Commit Graph

9815 Commits

Author SHA1 Message Date
dependabot[bot] a0c0fd3b1f Bump bcrypt from 3.1.21 to 3.1.22
Bumps [bcrypt](https://github.com/bcrypt-ruby/bcrypt-ruby) from 3.1.21 to 3.1.22.
- [Release notes](https://github.com/bcrypt-ruby/bcrypt-ruby/releases)
- [Changelog](https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG)
- [Commits](https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22)

---
updated-dependencies:
- dependency-name: bcrypt
  dependency-version: 3.1.22
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-19 18:57:58 +00:00
dependabot[bot] 6538cf80a9 Bump json from 2.19.1 to 2.19.2 (#2730)
* Bump json from 2.19.1 to 2.19.2

Bumps [json](https://github.com/ruby/json) from 2.19.1 to 2.19.2.
- [Release notes](https://github.com/ruby/json/releases)
- [Changelog](https://github.com/ruby/json/blob/master/CHANGES.md)
- [Commits](https://github.com/ruby/json/compare/v2.19.1...v2.19.2)

---
updated-dependencies:
- dependency-name: json
  dependency-version: 2.19.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* Sync Gemfile.saas.lock

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-03-19 09:35:47 -07:00
Jorge Manrubia 1c4bf3e1e0 Add per-account storage exceptions for SaaS (#2733)
Allow granting specific accounts more storage via an
account_storage_exceptions table in the saas DB, without
relying on the blanket staff bypass.
2026-03-19 15:36:36 +01:00
Jorge Manrubia cf10dbd91e Add 1GB storage cap with staff bypass (#2729)
Re-applies the storage limit from #2713 (reverted in #2715) with an
exception for staff identities so our own account isn't blocked.
2026-03-19 12:38:39 +01:00
Mike Dalessio 11df9c3589 Fix back navigation from activity page to cards (#2727)
Three changes needed to support navigating back from a card to the
activity page:

- Add root_path to the prefer_referrer allowlist on the card show page
- Switch event links from HTML target="_top" to data-turbo-frame="_top"
  so Turbo handles the navigation and turbo:before-visit fires to save
  the referrer
- Normalize trailing slashes in the referrer path comparison so
  /account_id and /account_id/ both match

ref: https://app.fizzy.do/5986089/cards/2390
2026-03-18 22:03:36 -04:00
Mike Dalessio 248fc5d3e7 Fix back navigation from filter views to cards (#2725)
* test: update sign_in_as system test helper to be more generic

and support fixture users with more than one board

* test: backfill a test for the card "back link"

when coming from a board filter page

* Fix back navigation to filter views from cards

When navigating from a filter view to a card, the back link now shows
the filter's label and navigates back to the filter URL instead of the
card's board.

The turbo-navigation Stimulus controller stores the page title alongside
the referrer URL in sessionStorage. On the card show page, a
referrerBackLink target rewrites the back link's href and label from the
stored values. This is scoped only to the card show page to avoid
navigation loops in multi-level deep pages.

* Add referrer allowlist to prevent stale referrer rewrites

The back link is only rewritten when the stored referrer's path matches
an allowlist of paths passed via prefer_referrer. This prevents stale
referrers from unrelated pages (e.g., settings) from overriding the
card's back link.

* Move back link navigation tests to dedicated system test file

Extract back link tests from smoke_test.rb into their own file since
they test specific JavaScript behavior that needs regression coverage.
Move sign_in_as helper to ApplicationSystemTestCase for reuse.

* Move markdown paste tests to dedicated system test file
2026-03-18 17:03:13 -04:00
Daniel Pinto ad1b10368d Fix export size doubling from re-exporting prior export blobs (#2707)
* Exclude export/import blobs and attachments from account exports

Export and import file blobs were being assigned the account's
account_id (via the Current.account default), causing subsequent
exports to include previous export/import ZIP files in the data.
This roughly doubled the export size each time and made imports
fail with an IntegrityError on unrecognized "Account::Export"
record type.

