frappe

Commit Graph

Author	SHA1	Message	Date
Nabin Hait	dd53ed0f75	Merge branch 'hotfix'	8 years ago
Nabin Hait	f73e8d0404	Merge branch 'master' into develop	8 years ago
Nabin Hait	efd35845e3	bumped to version 7.1.23	8 years ago
Nabin Hait	1d5b903a4d	Merge pull request #2424 from nabinhait/hotfix Fixed patch	8 years ago
Nabin Hait	03e7957cd6	Fixed patch	8 years ago
Nabin Hait	c52dc83256	Fixed merge conflict	8 years ago
Nabin Hait	c99179746d	Merge branch 'hotfix'	8 years ago
Nabin Hait	d48f6f433e	bumped to version 7.1.22	8 years ago
Nabin Hait	2f2e80b0a1	Merge pull request #2421 from nabinhait/hotfix Hotfix	8 years ago
Nabin Hait	961071b311	removed print statements	8 years ago
Rohit Waghchaure	82ac63e5ac	[Fix] Total row not working in the report for the report builder type	8 years ago
Rushabh Mehta	9cd262c0c5	[minor] dont check developer mode in test	8 years ago
Rushabh Mehta	281d8a6481	[fix] for new doctype	8 years ago
Rushabh Mehta	9e7b174c76	[enhance] update fetch values on doctype save #2414	8 years ago
Rushabh Mehta	5f8b360123	[fix] #7130	8 years ago
Rushabh Mehta	d1a57e697a	[fix] font-awesome for tree	8 years ago
Nabin Hait	cd0f5e76c6	[fix] Set filter values as default only if no_copy is not marked (#2413 )	8 years ago
Vladyslav Baidak	597a34cd5d	Update site.py (#2306 ) * Update site.py Fixed --db-name ignoring when creating new-site * Update site.py Fixed --db-name ignoring when creating new-site	8 years ago
KanchanChauhan	054d0f663f	Invalid language error on creation of Language (#2390 )	8 years ago
Rushabh Mehta	593214c189	[fix] expand collapse buttons only for tree reports	8 years ago
Rushabh Mehta	72569d1313	[fix] file .zip upload;	8 years ago
Nabin Hait	8c7bd2f76f	Merge pull request #2341 from rmehta/fetch-server-side [fix] fetch values server side for link fields	8 years ago
Prateeksha Singh	45c8365438	Grid: Expand/Collapse all buttons (#2399 ) * Add disabling of buttons * Commonify polar functions	8 years ago
sbkolate	764cbfe217	added Bulk Upload from zip file feature #2055 (#2062 ) * added Bulk Upload from zip file feature #2055 * Added upload zip in file list * Fix File URL * Update file_list.js	8 years ago
Revant Nandgaonkar	528ad7dc61	Update fullcalendar to v3.0.1 (#2408 )	8 years ago
Rushabh Mehta	c67d3bfe01	Add attachment from email and copy attachments to Communication Record (#2412 ) * Carry over file attachments in email communications * [fix] style	8 years ago
robert schouten	4996c94e75	[fix] error log dont update modified on seen (#2411 )	8 years ago
robert schouten	cfba598717	[fix] communication doc patch minimise dataset returned to prevent memory overflow (#2403 )	8 years ago
robert schouten	d8a58de07c	[hotfix] fix typo in #2401 (#2407 )	8 years ago
rohitwaghchaure	2850830fc0	Language field missing in the translation doctype (#2406 )	8 years ago
Nabin Hait	9af61bbe79	Merge pull request #2388 from rmehta/merge-kb [feature] merge knowledge base in Frappe, fixes frappe/erpnext#6030	8 years ago
OluyomiKay	71c7e177b7	Carry over file attachments in amended doctypes (#2394 ) * Carry over file attachments in amended doctypes * Renamed function and code style	8 years ago
Shreyas Patil	4b31d0cdd5	[Minor] Updated condition to validate allowed email report per user (#2386 ) * [Fix] Updated condition to allow only 3 reports per user * [fix] different conditions for insert and update	8 years ago
