Commit Graph

490 Commits

Author SHA1 Message Date
Stanko Krtalić dac4d9233c Merge pull request #2741 from basecamp/dependabot/bundler/aws-sdk-s3-1.216.0
Bump aws-sdk-s3 from 1.215.0 to 1.216.0
2026-03-25 17:28:50 +01:00
Stanko Krtalić 70c08877b7 Merge pull request #2735 from basecamp/dependabot/bundler/bcrypt-3.1.22
Bump bcrypt from 3.1.21 to 3.1.22
2026-03-25 17:23:26 +01:00
dependabot[bot] 4f0a51785e Bump aws-sdk-s3 from 1.215.0 to 1.216.0
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.215.0 to 1.216.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-version: 1.216.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-20 20:24:17 +00:00
Jorge Manrubia 8c46ff52b4 Bump Lexxy to 0.9.0.beta (#2739) 2026-03-20 17:37:09 +01:00
dependabot[bot] a0c0fd3b1f Bump bcrypt from 3.1.21 to 3.1.22
Bumps [bcrypt](https://github.com/bcrypt-ruby/bcrypt-ruby) from 3.1.21 to 3.1.22.
- [Release notes](https://github.com/bcrypt-ruby/bcrypt-ruby/releases)
- [Changelog](https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG)
- [Commits](https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22)

---
updated-dependencies:
- dependency-name: bcrypt
  dependency-version: 3.1.22
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-19 18:57:58 +00:00
dependabot[bot] 6538cf80a9 Bump json from 2.19.1 to 2.19.2 (#2730)
* Bump json from 2.19.1 to 2.19.2

Bumps [json](https://github.com/ruby/json) from 2.19.1 to 2.19.2.
- [Release notes](https://github.com/ruby/json/releases)
- [Changelog](https://github.com/ruby/json/blob/master/CHANGES.md)
- [Commits](https://github.com/ruby/json/compare/v2.19.1...v2.19.2)

---
updated-dependencies:
- dependency-name: json
  dependency-version: 2.19.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* Sync Gemfile.saas.lock

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-03-19 09:35:47 -07:00
Mike Dalessio 7fec94449f Merge pull request #2721 from basecamp/flavorjones/dep-update-sqlite3-2.9.2
dep: update sqlite3 to 2.9.2
2026-03-17 22:02:24 -04:00
Mike Dalessio 806f5ca0dd Merge pull request #2704 from basecamp/dependabot/bundler/thruster-0.1.19
Bump thruster from 0.1.18 to 0.1.19
2026-03-17 22:01:03 -04:00
Mike Dalessio 801b10eb05 Merge pull request #2705 from basecamp/dependabot/bundler/aws-sdk-s3-1.215.0
Bump aws-sdk-s3 from 1.213.0 to 1.215.0
2026-03-17 22:00:29 -04:00
Mike Dalessio c62be7afde dep: update sqlite3 to 2.9.2 2026-03-17 21:59:09 -04:00
Mike Dalessio 50d067fec9 Merge pull request #2702 from basecamp/dependabot/bundler/development-dependencies-aa185b57ca
Bump faker from 3.6.0 to 3.6.1 in the development-dependencies group
2026-03-17 21:55:16 -04:00
Mike Dalessio 4cf7ad5e3e Merge pull request #2697 from basecamp/dependabot/bundler/action_text-trix-2.1.17
Bump action_text-trix from 2.1.16 to 2.1.17
2026-03-17 21:54:05 -04:00
Mike Dalessio 29a29094bd Configure Lexxy to add extra spacing between block elements
Updating Lexxy to v0.8.5 for the insert-markdown event.
2026-03-17 10:31:46 -04:00
dependabot[bot] 521b7ffb85 Bump aws-sdk-s3 from 1.213.0 to 1.215.0
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.213.0 to 1.215.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-version: 1.215.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-13 20:25:49 +00:00
dependabot[bot] b3fe9cba82 Bump thruster from 0.1.18 to 0.1.19
Bumps [thruster](https://github.com/basecamp/thruster) from 0.1.18 to 0.1.19.
- [Changelog](https://github.com/basecamp/thruster/blob/main/CHANGELOG.md)
- [Commits](https://github.com/basecamp/thruster/compare/v0.1.18...v0.1.19)

---
updated-dependencies:
- dependency-name: thruster
  dependency-version: 0.1.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-13 20:25:34 +00:00
dependabot[bot] e5fd8e30de Bump faker from 3.6.0 to 3.6.1 in the development-dependencies group
Bumps the development-dependencies group with 1 update: [faker](https://github.com/faker-ruby/faker).


