Merge branch 'release/1.7.43'

prepare for release
change version number
2025-12-05 15:29:57 +01:00 · 2023-10-02 10:41:36 -06:00 · 2023-10-02 10:41:26 -06:00 · 2023-10-02 10:36:33 -06:00 · 2023-10-02 10:30:31 -06:00 · 2023-10-02 10:04:29 -06:00
480 changed files with 1452 additions and 967 deletions
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -4,8 +4,13 @@ on:
  release:
    types: [published]

+permissions: {}
+
 jobs:
  build:
+    permissions:
+      contents: write # for release creation (svenstaro/upload-release-action)
+
    if: "!github.event.release.prerelease"
    runs-on: ubuntu-latest

@@ -52,6 +57,9 @@ jobs:
          file_glob: true

  slack:
+    permissions:
+      actions: read # to list jobs for workflow run (technote-space/workflow-conclusion-action)
+
    name: Slack
    needs: build
    runs-on: ubuntu-latest
--- a/.github/workflows/tests.yaml
+++ b/.github/workflows/tests.yaml
@@ -6,6 +6,9 @@ on:
  pull_request:
    branches: [ develop ]

+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:

  unit-tests:
@@ -14,7 +17,7 @@ jobs:

    strategy:
      matrix:
-        php: [ 8.1, 8.0, 7.4, 7.3]
+        php: [8.2, 8.1, 8.0, 7.4, 7.3]
        os: [ubuntu-latest]

    steps:
--- a/.github/workflows/trigger-skeletons.yml
+++ b/.github/workflows/trigger-skeletons.yml
@@ -12,6 +12,9 @@ on:
        required: true
        default: true

+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
  build:
    runs-on: ubuntu-latest
--- a/.gitignore
+++ b/.gitignore
@@ -25,8 +25,11 @@ user/plugins/*
 !user/plugins/.*
 user/themes/*
 !user/themes/.*
-user/localhost/config/security.yaml
-user/config/security.yaml
+user/**/config/security.yaml
+
+# Environments
+.env
+.gravenv

 # OS Generated
 .DS_Store*
@@ -45,4 +48,3 @@ tests/cache/*
 tests/error.log
 system/templates/testing/*
 /user/config/versions.yaml
-/user/cli/config/security.yaml
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,145 @@
+# v1.7.43
+## 10/02/2023
+
+1. [](#new)
+   * Add the ability to programtically set a page's `modified` timestamp via a `modified:` frontmatter entry
+2. [](#improved)
+   * Update vendor libraries
+   * Include `phar` in the list of `security.uploads_dangerous_extensions`
+   * When enabled `system.languages.debug` now dumps **Key -> Value** to debugger [#3752](https://github.com/getgrav/grav/issues/3752)
+   * Updated built-in composer to latest `2.6.4` [#3748](https://github.com/getgrav/grav/issues/3748)
+   * Added support for `@import` to ensure paths are rewritten correctly in CSS pipeline [#3750](https://github.com/getgrav/grav/pull/3750)
+
+# v1.7.42.3
+## 07/18/2023
+
+2. [](#improved)
+   * Fixed a typo in `Utils::isDangerousFunction`
+
+# v1.7.42.2
+## 07/18/2023
+
+2. [](#improved)
+   * In `Utils::isDangerousFunction`, handle double `\\` in `|map` twig filter to mitigate SSTI attack
+   * Better handle empty email in `Validatoin::typeEmail()`
+
+# v1.7.42.1
+## 06/15/2023
+
+2. [](#improved)
+   * Quick fix for `isDangerousFunction` when `$name` was a closure [#3727](https://github.com/getgrav/grav/issues/3727)
+
+# v1.7.42
+## 06/14/2023
+
+1. [](#new)
+   * Added a new `system.languages.debug` option that adds a `<span class="translate-debug"></span>` around strings translated with `|t`. This can be styled by the theme as needed.
+1. [](#improved)
+   * More robust SSTI handling in `filter`, `map`, and `reduce` Twig filters and functions
+   * Various SSTI improvements `Utils::isDangerousFunction()`
+1. [](#bugfix)
+   * Fixed Twig `|map()` allowing code execution
+   * Fixed Twig `|reduce()` allowing code execution
+
+# v1.7.41.2
+## 06/01/2023
+
+1. [](#improved)
+   * Added the ability to set a configurable 'key' for the Twig Cache Tag: `{% cache 'my-key' 600 %}`
+1. [](#bugfix)
+   * Fixed an issue with special characters in slug's would cause redirect loops
+
+# v1.7.41.1
+## 05/10/2023
+
+1. [](#bugfix)
+   * Fixed certain UTF-8 characters breaking `Truncator` class [#3716](https://github.com/getgrav/grav/issues/3716)
+
+# v1.7.41
+## 05/09/2023
+
+1. [](#improved)
+   * Removed `FILTER_SANITIZE_STRING` input filter in favor of `htmlspecialchars(strip_tags())` for PHP 8.2+
+   * Added `GRAV_SANITIZE_STRING` constant to replace `FILTER_SANITIZE_STRING` for PHP 8.2+
+   * Support non-deprecated style dynamic properties in `Parsedown` class via `ParseDownGravTrait` for PHP 8.2+
+   * Modified `Truncator` to not use deprecated `mb_convert_encoding()` for PHP 8.2+
+   * Fixed passing null into `mb_strpos()` deprecated for PHP 8.2+
+   * Updated internal `TwigDeferredExtension` to be PHP 8.2+ compatible
+   * Upgraded `getgrav/image` fork to take advantage of various PHP 8.2+ fixes
+   * Use `UserGroupObject::groupNames` method in blueprints for PHP 8.2+
+   * Comment out `files-upload` deprecated message as this is not going to be removed
+   * Added various public `Twig` class variables used by admin to address deprecated messages for PHP 8.2+
+   * Added `parse_url` to list of PHP functions supported in Twig Extension
+   * Added support for dynamic functions in `Parsedown` to stop deprecation messages in PHP 8.2+
+ 
+# v1.7.40
+## 03/22/2023
+
+1. [](#new)
+    * Added a new `timestamp: true|false` option for individual assets
+1. [](#improved)
+    * Removed outdated `xcache` setting [#3615](https://github.com/getgrav/grav/pull/3615)
+    * Updated `robots.txt` [#3625](https://github.com/getgrav/grav/pull/3625)
+1. [](#bugfix)
+    * Fixed `force_ssl` redirect in case of undefined hostname [#3702](https://github.com/getgrav/grav/pull/3702)
+    * Fixed an issue with duplicate identical page paths
+    * Fixed `BlueprintSchema:flattenData` to properly handle ignored fields
+    * Fixed LogViewer regex greediness [#3684](https://github.com/getgrav/grav/pull/3684)
+    * Fixed `whoami` command [#3695](https://github.com/getgrav/grav/pull/3695)
+
+# v1.7.39.4
+## 02/22/2023
+
+1. [](#bugfix)
+    * Reverted a reorganization of `account.yaml` that caused username to be disabled [admin#2344](https://github.com/getgrav/grav-plugin-admin/issues/2344)
+
+# v1.7.39.3
+## 02/21/2023
+
+1. [](#bugfix)
+    * Fix for overzealous modular page template rendering fix in 1.7.39 causing Feed plugin to break [#3689](https://github.com/getgrav/grav/issues/3689)
+
+# v1.7.39.2
+## 02/20/2023
+
+1. [](#bugfix)
+    * Fix for invalid session breaking Flex Accounts (when switching from Regular to Flex)
+
+# v1.7.39.1
+## 02/20/2023
+
+1. [](#bugfix)
+    * Fix for broken image CSS with the latest version of DebugBar
+
+# v1.7.39
+## 02/19/2023
+
+1. [](#improved)
+    * Vendor library updates to latest versions
+1. [](#bugfix)
+    * Various PHP 8.2 fixes
+    * Fixed an issue with modular pages rendering thew wrong template when dynamically changing the page
+    * Fixed an issue with `email` validation that was failing on UTF-8 characters. Following best practices and now only check for `@` and length.
+    * Fixed PHPUnit tests to remove deprecation warnings
+
+# v1.7.38
+## 01/02/2023
+
+1. [](#new)
+    * New `onBeforeSessionStart()` event to be used to store data lost during session regeneration (e.g. login)
+1. [](#improved)
+   * Vendor library updates to latest versions
+   * Updated `bin/composer.phar` to latest `2.4.4` version [#3627](https://github.com/getgrav/grav/issues/3627)
+1. [](#bugfix)
+   * Don't fail hard if pages recurse with same path
+   * Github workflows security hardening [#3624](https://github.com/getgrav/grav/pull/3624)
+
+# v1.7.37.1
+## 10/05/2022
+
+1. [](#bugfix)
+    * Fixed a bad return type [#3630](https://github.com/getgrav/grav/issues/3630)
+
 # v1.7.37
 ## 10/05/2022

