From 60fa7558d3fa691cba6ef9b682348bb4d737bbb7 Mon Sep 17 00:00:00 2001 From: Damian Mooyman Date: Mon, 22 Jan 2018 14:06:24 +1300 Subject: [PATCH 1/9] BUG Fix double casting in login authenticator name Fixes #7769 --- lang/en.yml | 2 +- src/Security/MemberAuthenticator/MemberLoginForm.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lang/en.yml b/lang/en.yml index 4f6d57926..ef6596a01 100644 --- a/lang/en.yml +++ b/lang/en.yml @@ -271,7 +271,7 @@ en: ERRORWRONGCRED: 'The provided details don''t seem to be correct. Please try again.' NoPassword: 'There is no password on this member.' SilverStripe\Security\MemberAuthenticator\MemberLoginForm: - AUTHENTICATORNAME: 'E-mail & Password' + AUTHENTICATORNAME: 'E-mail & Password' SilverStripe\Security\MemberPassword: PLURALNAME: 'Member Passwords' PLURALS: diff --git a/src/Security/MemberAuthenticator/MemberLoginForm.php b/src/Security/MemberAuthenticator/MemberLoginForm.php index e7380710c..e3d345e28 100644 --- a/src/Security/MemberAuthenticator/MemberLoginForm.php +++ b/src/Security/MemberAuthenticator/MemberLoginForm.php @@ -224,6 +224,6 @@ class MemberLoginForm extends BaseLoginForm */ public function getAuthenticatorName() { - return _t(self::class . '.AUTHENTICATORNAME', "E-mail & Password"); + return _t(self::class . '.AUTHENTICATORNAME', "E-mail & Password"); } } From b44273d1d6454568b150a5bab4ea0a5ceda81211 Mon Sep 17 00:00:00 2001 From: Damian Mooyman Date: Tue, 23 Jan 2018 16:08:42 +1300 Subject: [PATCH 2/9] BUG Better upload error message Fixes https://github.com/silverstripe/silverstripe-asset-admin/issues/720 --- src/Forms/FileUploadReceiver.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Forms/FileUploadReceiver.php b/src/Forms/FileUploadReceiver.php index 3c277d956..2a7839467 100644 --- a/src/Forms/FileUploadReceiver.php +++ b/src/Forms/FileUploadReceiver.php @@ -294,7 +294,8 @@ trait FileUploadReceiver } if ($tmpFile['error']) { - $error = $tmpFile['error']; + $this->getUpload()->validate($tmpFile); + $error = implode(' ' . PHP_EOL, $this->getUpload()->getErrors()); return null; } From 9c3feb4ab4c1b62f2dc6551d34a0d0f42221e4a0 Mon Sep 17 00:00:00 2001 From: Dylan Wagstaff Date: Tue, 23 Jan 2018 17:31:43 +1300 Subject: [PATCH 3/9] FIX: Allow absolute URLs be use as resources At current certain interfaces exist that assume only local assets will be loaded (e.g. `SilverStripe\Forms\HTMLEditor\TinyMCEConfig::getConfig()`), where as someone may wish to load an off site resource via the use of an absolute URL (e.g. for fontawesome css provided via a CDN). Because asset path parsing is filtered through a `SilverStripe\Core\Manifest\ResourceURLGenerator`, one must either know in advance if they want an internal or external resource (loading different generators), or the API must allow for this (i.e. an inclusion function for each type of asset). So we can either double the API on the implementing class, or simply make an exception for an absolute URL as high as possible; inside the filter - for which the `vendor/module : path/to/file.asset` shorthand syntax was specifically designed not to conflict with. --- src/Control/SimpleResourceURLGenerator.