Filter out blobs attached to Export/Import records in
BlobRecordSet, FileRecordSet, and a new AttachmentRecordSet.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Use STI base type for export blob exclusion filter

Rails polymorphic_name returns base_class.name for STI models,
so ActiveStorage stores record_type as "Export" rather than the
concrete subclass names. Filter on the base type accordingly.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Fix export filtering for mixed-use Active Storage blobs

Exclude only internal-only blobs for account export metadata/file sets, scope attachment subqueries by account, and add regression coverage for blobs shared between user records and export attachments.

* Simplify export blob filtering

Exports always create fresh blobs, so a blob can never be legitimately
shared between an Export/Import and a real account record. Replace the
internal_only/external split with a single excluded_blob_ids subquery
and drop the contrived shared-blob test.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-18 11:41:22 -04:00
Peter Baker e0d66b2fd0 Fix ambiguous column in SQLite FTS multi-term search (#2688)
* Fix multi-term SQLite FTS5 search causing a 500 error

When filtering cards by more than one term, `matching` was called
once per term via an association join. Rails did not deduplicate
association joins, resulting in two JOINs to `search_records_fts`
in a single query. SQLite FTS5 then raised "ambiguous column name"
when evaluating the MATCH condition.

Fix by using a string join instead, which Rails deduplicates so
only one JOIN to `search_records_fts` is generated regardless of
how many terms are searched.

Fixes: https://github.com/basecamp/fizzy/discussions/2354

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* test: verify multi-term search requires ALL terms to match

