dependabot[bot]
aa4a371733
Bump stylelint-webpack-plugin from 4.0.0 to 4.1.0
...
Bumps [stylelint-webpack-plugin](https://github.com/webpack-contrib/stylelint-webpack-plugin ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/webpack-contrib/stylelint-webpack-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/stylelint-webpack-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/stylelint-webpack-plugin/compare/v4.0.0...v4.1.0 )
---
updated-dependencies:
- dependency-name: stylelint-webpack-plugin
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-20 03:57:00 +00:00
Nicolas Lœuillet
c0cb7ef430
Merge pull request #6305 from wallabag/dependabot/composer/phpstan/phpstan-phpunit-1.3.4
...
Bump phpstan/phpstan-phpunit from 1.3.3 to 1.3.4
2023-02-10 09:14:55 +01:00
dependabot[bot]
0fa808de7d
Bump phpstan/phpstan-phpunit from 1.3.3 to 1.3.4
...
Bumps [phpstan/phpstan-phpunit](https://github.com/phpstan/phpstan-phpunit ) from 1.3.3 to 1.3.4.
- [Release notes](https://github.com/phpstan/phpstan-phpunit/releases )
- [Commits](https://github.com/phpstan/phpstan-phpunit/compare/1.3.3...1.3.4 )
---
updated-dependencies:
- dependency-name: phpstan/phpstan-phpunit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-10 03:59:38 +00:00
Jérémy Benoist
f972d212a4
Merge pull request #6296 from wallabag/dependabot/composer/phpstan/phpstan-1.9.17
2023-02-09 07:29:44 +01:00
Jérémy Benoist
cb48fa46be
Merge pull request #6298 from wallabag/dependabot/composer/twig/string-extra-3.5.1
2023-02-09 05:43:31 +01:00
Jérémy Benoist
bd3d53b075
Merge pull request #6299 from wallabag/dependabot/composer/twig/extra-bundle-3.5.1
2023-02-09 05:43:01 +01:00
dependabot[bot]
1d76b77d5c
Bump twig/extra-bundle from 3.5.0 to 3.5.1
...
Bumps [twig/extra-bundle](https://github.com/twigphp/twig-extra-bundle ) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/twigphp/twig-extra-bundle/releases )
- [Commits](https://github.com/twigphp/twig-extra-bundle/compare/v3.5.0...v3.5.1 )
---
updated-dependencies:
- dependency-name: twig/extra-bundle
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-09 03:14:43 +00:00
dependabot[bot]
33ac507799
Bump twig/string-extra from 3.5.0 to 3.5.1
...
Bumps [twig/string-extra](https://github.com/twigphp/string-extra ) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/twigphp/string-extra/releases )
- [Commits](https://github.com/twigphp/string-extra/compare/v3.5.0...v3.5.1 )
---
updated-dependencies:
- dependency-name: twig/string-extra
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-09 03:14:02 +00:00
dependabot[bot]
3a3e6f5534
Bump phpstan/phpstan from 1.9.16 to 1.9.17
...
Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan ) from 1.9.16 to 1.9.17.
- [Release notes](https://github.com/phpstan/phpstan/releases )
- [Changelog](https://github.com/phpstan/phpstan/blob/1.10.x/CHANGELOG.md )
- [Commits](https://github.com/phpstan/phpstan/compare/1.9.16...1.9.17 )
---
updated-dependencies:
- dependency-name: phpstan/phpstan
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-09 03:12:57 +00:00
Jérémy Benoist
2ceec933d0
Merge pull request #6293 from wallabag/dependabot/composer/doctrine/dbal-3.6.0
2023-02-08 06:56:26 +01:00
Jérémy Benoist
11252e74da
Merge pull request #6294 from wallabag/dependabot/composer/phpstan/phpstan-1.9.16
2023-02-08 06:55:47 +01:00
dependabot[bot]
83563795a7
Bump phpstan/phpstan from 1.9.14 to 1.9.16
...
Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan ) from 1.9.14 to 1.9.16.
- [Release notes](https://github.com/phpstan/phpstan/releases )
- [Changelog](https://github.com/phpstan/phpstan/blob/1.10.x/CHANGELOG.md )
- [Commits](https://github.com/phpstan/phpstan/compare/1.9.14...1.9.16 )
---
updated-dependencies:
- dependency-name: phpstan/phpstan
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-08 03:03:41 +00:00
dependabot[bot]
4a891f8a1d
Bump doctrine/dbal from 3.5.3 to 3.6.0
...
Bumps [doctrine/dbal](https://github.com/doctrine/dbal ) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/doctrine/dbal/releases )
- [Commits](https://github.com/doctrine/dbal/compare/3.5.3...3.6.0 )
---
updated-dependencies:
- dependency-name: doctrine/dbal
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-08 03:02:04 +00:00
Jérémy Benoist
055d304bc9
Merge pull request #6291 from wallabag/release/2.5.4
...
Prepare 2.5.4
2023-02-07 22:20:00 +01:00
Jeremy Benoist
812d6ac376
Prepare 2.5.4
2023-02-07 22:03:20 +01:00
Jérémy Benoist
268372dbbd
Merge pull request #6289 from wallabag/2.5/fix-csrf-user-deletion
...
Fix CSRF on user deletion
2023-02-07 21:52:51 +01:00
Jérémy Benoist
4e023bddc3
Merge pull request #6288 from wallabag/2.5/xss-username-share-page
...
Fix XSS on username on share page
2023-02-07 21:43:04 +01:00
Jérémy Benoist
acd285dcbb
Merge pull request #6290 from wallabag/2.5/fix-add-tag-other-entries
...
Fix adding tag to entries from other people
2023-02-07 21:42:46 +01:00
Jeremy Benoist
f1b3d5cdd7
Fix CSRF on user deletion
2023-02-07 21:41:52 +01:00
Jeremy Benoist
242e3feac9
Fix adding tag to entries from other people
...
I've also limited tag length to 20 chars (and limit adding more than 5 tags at once)
2023-02-07 21:25:57 +01:00
Jeremy Benoist
bd4c71682e
Fix XSS on username on share page
2023-02-07 19:58:06 +01:00
Jérémy Benoist
ebb39759ff
Merge pull request #6286 from wallabag/dependabot/composer/phpstan/phpstan-symfony-1.2.23
2023-02-07 05:35:17 +01:00
dependabot[bot]
647d628853
Bump phpstan/phpstan-symfony from 1.2.22 to 1.2.23
...
Bumps [phpstan/phpstan-symfony](https://github.com/phpstan/phpstan-symfony ) from 1.2.22 to 1.2.23.
- [Release notes](https://github.com/phpstan/phpstan-symfony/releases )
- [Commits](https://github.com/phpstan/phpstan-symfony/compare/1.2.22...1.2.23 )
---
updated-dependencies:
- dependency-name: phpstan/phpstan-symfony
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-07 03:03:29 +00:00
Jérémy Benoist
784bc1393c
Merge pull request #6275 from wallabag/2.x/fix-release-script
...
Fix release script
2023-02-06 10:13:57 +01:00
Jérémy Benoist
b134c76ed7
Merge pull request #6278 from wallabag/dependabot/npm_and_yarn/eslint-webpack-plugin-4.0.0
2023-02-06 07:15:10 +01:00
dependabot[bot]
302ae4ec57
Bump eslint-webpack-plugin from 3.2.0 to 4.0.0
...
Bumps [eslint-webpack-plugin](https://github.com/webpack-contrib/eslint-webpack-plugin ) from 3.2.0 to 4.0.0.
