Commit graph

8924 commits

Author SHA1 Message Date
Nicolas Lœuillet
843fd97805
Merge pull request #7008 from wallabag/dependabot/composer/phpstan/phpstan-1.10.37
Bump phpstan/phpstan from 1.10.36 to 1.10.37
2023-10-03 07:40:03 +02:00
dependabot[bot]
5afff609b3
Bump phpstan/phpstan from 1.10.36 to 1.10.37
Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 1.10.36 to 1.10.37.
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/1.11.x/CHANGELOG.md)
- [Commits](https://github.com/phpstan/phpstan/compare/1.10.36...1.10.37)

---
updated-dependencies:
- dependency-name: phpstan/phpstan
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-03 02:03:40 +00:00
Jérémy Benoist
60623246ae
Merge pull request #7006 from wallabag/release/2.6.7
Prepare 2.6.7 release
2023-10-02 14:21:29 +02:00
Jeremy Benoist
fa107116cc
Prepare 2.6.7 release 2023-10-02 14:14:34 +02:00
Jérémy Benoist
0cfdddc2eb
Merge pull request from GHSA-56fm-hfp3-x3w3
Fix CSRF Vulnerability on 2FA endpoints
2023-10-02 13:51:41 +02:00
Jérémy Benoist
8b0108d686
Merge pull request #7005 from wallabag/fix/dependabot-symfony-pattern
Fix symfony pattern for dependabot
2023-10-02 09:31:15 +02:00
Jérémy Benoist
adc79d0578
Fix symfony pattern for dependabot
`*symfony*` matches to much deps (ie `phpstan-symfony`) which aren't related to Symfony release.
`symfony/*` will properly match Symfony release better.
2023-10-02 09:17:32 +02:00
Nicolas Lœuillet
5d498135ab
Merge pull request #7004 from wallabag/dependabot/composer/symfony-dependencies-34a06d215f
Bump the symfony-dependencies group with 1 update
2023-10-02 09:11:50 +02:00
dependabot[bot]
d287ed6b54
Bump the symfony-dependencies group with 1 update
Bumps the symfony-dependencies group with 1 update: [phpstan/phpstan-symfony](https://github.com/phpstan/phpstan-symfony).

- [Release notes](https://github.com/phpstan/phpstan-symfony/releases)
- [Commits](https://github.com/phpstan/phpstan-symfony/compare/1.3.2...1.3.4)

---
updated-dependencies:
- dependency-name: phpstan/phpstan-symfony
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: symfony-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-02 07:03:30 +00:00
Nicolas Lœuillet
e69b07314b
Merge pull request #7003 from wallabag/fix/dependabot-lock-symfony
Avoid deps for Symfony/*
2023-10-02 09:02:34 +02:00
Jérémy Benoist
f3291f5797
Merge pull request #7001 from wallabag/dependabot/composer/phpstan/phpstan-1.10.36
Bump phpstan/phpstan from 1.10.35 to 1.10.36
2023-10-02 08:38:31 +02:00
Jérémy Benoist
7cbe1dafb3
Avoid deps for Symfony/*
Until we release official support for Symfony 5+
2023-10-02 08:35:01 +02:00
Jérémy Benoist
0ed133f3d5
Merge pull request #7002 from sonvir249/update-itunes
Updated text iTunes to App Store.
2023-10-02 08:31:52 +02:00
Jeremy Benoist
bfa5a4a556
Update PHPStan ignore pattern 2023-10-02 08:30:18 +02:00
sonvir249
a0cd522db2
Updated text iTunes to App Store. 2023-10-02 10:07:05 +05:30
github-actions[bot]
926ff63a73
Merge pull request #6996 from wallabag/dependabot/npm_and_yarn/babel-dependencies-658c943d74
Bump the babel-dependencies group with 1 update
2023-10-02 04:15:41 +00:00
github-actions[bot]
1145810345
Merge pull request #6998 from wallabag/dependabot/npm_and_yarn/postcss-scss-4.0.9
Bump postcss-scss from 4.0.8 to 4.0.9
2023-10-02 02:37:45 +00:00
dependabot[bot]
5ac6deda69
Bump postcss-scss from 4.0.8 to 4.0.9
Bumps [postcss-scss](https://github.com/postcss/postcss-scss) from 4.0.8 to 4.0.9.
- [Changelog](https://github.com/postcss/postcss-scss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss-scss/compare/4.0.8...4.0.9)

