dependabot[bot]
7ae218f558
Bump react-router-dom from 6.4.5 to 6.7.0 in /Plan/react/dashboard ( #2836 )
...
Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom ) from 6.4.5 to 6.7.0.
- [Release notes](https://github.com/remix-run/react-router/releases )
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md )
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.7.0/packages/react-router-dom )
---
updated-dependencies:
- dependency-name: react-router-dom
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:42:57 +02:00
dependabot[bot]
5f66370ec9
Bump io.swagger.core.v3.swagger-gradle-plugin in /Plan ( #2824 )
...
Bumps io.swagger.core.v3.swagger-gradle-plugin from 2.2.7 to 2.2.8.
---
updated-dependencies:
- dependency-name: io.swagger.core.v3.swagger-gradle-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:31:21 +02:00
dependabot[bot]
468aada307
Bump swaggerVersion from 2.2.7 to 2.2.8 in /Plan ( #2826 )
...
Bumps `swaggerVersion` from 2.2.7 to 2.2.8.
Updates `swagger-core-jakarta` from 2.2.7 to 2.2.8
Updates `swagger-jaxrs2-jakarta` from 2.2.7 to 2.2.8
---
updated-dependencies:
- dependency-name: io.swagger.core.v3:swagger-core-jakarta
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: io.swagger.core.v3:swagger-jaxrs2-jakarta
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:31:07 +02:00
dependabot[bot]
446a4c1cb3
Bump mockitoVersion from 4.11.0 to 5.0.0 in /Plan ( #2835 )
...
Bumps `mockitoVersion` from 4.11.0 to 5.0.0.
Updates `mockito-core` from 4.11.0 to 5.0.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.0.0 )
Updates `mockito-junit-jupiter` from 4.11.0 to 5.0.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.0.0 )
---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
dependency-type: direct:production
update-type: version-update:semver-major
- dependency-name: org.mockito:mockito-junit-jupiter
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:27:48 +02:00
dependabot[bot]
1c1aa08948
Bump mysql-connector-java from 8.0.31 to 8.0.32 in /Plan ( #2834 )
...
Bumps mysql-connector-java from 8.0.31 to 8.0.32.
---
updated-dependencies:
- dependency-name: mysql:mysql-connector-java
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:16:02 +02:00
dependabot[bot]
7a44a91546
Bump axios from 1.2.2 to 1.2.3 in /Plan/react/dashboard ( #2837 )
...
Bumps [axios](https://github.com/axios/axios ) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/1.2.2...v1.2.3 )
---
updated-dependencies:
- dependency-name: axios
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:15:43 +02:00
Aurora Lahtela
1f1a8e0de2
Unregister placeholder extension when Plan disables
...
Affects issues:
- Fixed #2833
2023-01-17 17:52:12 +02:00
AuroraLS3
75e9057919
Update versions.txt 5.5 build 2172 - CRITICAL security vulnerability fix
2023-01-15 08:43:42 +00:00
Aurora Lahtela
9e11d9f484
Removed untrusted data from exception messages in case they end up on the webpage
2023-01-15 10:04:10 +02:00
Aurora Lahtela
f20a04809c
Test against and identify path traversal vulnerability in other methods
2023-01-15 09:30:30 +02:00
Aurora Lahtela
b0a1bc1fb1
Prevent malicious join address packet from breaking session serialization
2023-01-15 09:01:28 +02:00
Aurora Lahtela
38785a9505
Added Untrusted-annotation to be more careful around user given data
...
- Fixed SQL-injection vulnerability in an endpoint
- Fixed XSS on Whitelist deny 403 page
- Fixed XSS on Internal Error 500 page if untrusted data ends up in exception message
2023-01-14 23:25:35 +02:00
Aurora Lahtela
82274ae658
Fix issue due to 'None' translation in FI language
2023-01-14 12:12:45 +02:00
Aurora Lahtela
bd85f10c55
Fix customized resource lookup Path Traversal vulnerability
...
Affects issues:
- Fixed #2830
2023-01-13 23:23:12 +02:00
Aurora Lahtela
205692af65
Updated Finnish Locale
2023-01-08 14:47:25 +02:00
Aurora Lahtela
4580666426
Update locale files with new language
2023-01-08 14:09:45 +02:00
AuroraLS3
c8e720cd24
Update versions.txt 5.5 build 2163
2023-01-07 10:09:22 +00:00
Aurora Lahtela
5ba6e0dc9f
Fix concurrency issues with json cache and database
2023-01-07 11:45:58 +02:00
Aurora Lahtela
9622f6a614
Disable BadAFKThresholdValuePatch
2023-01-06 23:06:17 +02:00
Aurora Lahtela
97b9a18cea
Catch session deserialization errors during enable
2023-01-06 19:40:04 +02:00
dependabot[bot]
85b4a51515
Bump json5 from 1.0.1 to 1.0.2 in /Plan/react/dashboard ( #2817 )
...