--- a/SECURITY.md
+++ b/SECURITY.md
@@ -18,4 +18,12 @@ If you cannot update to the latest stable version available because, for example

 ## Reporting a Vulnerability

-Please contact security@getgrav.org with a detailed explaination of the security issue found and we will work with you to get it resolved as fast as possible.
+Please contact security@getgrav.org with a detailed explanation of the security issue found.  If it appears to be a legitimate issues, please submit an **advisory via GitHub Security**: https://github.com/getgrav/grav/security/advisories
+
+>> NOTE: Please do not use 3rd party security issue reporting services, we like to keep everything in the GitHub ecosystem for easier manageability.
+
+## Bug Bounties
+
+We do greatly appreciate your efforts to improve Grav, but unfortunately because we are a small open source project, we **do not have the resources to offer bounties** for security issues found.  
+
+
--- a/assets/.gitkeep
+++ b/assets/.gitkeep
@@ -1 +1 @@
-/* @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved. */
+/* @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved. */
--- a/backup/.gitkeep
+++ b/backup/.gitkeep
@@ -1 +1 @@
-/* @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved. */
+/* @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved. */
--- a/bin/composer.phar
+++ b/bin/composer.phar
--- a/bin/gpm
+++ b/bin/gpm
@@ -2,7 +2,7 @@
 <?php

 /**
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/bin/grav
+++ b/bin/grav
@@ -2,7 +2,7 @@
 <?php

 /**
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/bin/plugin
+++ b/bin/plugin
@@ -2,7 +2,7 @@
 <?php

 /**
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/cache/.gitkeep
+++ b/cache/.gitkeep
@@ -1 +1 @@
-/* @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved. */
+/* @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved. */
--- a/composer.lock
+++ b/composer.lock
--- a/images/.gitkeep
+++ b/images/.gitkeep
@@ -1 +1 @@
-/* @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved. */
+/* @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved. */
--- a/index.php
+++ b/index.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav.Core
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/logs/.gitkeep
+++ b/logs/.gitkeep
@@ -1 +1 @@
-/* @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved. */
+/* @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved. */
--- a/robots.txt
+++ b/robots.txt
@@ -1,16 +1,21 @@
 User-agent: *
+Disallow: /.github/
+Disallow: /.phan/
+Disallow: /assets/
 Disallow: /backup/
 Disallow: /bin/
 Disallow: /cache/
-Disallow: /grav/
 Disallow: /logs/
 Disallow: /system/
-Disallow: /vendor/
+Disallow: /tests/
+Disallow: /tmp/
 Disallow: /user/
+Disallow: /vendor/
+Disallow: /webserver-configs/
 Allow: /user/pages/
 Allow: /user/themes/
 Allow: /user/images/
 Allow: /
 Allow: *.css$
 Allow: *.js$
-Allow: /system/*.js$
+Allow: /system/*.js$
--- a/system/assets/debugger/phpdebugbar.css
+++ b/system/assets/debugger/phpdebugbar.css
@@ -14,11 +14,8 @@ div.phpdebugbar {
    padding: 5px 8px;
 }

