El RIDO
125feec67c
Merge pull request #1299 from PrivateBin/chore/dompurify
...
chore: ugrade DOMPurify from v3.0.8 to 3.1.2
2024-05-04 16:13:19 +02:00
rugk
61259a2e60
chore: remove source map URL
2024-05-04 13:50:51 +00:00
rugk
3f1bcb5c5a
doc: add Chnagelog entry
2024-05-04 15:39:25 +02:00
rugk
7a738d6893
test: also update DOMPurify in tests
2024-05-04 15:38:04 +02:00
Andreas Schneider
4163c4f1d9
Merge pull request #1300 from PrivateBin/php-84-experimental
...
tolerate test failures in the PHP development release
2024-05-04 15:34:17 +02:00
El RIDO
baf8c4a11d
tolerate test failures in the PHP development release
...
at this time, guzzle, dependency of google cloud storage library, raises deprecation warnings in PHP 8.4, which caused the tests to be considered failed
2024-05-04 08:58:20 +02:00
El RIDO
1d755d8046
Merge pull request #1280 from PrivateBin/doc-n-test-mopup
...
Doc'n'test mopup
2024-05-04 08:38:12 +02:00
rugk
4500794980
chore: ugrade DOMPurify from v3.0.8 to 3.1.2
...
This incluces v3.1.1, which says:
> Note that this is a security release and should be upgraded to immediately.
https://github.com/cure53/DOMPurify/releases/tag/3.1.1
The release notes of the actual version itself are https://github.com/cure53/DOMPurify/releases/tag/3.1.2
I do not found more information on the vulnerability that apparently is in there.
* [x] manually tested and works
2024-05-03 15:55:53 +00:00
El RIDO
02e98826b3
Merge pull request #1296 from PrivateBin/crowdin-translation
...
New Crowdin updates
2024-05-03 07:25:50 +02:00
PrivateBin Translator Bot
22166c91d7
New translations en.json (Turkish)
2024-05-03 04:18:56 +02:00
El RIDO
ec02afca04
Merge pull request #1289 from PrivateBin/dependabot/github_actions/slsa-framework/slsa-github-generator-2.0.0
...
Bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0
2024-04-23 18:27:24 +02:00
El RIDO
b6f90f903b
Merge pull request #1288 from smonesi/master
...
Fix weird Italian translation for burn-after-reading messages.
2024-04-23 18:19:46 +02:00
dependabot[bot]
ad19f8cfe6
Bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0
...
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 1.10.0 to 2.0.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.10.0...v2.0.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-23 11:43:14 +00:00
smonesi
2813dd2295
Another small translation fix
2024-04-23 11:43:30 +02:00
smonesi
0311b4f527
Fix silly translation for burn-after-reading messages.
2024-04-23 11:35:32 +02:00
El RIDO
7526856570
Merge pull request #1281 from PrivateBin/dependabot/composer/phpunit/phpunit-9.6.19
...
Bump phpunit/phpunit from 9.6.18 to 9.6.19
2024-04-09 04:07:33 +02:00
dependabot[bot]
027462a872
Bump phpunit/phpunit from 9.6.18 to 9.6.19
...
Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit ) from 9.6.18 to 9.6.19.
- [Release notes](https://github.com/sebastianbergmann/phpunit/releases )
- [Changelog](https://github.com/sebastianbergmann/phpunit/blob/9.6.19/ChangeLog-9.6.md )
- [Commits](https://github.com/sebastianbergmann/phpunit/compare/9.6.18...9.6.19 )
---
updated-dependencies:
- dependency-name: phpunit/phpunit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-05 11:06:39 +00:00
El RIDO
6bcef2fa24
handle PHP 8.2 deprecation
...
PHP 8.2 deprecates implicit conversion from float to int if it loses precision, hence the explicit conversion.
PHP 8.1 deprecates the (optional since PHP 8.0) 3rd parameter of imagefilledpolygon(), but 7.3 & 7.4 require it.
2024-04-01 14:50:16 +02:00
El RIDO
b9a9e7c324
bump versions of optional cloud storage dependencies
2024-04-01 14:35:16 +02:00
El RIDO
aae3ea7cbf
update documentation
...
- clarify all template options & link to previews
- document new ctype extension requirement
2024-04-01 14:34:23 +02:00
El RIDO
3bc09ed561
Merge pull request #1275 from PrivateBin/legacy-php-cleanup
...
input sanitation & removing some obsolete version checks
2024-03-26 06:33:57 +01:00
El RIDO
b75aee6834
Merge pull request #1277 from Zwyx/add-header
...
Add response header `X-Uncompressed-Content-Length` for JSON API
2024-03-24 18:58:01 +01:00
Zwyx
6130547ca6
Add response header X-Uncompressed-Content-Length
for JSON API
...
Because the response from the API is PHP output, the usual `Content-Length` header is absent.
This [custom header technique](https://stackoverflow.com/questions/15097712/how-can-i-use-deflated-gzipped-content-with-an-xhr-onprogress-function/32799706#32799706 ) allows the client to know the total length of the data being received, in order to display a progress indicator.
