Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2026-03-02 02:21:26 +01:00
Code Issues Packages Projects Releases Activity
4,782 Commits 5 Branches 246 Tags
ebbb658bf0bb9e05c4a5a2b5c4e35291fa0c413e
Commit Graph

4782 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andy Miller
ebbb658bf0 fix buy buttons to use new licensing server 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2026-01-27 13:20:41 -07:00
Andy Miller
168c83e6ea support for new checkout_url if populated in gpm.premium 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2026-01-20 19:37:51 -07:00
Andy Miller
c6c895d95c fix for -28px Y offset on render 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-29 10:12:51 -08:00
Andy Miller
b061f0cfe6 prepare for beta release 
Signed-off-by: Andy Miller <rhuk@mac.com>
1.11.0-beta.3 		2025-12-29 08:23:46 -08:00
Andy Miller
db9e7830f1 fix fallback autoloader 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-29 07:51:44 -08:00
Andy Miller
c5cb89338e fixes for scss and autoloading 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-29 02:59:32 -07:00
Andy Miller
6c0349ac4c prepare for beta realease 
Signed-off-by: Andy Miller <rhuk@mac.com>
1.11.0-beta.2 		2025-12-27 19:47:54 -07:00
Andy Miller
81aa38283c update admin vendor libs 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-25 20:48:06 -07:00
Andy Miller
4631f81dbe fix for array field UI again 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-22 21:58:56 -07:00
Andy Miller
1f1c166314 fix for missing ‘name’ attribute in number field of range 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-22 08:56:55 -07:00
Andy Miller
4221938159 fixes for storing options 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-11 18:01:58 -07:00
Andy Miller
87fed58453 lang updates for latest Grav 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-08 17:19:34 -07:00
Andy Miller
0c8dd21a30 updated changelog 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-05 21:02:45 -07:00
Andy Miller
5bfcbb5ea4 remove extra debug 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-03 14:20:20 -07:00
Andy Miller
37c4f65f8c Merge branch '1.11' of github.com:getgrav/grav-plugin-admin into 1.11 2025-12-03 14:10:07 -07:00
Andy Miller
bc9158ebcf fixes #2481 - twig3 breaking editor preview 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-03 14:09:53 -07:00
Andy Miller
9465d60a3c fixes #622 - twig3 breaking editor preview 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-03 14:08:14 -07:00
Andy Miller
e3886e5b4c grav scheduler lang 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-12-03 10:40:48 -07:00
Andy Miller
831fb26414 prepare beta release 
Signed-off-by: Andy Miller <rhuk@mac.com>
1.11.0-beta.1 		2025-11-30 15:42:31 -07:00
Andy Miller
1914e95085 update changelog 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-11-29 21:18:19 -07:00
Andy Miller
c82f638c6e Merge branch 'fix/security-issues' into develop 2025-11-29 20:51:58 -07:00
Andy Miller
99f6532965 Fix security vulnerabilities: user enumeration and XSS issues 
Security fixes:

1. GHSA-q3qx-cp62-f6m7: User Enumeration & Email Disclosure
   - Changed rate-limiter error message in taskForgot() to not include email
   - Added generic translation key FORGOT_CANNOT_RESET_RATE_LIMITED
   - Prevents attackers from enumerating valid usernames via forgot password

2. GHSA-rmw5-f87r-w988: Stored XSS in Group Display Name
   - Added HTML escaping to group.readableName in acl_picker.html.twig
   - Prevents XSS when malicious group names are rendered in selectize

3. GHSA-gqxx-248x-g29f & GHSA-mpjj-4688-3fxg: XSS in Taxonomy Fields
   - Added HTML escaping to taxonomy labels in taxonomy.html.twig
   - Prevents XSS when malicious taxonomy names are rendered

4. GHSA-65mj-f7p4-wggq, GHSA-7g78-5g5g-mvfj: XSS in Selectize Dropdowns
   - Added SafeRender functions to selectize.js that escape HTML by default
   - All selectize dropdowns now escape option/item text unless custom render is specified
   - Provides defense-in-depth against XSS in any selectize-based field
 2025-11-29 18:43:02 -07:00
Andy Miller
1e498e23cf Merge tag '1.10.50' into develop 
Release v1.10.50

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEwbiolRD/eEYBHGp5nyzziuvbCuAFAmkXWj0ACgkQnyzziuvb
# CuCj6g/+PhImP1yC2fye42BZ5m4gXNwZH9bhW7K/xh7AZTMePk1p8E/dLemFLXJk
# GSdatr2DGC7s5VnPzSimVCi9u8a8Ov/wqOGl1f5gMQTrI7+G+kWvPXT7z1Ye0T+i
# Z8+KgzZYQ3VJP6jnSyVT1PWckPdzmK2S0dVeeh4CnZSdzwAV8qQ/JdjO7vHueQ5H
# JFT0kRYEMyc0xOknEyzZVP2jR6yXZMAHgebmuxsbrMegQSBLPFUk6G94nNn/5HZQ
# OAkH+Mn71KUCC7iEgfdxL7FUSojrcZs4WXcGFtM+MECp3XUnRo95B9cWhVpbV575
# eFi5GKh8CAbjO3clGGcRL8CvIaOcCw9xYv1ohhYDd5sM+9XdPYV+yccgWCv5XpL7
# 6ZgY+YZXWrysw3NyrmlYb2PqZVDiqw2LUlkkVrT2CaA04mRQ7ADw8MrCWCoCNsCS
# lX9Dj0A8MobvXTS2iDCMCrFPcCUKeN5hgZy+sEEjgoF4sehVYYRSTcIKZQuaNIUD
# oZd1x8T7nrvF+MU4tjXWxbRqvdNHwBCm8qac2cla7V4CUsk++k/RhGqUBIf52n8n
# aJFtrP6zvOiSq6aMj72U6moUOH6eLzz2GD9UFD2tmqSEXfPfK7v7qyizhVU5J21T
# tqLNKBZojfg9GaQOzrt9n2hWcK05xbYWprpiuZDk6kWN1DQPnes=
# =Dmvz
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri Nov 14 16:35:09 2025 GMT
# gpg:                using RSA key C1B8A89510FF7846011C6A799F2CF38AEBDB0AE0
# gpg: Good signature from "Andy Miller <rhuk@mac.com>" [ultimate]
 2025-11-14 16:35:09 +00:00
Andy Miller
1ec8fabc79 Merge branch 'release/1.10.50' 1.10.50 2025-11-14 16:35:09 +00:00
Andy Miller
7d7d30e4a7 more safe-guards 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-11-14 16:30:50 +00:00
Andy Miller
bbed7e5478 honor safe_upgrade setting 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-11-14 16:14:56 +00:00
Andy Miller
419ab56c00 Merge tag '1.10.50' into develop 
Release v1.10.50

