tedkulp/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2026-03-05 13:30:32 -05:00
Code Issues Packages Projects Releases Wiki Activity
4,511 Commits 11 Branches 40 Tags
7ed7cdd0e84c98fc6ec62150395cb9c417a3708d
Commit Graph

4511 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
El RIDO
ea73300e15 don't always set the cookie, having to unset it later 
but still unset it, if it currently should not be in use (templateselection = false)
 2025-11-11 09:45:51 +01:00
El RIDO
be6a3702fc simplify logic and improve readability 
function was only used in one place and only indirectly tested, so it could be inlined, which also makes the test for null and the extra variable allocation unnecessary
 2025-11-11 09:43:41 +01:00
El RIDO
f2164353c3 use realpath and validate tpl directory contents 
to ensure only php files inside the tpl dir can get used as templates
 2025-11-11 09:34:54 +01:00
El RIDO
dae5f7fd61 partially revert #1559 
Instead of automatically adding custom templates, we log an error if
that template is missing in the available templates. Still mitigates
arbitrary file inclusion, as the string is now checked against a fixed
allow list.
 2025-11-10 17:31:35 +01:00
Ribas160
14b68af528 Insert drag and drop file names as a text, not html 2025-11-10 17:59:18 +02:00
El RIDO
a479d75405 belt and braces: reset the template cookie, if function is not enabled 2025-11-10 12:25:19 +01:00
El RIDO
17ff44037a prevent use of paths in template names, only file names inside tpl directory are allowed 2025-11-10 12:23:50 +01:00
El RIDO
13949349af improve readability of logic 2025-11-10 12:22:29 +01:00
El RIDO
5f6c2beb3b Unit test on escaping the template directory 2025-11-10 12:00:29 +01:00
El RIDO
591d2d40e1 Merge pull request #1708 from calvinbui/patch-1 
Fix typo in Shlink config docs
 2025-11-09 07:46:23 +01:00
Calvin Bui
ec178e0c38 Fix typo in Shlink config docs 2025-11-09 10:00:48 +11:00
PrivateBin Translator Bot
697753ab91 New Crowdin updates (#1706) 
* New translations en.json (Lithuanian)
 2025-11-08 06:00:28 +01:00
Ribas160
a7b253a43a fix: error fetching attachments from blob 2025-11-05 17:33:08 +02:00
El RIDO
5e10469ffc Merge pull request #1700 from HariZalanPrivateBin/master 
Update hu.json
 2025-11-05 07:45:54 +01:00
HariZalanPrivateBin
feeac849c4 Update hu.json 
My own translations currently used at privbin.harizalan.hu, enhanced at various points
 2025-11-05 06:29:42 +01:00
rugk
4f64ad3b12 docs: remove wrong public dir advise 
Co-authored-by: El RIDO <elrido@gmx.net>
 2025-11-02 17:49:26 +01:00
rugk
46599af4f0 Add note about jQuery dropping 
Co-authored-by: El RIDO <elrido@gmx.net>
 2025-11-02 17:47:12 +01:00
El RIDO
0dd275db5c Merge pull request #1699 from PrivateBin/crowdin-translation 
New Crowdin updates
 2025-11-02 08:09:09 +01:00
PrivateBin Translator Bot
cadfe65bfa New translations en.json (Finnish) 2025-11-01 12:52:40 +01:00
rugk
baa0117028 wipfix: apply doc fixes from contributors 2025-10-30 15:11:16 +00:00
rugk
55fcca0f8d Add information about Composer dir 2025-10-30 13:21:59 +01:00
rugk
207c79057b Add GitHub Copilot instructions 
As per discussion in https://github.com/orgs/PrivateBin/discussions/1696 here are some instructions generated by Copilot itself.

