Added testing coverage for tag index

Also:
- Extracted out index table row to its own view.
- Added empty state.
- Ensured query params are set on pagination links.

Added links to tag page

- Added from books/shelves listings and within the tag-edit view for all
  entities.

Started build of tag view

- Created listing
- Allows drilldown to tag name
- Shows totals

Not yet covered via testing

Done a round of phpstan fixes

Applied StyleCI changes, added php/larastan to attribution

Added inital phpstan/larastan setup

Applied styleci changes

Standardised laravel validation to be array based

Converted from string-only-based validation.
Array based validation works nicer once you have validation classess or
advanced validation options.

Updated npm deps

Merge branch 'master' of github.com:BookStackApp/BookStack

Applied latest styleci changes

New Crowdin updates (#3038)

Just crowdin aligning string quote styles

Removed style in discord logo to prevent clash with twitter logo

Both were using the same class names causing a quadrant of the slack logo
to be the discord brand color.

Related to #3032

Merge branch 'modernize-3rd-party-service-logos' of https://github.com/na3shkw/BookStack into na3shkw-modernize-3rd-party-service-logos

Merge branch 'laravel_upgrade'

Reverted shift change to old migration

Updated php packages, Added php8.1 to GH actions

Updated API examples with date format changes

Updated to full ISO-8601 to reflect change in Laravel 7.

Applied latest styleci changes

Merge branch '3027_attachment_vuln'

New Crowdin updates (#3023)

* New translations errors.php (Polish)

* New translations activities.php (Dutch)

* New translations auth.php (Dutch)

* New translations common.php (Dutch)

* New translations entities.php (Dutch)

* New translations auth.php (Dutch)

* New translations auth.php (Dutch)

* New translations auth.php (Dutch)

* New translations settings.php (Latvian)

Modernize third party services' logos

Updated attachments to not be saved with a complete extension

Intended to limit impact in the event the storage path is potentially
exposed.

Ran a pass through image and attachment routes

Added some stronger types, formatting changes and simplifications along
the way.

Cleaned up logic within ImageRepo

- Moved out extension check to ImageService as that seems more relevant.
- Updated models to use static-style references instead of facade to align with common modern usage within the app.
- Updated custom image_extension validation rule to use shared logic in image service.

Updated showImage file serving to not be traversable

For #3030

Added safe mime sniffing to prevent serving HTML

(Amoung other content types)
For #3027

Updated AzureAD provider to use microsoft graph

Since AzureAD graph is going away.
Tested using old AzureAD graph usage for backwards-compatbility, did not
seem to break things. Could not test with conditional access though due
to azure never enforcing it no matter what I attempted.

Fpr #3028

Moved from debugbar to clockwork

Laravel 8 shift squash & merge (#3029)

* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift

Co-authored-by: Shift <redacted>

Updated sponsor link

Added sponsors to readme, updated license file

New Crowdin updates (#3014)

* New translations entities.php (Estonian)

* New translations entities.php (Estonian)

Made further changes to page image extraction validation

Fixes #3019
Increased testing to cover the failing case amoung others.

Added test to cover #3010

Merge branch 'master' of https://github.com/haxatron/BookStack into haxatron_upload_issue

New Crowdin updates (#3006)

* New translations auth.php (Latvian)

* New translations errors.php (Latvian)

* New translations auth.php (Latvian)

* New translations entities.php (Latvian)

* New translations settings.php (Latvian)

* New translations settings.php (Estonian)

* New translations entities.php (Estonian)

* New translations settings.php (Estonian)

* New translations validation.php (Estonian)

* New translations entities.php (Estonian)

* New translations settings.php (Spanish, Argentina)

* New translations settings.php (Vietnamese)

* New translations settings.php (Slovenian)

* New translations settings.php (Swedish)

* New translations settings.php (Turkish)

* New translations settings.php (Ukrainian)

* New translations settings.php (Chinese Simplified)

* New translations settings.php (Chinese Traditional)

* New translations settings.php (Portuguese, Brazilian)

* New translations settings.php (Russian)

* New translations settings.php (Indonesian)

* New translations settings.php (Persian)