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/Control/SimpleResourceURLGenerator.php b/src/Control/SimpleResourceURLGenerator.php index d30b8251d..5a825dbd6 100644 --- a/src/Control/SimpleResourceURLGenerator.php +++ b/src/Control/SimpleResourceURLGenerator.php @@ -71,6 +71,9 @@ class SimpleResourceURLGenerator implements ResourceURLGenerator $relativePath = $resource->getRelativePath(); $exists = $resource->exists(); $absolutePath = $resource->getPath(); + } else if (Director::is_absolute_url($relativePath)) { + // Path is not relative, and probably not of this site + return $relativePath; } else { // Use normal string $absolutePath = preg_replace('/\?.*/', '', Director::baseFolder() . '/' . $relativePath); From 943821f984b8ec6d5a4e766f545110955f3e0a74 Mon Sep 17 00:00:00 2001 From: Dylan Wagstaff Date: Tue, 23 Jan 2018 17:43:01 +1300 Subject: [PATCH 4/9] Add a test for external resource support `SimpleResourceURLGenerator` has been altered to allow absolute URLs to be loaded directly, as so is now also tested to ensure the added functionality is true to design. --- tests/php/Control/SimpleResourceURLGeneratorTest.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/php/Control/SimpleResourceURLGeneratorTest.php b/tests/php/Control/SimpleResourceURLGeneratorTest.php index 3ec61d5ae..7c6f2f58a 100644 --- a/tests/php/Control/SimpleResourceURLGeneratorTest.php +++ b/tests/php/Control/SimpleResourceURLGeneratorTest.php @@ -64,4 +64,12 @@ class SimpleResourceURLGeneratorTest extends SapphireTest $generator->urlForResource($module->getResource('client/style.css')) ); } + + public function testAbsoluteResource() + { + /** @var SimpleResourceURLGenerator $generator */ + $generator = Injector::inst()->get(ResourceURLGenerator::class); + $fakeExternalAsset = 'https://cdn.example.com/some_library.css'; + $this->assertEquals($fakeExternalAsset, $generator->urlForResource($fakeExternalAsset)); + } } From e1a4b89912cae051db5b25fd53383a371589155c Mon Sep 17 00:00:00 2001 From: Dylan Wagstaff Date: Wed, 24 Jan 2018 09:04:22 +1300 Subject: [PATCH 5/9] Code lint fix change `else if` to `elseif` --- src/Control/SimpleResourceURLGenerator.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Control/SimpleResourceURLGenerator.php b/src/Control/SimpleResourceURLGenerator.php index 5a825dbd6..502e504df 100644 --- a/src/Control/SimpleResourceURLGenerator.php +++ b/src/Control/SimpleResourceURLGenerator.php @@ -71,7 +71,7 @@ class SimpleResourceURLGenerator implements ResourceURLGenerator $relativePath = $resource->getRelativePath(); $exists = $resource->exists(); $absolutePath = $resource->getPath(); - } else if (Director::is_absolute_url($relativePath)) { + } elseif (Director::is_absolute_url($relativePath)) { // Path is not relative, and probably not of this site return $relativePath; } else { From 3fce5372b03a111961ce5575ee916b6d67e6b876 Mon Sep 17 00:00:00 2001 From: Damian Mooyman Date: Wed, 24 Jan 2018 10:18:03 +1300 Subject: [PATCH 6/9] DOC Fix phpdoc on ArrayList::limit Fixes #7781 --- src/ORM/ArrayList.