mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2025-01-06 23:15:25 +00:00
Code Issues Projects Releases Wiki Activity
7268 commits 13 branches 100 tags 176 MiB
Commit graph

7268 commits

This branch
This branch
All branches
Author SHA1 Message Date
Kevin Decherf
3ed7f2b751 AnnotationController: fix improper authorization vulnerability 
This PR is based on 2.5.x branch.

We fix the improper authorization by retrieving the annotation using id
and user id.

We also replace the ParamConverter used to get the requested Annotation
on put and delete actions with an explicit call to AnnotationRepository
in order to prevent a resource enumeration through response discrepancy.

Fixes GHSA-mrqx-mjc4-vfh3

Co-authored-by: Jeremy Benoist <jeremy.benoist@gmail.com>
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-27 23:34:14 +01:00
Jérémy Benoist
9e9aedee94
Merge pull request #6241 from wallabag/fix/2.5/update-deps 
Update deps before 2.5.3
 2023-01-16 10:26:47 +01:00
Jeremy Benoist
ea189503de
Fix tests 2023-01-16 10:21:37 +01:00
Jeremy Benoist
b50197664e
Update deps before 2.5.3 
At least, site config will be up to date.
 2023-01-16 10:07:06 +01:00
Jérémy Benoist
63b7b1c18f
Merge pull request #6026 from wallabag/release/2.5.2 2022-10-21 06:43:56 +02:00
Jeremy Benoist
7b2107d3bb
Prepare 2.5.2 2022-10-20 16:00:16 +02:00
Jérémy Benoist
14801e36d0
Merge pull request #6025 from weblate/weblate-wallabag-messages 2022-10-20 05:55:23 +02:00
SAKATA, Yusuke
08ce432cea
Translated using Weblate (Japanese) 
Currently translated at 97.7% (565 of 578 strings)
 2022-10-20 02:07:40 +02:00
SAKATA, Yusuke
809e41fe6b
Translated using Weblate (Japanese) 
Currently translated at 100.0% (40 of 40 strings)
 2022-10-20 02:07:39 +02:00
Jérémy Benoist
ce79140426
Merge pull request #5992 from wallabag/feature/download-svg-locally 
Add support to download SVG locally
 2022-10-18 11:38:31 +02:00
Jeremy Benoist
dc28d7ea0f
Add support to download SVG locally 2022-10-18 11:14:45 +02:00
Jérémy Benoist
3340262707
Merge pull request #6019 from yotamN/feature/domain-name-filter 
Add `domain_name` to entries api endpoint
 2022-10-17 21:54:05 +02:00
Jeremy Benoist
d4b0b62bb5
Fix unrelated failing test 
LExpansion is down ATM.
Use a website which isn't down randomly.
 2022-10-17 21:49:03 +02:00
Jeremy Benoist
7b150dcd26
Add tests 2022-10-17 21:37:08 +02:00
github-actions[bot]
24ae1dbc95
Merge pull request #6023 from wallabag/dependabot/npm_and_yarn/postcss-8.4.18 
Bump postcss from 8.4.17 to 8.4.18
 2022-10-17 02:23:45 +00:00
dependabot[bot]
3ddfe3315a
Bump postcss from 8.4.17 to 8.4.18 
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.17 to 8.4.18.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.17...8.4.18)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-17 02:19:36 +00:00
github-actions[bot]
4d318ff559
Merge pull request #6022 from wallabag/dependabot/npm_and_yarn/stylelint-14.14.0 
Bump stylelint from 14.13.0 to 14.14.0
 2022-10-17 02:14:54 +00:00
github-actions[bot]
ee715e8b81
Merge pull request #6021 from wallabag/dependabot/npm_and_yarn/babel/preset-env-7.19.4 
Bump @babel/preset-env from 7.19.3 to 7.19.4
 2022-10-17 02:10:08 +00:00
dependabot[bot]
1d9137a343
Bump stylelint from 14.13.0 to 14.14.0 
Bumps [stylelint](https://github.com/stylelint/stylelint) from 14.13.0 to 14.14.0.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/14.13.0...14.14.0)

---
updated-dependencies:
- dependency-name: stylelint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-17 02:06:24 +00:00
dependabot[bot]
7f31603203
Bump @babel/preset-env from 7.19.3 to 7.19.4 
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.19.3 to 7.19.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.19.4/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-17 02:05:59 +00:00
Yotam Nachum
f994ab8b5d Add domain_name to entries api endpoint 2022-10-16 18:36:41 +03:00
Jérémy Benoist
e67e557721
Merge pull request #6016 from weblate/weblate-wallabag-messages 2022-10-13 07:13:46 +02:00
Andrea Brandi
6f750a3b66
Translated using Weblate (Italian) 
Currently translated at 82.3% (476 of 578 strings)
 2022-10-13 00:29:42 +02:00
Jérémy Benoist
3589aafbff
Merge pull request #6015 from weblate/weblate-wallabag-messages 
Translations update from Hosted Weblate
 2022-10-12 09:05:31 +02:00
Andrea Brandi
6569d15297
Translated using Weblate (Italian) 
Currently translated at 82.5% (33 of 40 strings)
 2022-10-11 23:29:17 +02:00
Jérémy Benoist
a4ea04c9db
Merge pull request #6013 from wallabag/fix/random-failing-test 
Fix random failing tests
 2022-10-10 09:43:19 +02:00
Jeremy Benoist
53574f05d5
Fix random failing tests 
Looks like `20minutos.es` sometimes does not return the expected language.
Switching to `elpais.com` fix the problem.
 2022-10-10 09:15:26 +02:00
github-actions[bot]
cb8f50307c
Merge pull request #6011 from wallabag/dependabot/npm_and_yarn/eslint-8.25.0 
Bump eslint from 8.24.0 to 8.25.0
 2022-10-10 07:09:50 +00:00
Jérémy Benoist
4f16640d90
Merge pull request #6012 from wallabag/dependabot/github_actions/dependabot/fetch-metadata-1.3.4 
Bump dependabot/fetch-metadata from 1.3.1 to 1.3.4
 2022-10-10 09:06:24 +02:00
dependabot[bot]
a34750b5ee
Bump dependabot/fetch-metadata from 1.3.1 to 1.3.4 
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 1.3.1 to 1.3.4.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases)
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.3.1...v1.3.4)

