diff --git a/docs/development/concepts/hotwire-view-components/README.md b/docs/development/concepts/hotwire-view-components/README.md index 7cd09fe8119..0a5da5f21c6 100644 --- a/docs/development/concepts/hotwire-view-components/README.md +++ b/docs/development/concepts/hotwire-view-components/README.md @@ -1,7 +1,7 @@ --- sidebar_navigation: title: Using Hotwire with ViewComponents -description: An introduction of how we use Hotwire alongside ViewComponets +description: An introduction of how we use Hotwire alongside ViewComponents keywords: Ruby on Rails, Hotwire, ViewComponents --- diff --git a/docs/glossary/README.md b/docs/glossary/README.md index 80e3bac562a..f874c66fc80 100644 --- a/docs/glossary/README.md +++ b/docs/glossary/README.md @@ -525,7 +525,7 @@ In OpenProject, a Weighted item list can be used both as a [custom field](#custo ### Widget -A widget in OpenProject is defined as a small and customizable element that provides relevant information at a glance. Use widgets on the [My page](#my-page) or on the project dashboardon the [project home page](#project-home). [See all available project overview widgets](../user-guide/project-home/project-widgets/#project-widgets-catalog) and read [how to add a widget to the project overview](../user-guide/project-home/project-widgets/#resize-and-reorder-widgets). +A widget in OpenProject is defined as a small and customizable element that provides relevant information at a glance. Use widgets on the [My page](#my-page) or on the project dashboard of the [project home page](#project-home). [See all available project overview widgets](../user-guide/project-home/project-widgets/#project-widgets-catalog) and read [how to add a widget to the project overview](../user-guide/project-home/project-widgets/#resize-and-reorder-widgets). ### Wiki diff --git a/docs/installation-and-operations/bim-edition/README.md b/docs/installation-and-operations/bim-edition/README.md index a3b433eb672..424f44a55ce 100644 --- a/docs/installation-and-operations/bim-edition/README.md +++ b/docs/installation-and-operations/bim-edition/README.md @@ -25,7 +25,7 @@ For `docker`, `docker-compose`, and `helm-chart` based installations, you are mo Please check what docker image you are using for the steps needed to switch to BIM: -- **openproject/openproject:VERSION-slim**: You need to replace your imag with `openproject/openproject:VERSION-slim-bim`, which is prebuilt with the BIM Edition enabled and the pipeline installed +- **openproject/openproject:VERSION-slim**: You need to replace your image with `openproject/openproject:VERSION-slim-bim`, which is prebuilt with the BIM Edition enabled and the pipeline installed - **openproject/openproject:VERSION**: You are using the [all-in-one container](../installation/docker#all-in-one-container), which includes BIM support. You only need to set the environment variable `OPENPROJECT_EDITION=bim` to the docker container and restart your container. Please note that we recommend against using this all-in-one variant in production systems. ### Packaged installation diff --git a/docs/mobile-app-guide/first-steps/README.md b/docs/mobile-app-guide/first-steps/README.md index ed508b9f64e..9ac74a68640 100644 --- a/docs/mobile-app-guide/first-steps/README.md +++ b/docs/mobile-app-guide/first-steps/README.md @@ -53,7 +53,7 @@ Enter the complete **base URL** of your instance (for example, `https://yourcomp ![Mobile app browser sign in screen](mobile-app-browser-sign-in.png) * The app will ask you for a permission to have full access to the **OpenProject API v3** to authorize your account and securely connect to your workspace. -![OpenProject mobile app browser API v3 authorisation screen](mobile-browser-oauth-authorization.png) +![OpenProject mobile app browser API v3 authorization screen](mobile-browser-oauth-authorization.png) ## Start Exploring diff --git a/docs/mobile-app-guide/first-steps/login-troubleshooting/README.md b/docs/mobile-app-guide/first-steps/login-troubleshooting/README.md index 56f0c955acc..01e59a71295 100644 --- a/docs/mobile-app-guide/first-steps/login-troubleshooting/README.md +++ b/docs/mobile-app-guide/first-steps/login-troubleshooting/README.md @@ -26,7 +26,7 @@ The URL you entered may be incorrect, inaccessible, or not using HTTPS. ## OAuth Application Not Enabled **Symptom:** -Login fails with a browser error such as _“An authorization error has occurred. The client is not authorised to perform this request using this method.”,_ or you are redirected back to the login screen without authentication. +Login fails with a browser error such as _“An authorization error has occurred. The client is not authorized to perform this request using this method.”, or you are redirected back to the login screen without authentication. **Cause:** The mobile app uses OAuth 2.0 for secure authentication. If the built-in OAuth applications are not enabled in your instance, the app cannot log you in. @@ -40,7 +40,7 @@ The mobile app uses OAuth 2.0 for secure authentication. If the built-in OAuth a ## Instance Not on Minimum Supported Version **Symptom:** -You know that your instance is running not on the minimum supported version, OpenProject 17.0.0, and the login fails with a browser error such as _“An authorization error has occurred. The client is not authorised to perform this request using this method.”