mirror of
https://github.com/pretix/pretix.git
synced 2026-06-10 01:15:05 +00:00
Compare commits
merge into: CGM_Public:ssrf-cgnat2
CGM_Public:master
CGM_Public:securityprofile-order
CGM_Public:medientausch
CGM_Public:fix-errorpage-markup
CGM_Public:release/2026.3.x
CGM_Public:release/2026.4.x
CGM_Public:release/2026.5.x
CGM_Public:stable
CGM_Public:ssrf-cgnat2
CGM_Public:pajowu/ssrf-cgnat2-smtp
CGM_Public:giftcards-typeahead-read
CGM_Public:teams-perm-note
CGM_Public:medium-export-giftcards-respect-permissions
CGM_Public:bank-perms-conservative
CGM_Public:dependabot/pip/beautifulsoup4-eq-4.15.star
CGM_Public:dependabot/pip/sentry-sdk-eq-2.62.star
CGM_Public:customer-export-memberships
CGM_Public:waitinglist-voucher-next
CGM_Public:api-checkin-opt-file
CGM_Public:dependabot/pip/redis-eq-8.0.star
CGM_Public:dependabot/pip/django-redis-eq-7.0.star
CGM_Public:pajowu/wallet
CGM_Public:pajowu/font_fallback
CGM_Public:checkinrule-inactive-products
CGM_Public:email-change-ratelimit
CGM_Public:dependabot/pip/stripe-eq-15.2.star
CGM_Public:pajowu/pretix_cfg_reload
CGM_Public:mails-to-addon-attendees
CGM_Public:dependabot/pip/django-oauth-toolkit-eq-3.3.star
CGM_Public:order-relativedatetime
CGM_Public:bulk-vouchers-ref
CGM_Public:release/2026.2.x
CGM_Public:eventmeta-restrict-values
CGM_Public:sentry-more-scrubbing
CGM_Public:search
CGM_Public:remove-duplicate-csrftoken-cookie
CGM_Public:vat-id-validated-nonempty
CGM_Public:fix-delete-cookies-partitioned
CGM_Public:pajowu/fix_import_prefixes
CGM_Public:fix-validated-vat-id-ui
CGM_Public:order-print-log-device-name
CGM_Public:dependabot/pip/pypdf-eq-6.11.star
CGM_Public:fix-clone-metaprops
CGM_Public:fix-ci-playwright-install
CGM_Public:dependabot/pip/requests-eq-2.34.star
CGM_Public:pajowu/show_invoice_dirty
CGM_Public:fix-logging-mixin-optional-event
CGM_Public:fix-translation-order-import
CGM_Public:date-fallback-logdisplay
CGM_Public:fix-orderlist-invalid-pprov
CGM_Public:remove-invalid-action
CGM_Public:questions-vue3
CGM_Public:taxrate-decimals
CGM_Public:drop-seconds-formfields
CGM_Public:subevent-link-order
CGM_Public:fix-mail-backend-path
CGM_Public:bulk-quotas
CGM_Public:luelista/fix_docker_perms
CGM_Public:quota-webhooks
CGM_Public:thumb-colorspace
CGM_Public:pajowu/sendmail_status_filter
CGM_Public:api-payment-ignore-date
CGM_Public:attendee-mails-default
CGM_Public:missing-logentries-meta
CGM_Public:bulk-vouchers
CGM_Public:cleanup-dead-widgets
CGM_Public:pajowu/force_invoice_backend
CGM_Public:pajowu/widget_dvh
CGM_Public:fix_expand
CGM_Public:self-service-storno
CGM_Public:pajowu/fix_smtp
CGM_Public:ssrf-protect-by-default
CGM_Public:pajowu/customer_resetpw_new_tab
CGM_Public:luelista/event-list-type
CGM_Public:pajowu/mixed_csrf_middlewares
CGM_Public:order-api-voucher-race
CGM_Public:release/2026.1.x
CGM_Public:fix-csv-import
CGM_Public:pajowu/test_cleanup
CGM_Public:exporter-auth-infos
CGM_Public:position-add-multi
CGM_Public:less-cart-sessions
CGM_Public:payment-details-fallback
CGM_Public:pajowu/mail_guid
CGM_Public:pajowu/eventlist_filter
CGM_Public:ai-policy
CGM_Public:2fa-bigradio
CGM_Public:2fa-flowtoken
CGM_Public:calendar-nav-icon
CGM_Public:fix-no-orgs
CGM_Public:pajowu/pagination_one
CGM_Public:fix-missing-exporters
CGM_Public:use_gift_cards-docs-cleanup
CGM_Public:lbo-api-giftcard-payment
CGM_Public:fix-log-display-team-invite-delete
CGM_Public:db-ro-user
CGM_Public:peppol-be-autofill-fix
CGM_Public:peppol-be-id-validation
CGM_Public:error-pages-theme
CGM_Public:voucher-csv-vol
CGM_Public:timemachine-limits
CGM_Public:lbo-add-organizer-op-endpoint
