Skip to content

6.5.0

Choose a tag to compare

View all tags
@0x46616c6b 0x46616c6b released this 18 Mar 14:48
· 60 commits to main since this release
6.5.0
fc3417d
This commit was created on GitHub.com and signed with GitHubโ€™s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Features and Improvements

  • ๐Ÿ—ƒ๏ธ Wrap registration flow in database transaction (#1201)
  • ๐Ÿณ Switch to Alpine + Caddy, separate Node/PHP build stages (#1192)
  • โœจ Scope dashboard statistics for domain admins (#1181)
  • โœจ Link OpenPGP keys dashboard tile and enable domain admin access (#1170)
  • โœจ Restructure admin area for multi-role access with dashboard (#1169)
  • โœจ Add OpenPGP keys settings page (#1167)
  • ๐Ÿ”ฅ Remove Sonata Admin Bundle and rename settings to admin (#1166)
  • โœจ Add native User Admin under /settings/users/ (#1165)
  • โœจ Allow OpenPgpKey uploads to WKD for aliases (#1117)

Security

  • ๐Ÿ”’ Invalidate session on logout (#1200)
  • ๐Ÿ”’ Switch CI from pull_request_target to pull_request (#1189)
  • ๐Ÿ”’๏ธ Add missing password validation constraints to RecoveryResetPassword (#1184)
  • ๐Ÿ”’ Extend DomainVoter for aliases and harden AliasController for domain admins (#1179)
  • ๐Ÿ”’ Fix serialize-javascript vulnerability (Dependabot #79) (#1177)
  • ๐Ÿ”’ Add domain authorization for user creation (#1176)
  • ๐Ÿ”’ Prevent domain admin privilege escalation to full admin (#1173)

Technical Changes

  • ๐Ÿณ Move Dovecot/Roundcube to mail profile and fix rootless Podman (#1198)
  • ๐Ÿ”‡ Suppress Psalm InvalidAttribute false positives (#1196)
  • โ™ป๏ธ Use Symfony's HTML Sanitizer for safe_html twig filter (#1186)
  • โช Revert serialize-javascript vulnerability fix (#1177) (#1182)
  • ๐Ÿงช Add comprehensive domain admin access control Behat tests (#1180)
  • ๐Ÿ“ Add hierarchical AGENTS.md knowledge base (#1174)
  • โ™ป๏ธ Refactor GpgKeyImporter into GpgKeyParser, introduce GpgKeyResult DTO, and remove dead code (#1172)
  • โ™ป๏ธ Replace standalone delete pages with password-confirmation modal dialogs (#1164)
  • โ™ป๏ธ Generalize confirm modal and replace inline JS with Stimulus controller (#1163)
  • โ™ป๏ธ Remove redundant max-width constraints from page templates (#1162)
  • โ™ป๏ธ Replace window.confirm() with accessible modal dialogs for delete confirmations (#1161)
  • โœ… Add JavaScript testing support to Behat via Symfony Panther (#1160)
  • โœ… Add unit tests for all remaining Stimulus controllers (#1158)
  • ๐Ÿ’š Fix SonarCloud PR decoration with pull_request_target (#1157)
  • โœ… Add Vitest unit tests for Stimulus controllers and sanitize utility (#1156)
  • ๐ŸŽจ Widen page layout to max-w-7xl and remove redundant width wrappers (#1151)
  • โฌ†๏ธ Update composer dependencies (#1193, #1153)
  • โฌ†๏ธ Update npm dependencies (#1197, #1178, #1175, #1154)
  • โฌ†๏ธ Update GitHub Actions dependencies (#1195, #1155)

Bug Fixes

  • ๐Ÿ› Catch EntityNotFoundException in Admin\AliasController (#1188)
  • ๐Ÿ› Validate csrf token in MaintenanceController::run (#1185)
  • ๐Ÿ› Fix SonarCloud reliability issues in JS/TS controllers (#1159)
Assets 10
Loading