Commit Graph

399 Commits

Author SHA1 Message Date
Jason Zimdars 4276aad5a7 Mark notifications as unread from the index 2025-07-23 17:01:59 -05:00
Jason Zimdars 8f154b36c0 Add vapid keys for remaining environments 2025-07-23 12:31:23 -05:00
Jason Zimdars dfb6198e94 Merge branch 'main' into web-push
* main: (50 commits)
  Regenerate fixtures
  Let summaries know about collections
  Regenerate fixtures
  More tweaks
  Regenerate fixtures after tweaking prompt
  Fix model selection (I had broken it!)
  Some prompt refinements
  Some of us have basecamp.com email addresses
  Update nokogiri and thor to addres CVEs
  Fix tests
  Format
  Move model options to helper
  Tidy up the admin tool for prompts
  Extract methods
  Format
  Default to the current summary
  Make models selectable
  Add an animated effect for the generating state
  Remove debug
  Wrap them both in the container so the generating state looks right
  ...
2025-07-23 11:50:35 -05:00
Jorge Manrubia 7e5bdf59ec Prefer sandbox over debug for the resource name 2025-07-22 15:57:12 +02:00
Jorge Manrubia 6d26195bc7 Add a debug prompt endpoint so that we can play with the prompts live 2025-07-22 14:33:34 +02:00
Jorge Manrubia 7cd459f2b8 AI Summaries: basic abstractions, functional version 2025-07-22 11:57:39 +02:00
Jason Zimdars 0afc738d19 Whitespace 2025-07-21 20:11:03 -05:00
Jason Zimdars a6e9e51071 Merge branch 'main' into web-push
* main: (28 commits)
  Clean up the /scripts directory
  Prevent recursion when invoking AI
  Bump sqlite3 from 2.7.2 to 2.7.3
  Port over Jeremy's fix for slow uploads
  .gitignore log files and portfolio's local storage
  Drop Current.account and just use Account.sole
  Use the utf8-patched mysql driver
  Call blob.preview for previewable attachments
  Make sure the image variants we use are preprocessed
  Add /user command
  Make sure it doesn't infer custom abbreviations when matching user names
  Script to load prod db in development
  Update Signup to use the queenbee_id for the tenant name
  Bump cache version
  Make sure it uses latest bundler to prevent error due to mismatch
  Invalidate cache
  Update ruby
  Update bundler to prevent error on lower version
  Update bundler to prevent error on lower version
  Resolve stages
  ...
2025-07-21 11:03:56 -05:00
Mike Dalessio ef6198d394 Make sure the image variants we use are preprocessed
to avoid implicitly creating a variant during a GET to a read replica,
which will raise an exception and cause the image to fail to load.

This feels pretty brittle, to be honest, and we'll need to be careful
in the future about creating and using new variants; we will probably
need to backfill the new variant for existing images because we can't
guarantee that they will be created implicitly/lazily if the GET lands
on the replica.

ref: https://fizzy.37signals.com/5986089/collections/7/cards/942
2025-07-18 15:43:31 -04:00
Jorge Manrubia 30b6adcd1c Update brakeman 2025-07-18 10:57:13 +02:00
Jorge Manrubia 61dc39d158 Use mini which works much better 2025-07-18 05:11:19 +02:00
Jason Zimdars c4d9918a82 Regenerate keys
I think I accidentally switched the public and private keys the first time around
2025-07-15 17:58:57 -05:00
Jason Zimdars 47324eb45a Fix routes to manifest and service-worker, rename controller 2025-07-15 16:42:47 -05:00
Jason Zimdars 8f47db3ced Add service worker and subscriptions controllers 2025-07-15 15:22:32 -05:00
Jason Zimdars e59a994a0c Add db table and models 2025-07-14 19:57:30 -05:00
Jason Zimdars e77710c6b6 Cards inherit their collection's publication status 2025-07-09 10:08:47 -05:00
Farah Schüller 651d914de6 Move to internal registry 2025-07-08 17:21:02 +02:00
Mike Dalessio 05984845ca Change Active Storage account slug extension to a to_prepare block
because it was breaking in development after a reload.
2025-07-03 19:01:03 -04:00
Jorge Manrubia bd7b9a442e Merge branch 'main' into fizzy-do-prompts
* main: (57 commits)
  Untenanted access in authenticated controllers should request auth
  dep: bundle update
  dep: update Rails
  dep: bump AR::Tenanted
  Clean up the cable meta tag
  Fix activity feed pagination to fetch on demand
  Create a "published" event if a card is created published
  Scatter Honcho seeds over a 30 day period
  Fix the PWA manifest to use slugged URLs
  Collection publication edits render a turbo frame
  Collection workflow edits render a turbo frame
  Collection entropy config edits render a turbo frame
  Use automatic sizing where supported
  Introduce a separate controller for collection entropy config
  Add `card_id` to index
  Move to scope and inline method
  Prefer modern syntax
  Fix that stage should be visible above card background
  Indicate opens menu
  Hide dialog targets from screen readers when closed
  ...

