Commit Graph

432 Commits

Author SHA1 Message Date
Mike Dalessio 851f13a934 Render inline code in card titles (#2518)
* Remove unused marked JS dependency

* Remove unused redcarpet dependency

* Render inline code in card titles

Add card_html_title helper that HTML-escapes input then converts
backtick-wrapped text to <code> elements. Apply to card titles in
board preview, card detail, public views, and notification emails.
Style inline code elements in titles to match description styling.

Co-authored-by: Andy Smith <andy@37signals.com>

---------

Co-authored-by: Andy Smith <andy@37signals.com>
2026-02-12 12:07:40 -05:00
Donal McBreen 1506624cd3 Add stackprof for profiling
So you can do something like this:

```ruby
  require "stackprof"

  report = StackProf.run(mode: :wall, interval: 100) do
    Account.find_by(external_account_id: 123)
  end

  StackProf::Report.new(report).print_text
```
2026-02-12 15:42:50 +00:00
Zoltan Hosszu 2ee745cf82 Lexxy version bump 2026-02-12 09:54:20 +01:00
Stanko K.R. 992f15066b Replace RubyZip with ZipKit
ZipKit can read and write files directly from S3 which makes both imports and exports way more efficient in terms of disk usage.
2026-02-02 12:36:48 +01:00
Rosa Gutierrez 1083784a98 Update turbo-rails to get latest Turbo version
In preparation for offline mode.
2026-01-19 19:40:08 +01:00
Stanko K.R. a811ba1b2a Bump Bootsnap to v1.21.1 2026-01-16 14:26:46 +01:00
Jorge Manrubia af9f53d82d Update lexxy to latest 2026-01-15 16:38:07 +01:00
Zoltan Hosszu 43fa7fb6aa Update to Lexxy 0.7.0beta 2026-01-15 16:34:56 +01:00
Jorge Manrubia ce1c04803e Update to latest Lexxy 2026-01-15 16:34:56 +01:00
Stanko K.R. f6557856f7 Update runtime dependencies
Updated kamal, bootsnap, rqrcode, net-http-persistent, web-push, aws-sdk-s3, bcrypt & rouge
2026-01-13 12:03:43 +01:00
Stanko K.R. 40a5d6211e Update development dependencies 2026-01-13 11:52:10 +01:00
Rosa Gutierrez 182d36aee9 Update Rails 2026-01-02 18:56:28 +01:00
Stanko K.R. 6be2f94581 Update aws-sdk-s3
Fixes a security warning raised by gem audit
2025-12-19 19:09:40 +01:00
Jorge Manrubia 3c078ae078 Merge pull request #2145 from bslobodin/bs-intel-mac
Update `Gemfile.lock` after `bin/setup` on Intel-based mac
2025-12-19 11:27:50 +01:00
Robin Brandt dddaf861d4 Bump mittens gem to support build on FreeBSD (#2196) 2025-12-18 10:56:24 -08:00
Boris Slobodin 5fb1f6feb4 update Gemfile.lock after bin/setup on intel mac 2025-12-18 09:08:34 -05:00
Kevin McConnell 14f337739d Update Thruster 2025-12-16 13:28:49 +00:00
Jorge Manrubia 2e66fdff4a Update lexxy to bring fixes from https://github.com/basecamp/lexxy/releases/tag/v0.1.24.beta 2025-12-14 18:53:23 +01:00
Jeremy Daer 586015c3f9 Bundle drift detection and correction (#2101)
Gemfile.saas evals Gemfile, so shared gems should have identical versions
in both lockfiles. This adds bin/bundle-drift to detect and fix drift:

* `bin/bundle-drift check` compares shared gem versions
* `bin/bundle-drift correct` seeds Gemfile.lock from Gemfile.saas.lock
  and re-locks, letting Bundler prune SaaS-only gems while preserving
  shared versions

Adds drift check to bin/ci and GitHub CI. Corrects existing drift.
2025-12-11 21:32:34 -08:00
Thiago Youssef 36419c3600 Bump rails version to remove svg renderer patch (#2081) 2025-12-11 15:15:54 +01:00
Jeremy Daer 8a732b081d Bump Rails to current ast-immediate-variants-process-locally branch 2025-12-09 15:54:06 -08:00
Jeremy Daer 85bd5c2df5 Rails seeded parallel tests (#2037)
Enable work stealing by default for a tiny speedup at the cost of small
loss in reproducibility.

References https://github.com/rails/rails/pull/56175
2025-12-09 15:50:01 -08:00
Jeremy Daer 8eb01da057 Process blob variants using local files
Rails does post-upload variant processing using the same file upload
in https://github.com/rails/rails/pull/56327

Unrelated Lexxy bump:
Pulls in https://github.com/basecamp/lexxy/pull/493 to work around `dom_id`
removal from ActionText tag in https://github.com/rails/rails/pull/51238
2025-12-08 23:41:15 -08:00
Jorge Manrubia cb0e9b9962 Immediate avatar and embed variants (#2002)
Reverts #2001
Restores #1955
2025-12-08 14:17:06 -08:00
Robin Brandt 2110fba227 Bump mittens to 0.3.1 (#2006) 2025-12-08 15:26:39 +01:00
Jorge Manrubia c8c91259c7 Revert "Immediate avatar and embed variants" 2025-12-07 12:06:03 +01:00
Jorge Manrubia 91017c9208 Merge pull request #1955 from basecamp/immediate-variants
Immediate avatar and embed variants
2025-12-07 11:50:02 +01:00
Jorge Manrubia 48ef7d0b98 Update Lexxy and hide the highlighter for now 2025-12-05 11:24:52 +01:00
Jorge Manrubia 67f36886a1 Update lexxy to latest
Color highlighter, more code languages...
2025-12-05 11:17:29 +01:00
Jeremy Daer 21f3f72647 Immediate avatar and embed variants
Process variants synchronously on attachment to close the window between
image upload and variant availability, guaranteeing that we won't have
lazy variant processing attempts in GET requests.

