Commit Graph

8126 Commits

Author SHA1 Message Date
Jason Zimdars 21586291fa Prefer normal if/else conditional 2025-12-11 08:59:13 -06:00
Jason Zimdars 04d3ac50b2 Clean-up post merge and rework layout to accomodate API and Appearance blocks 2025-12-10 16:46:58 -06:00
Jason Zimdars 6f25b70b7f Merge branch 'main' into theme-switcher-revised 2025-12-10 16:30:36 -06:00
Jeremy Daer 94e991df07 Gitleaks: ignore legit non-sensitive API keys and tokens in docs/ and test/ (#2068) 2025-12-10 14:23:55 -08:00
Jason Zimdars 2d359fa230 Clean-up styles and JS controller, use radios 2025-12-10 16:15:45 -06:00
Mike Dalessio d750c9e5f2 Merge pull request #2067 from basecamp/flavorjones/gitleaks-20251210
Get gitleaks-audit green again
2025-12-10 17:14:40 -05:00
Mike Dalessio 3191c4ec1e Get gitleaks-audit green again 2025-12-10 17:05:19 -05:00
dependabot[bot] ef538abb4f Bump actions/checkout from 4 to 6 (#2047)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:25:42 -08:00
dependabot[bot] 19cd7bfeec Bump docker/login-action from 3.5.0 to 3.6.0 (#2046)
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3.5.0...v3.6.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: 3.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:25:17 -08:00
dependabot[bot] 9ee8b131c5 Bump docker/metadata-action from 5.8.0 to 5.10.0 (#2045)
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.8.0 to 5.10.0.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/v5.8.0...v5.10.0)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-version: 5.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:25:02 -08:00
dependabot[bot] a90ad88bab Bump sigstore/cosign-installer from 3.9.2 to 4.0.0 (#2044)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.9.2 to 4.0.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.9.2...v4.0.0)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:24:47 -08:00
Hosmel Quintana df9a4b255c make MySQL SSL mode configurable via env var (#2036) 2025-12-10 13:22:38 -08:00
Andy Smith bed0e4bd9e Merge pull request #2009 from nqst/clickable-checkbox-labels
Make toggle switch labels clickable
2025-12-10 14:47:51 -06:00
Andy Smith 0e9350d637 Revert "Fix Lexxy prompt list padding by lowering rich-text specificity"
This reverts commit 31fec69822.
2025-12-10 14:12:34 -06:00
Andy Smith 31fec69822 Fix Lexxy prompt list padding by lowering rich-text specificity 2025-12-10 14:12:14 -06:00
Stanko Krtalić 96b6c6e9dc Merge pull request #2060 from basecamp/improve-api-docs-phrasing
Improve phrasing
2025-12-10 20:54:34 +01:00
Stanko K.R. 3f2e3e6b62 Improve phrasing 2025-12-10 20:49:36 +01:00
Stanko Krtalić ce4be3462c Merge pull request #2057 from basecamp/api-fixes
Followup API fixes
2025-12-10 18:52:45 +01:00
Stanko K.R. 4e092407ab Fix crash due to missing partial 2025-12-10 18:47:00 +01:00
Stanko K.R. b0b90cef66 Fix status and filter mistakes 2025-12-10 18:42:23 +01:00
Andy Smith dc6696940c Don't use abbreviations 2025-12-10 11:21:31 -06:00
Andy Smith c90d5cd65e Make vars for lexxy syntax dropdown icons 2025-12-10 11:21:00 -06:00
Andy Smith aae9d38046 Make vars for select input BG image 2025-12-10 11:18:27 -06:00
Kevin McConnell 858439a5de Merge pull request #2051 from basecamp/run-jobs-by-default
In non-SaaS, run jobs in container by default
2025-12-10 16:59:24 +00:00
Mike Dalessio 6c73049261 Merge pull request #2053 from basecamp/flavorjones/fix-system-comment-injection
Prevent HTML injection into system comments (card activity feed)
2025-12-10 11:01:34 -05:00
Mike Dalessio cb4883a655 Merge pull request #2052 from basecamp/flavorjones/fix-join-codes-bignum
Add validation for the join code usage limit
2025-12-10 10:50:54 -05:00
Mike Dalessio e0c821f69b Autolinking is more robust
and handles URLs with CGI params, recognizes more (and multiple)
trailing punctuation marks including entity-encoded punctuation like
`&quot;`.
2025-12-10 10:42:24 -05:00
Mike Dalessio c5721b8187 Avoid unescaping characters when auto-linking
which could lead to Nokogiri unintentionally parsing tags from a
previously-escaped text node.
2025-12-10 10:38:43 -05:00
Mike Dalessio 83360ec6f3 Escape the names used to generate system comments
including user names, board titles, column names, and card titles.
2025-12-10 10:38:42 -05:00
Mike Dalessio fa118a7d83 Add validation for the join code usage limit
which is preferred to generating a database error
2025-12-10 10:10:08 -05:00
Stanko Krtalić 754aaa5a76 Merge pull request #1766 from basecamp/basic-api
Add basic API
2025-12-10 15:43:58 +01:00
Kevin McConnell 2a3fda02f4 Merge pull request #1939 from hosmelq/active-storage-env-config
Make Active Storage service configurable
2025-12-10 14:36:47 +00:00
Stanko K.R. 714f7642b2 Rename /identity to /my/identity in docs 2025-12-10 15:32:50 +01:00
Stanko K.R. 3257e4a6e9 Inline partials 2025-12-10 15:27:56 +01:00
Stanko K.R. 5ce71bf941 Move Identities to My::Identities 2025-12-10 15:13:35 +01:00
Kevin McConnell a5396bbb1a Don't overwrite storage service from engine 2025-12-10 14:08:08 +00:00
Stanko K.R. 90e6322092 Return no content on update 2025-12-10 15:07:22 +01:00
Stanko K.R. 566def581e Remove redundant respond_to 2025-12-10 15:05:13 +01:00
Kevin McConnell 6f002b66d8 In non-SaaS, run jobs in container by default 2025-12-10 12:32:35 +00:00
Stanko K.R. 79e77a3780 Handle user update failures 2025-12-10 09:23:53 +01:00
Stanko K.R. 8dc6c48db5 Remove composite cache key
This prevents jbuilder from fetching multiple records at once, but it's no longer needed as the column and board touch all their associated cards on update so we can remove it
2025-12-10 09:23:53 +01:00
Stanko K.R. cbbddf9ffe Add cache directives 2025-12-10 09:23:53 +01:00
Stanko K.R. 462470ed1d Remove endpoints section
It was too easy to get lost in the ### sections for each resource. With rescources being ## sections I hope it will be easier to find things.
2025-12-10 09:23:53 +01:00
Stanko K.R. a7ca41e548 Move the tags section close to the cards 2025-12-10 09:23:53 +01:00
Stanko K.R. 7b30ca203e Add index actions for Comments and Columns
Also, fix crash when a deactivated user is serialized (they don't have
an identity).
2025-12-10 09:23:52 +01:00
Stanko K.R. bea8e60fd0 Document Card-related APIs 2025-12-10 09:23:52 +01:00
Stanko K.R. 707bf45063 Add steps to cards 2025-12-10 09:23:52 +01:00
Stanko K.R. 86aed7b7b7 Add detailed guide for creating access tokens 2025-12-10 09:23:52 +01:00
Stanko K.R. d655074685 Document users API endpoints 2025-12-10 09:23:52 +01:00
Stanko K.R. 0c75712e83 Document notifications endpoints 2025-12-10 09:23:52 +01:00