Project

General

Profile

Activity

From 2019-12-09 to 2020-01-07

2020-01-07

09:26 Revision ab16e2ed: [TASK] Add max_line_length to .editorconfig for rst files
The maximum line length of documentation files (80 characters)
should be reflected in the .editorconfig as described ...
Chris Müller
08:41 Revision e7f4e666: [DOCS] Link to same version in documentation
Each documentation directory contains a Settings.cfg, which defines
the start urls to be used for intersphinx linking...
Sybille Peters
07:09 Revision 80f7613a: [TASK] Add max_line_length to .editorconfig for rst files
The maximum line length of documentation files (80 characters)
should be reflected in the .editorconfig as described ...
Chris Müller

2020-01-06

16:06 Revision f5a0c76a: [TASK] Use PermutationUtility::meltStringItems in test cases
Resolves: #90057
Releases: master, 9.5
Change-Id: Ifee8153c4f49b7fdde544a51bc19ee7d6e21b323
Reviewed-on: https://revi...
Oliver Hader
15:54 Revision 98e19a62: [TASK] Use PermutationUtility::meltStringItems in test cases
Resolves: #90057
Releases: master, 9.5
Change-Id: Ifee8153c4f49b7fdde544a51bc19ee7d6e21b323
Reviewed-on: https://revi...
Oliver Hader
15:52 Revision ee7bbcb9: [TASK] Introduce PermutationUtility
Permutations are currently used in test cases - however it would
be possible to make use of this functionality in reg...
Oliver Hader
14:44 Revision 89c62ee2: [DOCS] Update Deprecation 79440 Changelog entry
Correct formatting of codeblock in "Link Browser" description.
Releases: master, 9.5, 8.7
Resolves: #90058
Change-Id...
Thomas Anders
14:31 Revision 97fb25c1: [DOCS] Update Deprecation 79440 Changelog entry
Correct formatting of codeblock in "Link Browser" description.
Releases: master, 9.5, 8.7
Resolves: #90058
Change-Id...
Thomas Anders
14:18 Revision 29b5e22b: [DOCS] Update Deprecation 79440 Changelog entry
Correct formatting of codeblock in "Link Browser" description.
Releases: master, 9.5, 8.7
Resolves: #90058
Change-Id...
Thomas Anders
13:44 Revision 61a1260d: [TASK] Introduce PermutationUtility
Permutations are currently used in test cases - however it would
be possible to make use of this functionality in reg...
Oliver Hader

2019-12-31

14:26 Revision 40fd85f0: [FEATURE] Add argument "fields" to editRecord ViewHelpers
The <be:link.editRecord> and <be:url.editRecord> now have an option
argument "fields" which can be used to limit the ...
Sybille Peters
14:05 Revision ba6219d1: [BUGFIX] Return integer value from Command::execute()
Symfony version 5 expects an integer as the return value from
Command::execute() in the Command class. This bugfix re...
Michael Schams
13:09 Revision 2a6128b2: [BUGFIX] Use correct variable naming for PID value in DataHandler
The change of issue #90019 introduced a mis-spelling in hte variable naming,
where the variable was named "$tscPid" b...
Benni Mack
12:49 Revision f13f60ea: [BUGFIX] PopulatePageSlugs return the most recent slug
The populate page slugs functionality in de upgrade wizard does not
work correct for pages with multiple title adjust...
Herman Kremer
10:56 Revision 58092b28: [TASK] Avoid starting superfluous PHP session
TYPO3 backend does not need PHP session handling since
it has its own session handling implementation.
Resolves: #90...
Oliver Hader
10:56 Revision 248ea1d5: [TASK] Clean up Page Permission handling in DataHandler
TYPO3's page permissions are based on five fields and a bitset.
- perms_userid
- perms_groupid
- perms_user
- perms_...
Benni Mack
00:50 Revision a28c475e: [BUGFIX] PopulatePageSlugs return the most recent slug
The populate page slugs functionality in de upgrade wizard does not
work correct for pages with multiple title adjust...
Herman Kremer

2019-12-30

12:28 Revision 12742a6b: [TASK] Remove leftover "menu_type" occurrences
With TYPO3 v8.6, the new Content Types for menus were introduced
where each menu type is not stored in the database f...
Benni Mack
12:20 Revision 4b848ab3: [TASK] Avoid buildAccessibleProxy in tests
Tests should use getAccessibleMock() in all cases so
our testing API is used consistently everywhere.
The tests also...
Benni Mack
10:48 Revision 52ad1726: [TASK] Disallow .php8 file extensions for uploading
With PHP 8 on the horizon, TYPO3 Core should be prepared
to also disallow files with the file extension ".php8" for u...
Benni Mack
10:47 Revision 488e1c3a: [TASK] Replace usage of BaseTestCase::getUniqueId() with core function
Tests can use the core function StringUtility::getUniqueId(), after both
functions provide the same service.
Resolve...
Anja Leichsenring
10:44 Revision 1bf94f71: [BUGFIX] Test failure due to erroneous usage of uniqueId() function
The function in testing-framework provides a string that is target to be
used e.g. for HTML tags, but the BackendUser...
Anja Leichsenring
10:43 Revision e171c0b3: [TASK] Disallow .php8 file extensions for uploading
With PHP 8 on the horizon, TYPO3 Core should be prepared
to also disallow files with the file extension ".php8" for u...
Benni Mack
10:26 Revision 2db847fb: [TASK] Apply rector set php71
php bin/rector process
A couple of rectors have been disabled due to different reasons:
- Rector\Php71\Rector\FuncC...
Alexander Schnitzler
10:18 Revision 4c4c629b: [TASK] Disallow .php8 file extensions for uploading
With PHP 8 on the horizon, TYPO3 Core should be prepared
to also disallow files with the file extension ".php8" for u...
Benni Mack