Tradeoff is that we do variant processing in upload requests, which is
actually desirable. We're working with images that should take
milliseconds to resize given that we'll already have the file on hand.

References https://github.com/rails/rails/pull/51951
2025-12-04 23:54:37 -08:00
David Heinemeier Hansson d729cf59f9 Beautify board watchers list (#1946)
* Beautify board_watchers_list by escaping the concat jungle

* Correct it and clean it

* Latest Rails to get the content tag fix

* Test against original collection
2025-12-04 16:14:52 -08:00
Jeremy Daer 085d47613f Bundler: normalize platforms (#1822)
```bash
bundle lock --normalize-platforms
BUNDLE_GEMFILE=Gemfile.saas bundle lock --normalize-platforms
```
2025-12-02 13:37:36 -08:00
Jorge Manrubia f64d5841b6 Merge pull request #1786 from basecamp/dependabot/bundler/rqrcode-3.1.1
Bump rqrcode from 3.1.0 to 3.1.1
2025-12-02 17:32:58 +01:00
Jorge Manrubia ca60760504 Merge pull request #1784 from basecamp/dependabot/bundler/sqlite3-2.8.1
Bump sqlite3 from 2.8.0 to 2.8.1
2025-12-02 17:32:50 +01:00
Jorge Manrubia 40301ffa8f Merge pull request #1782 from basecamp/dependabot/bundler/development-dependencies-b9e97ca7ce
Bump bundler-audit from 0.9.2 to 0.9.3 in the development-dependencies group
2025-12-02 17:32:43 +01:00
dependabot[bot] a3127e8fc1 Bump rqrcode from 3.1.0 to 3.1.1
Bumps [rqrcode](https://github.com/whomwah/rqrcode) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/whomwah/rqrcode/releases)
- [Changelog](https://github.com/whomwah/rqrcode/blob/main/CHANGELOG.md)
- [Commits](https://github.com/whomwah/rqrcode/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: rqrcode
  dependency-version: 3.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-12-02 09:58:52 +00:00
dependabot[bot] d3c438cbc1 Bump sqlite3 from 2.8.0 to 2.8.1
Bumps [sqlite3](https://github.com/sparklemotion/sqlite3-ruby) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/sparklemotion/sqlite3-ruby/releases)
- [Changelog](https://github.com/sparklemotion/sqlite3-ruby/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/sqlite3-ruby/compare/v2.8.0...v2.8.1)

---
updated-dependencies:
- dependency-name: sqlite3
  dependency-version: 2.8.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-12-01 23:05:27 +00:00
dependabot[bot] 71453747ab Bump bundler-audit in the development-dependencies group
Bumps the development-dependencies group with 1 update: [bundler-audit](https://github.com/rubysec/bundler-audit).


Updates `bundler-audit` from 0.9.2 to 0.9.3
- [Release notes](https://github.com/rubysec/bundler-audit/releases)
- [Changelog](https://github.com/rubysec/bundler-audit/blob/master/ChangeLog.md)
- [Commits](https://github.com/rubysec/bundler-audit/compare/v0.9.2...v0.9.3)

---
updated-dependencies:
- dependency-name: bundler-audit
  dependency-version: 0.9.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-12-01 23:04:45 +00:00
Kevin McConnell e16cc21b0a Add "data export" feature
- Adds a button in Account Settings where you can request a ZIP export of your
  Fizzy data
- Export files are created in the background. When ready, a link to
  download them is sent to the requester.
- Exports expire after 24 hours. And are limited to 10 per day.
2025-12-01 15:23:26 +00:00
Jorge Manrubia 6ccf655597 Move yabeda/prometheus stuff to the gem 2025-11-28 15:53:58 +01:00
Jorge Manrubia 3b0ddf4cfb Move sentry to engine 2025-11-28 15:53:58 +01:00
Jorge Manrubia cd7d3d3329 Move kamal secrets to the gem 2025-11-28 15:53:58 +01:00
Jorge Manrubia f62bf9fcbf Bundle! 2025-11-28 15:53:58 +01:00
Jorge Manrubia ad6f3a9ff7 Instead of a dedicated group, use a completely separate Gemfile for the saas version
The group-based approach won't work if you don't have access to the gems!
2025-11-28 15:53:58 +01:00
Jorge Manrubia 4c5640a655 Make structured logging private 2025-11-28 15:53:58 +01:00
Jorge Manrubia 102827ff8d Use bundler groups instead of conditional
So that the gemfile.lock does not change across invocations
2025-11-28 15:53:48 +01:00
Jorge Manrubia 6134407f5e Make sass property depend on txt file or env var 2025-11-28 15:53:48 +01:00
Jorge Manrubia e1e9a01720 Make open source the default, and check for sass instead 2025-11-28 15:53:48 +01:00
Mike Dalessio 60e1751cac Update useragent to recognize twitterbot/facebot
This UA was pulled from our logs.

ref: https://app.fizzy.do/5986089/cards/1775
2025-11-25 18:05:21 -05:00
Mike Dalessio b767d6edcb Allow requests from Google Image Proxy
which should fix email notifications' avatars rendering as broken
images in GMail.

ref: https://app.fizzy.do/5986089/cards/1740
2025-11-25 16:26:15 -05:00