* New translations settings.php (Croatian)

* New translations settings.php (Latvian)

* New translations settings.php (Bosnian)

* New translations settings.php (Norwegian Bokmal)

* New translations settings.php (Slovak)

* New translations settings.php (Portuguese)

* New translations settings.php (Polish)

* New translations settings.php (Catalan)

* New translations settings.php (Estonian)

* New translations settings.php (Japanese)

* New translations settings.php (French)

* New translations settings.php (Spanish)

* New translations settings.php (Arabic)

* New translations settings.php (Bulgarian)

* New translations settings.php (Czech)

* New translations settings.php (Dutch)

* New translations settings.php (Danish)

* New translations settings.php (German)

* New translations settings.php (Hebrew)

* New translations settings.php (Hungarian)

* New translations settings.php (Italian)

* New translations settings.php (Korean)

* New translations settings.php (Lithuanian)

* New translations settings.php (German Informal)

* New translations settings.php (Polish)

* New translations settings.php (French)

* New translations settings.php (German)

* New translations settings.php (German Informal)

Laravel 7.x Shift (#3011)

* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7

Co-authored-by: Shift <redacted>

Added security policy md file

Merge pull request #3008 from IndrekHaav/et-typo

Minor capitalisation fix for Estonian

Updated php deps

Also removes abandoned status of sebastian/resource-operations as per
issue #3007

Minor capitalisation fix for Estonian

Update ImageRepo.php

fix image validation vulnerability

New Crowdin updates (#3005)

* New translations settings.php (Spanish, Argentina)

* New translations settings.php (Polish)

* New translations settings.php (Estonian)

* New translations errors.php (Spanish, Argentina)

* New translations settings.php (Japanese)

* New translations activities.php (German Informal)

* New translations auth.php (German Informal)

* New translations settings.php (French)

* New translations settings.php (Spanish)

* New translations settings.php (Arabic)

* New translations settings.php (Bulgarian)

* New translations settings.php (Catalan)

* New translations settings.php (Norwegian Bokmal)

* New translations settings.php (German Informal)

* New translations settings.php (Bosnian)

* New translations settings.php (Czech)

* New translations settings.php (Slovak)

* New translations settings.php (Danish)

* New translations settings.php (German)

* New translations settings.php (Hebrew)

* New translations settings.php (Hungarian)

* New translations settings.php (Italian)

* New translations settings.php (Korean)

* New translations settings.php (Lithuanian)

* New translations settings.php (Dutch)

* New translations settings.php (Portuguese)

* New translations settings.php (Russian)

* New translations settings.php (Slovenian)

* New translations settings.php (Latvian)

* New translations settings.php (Swedish)

* New translations settings.php (Turkish)

* New translations settings.php (Ukrainian)

* New translations settings.php (Chinese Simplified)

* New translations settings.php (Chinese Traditional)

* New translations settings.php (Vietnamese)

* New translations settings.php (Portuguese, Brazilian)

* New translations settings.php (Indonesian)

* New translations settings.php (Persian)

* New translations settings.php (Croatian)

* New translations validation.php (German Informal)

Updated translators before v21.10 release

Added estonian to language logic

New Crowdin updates (#2983)

* New translations auth.php (Polish)

* New translations common.php (Polish)

* New translations entities.php (Polish)

* New translations auth.php (Polish)

* New translations common.php (Polish)

* New translations settings.php (Polish)

* New translations validation.php (Polish)

* New translations activities.php (Estonian)

* New translations auth.php (Estonian)

* New translations common.php (Estonian)

* New translations components.php (Estonian)

* New translations entities.php (Estonian)

* New translations errors.php (Estonian)

* New translations pagination.php (Estonian)

* New translations passwords.php (Estonian)

* New translations settings.php (Estonian)

* New translations validation.php (Estonian)

* New translations activities.php (Estonian)

* New translations activities.php (Estonian)

* New translations auth.php (Estonian)

* New translations common.php (Estonian)

* New translations components.php (Estonian)

* New translations entities.php (Estonian)

* New translations pagination.php (Estonian)

* New translations passwords.php (Estonian)

