From 0a3a0862ffaf4c63396f4d96f765238e9f3e92cf Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Mon, 8 Nov 2021 13:33:24 +0100 Subject: [PATCH 1/3] fixes to be pure markdown --- SECURITY.md | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 427b1cc7ae2..9c28e2874b9 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -12,8 +12,7 @@ This file contains some policies about the security reports on Dolibarr ERP CRM ## Reporting a Vulnerability -To report a vulnerability, please use GitHub security advisory at https://github.com/Dolibarr/dolibarr/security/advisories/new (if you have permissions) or alternatively send an email to security@dolibarr.org (for everybody) - +To report a vulnerability, please use GitHub security advisory at [https://github.com/Dolibarr/dolibarr/security/advisories/new](https://github.com/Dolibarr/dolibarr/security/advisories/new) (if you have permissions) or alternatively send an email to security@dolibarr.org (for everybody) ## Hunting vulnerabilities on Dolibarr @@ -23,7 +22,7 @@ If you believe you've found a security bug in our service, we are happy to work Any type of denial of service attacks is strictly forbidden, as well as any interference with network equipment and Dolibarr infrastructure. -We recommand to install Dolibarr ERP CRM on your own server (as most Open Source software, download and use is free: https://www.dolibarr.org/download) to get access on every side of application. +We recommand to install Dolibarr ERP CRM on your own server (as most Open Source software, download and use is free: [https://www.dolibarr.org/download](https://www.dolibarr.org/download)) to get access on every side of application. ### User Agent @@ -31,8 +30,7 @@ If you try to find bug on Dolibarr, we recommend to append to your user-agent he ### Account access -You can install the web application yourself on your own platform/server so you get full access to application and sources. Download the zip of the files to put into your own web server virtual host from https://www.dolibarr.org/download - +You can install the web application yourself on your own platform/server so you get full access to application and sources. Download the zip of the files to put into your own web server virtual host from [https://www.dolibarr.org/download](https://www.dolibarr.org/download) ## Eligibility and Responsible Disclosure @@ -46,7 +44,6 @@ You must avoid tests that could cause degradation or interruption of our service You must not leak, manipulate, or destroy any user data of third parties to find your vulnerability. - ## Scope for qualified vulnerabilities ONLY vulnerabilities discovered, when the following setup on test platform is used, are "valid": @@ -64,7 +61,6 @@ ONLY vulnerabilities discovered, when the following setup on test platform is us Scope is the web application (back office) and the APIs. - ## Qualifying vulnerabilities for reporting * Remote code execution (RCE) @@ -81,7 +77,6 @@ Scope is the web application (back office) and the APIs. * Software version disclosure (for non admin users only) * Stack traces or path disclosure (for non admin users only) - ## Non-qualifying vulnerabilities for reporting * "Self" XSS @@ -99,4 +94,3 @@ Scope is the web application (back office) and the APIs. * Software version or private IP disclosure when logged user is admin * Stack traces or path disclosure when logged user is admin * Any vulnerabilities due to a configuration different than the one defined into chapter "Scope for qualified vulnerabilities". - From d06d6c51cd7ca5802bcac3047386e9011e0fb14a Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Mon, 8 Nov 2021 13:44:46 +0100 Subject: [PATCH 2/3] MD041 - First line in a file should be a top-level heading --- htdocs/modulebuilder/template/core/boxes/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/modulebuilder/template/core/boxes/README.md b/htdocs/modulebuilder/template/core/boxes/README.md index b641e7136bc..3989bca5847 100644 --- a/htdocs/modulebuilder/template/core/boxes/README.md +++ b/htdocs/modulebuilder/template/core/boxes/README.md @@ -1 +1 @@ -Directory where widgets files are stored. \ No newline at end of file +# Directory where widgets files are stored From 85a3bbba3d9fc491b16ba761ce82afdef42b7af8 Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Mon, 8 Nov 2021 13:51:03 +0100 Subject: [PATCH 3/3] Translations --- .../mailings/mailinglist_mymodule_myobject.modules.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/modulebuilder/template/core/modules/mailings/mailinglist_mymodule_myobject.modules.php b/htdocs/modulebuilder/template/core/modules/mailings/mailinglist_mymodule_myobject.modules.php index dc797b99a94..b50f4acf741 100644 --- a/htdocs/modulebuilder/template/core/modules/mailings/mailinglist_mymodule_myobject.modules.php +++ b/htdocs/modulebuilder/template/core/modules/mailings/mailinglist_mymodule_myobject.modules.php @@ -55,9 +55,9 @@ class mailing_mailinglist_mymodule_myobject extends MailingTargets /** - * Affiche formulaire de filtre qui apparait dans page de selection des destinataires de mailings + * Displays the filter form that appears in the mailing recipient selection page * - * @return string Retourne zone select + * @return string Return select zone */ public function formFilter() { @@ -83,7 +83,7 @@ class mailing_mailinglist_mymodule_myobject extends MailingTargets /** - * Renvoie url lien vers fiche de la source du destinataire du mailing + * Returns url link to file of the source of the recipient of the mailing * * @param int $id ID * @return string Url lien @@ -115,7 +115,7 @@ class mailing_mailinglist_mymodule_myobject extends MailingTargets } $sql .= " ORDER BY email"; - // Stocke destinataires dans target + // Store recipients in target $result = $this->db->query($sql); if ($result) { $num = $this->db->num_rows($result);