references/openproject
1
0
Fork 0
mirror of https://github.com/opf/openproject.git synced 2026-06-14 03:30:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
107,679 Commits 457 Branches 316 Tags
b5350cccf7f3cd53771674494deaa351765a365a
Commit Graph

5446 Commits

Author SHA1 Message Date
Oliver Günther b5350cccf7 Add rack-attack throttler for all logins 
We have a built-in bruteforce protection for built-in users. When users
are being created from LDAP on-the-fly, these limits cannot apply, as we
do not have a user object yet.

Instead, we can provide a more generous throttler to block attempts
 2026-05-29 12:33:28 +02:00
OpenProject Actions CI 3e02e2863f Merge branch 'release/17.5' into dev 2026-05-28 12:18:34 +00:00
as-op 61ba429ccd reduce image file sizes 2026-05-28 12:59:47 +02:00
as-op fe68af670b fix spelling 2026-05-28 12:37:14 +02:00
OpenProject Actions CI 8e8e196afe Merge branch 'release/17.5' into dev 2026-05-28 10:23:21 +00:00
OpenProject Actions CI a1d2c75ef6 Merge branch 'release/17.4' into release/17.5 2026-05-28 09:52:19 +00:00
as-op b8c6999454 fix a non working external link 2026-05-28 11:47:01 +02:00
OpenProject Actions CI 49b802ca02 Merge branch 'release/17.5' into dev 2026-05-28 08:51:09 +00:00
Oliver Günther b0905e35b7 Merge pull request #23392 from opf/fix/ldap-seeder-aliases 
Fix LDAP seeder not using env aliases and underscores
 2026-05-28 08:56:14 +02:00
OpenProject Actions CI 127de711ef Merge branch 'release/17.5' into dev 2026-05-27 14:23:35 +00:00
OpenProject Actions CI 6739b99b85 Merge branch 'release/17.4' into release/17.5 2026-05-27 14:21:58 +00:00
as-op 91aec8554b fix some old external links 2026-05-27 16:18:06 +02:00
OpenProject Actions CI eb6717f81e Merge branch 'release/17.5' into dev 2026-05-27 14:11:35 +00:00
Maya Berdygylyjova 276f24ec6f [#75282] 17.5 Jira migrator update https://community.openproject.org… (#23357) 
* [#75282] 17.5 Jira migrator update  https://community.openproject.org/wp/75282

[#75282] 17.5 Jira migrator update

https://community.openproject.org/wp/75282

* Update docs/installation-and-operations/jira-migration/README.md

Co-authored-by: Pavel Balashou <ba1ashpash@gmail.com>

* Apply suggestion from @MayaBerd

---------

Co-authored-by: Pavel Balashou <ba1ashpash@gmail.com>
 2026-05-27 11:40:12 +02:00
Maya Berdygylyjova 8e23395e81 [#75280] 17.5 enterprise guide update https://community.openproject.… (#23382) 
[#75280] 17.5 enterprise guide update  https://community.openproject.org/wp/75280

