Maxime Rainville
a24a923d0c
DOC Create dedicated article about limiting allowed file types ( #9505 )
2020-05-20 20:36:51 +12:00
Michal Kleiner
21129b1624
Use short array syntax across the framework's codebase
2020-05-16 10:34:45 +01:00
Maxime Rainville
62703d5cad
DOC Document new in-modal file editing in changelogs
2020-04-29 10:28:55 +12:00
Garion Herman
450461e82b
DOCS Fix module version table formatting in 4.5.2 changelog
2020-04-23 23:21:13 +12:00
Garion Herman
50484417da
Merge branch '4.5' into 4
2020-04-23 23:11:46 +12:00
Garion Herman
5a5ecc5151
DOCS Add Recipes section, add module version breakdown to 4.5.2
2020-04-23 15:11:08 +12:00
Maxime Rainville
9766302869
DOC Fix broken merge request in change logs
2020-04-15 12:53:44 +12:00
Maxime Rainville
7da77be5ce
Merge branch '4.5' into 4
2020-04-15 08:22:27 +12:00
Maxime Rainville
14bbaac1cb
Merge tag '4.5.3' into 4.5
...
Release 4.5.3
2020-04-14 14:23:57 +12:00
Maxime Rainville
de8fd82c55
Merge branch '4.4' into 4.5
2020-04-14 14:18:18 +12:00
Maxime Rainville
1fe6255f9b
Merge tag '4.4.6' into 4.4
...
Release 4.4.6
2020-04-14 14:13:59 +12:00
Maxime Rainville
10c32aaa28
Added 4.5.2 changelog
2020-04-14 11:02:06 +12:00
Maxime Rainville
092acc7112
Added 4.4.6 changelog
2020-04-14 10:59:19 +12:00
Maxime Rainville
052ce6916c
DOC Explain how to use the new file migation sub tasks in the 4.4.6/4.5.2 changelogs
2020-04-13 19:39:24 +12:00
Maxime Rainville
4b0345bee7
DOC Explain how to use the new file migation sub tasks in the 4.4.6/4.5.2 changelogs
2020-04-13 17:16:29 +12:00
Ingo Schommer
c6b698cb02
NEW Allow InnoDB for FULLTEXT indexes
...
MyISAM used to be the only one to support it, now InnoDB has caught up.
Unless an engine is set specifically in create_table_options,
this will auto-convert existing MyISAM tables to InnoDb.
Fixes #9242
2020-04-09 10:32:45 +12:00
Serge Latyntcev
6c39962b7a
Merge branch '4.5' into 4
2020-02-19 10:21:11 +13:00
Serge Latyntcev
6c2f179a43
Merge branch '4.4' into 4.5
2020-02-19 10:20:50 +13:00
Bernard Hamlin
765810b013
Update CVE number to CVE-2019-19325
2020-02-19 09:58:12 +13:00
Maxime Rainville
affd43052a
Merge branch '4.5' into 4
2020-02-17 18:11:23 +13:00
Maxime Rainville
5fd16cd7e1
Add 4.5.1 changelog
2020-02-17 17:47:23 +13:00
Maxime Rainville
7ce2abf74d
Merge remote-tracking branch 'origin/4.4' into 4.5
2020-02-17 14:43:38 +13:00
Maxime Rainville
a9598eec3f
Added 4.4.5 changelog
2020-02-17 14:02:57 +13:00
Maxime Rainville
acd7d94167
Merge branch '4.4' into 4.5
2020-02-17 13:07:26 +13:00
Serge Latyntcev
ad1b00ec7d
[CVE-2019-19325] XSS through non-scalar FormField attributes
...
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
2020-02-17 09:58:29 +13:00
Garion Herman
81497776f3
DOC Tweak names and link in 4.5.0 changelog
2019-12-20 09:53:30 +13:00
Serge Latyntcev
eaf6bca706
Merge branch '4.5' into 4
2019-12-19 11:26:38 +13:00
Serge Latyntcev
08eaed4190
Added 4.5.0 changelog
2019-12-19 11:24:04 +13:00
Serge Latyntcev
e1a1459df3
Added 4.5.0-rc2 changelog
2019-12-19 11:23:31 +13:00
Serge Latyntcev
7f7111f6f3
Doc add RC changelogs
2019-11-20 17:14:54 +13:00
Serge Latyntcev
f67e15b8ee
Merge branch '4.5' into 4
2019-11-20 11:12:49 +13:00
Ingo Schommer
cca6d8e1be
DOCS Remove archive download references ( #9250 )
...
See https://github.com/silverstripe/silverstripe-framework/issues/9232 .
