From 05f5d3a2847d5f9645a30684c5e40ec0a8717931 Mon Sep 17 00:00:00 2001 From: OpenProject Actions CI Date: Wed, 22 Nov 2023 03:09:46 +0000 Subject: [PATCH 01/17] update locales from crowdin [ci skip] --- modules/meeting/config/locales/crowdin/uk.yml | 4 ++-- modules/storages/config/locales/crowdin/uk.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/meeting/config/locales/crowdin/uk.yml b/modules/meeting/config/locales/crowdin/uk.yml index aee1bac9ccca..683b90dca05c 100644 --- a/modules/meeting/config/locales/crowdin/uk.yml +++ b/modules/meeting/config/locales/crowdin/uk.yml @@ -22,9 +22,9 @@ #English strings go here for Rails i18n uk: plugin_openproject_meeting: - name: "OpenProject Meeting" + name: "Зустріч OpenProject" description: >- - This module adds functions to support project meetings to OpenProject. Meetings can be scheduled selecting invitees from the same project to take part in the meeting. An agenda can be created and sent to the invitees. After the meeting, attendees can be selected and minutes can be created based on the agenda. Finally, the minutes can be sent to all attendees and invitees. + Цей модуль додає до OpenProject функції для підтримки зустрічей проєкту. Зустрічі можна планувати, вибираючи запрошених з одного проекту для участі у зустрічі. Можна створити порядок денний і надіслати його запрошеним. Після зустрічі можна вибрати учасників і створити протокол на основі порядку денного. Наостанок, протокол можна надіслати всім учасникам і запрошеним. activerecord: attributes: meeting: diff --git a/modules/storages/config/locales/crowdin/uk.yml b/modules/storages/config/locales/crowdin/uk.yml index cbec63474409..a7f0bf4fcfcc 100644 --- a/modules/storages/config/locales/crowdin/uk.yml +++ b/modules/storages/config/locales/crowdin/uk.yml @@ -1,8 +1,8 @@ #English strings go here uk: plugin_openproject_storages: - name: "OpenProject Storages" - description: "Allows linking work packages to files in external storages, such as Nextcloud." + name: "Сховища OpenProject" + description: "" permission_view_file_links: "Перегляд посилань на файл" permission_manage_file_links: "Керування посиланнями на файл" permission_manage_storages_in_project: "Керування файловими сховищами в проєкті" From 08d3884f2328ea8e58012c45ae54352070a40378 Mon Sep 17 00:00:00 2001 From: OpenProject Actions CI Date: Thu, 23 Nov 2023 03:14:56 +0000 Subject: [PATCH 02/17] update locales from crowdin [ci skip] --- config/locales/crowdin/cs.yml | 10 +++++----- config/locales/crowdin/fr.yml | 2 +- config/locales/crowdin/js-cs.yml | 14 +++++++------- modules/grids/config/locales/crowdin/js-fr.yml | 2 +- modules/storages/config/locales/crowdin/cs.yml | 6 +++--- modules/webhooks/config/locales/crowdin/cs.yml | 2 +- modules/xls_export/config/locales/crowdin/cs.yml | 2 +- 7 files changed, 19 insertions(+), 19 deletions(-) diff --git a/config/locales/crowdin/cs.yml b/config/locales/crowdin/cs.yml index b67c88be718f..0f07c5b71506 100644 --- a/config/locales/crowdin/cs.yml +++ b/config/locales/crowdin/cs.yml @@ -455,7 +455,7 @@ cs: account: "Účet" attr_firstname: "Jméno (atribut)" attr_lastname: "Příjmení (atribut)" - attr_login: "Uživatelské jméno (atribut)" + attr_login: "Atribut uživatelského jména" attr_mail: "Email (atribut)" base_dn: "Base DN" host: "Host" @@ -981,7 +981,7 @@ cs: created_by_on_time_entry: "time logged by %{user} on %{datetime}" created_on: "vytvořeno dne %{datetime}" created_on_time_entry: "time logged on %{datetime}" - updated_by_on: "Aktualizováno uživatelem {{user}} dne {{date}}" + updated_by_on: "Aktualizováno uživatelem %{user} dne %{datetime}" updated_by_on_time_entry: "logged time updated by %{user} on %{datetime}" updated_on: "aktualizováno dne %{datetime}" updated_on_time_entry: "logged time updated on %{datetime}" @@ -1426,7 +1426,7 @@ cs: work_package_edit: 'Pracovní balíček upraven' work_package_note: 'Poznámka k pracovnímu balíčku přidána' title: - project: "Projekt {name}" + project: "Projekt %{name}" subproject: "Podprojekt: %{name}" export: your_work_packages_export: "Export pracovních balíčků" @@ -1638,7 +1638,7 @@ cs: label_available_project_versions: "Dostupné verze" label_available_project_work_package_categories: "Dostupné kategorie pracovních balíčků" label_available_project_work_package_types: "Dostupné kategorie pracovních balíčků" - label_available_projects: "Available projects" + label_available_projects: "Dostupné projekty" label_api_documentation: "API dokumentace" label_backup: "Záloha" label_between: "mezi" @@ -1936,7 +1936,7 @@ cs: label_permissions_report: "Přehled oprávnění" label_personalize_page: "Přizpůsobit tuto stránku" label_placeholder_user: "Placeholder uživatel" - label_placeholder_user_new: "Nový placeholder uživatel" + label_placeholder_user_new: "" label_placeholder_user_plural: "Placeholder uživatelé" label_planning: "Plánování" label_please_login: "Přihlaste se prosím" diff --git a/config/locales/crowdin/fr.yml b/config/locales/crowdin/fr.yml index df7d43f0e0aa..78a55b5a3f45 100644 --- a/config/locales/crowdin/fr.yml +++ b/config/locales/crowdin/fr.yml @@ -517,7 +517,7 @@ fr: true: "public" false: "privé" queries: "Requêtes" - status_code: 'État du projet' + status_code: 'Statut du projet' status_explanation: 'Description du statut du projet' status_codes: not_started: 'Non démarré' diff --git a/config/locales/crowdin/js-cs.yml b/config/locales/crowdin/js-cs.yml index 2d7aa3d7bca4..613c0c2e589f 100644 --- a/config/locales/crowdin/js-cs.yml +++ b/config/locales/crowdin/js-cs.yml @@ -348,7 +348,7 @@ cs: new_features_html: > The release contains various new features and improvements:
ical_sharing_modal: - title: "Subscribe to calendar" + title: "Přihlásit kalendář k odběru" inital_setup_error_message: "Při načítání dat došlo k chybě." description: "You can use the URL (iCalendar) to subscribe to this calendar in an external client and view up-to-date work package information from there." warning: "Please don't share this URL with other users. Anyone with this link will be able to view work package details without an account or password." @@ -416,7 +416,7 @@ cs: label_filename: "Soubor" label_filesize: "Velikost" label_general: "Obecné" - label_global_roles: "Global roles" + label_global_roles: "Globální role" label_greater_or_equal: ">=" label_group: 'Skupina' label_group_by: "Seskupit podle" @@ -530,7 +530,7 @@ cs: label_add_attachments: "Připojit soubory" label_formattable_attachment_hint: "Připojit a propojit soubory smazáním tohoto pole nebo vložením ze schránky." label_remove_file: "Odstranit %{fileName}" - label_remove_watcher: "Odstranit pozorovatele %{name}" + label_remove_watcher: "Odstranit sledujícího %{name}" label_remove_all_files: Odstranit všechny soubory label_add_description: "Přidat popis pro %{file}" label_upload_notification: "Nahrávám soubory..." @@ -590,7 +590,7 @@ cs: no_unread: "Žádná nepřečtená oznámení" reasons: mentioned: 'zmíněn' - watched: 'pozorovatel' + watched: 'sledovatel' assigned: 'Řešitel' responsible: 'Odpovědný' created: 'Vytvořeno' @@ -606,7 +606,7 @@ cs: property_today: 'je dnes' property_is: 'is in %{difference_in_days}' property_was: 'was %{difference_in_days} ago' - property_is_deleted: 'byl smazán' + property_is_deleted: 'is deleted' upsale: title: 'Upozornění na datum' description: 'With date alerts, you will be notified of upcoming start or finish dates so that you never miss or forget an important deadline.' @@ -675,7 +675,7 @@ cs: work_package_scheduled: 'Všechny změny data' global: immediately: - title: 'Účast' + title: 'Participace' description: 'Upozornění pro všechny aktivity v pracovních balíčcích, do kterých jste zapojeni (Řešitel, odpovědný nebo sledující).' delayed: title: 'Neúčast' @@ -782,7 +782,7 @@ cs: watchers: label_loading: načítám sledující... label_error_loading: Při načítání pozorovatelů došlo k chybě - label_search_watchers: Hledat pozorovatele + label_search_watchers: Hledat sledující label_add: Přidat sledující label_discard: Zrušit výběr typeahead_placeholder: Hledání možných přihlížejících diff --git a/modules/grids/config/locales/crowdin/js-fr.yml b/modules/grids/config/locales/crowdin/js-fr.yml index 25f8a4109e98..6f07e68905f6 100644 --- a/modules/grids/config/locales/crowdin/js-fr.yml +++ b/modules/grids/config/locales/crowdin/js-fr.yml @@ -30,7 +30,7 @@ fr: title: 'Détails du projet' no_results: 'Aucun champ personnalisé n''a été défini pour les projets.' project_status: - title: 'État du projet' + title: 'Statut du projet' not_started: 'Non démarré' on_track: 'Sur la bonne voie' off_track: 'Sur la mauvaise voie' diff --git a/modules/storages/config/locales/crowdin/cs.yml b/modules/storages/config/locales/crowdin/cs.yml index fe5716c52e0a..bf2982df29dc 100644 --- a/modules/storages/config/locales/crowdin/cs.yml +++ b/modules/storages/config/locales/crowdin/cs.yml @@ -1,7 +1,7 @@ #English strings go here cs: plugin_openproject_storages: - name: "OpenProject Storages" + name: "Úložiště OpenProject" description: "Allows linking work packages to files in external storages, such as Nextcloud." permission_view_file_links: "Zobrazit odkazy na soubor" permission_manage_file_links: "Správa odkazů souborů" @@ -35,7 +35,7 @@ cs: storages/project_storage: attributes: project_folder_mode: - mode_unavailable: "is not available for this storage." + mode_unavailable: "není k dispozici pro toto úložiště." storages/storage: attributes: host: @@ -138,7 +138,7 @@ cs: label_provider_type: "Typ poskytovatele" label_project_folder: "Složka projektu" label_new_storage: "Nové úložiště" - label_edit_storage: "Edit storage" + label_edit_storage: "" label_existing_manual_folder: "Existing folder with manually managed permissions" label_no_specific_folder: "Žádná specifická složka" label_automatic_folder: "New folder with automatically managed permissions" diff --git a/modules/webhooks/config/locales/crowdin/cs.yml b/modules/webhooks/config/locales/crowdin/cs.yml index e104a2118c1c..2d3a7224622b 100644 --- a/modules/webhooks/config/locales/crowdin/cs.yml +++ b/modules/webhooks/config/locales/crowdin/cs.yml @@ -42,7 +42,7 @@ cs: deliveries: no_results_table: Pro tento webhook nebyly provedeny žádné dodávky. title: 'Nedávné dodávky' - time: 'Dodací doba' + time: 'Delivery time' form: introduction: > Pošlete POST požadavek na URL adresu payload pro jakoukoliv událost v projektu, ke kterému jste přihlášeni. Užitečné zatížení bude odpovídat reprezentaci modifikovaného objektu APIv3. diff --git a/modules/xls_export/config/locales/crowdin/cs.yml b/modules/xls_export/config/locales/crowdin/cs.yml index 62de048e6212..11c270d68a27 100644 --- a/modules/xls_export/config/locales/crowdin/cs.yml +++ b/modules/xls_export/config/locales/crowdin/cs.yml @@ -1,6 +1,6 @@ cs: plugin_openproject_xls_export: - name: "OpenProject XLS Export" + name: "Export OpenProject XLS" description: "Export issue lists as Excel spreadsheets (.xls)." export_to_excel: "Exportovat XLS" print_with_description: "Tisk náhledu s popisem" From dac368549e6a2c3a6c8d86478a294867185744c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20G=C3=BCnther?