Commit Graph

8190 Commits

Author SHA1 Message Date
Jeremy Daer 586015c3f9 Bundle drift detection and correction (#2101)
Gemfile.saas evals Gemfile, so shared gems should have identical versions
in both lockfiles. This adds bin/bundle-drift to detect and fix drift:

* `bin/bundle-drift check` compares shared gem versions
* `bin/bundle-drift correct` seeds Gemfile.lock from Gemfile.saas.lock
  and re-locks, letting Bundler prune SaaS-only gems while preserving
  shared versions

Adds drift check to bin/ci and GitHub CI. Corrects existing drift.
2025-12-11 21:32:34 -08:00
Ítalo Matos 2e33262960 Refactor: Use Rails range syntax in ActivitySpike query (#2080)
Replace SQL string syntax with Rails range syntax for date filtering
in the ActivitySpike::Detector. This improves code readability and
follows Rails idioms.

Changed from:
  .where("created_at >= ?", recent_period.seconds.ago)

To:
  .where(created_at: recent_period.seconds.ago..)

This modernizes the codebase while maintaining the same functionality.
2025-12-11 20:40:31 -08:00
Javier Valencia 8f68e13707 Fix indentation in multi_db.rb initializer (#2082) 2025-12-11 20:37:28 -08:00
Anthony f2a2878382 Fix typo in translate property in card columns CSS (#2090)
Rename incorrect CSS property from `translaate` to `translate`
2025-12-11 20:36:54 -08:00
Ítalo Matos 0833c52aa0 Refactor: use idiomatic .last instead of .order(:desc).first (#2098)
Simplifies the last_event method in ActivitySpike::Detector by using
the more idiomatic Rails pattern .order(:created_at).last instead of
.order(created_at: :desc).first. Both generate the same SQL query but
.last is more readable and conventional in Rails codebases.
2025-12-11 20:35:38 -08:00
Jeremy Daer 2e17b78e08 bin/bundle-both (#2100)
Convenience for bundling both OSS and SaaS in lock-step:
```bash
> bin/bundle-both install

▸ OSS: Gemfile
bundle install
Bundle complete! 45 Gemfile dependencies, 161 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.

▸ SaaS: Gemfile.saas
bundle install
Bundle complete! 63 Gemfile dependencies, 187 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
```
2025-12-11 20:26:06 -08:00
Jankees van Woezik 78fc80cf35 API: Allow updates to last_active_at (#2076)
* Allow Card#last_updated_at to be set

This is useful when doing an import from another system. I'm currently
working on a script to import our Github issues into Fizzy.

This is discussed in
https://github.com/basecamp/fizzy/pull/2056#discussion_r2609560246

* Add nil fallback and expand test coverage for last_active_at

Adds a safety fallback to Time.current if created_at is unexpectedly nil
during card creation.

Test coverage to verify:
* last_active_at defaults to created_at when not provided
* last_active_at can be updated via API on existing cards
* import workflow where last_active_at is restored after comments
* publishing doesn't overwrite explicit last_active_at values

---------

Co-authored-by: Jeremy Daer <jeremy@37signals.com>
2025-12-11 19:06:03 -08:00
Jason Zimdars eeb016c934 Merge pull request #2055 from xakpc/hotfix/wider-support-for-fonts
hotfix: Expand font stack for better cross-OS support
2025-12-11 20:16:50 -06:00
Jason Zimdars c6efed854e Merge pull request #2088 from robzolkos/fix-view-transition-typo
Fix view-transition-name typo in public card show
2025-12-11 20:12:12 -06:00
Jason Zimdars 7d6b316f77 Merge pull request #2094 from robzolkos/fix-duplicate-use-word
Fix duplicate word: use use → use
2025-12-11 20:08:39 -06:00
Jason Zimdars 6fc4845d62 Merge pull request #2095 from robzolkos/fix-minutes-typo
Fix typo: minues → minutes
2025-12-11 20:07:29 -06:00
Jason Zimdars b21ed270dc Merge pull request #2092 from basecamp/text-update-for-entropy
Fix typo in _entropy.html.erb
2025-12-11 20:06:40 -06:00
Matthew Kent eb06884ea7 Bump fizzy-saas to pickup another staging change. 2025-12-11 16:19:06 -08:00
Mike Dalessio 2716368769 Remove the rails credentials from .gitattributes
because they make historical diffs very slow when searching history
with git pickaxe et al
2025-12-11 17:28:22 -05:00
Rob Zolkos cbcd433ad8 Fix typo: minues → minutes 2025-12-11 14:36:20 -05:00
Rob Zolkos 3ef7ef5110 Fix duplicate word: use use → use 2025-12-11 14:00:10 -05:00
Brian Bailey f193f47376 Fix typo in _entropy.html.erb 2025-12-11 13:50:34 -05:00
Mike Dalessio cd487a7409 Merge pull request #2091 from basecamp/flavorjones/fix-redirect-from-active-storage-controllers
Explicitly use main_app for URL helpers
2025-12-11 13:07:44 -05:00
Mike Dalessio 679a073c6b Add test coverage for the require_unauthenticated_access redirect 2025-12-11 13:02:54 -05:00
Mike Dalessio 3d523b84fc Explicitly use main_app for URL helpers
in controller concerns that are mixed into other engines' controllers. This prevents errors like:

