OpenACS / openacs-4 / packages

acs-tcl

Line History

Line Count Graph
Line Count Graph

Stats

Commits this week: 3
Total Committers: 73
Last Commit: 03 Apr
Commits this week: 3
Total Lines of Code (LoC): 74,893
Net change in LoC this week: 3

Commit Activity

Commits By Day In Week
52 week commits volume
Commits By Day In Week
Commits by day
Commits By Day In Week
Commits by hour
Commits By Hour In Day
Commit calendar
 

Most active committers (90 days)

loading
loading
  • last updated 13 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Thursday 03 Apr
7:16 pm

gustafn

Fixed snyk vulnerability check (backport from HEAD)

Snyk page has changed, we have to switch the pattern we are looking for.

Bumped version number to flage the change to "upgrade from repository"

Options
    • -2
    • +2
    ./acs-tcl.info
    • -2
    • +2
    ./tcl/utilities-procs.tcl
7:11 pm

gustafn

Fixed snyk vulnerability check

Snyk page has changed, we have to switch the pattern we are looking for.

Options
    • -2
    • +2
    ./tcl/utilities-procs.tcl
Wednesday 02 Apr
10:58 am

gernst

Do not modify posted form data when logging the request. In addition mask log output for all fields having password in their name

Options
    • -6
    • +9
    ./tcl/utilities-procs.tcl
Wednesday 12 Mar
10:45 am

gustafn

Enhanced security logging and debugging in security-procs.tcl

- Updated the internal log procedure to accept multiple arguments (using join) for more flexible logging.

- Replace several ns_log calls with ::security::log to standardize logging of session_id, login_cookie, timeout, and other events.

- Add additional log statements in critical functions (e.g. sec_handler, sec_setup_session, __ad_verify_signature, and CSRF token handling)

to provide better traceability of session allocation, cookie generation, session invalidation, and signature verification.

- Improve debug output for CSRF token generation and verification, including logging differences in computed hash values.

Options
    • -14
    • +32
    ./tcl/security-procs.tcl
10:13 am

gustafn

added debugging hook for tracing CSRF livecyle

Options
    • -0
    • +1
    ./tcl/form-processing-procs.tcl
10:11 am

gustafn

improved log messages to pinpoint location and reason

Options
    • -2
    • +2
    ./tcl/01-database-procs.tcl
  2. … 1 more file in changeset.
Monday 03 Mar
9:26 am

gustafn

fixed variable name

Options
    • -3
    • +3
    ./tcl/utilities-procs.tcl
Friday 28 Feb
2:41 pm

gustafn

provent passwords from form being logged via ad_log

Options
    • -18
    • +11
    ./tcl/utilities-procs.tcl
Tuesday 04 Feb
7:15 pm

gustafn

ad_return_url: provide a positive list and a negative list for selecting included query variables

The new parameters follow the terminology of the "export_vars" command.

Options
    • -3
    • +11
    ./tcl/defs-procs.tcl
Friday 31 Jan
2:10 pm

gustafn

ad_return_url: new parameter "-exclude"

This change allows to exclude certain variables (which are e.g. considered as

confidential) from the form, which computes the return_url.

The change is based on a feature request in the OpenACS forums by Josue Cardona.

Options
    • -3
    • +5
    ./tcl/defs-procs.tcl
Sunday 19 Jan
10:01 am

gustafn

reapplied post 5-10 release fix

Many thanks to Claudio Pasolini for reporting and identifying the problem!

Options
    • -2
    • +2
    ./tcl/security-procs.tcl
9:54 am

gustafn

fixed bug security::validated_host_header

Many thanks to Claudio Pasolini for reporting and identifying the problem!

Options
    • -2
    • +2
    ./tcl/security-procs.tcl
Saturday 28 Dec 2024
5:58 pm

gustafn

Fixed 2 bugs: with remote code repository

- fixed repository URL when trying to "install-from-repositry"

on a checkout from the HEAD channel. The code tried to fetch

from a channel "6-0", which does not exist.

