Alexey Sokolov
7456cbaf02
Merge pull request #2016 from MarkLee131/fix/addheader-crlf-guard
...
HTTPSock: reject CR/LF in AddHeader name/value
2026-04-27 01:38:00 +01:00
Alexey Sokolov
8f5425f99c
Merge pull request #1999 from znc/dependabot/github_actions/codecov/codecov-action-6
...
Bump codecov/codecov-action from 5 to 6
2026-04-25 11:46:08 +01:00
Alexey Sokolov
2a1844ee4e
Merge pull request #2000 from znc/dependabot/github_actions/docker/login-action-4
...
Bump docker/login-action from 3 to 4
2026-04-25 11:45:34 +01:00
Alexey Sokolov
939d2b6c30
Merge pull request #1998 from znc/dependabot/github_actions/docker/metadata-action-6
...
Bump docker/metadata-action from 5 to 6
2026-04-25 11:45:05 +01:00
Alexey Sokolov
7540979707
Merge pull request #1997 from znc/dependabot/github_actions/docker/build-push-action-7
...
Bump docker/build-push-action from 6 to 7
2026-04-25 11:44:40 +01:00
Alexey Sokolov
0f1c646e5e
Merge pull request #1991 from znc/dependabot/github_actions/actions/upload-artifact-7
...
Bump actions/upload-artifact from 6 to 7
2026-04-25 11:44:23 +01:00
MarkLee131
20e8f73b03
HTTPSock: extract IsValidHeaderField helper and add tests ( #2010 )
2026-04-25 17:38:31 +08:00
MarkLee131
04cf89beec
HTTPSock: reject CR/LF in AddHeader name/value
...
AddHeader wrote its arguments straight into the response stream. No
in-tree caller reaches it with attacker-controlled bytes today, but the
public API is exposed to module authors; one bad caller would be a
header-injection bug. Filter at the entry rather than at every caller.
2026-04-25 10:38:31 +08:00
dependabot[bot]
9ff31be416
Bump docker/login-action from 3 to 4
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3 to 4.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-01 15:21:14 +00:00
dependabot[bot]
0fe69f3145
Bump codecov/codecov-action from 5 to 6
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 5 to 6.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-01 15:21:09 +00:00
dependabot[bot]
4825289561
Bump docker/metadata-action from 5 to 6
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 5 to 6.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](https://github.com/docker/metadata-action/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-01 15:21:05 +00:00
dependabot[bot]
05aa47bd91
Bump docker/build-push-action from 6 to 7
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6 to 7.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-01 15:20:59 +00:00
Alexey Sokolov
8566db72dd
Merge pull request #1995 from jabberwock/fix/getparamscolon-bounds-check
...
Message: add bounds check in GetParamsColon when uIdx >= params.size()
2026-03-17 18:05:39 +00:00
jabberwock
20908fc2d1
test: add GetParamsColon unit tests including out-of-bounds uIdx cases
2026-03-17 09:39:50 -07:00
jabberwock
94aeaa02bf
Message: add bounds check in GetParamsColon when uIdx >= params.size()
...
Without this check, when uIdx >= m_vsParams.size() and the vector is
non-empty, the subtraction in the clamp condition underflows to SIZE_MAX.
GetParamsSplit() already has the equivalent check at the top of the
function; this brings GetParamsColon() in line with it.
Fixes #1994
2026-03-17 09:39:50 -07:00
Alexey Sokolov
55d34645de
Merge pull request #1992 from TehPeGaSuS/patch-2
...
Fix formatting in ZNC connection message
2026-03-10 18:45:27 +00:00
TehPeGaSuS
4c0483adfa
Use user configured network
...
Use user configured network on the IRC client connection message example, so it turns from `/server <znc_server_ip> 1025 Admin:<pass>` to `/server <znc_server_ip> 1025 Admin/libera:<pass>`.
Should have done this from the start... 😅
2026-03-10 10:26:35 +01:00
TehPeGaSuS
9cb82dad06
Fix formatting in ZNC connection message
...
Make IRC client connection example consistent with the line above
2026-03-10 10:02:55 +01:00
dependabot[bot]
e76c4df386
Bump actions/upload-artifact from 6 to 7
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 6 to 7.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-01 12:32:22 +00:00
Alexey Sokolov
84be3d0f0b
Merge pull request #1990 from danny8376/webadmin-pass-w-space
...
Fix webadmin serverlist parsing for password containing space
2026-02-27 00:00:45 +00:00
DannyAAM
c2a760709c
Fix webadmin serverlist parsing for password containing space
2026-02-26 21:57:50 +08:00
Alexey Sokolov
ad7bd6d7ee
Don't try to join channel which ZNC is already on.
...
