[UPMERGE] 2.0 -> bootstrap-admin-panel #16250
Merged
Commits on May 9, 2024
Commits on May 10, 2024
-
-
-
-
-
-
bug #69 Fix potential xss in AdressBook and Checkout (mpysiak, GSadee)
This PR was merged into the 1.12 branch. Discussion ---------- | Q | A | --------------- | ----- | Branch? | 1.12 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Related tickets | n/a | License | MIT Fixes CVE-2024-29376. Reported here: https://github.com/r2tunes/Reports/blob/main/Sylius.md Commits ------- 0a7fe9e Add js sanitizeInput function 89880cd Add sanitizer function to UIBundle 19cea9a Use function from UIBundle 3d66fb0 [AddressBook] Add scenario for preventing from a potential XSS attack 9255540 [Checkout] Add scenario for preventing from a potential XSS attack 30de6ff [Behat] Minor scenarios improvements after code review
-
bug #76 Fix potential xss in admin panel (mpysiak)
This PR was merged into the 1.12 branch. Discussion ---------- | Q | A |-----------------|----- | Branch? | 1.12 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Related tickets | n/a | License | MIT Fixes potential xss in admin panel (Taxons and Products) Commits ------- d4812f9 Fix potential xss in admin panel 29d18a3 Use function from UIBundle c11c424 Fix product-auto-complete a17de6d Test adding new taxon d25edf3 Test adding new simple product 63c3cf7 Test adding similar products 679e793 Fixes after CR
-
-
bugfix #16241 [Security] Fixes for potential XSS in the Checkout, Add…
…ress Book and Admin Panel (GSadee) This PR was merged into the 1.12 branch. Discussion ---------- | Q | A |-----------------|----- | Branch? | 1.12 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Related tickets | | License | MIT This PR aims to solve 2 issues: - Potential Cross Site Scripting (XSS) via the "Province" field in the Checkout and Address Book (https://github.com/r2tunes/Reports/blob/main/Sylius.md) - Potential Cross Site Scripting (XSS) via the "Name" field (Taxons, Products, Options, Variants) in the Admin Panel Commits ------- Fix potential xss in admin panel Use function from UIBundle Fix product-auto-complete Add js sanitizeInput function Add sanitizer function to UIBundle Use function from UIBundle [AddressBook] Add scenario for preventing from a potential XSS attack [Checkout] Add scenario for preventing from a potential XSS attack [Behat] Minor scenarios improvements after code review Test adding new taxon Test adding new simple product Test adding similar products Fixes after CR bug #69 Fix potential xss in AdressBook and Checkout (mpysiak, GSadee) bug #76 Fix potential xss in admin panel (mpysiak) [Behat] Minor scenarios improvements
-
minor #16232 [Maintenance] Update docker docs (Wojdylak)
This PR was merged into the 1.12 branch. Discussion ---------- | Q | A |-----------------|----- | Branch? | 1.12 | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Related tickets | N/A | License | MIT Commits ------- 6ca4a6a [Maintenance] Update docker docs 3fa947e [Maintenance] Remove unnecessary line
-
minor #16233 Add wider support for deprecation contract (Jibbarth)
This PR was merged into the 1.13 branch. Discussion ---------- | Q | A |-----------------|----- | Branch? | 1.13 | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Related tickets | N/A | License | MIT Hello, I wanted to add a library, but I got stuck with the deprecation-contract, the library I wanted only accept `^3.0` As we can see on the [diff](symfony/deprecation-contracts@2.5...3.4), there is not so much change between the two version. I think we can add that version too without changing anything else. Tell me if I should target `1.12` instead. Thanks Commits ------- ac1d727 Add wider support for deprecation contract
-
* 1.12: [Behat] Minor scenarios improvements Fixes after CR Test adding similar products Test adding new simple product Test adding new taxon [Behat] Minor scenarios improvements after code review [Checkout] Add scenario for preventing from a potential XSS attack [AddressBook] Add scenario for preventing from a potential XSS attack Use function from UIBundle Add sanitizer function to UIBundle Add js sanitizeInput function Fix product-auto-complete Use function from UIBundle Fix potential xss in admin panel [Maintenance] Remove unnecessary line [Maintenance] Update docker docs
-
* 1.13: [Behat] Minor scenarios improvements Fixes after CR Test adding similar products Test adding new simple product Test adding new taxon [Behat] Minor scenarios improvements after code review [Checkout] Add scenario for preventing from a potential XSS attack [AddressBook] Add scenario for preventing from a potential XSS attack Use function from UIBundle Add sanitizer function to UIBundle Add js sanitizeInput function Fix product-auto-complete Use function from UIBundle Fix potential xss in admin panel Add wider support for deprecation contract [Maintenance] Remove unnecessary line [Maintenance] Update docker docs
-
* 1.14: [Behat] Minor scenarios improvements Fixes after CR Test adding similar products Test adding new simple product Test adding new taxon [Behat] Minor scenarios improvements after code review [Checkout] Add scenario for preventing from a potential XSS attack [AddressBook] Add scenario for preventing from a potential XSS attack Use function from UIBundle Add sanitizer function to UIBundle Add js sanitizeInput function Fix product-auto-complete Use function from UIBundle Fix potential xss in admin panel Add wider support for deprecation contract [Maintenance] Remove unnecessary line [Maintenance] Update docker docs
-
-
-
-
* 1.12: Change application's version to v1.12.17-dev Generate changelog for v1.12.16 Change application's version to v1.12.16
-
* 1.13: Change application's version to v1.12.17-dev Generate changelog for v1.12.16 Change application's version to v1.12.16
-
* 1.14: Change application's version to v1.12.17-dev Generate changelog for v1.12.16 Change application's version to v1.12.16
-
-
-
-
* 1.13: Change application's version to v1.13.2-dev Generate changelog for v1.13.1 Change application's version to v1.13.1
-
* 1.14: Change application's version to v1.13.2-dev Generate changelog for v1.13.1 Change application's version to v1.13.1
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.