-.phpdebugbar div.phpdebugbar-header, .phpdebugbar a.phpdebugbar-restore-btn {
-    background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAMAAACdt4HsAAAA/1BMVEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHh4AAAD///8EBAT7+/sLCwv29vYVFRUvLy/t7e3m5ubCwsKxsbE/Pz+mpqZMTEwcHBzy8vLp6emfn5+AgIA2Njbi4uLf39+rq6tzc3NWVlYhISHa2trW1tbS0tLMzMy7u7uZmZmUlJSMjIxvb29kZGRHR0c7Ozt5eXkqKiq1tbWQkJBqampbW1tSUlLHx8eHh4ckJCRDQ0M3wD42AAAAI3RSTlMA/PibTbQ0x76TVAlw4LhZLOuEYCAN9Hjx0a2ppGZEGYw97djhXHwAAATZSURBVFjDlVcHW+MwDO1eFCjj2McNOzvdpXTTXVbL/P+/5SQ7QSSX5Di1X1onfi/Sk+Q4sTDbKqWK+YuznZ2zi3wxVdqK/Zf92M1nT9gnO8rmd398GX6Z3xaoOFoiAQcx3E5efgmeSuN8F6Xg1x3G06l/wjNpMR1B0uif4EhnIuFb+0diIoFXk3IVfokisR+h52GO4JKgyjmfaMhAFNlSaPR7DpwI+lzn/E4QKIqmKIJirxCMP4izBPPZPXhgXwMBYgULw0nfg/BF5scDbslb7QeJ08yqqTEmGYoB95d4H8ETL8+n9wBqrLu6ao3bBsMwAnxISf/9BHcqxNB8Y7cWl3Zz7TAUfPrvAT6AoNEFFXvsjutL01yOuMrtBxnFXsmT/1wQHmdWAFNnI3uI48Yj0FUcHbKf62GfUfr8eeQt7Uk3mQZpZNoVRPEui5vtEz5zFEpgWnyqVBZMc6oaGNriH2hGVZ0OxEvInPeMaZWJBA7vmPbCr5jjws5HBnAUxvDMH40aCIf4G5BjRQSs8E8HFFYf8bGxgDvD55bzGhwWkoBcuIyHR/AMdaCagxXDhtL6tSqoWpd4BMnlIR+Or+rYTK/a3EAGcc6e4AWHISnWv20iCCojsHoVlQdjrMexFF2C7UMg2A2WEGWbQhXN6l3eXC6XGp4b9qxbuEB2EBGBwtocrK90cVG5mbRXm6vmx/0phq1sIAGKDgLOBiN1MrO5a9aDl+D0W6x0Ar9BCTRuIIANa90Y7LrLVRXzwVtDInCqMRWcf2bUOEAsa4wJqFowQALL9EiAtVRk8QC4OW+1pOM9jIaVASwYagyNXDj+W0NcfuZNzjtXOiL0Zzg30Llj+ptfxQs4+vBPNiL5PawFCBkgXpUaVtqGl+A8dgZHL34BcBUQrwPptToW+o37Ku+UH9eYByJIx3YkAeFnMFuGO7S5gEp7YhXxa5OOAM39RXDPXb0qmpROsswZe+twXdU55oUIZAiEv3bD1UFwIYKkmGqytPCDCwKFQCKK0yL7qtSAPX54UAbtsLuBHkb9zyLmPQSNjsSgmQwKUOIfEY8F8t4B34DvndJY9BA8tNBJq1Nev9axmaStFcQLhgYoCTo0salkIaW8OUDdWjMTR2sHPhrAFZqx6cqcKE4pl2BJJ4K6hfwvqNgAnXfKX/HU6X3Zrhnu0k7tLNZtTBRv1hkwTDBY1NzFU6doDYjJbWdQkQhWwuU7/LvhTh3SDoco4ECL4i5dwURbc8NdDZz2IwKicE8d0KIqWetLE3+lL4hvUuGSeRfVWNLfj/gpOw4smBJBkKQHCzlHGwvAj4woB1gq5NGGLSXtORBPnUQPV5/MPVkDMxbpwG7w4x0xL6Ltxka0A/4NBvV09UVk4DoSn/jl2+JQS9q9KYawisAD4CfhsZ4TH3htylsdEHARIQBusqCKyUpymycgbbkkXEXjT3z7/oKQFTFVuZD2FMJHZIDsO5x2d4aAr2jR+GLwZhtAb028/0yJ9J8dE87jQyKObcjtTXT8dH+fDuKF4/eiPwzH44wTf/yUi6wrpRIOZ9lM1EtXAifFI+CJn9+iX/t2xMQwOMth/UZbASi8btAwR9FHWSpJr75g9Oqbin3VDg+SpwlP6k6TB4ex/7JvmcJx8jydy6XPk8eFTKhyfwCgX71MSvaBHgAAAABJRU5ErkJggg==);
-}
-
 .phpdebugbar a.phpdebugbar-restore-btn {
+    background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAMAAACdt4HsAAAA/1BMVEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHh4AAAD///8EBAT7+/sLCwv29vYVFRUvLy/t7e3m5ubCwsKxsbE/Pz+mpqZMTEwcHBzy8vLp6emfn5+AgIA2Njbi4uLf39+rq6tzc3NWVlYhISHa2trW1tbS0tLMzMy7u7uZmZmUlJSMjIxvb29kZGRHR0c7Ozt5eXkqKiq1tbWQkJBqampbW1tSUlLHx8eHh4ckJCRDQ0M3wD42AAAAI3RSTlMA/PibTbQ0x76TVAlw4LhZLOuEYCAN9Hjx0a2ppGZEGYw97djhXHwAAATZSURBVFjDlVcHW+MwDO1eFCjj2McNOzvdpXTTXVbL/P+/5SQ7QSSX5Di1X1onfi/Sk+Q4sTDbKqWK+YuznZ2zi3wxVdqK/Zf92M1nT9gnO8rmd398GX6Z3xaoOFoiAQcx3E5efgmeSuN8F6Xg1x3G06l/wjNpMR1B0uif4EhnIuFb+0diIoFXk3IVfokisR+h52GO4JKgyjmfaMhAFNlSaPR7DpwI+lzn/E4QKIqmKIJirxCMP4izBPPZPXhgXwMBYgULw0nfg/BF5scDbslb7QeJ08yqqTEmGYoB95d4H8ETL8+n9wBqrLu6ao3bBsMwAnxISf/9BHcqxNB8Y7cWl3Zz7TAUfPrvAT6AoNEFFXvsjutL01yOuMrtBxnFXsmT/1wQHmdWAFNnI3uI48Yj0FUcHbKf62GfUfr8eeQt7Uk3mQZpZNoVRPEui5vtEz5zFEpgWnyqVBZMc6oaGNriH2hGVZ0OxEvInPeMaZWJBA7vmPbCr5jjws5HBnAUxvDMH40aCIf4G5BjRQSs8E8HFFYf8bGxgDvD55bzGhwWkoBcuIyHR/AMdaCagxXDhtL6tSqoWpd4BMnlIR+Or+rYTK/a3EAGcc6e4AWHISnWv20iCCojsHoVlQdjrMexFF2C7UMg2A2WEGWbQhXN6l3eXC6XGp4b9qxbuEB2EBGBwtocrK90cVG5mbRXm6vmx/0phq1sIAGKDgLOBiN1MrO5a9aDl+D0W6x0Ar9BCTRuIIANa90Y7LrLVRXzwVtDInCqMRWcf2bUOEAsa4wJqFowQALL9EiAtVRk8QC4OW+1pOM9jIaVASwYagyNXDj+W0NcfuZNzjtXOiL0Zzg30Llj+ptfxQs4+vBPNiL5PawFCBkgXpUaVtqGl+A8dgZHL34BcBUQrwPptToW+o37Ku+UH9eYByJIx3YkAeFnMFuGO7S5gEp7YhXxa5OOAM39RXDPXb0qmpROsswZe+twXdU55oUIZAiEv3bD1UFwIYKkmGqytPCDCwKFQCKK0yL7qtSAPX54UAbtsLuBHkb9zyLmPQSNjsSgmQwKUOIfEY8F8t4B34DvndJY9BA8tNBJq1Nev9axmaStFcQLhgYoCTo0salkIaW8OUDdWjMTR2sHPhrAFZqx6cqcKE4pl2BJJ4K6hfwvqNgAnXfKX/HU6X3Zrhnu0k7tLNZtTBRv1hkwTDBY1NzFU6doDYjJbWdQkQhWwuU7/LvhTh3SDoco4ECL4i5dwURbc8NdDZz2IwKicE8d0KIqWetLE3+lL4hvUuGSeRfVWNLfj/gpOw4smBJBkKQHCzlHGwvAj4woB1gq5NGGLSXtORBPnUQPV5/MPVkDMxbpwG7w4x0xL6Ltxka0A/4NBvV09UVk4DoSn/jl2+JQS9q9KYawisAD4CfhsZ4TH3htylsdEHARIQBusqCKyUpymycgbbkkXEXjT3z7/oKQFTFVuZD2FMJHZIDsO5x2d4aAr2jR+GLwZhtAb028/0yJ9J8dE87jQyKObcjtTXT8dH+fDuKF4/eiPwzH44wTf/yUi6wrpRIOZ9lM1EtXAifFI+CJn9+iX/t2xMQwOMth/UZbASi8btAwR9FHWSpJr75g9Oqbin3VDg+SpwlP6k6TB4ex/7JvmcJx8jydy6XPk8eFTKhyfwCgX71MSvaBHgAAAABJRU5ErkJggg==);
    width: 13px;
 }

