Docs 1.7 in Markdown format#53
Draft
nielsdrost7 wants to merge 13 commits into
Draft
Conversation
- Add convert_wiki.py script that extracts content from 39 Blade/PHP templates and converts HTML to clean Markdown using markdownify - Generated docs/en/1.6/ with proper file naming (snake_case → kebab-case matching the original URL structure) - Set up mkdocs.yml with Material theme and full navigation hierarchy - Add requirements.txt with mkdocs, mkdocs-material, markdownify - Add .github/workflows/docs.yml for automated GitHub Pages deployment - Update .gitignore to exclude the MkDocs build output directory Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
- Add app/Markdown/GithubFlavoredMarkdownConverter.php using league/commonmark
with the GithubFlavoredMarkdown extension
- Add app/WikiPage.php service class that reads docs/en/{version}/**/*.md,
renders them to HTML, and caches the result (mirrors laravel.com's
Documentation class pattern)
- Rewrite WikiController to inject WikiPage and serve rendered Markdown
through the new resources/views/wiki/page.blade.php wrapper; keeps the
existing version-fallback and redirect logic intact
- Add resources/views/wiki/page.blade.php — minimal Blade wrapper that
yields the rendered HTML into the existing layouts.master layout
- Add league/commonmark ^2.4 to composer.json; update PHP floor to 7.4
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
…g paths Versions >= 1.7 are served from Markdown files in docs/ via WikiPage service. Versions <= 1.6 are served from Blade templates in wiki/ via the original view() path. Each pool falls back only within its own version set to avoid cross-renderer redirects. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
- Add docs/en/1.7/ (39 files) seeded from 1.6, with all internal URLs updated to /en/1.7/ and version-specific content refreshed: changelog placeholder for upcoming release, requirements updated to PHP >= 8.1, updating-ip rewritten for the 1.6.x → 1.7.0 upgrade path - Set app.version to 1_7 and append 1_7 to app.versions so the controller routes 1.7 requests through the Markdown rendering path Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
PDF template allow list (docs/en/1.7/templates/pdf-template-allowlist.md): - Explains the RCE fix that replaced dynamic template scanning with a static allow list in Mdl_templates.php - Documents CUSTOM_TEMPLATES_FOLDER and the four CUSTOM_*_TEMPLATES_* ipconfig.php settings for declaring custom template names - Covers file permission hardening and post-upgrade audit steps E-invoicing (docs/en/1.7/modules/e-invoicing.md): - Documents UBL, CII, and Factur-X/ZUGFeRD support - Explains the XMLconfigs + XMLtemplates file pair system for adding custom XML formats - Covers Peppol context (UBL output, separate access point required) - Lists required client fields and the per-client activation steps updating-ip.md: expanded with pre-upgrade security audit, custom template migration paths (Option A/B), new ipconfig.php settings block, and post-upgrade file permission hardening. index.md / modules/index.md / templates/index.md: linked new pages. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
…ixed in 1.7 docs/en/1.7/security/index.md (new): - Quick-reference table of all 26 fixes with severity, category, and action flag - Detailed write-up for each vulnerability: what was vulnerable, what changed, and what (if anything) the user needs to do - Covers every category: RCE (CVSS 9.9), arbitrary file deletion, XSS (32 locations across 17 files), IDOR/CSRF/SQL in guest payments, weak password reset PRNG, DDL injection, newline injection in setup, open redirect via HTTP_REFERER, log injection (SMTP + uploads), phpmail_send() breaking change, email template preview DOM-XSS, SSRF-adjacent path injection, Cryptor binary corruption, GitHub Actions token scope, SVG upload block, EXIF stripping, setup wizard lockdown, and six individual XSS fields - Full new ipconfig.php settings block as a reference docs/en/1.7/index.md: added Security section linking to the new page docs/en/1.7/getting-started/updating-ip.md: cross-reference note to security page Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