2019-12-28

13:31 Revision 45a7e5a7: [DOCS] Correct code block for site configuration
The example claims to result in'.../detail/...', site configuration
needs to reflect that.
Releases: master, 9.5
Res...
Stephan Salzmann
00:43 Revision 1c79abe4: [BUGFIX][DOCS] Rename RST file from "Galacian" to "Galician"
Resolves: #90027
Releases: master
Change-Id: I0783db5e26ceaba836a618f6dfce104080a4762d
Reviewed-on: https://review.ty...
Benni Mack
00:30 Revision f6eae8a8: [DOCS] Update Context API usage example
Releases: master, 9.5
Resolves #90025
Change-Id: I8e155f7f15bf291bddf11c74cead8c68c91de49f
Reviewed-on: https://revi...
Tymoteusz Motylewski
00:29 Revision ec86b787: [DOCS] Correct code block for site configuration
The example claims to result in'.../detail/...', site configuration
needs to reflect that.
Releases: master, 9.5
Res...
Stephan Salzmann

2019-12-27

23:47 Revision 357f4df7: [BUGFIX] Fix /date|time|int/ regex in backend search
Several parts of the core use the regular expression /date|time|int/ to
test, if an 'eval' TCA configuration of a fie...
Christian Eßl
23:39 Revision e577f9b6: [DOCS] Update Context API usage example
Releases: master, 9.5
Resolves #90025
Change-Id: I8e155f7f15bf291bddf11c74cead8c68c91de49f
Reviewed-on: https://revi...
Tymoteusz Motylewski
23:36 Revision 9b748609: [BUGFIX] Reset evaluate permissions to previous value
Resolves: #89842
Releases: master, 9.5
Change-Id: I42ffcc313290867d0410265f4c900225ceb554e2
Reviewed-on: https://revi...
Susanne Moog
23:29 Revision e40561d7: [TASK] Add index to slug field
`TYPO3\CMS\Core\Routing\PageRouter::getPagesFromDatabaseForCandidates`
looks-up candidates for the page using the `sl...
Oliver Bartsch
23:25 Revision c107c7a4: [TASK] Add index to slug field
`TYPO3\CMS\Core\Routing\PageRouter::getPagesFromDatabaseForCandidates`
looks-up candidates for the page using the `sl...
Tizian Schmidlin
23:17 Revision f1587a98: [BUGFIX] Fix /date|time|int/ regex in backend search
Several parts of the core use the regular expression /date|time|int/ to
test, if an 'eval' TCA configuration of a fie...
Christian Eßl
22:35 Revision e331227b: [BUGFIX] Reset evaluate permissions to previous value
Resolves: #89842
Releases: master, 9.5
Change-Id: I42ffcc313290867d0410265f4c900225ceb554e2
Reviewed-on: https://revi...
Susanne Moog
20:38 Revision ab845258: [FEATURE] Add galacian flag
The flag for TYPO3's supported galacian is now added with the "gl.png" flag.
TYPO3 core previously had the "greenlan...
Benni Mack
19:12 Revision f03118eb: [BUGFIX] Include .htaccess file in extension packages
Adopt the excludeForPackaging to include also .htaccess files in
extension downloads of extension manager.
Resolves:...
Georg Ringer
17:13 Revision 715977d5: [BUGFIX] PopulatePagesSlugs should respect tx_realurl_pathsegment field
For upgrading from an old versions where EXT:realurl was used
the PopulatePagesSlugs upgradeWizard is in place.
It no...
Tobias Gaertner
16:45 Revision 771f3d87: [BUGFIX] Test failure due to erroneous usage of uniqueId() function
The function in testing-framework provides a string that is target to be
used e.g. for HTML tags, but the BackendUser...
Anja Leichsenring
16:28 Revision 7f281cd6: [BUGFIX] Test failure due to erroneous usage of uniqueId() function
The function in testing-framework provides a string that is target to be
used e.g. for HTML tags, but the BackendUser...
Anja Leichsenring
16:22 Revision 5567fd90: [BUGFIX] PopulatePagesSlugs should respect tx_realurl_pathsegment field
For upgrading from an old versions where EXT:realurl was used
the PopulatePagesSlugs upgradeWizard is in place.
It no...
Tobias Gaertner
15:03 Revision 1cca1d81: [TASK] Acceptance tests for keyboard interaction with pagetree
Add keyboard interaction acceptance tests for the pagetree interactions.
Currently testing Home key, End key, naviga...
Michael Telgkamp
13:36 Revision e11c2a20: [TASK] Remove report for ext:compatibility7
The extension does not exist for TYPO3 versions above 8, so the report
must not exist either in these versions.
Reso...
Anja Leichsenring
13:22 Revision 0c25ed1b: [TASK] Remove report for ext:compatibility7
The extension does not exist for TYPO3 versions above 8, so the report
must not exist either in these versions.
Reso...
Anja Leichsenring
12:33 Revision cf3bd5aa: [TASK] Correctly nest testing template instructions in DOM
Resolves: #90016
Releases: master, 9.5
Change-Id: Id7fc792515cfc333118105ae832c2f283e455535
Reviewed-on: https://revi...
Oliver Hader
12:33 Revision 5a6c00c3: [TASK] Correctly nest testing template instructions in DOM
Resolves: #90016
Releases: master, 9.5
Change-Id: Id7fc792515cfc333118105ae832c2f283e455535
Reviewed-on: https://revi...
Oliver Hader
10:08 Revision 1d381c28: [TASK] Remove repository polling trigger from pre-merge test plans
The trigger will cause the plan to be executed after merge, which
is not needed because nightly plans take care of it...
Anja Leichsenring
10:08 Revision 35c321ac: [TASK] Remove repository polling trigger from pre-merge test plans
The trigger will cause the plan to be executed after merge, which
is not needed because nightly plans take care of it...
Anja Leichsenring
09:51 Revision 54d456e5: [TASK] Remove repository polling trigger from pre-merge test plans
The trigger will cause the plan to be executed after merge, which
is not needed because nightly plans take care of it...
Anja Leichsenring
09:50 Revision 8657d042: [TASK] COMPOSER_ROOT_VERSION raise to current version 8.7.30
Resolves: #89976
Releases: master, 9.5, 8.7
Change-Id: I82d5811d9532ee47bcf2254c6bc18e4a3e0e74d0
Reviewed-on: https:/...
Anja Leichsenring
09:50 Revision aa1feb24: [TASK] COMPOSER_ROOT_VERSION raise to current version 9.5.13
Resolves: #89976
Releases: master, 9.5, 8.7
Change-Id: I82d5811d9532ee47bcf2254c6bc18e4a3e0e74d0
Reviewed-on: https:/...
Anja Leichsenring
09:27 Revision 0e7ca25a: [TASK] COMPOSER_ROOT_VERSION raise to current version 10.2.0
Resolves: #89976
Releases: master, 9.5, 8.7
Change-Id: I82d5811d9532ee47bcf2254c6bc18e4a3e0e74d0
Reviewed-on: https:/...
Anja Leichsenring