--- a/system/blueprints/config/system.yaml
+++ b/system/blueprints/config/system.yaml
@@ -448,6 +448,17 @@ form:
              validate:
                type: bool

+            languages.debug:
+              type: toggle
+              label: PLUGIN_ADMIN.LANGUAGE_DEBUG
+              help: PLUGIN_ADMIN.LANGUAGE_DEBUG_HELP
+              highlight: 0
+              options:
+                1: PLUGIN_ADMIN.YES
+                0: PLUGIN_ADMIN.NO
+              validate:
+                type: bool
+
        http_headers:
          type: tab
          title: PLUGIN_ADMIN.HTTP_HEADERS
@@ -608,7 +619,6 @@ form:
                file: File
                apc: APC
                apcu: APCu
-                xcache: Xcache
                memcache: Memcache
                memcached: Memcached
                wincache: WinCache
--- a/system/blueprints/user/account.yaml
+++ b/system/blueprints/user/account.yaml
@@ -140,7 +140,7 @@ form:
                    multiple: true
                    size: large
                    label: PLUGIN_ADMIN.GROUPS
-                    data-options@: '\Grav\Common\User\Group::groupNames'
+                    data-options@: 'Grav\Common\Flex\Types\UserGroups\UserGroupObject::groupNames'
                    classes: fancy
                    help: PLUGIN_ADMIN.GROUPS_HELP
                    validate:
--- a/system/config/security.yaml
+++ b/system/config/security.yaml
@@ -32,6 +32,7 @@ xss_dangerous_tags:
    - base
 uploads_dangerous_extensions:
    - php
+    - phar
    - html
    - htm
    - js
--- a/system/config/system.yaml
+++ b/system/config/system.yaml
@@ -28,6 +28,7 @@ languages:
  override_locale: false                         # Override the default or system locale with language specific one
  content_fallback: {}                           # Custom language fallbacks. eg: {fr: ['fr', 'en']}
  pages_fallback_only: false                     # DEPRECATED: Use `content_fallback` instead
+  debug: false                                   # Debug language detection

 home:
  alias: '/home'                                 # Default path for home, ie /
--- a/system/defines.php
+++ b/system/defines.php
@@ -3,13 +3,13 @@
 /**
 * @package    Grav\Core
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

 // Some standard defines
 define('GRAV', true);
-define('GRAV_VERSION', '1.7.37');
+define('GRAV_VERSION', '1.7.43');
 define('GRAV_SCHEMA', '1.7.0_2020-11-20_1');
 define('GRAV_TESTING', false);

@@ -99,3 +99,6 @@ define('RAW_CONTENT', 1);
 define('TWIG_CONTENT', 2);
 define('TWIG_CONTENT_LIST', 3);
 define('TWIG_TEMPLATES', 4);
+
+// Filters
+define('GRAV_SANITIZE_STRING', 5001);
--- a/system/install.php
+++ b/system/install.php
@@ -2,7 +2,7 @@
 /**
 * @package    Grav\Core
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/router.php
+++ b/system/router.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Core
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Assets.php
+++ b/system/src/Grav/Common/Assets.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

@@ -268,7 +268,13 @@ class Assets extends PropertyObject
        }

        // Add timestamp
-        $options['timestamp'] = $this->timestamp;
+        $timestamp_override = $options['timestamp'] ?? true;
+
+        if (filter_var($timestamp_override, FILTER_VALIDATE_BOOLEAN)) {
+            $options['timestamp'] = $this->timestamp;
+        } else {
+            $options['timestamp'] = null;
+        }

        // Set order
        $group = $options['group'] ?? 'head';
--- a/system/src/Grav/Common/Assets/BaseAsset.php
+++ b/system/src/Grav/Common/Assets/BaseAsset.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Assets/BlockAssets.php
+++ b/system/src/Grav/Common/Assets/BlockAssets.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Assets/Css.php
+++ b/system/src/Grav/Common/Assets/Css.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Assets/InlineCss.php
+++ b/system/src/Grav/Common/Assets/InlineCss.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Assets/InlineJs.php
+++ b/system/src/Grav/Common/Assets/InlineJs.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Assets/InlineJsModule.php
+++ b/system/src/Grav/Common/Assets/InlineJsModule.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Assets/Js.php
+++ b/system/src/Grav/Common/Assets/Js.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Assets/JsModule.php
+++ b/system/src/Grav/Common/Assets/JsModule.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Assets/Link.php
+++ b/system/src/Grav/Common/Assets/Link.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Assets/Pipeline.php
+++ b/system/src/Grav/Common/Assets/Pipeline.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

@@ -34,7 +34,7 @@ class Pipeline extends PropertyObject
    protected const JS_MODULE_ASSET = 3;

    /** @const Regex to match CSS urls */
-    protected const CSS_URL_REGEX = '{url\(([\'\"]?)(.*?)\1\)}';
+    protected const CSS_URL_REGEX = '{url\(([\'\"]?)(.*?)\1\)|(@import)\s+([\'\"])(.*?)\4}';

    /** @const Regex to match JS imports */
    protected const JS_IMPORT_REGEX = '{import.+from\s?[\'|\"](.+?)[\'|\"]}';
@@ -257,9 +257,14 @@ class Pipeline extends PropertyObject
        // Find any css url() elements, grab the URLs and calculate an absolute path
        // Then replace the old url with the new one
        $file = (string)preg_replace_callback(self::CSS_URL_REGEX, function ($matches) use ($dir, $local) {
+            $isImport = count($matches) > 3 && $matches[3] === '@import';

-            $old_url = $matches[2];
-
+            if ($isImport) {
+                $old_url = $matches[5];
+            } else {
+                $old_url = $matches[2];
+            }
+ 
            // Ensure link is not rooted to web server, a data URL, or to a remote host
            if (preg_match(self::FIRST_FORWARDSLASH_REGEX, $old_url) || Utils::startsWith($old_url, 'data:') || $this->isRemoteLink($old_url)) {
                return $matches[0];
@@ -273,7 +278,11 @@ class Pipeline extends PropertyObject

            $new_url = ($local ? $this->base_url : '') . $old_url;

-            return str_replace($matches[2], $new_url, $matches[0]);
+            if ($isImport) {
+                return str_replace($matches[5], $new_url, $matches[0]);
+            } else {
+                return str_replace($matches[2], $new_url, $matches[0]);
+            }
        }, $file);

        return $file;
--- a/system/src/Grav/Common/Assets/Traits/AssetUtilsTrait.php
+++ b/system/src/Grav/Common/Assets/Traits/AssetUtilsTrait.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets\Traits
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

