Commit Graph

8025 Commits

Author SHA1 Message Date
David Heinemeier Hansson 3c3f098500 Compact 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 0159f369f4 Only authenticate with bearer token if the header is present 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson a8dc4fb310 Excess whitespace 2025-12-10 09:23:52 +01:00
Jay Ohms 680f9c0c4d Add top-level API index support for tags 2025-12-10 09:23:52 +01:00
Jay Ohms 5ad7b973cb Add API support for users 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 79fc57a82a Use built-in authenticate_or_request_with_http_token
Hat tip to @adrienpoly
2025-12-10 09:23:52 +01:00
Jason Zimdars d82093c0cd Complete the view transition loop 2025-12-10 09:23:52 +01:00
Jason Zimdars fa2eb06992 Design show view 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 983a19fd8a Create cards via API 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson f0c0a87c74 Return json URLs for API actions 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 129b81984f Creating a new board will return the location header 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson efbd2cc3da Allow API JSON requests to sidestep csrf protection 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 0ce3a85778 Only allow writing when the access token has permission 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson d36be764e2 Awaiting JZ's design 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 7bc6ae4fac Polish 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 96b62d6ec4 Only allow new token to be viewed within 10 seconds 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson d2bdd13909 Inline anemic partial 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 88902485e1 Access tokens are strictly personal 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson caa4cd491e Smooth out the finder API 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 0ba43de61a This had gotten stripped 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 9254d17359 The magic of it is not needing to manually yield it! 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 7d2c284726 Clarify 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 467843fe22 Inline now anemic helper methods 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 3329008dd8 Handle everything in the same method 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 895b0e13b8 Drop the need for access tokens to have a session 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 660fcff558 Authenticate api requests without needing a session 2025-12-10 09:23:52 +01:00
Jason Zimdars 073d1af862 List, create, and revoke access tokens 2025-12-10 09:23:52 +01:00
Jason Zimdars 48c83f34b0 Add developer section to user profile 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson db29562c4c Tie access token directly to session
We need to present them differently in the session list and prevent them
from being deleted
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson b53c0a5385 Correct 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson c65cb77ac4 API index for cards 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson d384971ea2 Test the boards API 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson a81c681a8d Add access token authentication via HTTP AUTHORIZATION bearer header 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson ea697b7143 Add API to boards 2025-12-10 09:23:52 +01:00
Stanko Krtalić 728fe7c243 Merge pull request #2043 from basecamp/fix-crash-on-gh-actions-check
Remove semver-major-days on GH actions
2025-12-10 09:21:46 +01:00
Stanko K.R. 9d5ddfccec Remove semver-major-days from Dependabot on GH actions 2025-12-10 09:18:20 +01:00
Stanko Krtalić 1d89bd9795 Merge pull request #2040 from robinbrandt/push-tmrkoytpuvul
Allow chromium unstable endpoint for push messages
2025-12-10 09:10:06 +01:00
Robin Brandt d60643f5ef Allow chromium unstable endpoint 2025-12-09 20:24:09 -05:00
Andy Smith b549291889 Merge pull request #2038 from basecamp/jump-menu-empty-state
Add blank slate to the main menu
2025-12-09 18:12:53 -06:00
Jeremy Daer 8a732b081d Bump Rails to current ast-immediate-variants-process-locally branch 2025-12-09 15:54:06 -08:00
Jeremy Daer 85bd5c2df5 Rails seeded parallel tests (#2037)
Enable work stealing by default for a tiny speedup at the cost of small
loss in reproducibility.

References https://github.com/rails/rails/pull/56175
2025-12-09 15:50:01 -08:00
Andy Smith 6074ed2347 Add blank slate to the main menu 2025-12-09 15:56:10 -06:00
Andy Smith fbb0c9d795 Merge pull request #2007 from basecamp/prompt-spacing-fix
Fixing Lexxy prompt menu spacing
2025-12-09 15:43:01 -06:00
Zoltan Hosszu d12eaa4073 Fixing Lexxy prompt menu spacing 2025-12-09 17:36:22 +01:00
Kevin McConnell 0430ce0620 Merge pull request #1911 from harisadam/main
Configure email delivery in production using environment variables
2025-12-09 12:56:03 +00:00
Kevin McConnell 99bee0e0e0 Make SMTP config conditional on SMTP_ADDRESS
- If `SMTP_ADDRESS` is set, configure Action Mailer to use it, along
  with additional optional SMTP-related settings.
- Otherwise, don't set config (for compatibility with engines like
  fizzy-saas).
- Remove sendmail env setup, since by default there is no sendmail in
  the container, and custom deployment can use whatever config the want
  directly. If we end up needing this, we can bring it back via its
  own env.
2025-12-09 12:44:36 +00:00
Adam Haris 9de59ca37b default to smtp 2025-12-09 11:54:45 +00:00
Adam Haris 1d5654cafa configurable actionmailer settings (ENV) 2025-12-09 11:54:44 +00:00
Jorge Manrubia da2bd2f2ec Merge pull request #2024 from basecamp/immediate-variant-locally
Process blob variants using local files
2025-12-09 12:17:12 +01:00
Jorge Manrubia 94c59a2399 Merge pull request #2033 from basecamp/limit-webhook-response-size
Stream response in webhook request manually to check size
2025-12-09 12:16:42 +01:00