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ORM/ArrayList.php b/src/ORM/ArrayList.php index a358713b6..a012d4009 100644 --- a/src/ORM/ArrayList.php +++ b/src/ORM/ArrayList.php @@ -153,8 +153,8 @@ class ArrayList extends ViewableData implements SS_List, Filterable, Sortable, L /** * Get a sub-range of this dataobjectset as an array * - * @param int $offset * @param int $length + * @param int $offset * @return static */ public function limit($length, $offset = 0) From 6fafce766ec8535be034a182cb617e777795dd9b Mon Sep 17 00:00:00 2001 From: Roman Schmid Date: Wed, 24 Jan 2018 16:47:00 +0100 Subject: [PATCH 7/9] Fixed Rfc3339 implementation of Date and Datetime --- src/ORM/FieldType/DBDate.php | 14 +------------- tests/php/ORM/DBDateTest.php | 7 +++++++ tests/php/ORM/DBDatetimeTest.php | 7 +++++++ 3 files changed, 15 insertions(+), 13 deletions(-) diff --git a/src/ORM/FieldType/DBDate.php b/src/ORM/FieldType/DBDate.php index 71cca7d10..087af4fc8 100644 --- a/src/ORM/FieldType/DBDate.php +++ b/src/ORM/FieldType/DBDate.php @@ -322,19 +322,7 @@ class DBDate extends DBField */ public function Rfc3339() { - $date = $this->Format('y-MM-dd\\THH:mm:ss'); - if (!$date) { - return null; - } - - $matches = array(); - if (preg_match('/^([\-+])(\d{2})(\d{2})$/', date('O', $this->getTimestamp()), $matches)) { - $date .= $matches[1] . $matches[2] . ':' . $matches[3]; - } else { - $date .= 'Z'; - } - - return $date; + return date('c', $this->getTimestamp()); } /** diff --git a/tests/php/ORM/DBDateTest.php b/tests/php/ORM/DBDateTest.php index 6e00803dc..afd4719ee 100644 --- a/tests/php/ORM/DBDateTest.php +++ b/tests/php/ORM/DBDateTest.php @@ -330,4 +330,11 @@ class DBDateTest extends SapphireTest DBDatetime::clear_mock_now(); } + + public function testRfc3999() + { + // Dates should be formatted as: 2018-01-24T14:05:53+00:00 + $date = DBDate::create_field('Date', '2010-12-31'); + $this->assertEquals('2010-12-31T00:00:00+00:00', $date->Rfc3339()); + } } diff --git a/tests/php/ORM/DBDatetimeTest.php b/tests/php/ORM/DBDatetimeTest.php index b0e6f11a2..a824ecdae 100644 --- a/tests/php/ORM/DBDatetimeTest.php +++ b/tests/php/ORM/DBDatetimeTest.php @@ -204,4 +204,11 @@ class DBDatetimeTest extends SapphireTest DBDatetime::clear_mock_now(); } + + public function testRfc3999() + { + // Dates should be formatted as: 2018-01-24T14:05:53+00:00 + $date = DBDatetime::create_field('Datetime', '2010-12-31 16:58:59'); + $this->assertEquals('2010-12-31T16:58:59+00:00', $date->Rfc3339()); + } } From 7ba19fc282d9812316537d8f8a2f58397ad18ba5 Mon Sep 17 00:00:00 2001 From: Damian Mooyman Date: Thu, 25 Jan 2018 12:15:34 +1300 Subject: [PATCH 8/9] Update translations --- lang/eo.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lang/eo.yml b/lang/eo.yml index b14f918cd..e2fa9d591 100644 --- a/lang/eo.yml +++ b/lang/eo.yml @@ -100,6 +100,8 @@ eo: Save: Konservi SilverStripe\Forms\GridField\GridFieldEditButton_ss: EDIT: Redakti + SilverStripe\Forms\GridField\GridFieldGroupDeleteAction: + UnlinkSelfFailure: 'Ne povas forigi vin el ĉi tiu grupo; vi perdus administrajn rajtojn' SilverStripe\Forms\GridField\GridFieldPaginator: OF: de Page: Paĝo @@ -209,6 +211,7 @@ eo: many_many_Members: Membroj SilverStripe\Security\LoginAttempt: Email: 'Retpoŝta adreso' + EmailHashed: 'Retpoŝta adreso (haketa)' IP: IP-Adreso PLURALNAME: 'Provoj ensaluti' PLURALS: @@ -250,6 +253,7 @@ eo: SUBJECTPASSWORDCHANGED: 'Via pasvorto estas ŝanĝita' SUBJECTPASSWORDRESET: 'Via pasvorto reagordis ligilon' SURNAME: 'Familia