@@ -192,6 +192,7 @@ trait AssetUtilsTrait
        $querystring = '';

        $asset = $asset ?? $this->asset;
+        $attributes = $this->attributes;

        if (!empty($this->query)) {
            if (Utils::contains($asset, '?')) {
--- a/system/src/Grav/Common/Assets/Traits/LegacyAssetsTrait.php
+++ b/system/src/Grav/Common/Assets/Traits/LegacyAssetsTrait.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets\Traits
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Assets/Traits/TestingAssetsTrait.php
+++ b/system/src/Grav/Common/Assets/Traits/TestingAssetsTrait.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Assets\Traits
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Backup/Backups.php
+++ b/system/src/Grav/Common/Backup/Backups.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Backup
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Browser.php
+++ b/system/src/Grav/Common/Browser.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Cache.php
+++ b/system/src/Grav/Common/Cache.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Composer.php
+++ b/system/src/Grav/Common/Composer.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Config/CompiledBase.php
+++ b/system/src/Grav/Common/Config/CompiledBase.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Config
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Config/CompiledBlueprints.php
+++ b/system/src/Grav/Common/Config/CompiledBlueprints.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Config
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Config/CompiledConfig.php
+++ b/system/src/Grav/Common/Config/CompiledConfig.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Config
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Config/CompiledLanguages.php
+++ b/system/src/Grav/Common/Config/CompiledLanguages.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Config
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Config/Config.php
+++ b/system/src/Grav/Common/Config/Config.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Config
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Config/ConfigFileFinder.php
+++ b/system/src/Grav/Common/Config/ConfigFileFinder.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Config
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Config/Languages.php
+++ b/system/src/Grav/Common/Config/Languages.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Config
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Config/Setup.php
+++ b/system/src/Grav/Common/Config/Setup.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Config
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Data/Blueprint.php
+++ b/system/src/Grav/Common/Data/Blueprint.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Data
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Data/BlueprintSchema.php
+++ b/system/src/Grav/Common/Data/BlueprintSchema.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Data
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

@@ -129,7 +129,8 @@ class BlueprintSchema extends BlueprintSchemaBase implements ExportInterface
            $items = $name !== '' ? $this->getProperty($name)['fields'] ?? [] : $this->items;
            foreach ($items as $key => $rules) {
                $type = $rules['type'] ?? '';
-                if (!str_starts_with($type, '_') && !str_contains($key, '*')) {
+                $ignore = (bool) array_filter((array)($rules['validate']['ignore'] ?? [])) ?? false;
+                if (!str_starts_with($type, '_') && !str_contains($key, '*') && $ignore !== true) {
                    $list[$prefix . $key] = null;
                }
            }
--- a/system/src/Grav/Common/Data/Blueprints.php
+++ b/system/src/Grav/Common/Data/Blueprints.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Data
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Data/Data.php
+++ b/system/src/Grav/Common/Data/Data.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Data
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Data/DataInterface.php
+++ b/system/src/Grav/Common/Data/DataInterface.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Data
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Data/Validation.php
+++ b/system/src/Grav/Common/Data/Validation.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Data
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

@@ -631,6 +631,10 @@ class Validation
     */
    public static function typeEmail($value, array $params, array $field)
    {
+        if (empty($value)) {
+            return false;
+        }
+
        if (!isset($params['max'])) {
            $params['max'] = 320;
        }
@@ -638,7 +642,7 @@ class Validation
        $values = !is_array($value) ? explode(',', preg_replace('/\s+/', '', $value)) : $value;

        foreach ($values as $val) {
-            if (!(self::typeText($val, $params, $field) && filter_var($val, FILTER_VALIDATE_EMAIL))) {
+            if (!(self::typeText($val, $params, $field) && strpos($val, '@', 1))) {
                return false;
            }
        }
--- a/system/src/Grav/Common/Data/ValidationException.php
+++ b/system/src/Grav/Common/Data/ValidationException.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Data
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Debugger.php
+++ b/system/src/Grav/Common/Debugger.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Errors/BareHandler.php
+++ b/system/src/Grav/Common/Errors/BareHandler.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Errors
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Errors/Errors.php
+++ b/system/src/Grav/Common/Errors/Errors.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Errors
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Errors/SimplePageHandler.php
+++ b/system/src/Grav/Common/Errors/SimplePageHandler.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Errors
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

@@ -57,7 +57,7 @@ class SimplePageHandler extends Handler
        $vars = array(
            'stylesheet' => file_get_contents($cssFile),
            'code'        => $code,
-            'message'     => filter_var(rawurldecode($message), FILTER_SANITIZE_STRING),
+            'message'     => htmlspecialchars(strip_tags(rawurldecode($message)), ENT_QUOTES, 'UTF-8'),
        );

        $helper->setVariables($vars);
--- a/system/src/Grav/Common/Errors/SystemFacade.php
+++ b/system/src/Grav/Common/Errors/SystemFacade.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Errors
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/File/CompiledFile.php
+++ b/system/src/Grav/Common/File/CompiledFile.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\File
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/File/CompiledJsonFile.php
+++ b/system/src/Grav/Common/File/CompiledJsonFile.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\File
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/File/CompiledMarkdownFile.php
+++ b/system/src/Grav/Common/File/CompiledMarkdownFile.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\File
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/File/CompiledYamlFile.php
+++ b/system/src/Grav/Common/File/CompiledYamlFile.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\File
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Filesystem/Archiver.php
+++ b/system/src/Grav/Common/Filesystem/Archiver.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Filesystem
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Filesystem/Folder.php
+++ b/system/src/Grav/Common/Filesystem/Folder.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Filesystem
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Filesystem/RecursiveDirectoryFilterIterator.php
+++ b/system/src/Grav/Common/Filesystem/RecursiveDirectoryFilterIterator.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Filesystem
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Filesystem/RecursiveFolderFilterIterator.php
+++ b/system/src/Grav/Common/Filesystem/RecursiveFolderFilterIterator.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Filesystem
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Filesystem/ZipArchiver.php
+++ b/system/src/Grav/Common/Filesystem/ZipArchiver.php
@@ -3,7 +3,7 @@
 /**
 * @package    Grav\Common\Filesystem
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/FlexCollection.php
+++ b/system/src/Grav/Common/Flex/FlexCollection.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/FlexIndex.php
+++ b/system/src/Grav/Common/Flex/FlexIndex.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/FlexObject.php
+++ b/system/src/Grav/Common/Flex/FlexObject.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Traits/FlexCollectionTrait.php
+++ b/system/src/Grav/Common/Flex/Traits/FlexCollectionTrait.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Traits/FlexCommonTrait.php
+++ b/system/src/Grav/Common/Flex/Traits/FlexCommonTrait.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Traits/FlexGravTrait.php
+++ b/system/src/Grav/Common/Flex/Traits/FlexGravTrait.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Traits/FlexIndexTrait.php
+++ b/system/src/Grav/Common/Flex/Traits/FlexIndexTrait.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Traits/FlexObjectTrait.php
+++ b/system/src/Grav/Common/Flex/Traits/FlexObjectTrait.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Generic/GenericCollection.php
+++ b/system/src/Grav/Common/Flex/Types/Generic/GenericCollection.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Generic/GenericIndex.php
+++ b/system/src/Grav/Common/Flex/Types/Generic/GenericIndex.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Generic/GenericObject.php
+++ b/system/src/Grav/Common/Flex/Types/Generic/GenericObject.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Pages/PageCollection.php
+++ b/system/src/Grav/Common/Flex/Types/Pages/PageCollection.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Pages/PageIndex.php
+++ b/system/src/Grav/Common/Flex/Types/Pages/PageIndex.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Pages/PageObject.php
+++ b/system/src/Grav/Common/Flex/Types/Pages/PageObject.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Pages/Storage/PageStorage.php
+++ b/system/src/Grav/Common/Flex/Types/Pages/Storage/PageStorage.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Pages/Traits/PageContentTrait.php
+++ b/system/src/Grav/Common/Flex/Types/Pages/Traits/PageContentTrait.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Pages/Traits/PageLegacyTrait.php
+++ b/system/src/Grav/Common/Flex/Types/Pages/Traits/PageLegacyTrait.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Pages/Traits/PageRoutableTrait.php
+++ b/system/src/Grav/Common/Flex/Types/Pages/Traits/PageRoutableTrait.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Pages/Traits/PageTranslateTrait.php
+++ b/system/src/Grav/Common/Flex/Types/Pages/Traits/PageTranslateTrait.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/UserGroups/UserGroupCollection.php
+++ b/system/src/Grav/Common/Flex/Types/UserGroups/UserGroupCollection.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/UserGroups/UserGroupIndex.php
+++ b/system/src/Grav/Common/Flex/Types/UserGroups/UserGroupIndex.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/UserGroups/UserGroupObject.php
+++ b/system/src/Grav/Common/Flex/Types/UserGroups/UserGroupObject.php
@@ -5,13 +5,14 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