---
updated-dependencies:
- dependency-name: postcss-scss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-02 02:29:32 +00:00
github-actions[bot]
d8e936add0
Merge pull request #6999 from wallabag/dependabot/npm_and_yarn/postcss-8.4.31
Bump postcss from 8.4.30 to 8.4.31
2023-10-02 02:28:19 +00:00
github-actions[bot]
af374b8cb0
Merge pull request #6997 from wallabag/dependabot/npm_and_yarn/fontsource-dependencies-facc375e84
Bump the fontsource-dependencies group with 2 updates
2023-10-02 02:23:07 +00:00
dependabot[bot]
6ebffd0f63
Bump phpstan/phpstan from 1.10.35 to 1.10.36
Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 1.10.35 to 1.10.36.
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/1.11.x/CHANGELOG.md)
- [Commits](https://github.com/phpstan/phpstan/compare/1.10.35...1.10.36)

---
updated-dependencies:
- dependency-name: phpstan/phpstan
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-02 02:21:21 +00:00
dependabot[bot]
e8663003c5
Bump postcss from 8.4.30 to 8.4.31
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.30 to 8.4.31.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.30...8.4.31)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-02 02:14:59 +00:00
dependabot[bot]
255d71727c
Bump the fontsource-dependencies group with 2 updates
Bumps the fontsource-dependencies group with 2 updates: [@fontsource/atkinson-hyperlegible](https://github.com/fontsource/font-files/tree/HEAD/fonts/google/atkinson-hyperlegible) and [@fontsource/oswald](https://github.com/fontsource/font-files/tree/HEAD/fonts/google/oswald).


Updates `@fontsource/atkinson-hyperlegible` from 5.0.12 to 5.0.13
- [Changelog](https://github.com/fontsource/font-files/blob/main/fonts/google/atkinson-hyperlegible/CHANGELOG.md)
- [Commits](https://github.com/fontsource/font-files/commits/HEAD/fonts/google/atkinson-hyperlegible)

Updates `@fontsource/oswald` from 5.0.12 to 5.0.13
- [Changelog](https://github.com/fontsource/font-files/blob/main/fonts/google/oswald/CHANGELOG.md)
- [Commits](https://github.com/fontsource/font-files/commits/HEAD/fonts/google/oswald)

---
updated-dependencies:
- dependency-name: "@fontsource/atkinson-hyperlegible"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: fontsource-dependencies
- dependency-name: "@fontsource/oswald"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: fontsource-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-02 02:14:32 +00:00
dependabot[bot]
0fc117ec41
Bump the babel-dependencies group with 1 update
Bumps the babel-dependencies group with 1 update: [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core).

- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.0/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: babel-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-02 02:14:05 +00:00
Kevin Decherf
aa06e8328e ConfigController: remove 2fa cancel step
This change annoys me, however this endpoint was anyway problematic:
- it was vulnerable to a CSRF attack, see GHSA-56fm-hfp3-x3w3
- it is useless as we don't really handle a two-steps validation

Still, if you send an incorrect code during the "activation" phase a
flash error will pop up but the 2fa will stay enabled. This need rework
when possible.

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2023-09-30 00:49:58 +02:00
Kevin Decherf
5240684be9 ConfigController: move OTP endpoints to POST method only
Fixes GHSA-56fm-hfp3-x3w3

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2023-09-30 00:49:58 +02:00
Nicolas Lœuillet
9ec351e8b6
Merge pull request #6986 from Simounet/feat/entry-tag-form-button
Add tag form submit button always displayed
2023-09-29 16:38:54 +02:00
Simounet
6fab27f3ce
Add tag form submit button always displayed 2023-09-29 15:35:33 +02:00
Nicolas Lœuillet
e4d69cafe4
Merge pull request #6991 from Simounet/feat/6971-mass-action-click-full-card
Fix #6971 - Full clickable card on mass action
2023-09-29 14:53:27 +02:00
Jérémy Benoist
34e51243d9
Merge pull request #6985 from Simounet/fix/tag-controller-null-value 2023-09-27 22:36:36 +02:00
Yassine Guedidi
d21ccc1e28
Merge pull request #6982 from yguedidi/build-assets-on-release
Build assets on release
2023-09-27 20:33:40 +02:00
Simounet
9bc026f343
Fix #6971 - Full clickable card on mass action 2023-09-27 19:25:16 +02:00
Yassine Guedidi
752606941f Remove the Assets workflow 2023-09-27 19:16:25 +02:00
Yassine Guedidi
728aa902bb Remove generated assets from the repository 2023-09-27 19:15:28 +02:00
Yassine Guedidi
fde129e5c6 Build assets on release 2023-09-27 19:13:22 +02:00
Jérémy Benoist
3b78bbae64
Merge pull request #6989 from wallabag/dependabot/composer/doctrine/dbal-3.7.0 2023-09-27 07:06:10 +02:00
dependabot[bot]
675d78f9c6
Bump doctrine/dbal from 3.6.7 to 3.7.0
Bumps [doctrine/dbal](https://github.com/doctrine/dbal) from 3.6.7 to 3.7.0.
- [Release notes](https://github.com/doctrine/dbal/releases)
- [Commits](https://github.com/doctrine/dbal/compare/3.6.7...3.7.0)