= Date: Thu, 23 Nov 2023 09:14:59 +0100 Subject: [PATCH 03/17] Add section on security relevant components during development requirement --- .../product-development-handbook/README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/docs/development/product-development-handbook/README.md b/docs/development/product-development-handbook/README.md index ac9e0d67529f..101402dd2499 100644 --- a/docs/development/product-development-handbook/README.md +++ b/docs/development/product-development-handbook/README.md @@ -160,16 +160,29 @@ For internal or customer requirements requirements may directly be created, eval Based on the Product Managers judgement (taking among other things the RICE score and customer backing into account) validated and prioritized features (status: “In specification”) are specified in more detail: 1. PM specifies the solution and creates mockups (e.g. PowerPoint, Google Docs, …). + 2. PM updates the Opportunity Canvas (especially “Solution” section). + 3. PM and Developer validate solution (technical feasibility / solution). + + *If this solution touches security relevant components of the application, a Security Engineer is involved to identity and model the associated risks and impacts (thread modelling) according to the documented risks in the [Secure Coding Guidelines](https://www.openproject.org/docs/development/concepts/secure-coding/#secure-coding-guidelines).* + 4. PM / UX Researcher validates the solution through user interviews. (optional) + 5. PM / UX Researcher iterates through possible solutions based on user interviews and updates the Opportunity canvas. (optional) + 6. PM / Developer adds more detailed effort and cost estimates. + 7. Designer is assigned to the "Designer" field of the feature. + 8. Designer creates visuals based on mockups (if necessary). + 9. PM validates design with users (user interviews) (optional) + 10. PM in coordination with Developer assigns feature to upcoming product version. + 11. PM hands over features to the Developer. + 12. PM highlights features that require change in documentation if necessary (custom field “Requires doc change”). The features in a product version need to be specified at least one iteration prior to development start. If a feature is added to the current version it needs to be specified with high priority. If it is added to the next version it can be specified with a lower priority but still higher then other features in the product backlog. From 2fea2b7d02026b2b2a4ce6888fccff040a12fd72 Mon Sep 17 00:00:00 2001 From: Maya Berdygylyjova Date: Thu, 23 Nov 2023 10:02:22 +0100 Subject: [PATCH 04/17] [#51199] Move statement on security underneith new security and privacy section [#51199] Move statement on security underneith new security and privacy section https://community.openproject.org/work_packages/51199 --- docs/security-and-privacy/README.md | 3 +++ .../statement-on-security}/README.md | 8 ++++++++ .../security-at-openproject.com.asc | 0 3 files changed, 11 insertions(+) rename docs/{development/security => security-and-privacy/statement-on-security}/README.md (95%) rename docs/{development/security => security-and-privacy/statement-on-security}/security-at-openproject.com.asc (100%) diff --git a/docs/security-and-privacy/README.md b/docs/security-and-privacy/README.md index cadc8f424481..a157a16fbc30 100644 --- a/docs/security-and-privacy/README.md +++ b/docs/security-and-privacy/README.md @@ -12,8 +12,11 @@ The purpose of this document is to equip users of OpenProject with the necessar ## Data privacy +* Privacy policy: [OpenProject privacy policy](https://www.openproject.org/legal/privacy/) * Data privacy documentation: [Processing of personal data](./processing-of-personal-data/) ## Data security * Security documentation: BSI Grundschutzchecks (coming Q1 2024) +* Statement on data security: [Statement on data security](./statement-on-security) + diff --git a/docs/development/security/README.md b/docs/security-and-privacy/statement-on-security/README.md similarity index 95% rename from docs/development/security/README.md rename to docs/security-and-privacy/statement-on-security/README.md index 8116090bf9da..abd2ee6cc142 100644 --- a/docs/development/security/README.md +++ b/docs/security-and-privacy/statement-on-security/README.md @@ -1,3 +1,11 @@ +--- +sidebar_navigation: + title: Statement on security + priority: 600 +description: Statement of data security in OpenProject +keywords: GDPR, data security, security, OpenProject security, security alerts, single sign-on, password security, mailing list +--- + # Statement on security At its core, OpenProject is an open-source software that is [developed and published on GitHub](https://github.com/opf/openproject). Every change to the OpenProject code base ends up in an open repository accessible to everyone. This results in a transparent software where every commit can be traced back to the contributor. diff --git a/docs/development/security/security-at-openproject.com.asc b/docs/security-and-privacy/statement-on-security/security-at-openproject.com.asc similarity index 100% rename from docs/development/security/security-at-openproject.com.asc rename to docs/security-and-privacy/statement-on-security/security-at-openproject.com.asc From 838968ca6460f9df8eee5304b0a04037a2ce22b9 Mon Sep 17 00:00:00 2001 From: as-op Date: Wed, 22 Nov 2023 10:07:32 +0100 Subject: [PATCH 05/17] docs(links): adjust changed statement-on-security url --- README.md | 2 +- SECURITY.md | 2 +- .../enterprise-cloud-guide/gdpr-compliance/README.md | 2 +- docs/release-notes/12/12-0-4/README.md | 2 +- docs/release-notes/12/12-5-4/README.md | 4 ++-- docs/release-notes/8/8-3-2/README.md | 2 +- docs/security-and-privacy/statement-on-security/README.md | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 5af14aace6a1..a96662318f67 100644 --- a/README.md +++ b/README.md @@ -49,7 +49,7 @@ will keep our community secure. If you happen to come across a security issue we you to disclose it to us privately to allow our users and community enough time to upgrade. Security issues will always take precedence over anything else in the pipeline. -For more information on how to disclose a security vulnerability, [please see this page](docs/development/security/README.md). +For more information on how to disclose a security vulnerability, [please see this page](docs/development/[statement-on-security](docs/security-and-privacy/statement-on-security/README.md). ## License diff --git a/SECURITY.md b/SECURITY.md index a7850e2afd0c..abb0dc227922 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1 +1 @@ -Please find our statement on security in this document: https://www.openproject.org/docs/development/security/ +Please find our statement on security in this document: https://www.openproject.org/docs/security-and-privacy/statement-on-security/ diff --git a/docs/enterprise-guide/enterprise-cloud-guide/gdpr-compliance/README.md b/docs/enterprise-guide/enterprise-cloud-guide/gdpr-compliance/README.md index ba400711fe16..9cbd17f7aad7 100644 --- a/docs/enterprise-guide/enterprise-cloud-guide/gdpr-compliance/README.md +++ b/docs/enterprise-guide/enterprise-cloud-guide/gdpr-compliance/README.md @@ -73,4 +73,4 @@ Please navigate to -> Administration -> GDPR and you can now online review and s -Find out more about [OpenProject's security features](../../../development/security/#openproject-security-features). +Find out more about [OpenProject's security features](../../../security-and-privacy/statement-on-security/#openproject-security-features). diff --git a/docs/release-notes/12/12-0-4/README.md b/docs/release-notes/12/12-0-4/README.md index bcf126b86086..37fa1dde930d 100644 --- a/docs/release-notes/12/12-0-4/README.md +++ b/docs/release-notes/12/12-0-4/README.md @@ -26,7 +26,7 @@ The vulnerability has been fixed in version 12.0.4. Versions prior to 12.0.0 are If you are unable to upgrade in a timely fashion, the following patch can be applied: [https://github.com/opf/openproject/pull/9983.patch](https://github.com/opf/openproject/pull/9983.patch) #### Credits -This security issue was responsibly disclosed by [Daniel Santos](https://github.com/bananabr) (Twitter [@bananabr](https://twitter.com/bananabr)). Thank you for reaching out to us and your help in identifying this issue. If you have a security vulnerability you would like to disclose, please see our [statement on security](https://www.openproject.org/docs/development/security/). +This security issue was responsibly disclosed by [Daniel Santos](https://github.com/bananabr) (Twitter [@bananabr](https://twitter.com/bananabr)). Thank you for reaching out to us and your help in identifying this issue. If you have a security vulnerability you would like to disclose, please see our [statement on security](https://www.openproject.org/docs/security-and-privacy/statement-on-security/). ### Bug fixes and changes - Fixed: Frontend including editor and time logging unusable when there are many activities \[[#40314](https://community.openproject.com/wp/40314)\] diff --git a/docs/release-notes/12/12-5-4/README.md b/docs/release-notes/12/12-5-4/README.md index f1a9178b1e69..d8c97050e46f 100644 --- a/docs/release-notes/12/12-5-4/README.md +++ b/docs/release-notes/12/12-5-4/README.md @@ -19,7 +19,7 @@ The release contains two security related bug fixes and we recommend updating to When a user registers and confirms their first two-factor authentication (2FA) device for an account, existing logged in sessions for that user account are not terminated. Likewise, if an administrators creates a mobile phone 2FA device on behalf of a user, their existing sessions are not terminated. The issue has been resolved in OpenProject version 12.5.4 by actively terminating sessions of user accounts having registered and confirmed a 2FA device. -This security related issue was responsibly disclosed by [Vaishnavi Pardeshi](mailto:researchervaishnavi0@gmail.com). Thank you for reaching out to us and your help in identifying this issue. If you have a