Rosa Gutierrez
a949f1e3ae
Clear offline cache when logging out
...
Adds a logout Stimulus controller that sends a message to the service
worker to clear all cached content when the user logs out. This ensures
that cached data from one user isn't accessible after logout.
The implementation:
- Adds logout_controller.js that posts { action: "clearCache" } to the
service worker via postMessage
- Updates logout buttons to use the controller on form submission
Also fixes data-turbo placement: moved from button to form element where
it actually takes effect for disabling Turbo Drive form submissions.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-03-10 10:20:54 +01:00
Rosa Gutierrez
ada4688c4e
Take a first stab at offline mode support
2026-03-10 10:20:54 +01:00
Rosa Gutierrez
5d084a46ce
Switch to turbo-rails version with offline mode support
2026-03-10 10:20:54 +01:00
dependabot[bot]
17112fa0ee
Bump brakeman from 8.0.2 to 8.0.4 in the development-dependencies group ( #2669 )
...
* Bump brakeman from 8.0.2 to 8.0.4 in the development-dependencies group
Bumps the development-dependencies group with 1 update: [brakeman](https://github.com/presidentbeef/brakeman ).
Updates `brakeman` from 8.0.2 to 8.0.4
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v8.0.2...v8.0.4 )
---
updated-dependencies:
- dependency-name: brakeman
dependency-version: 8.0.4
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: development-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-03-09 08:58:36 -07:00
Kevin McConnell
f6ed923e75
Merge pull request #2651 from basecamp/update-thruster-0.1.18
...
Update Thruster to v0.1.18
2026-03-03 13:41:23 +00:00
Kevin McConnell
6e3ee266ec
Update Thruster to v0.1.18
2026-03-03 13:30:55 +00:00
Jorge Manrubia
4c2b6626e7
Revert "Bump thruster from 0.1.17 to 0.1.18"
...
This reverts commit a0dcc26cda .
2026-03-03 14:06:13 +01:00
Jorge Manrubia
8ae619891c
Bump solid_queue from 1.3.1 to 1.3.2 and importmap-rails from 2.2.2 to 2.2.3
2026-03-03 14:01:36 +01:00
dependabot[bot]
a0dcc26cda
Bump thruster from 0.1.17 to 0.1.18
...
Bumps [thruster](https://github.com/basecamp/thruster ) from 0.1.17 to 0.1.18.
- [Changelog](https://github.com/basecamp/thruster/blob/main/CHANGELOG.md )
- [Commits](https://github.com/basecamp/thruster/compare/v0.1.17...v0.1.18 )
---
updated-dependencies:
- dependency-name: thruster
dependency-version: 0.1.18
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-03 14:01:36 +01:00
Jorge Manrubia
ea88e7f458
Revert "Bump thruster from 0.1.17 to 0.1.18"
...
This reverts commit a21e93611e .
2026-03-03 13:57:42 +01:00
Jorge Manrubia
41cc11d2c0
Revert "Bump solid_queue from 1.3.1 to 1.3.2 and importmap-rails from 2.2.2 to 2.2.3"
...
This reverts commit 14a57c2b90 .
2026-03-03 13:57:12 +01:00
Jorge Manrubia
14a57c2b90
Bump solid_queue from 1.3.1 to 1.3.2 and importmap-rails from 2.2.2 to 2.2.3
2026-03-03 11:36:26 +01:00
Jorge Manrubia
991e31bd66
Merge pull request #2634 from basecamp/dependabot/bundler/stackprof-0.2.28
...
Bump stackprof from 0.2.27 to 0.2.28
2026-03-03 11:34:58 +01:00
Jorge Manrubia
6f33d09471
Merge pull request #2630 from basecamp/dependabot/bundler/thruster-0.1.18
...
Bump thruster from 0.1.17 to 0.1.18
2026-03-03 11:34:52 +01:00
dependabot[bot]
9128fb276b
Bump the development-dependencies group with 2 updates ( #2629 )
...
* Bump the development-dependencies group with 2 updates
Bumps the development-dependencies group with 2 updates: [web-console](https://github.com/rails/web-console ) and [selenium-webdriver](https://github.com/SeleniumHQ/selenium ).
Updates `web-console` from `bdbb391` to `90e3474`
- [Release notes](https://github.com/rails/web-console/releases )
- [Commits](https://github.com/rails/web-console/compare/bdbb39114348b037a515b2ce75a47457b0e647d1...90e3474306f2367cfeaf2875e91e2bc2d71b5f0f )
Updates `selenium-webdriver` from 4.40.0 to 4.41.0
- [Release notes](https://github.com/SeleniumHQ/selenium/releases )
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES )
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.40.0...selenium-4.41.0 )
---
updated-dependencies:
- dependency-name: web-console
dependency-version: 90e3474306f2367cfeaf2875e91e2bc2d71b5f0f
dependency-type: direct:development
dependency-group: development-dependencies
- dependency-name: selenium-webdriver
dependency-version: 4.41.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: development-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-27 23:46:48 -08:00
dependabot[bot]
a9c45c5979
Bump stackprof from 0.2.27 to 0.2.28
...