Bumps [json5](https://github.com/json5/json5 ) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/json5/json5/releases )
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md )
- [Commits](https://github.com/json5/json5/compare/v1.0.1...v1.0.2 )
---
updated-dependencies:
- dependency-name: json5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-06 15:24:46 +02:00
Aurora Lahtela
e660655136
Disable ReverseProxyRegressionTest
2023-01-06 14:41:50 +02:00
Aurora Lahtela
aa897fe8de
Implemented support for reverse-proxy subdirectory addresses
...
Reverse proxied version of React website now works
when subdirectory address is used (eg. /plan/...)
The functionality was unit tested to ensure things work
2023-01-06 14:24:18 +02:00
Aurora Lahtela
5082f80030
Implemented support for subdirectory addresses
...
Export of React version of frontend now supports exporting to a subdirectory
So now you can access exported site at /plan/... if it is hosted there.
This might impact reverse proxy setups positively, but that has not yet been tested.
The hypothetical positive impact is the inclusion of subdirectory in the React-router
configuration, since now it can handle the reverse-proxy subdirectory in URL.
2023-01-06 12:12:45 +02:00
dependabot[bot]
ac2fa2ecce
Bump i18next from 22.4.6 to 22.4.8 in /Plan/react/dashboard ( #2816 )
...
Bumps [i18next](https://github.com/i18next/i18next ) from 22.4.6 to 22.4.8.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v22.4.6...v22.4.8 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-06 09:13:24 +02:00
dependabot[bot]
86285b2915
Bump mockitoVersion from 4.10.0 to 4.11.0 in /Plan ( #2808 )
...
Bumps `mockitoVersion` from 4.10.0 to 4.11.0.
Updates `mockito-core` from 4.10.0 to 4.11.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v4.10.0...v4.11.0 )
Updates `mockito-junit-jupiter` from 4.10.0 to 4.11.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v4.10.0...v4.11.0 )
---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
dependency-type: direct:production
update-type: version-update:semver-minor
- dependency-name: org.mockito:mockito-junit-jupiter
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 11:36:32 +02:00
dependabot[bot]
0d89122988
Bump sass from 1.56.2 to 1.57.1 in /Plan/react/dashboard ( #2800 )
...
Bumps [sass](https://github.com/sass/dart-sass ) from 1.56.2 to 1.57.1.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.56.2...1.57.1 )
---
updated-dependencies:
- dependency-name: sass
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 11:36:14 +02:00
dependabot[bot]
b9432673c6
Bump axios from 1.2.1 to 1.2.2 in /Plan/react/dashboard ( #2809 )
...
Bumps [axios](https://github.com/axios/axios ) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/v1.2.1...1.2.2 )
---
updated-dependencies:
- dependency-name: axios
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 11:35:53 +02:00
dependabot[bot]
d941e7f858
Bump com.github.node-gradle.node from 3.5.0 to 3.5.1 in /Plan ( #2811 )
...
Bumps com.github.node-gradle.node from 3.5.0 to 3.5.1.
---
updated-dependencies:
- dependency-name: com.github.node-gradle.node
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 11:35:34 +02:00
AuroraLS3
c1084364fb
Update versions.txt 5.5 build 2150 - Hotfix
2022-12-30 11:58:24 +00:00
AuroraLS3
8e88b3a9a6
Make undefined join address id guesstimate based on existing data
2022-12-30 13:26:53 +02:00
AuroraLS3
a8dbc3288e
Fix checkstyle
2022-12-29 21:06:52 +02:00
AuroraLS3
bf63b29f72
Set bad join address ids as unknown
2022-12-29 20:54:23 +02:00
AuroraLS3
d0030fc6e3
Fix BadJoinAddressDataCorrectionPatch
2022-12-29 20:31:23 +02:00
Aurora Lahtela
6e8dc2215e
Remove build 2124 from version notifications
2022-12-28 10:56:32 +02:00
AuroraLS3
20bac03831
Update versions.txt 5.5 build 2144
2022-12-20 17:45:36 +00:00
Aurora Lahtela
626d63a87d
Optimized BadJoinAddressDataCorrectionPatch using INSTR
2022-12-20 19:32:09 +02:00
dependabot[bot]
0eb5e5e7eb
Bump i18next-http-backend from 2.0.2 to 2.1.1 in /Plan/react/dashboard ( #2795 )
...
Bumps [i18next-http-backend](https://github.com/i18next/i18next-http-backend ) from 2.0.2 to 2.1.1.
