Commit Graph

20243 Commits

Author SHA1 Message Date
Robbie Averill
beec0c0d47 [SS-2018-010] Fix regression of SS-2017-002 2018-05-14 17:12:07 +12:00
Robbie Averill
1e6790bfb6
Merge pull request #62 from silverstripe-security/pulls/4.0/ss-2018-001
[ss-2018-001] Restrict non-admins from being assigned to admin groups
2018-05-14 17:11:03 +12:00
Damian Mooyman
e409d6f673 [ss-2018-001] Restrict non-admins from being assigned to admin groups 2018-05-14 17:10:22 +12:00
Robbie Averill
39b62e5fbb
Merge pull request #61 from silverstripe-security/pulls/4.0/ss-2018-008
[ss-2018-008] Validate against malformed urls
2018-05-14 17:07:09 +12:00
Damian Mooyman
9053014a7e [ss-2018-008] Validate against malformed urls 2018-05-14 17:06:47 +12:00
Robbie Averill
6f50728b18
Merge pull request #59 from silverstripe-security/pulls/4.0/ss-2018-006
[ss-2018-006] Prevent code execution in template value resolution
2018-05-14 17:06:04 +12:00
Robbie Averill
cd716fb61b Switch check for is_string 2018-05-14 17:05:31 +12:00
Damian Mooyman
2e13ae746f [ss-2018-006] Prevent code execution in template value resolution 2018-05-14 17:05:31 +12:00
Robbie Averill
3e205d69c3
Merge pull request #57 from silverstripe-security/pulls/4.0/ss-2018-005
[ss-2018-005] Prevent unauthenticated isDev / isTest being allowed
2018-05-14 17:04:23 +12:00
Damian Mooyman
d935140a95 [ss-2018-005] Prevent unauthenticated isDev / isTest being allowed 2018-05-14 17:03:39 +12:00
Robbie Averill
91327ab63e
Added 3.6.6 changelog 2018-05-14 10:59:58 +12:00
Robbie Averill
097f16282d
Added 3.6.6-rc1 changelog 2018-05-10 16:03:20 +12:00
Robbie Averill
0408048653
Merge pull request #71 from silverstripe-security/pulls/3.6/ss-2018-014
[SS-2018-014] Remove dotm, potm, jar, css, js, xltm from default File.allowed_extensions
2018-05-10 15:55:32 +12:00
Robbie Averill
19fdebfa24 [SS-2018-014] Remove dotm, potm, jar, css, js, xltm from default File.allowed_extensions 2018-05-10 15:53:11 +12:00
Robbie Averill
8b750b3d80 Merge remote-tracking branch 'origin/3.5.8' into 3.6.6 2018-05-10 15:52:23 +12:00
Robbie Averill
89dcc93a4f
Added 3.5.8 changelog 2018-05-10 12:00:45 +12:00
Robbie Averill
9d055dd946
Added 3.5.8-rc1 changelog 2018-05-10 09:38:54 +12:00
Robbie Averill
65668b8b58
Merge pull request #63 from silverstripe-security/pulls/3.6/ss-2018-001
[ss-2018-001] Restrict non-admins from being assigned to admin groups
2018-05-10 09:25:19 +12:00
Damian Mooyman
5771388821 [ss-2018-001] Restrict non-admins from being assigned to admin groups 2018-05-09 15:12:40 +12:00
Robbie Averill
fe5a271634
Merge pull request #8048 from open-sausages/pulls/4/docs-release-proc
Release process docs improvements
2018-05-08 11:25:15 +12:00
Robbie Averill
9231e2caaf
Merge pull request #8054 from open-sausages/pulls/4/docs-contrib-committers
Document contributing committers
2018-05-08 11:24:12 +12:00
Ingo Schommer
10328a8970 Less conflicting statement on security fix release lines 2018-05-07 21:20:39 +12:00
Ingo Schommer
27ec9724cb Document contributing committers
See https://github.com/silverstripe/silverstripe-framework/pull/8021#issuecomment-386423095
2018-05-07 20:07:13 +12:00
Robbie Averill
53938f3bde
DOCS Update references to open source JIRA > GitHub, minimum PHP version update 2018-05-07 14:27:43 +12:00
Robbie Averill
9a9b95b4f6
Merge pull request #8050 from vincentneuts/patch-2
DOCS: Import HTTPRequest missing in Controller example
2018-05-04 11:28:37 +12:00
vincentneuts
ceb5feab5e
DOCS: Import HTTPRequest missing in Controller example 2018-05-04 11:11:23 +12:00
Robbie Averill
54e566d350
Merge pull request #8049 from xcopy/patch-2
Update 00_Member.md
2018-05-04 08:52:22 +12:00
Kairat Jenishev
b4ba3cbd1f
DOCS Fix broken links and headers 2018-05-03 16:42:52 +01:00
Maxime Rainville
68cc9d0015
Merge pull request #8021 from open-sausages/pulls/4/update-doc-with-reorganise-upgrader-command
Add reference to the reorganise command
2018-05-03 15:52:47 +12:00
Ingo Schommer
63b1f0153d Clarify roadmap and change releases location for docs 2018-05-03 15:19:45 +12:00
Ingo Schommer
4ccfa94132 Removed docs about pre-semver times
We no longer support those versions, so it's just noise.