_. +You know that your instance is running not on the minimum supported version, OpenProject 17.0.0, and the login fails with a browser error such as _“An authorization error has occurred. The client is not authorized to perform this request using this method.”_. **Cause:** The OpenProject Mobile App requires your instance to be on **OpenProject version 17.0.0 or higher**. diff --git a/docs/release-notes/16-5-0/README.md b/docs/release-notes/16-5-0/README.md index 8a90c7f8afd..d183092ebcc 100644 --- a/docs/release-notes/16-5-0/README.md +++ b/docs/release-notes/16-5-0/README.md @@ -114,7 +114,7 @@ This menu is useful not only for new users, but also for anyone looking for addi - Bugfix: ID link in notification center always points to last opened project \[[#66751](https://community.openproject.org/wp/66751)\] - Bugfix: Removing widgets from Projects Overview page is very slow/unresponsive \[[#66753](https://community.openproject.org/wp/66753)\] - Bugfix: Activity shows changes to admin only custom fields also to non admin users \[[#66925](https://community.openproject.org/wp/66925)\] -- Bugfix: LDAP Groupsync settings can't be edited in synced LDAP group \[[#66941](https://community.openproject.org/wp/66941)\] +- Bugfix: LDAP group sync settings can't be edited in synced LDAP group \[[#66941](https://community.openproject.org/wp/66941)\] - Bugfix: Do not use unspecified ServiceProviderConfig.AuthenticationSchemes.type \[[#67055](https://community.openproject.org/wp/67055)\] - Bugfix: Application password cannot be validated for Nextcloud storage using SSO \[[#67071](https://community.openproject.org/wp/67071)\] - Bugfix: Work packages export dialog description attribute dragger locale \[[#67181](https://community.openproject.org/wp/67181)\] @@ -122,7 +122,7 @@ This menu is useful not only for new users, but also for anyone looking for addi - Bugfix: User cannot create a folder in the File picker \[[#67233](https://community.openproject.org/wp/67233)\] - Bugfix: File picker UI lets user upload to root folder even though it's not permitted \[[#67235](https://community.openproject.org/wp/67235)\] - Bugfix: User doesn't get visual feedback their new OIDC provider was successfully saved \[[#67257](https://community.openproject.org/wp/67257)\] -- Bugfix: Meetings series is not correctly ended if series has more than 1 existing occurence \[[#67297](https://community.openproject.org/wp/67297)\] +- Bugfix: Meetings series is not correctly ended if series has more than 1 existing occurrence \[[#67297](https://community.openproject.org/wp/67297)\] - Bugfix: Incorrect terminology in docs and UI: "Favored" vs "Favorited" \[[#67312](https://community.openproject.org/wp/67312)\] - Bugfix: Older meetings show series backlog as 'untitled section' \[[#67381](https://community.openproject.org/wp/67381)\] - Bugfix: Cost reports month locale \[[#67466](https://community.openproject.org/wp/67466)\] @@ -162,8 +162,8 @@ This menu is useful not only for new users, but also for anyone looking for addi - Feature: Update the Getting started video linked in the application help menu \[[#67176](https://community.openproject.org/wp/67176)\] - Feature: Update help menu and widget on start page in application \[[#67177](https://community.openproject.org/wp/67177)\] - Feature: Update Enterprise plan text in widget on application start page \[[#67178](https://community.openproject.org/wp/67178)\] -- Feature: Add/remove projects from favourite via the API \[[#67241](https://community.openproject.org/wp/67241)\] -- Feature: Hide segmented control and include sub-itmes checkbox of the filterable tree view \[[#67541](https://community.openproject.org/wp/67541)\] +- Feature: Add/remove projects from favorite via the API \[[#67241](https://community.openproject.org/wp/67241)\] +- Feature: Hide segmented control and include sub-items checkbox of the filterable tree view \[[#67541](https://community.openproject.org/wp/67541)\] diff --git a/docs/release-notes/16-6-0/README.md b/docs/release-notes/16-6-0/README.md index 9a0ab371b6d..3f8d3f0e666 100644 --- a/docs/release-notes/16-6-0/README.md +++ b/docs/release-notes/16-6-0/README.md @@ -30,7 +30,7 @@ OpenProject 16.6 introduces new project attribute types that make portfolio eval **Weighted item lists** extend this concept by allowing administrators to assign numeric scores to list options, such as effort levels or risk ratings. These values can then be used as input for calculated results. -**Calculated values** enable automatic computations based on formulas using numeric project attributes, including scores from Weighted item lists or even other calculated values. The computed result is displayed directly on the project overview and in the project list. It automatically updates whenever one of its source attributes (e.g., *Benefit* or *Effort* in the example below) is changed. This allows teams to calculate project scores and prioritise consistently across the portfolio. +**Calculated values** enable automatic computations based on formulas using numeric project