When Goguma connects to ZNC, it joins the joined channels again and
again, triggering flood protection.
Note: even with this fix, the Goguma+ZNC experience is still pretty bad
and requires doing something about repeating chat history
2026-01-26 22:15:23 +00:00
Alexey Sokolov
a187ae180e
Merge pull request #1987 from znc/dependabot/github_actions/actions/upload-artifact-6
...
Bump actions/upload-artifact from 5 to 6
2026-01-01 17:01:41 +00:00
Alexey Sokolov
e9a1f0d975
Merge pull request #1989 from Un1matr1x/issues/1988
...
Welcome to 2026
2026-01-01 14:55:26 +00:00
Falk Rund
ad6a397ca4
Welcome to 2026
...
[skip ci]
2026-01-01 13:44:32 +01:00
dependabot[bot]
bd99d51122
Bump actions/upload-artifact from 5 to 6
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 5 to 6.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-01 12:01:34 +00:00
Alexey Sokolov
418628a0d9
Merge pull request #1985 from znc/dependabot/github_actions/actions/checkout-6
...
Bump actions/checkout from 5 to 6
2025-12-12 01:09:26 +00:00
ZNC-Jenkins
fbfd391ec3
Update translations from Crowdin for bg_BG
2025-12-11 00:27:03 +00:00
dependabot[bot]
1ae1b0a520
Bump actions/checkout from 5 to 6
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-12-10 00:59:37 +00:00
Alexey Sokolov
d8b8c16783
Merge branch '1.10.x'
2025-12-10 00:55:07 +00:00
Dominique Leuenberger
49af1c8d53
Fix build with SWIG 4.4
...
SWIG 4.4 has dropped the usage of SWIG_NULLPTR again, which means we can't
rely on its presence to identify SWIG >= 4.2.0
Generate a swig_version.h by parsing the output of `swig -version` and
writing this in a hex representation
Fixes #1979
2025-12-10 00:34:39 +00:00
ZNC-Jenkins
18416d7df6
Update translations from Crowdin for
2025-12-06 00:26:11 +00:00
ZNC-Jenkins
7c2571ff03
Update translations from Crowdin for
2025-12-06 00:26:10 +00:00
ZNC-Jenkins
0d651d6f67
Update translations from Crowdin for de_DE
2025-11-20 00:26:22 +00:00
ZNC-Jenkins
bfa58f6892
Update translations from Crowdin for de_DE
2025-11-20 00:26:21 +00:00
ZNC-Jenkins
4aa81e07f6
Update translations from Crowdin for
2025-11-15 00:29:28 +00:00
ZNC-Jenkins
7747f9bb1d
Update translations from Crowdin for
2025-11-15 00:29:23 +00:00
ZNC-Jenkins
ea22b297fc
Update translations from Crowdin for de_DE nl_NL
2025-11-10 00:26:12 +00:00
ZNC-Jenkins
4115baa9f4
Update translations from Crowdin for de_DE nl_NL
2025-11-10 00:26:11 +00:00
ZNC-Jenkins
74a5da185c
Update translations from Crowdin for de_DE
2025-11-09 00:26:22 +00:00
ZNC-Jenkins
3427c58246
Update translations from Crowdin for de_DE
2025-11-09 00:26:17 +00:00
ZNC-Jenkins
7847b4c007
Update translations from Crowdin for
2025-11-08 00:26:26 +00:00
ZNC-Jenkins
530b2ac7b8
Update translations from Crowdin for
2025-11-08 00:26:25 +00:00
ZNC-Jenkins
cb1d4aae94
Update translations from Crowdin for de_DE
2025-11-07 00:26:39 +00:00
Alexey Sokolov
81a76a05b0
Merge pull request #1982 from bastelratte/syntax_de
...
Update autoreply.de_DE.po
2025-11-06 00:57:00 +00:00
bastelratte
97fc8be37a
Update autoreply.de_DE.po
...
Correction DE when = wenn
2025-11-05 21:14:08 +01:00
Alexey Sokolov
2df0206d06
Merge pull request #1980 from znc/dependabot/github_actions/actions/upload-artifact-5
...
Bump actions/upload-artifact from 4 to 5
2025-11-01 12:38:56 +00:00
Alexey Sokolov
cf889c1727
Merge pull request #1981 from znc/dependabot/github_actions/github/codeql-action-4
...
Bump github/codeql-action from 3 to 4
2025-11-01 12:38:19 +00:00
dependabot[bot]
1586688217
Bump github/codeql-action from 3 to 4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-11-01 12:01:28 +00:00
dependabot[bot]
19b3cc0e2b
Bump actions/upload-artifact from 4 to 5
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4 to 5.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-11-01 12:01:23 +00:00