[#75280] 17.5 enterprise guide update

https://community.openproject.org/wp/75280
 2026-05-27 11:34:20 +02:00
Oliver Günther bd55f04d95 Fix LDAP seeder not using env aliases and underscores 
https://community.openproject.org/work_packages/75361
 2026-05-26 19:53:35 +02:00
Christophe Bliard 01d1323e9b Merge pull request #23317 from opf/feature/32812-group-synchronization-through-attributes-of-the-group-not-member-memberof 
[32812] Enable LDAP group synchronization through attributes of the group
 2026-05-26 17:23:37 +02:00
Jan Sandbrink 7fd8db89c7 Merge pull request #23254 from opf/update-system-requirements-17-5 
Updating the system requirements for 17.5
 2026-05-26 14:57:17 +02:00
Oliver Günther ef9bdd4895 Update pre-release notification criteria in README 
Clarified language regarding pre-release notifications for critical and high-risk vulnerabilities.
 2026-05-26 14:07:58 +02:00
Jan Sandbrink cf8bb221cf Generalize version suggestion for team folders 
We want to work with the latest version of team folders usually,
though this version depends on the version of Nextcloud.
 2026-05-26 09:21:20 +02:00
Jan Sandbrink 0c4d5535d7 More specifically indicate supported openDesk version 2026-05-26 09:14:07 +02:00
Jan Sandbrink bd44e0f714 Indicate new Keycloak version 2026-05-26 09:13:20 +02:00
Christophe Bliard 4352424e7d Update LDAP group sync docs and UI to reflect forward lookup support 
- Remove the memberOf-only restriction from docs, UI help text, and FAQ;
  both reverse lookup (memberOf) and forward lookup (Group member
  attribute) are now supported
- Document the new "Group member attribute" filter field, including when
  to use forward vs reverse lookup
- Clarify that forward lookup is only available via synchronized filters,
  not manually-created synchronized groups
- Rename "Synchronize" button to "Discover LDAP groups" to make clear it
  only runs group discovery (phase 1), not member synchronization
- Document that the Discover LDAP groups button does not sync members;
  point to the rake task for a full manual sync
- Expand troubleshooting: login attribute mismatch, missing/empty
  required attributes
- Replace packaged-installation-specific rake command with
  installation-agnostic form; link to console setup docs
- Clarify Enterprise cloud availability and recommend SAML/SCIM as
  more secure alternatives when LDAP exposure to the internet is
  undesirable
- Fix grammar, double spaces, and stale phrasing throughout
 2026-05-22 12:53:31 +02:00
Oliver Günther 32b8fb76c0 Create release notes draft for 17.5.0 2026-05-21 06:55:10 +02:00
Oliver Günther 274f7c6e3d Merge pull request #23230 from opf/feat/monthly-meeting-option 
Meeting series: Add monthly scheduling options
 2026-05-20 16:02:36 +02:00
Oliver Günther 6295d90346 Add monthly scheduling options 2026-05-20 15:20:16 +02:00
Andrej 82e1f72d15 Merge branch 'dev' into bug/75031-imprecise-error-for-unallowed-ip-when-testing-jira-connection 2026-05-20 12:09:01 +02:00
as-op 57bce010d7 docs(ssrf): add blocked IP ranges and examples for allowlist configuration 2026-05-20 09:23:15 +02:00
Oliver Günther e396a5bb53 Merge remote-tracking branch 'origin/release/17.4' into dev 2026-05-19 18:26:45 +02:00
as-op 184070639b fix link 2026-05-19 16:37:15 +02:00
as-op 4bd2c3a104 docs(ssrf): add documentation for SSRF protection 2026-05-19 15:02:33 +02:00
Oliver Günther 84f3b18b13 Clarify SAML request signing and assertion settings 
Updated recommendations for SAML request signing and assertion verification.
 2026-05-19 11:25:55 +02:00
ulferts d3d3a61900 Merge remote-tracking branch 'origin/dev' into merge-release/17.4-20260519045108 2026-05-19 09:12:14 +02:00
Niels Lindenthal 6c4aa018aa remove the links to specific openDesk versions 2026-05-19 08:43:38 +02:00
Niels Lindenthal 17b821a9e6 Remove Firefox ESR 128 as a supported browser 2026-05-18 21:36:49 +02:00
Niels Lindenthal cfa3cc2043 Updating the supported openDesk versions 2026-05-18 21:33:16 +02:00
Oliver Günther 4fe990ddb2 Update README.md 2026-05-18 14:42:23 +02:00
eliph d603432ae7 Update README.md 
GitHub-flaword Markdown (GFM) is used internally, not Textile.
 2026-05-18 10:54:05 +02:00
Jan Sandbrink 90acd7a022 Merge pull request #22549 from opf/session-auth-csrf-protection 
Consider Sec-Fetch-Site header for session auth
 2026-05-18 08:59:56 +02:00
Jan Sandbrink e0b7cbcb92 Prepare 17.5 release notes 
There's a first technical update that needed documentation.
 2026-05-18 08:48:00 +02:00
OpenProject Actions CI c6a3d4a270 Merge branch 'release/17.4' into dev 2026-05-16 04:39:47 +00:00
Oliver Günther 85ac0014d6 Update README.md 2026-05-15 07:23:28 +02:00
Oliver Günther e2440ce053 Change security fix reference to CVE format 
Updated the security fix reference from GHSA to CVE format for clarity.
 2026-05-15 07:23:15 +02:00
Oliver Günther 8e0bb08633 Change security fix identifier from GHSA to CVE 
Updated security fix reference from GHSA to CVE.
 2026-05-15 07:23:04 +02:00
Alexander Brandon Coles 109db3f53c Merge remote-tracking branch 'opf/dev' into HEAD 
# Conflicts:
#	lib/open_project/version.rb
#	modules/backlogs/config/locales/crowdin/de.yml
#	modules/wikis/config/locales/crowdin/de.yml
 2026-05-13 11:04:03 +02:00
as-op 105ed22dea fix links 2026-05-13 10:14:20 +02:00
as-op 1d8d17b479 restore falsly merged 2026-05-13 10:10:53 +02:00
as-op 1ed5229104 fix doc links 2026-05-13 09:49:22 +02:00
as-op 5222c020d0 fix doc links 2026-05-13 09:27:06 +02:00
Oliver Günther 51773e8423 Add release-notes file 2026-05-13 08:46:23 +02:00