security vulnerability you would like to disclose, please see our [statement on security](https://www.openproject.org/docs/development/security/). +This security related issue was responsibly disclosed by [Vaishnavi Pardeshi](mailto:researchervaishnavi0@gmail.com). Thank you for reaching out to us and your help in identifying this issue. If you have a security vulnerability you would like to disclose, please see our [statement on security](https://www.openproject.org/docs/security-and-privacy/statement-on-security/). For more information, [please see our security advisory](https://github.com/opf/openproject/security/advisories/GHSA-xfp9-qqfj-x28q). @@ -33,7 +33,7 @@ When a user requests a password reset, an email is sent with a link to confirm a The issue has been resolved in OpenProject version 12.5.4 by actively revoking any active password reset tokens for user accounts having changed their passwords successfully within the application. -This security related issue was responsibly disclosed by [Vaishnavi Pardeshi](mailto:researchervaishnavi0@gmail.com). Thank you for reaching out to us and your help in identifying this issue. If you have a security vulnerability you would like to disclose, please see our [statement on security](https://www.openproject.org/docs/development/security/). +This security related issue was responsibly disclosed by [Vaishnavi Pardeshi](mailto:researchervaishnavi0@gmail.com). Thank you for reaching out to us and your help in identifying this issue. If you have a security vulnerability you would like to disclose, please see our [statement on security](https://www.openproject.org/docs/security-and-privacy/statement-on-security/). diff --git a/docs/release-notes/8/8-3-2/README.md b/docs/release-notes/8/8-3-2/README.md index 7c03a9a4521b..1794ee301e35 100644 --- a/docs/release-notes/8/8-3-2/README.md +++ b/docs/release-notes/8/8-3-2/README.md @@ -32,7 +32,7 @@ For the full advisory and patches for older unsupported versions, post](https://groups.google.com/d/msg/openproject-security/XlucAJMxmzM/hESpOaFVAwAJ). For our statement on security and further information on how to responsible disclose security related issues to us, please see our -[statement on security](../../../development/security/). +[statement on security](https://www.openproject.org/docs/security-and-privacy/statement-on-security/). Thanks to Thanaphon Soo from the [SEC Consult Vulnerability Lab](https://www.sec-consult.com) for identifying and responsibly diff --git a/docs/security-and-privacy/statement-on-security/README.md b/docs/security-and-privacy/statement-on-security/README.md index abd2ee6cc142..33d9f9467099 100644 --- a/docs/security-and-privacy/statement-on-security/README.md +++ b/docs/security-and-privacy/statement-on-security/README.md @@ -57,7 +57,7 @@ If you can, please send us a PGP-encrypted email using the following key: - Key ID: [0x7D669C6D47533958](https://keys.openpgp.org/vks/v1/by-fingerprint/BDCFE01EDE84EA199AE172CE7D669C6D47533958), - Fingerprint BDCF E01E DE84 EA19 9AE1 72CE 7D66 9C6D 4753 3958 -- You may also find the key [attached in our OpenProject repository.](https://github.com/opf/openproject/blob/dev/docs/development/security/security-at-openproject.com.asc) +- You may also find the key [attached in our OpenProject repository.](https://www.openproject.org/docs/security-and-privacy/statement-on-security/security-at-openproject.com.asc) Please include a description on how to reproduce the issue if possible. Our security team will get your email and will attempt to reproduce and fix the issue as soon as possible. From 92dea70a63e1c6feff405e6e2e344b448bde83f8 Mon Sep 17 00:00:00 2001 From: as-op Date: Thu, 23 Nov 2023 11:15:56 +0100 Subject: [PATCH 06/17] docs(links): adjust changed statement-on-security url --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a96662318f67..0f9a689fbba0 100644 --- a/README.md +++ b/README.md @@ -49,7 +49,7 @@ will keep our community secure. If you happen to come across a security issue we you to disclose it to us privately to allow our users and community enough time to upgrade. Security issues will always take precedence over anything else in the pipeline. -For more information on how to disclose a security vulnerability, [please see this page](docs/development/[statement-on-security](docs/security-and-privacy/statement-on-security/README.md). +For more information on how to disclose a security vulnerability, [please see this page](docs/security-and-privacy/statement-on-security/README.md). ## License From e7243efa45986c8a452bb03163cc638289df94e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20G=C3=BCnther?= Date: Tue, 21 Nov 2023 14:33:42 +0100 Subject: [PATCH 07/17] Add pg_client postgres 15 (#14180) * Add pg_client postgres 15 * Remove overridden PGBIN --- docker/prod/Dockerfile | 7 +++++-- docker/prod/setup/postinstall.sh | 2 -- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/docker/prod/Dockerfile b/docker/prod/Dockerfile index d788173d4afb..b881ee5445bd 100644 --- a/docker/prod/Dockerfile +++ b/docker/prod/Dockerfile @@ -73,6 +73,8 @@ ENV APP_USER=app ENV APP_PATH=/app ENV APP_DATA_PATH=/var/openproject/assets ENV PGVERSION="13" +ENV CURRENT_PGVERSION="13" +ENV NEXT_PGVERSION="15" ENV PGBIN="/usr/lib/postgresql/$PGVERSION/bin" ENV BUNDLE_WITHOUT="development:test" @@ -103,11 +105,12 @@ RUN --mount=type=cache,target=/var/cache/apt \ curl \ gnupg2 \ && curl -sSL https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \ - && echo 'deb http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main' $PGVERSION > /etc/apt/sources.list.d/pgdg.list \ + && echo 'deb http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main' > /etc/apt/sources.list.d/pgdg.list \ && apt-get update -qq \ && apt-get install -yq --no-install-recommends \ libpq5 \ - postgresql-client-$PGVERSION \ + postgresql-client-$CURRENT_PGVERSION \ + postgresql-client-$NEXT_PGVERSION \ libffi7 \ unrtf tesseract-ocr poppler-utils catdoc imagemagick \ && apt-get purge -y curl gnupg2 \ diff --git a/docker/prod/setup/postinstall.sh b/docker/prod/setup/postinstall.sh index 416eb24c813e..f1d9c75fd281 100755 --- a/docker/prod/setup/postinstall.sh +++ b/docker/prod/setup/postinstall.sh @@ -3,8 +3,6 @@ set -e set -o pipefail -export PGBIN="$(pg_config --bindir)" - display_error() { echo " !--> ERROR on postinstall:" tail -n 200 /tmp/dockerize.log From bf10fc5722ab5970ae44245bc104d08a8e52ad13 Mon Sep 17 00:00:00 2001 From: OpenProject Actions CI Date: Fri, 24 Nov 2023 03:10:04 +0000 Subject: [PATCH 08/17] update locales from crowdin [ci skip] --- config/locales/crowdin/js-fr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/locales/crowdin/js-fr.yml b/config/locales/crowdin/js-fr.yml index b90bca0ec5cc..2017753075ca 100644 --- a/config/locales/crowdin/js-fr.yml +++ b/config/locales/crowdin/js-fr.yml @@ -677,7 +677,7 @@ fr: description: 'Notifications pour toute activité sur les lots de travaux vous concernant (assigné, responsable ou observateur).' delayed: title: 'Non participants' - description: 'Notifications additionnelles lors d''activité sur tous les projects.' + description: 'Notifications additionnelles lors d''activités sur tous les projets.' date_alerts: title: 'Alarmes' description: 'Notifications automatiques lorsque des dates importantes approchent pour les lots de travaux ouverts vous concernant (assigné, responsable ou observateur).' From d67e67ea18312974121b0db4d83dd3b56a961815 Mon Sep 17 00:00:00 2001 From: OpenProject Actions CI Date: Sat, 25 Nov 2023 03:17:51 +0000 Subject: [PATCH 09/17] update locales from crowdin [ci skip] --- config/locales/crowdin/js-ar.yml | 2 ++ modules/bim/config/locales/crowdin/ar.yml | 1 + modules/ldap_groups/config/locales/crowdin/ar.yml | 1 + 3 files changed, 4 insertions(+) diff --git a/config/locales/crowdin/js-ar.yml b/config/locales/crowdin/js-ar.yml index 33c6c69f9e73..80025947ddff 100644 --- a/config/locales/crowdin/js-ar.yml +++ b/config/locales/crowdin/js-ar.yml @@ -1160,9 +1160,11 @@ ar: hour: one: "1 h" other: "%{count} h" + zero: "0 h" day: one: "%{count} يوم" other: "%{count} يوم" + zero: "0 days" zen_mode: button_activate: 'Activate zen mode' button_deactivate: 'Deactivate zen mode' diff --git a/modules/bim/config/locales/crowdin/ar.yml b/modules/bim/config/locales/crowdin/ar.yml index 000d11506aae..ca14d5947ad0 100644 --- a/modules/bim/config/locales/crowdin/ar.yml +++ b/modules/bim/config/locales/crowdin/ar.yml @@ -17,6 +17,7 @@ ar: exceptions: file_invalid: "ملف BCF غير صالح" x_bcf_issues: + zero: 'لا توجد مشاكل BCF' one: 'One BCF issue' other: '%{count} BCF issues' bcf_xml: diff --git a/modules/ldap_groups/config/locales/crowdin/ar.yml b/modules/ldap_groups/config/locales/crowdin/ar.yml index 70984d111ffe..efd70df78934 100644 --- a/modules/ldap_groups/config/locales/crowdin/ar.yml +++ b/modules/ldap_groups/config/locales/crowdin/ar.yml @@ -35,6 +35,7 @@ ar: label_n_groups_found: one: "1 group found by the filter" other: "%{count} groups found by the filter" + zero: "No groups were found by the filter" destroy: title: 'Remove synchronized filter %{name}' confirmation: "If you continue, the synchronized filter %{name} and all groups %{groups_count} created through it will be removed." From 052b74080c9087254ff9e21853a4519120263ad9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20G=C3=BCnther?= Date: Mon, 27 Nov 2023 12:53:09 +0100 Subject: [PATCH 10/17] Add information about involved services and integrations --- .../application-architecture/README.md | 35 +++++++++++++++---- 1 file changed, 28 insertions(+), 7 deletions(-) diff --git a/docs/development/application-architecture/README.md b/docs/development/application-architecture/README.md index 1ad9752502f9..29b2a39cb099 100644 --- a/docs/development/application-architecture/README.md +++ b/docs/development/application-architecture/README.md @@ -15,9 +15,9 @@ keywords: architecture overview, hybrid application, Ruby on Rails, Angular %%{init: {'theme':'neutral'}}%% flowchart TD - browser[Web browser] -->|"HTTP(s) requests"| loadbalancer(Load balancer / proxy) - A1[Native client] -->|"HTTP(s) requests"| loadbalancer - A2[SVN or Git client] -->|"HTTP(s) requests"| loadbalancer + browser[Web browser] -->|"HTTPS requests"| loadbalancer(Load balancer / proxy) + A1[Native client] -->|"HTTPS requests"| loadbalancer + A2[SVN or Git client] -->|"HTTPS requests"| loadbalancer loadbalancer -->|Proxy| openproject subgraph openproject[OpenProject Core Application] @@ -34,7 +34,7 @@ flowchart TD gih["GitHub (gih)"] cal["Calendar (cal)"] O["API integrations (api)"] - + W["Outgoing webhooks"] end subgraph services[Internal Services] @@ -46,9 +46,9 @@ end end - openproject <--> services - openproject --> integrations - loadbalancer <--> integrations + openproject <-->|"TCP requests"| services + openproject -->|"HTTPS requests"| integrations + loadbalancer <-->|"HTTPS requsts"| integrations subgraph localclients[Local Client / User device] direction TB @@ -62,6 +62,27 @@ end ``` +## Involved services + +| Service | Relationship to OpenProject | Communication interfaces and mechanisms | References | +| ----------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | +| Web browser | Performs requests to the application | HTTPS | n/a | +| Native client | Performs requests to the application | HTTPS | n/a | +| SVN client | Performs SVN requests to the application web server | HTTPS | [Repository integrations](https://www.openproject.org/docs/user-guide/repository/) | +| Git client | Performs Git Smart HTTP requests to the application server | HTTPS | [Repository integrations](https://www.openproject.org/docs/user-guide/repository/) | +| Load balancer / Proxy | Depending on installation mechanism, terminates TLS/SSL, accepts and proxies or load balances web requests to the different OpenProject web application servers | HTTPS / PROXY | [Configuration for packaged installations](https://www.openproject.org/docs/installation-and-operations/installation/packaged/#step-3-apache2-web-server-and-ssl-termination)