attributes, including scores from Weighted item lists or even other calculated values. The computed result is displayed directly on the project overview and in the project list. It automatically updates whenever one of its source attributes (e.g., *Benefit* or *Effort* in the example below) is changed. This allows teams to calculate project scores and prioritize consistently across the portfolio. Here's an example of a calculated value called 'Overall score (calculated)' with the following formula: `(Strategic impact * 0.6) + (Benefit ​* 0.3) - (Effort * 0.1)` @@ -65,7 +65,7 @@ Administrators can now change the parent of an item within a [hierarchical custo To do so, administrators need to navigate to *Administration → Custom fields*, select a custom field type hierarchy and click on the *Items* tab. Then they click on the *More* icon and select *Change parent*. A dialog opens showing the current hierarchy tree. From there, administrators can search, select a new parent, and save the updated structure. The hierarchy is updated immediately after saving. Like mentioned above, this also works for project attributes. -![OpenProject 16.6: Custom field type hierarchy in the administration, tab 'Items', one item is selected with the 'More' menu and the option to change parent is higlighted](openproject-16-6-custom-field-hierarchy-change-parent.png) +![OpenProject 16.6: Custom field type hierarchy in the administration, tab 'Items', one item is selected with the 'More' menu and the option to change parent is highlighted](openproject-16-6-custom-field-hierarchy-change-parent.png) ### Updated 'More' menu of meetings with a 'Move to section' option diff --git a/docs/release-notes/17-0-0/README.md b/docs/release-notes/17-0-0/README.md index 2221b22f602..c7e63f06e94 100644 --- a/docs/release-notes/17-0-0/README.md +++ b/docs/release-notes/17-0-0/README.md @@ -105,7 +105,7 @@ See our user guide to [learn how to present a meeting in OpenProject](../../user Agenda items can now hold **multiple text-based outcomes**: The **+ Outcome** button remains available while the meeting is *In progress* and allows moderators to record more than one result for the same item. The first outcome is labelled "Outcome", additional ones are numbered ("Outcome 1", "Outcome 2", and so on). These outcomes are also supported in the PDF exports of meetings. This feature is a preparation for future improvements, such as [creating work packages as outcomes](https://community.openproject.org/work_packages/62093). -![OpenProject meeting which is in progess, below the first agenda item (a work package) are "Outcome 1" and "Outcome 2" displayed, and the + Outcome button is still available as well](openproject-17-0-meeting-multiple-outcomes.png) +![OpenProject meeting which is in progress, below the first agenda item (a work package) are "Outcome 1" and "Outcome 2" displayed, and the + Outcome button is still available as well](openproject-17-0-meeting-multiple-outcomes.png) #### Unified “My meetings” iCal subscription @@ -280,7 +280,7 @@ OpenProject now includes a built-in OAuth application that simplifies authentica ### Improved perceived performance of the project selector -The project selector has been optimised to feel significantly faster, especially in instances with many projects. Instead of loading the full project tree at once, OpenProject now loads up to 300 projects initially and fetches additional entries dynamically during search. This reduces waiting times and improves responsiveness across the application. +The project selector has been optimized to feel significantly faster, especially in instances with many projects. Instead of loading the full project tree at once, OpenProject now loads up to 300 projects initially and fetches additional entries dynamically during search. This reduces waiting times and improves responsiveness across the application. ### Removal of special semver @@ -377,7 +377,7 @@ Reference: \[[#67036](https://community.openproject.org/wp/67036)\] - Bugfix: Missing notification when a one-time meeting exits draft mode \[[#70109](https://community.openproject.org/wp/70109)\] - Bugfix: Missing notification when the title of a one-time meeting is updated \[[#70110](https://community.openproject.org/wp/70110)\] - Bugfix: Missing notification when a series is ended \[[#70111](https://community.openproject.org/wp/70111)\] -- Bugfix: Race condition allows to create resurces with the same name, bypassing our uniqueness validation \[[#70112](https://community.openproject.org/wp/70112)\] +- Bugfix: Race condition allows to create resources with the same name, bypassing our uniqueness validation \[[#70112](https://community.openproject.org/wp/70112)\] - Bugfix: Missing notification when restoring a cancelled occurrence \[[#70113](https://community.openproject.org/wp/70113)\] - Bugfix: Inconsistent label for „Status“ and „Project status“ \[[#70142](https://community.openproject.org/wp/70142)\] - Bugfix: Newly created project attributes are added as columns to the default project list \[[#70147](https://community.openproject.org/wp/70147)\] @@ -390,7 +390,7 @@ Reference: \[[#67036](https://community.openproject.org/wp/67036)\] - Bugfix: There is a recent change in Capabilities API without backward compatibility \[[#70356](https://community.openproject.org/wp/70356)\] - Bugfix: Fix close button accessibility errors found by eslint, ERB Lint \[[#70420](https://community.openproject.org/wp/70420)\] - Feature: Have specific role or permission to access templated project, but membership is not instantiated on copy \[[#43571](https://community.openproject.org/wp/43571)\] -- Feature: Reduce visibility of all users when addings members to a project \[[#55270](https://community.openproject.org/wp/55270)\] +- Feature: Reduce visibility of all users when adding members to a project \[[#55270](https://community.openproject.org/wp/55270)\] - Feature: Add work package type, status and meta status to what the global search is searching on during typeahead \[[#56831](https://community.openproject.org/wp/56831)\] - Feature: Configure project attribute sections to be shown as widgets on the project overview page \[[#61445](https://community.openproject.org/wp/61445)\] - Feature: A single 'My Meetings' iCal calendar subscription action so users can always have their calendars in sync with the meetings \[[#63463](https://community.openproject.org/wp/63463)\] @@ -444,7 +444,7 @@ Reference: \[[#67036](https://community.openproject.org/wp/67036)\] - Feature: Truncate breadcrumb in PageHeader \[[#68906](https://community.openproject.org/wp/68906)\] - Feature: Introduce "Create program" and "Create portfolio" permission \[[#68918](https://community.openproject.org/wp/68918)\] - Feature: Sync up last updated at via hocuspocus awareness protocol \[[#68939](https://community.openproject.org/wp/68939)\] -- Feature: Primerize Administation > Attribute help texts forms \[[#68953](https://community.openproject.org/wp/68953)\] +- Feature: Primerize Administration > Attribute help texts forms \[[#68953](https://community.openproject.org/wp/68953)\] - Feature: Style the rich-link workpackage macro (dark theme) \[[#68978](https://community.openproject.org/wp/68978)\] - Feature: Primerize Admin > System Settings forms \[[#69095](https://community.openproject.org/wp/69095)\] - Feature: Move "meetings" tab before GitHub and GitLab \[[#69118](https://community.openproject.org/wp/69118)\] diff --git a/docs/release-notes/17-0-2/README.md b/docs/release-notes/17-0-2/README.md index 104b2c4b65e..9a1742775b1 100644 --- a/docs/release-notes/17-0-2/README.md +++ b/docs/release-notes/17-0-2/README.md @@ -30,7 +30,7 @@ For more information, please see the [GitHub advisory #GHSA-74p5-9pr3-r6pw](http ### CVE-2026-24772 - SSRF and CSWSH in Hocuspocus Synchronization Server -To enable the real time collaboration on documents, OpenProject 17.0 introduced a [synchronization server](https://github.com/opf/op-blocknote-hocuspocus). The OpenPrioject backend generates an authentication token that is currently valid for 24 hours, encrypts it with a shared secret only known to the synchronization server. The frontend hands this encrypted token and the backend URL over to the synchronization server to check user's ability to work on the document and perform intermittent saves while editing. +To enable the real time collaboration on documents, OpenProject 17.0 introduced a [synchronization server](https://github.com/opf/op-blocknote-hocuspocus). The OpenProject backend generates an authentication token that is currently valid for 24 hours, encrypts it with a shared secret only known to the synchronization server. The frontend hands this encrypted token and the backend URL over to the synchronization server to check user's ability to work on the document and perform intermittent saves while editing. The synchronization server does not properly validate the backend URL and sends a request with the decrypted authentication token to the endpoint that was given to the server. An attacker could use this vulnerability to decrypt a token that he intercepted by other means to gain an access token to interact with OpenProject on the victim's behalf. @@ -57,9 +57,9 @@ For more information, please see the [GitHub advisory #GHSA-35c6-x276-2pvc](http - Bugfix: Meeting outcomes cannot be saved with ctrl/cmd+enter \[[#69974](https://community.openproject.org/wp/69974)\] - Bugfix: AXe Accessibility error: invalid list structure \[[#70573](https://community.openproject.org/wp/70573)\] - Bugfix: Fix AXe Accessibility error: Navigation toggler must have discernible text \[[#70574](https://community.openproject.org/wp/70574)\] -- Bugfix: Documents module is missing meaningfull html title \[[#70614](https://community.openproject.org/wp/70614)\] +- Bugfix: Documents module is missing meaningful html title \[[#70614](https://community.openproject.org/wp/70614)\] - Bugfix: Users with the "Manage Users" permission did not see links to Lock/Unlock users \[[#70796](https://community.openproject.org/wp/70796)\] -- Bugfix: Cannot authorise OpenProject app with OpenProject when user has 2FA enabled \[[#70966](https://community.openproject.org/wp/70966)\] +- Bugfix: Cannot authorize OpenProject app with OpenProject when user has 2FA enabled \[[#70966](https://community.openproject.org/wp/70966)\] - Bugfix: Running docker slim image, runs slim-bim