> NoMethodError: undefined method 'session_menu_url' for an instance of ActiveStorage::DirectUploadsController

See also 912bb8a8 and 5ee10800
2025-12-11 12:55:32 -05:00
Fernando Álvarez ef3c49d9ad Bump fizzy-saas
Related to updating URL on staging environment.
2025-12-11 18:26:01 +01:00
Zoltan Hosszu 761fd8ccfb Make list style same for every indentation
Adds 'list-style: disc' to ordered and unordered lists in rich-text-content.css to ensure consistent bullet styling.
2025-12-11 18:11:50 +01:00
Jason Zimdars 2a17976f9c Merge pull request #1972 from viniciussoares/fix/auto-close-knob-bug-ios-safari
Fix auto-close knob showing range thumb on iOS Safari
2025-12-11 11:05:25 -06:00
Rob Zolkos 5dab9f8a3c Fix view-transition-name typo in public card show
Note: This transition name isn't paired with any other element,
so could be removed entirely if not planned for future use.
2025-12-11 11:42:30 -05:00
Kevin McConnell ddf4d2454d Merge pull request #2085 from basecamp/gemfile-lock-fix
Update Gemfile.saas.lock
2025-12-11 16:10:54 +00:00
Andy Smith 00d870c502 Merge pull request #2061 from nqst/blank-slates-updates
Blank slate adjustments
2025-12-11 10:08:56 -06:00
Kevin McConnell 4edd49374a Update Gemfile.saas.lock
To bring in line with change in [36419c3600]
2025-12-11 16:04:55 +00:00
Jason Zimdars 1e59bc9f6f Merge pull request #2023 from basecamp/theme-switcher-revised
Theme switcher revised
2025-12-11 09:46:11 -06:00
Jason Zimdars 941ce1f775 Need to use has*Target to check for optional static targets to prevent console errors 2025-12-11 09:38:34 -06:00
Jason Zimdars 2a0cf4efe9 Turn #theme into a proper setter 2025-12-11 09:31:12 -06:00
Jason Zimdars 21586291fa Prefer normal if/else conditional 2025-12-11 08:59:13 -06:00
Thiago Youssef 36419c3600 Bump rails version to remove svg renderer patch (#2081) 2025-12-11 15:15:54 +01:00
Kevin McConnell 193a28f6c8 Merge pull request #2035 from harisadam/single_tenant
Add env-configurable option to disable public signups
2025-12-11 13:08:19 +00:00
Kevin McConnell 05d176cc31 Test that sign in respects single tenant state 2025-12-11 12:49:03 +00:00
Kevin McConnell 3f2938dd8e Bump fizzy-saas to set config option 2025-12-11 12:24:59 +00:00
Stanko Krtalić f89838ba96 Merge pull request #2079 from basecamp/fix-direct-uploads-via-api
Fix direct uploads via API
2025-12-11 13:04:58 +01:00
Kevin McConnell 06bfe2c982 Scope the config option
Also use a `configure` block to set it up.
2025-12-11 11:28:32 +00:00
Kevin McConnell dece2d08d1 Update namespacing & naming 2025-12-11 11:21:09 +00:00
Kevin McConnell 5d2ca6759d Naming 2025-12-11 11:20:43 +00:00
Kevin McConnell cad1e97e8a Don't need to call this out 2025-12-11 11:20:43 +00:00
Kevin McConnell 0e443d3602 Use initializer to configure tenant mode 2025-12-11 11:20:43 +00:00
Kevin McConnell a5580666a7 Single tenant by default & update tests 2025-12-11 11:20:43 +00:00
Stanko K.R. fb77d85b0d Explain that the upload URL is account-scope 2025-12-11 12:00:51 +01:00
Stanko K.R. 5ee10800a2 Allow direct uploads via API 2025-12-11 11:52:38 +01:00
Jorge Manrubia dcdd8537af Merge pull request #2066 from basecamp/text-change-for-golden-tickets
Update tip text for turning a card into a Golden Ticket
2025-12-11 07:36:22 +01:00
Adam Haris f76309d116 Merge branch 'main' into single_tenant 2025-12-11 06:08:01 +01:00
Jeremy Daer 5d181af391 Storage: ignore jobs for now-deleted targets 2025-12-10 20:13:19 -08:00
Jankees van Woezik 477b4d65f2 API: Support created_at for API card and comment creation (#2056)
* Add support to set `created_at`

Discussed in
https://github.com/basecamp/fizzy/pull/1766#issuecomment-3637846074,
this allows users to import cards from another system with entries from
the past. For instance I'm importing all our Github issues (including
the closed onces) to Fizzy.

* Iron out published state tracking

---------

Co-authored-by: Jeremy Daer <jeremy@37signals.com>
2025-12-10 19:57:38 -08:00
Jeremy Daer 90452a4236 Enforce CSP (#2070) 2025-12-10 17:55:02 -08:00
Jeremy Daer 22da6dc19d CSP: full config with env vars per source (#2069)
* Configure all sources with CSP_* vars. Space separated source list.
* Fall back to `config.x.content_security_policy.*`
* Move our sources to fizzy-saas

References https://github.com/basecamp/fizzy-saas/pull/24
2025-12-10 17:21:09 -08:00