# Conflicts:
#	db/schema.rb
#	db/schema_cache.yml
2025-07-03 16:11:00 +02:00
Mike Dalessio ccf961dad2 Merge pull request #696 from basecamp/flavorjones/collection-workflow-save
Collection edit page uses turbo frames to avoid resetting the user access form
2025-07-02 22:28:51 -04:00
Mike Dalessio 36727ba5ea Introduce a separate controller for collection entropy config
which opens the door to rendering turbo frames in the responses to
collection edits.
2025-07-02 17:41:29 -04:00
Jason Zimdars 25a33fb9c8 Merge branch 'main' into card-steps
* main: (22 commits)
  Fix that stage should be visible above card background
  Indicate opens menu
  Hide dialog targets from screen readers when closed
  Mark up as heading for screen reader navigation
  Copy for screen readers
  Don't hide the input so it's accessible to screen readers
  Point skip links to correct anchor, don't navigate with turbo
  There aren't any `li` children so just use `div`
  Use headings for screen reader navigation
  Use `h3` for individual cards in collection view
  Make collection title `h1` for screen reader navigation
  Esc should not propagate when closing dialogs
  squash! Remove session controller actions other than delete
  Screen reader: Use heading for comments navigation
  Remove the invitation codes for now
  Remove session controller actions other than delete
  Correct label for field
  Style
  Screen reader: De-duplicate links for each person in account settings
  Account.signal_account is no longer optional
  ...
2025-07-02 16:09:49 -05:00
Mike Dalessio fa1c5f7279 Remove session controller actions other than delete
and do some general cleanup around sessions controllers and the
sign_in_as test helper
2025-07-02 15:03:28 -04:00
Jason Zimdars f4218d9403 Merge branch 'main' into card-steps
* main:
  Script to create Users for existing 37id accounts
  Configure Mission Control to skip tenanted authentication
  Script to update URLs and attachments in cards and comments
  Make sure seeds are creating sluggable tenants
  Script to rename tenants after the QB account id
  Update the signups tests to work with untenanted paths
  Update the Command classes to handle paths with account slugs
  Update bin/dev to point at the new tenant URLs
  Patch Active Storage controllers to generate slugged URLs
  Point Action Cable at the slugged cable endpoint
  Extract pieces from the tenanting initializer
  Patch Turbo to use the request script name
  Use the new AR::Tenanted convention for action cable connections
  Use a tenant resolver that recognizes the account slug
  dep: Use the patched AR::Tenanted branch
2025-07-02 11:59:40 -05:00
Mike Dalessio da69bd1689 Remove local authentication code 2025-07-02 11:59:21 -04:00
Jason Zimdars f02215c5b7 Add steps to cards 2025-07-01 20:05:20 -05:00
Mike Dalessio 7089fbe0d4 Configure Mission Control to skip tenanted authentication
In 29644ba1 we configured HTTP basic auth to secure it for now.
2025-07-01 15:56:14 -04:00
Mike Dalessio 3844dc9ff3 Patch Active Storage controllers to generate slugged URLs
This really only impacts the Disk service in development.

