ofbiz-framework

Clone Tools
  • last updated 18 mins ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Improved: Converted massChangePaymentStatus service from mini-lang to groovy. (OFBIZ-11498) Thanks Devanshu Vyas for reporting and Rushikesh Mawal for initial patch.

Improved: Converted createPaymentContent, updatePaymentContent services from mini-lang to groovy. (#155)

(OFBIZ-11501)(OFBIZ-11502)

Thanks Devanshu Vyas for reporting and Sourabh Punyani for providing the patch.

Improved: Converted createPaymentContent, updatePaymentContent services from mini-lang to groovy. (#155)

(OFBIZ-11501)(OFBIZ-11502)

Thanks Devanshu Vyas for reporting and Sourabh Punyani for providing the patch.

Improved: Apply multi-block attr to each application (OFBIZ-11706)

1. Bug Fix

2. Disable multi-block until function is stabilized.

Improved: Apply multi-block attr to each application (OFBIZ-11706)

1. Bug Fix

2. Disable multi-block until function is stabilized.

Improved: Refactor simple methods names as per naming convention best practices. (#137)

(OFBIZ-11700)

Improved: Refactor simple methods names as per naming convention best practices. (#137)

(OFBIZ-11700)

Improved: Converted getPaymentRunningTotal service from mini-lang to groovy DSL (OFBIZ-11488) Thanks Nitish Mishra for the patch and Devanshu Vyas for reporting and review.

Improved: Converted getPaymentRunningTotal service from mini-lang to groovy DSL (OFBIZ-11488) Thanks Nitish Mishra for the patch and Devanshu Vyas for reporting and review.

Improved: just remove trailing space

    • -10
    • +10
    /framework/widget/dtd/widget-form.xsd
Improved: just remove trailing space

    • -10
    • +10
    /framework/widget/dtd/widget-form.xsd
Improved: Apply multi-block attr to each application (OFBIZ-11706)

1. Fix missing Boundary Comment at beginning

2. Apply multi-block attr

Improved: Apply multi-block attr to each application (OFBIZ-11706)

1. Fix missing Boundary Comment at beginning

2. Apply multi-block attr

Fixed: showjGrowl called twice (OFBIZ-11720)

showjGrowl function is called twice,

even when there is no message to show.

Fixed: showjGrowl called twice (OFBIZ-11720)

showjGrowl function is called twice,

even when there is no message to show.

Improved: Apply multi-block attr to each application (OFBIZ-11706)

Revert regression for showHelp.

Improved: Apply multi-block attr to each application (OFBIZ-11706)

Revert regression for showHelp.

Improved: Clean how HTTP vs HTTPS is handled

(OFBIZ-11717)

No functional changes, just better comments

Improved: Clean how HTTP vs HTTPS is handled

(OFBIZ-11717)

No functional changes, just better comments

Fixed: Entering manually date in date-time field become unworkable (OFBIZ-10432)

Thanks, Olivier for the report.

Fixed: Entering manually date in date-time field become unworkable (OFBIZ-10432)

Thanks, Olivier for the report.

Improved: quote menu

(OFBIZ-11715)

updated: QuoteTabBar - simplified labels

updated: moved 'Edit quote' menu item to QuoteSubTabBar

updated: reordering of menu-items of QuoteTabBar

updated: various UiLabels used by menu-items in QuoteTabBar

Improved: quote menu

(OFBIZ-11715)

updated: QuoteTabBar - simplified labels

updated: moved 'Edit quote' menu item to QuoteSubTabBar

updated: reordering of menu-items of QuoteTabBar

updated: various UiLabels used by menu-items in QuoteTabBar

Improved: Convert ShipmentReceiptServices.xml mini lang to groovy

(OFBIZ-11468)

Also converted getTotalIssuedQuantityForOrderItem in IssuanceServices, because it is used in ShipmentReceiptServices and needed more return values.

Improved: Convert ProductionRunServices.xml file from mini-lang to groovy DSL (OFBIZ-11395)

Thanks to Yashwant Dhakad for this patch

Fixed: Apache OFBiz unsafe deserialization of XMLRPC arguments (CVE-2020-9496)

(OFBIZ-11716)

Because the 2 xmlrpc related requets in webtools (xmlrpc and ping) are not using

authentication they are vulnerable to unsafe deserialization.

thanks: Alvaro Munoz <pwntester@github.com> from the GitHub Security Lab team

Fixed: Apache OFBiz unsafe deserialization of XMLRPC arguments (CVE-2020-9496)

(OFBIZ-11716)

Because the 2 xmlrpc related requets in webtools (xmlrpc and ping) are not using

authentication they are vulnerable to unsafe deserialization.

thanks: Alvaro Munoz <pwntester@github.com> from the GitHub Security Lab team

Fixed: Apache OFBiz unsafe deserialization of XMLRPC arguments (CVE-2020-9496)

(OFBIZ-11716)

Because the 2 xmlrpc related requets in webtools (xmlrpc and ping) are not using

authentication they are vulnerable to unsafe deserialization.

thanks: Alvaro Munoz <pwntester@github.com> from the GitHub Security Lab team

Improved: Expansion of form widget field disabled atrribute with xsd improvement (#141)

(OFBIZ-10432)

1. Added disabled attribute support in ModelFormField with xs:boolean type

2. Removed specific field level disabled attribute support for CheckField and TextField

3. Modified existing usage of disabled attribute as per new implementation.

Thanks: Rishi for the report and Taher, Gil and Jacques for the feedback

    • -1
    • +1
    /applications/accounting/widget/InvoiceForms.xml
Fixed: Issue with redirect queryParameters when the user is logged out (OFBIZ-11714)

In OFBIZ-10539, We missed removing the line which was adding parameters into the map as Ritesh suggested a good way to handle parameters. I've removed that redundant line of code and attaching a patch for the same.