Steve Boyd
b5abc38455
CVE-2021-41559 Disable xml entities
2022-06-28 17:04:34 +12:00
Steve Boyd
991aedf017
[CVE-2022-25238] Sanitise htmlfields serverside by default
2022-06-28 17:03:05 +12:00
Guy Sartorelli
d2c58f3bbc
[CVE-2022-28803] Block XSS in links and iframes.
2022-06-28 17:01:53 +12:00
Steve Boyd
73325f2186
MNT Added 4.11.0 changelog
2022-06-28 16:53:50 +12:00
Guy Sartorelli
8d698067a6
Merge pull request #10371 from bummzack/patch-2
...
fix: Syntax for declaring enums in YML
2022-06-28 16:36:46 +12:00
Guy Sartorelli
4d18d36625
DOC Remove pre-release warnings from GraphQL docs. ( #10354 )
2022-06-28 16:27:06 +12:00
Roman Schmid
fbee03562b
fix: Syntax for declaring enums in YML
...
Similar issue to #10223
2022-06-27 16:23:26 +02:00
Steve Boyd
c80e10f892
FIX PDO transaction in PHP 8, add GitHub Actions CI ( #10360 )
2022-06-27 15:30:03 +12:00
Sabina Talipova
ad581d9673
Merge pull request #10365 from creative-commoners/pulls/4/docs-for-adding-backtrace-filters
...
DOCS Encourage filtering sensitive arguments from logged backtraces.
2022-06-27 14:18:37 +12:00
Sabina Talipova
f63655bd40
Merge pull request #10364 from creative-commoners/pulls/4/update-backtrace-filter-methods
...
ENH Update list of filtered backtrace methods
2022-06-27 14:18:23 +12:00
Guy Sartorelli
f276fccb78
DOC Review 4.11.0 changelog notes ( #10356 )
...
* DOCS Add missing content from beta/rc changelogs
* DOCS Add documentation for report count limiting.
This was added to the report module README but really belongs here.
* DOCS Add information about some new features.
* DOCS Add and standardise anchor links.
* DOCS Various updates to wording and formatting in 4.11.0 changelog
* DOCS Move php changelog notes
This is consistent with their placement in the 4.10.0 changelogs.
* DOCS Requested PR changes
* DOCSUse relative URLs for links to docs from changelog.
* DOCS Use code blocks for terminal commands
* DOCS requested PR changes
* DOCS Don't need to inline recipe to downgrade graphql.
* DOCS Move php parts back where they were.
* DOCS Fix typos in changelog.
2022-06-27 11:37:34 +12:00
Steve Boyd
b7d0e9dc28
DOC Update github label definitions
2022-06-27 11:15:10 +12:00
Guy Sartorelli
6a8915b316
DOCS Encourage filtering sensitive arguments from logged backtraces.
2022-06-23 16:10:30 +12:00
Guy Sartorelli
86cf404944
MNT Add test for backtrace class checking method.
2022-06-23 15:54:36 +12:00
Guy Sartorelli
74e5a94b32
ENH Update list of methods to have filtered args in backtrace.
2022-06-23 15:18:28 +12:00
Guy Sartorelli
d448622ff4
ENH Allow subclasses to be defined for backtrace filtered functions.
2022-06-23 15:17:33 +12:00
Guy Sartorelli
2b0df58176
ENH Minor performance enhancement for backtrace.
...
Don't keep processing when we've found a match.
2022-06-23 15:16:46 +12:00
Guy Sartorelli
268a66418b
ENH Move backtrace ignored functions into yml config.
...
Each module that adds its own methods will do it via yml. This keeps
framework consistent with the others.
2022-06-23 14:24:23 +12:00
Guy Sartorelli
7f7feb8604
ENH Refactor Backtrace to be a bit more readable.
2022-06-23 13:57:08 +12:00
Guy Sartorelli
139fa07bcb
DOCS Remove backticks from gatsby metadata in docs. ( #10357 )
2022-06-15 13:33:11 +12:00
Loz Calver
be19fa7f3d
Merge pull request #10352 from oddnoc/phan-help
...
Correct declaration of variadic $args as array
2022-06-13 09:18:14 +01:00
Loz Calver
d2df0650db
Merge pull request #10355 from creative-commoners/pulls/4/group-title-test
...
MNT Add test for programatically adding blank Group title.
2022-06-13 09:17:06 +01:00
Guy Sartorelli
e8194123a6
MNT Add test for programatically adding blank Group title.
2022-06-13 16:32:10 +12:00
Fred Condo
f670eb4980
Correct declaration of variadic $args to mixed
...
Declaring as array confuses static analyzers, specifically phan, which
throws PhanTypeMismatchArgument for every invocation of
Injectable::create(). Correcting this declaration in the doc block
prevents all those false positives.