Updates `faker` from 3.6.0 to 3.6.1
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v3.6.0...v3.6.1)

---
updated-dependencies:
- dependency-name: faker
  dependency-version: 3.6.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-13 20:24:36 +00:00
dependabot[bot] ad30df0ac5 Bump action_text-trix from 2.1.16 to 2.1.17
Bumps [action_text-trix](https://github.com/basecamp/trix) from 2.1.16 to 2.1.17.
- [Release notes](https://github.com/basecamp/trix/releases)
- [Commits](https://github.com/basecamp/trix/compare/v2.1.16...v2.1.17)

---
updated-dependencies:
- dependency-name: action_text-trix
  dependency-version: 2.1.17
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-12 17:35:54 +00:00
Mike Dalessio 3959d91148 Revert "Configure Lexxy to add extra spacing between block elements"
This reverts commit d6bf103efd.
2026-03-12 12:24:35 -04:00
Mike Dalessio d6bf103efd Configure Lexxy to add extra spacing between block elements
Updating Lexxy to v0.8.0 for the insert-markdown event.
2026-03-11 22:17:07 -04:00
Rosa Gutierrez 1855490f80 Revert CORS fetch mode for Active Storage
CORS mode doesn't work with redirect-based Active Storage URLs
when the storage bucket uses wildcard Access-Control-Allow-Origin.
Relying on maxEntries alone until specific origin CORS is available.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-10 10:20:54 +01:00
Rosa Gutierrez 67d629f722 Use CORS fetch mode for Active Storage to enable maxEntrySize checks
Otherwise, for resources like images loaded via <img> tags, the browser
sets `mode: "no-cors"` (as these aren't CORS requests), so the service
worker gets an opaque response even though the server sends CORS
headers.

We could upgrade all no-cors requests to cors mode, sending a `mode:
"cors"` request to a server that doesn't send CORS headers will fail
entirely: the `fetch` call throws a `TypeError` (network error), and the
browser blocks the response. So the resource wouldn't load at all, not
even as opaque. We wouldn't be able to cache it at all.

By opting in via `fetchOptions`, we can do it only for rules where we
know the server will send CORS headers.
2026-03-10 10:20:54 +01:00
Rosa Gutierrez de6d70cc2e Bump turbo-rails for Turbo.offline.clearCache()
Simplify the clear-offline-cache controller to use the new
Turbo.offline.clearCache() API instead of messaging the service
worker directly.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-10 10:20:54 +01:00
Rosa Gutierrez 089fcf94f8 Preload resources after service worker installation
When the service worker is registered for the first time, resources loaded
before it becomes active won't go through the service worker. These resources
may be served from the browser's HTTP cache on subsequent requests, bypassing
the service worker cache entirely.

The new `preload` option accepts a regex pattern. On first visit (when no
controller exists), it waits for the service worker to take control, then
sends a message with URLs from `performance.getEntriesByType("resource")`
that match the pattern. The service worker fetches and caches these resources.
2026-03-10 10:20:54 +01:00
Rosa Gutierrez 9b264483d1 Bump turbo-rails for cache size limits 2026-03-10 10:20:54 +01:00
Rosa Gutierrez 32134be882 Bump turbo-rails for network-first strategy fix on network error 2026-03-10 10:20:54 +01:00
Rosa Gutierrez 90d5a351f0 Bump turbo-rails for Range requests support
Cached video and audio files.
2026-03-10 10:20:54 +01:00
Rosa Gutierrez cf8d92afea Enable offline caching for all web users
Previously, offline caching was conditionally enabled only for Hotwire
Native apps. This removes that restriction and enables offline support
for all users, including PWAs and regular browsers.

This Uses the new `fetchOptions` support in `TurboOffline` handlers
to pass `cache: "no-cache"` for document fetches, which we need
to work around a quite annoying Safari PWA bug
(see https://github.com/basecamp/fizzy/pull/1014).