---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-10 02:16:51 +00:00
github-actions[bot]
3b1e4e027b
Merge pull request #6010 from wallabag/dependabot/npm_and_yarn/sass-loader-13.1.0 
Bump sass-loader from 13.0.2 to 13.1.0
 2022-10-10 02:10:31 +00:00
dependabot[bot]
1dc6e88cd2
Bump eslint from 8.24.0 to 8.25.0 
Bumps [eslint](https://github.com/eslint/eslint) from 8.24.0 to 8.25.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.24.0...v8.25.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-10 02:06:09 +00:00
dependabot[bot]
4c79004d84
Bump sass-loader from 13.0.2 to 13.1.0 
Bumps [sass-loader](https://github.com/webpack-contrib/sass-loader) from 13.0.2 to 13.1.0.
- [Release notes](https://github.com/webpack-contrib/sass-loader/releases)
- [Changelog](https://github.com/webpack-contrib/sass-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/sass-loader/compare/v13.0.2...v13.1.0)

---
updated-dependencies:
- dependency-name: sass-loader
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-10 02:05:50 +00:00
Jérémy Benoist
639bba031f
Merge pull request #6004 from nexxai/master 2022-10-04 08:12:26 +02:00
JT Smith
6da76ffaae Typofixes 2022-10-03 18:31:43 -06:00
Jérémy Benoist
ed777871c0
Merge pull request #6003 from wallabag/fix/auto-merge-js-deps 
Allow auto merging of Dependabot JS minor or patch
 2022-10-03 09:55:11 +02:00
Jeremy Benoist
f2f542d093
Allow auto merging of Dependabot JS minor or patch 
Reducing the time consuming of merging deps which shouldn't break the project
 2022-10-03 09:39:31 +02:00
Jérémy Benoist
a5dd42958f
Merge pull request #5998 from wallabag/dependabot/npm_and_yarn/postcss-8.4.17 2022-10-03 06:55:40 +02:00
Jérémy Benoist
46dec2de03
Merge pull request #5999 from wallabag/dependabot/npm_and_yarn/stylelint-14.13.0 2022-10-03 06:20:34 +02:00
Jérémy Benoist
a272abf9cd
Merge pull request #6000 from wallabag/dependabot/npm_and_yarn/babel/core-7.19.3 2022-10-03 06:20:17 +02:00
Jérémy Benoist
6e2b9dc9e0
Merge pull request #6001 from wallabag/dependabot/npm_and_yarn/babel/preset-env-7.19.3 2022-10-03 06:19:59 +02:00
dependabot[bot]
7ca3b15359
Bump @babel/preset-env from 7.19.1 to 7.19.3 
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.19.1 to 7.19.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.19.3/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-03 02:14:57 +00:00
dependabot[bot]
0c80ff1054
Bump @babel/core from 7.19.1 to 7.19.3 
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.19.1 to 7.19.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.19.3/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-03 02:14:39 +00:00
dependabot[bot]
b30914b847
Bump stylelint from 14.12.1 to 14.13.0 
Bumps [stylelint](https://github.com/stylelint/stylelint) from 14.12.1 to 14.13.0.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/14.12.1...14.13.0)

---
updated-dependencies:
- dependency-name: stylelint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-03 02:14:00 +00:00
dependabot[bot]
ad93db45ef
Bump postcss from 8.4.16 to 8.4.17 
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.16 to 8.4.17.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.16...8.4.17)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-03 02:13:38 +00:00
Jérémy Benoist
4ce1b50aeb
Merge pull request #5989 from wallabag/dependabot/npm_and_yarn/autoprefixer-10.4.12 
Bump autoprefixer from 10.4.11 to 10.4.12
 2022-09-26 10:47:43 +02:00
Jeremy Benoist
6c84f6c04e
Rebuild assets 2022-09-26 10:38:18 +02:00
Jérémy Benoist
9c5feb64f3
Merge pull request #5985 from wallabag/dependabot/npm_and_yarn/stylelint-14.12.1 
Bump stylelint from 14.12.0 to 14.12.1
 2022-09-26 09:21:02 +02:00
dependabot[bot]
d7829ff5fd
Bump stylelint from 14.12.0 to 14.12.1 
Bumps [stylelint](https://github.com/stylelint/stylelint) from 14.12.0 to 14.12.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/14.12.0...14.12.1)

---
updated-dependencies:
- dependency-name: stylelint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-26 05:01:09 +00:00
dependabot[bot]
36c9a5ec45
Bump autoprefixer from 10.4.11 to 10.4.12 
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.11 to 10.4.12.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/10.4.11...10.4.12)

---
updated-dependencies:
- dependency-name: autoprefixer
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-26 05:00:57 +00:00