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Mike Dalessio <mike@37signals.com>
2026-03-18 11:38:06 -04:00
Stanko Krtalić 5701aad8d7 Merge pull request #2623 from basecamp/passkeys
Passkeys
2026-03-18 14:54:54 +01:00
Stanko K.R. 14f938dbf9 Add demo video for creating a Passkey 2026-03-18 14:48:00 +01:00
Stanko K.R. 1cf1f598e1 Require resident keys by default 2026-03-18 12:14:17 +01:00
Andy Smith 1e245fbe45 Add onboarding card 2026-03-18 12:04:30 +01:00
Stanko K.R. 017bcc9ce1 Polish up Passkey interface
- Fix indentation
- Split awkward initializer into separate methods
- Rename credentials to passkeys
- Simplify authenticator registry loading
- Flatten nested errors under ActionPack::WebAuthn
- Set passkey current params only requests that use it
- Inline anemic methods
- Replace custom validation with ActiveModel::Validation
- Rename identity to holder in Passkey
- Rename credentials to passkeys in JS
- Extract framework library out of controllers
- Pass params hashes down to ActionPack
- Attempt to simplify public interface
- Push data decoding down to the classes representing the data
- Introduce has_passkeys
- Add CBOR bigint support
- Rename ActionPack::WebAuthn::Passkey to ActionPack::Passkey
- Add create_passkey_button helper
- Rename public-key to creation-options
- Add sign_in_with_passkey_button helper
- Dispatch events for the whole Passkey lifecycle
- Add ED25519 support
- Prevent crash on missing meta tag
- Validate resident key options
- Don't clobber existing ActionPack config options
- Validate cryptographic params
- Move CurrentWebAuthnRequest into ActionPack::Passkey
- Use ActiveModel::Attributes for Options objects
- Implement expiring challanges
- Add lifecycle events
- Extract param helpers into Request
- Add passkey_creation_options and passkey_request_options helpers
- Add create_passkey_challenge to make it easier to override the create method if needed
- Prefix all view helpers with passkey_
- Auto-include ActionPack::Passkey::Holder
- Make the passkey challange url configurable
- Add a reminder about Passkeys to the magic link email
2026-03-18 11:51:10 +01:00
Andy Smith f4fbe17b22 Nicer passkey styles 2026-03-18 11:51:09 +01:00
Andy Smith ee7fc3495d Move passkeys button below profile area 2026-03-18 11:51:09 +01:00
Stanko K.R. fbe9252db1 Auto-suggest name for new Passkeys
- Use plain client data json everywhere
- Expose AAGUID and backed_up on Credentials
- Make attestation verifiers configurable
- Auto-suggest names for passkeys and show icons
2026-03-18 11:49:59 +01:00
Stanko K.R. b23660d897 Fix --tailscale not printing hostname 2026-03-18 11:49:59 +01:00
Stanko K.R. da69039476 Implement Passkey authentication 2026-03-18 11:49:23 +01:00
Andy Smith 70c19e4881 Style polish 2026-03-18 11:49:23 +01:00
Stanko K.R. 6c58fd9bdd Implement Passkey registration
- Create Identity credentials
- Add management UI and registration flow
2026-03-18 11:48:52 +01:00
Stanko K.R. 4bb0a2929c Implement WebAuthn protocol
- Add a CBOR decoder
- Add public key credential options
- Add COSE key decoder
- Add authenticator attestation and assertion
- Add credentials
- Add exclude_credentials
2026-03-18 11:47:48 +01:00
Mike Dalessio ba6fc495da ci: fix bin/bundle-drift forward to support native gems (#2723)
See #2704 where only the ruby platform gem for thruster was replaced.
2026-03-17 22:29:47 -04:00
Mike Dalessio fd7986391d Merge pull request #2722 from basecamp/flavorjones/gemfile-lock-drift
dep: fix Gemfile.saas gemfile drift
2026-03-17 22:14:48 -04:00
Mike Dalessio 06735bb991 dep: fix Gemfile.saas gemfile drift 2026-03-17 22:09:48 -04:00
Mike Dalessio 7fec94449f Merge pull request #2721 from basecamp/flavorjones/dep-update-sqlite3-2.9.2
dep: update sqlite3 to 2.9.2
2026-03-17 22:02:24 -04:00
Mike Dalessio 806f5ca0dd Merge pull request #2704 from basecamp/dependabot/bundler/thruster-0.1.19
Bump thruster from 0.1.18 to 0.1.19
2026-03-17 22:01:03 -04:00
Mike Dalessio 801b10eb05 Merge pull request #2705 from basecamp/dependabot/bundler/aws-sdk-s3-1.215.0
Bump aws-sdk-s3 from 1.213.0 to 1.215.0
2026-03-17 22:00:29 -04:00
Mike Dalessio c62be7afde dep: update sqlite3 to 2.9.2 2026-03-17 21:59:09 -04:00
Mike Dalessio 50d067fec9 Merge pull request #2702 from basecamp/dependabot/bundler/development-dependencies-aa185b57ca
Bump faker from 3.6.0 to 3.6.1 in the development-dependencies group
2026-03-17 21:55:16 -04:00
Mike Dalessio 4cf7ad5e3e Merge pull request #2697 from basecamp/dependabot/bundler/action_text-trix-2.1.17
Bump action_text-trix from 2.1.16 to 2.1.17
2026-03-17 21:54:05 -04:00
Mike Dalessio 3bf2f17e2b Merge pull request #2720 from basecamp/dependabot/github_actions/github-actions-ce779b418e
Bump the github-actions group with 4 updates
2026-03-17 21:51:45 -04:00
dependabot[bot] 66c22f4636 Bump the github-actions group with 4 updates
Bumps the github-actions group with 4 updates: [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action), [docker/login-action](https://github.com/docker/login-action), [docker/metadata-action](https://github.com/docker/metadata-action) and [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/8d2750c68a42422c14e847fe6c8ac0403b4cbd6f...4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd)

Updates `docker/login-action` from 3.7.0 to 4.0.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/c94ce9fb468520275223c153574b00df6fe4bcc9...b45d80f862d83dbcd57f89517bcf500b2ab88fb2)

