trim whitespace from API input

Added

• Added GitHub Actions timeout.
• Added semantic version tags to Docker image (e.g. 1.2 for tag 1.2.3).

Fixed

• Trim whitespace from user-submitted strings.
• Code whitspace inconsistencies fixed by phpStorm.

silence 401, 403, and 409 alerts

Changed

• Add 401, 403, and 409 to Sentry logger exception list

dependency update

Fixed

• Dependency updates, including yii2 update for CVE-2024-4990 (IDP-1137)

7.0.0 move access_token to httpOnly cookie

What's Changed

• store access token in session by @hobbitronics in #286
• Release - move access_token to httpOnly cookie (7.0.0) by @hobbitronics in #287

New Contributors

• @hobbitronics made their first contribution in #286

Full Changelog: 6.8.1...7.0.0

fix broken CI/CD build

Fixed

• Fixed broken build by temporarily disabling LDAP tests

6.8.0

Changes

• Add option to require alpha and numeric chars for PCI 4.0 compliance #283

Full Changelog: 6.7.0...6.8.0

AppConfig, null check in password

Added

• New option to use AppConfig to supply environment variable values
• Get the release tag from GitHub for use in the Sentry release string

Changed

• Use org-level variable and GitHub variable to build the Docker image name

Security

• Added password validation to reject a password containing a null byte. IDP-125

test and build on GitHub Actions

no code changes are included in this release

don't log request body data

Changed

• Configure Sentry to not send request body data to Sentry logging servers.

Full Changelog: 6.6.2...6.6.3

Use PSR2 style

Changed

• Format source to PSR2 style
• Use mariadb image for local development (not silint/mariadb)