nomo' + VALIDATIONADMINLOSTACCESS: 'Ne povas forigi ĉiujn administrajn grupojn el via profilo' ValidationIdentifierFailed: 'Ne povas anstataŭigi ekzistantan membron #{id} per sama identigilo ({name} = {value}))' WELCOMEBACK: 'Bonvenon denove, {firstname}' YOUROLDPASSWORD: 'Vian malnovan pasvorton' @@ -266,6 +270,8 @@ eo: SilverStripe\Security\MemberAuthenticator\MemberAuthenticator: ERRORWRONGCRED: 'La donitaj detaloj ŝajnas malĝustaj. Bonvole reprovu.' NoPassword: 'Mankas pasvorto por ĉi tiu membro.' + SilverStripe\Security\MemberAuthenticator\MemberLoginForm: + AUTHENTICATORNAME: 'Retpoŝto & pasvorto' SilverStripe\Security\MemberPassword: PLURALNAME: 'Membraj pasvortoj' PLURALS: From c7e341c67d62343574bc8b9ae0c82dd73714816d Mon Sep 17 00:00:00 2001 From: Damian Mooyman Date: Thu, 25 Jan 2018 12:26:49 +1300 Subject: [PATCH 9/9] Added 4.0.2 changelog --- docs/en/04_Changelogs/4.0.2.md | 72 ++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 docs/en/04_Changelogs/4.0.2.md diff --git a/docs/en/04_Changelogs/4.0.2.md b/docs/en/04_Changelogs/4.0.2.md new file mode 100644 index 000000000..1e7fcf208 --- /dev/null +++ b/docs/en/04_Changelogs/4.0.2.md @@ -0,0 +1,72 @@ +# 4.0.2 + + + +## Change Log + +### Security + + * 2017-11-30 [6ba00e829](https://github.com/silverstripe/silverstripe-framework/commit/6ba00e829a9fb360dfe5cb0bc3d4544016c82357) Prevent disclosure of sensitive information via LoginAttempt (Damian Mooyman) - See [ss-2017-009](http://www.silverstripe.org/download/security-releases/ss-2017-009) + * 2017-11-30 [db54112f3](https://github.com/silverstripe/silverstripe-framework/commit/db54112f3cca012e33257c782dffd7154bf663a5) user agent invalidation on session startup (Damian Mooyman) - See [ss-2017-006](http://www.silverstripe.org/download/security-releases/ss-2017-006) + * 2017-11-29 [22ccf3e2f](https://github.com/silverstripe/silverstripe-framework/commit/22ccf3e2f9092f51e7f7288ce108598c6f17b49c) Ensure xls formulae are safely sanitised on output (Damian Mooyman) - See [ss-2017-007](http://www.silverstripe.org/download/security-releases/ss-2017-007) + * 2017-11-21 [0f2049d4d](https://github.com/silverstripe/silverstripe-framework/commit/0f2049d4d466e05f5d7f07fc63580836de8c6bff) SQL injection in search engine (Daniel Hensby) - See [ss-2017-008](http://www.silverstripe.org/download/security-releases/ss-2017-008) + +### Features and Enhancements + + * 2018-01-16 [b46c8ba](https://github.com/silverstripe/silverstripe-assets/commit/b46c8ba6ba91a45e00885e78cc05953577c051a1) Add DBFile::Link() alias for DBFile::getURL() so that it matches File::Link() (Damian Mooyman) + * 2017-12-21 [4d60f01](https://github.com/silverstripe/silverstripe-installer/commit/4d60f01d2dd17febcf15c08ecdc07af7380694d0) add test for a `--no-dev` build (Christopher Joe) + +### Bugfixes + + * 2018-01-24 [6fafce766](https://github.com/silverstripe/silverstripe-framework/commit/6fafce766ec8535be034a182cb617e777795dd9b) ed Rfc3339 implementation of Date and Datetime (Roman Schmid) + * 2018-01-23 [f26ecdc](https://github.com/silverstripe/silverstripe-admin/commit/f26ecdcc00ad6157a1bf79a2317131c35f893e86) Badge component test: convert to Component and add truthy test (Robbie Averill) + * 2018-01-23 [9c3feb4ab](https://github.com/silverstripe/silverstripe-framework/commit/9c3feb4ab4c1b62f2dc6551d34a0d0f42221e4a0) Allow absolute URLs be use as resources (Dylan Wagstaff) + * 2018-01-23 [a62dabc](https://github.com/silverstripe/silverstripe-graphql/commit/a62dabc84d7983486ce65a8531400ea18a076793) Remove dependency on Doctrine module breaking with --prefer-dist (Damian Mooyman) + * 2018-01-23 [bdc3530](https://github.com/silverstripe/silverstripe-graphql/commit/bdc3530260adda629876008d9fbd67e677d7b3ec) Fix cors breaking if referer header is present (Damian Mooyman) + * 2018-01-23 [b44273d1d](https://github.com/silverstripe/silverstripe-framework/commit/b44273d1d6454568b150a5bab4ea0a5ceda81211) Better upload error message (Damian Mooyman) + * 2018-01-23 [99b9198](https://github.com/silverstripe/silverstripe-assets/commit/99b9198e734b05da91399160a3b09fd5ef92931b) Fix invalid name generation on windows (Damian Mooyman) + * 2018-01-22 [06c4c0e](https://github.com/silverstripe/silverstripe-admin/commit/06c4c0e8dbadd7ab443887c167465f12da57dec8) Non-required fields failing when empty (Damian Mooyman) + * 2018-01-22 [d49edf4](https://github.com/silverstripe/silverstripe-admin/commit/d49edf45b040229613915895f4d863f33a6f7f06) booting and store initialisation so that initial state is not triggered too early in the process (Christopher Joe) + * 2018-01-22 [e83cb91](https://github.com/silverstripe/silverstripe-admin/commit/e83cb91bb07d18c58ce1f1636ee1418e14e7a2e1) remove onDrillDown prop from td element (Christopher Joe) + * 2018-01-22 [60fa7558d](https://github.com/silverstripe/silverstripe-framework/commit/60fa7558d3fa691cba6ef9b682348bb4d737bbb7) Fix double casting in login authenticator name (Damian Mooyman) + * 2018-01-18 [16ad7e8fe](https://github.com/silverstripe/silverstripe-framework/commit/16ad7e8feaa395c2406323ed3a87d7d3fd6966a3) Make GridFieldConfig less susceptible to error when versioned isn't installed (Damian Mooyman) + * 2018-01-17 [f282df89](https://github.com/silverstripe/silverstripe-cms/commit/f282df89eaca9c375c1f9cd0264b4e79eba20d72) Add bootstrap styles to url segment field (Sacha Judd) + * 2018-01-16 [db610aaf3](https://github.com/silverstripe/silverstripe-framework/commit/db610aaf3bef897a1f3b5c60a307ee72a5d2a499) ing string concat CS issues (Daniel Hensby) + * 2018-01-16 [cc90cb012](https://github.com/silverstripe/silverstripe-framework/commit/cc90cb012583abd675b8c5e41044603f0b9e39cb) HTTPResponse::removeHeader incorrectly converts header name to lowercase (Robbie Averill) + * 2018-01-16 [f86b855c9](https://github.com/silverstripe/silverstripe-framework/commit/f86b855c909d683af4ddf0c8121e694094917ea8) Prevent basic-auth from disallowing logout (Damian Mooyman) + * 2018-01-15 [dc96862ca](https://github.com/silverstripe/silverstripe-framework/commit/dc96862cac39d3e439f0f9b9269b627afcfdc6aa) Forms run through FormHandler rather than Controllers now have access to current Request (Daniel Hensby) + * 2018-01-12 [634faa2](https://github.com/silverstripe/silverstripe-admin/commit/634faa2ec37a39cb78d66c37152983488b43f558) Prevent GridField autocomplete triggering change tracker (Damian Mooyman) + * 2018-01-11 [7d6634249](https://github.com/silverstripe/silverstripe-framework/commit/7d66342496698f7ab329e38c0a980ede851c105e) Allow