one \[[#70980](https://community.openproject.org/wp/70980)\] - Bugfix: 'For all projects' project attributes are not displayed during new project creation \[[#70982](https://community.openproject.org/wp/70982)\] - Bugfix: Fix revision parsing in git diff output \[[#71020](https://community.openproject.org/wp/71020)\] diff --git a/docs/release-notes/17-0-3/README.md b/docs/release-notes/17-0-3/README.md index bf83fe41d71..a00ed899f17 100644 --- a/docs/release-notes/17-0-3/README.md +++ b/docs/release-notes/17-0-3/README.md @@ -66,7 +66,7 @@ For more information, please see the [GitHub advisory #GHSA-x37c-hcg5-r5m7](http - Bugfix: Unable to change to earlier finish date for automatically scheduled successor \[[#65130](https://community.openproject.org/wp/65130)\] - Bugfix: DPA/AVV cannot be downloaded \[[#67323](https://community.openproject.org/wp/67323)\] -- Bugfix: hocupocus logs \[onAuthenticate\] fetch failed and connection to collaboration server not possible \[[#70542](https://community.openproject.org/wp/70542)\] +- Bugfix: hocuspocus logs \[onAuthenticate\] fetch failed and connection to collaboration server not possible \[[#70542](https://community.openproject.org/wp/70542)\] - Bugfix: Wrong sidebar sort order in System Admin Guide -> Authentication \[[#70914](https://community.openproject.org/wp/70914)\] - Bugfix: "form\_configuration-status=422" Unable to Change Custom fields in Work Packages without Enterprise Plan \[[#71093](https://community.openproject.org/wp/71093)\] diff --git a/docs/release-notes/17-0-4/README.md b/docs/release-notes/17-0-4/README.md index baf91c1766a..180751ffad7 100644 --- a/docs/release-notes/17-0-4/README.md +++ b/docs/release-notes/17-0-4/README.md @@ -62,7 +62,7 @@ For more information, please see the [GitHub advisory #GHSA-g62r-9rgf-h53q](http The application is vulnerable to HTML injection due to improper sanitization of user-supplied input for the project name. -An attacker can inject arbitrary HTML tags into the response, altering the structure of the page. and later while creating workpackages payload is executed. +An attacker can inject arbitrary HTML tags into the response, altering the structure of the page. and later while creating work packages payload is executed. diff --git a/docs/release-notes/17-0-5/README.md b/docs/release-notes/17-0-5/README.md index 34fd0dfb6cd..676be81c76b 100644 --- a/docs/release-notes/17-0-5/README.md +++ b/docs/release-notes/17-0-5/README.md @@ -220,7 +220,7 @@ For more information, please see the [GitHub advisory #GHSA-c76v-8735-35hq](http -### CVE-2026-27827 - Insecure Direct Object Reference in Project Storage Administrition Theft & Pre-Auth Remote Folder Deletion +### CVE-2026-27827 - Insecure Direct Object Reference in Project Storage Administration Theft & Pre-Auth Remote Folder Deletion An unscoped loading of Project Storages lead to users with the _Manage Files in Project_ permission in one project, to access project storages in other projects. This would give information about the storage that they were not supposed to see.  diff --git a/docs/release-notes/17-1-0/README.md b/docs/release-notes/17-1-0/README.md index 7f9a62c4f98..df9d7de17be 100644 --- a/docs/release-notes/17-1-0/README.md +++ b/docs/release-notes/17-1-0/README.md @@ -168,7 +168,7 @@ This change prevents browser freezes and significantly improves responsiveness w - Bugfix: Error duplicating task with relation \[[#69309](https://community.openproject.org/wp/69309)\] - Bugfix: Truncate the name in the project list \[[#69445](https://community.openproject.org/wp/69445)\] - Bugfix: Timer cannot be started if log time modal has a mandatory field \[[#69483](https://community.openproject.org/wp/69483)\] -- Bugfix: Nexcloud returns 404 if OpenPorject app is not installed \[[#69492](https://community.openproject.org/wp/69492)\] +- Bugfix: Nextcloud returns 404 if OpenProject app is not installed \[[#69492](https://community.openproject.org/wp/69492)\] - Bugfix: Fine-tuning of margins in pdf exports \[[#69515](https://community.openproject.org/wp/69515)\] - Bugfix: Error in PDF exports if font file storage is broken \[[#69625](https://community.openproject.org/wp/69625)\] - Bugfix: Misleading text in Work Package meetings tab after mentioning WP in meeting outcome \[[#69646](https://community.openproject.org/wp/69646)\] @@ -183,7 +183,7 @@ This change prevents browser freezes and significantly improves responsiveness w - Bugfix: Project status button is missing colors in the dropdown \[[#70458](https://community.openproject.org/wp/70458)\] - Bugfix: Fix flickering in the Handling of 404 errors in AvatarWithFallback \[[#70460](https://community.openproject.org/wp/70460)\] - Bugfix: On mobile, global search result box shows a lot of white space \[[#70497](https://community.openproject.org/wp/70497)\] -- Bugfix: hocupocus logs \[onAuthenticate\] fetch failed and connection to collaboration server not possible \[[#70542](https://community.openproject.org/wp/70542)\] +- Bugfix: hocuspocus logs \[onAuthenticate\] fetch failed and connection to collaboration server not possible \[[#70542](https://community.openproject.org/wp/70542)\] - Bugfix: Images are broken on moved/duplicated