summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-04-27Add HTML tag in email notificationsFrédéric Guillot
2019-04-27Add Auto-Submitted E-mail header as per RFC 8384Frédéric Guillot
2019-04-08Update da_DK translationOle Carlsen
2019-04-05Update ChangeLogFrédéric Guillot
2019-04-05Add missing template and translationsFrédéric Guillot
2019-04-01Update pt-BR translationrafacamargo123
2019-03-25Update Hungarian translationBalázs Úr
2019-03-13it_IT translation updateMarco Segato
2019-03-11Fix wrong Japanese translationKiyohito AOKI
2019-03-10Add Slovak translationSlavko
2019-03-07Changes search by reference to case insentiverafacamargo123
Search was being performed case sensitive, changed to case insensitive
2019-03-07Update translations.phpKiyohito AOKI
2019-02-28Fix postgres schema usagetrendspotter
2019-02-27Simplify local Docker image buildFrédéric Guillot
2019-02-25Docker: Forbid access to the data directoryFUJII Ryota
2019-02-25Clarify the comment about MAIL_SMTP_ENCRYPTIONFUJII Ryota
2019-02-21Update GitHub issue templateFrédéric Guillot
2019-02-21Remove dependency on bowerFrédéric Guillot
2019-02-19Update da_DK translationsOle Carlsen
2019-02-19Always display task accordion elementsFrédéric Guillot
2019-02-19Replace accordion Javascript component by <details> HTML elementFrédéric Guillot
2019-02-17Complete Japanese translationKiyohito AOKI
2019-02-15Fix MySQL migration when using increment values different from 1Psy-Q
Fixes #4137
2019-02-13Update Japanese translationKiyohito AOKI
2019-02-13Add missing webhook event: task.move.projectFrédéric Guillot
Fixes #3969
2019-02-08Add new actions to reorder tasks by columnFrédéric Guillot
2019-02-02Update ChangeLogFrédéric Guillot
2019-02-01Authorize only API tokens when 2FA is enabledFrédéric Guillot
2019-02-01Limit avatar image sizeFrédéric Guillot
fixes #4041
2019-02-01Update license yearFrédéric Guillot
2019-02-01Update Docker image to Alpine 3.9Frédéric Guillot
2019-01-31Avoid CSRF in users CSV importFrédéric Guillot
2019-01-30Update unit testsFrédéric Guillot
2019-01-30Avoid XSS in pagination orderingFrédéric Guillot
2019-01-30Disable by default plugin installerFrédéric Guillot
- There is no code review or any approval process to submit a plugin. - Anyone can submit a backdoor as plugin. - This is up to the Kanboard instance owner to validate if a plugin is legit.
2019-01-30Do not show projects dropdown when prompting the 2FA codeFrédéric Guillot
2019-01-30Always returns a 404 otherwise people might guess which user existFrédéric Guillot
2019-01-30Check if user role has changed while the session is openFrédéric Guillot
2019-01-30Add missing CSRF check in TwoFactorController::deactivate()Frédéric Guillot
2019-01-28Fix pt_br translation typorafacamargo123
2019-01-19Fix PHP error in task views (tag colors)Cyboulette
2019-01-11Hide edit button when user cannot edit taskRafael de Camargo
Check for custom roles to show edit button Fixes #4123
2019-01-10Fix permission check before "Assign to me"Rafael de Camargo
Users who should not be able to change assignee cannot "assign to me" Fixes #4121
2019-01-08Fix permission check to show project optionsrafacamargo123
Fixes #4105
2019-01-05Fix assignable users on a group with a custom rolerafacamargo123
Groups custom roles are now handled the same ways users custom roles are.
2018-12-27Fix import of automatic actions when parameters are "unassigned" or "no ↵rafacamargo123
category"
2018-12-26Update pt_BR translationsrafacamargo123
2018-12-26Update da_DK translationsOle Carlsen
2018-12-26Update Chinese translationsrenothing
2018-12-20Limit assignee drop-down selector scopeMiodrag Tokić
On the task details page "Add a sub-task" pop-up modal contains drop-down (the SELECT HTML element) with "form-user_id" as the `name` and the `id` attribute value. This element is in conflict with another, hidden INPUT element with the same `name` and the `id` value. This causes an issue where clicking the "Me" (Assignee) link / shortcut (A) element doesn't select your name in the Assignee SELECT element. Avoiding conflict by changing the SELECT element `id` value is not possible as the SELECT element is generated using `FormHelper::select()` function which uses the same value for attribute `name` and `id`. Given the assignee shortcut feature is used only in two places: edit task and edit sub-task dialog, the simplest solution is to select the closest SELECT element to the link / shortcut (A) element or limit the scope to the currently opened dialog. This fix uses the latter approach by limiting the scope of targeted selector.