binarybeach/bb-plane-fork
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6956 commits 2 branches 0 tags 138 MiB
Commit graph

236 commits

Author SHA1 Message Date
ouchan
d94a269451
fix: add model_activity.delay() to API issue update/create paths for webhook dispatch (#8792) 
Fixes #6746

API-driven issue updates (PUT update, PUT create-via-upsert, PATCH) were
missing `model_activity.delay()` calls, so webhooks were never dispatched
for changes made through the API. The web UI paths already include these
calls (e.g. in `post()` at L475), but the `put()` and `partial_update()`
methods only called `issue_activity.delay()`.

This adds `model_activity.delay()` immediately after each existing
`issue_activity.delay()` in these three code paths, using the same
signature as the existing call in `post()`.

Tested on Plane CE v1.2.1 self-hosted: API PATCH triggers
`webhook_send_task` in the Celery worker, confirming webhook delivery.

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-25 13:31:16 +05:30
sriramveeraghanta
6e033f9fdb sync: master branch changes to preview 2026-03-25 13:21:43 +05:30
sriram veeraghanta
f3c7c057b4
chore: remove service token endpoint which is unused (#8797) 2026-03-25 13:13:58 +05:30
sriram veeraghanta
c3c7c72aff fix: package updates 2026-03-25 00:22:25 +05:30
Bavisetti Narayan
9d3b5d9da7
fix: added workspace member check in allow permission for creator #8778 2026-03-24 00:44:50 +05:30
dependabot[bot]
6627282bc5
chore(deps): bump pytest from 7.4.0 to 9.0.2 in /apps/api (#8693) 
Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.0 to 9.0.2.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/7.4.0...9.0.2)

---
updated-dependencies:
- dependency-name: pytest
  dependency-version: 9.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-07 19:24:21 +05:30
dependabot[bot]
d7c12f9730
chore(deps): bump python-json-logger from 3.3.0 to 4.0.0 in /apps/api (#8692) 
Bumps [python-json-logger](https://github.com/nhairs/python-json-logger) from 3.3.0 to 4.0.0.
- [Release notes](https://github.com/nhairs/python-json-logger/releases)
- [Changelog](https://github.com/nhairs/python-json-logger/blob/main/docs/changelog.md)
- [Commits](https://github.com/nhairs/python-json-logger/compare/v3.3.0...v4.0.0)

---
updated-dependencies:
- dependency-name: python-json-logger
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-07 19:22:30 +05:30
Anmol Singh Bhatia
c3a9f99789
[WEB-6420] chore: self-host social icons in project invitation email (#8718) 
* chore: add self-hosted social icon assets for email templates

* chore: pass current_site to project invitation email context

* chore: replace mailinblue CDN icons with self-hosted static assets
 2026-03-05 18:17:42 +05:30
sriram veeraghanta
7b1f5a47f5 [SECUR-116] fix: ssrf webhook url for ip address #8716 2026-03-05 17:28:32 +05:30
sriram veeraghanta
71b0d30afb
[SECUR-116] fix: ssrf webhook url for ip address #8716 2026-03-05 17:26:06 +05:30
sriramveeraghanta
9a7696acac chore: version upgrade 2026-03-05 17:25:22 +05:30
sriramveeraghanta
d20247e976 chore(deps): django version upgrade 2026-03-05 14:05:30 +05:30
Anmol Singh Bhatia
a75301d6c6
[WEB-6420] chore: migrate community references from Discord to Forum (#8657) 
* chore: replace Discord references with Forum links

* chore: migrate help and community CTAs from Discord to Forum

* refactor: replace Discord icons with lucide MessageSquare

* chore: rename Discord labels and keys to Forum

* chore: remove obsolete Discord icon component

* chore: update Discord references to Forum in templates

* chore: code refactoring
 2026-03-04 13:08:36 +05:30
Nikhil
351344ecbb
[WEB-5225] feat: enhance authentication logging with detailed error and info message (#7998) 
* feat: enhance authentication logging with detailed error and info messages

- Added logging for various authentication events in the Adapter and its subclasses, including email validation, user existence checks, and password strength validation.
- Implemented error handling for GitHub OAuth email retrieval, ensuring proper logging of unexpected responses and missing primary emails.
- Updated logging configuration in local and production settings to include a dedicated logger for authentication events.