2018-05-03 14:52:52 +12:00
Daniel Hensby
80bf0fc487
FIX bad syntax 2018-05-02 11:43:12 +01:00
Daniel Hensby
d5e2d3fa67
Merge branch '3.6' into 4.0 2018-05-01 21:47:17 +01:00
Daniel Hensby
cda61fb1ec
Merge branch '3.5' into 3.6 2018-05-01 20:23:21 +01:00
Daniel Hensby
62631dc3ee
Merge pull request #8013 from open-sausages/pulls/4.1/fix-password-validator-fields
BUG Prevent password validator min score producing false negatives
2018-04-30 12:16:56 +01:00
Daniel Hensby
c5b0bd8a13
Merge pull request #8042 from JorisDebonnet/patch-1
Fix phpdoc for DataList::relation method (namespace)
2018-04-30 11:58:40 +01:00
JorisDebonnet
1d3e83838d
Fix phpdoc for relation method (namespace) 2018-04-30 02:10:33 +02:00
Damian Mooyman
5a831485bf
Merge pull request #8040 from azt3k/patch-3
Fixes a count() php warning without an api change
2018-04-30 08:57:07 +12:00
Daniel Hensby
2a9ef6ef94
Merge pull request #8039 from ngaitahutourism/3.6
Address issue #8038
2018-04-27 10:22:46 +01:00
Matthew Walker
766b2a4947
Address issue #8038
Within TinyMCE, adding a link to "page on the site" generates an error "Target page not found" under the Anchor field.
2018-04-27 09:50:21 +01:00
azt3k
6b39b25e20
Fixes a count() php warning without an api change
Warning: count(): Parameter must be an array or an object that implements Countable in /path/to/vendor/silverstripe/framework/src/Security/Member.php on line 1355
2018-04-27 09:31:07 +01:00
Damian Mooyman
d4bc386b34
DOC Document requirements for Configurable trait 2018-04-26 12:35:02 +12:00
Damian Mooyman
9cb769327f
Merge pull request #8033 from gorriecoe/4
[Fix] Added isset check for registered controller links in dev admin
2018-04-26 12:21:46 +12:00
Al
83ae96d2e1
config *method* 2018-04-26 11:01:46 +12:00
Al
5e134355f4
Adjust wording 2018-04-26 10:59:03 +12:00
Al
4a0148a2bf
Document requirements for Configurable trait 2018-04-26 10:49:38 +12:00
Daniel Hensby
e9d3996a4c
Merge pull request #8027 from blueskies79/patch-1
Add documentation on relating to core classes
2018-04-24 17:28:47 +01:00
Gorrie Coe
59f598d639 Added isset check for registered controller links in dev admin 2018-04-24 22:34:37 +12:00
blueskies79
84ae5ba321
Added FQCN for Image and File in use statements
Sorry, first pull request. I added the Image and File use statements as requested. And surrounded the has_many example with the class name so it makes more sense.
2018-04-24 10:49:45 +02:00
Robbie Averill
1505a89a63 Update to include note about auto redirect to HTTPS for basic auth 2018-04-24 16:42:52 +12:00