cccee0808f 
								
							 
						 
						
							
							
								
								Updated API examples with date format changes  
							
							... 
							
							
							
							Updated to full ISO-8601 to reflect change in Laravel 7. 
							
						 
						
							2021-11-04 22:02:21 +00:00  
				
					
						
							
							
								 
						
							
								01cdbdb7ae 
								
							 
						 
						
							
							
								
								Updated version and assets for release v21.10.3  
							
							
							
						 
						
							2021-11-01 13:31:10 +00:00  
				
					
						
							
							
								 
						
							
								fc8bbf3eab 
								
							 
						 
						
							
							
								
								Merge branch 'master' into release  
							
							
							
						 
						
							2021-11-01 13:30:36 +00:00  
				
					
						
							
							
								 
						
							
								a17be959d8 
								
							 
						 
						
							
							
								
								Applied latest styleci changes  
							
							
							
						 
						
							2021-11-01 13:26:02 +00:00  
				
					
						
							
							
								 
						
							
								ce3f489188 
								
							 
						 
						
							
							
								
								Merge branch '3027_attachment_vuln'  
							
							
							
						 
						
							2021-11-01 13:25:12 +00:00  
				
					
						
							
							
								 
						
							
								f4201e5740 
								
							 
						 
						
							
							
								
								New Crowdin updates ( #3023 )  
							
							... 
							
							
							
							* New translations errors.php (Polish)
* New translations activities.php (Dutch)
* New translations auth.php (Dutch)
* New translations common.php (Dutch)
* New translations entities.php (Dutch)
* New translations auth.php (Dutch)
* New translations auth.php (Dutch)
* New translations auth.php (Dutch)
* New translations settings.php (Latvian) 
							
						 
						
							2021-11-01 13:16:15 +00:00  
				
					
						
							
							
								 
						
							
								7e2c1b31a1 
								
							 
						 
						
							
							
								
								Modernize third party services' logos  
							
							
							
						 
						
							2021-11-01 12:41:23 +00:00  
				
					
						
							
							
								 
						
							
								bfbccbede1 
								
							 
						 
						
							
							
								
								Updated attachments to not be saved with a complete extension  
							
							... 
							
							
							
							Intended to limit impact in the event the storage path is potentially
exposed. 
							
						 
						
							2021-11-01 11:32:00 +00:00  
				
					
						
							
							
								 
						
							
								4360da03d4 
								
							 
						 
						
							
							
								
								Ran a pass through image and attachment routes  
							
							... 
							
							
							
							Added some stronger types, formatting changes and simplifications along
the way. 
							
						 
						
							2021-11-01 11:17:30 +00:00  
				
					
						
							
							
								 
						
							
								c7fea8fe08 
								
							 
						 
						
							
							
								
								Cleaned up logic within ImageRepo  
							
							... 
							
							
							
							- Moved out extension check to ImageService as that seems more relevant.
- Updated models to use static-style references instead of facade to align with common modern usage within the app.
- Updated custom image_extension validation rule to use shared logic in image service. 
							
						 
						
							2021-11-01 00:24:42 +00:00  
				
					
						
							
							
								 
						
							
								43830a372f 
								
							 
						 
						
							
							
								
								Updated showImage file serving to not be traversable  
							
							... 
							
							
							
							For #3030  
							
						 
						
							2021-10-31 23:53:17 +00:00  
				
					
						
							
							
								 
						
							
								ae155d6745 
								
							 
						 
						
							
							
								
								Added safe mime sniffing to prevent serving HTML  
							
							... 
							
							
							
							(Amoung other content types)
For #3027  
							
						 
						
							2021-10-31 17:58:56 +00:00  
				
					
						
							
							
								 
						
							
								5c834f24a6 
								
							 
						 
						
							
							
								
								Updated AzureAD provider to use microsoft graph  
							
							... 
							
							
							
							Since AzureAD graph is going away.
Tested using old AzureAD graph usage for backwards-compatbility, did not
seem to break things. Could not test with conditional access though due
to azure never enforcing it no matter what I attempted.
Fpr #3028  
							
						 
						
							2021-10-31 13:09:30 +00:00  
				
					
						
							
							
								 
						
							
								98b23fd7ab 
								
							 
						 
						
							
							
								
								Moved from debugbar to clockwork  
							
							
							
						 
						
							2021-10-30 22:03:36 +01:00  
				
					
						
							
							
								 
						
							
								f139cded78 
								
							 
						 
						
							
							
								
								Laravel 8 shift squash & merge ( #3029 )  
							
							... 
							