 namespace Grav\Common\Flex\Types\UserGroups;

 use Grav\Common\Flex\FlexObject;
+use Grav\Common\Grav;
 use Grav\Common\User\Access;
 use Grav\Common\User\Interfaces\UserGroupInterface;
 use function is_bool;
@@ -74,6 +75,18 @@ class UserGroupObject extends FlexObject implements UserGroupInterface
        return $access->authorize('admin.super') ? true : null;
    }

+    public static function groupNames(): array
+    {
+        $groups = [];
+        $user_groups = Grav::instance()['user_groups'];
+
+        foreach ($user_groups as $key => $group) {
+            $groups[$key] = $group->readableName;
+        }
+
+        return $groups;
+    }
+
    /**
     * @return Access
     */
--- a/system/src/Grav/Common/Flex/Types/Users/Storage/UserFileStorage.php
+++ b/system/src/Grav/Common/Flex/Types/Users/Storage/UserFileStorage.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Users/Storage/UserFolderStorage.php
+++ b/system/src/Grav/Common/Flex/Types/Users/Storage/UserFolderStorage.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Users/Traits/UserObjectLegacyTrait.php
+++ b/system/src/Grav/Common/Flex/Types/Users/Traits/UserObjectLegacyTrait.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Users/UserCollection.php
+++ b/system/src/Grav/Common/Flex/Types/Users/UserCollection.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/system/src/Grav/Common/Flex/Types/Users/UserIndex.php
+++ b/system/src/Grav/Common/Flex/Types/Users/UserIndex.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
 /**
 * @package    Grav\Common\Flex
 *
- * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
 * @license    MIT License; see LICENSE file for details.
 */

