pierre/wallabag
1
0
Fork 0
forked from wallabag/wallabag
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
8,510 Commits 12 Branches 98 Tags
c99a733aff0a25dbaae87b72e6c632256936fad5
Commit Graph

23 Commits

Author SHA1 Message Date
Yassine Guedidi
ec33ec14e5 Replace Client by KernelBrowser 2023-08-08 02:55:35 +01:00
Jeremy Benoist
66b7bdd07c Merge remote-tracking branch 'origin/2.5.x' 2023-04-24 14:36:32 +02:00
Kevin Decherf
3ed7f2b751 AnnotationController: fix improper authorization vulnerability 
This PR is based on 2.5.x branch.

We fix the improper authorization by retrieving the annotation using id
and user id.

We also replace the ParamConverter used to get the requested Annotation
on put and delete actions with an explicit call to AnnotationRepository
in order to prevent a resource enumeration through response discrepancy.

Fixes GHSA-mrqx-mjc4-vfh3

Co-authored-by: Jeremy Benoist <jeremy.benoist@gmail.com>
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-27 23:34:14 +01:00
Jeremy Benoist
b7dba18cb2 Cleanup 2022-11-23 15:51:33 +01:00
Yassine Guedidi
af6363bbbd Fix missing call to parent setUp 2022-11-23 15:25:11 +01:00
Yassine Guedidi
d1d56fbe25 Import used classes 2022-09-01 19:21:45 +02:00
Yassine Guedidi
eb43c78720 Use FQCN instead of service alias 2022-09-01 09:07:19 +02:00
Yassine Guedidi
8b7b4975d6 Migrate getRepository with entities 2022-08-26 17:47:46 +02:00
Jeremy Benoist
a173423820 Fix CS issues 2020-12-08 09:17:10 +01:00
Jeremy Benoist
7332d1f4e5 Remove support for PHP < 7.2 
Updating deps

  - Removing electrolinux/php-html5lib (0.1.0)
  - Updating doctrine/inflector (1.3.1 => 1.4.3)
  - Updating doctrine/lexer (1.0.2 => 1.2.1)
  - Installing symfony/polyfill-php80 (v1.17.0)
  - Updating symfony/service-contracts (v1.1.8 => v2.1.2)
  - Installing symfony/deprecation-contracts (v2.1.2)
  - Updating symfony/mime (v4.4.8 => v5.1.1)
  - Updating friendsofsymfony/rest-bundle (2.7.4 => 2.8.0)
  - Updating doctrine/instantiator (1.3.0 => 1.3.1)
  - Updating ocramius/proxy-manager (2.1.1 => 2.2.3)
  - Updating php-http/discovery (1.7.4 => 1.8.0)
  - Updating symfony/http-client-contracts (v1.1.8 => v2.1.2)
  - Updating symfony/http-client (v4.4.8 => v5.1.1)
  - Updating php-http/httplug-bundle (1.16.0 => 1.18.0)
  - Updating symfony/phpunit-bridge (v4.3.11 => v5.1.1)
  - Updating doctrine/data-fixtures (1.3.3 => 1.4.3)
  - Updating composer/xdebug-handler (1.4.1 => 1.4.2)
  - Updating masterminds/html5 (2.7.0 => 2.7.1)
  - Updating j0k3r/php-readability (1.2.4 => 1.2.5)
  - Updating phpoption/phpoption (1.7.3 => 1.7.4)
  - Updating nikic/php-parser (v4.4.0 => v4.5.0)
  - Installing thecodingmachine/safe (v1.1.1)
  - Updating spomky-labs/otphp (v9.1.4 => v10.0.1)
  - Updating pagerfanta/pagerfanta (v2.1.3 => v2.3.0)

Package white-october/pagerfanta-bundle is abandoned, you should avoid using it. Use babdev/pagerfanta-bundle instead.

