Source Control Integration

master 609a4ab3 2026-04-09 20:26 vboctor Committer: dregad Details Diff	Delete only private filters when a user is deleted. Fixes 0037004	Affected Issues 0037004
	mod - core/filter_api.php	Diff File
master 840d3579 2026-04-09 11:11 raspopov Committer: dregad Details Diff	Only load dropzone API when actually needed Fixes 0036967 Signed-off-by: Damien Regad <dregad@mantisbt.org> Squashed commits and reworded commit message	Affected Issues 0036967
	mod - bug_report_page.php	Diff File
	mod - bug_view_inc.php	Diff File
	mod - js/dropzone-proxy.js	Diff File
master 5bad473b 2026-04-09 11:08 raspopov Committer: dregad Details Diff	Only load datetimepicker API when actually needed Fixes 0036968 Signed-off-by: Damien Regad <dregad@mantisbt.org> Reworded commit message	Affected Issues 0036968
	mod - bug_actiongroup_page.php	Diff File
	mod - bug_change_status_page.php	Diff File
	mod - bug_report_page.php	Diff File
	mod - bug_update_page.php	Diff File
	mod - bug_view_inc.php	Diff File
	mod - view.php	Diff File
master d5331af6 2026-04-09 08:08 translatewiki.net Details Diff	Localisation updates from https://translatewiki.net. [skip ci]
	mod - lang/strings_belarusian_tarask.txt	Diff File
	mod - lang/strings_turkish.txt	Diff File
master 8c60c267 2026-04-08 18:49 dregad Details Diff	Merge branch 'master-2.28'
	mod - plugins/MantisGraph/pages/issues_trend_bycategory_table.php	Diff File
master 9440dded 2026-04-08 18:45 dregad Details Diff	Merge PR https://github.com/mantisbt/mantisbt/pull/2192 Return status code from core.php in case of errors and improve CI builds
	mod - build/ci_install_mantis.sh	Diff File
	mod - core.php	Diff File
	mod - core/constant_inc.php	Diff File
master 251d4788 2026-04-08 18:32 dregad Details Diff	Merge branch 'master-2.28'
	mod - core/commands/ProjectUsersDeleteCommand.php	Diff File
	mod - core/http_api.php	Diff File
	mod - core/user_api.php	Diff File
	mod - verify.php	Diff File
master 33562d44 2026-04-08 18:25 dregad Details Diff	Composer update - Removing sebastian/resource-operations (3.0.4) - Removing doctrine/instantiator (1.5.0) - Upgrading symfony/deprecation-contracts (v2.5.4 => v3.6.0): Extracting archive - Upgrading guzzlehttp/psr7 (2.8.0 => 2.9.0): Extracting archive - Upgrading sebastian/version (3.0.2 => 4.0.1): Extracting archive - Upgrading sebastian/type (3.2.1 => 4.0.0): Extracting archive - Upgrading sebastian/recursion-context (4.0.6 => 5.0.1): Extracting archive - Upgrading sebastian/object-reflector (2.0.4 => 3.0.0): Extracting archive - Upgrading sebastian/object-enumerator (4.0.4 => 5.0.0): Extracting archive - Upgrading sebastian/global-state (5.0.8 => 6.0.2): Extracting archive - Upgrading sebastian/exporter (4.0.8 => 5.1.4): Extracting archive - Upgrading sebastian/environment (5.1.5 => 6.1.0): Extracting archive - Upgrading sebastian/diff (4.0.6 => 5.1.1): Extracting archive - Upgrading sebastian/comparator (4.0.10 => 5.0.5): Extracting archive - Upgrading sebastian/code-unit (1.0.8 => 2.0.0): Extracting archive - Upgrading sebastian/cli-parser (1.0.2 => 2.0.1): Extracting archive - Upgrading phpunit/php-timer (5.0.3 => 6.0.0): Extracting archive - Upgrading phpunit/php-text-template (2.0.4 => 3.0.1): Extracting archive - Upgrading phpunit/php-invoker (3.1.1 => 4.0.0): Extracting archive - Upgrading phpunit/php-file-iterator (3.0.6 => 4.1.0): Extracting archive - Upgrading sebastian/lines-of-code (1.0.4 => 2.0.2): Extracting archive - Upgrading sebastian/complexity (2.0.3 => 3.2.0): Extracting archive - Upgrading sebastian/code-unit-reverse-lookup (2.0.3 => 3.0.0): Extracting archive - Upgrading phpunit/php-code-coverage (9.2.32 => 10.1.16): Extracting archive - Upgrading phpunit/phpunit (9.6.34 => 10.5.63): Extracting archive - Upgrading pimple/pimple (v3.6.0 => v3.6.2): Extracting archive Issue 0036914	Affected Issues 0036914
	mod - composer.lock	Diff File
master 6b49c1e3 2026-04-08 18:22 dregad Details Diff	Composer: remove PHPUnit 9.x Fixes 0036914	Affected Issues 0036914
	mod - composer.json	Diff File