2019-12-23

13:04 Revision 834a7398: [BUGFIX] Avoid showing telephone element for route link browser
Affects following site configuration aspects in site management module:
* page based error handling source field in l...
Oliver Hader

2019-12-20

13:19 Revision 9f7b336e: [TASK] Update codeception and phpunit to latest versions
Updating codeception (2.5.6) and phpunit (6.2.4)
to latest allowed versions allows for further updating other depende...
Benni Mack
09:54 Revision 33ad14ca: [TASK] Update codeception and phpunit to latest versions
Updating codeception (2.5.6) and phpunit (7.5.18)
to latest versions allows for further updating other dependencies
T...
Benni Mack
09:14 Revision c7b44085: [TASK] Update codeception and phpunit to latest versions
Updating codeception (3.2.1) and phpunit (8.5.0)
to latest versions allows for further updating other dependencies
TY...
Benni Mack
08:23 Revision 6881edfb: [BUGFIX] Include .htaccess file in extension packages
Adopt the excludeForPackaging to include also .htaccess files in
extension downloads of extension manager.
Resolves:...
Georg Ringer
08:20 Revision a9b64f12: [TASK] Simplify checks on Import about allowed filenames
In TYPO3 v10, BasicFileUtility is not used by DataHandler anymore,
and never initialized with other file permissions ...
Benni Mack

2019-12-19

18:33 Revision d126080b: [BUGFIX] Fix various misbehaviors in "Broken Extension Scanner"
The "Broken Extension Scanner" has some flaws that are fixed with this
patch:
- Only one request is sent to scan all...
Andreas Fernandez
15:00 Revision ec192807: [TASK] Apply rector set php70
php bin/rector process
The Rector\Php70\Rector\List_\ListSwapArrayOrderRector rector
has been disabled as this needs...
Alexander Schnitzler
14:47 Revision 41d48e24: [TASK] Update rector/rector
composer remove --dev rector/rector
composer require --dev rector/rector:~0.6
The update of rector brings import...
Alexander Schnitzler
07:49 Revision 4307ef9a: [BUGFIX] Adjust parameters of implode() for PHP 7.4
The TimeTracker has been using the wrong order of glue
and pieces, the PageLayoutView has used implode with only
one ...
Susanne Moog
07:45 Revision 56914b3f: [TASK] Increase wait limit for mssql containers
For testing mssql based jobs, the wait limit for the database
to answer gets raised from 60 to 120 seconds to avoid b...
Anja Leichsenring
07:44 Revision 10b97945: [BUGFIX] Adjust parameters of implode() for PHP 7.4
The TimeTracker has been using the wrong order of glue
and pieces, the PageLayoutView has used implode with only
one ...
Susanne Moog
07:44 Revision 4203cde3: [TASK] Increase wait limit for mssql containers
For testing mssql based jobs, the wait limit for the database
to answer gets raised from 60 to 120 seconds to avoid b...
Anja Leichsenring
07:28 Revision 9052f92b: [TASK] Increase wait limit for mssql containers
For testing mssql based jobs, the wait limit for the database
to answer gets raised from 60 to 120 seconds to avoid b...
Anja Leichsenring
07:27 Revision adbc6746: [BUGFIX] Adjust parameters of implode() for PHP 7.4
The TimeTracker has been using the wrong order of glue
and pieces, the PageLayoutView has used implode with only
one ...
Susanne Moog

2019-12-18

17:07 Revision 4be3b783: [BUGFIX] Use correct implode(string, array) syntax
The usage of implode(array, string) has been marked as
deprecated by PHP and triggers PHP Deprecation warnings
by usi...
Anja Leichsenring
17:03 Revision e2dd92d6: [BUGFIX] Use correct implode(string, array) syntax
The usage of implode(array, string) has been marked as
deprecated by PHP and triggers PHP Deprecation warnings
by usi...
Anja Leichsenring
16:36 Revision 843abcba: [BUGFIX] Use correct implode(string, array) syntax
The usage of implode(array, string) has been marked as
deprecated by PHP and triggers PHP Deprecation warnings
by usi...
Anja Leichsenring
15:27 Revision f7daef58: [TASK] Use new subdomain for new translation server
Use the final subdomain localize.typo3.org instead of
beta-translation.typo3.org. The latter is still available
and w...
Georg Ringer
14:29 Revision 3e66cdd4: [TASK] Apply rector set php56
php bin/rector process
Releases: master
Resolves: #89807
Change-Id: I667199693dc519d0353d8e10b40d86faf1cf946a
Review...
Alexander Schnitzler
14:00 Revision b959c51a: [TASK] Introduce functional test for RequestBuilder
The now introduced functional tests are a replacement
for the unit tests which were only possible by mocking
the hell...
Alexander Schnitzler
12:36 Revision 46df6a75: [TASK] Speed up tests
Some tests use "accessibleMock" (= eval() code) where
it is completely unnecessary as not even a mock is needed.
Res...
Benni Mack
09:00 Revision cb5a03b3: [TASK] Fix closure comparison in test
ExactValueMatching of Closures in Prophecy may
result in Comparison Failures causing the test
to fail in newer PHPUni...
Susanne Moog
08:49 Revision 62bce638: [TASK] Fix closure comparison in test
ExactValueMatching of Closures in Prophecy may
result in Comparison Failures causing the test
to fail in newer PHPUni...
Susanne Moog