I used this prompt (in chat not agent mode, but well... should be enough) as suggested by GitHub: https://docs.github.com/copilot/how-tos/configure-custom-instructions/add-repository-instructions#anweisen-von-copilot-programmier-agent-zum-generieren-einer-copilot-instructionsmd-datei

Also added the feedback from the discussion.
 2025-10-30 13:18:30 +01:00
El RIDO
9d7508f44f chore: prepare for next release 2025-10-28 16:54:42 +01:00
El RIDO
5018c963f9 chore: prepare for next release 2025-10-28 16:53:07 +01:00
El RIDO
a91d0afebd ensure there is still a space between commenter icon and name 2.0.2 2025-10-28 16:35:58 +01:00
El RIDO
2f70456e9a incrementing version 2025-10-28 16:08:13 +01:00
El RIDO
392e160006 Merge pull request #1688 from PrivateBin/purify-3.3.0 
update DOMpurify library from 3.2.7 to 3.3.0
 2025-10-28 11:44:34 +01:00
El RIDO
8293d1fb5d apply ESLint recommendation 2025-10-28 11:33:47 +01:00
El RIDO
43cf8b53ac Merge branch 'master' into purify-3.3.0 2025-10-28 11:27:17 +01:00
El RIDO
2d8af1f31e Merge commit from fork 
Sanitize file name in attachment file size hints
 2025-10-28 11:24:11 +01:00
El RIDO
0a6e7ef4f7 Merge pull request #1692 from PrivateBin/dependabot/github_actions/actions/upload-artifact-5 
Bump actions/upload-artifact from 4 to 5
 2025-10-27 13:38:15 +01:00
dependabot[bot]
8526816468 Bump actions/upload-artifact from 4 to 5 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 5.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-27 12:00:40 +00:00
El RIDO
85ae5cf676 Merge pull request #1691 from PrivateBin/crowdin-translation 
New Crowdin updates
 2025-10-26 18:31:34 +01:00
El RIDO
d27d63584f Merge branch 'master' into crowdin-translation 2025-10-26 18:26:06 +01:00
PrivateBin Translator Bot
99e0d5ca4e New translations en.json (Ukrainian) 2025-10-26 15:38:32 +01:00
PrivateBin Translator Bot
5a3125ff19 New translations en.json (Chinese Simplified) 2025-10-26 14:31:47 +01:00
El RIDO
ca10d47da0 Merge pull request #1690 from nykula/master 
Update Ukrainian translation
 2025-10-26 14:28:01 +01:00
Denys Nykula
3522ec07ce Update Ukrainian translation 2025-10-26 11:45:10 +02:00
El RIDO
c4f8482b30 Refactored jQuery DOM element creation 
using plain JavaScript, to ensure text nodes are sanitized
 2025-10-25 12:56:55 +02:00
El RIDO
fd2c2ae0c5 update DOMpurify library from 3.2.7 to 3.3.0 2025-10-25 10:52:40 +02:00
El RIDO
ca70c7555d Add tests of malicious file names 2025-10-24 15:00:56 +02:00
El RIDO
5c5fe333a0 Merge pull request #1679 from PrivateBin/opcache 
Make OPcache optional
 2025-10-22 06:50:38 +02:00
El RIDO
8c21a2275a Merge pull request #1684 from PrivateBin/doc-patch-readme 
Fix links in doc/README.md
 2025-10-22 06:49:46 +02:00
rugk
ca1f0d092e Fix links in doc/README.md 
* Fixing the last link, which was totally broken
* Updated links in README to use relative paths.
 2025-10-21 22:46:54 +02:00
El RIDO
508904dfac Merge pull request #1681 from PrivateBin/dependabot/github_actions/actions/setup-node-6 
Bump actions/setup-node from 5 to 6
 2025-10-14 13:33:17 +02:00
dependabot[bot]
3b45d8fa79 Bump actions/setup-node from 5 to 6 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 5 to 6.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-14 11:05:10 +00:00
El RIDO
b7286cf99a fix bootstrap template password peek display 2025-10-13 18:51:15 +02:00
El RIDO
0bfa300c59 apply StyleCI recommendation 2025-10-12 18:40:48 +02:00
El RIDO
d76796adf3 deduplicate logic 2025-10-12 18:39:36 +02:00
El RIDO
60bab2badb make OPcache optional, resolves #1678 2025-10-12 18:19:46 +02:00