Also, simplify a bit the cache names and remove the `misc` one.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-03-10 10:20:54 +01:00
Rosa Gutierrez a949f1e3ae Clear offline cache when logging out
Adds a logout Stimulus controller that sends a message to the service
worker to clear all cached content when the user logs out. This ensures
that cached data from one user isn't accessible after logout.

The implementation:
- Adds logout_controller.js that posts { action: "clearCache" } to the
  service worker via postMessage
- Updates logout buttons to use the controller on form submission

Also fixes data-turbo placement: moved from button to form element where
it actually takes effect for disabling Turbo Drive form submissions.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-03-10 10:20:54 +01:00
Rosa Gutierrez ada4688c4e Take a first stab at offline mode support 2026-03-10 10:20:54 +01:00
Rosa Gutierrez 5d084a46ce Switch to turbo-rails version with offline mode support 2026-03-10 10:20:54 +01:00
dependabot[bot] 17112fa0ee Bump brakeman from 8.0.2 to 8.0.4 in the development-dependencies group (#2669)
* Bump brakeman from 8.0.2 to 8.0.4 in the development-dependencies group

Bumps the development-dependencies group with 1 update: [brakeman](https://github.com/presidentbeef/brakeman).


Updates `brakeman` from 8.0.2 to 8.0.4
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v8.0.2...v8.0.4)

---
updated-dependencies:
- dependency-name: brakeman
  dependency-version: 8.0.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* Sync Gemfile.saas.lock

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-03-09 08:58:36 -07:00
Kevin McConnell f6ed923e75 Merge pull request #2651 from basecamp/update-thruster-0.1.18
Update Thruster to v0.1.18
2026-03-03 13:41:23 +00:00
Kevin McConnell 6e3ee266ec Update Thruster to v0.1.18 2026-03-03 13:30:55 +00:00
Jorge Manrubia 4c2b6626e7 Revert "Bump thruster from 0.1.17 to 0.1.18"
This reverts commit a0dcc26cda.
2026-03-03 14:06:13 +01:00
Jorge Manrubia 8ae619891c Bump solid_queue from 1.3.1 to 1.3.2 and importmap-rails from 2.2.2 to 2.2.3 2026-03-03 14:01:36 +01:00
dependabot[bot] a0dcc26cda Bump thruster from 0.1.17 to 0.1.18
Bumps [thruster](https://github.com/basecamp/thruster) from 0.1.17 to 0.1.18.
- [Changelog](https://github.com/basecamp/thruster/blob/main/CHANGELOG.md)
- [Commits](https://github.com/basecamp/thruster/compare/v0.1.17...v0.1.18)

---
updated-dependencies:
- dependency-name: thruster
  dependency-version: 0.1.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-03 14:01:36 +01:00
Jorge Manrubia ea88e7f458 Revert "Bump thruster from 0.1.17 to 0.1.18"
This reverts commit a21e93611e.
2026-03-03 13:57:42 +01:00
Jorge Manrubia 41cc11d2c0 Revert "Bump solid_queue from 1.3.1 to 1.3.2 and importmap-rails from 2.2.2 to 2.2.3"
This reverts commit 14a57c2b90.
2026-03-03 13:57:12 +01:00
Jorge Manrubia 14a57c2b90 Bump solid_queue from 1.3.1 to 1.3.2 and importmap-rails from 2.2.2 to 2.2.3 2026-03-03 11:36:26 +01:00
Jorge Manrubia 991e31bd66 Merge pull request #2634 from basecamp/dependabot/bundler/stackprof-0.2.28
Bump stackprof from 0.2.27 to 0.2.28
2026-03-03 11:34:58 +01:00
Jorge Manrubia 6f33d09471 Merge pull request #2630 from basecamp/dependabot/bundler/thruster-0.1.18
Bump thruster from 0.1.17 to 0.1.18
2026-03-03 11:34:52 +01:00
dependabot[bot] 9128fb276b Bump the development-dependencies group with 2 updates (#2629)
* Bump the development-dependencies group with 2 updates

Bumps the development-dependencies group with 2 updates: [web-console](https://github.com/rails/web-console) and [selenium-webdriver](https://github.com/SeleniumHQ/selenium).


