1eed8d6325 
								
							 
						 
						
							
							
								
								Removed style in discord logo to prevent clash with twitter logo  
							
							... 
							
							
							
							Both were using the same class names causing a quadrant of the slack logo
to be the discord brand color.
Related to #3032  
							
						 
						
							2021-11-04 22:52:35 +00:00  
				
					
						
							
							
								 
						
							
								b9a58859a4 
								
							 
						 
						
							
							
								
								Merge branch 'modernize-3rd-party-service-logos' of  https://github.com/na3shkw/BookStack  into na3shkw-modernize-3rd-party-service-logos  
							
							
							
						 
						
							2021-11-04 22:45:57 +00:00  
				
					
						
							
							
								 
						
							
								c9c4dbcb5b 
								
							 
						 
						
							
							
								
								Merge branch 'laravel_upgrade'  
							
							
							
						 
						
							2021-11-04 22:42:35 +00:00  
				
					
						
							
							
								 
						
							
								6f75aa9cdc 
								
							 
						 
						
							
							
								
								Reverted shift change to old migration  
							
							
							
						 
						
							2021-11-04 22:38:55 +00:00  
				
					
						
							
							
								 
						
							
								9c680efaad 
								
							 
						 
						
							
							
								
								Updated php packages, Added php8.1 to GH actions  
							
							
							
						 
						
							2021-11-04 22:29:36 +00:00  
				
					
						
							
							
								 
						
							
								cccee0808f 
								
							 
						 
						
							
							
								
								Updated API examples with date format changes  
							
							... 
							
							
							
							Updated to full ISO-8601 to reflect change in Laravel 7. 
							
						 
						
							2021-11-04 22:02:21 +00:00  
				
					
						
							
							
								 
						
							
								a17be959d8 
								
							 
						 
						
							
							
								
								Applied latest styleci changes  
							
							
							
						 
						
							2021-11-01 13:26:02 +00:00  
				
					
						
							
							
								 
						
							
								ce3f489188 
								
							 
						 
						
							
							
								
								Merge branch '3027_attachment_vuln'  
							
							
							
						 
						
							2021-11-01 13:25:12 +00:00  
				
					
						
							
							
								 
						
							
								f4201e5740 
								
							 
						 
						
							
							
								
								New Crowdin updates ( #3023 )  
							
							... 
							
							
							
							* New translations errors.php (Polish)
* New translations activities.php (Dutch)
* New translations auth.php (Dutch)
* New translations common.php (Dutch)
* New translations entities.php (Dutch)
* New translations auth.php (Dutch)
* New translations auth.php (Dutch)
* New translations auth.php (Dutch)
* New translations settings.php (Latvian) 
							
						 
						
							2021-11-01 13:16:15 +00:00  
				
					
						
							
							
								 
						
							
								7e2c1b31a1 
								
							 
						 
						
							
							
								
								Modernize third party services' logos  
							
							
							
						 
						
							2021-11-01 12:41:23 +00:00  
				
					
						
							
							
								 
						
							
								bfbccbede1 
								
							 
						 
						
							
							
								
								Updated attachments to not be saved with a complete extension  
							
							... 
							
							
							
							Intended to limit impact in the event the storage path is potentially
exposed. 
							
						 
						
							2021-11-01 11:32:00 +00:00  
				
					
						
							
							
								 
						
							
								4360da03d4 
								
							 
						 
						
							
							
								
								Ran a pass through image and attachment routes  
							
							... 
							
							
							
							Added some stronger types, formatting changes and simplifications along
the way. 
							
						 
						
							2021-11-01 11:17:30 +00:00  
				
					
						
							
							
								 
						
							
								c7fea8fe08 
								
							 
						 
						
							
							
								
								Cleaned up logic within ImageRepo  
							
							... 
							
							
							
							- Moved out extension check to ImageService as that seems more relevant.
- Updated models to use static-style references instead of facade to align with common modern usage within the app.
- Updated custom image_extension validation rule to use shared logic in image service. 
							
