mirror of https://github.com/zulip/zulip.git synced 2025-11-03 21:43:21 +00:00

Go to file

Tim Abbott 3f55bfc53b CVE-2020-14215: Fix migration 0198_preregistrationuser_invited_as.

This migration incorrectly swapped the role associated with invitation
objects between members and organization administrators, resulting in
most invitation objects that existed before the upgrade to Zulip
2.0.0-rc1 or later to be incorrectly administrator invitations.

Fixing the migration is safe and will help those installations
upgrading directly from 1.9.x to 2.1.5 or later.

A migration to fix the corrupted records will appear in an upcoming
commit.

2020-06-16 23:35:39 -07:00

.circleci

provision: Don't run migrations on zulip db in CircleCI.

2020-06-16 15:37:32 +05:30

.github

…

.tx

cleanup: Delete trailing newlines.

2019-08-06 23:29:11 -07:00

analytics

python: Convert percent formatting to .format for translated strings.

2020-06-15 16:24:46 -07:00

confirmation

python: Convert more percent formatting to Python 3.6 f-strings.

2020-06-14 23:27:22 -07:00

corporate

python: Convert percent formatting to .format for translated strings.

2020-06-15 16:24:46 -07:00

docs

puppet: Remove vestigial check_postgres.pl.

2020-06-15 16:18:07 -07:00

frontend_tests

realm: Remove Google Hangouts integration.

2020-06-16 17:02:27 -07:00

locale

i18n: Update translation data from Transifex.

2020-06-04 14:05:54 -07:00

pgroonga

migrations: Escape more pedantically in pgroonga.0003_v2_api_upgrade.

2020-06-13 21:50:37 -07:00

puppet

upgrade-zulip: Pin the postgres version to the OS default.

2020-06-16 17:05:46 -07:00

requirements

requirements: Upgrade isort to 5.0.0 prerelease from Git.

2020-06-11 16:05:58 -07:00

scripts

install: Pin new apt-based installs to the latest postgresql.

2020-06-16 17:08:16 -07:00

static

templates: Fix missing quoting of attributes in HTML templates.

2020-06-16 23:35:39 -07:00

stubs

pysa: Introduce sanitizers, models, and inline marking safe.

2020-06-11 12:57:49 -07:00

templates

templates: Fix missing quoting of attributes in HTML templates.

2020-06-16 23:35:39 -07:00

tools

templates: Fix missing quoting of attributes in HTML templates.

2020-06-16 23:35:39 -07:00

zerver

CVE-2020-14215: Fix migration 0198_preregistrationuser_invited_as.

2020-06-16 23:35:39 -07:00

zilencer

python: Convert percent formatting to .format for translated strings.

2020-06-15 16:24:46 -07:00

zproject

python: Convert more percent formatting to Python 3.6 f-strings.

2020-06-14 23:27:22 -07:00

zthumbor

python: Sort imports with isort.

2020-06-11 16:45:32 -07:00

.browserslistrc

webpack: Transpile JS code with Babel.

2019-07-22 17:55:32 -07:00

.codecov.yml

codecov: Change threshold to use percentage syntax.

2019-07-20 14:37:04 -07:00

.editorconfig

.editorconfig: Add .scss, .hbs; drop weirder rules.

2020-04-22 15:03:08 -07:00

.eslintignore

blueslip: Apply ESLint.

2019-11-01 12:13:59 -07:00

.eslintrc.json

markdown: Add support for spoilers.

2020-06-16 16:14:10 -07:00

.gitattributes

Revert "gitattributes: Mark yarn.lock as "binary", i.e. suppress diffs."

2019-05-20 19:31:14 -07:00

.gitignore

i18n: Move static/locale back to locale.

2019-07-02 14:57:55 -07:00

.gitlint

…

.isort.cfg

lint: Run isort as a linter.

2020-06-11 16:47:07 -07:00

.mailmap

mailmap: Add mailmap entry for Aman Agrawal.

2020-05-15 17:11:19 -07:00

.npmignore

…

.pyre_configuration

pysa: Add basic .pyre_configuration and taint.config for pysa.

2020-06-11 12:57:49 -07:00

.stylelintrc

lint: Ban color names in CSS.

2019-01-22 15:33:18 -08:00

.yarnrc

.yarnrc: Set ignore-scripts true.

2019-08-28 16:15:54 -07:00

babel.config.js

babel: Enable loose mode.

2020-02-05 11:52:52 -08:00

CODE_OF_CONDUCT.md

docs: Convert many http URLs to https.

2020-03-26 21:35:32 -07:00

CONTRIBUTING.md

docs: Update most remaining references to zulipchat.com.

2020-06-08 18:10:45 -07:00

Dockerfile-postgresql

base Zulip PostgreSQL Docker container on PGroonga official one

2019-12-30 10:20:25 -08:00

LICENSE

docs: Bump copyright year.

2020-04-23 16:04:54 -07:00

manage.py

python: Sort imports with isort.

2020-06-11 16:45:32 -07:00

mypy.ini

mypy.ini: Remove some unnecessary strict_optional = False lines.

2020-06-13 15:31:27 -07:00

NOTICE

…

package.json

dependencies: Upgrade JavaScript dependencies.

2020-06-07 11:06:57 -07:00

postcss.config.js

webpack: Move CSS minification to optimization stage.

2019-09-02 21:58:13 -07:00

README.md

docs: Update URLs to use https://zulip.com .

2020-06-08 18:10:45 -07:00

tsconfig.json

tsconfig: Enable resolveJsonModule.

2020-05-26 23:33:40 -07:00

Vagrantfile

Revert "vagrant: Add NFS backend for file synchronization for OSX."

2019-08-12 16:04:00 -07:00

version.py

api: Remove is_old_stream property from the stream objects.

2020-06-16 10:26:33 -07:00

yarn.lock

dependencies: Upgrade JavaScript dependencies.

2020-06-07 11:06:57 -07:00

README.md

Zulip overview

Zulip is a powerful, open source group chat application that combines the immediacy of real-time chat with the productivity benefits of threaded conversations. Zulip is used by open source projects, Fortune 500 companies, large standards bodies, and others who need a real-time chat system that allows users to easily process hundreds or thousands of messages a day. With over 500 contributors merging over 500 commits a month, Zulip is also the largest and fastest growing open source group chat project.

Getting started

Click on the appropriate link below. If nothing seems to apply, join us on the Zulip community server and tell us what's up!