2022-06-09 14:27:42 -07:00
Paweł Suwiński
1c85d151a6
NEW Add factory_method configuration to Injector
...
use callable as well as creator
2022-06-09 13:57:47 +12:00
Maxime Rainville
3799bceff3
Merge pull request #10344 from creative-commoners/pulls/4/public-graphql-dir
...
DOCS Update server requirements to account for public/_graphql/
2022-06-08 22:03:28 +12:00
Maxime Rainville
22d992a22b
DOC Update documentation for GraphQL v4 ( #10325 )
...
* DOC Add upgrade guidance for GraphQL v4
* Move docs around
The existing upgrading docs are for upgrading to v4, whereas the new docs are more about how to handle the new .graphql-generated directory.
* Update graphql documentation
* More updates to doc
Co-authored-by: Guy Sartorelli <guy.sartorelli@silverstripe.com>
2022-06-08 17:23:48 +12:00
Guy Sartorelli
0bd3fae7e1
DOCS Update server requirements to account for public/_graphql/
2022-06-08 09:12:03 +12:00
Jonathan Copson
2c30438b01
DOCS Add missing colon to CORS docs example
2022-06-07 14:00:29 +12:00
Guy Sartorelli
40ba78fd63
Merge pull request #10348 from AntonyThorpe/patch-2
...
Updated 2_configuring_your_schema.md
2022-06-05 19:22:21 +12:00
Antony Thorpe
ab3375ce26
Updated 2_configuring_your_schema.md
...
Fixed tiny inconsistency in `Namespacing by directory name`
2022-06-05 18:40:24 +12:00
Guy Sartorelli
5a4b35875a
Merge pull request #10346 from AntonyThorpe/patch-1
...
Updated 07_nested_definitions.md
2022-06-04 23:32:14 +12:00
Antony Thorpe
1c88e989e2
Updated 07_nested_definitions.md
...
Missing colon
2022-06-04 21:56:51 +12:00
Guy Sartorelli
fa3556746f
Merge pull request #10335 from creative-commoners/pulls/4/samesite-cookies
...
ENH Add samesite attribute to cookies.
2022-06-02 12:49:34 +12:00
Guy Sartorelli
31c974c528
ENH Add samesite attribute to cookies.
...
Co-authored-by: pine3ree <pine3ree@gmail.com>
2022-06-02 12:01:03 +12:00
Maxime Rainville
6c09173647
Merge pull request #10339 from creative-commoners/pulls/4/graphql-generated-docs
...
DOCS Correct references to graphql v4 schema build dir
2022-06-01 21:09:10 +12:00
Guy Sartorelli
c8990e6949
Merge pull request #10340 from creative-commoners/pulls/4/rc1-changelog
...
DOC Add 4.11.0-rc1 changelog
2022-05-30 16:45:41 +12:00
Steve Boyd
112284975a
DOC Add 4.11.0-rc1 changelog
2022-05-30 16:43:09 +12:00
Christian Bünte
d37ddedd90
Fix i18nTextCollector produces corrupt output / namespaces when running under PHP8.0 ( #10228 )
...
* FIX i18nTextCollector produces corrupt output / namespaces when running under PHP8.0
2022-05-30 15:04:51 +12:00
Guy Sartorelli
413897503d
DOCS Correct references to graphql v4 schema build dir
2022-05-30 12:12:04 +12:00
Guy Sartorelli
8ae7f30c41
Merge branch '4.11' into 4
2022-05-27 15:19:51 +12:00
Guy Sartorelli
dec85819bd
Merge branch '4.10' into 4.11
2022-05-27 15:19:39 +12:00
Guy Sartorelli
0bc3ed4d2c
Merge branch '4.9' into 4.10
2022-05-27 15:19:17 +12:00
Guy Sartorelli
2cf1725ba6
Merge pull request #10317 from silverstripe-terraformers/feature/mock-sleep
...
NEW: Mock sleep unit test utility.
2022-05-27 13:52:01 +12:00
Guy Sartorelli
9d73b7b4bd
Merge branch '4.11' into 4
2022-05-27 12:55:53 +12:00
Guy Sartorelli
972a77f4d3
Merge branch '4.10' into 4.11
2022-05-27 12:55:35 +12:00
Steve Boyd
825dd4b10d
Merge pull request #10333 from creative-commoners/pulls/4.10/fix-group-code-dedupe
...
FIX Resolve deduping problem with group codes.
2022-05-27 12:22:36 +12:00
Guy Sartorelli
e0c4f01c11
FIX Resolve deduping problem with group codes.
...
Also remove dead validation code.
2022-05-27 11:19:32 +12:00
Steve Boyd
6f27dadae8
Merge branch '4.11' into 4
2022-05-26 12:39:09 +12:00
Steve Boyd
dccaa9135e
Merge pull request #10334 from creative-commoners/pulls/4.11/mysql8-pdo-test
...
MNT Update utf8 aliases for mysql 8 and mariadb 10.6
2022-05-26 12:38:18 +12:00