						 
						
							2021-11-01 00:24:42 +00:00  
				
					
						
							
							
								 
						
							
								43830a372f 
								
							 
						 
						
							
							
								
								Updated showImage file serving to not be traversable  
							
							... 
							
							
							
							For #3030  
							
						 
						
							2021-10-31 23:53:17 +00:00  
				
					
						
							
							
								 
						
							
								ae155d6745 
								
							 
						 
						
							
							
								
								Added safe mime sniffing to prevent serving HTML  
							
							... 
							
							
							
							(Amoung other content types)
For #3027  
							
						 
						
							2021-10-31 17:58:56 +00:00  
				
					
						
							
							
								 
						
							
								5c834f24a6 
								
							 
						 
						
							
							
								
								Updated AzureAD provider to use microsoft graph  
							
							... 
							
							
							
							Since AzureAD graph is going away.
Tested using old AzureAD graph usage for backwards-compatbility, did not
seem to break things. Could not test with conditional access though due
to azure never enforcing it no matter what I attempted.
Fpr #3028  
							
						 
						
							2021-10-31 13:09:30 +00:00  
				
					
						
							
							
								 
						
							
								98b23fd7ab 
								
							 
						 
						
							
							
								
								Moved from debugbar to clockwork  
							
							
							
						 
						
							2021-10-30 22:03:36 +01:00  
				
					
						
							
							
								 
						
							
								f139cded78 
								
							 
						 
						
							
							
								
								Laravel 8 shift squash & merge ( #3029 )  
							
							... 
							
							
							
							* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift
Co-authored-by: Shift <shift@laravelshift.com> 
							
						 
						
							2021-10-30 21:29:59 +01:00  
				
					
						
							
							
								 
						
							
								85dc8d9791 
								
							 
						 
						
							
							
								
								Updated sponsor link  
							
							
							
						 
						
							2021-10-30 11:51:49 +01:00  
				
					
						
							
							
								 
						
							
								5fd10e695a 
								
							 
						 
						
							
							
								
								Added sponsors to readme, updated license file  
							
							
							
						 
						
							2021-10-29 21:37:10 +01:00  
				
					
						
							
							
								 
						
							
								e7bec79f25 
								
							 
						 
						
							
							
								
								New Crowdin updates ( #3014 )  
							
							... 
							
							
							
							* New translations entities.php (Estonian)
* New translations entities.php (Estonian) 
							
						 
						
							2021-10-28 15:55:13 +01:00  
				
					
						
							
							
								 
						
							
								4f55fe2f8e 
								
							 
						 
						
							
							
								
								Made further changes to page image extraction validation  
							
							... 
							
							
							
							Fixes  #3019 
Increased testing to cover the failing case amoung others. 
						
							2021-10-28 15:54:00 +01:00  
				
					
						
							
							
								 
						
							
								3166541002 
								
							 
						 
						
							
							
								
								Added test to cover  #3010  
							
							
							
						 
						
							2021-10-27 12:29:01 +01:00  
				
					
						
							
							
								 
						
							
								b31fbf5ba8 
								
							 
						 
						
							
							
								
								Merge branch 'master' of  https://github.com/haxatron/BookStack  into haxatron_upload_issue  
							
							
							
						 
						
							2021-10-27 12:21:27 +01:00  
				
					
						
							
							
								 
						
							
								624d55a773 
								
							 
						 
						
							
							
								
								New Crowdin updates ( #3006 )  
							
							... 
							