- [Release notes](https://github.com/webpack-contrib/eslint-webpack-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/eslint-webpack-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/eslint-webpack-plugin/compare/v3.2.0...v4.0.0 )
---
updated-dependencies:
- dependency-name: eslint-webpack-plugin
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 06:06:27 +00:00
Jérémy Benoist
9bf6986e67
Merge pull request #6279 from wallabag/dependabot/composer/jms/serializer-3.22.0
2023-02-06 07:03:33 +01:00
Jérémy Benoist
30bea857f0
Merge pull request #6280 from wallabag/dependabot/npm_and_yarn/stylelint-webpack-plugin-4.0.0
2023-02-06 07:03:16 +01:00
Jérémy Benoist
363dd2ddbb
Merge pull request #6282 from wallabag/dependabot/composer/doctrine/persistence-3.1.4
2023-02-06 07:02:56 +01:00
Jérémy Benoist
b945e04be8
Merge pull request #6283 from wallabag/dependabot/composer/jms/serializer-bundle-5.2.1
2023-02-06 07:02:36 +01:00
github-actions[bot]
add7d3d8b6
Merge pull request #6281 from wallabag/dependabot/npm_and_yarn/sass-1.58.0
...
Bump sass from 1.57.1 to 1.58.0
2023-02-06 03:10:57 +00:00
dependabot[bot]
c106ec7438
Bump jms/serializer-bundle from 5.2.0 to 5.2.1
...
Bumps [jms/serializer-bundle](https://github.com/schmittjoh/JMSSerializerBundle ) from 5.2.0 to 5.2.1.
- [Release notes](https://github.com/schmittjoh/JMSSerializerBundle/releases )
- [Changelog](https://github.com/schmittjoh/JMSSerializerBundle/blob/master/CHANGELOG.md )
- [Commits](https://github.com/schmittjoh/JMSSerializerBundle/compare/5.2.0...5.2.1 )
---
updated-dependencies:
- dependency-name: jms/serializer-bundle
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 03:08:16 +00:00
dependabot[bot]
3ef570a474
Bump doctrine/persistence from 3.1.3 to 3.1.4
...
Bumps [doctrine/persistence](https://github.com/doctrine/persistence ) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/doctrine/persistence/releases )
- [Commits](https://github.com/doctrine/persistence/compare/3.1.3...3.1.4 )
---
updated-dependencies:
- dependency-name: doctrine/persistence
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 03:06:39 +00:00
dependabot[bot]
22e0dfb8d6
Bump sass from 1.57.1 to 1.58.0
...
Bumps [sass](https://github.com/sass/dart-sass ) from 1.57.1 to 1.58.0.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.57.1...1.58.0 )
---
updated-dependencies:
- dependency-name: sass
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 03:02:20 +00:00
dependabot[bot]
c4a72d7508
Bump stylelint-webpack-plugin from 3.3.0 to 4.0.0
...
Bumps [stylelint-webpack-plugin](https://github.com/webpack-contrib/stylelint-webpack-plugin ) from 3.3.0 to 4.0.0.
- [Release notes](https://github.com/webpack-contrib/stylelint-webpack-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/stylelint-webpack-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/stylelint-webpack-plugin/compare/v3.3.0...v4.0.0 )
---
updated-dependencies:
- dependency-name: stylelint-webpack-plugin
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 03:01:46 +00:00
dependabot[bot]
e06f6735e3
Bump jms/serializer from 3.21.0 to 3.22.0
...
Bumps [jms/serializer](https://github.com/schmittjoh/serializer ) from 3.21.0 to 3.22.0.
- [Release notes](https://github.com/schmittjoh/serializer/releases )
- [Changelog](https://github.com/schmittjoh/serializer/blob/master/CHANGELOG.md )
- [Commits](https://github.com/schmittjoh/serializer/compare/3.21.0...3.22.0 )
---
updated-dependencies:
- dependency-name: jms/serializer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 03:01:30 +00:00
Jeremy Benoist
42b03d2834
Fix release script
...
The release script cloned the master branch by default because we never have to clone something else from now.
The script will now clone the tag using the given VERSION parameter.
2023-02-03 10:10:35 +01:00
github-actions[bot]
b32d6d448b
Merge pull request #6272 from wallabag/dependabot/npm_and_yarn/http-cache-semantics-4.1.1
...
