CeSGO Dashboard 2.1.0

• Do not close modals when clicking on the background
• Add Bulgarian translation
• Update Ukrainian and Russian translations
• Show the two factor form in the middle of the screen like the login form does
• Do not override the creator_id with the current logged user if the task is imported
• Add basic Dev Container configs
• Add adaptive SVG favicon and more SVG variants:
  • See https://web.dev/building-an-adaptive-favicon/
  • Added more variant of the original Inkscape icon:
    • Text SVG
    • Vectorized text path SVG
    • Optimized SVG icon
• Remove project_id from task links (A few were missed in #4892)
• Remove unused and invalid method in ProjectModel
• Update phpunit/phpunit and symfony/* dependencies
• Update vendor folder

• Fix unexpected EventDispatcher exception in cronjob and during logout
• Integration Tests: Run apt update before installing Apache
• Automatic action TaskMoveColumnClosed does not log column movement
• Tweak Sqlite connection settings to reduce database locked errors
• Bump phpunit/phpunit from 9.6.9 to 9.6.10

Security Fixes:

• CVE-2023-36813: Avoid potential SQL injections without breaking compatibility with plugins

Other fixes and updates:

• Run tests with PHP 8 on GitHub Actions
• Bump Symfony dependencies
• Update Composer dependencies to be able to run tests with PHP 8.2
• Add /usr/bin/php symlink in the Docker image
• Replace usage of at() matcher with alternatives in unit tests
• Adjust plugin directory test case to work on released versions
• Fix incorrect background dynamic property in captcha library
• Update translations

Security Fixes:

• CVE-2023-33956: Parameter based Indirect Object Referencing leading to private file exposure
• CVE-2023-33968: Missing access control allows user to move and duplicate tasks to any project in the software
• CVE-2023-33969: Stored XSS in the Task External Link Functionality
• CVE-2023-33970: Missing access control in internal task links feature

Other Fixes:

• Avoid PHP warning caused by session_regenerate_id()
• Avoid CSS issue when upgrading to v1.2.29 without flushing user sessions

• Avoid potential clipboard based cross-site scripting (CVE-2023-32685)
• Upgrade Docker image to PHP 8.2 and Alpine 3.18
• Add themes support: dark, light and automatic mode
• Fix broken "Hide this Column" feature
• Do not close modals when clicking on the background if the form has changed
• Fix incorrect route for "My Activity Stream"
• Fix incorrect parameter encoding when using URLs rewriting
• Add support for task links in Markdown headings
• Handle 413 responses from Nginx when uploading files too large
• Restore all previously loaded translations when sending user notifications
• Regenerate session ID after successful authentication
• Use SESSION_DURATION option to define the session lifetime stored in the database
  • The option SESSION_DURATION is used to define the cookie lifetime.
  • With this change, Kanboard will try to use first SESSION_DURATION instead of the
    default session.gc_maxlifetime value.
• Bump phpunit/phpunit from 9.6.6 to 9.6.8