master-2.28 5fec0f44 2026-04-08 04:49 dregad Details Diff	Escape textarea custom field for display Prevents HTML injection / XSS in bug_update_page.php. Fixes 0037003, GHSA-qj6w-v29q-4rgx Co-authored-by: Nozomu Sasaki <nzm117ssk@gmail.com>	Affected Issues 0037003
	mod - core/cfdefs/cfdef_standard.php	Diff File
master-2.28 2ec1b106 2026-04-07 12:02 dregad Details Diff	Revert use of string_url() in http_api.php Requiring string_api.php was causing a circular inclusion pattern of the core APIs, resulting in rejection of Secure Cookies by the browser. Partial revert of commit 5393a5663d33a0060d13ee0d4517bb701ddac40d. Fixes 0036819	Affected Issues 0036819
	mod - core/http_api.php	Diff File
master-2.28 e6be7c24 2026-04-06 08:26 dregad Details Diff	Check user id validity early in verify.php It makes no sense to attempt login if the user does not exist. Minor optimization: make use of extracted $u_username variable instead of calling user_get_username(). Fixes 0037006	Affected Issues 0037006
	mod - verify.php	Diff File
master-2.28 e2d7dcda 2026-04-06 08:19 dregad Details Diff	Fix record not found check in user_cache_row() Using empty() instead of !isset(), so both false and null trigger the exception. Regression from 2cee661cbdf9bf607a75586b8376f74675c924af. Fixes 0037005	Affected Issues 0037005
	mod - core/user_api.php	Diff File
master f4795e18 2026-04-06 08:08 translatewiki.net Details Diff	Localisation updates from https://translatewiki.net. [skip ci]
	mod - lang/strings_ukrainian.txt	Diff File
	mod - plugins/MantisCoreFormatting/lang/strings_ukrainian.txt	Diff File
master 70bfd6ae 2026-04-06 07:45 dregad Details Diff	PHPDoc
	mod - core/access_api.php	Diff File
master bf3b3641 2026-04-04 06:02 vboctor Committer: dregad Details Diff	Deleting a user now deletes its filters Fixes 0037004	Affected Issues 0037004
	mod - core/filter_api.php	Diff File
	mod - core/user_api.php	Diff File
master-2.28 b8d84f3c 2026-04-04 05:40 vboctor Committer: dregad Details Diff	Fix intermittent error when deleting user from project Fixes 0032998, PR https://github.com/mantisbt/mantisbt/pull/2199	Affected Issues 0032998
	mod - core/commands/ProjectUsersDeleteCommand.php	Diff File
master 9fc59f7e 2026-03-31 13:38 dregad Details Diff	Fix static analysis warnings
	mod - bug_revision_view_page.php	Diff File
	mod - core/access_api.php	Diff File
master-2.28 b262b4d2 2026-03-30 13:32 dregad Details Diff	Prevent unauthorized attachment upload via REST file_allow_project_upload() has been modified to check access for upload_bug_file_threshold against - project for new issues - bug for existing issues Fixes 0036976, GHSA-h4x5-gvx6-3rwc	Affected Issues 0036976
	mod - core/file_api.php	Diff File
master 09671193 2026-03-30 12:05 dregad Details Diff	Fix static analysis warnings, whitespace, PHPDoc
	mod - core/commands/IssueFileAddCommand.php	Diff File
master-2.28 de7bdeec 2026-03-30 11:42 dregad Details Diff	Prevent access to private issues' file attachments Adding access checks ensuring that the user is allowed to view the attachments' parent issue, before listing or downloading them: - file_can_view_or_download() function - IssueFileGetCommand::validate() method Fixes 0036977, GHSA-rmp5-5jj7-gmvf	Affected Issues 0036977
	mod - core/commands/IssueFileGetCommand.php	Diff File
	mod - core/file_api.php	Diff File
master 965df5ed 2026-03-30 10:48 dregad Details Diff	Fix static analysis warnings
	mod - api/rest/restcore/issues_rest.php	Diff File
	mod - core/commands/IssueFileGetCommand.php	Diff File
	mod - file_download.php	Diff File
master d400614c 2026-03-30 10:46 dregad Details Diff	Code cleanup: merge if statement The following switch is based on the exact same condition.
	mod - file_download.php	Diff File
master 209f5d33 2026-03-30 10:43 dregad Details Diff	Code cleanup: remove unnecessary variables
	mod - core/file_api.php	Diff File
master 12a20c13 2026-03-30 08:10 translatewiki.net Details Diff	Localisation updates from https://translatewiki.net. [skip ci]
	mod - lang/strings_ukrainian.txt	Diff File

Changesets: MantisBT