I proposed this upstream in https://github.com/rails/rails/pull/55248,
but it's not clear if the presence of script_name should _always_
prefix generated URLs, so for now it's local to Fizzy.
2025-07-01 15:56:14 -04:00
Mike Dalessio e378c5a45e Extract pieces from the tenanting initializer
into:

- tenanting/account_slug
- tenanting/logging
- tenanting/turbo
2025-07-01 15:56:14 -04:00
Mike Dalessio e68e2eb971 Patch Turbo to use the request script name
so that the URLs generated during view rendering are correct
2025-07-01 15:56:14 -04:00
Mike Dalessio f43a5ff22c Use a tenant resolver that recognizes the account slug
and sets the script name accordingly
2025-07-01 15:56:14 -04:00
Jorge Manrubia b2f9bf1f2e Stub for command prompts 2025-07-01 18:27:38 +02:00
Jorge Manrubia cae01b777e Add prompt for tags too 2025-07-01 14:58:24 +02:00
Jorge Manrubia 60d243da52 Support direct references such as @user via rich text commands 2025-07-01 14:16:29 +02:00
Mike Dalessio 0c5c6fa703 Turn off local auth in beta, we'll use Launchpad instead. 2025-06-26 09:47:13 -04:00
Mike Dalessio 190e52ffc5 Update kamal deploy config for the new beta env. 2025-06-26 09:47:13 -04:00
Mike Dalessio d827ce2a53 Merge pull request #654 from basecamp/flavorjones/fix-reloading-subscriptions
Make sure QB subscriptions reload properly in dev
2025-06-25 10:07:42 -04:00
Mike Dalessio b2ff0b47bf Make sure QB subscriptions reload properly in dev 2025-06-25 10:06:45 -04:00
Jorge Manrubia 9e3dbb0858 Remove semantic searches
We may revisit in the future but we'll go with keyword search only for launch
2025-06-25 09:36:14 +02:00
Jorge Manrubia 4acfe3ba9f update brakeman 2025-06-24 13:33:48 +02:00
Jorge Manrubia dfd52fc946 Move queries to its own resource 2025-06-24 12:17:08 +02:00
Jorge Manrubia 67fa9a46a8 Animate the search screen mockup 2025-06-24 09:58:48 +02:00
Jorge Manrubia 124c47b5be Merge branch 'main' into search-page-markup
* main: (67 commits)
  Add jason@37signals.com to the seeds.
  Rework menu sizing
  Firefox has its own psuedo elements
  Allow pop-ups to overflow without breaking the layout
  Style the prompt empty state
  Update lexical
  Scope CSS to custom attachments
  Update to point to version with fix for attachments
  Update AR::Tenanted to address tenant creation raciness
  dep: Update signal_id to quash noisy test warnings
  Update dependences, including Rails and queenbee-plugin
  Update 400/422/500 error pages with latest stock Rails versions
  Remove subdomain listing from the 404 page
  Delete the first runs controller/routes/model
  Redirect unauthenticated users to Launchpad
  Update a few users' email to link to a valid identity.
  Make sure the beta env keeps local authentication (for now)
  Trampoline the Launchpad auth redirect from a GET into a POST
  Add the shared signal_id secret
  Script to create QB and SignalID accounts, and SignalID users
  ...
2025-06-24 06:19:39 +02:00
Mike Dalessio e1609a1aa4 Delete the first runs controller/routes/model
which has been replaced by the signups controller
2025-06-21 10:38:36 -04:00
Mike Dalessio 141554c21c Make sure the beta env keeps local authentication (for now)
and more importantly, don't try to connect to the 37id database, which
will hang.

And finally, set the connect_timeout to something small so if we do
try to make a connection, it will fail quickly instead of hanging for
the default 120 seconds.
2025-06-20 16:17:02 -04:00
Mike Dalessio 2c18173f08 Trampoline the Launchpad auth redirect from a GET into a POST
to always route it to the writer.
2025-06-20 15:16:57 -04:00
Mike Dalessio 8b68eab6a8 Add the shared signal_id secret
so that we can authenticate properly with launchpad
2025-06-20 15:16:57 -04:00
Mike Dalessio d29bfb9f5a Add a QB API endpoint for plans
- add the shared api token to all environments
- add a single FreeV1 subscription
- add QB routes
- allow the queenbee routes in the tenanting middleware

ref: https://3.basecamp.com/2914079/buckets/37331921/todos/8746302763
2025-06-20 15:16:57 -04:00
Mike Dalessio 6f09d6a737 Add HTTP basic auth to the signup controllers
so that signup is internal-only for now.
2025-06-20 15:16:57 -04:00
Mike Dalessio 1be9ba6ee3 Signup workflow for existing identity 2025-06-20 15:16:57 -04:00