* test: update sign_in_as system test helper to be more generic
and support fixture users with more than one board
* test: backfill a test for the card "back link"
when coming from a board filter page
* Fix back navigation to filter views from cards
When navigating from a filter view to a card, the back link now shows
the filter's label and navigates back to the filter URL instead of the
card's board.
The turbo-navigation Stimulus controller stores the page title alongside
the referrer URL in sessionStorage. On the card show page, a
referrerBackLink target rewrites the back link's href and label from the
stored values. This is scoped only to the card show page to avoid
navigation loops in multi-level deep pages.
* Add referrer allowlist to prevent stale referrer rewrites
The back link is only rewritten when the stored referrer's path matches
an allowlist of paths passed via prefer_referrer. This prevents stale
referrers from unrelated pages (e.g., settings) from overriding the
card's back link.
* Move back link navigation tests to dedicated system test file
Extract back link tests from smoke_test.rb into their own file since
they test specific JavaScript behavior that needs regression coverage.
Move sign_in_as helper to ApplicationSystemTestCase for reuse.
* Move markdown paste tests to dedicated system test file
* main: (65 commits)
Repair scope for card styles within the columns view
Add missing list to cards page
Account for simpler public views
Fix public layout
Pull board-tools outside of the list for mobile
saas: move log_level setting into an environment variable
Restore log level configurability in production environment
Remove engagements
Use notch class so Save button is positioned correctly
Go back to board after clearing filters
Revert "Use existing no_filtering_url to direct back to the board when clearing filters"
Use existing no_filtering_url to direct back to the board when clearing filters
Ensure filters sit on top of cards
Fix public boards
Fix card grid layout
Fix Chinese/Japanese characters missing from printed PDFs on macOS
Add SQLite FTS5 support for CJK search
Add CJK (Chinese, Japanese, Korean) search support
Fix scrolling on mobile
Remember expanded state on navigation
...
* main: (63 commits)
Ignore hotkeys with modifiers
Fix 1Password account ID (was user UUID) (#2278)
Switch 1Password account to 37signals.1password.com (#2276)
Remove CSS testing comments
Max card count equals geared pagination size
Block IPv4-compatible IPv6 addresses in SSRF protection (#2273)
Only enable transitions on user interaction
Don't update counter if value hasn't changed
Add padding to upgrade message on larger screens
Add test coverage for autolinking multiple URLs
Add "noopener" to autolinks' rel attribute
Avoid string manipulation when autolinking.
Only bump z-index when nav is open
Move nav and related elements above footer
Delete Dockerfile.dev
fix: use the right gh-cli arch package (#2232)
Bump actions/attest-build-provenance from 3.0.0 to 3.1.0 (#2257)
Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 (#2256)
Consider user avatars always public
Implement authorization for Active Storage endpoints
...
* main: (55 commits)
Add padding to upgrade message on larger screens
Add test coverage for autolinking multiple URLs
Add "noopener" to autolinks' rel attribute
Avoid string manipulation when autolinking.
Only bump z-index when nav is open
Move nav and related elements above footer
Delete Dockerfile.dev
fix: use the right gh-cli arch package (#2232)
Bump actions/attest-build-provenance from 3.0.0 to 3.1.0 (#2257)
Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 (#2256)
Consider user avatars always public
Implement authorization for Active Storage endpoints
Update documentation
Expose the card ID and URL on comments
Don't run application recurring jobs in betas
This link is reduntant if you're over the limits
Add obvious upgrade button when you're out of storage
Internaly only view
Target comment elements more precisely
Better name for helper method
...
* main: (318 commits)
Document the new sign in method
Replace handle_ naming
Use same constant for fake magic links
Replace FakeMagicLink with a temporary object
Tidy up session_token
Clean up interfaces
Split tests by controller or responsibility
Simplify auth logic
Fix due to unit test when creating with invalid emails
Restore sessions_controller test on creating invalid email address
Move magic link api tests to their own files
Rename test to clarify what they're about
Cleanup session creation
Update to always return a pending auth token for JSON responses.
Update API test for cross code
Change test expectation on single tenant mode account creation
Add unit tests for the new endpoints
Pass a server token when creating a magic link via API
Simplify code a bit
Simplify session create logic for both html and json
...
Embedded PDF previewing isnt' reliable (not working in Safari with active storage). Instead
let's align the editor with Active Storage previews and support pdf previews