Bumps [stackprof](https://github.com/tmm1/stackprof ) from 0.2.27 to 0.2.28.
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md )
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.27...v0.2.28 )
---
updated-dependencies:
- dependency-name: stackprof
dependency-version: 0.2.28
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-27 20:25:56 +00:00
dependabot[bot]
a21e93611e
Bump thruster from 0.1.17 to 0.1.18
...
Bumps [thruster](https://github.com/basecamp/thruster ) from 0.1.17 to 0.1.18.
- [Changelog](https://github.com/basecamp/thruster/blob/main/CHANGELOG.md )
- [Commits](https://github.com/basecamp/thruster/compare/v0.1.17...v0.1.18 )
---
updated-dependencies:
- dependency-name: thruster
dependency-version: 0.1.18
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-27 20:24:45 +00:00
Rosa Gutierrez
34fd62faf1
Move devices table to saas database
...
Use ActionPushNative's new on_load hook to configure the database connection,
following the same pattern as Active Storage and Action Text:
ActiveSupport.on_load(:action_push_native_record) do
connects_to database: { writing: :saas, reading: :saas }
end
This allows ApplicationPushDevice to inherit directly from ActionPushNative::Device
without needing an intermediate abstract class.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-02-25 19:31:13 +01:00
Samuel Péchèr
0038641ede
Update Lexxy to 0.7.6.beta
2026-02-24 20:25:07 +00:00
dependabot[bot]
395cc06f5c
Bump aws-sdk-s3 from 1.211.0 to 1.213.0 ( #2502 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.211.0 to 1.213.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
dependency-version: 1.213.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 18:53:45 -05:00
dependabot[bot]
b0b14ead28
Bump sqlite3 from 2.8.0 to 2.9.0 ( #2386 )
...
Bumps [sqlite3](https://github.com/sparklemotion/sqlite3-ruby ) from 2.8.0 to 2.9.0.
- [Release notes](https://github.com/sparklemotion/sqlite3-ruby/releases )
- [Changelog](https://github.com/sparklemotion/sqlite3-ruby/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/sqlite3-ruby/compare/v2.8.0...v2.9.0 )
---
updated-dependencies:
- dependency-name: sqlite3
dependency-version: 2.9.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 18:48:52 -05:00
dependabot[bot]
3063a40f0f
Bump trilogy from 2.9.0 to 2.10.0 ( #2388 )
...
Bumps [trilogy](https://github.com/trilogy-libraries/trilogy ) from 2.9.0 to 2.10.0.
- [Release notes](https://github.com/trilogy-libraries/trilogy/releases )
- [Changelog](https://github.com/trilogy-libraries/trilogy/blob/main/CHANGELOG.md )
- [Commits](https://github.com/trilogy-libraries/trilogy/compare/v2.9.0...v2.10.0 )
---
updated-dependencies:
- dependency-name: trilogy
dependency-version: 2.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 18:43:47 -05:00
dependabot[bot]
361d4a7a52
Bump solid_queue from 1.2.4 to 1.3.1 ( #2425 )
...
Bumps [solid_queue](https://github.com/rails/solid_queue ) from 1.2.4 to 1.3.1.
- [Release notes](https://github.com/rails/solid_queue/releases )
- [Commits](https://github.com/rails/solid_queue/compare/v1.2.4...v1.3.1 )
---
updated-dependencies:
- dependency-name: solid_queue
dependency-version: 1.3.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 18:42:48 -05:00
dependabot[bot]
6f99e43f5b
Bump puma from 7.1.0 to 7.2.0 ( #2462 )
...
* Bump puma from 7.1.0 to 7.2.0
Bumps [puma](https://github.com/puma/puma ) from 7.1.0 to 7.2.0.
- [Release notes](https://github.com/puma/puma/releases )
- [Changelog](https://github.com/puma/puma/blob/main/History.md )
- [Commits](https://github.com/puma/puma/compare/v7.1.0...v7.2.0 )
---
updated-dependencies:
- dependency-name: puma
dependency-version: 7.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-23 17:25:30 -05:00
dependabot[bot]
85bb2aa1fa
Bump turbo-rails from 2.0.21 to 2.0.23 ( #2501 )
...
* Bump turbo-rails from 2.0.21 to 2.0.23
Bumps [turbo-rails](https://github.com/hotwired/turbo-rails ) from 2.0.21 to 2.0.23.