Updates `web-console` from `bdbb391` to `90e3474`
- [Release notes](https://github.com/rails/web-console/releases)
- [Commits](https://github.com/rails/web-console/compare/bdbb39114348b037a515b2ce75a47457b0e647d1...90e3474306f2367cfeaf2875e91e2bc2d71b5f0f)

Updates `selenium-webdriver` from 4.40.0 to 4.41.0
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.40.0...selenium-4.41.0)

---
updated-dependencies:
- dependency-name: web-console
  dependency-version: 90e3474306f2367cfeaf2875e91e2bc2d71b5f0f
  dependency-type: direct:development
  dependency-group: development-dependencies
- dependency-name: selenium-webdriver
  dependency-version: 4.41.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* Sync Gemfile.saas.lock

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-27 23:46:48 -08:00
dependabot[bot] a9c45c5979 Bump stackprof from 0.2.27 to 0.2.28
Bumps [stackprof](https://github.com/tmm1/stackprof) from 0.2.27 to 0.2.28.
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.27...v0.2.28)

---
updated-dependencies:
- dependency-name: stackprof
  dependency-version: 0.2.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-02-27 20:25:56 +00:00
dependabot[bot] a21e93611e Bump thruster from 0.1.17 to 0.1.18
Bumps [thruster](https://github.com/basecamp/thruster) from 0.1.17 to 0.1.18.
- [Changelog](https://github.com/basecamp/thruster/blob/main/CHANGELOG.md)
- [Commits](https://github.com/basecamp/thruster/compare/v0.1.17...v0.1.18)

---
updated-dependencies:
- dependency-name: thruster
  dependency-version: 0.1.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-02-27 20:24:45 +00:00
Rosa Gutierrez 34fd62faf1 Move devices table to saas database
Use ActionPushNative's new on_load hook to configure the database connection,
following the same pattern as Active Storage and Action Text:

  ActiveSupport.on_load(:action_push_native_record) do
    connects_to database: { writing: :saas, reading: :saas }
  end

This allows ApplicationPushDevice to inherit directly from ActionPushNative::Device
without needing an intermediate abstract class.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-25 19:31:13 +01:00
Samuel Péchèr 0038641ede Update Lexxy to 0.7.6.beta 2026-02-24 20:25:07 +00:00
dependabot[bot] 395cc06f5c Bump aws-sdk-s3 from 1.211.0 to 1.213.0 (#2502)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.211.0 to 1.213.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-version: 1.213.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 18:53:45 -05:00
dependabot[bot] b0b14ead28 Bump sqlite3 from 2.8.0 to 2.9.0 (#2386)
Bumps [sqlite3](https://github.com/sparklemotion/sqlite3-ruby) from 2.8.0 to 2.9.0.
- [Release notes](https://github.com/sparklemotion/sqlite3-ruby/releases)
- [Changelog](https://github.com/sparklemotion/sqlite3-ruby/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/sqlite3-ruby/compare/v2.8.0...v2.9.0)

---
updated-dependencies:
- dependency-name: sqlite3
  dependency-version: 2.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 18:48:52 -05:00
dependabot[bot] 3063a40f0f Bump trilogy from 2.9.0 to 2.10.0 (#2388)
Bumps [trilogy](https://github.com/trilogy-libraries/trilogy) from 2.9.0 to 2.10.0.
- [Release notes](https://github.com/trilogy-libraries/trilogy/releases)
- [Changelog](https://github.com/trilogy-libraries/trilogy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/trilogy-libraries/trilogy/compare/v2.9.0...v2.10.0)

---
updated-dependencies:
- dependency-name: trilogy
  dependency-version: 2.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 18:43:47 -05:00
dependabot[bot] 361d4a7a52 Bump solid_queue from 1.2.4 to 1.3.1 (#2425)
Bumps [solid_queue](https://github.com/rails/solid_queue) from 1.2.4 to 1.3.1.
- [Release notes](https://github.com/rails/solid_queue/releases)
- [Commits](https://github.com/rails/solid_queue/compare/v1.2.4...v1.3.1)

---
updated-dependencies:
- dependency-name: solid_queue
  dependency-version: 1.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 18:42:48 -05:00