* main:
Use decimals for ordered lists
Update cached fragments
Revert "Merge pull request #1865 from basecamp/public-avatar-caching"
Show only public cards on public boards
Swap order of avatar links
Limit length of full name during signup
Make layout bulletproof
Serve own avatar from its own endpoint
If we don't validate for length, then signups that overflow the database
columns will unnecessarily create and cancel a tenant. Adding a
validation means we can avoid this.
* main: (119 commits)
Bust comment view cache
Update lexxy to bring fixes from https://github.com/basecamp/lexxy/releases/tag/v0.1.24.beta
Fix unexpected remove empty line from README
Lightbox uses Stimulus target callbacks instead of data-action
Add test coverage for the image lightbox
Add tests for tenancy middleware and timezone cookie
Refactor: Simplify TimeWindowParser using Rails convenience methods
SMTP: support SMTPS on port 465 (#2132)
Bump fizzy-saas to retain fewer docker images (#2134)
Add test coverage for with_golden_first scope (#2130)
Refactor: improve query scope composition with merge syntax (#2131)
Validate avatar sizes
Introduce Vips configuration
Tailscale serve support (#2126)
Update tests with final method naming: record! -> record
CSP config to allow Minio in development
Update fizzy-saas to get employee restriction in staging
Drop staff restriction in beta and staging
Unused
Use new FIZZY_GH_TOKEN with limited access
...
Remove data-action from the sanitizer allowlist to disallow injection
of potentially malicious Stimulus actions in user-provided
content. The lightbox controller now uses imageTarget callbacks to
handle clicks on image links.
Also add the file name as a caption in the light box, and fix the
caption color for dark mode visibility.
To avoid any visual flashes of the old theme before the Stimulus
controllers load, we can apply the saved theme from `<head>` whenever
there is a full page load.
This applies to both the regular and public views, as we're doing it in
the shared head partial.
Adds `closed` field to card JSON response, allowing API consumers
to detect closed status without parsing the status enum or making
additional API calls.
This allows us to have different cache controls depending on whether
you're viewing your own avatar, or someone else's. Your own avatar will
always be fresh, while other folks' avatars can be pulled from the CDN.
* main: (117 commits)
Explain that the upload URL is account-scope
Allow direct uploads via API
Storage: ignore jobs for now-deleted targets
API: Support `created_at` for API card and comment creation (#2056)
Enforce CSP (#2070)
CSP: full config with env vars per source (#2069)
Speedy, auditable, deadlock-resistant storage tracking (#2026)
Gitleaks: ignore legit non-sensitive API keys and tokens in docs/ and test/ (#2068)
Get gitleaks-audit green again
Bump actions/checkout from 4 to 6 (#2047)
Bump docker/login-action from 3.5.0 to 3.6.0 (#2046)
Bump docker/metadata-action from 5.8.0 to 5.10.0 (#2045)
Bump sigstore/cosign-installer from 3.9.2 to 4.0.0 (#2044)
make MySQL SSL mode configurable via env var (#2036)
Update tip text for turning a card into a Golden Ticket
Revert "Fix Lexxy prompt list padding by lowering rich-text specificity"
Fix Lexxy prompt list padding by lowering rich-text specificity
Improve phrasing
Fix crash due to missing partial
Fix status and filter mistakes
...