CGM_Public:vat-validate-log
CGM_Public:recalculate-zero
CGM_Public:ppv2_created_payments
CGM_Public:datasync-logging
CGM_Public:webhook-acceptor-slugs
CGM_Public:lbo-waitinglist-edit
CGM_Public:fix-mails-stuck
CGM_Public:fix-safari-cookie-partitioned
CGM_Public:pp_pending_captures
CGM_Public:add-acceptor-slug
CGM_Public:hardening-2fa
CGM_Public:pajowu/plainhtmlalternative_placeholder
CGM_Public:voucher-field-label
CGM_Public:error-back-remove
CGM_Public:mail-html-templates
CGM_Public:mail-perf
CGM_Public:release/2025.9.x
CGM_Public:release/2025.10.x
CGM_Public:move-request-get-items-to-ctx
CGM_Public:fix-order-company-display
CGM_Public:fix-mail-headers-none
CGM_Public:outgoingmail-from-header
CGM_Public:order-change-out-of-timeframe-fix
CGM_Public:lbo-giftcard-webhooks
CGM_Public:apidoc-device-cleanup
CGM_Public:fix-escape-braces
CGM_Public:payment-unlock-fixes
CGM_Public:invoices-only-b2b
CGM_Public:lbo-fix-filter
CGM_Public:export-overview-skip-empty
CGM_Public:fix-programtime-queries
CGM_Public:fix-api-expand
CGM_Public:rounding-down-consumer-friendly
CGM_Public:release/2025.8.x
CGM_Public:Add-Promptpay-for-stripe
CGM_Public:answer-export
CGM_Public:release/2025.7.x
CGM_Public:logentrytype-schema
CGM_Public:dependent-on-cc
CGM_Public:fix-rrule
CGM_Public:exports-repeatable-read
CGM_Public:order-import-logentries-bulk
CGM_Public:notification-bulk-check
CGM_Public:revert-5452-invoice-plugin-data
CGM_Public:img-srcset
CGM_Public:add-category-btn
CGM_Public:org-level-plugin
CGM_Public:plugins-page-fix
CGM_Public:release/2025.6.x
CGM_Public:pdf-editor-areyousure
CGM_Public:api-expand-generic
CGM_Public:event-title-everywhere
CGM_Public:a11y-improve-renew-feedback
CGM_Public:release/2025.5.x
CGM_Public:stripe_12x
CGM_Public:dialog-backdrop-click-close
CGM_Public:a11y-fix-waitinglist-link
CGM_Public:a11y-placeolder-contrast
CGM_Public:cart-renewal-ui-html5dialog
CGM_Public:cart-renewal-ui
CGM_Public:tooltip-a11y
CGM_Public:a11y-widget-fix-filter-dropdown
CGM_Public:a11y-common-modal-dialogs
CGM_Public:a11y-fix-datepicker-error
CGM_Public:release/2025.4.x
CGM_Public:release/2025.3.x
CGM_Public:fix-customer-create-race-condition
CGM_Public:scheduledmail-subevent-missing
CGM_Public:fix-widget-data-3rdparty
CGM_Public:release/2025.2.x
CGM_Public:lists-for-failed-checkin
CGM_Public:fix-widget-data-overwrite
CGM_Public:fix-copy-to-first-matching
CGM_Public:headless
CGM_Public:release/2025.1.x
CGM_Public:a11y-autofocus-tabindex
CGM_Public:widget-cookiebot
CGM_Public:fix-shipping-form
CGM_Public:addressform-err-handling
CGM_Public:release/2024.11.x
CGM_Public:quota-lock-log
CGM_Public:checkin-present-filter-perf
CGM_Public:fix-cond-display
CGM_Public:release/2024.10.x
CGM_Public:hacky-debug-output
CGM_Public:hacky-debug-output-reruns
CGM_Public:ci-more-threads
CGM_Public:before-fakeredis-update
CGM_Public:actions-debug-postgres-1
CGM_Public:actions-fix-postgres
CGM_Public:manual-installation
CGM_Public:subevent-empty-avoid
CGM_Public:release/2024.9.x
CGM_Public:release/2024.8.x
CGM_Public:release/2024.7.x
CGM_Public:release/2024.6.x
CGM_Public:release/2024.5.x
CGM_Public:fix-stripe-sca-sandbox
CGM_Public:order-nullability
CGM_Public:pytest-no-pending
CGM_Public:daterange-test-foo
CGM_Public:fix-checkbox-disabled-label-refactor
CGM_Public:fix-mail-preview-brackets-mismatch
CGM_Public:multi-subevent-cart-add
CGM_Public:release/2024.4.x
CGM_Public:release/2024.3.x
CGM_Public:back-to-the-future
CGM_Public:release/2024.2.x
CGM_Public:release/2023.10.x
CGM_Public:release/2023.8.x
CGM_Public:release/2023.9.x
CGM_Public:release/2024.1.x
CGM_Public:event-dashboard