--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Andy Miller	1f21d259ea	Merge branch 'release/1.7.43'	2023-10-02 10:41:36 -06:00
Andy Miller	21b218e464	prepare for release	2023-10-02 10:41:26 -06:00
Andy Miller	3b2fb023b8	change version number	2023-10-02 10:36:33 -06:00
Andy Miller	92babda742	updated changelog	2023-10-02 10:30:31 -06:00
pamtbaau	3cdbc5890a	Fix url of @import not being rewritten (#3750 ) Looks good. thanks.	2023-10-02 10:04:29 -06:00
Andy Miller	a8042a666c	updated composer - fixes #3748	2023-10-02 09:52:50 -06:00
Andy Miller	79f9640b12	move language debug to debugger - fixes #3752	2023-10-02 09:51:22 -06:00
Andy Miller	65aeb82e21	add ability to override modified date via frontmatter	2023-10-02 09:36:22 -06:00
Andy Miller	e3b0aa0c50	inlcude phar in dangerous extensions	2023-08-22 11:57:13 +01:00
Andy Miller	7e617a632e	updated security.md	2023-08-22 09:24:41 +01:00
Andy Miller	fb5dd14875	Merge branch 'release/1.7.42.3'	2023-07-18 12:41:08 -06:00
Andy Miller	490bdd6ce7	Merge tag '1.7.42.3' into develop Release v1.7.42.3	2023-07-18 12:41:08 -06:00
Andy Miller	893b1dd1db	prepare for release	2023-07-18 12:40:57 -06:00
Andy Miller	1146959806	fixed a typo	2023-07-18 12:40:27 -06:00
Andy Miller	45103f81b4	Merge branch 'release/1.7.42.2'	2023-07-18 10:50:51 -06:00
Andy Miller	c426f4a9cc	Merge tag '1.7.42.2' into develop Release v1.7.42.2	2023-07-18 10:50:51 -06:00
Andy Miller	0d27f2d77e	prepare for release	2023-07-18 10:50:36 -06:00
Andy Miller	b4c62101a4	SSTI attack mitigation - GHSA-9436-3gmp-4f53	2023-07-18 10:49:47 -06:00
Andy Miller	950cd0854f	updated vendor libs	2023-06-15 15:32:06 -06:00
Andy Miller	4cd137830b	Merge branch 'release/1.7.42.1'	2023-06-15 12:57:56 -06:00
Andy Miller	aa19bcdcbe	Merge tag '1.7.42.1' into develop Release v1.7.42.1	2023-06-15 12:57:56 -06:00
Andy Miller	cf6bf7d1ec	prepare for release	2023-06-15 12:57:46 -06:00
Andy Miller	47665dbddb	Fixes #3727 - filter field being a closure	2023-06-15 09:03:12 -06:00
Andy Miller	dc209453d0	Merge branch 'release/1.7.42'	2023-06-14 14:19:10 -06:00
Andy Miller	5b89091f13	Merge tag '1.7.42' into develop Release 1.7.42	2023-06-14 14:19:10 -06:00
Andy Miller	50ee844759	prepare for release	2023-06-14 14:19:00 -06:00
Andy Miller	244758d438	also handle SSTI in reduce twig filter + function	2023-06-14 11:08:17 -06:00
Andy Miller	71bbed12f9	more SSTI fixes in Utils::isDangerousFunction()	2023-06-13 17:57:11 -06:00
Andy Miller	8c2c1cb726	better SSTI in \|map and \|filter	2023-06-13 17:45:40 -06:00
Andy Miller	9d01140a63	Fix for dangerous tags in \|map filter	2023-06-13 17:07:39 -06:00
Andy Miller	259e775db8	Added languages debug option	2023-06-08 14:50:52 -06:00
Andy Miller	d4c617ff19	Merge branch 'release/1.7.41.2'	2023-06-01 15:19:12 -06:00
Andy Miller	c7680bb50a	Merge tag '1.7.41.2' into develop Release v1.7.41.2	2023-06-01 15:19:12 -06:00
Andy Miller	722ce55ccb	prepare for release	2023-06-01 15:18:53 -06:00
Andy Miller	5b950ce73f	update changelog	2023-06-01 15:17:47 -06:00
Andy Miller	8dfa2110bf	fix for special chars in slugs causing redirect loops	2023-06-01 15:16:56 -06:00
Andy Miller	31aeaf6309	improved the Twig Cache Tag with customizable key (lang specific if needed)	2023-05-23 15:54:48 -06:00
Andy Miller	d96b023d72	Merge branch 'release/1.7.41.1'	2023-05-10 08:34:58 -06:00
Andy Miller	4de3cab522	Merge tag '1.7.41.1' into develop Release v1.7.41.1	2023-05-10 08:34:58 -06:00
Andy Miller	b34f70f91d	prepare for release	2023-05-10 08:34:45 -06:00
Andy Miller	9da8cad7fe	truncator fix	2023-05-10 08:34:09 -06:00
Andy Miller	e4a30f5966	Merge branch 'release/1.7.41'	2023-05-09 12:44:53 -06:00
Andy Miller	814a050858	Merge tag '1.7.41' into develop Release v1.7.41	2023-05-09 12:44:53 -06:00
Andy Miller	b6179bd2de	prepare for release	2023-05-09 12:44:44 -06:00
Andy Miller	e5ac37e3cf	FILTER_SANITIZE_STRING + Toolbox 1.6.5	2023-05-09 12:13:46 -06:00
Andy Miller	66463ddff3	more FILTER_SANITIZE_STRING fixes	2023-05-09 12:13:32 -06:00
Andy Miller	956c2993ae	more filter fixes	2023-05-09 11:22:28 -06:00
Andy Miller	3cf67cb2fd	deprecation fix	2023-05-09 11:18:36 -06:00
Andy Miller	36afa9d848	won’t work internally in Parsedown	2023-05-08 19:31:37 -06:00
Andy Miller	694ab76d1e	added `parse_url` to the list of Grav Twig functions	2023-05-08 19:03:29 -06:00
Andy Miller	369c2e9ffa	remove filter_input in favor of htmlspecialchars + strip_tags	2023-05-08 18:42:52 -06:00
Andy Miller	95ae35216a	various cast fixes	2023-05-08 18:41:19 -06:00
Andy Miller	9c0477fa52	fix dynamic class value	2023-05-08 18:41:04 -06:00
Andy Miller	e1ab15e323	another cast fix	2023-05-08 17:44:52 -06:00
Andy Miller	ff77d58acb	more casting fixes	2023-05-08 17:37:42 -06:00
Andy Miller	adfbd5730b	changelog updated	2023-05-08 17:31:26 -06:00
Andy Miller	bf175983ec	various deprecated fixes	2023-05-08 17:31:15 -06:00
Andy Miller	470b69c775	Use new `groupNames` method	2023-05-08 17:27:54 -06:00
Andy Miller	60648c43db	Update to latest getgrav/image package	2023-05-08 17:27:43 -06:00
Andy Miller	75cd4f4306	Various casting fixes for deprecated messages	2023-05-08 17:27:03 -06:00
Andy Miller	2412115f41	TwigDeferredExtension updates	2023-05-08 17:26:22 -06:00
Andy Miller	598836d656	fix parsedown dynamic properties	2023-05-08 12:39:35 -06:00
Andy Miller	e1019c4420	remove FILTER_SANITIZE_STRING as deprecated	2023-05-08 12:21:09 -06:00
Djamil Legato	a8a6c0c520	Better and generic ignore pattern for `security.yaml` (fixes #3706 )	2023-04-06 10:29:35 -07:00
Andy Miller	685d76231a	Merge branch 'release/1.7.40'	2023-03-22 11:30:00 -06:00
Andy Miller	0f9b9f780f	Merge tag '1.7.40' into develop Release 1.7.40	2023-03-22 11:30:00 -06:00
Andy Miller	1e2792874d	prepare for release	2023-03-22 11:29:52 -06:00
Andy Miller	0a061ce95e	bugfix for timestamp logic	2023-03-22 10:18:07 -06:00
Andy Miller	d82ee029e1	updated changelog	2023-03-22 10:09:06 -06:00
Andy Miller	3b83c8204d	Merge branch 'develop' of github.com:getgrav/grav into develop	2023-03-22 10:07:18 -06:00
Andy Miller	9ab7a4759a	Added timestamp: true\|false option for assets	2023-03-22 10:07:14 -06:00
Vilius Šumskas	c261d0d3f7	Fix force_ssl redirect in case of undefined hostname (#3702 )	2023-03-17 08:53:45 -06:00
Andy Miller	940415dddb	updated changelog	2023-03-07 10:47:55 -07:00
Andy Miller	60506e6f34	fixed duplicate page paths	2023-03-07 10:45:01 -07:00
Djamil Legato	bd7a74d79e	Coerce ignore validation to array to cover both array/non-array values	2023-03-06 11:01:15 -08:00