* New translations entities.php (Estonian)

* New translations errors.php (Estonian)

* New translations validation.php (Estonian)

* New translations settings.php (Estonian)

* New translations auth.php (Estonian)

* New translations entities.php (Estonian)

* New translations passwords.php (Estonian)

* New translations settings.php (Estonian)

* New translations auth.php (Estonian)

* New translations entities.php (Estonian)

* New translations errors.php (Estonian)

* New translations settings.php (Estonian)

* New translations settings.php (Estonian)

* New translations errors.php (German)

* New translations errors.php (Portuguese, Brazilian)

* New translations errors.php (Swedish)

* New translations errors.php (Turkish)

* New translations errors.php (Ukrainian)

* New translations errors.php (Chinese Simplified)

* New translations errors.php (Chinese Traditional)

* New translations errors.php (Vietnamese)

* New translations errors.php (Indonesian)

* New translations errors.php (Slovak)

* New translations errors.php (Persian)

* New translations errors.php (Spanish, Argentina)

* New translations errors.php (Croatian)

* New translations errors.php (Latvian)

* New translations errors.php (Bosnian)

* New translations errors.php (Norwegian Bokmal)

* New translations errors.php (Slovenian)

* New translations errors.php (Russian)

* New translations errors.php (Estonian)

* New translations errors.php (Danish)

* New translations errors.php (French)

* New translations errors.php (Spanish)

* New translations errors.php (Arabic)

* New translations errors.php (Bulgarian)

* New translations errors.php (Catalan)

* New translations errors.php (Czech)

* New translations errors.php (Hebrew)

* New translations errors.php (Portuguese)

* New translations errors.php (Hungarian)

* New translations errors.php (Italian)

* New translations errors.php (Japanese)

* New translations errors.php (Korean)

* New translations errors.php (Lithuanian)

* New translations errors.php (Dutch)

* New translations errors.php (Polish)

* New translations errors.php (German Informal)

* New translations errors.php (Spanish)

* New translations auth.php (Estonian)

* New translations entities.php (Estonian)

* New translations errors.php (Estonian)

* New translations activities.php (Japanese)

* New translations activities.php (Japanese)

* New translations auth.php (Japanese)

* New translations components.php (Japanese)

* New translations passwords.php (Japanese)

* New translations errors.php (Estonian)

* New translations settings.php (Estonian)

* New translations validation.php (Estonian)

* New translations errors.php (French)

* New translations activities.php (Japanese)

* New translations settings.php (Japanese)

* New translations entities.php (Japanese)

* New translations settings.php (Japanese)

* New translations common.php (Japanese)

* New translations settings.php (Japanese)

* New translations settings.php (Japanese)

* New translations entities.php (Japanese)

* New translations settings.php (Japanese)

* New translations settings.php (Japanese)

* New translations entities.php (Japanese)

* New translations settings.php (Japanese)

* New translations common.php (Japanese)

* New translations errors.php (Polish)

* New translations auth.php (Estonian)

* New translations components.php (Estonian)

* New translations entities.php (Estonian)

* New translations validation.php (Estonian)

* New translations errors.php (Estonian)

* New translations settings.php (Estonian)

* New translations errors.php (Chinese Simplified)

* New translations auth.php (Japanese)

* New translations auth.php (Japanese)

* New translations common.php (Japanese)

* New translations entities.php (Japanese)

* New translations errors.php (Italian)

* New translations common.php (Japanese)

* New translations auth.php (Italian)

* New translations entities.php (Italian)

* New translations entities.php (Japanese)

* New translations settings.php (Japanese)

* New translations common.php (Japanese)

* New translations entities.php (Japanese)

* New translations entities.php (Estonian)

* New translations settings.php (Estonian)

* New translations validation.php (Japanese)

* New translations errors.php (Japanese)

* New translations validation.php (Japanese)

* New translations auth.php (Japanese)

* New translations settings.php (Japanese)

* New translations activities.php (Indonesian)

* New translations auth.php (Indonesian)

* New translations validation.php (Estonian)

* New translations settings.php (Estonian)

