kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2026-06-11 19:21:33 +00:00
Code Issues Projects Releases Wiki Activity
23,240 Commits 10 Branches 1,051 Tags
develop
Commit Graph

7602 Commits

Author SHA1 Message Date
Sander Dorigo
1336b05f48 Fix build 2026-06-08 13:04:19 +02:00
James Cole
7a28365f7f Merge pull request #12344 from firefly-iii/dependabot/npm_and_yarn/develop/vite-8.0.16 
Bump vite from 8.0.15 to 8.0.16
 2026-06-08 10:17:40 +02:00
dependabot[bot]
b7eef25635 Bump vite from 8.0.15 to 8.0.16 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 8.0.15 to 8.0.16.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.16/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 8.0.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-08 03:52:55 +00:00
dependabot[bot]
9dcd6bc516 Bump webpack from 5.105.4 to 5.107.2 
Bumps [webpack](https://github.com/webpack/webpack) from 5.105.4 to 5.107.2.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack/compare/v5.105.4...v5.107.2)

---
updated-dependencies:
- dependency-name: webpack
  dependency-version: 5.107.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-08 03:52:43 +00:00
James Cole
377123d41f Fix https://github.com/firefly-iii/firefly-iii/issues/12309 2026-06-06 11:15:44 +02:00
James Cole
b1f32406cc Fix https://github.com/firefly-iii/firefly-iii/issues/12335 2026-06-05 05:41:00 +02:00
James Cole
17839d9a34 Merge pull request #12323 from firefly-iii/dependabot/npm_and_yarn/develop/vite-8.0.15 
Bump vite from 8.0.14 to 8.0.15
 2026-06-02 20:57:11 +02:00
James Cole
3d8f059f38 Merge pull request #12320 from firefly-iii/dependabot/npm_and_yarn/develop/bootstrap5-tags-1.7.17 
Bump bootstrap5-tags from 1.7.16 to 1.7.17
 2026-06-02 20:56:53 +02:00
James Cole
24af9f0e24 Merge pull request #12318 from firefly-iii/dependabot/npm_and_yarn/develop/date-fns-4.4.0 
Bump date-fns from 4.3.0 to 4.4.0
 2026-06-02 20:56:37 +02:00
James Cole
ce0d785819 Merge pull request #12315 from firefly-iii/dependabot/npm_and_yarn/develop/vue/compiler-sfc-3.5.35 
Bump @vue/compiler-sfc from 3.5.34 to 3.5.35
 2026-06-02 20:56:23 +02:00
JC5
028a6fdd75 🤖 Auto commit for release 'develop' on 2026-06-02 2026-06-02 20:54:15 +02:00
JC5
9cc7747123 🤖 Auto commit for release 'develop' on 2026-06-01 2026-06-01 21:31:44 +02:00
James Cole
344bac5af0 I fix the build. 2026-06-01 21:27:11 +02:00
James Cole
e7cccd6aa1 I fix the build. 2026-06-01 21:26:56 +02:00
dependabot[bot]
f3f69ac95e Bump vite from 8.0.14 to 8.0.15 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 8.0.14 to 8.0.15.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.15/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 8.0.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-01 06:55:08 +00:00
dependabot[bot]
40a308779a Bump bootstrap5-tags from 1.7.16 to 1.7.17 
Bumps [bootstrap5-tags](https://github.com/lekoala/bootstrap5-tags) from 1.7.16 to 1.7.17.
- [Release notes](https://github.com/lekoala/bootstrap5-tags/releases)
- [Commits](https://github.com/lekoala/bootstrap5-tags/compare/1.7.16...1.7.17)

---
updated-dependencies:
- dependency-name: bootstrap5-tags
  dependency-version: 1.7.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-01 06:54:48 +00:00
dependabot[bot]
51cbe00d20 Bump date-fns from 4.3.0 to 4.4.0 
Bumps [date-fns](https://github.com/date-fns/date-fns) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/date-fns/date-fns/releases)
- [Commits](https://github.com/date-fns/date-fns/compare/v4.3.0...v4.4.0)

---
updated-dependencies:
- dependency-name: date-fns
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-01 06:54:40 +00:00
dependabot[bot]
9e7013f498 Bump @vue/compiler-sfc from 3.5.34 to 3.5.35 
Bumps [@vue/compiler-sfc](https://github.com/vuejs/core/tree/HEAD/packages/compiler-sfc) from 3.5.34 to 3.5.35.
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](https://github.com/vuejs/core/commits/v3.5.35/packages/compiler-sfc)

---
updated-dependencies:
- dependency-name: "@vue/compiler-sfc"
  dependency-version: 3.5.35
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-01 06:54:33 +00:00
James Cole
4865123d59 Fixed #12305 2026-05-30 04:22:21 +02:00
James Cole
30fd28b928 Fix https://github.com/firefly-iii/firefly-iii/issues/12306 2026-05-30 04:13:53 +02:00
dependabot[bot]
0fd42ea43f Bump i18next-http-backend from 3.0.6 to 4.0.0 
Bumps [i18next-http-backend](https://github.com/i18next/i18next-http-backend) from 3.0.6 to 4.0.0.
- [Changelog](https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next-http-backend/compare/v3.0.6...v4.0.0)

---
updated-dependencies:
- dependency-name: i18next-http-backend
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-25 11:41:17 +00:00
James Cole
db73ae39d1 Merge pull request #12288 from firefly-iii/dependabot/npm_and_yarn/develop/vite-8.0.14 
Bump vite from 8.0.13 to 8.0.14
 2026-05-25 13:39:38 +02:00
James Cole
972d75dc41 Merge pull request #12290 from firefly-iii/dependabot/npm_and_yarn/develop/date-fns-4.3.0 
Bump date-fns from 4.1.0 to 4.3.0
 2026-05-25 13:39:23 +02:00
dependabot[bot]
7fa4d67a3f Bump webpack from 5.105.4 to 5.107.1 
Bumps [webpack](https://github.com/webpack/webpack) from 5.105.4 to 5.107.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack/compare/v5.105.4...v5.107.1)