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEwbiolRD/eEYBHGp5nyzziuvbCuAFAmkXTbEACgkQnyzziuvb
# CuDW5BAArQLCnU/02r4r73WQ50FfojJOnH8+i0K2zTVVtheNvUsbOEbYTokCPrrQ
# 5udhL1Psd004g3M0uiKYAv10D3GmRuBi+q8LZaI+AMDRY1dDURjDSzKL70FTqgUa
# TEQX5snT0tuPRUzS27hJi3l7P27WNQwK29Pl0m+JDAUcqzoqFZZzJoawQRBRnfeH
# AnmhocPNOYIV23RsQzE5XzO0Y0SAz8DbFLoUVyVMP+Cr2YuP7wqd0cSjkqFh+FS4
# eLGjPj7OA+oBHDoiaITlAMXCAH7mpmCnxPqjOKLdR9S6C7/btAWa1p+j3nLLv1od
# h2nM/e5K+pxg7eb3BHK0Xs2j5YNl7RfgKspg3BeSVueOTCniaPC8lzexp0MlIaKn
# Aulc7g7egb75LEknDpgt7vM636Vbv/noxMeqgwyxMnhJ60iojq6Hsxtk9u/699kL
# /1s+a4VjkGPgxQHqErNu4ig9gFPA1nHNwwW2ngXU+5F44lKD+025bgMPqjEutGaR
# waYEp6t8hp6IUJM3CI8NidxPlnU82kSHUAhem16k9cDxhsau8DsST91enqdREt4G
# xdqxyBLOQDLlPhtlMNfdh1ojrbUQx+UUdVcMnmPWpO4y+BHRqRmFIhb0W+wPdxCt
# PwIt/55ICTR57HzVXvAX4k0nkFCj4Go5x0Gj6sPbGCOql/zyTwg=
# =elGV
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri Nov 14 15:41:37 2025 GMT
# gpg:                using RSA key C1B8A89510FF7846011C6A799F2CF38AEBDB0AE0
# gpg: Good signature from "Andy Miller <rhuk@mac.com>" [ultimate]
 2025-11-14 15:41:37 +00:00
Andy Miller
c2560d4a58 Merge branch 'release/1.10.50' 2025-11-14 15:41:36 +00:00
Andy Miller
c4659c21be prepare for release 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-11-14 15:41:22 +00:00
Andy Miller
0a7f9c0e4e regression fix for session/logout 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-11-14 15:40:09 +00:00
Andy Miller
dfc1875129 some fixes for new safe-upgrade 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-11-14 14:42:39 +00:00
Andy Miller
a65eeed4dc improved safe upgrade success message 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-11-11 23:17:18 +00:00
Andy Miller
1cf9aa1f47 fix status bar percent 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-11-11 19:01:39 +00:00
Andy Miller
1dca097521 admin fixes for safe update 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-11-11 17:55:27 +00:00
Andy Miller
b568929d02 simplified safe-upgrade 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-11-10 11:40:01 +00:00
Andy Miller
0a1d38a561 algnment of array field fix 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-10-29 09:26:45 +00:00
Andy Miller
9078633b73 fix for deprecation notice 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-10-29 09:26:34 +00:00
Andy Miller
00be4faee1 stop deleting recover.window file 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-10-19 20:34:16 -06:00
Andy Miller
49a9b3bcc9 timer tweaks 
Signed-off-by: Andy Miller <rhuk@mac.com>
 2025-10-19 11:29:25 -06:00
Andy Miller
ce38f72600 ignore unpublished plugins 2025-10-19 10:52:40 -06:00
Andy Miller
08862b5e01 minor tweaks 2025-10-19 00:34:23 -06:00
Andy Miller
e81ed34dd6 fix labels in snapshots 2025-10-18 19:10:42 -06:00
Andy Miller
419fcc3f13 create adhoc snapshot 2025-10-18 18:41:39 -06:00
Andy Miller
c4fb1f7fd8 fixes for polling restore 2025-10-18 18:26:38 -06:00
Andy Miller
06632728f0 fixes for progress bar 2025-10-18 18:16:44 -06:00
Andy Miller
1e14c47d28 fixes for restore 2025-10-18 17:54:29 -06:00
Andy Miller
84cf62bc7b bg process for restore 2025-10-18 13:48:40 -06:00
Andy Miller
64bbed1312 Revert "minor tweaks" 
This reverts commit d437bd117a.
 2025-10-18 12:29:51 -06:00
Andy Miller
d437bd117a minor tweaks 2025-10-18 12:27:32 -06:00
Andy Miller
39aa026f3f restore tool - mostly working 2025-10-18 12:14:52 -06:00