Kanboard - Package Updates

girish

[1.14.8]

• Update Kanboard to 1.2.25
• Full changelog
• Update links to the new documentation website
• Update German translation

girish

[1.15.0]

• Update base image to 4.0.0

girish

[1.15.1]

• Update Kanboard to 1.2.26
• Full changelog
• Fire events after TaskMoveColumnOnDueDate action
• Update date parsing logic to be compatible with PHP 8.2
• Fix potential XSS on the Settings / API page
• Use wildcard operator for tag filter
• Fix broken user mentions in popup comment form

girish

[1.15.2]

• Update Kanboard to 1.2.27
• Full changelog
• Fix category filter when the category name is a number
• Better handling of max file upload size according to PHP settings
• Add dropdown menu on the board to reorder tasks by ID
• Separate font-family specification for input and textarea. This avoids the use of !important in custom CSS
• Change the total number of tasks displayed in the table header to match the description "Total number of tasks in this column across all swimlanes"
• Allow full name to be retrieved by the reverse proxy authentication
• Fix pull-right CSS class alignment
• Use a separate dropdown menu for column sorting

girish

[1.15.3]

• Update Kanboard to 1.2.28
• Full changelog
• Trigger EVENT_MOVE_COLUMN event when moving task to another swimlane
• Allow moving closed tasks when using the API
• Duplicate external links when duplicating tasks
• Add support for comparison operator to priority filter
• Prevents users to convert subtaks to tasks when custom role does not allow it
• Avoid deprecation messages when sending an email with PHP 8.2
• Declare most common routes to have nice URLs
• Improve wording of bulk action modal to move tasks position
• Allow closing modals by clicking on the background

girish

[1.15.4]

• Update Kanboard to 1.2.29
• Full changelog
• Avoid potential clipboard based cross-site scripting (CVE-2023-32685)
• Add themes support: dark, light and automatic mode
• Fix broken "Hide this Column" feature
• Do not close modals when clicking on the background if the form has changed
• Fix incorrect route for "My Activity Stream"
• Fix incorrect parameter encoding when using URLs rewriting
• Add support for task links in Markdown headings
• Handle 413 responses from Nginx when uploading files too large

nebulon

[1.15.5]

• Update Kanboard to 1.2.30
• Full changelog
• CVE-2023-33956: Parameter based Indirect Object Referencing leading to private file exposure
• CVE-2023-33968: Missing access control allows user to move and duplicate tasks to any project in the software
• CVE-2023-33969: Stored XSS in the Task External Link Functionality
• CVE-2023-33970: Missing access control in internal task links feature
• Avoid PHP warning caused by session_regenerate_id()
• Avoid CSS issue when upgrading to v1.2.29 without flushing user sessions

girish

Logout doesn't work in the latest Kanboard. I have opened https://github.com/kanboard/kanboard/issues/5308

girish

[1.15.6]

• Update Kanboard to 1.2.32
• Full changelog
• Fix unexpected EventDispatcher exception in cronjob and during logout
• Integration Tests: Run apt update before installing Apache
• Automatic action TaskMoveColumnClosed does not log column movement
• Tweak Sqlite connection settings to reduce database locked errors
• Bump phpunit/phpunit from 9.6.9 to 9.6.10

nebulon

[1.15.7]

• Update Kanboard to 1.2.33
• Update base image to 4.2.0
• Full changelog
• Do not close modals when clicking on the background
• Add Bulgarian translation
• Update Ukrainian and Russian translations
• Show the two factor form in the middle of the screen like the login form does
• Do not override the creator_id with the current logged user if the task is imported
• Add basic Dev Container configs
• Add adaptive SVG favicon and more SVG variants:
• Remove project_id from task links (A few were missed in #4892)
• Remove unused and invalid method in ProjectModel
• Update phpunit/phpunit and symfony/* dependencies
• Update vendor folder

girish

[1.15.8]

• Update Kanboard to 1.2.34
• Full changelog
• API: Avoid PHP notice when searching for a project name that does not exist
• Update Bulgarian translation
• Bump symfony/console from 5.4.28 to 5.4.32
• Bump phpunit/phpunit from 9.6.13 to 9.6.15

girish

[1.15.9]

• Update Kanboard to 1.2.35
• Full changelog
• Add missing HTML escaping when showing group membership in user profile (CVE-2024-22720)
• Update Dutch translation
• Update Bulgarian translation

girish

[1.15.10]

• Update Kanboard to 1.2.36
• Full changelog
• Add comments visibility
• Add explicit int casting to avoid PHP 8 TypeError when having empty automatic action parameters
• Add new config option DASHBOARD_MAX_PROJECTS
• Add reply feature to comments
• Fix search bar layout when adding more buttons via third-party plugins
• Introduce a Git hook to automatically update version.txt during Git checkout

girish

[1.15.11]

• Update Kanboard to 1.2.37
• Full changelog
• Add comments visibility
• Add explicit int casting to avoid PHP 8 TypeError when having empty automatic action parameters
• Add new config option DASHBOARD_MAX_PROJECTS
• Add reply feature to comments
• Fix search bar layout when adding more buttons via third-party plugins

girish

[1.16.0]

• Migrate to OIDC

Package Updates

[1.16.1]

• Update Kanboard to 1.2.38
• Full changelog

Package Updates

[1.16.2]

• Update Kanboard to 1.2.39
• Full changelog
• fix: remove CSS which caused responsive issues on mobile
• fix: incorrect template condition that set the username field to read only for remote users
• fix: tasks count across swimlanes was incorrect
• fix: avoid warning from libpng when loading PNG image with incorrect iCCP profiles
• feat: improve column header task counts

Package Updates

[1.16.3]

• Update Kanboard to 1.2.40
• Full changelog
• fix: avoid PHP error if no subtask in progress is found
• fix: avoid potential XSS and HTML injection in comment replies
• fix: prevent duplicated columns when enabling per-swimlane column task limits
• fix(api): check comment visibility in API procedures
• fix(api): verify comment ownership in API procedures
• fix(mssql): escape identifiers in timesheet queries
• fix(mssql): use ANSI OFFSET/FETCH syntax for pagination queries
• fix(test): use explicit ORDER BY for queries returning multiple rows

Package Updates

[1.16.4]

• Update Kanboard to 1.2.41
• Full changelog
• feat: add new plugin hooks in project forms
• feat: add option to add BOM at the beginning of CSV files (required for Microsoft Excel)
• feat: validate app config form values
• feat: add cancel button on 2FA code validation screen

Package Updates

[1.16.5]

• Update kanboard to 1.2.42
• Full Changelog
• fix: validate translation filename before loading locales
• fix: avoid path traversal in FileStorage
• feat: add Peruvian Sol to the list of currencies
• build(deps): bump symfony/finder from 5.4.43 to 5.4.45
• build(deps-dev): bump symfony/stopwatch from 5.4.40 to 5.4.45