Use AddComponent for OpenAPI security scheme registration
Fixes security requirements being serialized as empty objects in the
OpenAPI document by using the document's AddComponent method instead
of directly manipulating the SecuritySchemes dictionary.
* Adds localization manifests for region-specific cultures
This is to support backwards-compatibility and v13 upgradability.
* Removed `uiCulture` from Vietnamese localizations
since it duplicated the English fallback texts.
* 'en' localization file formatting
* Update src/Umbraco.Web.UI.Client/src/assets/lang/en.ts
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Update Swashbuckle to v10
* Regenerate backoffice api client
* Add missing space for consistency
* Simplify nullability check
* Small improvement
Didn't notice that these classes were internal, so tried keeping compatibility, but it wasn't needed.
* Fix failing integration test
* Apply suggestions from code review
Co-authored-by: Andy Butland <abutland73@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Remove unnecessary comma
---------
Co-authored-by: Andy Butland <abutland73@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Handles rich text blocks created with TinyMCE in convert local links migration.
Refreshes internal datatype cache following migration requiring cache rebuild.
* Redact back-office PKCE codes from the server
* Update src/Umbraco.Cms.Api.Common/DependencyInjection/HideBackOfficeTokensHandler.cs
---------
Co-authored-by: Andy Butland <abutland73@gmail.com>
* Removes npm commands from the MSBuild of the CSPROJ of the umbraco-extension dotnet new template
Was agreed by the community package team to remove this, as this DX can cause more issues than actually help users in our opinion
* Removed the unused value - good catch by Copilot
* Move access/refresh tokens to secure cookies (#20779)
* feat: adds the `credentials: include` header to all manual requests
* feat: adds `credentials: include` as a configurable option to xhr requests (and sets it by default to true)
* feat: configures the auto-generated fetch client from hey-api to include credentials by default
* Add OpenIddict handler to hide tokens from the back-office client
* Make back-office token redaction optional (default false)
* Clear back-office token cookies on logout
* Add configuration for backoffice cookie settings
* Make cookies forcefully secure + move cookie handler enabling to the BackOfficeTokenCookieSettings
* Use the "__Host-" prefix for cookie names
* docs: adds documentation on cookie settings
* build: sets up launch profile for vscode with new cookie recommended settings
* docs: adds extra note around SameSite settings
* docs: adds extra note around SameSite settings
* Respect sites that do not use HTTPS
* Explicitly invalidate potentially valid, old refresh tokens that should no longer be used
* Removed obsolete const
---------
Co-authored-by: Jacob Overgaard <752371+iOvergaard@users.noreply.github.com>
* Remove configuration option
* Invalidate all existing access tokens on upgrade
* docs: updates recommended settings for development
* build: removes non-existing variable
* Skip flaky test
* Bumped version of our test helpers to fix failing tests
---------
Co-authored-by: Jacob Overgaard <752371+iOvergaard@users.noreply.github.com>
Co-authored-by: Andreas Zerbst <andr317c@live.dk>
Update icon usage in collection menu and example data
Replaces <uui-icon> with <umb-icon> in the default collection menu item element to support colors. Also updates example picker data source items to showcase color support.
* Add MemberType/MemberTypeContainer to supported EntityContainer object types
* Implement MemberTypeContainerRepository
* Prepare base controller for MemberTypeTreeControllerBase.
* Revert "Prepare base controller for MemberTypeTreeControllerBase."
This reverts commit ad213a23add5e511b1fba6580ca563156cd9c043.
* Added foldersOnly flag in readiness for support in 17.1.
* Added foldersOnly flag in readiness for support in 17.1 (2).
---------
Co-authored-by: Ronald Barendse <ronald@barend.se>
* Make the RTE treat an "empty" value as a non-value
* Additional tests
* Add tests for invariant and variant content.
---------
Co-authored-by: Andy Butland <abutland73@gmail.com>
* Added request cache to content and media lookups in mult URL picker.
* Allow property editors to cache referenced entities from block data.
* Update src/Umbraco.Infrastructure/PropertyEditors/MultiUrlPickerValueEditor.cs
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Add obsoletions.
* Minor spellcheck
* Ensure request cache is available before relying on it.
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: kjac <kja@umbraco.dk>
* Generate BOM files on build
* Upload BOM to Dependency Track
* Move Backoffice BOM generation to right after install
The build and/or pack steps are deleting files that are needed for the BOM to be generated properly.
* Split the BOM uploads into different jobs
* Fix wrong usage of parameters
* Move order of dependency track stage
* Fix wrong umbracoVersion value
* Small fixes
* Log curl response headers
* Correct version sent to dependency track
* Adjusted curl flags
* Fix bom file path
* Fix dotnet bom file name
* Add Login UI to dependency track
* Generate BOM for E2E Tests
* Move dependency track stage
* Move acceptance test .env generation to e2e install template
Needed as the post install script is expecting this to exist.
* Use major version if public release
* Missing ')'
* Reverted npm install command changes in static assets project
* enforce update of children when collection
* only load one above and below collection children
* take 50 above a target for default experience
* revert reset target
* remove old impl