2019-12-17

17:44 Revision 8123da83: [BUGFIX] Include .htaccess file in extension packages
Adopt the excludeForPackaging to include also .htaccess files in
extension downloads of extension manager.
Resolves:...
Georg Ringer
16:21 Revision b93798c3: [TASK] Remove redundancies in install tool ext conf template
This patch:
1. Removes a redundant usage of a "NoSpace" VH and
the associated namespace import since there are no...
Claus Due
15:52 Revision 3f8383ea: [TASK] Set TYPO3 version to 9.5.14-dev
Change-Id: I588f58be41926e759bbb9061f60e5c4871fab7bf
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/627...
Oliver Hader
15:17 Revision 4453a684: [RELEASE] Release of TYPO3 9.5.13
Change-Id: Ibe01fb68bd29b214f785e69394cbf342572bc487
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/627...
Oliver Hader
14:47 Revision 096ee6cc: [BUGFIX] Re-introduce removed methods
Due to a backport from change
https://review.typo3.org/c/Packages/TYPO3.CMS/+/62272
into 9.5, some "protected" method...
Benni Mack
12:55 Revision 1f34c446: [TASK] Set TYPO3 version to 10.2.3-dev
Change-Id: I4483812169b1018e536e8a2ab436a9a6c34e85c6
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/627...
Oliver Hader
12:36 Revision b7d2c8f9: [RELEASE] Release of TYPO3 10.2.2
Change-Id: Ic0ae2c8bd12b5af114774753a93f2c1150362a87
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/627...
Oliver Hader
12:33 Revision 9e35dd42: [TASK] Set TYPO3 version to 10.2.2-dev
Change-Id: I2a8852435282bdd22cd19ce34374a4afac3247a6
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/627...
Oliver Hader
12:31 Revision 4c0cdfa1: [TASK] Set TYPO3 version to 9.5.13-dev
Change-Id: Ie5bbfc1fc8a592a005777a6280d5b767e44ef816
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/627...
Oliver Hader
12:31 Revision 8c359e39: [TASK] Set TYPO3 version to 8.7.31-dev
Change-Id: I0af2b6d506de2f84a8f983ec5b064e5d3618d5c8
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/627...
Oliver Hader
12:00 Revision aa2abdaf: [RELEASE] Release of TYPO3 10.2.1
Change-Id: Icb5a05d964912a59e6aea6822714e44c677a3954
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/627...
Oliver Hader
11:53 Revision efd84a5a: [RELEASE] Release of TYPO3 9.5.12
Change-Id: I2ba8373f9066b167dc29ccf96818edfffea9afeb
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/627...
Oliver Hader
11:49 Revision 23b71bb1: [RELEASE] Release of TYPO3 8.7.30
Change-Id: I0c8a3f85810f7ba6886c2d46537e0760f9d64499
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/627...
Oliver Hader
10:53 Revision fdf9cdad: [SECURITY] Avoid insecure deserialization in QueryGenerator & QueryView
Resolves: #89005
Releases: master, 9.5, 8.7
Security-Commit: 82656cf8149d04f31b1441a03415b5e9a067c614
Security-Bullet...
Frank Nägler
10:53 Revision 948df21e: [SECURITY] Prevent SQLi in ext:lowlevel QueryGenerator
Resolves: #89452
Releases: master, 9.5, 8.7
Security-Commit: d73e50f02afc5459f737282ede6cc70579fe7181
Security-Bullet...
Frank Nägler
10:53 Revision 0efda30c: [SECURITY] Avoid directory traversal on archive extraction
The Extension Manager and Language Pack Manager receive Zip archives as
input from foreign sources and extract them o...
Andreas Fernandez
10:53 Revision 51bbb971: [SECURITY] XSS in file list through file extension
FAL currently filters invalid characters from file names stored by its
API. However, this sanitization took no effect...
Andreas Fernandez
10:52 Revision 21e9e643: [SECURITY] Avoid XSS by correctly encoding typolink results
In order to avoid XSS through typolink, anchor text is encoded
correctly to be used in a HTML context. Fallback link ...
Oliver Hader
10:52 Revision 37ed78a1: [SECURITY] Prevent XSS in EXT:form error message output
Resolves: #88629
Releases: master, 9.5, 8.7
Security-Commit: df38c239aa9c627fb7b6f1c384d45ff0940d98fa
Security-Bullet...
Frank Nägler
10:52 Revision 8d05c315: [SECURITY] Avoid insecure deserialization in QueryGenerator & QueryView
Resolves: #89005
Releases: master, 9.5, 8.7
Security-Commit: bb72a2eb30bd30933efa97368ccb98977a05a4d3
Security-Bullet...
Frank Nägler
10:52 Revision e1e56e7b: [SECURITY] Prevent SQLi in ext:lowlevel QueryGenerator
Resolves: #89452
Releases: master, 9.5, 8.7
Security-Commit: f38d2ac58d9ac991d97e9d0112351593b723349a
Security-Bullet...
Frank Nägler
10:52 Revision 4ec29f44: [SECURITY] Avoid directory traversal on archive extraction
The Extension Manager and Language Pack Manager receive Zip archives as
input from foreign sources and extract them o...
Andreas Fernandez
10:52 Revision 044d7dbe: [SECURITY] XSS in file list through file extension
FAL currently filters invalid characters from file names stored by its
API. However, this sanitization took no effect...
Andreas Fernandez
10:52 Revision 25f796b9: [SECURITY] Avoid XSS by correctly encoding typolink results