Tweaked sidepart list item padding, Review of #3000

- Scoped padding change to just entity-list-items within the sidebar
  side reduction of right-hand-padding to zero was causing other
  entity-list-items, such as those in the homepage listing, would then
  have no padding.
- Updated styles to use css logical properties to retain support for RTL
  languages such as Arabic, where the whole interface flips around.
  Related: https://css-tricks.com/css-logical-properties-and-values/

Merge branch 'fix_sidebar_css' of https://github.com/ffranchina/BookStack into ffranchina-fix_sidebar_css

Reviewed SAML SLS changes for ADFS, #2902

- Migrated env usages to config.
- Removed potentially unneeded config options or auto-set signed options
  based upon provision of certificate.
- Aligned SP certificate env option naming with similar IDP option.

Tested via AFDS on windows server 2019. To test on other providers.

Fixes padding issues of the sidebar's items

Merge branch 'master' of https://github.com/theodor-franke/BookStack into theodor-franke-master

Applied styleci changes

Merge pull request #2996 from BookStackApp/saml2_acs_session

Updated SAML ACS post to retain user session

Updated SAML ACS post to retain user session

Session was being lost due to the callback POST request cookies
not being provided due to samesite=lax. This instead adds an additional
hop in the flow to route the request via a GET request so the session is
retained. SAML POST data is stored encrypted in cache via a unique ID
then pulled out straight afterwards, and restored into POST for the SAML
toolkit to validate.

Updated testing to cover.

Applied latest changes from styleCI

Merge pull request #2986 from BookStackApp/attachments_api

Attachments API

Adjusted API docs table

Added attachment API examples during manual testing

Added TestCase for attachments API methods

Fixed bug report yaml formatting

Update support_request.yml

Converted issues templates to forms

Added support request template

Update language_request.yml

Delete language_request.md

Create language_request.yml

Build out core attachments API controller

Related to #2942

Added phpseclib to readme

Added base64 image extraction to markdown page content

- Included tests to cover.
- Manually tested via API update and interface page update.

Closes #2898

Applied latest styles changes from style CI

Merge branch 'oidc'

Updated readme with latest version info

Also updated version file to be current

New Crowdin updates (#2980)

* New translations entities.php (Spanish, Argentina)

* New translations activities.php (Spanish, Argentina)

* New translations auth.php (Spanish, Argentina)

* New translations settings.php (Spanish, Argentina)

* New translations validation.php (Spanish, Argentina)

* New translations auth.php (Spanish, Argentina)

Applied latest styleci changes

Updated php dependancies

Fixed guest user email showing in TOTP setup url

- Occured during enforced MFA setup upon login.
- Added test to cover.

Fixes #2971

Merge pull request #2977 from BookStackApp/custom_debug_view

Added custom whoops-based debug view

Added testing to cover debug view

Added custom whoops-based debug view

Provides a simple bookstack focused view that does not rely on JavaScript.
Contains links to BookStack specific resources in addition to commonly
desired debug details.

Fixed lack of oidc discovery filtering during testing

Tested oidc system on okta, Keycloak & Auth0

Fleshed out testing for OIDC system

Renamed OIDC files to all be aligned

Added OIDC basic autodiscovery support

Added further OIDC core class testing

Added positive test case for OIDC implementation

- To continue coverage and spec cases next.

Got OIDC custom solution to a functional state

- Validation of all key/token elements now in place.
- Signing key system updated to work with jwk-style array or with
  file:// path to pem key.

Added token and key handling elements for oidc jwt

- Got basic signing support and structure checking done.
- Need to run through actual claim checking before providing details
  back to app.

