• last updated 6 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
modernize resource info procs

use new API ::util::resources::resource_info_procs

::util::resources::resource_info_procs: function to improve roustness of fetching of resource info procs

bumped version number to 5.10.1b10

    • -2
    • +2
    /openacs-4/packages/acs-tcl/acs-tcl.info
reduced verbosity

minor cleanup: prefer list_of_lists, improved comments

improved souce code documentation

Various fixes for "function_args"

- The default value for "authority_id" in acs_user__new was missing.

- Removed leftovers from earlier changes in the SQL API. The update

scripts did not care about function args, so orphaned entries could

cause confusions.

- The drop-package SQL function did not care about deleting entries on

the function args table. The function args deleted here are created

automatically by the Tcl proc "package_generate_body".

- bumped verison of acs-kernel to 5.10.1b6

file upgrade-5.10.1b5-5.10.1b6.sql was initially added on branch oacs-5-10.

removed calls to deprecated procs

swithc default to version 7.3.0 (previous version was vulnerable)

added link to snyk advisor (bumped version to 5.10.1b9)

    • -2
    • +2
    /openacs-4/packages/acs-tcl/acs-tcl.info
align .adp files for site-wide admin pages

reduced verbosity

Simplified and streamlined URN management by using util::resources::register_urns

provide a stable order of list items by sorting

Simplified and streamlined URN management by using util::resources::register_urns

    • -20
    • +3
    /openacs-4/packages/fa-icons/tcl/resource-init.tcl
Provide better coverage of used JavaScript libraries

- Added support for jquery, jquery-ui, jqueryui_touchpunch

- For all covered JavaScript libraries, the following components were added:

* parameter configuration (param_info)

* vulnerability checks

- site-wide info can manage now:

bootstrap-treeview, jquery, jquery-ui, and jqueryui-touch-punch

- fallback libraries (e.g. for bootstrap3 or yui) are not covered,

these should disappear in the future.

- bumped version number to 5.10.1b14

    • -3
    • +3
    /openacs-4/packages/xowiki/xowiki.info
    • -15
    • +2
    /openacs-4/packages/xowiki/tcl/resource-init.tcl
Further simplify handling of resource_info specs

- Added convenience function "::util::resources::register_urns" to

register all URNs with CSP handling provided by a package (denoted

by its top level namespace)

- made parameter "version" in "check-installed" include optional

- bumped version number to 5.10.1b8

    • -2
    • +2
    /openacs-4/packages/acs-tcl/acs-tcl.info
added link to "Security and Privacy Posture Overview" to acs-admin page

improved robustness, when cluster parameters are changed without a restart

reduced verbosity

reduced verbosity in the system log, provide hint to message

fixed bug #3470

Fixed issue in cluster mode, denoted by Khy H in the OpenACS forum

A new command "ad_parameter_cache_flush_dict" was introduced to handle

the case, where a cluster node modifies a parameter value without

having it read before. This case could lead to a coherency problem for

parameter values.

Background:

This proc is necessary in cases, where a node writes a new

parameter value before it has read the old one.

Since a plain "nsv_dict unset ad_param $key $parameter_name"

raises an exception, when the pair does not exist, and we do

not want to allow in cluster requests arbitrary "catch"

commands, we allow "ad_parameter_cache_flush_dict" instead.

Probably, the best solution is to add support for

nsv_dict unset -nocomplain -- ad_param $key $parameter_nam

The existing nsv_dict was built after Tcl's "dict unset",

which does not have the "-nocomplain" option either. However,

an atomic operation would certainly be preferable over an exists/unset

pair, which is no acceptable solution.

For details, see https://openacs.org/forums/message-view?message_id=5822470

use generic mount icon in site map

added generic icon for "mount" operations

added after-mount callback to restrict default permissions

- Modify default permissions after mount to restrict read access to

the package from public read to read access for registered users.

- The change affects only fresh installed, existing permission settings

are not touched.

- fixed typos

- bumped version number to 5.10.1b3

provide posture overview for widely-accessible-packages when count == 1

Fix documentation for group::update.

provide icon and title for managing service parameters