							
							
							* New translations auth.php (Latvian)
* New translations errors.php (Latvian)
* New translations auth.php (Latvian)
* New translations entities.php (Latvian)
* New translations settings.php (Latvian)
* New translations settings.php (Estonian)
* New translations entities.php (Estonian)
* New translations settings.php (Estonian)
* New translations validation.php (Estonian)
* New translations entities.php (Estonian)
* New translations settings.php (Spanish, Argentina)
* New translations settings.php (Vietnamese)
* New translations settings.php (Slovenian)
* New translations settings.php (Swedish)
* New translations settings.php (Turkish)
* New translations settings.php (Ukrainian)
* New translations settings.php (Chinese Simplified)
* New translations settings.php (Chinese Traditional)
* New translations settings.php (Portuguese, Brazilian)
* New translations settings.php (Russian)
* New translations settings.php (Indonesian)
* New translations settings.php (Persian)
* New translations settings.php (Croatian)
* New translations settings.php (Latvian)
* New translations settings.php (Bosnian)
* New translations settings.php (Norwegian Bokmal)
* New translations settings.php (Slovak)
* New translations settings.php (Portuguese)
* New translations settings.php (Polish)
* New translations settings.php (Catalan)
* New translations settings.php (Estonian)
* New translations settings.php (Japanese)
* New translations settings.php (French)
* New translations settings.php (Spanish)
* New translations settings.php (Arabic)
* New translations settings.php (Bulgarian)
* New translations settings.php (Czech)
* New translations settings.php (Dutch)
* New translations settings.php (Danish)
* New translations settings.php (German)
* New translations settings.php (Hebrew)
* New translations settings.php (Hungarian)
* New translations settings.php (Italian)
* New translations settings.php (Korean)
* New translations settings.php (Lithuanian)
* New translations settings.php (German Informal)
* New translations settings.php (Polish)
* New translations settings.php (French)
* New translations settings.php (German)
* New translations settings.php (German Informal) 
							
						 
						
							2021-10-27 12:17:53 +01:00  
				
					
						
							
							
								 
						
							
								f77236aa38 
								
							 
						 
						
							
							
								
								Laravel 7.x Shift ( #3011 )  
							
							... 
							
							
							
							* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7
Co-authored-by: Shift <shift@laravelshift.com> 
							
						 
						
							2021-10-26 22:04:18 +01:00  
				
					
						
							
							
								 
						
							
								42f0ba1875 
								
							 
						 
						
							
							
								
								Added security policy md file  
							
							
							
						 
						
							2021-10-26 16:09:41 +01:00  
				
					
						
							
							
								 
						
							
								0d312e5348 
								
							 
						 
						
							
							
								
								Merge pull request  #3008  from IndrekHaav/et-typo  
							
							... 
							
							
							
							Minor capitalisation fix for Estonian 
							
						 
						
							2021-10-26 13:33:27 +01:00  
				
					
						
							
							
								 
						
							
								7b244ea012 
								
							 
						 
						
							
							
								
								Updated php deps  
							
							... 
							
							
							
							Also removes abandoned status of sebastian/resource-operations as per
issue #3007  
							
						 
						
							2021-10-26 13:12:40 +01:00  
				
					
						
							
							
								 
						
							
								538b5ef4eb 
								
							 
						 
						
							
							
								
								Minor capitalisation fix for Estonian  
							
							
							
						 
						
							2021-10-26 15:09:38 +03:00  
				
					
						
							
							
								 
						
							
								64937ab826 
								
							 
						 
						
							
							
								
								Update ImageRepo.php  
							
							... 
							
							
							
							fix image validation vulnerability 
							
						 
						
							2021-10-26 09:39:16 +08:00  
				
					
						
							
							
								 
						
							
								a5401eb00a 
								
							 
						 
						
							
							
								
								New Crowdin updates ( #3005 )  
							
							... 
							