- determine the exact repository tag for repository channels

Options
    • -3
    • +14
    ./tcl/apm-install-procs.tcl
  2. … 1 more file in changeset.
4:39 pm

gustafn

Ported essential post-release fixes from oacs-5-10 branch

Options
    • -2
    • +8
    ./tcl/defs-procs.tcl
    • -8
    • +14
    ./tcl/install-procs.tcl
  3. … 2 more files in changeset.
4:37 pm

gustafn

improved comments

Options
    • -5
    • +7
    ./tcl/utilities-procs.tcl
Friday 27 Dec 2024
7:25 pm

gustafn

Fixed bug in install-from-repository (issue #3472)

Install from repository (e.g., of /dotlrn) was horribly broken, see,

e.g., issue #3472. Furthermore, this bug was hard to debug, since it

showed up just during a complex installation attempts involving

install.xml, and it requires fetching from the repository. Therefore,

the debug rounds were quite time-consuming.

There were several problems involved:

1) dotlrn/install.xml was trying to set the theme to the

dotlrn-bootstrap3-theme, which was not loaded from the repository

2) The loading order was not correct, since the theme requires an

existing dotlrn instance to register the theme templates there.

3) The tests in install::xml::action::mount checking, if the package

was already mounted were incorrect, probably since many years. It

looks to me as some refactorings of the "get_node_id" semantics

(many years ago) were not reflected in this code. This bug let

the code assume, that the package was already mounted. Therefore,

the package was never mounted, causing a long tail of subsequent

issues.

4) the site_node::instantiate_and_mount call in

install::xml::action::mount was called with incorrect parameters,

causing overwriting of the site root node, leaving the site

completely unusable.

Bumped version number of acs-tcl to 5.10.2d1

Options
    • -2
    • +2
    ./acs-tcl.info
    • -8
    • +14
    ./tcl/install-procs.tcl
6:31 pm

gustafn

fixed overquoting in "ad_progress_base_end"

Options
    • -2
    • +8
    ./tcl/defs-procs.tcl
1:32 pm

gustafn

fixed cut&paste problem

Options
    • -1210
    • +0
    ./tcl/install-procs.tcl
1:09 pm

gustafn

reset to released version to keep differences little

Options
    • -1
    • +1201
    ./tcl/install-procs.tcl
    • -13
    • +9
    ./tcl/site-nodes-procs.tcl
  3. … 1 more file in changeset.
10:50 am

gustafn

keep theme-stetting for dotlrn themes in dotlrn, since it requires a dotlrn instance

but when the dotlrn is installed, it requires the dotlrn-theme package to be installed

Options
    • -0
    • +2
    ./tcl/site-nodes-procs.tcl
  2. … 3 more files in changeset.
10:22 am

gustafn

Continue working on the install.xml issue.

Options
    • -8
    • +9
    ./tcl/site-nodes-procs.tcl
10:01 am

gustafn

added more debugging info

Options
    • -2
    • +7
    ./tcl/install-procs.tcl
    • -2
    • +2
    ./tcl/site-nodes-procs.tcl
9:29 am

gustafn

undo one more recent change

Options
    • -3
    • +3
    ./tcl/install-procs.tcl
9:15 am

gustafn

undo recent change. This was not the problem

Options
    • -5
    • +1
    ./tcl/install-procs.tcl
9:00 am

gustafn

added debug statement

Options
    • -0
    • +1
    ./tcl/site-nodes-procs.tcl
Thursday 26 Dec 2024
7:25 pm

gustafn

try to get a non-empty context id

Options
    • -3
    • +7
    ./tcl/install-procs.tcl
6:56 pm

gustafn

added debugging line

Options
    • -1
    • +8
    ./tcl/install-procs.tcl
6:32 pm

gustafn

Fixed incorrect result handling from ::acs::site_node get_node_id

When

::acs::site_node get_node_id -url /$mount_point

is executed with a non-existing mount point, the node info of the

parent_id is returned. The code assumed that for such cases, the

resulting "object_id" member is empty. Since this affects only the

two action procs

install::xml::action::mount

install::xml::action::mount-existing

i have adjusted the behavior there.

Furthermore, some tests are now less mind-twisted.

Options
    • -13
    • +11
    ./tcl/install-procs.tcl
Tuesday 24 Dec 2024
5:27 pm

gustafn

improved log messages

Options
    • -2
    • +3
    ./tcl/apm-install-procs.tcl
Friday 13 Dec 2024
10:53 am

gustafn

avoid triggering exception, when provided host header field cannot be resolved.

Options
    • -2
    • +8
    ./tcl/security-procs.tcl