CGM_Public:scan-debug-data
CGM_Public:pdf-fix-rotate
CGM_Public:payment-available-from2
CGM_Public:release/4.20.x
CGM_Public:release/2023.6.x
CGM_Public:release/2023.7.x
CGM_Public:new-checkin-type
CGM_Public:fix-pdf-image-multi-export
CGM_Public:fix-pdf-bg-offset
CGM_Public:fix-lazy-translation-settings
CGM_Public:add-order-min
CGM_Public:release/4.19.x
CGM_Public:idna
CGM_Public:release/4.18.x
CGM_Public:release/4.15.x
CGM_Public:release/4.16.x
CGM_Public:release/4.17.x
CGM_Public:compact-cart
CGM_Public:harmonize-checkin-export-date
CGM_Public:ocm-no-canceled
CGM_Public:widget-seating-embed
CGM_Public:guest-handling
CGM_Public:dnspython2
CGM_Public:invoice-to-other-email
CGM_Public:answer-options-csv
CGM_Public:release/4.14.x
CGM_Public:transaction-source
CGM_Public:release/4.13.x
CGM_Public:common-country-names
CGM_Public:release/4.12.x
CGM_Public:release/4.9.x
CGM_Public:release/4.11.x
CGM_Public:release/4.10.x
CGM_Public:product-list-export
CGM_Public:fix-api-operations-refresh
CGM_Public:remove-promise-from-paypal2
CGM_Public:aws_ses_454
CGM_Public:release/4.8.x
CGM_Public:release/4.5.x
CGM_Public:release/4.6.x
CGM_Public:release/4.7.x
CGM_Public:db-conn-tz
CGM_Public:hotfix
CGM_Public:release/4.3.x
CGM_Public:release/4.4.x
CGM_Public:consistency-check
CGM_Public:sticky-add-to-basket
CGM_Public:release/4.2.x
CGM_Public:release/4.1.x
CGM_Public:release/4.0.x
CGM_Public:release/3.18.x
CGM_Public:release/3.17.x
CGM_Public:waitlist_subeventpicker
CGM_Public:hotfix20210323
CGM_Public:hotfix20210325
CGM_Public:django31
CGM_Public:flaky-test
CGM_Public:release/3.16.x
CGM_Public:cancel-no-invoice
CGM_Public:release/3.15.x
CGM_Public:release/3.14.x
CGM_Public:validate-dns
CGM_Public:release/3.13.x
CGM_Public:release/3.12.x
CGM_Public:release/3.11.x
CGM_Public:docker-nginx-logs
CGM_Public:remove-reversecharge
CGM_Public:stripe-connect-2
CGM_Public:copy-from-matching-product
CGM_Public:release/3.10.x
CGM_Public:release/3.9.x
CGM_Public:gha-migrations
CGM_Public:release/3.8.x
CGM_Public:issue1575
CGM_Public:release/3.7.x
CGM_Public:release/3.6.x
CGM_Public:release/3.5.x
CGM_Public:release/3.4.x
CGM_Public:release/3.3.x
CGM_Public:stripe-connect-fees
CGM_Public:release/3.2.x
CGM_Public:release/3.1.x
CGM_Public:release/3.0.x
CGM_Public:pretixscan
CGM_Public:release/2.8.x
CGM_Public:release/2.7.x
CGM_Public:loadtest2
CGM_Public:release/2.6.x
CGM_Public:794-questions-default-value
CGM_Public:dekodi
CGM_Public:release/2.5.x
CGM_Public:loadtest
CGM_Public:selfcancel-positions
CGM_Public:searchindex
CGM_Public:release/2.4.x
CGM_Public:release/2.3.x
CGM_Public:release/2.2.x
CGM_Public:release/2.1.x
CGM_Public:transfer-ticket
CGM_Public:release/2.0.x
CGM_Public:release/1.17.x
CGM_Public:design2.0
CGM_Public:release/1.16.x
CGM_Public:release/1.15.x
CGM_Public:release/1.14.x
CGM_Public:release/1.13.x
CGM_Public:release/1.12.x
CGM_Public:release/1.11.x
CGM_Public:release/1.10.x
CGM_Public:release/1.9.x
CGM_Public:release/1.8.x
CGM_Public:release/1.7.x
CGM_Public:new-placeholders
CGM_Public:release/1.4.x
CGM_Public:release/1.5.x
CGM_Public:release/1.6.x
CGM_Public:custom-manager
CGM_Public:release/1.1.x
CGM_Public:release/1.2.x
CGM_Public:release/1.3.x
CGM_Public:release/1.0.x
CGM_Public:voucher-wizard
CGM_Public:shorter-locking
CGM_Public:v2026.3.3
CGM_Public:v2026.4.3
CGM_Public:v2026.5.1
CGM_Public:v2026.5.0
CGM_Public:v2026.2.2
CGM_Public:v2026.3.2
CGM_Public:v2026.4.2
CGM_Public:v2026.4.1
CGM_Public:v2026.4.0
CGM_Public:v2026.1.2
CGM_Public:v2026.2.1
CGM_Public:v2026.3.1
CGM_Public:v2026.3.0
CGM_Public:v2026.2.0
CGM_Public:v2025.9.4
