 )	11 months ago
Nicolas Giard	9bf9c8af47	ci: Update build.yml	11 months ago
Nicolas Giard	7053819f35	docs: Update README.md	11 months ago
Nicolas Giard	a393f5f9bc	docs: Update README.md	11 months ago
Nicolas Giard	78c41e36e1	fix: use xml-crypto 2.1.6 for passport-saml	11 months ago
Nicolas Giard	85243e5284	docs: Update SECURITY.md	1 year ago
Nicolas Giard	403e98dced	feat: add git always namespace option	1 year ago
Vasily Fedoseyev	abc8dce9cc	fix: Allow HA_ACTIVE: True to enable HA mode (#7493 ) --------- Co-authored-by: Nicolas Giard <github@ngpixel.com>	1 year ago
maarous	94d253bf59	chore(helm): add support for securityContext and resources in sideload container (#7350 ) --------- Co-authored-by: Mohamed Amine Arous <“maarous-prestataire@ina.fr”> Co-authored-by: Nicolas Giard <github@ngpixel.com>	1 year ago
Nicolas Giard	c7c20579fd	docs: Update README.md	1 year ago
Nicolas Giard	583ea44a72	docs: Update README	1 year ago
Nicolas Giard	ab5c620d50	chore: update yarn lock	1 year ago
Jacob Beneski	7757de3af7	feat: add elasticsearch 8.x support (#6904 )	1 year ago
Nicolas Giard	ad37325773	docs: Update README.md	1 year ago
Nicolas Giard	55a63a3c5a	ci: fix docker manifest typo	1 year ago
Nicolas Giard	34de47cc10	ci: remove armv7 build target	1 year ago
Nicolas Giard	18ebf83f88	ci: update base docker image	1 year ago
Nicolas Giard	ef5ab0ecb8	ci: disable mssql test	1 year ago

1 2 3 4 5 ...

2189 Commits (main) All Branches Search

2189 Commits (main)

All Branches