Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-01-24 00:09:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
23,809 Commits 71 Branches 489 Tags
v1.19.x
Commit Graph

12350 Commits

Author SHA1 Message Date
Barış Soner Uşaklı
838d3da86d fix: backport socket.io vulnerability fix 2023-01-11 16:40:54 -05:00
Barış Soner Uşaklı
963bfff3ad fix: prototype vulnerability in socket.io onMessage 2022-11-28 09:00:53 -05:00
Barış Soner Uşaklı
65284c142a fix: use admin:groups priv for groups (#10960) 2022-10-12 12:52:00 -04:00
Barış Soner Uşaklı
175d53421b feat: store topic title and tags in diffs (#10900) 
* feat: store topic title and tags in diffs

allow restoring post diff if tags didn't change

* test: fix tests, fast computer problems
 2022-09-20 10:08:28 -04:00
Barış Soner Uşaklı
1e541de7db fix: don't crash if req.body.username is not string 
Error: req.body.username.trim is not a function
File: authenticationController.login (/usr/src/app/src/controllers/authentication.js:247:40)
 2022-08-05 08:19:44 -04:00
Barış Soner Uşaklı
b2bbc207a9 fix: don't crash if target/user is undefined 
Error: TypeError: Cannot read properties of undefined (reading 'displayname')
File: Flags.notify (/usr/src/app/src/flags.js:812:89)
 2022-08-05 08:19:37 -04:00
Barış Soner Uşaklı
9bcd66e52e feat: cross origin opener policy options (#10710) 2022-06-17 09:44:44 -04:00
Barış Soner Uşaklı
81e3c1ba48 fix: get rid of math.random in generateUUID 2022-05-26 12:25:49 -04:00
Barış Soner Uşaklı
82389469f6 feat: make it simpler to use redis sentinels 2022-04-22 15:39:27 -04:00
Barış Soner Uşaklı
d98ca43799 Revert "refactor: closes #10509" 
This reverts commit 7f241dbbe6.
 2022-04-22 15:24:02 -04:00
Barış Soner Uşaklı
7f241dbbe6 refactor: closes #10509 
deprecate third param(middleware) to setupPageRoute/setupAdminPageRoute
make middlewares optional on all 3 helpers
 2022-04-22 15:22:08 -04:00
Barış Soner Uşaklı
ac125538d0 refactor: show invalid uri 2022-04-22 12:13:43 -04:00
Barış Soner Uşaklı
a8e642ade2 refactor: skip content length check if submitting from post-queue 2022-04-21 12:23:37 -04:00
Barış Soner Uşaklı
b9f9164308 fix: #10502, allow unblocking admin/mod 
if they were blocked before becoming admin/mod it wasn't possible to unblock them
 2022-04-17 18:15:49 -04:00
Barış Soner Uşaklı
b28f9f776a feat: closes #10501, minimum reputation to chat 2022-04-16 21:37:54 -04:00
Barış Soner Uşaklı
5316029f91 fix: dont add caller to arrays 2022-04-13 15:09:58 -04:00
Barış Soner Uşaklı
c52401da02 fix: #10491, don't leak deleted message in cleanedContent 2022-04-12 15:36:06 -04:00
Julian Lam
9f91db16cb fix: #10473, trim trailing slashes on config url 2022-04-08 10:28:15 -04:00
Barış Soner Uşaklı
398777633f fix: closes #10436, fix DST issue on acp dashboard 2022-04-07 14:14:28 -04:00
Barış Soner Uşaklı
767973717b perf: WIP #10449, allow array of pids for posts.purge (#10465) 
* perf: WIP #10449, allow array of pids for posts.purge

* refactor: deletePostDiffs

* perf: deletePostFromReplies/deletePostFromGroups

* refactor: upload

* refactor: deleteFromCategoryRecentPosts

deleteFromUsersBookmarks
deleteFromUsersVotes

* feat: closes #10468, add incrObjectFieldByBulk

* refactor: allow nids for notifications.rescind

* refactor: allow uids array for user.updatePostCount

* refactor: rewrite deleteFromTopicUserNotification to work with an array

* feat: deprecate action:post.purge as well

* lint: add missing comma
 2022-04-07 14:06:25 -04:00
Barış Soner Uşaklı
799e94e02e feat: #10460, add cutoff to suggested topics 2022-04-05 15:37:31 -04:00
Barış Soner Uşaklı
e8058ca35c feat: add response:helpers.notAllowed 2022-04-04 17:34:52 -04:00
Barış Soner Uşaklı
b8765df5f4 feat: add filter:image.stripEXIF 2022-03-31 14:58:43 -04:00
CommanderRoot
200f0b2e4f refactor: replace deprecated String.prototype.substr() (#10432) 
.substr() is deprecated so we replace it with .slice() which works similarily but isn't deprecated