- [Release notes](https://github.com/i18next/i18next-http-backend/releases )
- [Commits](https://github.com/i18next/i18next-http-backend/compare/v2.0.2...v2.1.1 )
---
updated-dependencies:
- dependency-name: i18next-http-backend
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 18:09:09 +02:00
dependabot[bot]
6a95b38355
Bump i18next from 22.1.4 to 22.4.6 in /Plan/react/dashboard ( #2796 )
...
Bumps [i18next](https://github.com/i18next/i18next ) from 22.1.4 to 22.4.6.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v22.1.4...v22.4.6 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 18:08:59 +02:00
dependabot[bot]
32b1548326
Bump selenium-java from 4.7.1 to 4.7.2 in /Plan ( #2794 )
...
Bumps [selenium-java](https://github.com/SeleniumHQ/selenium ) from 4.7.1 to 4.7.2.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases )
- [Commits](https://github.com/SeleniumHQ/selenium/commits )
---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 18:00:22 +02:00
dependabot[bot]
67504d03ea
Bump slf4jVersion from 2.0.5 to 2.0.6 in /Plan ( #2786 )
...
Bumps `slf4jVersion` from 2.0.5 to 2.0.6.
Updates `slf4j-nop` from 2.0.5 to 2.0.6
- [Release notes](https://github.com/qos-ch/slf4j/releases )
- [Commits](https://github.com/qos-ch/slf4j/compare/v_2.0.5...v_2.0.6 )
Updates `slf4j-api` from 2.0.5 to 2.0.6
- [Release notes](https://github.com/qos-ch/slf4j/releases )
- [Commits](https://github.com/qos-ch/slf4j/compare/v_2.0.5...v_2.0.6 )
---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-nop
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.slf4j:slf4j-api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 17:48:01 +02:00
dependabot[bot]
e8dc82b9f6
Bump i18next-localstorage-backend in /Plan/react/dashboard ( #2790 )
...
Bumps [i18next-localstorage-backend](https://github.com/i18next/i18next-localStorage-backend ) from 4.0.1 to 4.1.0.
- [Release notes](https://github.com/i18next/i18next-localStorage-backend/releases )
- [Changelog](https://github.com/i18next/i18next-localstorage-backend/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next-localStorage-backend/compare/v4.0.1...v4.1.0 )
---
updated-dependencies:
- dependency-name: i18next-localstorage-backend
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 17:47:27 +02:00
dependabot[bot]
ad48e86725
Bump i18next-chained-backend in /Plan/react/dashboard ( #2789 )
...
Bumps [i18next-chained-backend](https://github.com/i18next/i18next-chained-backend ) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/i18next/i18next-chained-backend/releases )
- [Changelog](https://github.com/i18next/i18next-chained-backend/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next-chained-backend/compare/v4.1.0...v4.2.0 )
---
updated-dependencies:
- dependency-name: i18next-chained-backend
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 17:47:02 +02:00
dependabot[bot]
c8f538d450
Bump mockitoVersion from 4.9.0 to 4.10.0 in /Plan ( #2793 )
...
Bumps `mockitoVersion` from 4.9.0 to 4.10.0.
Updates `mockito-core` from 4.9.0 to 4.10.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v4.9.0...v4.10.0 )
Updates `mockito-junit-jupiter` from 4.9.0 to 4.10.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v4.9.0...v4.10.0 )
---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
dependency-type: direct:production
update-type: version-update:semver-minor
- dependency-name: org.mockito:mockito-junit-jupiter
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-19 18:58:15 +02:00
dependabot[bot]
125f13ea4f
Bump jettyVersion from 11.0.12 to 11.0.13 in /Plan ( #2792 )
...
Bumps `jettyVersion` from 11.0.12 to 11.0.13.
Updates `jetty-server` from 11.0.12 to 11.0.13
- [Release notes](https://github.com/eclipse/jetty.project/releases )
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-11.0.12...jetty-11.0.13 )
Updates `jetty-alpn-java-server` from 11.0.12 to 11.0.13
Updates `http2-server` from 11.0.12 to 11.0.13
---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-alpn-java-server
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty.http2:http2-server
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-19 18:57:19 +02:00
Aurora Lahtela
0fdd12e61f
Patch bad join address data if it is in database
2022-12-18 21:32:08 +02:00
Aurora Lahtela
9e44000d21
Fix setting boolean parameters dynamically
...
Affects issues:
- Fixed #2784
2022-12-14 19:33:44 +02:00
Aurora Lahtela
a773c4c46e
Wrote a test for exported react pages
...
Affects issues:
- Close #2767
2022-12-13 19:33:00 +02:00
Aurora Lahtela
155910554f
Fixed exported page constantly updating data in the background
2022-12-11 21:35:31 +02:00
Aurora Lahtela
b3ef8e5a51
Fix onSetExtremes is undefined error
2022-12-10 10:20:12 +02:00