[Configuration for Docker/Kubernetes](https://www.openproject.org/docs/installation-and-operations/installation/docker/#disabling-https-mode) | +| Puma application server | Accepts web requests, runs the OpenProject web facing application | Web requests (HTTP/HTTPS)
Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/)
[Integrations guide](https://www.openproject.org/docs/system-admin-guide/integrations/) | +| Memached / Redis / File cache | Application-level cache (if enabled) | TCP connections | [Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options) | +| PostgreSQL | Database management system | (Encrypted) TCP connections between web and background workers | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
| +| Background worker | Handles asynchronous jobs, such as backup requests, email delivery, | Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/)
[Integrations guide](https://www.openproject.org/docs/system-admin-guide/integrations/) | +| Email gateways | Receive emails (e.g., notifications) from OpenProject application | SMTP | [SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/) | +| Identity providers | External authentication providers (e.g., Keycloak, ADFS, etc.) | HTTPS through standard protocols (OpenID connect, SAML, OAuth 2.0) | [OpenID connect provider configuration](https://www.openproject.org/docs/system-admin-guide/authentication/openid-providers/)
[SAML provider configuration](https://www.openproject.org/docs/system-admin-guide/authentication/saml/)
[OAuth 2.0 application configuration](https://www.openproject.org/docs/system-admin-guide/authentication/oauth-applications/) | +| Nextcloud | External biliteral integration | HTTPS | [Nextcloud integration guide](https://www.openproject.org/docs/system-admin-guide/integrations/nextcloud/) | +| GitHub | Pull Request / Issue referencing Integration into Openproject | HTTPS (Webhooks) | [GitHub integration guide](https://www.openproject.org/docs/system-admin-guide/integrations/github-integration/) | +| Calendars | External calendars requesting dynamic ICS calendar files from OpenProject | HTTPS (iCalendar/webdav) | [Calendar subscriptions configuration](https://www.openproject.org/docs/system-admin-guide/calendars-and-dates/#calendar-subscriptions) | +| API integrations | Structural access to OpenProject through API endpoints | HTTPS | [API configuration](https://www.openproject.org/docs/system-admin-guide/api-and-webhooks/) | +| Outgoing Webhooks | Outgoing requests for changes within the application | HTTPS | [Webhook configuration an adminstration](https://www.openproject.org/docs/system-admin-guide/api-and-webhooks/#webhooks) | + # Software From 86f1026f6d7cf5ba24b240aae3f9307825c7185b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20G=C3=BCnther?= Date: Mon, 27 Nov 2023 12:58:50 +0100 Subject: [PATCH 11/17] Add section on S3 storage --- .../application-architecture/README.md | 37 ++++++++++--------- 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/docs/development/application-architecture/README.md b/docs/development/application-architecture/README.md index 29b2a39cb099..d7f2d519d29a 100644 --- a/docs/development/application-architecture/README.md +++ b/docs/development/application-architecture/README.md @@ -64,24 +64,25 @@ end ## Involved services -| Service | Relationship to OpenProject | Communication interfaces and mechanisms | References | -| ----------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | -| Web browser | Performs requests to the application | HTTPS | n/a | -| Native client | Performs requests to the application | HTTPS | n/a | -| SVN client | Performs SVN requests to the application web server | HTTPS | [Repository integrations](https://www.openproject.org/docs/user-guide/repository/) | -| Git client | Performs Git Smart HTTP requests to the application server | HTTPS | [Repository integrations](https://www.openproject.org/docs/user-guide/repository/) | -| Load balancer / Proxy | Depending on installation mechanism, terminates TLS/SSL, accepts and proxies or load balances web requests to the different OpenProject web application servers | HTTPS / PROXY | [Configuration for packaged installations](https://www.openproject.org/docs/installation-and-operations/installation/packaged/#step-3-apache2-web-server-and-ssl-termination)
[Configuration for Docker/Kubernetes](https://www.openproject.org/docs/installation-and-operations/installation/docker/#disabling-https-mode) | -| Puma application server | Accepts web requests, runs the OpenProject web facing application | Web requests (HTTP/HTTPS)
Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/)
[Integrations guide](https://www.openproject.org/docs/system-admin-guide/integrations/) | -| Memached / Redis / File cache | Application-level cache (if enabled) | TCP connections | [Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options) | -| PostgreSQL | Database management system | (Encrypted) TCP connections between web and background workers | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
| -| Background worker | Handles asynchronous jobs, such as backup requests, email delivery, | Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/)
[Integrations guide](https://www.openproject.org/docs/system-admin-guide/integrations/) | -| Email gateways | Receive emails (e.g., notifications) from OpenProject application | SMTP | [SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/) | -| Identity providers | External authentication providers (e.g., Keycloak, ADFS, etc.) | HTTPS through standard protocols (OpenID connect, SAML, OAuth 2.0) | [OpenID connect provider configuration](https://www.openproject.org/docs/system-admin-guide/authentication/openid-providers/)
[SAML provider configuration](https://www.openproject.org/docs/system-admin-guide/authentication/saml/)
[OAuth 2.0 application configuration](https://www.openproject.org/docs/system-admin-guide/authentication/oauth-applications/) | -| Nextcloud | External biliteral integration | HTTPS | [Nextcloud integration guide](https://www.openproject.org/docs/system-admin-guide/integrations/nextcloud/) | -| GitHub | Pull Request / Issue referencing Integration into Openproject | HTTPS (Webhooks) | [GitHub integration guide](https://www.openproject.org/docs/system-admin-guide/integrations/github-integration/) | -| Calendars | External calendars requesting dynamic ICS calendar files from OpenProject | HTTPS (iCalendar/webdav) | [Calendar subscriptions configuration](https://www.openproject.org/docs/system-admin-guide/calendars-and-dates/#calendar-subscriptions) | -| API integrations | Structural access to OpenProject through API endpoints | HTTPS | [API configuration](https://www.openproject.org/docs/system-admin-guide/api-and-webhooks/) | -| Outgoing Webhooks | Outgoing requests for changes within the application | HTTPS | [Webhook configuration an adminstration](https://www.openproject.org/docs/system-admin-guide/api-and-webhooks/#webhooks) | +| Service | Relationship to OpenProject | Communication interfaces and mechanisms | References | +| ----------------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | +| Web browser | Performs requests to the application | HTTPS | n/a | +| Native client | Performs requests to the application | HTTPS | n/a | +| SVN client | Performs SVN requests to the application web server | HTTPS | [Repository integrations](https://www.openproject.org/docs/user-guide/repository/) | +| Git client | Performs Git Smart HTTP requests to the application server | HTTPS | [Repository integrations](https://www.openproject.org/docs/user-guide/repository/) | +| Load balancer / Proxy | Depending on installation mechanism, terminates TLS/SSL, accepts and proxies or load balances web requests to the different OpenProject web application servers | HTTPS / PROXY | [Configuration for packaged installations](https://www.openproject.org/docs/installation-and-operations/installation/packaged/#step-3-apache2-web-server-and-ssl-termination)
[Configuration for Docker/Kubernetes](https://www.openproject.org/docs/installation-and-operations/installation/docker/#disabling-https-mode) | +| Puma application server | Accepts web requests, runs the OpenProject web facing application | Web requests (HTTP/HTTPS)
Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/)
[Integrations guide](https://www.openproject.org/docs/system-admin-guide/integrations/) | +| Memached / Redis / File cache | Application-level cache (if enabled) | TCP connections | [Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options) | +| PostgreSQL | Database management system | (Encrypted) TCP connections between web and background workers | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
| +| Background worker | Handles asynchronous jobs, such as backup requests, email delivery, | Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/)
[Integrations guide](https://www.openproject.org/docs/system-admin-guide/integrations/) | +| Attached storages or Object storage | Access for attachments for the OpenProject application.