CGM_Public:v2025.10.2
CGM_Public:v2026.1.1
CGM_Public:v2026.1.0
CGM_Public:v2025.10.1
CGM_Public:v2025.9.3
CGM_Public:v2025.8.3
CGM_Public:v2025.10.0
CGM_Public:v2025.7.3
CGM_Public:v2025.9.2
CGM_Public:v2025.8.2
CGM_Public:v2025.8.1
CGM_Public:v2025.9.1
CGM_Public:v2025.7.2
CGM_Public:v2025.9.0
CGM_Public:v2025.8.0
CGM_Public:v2025.7.1
CGM_Public:v2025.7.0
CGM_Public:v2025.6.0
CGM_Public:v2025.5.0
CGM_Public:v2025.4.0
CGM_Public:v2025.3.0
CGM_Public:v2025.2.0
CGM_Public:v2025.1.0
CGM_Public:v2024.11.0
CGM_Public:v2024.10.0
CGM_Public:v2024.9.0
CGM_Public:v2024.8.0
CGM_Public:v2024.7.1
CGM_Public:v2024.6.1
CGM_Public:v2024.5.1
CGM_Public:v2024.7.0
CGM_Public:v2024.6.0
CGM_Public:v2024.5.0
CGM_Public:v2024.4.0
CGM_Public:v2024.3.0
CGM_Public:v2024.2.0
CGM_Public:v2023.10.2
CGM_Public:v2023.8.1.post1
CGM_Public:v2023.9.1.post1
CGM_Public:v2023.8.1
CGM_Public:v2023.9.1
CGM_Public:v2024.1.1
CGM_Public:v2024.1.0
CGM_Public:v2023.10.1.post1
CGM_Public:v2023.10.1
CGM_Public:v2023.10.0
CGM_Public:v2023.9.0
CGM_Public:v2023.8.0
CGM_Public:v2023.6.3
CGM_Public:v4.20.4
CGM_Public:v2023.7.3
CGM_Public:v4.20.3
CGM_Public:v2023.6.2
CGM_Public:v2023.7.2
CGM_Public:v4.20.2.post1
CGM_Public:v4.20.2
CGM_Public:v2023.6.1
CGM_Public:v2023.7.1
CGM_Public:v2023.7.0
CGM_Public:v2023.6.0
CGM_Public:v4.20.1
CGM_Public:v4.20.0
CGM_Public:v4.19.0.post1
CGM_Public:v4.19.0
CGM_Public:v4.18.2.post1
CGM_Public:v4.18.2
CGM_Public:v4.18.1
CGM_Public:v4.18.0
CGM_Public:v4.15.1
CGM_Public:v4.16.1
CGM_Public:v4.17.1
CGM_Public:v4.17.0
CGM_Public:v4.16.0
CGM_Public:v4.15.0
CGM_Public:v4.14.0
CGM_Public:v4.13.1
CGM_Public:v4.13.0
CGM_Public:v4.12.0
CGM_Public:v4.9.1
CGM_Public:v4.10.1
CGM_Public:v4.11.1
CGM_Public:v4.11.0
CGM_Public:v4.10.0
CGM_Public:v4.9.0
CGM_Public:v4.8.0
CGM_Public:v4.5.2
CGM_Public:v4.6.1
CGM_Public:v4.7.1
CGM_Public:v4.7.0
CGM_Public:v4.6.0
CGM_Public:v4.3.1
CGM_Public:v4.4.1
CGM_Public:v4.5.1
CGM_Public:v4.5.0
CGM_Public:a
CGM_Public:v4.4.0
CGM_Public:v4.3.0
CGM_Public:v4.2.0
CGM_Public:v4.1.0.post1
CGM_Public:v4.1.0
CGM_Public:v4.0.0
CGM_Public:v3.18.0
CGM_Public:v3.17.2
CGM_Public:v3.17.1
CGM_Public:v3.17.0
CGM_Public:v3.16.0
CGM_Public:v3.15.0
CGM_Public:v3.14.2
CGM_Public:v3.14.1
CGM_Public:v3.14.0
CGM_Public:v3.13.1
CGM_Public:v3.12.1
CGM_Public:v3.11.1
CGM_Public:v3.13.0
CGM_Public:v3.12.0
CGM_Public:v3.11.0
CGM_Public:v3.10.0
CGM_Public:v3.9.0
CGM_Public:v3.8.0
CGM_Public:v3.7.0
CGM_Public:v3.6.0
CGM_Public:v3.5.0
CGM_Public:v3.4.0
CGM_Public:v3.3.0
CGM_Public:v3.2.0
CGM_Public:v3.1.0
CGM_Public:v3.0.1
CGM_Public:v3.0.0
CGM_Public:v2.8.2
CGM_Public:v2.8.1
CGM_Public:v2.8.0
CGM_Public:v2.7.2
CGM_Public:v2.7.1
CGM_Public:v2.7.0
CGM_Public:s
CGM_Public:v2.6.0
CGM_Public:v2.5.0
CGM_Public:v2.4.0
CGM_Public:v2.3.0
CGM_Public:v2.2.0
CGM_Public:v2.1.0
CGM_Public:v2.0.0
CGM_Public:v1.17.1
CGM_Public:v1.17.0
CGM_Public:v1.16.0
CGM_Public:v1.15.2
CGM_Public:v1.15.1
CGM_Public:v1.15.0
CGM_Public:v1.14.0
CGM_Public:v1.13.1
CGM_Public:v1.13.0
CGM_Public:v1.12.1
CGM_Public:v1.12.0
CGM_Public:v1.11.1
CGM_Public:v1.11.0
CGM_Public:v1.10.1
CGM_Public:v1.10.0
CGM_Public:v1.9.1
CGM_Public:v1.8.1
CGM_Public:v1.7.2
CGM_Public:v1.9.0
CGM_Public:v1.8.0
CGM_Public:v1.7.1
CGM_Public:v1.7.0
CGM_Public:v1.4.1
CGM_Public:v1.5.2
CGM_Public:v1.6.2
CGM_Public:v1.6.1
CGM_Public:v1.6.0
CGM_Public:v1.5.1
CGM_Public:v1.5.0
CGM_Public:v1.4.0
CGM_Public:v1.1.3
CGM_Public:v1.2.2
CGM_Public:v1.3.1
CGM_Public:v1.3.0
CGM_Public:v1.2.1
CGM_Public:v1.2.0
CGM_Public:v1.1.2
CGM_Public:v1.1.1
CGM_Public:v1.1.0
CGM_Public:1.0.0
CGM_Public:1.0.0b2
CGM_Public:1.0.0b1
...