  - Removing white-october/pagerfanta-bundle (v1.3.2)
  - Installing babdev/pagerfanta-bundle (v2.4.2)

Upgrading PHPStan to 0.12 and use extension installer

  - Removing phpstan/phpdoc-parser (0.3.5)
  - Removing nette/utils (v3.1.2)
  - Removing nette/schema (v1.0.2)
  - Removing nette/robot-loader (v3.2.3)
  - Removing nette/php-generator (v3.4.0)
  - Removing nette/neon (v3.1.2)
  - Removing nette/finder (v2.5.2)
  - Removing nette/di (v3.0.4)
  - Removing nette/bootstrap (v3.0.2)
  - Updating phpstan/phpstan (0.11.19 => 0.12.29)
  - Updating phpstan/phpstan-doctrine (0.11.6 => 0.12.16)
  - Updating phpstan/phpstan-phpunit (0.11.2 => 0.12.11)
  - Updating phpstan/phpstan-symfony (0.11.6 => 0.12.6)
  - Installing phpstan/extension-installer (1.0.4)

Upgrading jms/serializer-bundle to version 3 (and willdurand/hateoas-bundle to version 2)

  - Removing phpoption/phpoption (1.7.4)
  - Removing phpcollection/phpcollection (0.5.0)
  - Removing jms/parser-lib (1.0.0)
  - Updating jms/metadata (1.7.0 => 2.3.0)
  - Updating jms/serializer (1.14.1 => 3.7.0)
  - Updating jms/serializer-bundle (2.4.4 => 3.6.0)
  - Updating willdurand/hateoas (2.12.0 => 3.6.0)
  - Updating willdurand/hateoas-bundle (1.4.0 => 2.1.0)

Upgrading dama/doctrine-test-bundle to version 6

  - Updating dama/doctrine-test-bundle (v5.0.3 => v6.2.0)
 2020-06-15 08:25:59 +02:00
Jérémy Benoist
6a0d49ab7a Fix tests 2019-11-27 14:46:27 +01:00
adev
8197f08266 API return an error with empty quote 
Fix #4137
 2019-11-27 14:38:35 +01:00
Jeremy Benoist
1e0d8ad7b7 Enable PHPStan 
- Fix error for level 0 & 1 (level 7 has 699 errors...)
- Add `updated_at` to site_credential (so the `timestamps()` method applies correctly)
 2019-01-18 15:25:50 +01:00
Jeremy Benoist
8f2038e5b1 Fix tests 2018-11-28 22:04:55 +01:00
Jeremy Benoist
115de64e5b Jump to Symfony 3.4 
Thanks to the BC compatibility, almost nothing have to be changed.
All changes are related to new bundle version of:
- SensioFrameworkExtraBundle
- DoctrineFixturesBundle
 2018-10-04 14:11:57 +02:00
Jeremy Benoist
f808b01692 Add a real configuration for CS-Fixer 2017-07-01 09:52:38 +02:00
Jeremy Benoist
eb570e49c8 CS 2017-06-07 23:31:14 +02:00
adev
2c3e148b00 Displays an error with an annotation with a too long quote 
Fix #2762
 2017-06-04 11:38:29 +02:00
Nicolas Lœuillet
f24ea59ea4 Fixed migration and added tests 2016-10-28 10:55:39 +02:00
Jeremy Benoist
aa4741091f Add test on /api/annotations 
Fix controller forward in WallabagRestController.
Update PHPDoc so it is sorted the same way as others one
Duplicate all annotations test to use both api & normal way
Also, make annotation tests independent to each other
 2016-10-22 12:09:20 +02:00
Nicolas Lœuillet
e5edb6e127 PHP CS 2016-10-22 09:06:07 +02:00
Thomas Citharel
0c271b9eb0 fix cs and phpdoc 2016-10-22 09:06:07 +02:00
Jeremy Benoist
23634d5d84 Jump to Symfony 3.1 2016-06-22 17:59:35 +02:00