meeting agenda item \[[#70585](https://community.openproject.org/wp/70585)\] - Bugfix: If user cancels a meeting that is currently happening, the meeting disappears from list \[[#70609](https://community.openproject.org/wp/70609)\] - Bugfix: Email wording is ambiguous for users who are uninvited from a meeting \[[#70610](https://community.openproject.org/wp/70610)\] @@ -225,8 +225,8 @@ This change prevents browser freezes and significantly improves responsiveness w - Feature: Button to open project creation wizard from overview \[[#69402](https://community.openproject.org/wp/69402)\] - Feature: Add relative link to project initiation request from work package comment \[[#69403](https://community.openproject.org/wp/69403)\] - Feature: Send out email when work package is created \[[#69414](https://community.openproject.org/wp/69414)\] -- Feature: Show breadcrumb with full project hierachy in Project Overview showing portfolios and programs \[[#69417](https://community.openproject.org/wp/69417)\] -- Feature: Allow duplicating/copy of agenda items to next meeting occurence \[[#69464](https://community.openproject.org/wp/69464)\] +- Feature: Show breadcrumb with full project hierarchy in Project Overview showing portfolios and programs \[[#69417](https://community.openproject.org/wp/69417)\] +- Feature: Allow duplicating/copy of agenda items to next meeting occurrence \[[#69464](https://community.openproject.org/wp/69464)\] - Feature: Primerize API settings form \[[#69702](https://community.openproject.org/wp/69702)\] - Feature: Show participant response in Meeting UI \[[#69733](https://community.openproject.org/wp/69733)\] - Feature: Responses before meeting was created should show up in iCal Feed \[[#69734](https://community.openproject.org/wp/69734)\] diff --git a/docs/release-notes/17-1-1/README.md b/docs/release-notes/17-1-1/README.md index 1b224004651..227681b781f 100644 --- a/docs/release-notes/17-1-1/README.md +++ b/docs/release-notes/17-1-1/README.md @@ -62,7 +62,7 @@ For more information, please see the [GitHub advisory #GHSA-g62r-9rgf-h53q](http The application is vulnerable to HTML injection due to improper sanitization of user-supplied input for the project name. -An attacker can inject arbitrary HTML tags into the response, altering the structure of the page. and later while creating workpackages payload is executed. +An attacker can inject arbitrary HTML tags into the response, altering the structure of the page. and later while creating work packages payload is executed. diff --git a/docs/release-notes/17-1-2/README.md b/docs/release-notes/17-1-2/README.md index e178aa7f0a5..0aae9aadbb8 100644 --- a/docs/release-notes/17-1-2/README.md +++ b/docs/release-notes/17-1-2/README.md @@ -220,7 +220,7 @@ For more information, please see the [GitHub advisory #GHSA-c76v-8735-35hq](http -### CVE-2026-27827 - Insecure Direct Object Reference in Project Storage Administrition Theft & Pre-Auth Remote Folder Deletion +### CVE-2026-27827 - Insecure Direct Object Reference in Project Storage Administration Theft & Pre-Auth Remote Folder Deletion An unscoped loading of Project Storages lead to users with the _Manage Files in Project_ permission in one project, to access project storages in other projects. This would give information about the storage that they were not supposed to see.  diff --git a/docs/release-notes/17-2-0/README.md b/docs/release-notes/17-2-0/README.md index 0872302841f..13444466db1 100644 --- a/docs/release-notes/17-2-0/README.md +++ b/docs/release-notes/17-2-0/README.md @@ -187,7 +187,7 @@ OpenProject 17.2 introduces optional comment fields for project attributes, givi Comments are displayed and edited alongside the respective attribute on the Project overview page and follow the same permission logic as the attribute itself. Changes are tracked in the project activity, included in exports, and available via the API. By adding structured context to project metadata, this enhancement improves transparency and supports better governance and decision-making across projects and teams. -![Setting to add a comment text field to a project atttribute in OpenProject administration](openproject_release_notes_17-2-0_project_attributes_comment.png) +![Setting to add a comment text field to a project attribute in OpenProject administration](openproject_release_notes_17-2-0_project_attributes_comment.png) Read more about [project attributes in OpenProject](../../user-guide/project-home/project-attributes/). @@ -229,7 +229,7 @@ We are working on a new Jira import wizard designed to help teams migrate core p > [!IMPORTANT] > This functionality is still under active development and currently available only behind a feature flag for early testing. We’re sharing this preview to start the conversation with teams considering a move from Jira. More capabilities will follow in upcoming releases. -![Add a new confgiruration to Jira importer under OpenProject administration](openproject_release_notes_17-2-0_jira_migrator.png) +![Add a new configuration to Jira importer under OpenProject administration](openproject_release_notes_17-2-0_jira_migrator.png) To find out more [see what we are working