Either directly (or networked) attached storages, or configuration of an S3-compatible Object store | Local filesystem access (local drives, NFS)
HTTPS (S3-compatible storage) | [Configuration of the attachment storage](https://www.openproject.org/docs/installation-and-operations/configuration/#attachments-storage) | +| Email gateways | Receive emails (e.g., notifications) from OpenProject application | SMTP | [SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/) | +| Identity providers | External authentication providers (e.g., Keycloak, ADFS, etc.) | HTTPS through standard protocols (OpenID connect, SAML, OAuth 2.0) | [OpenID connect provider configuration](https://www.openproject.org/docs/system-admin-guide/authentication/openid-providers/)
[SAML provider configuration](https://www.openproject.org/docs/system-admin-guide/authentication/saml/)
[OAuth 2.0 application configuration](https://www.openproject.org/docs/system-admin-guide/authentication/oauth-applications/) | +| Nextcloud | External biliteral integration | HTTPS | [Nextcloud integration guide](https://www.openproject.org/docs/system-admin-guide/integrations/nextcloud/) | +| GitHub | Pull Request / Issue referencing Integration into Openproject | HTTPS (Webhooks) | [GitHub integration guide](https://www.openproject.org/docs/system-admin-guide/integrations/github-integration/) | +| Calendars | External calendars requesting dynamic ICS calendar files from OpenProject | HTTPS (iCalendar/webdav) | [Calendar subscriptions configuration](https://www.openproject.org/docs/system-admin-guide/calendars-and-dates/#calendar-subscriptions) | +| API integrations | Structural access to OpenProject through API endpoints | HTTPS | [API configuration](https://www.openproject.org/docs/system-admin-guide/api-and-webhooks/) | +| Outgoing Webhooks | Outgoing requests for changes within the application | HTTPS | [Webhook configuration an adminstration](https://www.openproject.org/docs/system-admin-guide/api-and-webhooks/#webhooks) | From 48acdd6142b1c669d1be5d435a7badfc5f695037 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20G=C3=BCnther?= Date: Mon, 27 Nov 2023 13:07:01 +0100 Subject: [PATCH 12/17] Add info about access modes --- .../application-architecture/README.md | 38 +++++++++---------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/docs/development/application-architecture/README.md b/docs/development/application-architecture/README.md index d7f2d519d29a..da6a0692ecac 100644 --- a/docs/development/application-architecture/README.md +++ b/docs/development/application-architecture/README.md @@ -64,25 +64,25 @@ end ## Involved services -| Service | Relationship to OpenProject | Communication interfaces and mechanisms | References | -| ----------------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | -| Web browser | Performs requests to the application | HTTPS | n/a | -| Native client | Performs requests to the application | HTTPS | n/a | -| SVN client | Performs SVN requests to the application web server | HTTPS | [Repository integrations](https://www.openproject.org/docs/user-guide/repository/) | -| Git client | Performs Git Smart HTTP requests to the application server | HTTPS | [Repository integrations](https://www.openproject.org/docs/user-guide/repository/) | -| Load balancer / Proxy | Depending on installation mechanism, terminates TLS/SSL, accepts and proxies or load balances web requests to the different OpenProject web application servers | HTTPS / PROXY | [Configuration for packaged installations](https://www.openproject.org/docs/installation-and-operations/installation/packaged/#step-3-apache2-web-server-and-ssl-termination)
[Configuration for Docker/Kubernetes](https://www.openproject.org/docs/installation-and-operations/installation/docker/#disabling-https-mode) | -| Puma application server | Accepts web requests, runs the OpenProject web facing application | Web requests (HTTP/HTTPS)
Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/)
[Integrations guide](https://www.openproject.org/docs/system-admin-guide/integrations/) | -| Memached / Redis / File cache | Application-level cache (if enabled) | TCP connections | [Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options) | -| PostgreSQL | Database management system | (Encrypted) TCP connections between web and background workers | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
| -| Background worker | Handles asynchronous jobs, such as backup requests, email delivery, | Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/)
[Integrations guide](https://www.openproject.org/docs/system-admin-guide/integrations/) | -| Attached storages or Object storage | Access for attachments for the OpenProject application.
Either directly (or networked) attached storages, or configuration of an S3-compatible Object store | Local filesystem access (local drives, NFS)
HTTPS (S3-compatible storage) | [Configuration of the attachment storage](https://www.openproject.org/docs/installation-and-operations/configuration/#attachments-storage) | -| Email gateways | Receive emails (e.g., notifications) from OpenProject application | SMTP | [SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/) | -| Identity providers | External authentication providers (e.g., Keycloak, ADFS, etc.) | HTTPS through standard protocols (OpenID connect, SAML, OAuth 2.0) | [OpenID connect provider configuration](https://www.openproject.org/docs/system-admin-guide/authentication/openid-providers/)
[SAML provider configuration](https://www.openproject.org/docs/system-admin-guide/authentication/saml/)
[OAuth 2.0 application configuration](https://www.openproject.org/docs/system-admin-guide/authentication/oauth-applications/) | -| Nextcloud | External biliteral integration | HTTPS | [Nextcloud integration guide](https://www.openproject.org/docs/system-admin-guide/integrations/nextcloud/) | -| GitHub | Pull Request / Issue referencing Integration into Openproject | HTTPS (Webhooks) | [GitHub integration guide](https://www.openproject.org/docs/system-admin-guide/integrations/github-integration/) | -| Calendars | External calendars requesting dynamic ICS calendar files from OpenProject | HTTPS (iCalendar/webdav) | [Calendar subscriptions configuration](https://www.openproject.org/docs/system-admin-guide/calendars-and-dates/#calendar-subscriptions) | -| API integrations | Structural access to OpenProject through API endpoints | HTTPS | [API configuration](https://www.openproject.org/docs/system-admin-guide/api-and-webhooks/) | -| Outgoing Webhooks | Outgoing requests for changes within the application | HTTPS | [Webhook configuration an adminstration](https://www.openproject.org/docs/system-admin-guide/api-and-webhooks/#webhooks) | +| Service | Relationship to OpenProject | Communication interfaces and mechanisms | Access modes
(R - read)
(W - write) | References | +| ----------------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ | --------------------------------------------- | ------------------------------------------------------------ | +| Web browser | Performs requests to the application | HTTPS | RW | n/a | +| Native client | Performs requests to the application | HTTPS | RW | n/a | +| SVN client | Performs SVN requests to the application web server | HTTPS | RW | [Repository integrations](https://www.openproject.org/docs/user-guide/repository/) | +| Git client | Performs Git Smart HTTP requests to the application server | HTTPS | RW | [Repository integrations](https://www.openproject.org/docs/user-guide/repository/) | +| Load balancer / Proxy | Depending on installation mechanism, terminates TLS/SSL, accepts and proxies or load balances web requests to the different OpenProject web application servers | HTTPS / PROXY | - | [Configuration for packaged installations](https://www.openproject.org/docs/installation-and-operations/installation/packaged/#step-3-apache2-web-server-and-ssl-termination)
[Configuration for Docker/Kubernetes](https://www.openproject.org/docs/installation-and-operations/installation/docker/#disabling-https-mode) | +| Puma application server | Accepts web requests, runs the OpenProject web facing application | Web requests (HTTP/HTTPS)
Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | RW | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/)
[Integrations guide](https://www.openproject.org/docs/system-admin-guide/integrations/) | +| Memached / Redis / File cache | Application-level cache (if enabled) | TCP connections | RW | [Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options) | +| PostgreSQL | Database management system | (Encrypted) TCP connections between web and background workers | | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
| +| Background worker | Handles asynchronous jobs, such as backup requests, email delivery, | Database (TCP)
Memcached (TCP)
Email gateways (SMTP)
External integration requests (HTTPS) | RW | [Database TLS setup](https://www.openproject.org/docs/installation-and-operations/configuration/#database-configuration-and-ssl)
[Cache configuration](https://www.openproject.org/docs/installation-and-operations/configuration/#cache-configuration-options)
[SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/)
[Integrations guide](https://www.openproject.org/docs/system-admin-guide/integrations/) | +| Attached storages or Object storage | Access for attachments for the OpenProject application.