- [Release notes](https://github.com/hotwired/turbo-rails/releases )
- [Commits](https://github.com/hotwired/turbo-rails/compare/v2.0.21...v2.0.23 )
---
updated-dependencies:
- dependency-name: turbo-rails
dependency-version: 2.0.23
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-23 17:09:22 -05:00
dependabot[bot]
446640b8e9
Bump the development-dependencies group with 2 updates ( #2588 )
...
* Bump the development-dependencies group with 2 updates
Bumps the development-dependencies group with 2 updates: [brakeman](https://github.com/presidentbeef/brakeman ) and [mocha](https://github.com/freerange/mocha ).
Updates `brakeman` from 8.0.1 to 8.0.2
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v8.0.1...v8.0.2 )
Updates `mocha` from 3.0.1 to 3.0.2
- [Changelog](https://github.com/freerange/mocha/blob/main/RELEASE.md )
- [Commits](https://github.com/freerange/mocha/compare/v3.0.1...v3.0.2 )
---
updated-dependencies:
- dependency-name: brakeman
dependency-version: 8.0.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: development-dependencies
- dependency-name: mocha
dependency-version: 3.0.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: development-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-23 16:41:44 -05:00
dependabot[bot]
d8908c4b92
Bump bootsnap from 1.22.0 to 1.23.0 ( #2589 )
...
* Bump bootsnap from 1.22.0 to 1.23.0
Bumps [bootsnap](https://github.com/rails/bootsnap ) from 1.22.0 to 1.23.0.
- [Release notes](https://github.com/rails/bootsnap/releases )
- [Changelog](https://github.com/rails/bootsnap/blob/main/CHANGELOG.md )
- [Commits](https://github.com/rails/bootsnap/compare/v1.22.0...v1.23.0 )
---
updated-dependencies:
- dependency-name: bootsnap
dependency-version: 1.23.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-23 16:41:17 -05:00
Mike Dalessio
3b229e9aab
Pin web-console to GitHub main for Rails compatibility
...
web-console 4.2.1 overrides the now-renamed filter_proxies method in
ActionDispatch::RemoteIp::GetIp. The fix (rails/web-console#344 ) is on
main but not yet released.
2026-02-18 15:16:21 -05:00
Mike Dalessio
41c2bd38af
Update Rails to 12e24ea (363 commits past 60d92e4)
...
Also updates transitive dependencies:
- action_text-trix ~> 2.1.15 → ~> 2.1.16
- irb 1.16.0 → 1.17.0
- json 2.18.0 → 2.18.1
- net-imap 0.6.2 → 0.6.3
- nokogiri 1.19.0 → 1.19.1
- prism 1.8.0 → 1.9.0
- rack 3.2.4 → 3.2.5
- rdoc 7.0.3 → 7.2.0
2026-02-18 13:37:13 -05:00
dependabot[bot]
38ff89de09
Bump bootsnap from 1.21.1 to 1.22.0 ( #2544 )
...
* Bump bootsnap from 1.21.1 to 1.22.0
Bumps [bootsnap](https://github.com/rails/bootsnap ) from 1.21.1 to 1.22.0.
- [Release notes](https://github.com/rails/bootsnap/releases )
- [Changelog](https://github.com/rails/bootsnap/blob/main/CHANGELOG.md )
- [Commits](https://github.com/rails/bootsnap/compare/v1.21.1...v1.22.0 )
---
updated-dependencies:
- dependency-name: bootsnap
dependency-version: 1.22.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-16 16:09:22 -08:00
dependabot[bot]
0ead67f85b
Bump the development-dependencies group across 1 directory with 3 updates ( #2546 )
...
* Bump the development-dependencies group across 1 directory with 3 updates
Bumps the development-dependencies group with 3 updates in the / directory: [brakeman](https://github.com/presidentbeef/brakeman ), [faker](https://github.com/faker-ruby/faker ) and [selenium-webdriver](https://github.com/SeleniumHQ/selenium ).
Updates `brakeman` from 7.1.2 to 8.0.1
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v7.1.2...v8.0.1 )
Updates `faker` from 3.5.3 to 3.6.0
- [Release notes](https://github.com/faker-ruby/faker/releases )
- [Changelog](https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md )
- [Commits](https://github.com/faker-ruby/faker/compare/v3.5.3...v3.6.0 )
Updates `selenium-webdriver` from 4.39.0 to 4.40.0
- [Release notes](https://github.com/SeleniumHQ/selenium/releases )
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES )
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.39.0...selenium-4.40.0 )
---
updated-dependencies:
- dependency-name: brakeman
dependency-version: 8.0.1
dependency-type: direct:development
update-type: version-update:semver-major
dependency-group: development-dependencies
- dependency-name: faker
dependency-version: 3.6.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: development-dependencies
- dependency-name: selenium-webdriver
dependency-version: 4.40.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: development-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
* Auto-sync Gemfile.saas.lock on Dependabot PRs
Dependabot can't update custom-named Gemfiles, so Gemfile.saas.lock
drifts whenever it bumps shared gems in Gemfile.lock.