pull from: CGM_Public:release/2026.5.x
CGM_Public:securityprofile-order
CGM_Public:medientausch
CGM_Public:fix-errorpage-markup
CGM_Public:master
CGM_Public:release/2026.3.x
CGM_Public:release/2026.4.x
CGM_Public:release/2026.5.x
CGM_Public:stable
CGM_Public:ssrf-cgnat2
CGM_Public:pajowu/ssrf-cgnat2-smtp
CGM_Public:giftcards-typeahead-read
CGM_Public:teams-perm-note
CGM_Public:medium-export-giftcards-respect-permissions
CGM_Public:bank-perms-conservative
CGM_Public:dependabot/pip/beautifulsoup4-eq-4.15.star
CGM_Public:dependabot/pip/sentry-sdk-eq-2.62.star
CGM_Public:customer-export-memberships
CGM_Public:waitinglist-voucher-next
CGM_Public:api-checkin-opt-file
CGM_Public:dependabot/pip/redis-eq-8.0.star
CGM_Public:dependabot/pip/django-redis-eq-7.0.star
CGM_Public:pajowu/wallet
CGM_Public:pajowu/font_fallback
CGM_Public:checkinrule-inactive-products
CGM_Public:email-change-ratelimit
CGM_Public:dependabot/pip/stripe-eq-15.2.star
CGM_Public:pajowu/pretix_cfg_reload
CGM_Public:mails-to-addon-attendees
CGM_Public:dependabot/pip/django-oauth-toolkit-eq-3.3.star
CGM_Public:order-relativedatetime
CGM_Public:bulk-vouchers-ref
CGM_Public:release/2026.2.x
CGM_Public:eventmeta-restrict-values
CGM_Public:sentry-more-scrubbing
CGM_Public:search
CGM_Public:remove-duplicate-csrftoken-cookie
CGM_Public:vat-id-validated-nonempty
CGM_Public:fix-delete-cookies-partitioned
CGM_Public:pajowu/fix_import_prefixes
CGM_Public:fix-validated-vat-id-ui
CGM_Public:order-print-log-device-name
CGM_Public:dependabot/pip/pypdf-eq-6.11.star
CGM_Public:fix-clone-metaprops
CGM_Public:fix-ci-playwright-install
CGM_Public:dependabot/pip/requests-eq-2.34.star
CGM_Public:pajowu/show_invoice_dirty
CGM_Public:fix-logging-mixin-optional-event
CGM_Public:fix-translation-order-import
CGM_Public:date-fallback-logdisplay
CGM_Public:fix-orderlist-invalid-pprov
CGM_Public:remove-invalid-action
CGM_Public:questions-vue3
CGM_Public:taxrate-decimals
CGM_Public:drop-seconds-formfields
CGM_Public:subevent-link-order
CGM_Public:fix-mail-backend-path
CGM_Public:bulk-quotas
CGM_Public:luelista/fix_docker_perms
CGM_Public:quota-webhooks
CGM_Public:thumb-colorspace
CGM_Public:pajowu/sendmail_status_filter
CGM_Public:api-payment-ignore-date
CGM_Public:attendee-mails-default
CGM_Public:missing-logentries-meta
CGM_Public:bulk-vouchers
CGM_Public:cleanup-dead-widgets
CGM_Public:pajowu/force_invoice_backend
CGM_Public:pajowu/widget_dvh
CGM_Public:fix_expand
CGM_Public:self-service-storno
CGM_Public:pajowu/fix_smtp
CGM_Public:ssrf-protect-by-default
CGM_Public:pajowu/customer_resetpw_new_tab
CGM_Public:luelista/event-list-type
CGM_Public:pajowu/mixed_csrf_middlewares
CGM_Public:order-api-voucher-race
CGM_Public:release/2026.1.x
CGM_Public:fix-csv-import
CGM_Public:pajowu/test_cleanup
CGM_Public:exporter-auth-infos
CGM_Public:position-add-multi
CGM_Public:less-cart-sessions
CGM_Public:payment-details-fallback
CGM_Public:pajowu/mail_guid
CGM_Public:pajowu/eventlist_filter
CGM_Public:ai-policy
CGM_Public:2fa-bigradio
CGM_Public:2fa-flowtoken
CGM_Public:calendar-nav-icon
CGM_Public:fix-no-orgs
CGM_Public:pajowu/pagination_one
CGM_Public:fix-missing-exporters
CGM_Public:use_gift_cards-docs-cleanup
CGM_Public:lbo-api-giftcard-payment
CGM_Public:fix-log-display-team-invite-delete
CGM_Public:db-ro-user
CGM_Public:peppol-be-autofill-fix
CGM_Public:peppol-be-id-validation
CGM_Public:error-pages-theme
CGM_Public:voucher-csv-vol
CGM_Public:timemachine-limits
CGM_Public:lbo-add-organizer-op-endpoint
CGM_Public:vat-validate-log
CGM_Public:recalculate-zero
CGM_Public:ppv2_created_payments
CGM_Public:datasync-logging
CGM_Public:webhook-acceptor-slugs
CGM_Public:lbo-waitinglist-edit
CGM_Public:fix-mails-stuck
CGM_Public:fix-safari-cookie-partitioned
CGM_Public:pp_pending_captures
CGM_Public:add-acceptor-slug
CGM_Public:hardening-2fa
CGM_Public:pajowu/plainhtmlalternative_placeholder
CGM_Public:voucher-field-label
CGM_Public:error-back-remove
CGM_Public:mail-html-templates
CGM_Public:mail-perf
CGM_Public:release/2025.9.x
CGM_Public:release/2025.10.x
