openhub.net
Black Duck Software, Inc.
Black Duck Open Hub
Follow @
OH
Sign In
Join Now
Projects
People
Organizations
Tools
Blog
BDSA
Projects
People
Projects
Organizations
Forums
Cerb
Settings
|
Report Duplicate
9
I Use This!
×
Login Required
Log in to Open Hub
Remember Me
Inactive
Commits
: Listings
Analyzed
about 12 hours
ago. based on code collected
about 17 hours
ago.
Apr 27, 2023 — Apr 27, 2024
Showing page 6 of 298
Search / Filter on:
Commit Message
Contributor
Files Modified
Lines Added
Lines Removed
Code Location
Date
[Code Cleanup]
Jeff Standen
More...
about 6 years ago
* [Platform/Sessions] Fixed an issue that prevented sessions from workers with IPv6 addresses when MySQL was in strict mode. Thanks to Thomas Gross <https://github.com/tgmedia-nz> for the report!
Jeff Standen
More...
about 6 years ago
[Installer/Packages] Fixed an issue in the tutorial installer package where the notification used an old 'preferences' endpoint.
Jeff Standen
More...
about 6 years ago
[Installer/Packages] Updated the installer packages to use the proper metric/series worklist datasources for widgets.
Jeff Standen
More...
about 6 years ago
8.2.10-checkpoint
Jeff Standen
More...
about 6 years ago
8.3-checkpoint
Jeff Standen
More...
about 6 years ago
* [Security/Login] Fixed a content injection issue on the login form. Previously, literal error messages were passed as URL parameters. Now an error code is passed in the parameter, and this displays the appropriate message from a hard-coded list. This wasn't linked to any known exploit (it couldn't run arbitrary scripts), but it could be used to display fake error messages which could intentionally social engineer workers (e.g. call a phone number to unlock account).
Jeff Standen
More...
about 6 years ago
* [Security/Logins] When a worker fails to authenticate multiple times in a row within a short period of time, their account will automatically be locked from further longin attempts for a short time. This mitigates brute force login attempts.
Jeff Standen
More...
about 6 years ago
* [Security/Logins] When a worker login attempt fails to authenticate, an event is now recorded in the activity log. This can be used to trigger bot behaviors, built security dashboards, prevent brute force attempts, etc.
Jeff Standen
More...
about 6 years ago
[Login/Code Cleanup] Cleaned up some ambiguity in the login process with the `$worker` variable. The references have been changed to `$unauthenticated_worker` and `$authenticated_worker`.
Jeff Standen
More...
about 6 years ago
[Developers/Activity Log] Implemented `DAO_ContextActivityLog::getLatestEntriesByTarget()`. This pulls the latest log entries of a given type for a given target, with an optional `since` epoch. This can be used for functionality like brute force prevention on logins.
Jeff Standen
More...
about 6 years ago
* [Records/Addresses] When an admin is editing an address record, they can select from: We send email from this address, This is a worker's personal email address, or None of the above.
Jeff Standen
More...
about 6 years ago
[Developers/Platform] Search query popups can now specify required queries to constrain the worklist.
Jeff Standen
More...
about 6 years ago
[Worklists] Added a `type:` filter to workspace list worklists.
Jeff Standen
More...
about 6 years ago
[Code Cleanup]
Jeff Standen
More...
about 6 years ago
* [Records/Custom Fields] Implemented custom field validation on all record editor popups.
Jeff Standen
More...
about 6 years ago
* [Workers/Records] On worker records, admins can now directly edit a worker's alternate email addresses from the peek editor. Confirmation of the email address is no longer required. Workers can no longer modify their own alternate email addresses.
Jeff Standen
More...
about 6 years ago
* [Security/XSS/Orgs] Fixed an issue in organization records where Javascript could be entered into the 'website' field. This is now properly validated as a URL.
Jeff Standen
More...
about 6 years ago
* [Records/Validation/URLs] In records, added a new validator for URL-based fields. This ensures that a string begins with `'http(s)://` and is properly formatted.
Jeff Standen
More...
about 6 years ago
[Workers/Addresses] Refactored worker alternate email addresses. Removed the `address_to_worker` table and added a `worker_id` field to email address records. Only workers can add alternate email addresses now; although a bot interaction could automate it for workers.
Jeff Standen
More...
about 6 years ago
[Code Cleanup]
Jeff Standen
More...
about 6 years ago
* [Login/Recover/UX] In the login process, an account recovery code will only be sent once per 30 minutes to prevent abuse. Previously, this form sent a new confirmation code by email for every request.
Jeff Standen
More...
about 6 years ago
* [Cards/Email/Usability] In the email record editor, the 'is banned' and 'is defunct' options are now better explained as "Reject incoming email from this address (is banned)" and "Reject outgoing mail to this address (is defunct)". The options are now located in a 'Mail filtering' section.
Jeff Standen
More...
about 6 years ago
* [Security/Preferences] Workers can no longer edit their own first name, last name, or title. An administrator must do so. This protects against impersonation attacks.
Jeff Standen
More...
about 6 years ago
[Notifications/Code Cleanup] The notifications badge in the header now opens a search popup rather than using its own Ajax action.
Jeff Standen
More...
about 6 years ago
[Platform/Developers] Search popups can now provide a required query to constrain their worklist.
Jeff Standen
More...
about 6 years ago
* [Profiles/Pages/Settings] Administrators can now configure the pages in any worker's menu from the Settings tab on their profile. Previously, admins had to use the impersonate feature, which required several extra steps.
Jeff Standen
More...
about 6 years ago
[Code Cleanup] Activity points returned by DevblocksPlatform are now sorted by their post-translated label.
Jeff Standen
More...
about 6 years ago
* [Profiles/Preferences] Worker preferences have moved from their own page into worker profiles. Preferences are now organized into sections instead of presenting a giant list. The 'Settings' tab is visible to admins and to workers on their own profile. Administrators can now modify all preferences for other worker accounts without having to use the impersonate feature.
Jeff Standen
More...
about 6 years ago
* [Security] Fixed a potential XSS issue in the owner picker on worklist filters.
Jeff Standen
More...
about 6 years ago
←
1
2
3
4
5
6
7
8
9
10
…
297
298
→
This site uses cookies to give you the best possible experience. By using the site, you consent to our use of cookies. For more information, please see our
Privacy Policy
Agree
