1. 06 Aug, 2021 7 commits
  2. 20 Jul, 2021 1 commit
  3. 22 Jun, 2021 1 commit
    • Jacques Le Roux's avatar
      Improved: Add global web.xml to simplify session timeout configuration (OFBIZ-12255) · 6106277b
      Jacques Le Roux authored
      Currently, session timeout is configured in apps separately, but session is
      shared globally, so the smallest one take effects, and it will not take effect
      separately for different apps.
      
      Then it is both inconvenient and confusing to increase session timeout value,
      as all values in those files need to be updated.
      
      A global web.xml is needed, to simplify session timeout configuration.
      
      Thanks: Xin Wang
      6106277b
  4. 17 Jun, 2021 1 commit
  5. 29 May, 2021 1 commit
  6. 15 May, 2021 1 commit
  7. 04 May, 2021 1 commit
    • Jacques Le Roux's avatar
      Improved: Handle remaining checkstyle errors (OFBIZ-12169) · dbfa4f0c
      Jacques Le Roux authored
      This handles the "'(' should be on the previous line?" rule of MethodParamPad
      
      Actually not completely, because there are still some cases that can't be
      handled by changing code, notably when a casting is necessary. I believe there
      is an error in checkstyle code. I'll discuss that in dev ML before sending
      checkstyle team a report.
      dbfa4f0c
  8. 06 Apr, 2021 2 commits
  9. 29 Mar, 2021 1 commit
    • Jacques Le Roux's avatar
      Improved: Comment out the SOAP and HTTP engines (OFBIZ-12212) · a3438121
      Jacques Le Roux authored
      The SOAP and HTTP engines are open doors to security issues.
      At https://markmail.org/message/pgtjyh23bazq4s2w I proposed to comment them out
      as we did for RMI in the past.
      Of cause it must be clearly documented how to use them if needed.
      
      Here is the email content:
      
          After the recent fix for the CVE-2021-26295[1] we discussed with the security
          team about the opportunity need to comment out the SOAP and HTTP engines
          like we did in the past for RMI[2], this obviously for security reason.
      
          [1] OFBIZ-12167 "Adds a blacklist (to be
          renamed soon to denylist) in Java serialisation (CVE-2021-26295)"
          [2] OFBIZ-6942 "Comment out RMI related
          code because of the Java deserialization issue [CVE-2016-2170] "
      
      I just put a small comment in webtools and scrumm controllers, it should be
      enough.
      
      The tests pass
      a3438121
  10. 28 Mar, 2021 2 commits
  11. 27 Mar, 2021 6 commits
  12. 17 Mar, 2021 1 commit
  13. 11 Mar, 2021 1 commit
  14. 10 Mar, 2021 1 commit
  15. 01 Mar, 2021 1 commit
  16. 27 Feb, 2021 1 commit
  17. 21 Feb, 2021 1 commit
    • Jacques Le Roux's avatar
      Fixed: Error while uploading file in Ecommerce Profile's File Manager (OFBIZ-10746) · 2b6da24f
      Jacques Le Roux authored
      On uploading File in Ecommerce Profile's File Manager,
      
      "The following required parameter is missing:
      [IN] [uploadPartyContentFile.partyContentTypeId]" error is displaying.
      
      Steps to regenerate the issue:
          Open Ecommerce on Ofbiz.
          Login with any user.
          Go to Profile.
          Navigate down to File Manager.
          Select Purpose.
          Seletct Mime Type
          Click upload.
      
      Thanks: Aishwary Shrivastava for report, Priya Sharma fir the fix
      2b6da24f
  18. 16 Feb, 2021 1 commit
  19. 15 Feb, 2021 3 commits
  20. 14 Feb, 2021 1 commit
  21. 13 Feb, 2021 1 commit
  22. 12 Feb, 2021 3 commits
  23. 09 Feb, 2021 1 commit