Prepare wallabag 2.6.3

This commit is contained in:
Nicolas Lœuillet 2023-08-21 10:51:17 +02:00
parent ffcc5c9062
commit ca879c36de
6 changed files with 47 additions and 14 deletions

View file

@ -1,5 +1,39 @@
# Changelog
## [2.6.3](https://github.com/wallabag/wallabag/tree/2.6.3)
[Full Changelog](https://github.com/wallabag/wallabag/compare/2.6.2...2.6.3)
### Security fixes
* Replace GET way to POST way to reset data user by @nicosomb https://github.com/wallabag/wallabag/commit/78b0b55c40511e1f22d5bbb4897aa10fca68441c
* Replace GET way to POST way to delete API client by @nicosomb https://github.com/wallabag/wallabag/commit/ffcc5c9062fcc8cd922d7d6d65edbe5efae96806
### Improvement
* Add confirmation before reload entry by @nicosomb https://github.com/wallabag/wallabag/pull/6778
* Remove external dependencies on howto page by @viktoriussuwandi https://github.com/wallabag/wallabag/pull/6775
### Fixes
* Use Session instead of Referrer for Redirection by @Spoons https://github.com/wallabag/wallabag/pull/6119
* Reduce risk of collision for #content by @kdecherf https://github.com/wallabag/wallabag/pull/6829
* Update dependencies to fix vulnerabilities by @nicosomb https://github.com/wallabag/wallabag/pull/6783
* Fix failing randomly test by @nicosomb https://github.com/wallabag/wallabag/pull/6763
### Technical stuff
* Add check if git is installed by @nicosomb https://github.com/wallabag/wallabag/pull/6788
* Replace kernel.root_dir by kernel.project_dir by @yguedidi https://github.com/wallabag/wallabag/pull/6809
* Split symfony/symfony by @yguedidi https://github.com/wallabag/wallabag/pull/6817
* Make Crawler::extract get an array by @yguedidi https://github.com/wallabag/wallabag/pull/6812
* Use PSR-17 and PSR-18 by @yguedidi https://github.com/wallabag/wallabag/pull/6816
* Replace Client by KernelBrowser by @yguedidi https://github.com/wallabag/wallabag/pull/6813
* Replace Debug component by ErrorHandler component by @yguedidi https://github.com/wallabag/wallabag/pull/6810
* Make ImportController extends AbstractController by @yguedidi https://github.com/wallabag/wallabag/pull/6808
* Use Twig instead of templating by @yguedidi https://github.com/wallabag/wallabag/pull/6797
* Identify platforms by their class by @yguedidi https://github.com/wallabag/wallabag/pull/6799
* Move from transchoice to trans by @yguedidi https://github.com/wallabag/wallabag/pull/6800
* Replace GetResponseEvent by RequestEvent by @yguedidi https://github.com/wallabag/wallabag/pull/6811
* Ensure the kernel is shut down before calling createClient by @yguedidi https://github.com/wallabag/wallabag/pull/6803
* Ignore docker-compose.override.yml by @yguedidi https://github.com/wallabag/wallabag/pull/6814
* Add composer normalizer by @nicosomb https://github.com/wallabag/wallabag/pull/6762
## [2.6.2](https://github.com/wallabag/wallabag/tree/2.6.2)
[Full Changelog](https://github.com/wallabag/wallabag/compare/2.6.1...2.6.2)

View file

@ -1,5 +1,5 @@
wallabag_core:
version: 2.6.2
version: 2.6.3
paypal_url: "https://liberapay.com/wallabag/donate"
languages:
en: 'English'

