Commit Graph

23378 Commits

Author SHA1 Message Date
Sabina Talipova
babc811381 FIX Remove unexpected message 2022-07-04 16:05:57 +12:00
Steve Boyd
5a940b0f14 FIX PDO in PHP 8 2022-07-04 15:08:52 +12:00
Steve Boyd
b101b8bdb8 Merge branch '4.11' into 4 2022-07-04 13:20:12 +12:00
Brandon Iffert
ad83b78a10
FIX Handle null values passed to PDO::quote() (#10383) 2022-07-04 13:17:51 +12:00
Loz Calver
b37178e831
FIX: 'passwordsent' title was not being displayed (fixes #10366) (#10367) 2022-07-01 13:58:57 +12:00
Guy Sartorelli
cfb347dc9b Merge branch '4.11' into 4 2022-06-30 16:33:12 +12:00
Guy Sartorelli
995cc6ecac
Merge pull request #10380 from creative-commoners/pulls/4/searchable-fields-obey-filters
FIX Support search filters with match_any searchable_fields
2022-06-30 16:27:45 +12:00
Guy Sartorelli
ffcaed84f3 MNT Update tests for searchable_fields match_any 2022-06-30 15:55:56 +12:00
Guy Sartorelli
30cd521029 DOC Update docs for searchable and summary fields. 2022-06-30 15:55:56 +12:00
Guy Sartorelli
6c01661512 FIX Support search filters with match_any searchable_fields 2022-06-30 15:55:53 +12:00
Guy Sartorelli
4e53c35b53 MNT Deprecate unusable property
This property must always have the value 'AND' or an exception will be
thrown - it should be deprecated. Also, no need to process the query
before throwing.
2022-06-30 15:53:17 +12:00
Guy Sartorelli
76be4578d6
Merge pull request #10378 from creative-commoners/pulls/4.11/pdo
FIX PDO in PHP 8
2022-06-30 13:58:55 +12:00
Steve Boyd
3a0fff25de FIX PDO in PHP 8 2022-06-30 12:34:05 +12:00
Guy Sartorelli
01c27e69de
Merge pull request #10377 from creative-commoners/pulls/4.11/mysql-null
FIX Ensure not passing null to mysql methods for PHP 8.1 compatibility
2022-06-29 10:01:12 +12:00
Guy Sartorelli
a877689a50
Merge pull request #10358 from creative-commoners/pulls/4/labels
DOC Update github label definitions
2022-06-29 09:53:32 +12:00
Steve Boyd
a77ca74a7e FIX Ensure not passing null to mysql methods for PHP 8.1 compatibility 2022-06-29 09:34:30 +12:00
Steve Boyd
4d662d2dea Merge branch '4.11' into 4 2022-06-28 17:42:07 +12:00
Steve Boyd
98b985fb91 Merge branch '4.10' into 4.11 2022-06-28 17:41:49 +12:00
Guy Sartorelli
794640247b
Merge pull request #10374 from creative-commoners/pulls/4.10/cve-2022-28803
[CVE-2022-28803] Block XSS in links and iframes.
2022-06-28 17:27:37 +12:00
Guy Sartorelli
a78d3458ea
Merge pull request #10375 from creative-commoners/pulls/4.10/cve-2022-25238
[CVE-2022-25238] Sanitise htmlfields serverside by default
2022-06-28 17:27:21 +12:00
Guy Sartorelli
410c2a8966
Merge pull request #10376 from creative-commoners/pulls/4.10/cve-2021-41559
CVE-2021-41559 Disable xml entities
2022-06-28 17:27:08 +12:00
Guy Sartorelli
a124ccf9b1
Merge pull request #10373 from creative-commoners/pulls/4/changelog
MNT Added 4.11.0 changelog
2022-06-28 17:05:36 +12:00
Steve Boyd
b5abc38455 CVE-2021-41559 Disable xml entities 2022-06-28 17:04:34 +12:00
Steve Boyd
991aedf017 [CVE-2022-25238] Sanitise htmlfields serverside by default 2022-06-28 17:03:05 +12:00
Guy Sartorelli
d2c58f3bbc [CVE-2022-28803] Block XSS in links and iframes. 2022-06-28 17:01:53 +12:00
Steve Boyd
73325f2186 MNT Added 4.11.0 changelog 2022-06-28 16:53:50 +12:00
Guy Sartorelli
8d698067a6
Merge pull request #10371 from bummzack/patch-2
fix: Syntax for declaring enums in YML
2022-06-28 16:36:46 +12:00
Guy Sartorelli
4d18d36625
DOC Remove pre-release warnings from GraphQL docs. (#10354) 2022-06-28 16:27:06 +12:00
Roman Schmid
fbee03562b
fix: Syntax for declaring enums in YML
Similar issue to #10223
2022-06-27 16:23:26 +02:00
Steve Boyd
c80e10f892
FIX PDO transaction in PHP 8, add GitHub Actions CI (#10360) 2022-06-27 15:30:03 +12:00
Sabina Talipova
ad581d9673
Merge pull request #10365 from creative-commoners/pulls/4/docs-for-adding-backtrace-filters
DOCS Encourage filtering sensitive arguments from logged backtraces.
2022-06-27 14:18:37 +12:00
Sabina Talipova
f63655bd40
Merge pull request #10364 from creative-commoners/pulls/4/update-backtrace-filter-methods
ENH Update list of filtered backtrace methods
2022-06-27 14:18:23 +12:00
Guy Sartorelli
f276fccb78
DOC Review 4.11.0 changelog notes (#10356)
* DOCS Add missing content from beta/rc changelogs