Signed-off-by: Tobias Speicher <rootcommander@gmail.com>
 2022-03-31 13:49:56 -04:00
chadjw
fe072d6091 Allows socket authentication to be handled within plugins (#10428) 2022-03-30 14:58:08 -04:00
Barış Soner Uşaklı
002a241cc5 fix: delete history as well 2022-03-23 19:07:18 -04:00
Barış Soner Uşaklı
93b6053284 fix: handle purge posts as well 2022-03-23 18:38:36 -04:00
Barış Soner Uşaklı
31251282ad feat: delete flagId field from post/user on flag purge 2022-03-23 15:38:21 -04:00
Barış Soner Uşaklı
03fdb5bede fix: byCid removal, targetCid not stored in flagObj 2022-03-23 15:27:45 -04:00
Barış Soner Uşaklı
3b529b84b5 feat: add flags.purge 2022-03-23 15:10:10 -04:00
Barış Soner Uşaklı
9abe22a04b refactor: remove some verbose logging 2022-03-22 18:29:37 -04:00
Barış Soner Uşaklı
29b86b3276 refactor: :trollface: 2022-03-18 15:58:29 -04:00
Barış Soner Uşaklı
421ba6e1a2 feat: new admin events, closes #10405 2022-03-18 15:54:40 -04:00
Barış Soner Uşaklı
55be42026c fix: upgrade script 2022-03-18 12:50:49 -04:00
Barış Soner Uşaklı
dab22d5fd0 perf: #10410, faster upgrade script 2022-03-18 12:40:13 -04:00
Julian Lam
38ca73c493 fix(security): explicitly declare cache-control header instead of using middleware 
This commit reverts 1f6f389ff2
 2022-03-18 11:56:16 -04:00
Julian Lam
1f6f389ff2 fix(security): cache-control on all pages using setupPageRoute or setupApiRoute, and 404 controllers. 
This commit also reverts e39cdd490b
 2022-03-17 21:42:26 -04:00
Julian Lam
e39cdd490b fix(security): explicitly set cache-control 'private' on any page where a header is built 2022-03-17 16:24:03 -04:00
Julian Lam
2b9b2b4a25 fix: column counts for other privileges 2022-03-17 13:38:40 -04:00
Barış Soner Uşaklı
3935a86b83 fix: topic events if there is a blocked user in topic 2022-03-16 16:56:07 -04:00
Barış Soner Uşaklı
2808c952c5 fix: topic events disappearing if there are queued posts 2022-03-16 15:52:59 -04:00
Julian Lam
cd687cff06 fix: #10393, move 'Create User' control to overflow menu 2022-03-15 13:57:09 -04:00
Barış Soner Uşaklı
7c946570d5 feat: on online users page override timeago cutoff to 24 hours 2022-03-11 23:42:46 -05:00
Barış Soner Uşaklı
7d063d731e fix: global privs 2022-03-11 23:42:06 -05:00
Barış Soner Uşaklı
be6bbabd0e feat: ability to mute users 
new mute privilege
 2022-03-11 23:07:20 -05:00
Julian Lam
cb113208bb fix: #10384 -- mixed up sizes for fallback touch icons 2022-03-11 16:24:19 -05:00
Barış Soner Uşaklı
c8e986d61c refactor: closes #10301 2022-03-11 15:33:28 -05:00
Barış Soner Uşaklı
3414a23bce feat: min:rep:upvote, and other limits similar to downvotes 
closes #10380
 2022-03-11 13:34:36 -05:00
Barış Soner Uşaklı
2056ac04e0 feat: post-queue hooks, closes #10381 2022-03-11 12:27:07 -05:00
Barış Soner Uşaklı
df46ab4874 feat: add hook filter:posts.getUserInfoForPosts 2022-03-09 15:05:11 -05:00