Updates `docker/metadata-action` from 5.10.0 to 6.0.0
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/c299e40c65443455700f0fdfc63efafe5b349051...030e881283bb7a6894de51c315a6bfe6a94e05cf)

Updates `docker/build-push-action` from 6.19.2 to 7.0.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/10e90e3645eae34f1e60eeb005ba3a3d33f178e8...d08e5c354a6adb9ed34480a06d141179aa583294)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: docker/login-action
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: docker/metadata-action
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: docker/build-push-action
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-18 01:45:09 +00:00
Mike Dalessio 01d1af9f9c Merge pull request #2645 from basecamp/flavorjones/harden-github-actions
ci: harden GitHub Actions workflows
2026-03-17 21:43:28 -04:00
Mike Dalessio e518d638f2 ci: suppress dependabot-execution warning in dependabot config 2026-03-17 18:27:45 -04:00
Mike Dalessio fa12aca387 ci: update pinned github versions (minor bump) 2026-03-17 18:08:11 -04:00
Mike Dalessio 58f94b0cc1 ci: add job to lint github actions
using zizmor
2026-03-17 18:08:09 -04:00
Mike Dalessio dd7f7005b2 ci: fix template injection by passing tags through env vars 2026-03-17 17:57:34 -04:00
Mike Dalessio bc6703b0df ci: disable credential persistence after checkout
suppress artipacked warning in dependabot lockfile sync workflow
2026-03-17 17:57:34 -04:00
Mike Dalessio 310e271908 ci: suppress zizmor secrets-outside-env in test workflow 2026-03-17 17:57:34 -04:00
Mike Dalessio b6e00b77e3 ci: scope permissions to jobs in publish-image workflow 2026-03-17 17:57:32 -04:00
Mike Dalessio 99e683125b ci: batch github actions dependabot updates into a single PR 2026-03-17 17:39:54 -04:00
Mike Dalessio 463f289072 ci: pin github actions
using `pinact`
2026-03-17 17:19:37 -04:00
Mike Dalessio 3e1b22632b Merge pull request #2719 from basecamp/fix-card-view-m-hotkey
Fix card view M hotkey using stale user from fragment cache
2026-03-17 14:54:23 -04:00
Mike Dalessio 7f65f4aabd Fix card view "M" hotkey using stale user from fragment cache
The hidden "Assign to me" button on the card detail view baked
Current.user.id into the form action at render time. When served from
fragment cache, a stale user ID could be embedded, assigning cards to
the wrong person.

Switch to card_self_assignment_path which resolves the current user at
request time via SelfAssignmentsController, matching the fix already
applied to the board view in 2527f073.

ref: https://app.fizzy.do/5986089/cards/3722
2026-03-17 14:43:05 -04:00
Jorge Manrubia 22f46e73c9 Merge pull request #2715 from basecamp/revert-2713-add-storage-limit-notice
Revert "Add 1GB storage cap with self-host notice"
2026-03-17 17:51:21 +01:00
Jorge Manrubia 0be8041953 Revert "Add 1GB storage cap with self-host notice" 2026-03-17 17:51:07 +01:00
Jorge Manrubia 0b0f1c4891 Merge pull request #2713 from basecamp/add-storage-limit-notice
Add 1GB storage cap with self-host notice
2026-03-17 17:45:20 +01:00
Mike Dalessio c29e785fc1 Merge pull request #2708 from basecamp/dep-lexxy-082
Configure Lexxy to add extra spacing between block elements
2026-03-17 12:42:17 -04:00
Andy Smith b5b3d1cd37 Style messages for account limits 2026-03-17 11:33:49 -05:00
Jay Ohms 096af59f8f Merge pull request #2714 from basecamp/mobile/application-bridge-components
Apply Hotwire Native bridge attributes to the `<body>` element from the user-agent
2026-03-17 12:26:23 -04:00