* DOCS Add documentation for report count limiting.

This was added to the report module README but really belongs here.

* DOCS Add information about some new features.

* DOCS Add and standardise anchor links.

* DOCS Various updates to wording and formatting in 4.11.0 changelog

* DOCS Move php changelog notes

This is consistent with their placement in the 4.10.0 changelogs.

* DOCS Requested PR changes

* DOCSUse relative URLs for links to docs from changelog.

* DOCS Use code blocks for terminal commands

* DOCS requested PR changes

* DOCS Don't need to inline recipe to downgrade graphql.

* DOCS Move php parts back where they were.

* DOCS Fix typos in changelog.
2022-06-27 11:37:34 +12:00
Steve Boyd
b7d0e9dc28 DOC Update github label definitions 2022-06-27 11:15:10 +12:00
Guy Sartorelli
6a8915b316 DOCS Encourage filtering sensitive arguments from logged backtraces. 2022-06-23 16:10:30 +12:00
Guy Sartorelli
86cf404944 MNT Add test for backtrace class checking method. 2022-06-23 15:54:36 +12:00
Guy Sartorelli
74e5a94b32 ENH Update list of methods to have filtered args in backtrace. 2022-06-23 15:18:28 +12:00
Guy Sartorelli
d448622ff4 ENH Allow subclasses to be defined for backtrace filtered functions. 2022-06-23 15:17:33 +12:00
Guy Sartorelli
2b0df58176 ENH Minor performance enhancement for backtrace.
Don't keep processing when we've found a match.
2022-06-23 15:16:46 +12:00
Guy Sartorelli
268a66418b ENH Move backtrace ignored functions into yml config.
Each module that adds its own methods will do it via yml. This keeps
framework consistent with the others.
2022-06-23 14:24:23 +12:00
Guy Sartorelli
7f7feb8604 ENH Refactor Backtrace to be a bit more readable. 2022-06-23 13:57:08 +12:00
Guy Sartorelli
139fa07bcb
DOCS Remove backticks from gatsby metadata in docs. (#10357) 2022-06-15 13:33:11 +12:00
Loz Calver
be19fa7f3d
Merge pull request #10352 from oddnoc/phan-help
Correct declaration of variadic $args as array
2022-06-13 09:18:14 +01:00
Loz Calver
d2df0650db
Merge pull request #10355 from creative-commoners/pulls/4/group-title-test
MNT Add test for programatically adding blank Group title.
2022-06-13 09:17:06 +01:00
Guy Sartorelli
e8194123a6 MNT Add test for programatically adding blank Group title. 2022-06-13 16:32:10 +12:00
Fred Condo
f670eb4980 Correct declaration of variadic $args to mixed
Declaring as array confuses static analyzers, specifically phan, which
throws PhanTypeMismatchArgument for every invocation of
Injectable::create(). Correcting this declaration in the doc block
prevents all those false positives.
2022-06-09 14:27:42 -07:00
Paweł Suwiński
1c85d151a6
NEW Add factory_method configuration to Injector
use callable as well as creator
2022-06-09 13:57:47 +12:00
Maxime Rainville
3799bceff3
Merge pull request #10344 from creative-commoners/pulls/4/public-graphql-dir
DOCS Update server requirements to account for public/_graphql/
2022-06-08 22:03:28 +12:00
Maxime Rainville
22d992a22b
DOC Update documentation for GraphQL v4 (#10325)
* DOC Add upgrade guidance for GraphQL v4

* Move docs around

The existing upgrading docs are for upgrading to v4, whereas the new docs are more about how to handle the new .graphql-generated directory.

* Update graphql documentation

* More updates to doc

Co-authored-by: Guy Sartorelli <guy.sartorelli@silverstripe.com>
2022-06-08 17:23:48 +12:00
Guy Sartorelli
0bd3fae7e1 DOCS Update server requirements to account for public/_graphql/ 2022-06-08 09:12:03 +12:00