In order to avoid XSS through typolink, anchor text is encoded
correctly to be used in a HTML context. Fallback link ...
Oliver Hader
10:52 Revision e971b012: [SECURITY] Prevent XSS in EXT:form error message output
Resolves: #88629
Releases: master, 9.5, 8.7
Security-Commit: e179b6dd34bb47f2af28c58c19a14f46ae8f9f52
Security-Bullet...
Frank Nägler
10:51 Revision f4746095: [SECURITY] Avoid insecure deserialization in QueryGenerator & QueryView
Resolves: #89005
Releases: master, 9.5, 8.7
Security-Commit: 3ca6645677105db7b6e0d6babba52f2b0e27d48b
Security-Bullet...
Frank Nägler
10:51 Revision 0d975eda: [SECURITY] Prevent SQLi in ext:lowlevel QueryGenerator
Resolves: #89452
Releases: master, 9.5, 8.7
Security-Commit: befc2d3d188753b528e721ffaac46ac060fb7b82
Security-Bullet...
Frank Nägler
10:51 Revision ec053dc0: [SECURITY] Avoid directory traversal on archive extraction
The Extension Manager and Language Pack Manager receive Zip archives as
input from foreign sources and extract them o...
Andreas Fernandez
10:51 Revision fcc1bab0: [SECURITY] XSS in file list through file extension
FAL currently filters invalid characters from file names stored by its
API. However, this sanitization took no effect...
Andreas Fernandez
10:51 Revision 64db88b9: [SECURITY] Avoid XSS by correctly encoding typolink results
In order to avoid XSS through typolink, anchor text is encoded
correctly to be used in a HTML context. Fallback link ...
Oliver Hader
10:51 Revision 9692bf83: [SECURITY] Prevent XSS in EXT:form error message output
Resolves: #88629
Releases: master, 9.5, 8.7
Security-Commit: e94818bd7eaf2ac3ca720b140f3c499bba73a486
Security-Bullet...
Frank Nägler
10:51 Revision b1626ad8: [SECURITY] Avoid possible insecure deserialization in Extbase
Albeit requests to Extbase's property mapper won't be processed
in case the required cryptographic hash is not given ...
Oliver Hader
10:51 Revision e31241cb: [SECURITY] Avoid insecure deserialization in QueryGenerator & QueryView
Resolves: #89005
Releases: master, 9.5, 8.7
Security-Commit: b826a98a406ed56d525db6ffe97123d124504fd2
Security-Bullet...
Frank Nägler
10:51 Revision 25750b4d: [SECURITY] Prevent SQLi in ext:lowlevel QueryGenerator
Resolves: #89452
Releases: master, 9.5, 8.7
Security-Commit: bad3b5814be98538af28628fb131fec478820fb7
Security-Bullet...
Frank Nägler
10:50 Revision 037b6c27: [SECURITY] Avoid directory traversal on archive extraction
The Extension Manager and Language Pack Manager receive Zip archives as
input from foreign sources and extract them o...
Andreas Fernandez
10:50 Revision 96b122b7: [SECURITY] XSS in file list through file extension
FAL currently filters invalid characters from file names stored by its
API. However, this sanitization took no effect...
Andreas Fernandez
10:50 Revision a35c42e9: [SECURITY] Avoid XSS by correctly encoding typolink results
In order to avoid XSS through typolink, anchor text is encoded
correctly to be used in a HTML context. Fallback link ...
Oliver Hader
10:50 Revision 966a0038: [SECURITY] Prevent XSS in EXT:form error message output
Resolves: #88629
Releases: master, 9.5, 8.7
Security-Commit: 5256688f74c4ccb6aa354cfc18605a525dec63f3
Security-Bullet...
Frank Nägler
10:50 Revision 57e4ed35: [SECURITY] Avoid possible insecure deserialization in Extbase
Albeit requests to Extbase's property mapper won't be processed
in case the required cryptographic hash is not given ...
Oliver Hader
10:12 Revision d075cdea: [TASK] Streamline frontend user password recovery process
The ext:felogin recovery process is using a non-typesafe comparison
which might be exploited with a probability of 0....
Oliver Hader
10:12 Revision cff868c1: [TASK] Streamline frontend user password recovery process
The ext:felogin recovery process is using a non-typesafe comparison
which might be exploited with a probability of 0....
Oliver Hader
10:12 Revision d9fe9b20: [TASK] Streamline frontend user password recovery process
The ext:felogin recovery process is using a non-typesafe comparison
which might be exploited with a probability of 0....
Oliver Hader
10:12 Revision 24e9e17a: [TASK] Streamline frontend user password recovery process
The ext:felogin recovery process is using a non-typesafe comparison
which might be exploited with a probability of 0....
Oliver Hader
09:35 Revision 6ea5b19c: [BUGFIX] Don't import PHP class in ext_localconf.php
Resolves: #89970
Releases: master
Change-Id: I5b7e22c853993e7434c086c22a3898eefbe07899
Reviewed-on: https://review.ty...
Andreas Fernandez
09:34 Revision 8475eb6d: [BUGFIX] Don't import PHP class in ext_localconf.php
Resolves: #89970
Releases: master
Change-Id: I5b7e22c853993e7434c086c22a3898eefbe07899
Reviewed-on: https://review.ty...
Andreas Fernandez