---
updated-dependencies:
- dependency-name: doctrine/dbal
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-27 02:26:43 +00:00
Simounet
a46fd5fc9f
Fix deprecated null parameter passed to explode() 2023-09-26 18:02:46 +02:00
Nicolas Lœuillet
a26a6bd3a5
Merge pull request #6980 from wallabag/dependabot/composer/scssphp/scssphp-1.11.1
Bump scssphp/scssphp from 1.11.0 to 1.11.1
2023-09-25 08:36:13 +02:00
dependabot[bot]
d021823bab Bump scssphp/scssphp from 1.11.0 to 1.11.1
Bumps [scssphp/scssphp](https://github.com/scssphp/scssphp) from 1.11.0 to 1.11.1.
- [Release notes](https://github.com/scssphp/scssphp/releases)
- [Commits](https://github.com/scssphp/scssphp/compare/v1.11.0...v1.11.1)

---
updated-dependencies:
- dependency-name: scssphp/scssphp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-25 07:01:24 +02:00
Jérémy Benoist
26fbf050f1
Merge pull request #6981 from wallabag/dependabot/composer/doctrine/dbal-3.6.7 2023-09-25 05:39:17 +02:00
github-actions[bot]
8a670fe4fe
Merge pull request #6978 from wallabag/dependabot/npm_and_yarn/sass-1.68.0
Bump sass from 1.67.0 to 1.68.0
2023-09-25 03:08:03 +00:00
github-actions[bot]
775a23a6d0
Merge pull request #6976 from wallabag/dependabot/npm_and_yarn/autoprefixer-10.4.16
Bump autoprefixer from 10.4.15 to 10.4.16
2023-09-25 03:01:21 +00:00
dependabot[bot]
e096656e09
Bump sass from 1.67.0 to 1.68.0
Bumps [sass](https://github.com/sass/dart-sass) from 1.67.0 to 1.68.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.67.0...1.68.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-25 02:47:32 +00:00
github-actions[bot]
b2a5e680d3
Merge pull request #6977 from wallabag/dependabot/npm_and_yarn/postcss-8.4.30
Bump postcss from 8.4.29 to 8.4.30
2023-09-25 02:46:18 +00:00
dependabot[bot]
0a8c9ae64a
Bump doctrine/dbal from 3.6.6 to 3.6.7
Bumps [doctrine/dbal](https://github.com/doctrine/dbal) from 3.6.6 to 3.6.7.
- [Release notes](https://github.com/doctrine/dbal/releases)
- [Commits](https://github.com/doctrine/dbal/compare/3.6.6...3.6.7)

---
updated-dependencies:
- dependency-name: doctrine/dbal
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-25 02:40:03 +00:00
dependabot[bot]
ee266ab12b
Bump autoprefixer from 10.4.15 to 10.4.16
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.15 to 10.4.16.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/10.4.15...10.4.16)

---
updated-dependencies:
- dependency-name: autoprefixer
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-25 02:40:01 +00:00
github-actions[bot]
f006bf4324
Merge pull request #6975 from wallabag/dependabot/npm_and_yarn/eslint-8.50.0
Bump eslint from 8.49.0 to 8.50.0
2023-09-25 02:39:03 +00:00
dependabot[bot]
735bd89cfd
Bump postcss from 8.4.29 to 8.4.30
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.29 to 8.4.30.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.29...8.4.30)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-25 02:34:12 +00:00
dependabot[bot]
46f51c68a9
Bump eslint from 8.49.0 to 8.50.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.49.0 to 8.50.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.49.0...v8.50.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-25 02:33:48 +00:00