							
							
							* New translations settings.php (Spanish, Argentina)
* New translations settings.php (Polish)
* New translations settings.php (Estonian)
* New translations errors.php (Spanish, Argentina)
* New translations settings.php (Japanese)
* New translations activities.php (German Informal)
* New translations auth.php (German Informal)
* New translations settings.php (French)
* New translations settings.php (Spanish)
* New translations settings.php (Arabic)
* New translations settings.php (Bulgarian)
* New translations settings.php (Catalan)
* New translations settings.php (Norwegian Bokmal)
* New translations settings.php (German Informal)
* New translations settings.php (Bosnian)
* New translations settings.php (Czech)
* New translations settings.php (Slovak)
* New translations settings.php (Danish)
* New translations settings.php (German)
* New translations settings.php (Hebrew)
* New translations settings.php (Hungarian)
* New translations settings.php (Italian)
* New translations settings.php (Korean)
* New translations settings.php (Lithuanian)
* New translations settings.php (Dutch)
* New translations settings.php (Portuguese)
* New translations settings.php (Russian)
* New translations settings.php (Slovenian)
* New translations settings.php (Latvian)
* New translations settings.php (Swedish)
* New translations settings.php (Turkish)
* New translations settings.php (Ukrainian)
* New translations settings.php (Chinese Simplified)
* New translations settings.php (Chinese Traditional)
* New translations settings.php (Vietnamese)
* New translations settings.php (Portuguese, Brazilian)
* New translations settings.php (Indonesian)
* New translations settings.php (Persian)
* New translations settings.php (Croatian)
* New translations validation.php (German Informal) 
							
						 
						
							2021-10-25 15:01:32 +01:00  
				
					
						
							
							
								 
						
							
								fa466139f0 
								
							 
						 
						
							
							
								
								Updated translators before v21.10 release  
							
							
							
						 
						
							2021-10-25 14:49:21 +01:00  
				
					
						
							
							
								 
						
							
								a75cfd1f25 
								
							 
						 
						
							
							
								
								Added estonian to language logic  
							
							
							
						 
						
							2021-10-25 14:49:03 +01:00  
				
					
						
							
							
								 
						
							
								9c2b8057ab 
								
							 
						 
						
							
							
								
								New Crowdin updates ( #2983 )  
							
							... 
							
							
							