2019-12-16

22:04 Revision ccd86d4d: [BUGFIX] Revert FolderCheck for clipboard actions
Due to a faulty query in #85425 it was no longer possible
to copy files at the clipboard multi-selection-mode.
This ...
Guido Schmechel
21:58 Revision cf94a93d: [TASK] Provide PHP 7.4 test run configuration
Resolves: #89668
Resolves: #89841
Releases: master, 9.5, 8.7
Change-Id: I098c573aaa13846f45c1f1904f46db5cdecf4db1
Rev...
Anja Leichsenring
21:10 Revision fef78597: [BUGFIX] Revert FolderCheck for clipboard actions
Due to a faulty query in #85425 it was no longer possible
to copy files at the clipboard multi-selection-mode.
This ...
Guido Schmechel
21:07 Revision e21404e8: [BUGFIX] Fix failing tests in 8.7 branch
minor package updates:
composer update mikey179/vfsStream 1.6.5 to 1.6.8
Releases: 8.7
Resolves: #89966
Change-Id: ...
Anja Leichsenring
19:07 Revision 77ca6dbe: [TASK] Streamline test names
Resolves: #89854
Releases: master, 9.5, 8.7
Change-Id: I07aaab48ae504ee2b9e0fa5e37b725c6bb873e67
Reviewed-on: https:/...
Oliver Hader
17:57 Revision 41d29e62: [BUGFIX] Avoid applying parameter inflation during route resolving
Remaining parameters need to be deflated (prepared and normalized to
strings and fitting into Symfony route length an...
Oliver Hader
16:04 Revision deb8db1e: [BUGFIX] Ensure correct return values in Workspace middleware
When setting config.disablePreviewNotification = 1 in workspaces
context, the preview middleware returns "null", alth...
Benni Mack
15:41 Revision aaca0b72: [BUGFIX] Ensure correct return values in Workspace middleware
When setting config.disablePreviewNotification = 1 in workspaces
context, the preview middleware returns "null", alth...
Benni Mack
14:25 Revision 8744e748: [TASK] Add more tests for TypoLink handling in fluid
Resolves: #89834
Releases: master, 9.5
Change-Id: I914c6e8a0739c4380be4fa1c1d165f3eb4f1aecd
Reviewed-on: https://revi...
Frank Nägler
14:25 Revision 8664c5ec: [BUGFIX] Name "default language" consistently
When working with the "pages.l18n_cfg" bitset flag, there is an
option "default translation", which commonly refers t...
Benni Mack
13:18 Revision 6753a7dd: [TASK] Simplify chunking of test-plan jobs
To make the code for splitting all test-jobs into stages of equal size
simpler and easier to maintain, a helper class...
Markus Klösges
13:03 Revision e66a22f9: [BUGFIX] Use correct Plan name and key
Resolves: #89962
Releases: 9.5
Change-Id: I22ea29f9c854f4bd199e688bb8a1ee657455162d
Reviewed-on: https://review.typo3...
Anja Leichsenring
12:58 Revision 3b7556a4: [TASK] Simplify chunking of test-plan jobs
To make the code for splitting all test-jobs into stages of equal size
simpler and easier to maintain, a helper class...
Markus Klösges
11:47 Revision 15904ee2: [TASK] Simplify chunking of test-plan jobs
To make the code for splitting all test-jobs into stages of equal size
simpler and easier to maintain, a helper class...
Markus Klösges
07:31 Revision 80125ffc: [BUGFIX] Fix return value in command site:list
Return 0 instead of null.
Resolves: #89936
Releases: master, 9.5
Change-Id: Ic3345975b60fca38537750c9617d68ba9d19cc3...
Georg Ringer
07:13 Revision 2805986e: [BUGFIX] Fix return value in command site:list
Return 0 instead of null.
Resolves: #89936
Releases: master, 9.5
Change-Id: Ic3345975b60fca38537750c9617d68ba9d19cc3...
Georg Ringer