Here's a code example with `XMLHttpRequest`:
```
xhr.addEventListener("progress", (e) => {
if (e.lengthComputable) {
onDownloadProgress({
loaded: e.loaded,
total: e.total,
});
} else {
const uncompressedContentLength = xhr.getResponseHeader(
"X-Uncompressed-Content-Length",
);
if (uncompressedContentLength) {
onDownloadProgress({
loaded: e.loaded,
total: Number(uncompressedContentLength),
});
}
}
});
```
Notes:
- `Fetch` can be used as well (only reason I use `XMLHttpRequest` is because `fetch` doesn't allow to track the progress of uploaded data (when creating a paste); whereas `XMLHttpRequest` does).
- `e.loaded` can be different between browsers; Firefox reports the length of the compressed data, Chrome reports the length of uncompressed data (see https://github.com/whatwg/xhr/issues/388 ). A workaround for this is to manually set our progress indicator to 100% when the request finishes.
2024-03-24 19:40:50 +08:00
El RIDO
776030c08a
Merge pull request #1273 from PrivateBin/crowdin-translation
...
New Crowdin updates
2024-03-23 11:33:02 +01:00
El RIDO
65a626f940
inputs sanitation & remove some obsolete version checks
...
using filter_vars instead of filter_input, because our unit tests depend on manipulating global arrays, which are not used by filter_input - we would have to mock the function in the unit testing, it therefore is cleaner to use the same code paths in testing as in production
some inputs in I18n and TrafficLimiter remain unfiltered, since we already validate them by other means (IP lib and/or preg_match)
our minimum PHP version is 7.3, so we can drop the two < 5.6 fallback checks
2024-03-23 11:27:25 +01:00
PrivateBin Translator Bot
8ec1fc626b
New translations en.json (Chinese Simplified)
2024-03-23 09:24:14 +01:00
PrivateBin Translator Bot
59eb6570ee
New translations en.json (Ukrainian)
2024-03-23 09:24:13 +01:00
PrivateBin Translator Bot
6e780d516c
New translations en.json (Russian)
2024-03-23 09:24:13 +01:00
PrivateBin Translator Bot
14733d7ce0
New translations en.json (Norwegian)
2024-03-23 09:24:12 +01:00
PrivateBin Translator Bot
02f9384a97
New translations en.json (Dutch)
2024-03-23 09:24:11 +01:00
PrivateBin Translator Bot
e2f9e24d4b
New translations en.json (Italian)
2024-03-23 09:24:10 +01:00
PrivateBin Translator Bot
04676fe61d
New translations en.json (German)
2024-03-23 09:24:09 +01:00
PrivateBin Translator Bot
18d49148e1
New translations en.json (Romanian)
2024-03-23 09:24:08 +01:00
PrivateBin Translator Bot
9f23b23da0
New translations en.json (French)
2024-03-23 09:24:07 +01:00
El RIDO
9997178928
Merge pull request #1274 from PrivateBin/dependabot/composer/phpunit/phpunit-9.6.18
...
Bump phpunit/phpunit from 9.6.17 to 9.6.18
2024-03-23 09:04:33 +01:00
PrivateBin Translator Bot
7c82eec40c
New translations en.json (Arabic)
2024-03-23 08:27:03 +01:00
PrivateBin Translator Bot
2dbedf2219
New translations en.json (Corsican)
2024-03-22 15:19:42 +01:00
dependabot[bot]
6510e1b4e2
Bump phpunit/phpunit from 9.6.17 to 9.6.18
...
Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit ) from 9.6.17 to 9.6.18.
- [Release notes](https://github.com/sebastianbergmann/phpunit/releases )
- [Changelog](https://github.com/sebastianbergmann/phpunit/blob/9.6.18/ChangeLog-9.6.md )
- [Commits](https://github.com/sebastianbergmann/phpunit/compare/9.6.17...9.6.18 )
---
updated-dependencies:
- dependency-name: phpunit/phpunit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 12:01:52 +00:00
PrivateBin Translator Bot
b5bc5753db
New translations en.json (Corsican)
2024-03-22 07:50:35 +01:00
PrivateBin Translator Bot
a9d64421d3
New translations en.json (Chinese Simplified)
2024-03-22 07:50:30 +01:00
PrivateBin Translator Bot
84a203b153
New translations en.json (Ukrainian)
2024-03-22 07:50:29 +01:00
PrivateBin Translator Bot
677dd54505
New translations en.json (Russian)
2024-03-22 07:50:26 +01:00
PrivateBin Translator Bot
63df1ac8ed
New translations en.json (Norwegian)
2024-03-22 07:50:24 +01:00
PrivateBin Translator Bot
6d79a2ed43
New translations en.json (Dutch)
2024-03-22 07:50:23 +01:00
PrivateBin Translator Bot
d7a317dfaf
New translations en.json (Italian)
2024-03-22 07:50:21 +01:00
PrivateBin Translator Bot
ab0126af7c
New translations en.json (German)
2024-03-22 07:50:18 +01:00
PrivateBin Translator Bot
310a4cb54d
New translations en.json (Arabic)
2024-03-22 07:50:15 +01:00
PrivateBin Translator Bot
f1627ea929
New translations en.json (Romanian)
2024-03-22 07:50:14 +01:00
PrivateBin Translator Bot
c43e557cc5
New translations en.json (French)
2024-03-22 07:50:13 +01:00
El RIDO
1870b9075c
Merge branch 'cloudrac3r-patch-1'
2024-03-22 07:44:47 +01:00