Djamil Legato	5fcf690918	Fixed `BlueprintSchema:flattenData` to properly handle ignored fields	2023-03-06 10:40:36 -08:00
Anael Mobilia	904ec46a9f	Update robots.txt reflecting actual folders (#3625 ) * Update robots.txt "grav" folder no longer exists * Add folders now existing	2023-03-06 10:21:03 -07:00
Vilius Šumskas	259c148edb	Fix whoami command usage (#3695 ) Passing process as a string is deprecated since Symfony 4.2.	2023-03-06 10:19:23 -07:00
Rotzbua	0ae980062f	Remove outdated setting `xcache` (#3615 ) Already removed in commit `ba2c37c216`	2023-03-06 10:18:57 -07:00
Ari Cooper Davis	a888f19ad1	Fix LogViewer regex to reduce greediness (#3684 )	2023-03-06 09:25:12 -07:00
Andy Miller	479b89134d	Update composer.json	2023-02-23 18:46:44 -07:00
Andy Miller	d0d083d985	not just 7.3!	2023-02-23 18:01:01 -07:00
Andy Miller	396b412dda	Merge tag '1.7.39.4' into develop Release v1.7.39.4	2023-02-22 09:20:28 -07:00
Andy Miller	8be02e44c6	Merge branch 'release/1.7.39.4'	2023-02-22 09:20:27 -07:00
Andy Miller	ec115a6a64	prepare for release	2023-02-22 09:20:07 -07:00
Andy Miller	3b92c1aca4	updated changelog	2023-02-22 09:19:24 -07:00
Andy Miller	2d9df03766	Revert "move account info under account section" This reverts commit `1fae4504a2`.	2023-02-22 09:16:54 -07:00
Andy Miller	f086f84ff2	Merge branch 'release/1.7.39.3'	2023-02-21 15:12:34 -07:00
Andy Miller	a2b23ad80e	Merge tag '1.7.39.3' into develop Release 1.7.39.3	2023-02-21 15:12:34 -07:00
Andy Miller	88350d9090	prepare for release	2023-02-21 15:12:24 -07:00
Andy Miller	b2f27fbdf2	cleaner fix for template bug	2023-02-21 12:55:50 -07:00
Andy Miller	72b769aa63	fix for rendering specific templates fixes #3698	2023-02-21 09:39:14 -07:00
Andy Miller	8a7e38751a	Merge branch 'release/1.7.39.2'	2023-02-20 14:31:42 -07:00
Andy Miller	3e6c719441	Merge tag '1.7.39.2' into develop Release v1.7.39.2	2023-02-20 14:31:42 -07:00
Andy Miller	8efb000801	prepare for release	2023-02-20 14:31:30 -07:00
Andy Miller	6d6e92048e	flex accounts session fix	2023-02-20 14:02:13 -07:00
Andy Miller	8c365d45a4	Merge branch 'release/1.7.39.1' # Conflicts: # CHANGELOG.md	2023-02-20 11:52:11 -07:00
Andy Miller	ee6448c307	prepare for release	2023-02-20 11:51:36 -07:00
Andy Miller	f8c9e9ada4	css fix for phpdebugbar	2023-02-20 11:49:47 -07:00
Andy Miller	87ab3ae4a7	Fix for debugbar rendering	2023-02-20 10:01:30 -07:00
Andy Miller	68dc461bc0	Merge tag '1.7.39' into develop Release v1.7.39	2023-02-19 14:52:00 -07:00
Andy Miller	4dd98610a4	Merge branch 'release/1.7.39'	2023-02-19 14:51:59 -07:00
Andy Miller	0358e55aed	Merge branch 'master' into develop	2023-02-19 14:51:07 -07:00
Andy Miller	9e5ed10925	typo in types	2023-02-19 14:50:16 -07:00
Andy Miller	3b7eb198cf	Merge tag '1.7.39' into develop Release v1.7.39	2023-02-19 14:44:21 -07:00
Andy Miller	81ed7379a9	Merge branch 'release/1.7.39'	2023-02-19 14:44:21 -07:00
Andy Miller	e1950e985b	prepare for release	2023-02-19 14:44:10 -07:00
Andy Miller	84c61af807	updated changelog	2023-02-19 14:43:34 -07:00
Andy Miller	93755c7329	fix UtilsTest for PHPUnit 10	2023-02-19 13:48:13 -07:00
Andy Miller	5329918e2f	Merge branch 'develop' of github.com:getgrav/grav into develop	2023-02-19 13:27:58 -07:00
Andy Miller	efd7726646	update packages	2023-02-19 13:27:52 -07:00
Rotzbua	4c762c0ac3	add php 8.2 to test (#3662 ) now released https://www.php.net/releases/8.2/en.php	2023-02-19 13:27:19 -07:00
Andy Miller	81a911572c	more PHP 8.2 fixes	2023-02-19 13:26:17 -07:00
Andy Miller	c56bb86b61	php 8.2 fixes	2023-02-19 12:07:58 -07:00
Andy Miller	ea010f19f0	Fix for bad rendering of modules	2023-02-17 16:00:46 -07:00
Andy Miller	1fae4504a2	move account info under account section	2023-02-15 15:24:03 -07:00
Andy Miller	d99c84d9f8	empty date to avoid confusion	2023-02-10 15:26:15 -07:00
Andy Miller	c732bfaeef	Merge branch 'develop' of github.com:getgrav/grav into develop	2023-01-11 16:16:57 -07:00
Andy Miller	4f0fee684a	fix for email validation	2023-01-11 16:16:52 -07:00
Daniel Mason	884faa91bb	Update php-fpm socket file to use generic socket file instead of pinning to version (#3669 )	2023-01-02 16:19:05 -07:00
Andy Miller	8c261a05cc	Merge tag '1.7.38' into develop Release v1.7.38	2023-01-02 11:24:06 -07:00
Andy Miller	95aa57ca50	Merge branch 'release/1.7.38'	2023-01-02 11:24:05 -07:00
Andy Miller	0bc0e58707	prepare for release	2023-01-02 11:23:56 -07:00
Andy Miller	a86e0d4b96	Update copyright date	2023-01-02 11:09:32 -07:00
Andy Miller	44c819b021	Added new onBeforeSessionStart() Event	2023-01-02 10:46:32 -07:00
Andy Miller	3f13d81c6f	Get around a bug where messages were not always being set on session during redirect	2023-01-01 13:10:58 -07:00
Andy Miller	720a965c7e	update changelog	2022-12-02 12:23:04 -07:00
Alex	f0e263a404	GitHub Workflows security hardening (#3624 ) * build: harden build.yaml permissions Signed-off-by: Alex <aleksandrosansan@gmail.com> * build: harden trigger-skeletons.yml permissions Signed-off-by: Alex <aleksandrosansan@gmail.com> * build: harden tests.yaml permissions Signed-off-by: Alex <aleksandrosansan@gmail.com> Signed-off-by: Alex <aleksandrosansan@gmail.com>	2022-11-30 17:13:49 -08:00
Andy Miller	ad33a63ad2	Revert "dont’ fail hard if pages recurse with same path" This reverts commit `9c5b8b6496`. # Conflicts: # system/src/Grav/Common/Page/Pages.php	2022-10-25 18:20:08 -06:00
Andy Miller	f7b7f3337d	fix	2022-10-25 18:01:42 -06:00
Andy Miller	983fcc5e40	Merge branch 'develop' of github.com:getgrav/grav into develop	2022-10-25 17:47:08 -06:00
Andy Miller	9c5b8b6496	dont’ fail hard if pages recurse with same path	2022-10-25 17:47:03 -06:00
Djamil Legato	71fc4eb16b	Added `.env` and `.gravenv` to gitignore, most likely you don't want them pushed	2022-10-10 14:32:25 -07:00
Andy Miller	ea2858ea2b	Merge branch 'develop' of github.com:getgrav/grav into develop	2022-10-05 15:10:37 -06:00
Andy Miller	d080578e83	Upgrade composer to 2.4.2 - fixes #3627	2022-10-05 15:10:32 -06:00
Andy Miller	8427eb6d3e	Upgrade composer to 2.4.2 - fixes #3637	2022-10-05 15:09:58 -06:00
Andy Miller	e3a342dabd	Merge tag '1.7.37.1' into develop Release v1.7.37.1	2022-10-05 15:06:23 -06:00
Andy Miller	00b13d1093	Merge branch 'release/1.7.37.1'	2022-10-05 15:06:22 -06:00
Andy Miller	7e5ff71623	prepare for release	2022-10-05 15:06:11 -06:00
Andy Miller	72ba7ccab6	Merge tag '1.7.37' into develop Release v1.7.37	2022-10-05 11:31:48 -06:00