Mirrors/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2026-01-23 02:35:23 +00:00
Code Issues Projects Releases Wiki Activity
4406 commits 9 branches 40 tags 33 MiB
Commit graph

4406 commits

This branch
This branch
All branches
Author SHA1 Message Date
El RIDO
3146d41609
apply StyleCI recommendation 2025-11-20 08:28:50 +01:00
El RIDO
b4db5f8e57
apply null coalescing operator, strict equality, avoid aliases, prefer empty 2025-11-20 08:19:14 +01:00
El RIDO
fc4a92e6a4
apply Scrutinizer fix 2025-11-19 19:40:05 +01:00
El RIDO
9c5ba6ffc3
apply StyleCI recommendation 2025-11-19 19:26:00 +01:00
El RIDO
69e5fc1b05
apply null coalescing operator 2025-11-19 19:24:17 +01:00
El RIDO
c8643f187e
apply null coalescing operator 
Co-authored-by: Mikhail Romanov <42250412+Ribas160@users.noreply.github.com>
 2025-11-19 18:45:35 +01:00
El RIDO
0e2055d54a
remove unnecessary variable 2025-11-19 11:15:28 +01:00
El RIDO
3caf3214f1
apply StyleCI recommendation 2025-11-19 10:02:15 +01:00
El RIDO
528f2f7221
fix PHP 7.4 compatibility 2025-11-19 09:59:54 +01:00
El RIDO
baa79e12e8
apply StyleCI recommendation 2025-11-19 09:57:08 +01:00
El RIDO
3a23117ebf
Refactored translation of exception messages 2025-11-19 09:36:40 +01:00
El RIDO
3e6f1733f9
refactored exceptions in controller 
- added missing exception doc blocks
- introduced exception type that translates message during construction
- catch explicit exception types where possible
 2025-11-19 09:36:39 +01:00
El RIDO
fdd2c67b49
Merge pull request #1717 from PrivateBin/changelog-layout-cleanup 
document changes & unify layout
 2025-11-18 06:46:35 +01:00
El RIDO
a051c4bd6b
Merge pull request #1718 from PrivateBin/double-translation 
refactor JSON response processing
 2025-11-17 09:16:14 +01:00
El RIDO
17c9a4dce5
Merge pull request #1719 from PrivateBin/dependabot/npm_and_yarn/js/js-yaml-4.1.1 
Bump js-yaml from 4.1.0 to 4.1.1 in /js
 2025-11-15 12:02:47 +01:00
dependabot[bot]
f4f655966c
Bump js-yaml from 4.1.0 to 4.1.1 in /js 
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.0 to 4.1.1.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 4.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-15 10:37:12 +00:00
El RIDO
e26bcfa733
apply StyleCI recommendation 2025-11-14 10:21:57 +01:00
El RIDO
d78c33438d
refactor JSON response processing 
- avoid translating JSON error messages twice
- separation of concerns, JSON response preparation should not mix handling errors and results, provide two functions instead of one
- callers of JSON error method are responsible for translation of errors
 2025-11-14 10:04:41 +01:00
El RIDO
318a37d352
document changes 
- forward ported 1.7.9 release changes
- linked all vulnerability reports
- unified heading formats (dropped colons)
 2025-11-13 15:38:22 +01:00
rugk
9b3647141d
Merge pull request #1713 from PrivateBin/changelog/cve-update 
Syncronize changelog with GitHub release doc (for CVE IDs)
 2025-11-13 15:06:19 +01:00
rugk
4cdc6871e7
docs: use CVE website link 
Co-authored-by: El RIDO <elrido@gmx.net>
 2025-11-13 10:35:49 +01:00
rugk
14ffbc68e2
Merge pull request #1698 from PrivateBin/ai/addCopilotInstructions 
Add GitHub Copilot instructions
 2025-11-13 09:36:15 +01:00
rugk
3ede063e0a
Syncronize changelog with GitHub release doc (for CVE IDs) 
Aka adding the CVE ID's. BTW GitHub will make the CVEs clickable automatically when published. As for the GitHub's own ID well yeah… I just kept it synchronous now. (Maybe it's not _that_ relevant to mention all that IDs.)
 2025-11-12 20:42:05 +01:00
rugk
f4216b34df
Apply suggestions from code review 
Co-authored-by: El RIDO <elrido@gmx.net>
 2025-11-12 19:36:05 +01:00
rugk
10be6c25bf
Merge pull request #1709 from PrivateBin/devcontainer/composer 
Install PHP/composer unit testing dependencies globally for DevContainer
 2025-11-12 15:37:38 +01:00
El RIDO
d32ac29925
chore: prepare for next release 2025-11-12 08:51:05 +01:00
El RIDO
19ca6d3dab
incrementing version 2025-11-12 08:00:50 +01:00
El RIDO
f48544978b
apply StyleCI suggestion 2025-11-12 07:57:30 +01:00
El RIDO
4434dbf73a
Merge commit from fork 
Fix arbitrary PHP file inclusion when enabling template switching
 2025-11-12 07:54:10 +01:00
El RIDO
bddfb173da
Merge branch 'master' into advisory-fix-1 2025-11-12 07:47:43 +01:00
El RIDO
f9550e5133
Merge commit from fork 
Insert drag and drop file names as a text, not html
 2025-11-12 07:46:35 +01:00
El RIDO
5b85d63942
Merge branch 'master' into advisory-fix-1 2025-11-12 07:18:43 +01:00
El RIDO
e427458cd0 Merge branch 'master' into advisory-fix-1 2025-11-11 22:00:09 +01:00
rugk
f9630e7e6c
Add PHP composer global installation for DevContainer 
Updated composer commands to require google/cloud-storage globally and optimized autoloader during update.