on](https://community.openproject.org/projects/jira-migration/work_packages). diff --git a/docs/security-and-privacy/statement-on-security/README.md b/docs/security-and-privacy/statement-on-security/README.md index 01632b85a44..79861ce3d82 100644 --- a/docs/security-and-privacy/statement-on-security/README.md +++ b/docs/security-and-privacy/statement-on-security/README.md @@ -66,7 +66,7 @@ Please include a description on how to reproduce the issue if possible. Our secu OpenProject is currently subject of a bug bounty program, kindly sponsored by the European Commission. Please see https://yeswehack.com/programs/openproject for more details. -Please note that OpenProject does not offer its own bug bounty program. For any security vulnerability you responsibly disclose to it, whether it's through another bug bounty porgram or through our website, we will do our best to give you the appropriate credits for responsibly disclosing a security vulnerability to us. We will gladly reference your work, name, website on every publication we do related to the security update. +Please note that OpenProject does not offer its own bug bounty program. For any security vulnerability you responsibly disclose to it, whether it's through another bug bounty program or through our website, we will do our best to give you the appropriate credits for responsibly disclosing a security vulnerability to us. We will gladly reference your work, name, website on every publication we do related to the security update. ## OpenProject security features diff --git a/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/README.md b/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/README.md index 07c33ce93c5..dc034d2406f 100644 --- a/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/README.md +++ b/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/README.md @@ -38,7 +38,7 @@ Synchronizing a single LDAP group allows you to connect an existing group in Ope LDAP group synchronization extends the memberships defined by administrators in an existing OpenProject group. Important things to note are: - You need to have created at least one manual group in the OpenProject administration before you continue. -- Group synchronization for this group is enabled by an administrator cerating a *synchronized LDAP group* that ties the OpenProject group to an LDAP entry. +- Group synchronization for this group is enabled by an administrator creating a *synchronized LDAP group* that ties the OpenProject group to an LDAP entry. - Only synchronized memberships will be removed from the OpenProject group. If you want to add a user outside your LDAP authentication to an OpenProject group, you can do so without the membership being affected from the group synchronization. ### Single synchronized groups diff --git a/docs/system-admin-guide/documents/README.md b/docs/system-admin-guide/documents/README.md index 0c0af3f821f..659ca0d5c67 100644 --- a/docs/system-admin-guide/documents/README.md +++ b/docs/system-admin-guide/documents/README.md @@ -55,7 +55,7 @@ You will see a dialogue informing you of the consequences. - If a document type is used, you will need to select a different type for reassigning - ![A warning message when deleting a used document type in OpenProject, asking to reassing documents to a different type](openproject_system_guide_documents_types_delete_message_type_used.png) + ![A warning message when deleting a used document type in OpenProject, asking to reassigning documents to a different type](openproject_system_guide_documents_types_delete_message_type_used.png) - If a document type is the last existing one, you will not be able to delete it. There must always be at least one document type configured. In this case you can create another document type first. diff --git a/docs/system-admin-guide/files/README.md b/docs/system-admin-guide/files/README.md index 3f355995ba1..13cef4d8930 100644 --- a/docs/system-admin-guide/files/README.md +++ b/docs/system-admin-guide/files/README.md @@ -25,5 +25,5 @@ Under categories you can create and manage documentation categories in OpenProje > [!NOTE] > -> With 17.0 the *Documents* module was enhanced with live-collaboration features, resulting in a dedicated area in system adminstration. From then on documentation of Categories was moved [here](../documents). +> With 17.0 the *Documents* module was enhanced with live-collaboration features, resulting in a dedicated area in system administration. From then on documentation of Categories was moved [here](../documents). diff --git a/docs/system-admin-guide/manage-work-packages/work-package-workflows/README.md b/docs/system-admin-guide/manage-work-packages/work-package-workflows/README.md index 2f3d6808d3b..873a2b47776 100644 --- a/docs/system-admin-guide/manage-work-packages/work-package-workflows/README.md +++ b/docs/system-admin-guide/manage-work-packages/work-package-workflows/README.md @@ -17,7 +17,7 @@ This means, a certain type of work package, e.g. a Task, can have the following To edit a workflow, first decide if you want to edit default transitions that apply to all users (depending only on the role) or for the specific cases where a user is the author or the assignee. Three tabs on top of