diff --git a/docs/api/apiv3/tags/basic_objects.yml b/docs/api/apiv3/tags/basic_objects.yml index 5605921ee25e..1b45d7d84720 100644 --- a/docs/api/apiv3/tags/basic_objects.yml +++ b/docs/api/apiv3/tags/basic_objects.yml @@ -66,7 +66,7 @@ description: |- * It *must not* include HTML or other kind of markup * Error messages form complete sentences including punctuation - ##### Example + #### Example ```json { @@ -214,7 +214,7 @@ description: |- If the *Formattable* is marked as **read only**, the `raw` attribute also becomes **read only**. - ##### Example + ### Example ```json { @@ -248,7 +248,7 @@ description: |- Colors are represented in RGB using hexadecimal notation as specified in [CSS Color Module Level 3](https://www.w3.org/TR/css3-color/). That is a `#` followed by either three or six hexadecimal digits. - ##### Example + ### Example ``` red: #ff0000 or #f00 @@ -270,7 +270,7 @@ description: |- | algorithm | The algorithm used to compute the digest | String | md5 | | hash | The calculated digest in hexadecimal notation | String | 64c26a8403cd796ea4cf913cda2ee4a9 | - ##### Example + ### Example ```json { diff --git a/docs/development/development-environment/README.md b/docs/development/development-environment/README.md index 58ecee41d708..a8c09fe9dbb1 100644 --- a/docs/development/development-environment/README.md +++ b/docs/development/development-environment/README.md @@ -15,20 +15,20 @@ keywords: development setup | [MacOS](macos) | Develop setup on MacOS | -### Start Coding +## Start Coding Please have a look at [our development guidelines](../code-review-guidelines/) for tips and guides on how to start coding. We have advice on how to get your changes back into the OpenProject core as smooth as possible. Also, take a look at the `doc` directory in our sources, especially the [how to run tests](../running-tests) documentation (we like to have automated tests for every new developed feature). -### Troubleshooting +## Troubleshooting The OpenProject logfile can be found in `log/development.log`. If an error occurs, it should be logged there (as well as in the output to STDOUT/STDERR of the rails server process). -### Questions, Comments, and Feedback +## Questions, Comments, and Feedback If you have any further questions, comments, feedback, or an idea to enhance this guide, please tell us at the appropriate [forum](https://community.openproject.org/projects/openproject/boards/9). diff --git a/docs/glossary/README.md b/docs/glossary/README.md index 82a03e84c3e5..9c506c4a79e9 100644 --- a/docs/glossary/README.md +++ b/docs/glossary/README.md @@ -360,7 +360,7 @@ The quick context menu in OpenProject opens when you open a [work package table] ## Relations -In OpenProject, you can set work packages in relation to each other. Some relation types simply create a visible link between the two work packages. Others have an additional effect, e.g. force one work package to be finished before the other one starts (Predecessor). The simpliest way to add a relation between two existing work packages is to click the +Relation button on the Relations tab of one of the work packages. [Read more about work package relations and hierarchies in our user guide](../user-guide/work-packages/work-package-relations-hierarchies/). +In OpenProject, you can set work packages in relation to each other. Some relation types simply create a visible link between the two work packages. Others have an additional effect, e.g. force one work package to be finished before the other one starts (Predecessor). The simplest way to add a relation between two existing work packages is to click the +Relation button on the Relations tab of one of the work packages. [Read more about work package relations and hierarchies in our user guide](../user-guide/work-packages/work-package-relations-hierarchies/). ## Repository @@ -492,4 +492,4 @@ WYSIWYG stands for 'What you see is what you get'. A WYSIWYG editor is a content ### Zen mode -In OpenProject, Zen mode allows users to focus on a certain page, as all other menu items and elements are hidden, and the page is displayed in full screen. OpenProject offers zen mode for other modules like work packages, boards, Gantt charts, calendars, and project lists. \ No newline at end of file +In OpenProject, Zen mode allows users to focus on a certain page, as all other menu items and elements are hidden, and the page is displayed in full screen. OpenProject offers zen mode for other modules like work packages, boards, Gantt charts, calendars, and project lists. diff --git a/docs/release-notes/13-4-2/README.md b/docs/release-notes/13-4-2/README.md index 88df45010dea..52d4194785b8 100644 --- a/docs/release-notes/13-4-2/README.md +++ b/docs/release-notes/13-4-2/README.md @@ -13,13 +13,12 @@ Release date: 2024-05-22 We released [OpenProject 13.4.2](https://community.openproject.org/versions/2058). The release contains several bug fixes and we recommend updating to the newest