							
							
							* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift
Co-authored-by: Shift <shift@laravelshift.com> 
							
						 
						
							2021-10-30 21:29:59 +01:00  
				
					
						
							
							
								 
						
							
								85dc8d9791 
								
							 
						 
						
							
							
								
								Updated sponsor link  
							
							
							
						 
						
							2021-10-30 11:51:49 +01:00  
				
					
						
							
							
								 
						
							
								5fd10e695a 
								
							 
						 
						
							
							
								
								Added sponsors to readme, updated license file  
							
							
							
						 
						
							2021-10-29 21:37:10 +01:00  
				
					
						
							
							
								 
						
							
								3cdab19319 
								
							 
						 
						
							
							
								
								Updated version and assets for release v21.10.2  
							
							
							
						 
						
							2021-10-28 15:57:04 +01:00  
				
					
						
							
							
								 
						
							
								5661d20e87 
								
							 
						 
						
							
							
								
								Merge branch 'master' into release  
							
							
							
						 
						
							2021-10-28 15:56:49 +01:00  
				
					
						
							
							
								 
						
							
								e7bec79f25 
								
							 
						 
						
							
							
								
								New Crowdin updates ( #3014 )  
							
							... 
							
							
							
							* New translations entities.php (Estonian)
* New translations entities.php (Estonian) 
							
						 
						
							2021-10-28 15:55:13 +01:00  
				
					
						
							
							
								 
						
							
								4f55fe2f8e 
								
							 
						 
						
							
							
								
								Made further changes to page image extraction validation  
							
							... 
							
							
							
							Fixes  #3019 
Increased testing to cover the failing case amoung others. 
						
							2021-10-28 15:54:00 +01:00  
				
					
						
							
							
								 
						
							
								91f80123e8 
								
							 
						 
						
							
							
								
								Merge branch 'master' into release  
							
							
							
						 
						
							2021-10-27 12:35:00 +01:00  
				
					
						
							
							
								 
						
							
								7a0636d0f8 
								
							 
						 
						
							
							
								
								Updated version and assets for release v21.10.1  
							
							
							
						 
						
							2021-10-27 12:31:40 +01:00  
				
					
						
							
							
								 
						
							
								3166541002 
								
							 
						 
						
							
							
								
								Added test to cover  #3010  
							
							
							
						 
						
							2021-10-27 12:29:01 +01:00  
				
					
						
							
							
								 
						
							
								b31fbf5ba8 
								
							 
						 
						
							
							
								
								Merge branch 'master' of  https://github.com/haxatron/BookStack  into haxatron_upload_issue  
							
							
							
						 
						
							2021-10-27 12:21:27 +01:00  
				
					
						
							
							
								 
						
							
								624d55a773 
								
							 
						 
						
							
							
								
								New Crowdin updates ( #3006 )  
							
							... 
							
							
							
							* New translations auth.php (Latvian)
* New translations errors.php (Latvian)
* New translations auth.php (Latvian)
* New translations entities.php (Latvian)
* New translations settings.php (Latvian)
* New translations settings.php (Estonian)
* New translations entities.php (Estonian)
* New translations settings.php (Estonian)
* New translations validation.php (Estonian)
* New translations entities.php (Estonian)
* New translations settings.php (Spanish, Argentina)
* New translations settings.php (Vietnamese)
* New translations settings.php (Slovenian)
* New translations settings.php (Swedish)
* New translations settings.php (Turkish)
* New translations settings.php (Ukrainian)
* New translations settings.php (Chinese Simplified)
* New translations settings.php (Chinese Traditional)
* New translations settings.php (Portuguese, Brazilian)
* New translations settings.php (Russian)
* New translations settings.php (Indonesian)
* New translations settings.php (Persian)
* New translations settings.php (Croatian)
* New translations settings.php (Latvian)
* New translations settings.php (Bosnian)
* New translations settings.php (Norwegian Bokmal)
* New translations settings.php (Slovak)
* New translations settings.php (Portuguese)
* New translations settings.php (Polish)
* New translations settings.php (Catalan)
* New translations settings.php (Estonian)
* New translations settings.php (Japanese)
* New translations settings.php (French)
* New translations settings.php (Spanish)
* New translations settings.php (Arabic)
* New translations settings.php (Bulgarian)
* New translations settings.php (Czech)
* New translations settings.php (Dutch)
* New translations settings.php (Danish)
* New translations settings.php (German)
* New translations settings.php (Hebrew)
* New translations settings.php (Hungarian)
* New translations settings.php (Italian)
* New translations settings.php (Korean)
* New translations settings.php (Lithuanian)
* New translations settings.php (German Informal)
* New translations settings.php (Polish)
* New translations settings.php (French)
* New translations settings.php (German)
* New translations settings.php (German Informal) 
							
						 
						
							2021-10-27 12:17:53 +01:00  
				
					
						
							
							
								 
						
							
								f77236aa38 
								
							 
						 
						
							
							
								
								Laravel 7.x Shift ( #3011 )  
							
							... 
							