* chore: address copilot comments

* chore: addressed some additional comments

* chore: update log

* fix: lint
 2026-03-03 19:35:34 +05:30
Bavisetti Narayan
a58642ed10
[WIKI-852] chore: update page version save logic (#8440) 
* chore: updated the logic for page version task

* chore: updated the html variable

* chore: handled the exception

* chore: changed the function name

* chore: added a custom variable
 2026-03-03 19:10:42 +05:30
Saurabh Kumar
a9d688f290
[SILO-1028] feat: Project Summary external API (#8661) 
* add project summary endpoint

* update response structure
 2026-03-03 01:33:07 +05:30
sriram veeraghanta
8c23fdd1d8 fix: Member Information Disclosure via Public Endpoint #8646 2026-02-20 18:34:56 +05:30
sriram veeraghanta
f53446340b
fix: Member Information Disclosure via Public Endpoint #8646 2026-02-20 18:33:45 +05:30
sriram veeraghanta
a77af4e67e
Update apps/api/plane/app/views/issue/attachment.py 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-02-20 18:33:09 +05:30
Sangeetha
b783f25bfa [SECUR-113] fix: ssrf for work item links (#8607) 2026-02-20 18:29:42 +05:30
sriramveeraghanta
95d121ce38 chore(deps): upgrade django version 2026-02-20 18:27:13 +05:30
Sangeetha
318c993082 [SECUR-104] fix: Arbitrary Modification of API Token Rate Limits#8612 2026-02-20 18:27:13 +05:30
dependabot[bot]
6c984e18ae chore(deps): bump cryptography (#8625) 
Bumps the pip group with 1 update in the /apps/api/requirements directory: [cryptography](https://github.com/pyca/cryptography).


Updates `cryptography` from 44.0.1 to 46.0.5
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/44.0.1...46.0.5)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.5
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 18:27:13 +05:30
sriramveeraghanta
ec44b63027 chore: pacakge version 2026-02-20 18:05:15 +05:30
sriram veeraghanta
1548288e95 fix: IDOR Vulnerabilities in Asset & Attachment Endpoints (#8644) 
* fix: idor issues in project assets and issue attachements

* fix: comments
 2026-02-20 18:03:57 +05:30
sriram veeraghanta
9070acbbe8
fix: IDOR Vulnerabilities in Asset & Attachment Endpoints (#8644) 
* fix: idor issues in project assets and issue attachements

* fix: comments
 2026-02-20 18:02:12 +05:30
Sangeetha
b5fe8a2825
[WEB-6194]migration: added archived_at in IssueView #8641 
* migration: added archived_at in IssueView

* fix: lint
 2026-02-17 19:06:13 +05:30
Sangeetha
c4b3d52466
[WEB-5878] chore: add validation for project name/identifier for special characters (#8529) 
* chore: update ProjectSerializer to raise validation for special characters in name and identifier

* chore: update external endpoints

* fix: external api serializer validation

* update serializer to send error code

* fix: move the regex expression to Project model
 2026-02-17 00:49:02 +05:30
b-saikrishnakanth
f0dcf66167
[WEB-5917] fix: generate clean plain text from HTML email template #8535 2026-02-17 00:44:52 +05:30
Sangeetha
3a99ecf8f3
[WEB-5871] chore: added intake count for projects (#8497) 
* chore: add intake_count in project list endpoint

* chore: sidebar project navigation intake count added

* fix: filter out closed intake issues in the count

* chore: code refactor

* chore: code refactor

* fix: filter out deleted intake issues

---------

Co-authored-by: Anmol Singh Bhatia <anmolsinghbhatia@plane.so>
 2026-02-17 00:04:03 +05:30
Dheeraj Kumar Ketireddy
ef5d481a19
[VPAT-51] fix: update workspace invitation flow to use token for validation #8508 
- Modified the invite link to include a token for enhanced security.
- Updated the WorkspaceJoinEndpoint to validate the token instead of the email.
- Adjusted the workspace invitation task to generate links with the token.
- Refactored the frontend to handle token in the invitation process.