version. -### Fixes a stored XSS vulnerability in the cost report functionality (CVE-2024-135224) +## Fixes a stored XSS vulnerability in the cost report functionality (CVE-2024-135224) + OpenProject Cost Report functionality uses improper sanitization of user input. This can lead to Stored XSS via the header values of the report table. This attack requires the permissions "Edit work packages" as well as "Add attachments". For more information, [please see our security advisory](https://github.com/opf/openproject/security/advisories/GHSA-h26c-j8wg-frjc). - - ## Bug fixes and changes diff --git a/docs/release-notes/14-0-2/README.md b/docs/release-notes/14-0-2/README.md index b52b3ffaac1b..04191f27c467 100644 --- a/docs/release-notes/14-0-2/README.md +++ b/docs/release-notes/14-0-2/README.md @@ -13,7 +13,8 @@ Release date: 2024-05-22 We released [OpenProject 14.0.2](https://community.openproject.org/versions/2057). The release contains several bug fixes and we recommend updating to the newest version. -### Fixes a stored XSS vulnerability in the cost report functionality (CVE-2024-135224) +## Fixes a stored XSS vulnerability in the cost report functionality (CVE-2024-135224) + OpenProject Cost Report functionality uses improper sanitization of user input. This can lead to Stored XSS via the header values of the report table. This attack requires the permissions "Edit work packages" as well as "Add attachments". For more information, [please see our security advisory](https://github.com/opf/openproject/security/advisories/GHSA-h26c-j8wg-frjc). diff --git a/docs/release-notes/14-1-0/README.md b/docs/release-notes/14-1-0/README.md index 21f6ca66ec98..be0e26eb0454 100644 --- a/docs/release-notes/14-1-0/README.md +++ b/docs/release-notes/14-1-0/README.md @@ -15,6 +15,7 @@ We released [OpenProject 14.1.0](https://community.openproject.org/versions/2030 ## Important updates and breaking changes ### Fixes a stored XSS vulnerability in the cost report functionality (CVE-2024-135224) + OpenProject Cost Report functionality uses improper sanitization of user input. This can lead to Stored XSS via the header values of the report table. This attack requires the permissions "Edit work packages" as well as "Add attachments". For more information, [please see our security advisory](https://github.com/opf/openproject/security/advisories/GHSA-h26c-j8wg-frjc). @@ -175,7 +176,7 @@ Apart from the features mentioned above, there have been a lot of other changes, -#### Contributions +## Contributions A very special thank you goes to our sponsors for features and improvements of this release: diff --git a/docs/system-admin-guide/authentication/openid-providers/README.md b/docs/system-admin-guide/authentication/openid-providers/README.md index 832d24d306dc..8e7784d9669e 100644 --- a/docs/system-admin-guide/authentication/openid-providers/README.md +++ b/docs/system-admin-guide/authentication/openid-providers/README.md @@ -77,7 +77,6 @@ You can create different kinds of providers with a different set of properties. After pressing **CREATE** you will see a following pop-up window. > [!TIP] -> > Make sure to note your **Client ID** and **Client Secret**. ![OAuth client created](g5-oauth-client-created.png) @@ -100,7 +99,9 @@ Press **Finish setup** to save the client and complete. If you go back to the in ## Microsoft Entra -### Step 1: Register an App in Azure Active Directory +### Step-by-step + +#### Step 1: Register an App in Azure Active Directory If your organization currently has an Azure Active Directory to manage users, and you want to use that to log in to OpenProject, you will need to register a new *App*. @@ -149,7 +150,7 @@ The steps are as follows: 9. A secret should have been generated and will be displayed on the page. -> [!IMPORTANT] +> [!IMPORTANT] > Make sure to save it because it will only be displayed once. ![Azure Active Directory Add Secret](08-add-secret.png) diff --git a/docs/system-admin-guide/authentication/recaptcha/README.md b/docs/system-admin-guide/authentication/recaptcha/README.md index 72c26e6e3299..7a5b23800433 100644 --- a/docs/system-admin-guide/authentication/recaptcha/README.md +++ b/docs/system-admin-guide/authentication/recaptcha/README.md @@ -3,7 +3,7 @@ sidebar_navigation: title: reCAPTCHA priority: 600 description: configure reCAPTCHA for OpenProject. -keywords: reCAPTCHA +keywords: reCAPTCHA, turnstile --- # reCAPTCHA configuration @@ -21,8 +21,7 @@ You can configure the following options: ![reCAPTCHA authentication settings in OpenProject administration](openproject_system_admin_guide_recaptcha.png) - -# Cloudflare Turnstile configuration +## Cloudflare Turnstile To use Cloudflare Turnstile with OpenProject, you need to configure the reCAPTCHA settings in the Cloudflare dashboard. Please see the following link for more details on Cloudflare Turnstile and how to configure it: [https://developers.cloudflare.com/turnstile/](https://developers.cloudflare.com/turnstile/).