CGM_Public:move-request-get-items-to-ctx
CGM_Public:fix-order-company-display
CGM_Public:fix-mail-headers-none
CGM_Public:outgoingmail-from-header
CGM_Public:order-change-out-of-timeframe-fix
CGM_Public:lbo-giftcard-webhooks
CGM_Public:apidoc-device-cleanup
CGM_Public:fix-escape-braces
CGM_Public:payment-unlock-fixes
CGM_Public:invoices-only-b2b
CGM_Public:lbo-fix-filter
CGM_Public:export-overview-skip-empty
CGM_Public:fix-programtime-queries
CGM_Public:fix-api-expand
CGM_Public:rounding-down-consumer-friendly
CGM_Public:release/2025.8.x
CGM_Public:Add-Promptpay-for-stripe
CGM_Public:answer-export
CGM_Public:release/2025.7.x
CGM_Public:logentrytype-schema
CGM_Public:dependent-on-cc
CGM_Public:fix-rrule
CGM_Public:exports-repeatable-read
CGM_Public:order-import-logentries-bulk
CGM_Public:notification-bulk-check
CGM_Public:revert-5452-invoice-plugin-data
CGM_Public:img-srcset
CGM_Public:add-category-btn
CGM_Public:org-level-plugin
CGM_Public:plugins-page-fix
CGM_Public:release/2025.6.x
CGM_Public:pdf-editor-areyousure
CGM_Public:api-expand-generic
CGM_Public:event-title-everywhere
CGM_Public:a11y-improve-renew-feedback
CGM_Public:release/2025.5.x
CGM_Public:stripe_12x
CGM_Public:dialog-backdrop-click-close
CGM_Public:a11y-fix-waitinglist-link
CGM_Public:a11y-placeolder-contrast
CGM_Public:cart-renewal-ui-html5dialog
CGM_Public:cart-renewal-ui
CGM_Public:tooltip-a11y
CGM_Public:a11y-widget-fix-filter-dropdown
CGM_Public:a11y-common-modal-dialogs
CGM_Public:a11y-fix-datepicker-error
CGM_Public:release/2025.4.x
CGM_Public:release/2025.3.x
CGM_Public:fix-customer-create-race-condition
CGM_Public:scheduledmail-subevent-missing
CGM_Public:fix-widget-data-3rdparty
CGM_Public:release/2025.2.x
CGM_Public:lists-for-failed-checkin
CGM_Public:fix-widget-data-overwrite
CGM_Public:fix-copy-to-first-matching
CGM_Public:headless
CGM_Public:release/2025.1.x
CGM_Public:a11y-autofocus-tabindex
CGM_Public:widget-cookiebot
CGM_Public:fix-shipping-form
CGM_Public:addressform-err-handling
CGM_Public:release/2024.11.x
CGM_Public:quota-lock-log
CGM_Public:checkin-present-filter-perf
CGM_Public:fix-cond-display
CGM_Public:release/2024.10.x
CGM_Public:hacky-debug-output
CGM_Public:hacky-debug-output-reruns
CGM_Public:ci-more-threads
CGM_Public:before-fakeredis-update
CGM_Public:actions-debug-postgres-1
CGM_Public:actions-fix-postgres
CGM_Public:manual-installation
CGM_Public:subevent-empty-avoid
CGM_Public:release/2024.9.x
CGM_Public:release/2024.8.x
CGM_Public:release/2024.7.x
CGM_Public:release/2024.6.x
CGM_Public:release/2024.5.x
CGM_Public:fix-stripe-sca-sandbox
CGM_Public:order-nullability
CGM_Public:pytest-no-pending
CGM_Public:daterange-test-foo
CGM_Public:fix-checkbox-disabled-label-refactor
CGM_Public:fix-mail-preview-brackets-mismatch
CGM_Public:multi-subevent-cart-add
CGM_Public:release/2024.4.x
CGM_Public:release/2024.3.x
CGM_Public:back-to-the-future
CGM_Public:release/2024.2.x
CGM_Public:release/2023.10.x
CGM_Public:release/2023.8.x
CGM_Public:release/2023.9.x
CGM_Public:release/2024.1.x
CGM_Public:event-dashboard
CGM_Public:scan-debug-data
CGM_Public:pdf-fix-rotate
CGM_Public:payment-available-from2
CGM_Public:release/4.20.x
CGM_Public:release/2023.6.x
CGM_Public:release/2023.7.x
CGM_Public:new-checkin-type
CGM_Public:fix-pdf-image-multi-export
CGM_Public:fix-pdf-bg-offset
CGM_Public:fix-lazy-translation-settings
CGM_Public:add-order-min
CGM_Public:release/4.19.x
CGM_Public:idna
CGM_Public:release/4.18.x
CGM_Public:release/4.15.x
CGM_Public:release/4.16.x
CGM_Public:release/4.17.x
CGM_Public:compact-cart
CGM_Public:harmonize-checkin-export-date
CGM_Public:ocm-no-canceled
CGM_Public:widget-seating-embed
CGM_Public:guest-handling
CGM_Public:dnspython2
CGM_Public:invoice-to-other-email
CGM_Public:answer-options-csv
CGM_Public:release/4.14.x
CGM_Public:transaction-source
CGM_Public:release/4.13.x
CGM_Public:common-country-names
CGM_Public:release/4.12.x
CGM_Public:release/4.9.x
CGM_Public:release/4.11.x
CGM_Public:release/4.10.x
CGM_Public:product-list-export