Rushabh Mehta	7bc7e3bc63	Upgrade Font Awesome (#2410 ) * Font-Awesome V3.x to V4.x Font-Awesome V3.x to V4.x * Font Tidy Font Tidy * FA4 Upgrade - Html Js & Json FA4 Upgrade - Html Js & Json * Minor Minor	8 years ago
Faris Ansari	c58bd377de	help placeholder translatable (#2402 )	8 years ago
robert schouten	d412c4718e	refactor assign_to dialog for ease of use (#2401 ) * refactor assign_to dialog for ease of use * CamelCase for classes * Update doclistview.js	8 years ago
Nabin Hait	4593e1e6f3	Merge pull request #2397 from RobertSchouten/cancelmessage improved error messages for canceled links	8 years ago
robert schouten	9c8edaed04	improved error messages for canceled links	8 years ago
Nabin Hait	72968424ef	Merge pull request #2396 from rohitwaghchaure/rename_optimization Optimize rename doc query	8 years ago
Rohit Waghchaure	516adec87d	rename optimization	8 years ago
Nabin Hait	2f8fc3e969	Merge branch 'hotfix'	8 years ago
Nabin Hait	47ecf4c513	Merge branch 'master' into develop	8 years ago
Nabin Hait	63f803e7b9	bumped to version 7.1.21	8 years ago
Nabin Hait	579713e901	Merge pull request #2387 from shreyasp/set-only-once-issue [Minor] convert date type to string when field is set as 'set_only_once' or constant	8 years ago
Nabin Hait	8ce6717201	Merge pull request #2391 from mmoksh/fix-db-deadlock Delete child table rows without causing database deadlock	8 years ago
Nabin Hait	f84d843424	Merge pull request #2393 from nabinhait/hotfix [URGENT] Prevent accessing sensitive files in client.get_js	8 years ago
exabakr	e9ca5ea9a6	[URGENT] Prevent accessing sensitive files in client.get_js Logged in user (any permissions) can access sensitive files by calling frappe.client.get_js Consider the following scenario: 1- Login to system 2- http://HOST/?items=["currentsite.txt"]&cmd=frappe.client.get_js (this will give you site directory name) 3- http://HOST/?items=["SITE_DIR_NAME%2Fsite_config.json"]&cmd=frappe.client.get_js (this will show you site config including database name and password and any other sensitive data The suggested fix prevent accessing any file outside the assets folder. (or atleast you should prevent access to .py files and private folder which includes backup and sensetive files and logs folders) There should be a hot fix asap	8 years ago
Revant Nandgaonkar	edca266862	Merge pull request #2392 from exabakr/patch-1 [URGENT] Prevent accessing sensitive files in client.get_js	8 years ago
exabakr	df6a1ce686	[URGENT] Prevent accessing sensitive files in client.get_js Logged in user (any permissions) can access sensitive files by calling frappe.client.get_js Consider the following scenario: 1- Login to system 2- http://HOST/?items=["currentsite.txt"]&cmd=frappe.client.get_js (this will give you site directory name) 3- http://HOST/?items=["SITE_DIR_NAME%2Fsite_config.json"]&cmd=frappe.client.get_js (this will show you site config including database name and password and any other sensitive data The suggested fix prevent accessing any file outside the assets folder. (or atleast you should prevent access to .py files and private folder which includes backup and sensetive files and logs folders) There should be a hot fix asap	8 years ago
Mohammed	61a3f3eda0	Delete rows that do not match the ones in the document without causing db deadlock	8 years ago

... 3 4 5 6 7 ...

11340 Commits (e795c083670671ae3e4e10f9de763dc88fc7110c) All Branches Search

11340 Commits (e795c083670671ae3e4e10f9de763dc88fc7110c)

All Branches