Either directly (or networked) attached storages, or configuration of an S3-compatible Object store | Local filesystem access (local drives, NFS)
HTTPS (S3-compatible storage) | RW | [Configuration of the attachment storage](https://www.openproject.org/docs/installation-and-operations/configuration/#attachments-storage) | +| Email gateways | Send emails (e.g., notifications) from OpenProject application | SMTP | W (deliver mails to relay) | [SMTP configuration](https://www.openproject.org/docs/installation-and-operations/configuration/outbound-emails/) | +| Identity providers | External authentication providers (e.g., Keycloak, ADFS, etc.) | HTTPS through standard protocols (OpenID connect, SAML, OAuth 2.0) | R (Redirect and read user info) | [OpenID connect provider configuration](https://www.openproject.org/docs/system-admin-guide/authentication/openid-providers/)
[SAML provider configuration](https://www.openproject.org/docs/system-admin-guide/authentication/saml/)
[OAuth 2.0 application configuration](https://www.openproject.org/docs/system-admin-guide/authentication/oauth-applications/) | +| Nextcloud | External biliteral integration | HTTPS | RW | [Nextcloud integration guide](https://www.openproject.org/docs/system-admin-guide/integrations/nextcloud/) | +| GitHub | Pull Request / Issue referencing Integration into Openproject | HTTPS (Webhooks) | R (Incoming webhook from GitHub) | [GitHub integration guide](https://www.openproject.org/docs/system-admin-guide/integrations/github-integration/) | +| Calendars | External calendars requesting dynamic ICS calendar files from OpenProject | HTTPS (iCalendar/webdav) | R (Outgoing calendar data) | [Calendar subscriptions configuration](https://www.openproject.org/docs/system-admin-guide/calendars-and-dates/#calendar-subscriptions) | +| API integrations | Structural access to OpenProject through API endpoints. Optional access to users and third party organizations depending on authorized scopes | HTTPS | (Optional) R
(Optional) W
| [API configuration](https://www.openproject.org/docs/system-admin-guide/api-and-webhooks/) | +| Outgoing Webhooks | Outgoing requests for changes within the application | HTTPS | R (Outgoing webhook data) | [Webhook configuration an adminstration](https://www.openproject.org/docs/system-admin-guide/api-and-webhooks/#webhooks) | From 5cf7901b7844a87fcce2cdbf4a03bc06655a6786 Mon Sep 17 00:00:00 2001 From: Pavel Balashou Date: Mon, 27 Nov 2023 15:18:28 +0100 Subject: [PATCH 13/17] [#51265] Make Nextcloud synchronization more stable. https://community.openproject.org/work_packages/51265 --- .../app/models/storages/nextcloud_storage.rb | 5 +++++ .../spec/models/nextcloud_storage_spec.rb | 20 +++++++++++++++++++ 2 files changed, 25 insertions(+) diff --git a/modules/storages/app/models/storages/nextcloud_storage.rb b/modules/storages/app/models/storages/nextcloud_storage.rb index acd2d42025bc..53d89af9c988 100644 --- a/modules/storages/app/models/storages/nextcloud_storage.rb +++ b/modules/storages/app/models/storages/nextcloud_storage.rb @@ -45,9 +45,14 @@ def self.sync_all_group_folders timeout_seconds: 0, transaction: false) do where("provider_fields->>'automatically_managed' = 'true'") + .order(:created_at) .includes(:oauth_client) .each do |storage| Storages::GroupFolderPropertiesSyncService.new(storage).call + rescue StandardError => e + OpenProject.logger.error( + "Unexpected error during NextcloudStorage ##{storage.id} #{storage.host}: #{e.message}" + ) end true end diff --git a/modules/storages/spec/models/nextcloud_storage_spec.rb b/modules/storages/spec/models/nextcloud_storage_spec.rb index 6ac1574162e3..9b1059290ae0 100644 --- a/modules/storages/spec/models/nextcloud_storage_spec.rb +++ b/modules/storages/spec/models/nextcloud_storage_spec.rb @@ -90,6 +90,26 @@ expect(Storages::GroupFolderPropertiesSyncService).to have_received(:new).with(storage1).once expect(Storages::GroupFolderPropertiesSyncService).not_to have_received(:new).with(storage2) end + + it 'continues synchronization for other storages if previous one raises an exception' do + storage1 = create(:nextcloud_storage, :as_automatically_managed) + storage3 = create(:nextcloud_storage, :as_automatically_managed) + + allow(OpenProject.logger).to receive(:error) + allow(Storages::GroupFolderPropertiesSyncService).to receive(:new).and_call_original + allow(Storages::GroupFolderPropertiesSyncService) + .to receive(:new) + .with(storage1) + .and_raise(RuntimeError.new("Unexpected Error")) + allow_any_instance_of(Storages::GroupFolderPropertiesSyncService).to receive(:call).and_return(nil) # rubocop:disable RSpec/AnyInstance + expect(subject).to be(true) + + expect(OpenProject.logger).to have_received(:error) do |msg, _| + expect(msg).to eq "Unexpected error during NextcloudStorage ##{storage1.id} #{storage1.host}: Unexpected Error" + end + expect(Storages::GroupFolderPropertiesSyncService).to have_received(:new).with(storage1).once + expect(Storages::GroupFolderPropertiesSyncService).to have_received(:new).with(storage3).once + end end context 'when lock is unfree' do From 37b9256c60883c825f2cc3f200b26b5351c6ba5d Mon Sep 17 00:00:00 2001 From: Pavel Balashou Date: Mon, 27 Nov 2023 16:38:28 +0100 Subject: [PATCH 14/17] Update modules/storages/app/models/storages/nextcloud_storage.rb Co-authored-by: Kabiru Mwenja --- modules/storages/app/models/storages/nextcloud_storage.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/storages/app/models/storages/nextcloud_storage.rb b/modules/storages/app/models/storages/nextcloud_storage.rb index 53d89af9c988..31ab532ff987 100644 --- a/modules/storages/app/models/storages/nextcloud_storage.rb +++ b/modules/storages/app/models/storages/nextcloud_storage.rb @@ -51,7 +51,7 @@ def self.sync_all_group_folders Storages::GroupFolderPropertiesSyncService.new(storage).call rescue StandardError => e OpenProject.logger.error( - "Unexpected error during NextcloudStorage ##{storage.id} #{storage.host}: #{e.message}" + "Unexpected error during NextcloudStorage group folders sync for ##{storage.id} #{storage.host}: #{e.message}" ) end true From 8fe83aee876a59cfc9d7a12c93df17b296ed0389 Mon Sep 17 00:00:00 2001 From: Pavel Balashou Date: Mon, 27 Nov 2023 16:40:42 +0100 Subject: [PATCH 15/17] Adjust logged error message in tests. --- modules/storages/spec/models/nextcloud_storage_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/storages/spec/models/nextcloud_storage_spec.rb b/modules/storages/spec/models/nextcloud_storage_spec.rb index 9b1059290ae0..0fd80e8563e7 100644 --- a/modules/storages/spec/models/nextcloud_storage_spec.rb +++ b/modules/storages/spec/models/nextcloud_storage_spec.rb @@ -105,7 +105,7 @@ expect(subject).to be(true) expect(OpenProject.logger).to have_received(:error) do |msg, _| - expect(msg).to eq "Unexpected error during NextcloudStorage ##{storage1.id} #{storage1.host}: Unexpected Error" + expect(msg).to eq "Unexpected error during NextcloudStorage group folders sync for ##{storage1.id} #{storage1.host}: Unexpected Error" end expect(Storages::GroupFolderPropertiesSyncService).to have_received(:new).with(storage1).once expect(Storages::GroupFolderPropertiesSyncService).to have_received(:new).with(storage3).once From 0e44f3b3ec0d3979ee6e337e47a874fee3f5527e Mon Sep 17 00:00:00 2001 From: OpenProject Actions CI Date: Tue, 28 Nov 2023 03:09:59 +0000 Subject: [PATCH 16/17] update locales from crowdin [ci skip] --- config/locales/crowdin/js-sr.yml | 2 +- config/locales/crowdin/nl.yml | 14 +-- .../avatars/config/locales/crowdin/js-sr.yml | 18 +-- modules/avatars/config/locales/crowdin/sr.yml | 50 ++++---- .../backlogs/config/locales/crowdin/js-sr.yml | 4 +- .../backlogs/config/locales/crowdin/sr.yml | 100 +++++++-------- .../boards/config/locales/crowdin/js-sr.yml | 118 +++++++++--------- .../calendar/config/locales/crowdin/uk.yml | 4 +- .../ldap_groups/config/locales/crowdin/uk.yml | 4 +- .../config/locales/crowdin/de.yml | 2 +- .../reporting/config/locales/crowdin/nl.yml | 2 +- 11 files changed, 159 insertions(+), 159 deletions(-) diff --git a/config/locales/crowdin/js-sr.yml b/config/locales/crowdin/js-sr.yml index abbfa8c30acd..b998b8a6a249 100644 --- a/config/locales/crowdin/js-sr.yml +++ b/config/locales/crowdin/js-sr.yml @@ -95,7 +95,7 @@ sr: button_save: "Save" button_settings: "Settings" button_uncheck_all: "Uncheck all" - button_update: "Ažuriranje" + button_update: "Ažuriraj" button_export-pdf: "Download PDF" button_export-atom: "Download Atom" button_create: "Create" diff --git a/config/locales/crowdin/nl.yml b/config/locales/crowdin/nl.yml index 77f0ad333669..d82e61759420 100644 --- a/config/locales/crowdin/nl.yml +++ b/config/locales/crowdin/nl.yml @@ -449,14 +449,14 @@ nl: ldap_auth_source: account: "Account" attr_firstname: "Firstname attribute" - attr_lastname: "Lastname attribute" - attr_login: "Username attribute" - attr_mail: "Email attribute" + attr_lastname: "Achternaam attribuut" + attr_login: "Gebruikersnaam attribuut" + attr_mail: "E-mail attribuut" base_dn: "Base DN" host: "Host" - onthefly: "Automatic user creation" - port: "Port" - tls_certificate_string: "LDAP server SSL certificate" + onthefly: "Automatische gebruiker aanmaken" + port: "Poort" + tls_certificate_string: "LDAP server SSL-certificaat" changeset: repository: "Repository" color: @@ -556,7 +556,7 @@ nl: color: "Kleur" user: admin: "Beheerder" - ldap_auth_source: "LDAP connection" + ldap_auth_source: "LDAP verbinding" current_password: "Huidig wachtwoord" force_password_change: "Afdwingen van wachtwoordwijziging bij volgende login" language: "Taal" diff --git a/modules/avatars/config/locales/crowdin/js-sr.yml b/modules/avatars/config/locales/crowdin/js-sr.yml index ed64bba3a0cf..c3c03636c6eb 100644 --- a/modules/avatars/config/locales/crowdin/js-sr.yml +++ b/modules/avatars/config/locales/crowdin/js-sr.yml @@ -1,15 +1,15 @@ #English strings go here sr: js: - label_preview: 'Pregled' - button_update: 'Ažuriranje' + label_preview: 'Prikaži' + button_update: 'Ažuriraj' avatars: - label_choose_avatar: "Choose Avatar from file" - uploading_avatar: "Uploading your avatar." + label_choose_avatar: "Izaberi avatar kao datoteku" + uploading_avatar: "Postavite avatar." text_upload_instructions: | - Upload your own custom avatar of 128 by 128 pixels. Larger files will be resized and cropped to