Add `bin/bundle-drift forward` to push oss lockfile changes into the
saas lockfile (the reverse of `correct`), and a GitHub Actions workflow
that runs it automatically on Dependabot bundler branches.
* Update brakeman ignore fingerprint for 8.0.1
Brakeman 8.0.1 changed how it computes warning fingerprints, so the
existing ignore entry for the safe_constantize warning in Notifier
became obsolete. Update to the new fingerprint.
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jeremy Daer <jeremy@37signals.com >
2026-02-16 15:29:51 -08:00
Mike Dalessio
851f13a934
Render inline code in card titles ( #2518 )
...
* Remove unused marked JS dependency
* Remove unused redcarpet dependency
* Render inline code in card titles
Add card_html_title helper that HTML-escapes input then converts
backtick-wrapped text to <code> elements. Apply to card titles in
board preview, card detail, public views, and notification emails.
Style inline code elements in titles to match description styling.
Co-authored-by: Andy Smith <andy@37signals.com >
---------
Co-authored-by: Andy Smith <andy@37signals.com >
2026-02-12 12:07:40 -05:00
Donal McBreen
1506624cd3
Add stackprof for profiling
...
So you can do something like this:
```ruby
require "stackprof"
report = StackProf.run(mode: :wall, interval: 100) do
Account.find_by(external_account_id: 123)
end
StackProf::Report.new(report).print_text
```
2026-02-12 15:42:50 +00:00
Zoltan Hosszu
2ee745cf82
Lexxy version bump
2026-02-12 09:54:20 +01:00
Stanko K.R.
992f15066b
Replace RubyZip with ZipKit
...
ZipKit can read and write files directly from S3 which makes both imports and exports way more efficient in terms of disk usage.
2026-02-02 12:36:48 +01:00
Rosa Gutierrez
1083784a98
Update turbo-rails to get latest Turbo version
...
In preparation for offline mode.
2026-01-19 19:40:08 +01:00
Stanko K.R.
a811ba1b2a
Bump Bootsnap to v1.21.1
2026-01-16 14:26:46 +01:00
Jorge Manrubia
af9f53d82d
Update lexxy to latest
2026-01-15 16:38:07 +01:00
Zoltan Hosszu
43fa7fb6aa
Update to Lexxy 0.7.0beta
2026-01-15 16:34:56 +01:00
Jorge Manrubia
ce1c04803e
Update to latest Lexxy
2026-01-15 16:34:56 +01:00
Stanko K.R.
f6557856f7
Update runtime dependencies
...
Updated kamal, bootsnap, rqrcode, net-http-persistent, web-push, aws-sdk-s3, bcrypt & rouge
2026-01-13 12:03:43 +01:00
Stanko K.R.
40a5d6211e
Update development dependencies
2026-01-13 11:52:10 +01:00
Rosa Gutierrez
182d36aee9
Update Rails
2026-01-02 18:56:28 +01:00
Stanko K.R.
6be2f94581
Update aws-sdk-s3
...
Fixes a security warning raised by gem audit
2025-12-19 19:09:40 +01:00
Jorge Manrubia
3c078ae078
Merge pull request #2145 from bslobodin/bs-intel-mac
...
Update `Gemfile.lock` after `bin/setup` on Intel-based mac
2025-12-19 11:27:50 +01:00
Robin Brandt
dddaf861d4
Bump mittens gem to support build on FreeBSD ( #2196 )
2025-12-18 10:56:24 -08:00
Boris Slobodin
5fb1f6feb4
update Gemfile.lock after bin/setup on intel mac
2025-12-18 09:08:34 -05:00
Kevin McConnell
14f337739d
Update Thruster
2025-12-16 13:28:49 +00:00
Jorge Manrubia
2e66fdff4a
Update lexxy to bring fixes from https://github.com/basecamp/lexxy/releases/tag/v0.1.24.beta
2025-12-14 18:53:23 +01:00
Jeremy Daer
586015c3f9
Bundle drift detection and correction ( #2101 )
...
Gemfile.saas evals Gemfile, so shared gems should have identical versions
in both lockfiles. This adds bin/bundle-drift to detect and fix drift:
* `bin/bundle-drift check` compares shared gem versions
* `bin/bundle-drift correct` seeds Gemfile.lock from Gemfile.saas.lock
and re-locks, letting Bundler prune SaaS-only gems while preserving
shared versions
Adds drift check to bin/ci and GitHub CI. Corrects existing drift.
2025-12-11 21:32:34 -08:00