Nicolas Giard
9e08718ee9
Merge pull request from GHSA-9jgg-4xj2-vjjj
5 years ago
Regev Brody
4ffd1325bd
fix: sidebar is empty when the jwt token is expired ( #2037 )
5 years ago
Regev Brody
037822b994
fix: secure html module removes target attribute from links ( #2012 )
5 years ago
NGPixel
ca0708ea75
feat: extra options for generic S3 module
5 years ago
NGPixel
e45145986a
feat: generic S3 module
5 years ago
Regev Brody
a508a27475
fix: validate permissions when listing assets ( #1928 )
...
* fix: assets permission issues #1926
5 years ago
NGPixel
65f71d8e3b
fix: strip starting slash from path during page create
5 years ago
NGPixel
deacd80c45
fix: dashboard invalid version on load
5 years ago
NGPixel
c2a0773633
fix: site config host slice
5 years ago
NGPixel
2013ee4fa2
fix: failed auth strategy prevent local auth from initializing
5 years ago
NGPixel
3891816758
fix: setup assets location + mysql migration 2.4.13
5 years ago
NGPixel
7a946ec0f5
feat: edit comment
5 years ago
NGPixel
e74605501f
feat: comments post min delay
5 years ago
NGPixel
8a74904731
feat: comments delete + refresh on post + formatting
5 years ago
NGPixel
83f7c2867d
fix: admin security UI
5 years ago
NGPixel
1f9e5b3fd0
feat: delete user with replace target
5 years ago
daneallen
20e6bc1a70
fix: Open Redirect Vulnerability Mitigation - CWE 601 ( #1963 )
...
* Open redirect vulnerabilty mitigation
* Refacted Open Redirect to user configurable and corrected incorrect security variable names.
Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
5 years ago
NGPixel
1222355046
feat: comments - default provider create (wip) + permissions
5 years ago
NGPixel
8205faca53
feat: use asar for twemoji assets
5 years ago
NGPixel
a0618ee4f6
feat: comments UI improvements
5 years ago
Regev Brody
8a1b5b1383
fix: S3 Export all trigger ( #1922 )
5 years ago
NGPixel
6b561623ee
fix: incorrect migration name 2.4.14
5 years ago
NGPixel
df246af3bb
fix: remove makefile + update nvmrc version
5 years ago
NGPixel
e1382771cf
feat: extensions check + resolver
5 years ago
NGPixel
fb6c01c538
fix: legacy page view
5 years ago
NGPixel
887e8a0f5a
feat: comments disqus + commento
5 years ago
NGPixel
f6bad765a2
feat: assets move + comments migration + admin users UI
5 years ago
NGPixel
1def5289af
feat: admin comments page
5 years ago
Robert Lanyi
a581d9837a
feat: add Kroki renderer ( #1900 )
...
* feat: Kroki integration
see https://kroki.io/
* fix: markdown-kroki def updates
Co-authored-by: Nicolas Giard <github@ngpixel.com>
5 years ago
Simon Lichtinghagen
764d98fa1d
fix: use fullname from keycloak profile info with username as fallback ( #1888 )
5 years ago
kaziu687
66e725f426
fix: elasticsearch partial match ( #1882 )
...
Improved full text search in elastic provider
5 years ago
NGPixel
1a33a43a0d
fix: use semver for latest version check
5 years ago
NGPixel
7508d92f92
feat: redirect editor UI (wip)
5 years ago
NGPixel
134f057bb8
feat: uploads config + security admin page
5 years ago
NGPixel
53da387082
feat: plantuml in markdown preview
5 years ago
NGPixel
cc9f022051
fix: nav external blank option
5 years ago
NGPixel
98bf0d9ccb
fix: escape mustache template chars in content
5 years ago
NGPixel
2ff0e42c1d
fix: add verifySSL option to mail settings
5 years ago
NGPixel
6a4b25bc28
fix: plantuml deflate raw
5 years ago
daneallen
4aa7828a92
fix: add rel option to external links in content ( #1853 )
...