Also simplifies composer instructions a bit:
- Removes composer update --no-dev references, that's a bit of an edge case that people can just discover on getcomposer.org if they need it
- Changed example from the unused and oudated silverstripe/forum to silverstripe/blog
- Updated example versions to 4.x
- Remove "updating composer" section, it now tells you if its out of date
- Remove ss-auto-git-ignore module reference. The module hasn't been updated in ages, and it's much less necessary now that all relevant modules are on composer
- Add .env example config to getting started docs, I didn't realise it was stripped from the default --prefer-dist composer install
2019-11-18 20:02:00 +13:00
Aaron Carlino
6888901468
NEW: Update docs to be compliant with Gatsby site ( #9314 )
...
* First cut
* Temporarily disable composer.json for netlify build
* POC
* New recursive directory query, various refinements
* Fix flexbox
* new styled components plugin
* Apply frontmatter delimiters
* Mobile styles, animation
* Search
* Redesign, clean up
* Nuke the cache, try again
* fix file casing
* Remove production env file
* ID headers
* Move app to new repo
* Add frontmatter universally
* Hide children changelogs
* Add how to title
* New callout tags
* Revert inline code block change
* Replace note callouts
* Fix icons
* Repalce images
* Fix icon
* Fix image links
* Use proper SQL icon
2019-11-18 17:58:33 +13:00
Serge Latyntcev
84d0d75e96
Added 4.5.0-rc1 changelog
2019-11-18 17:18:05 +13:00
Serge Latyntcev
efc9bec5e6
Added 4.5.0-alpha1 changelog
2019-11-14 14:39:41 +13:00
Serge Latyntsev
80b282b605
DOC Forget about google groups
2019-09-26 14:39:38 +12:00
Aaron Carlino
b0a17f5df1
Update changelog
2019-09-25 11:23:57 +12:00
Serge Latyntcev
88fde6e7c3
Merge branch '4.4' into 4
2019-09-24 17:29:06 +12:00
Serge Latyntcev
50a1aa4c4d
Merge branch '4.3' into 4.4
2019-09-24 17:28:31 +12:00
Aaron Carlino
b002ef1171
Merge branch '4.4' into 4
2019-09-24 17:26:50 +12:00
Serge Latyntcev
26a4fb38ba
Added 4.3.6 changelog
2019-09-24 17:20:48 +12:00
Aaron Carlino
79a89e751d
Added 4.4.4 changelog
2019-09-24 17:05:26 +12:00
Aaron Carlino
c1047fac32
DOCS: Add docs for versioned files migration
2019-09-24 16:04:22 +12:00
Aaron Carlino
28057e3a71
DOCS: Add FileShortcodeProvider change to changelog
2019-09-24 16:03:48 +12:00
Aaron Carlino
1f92b21a04
DOCS: Add FileShortcodeProvider change to changelog
2019-09-24 16:03:48 +12:00
Aaron Carlino
8ee5e621fd
DOCS: Add docs for versioned files migration
2019-09-24 16:00:51 +12:00
Aaron Carlino
99ab3c6421
DOCS: Add FileShortcodeProvider change to changelog
2019-09-24 16:00:51 +12:00
Ingo Schommer
229df95fe9
DOCS Warning about protected file serving in 4.x
2019-09-13 18:01:44 -07:00
Serge Latyntsev
233e0e7aa0
ENH PasswordExpirationMiddleware implementation ( #9207 )
2019-09-12 14:34:06 +12:00
Aaron Carlino
da6582f593
NEW: Remove web installer, move to separate package ( #9231 )
...
* Remove installer
* Remove exposed install files
* Replace Dev/Install classes still in use
* Update changelog
* FIX make the grid field actions consistent to what they look like on pages
Resolves https://github.com/silverstripe/silverstripe-admin/issues/904
* Docs changes
2019-09-11 13:10:25 +12:00
Ingo Schommer
ca5b1cbf61
DOCS Rewrite server requirements
...
* Remove overly specific PHP RNG instructions (that's just built into PHP7 through random_bytes now, which will throw if no suitable RNG is available)
* Remove PHP 5 RNG requirements, since we don't support that PHP release any mre
* Remove verbose explanation of PHP 5.6 support
* Remove conflicting instructions for PHP memory limits
* Remove version numbers from supporetd databases other than MySQL, it's up to the community modules to define that
* Remove Oracle support (code is nine years old!)