This helps with https://github.com/PrivateBin/PrivateBin/issues/1641 (but technically not solve it).
 2025-11-11 20:02:36 +01:00
rugk
42df559d3c
docs: update how to open 
Co-authored-by: El RIDO <elrido@gmx.net>
 2025-11-11 19:52:12 +01:00
Mikhail Romanov
1fbaba732e
Merge pull request #1702 from PrivateBin/create_cloned_paste_error 
fix: error fetching attachments from blob
 2025-11-11 20:15:00 +02:00
Ribas160
08b3244314
privatebin.js SRI and CHANGELOG.md updated 2025-11-11 20:13:10 +02:00
Mikhail Romanov
ff5aee85b4
Insert file names as break-separated text nodes 
Co-authored-by: El RIDO <elrido@gmx.net>
 2025-11-11 20:05:32 +02:00
El RIDO
2e11b13464
remove dead code 2025-11-11 17:56:49 +01:00
El RIDO
c35fc4f790
use more straight forward in_array check 
kudos @Ribas160 for the suggestion
 2025-11-11 17:53:50 +01:00
El RIDO
f456fb576e
ensure template cookie cannot be a path 2025-11-11 17:52:48 +01:00
Ribas160
9c71fbcc70
Use pure JavaScript to create a div element 2025-11-11 17:45:27 +02:00
El RIDO
a371f5cab5
remove dead code 2025-11-11 12:49:37 +01:00
El RIDO
51bb637411
document the change 2025-11-11 11:00:19 +01:00
El RIDO
94a854faca
do add the configured template to the available ones, if missing 2025-11-11 10:59:55 +01:00
El RIDO
ea73300e15
don't always set the cookie, having to unset it later 
but still unset it, if it currently should not be in use (templateselection = false)
 2025-11-11 09:45:51 +01:00
El RIDO
be6a3702fc
simplify logic and improve readability 
function was only used in one place and only indirectly tested, so it could be inlined, which also makes the test for null and the extra variable allocation unnecessary
 2025-11-11 09:43:41 +01:00
El RIDO
f2164353c3
use realpath and validate tpl directory contents 
to ensure only php files inside the tpl dir can get used as templates
 2025-11-11 09:34:54 +01:00
El RIDO
dae5f7fd61
partially revert #1559 
Instead of automatically adding custom templates, we log an error if
that template is missing in the available templates. Still mitigates
arbitrary file inclusion, as the string is now checked against a fixed
allow list.
 2025-11-10 17:31:35 +01:00
Ribas160
14b68af528
Insert drag and drop file names as a text, not html 2025-11-10 17:59:18 +02:00