extension instances to be overridden by injector (Daniel Hensby) + * 2018-01-11 [e4bfa53c](https://github.com/silverstripe/silverstripe-siteconfig/commit/e4bfa53c669d7bac5c1029911bb9007a73eee1bd) Fix incorrect ORM usage when saving siteconfig (Damian Mooyman) + * 2018-01-09 [2ef4a2d4e](https://github.com/silverstripe/silverstripe-framework/commit/2ef4a2d4ee86577b00311e65bbeb0439f7aaa1fc) , adding a missing return statement. (Nathan) + * 2018-01-09 [7649dfe](https://github.com/silverstripe/silverstripe-versioned/commit/7649dfe84faecbf821e99bafaa0e013fb6ca6c3f) Provide expected argument to onBefore/AfterPublish hooks (Daniel Hensby) + * 2018-01-08 [157aef8e](https://github.com/silverstripe/silverstripe-cms/commit/157aef8eb7c4455703c143463a3e8ccf5480fc89) Implement correct subsites namespace in File extension (Robbie Averill) + * 2018-01-08 [0fe3f6bf](https://github.com/silverstripe/silverstripe-siteconfig/commit/0fe3f6bfab7b99e07632ebb86ca374bc6e482a35) Remove classmap for folder that doesn't have classes (Damian Mooyman) + * 2017-12-21 [0bc26fe](https://github.com/silverstripe/silverstripe-admin/commit/0bc26feef7c388b4a26fa26302150fe1b1154b61) Update input-group-addon-bg variable (Sacha Judd) + * 2017-12-21 [44930f211](https://github.com/silverstripe/silverstripe-framework/commit/44930f211be3f658fc92f2d5318255de03078701) Allow HTML 5 input tags in FunctionalTest form submissions (Daniel Hensby) + * 2017-12-20 [f885101a1](https://github.com/silverstripe/silverstripe-framework/commit/f885101a1b7d6a439b51615e566d4fc1879d1017) Fix basic auth in PHP-CGI (Damian Mooyman) + * 2017-12-19 [dd75e68](https://github.com/silverstripe/silverstripe-installer/commit/dd75e68f86a041e17624590f332804cee4c5e00e) travis OS build version so that behat will function (Christopher Joe) + * 2017-12-19 [2fb05ee](https://github.com/silverstripe/silverstripe-asset-admin/commit/2fb05ee7fad729c25fe7c1286de2b0b58541bbc3) issue when deleting a recently uploaded files (Saophalkun Ponlu) + * 2017-12-19 [1f6c1b0](https://github.com/silverstripe/silverstripe-asset-admin/commit/1f6c1b08256ec4edc4315d143a202581c8d66af2) mouse multi-section prevent buttons from working (Saophalkun Ponlu) + * 2017-12-18 [1e93f1eb](https://github.com/silverstripe/silverstripe-siteconfig/commit/1e93f1ebb5bff620f90c32ff7888ca51097cd945) Require branch alias for silverstripe/serve to ensure SS4 compatibility (Robbie Averill) + * 2017-12-17 [249e33a](https://github.com/silverstripe/silverstripe-admin/commit/249e33a56d53b68392b6dc2d3b4d93179dec3387) Ensure testLeftAndMainSubclasses test runs some assertions (Robbie Averill) + * 2017-12-17 [ea8ed5067](https://github.com/silverstripe/silverstripe-framework/commit/ea8ed5067d3c4e0b98e1bf8ef30461b6d3d5d7ff) Allow Requirements::block to handle module resource paths (Robbie Averill) + * 2017-12-15 [369653b5d](https://github.com/silverstripe/silverstripe-framework/commit/369653b5dfcc3e0ed08a49a68b74b1d3da92aa96) Ensure last GridField column when non sortable has its title displayed (Raissa North) + * 2017-12-14 [81150c592](https://github.com/silverstripe/silverstripe-framework/commit/81150c59225dbf1e95bb0b4dbcfbe18346f2bdff) Use PHP 5.3 array syntax (Daniel Hensby) + * 2017-12-14 [ce07e4781](https://github.com/silverstripe/silverstripe-framework/commit/ce07e4781e8fbb5d46b2ff4d9d9115fb37be36dc) Do database migrations before default records (Damian Mooyman) + * 2017-12-14 [ed6561d9f](https://github.com/silverstripe/silverstripe-framework/commit/ed6561d9f52dbe0eec30576b48c2eeb28b0329fd) Fix incorrect merge of associative / non-associative summary fields (Damian Mooyman) + * 2017-12-13 [ad066ba](https://github.com/silverstripe/silverstripe-asset-admin/commit/ad066ba55d8e47858de281c79e5514bccb17a9ba) server error responses not displaying in UI (Aaron Carlino) + * 2017-12-12 [4ed1fb1](https://github.com/silverstripe/silverstripe-assets/commit/4ed1fb13f3422520a364c311311597bea739abf5) Less restrictive arguments for image resize (Damian Mooyman) + * 2017-12-12 [eb6c1fc6d](https://github.com/silverstripe/silverstripe-framework/commit/eb6c1fc6de2e4863198ce5d1f96bfb3e32ae2b8d) Allow the current controller as well as injectable HTTPRequest objects (Robbie Averill) + * 2017-12-12 [097d0697c](https://github.com/silverstripe/silverstripe-framework/commit/097d0697c5603889f871fa7767e1eddc91809b42) Use Injector to retrieve the current session (Robbie Averill) + * 2017-12-12 [165dd7b](https://github.com/silverstripe/silverstripe-asset-admin/commit/165dd7b1b0e2f24655009b25c9aff6db60c55e73) UploadField to be injectable (Christopher Joe) + * 2017-12-12 [6c5f1a8](https://github.com/silverstripe/silverstripe-admin/commit/6c5f1a83e97a2290947c02e5cce1b510eb0bf337) TreeDropdownField layout (Christopher Joe) + * 2017-12-11 [6b43dd5](https://github.com/silverstripe/silverstripe-campaign-admin/commit/6b43dd56ad1ad752518e8d8f4448fd2da1d1e147) travis build (Christopher Joe) + * 2017-12-11 [2391af5ba](https://github.com/silverstripe/silverstripe-framework/commit/2391af5ba7f6851bbefa71bd835ed64e73ac198f) literal linting (Damian Mooyman) + * 2017-12-11 [0e1753f33](https://github.com/silverstripe/silverstripe-framework/commit/0e1753f33d855dd1567a4ac416d6031aa5e994e2) Only show table_name warning on dev/build (Loz Calver) + * 2017-12-10 [69decdf3a](https://github.com/silverstripe/silverstripe-framework/commit/69decdf3a408769abb4cccec744901864e661579) Don't warn on table name for classes without tables (Damian Mooyman) + * 2017-12-05 [8477de15](https://github.com/silverstripe/silverstripe-siteconfig/commit/8477de15203c4c80ca55365200fa3c7c031d70d8) Remove unused Behat tests from 3.6 branch (Robbie Averill) + * 2017-11-30 [84d7afb34](https://github.com/silverstripe/silverstripe-framework/commit/84d7afb3477885e9d69f2ac10838179efc1d3b91) Use baseDataClass for allVersions as with other methods (Daniel Hensby) + * 2017-11-23 [2ad3cc07d](https://github.com/silverstripe/silverstripe-framework/commit/2ad3cc07d583041e23a5dca0d53ffbdf8c9cd0d0) Update meber passwordencryption to default on password change (Daniel Hensby) + * 2017-11-16 [e4b1fb2](https://github.com/silverstripe/silverstripe-campaign-admin/commit/e4b1fb2e88d50810631c590f832be9e552c5a3e7) issue where there's no error for duplicate name (Saophalkun Ponlu) + * 2016-03-20 [805c38f10](https://github.com/silverstripe/silverstripe-framework/commit/805c38f107e7e332d2846407e0a89cade1d33ed1) don't try and switch out of context of the tab system (Stevie Mayhew)