Co-authored-by: sriram veeraghanta <veeraghanta.sriram@gmail.com>
 2026-02-17 00:02:18 +05:30
Dheeraj Kumar Ketireddy
c8a800104c
[SILO-820] fix: update serializer for module detail API endpoint to use ModuleUpdateSerializer (#8496) 2026-02-17 00:01:33 +05:30
Jayash Tripathy
53b3358a63
[GIT-44] refactor(auth): add PASSWORD_TOO_WEAK error code (#8522) 
* refactor(auth): add PASSWORD_TOO_WEAK error code and update related error handling in password change flow

* fix(auth): update import to use type for EAuthenticationErrorCodes in security page

* Update apps/web/app/(all)/profile/security/page.tsx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update apps/web/app/(all)/[workspaceSlug]/(settings)/settings/account/security/page.tsx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* refactor: updated auth error exception accross zxcvbn usages

* fix: improve error handling for password strength validation and update error messages

* i18n(ru): update Russian translations for stickies and automation description

Added translation for 'stickies' and improved formatting of the automation description in Russian locale.

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-02-13 18:51:33 +05:30
Aaryan Khandelwal
d497304de5
refactor: table drag preview using decorations (#8597) 
* refactor: table drag preview using decorations

* fix: history meta for table drag state
 2026-02-13 17:59:37 +05:30
sriram veeraghanta
dfce8c6278
chore: admin folder structure (#8632) 
* chore: admin folder structure

* fix: copy right check and formatting

* fix: types
 2026-02-13 16:29:45 +05:30
Vamsi Krishna
fab84eb058
[WEB-5899]fix: project sort order (#8530) 
* fix: project sort order

* chore: updated queryset for sort_order
 2026-02-13 15:52:22 +05:30
Sangeetha
cd613e5f8f
[SECUR-105] fix: csv injection vulnerability sanitization #8611 2026-02-13 15:37:13 +05:30
dependabot[bot]
b59e541b35
chore(deps): bump cryptography (#8625) 
Bumps the pip group with 1 update in the /apps/api/requirements directory: [cryptography](https://github.com/pyca/cryptography).


Updates `cryptography` from 44.0.1 to 46.0.5
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/44.0.1...46.0.5)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.5
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-11 13:06:42 +05:30
Sangeetha
57ce2a5429
[WEB-6149] migration: change estimate point key max value to 50 #8620 2026-02-10 17:07:14 +05:30
sriramveeraghanta
13a679437d chore(deps): upgrade django version 2026-02-09 14:51:53 +05:30
Sangeetha
78729277e8
[SECUR-104] fix: Arbitrary Modification of API Token Rate Limits#8612 2026-02-09 14:50:29 +05:30
Sangeetha
d191615a5e
[SECUR-113] fix: ssrf for work item links (#8607) 2026-02-05 15:03:43 +05:30
Bavisetti Narayan
b8d3b3c5eb
fix: module percentage calculation (#8595) 2026-01-29 14:48:43 +05:30
sriram veeraghanta
02d0ee3e0f
chore: add copyright (#8584) 
* feat: adding new copyright info on all files

* chore: adding CI
 2026-01-27 13:54:22 +05:30
Sangeetha
f7d5200ed8
migration: back migrate all product tour fields to set true (#8575) 2026-01-27 00:47:02 +05:30
punto
57806f9bd5
[GIT-45] fix: allow markdown file attachments (#8524) 
* fix: allow markdown file attachments

- Add text/markdown to ATTACHMENT_MIME_TYPES
- Fixes issue where .md files were rejected with 'Invalid file type' error

* added the support for frontend mime type too
 2026-01-23 13:38:47 +05:30
Sangeetha
ba5ba5bf54
[GIT-61] chore: allow .md files to be uploaded (#8571) 
* chore: allow .md files to be uploaded

* chore: allow .md files to be uploaded
 2026-01-23 13:33:20 +05:30
Bavisetti Narayan
2a29ab8d4a
[WEB-5845] chore: changing description field to description json (#8230) 
* chore: migrating description to description json

* chore: replace description with description_json

* chore: updated migration file

* chore: updated the migration file

* chore: added description key in external endpoint

* chore: updated the migration file

* chore: updated the typo

---------

Co-authored-by: Aaryan Khandelwal <aaryankhandu123@gmail.com>
 2026-01-22 18:23:59 +05:30
Sangeetha
fa1b4a102a
[WEB-5890] migration: added getting_started_checklist, tips, explored_feature fields on the workspace member table (#8489) 
* migration: added getting_started_checklist and tips field

* fix: remove defaults and added explored_features field

* fix: added user table migration
 2026-01-15 14:25:31 +05:30
Bavisetti Narayan
5f3f9d2623
chore: updated migration file name (#8515) 2026-01-09 14:36:45 +05:30