oss/wallabag
oss/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2025-08-01 17:38:38 +00:00
Code Wiki Activity
9053 commits 17 branches 103 tags 170 MiB
Commit graph

22 commits

Author SHA1 Message Date
Yassine Guedidi
0178c7356d Fix PHPStan errors 2024-01-22 19:15:54 +01:00
Jeremy Benoist
66b7bdd07c
Merge remote-tracking branch 'origin/2.5.x' 2023-04-24 14:36:32 +02:00
Kevin Decherf
3ed7f2b751 AnnotationController: fix improper authorization vulnerability 
This PR is based on 2.5.x branch.

We fix the improper authorization by retrieving the annotation using id
and user id.

We also replace the ParamConverter used to get the requested Annotation
on put and delete actions with an explicit call to AnnotationRepository
in order to prevent a resource enumeration through response discrepancy.

Fixes GHSA-mrqx-mjc4-vfh3

Co-authored-by: Jeremy Benoist <jeremy.benoist@gmail.com>
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-27 23:34:14 +01:00
Jeremy Benoist
6aca334d53
Move to controller as a service 
Mostly using autowiring to inject deps.
The only tricky part was for import because all producer use the same class and have a different alias. So we must write them down in the service definition, autowiring doesn't work in that case.

Usually:
- if a controller has a constructor, it means injected services are at least re-used once in actions
- otherwise, service are injected per action
 2022-12-19 10:38:08 +01:00
Jeremy Benoist
b7dba18cb2
Cleanup 2022-11-23 15:51:33 +01:00
Jeremy Benoist
27e788d0be
Re-create all API routes 2022-11-23 12:44:55 +01:00
Yassine Guedidi
eb43c78720 Use FQCN instead of service alias 2022-09-01 09:07:19 +02:00
Yassine Guedidi
1c880883e2 Migrate ParamConverter class parameter 2022-08-26 17:47:46 +02:00
Yassine Guedidi
8b7b4975d6 Migrate getRepository with entities 2022-08-26 17:47:46 +02:00
Yassine Guedidi
327fa7d527 Extend right FOSRestBundle controller class 2022-08-15 12:59:28 +02:00
Jeremy Benoist
8d4ed0df06
Update deps 
Also CS (because cs-fixer got an update)

Package operations: 0 installs, 26 updates, 0 removals
  - Updating twig/twig (v2.12.1 => v2.12.2)
  - Updating symfony/symfony (v3.4.33 => v3.4.34)
  - Updating doctrine/event-manager (v1.0.0 => 1.1.0)
  - Updating doctrine/collections (v1.6.2 => 1.6.3)
  - Updating doctrine/cache (v1.8.1 => 1.9.0)
  - Updating doctrine/persistence (1.1.1 => 1.2.0)
  - Updating doctrine/inflector (v1.3.0 => 1.3.1)
  - Updating symfony/mime (v4.3.5 => v4.3.7)
  - Updating swiftmailer/swiftmailer (v6.2.1 => v6.2.3)
  - Updating symfony/swiftmailer-bundle (v3.3.0 => v3.3.1)
  - Updating doctrine/dbal (v2.9.2 => v2.9.3)
  - Updating doctrine/instantiator (1.2.0 => 1.3.0)
  - Updating j0k3r/graby-site-config (1.0.93 => 1.0.94)
  - Updating phpoption/phpoption (1.5.0 => 1.5.2)
  - Updating symfony/http-client-contracts (v1.1.7 => v1.1.8)
  - Updating symfony/http-client (v4.3.5 => v4.3.7)
  - Updating sensiolabs/security-checker (v6.0.2 => v6.0.3)
  - Updating paragonie/constant_time_encoding (v2.2.3 => v2.3.0)
  - Updating scheb/two-factor-bundle (v4.7.1 => v4.8.0)
  - Updating symfony/phpunit-bridge (v4.3.6 => v4.3.7)
  - Updating composer/xdebug-handler (1.3.3 => 1.4.0)
  - Updating friendsofphp/php-cs-fixer (v2.15.3 => v2.16.0)
  - Updating doctrine/data-fixtures (v1.3.2 => 1.3.3)
  - Updating nette/schema (v1.0.0 => v1.0.1)
  - Updating nikic/php-parser (v4.2.4 => v4.3.0)
  - Updating sentry/sentry (2.2.2 => 2.2.4)
 2019-11-12 14:18:58 +01:00
Kevin Decherf
2a1ceb67b4 php-cs-fixer 
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2018-09-05 14:25:32 +02:00
Jeremy Benoist
f40c88eb1f
Jump to Symfony 3.3 & update others deps 
Also update tests urls
 2017-10-09 16:45:12 +02:00
Jeremy Benoist
f808b01692
Add a real configuration for CS-Fixer 2017-07-01 09:52:38 +02:00
adev
2c3e148b00 Displays an error with an annotation with a too long quote 
Fix #2762
 2017-06-04 11:38:29 +02:00
Thomas Citharel
0c271b9eb0
fix cs and phpdoc 2016-10-22 09:06:07 +02:00
Thomas Citharel
b1e92f8c14
cs 2016-10-22 09:06:07 +02:00
Thomas Citharel
1eea248bb0
move code 2016-10-22 09:06:07 +02:00
Thomas Citharel
c7935f32d2
cs 2016-10-22 09:06:07 +02:00
Thomas Citharel
351eb8d97e
bring annotations to API 2016-10-22 09:06:07 +02:00
Jeremy Benoist
4094ea4771 Convert array + phpDoc 
Thanks for https://github.com/thomasbachem/php-short-array-syntax-converter
 2016-04-12 12:25:29 +02:00
Nicolas Lœuillet
4dc872238a Rename CommentBundle with AnnotationBundle 2016-02-26 18:14:42 +01:00
Renamed from src/Wallabag/CommentBundle/Controller/WallabagCommentController.php (Browse further)