* Make "community supported" status clearer on databases, people can draw their own conclusions as open source users on Github
* Remove IIS version number, I think we should just stick to "needs web.config" and not give the impression that this is actively tested
* Remove mention of OSes for web servers, that's kind of irrelevant in today's hosting world (containers, PaaS, etc)
* Shorten install instructions in favour of a "quickstart" and point to lessons instead
* Remove mention of archive download option, we really shouldn't promote this - composer is the de-facto standard
* Add generic descriptions of the hosting environment considerations without going too much into specifics
* Remove Apache version number, we don't test on different versions, and really mostly rely on mod_rewrite working properly. Laravel does the same (doesn't claim specific Apache version support)
2019-09-03 18:38:15 +12:00
Guy Marriott
f676672f76
Merge branch '4.4' into 4
2019-08-19 16:10:30 +12:00
Guy Marriott
a6614d8a77
Added 4.4.3 changelog
2019-08-19 15:01:22 +12:00
James Cocker
f68fac2c47
4.4.0 Upgrade Docs: Clarified that the shortcode task isn't run automatically
2019-08-16 14:42:16 +01:00
Aaron Carlino
684f5311a0
Merge branch '4.4' into 4
2019-08-13 12:15:39 +12:00
Aaron Carlino
8cfd3f07ba
Added 4.4.2 changelog
2019-08-12 16:08:07 +12:00
Robbie Averill
4936d265a2
DOCS Remove statement about a strict error when overloading PDOQuery constructor
...
Constructors are not bound by method signature match rules in PHP
2019-08-09 09:16:31 +12:00
Robbie Averill
2a1394bed7
Merge branch '4.4' into 4
2019-07-19 10:46:00 +02:00
Robbie Averill
40f06fafa9
Merge branch '4.3' into 4.4
2019-07-19 10:45:44 +02:00
Robbie Averill
c7b15eaef5
Merge branch '4.2' into 4.3
2019-07-19 10:45:29 +02:00
Ingo Schommer
4d93e48b10
DOCS Add silverstripe/login-forms ( #9112 )
...
See https://github.com/silverstripe/recipe-cms/issues/26 .
Dependant on https://github.com/silverstripe/silverstripe-installer/pull/257 .
2019-07-16 10:11:37 +12:00
Serge Latyntcev
29a663c65d
Merge branch '4.4' into 4
2019-07-15 09:24:49 +12:00
Serge Latyntcev
d667d64f13
Merge branch '4.3' into 4.4
2019-07-15 09:18:17 +12:00
Saophalkun Ponlu
6a8c6703d1
Remove use_gzip
from HTMLEditorField since it's been removed by TinyMCE codebase ( #7261 )
...
* Remove `use_gzip` from HTMLEditorField
* DOCS Mention remove use_gzip in changelog
2019-06-21 09:27:48 +12:00
Serge Latyntcev
5be0c15587
Doc / Fix link to SS-2019-022 in changelogs
2019-06-19 15:14:16 +12:00
Ingo Schommer
49c04bf9cc
DOCS Shortcode upgrade section
2019-06-18 09:20:38 +12:00
Guy Marriott
bb5b610636
Merge branch '4.4' into 4
2019-06-17 08:58:50 +12:00
Guy Marriott
0294029f92
DOCS Remove confusing API change from changelog
...
This change was removing a method that was added in 4.4.0 also - this makes it not a breaking change for SemVer
2019-06-13 10:46:48 +12:00
Robbie Averill
4eb5800532
Merge pull request #9055 from open-sausages/pulls/4/release-docs-update
...
DOCS: Ensure minor releases follow security release steps
2019-06-12 11:47:39 +12:00
Maxime Rainville
62cdc43e78
DOC Add missing reference to TagToShortcodeTask.