CGM_Public:fix-api-operations-refresh
CGM_Public:remove-promise-from-paypal2
CGM_Public:aws_ses_454
CGM_Public:release/4.8.x
CGM_Public:release/4.5.x
CGM_Public:release/4.6.x
CGM_Public:release/4.7.x
CGM_Public:db-conn-tz
CGM_Public:hotfix
CGM_Public:release/4.3.x
CGM_Public:release/4.4.x
CGM_Public:consistency-check
CGM_Public:sticky-add-to-basket
CGM_Public:release/4.2.x
CGM_Public:release/4.1.x
CGM_Public:release/4.0.x
CGM_Public:release/3.18.x
CGM_Public:release/3.17.x
CGM_Public:waitlist_subeventpicker
CGM_Public:hotfix20210323
CGM_Public:hotfix20210325
CGM_Public:django31
CGM_Public:flaky-test
CGM_Public:release/3.16.x
CGM_Public:cancel-no-invoice
CGM_Public:release/3.15.x
CGM_Public:release/3.14.x
CGM_Public:validate-dns
CGM_Public:release/3.13.x
CGM_Public:release/3.12.x
CGM_Public:release/3.11.x
CGM_Public:docker-nginx-logs
CGM_Public:remove-reversecharge
CGM_Public:stripe-connect-2
CGM_Public:copy-from-matching-product
CGM_Public:release/3.10.x
CGM_Public:release/3.9.x
CGM_Public:gha-migrations
CGM_Public:release/3.8.x
CGM_Public:issue1575
CGM_Public:release/3.7.x
CGM_Public:release/3.6.x
CGM_Public:release/3.5.x
CGM_Public:release/3.4.x
CGM_Public:release/3.3.x
CGM_Public:stripe-connect-fees
CGM_Public:release/3.2.x
CGM_Public:release/3.1.x
CGM_Public:release/3.0.x
CGM_Public:pretixscan
CGM_Public:release/2.8.x
CGM_Public:release/2.7.x
CGM_Public:loadtest2
CGM_Public:release/2.6.x
CGM_Public:794-questions-default-value
CGM_Public:dekodi
CGM_Public:release/2.5.x
CGM_Public:loadtest
CGM_Public:selfcancel-positions
CGM_Public:searchindex
CGM_Public:release/2.4.x
CGM_Public:release/2.3.x
CGM_Public:release/2.2.x
CGM_Public:release/2.1.x
CGM_Public:transfer-ticket
CGM_Public:release/2.0.x
CGM_Public:release/1.17.x
CGM_Public:design2.0
CGM_Public:release/1.16.x
CGM_Public:release/1.15.x
CGM_Public:release/1.14.x
CGM_Public:release/1.13.x
CGM_Public:release/1.12.x
CGM_Public:release/1.11.x
CGM_Public:release/1.10.x
CGM_Public:release/1.9.x
CGM_Public:release/1.8.x
CGM_Public:release/1.7.x
CGM_Public:new-placeholders
CGM_Public:release/1.4.x
CGM_Public:release/1.5.x
CGM_Public:release/1.6.x
CGM_Public:custom-manager
CGM_Public:release/1.1.x
CGM_Public:release/1.2.x
CGM_Public:release/1.3.x
CGM_Public:release/1.0.x
CGM_Public:voucher-wizard
CGM_Public:shorter-locking
CGM_Public:v2026.3.3
CGM_Public:v2026.4.3
CGM_Public:v2026.5.1
CGM_Public:v2026.5.0
CGM_Public:v2026.2.2
CGM_Public:v2026.3.2
CGM_Public:v2026.4.2
CGM_Public:v2026.4.1
CGM_Public:v2026.4.0
CGM_Public:v2026.1.2
CGM_Public:v2026.2.1
CGM_Public:v2026.3.1
CGM_Public:v2026.3.0
CGM_Public:v2026.2.0
CGM_Public:v2025.9.4
CGM_Public:v2025.10.2
CGM_Public:v2026.1.1
CGM_Public:v2026.1.0
CGM_Public:v2025.10.1
CGM_Public:v2025.9.3
CGM_Public:v2025.8.3
CGM_Public:v2025.10.0
CGM_Public:v2025.7.3
CGM_Public:v2025.9.2
CGM_Public:v2025.8.2
CGM_Public:v2025.8.1
CGM_Public:v2025.9.1
CGM_Public:v2025.7.2
CGM_Public:v2025.9.0
CGM_Public:v2025.8.0
CGM_Public:v2025.7.1
CGM_Public:v2025.7.0
CGM_Public:v2025.6.0
CGM_Public:v2025.5.0
CGM_Public:v2025.4.0
CGM_Public:v2025.3.0
CGM_Public:v2025.2.0
CGM_Public:v2025.1.0
CGM_Public:v2024.11.0
CGM_Public:v2024.10.0
CGM_Public:v2024.9.0
CGM_Public:v2024.8.0
CGM_Public:v2024.7.1
CGM_Public:v2024.6.1
CGM_Public:v2024.5.1
CGM_Public:v2024.7.0
CGM_Public:v2024.6.0
CGM_Public:v2024.5.0
CGM_Public:v2024.4.0
CGM_Public:v2024.3.0
CGM_Public:v2024.2.0
CGM_Public:v2023.10.2
CGM_Public:v2023.8.1.post1
CGM_Public:v2023.9.1.post1
CGM_Public:v2023.8.1
CGM_Public:v2023.9.1
CGM_Public:v2024.1.1
CGM_Public:v2024.1.0
CGM_Public:v2023.10.1.post1
CGM_Public:v2023.10.1
CGM_Public:v2023.10.0
CGM_Public:v2023.9.0
CGM_Public:v2023.8.0
CGM_Public:v2023.6.3
CGM_Public:v4.20.4
CGM_Public:v2023.7.3
CGM_Public:v4.20.3
CGM_Public:v2023.6.2
CGM_Public:v2023.7.2
CGM_Public:v4.20.2.post1
CGM_Public:v4.20.2
CGM_Public:v2023.6.1
CGM_Public:v2023.7.1
CGM_Public:v2023.7.0
CGM_Public:v2023.6.0
CGM_Public:v4.20.1
CGM_Public:v4.20.0
CGM_Public:v4.19.0.post1
CGM_Public:v4.19.0
CGM_Public:v4.18.2.post1
CGM_Public:v4.18.2