							
							
							* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7
Co-authored-by: Shift <shift@laravelshift.com> 
							
						 
						
							2021-10-26 22:04:18 +01:00  
				
					
						
							
							
								 
						
							
								42f0ba1875 
								
							 
						 
						
							
							
								
								Added security policy md file  
							
							
							
						 
						
							2021-10-26 16:09:41 +01:00  
				
					
						
							
							
								 
						
							
								0d312e5348 
								
							 
						 
						
							
							
								
								Merge pull request  #3008  from IndrekHaav/et-typo  
							
							... 
							
							
							
							Minor capitalisation fix for Estonian 
							
						 
						
							2021-10-26 13:33:27 +01:00  
				
					
						
							
							
								 
						
							
								7b244ea012 
								
							 
						 
						
							
							
								
								Updated php deps  
							
							... 
							
							
							
							Also removes abandoned status of sebastian/resource-operations as per
issue #3007  
							
						 
						
							2021-10-26 13:12:40 +01:00  
				
					
						
							
							
								 
						
							
								538b5ef4eb 
								
							 
						 
						
							
							
								
								Minor capitalisation fix for Estonian  
							
							
							
						 
						
							2021-10-26 15:09:38 +03:00  
				
					
						
							
							
								 
						
							
								64937ab826 
								
							 
						 
						
							
							
								
								Update ImageRepo.php  
							
							... 
							
							
							
							fix image validation vulnerability 
							
						 
						
							2021-10-26 09:39:16 +08:00  
				
					
						
							
							
								 
						
							
								0fe5bdfbac 
								
							 
						 
						
							
							
								
								Updated version and assets for release v21.10  
							
							
							
						 
						
							2021-10-25 15:59:23 +01:00  
				
					
						
							
							
								 
						
							
								f88687e977 
								
							 
						 
						
							
							
								
								Merge branch 'master' into release  
							
							
							
						 
						
							2021-10-25 15:58:59 +01:00  
				
					
						
							
							
								 
						
							
								a5401eb00a 
								
							 
						 
						
							
							
								
								New Crowdin updates ( #3005 )  
							
							... 
							
							
							
							* New translations settings.php (Spanish, Argentina)
* New translations settings.php (Polish)
* New translations settings.php (Estonian)
* New translations errors.php (Spanish, Argentina)
* New translations settings.php (Japanese)
* New translations activities.php (German Informal)
* New translations auth.php (German Informal)
* New translations settings.php (French)
* New translations settings.php (Spanish)
* New translations settings.php (Arabic)
* New translations settings.php (Bulgarian)
* New translations settings.php (Catalan)
* New translations settings.php (Norwegian Bokmal)
* New translations settings.php (German Informal)
* New translations settings.php (Bosnian)
* New translations settings.php (Czech)
* New translations settings.php (Slovak)
* New translations settings.php (Danish)
* New translations settings.php (German)
* New translations settings.php (Hebrew)
* New translations settings.php (Hungarian)
* New translations settings.php (Italian)
* New translations settings.php (Korean)
* New translations settings.php (Lithuanian)
* New translations settings.php (Dutch)
* New translations settings.php (Portuguese)
* New translations settings.php (Russian)
* New translations settings.php (Slovenian)
* New translations settings.php (Latvian)
* New translations settings.php (Swedish)
* New translations settings.php (Turkish)
* New translations settings.php (Ukrainian)
* New translations settings.php (Chinese Simplified)
* New translations settings.php (Chinese Traditional)
* New translations settings.php (Vietnamese)
* New translations settings.php (Portuguese, Brazilian)
* New translations settings.php (Indonesian)
* New translations settings.php (Persian)
* New translations settings.php (Croatian)
* New translations validation.php (German Informal) 
							
						 
						
							2021-10-25 15:01:32 +01:00  
				
					
						
							
							
								 
						
							
								fa466139f0 
								
							 
						 
						
							
							
								
								Updated translators before v21.10 release  
							
							
							
						 
						
							2021-10-25 14:49:21 +01:00  
				
					
						
							
							
								 
						
							
								a75cfd1f25 
								
							 
						 
						
							
							
								
								Added estonian to language logic  
							
							
							
						 
						
							2021-10-25 14:49:03 +01:00  
				
					
						
							
							
								 
						
							
								9c2b8057ab 
								
							 
						 
						
							
							
								
								New Crowdin updates ( #2983 )  
							
							... 
							