2019-12-15

18:27 Revision 47b8da7a: [DOCS] Extend docs of DeleteUploads finisher
Releases: master, 9.5
Resolves: #89416
Change-Id: I4565d846bb86077c3e03534416f3047e2f7f0ce6
Reviewed-on: https://revi...
Jonas Schwabe
18:03 Revision 10ed9edb: [DOCS] Extend docs of DeleteUploads finisher
Releases: master, 9.5
Resolves: #89416
Change-Id: I4565d846bb86077c3e03534416f3047e2f7f0ce6
Reviewed-on: https://revi...
Jonas Schwabe
18:01 Revision 93e0168b: [BUGFIX] Always allow dividers in TCA auth mode check
This brings back the optgroups in the CType and list_type fields
for normal editors.
Additionally some tests for che...
Alexander Stehlik
17:17 Revision 59b0ac83: [BUGFIX] Always allow dividers in TCA auth mode check
This brings back the optgroups in the CType and list_type fields
for normal editors.
Additionally some tests for che...
Alexander Stehlik
17:07 Revision 7128b45f: [TASK] Rename method getName of TypoScriptConstants VH
The name "getName" will be reserved in Fluid 3.0 and is
ambiguous. This patch renames that method to become
"getField...
Claus Due
16:46 Revision 1fa19165: [BUGFIX] Convert URLs with ampersands in Linkvalidator
The linkref functions return the URLs as they are displayed in the
BE form. This will return '&' as '&amp;' HTML enti...
Sybille Peters
15:53 Revision 05f6e212: [TASK] Thin out SystemEnvironmentBuilder
This a pre-patch to clean up the functionality of the SystemEnvironmentBuilder,
which was originally introduced as pa...
Benni Mack
15:46 Revision 44df5456: [BUGFIX] Convert URLs with ampersands in Linkvalidator
The linkref functions return the URLs as they are displayed in the
BE form. This will return '&' as '&amp;' HTML enti...
Sybille Peters
15:37 Revision 6b85d728: [DOCS] Remove incorrect slash in extension paths
An incorrect slash has been removed in multiple extension
paths. The slash could lead to exceptions (e.g. within the
...
Ron Gebauer
15:34 Revision 53ee7312: [DOCS] Remove "Adding Your Own Content Elements"
Content has been migrated to "TYPO3 Explained"
Reduce the content to a stub and add link.
Resolves: #89949
Releases...
Sybille Peters
15:20 Revision 40d64179: [DOCS] Remove "Adding Your Own Content Elements"
Content has been migrated to "TYPO3 Explained"
Reduce the content to a stub and add link.
Resolves: #89949
Releases...
Sybille Peters
15:11 Revision a0101b08: [DOCS] Remove incorrect slash in extension paths
An incorrect slash has been removed in multiple extension
paths. The slash could lead to exceptions (e.g. within the
...
Ron Gebauer
14:55 Revision 4f2f7f58: [DOCS] Remove "Adding Your Own Content Elements"
Content has been migrated to "TYPO3 Explained"
Reduce the content to a stub and add link.
Resolves: #89949
Releases...
Sybille Peters
12:46 Revision 2ce9075d: [DOCS] Use correct data type for DependencyOrdering
As the new additional file processors registration
also uses the DependencyOrderingService the value
of `before` must...
pfuju
12:41 Revision 7db604dc: [TASK] Avoid controller methods on Fluid RenderingContext
The getter/setter methods related to controller name
and action name will be removed in Fluid 3.0.
An equally valid ...
Claus Due
12:20 Revision 969b012d: [DOCS] Adjust name for PageTitle API in documentation
The funtionality was named titleTag before. But the new API is
called PageTitle API.
Resolves: #89940
Releases: mast...
Stefan Neufeind
12:19 Revision 4107e879: [TASK] Move target to general tab for pages of type External URL
To increase usability for editors when using External URL links,
the "target" field is moved right below the "Target ...
Benni Mack
12:07 Revision fe8e7ce6: [DOCS] Adjust name for PageTitle API in documentation
The funtionality was named titleTag before. But the new API is
called PageTitle API.
Resolves: #89940
Releases: mast...
Stefan Neufeind

2019-12-14

14:46 Revision 004efbaa: [BUGFIX] Add VendorName to Fluid Ajax WidgetContext
As VendorName is required to execute Extbase calls,
we add VendorName in Fluid Ajax calls, too.
Resolves: #88149
Rel...
Stefan Froemken
14:22 Revision 60dcf280: [BUGFIX] Add VendorName to Fluid Ajax WidgetContext
As VendorName is required to execute Extbase calls,
we add VendorName in Fluid Ajax calls, too.
Resolves: #88149
Rel...
Stefan Froemken
13:53 Revision d4c190b9: [TASK] Mix test jobs in stages
In order to spread computing load more evenly trough the test plan,
stages receive a shuffled mix of all available jo...
Anja Leichsenring
13:52 Revision 2b7170e1: [TASK] Mix test jobs in stages
In order to spread computing load more evenly trough the test plan,
stages receive a shuffled mix of all available jo...
Anja Leichsenring
13:06 Revision 92ae88f4: [TASK] Restructure nightly plans in stages a 50 jobs
The rearranged stages structure will prevent the host
machines and also gerrit from being overwhelmed with a
high amo...
Anja Leichsenring
12:53 Revision cca278bf: [TASK] Mix test jobs in stages
In order to spread computing load more evenly trough the test plan,
stages receive a shuffled mix of all available jo...
Anja Leichsenring

2019-12-13

19:25 Revision 6b7c92dc: [BUGFIX] Name "default language" consistently
When working with the "pages.l18n_cfg" bitset flag, there is an
option "default translation", which commonly refers t...
Benni Mack
17:13 Revision d3af2afc: [TASK] Remove unused imports
Cleanup code by removing unused imports in various classes.
Also changes the corresponding ExtensionScanner tests be...
Oliver Bartsch
17:01 Revision a9936445: [TASK] Remove unused imports
Cleanup code by removing unused imports in various classes.
Also changes the corresponding ExtensionScanner tests be...
Oliver Bartsch
12:00 Revision bb11a3e0: [BUGFIX] Mark guzzlehttp/guzzle >= 6.5.0 as conflict
Due to the INTL/ICU bug, which we
have seen on various places, Guzzle, which
does not cover our edge cases yet, ran
i...
Benni Mack
12:00 Revision 4a8e8001: [BUGFIX] Mark guzzlehttp/guzzle >= 6.5.0 as conflict
Due to the INTL/ICU bug, which we
have seen on various places, Guzzle, which
does not cover our edge cases yet, ran
i...
Benni Mack
11:51 Revision 59d5159a: [BUGFIX] Mark guzzlehttp/guzzle >= 6.5.0 as conflict
Due to the INTL/ICU bug, which we
have seen on various places, Guzzle, which
does not cover our edge cases yet, ran
i...
Benni Mack
11:28 Revision 69d7ff8e: [BUGFIX] Apply thumbscrews to sqlserver
sqlserver is a special race that welcomes high memory servers as its
habitat. However, we are short on resources and ...
Andreas Fernandez
11:26 Revision dba630c4: [BUGFIX] Apply thumbscrews to sqlserver
sqlserver is a special race that welcomes high memory servers as its
habitat. However, we are short on resources and ...
Andreas Fernandez
11:25 Revision 0c252125: [BUGFIX] Apply thumbscrews to sqlserver
sqlserver is a special race that welcomes high memory servers as its
habitat. However, we are short on resources and ...
Andreas Fernandez