14
composer.lock generated
View file

@ -4582,16 +4582,16 @@
},
{
"name": "j0k3r/graby-site-config",
"version": "1.0.171",
"version": "1.0.173",
"source": {
"type": "git",
"url": "https://github.com/j0k3r/graby-site-config.git",
"reference": "1551b7a2a446d60b59866671d7125059a8753ecb"
"reference": "e54353732d257639039d358972e8947b5d7f05d2"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/j0k3r/graby-site-config/zipball/1551b7a2a446d60b59866671d7125059a8753ecb",
"reference": "1551b7a2a446d60b59866671d7125059a8753ecb",
"url": "https://api.github.com/repos/j0k3r/graby-site-config/zipball/e54353732d257639039d358972e8947b5d7f05d2",
"reference": "e54353732d257639039d358972e8947b5d7f05d2",
"shasum": ""
},
"require": {
@ -4620,9 +4620,9 @@
"description": "Graby site config files",
"support": {
"issues": "https://github.com/j0k3r/graby-site-config/issues",
"source": "https://github.com/j0k3r/graby-site-config/tree/1.0.171"
"source": "https://github.com/j0k3r/graby-site-config/tree/1.0.173"
},
"time": "2023-07-24T08:25:40+00:00"
"time": "2023-08-21T09:46:59+00:00"
},
{
"name": "j0k3r/httplug-ssrf-plugin",
@ -17391,5 +17391,5 @@
"platform-overrides": {
"php": "7.4.29"
},
"plugin-api-version": "2.3.0"
"plugin-api-version": "2.2.0"
}

View file

@ -75,7 +75,6 @@ class DeveloperController extends AbstractController
*/
public function deleteClientAction(Request $request, Client $client, EntityManagerInterface $entityManager, TranslatorInterface $translator)
{
if (!$this->isCsrfTokenValid('delete-client', $request->request->get('token'))) {
throw $this->createAccessDeniedException('Bad CSRF token.');
}

View file

@ -553,28 +553,28 @@
<h5>{{ 'config.reset.title'|trans }}</h5>
<p>{{ 'config.reset.description'|trans }}</p>
<p>
<form action="{{ path('config_reset', { type: 'annotations' }) }}" method="post" onsubmit="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" name="reset-annotations">
<form action="{{ path('config_reset', {type: 'annotations'}) }}" method="post" onsubmit="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" name="reset-annotations">
<input type="hidden" name="token" value="{{ csrf_token('reset-area') }}" />
<button class="waves-effect waves-light btn red" type="submit">{{ 'config.reset.annotations'|trans }}</button>
</form>
</p>
<p>
<form action="{{ path('config_reset', { type: 'tags' }) }}" method="post" onsubmit="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" name="reset-tags">
<form action="{{ path('config_reset', {type: 'tags'}) }}" method="post" onsubmit="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" name="reset-tags">
<input type="hidden" name="token" value="{{ csrf_token('reset-area') }}" />
<button class="waves-effect waves-light btn red" type="submit">{{ 'config.reset.tags'|trans }}</button>
</form>
</p>
<p>
<form action="{{ path('config_reset', { type: 'archived' }) }}" method="post" onsubmit="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" name="reset-archived">
<form action="{{ path('config_reset', {type: 'archived'}) }}" method="post" onsubmit="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" name="reset-archived">
<input type="hidden" name="token" value="{{ csrf_token('reset-area') }}" />
<button class="waves-effect waves-light btn red" type="submit">{{ 'config.reset.archived'|trans }}</button>
</form>
</p>
<p>
<form action="{{ path('config_reset', { type: 'entries' }) }}" method="post" onsubmit="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" name="reset-entries">
<form action="{{ path('config_reset', {type: 'entries'}) }}" method="post" onsubmit="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" name="reset-entries">
<input type="hidden" name="token" value="{{ csrf_token('reset-area') }}" />
<button class="waves-effect waves-light btn red" type="submit">{{ 'config.reset.entries'|trans }}</button>

View file

@ -57,7 +57,7 @@
<p>{{ 'developer.remove.warn_message_1'|trans({'%name%': client.name}) }}</p>
<p>{{ 'developer.remove.warn_message_2'|trans({'%name%': client.name}) }}</p>
<form action="{{ path('developer_delete_client', { id: client.id }) }}" method="post" name="delete-client">
<form action="{{ path('developer_delete_client', {id: client.id}) }}" method="post" name="delete-client">
<input type="hidden" name="token" value="{{ csrf_token('delete-client') }}" />
<button class="waves-effect waves-light btn red" type="submit">{{ 'developer.remove.action'|trans({'%name%': client.name}) }}</button>