							
							
							* New translations auth.php (Polish)
* New translations common.php (Polish)
* New translations entities.php (Polish)
* New translations auth.php (Polish)
* New translations common.php (Polish)
* New translations settings.php (Polish)
* New translations validation.php (Polish)
* New translations activities.php (Estonian)
* New translations auth.php (Estonian)
* New translations common.php (Estonian)
* New translations components.php (Estonian)
* New translations entities.php (Estonian)
* New translations errors.php (Estonian)
* New translations pagination.php (Estonian)
* New translations passwords.php (Estonian)
* New translations settings.php (Estonian)
* New translations validation.php (Estonian)
* New translations activities.php (Estonian)
* New translations activities.php (Estonian)
* New translations auth.php (Estonian)
* New translations common.php (Estonian)
* New translations components.php (Estonian)
* New translations entities.php (Estonian)
* New translations pagination.php (Estonian)
* New translations passwords.php (Estonian)
* New translations entities.php (Estonian)
* New translations errors.php (Estonian)
* New translations validation.php (Estonian)
* New translations settings.php (Estonian)
* New translations auth.php (Estonian)
* New translations entities.php (Estonian)
* New translations passwords.php (Estonian)
* New translations settings.php (Estonian)
* New translations auth.php (Estonian)
* New translations entities.php (Estonian)
* New translations errors.php (Estonian)
* New translations settings.php (Estonian)
* New translations settings.php (Estonian)
* New translations errors.php (German)
* New translations errors.php (Portuguese, Brazilian)
* New translations errors.php (Swedish)
* New translations errors.php (Turkish)
* New translations errors.php (Ukrainian)
* New translations errors.php (Chinese Simplified)
* New translations errors.php (Chinese Traditional)
* New translations errors.php (Vietnamese)
* New translations errors.php (Indonesian)
* New translations errors.php (Slovak)
* New translations errors.php (Persian)
* New translations errors.php (Spanish, Argentina)
* New translations errors.php (Croatian)
* New translations errors.php (Latvian)
* New translations errors.php (Bosnian)
* New translations errors.php (Norwegian Bokmal)
* New translations errors.php (Slovenian)
* New translations errors.php (Russian)
* New translations errors.php (Estonian)
* New translations errors.php (Danish)
* New translations errors.php (French)
* New translations errors.php (Spanish)
* New translations errors.php (Arabic)
* New translations errors.php (Bulgarian)
* New translations errors.php (Catalan)
* New translations errors.php (Czech)
* New translations errors.php (Hebrew)
* New translations errors.php (Portuguese)
* New translations errors.php (Hungarian)
* New translations errors.php (Italian)
* New translations errors.php (Japanese)
* New translations errors.php (Korean)
* New translations errors.php (Lithuanian)
* New translations errors.php (Dutch)
* New translations errors.php (Polish)
* New translations errors.php (German Informal)
* New translations errors.php (Spanish)
* New translations auth.php (Estonian)
* New translations entities.php (Estonian)
* New translations errors.php (Estonian)
* New translations activities.php (Japanese)
* New translations activities.php (Japanese)
* New translations auth.php (Japanese)
* New translations components.php (Japanese)
* New translations passwords.php (Japanese)
* New translations errors.php (Estonian)
* New translations settings.php (Estonian)
* New translations validation.php (Estonian)
* New translations errors.php (French)
* New translations activities.php (Japanese)
* New translations settings.php (Japanese)
* New translations entities.php (Japanese)
* New translations settings.php (Japanese)
* New translations common.php (Japanese)
* New translations settings.php (Japanese)
* New translations settings.php (Japanese)
* New translations entities.php (Japanese)
* New translations settings.php (Japanese)
* New translations settings.php (Japanese)
* New translations entities.php (Japanese)
* New translations settings.php (Japanese)
* New translations common.php (Japanese)
* New translations errors.php (Polish)
* New translations auth.php (Estonian)
* New translations components.php (Estonian)
* New translations entities.php (Estonian)
* New translations validation.php (Estonian)
* New translations errors.php (Estonian)
* New translations settings.php (Estonian)
* New translations errors.php (Chinese Simplified)
* New translations auth.php (Japanese)
* New translations auth.php (Japanese)
* New translations common.php (Japanese)
* New translations entities.php (Japanese)
* New translations errors.php (Italian)
* New translations common.php (Japanese)
* New translations auth.php (Italian)
* New translations entities.php (Italian)
* New translations entities.php (Japanese)
* New translations settings.php (Japanese)
* New translations common.php (Japanese)
* New translations entities.php (Japanese)
* New translations entities.php (Estonian)
* New translations settings.php (Estonian)
* New translations validation.php (Japanese)
* New translations errors.php (Japanese)
* New translations validation.php (Japanese)
* New translations auth.php (Japanese)
* New translations settings.php (Japanese)
* New translations activities.php (Indonesian)
* New translations auth.php (Indonesian)
* New translations validation.php (Estonian)
* New translations settings.php (Estonian) 
							