* #1853 : XSS attack fix by adding rel noferrer or rel noopen to _blank target external links
* fix: relAttributeExternalLink noopener
Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
5 years ago
NGPixel
d2b99a2032
feat: timezone + dateFOrmat + appearance profile settings
5 years ago
NGPixel
c81ba5a503
fix: markdown footnotes id incorrectly stripped
5 years ago
NGPixel
281172a9f4
feat: mathjax markdown module
5 years ago
NGPixel
954262f517
fix: tabs renderer remove switchTab handler
5 years ago
NGPixel
5d43f6ada1
feat: content tabs
5 years ago
NGPixel
bbe64ef6b6
feat: static navigation menu option
5 years ago
NGPixel
b2931471c0
fix: remove ssh port param for git module
5 years ago
NGPixel
89debd57f7
fix: path chars check typo
5 years ago
NGPixel
7306fabdba
fix: auto-trim trailing slash from paths + illegal chars check during move
5 years ago
NGPixel
566043ec43
fix: perform git move manually to prevent bad source
5 years ago
NGPixel
bade9430f2
fix: storage internalSchedule typo
5 years ago
NGPixel
d1dd1f195b
fix: ldap allow disable cert check + icon
5 years ago
NGPixel
ec2d10c7f2
fix: trim and auto-remove trailing slash for Site URL in Admin General
5 years ago
NGPixel
7c59bfed08
fix: browse tree ancestors not converted in mariadb
5 years ago
GaliTW
ac11cd2cdd
fix: move page with wrong object key ( #1757 )
5 years ago
NGPixel
4308152a08
fix: uriencode git user/pass for http remote
5 years ago
NGPixel
dae64f00a0
fix: brute-knex refactor
5 years ago
NGPixel
2213ba2c81
fix: git custom ssh port not handled
5 years ago
NGPixel
02816b68d0
fix: db inline CA cert reconstruct
5 years ago
NGPixel
81732da709
fix: db inline CA cert mode
5 years ago
NGPixel
d651412d34
fix: pg db connection problem
5 years ago
NGPixel
cf81ad910d
fix: HA reload group guest expiration
5 years ago
NGPixel
405187b8e0
fix: HA event publish
5 years ago
NGPixel
bd4263ecb2
feat: HA event handling + emitting
5 years ago
NGPixel
6a00a5dbce
fix: git ssh port incorrect default value
5 years ago
NGPixel
7cd5721ca1
feat: handle event propagation via DB (HA)
5 years ago
NGPixel
8aba5305d8
feat: sidebar item permissions + admin nav edit
5 years ago
NGPixel
9a93ac28f2
feat: admin dashboard last logins
5 years ago
NGPixel
514d31a46d
feat: hide sidebar option
5 years ago
NGPixel
a33691d642
fix: bypass users model when updating lastLoginAt
5 years ago
NGPixel
1c80faa94d
feat: browse nav + pageTree ancestors
5 years ago
NGPixel
3ca72ccc1e
feat: new nav UI (wip)
5 years ago
NGPixel
53ceea74f1
fix: skip telemetry if devmode
5 years ago
NGPixel
17f833509f
fix: html sanitizer - whitelist start prop for ol tag
5 years ago
NGPixel
2ff3abe0d8
fix: html sanitizer - whitelist i tag
5 years ago
NGPixel
71be4660bf
fix: use new telemetry endpoint
5 years ago
NGPixel
76ade8df53
feat: link autocomplete + insert link modal (markdown)
5 years ago
NGPixel
245104c6ae
fix: mssql + older mariadb migration 2.2.17 failure
5 years ago
NGPixel
77548c8778
fix: tags input normalization
5 years ago
NGPixel
d959ef7e5c
feat: profile - pages
5 years ago
NGPixel
80ee45ae4f
feat: admin edit user - activity panel
5 years ago
NGPixel
1e4d513252
feat: user profile page - save info + change pwd
5 years ago
NGPixel
c7f3c9d908
feat: user profile fetch info + groups
5 years ago
NGPixel
5229390d87
fix: plantuml default markers
5 years ago
NGPixel
5f382f21cf
fix: enable mermaid by default
5 years ago
NGPixel
1d16a3fc71
feat: mermaid support for markdown
5 years ago
NGPixel
44a0f69a78
feat: katex chemical equations support
5 years ago
NGPixel
3613c73008
fix: mysql 2.2.50 failed migration
5 years ago
NGPixel
f5fa2ad468
fix: sqlite pageHistory migration update query
5 years ago
NGPixel
58b08e54b4
fix: missing footnote module in markdown editor preview
5 years ago
NGPixel
4b0e3d1c43
feat: save conflict resolution
5 years ago
NGPixel
bacbe4f543
fix: whitelist task list checkboxes
5 years ago
NGPixel
b529ad21c9
fix: code blocks incorrect escaping + deps update
5 years ago
NGPixel
2810f7b5af
feat: use local assets for twemoji
5 years ago
NGPixel
fcd37afdb0
fix: drop userKeys on user delete
5 years ago
Lucas
a5297f8c6e
feat: option to restrict Discord auth to a specific server ( #1548 )
...
* Optionally restrict discord authentication to members of a specific server
* fix: discord auth module code linting
Co-authored-by: Lucas Neves <lneves@modusgames.com>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
5 years ago
gh0stalker
a6dd93746e
fix: resolve Twitch OAuth API ( #1561 )
5 years ago
gh0stalker
741208911b
fix: postgres 2.2.17 migration missing quotes ( #1562 )
5 years ago
Lukas Frischknecht
ee0eb55522
fix: update docker configuration file location ( #1570 )
5 years ago
NGPixel
830f51664c
feat: katex in markdown preview + xss fix for svg
5 years ago