Merge pull request #2965 from Haxatron/master

Update DOMPDF chroot directory

Started on a custom oidc oauth provider

Update dompdf.php

base_path => public_path

Added throttling to password reset requests

Updated translator attribution before release v21.08.5

Applied changes from styleci

New Crowdin updates (#2953)

* New translations settings.php (Chinese Simplified)

* New translations entities.php (Slovak)

* New translations entities.php (Portuguese, Brazilian)

* New translations entities.php (Slovenian)

* New translations entities.php (Swedish)

* New translations entities.php (Turkish)

* New translations entities.php (Ukrainian)

* New translations entities.php (Chinese Simplified)

* New translations entities.php (Chinese Traditional)

* New translations entities.php (Indonesian)

* New translations entities.php (Portuguese)

* New translations entities.php (Persian)

* New translations entities.php (Spanish, Argentina)

* New translations entities.php (Croatian)

* New translations entities.php (Latvian)

* New translations entities.php (Bosnian)

* New translations entities.php (Norwegian Bokmal)

* New translations entities.php (Russian)

* New translations entities.php (Polish)

* New translations entities.php (Vietnamese)

* New translations entities.php (Danish)

* New translations entities.php (French)

* New translations entities.php (Spanish)

* New translations entities.php (Arabic)

* New translations entities.php (Bulgarian)

* New translations entities.php (Catalan)

* New translations entities.php (Czech)

* New translations entities.php (German)

* New translations entities.php (Dutch)

* New translations entities.php (Hebrew)

* New translations entities.php (Hungarian)

* New translations entities.php (Italian)

* New translations entities.php (Japanese)

* New translations entities.php (Korean)

* New translations entities.php (Lithuanian)

* New translations entities.php (German Informal)

* New translations entities.php (French)

* New translations entities.php (Spanish)

* New translations settings.php (Czech)

* New translations entities.php (Czech)

* New translations activities.php (Czech)

* New translations auth.php (Czech)

* New translations common.php (Czech)

* New translations validation.php (Czech)

* New translations entities.php (Portuguese)

* New translations settings.php (Portuguese)

* New translations entities.php (Portuguese)

* New translations activities.php (Portuguese)

* New translations auth.php (Portuguese)

* New translations common.php (Portuguese)

* New translations validation.php (Portuguese)

* New translations entities.php (Chinese Simplified)

* New translations entities.php (Chinese Simplified)

* New translations activities.php (Ukrainian)

* New translations activities.php (Ukrainian)

Added testing to cover work done in last commit

Relevant to comments in 7224fbcc89f00f2b71644e36bb1b1d96addd1d5a.
Added test cases. Ensured they failed pre-commit.
Also tested a range of the altered endpoints manually on both local and
s3-like filesystems.

Added protections against path traversal in file system operations

- Files within the storage/ path could be accessed via path traversal
  references in content, accessed upon HTML export.
- This addresses this via two layers:
  - Scoped local flysystem filesystems down to the specific image &
    file folders since flysystem has built-in checking against the
    escaping of the root folder.
  - Added path normalization before enforcement of uploads/{images,file}
    prefix to prevent traversal at a path level.

Thanks to @Haxatron via huntr.dev for discovery and reporting.
Ref: https://huntr.dev/bounties/ac268a17-72b5-446f-a09a-9945ef58607a/

Fixed search query issues when table prefixes are used

- Old raw select query was causing bad select clause in query
  when table prefixes were active.

Forced response cache revalidation on logged-in responses

- Prevents authenticated responses being visible when back button
  pressed in browser.
- Previously, 'no-cache, private' was added by default by Symfony which
  would have prevents proxy cache issues but this adds no-store and a
  max-age option to also invalidate all caching.

Thanks to @haxatron via huntr.dev
Ref: https://huntr.dev/bounties/6cda9df9-4987-4e1c-b48f-855b6901ef53/

Continued review of #2169

- Removed uneeded custom refresh or logout actions for OIDC.
- Restructured how the services and guards are setup for external auth
  systems. SAML2 and OIDC now directly share a lot more logic.
- Renamed any OpenId references to OIDC or OpenIdConnect
- Removed non-required CSRF excemption for OIDC

Not tested, Come to roadblock due to lack of PHP8 support in upstream
dependancies. Certificate was deemed to be non-valid on every test
attempt due to changes in PHP8.

Started refactor for merge of OIDC

- Made oidc config more generic to not be overly reliant on the library
  based upon learnings from saml2 auth.
- Removed any settings that are redundant or not deemed required for
  initial implementation.
- Reduced some methods down where not needed.
- Renamed OpenID to OIDC
- Updated .env.example.complete to align with all options and their
  defaults

Related to #2169