Last week was again mostly spent on reviewing pull requests and screening issues. This little housecleaning work is sometimes surprisingly time consuming :-).
Besides that I've again reviewed potential security weaknesses in our process reported by Emanuel Bronshtein. This lead to various hardenings in our Docker container, Debian packages or our website. There are still places to improve, but we're getting better with every commit.
- #12578 Fix error in adcaf7c
- #12580 Assign LIMIT clause only to syntactically correct queries
- #12574 SELECT * FROM INFORMATION_SCHEMA.SCHEMATA error
- #12568 Remove token from links and icon links in Navigation bar
- #12556 Fix #12300 : Uncheck the Add CREATE PROCEDURE / FUNCTION etc. checkbox for a selective export
- #12544 Fix #12530: Show enabled links for Edit and Execute after proper priv checks
- #12555 Allow vertical scrolling to read longer text values in grid editing
- #12557 Don't use PMA_DROP_IMPORT on Table insert if it has Blob field
- #12565 German Translation under Replication is wrong
- #54 allow to describe host with description
- #52 Is it necessary to run it as root?
- #53 Start PHP-FPM as nobody
- #31 Project's birthday is September 9
- #86 incorrect "Latest release" in sql-parser
- #83 XSS in the highlighter
- #84 Escape sequence injection in Formatting SQL query (cli fromat)
- #85 Fix parsing of user@host without backquotes