						 
						
							2021-10-25 13:51:27 +01:00  
				
					
						
							
							
								 
						
							
								31ba972cfc 
								
							 
						 
						
							
							
								
								Tweaked sidepart list item padding, Review of  #3000  
							
							... 
							
							
							
							- Scoped padding change to just entity-list-items within the sidebar
  side reduction of right-hand-padding to zero was causing other
  entity-list-items, such as those in the homepage listing, would then
  have no padding.
- Updated styles to use css logical properties to retain support for RTL
  languages such as Arabic, where the whole interface flips around.
  Related: https://css-tricks.com/css-logical-properties-and-values/  
							
						 
						
							2021-10-23 22:03:03 +01:00  
				
					
						
							
							
								 
						
							
								f73b82ee57 
								
							 
						 
						
							
							
								
								Merge branch 'fix_sidebar_css' of  https://github.com/ffranchina/BookStack  into ffranchina-fix_sidebar_css  
							
							
							
						 
						
							2021-10-23 21:54:25 +01:00  
				
					
						
							
							
								 
						
							
								98072ba4a9 
								
							 
						 
						
							
							
								
								Reviewed SAML SLS changes for ADFS,  #2902  
							
							... 
							
							
							
							- Migrated env usages to config.
- Removed potentially unneeded config options or auto-set signed options
  based upon provision of certificate.
- Aligned SP certificate env option naming with similar IDP option.
Tested via AFDS on windows server 2019. To test on other providers. 
							
						 
						
							2021-10-23 17:26:01 +01:00  
				
					
						
							
							
								 
						
							
								0b15e2bf1c 
								
							 
						 
						
							
							
								
								Fixes padding issues of the sidebar's items  
							
							
							
						 
						
							2021-10-22 01:34:41 +02:00  
				
					
						
							
							
								 
						
							
								2e9ac21b38 
								
							 
						 
						
							
							
								
								Merge branch 'master' of  https://github.com/theodor-franke/BookStack  into theodor-franke-master  
							
							
							
						 
						
							2021-10-21 14:04:23 +01:00  
				
					
						
							
							
								 
						
							
								129f3286d9 
								
							 
						 
						
							
							
								
								Applied styleci changes  
							
							
							
						 
						
							2021-10-20 13:40:27 +01:00  
				
					
						
							
							
								 
						
							
								fe07cdaa06 
								
							 
						 
						
							
							
								
								Merge pull request  #2996  from BookStackApp/saml2_acs_session  
							
							... 
							
							
							
							Updated SAML ACS post to retain user session 
							
						 
						
							2021-10-20 13:38:35 +01:00  
				
					
						
							
							
								 
						
							
								cdef1b3ab0 
								
							 
						 
						
							
							
								
								Updated SAML ACS post to retain user session  
							
							... 
							
							
							
							Session was being lost due to the callback POST request cookies
not being provided due to samesite=lax. This instead adds an additional
hop in the flow to route the request via a GET request so the session is
retained. SAML POST data is stored encrypted in cache via a unique ID
then pulled out straight afterwards, and restored into POST for the SAML
toolkit to validate.
Updated testing to cover. 
							
						 
						
							2021-10-20 13:34:00 +01:00  
				
					
						
							
							
								 
						
							
								859934d6a3 
								
							 
						 
						
							
							
								
								Applied latest changes from styleCI  
							
							
							
						 
						
							2021-10-20 10:49:45 +01:00  
				
					
						
							
							
								 
						
							
								7bbcaa7cbc 
								
							 
						 
						
							
							
								
								Merge pull request  #2986  from BookStackApp/attachments_api  
							
							... 
							
							
							
							Attachments API 
							
						 
						
							2021-10-20 10:46:35 +01:00  
				
					
						
							
							
								 
						
							
								7e28c76e6f 
								
							 
						 
						
							
							
								
								Adjusted API docs table  
							
							
							
						 
						
							2021-10-20 10:46:06 +01:00  
				
					
						
							
							
								 
						
							
								60d4c5902b 
								
							 
						 
						
							
							
								
								Added attachment API examples during manual testing  
							
							
							
						 
						
							2021-10-20 10:43:03 +01:00