ok

Mini Shell

Direktori : /proc/self/root/var/softaculous/kanboard/
Upload File :
Current File : //proc/self/root/var/softaculous/kanboard/changelog.txt

Version 1.2.37 (June 5, 2024)
-----------------------------

* Add CSRF check and remove `project_id` form value for `addUser` and `addGroup` actions ([CVE-2024-36399](https://github.com/kanboard/kanboard/security/advisories/GHSA-x8v7-3ghx-65cv))
* Update `symfony/*` dependencies
* Update Docker image to Alpine 3.20
* Update Russian and Hungarian translation
* Add `color_id` argument to `createCategory` and `updateCategory` API procedures
* Add link to create a comment before the list
* Fix: unable to create comments with "c" shortcut or "Add a comment" menu

Version 1.2.36 (May 2, 2024)
----------------------------

* Add comments visibility
* Add explicit int casting to avoid PHP 8 TypeError when having empty automatic action parameters
* Add new config option `DASHBOARD_MAX_PROJECTS`
* Add reply feature to comments
* Fix search bar layout when adding more buttons via third-party plugins
* Introduce a Git hook to automatically update `version.txt` during Git checkout
* Performance improvements:
    * Don't count closed tasks when rendering the board
    * Force the use of the cache when there is no custom roles
* Use unique plugin name instead of plugin title for plugin registry logic
* Update dependencies

Version 1.2.35 (February 2, 2024)
---------------------------------

* Add missing HTML escaping when showing group membership in user profile ([CVE-2024-22720](https://github.com/kanboard/kanboard/security/advisories/GHSA-8p3h-v7fc-xppj))
* Update Dutch translation
* Update Bulgarian translation
* Bump `phpunit/phpunit` from `9.6.15` to `9.6.16`
* Bump `symfony/console` from `5.4.32` to `5.4.34`

Version 1.2.34 (December 13, 2023)
----------------------------------

* Upgrade Docker image to Alpine 3.19 and PHP 8.3
* API: Avoid PHP notice when searching for a project name that does not exist
* Update Bulgarian translation
* Bump `symfony/console` from `5.4.28` to `5.4.32`
* Bump `phpunit/phpunit` from `9.6.13` to `9.6.15`

Version 1.2.33 (October 15, 2023)
---------------------------------

* Do not close modals when clicking on the background
* Add Bulgarian translation
* Update Ukrainian and Russian translations
* Show the two factor form in the middle of the screen like the login form does
* Do not override the `creator_id` with the current logged user if the task is imported
* Add basic Dev Container configs
* Add adaptive SVG favicon and more SVG variants:
    * See https://web.dev/building-an-adaptive-favicon/
    * Added more variant of the original Inkscape icon:
        - Text SVG
        - Vectorized text path SVG
        - Optimized SVG icon
* Remove `project_id` from task links (A few were missed in #4892)
* Remove unused and invalid method in `ProjectModel`
* Update `phpunit/phpunit` and `symfony/*` dependencies
* Update vendor folder

Version 1.2.32 (July 11, 2023)
------------------------------

* Fix unexpected EventDispatcher exception in cronjob and during logout
* Integration Tests: Run `apt update` before installing Apache
* Automatic action `TaskMoveColumnClosed` does not log column movement
* Tweak Sqlite connection settings to reduce database locked errors
* Bump `phpunit/phpunit` from `9.6.9` to `9.6.10`

Version 1.2.31 (July 3, 2023)
-----------------------------

Security Fixes:

	[CVE-2023-36813: Avoid potential SQL injections without breaking compatibility with plugins](https://github.com/kanboard/kanboard/security/advisories/GHSA-9gvq-78jp-jxcx)

Other fixes and updates:

	Run tests with PHP 8 on GitHub Actions
	Bump Symfony dependencies
	Update Composer dependencies to be able to run tests with PHP 8.2
	Add `/usr/bin/php` symlink in the Docker image
	Replace usage of `at()` matcher with alternatives in unit tests
	Adjust plugin directory test case to work on released versions
	Fix incorrect background dynamic property in captcha library
	Update translations

Version 1.2.30 (June 2, 2023)
-----------------------------

Security Fixes:

	[CVE-2023-33956: Parameter based Indirect Object Referencing leading to private file exposure](https://github.com/kanboard/kanboard/security/advisories/GHSA-r36m-44gg-wxg2)
	[CVE-2023-33968: Missing access control allows user to move and duplicate tasks to any project in the software](https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr)
	[CVE-2023-33969: Stored XSS in the Task External Link Functionality](https://github.com/kanboard/kanboard/security/advisories/GHSA-8qvf-9847-gpc9)
	[CVE-2023-33970: Missing access control in internal task links feature](https://github.com/kanboard/kanboard/security/advisories/GHSA-wfch-8rhv-v286)

Other Fixes:

	Avoid PHP warning caused by `session_regenerate_id()`
	Avoid CSS issue when upgrading to v1.2.29 without flushing user sessions

Zerion Mini Shell 1.0