the screen allow you to choose this: -![Tabs to select between default transitions, when the user is the author or when the user is the asignee](admin_workflow_tabs.png) +![Tabs to select between default transitions, when the user is the author or when the user is the assignee](admin_workflow_tabs.png) Once you are in the right tab: diff --git a/docs/system-admin-guide/projects/project-attributes/README.md b/docs/system-admin-guide/projects/project-attributes/README.md index be1e13d8026..af44eb31706 100644 --- a/docs/system-admin-guide/projects/project-attributes/README.md +++ b/docs/system-admin-guide/projects/project-attributes/README.md @@ -148,7 +148,7 @@ This numeric value is required and can be used in calculations — for example, [feature: calculated_values ] -**Calculated values** enable automatic computations based on formulas using numeric project attributes, including scores from Weighted item lists or even other calculated values. The computed result is displayed directly on the project overview and in the project list. It automatically updates whenever one of its source attributes (e.g., Benefit or Effort in the example below) is changed. This allows teams to calculate project scores and prioritise consistently across the portfolio. +**Calculated values** enable automatic computations based on formulas using numeric project attributes, including scores from Weighted item lists or even other calculated values. The computed result is displayed directly on the project overview and in the project list. It automatically updates whenever one of its source attributes (e.g., Benefit or Effort in the example below) is changed. This allows teams to calculate project scores and prioritize consistently across the portfolio. To set up a project attribute of the **Calculated value** type, follow the same procedure as when adding a standard project attribute and select the *Calculated value* option. Define the name, section it will appear in and the calculation formula. diff --git a/docs/system-admin-guide/users-permissions/groups/README.md b/docs/system-admin-guide/users-permissions/groups/README.md index 961dabb33a4..10a86af624d 100644 --- a/docs/system-admin-guide/users-permissions/groups/README.md +++ b/docs/system-admin-guide/users-permissions/groups/README.md @@ -39,7 +39,7 @@ You will then see the detailed view of the group, including following tabs: - Users - Projects - Global roles -- Synchronised groups +- Synchronized groups ![Edit groups in OpenProject administration](openproject_system_guide_edit_new_group.png) @@ -67,7 +67,7 @@ In order to add a global role to a group, at least one global role needs to be [ ### Synchronized groups -Click the **Synchronized groups** tab to see if this group has been synchronised with groups in external identity providers like OpenID. If no synchronisation has yet been set up, this list will be empty. You can set this up in your [Authentication settings](../../authentication). +Click the **Synchronized groups** tab to see if this group has been synchronized with groups in external identity providers like OpenID. If no synchronization has yet been set up, this list will be empty. You can set this up in your [Authentication settings](../../authentication). ### Delete a group diff --git a/docs/system-admin-guide/users-permissions/roles-permissions/README.md b/docs/system-admin-guide/users-permissions/roles-permissions/README.md index 6abdc3e285b..cbeaca62874 100644 --- a/docs/system-admin-guide/users-permissions/roles-permissions/README.md +++ b/docs/system-admin-guide/users-permissions/roles-permissions/README.md @@ -31,7 +31,7 @@ A user can have one or more roles which grant permissions on different levels. ### Global role -**Global roles** allow aministrators to delegate administrative tasks to individual users. +**Global roles** allow administrators to delegate administrative tasks to individual users. | Scope of the role | Permission examples | Customization options | | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | @@ -115,7 +115,7 @@ The form shows the available global permissions which can be assigned to the new > [!TIP] > To create a subproject for an existing project the project permission "Create subprojects" is also required. -- Create portolios +- Create portfolios - Create programs diff --git a/docs/user-guide/meetings/one-time-meetings/README.md b/docs/user-guide/meetings/one-time-meetings/README.md index cc4606210fe..700f41bd07c 100644 --- a/docs/user-guide/meetings/one-time-meetings/README.md +++ b/docs/user-guide/meetings/one-time-meetings/README.md @@ -412,7 +412,7 @@ You can download a meeting as an iCalendar event. Select the dropdown by clickin Read more about [subscribing to a calendar](../../calendar/#subscribe-to-a-calendar). -![An icon to download a meeting as an iCalendar event in OpenProject meetings moduel](openproject_userguide_meetings_download_ical.png) +![An icon to download a meeting as an iCalendar event in OpenProject meetings module](openproject_userguide_meetings_download_ical.png) Please keep in mind that downloading a meeting as an iCalendar event adds it to your calendar, but it does not keep the meeting synchronized automatically.