2019-12-12

20:27 Revision 3c98e6f7: [TASK] Use AJAX API in top toolbar items
The top toolbar items now use our AJAX API instead of $.ajax().
Resolves: #89897
Releases: master
Change-Id: I134ea9...
Andreas Fernandez
19:41 Revision 1dbc8be7: [BUGFIX] Fix typo in cHash option description
Resolves: #89925
Releases: master, 9.5, 8.7
Change-Id: I3449606aa143c23dd656dd566c87aec08ae19425
Reviewed-on: https:/...
Benni Mack
19:27 Revision cf4cfdc5: [TASK] Bump chosen-js to 1.8.7
Executed commands:
yarn add chosen-js@^1.8.7 --dev
grunt build
Resolves: #89884
Releases: master
Change-Id: I24...
Andreas Fernandez
10:44 Revision f1bd0864: [BUGFIX] Fix typo in cHash option description
Resolves: #89925
Releases: master, 9.5, 8.7
Change-Id: I3449606aa143c23dd656dd566c87aec08ae19425
Reviewed-on: https:/...
Benni Mack
10:38 Revision 89b35b58: [BUGFIX] Fix typo in cHash option description
Resolves: #89925
Releases: master, 9.5, 8.7
Change-Id: I3449606aa143c23dd656dd566c87aec08ae19425
Reviewed-on: https:/...
Benni Mack

2019-12-11

20:35 Revision 2e2083e7: [DOCS] Correct code-block directive
The code-block directive needs two colons to be rendered
correctly.
Resolves: #89922
Related: #89463
Releases: maste...
Chris Müller
13:51 Revision 639c7e0f: [FEATURE] Add PSR-14 event to control hreflang tags to be rendered
A PSR-14 event is introduced to make it possible to control the
hreflang tags that will be rendered.
Additionally th...
Richard Haeser
09:46 Revision ba5a1185: [BUGFIX] Supply origin to URL if domain is missing
The AJAX API fails to send a request if the API receives a non-absolute
URL like /typo3/index.php?foo=bar, since the ...
Andreas Fernandez
09:36 Revision 49ba9db6: [TASK] Remove ampersands from doc block params
As a prepatory work for a better static code analysis
all ampersands have been removed from doc block params.
The do...
Alexander Schnitzler
09:03 Revision 60b6f287: [BUGFIX] Fix indentation accordingly to CGL
An update of php cs fixer exposed some wrong intended lines.
These are now fixed with multiple php cs fixer runs.
Re...
Daniel Siepmann
05:38 Revision e4abb375: [TASK] Expose none existing user in forgot password dialog
Shows error flash message while
`exposeNonexistentUserInForgotPasswordDialog` is set to `1`
Resolves: #88111
Release...
Jan Stockfisch

2019-12-10

14:34 Revision 05b3fe1a: [TASK] Enable PHP 7.4 support for composer-based installations
Currently, TYPO3 Core (8.7 only) restricts PHP
versions to PHP 7.0-7.3.
In order to enable testing and projects runn...
Benni Mack
13:37 Revision 1e2bb954: [TASK] Update friendsofphp/php-cs-fixer to 2.16.1
Raising the version brings support for running the fixer with
PHP 7.4.
Used composer command:
composer require --dev...
Benni Mack
13:14 Revision b106b3da: [TASK] Exclude StringClassNameToClassConstantRector in rector.yml
As the StringClassNameToClassConstantRector would convert
string class names that are deliberately defined as string,...
Alexander Schnitzler
13:02 Revision 9915e7f0: [TASK] Update symfony components to LTS version for tarballs
In order to ship LTS packages of symfony (3.4.x) the composer
dependencies for our tarball releases are updated:
Use...
Benni Mack
12:50 Revision b45552ad: [BUGFIX] Use existing API instead of ContentObjectRenderer
This Patch allows the usage of an HMENU with special = directory and
the Fallback Type 'Free mode'
Resolves: #88344
...
Michael Binder
12:38 Revision d1871646: [BUGFIX] Raise platform settings for tarball distributions
In order to use the final LTS distributions from Symfony for
our latest stable, we need to set proper platform requir...
Benni Mack
12:37 Revision c45986e5: [BUGFIX] Raise platform settings for tarball distributions
In order to use the final LTS distributions from Symfony for
our latest stable, we need to set proper platform requir...
Benni Mack
12:29 Revision 3b44118e: [BUGFIX] Remove leading slash from backendLogo path
As the extension configuration field `backendLogo` isn't resolved
by `TYPO3\CMS\Backend\Controller\LoginController::g...
Oliver Bartsch
12:16 Revision 7999caed: [BUGFIX] Remove leading slash from backendLogo path
As the extension configuration field `backendLogo` isn't resolved
by `TYPO3\CMS\Backend\Controller\LoginController::g...
Oliver Bartsch
12:04 Revision 6640925e: [BUGFIX] Disable lockIP by default
IPLock breaks modern IPv6 setups because of the Fast fallback
aka. Happy Eyeballs algorithm that can cause users to j...
Rasmus Larsen
12:00 Revision 47e63fc3: [BUGFIX] Use existing API instead of ContentObjectRenderer
This Patch allows the usage of an HMENU with special = directory and
the Fallback Type 'Free mode'
Resolves: #88344
...
Michael Binder
11:47 Revision 33471eff: [BUGFIX] Raise platform settings for tarball distributions
In order to use the final LTS distributions from Symfony for
our latest stable, we need to set proper platform requir...
Benni Mack
10:50 Revision 5232d328: [TASK] Replace usage of legacy PageRepository class
In two places, TYPO3\CMS\Frontend\Page\PageRepository had been
used instead of TYPO3\CMS\Core\Domain\Repository\PageR...
Alexander Schnitzler
09:55 Revision 09302e9f: [TASK] Allow rector to process tests
In order to let rector process tests, the autoloading
of all processed classes needs to be intact.
In TYPO3 there we...
Alexander Schnitzler
 

Also available in: Atom