							* New translations auth.php (Polish)
* New translations common.php (Polish)
* New translations entities.php (Polish)
* New translations auth.php (Polish)
* New translations common.php (Polish)
* New translations settings.php (Polish)
* New translations validation.php (Polish)
* New translations activities.php (Estonian)
* New translations auth.php (Estonian)
* New translations common.php (Estonian)
* New translations components.php (Estonian)
* New translations entities.php (Estonian)
* New translations errors.php (Estonian)
* New translations pagination.php (Estonian)
* New translations passwords.php (Estonian)
* New translations settings.php (Estonian)
* New translations validation.php (Estonian)
* New translations activities.php (Estonian)
* New translations activities.php (Estonian)
* New translations auth.php (Estonian)
* New translations common.php (Estonian)
* New translations components.php (Estonian)
* New translations entities.php (Estonian)
* New translations pagination.php (Estonian)
* New translations passwords.php (Estonian)
* New translations entities.php (Estonian)
* New translations errors.php (Estonian)
* New translations validation.php (Estonian)
* New translations settings.php (Estonian)
* New translations auth.php (Estonian)
* New translations entities.php (Estonian)
* New translations passwords.php (Estonian)
* New translations settings.php (Estonian)
* New translations auth.php (Estonian)
* New translations entities.php (Estonian)
* New translations errors.php (Estonian)
* New translations settings.php (Estonian)
* New translations settings.php (Estonian)
* New translations errors.php (German)
* New translations errors.php (Portuguese, Brazilian)
* New translations errors.php (Swedish)
* New translations errors.php (Turkish)
* New translations errors.php (Ukrainian)
* New translations errors.php (Chinese Simplified)
* New translations errors.php (Chinese Traditional)
* New translations errors.php (Vietnamese)
* New translations errors.php (Indonesian)
* New translations errors.php (Slovak)
* New translations errors.php (Persian)
* New translations errors.php (Spanish, Argentina)
* New translations errors.php (Croatian)
* New translations errors.php (Latvian)
* New translations errors.php (Bosnian)
* New translations errors.php (Norwegian Bokmal)
* New translations errors.php (Slovenian)
* New translations errors.php (Russian)
* New translations errors.php (Estonian)
* New translations errors.php (Danish)
* New translations errors.php (French)
* New translations errors.php (Spanish)
* New translations errors.php (Arabic)
* New translations errors.php (Bulgarian)
* New translations errors.php (Catalan)
* New translations errors.php (Czech)
* New translations errors.php (Hebrew)
* New translations errors.php (Portuguese)
* New translations errors.php (Hungarian)
* New translations errors.php (Italian)
* New translations errors.php (Japanese)
* New translations errors.php (Korean)
* New translations errors.php (Lithuanian)
* New translations errors.php (Dutch)
* New translations errors.php (Polish)
* New translations errors.php (German Informal)
* New translations errors.php (Spanish)
* New translations auth.php (Estonian)
* New translations entities.php (Estonian)
* New translations errors.php (Estonian)
* New translations activities.php (Japanese)
* New translations activities.php (Japanese)
* New translations auth.php (Japanese)
* New translations components.php (Japanese)
* New translations passwords.php (Japanese)
* New translations errors.php (Estonian)
* New translations settings.php (Estonian)
* New translations validation.php (Estonian)
* New translations errors.php (French)
* New translations activities.php (Japanese)
* New translations settings.php (Japanese)
* New translations entities.php (Japanese)
* New translations settings.php (Japanese)
* New translations common.php (Japanese)
* New translations settings.php (Japanese)
* New translations settings.php (Japanese)
* New translations entities.php (Japanese)
* New translations settings.php (Japanese)
* New translations settings.php (Japanese)
* New translations entities.php (Japanese)
* New translations settings.php (Japanese)
* New translations common.php (Japanese)
* New translations errors.php (Polish)
* New translations auth.php (Estonian)
* New translations components.php (Estonian)
* New translations entities.php (Estonian)
* New translations validation.php (Estonian)
* New translations errors.php (Estonian)
* New translations settings.php (Estonian)
* New translations errors.php (Chinese Simplified)
* New translations auth.php (Japanese)
* New translations auth.php (Japanese)
* New translations common.php (Japanese)
* New translations entities.php (Japanese)
* New translations errors.php (Italian)
* New translations common.php (Japanese)
* New translations auth.php (Italian)
* New translations entities.php (Italian)
* New translations entities.php (Japanese)
* New translations settings.php (Japanese)
* New translations common.php (Japanese)
* New translations entities.php (Japanese)
* New translations entities.php (Estonian)
* New translations settings.php (Estonian)
* New translations validation.php (Japanese)
* New translations errors.php (Japanese)
* New translations validation.php (Japanese)
* New translations auth.php (Japanese)
* New translations settings.php (Japanese)
* New translations activities.php (Indonesian)
* New translations auth.php (Indonesian)
* New translations validation.php (Estonian)
* New translations settings.php (Estonian) 
							
						 
						
							2021-10-25 13:51:27 +01:00  
				
					
						
							
							
								 
						
							
								31ba972cfc 
								
							 
						 
						
							
							
								
								Tweaked sidepart list item padding, Review of  #3000  
							
							... 
							
							
							
							- Scoped padding change to just entity-list-items within the sidebar
  side reduction of right-hand-padding to zero was causing other
  entity-list-items, such as those in the homepage listing, would then
  have no padding.
- Updated styles to use css logical properties to retain support for RTL
  languages such as Arabic, where the whole interface flips around.
  Related: https://css-tricks.com/css-logical-properties-and-values/  
							
						 
						
							2021-10-23 22:03:03 +01:00  
				
					
						
							
							
								 
						
							
								f73b82ee57 
								
							 
						 
						
							
							
								
								Merge branch 'fix_sidebar_css' of  https://github.com/ffranchina/BookStack  into ffranchina-fix_sidebar_css  
							
							
							
						 
						
							2021-10-23 21:54:25 +01:00  
				
					
						
							
							
								 
						
							
								98072ba4a9 
								
							 
						 
						
							
							
								
								Reviewed SAML SLS changes for ADFS,  #2902  
							
							... 
							