---
updated-dependencies:
- dependency-name: webpack
  dependency-version: 5.107.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-25 06:37:17 +00:00
dependabot[bot]
12baa27de9 Bump date-fns from 4.1.0 to 4.3.0 
Bumps [date-fns](https://github.com/date-fns/date-fns) from 4.1.0 to 4.3.0.
- [Release notes](https://github.com/date-fns/date-fns/releases)
- [Commits](https://github.com/date-fns/date-fns/compare/v4.1.0...v4.3.0)

---
updated-dependencies:
- dependency-name: date-fns
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-25 04:22:37 +00:00
dependabot[bot]
9e60d0ca0d Bump vite from 8.0.13 to 8.0.14 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 8.0.13 to 8.0.14.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.14/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 8.0.14
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-25 04:22:28 +00:00
James Cole
c002cb795d Fix date fns 2026-05-21 06:23:17 +02:00
James Cole
3e26f21bc4 Fix patch and lock version. 2026-05-21 06:22:15 +02:00
James Cole
b70ed32952 Merge pull request #12271 from alanturing881/fix/stored-xss-ale-piggy-name 
Fix stored XSS in audit log view via piggy bank name (ale.twig)
 2026-05-20 20:16:16 +02:00
iaohkut
fa6c123595 Fix stored XSS in ALE view by HTML-escaping piggy bank name 
The Twig template ale.twig rendered the piggy bank name from
AuditLogEntry.after.piggy using |raw, bypassing auto-escaping.
A user-controlled name containing HTML (e.g. <img onerror=...>)
would execute as JavaScript in any browser viewing the transaction
audit log (CWE-79).

Apply |e filter to escape only the user-controlled `name` parameter
before substitution into the trans() string. The |raw filter is
preserved because the `amount` parameter legitimately contains
<span> tags for currency styling.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-20 11:07:57 -04:00
dependabot[bot]
0226673a01 Bump vite from 8.0.11 to 8.0.13 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 8.0.11 to 8.0.13.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.13/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 8.0.13
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-18 04:27:29 +00:00
James Cole
0bac0aaaee Add some debug logging. 2026-05-16 20:38:50 +02:00
James Cole
134c232f45 Merge branch 'develop' of github.com:firefly-iii/firefly-iii into develop 2026-05-12 18:47:48 +02:00
James Cole
ce603f50d8 Fix https://github.com/firefly-iii/firefly-iii/issues/12243 2026-05-12 18:45:33 +02:00
dependabot[bot]
28f2de0df7 Bump vite from 8.0.10 to 8.0.11 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 8.0.10 to 8.0.11.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.11/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 8.0.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-11 03:54:53 +00:00
James Cole
5eb52812f0 Merge branch 'main' into develop 
# Conflicts:
#	package-lock.json
 2026-05-09 08:32:08 +02:00
dependabot[bot]
6baca9510f Bump @babel/plugin-transform-modules-systemjs 
Bumps the npm_and_yarn group with 1 update in the / directory: [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs).


Updates `@babel/plugin-transform-modules-systemjs` from 7.29.0 to 7.29.4
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.4/packages/babel-plugin-transform-modules-systemjs)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-modules-systemjs"
  dependency-version: 7.29.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-09 05:54:10 +00:00
dependabot[bot]
0f9a2f010c Bump fast-uri in the npm_and_yarn group across 1 directory 
Bumps the npm_and_yarn group with 1 update in the / directory: [fast-uri](https://github.com/fastify/fast-uri).


Updates `fast-uri` from 3.1.0 to 3.1.2
- [Release notes](https://github.com/fastify/fast-uri/releases)
- [Commits](https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.2)

---
updated-dependencies:
- dependency-name: fast-uri
  dependency-version: 3.1.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-08 23:26:04 +00:00
JC5
0202f4abd9 🤖 Auto commit for release 'develop' on 2026-05-03 2026-05-03 10:06:18 +02:00
James Cole
615d568479 Change sentence 2026-05-03 10:00:29 +02:00
JC5
42204f8dc1 🤖 Auto commit for release 'develop' on 2026-05-03 2026-05-03 09:46:10 +02:00
James Cole
cfac8fa569 Merge branch 'develop' of github.com:firefly-iii/firefly-iii into develop 2026-05-03 09:24:38 +02:00
James Cole
04704392f3 Fix amount display in budget overview. 2026-05-03 09:24:03 +02:00
James Cole
3a9ac03358 Add entry in preferences. 2026-05-02 15:04:23 +02:00
JC5
b6759c3fa0 🤖 Auto commit for release 'develop' on 2026-05-02 2026-05-02 06:48:29 +02:00
James Cole
525f0c752a Fix https://github.com/orgs/firefly-iii/discussions/11408 2026-04-30 07:55:43 +02:00
Sander Dorigo
dae4f6f351 Add clarity on password validation api 2026-04-28 08:38:04 +02:00
James Cole
60e2645e54 Merge pull request #12194 from firefly-iii/dependabot/npm_and_yarn/develop/vite-8.0.10 
Bump vite from 8.0.8 to 8.0.10
 2026-04-27 16:18:03 +02:00
JC5
cd0290475b 🤖 Auto commit for release 'develop' on 2026-04-27 2026-04-27 06:18:57 +02:00
dependabot[bot]
45528cf7d3 Bump vite from 8.0.8 to 8.0.10 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 8.0.8 to 8.0.10.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.10/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 8.0.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-27 03:52:35 +00:00