2019-06-11 15:17:25 +12:00
Aaron Carlino
731646f49d
Merge branch '4.4' into 4
2019-06-11 11:48:18 +12:00
Aaron Carlino
92edb68c0c
DOCS: Add React 16 information
2019-06-11 11:47:33 +12:00
Guy Marriott
c57584dada
DOCS Adding information about better buttons to the release changelog ( #9049 )
2019-06-11 11:47:17 +12:00
Aaron Carlino
e2894b414b
Added 4.4.1 changelog
2019-06-11 11:47:17 +12:00
Aaron Carlino
3c92501dc5
DOCS: Add React 16 information
2019-06-11 10:46:21 +12:00
Guy Marriott
dad80f5acd
DOCS Adding information about better buttons to the release changelog ( #9049 )
2019-06-11 08:28:04 +12:00
Aaron Carlino
054dbd6ae5
Added 4.3.4 changelog
2019-06-10 22:49:06 +12:00
Aaron Carlino
960a7bb5ae
Added 4.2.5 changelog
2019-06-10 22:48:57 +12:00
Aaron Carlino
c5d3f82576
Added 4.4.1 changelog
2019-06-10 17:37:24 +12:00
Aaron Carlino
d04e54c1be
Merge branch '4.4' into 4
2019-06-10 17:33:30 +12:00
Aaron Carlino
c747b1f8d3
Merge branch '4.3' into 4.4
2019-06-10 17:32:07 +12:00
Aaron Carlino
f766555d61
Merge branch '4.2' into 4.3
2019-06-10 17:27:05 +12:00
Serge Latyntcev
ca56e8d78e
[CVE-2019-12246] Denial of Service on flush and development URL tools
2019-06-10 17:23:56 +12:00
Maxime Rainville
addf98a5e0
DOC Improve File migration do
2019-06-07 17:09:52 +12:00
Robbie Averill
d873779956
API checkHistoricalPasswords(), characterStrength() and minLength() are now correctly deprecated from 4.5.0 onwards
2019-05-27 09:12:32 +12:00
Aaron Carlino
ba15972d5c
Added 4.4.0-rc1 changelog
2019-05-06 15:36:07 +12:00
Aaron Carlino
4a0f62fafd
Added 4.4.0-rc1 changelog
2019-05-06 15:01:01 +12:00
Ingo Schommer
1f78e8ae80
NEW Clean up secureassets module artefacts ( #8948 )
...
See https://github.com/silverstripe/silverstripe-assets/issues/231
2019-05-02 21:05:19 +12:00
Ingo Schommer
0696045e59
NEW Legacy thumbnail migration task ( #8924 )
...
* NEW Legacy thumbnail migration task
See https://github.com/silverstripe/silverstripe-assets/issues/235
Makes a start at https://github.com/silverstripe/silverstripe-assets/issues/219 as well
* API Removed migrate_legacy_file support
For the vast majority of sites, you really don't want to run your file migration as part of dev build.
The step is involved enough to warrant it's own task.
I don't think this is an API change, since the setting won't have affect
for anyone who has already enabled it - they would've already done the one-off migration.
See https://github.com/silverstripeltd/open-sourcerers/issues/91
and https://github.com/silverstripe/silverstripe-assets/issues/235
2019-05-02 09:33:53 +12:00
Ingo Schommer
da91f44c00
DOCS File migration changes for 4.4.0 ( #8910 )
...
* DOCS File migration changes for 4.4.0
See https://github.com/silverstripe/silverstripe-versioned/issues/177
* Update docs/en/02_Developer_Guides/14_Files/03_File_Security.md
Co-Authored-By: chillu <ingo@silverstripe.com>
* Corrected statements on archived/versioned files
* Corrected statement on filesystem paths of protected vs. public
* Update docs/en/02_Developer_Guides/14_Files/03_File_Security.md
Co-Authored-By: chillu <ingo@silverstripe.com>
* Clarify redirect behaviour
2019-04-30 08:59:25 +12:00
Maxime Rainville
e95dde8f1e
DOC Update change log to reference updated migration task ( #8945 )
...
* DOC Update change log to reference updated migration task
* Update docs/en/04_Changelogs/4.4.0.md
2019-04-30 08:50:33 +12:00
Guy Marriott
5243ec2179
Merge pull request #8811 from Juanitou/patch-5
...
Correct typo and commit hash in 4.3.1 changelog
2019-03-23 10:03:18 +13:00
Guy Marriott
4f431d5db5
Correct typo and commit hash in 4.3.1 changelog
...
Co-Authored-By: Juanitou <Juanitou@users.noreply.github.com>
2019-03-22 09:51:38 +01:00
Aaron Carlino
3421f931a7
Added 4.3.3 changelog
2019-03-19 16:22:35 +13:00
Aaron Carlino
07b32fd7eb
Added 4.3.3 changelog
2019-03-19 11:48:59 +13:00
Ingo Schommer
b803a174ed
Merge branch '4' into 4
2019-03-11 21:31:22 +13:00
Robbie Averill
cb8ec9ae1d
DOCS Mark 4.4.0 as unreleased to avoid confusion on docs.silverstripe.org
...
[ci skip]
2019-03-07 09:20:45 +13:00
Aaron Carlino
406b286325
Merge branch '4.3' into 4
2019-03-06 11:13:13 +13:00
Maxime Rainville
c40e6d38a0
Add reference to #8815 in change log
2019-03-06 11:13:02 +13:00
Aaron Carlino
92050578ce
Added 4.3.2 changelog
2019-03-06 11:13:01 +13:00