Bump http-cache-semantics from 4.1.0 to 4.1.1
2023-02-02 05:50:21 +00:00
dependabot[bot]
e6e171c8ee
Bump http-cache-semantics from 4.1.0 to 4.1.1
...
Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/kornelski/http-cache-semantics/releases )
- [Commits](https://github.com/kornelski/http-cache-semantics/commits )
---
updated-dependencies:
- dependency-name: http-cache-semantics
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-02 05:43:19 +00:00
Jérémy Benoist
cc68ed2b5d
Merge pull request #6270 from wallabag/dependabot/composer/nelmio/api-doc-bundle-4.11.1
2023-02-02 06:43:13 +01:00
Jérémy Benoist
db6a85afb1
Merge pull request #6271 from wallabag/dependabot/composer/phpstan/phpstan-symfony-1.2.22
2023-02-02 06:42:48 +01:00
dependabot[bot]
862660ae1a
Bump phpstan/phpstan-symfony from 1.2.21 to 1.2.22
...
Bumps [phpstan/phpstan-symfony](https://github.com/phpstan/phpstan-symfony ) from 1.2.21 to 1.2.22.
- [Release notes](https://github.com/phpstan/phpstan-symfony/releases )
- [Commits](https://github.com/phpstan/phpstan-symfony/compare/1.2.21...1.2.22 )
---
updated-dependencies:
- dependency-name: phpstan/phpstan-symfony
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-02 03:03:09 +00:00
dependabot[bot]
29d384598d
Bump nelmio/api-doc-bundle from 4.11.0 to 4.11.1
...
Bumps [nelmio/api-doc-bundle](https://github.com/nelmio/NelmioApiDocBundle ) from 4.11.0 to 4.11.1.
- [Release notes](https://github.com/nelmio/NelmioApiDocBundle/releases )
- [Changelog](https://github.com/nelmio/NelmioApiDocBundle/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nelmio/NelmioApiDocBundle/compare/v4.11.0...v4.11.1 )
---
updated-dependencies:
- dependency-name: nelmio/api-doc-bundle
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-02 03:02:10 +00:00
Nicolas Lœuillet
0c313d396b
Merge pull request #6268 from wallabag/dependabot/composer/symfony/symfony-4.4.50
...
Bump symfony/symfony from 4.4.49 to 4.4.50
2023-02-01 21:54:40 +01:00
dependabot[bot]
522db91841
Bump symfony/symfony from 4.4.49 to 4.4.50
...
Bumps [symfony/symfony](https://github.com/symfony/symfony ) from 4.4.49 to 4.4.50.
- [Release notes](https://github.com/symfony/symfony/releases )
- [Changelog](https://github.com/symfony/symfony/blob/v4.4.50/CHANGELOG-4.4.md )
- [Commits](https://github.com/symfony/symfony/compare/v4.4.49...v4.4.50 )
---
updated-dependencies:
- dependency-name: symfony/symfony
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-01 20:46:46 +00:00
Jérémy Benoist
8954100779
Merge pull request #6267 from wallabag/release/2.5.3
...
Prepare 2.5.3
2023-02-01 10:15:18 +01:00
Jeremy Benoist
b795622f06
Prepare 2.5.3
2023-02-01 09:51:02 +01:00
Jérémy Benoist
5ac6b6bff9
Merge pull request from GHSA-mrqx-mjc4-vfh3
...
AnnotationController: fix improper authorization vulnerability
2023-02-01 09:32:22 +01:00
Jérémy Benoist
0f7460dbab
Merge pull request from GHSA-qwx8-mxxx-mg96
...
ExportController: fix improper authorization vulnerability
2023-02-01 09:30:43 +01:00
Jérémy Benoist
315d710f93
Merge pull request #6266 from wallabag/dependabot/composer/phpstan/phpstan-symfony-1.2.21
2023-02-01 07:09:46 +01:00