Rewrite security/index.md from a vulnerability list into a plain-language summary of what changed in 1.7 and what admins need to act on. No CVSS scores, CVE numbers, CWE codes, or attack chain descriptions. Rewrite templates/pdf-template-allowlist.md as "Custom PDF Templates" — explains how the template loading system works and how to add your own, without framing the history as an exploit scenario. Weave changes into feature documentation where they naturally belong: - settings/user-accounts.md: new "Password Reset" section covering how reset links work, the 15-minute expiry, and the ipconfig.php setting - settings/email-templates.md: note that preview shows raw template source - settings/email.md: note about delivery failure reporting and the phpmail_send() behaviour change for custom integrations - settings/general.md: document accepted logo upload formats (no SVG), and the optional EXIF stripping setting - getting-started/installation.md: note that setup wizard is locked automatically after a successful installation - getting-started/updating-ip.md: rewritten to focus on what to do rather than why each change was made; removes all vulnerability language Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
docs/en/1.6/general/changelog.md: - Full history from v1.5.11 through v1.6.5 with Added/Changed/Fixed sections - Each release dated and summarised in user-facing language - Links to relevant doc pages (online-payments, email, recurring-invoices, templates, clients, requirements, updating-ip) - No CVSS scores or vulnerability framing docs/en/1.7/general/changelog.md: - Full history from v1.7.0 through v1.7.2 with Added/Changed/Fixed sections - v1.7.2 calls out the ipconfig.php changes (template allow list, password reset expiry, EXIF stripping) and links to the pages where each is explained - v1.7.1 notes the SVG upload change and cross-references v1.6.5 backport - v1.7.0 describes PHP 8.2/8.3 compatibility and feature additions - Cross-reference to the 1.6 changelog at the bottom Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
The version sequence went 1.6.4 → 1.7.0 directly. Remove the v1.6.5 entry from the 1.6 changelog and the cross-reference note in the 1.7 changelog. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
Covers Czech Republic, Belgium, Germany, France, Italy, Spain, and Sweden — each with the applicable standard, which XML template to use (built-in or from the e-invoices repository), VAT number format, client field examples, and delivery method. Also links the new page from the main e-invoicing doc. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
…r standard Replace the two monolithic e-invoicing files with a full documentation section at docs/en/1.7/e-invoicing/ covering: Standards reference: UBL, CII, Factur-X/ZUGFeRD, Peppol (as separate transport page), ISDOC, FatturaPA, Facturae — each with XML structure examples, profiles, derivation from parent standards, and InvoicePlane template names. Country guides for Czech Republic, Belgium, Germany, France, Italy, Spain, and Sweden — each with legal context table, format choice rationale, VAT number format with examples, multiple example client records covering B2B/B2G/cross- border variants, and a delivery checklist. Setup and custom-templates pages cover the general workflow and the config+ generator file pair system with a full code example. modules/e-invoicing.md updated to a gateway page linking the new section; modules/e-invoicing-by-country.md removed (replaced by individual country pages). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
Examples now live on the standard that demonstrates them, showing the full geographic spread of each format in one place: - peppol.md: Belgium B2B, Belgium B2G, Sweden private, Sweden B2G, Czech B2G, Netherlands, Norway, Finland - factur-x.md: Germany ZUGFeRD B2B, France Factur-X B2B, France Chorus Pro B2G, Austria cross-border note - cii.md: XRechnung Germany federal + Bavarian state example with Leitweg-ID - isdoc.md: Czech s.r.o., a.s., sole trader, note on B2G → Peppol - fatturaPA.md: Italian B2B (codice destinatario), B2B (PEC), B2B (fallback), B2G federal, B2G municipality, B2C (codice fiscale) - facturae.md: Spanish central government, municipality, private company, Catalonia e.FACT, cross-border → Peppol note index.md: country → standard lookup table replaces country-guide links. modules/e-invoicing.md: country section trimmed to a pointer. Seven country pages deleted. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
nielsdrost7
marked this pull request as draft
June 28, 2026 04:11
Template name updated from assumed 'FacturaeV321' to actual 'Facturaev32' matching the config file Facturaev32.php in the e-invoices repository. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01FyUdA46kyTUidfhs4sAEG7
|
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
templates and converts HTML to clean Markdown using markdownify
matching the original URL structure)
Summary by CodeRabbit