mattermost

mirror of https://github.com/mattermost/mattermost.git synced 2026-04-13 13:08:56 -04:00

Author	SHA1	Message	Date
Jesse Hallam	c462720186	[MM-65822] Add directory conflict checks for plugin and import uploads (#34681 ) * [MM-66789] Add directory conflict checks for plugin and import uploads Prevent security issues where plugin uploads could write into the import directory (or subdirectories) and vice versa by adding validation checks at the REST API level when uploading plugins or creating import uploads. * improved handling of root directories --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-03-03 16:31:05 -04:00
Daniel Espino García	b5a816a657	Add audits for accessing posts without membership (#31266 ) Some checks are pending API / build (push) Waiting to run Details Server CI / Compute Go Version (push) Waiting to run Details Server CI / Check mocks (push) Blocked by required conditions Details Server CI / Check go mod tidy (push) Blocked by required conditions Details Server CI / check-style (push) Blocked by required conditions Details Server CI / Check serialization methods for hot structs (push) Blocked by required conditions Details Server CI / Vet API (push) Blocked by required conditions Details Server CI / Check migration files (push) Blocked by required conditions Details Server CI / Generate email templates (push) Blocked by required conditions Details Server CI / Check store layers (push) Blocked by required conditions Details Server CI / Check mmctl docs (push) Blocked by required conditions Details Server CI / Postgres with binary parameters (push) Blocked by required conditions Details Server CI / Postgres (push) Blocked by required conditions Details Server CI / Postgres (FIPS) (push) Blocked by required conditions Details Server CI / Generate Test Coverage (push) Blocked by required conditions Details Server CI / Run mmctl tests (push) Blocked by required conditions Details Server CI / Run mmctl tests (FIPS) (push) Blocked by required conditions Details Server CI / Build mattermost server app (push) Blocked by required conditions Details Web App CI / check-lint (push) Waiting to run Details Web App CI / check-i18n (push) Blocked by required conditions Details Web App CI / check-types (push) Blocked by required conditions Details Web App CI / test (platform) (push) Blocked by required conditions Details Web App CI / test (mattermost-redux) (push) Blocked by required conditions Details Web App CI / test (channels shard 1/4) (push) Blocked by required conditions Details Web App CI / test (channels shard 2/4) (push) Blocked by required conditions Details Web App CI / test (channels shard 3/4) (push) Blocked by required conditions Details Web App CI / test (channels shard 4/4) (push) Blocked by required conditions Details Web App CI / upload-coverage (push) Blocked by required conditions Details Web App CI / build (push) Blocked by required conditions Details * Add audits for accessing posts without membership * Fix tests * Use correct audit level * Address feedback * Add missing checks all over the app * Fix lint * Fix test * Fix tests * Fix enterprise test * Add missing test and docs * Fix merge * Fix lint * Add audit logs on the web socket hook for permalink posts * Fix lint * Fix merge conflicts * Handle all events with "non_channel_member_access" parameter * Fix lint and tests * Fix merge * Fix tests	2026-01-20 10:38:27 +01:00
Vishal	dbc04cfebe	use consts for audit events (#33433 )	2025-07-16 10:17:03 +05:30
Harrison Healey	ad38971dd6	MM-64658 Fix handling of upload sessions (#32141 ) * MM-64658 Fix handling of upload sessions * Fix style issue	2025-07-08 16:46:00 +00:00
David Krauser	aaa62a40ae	[MM-64686] Expose audit logging functionality via plugin API (#31204 ) This commit exposes audit logging functionality to plugins via the plugin API, allowing plugins to create and log audit records. Additionally, it addresses a gob encoding issue that could cause plugin crashes when audit data contains nil pointers or unregistered types.	2025-06-25 20:37:32 -04:00
enzowritescode	d44c3d5d45	Replace Hard-coded HTTP Verbs with Constants (#27219 ) * Replace hard-coded HTTP verbs with constants in `net/http`	2024-07-15 08:52:03 -06:00
Harshil Sharma	521844fed5	API handler opts modifier (#26148 ) * POC for API handler opts modifier * Made upload POSt api a file upload API * Specified file upload local API * Specified file upload local API * Specified file upload API * Simplified handler params * Added basic security checks * Fixed i18n * used type for API handler options * Removed limited reader from util deserializers (#26263)	2024-02-21 12:13:50 +00:00
Ben Schumacher	486e836b83	Fix racy test issues (#24971 )	2023-11-06 12:26:17 +01:00
Ben Schumacher	0d5a8b8841	Add whitespace linter (#24855 )	2023-10-11 10:13:36 +02:00
Agniva De Sarker	efaa6264cc	MM-53032: Fix module path after repo rename (#23689 ) It was a good decision in hindsight to keep the public module as 0.x because this would have been a breaking change again. https://mattermost.atlassian.net/browse/MM-53032 ```release-note Changed the Go module path from github.com/mattermost/mattermost-server/server/v8 to github.com/mattermost/mattermost/server/v8. For the public facing module, it's path is also changed from github.com/mattermost/mattermost-server/server/public to github.com/mattermost/mattermost/server/public ```	2023-06-11 10:54:35 +05:30
Jesse Hallam	bb02b35048	Expose public/ API as submodule (#23345 ) * model -> public/model * plugin -> public/plugin * public/model/utils -> public/utils * platform/shared/mlog -> public/shared/mlog * platform/shared/i18n -> public/shared/i18n * platform/shared/markdown -> public/shared/markdown * platform/services/timezones -> public/shared/timezones * channels/einterfaces -> einterfaces * expose public/ submodule * go mod tidy * .github: cache-dependency-path, setup-go-work * modules-tidy for public/ too * remove old gomodtidy	2023-05-10 13:07:02 -03:00
Agniva De Sarker	b200a07881	v8.0 module release (#22975 ) https://mattermost.atlassian.net/browse/MM-52079 ```release-note We upgrade the module version to 8.0. The new module path is github.com/mattermost-server/server/v8. ``` Co-authored-by: Doug Lauder <wiggin77@warpmail.net>	2023-04-18 11:05:28 +05:30
Doug Lauder	c943ed6859	Mono repo -> Master (#22553 ) Combines the following repositories into one: https://github.com/mattermost/mattermost-server https://github.com/mattermost/mattermost-webapp https://github.com/mattermost/focalboard https://github.com/mattermost/mattermost-plugin-playbooks	2023-03-22 17:22:27 -04:00

13 commits