							
							
							- Migrated env usages to config.
- Removed potentially unneeded config options or auto-set signed options
  based upon provision of certificate.
- Aligned SP certificate env option naming with similar IDP option.
Tested via AFDS on windows server 2019. To test on other providers. 
							
						 
						
							2021-10-23 17:26:01 +01:00  
				
					
						
							
							
								 
						
							
								0b15e2bf1c 
								
							 
						 
						
							
							
								
								Fixes padding issues of the sidebar's items  
							
							
							
						 
						
							2021-10-22 01:34:41 +02:00  
				
					
						
							
							
								 
						
							
								2e9ac21b38 
								
							 
						 
						
							
							
								
								Merge branch 'master' of  https://github.com/theodor-franke/BookStack  into theodor-franke-master  
							
							
							
						 
						
							2021-10-21 14:04:23 +01:00  
				
					
						
							
							
								 
						
							
								129f3286d9 
								
							 
						 
						
							
							
								
								Applied styleci changes  
							
							
							
						 
						
							2021-10-20 13:40:27 +01:00  
				
					
						
							
							
								 
						
							
								fe07cdaa06 
								
							 
						 
						
							
							
								
								Merge pull request  #2996  from BookStackApp/saml2_acs_session  
							
							... 
							
							
							
							Updated SAML ACS post to retain user session 
							
						 
						
							2021-10-20 13:38:35 +01:00  
				
					
						
							
							
								 
						
							
								cdef1b3ab0 
								
							 
						 
						
							
							
								
								Updated SAML ACS post to retain user session  
							
							... 
							
							
							
							Session was being lost due to the callback POST request cookies
not being provided due to samesite=lax. This instead adds an additional
hop in the flow to route the request via a GET request so the session is
retained. SAML POST data is stored encrypted in cache via a unique ID
then pulled out straight afterwards, and restored into POST for the SAML
toolkit to validate.
Updated testing to cover. 
							
						 
						
							2021-10-20 13:34:00 +01:00  
				
					
						
							
							
								 
						
							
								859934d6a3 
								
							 
						 
						
							
							
								
								Applied latest changes from styleCI  
							
							
							
						 
						
							2021-10-20 10:49:45 +01:00  
				
					
						
							
							
								 
						
							
								7bbcaa7cbc 
								
							 
						 
						
							
							
								
								Merge pull request  #2986  from BookStackApp/attachments_api  
							
							... 
							
							
							
							Attachments API 
							
						 
						
							2021-10-20 10:46:35 +01:00  
				
					
						
							
							
								 
						
							
								7e28c76e6f 
								
							 
						 
						
							
							
								
								Adjusted API docs table  
							
							
							
						 
						
							2021-10-20 10:46:06 +01:00  
				
					
						
							
							
								 
						
							
								60d4c5902b 
								
							 
						 
						
							
							
								
								Added attachment API examples during manual testing  
							
							
							
						 
						
							2021-10-20 10:43:03 +01:00  
				
					
						
							
							
								 
						
							
								2409d1850f 
								
							 
						 
						
							
							
								
								Added TestCase for attachments API methods  
							
							
							
						 
						
							2021-10-20 00:58:56 +01:00  
				
					
						
							
							
								 
						
							
								c699f176bc 
								
							 
						 
						
							
							
								
								Fixed bug report yaml formatting  
							
							
							
						 
						
							2021-10-19 15:15:35 +01:00  
				
					
						
							
							
								 
						
							
								72ad87b123 
								
							 
						 
						
							
							
								
								Update support_request.yml  
							
							
							
						 
						
							2021-10-19 14:52:00 +01:00