match. - A preview of your avatar will be shown before uploading, once you selected an image. - error_image_too_large: "Image is too large." - wrong_file_format: "Allowed formats are jpg, png, gif" - empty_file_error: "Please upload a valid image (jpg, png, gif)" + Postavite svoj lični avatar, dimenzije: 128x128 piksela. Veće datoteke će biti isečene na traženu dimenziju. + Avatar će vam biti prikazan, pre postavljanja, onda kada budete izabrali željenu sliku. + error_image_too_large: "Slika je prevelika." + wrong_file_format: "Dozvoljeni formati su: jpg, png, gif" + empty_file_error: "Postavite ispravnu sliku (jpg, png, gif)" diff --git a/modules/avatars/config/locales/crowdin/sr.yml b/modules/avatars/config/locales/crowdin/sr.yml index f0196f2375fa..1b34333da5d9 100644 --- a/modules/avatars/config/locales/crowdin/sr.yml +++ b/modules/avatars/config/locales/crowdin/sr.yml @@ -5,37 +5,37 @@ sr: description: >- This plugin allows OpenProject users to upload a picture to be used as an avatar or use registered images from Gravatar. label_avatar: "Avatar" - label_avatar_plural: "Avatars" - label_current_avatar: "Current Avatar" - label_choose_avatar: "Choose Avatar from file" - message_avatar_uploaded: "Avatar changed successfully." - error_image_upload: "Error saving the image." - error_image_size: "The image is too large." - button_change_avatar: "Change avatar" - are_you_sure_delete_avatar: "Are you sure you want to delete your avatar?" - avatar_deleted: "Avatar deleted successfully." - unable_to_delete_avatar: "Avatar could not be deleted." - wrong_file_format: "Allowed formats are jpg, png, gif" - empty_file_error: "Please upload a valid image (jpg, png, gif)" + label_avatar_plural: "Avatari" + label_current_avatar: "Trenutni Avatar" + label_choose_avatar: "Izaberite Avatar iz sopstvene datoteke" + message_avatar_uploaded: "Avatar je uspešno promenjen." + error_image_upload: "Greška prilikom čuvanja slike." + error_image_size: "Slika je prevelika." + button_change_avatar: "Promenite avatar" + are_you_sure_delete_avatar: "Da li ste sigurni da želite da obrišete svoj avatar?" + avatar_deleted: "Avatar je uspešno obrisan." + unable_to_delete_avatar: "Avatar nije moguće obrisati." + wrong_file_format: "Dozvoljeni formati su: jpg, png, gif" + empty_file_error: "Molim vas postavite sliku u ispravnom formatu (jpg, png, gif)" avatars: label_avatar: "Avatar" label_gravatar: 'Gravatar' - label_current_avatar: 'Current avatar' - label_local_avatar: 'Custom avatar' + label_current_avatar: 'Trenutni avatar' + label_local_avatar: 'Prilagođeni avatar' text_current_avatar: | - The following image shows the current avatar. + Sledeća slika prikazuje tekući avatar. text_upload_instructions: | - Upload your own custom avatar of 128 by 128 pixels. Larger files will be resized and cropped to match. - A preview of your avatar will be shown before uploading, once you selected an image. - text_change_gravatar_html: 'To change or add the Gravatar for your mail address, go to %{gravatar_url}.' + Postavite svoj lični avatar, dimenzije: 128x128 piksela. Veće datoteke će biti isečene na traženu dimenziju. + Avatar će vam biti prikazan, pre postavljanja, onda kada budete izabrali željenu sliku. + text_change_gravatar_html: 'Za dodavanje Gravatar-a adrese vaše elektronske pošte idite na %{gravatar_url}.' text_your_local_avatar: | - OpenProject allows you to upload your own custom avatar. + OpenProject ti dozvoljava da postaviš lični avatar prilagođen sebi. text_local_avatar_over_gravatar: | - If you set one, this custom avatar is used in precedence over the gravatar above. + Ukoliko postavite jedan, prilagođeni avatar ima prednost u odnosu na ponuđeni gravatar iznad. text_your_current_gravatar: | - OpenProject uses your gravatar if you registered one, or a default image or icon if one exists. - The current gravatar is as follows: + OpenProject koristi tvoj gravatar, ukoliko ste registrovali jedna, ili podrazumevanu sliku ili ikonu ako ona postoji. + Trenutni gravatar je: settings: - enable_gravatars: 'Enable user gravatars' - gravatar_default: "Default Gravatar image" - enable_local_avatars: 'Enable user custom avatars' + enable_gravatars: 'Omogućite gravatare korisnika' + gravatar_default: "Podrazumevana Gravatar slika" + enable_local_avatars: 'Omogući prilagođene avatare za korisnike' diff --git a/modules/backlogs/config/locales/crowdin/js-sr.yml b/modules/backlogs/config/locales/crowdin/js-sr.yml index 4694282f916d..5c8758342da5 100644 --- a/modules/backlogs/config/locales/crowdin/js-sr.yml +++ b/modules/backlogs/config/locales/crowdin/js-sr.yml @@ -23,5 +23,5 @@ sr: js: work_packages: properties: - storyPoints: "Story Points" - remainingTime: "Remaining hours" + storyPoints: "Poeni Priče" + remainingTime: "Preostalo časova" diff --git a/modules/backlogs/config/locales/crowdin/sr.yml b/modules/backlogs/config/locales/crowdin/sr.yml index 2078b321d724..126f336fe6fa 100644 --- a/modules/backlogs/config/locales/crowdin/sr.yml +++ b/modules/backlogs/config/locales/crowdin/sr.yml @@ -26,66 +26,66 @@ sr: activerecord: attributes: work_package: - position: "Position" - remaining_hours: "Remaining hours" - remaining_time: "Remaining hours" + position: "Pozicija" + remaining_hours: "Preostalo časova" + remaining_time: "Preostalo časova" derived_remaining_hours: "Derived remaining hours" derived_remaining_time: "Derived remaining hours" - story_points: "Story Points" - backlogs_work_package_type: "Backlog type" + story_points: "Poeni Priče" + backlogs_work_package_type: "Tip backlog-a" errors: models: work_package: attributes: blocks_ids: - can_only_contain_work_packages_of_current_sprint: "can only contain IDs of work packages in the current sprint." - must_block_at_least_one_work_package: "must contain the ID of at least one ticket." + can_only_contain_work_packages_of_current_sprint: "Može sadržati samo ID radnog paketa iz tekućeg sprint-a." + must_block_at_least_one_work_package: "mora sadržati ID bar jednog tiketa." version_id: - task_version_must_be_the_same_as_story_version: "must be the same as the parent story's version." + task_version_must_be_the_same_as_story_version: "mora biti ista kao verzija priče roditelja." sprint: - cannot_end_before_it_starts: "Sprint cannot end before it starts." + cannot_end_before_it_starts: "Sprint se ne može završiti pre nego što počne." backlogs: - add_new_story: "New Story" - any: "any" - backlog_settings: "Backlogs settings" - burndown_graph: "Burndown Graph" - card_paper_size: "Paper size for card printing" - chart_options: "Chart options" - close: "Close" - column_width: "Column width:" - date: "Day" - definition_of_done: "Definition of Done" - generating_chart: "Generating Graph..." - hours: "Hours" - impediment: "Impediment" - label_versions_default_fold_state: "Show versions folded" - work_package_is_closed: "Work package is done, when" - label_is_done_status: "Status %{status_name} means done" - no_burndown_data: "No burndown data available. It is necessary to have the sprint start- and end dates set." - points: "Points" - positions_could_not_be_rebuilt: "Positions could not be rebuilt." - positions_rebuilt_successfully: "Positions rebuilt successfully." - properties: "Properties" - rebuild: "Rebuild" - rebuild_positions: "Rebuild positions" - remaining_hours: "Remaining hours" - remaining_hours_ideal: "Remaining hours (ideal)" - show_burndown_chart: "Burndown Chart" - story: "Story" - story_points: "Story Points" - story_points_ideal: "Story Points (ideal)" - task: "Task" - task_color: "Task color" - unassigned: "Unassigned" - x_more: "%{count} more..." - backlogs_active: "active" - backlogs_any: "any" - backlogs_inactive: "Project shows no activity" - backlogs_points_burn_direction: "Points burn up/down" - backlogs_product_backlog: "Product backlog" - backlogs_product_backlog_is_empty: "Product backlog is empty" - backlogs_product_backlog_unsized: "The top of the product backlog has unsized stories" - backlogs_sizing_inconsistent: "Story sizes vary against their estimates" + add_new_story: "Nova Priča" + any: "bilo koji" + backlog_settings: "Podešavanja backlog-a" + burndown_graph: "Burndown grafik" + card_paper_size: "Format papira za štampanje kartica" + chart_options: "Opcije grafikona" + close: "Zatvori" + column_width: "Širina kolone:" + date: "Dan" + definition_of_done: "Definicija završetka" + generating_chart: "Generisanje Grafika..." + hours: "Časovi" + impediment: "Smetnja" + label_versions_default_fold_state: "Prikaži verzije skupljene" + work_package_is_closed: "Radni paket je završen, kada" + label_is_done_status: "Status %{status_name} znači završen" + no_burndown_data: "Nema dostupnih burndown podataka. Potrebno je zadati datum početka i kraja sprint-a." + points: "Poeni" + positions_could_not_be_rebuilt: "Pozicije ne mogu biti rekonstruisane." + positions_rebuilt_successfully: "Rekonstrukcija pozicija je uspešna." + properties: "Svojstva" + rebuild: "Rekonstrukcija" + rebuild_positions: "Rekonstruiši pozicije" + remaining_hours: "Preostalo časova" + remaining_hours_ideal: "Preostalo časova (idealno)" + show_burndown_chart: "Burndown grafik" + story: "Priča" + story_points: "Poeni Priče" + story_points_ideal: "Poeni Priče (idealno)" + task: "Zadatak" + task_color: "Boja zadatka" + unassigned: "Nedodeljen" + x_more: "%{count} više..." + backlogs_active: "aktivno" + backlogs_any: "bilo koji" + backlogs_inactive: "Projekat ne pokazuje aktivnosti" + backlogs_points_burn_direction: "burn up/down poeni" + backlogs_product_backlog: "Backlog proizvoda" + backlogs_product_backlog_is_empty: "Backlog proizvoda je prazan" + backlogs_product_backlog_unsized: "Vrh backlog-a proizvoda ima nedefinisane priče" + backlogs_sizing_inconsistent: "Veličine priča variraju u odnosu na njihove procene" backlogs_sprint_notes_missing: "Closed sprints without retrospective/review notes" backlogs_sprint_unestimated: "Closed or active sprints with unestimated stories" backlogs_sprint_unsized: "Project has stories on active or recently closed sprints that were not sized" diff --git a/modules/boards/config/locales/crowdin/js-sr.yml b/modules/boards/config/locales/crowdin/js-sr.yml index c2d4f7e06550..16744793f0ba 100644 --- a/modules/boards/config/locales/crowdin/js-sr.yml +++ b/modules/boards/config/locales/crowdin/js-sr.yml @@ -2,85 +2,85 @@ sr: js: boards: - create_new: 'Create new board' - label_unnamed_board: 'Unnamed board' - label_unnamed_list: 'Unnamed list' - label_board_type: 'Board type' + create_new: 'Nova tabla' + label_unnamed_board: 'Neimenovana tabla' + label_unnamed_list: 'Neimenovana lista' + label_board_type: 'Tip table' upsale: teaser_text: 'Would you like to automate your workflows with Boards? Advanced boards are an Enterprise add-on. Please upgrade to a paid plan.' - upgrade: 'Upgrade now' + upgrade: 'Nadogradite' lists: - delete: 'Delete list' + delete: 'Obriši listu' version: - is_locked: 'Version is locked. No items can be added to this version.' - is_closed: 'Version is closed. No items can be added to this version.' - close_version: 'Close version' - open_version: 'Open version' - lock_version: 'Lock version' - unlock_version: 'Unlock version' - edit_version: 'Edit version' - show_version: 'Show version' - locked: 'Locked' - closed: 'Closed' - new_board: 'New board' - add_list: 'Add list to board' - add_card: 'Add card' - error_attribute_not_writable: "Cannot move the work package, %{attribute} is not writable." - error_loading_the_list: "Error loading the list: %{error_message}" - error_permission_missing: "The permission to create public queries is missing" - error_cannot_move_into_self: "You can not move a work package into its own column." - text_hidden_list_warning: "Not all lists are displayed because you lack the permission. Contact your admin for more information." - click_to_remove_list: "Click to remove this list" + is_locked: 'Verzija je zaključana. U ovu verziju nije moguće dodavati stavke.' + is_closed: 'Verzija je zatvorena. U ovu verziju nije moguće dodavati stavke.' + close_version: 'Zatvori verziju' + open_version: 'Otvori verziju' + lock_version: 'Zaključaj verziju' + unlock_version: 'Otključaj verziju' + edit_version: 'Uredi verziju' + show_version: 'Prikaži verziju' + locked: 'Zaključano' + closed: 'Zatvoreno' + new_board: 'Nova tabla' + add_list: 'Dodaj listu na tablu' + add_card: 'Dodaj karticu' + error_attribute_not_writable: "Radni paket nije moguće premestiti, %{attribute} nije upisiv." + error_loading_the_list: "Greška pri učitavanju liste: %{error_message}" + error_permission_missing: "Nemate dozvolu za kreiranje javnih upita" + error_cannot_move_into_self: "Nemožeta premestiti radni paket u izdvojenu kolonu" + text_hidden_list_warning: "Nemate dovoljno privilegija za prikaz svih lista. Za više informacija kontaktirajte vašeg administratora." + click_to_remove_list: "Klikni da ukloniš ovu listu" board_type: - text: 'Board type' - free: 'basic' - select_board_type: 'Please choose the type of board you need.' + text: 'Tip table' + free: 'osnovno' + select_board_type: 'Izaberite tip table.' free_text: > - Start from scratch with a blank board. Manually add cards and columns to this board. - action: 'Action board' - action_by_attribute: 'Action board (%{attribute})' + Počnite ispočetka sa praznom tablom. Na tablu, ručno dodaj kartice i kolone. + action: 'Tabla sa zadacima' + action_by_attribute: 'Tabla sa zadacima (%{attribute})' action_text: > - A board with filtered lists on %{attribute} attribute. Moving work packages to other lists will update their attribute. + Tabla sa filtriranim listama po %{attribute}. Premeštanje radnog paketa na druge liste osvežava njihove atribute. action_text_subprojects: > - Board with automated columns for subprojects. Dragging work packages to other lists updates the (sub-)project accordingly. + Tabla sa automatizovanim kolonama za potprojekte. Prevlačenje radnog paketa na druge liste osvežava stanje potprojekta. action_text_subtasks: > - Board with automated columns for sub-elements. Dragging work packages to other lists updates the parent accordingly. + Tabla sa automatizovanim kolonama za podelemente. Prevlačenje radnog paketa na druge liste osvežava stanje izvornog elementa. action_text_status: > - Basic kanban style board with columns for status such as To Do, In Progress, Done. + Osnovna tabla u kanban stilu, sa kolonama koje prikazuju status, kao što su: Uraditi, Tekuće, Završeno. action_text_assignee: > - Board with automated columns based on assigned users. Ideal for dispatching work packages. + Tabla sa automatizovanim kolonama, po dodeljenim korisnicima. Idealna za otpremanje radnih paketa. action_text_version: > - Board with automated columns based on the version attribute. Ideal for planning product development. + Tabla sa automatizovanim kolonama, po atributima verzije. Idealna za planiranje razvoja proizvoda. action_type: - assignee: assignee + assignee: zadužen status: status - version: version - subproject: subproject - subtasks: parent-child + version: verzija + subproject: potprojekat + subtasks: roditelj-dete board_type_title: - assignee: Assignee + assignee: Zadužen status: Status - version: Version - subproject: Subproject + version: Verzija + subproject: Potprojekat subtasks: Parent-child - basic: Basic - select_attribute: "Action attribute" + basic: Osnovno + select_attribute: "Atribut akcije" add_list_modal: labels: - assignee: Select user to add as a new assignee list - status: Select status to add as a new list - version: Select version to add as a new list - subproject: Select subproject to add as a new list - subtasks: Select work package to add as a new list + assignee: Izaberi korisnika za dodavanje kao novu listu dodeljenih + status: Izaberi status za dodavanje kao novu listu + version: Izaberite verziju, za dodavanje kao novu list + subproject: Izaberite potprojekat, za dodavanje kao novu listu + subtasks: Izaberite radni paket, za dodavanje kao novu listu warning: status: | - There is currently no status available.
- Either there are none or they have all already been added to the board. - assignee: There isn't any member matched with your filter value.
- no_member: This project currently does not have any members that can be added.
- add_members: Add a new member to this project to select users again. + Trenutno nema dostupnih statusa.
+ Ili ne postoji ni jedan, ili su svi već dodati na tablu. + assignee: Nema članova koji odgovaraju traženom filteru. + no_member: Projekat trenutno nema članova dostupnih za dodavanje. + add_members: Dodaj novog člana ovom projektuda bi ste ponovo izabrali korisnike. configuration_modal: - title: 'Configure this board' + title: 'Konfigurišite ovu tablu' display_settings: - card_mode: "Display as cards" - table_mode: "Display as table" + card_mode: "Prikaži kao kartice" + table_mode: "Prikaži kao tablu" diff --git a/modules/calendar/config/locales/crowdin/uk.yml b/modules/calendar/config/locales/crowdin/uk.yml index 980bad7123cf..6e3e16d8fcde 100644 --- a/modules/calendar/config/locales/crowdin/uk.yml +++ b/modules/calendar/config/locales/crowdin/uk.yml @@ -1,8 +1,8 @@ #English strings go here uk: plugin_openproject_calendar: - name: "OpenProject Calendar" - description: "Provides calendar views." + name: "Календар OpenProject " + description: "Дозволяти перегляд календаря" label_calendar: "Календар" label_calendar_plural: "Календарі" label_new_calendar: "Новий календар" diff --git a/modules/ldap_groups/config/locales/crowdin/uk.yml b/modules/ldap_groups/config/locales/crowdin/uk.yml index 4541b302e94f..140d8f4e99d7 100644 --- a/modules/ldap_groups/config/locales/crowdin/uk.yml +++ b/modules/ldap_groups/config/locales/crowdin/uk.yml @@ -1,7 +1,7 @@ uk: plugin_openproject_ldap_groups: - name: "OpenProject LDAP groups" - description: "Synchronization of LDAP group memberships." + name: "Групи LDAP OpenProject" + description: "Синхронізація членства в LDAP групах." activerecord: attributes: ldap_groups/synchronized_group: diff --git a/modules/openid_connect/config/locales/crowdin/de.yml b/modules/openid_connect/config/locales/crowdin/de.yml index 977276e6253b..0696064407eb 100644 --- a/modules/openid_connect/config/locales/crowdin/de.yml +++ b/modules/openid_connect/config/locales/crowdin/de.yml @@ -23,7 +23,7 @@ de: singular: OpenID-Anbieter setting_instructions: azure_deprecation_warning: > - The configured Azure app points to a deprecated API from Azure. Please create a new Azure app to ensure the functionality in future. + Die konfigurierte Azure App verwendet eine veraltete API von Azure. Bitte erstellen Sie eine neue Azure App, um die Funktionalität in Zukunft sicherzustellen. azure_graph_api: > Endpunkt graph.microsoft.com für OpenID Connect userinfo Anfragen, um Benutzerdaten anzufordern. Dies sollte die Standardeinstellung sein, es sei denn, Sie haben eine ältere azure Anwendung. azure_tenant_html: > diff --git a/modules/reporting/config/locales/crowdin/nl.yml b/modules/reporting/config/locales/crowdin/nl.yml index 1662658b15e1..90539570629b 100644 --- a/modules/reporting/config/locales/crowdin/nl.yml +++ b/modules/reporting/config/locales/crowdin/nl.yml @@ -86,7 +86,7 @@ nl: validation_failure_integer: "is geen geldig geheel getal" export: cost_reports: - title: "Your Cost Reports XLS export" + title: "Jouw kostenrapporten XLS export" reporting: group_by: selected_columns: "Geselecteerde kolommen" From a3673b60fed3aa77f71479973467649e5bccae72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20G=C3=BCnther?= Date: Tue, 28 Nov 2023 13:46:42 +0100 Subject: [PATCH 17/17] Add section on not offering bug bounty currently --- docs/security-and-privacy/statement-on-security/README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/security-and-privacy/statement-on-security/README.md b/docs/security-and-privacy/statement-on-security/README.md index 33d9f9467099..4169b4cdeffb 100644 --- a/docs/security-and-privacy/statement-on-security/README.md +++ b/docs/security-and-privacy/statement-on-security/README.md @@ -61,6 +61,9 @@ If you can, please send us a PGP-encrypted email using the following key: Please include a description on how to reproduce the issue if possible. Our security team will get your email and will attempt to reproduce and fix the issue as soon as possible. +> **Please note:** OpenProject currently does not offer a bug bounty program. We will do our best to give you the appropriate credits for responsibly disclosing a security vulnerability to us. We will gladly reference your work, name, website on every publication we do related to the security update. + + ## OpenProject security features ### Authentication and password security