CGM_Public:v4.18.1
CGM_Public:v4.18.0
CGM_Public:v4.15.1
CGM_Public:v4.16.1
CGM_Public:v4.17.1
CGM_Public:v4.17.0
CGM_Public:v4.16.0
CGM_Public:v4.15.0
CGM_Public:v4.14.0
CGM_Public:v4.13.1
CGM_Public:v4.13.0
CGM_Public:v4.12.0
CGM_Public:v4.9.1
CGM_Public:v4.10.1
CGM_Public:v4.11.1
CGM_Public:v4.11.0
CGM_Public:v4.10.0
CGM_Public:v4.9.0
CGM_Public:v4.8.0
CGM_Public:v4.5.2
CGM_Public:v4.6.1
CGM_Public:v4.7.1
CGM_Public:v4.7.0
CGM_Public:v4.6.0
CGM_Public:v4.3.1
CGM_Public:v4.4.1
CGM_Public:v4.5.1
CGM_Public:v4.5.0
CGM_Public:a
CGM_Public:v4.4.0
CGM_Public:v4.3.0
CGM_Public:v4.2.0
CGM_Public:v4.1.0.post1
CGM_Public:v4.1.0
CGM_Public:v4.0.0
CGM_Public:v3.18.0
CGM_Public:v3.17.2
CGM_Public:v3.17.1
CGM_Public:v3.17.0
CGM_Public:v3.16.0
CGM_Public:v3.15.0
CGM_Public:v3.14.2
CGM_Public:v3.14.1
CGM_Public:v3.14.0
CGM_Public:v3.13.1
CGM_Public:v3.12.1
CGM_Public:v3.11.1
CGM_Public:v3.13.0
CGM_Public:v3.12.0
CGM_Public:v3.11.0
CGM_Public:v3.10.0
CGM_Public:v3.9.0
CGM_Public:v3.8.0
CGM_Public:v3.7.0
CGM_Public:v3.6.0
CGM_Public:v3.5.0
CGM_Public:v3.4.0
CGM_Public:v3.3.0
CGM_Public:v3.2.0
CGM_Public:v3.1.0
CGM_Public:v3.0.1
CGM_Public:v3.0.0
CGM_Public:v2.8.2
CGM_Public:v2.8.1
CGM_Public:v2.8.0
CGM_Public:v2.7.2
CGM_Public:v2.7.1
CGM_Public:v2.7.0
CGM_Public:s
CGM_Public:v2.6.0
CGM_Public:v2.5.0
CGM_Public:v2.4.0
CGM_Public:v2.3.0
CGM_Public:v2.2.0
CGM_Public:v2.1.0
CGM_Public:v2.0.0
CGM_Public:v1.17.1
CGM_Public:v1.17.0
CGM_Public:v1.16.0
CGM_Public:v1.15.2
CGM_Public:v1.15.1
CGM_Public:v1.15.0
CGM_Public:v1.14.0
CGM_Public:v1.13.1
CGM_Public:v1.13.0
CGM_Public:v1.12.1
CGM_Public:v1.12.0
CGM_Public:v1.11.1
CGM_Public:v1.11.0
CGM_Public:v1.10.1
CGM_Public:v1.10.0
CGM_Public:v1.9.1
CGM_Public:v1.8.1
CGM_Public:v1.7.2
CGM_Public:v1.9.0
CGM_Public:v1.8.0
CGM_Public:v1.7.1
CGM_Public:v1.7.0
CGM_Public:v1.4.1
CGM_Public:v1.5.2
CGM_Public:v1.6.2
CGM_Public:v1.6.1
CGM_Public:v1.6.0
CGM_Public:v1.5.1
CGM_Public:v1.5.0
CGM_Public:v1.4.0
CGM_Public:v1.1.3
CGM_Public:v1.2.2
CGM_Public:v1.3.1
CGM_Public:v1.3.0
CGM_Public:v1.2.1
CGM_Public:v1.2.0
CGM_Public:v1.1.2
CGM_Public:v1.1.1
CGM_Public:v1.1.0
CGM_Public:1.0.0
CGM_Public:1.0.0b2
CGM_Public:1.0.0b1
2 Commits
ssrf-cgnat
...
release/20
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Raphael Michel
|
a6c417eb2f | Bump version to 2026.5.1 | ||
|
Richard Schreiber
|
5d449ea313 | [SECURITY] Reusable media export: Respect giftcard permissions (CVE-2026-11764) (#6261) |
2 changed files with 9 additions and 4 deletions
|
|
@@ -19,4 +19,4 @@
|
|||
# You should have received a copy of the GNU Affero General Public License along with this program. If not, see
|
||||
# <https://www.gnu.org/licenses/>.
|
||||
#
|
||||
__version__ = "2026.5.0"
|
||||
__version__ = "2026.5.1"
|
||||
|
|
|
|||
|
|
@@ -61,18 +61,23 @@ class ReusableMediaExporter(OrganizerLevelExportMixin, ListExporter):
|
|||
yield headers
|
||||
yield self.ProgressSetTotal(total=media.count())
|
||||
|
||||
can_read_giftcards = self.permission_holder.has_organizer_permission(self.organizer, 'organizer.giftcards:read')
|
||||
|
||||
for medium in media.iterator(chunk_size=1000):
|
||||
row = [
|
||||
giftcard_secret = medium.linked_giftcard.secret if medium.linked_giftcard_id else ''
|
||||
if giftcard_secret and not can_read_giftcards:
|
||||
giftcard_secret = giftcard_secret[:3] + "…"
|
||||
|
||||
yield [
|
||||
medium.type,
|
||||
medium.identifier,
|
||||
_('Yes') if medium.active else _('No'),
|
||||
date_format(medium.expires, 'SHORT_DATETIME_FORMAT') if medium.expires else '',
|
||||
medium.customer.identifier if medium.customer_id else '',
|
||||
f"{medium.linked_orderposition.order.code}-{medium.linked_orderposition.positionid}" if medium.linked_orderposition_id else '',
|
||||
medium.linked_giftcard.secret if medium.linked_giftcard_id else '',
|
||||
giftcard_secret,
|
||||
medium.notes,
|
||||
]
|
||||
yield row
|
||||
|
||||
def get_filename(self):
|
||||
return f'{self.organizer.slug}_media'
|
||||
|
|
|
|||
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.