binarybeach
64513797ee
Marker-cookie pattern per docs/conventions/per-app-edge-identity-validation.md: - New BbEdgeIdentityMiddleware compares `_bb_edge_sub` cookie to `X-Auth-Request-User` header on every authenticated request. On mismatch, flushes the Django session and replaces request.user with AnonymousUser so DRF returns 401 / browser navigations land at the bridge handoff redirect. Lazy-populates the cookie on legacy sessions; passes through for anonymous requests and bearer-token-only callers. - Trusted-JWT view sets `_bb_edge_sub` on the redirect response when X-Auth-Request-User is present (single session-mint choke-point — the Bucket-4 entry-point is the only path that creates Plane sessions in this deployment). - SignOutAuthEndpoint reads optional BB_LOGOUT_REDIRECT_URL env. When set, the SPA's /auth/sign-out/ form-POST is 302'd to the platform bridge's synced-logout endpoint (clears edge `_bb_oauth2` + back-channels Zitadel end_session). Without this, the user's Zitadel session at the edge outlives the Plane logout and silently re-logs them in via bridge handoff → trusted sign-in. Vanilla regression-safe: env unset → upstream behavior. Net surface vs upstream-clean: 1 new middleware file, 1 line in MIDDLEWARE, ~20 lines added to trusted.py and signout.py. No new dependencies. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .github | ||
| .husky | ||
| .idx | ||
| apps | ||
| deployments | ||
| docs | ||
| packages | ||
| .dockerignore | ||
| .env.bb-local.example | ||
| .env.example | ||
| .gitattributes | ||
| .gitignore | ||
| .mise.toml | ||
| .npmrc | ||
| .oxfmtrc.json | ||
| .oxlintrc.json | ||
| .prettierignore | ||
| AGENTS.md | ||
| BINARYBEACHIO.md | ||
| CODE_OF_CONDUCT.md | ||
| CODEOWNERS | ||
| CONTRIBUTING.md | ||
| COPYRIGHT.txt | ||
| COPYRIGHT_CHECK.md | ||
| docker-compose-local.yml | ||
| docker-compose.bb-local.yml | ||
| docker-compose.yml | ||
| LICENSE.txt | ||
| package.json | ||
| pnpm-lock.yaml | ||
| pnpm-workspace.yaml | ||
| README.md | ||
| SECURITY.md | ||
| setup.sh | ||
| turbo.json | ||
Modern project management for all teams
Website • Forum • Twitter • Documentation
Meet Plane, an open-source project management tool to track issues, run sprints cycles, and manage product roadmaps without the chaos of managing the tool itself. 🧘♀️
Plane is evolving every day. Your suggestions, ideas, and reported bugs help us immensely. Do not hesitate to join in the conversation on Forum or raise a GitHub issue. We read everything and respond to most.
🚀 Installation
Getting started with Plane is simple. Choose the setup that works best for you:
-
Plane Cloud Sign up for a free account on Plane Cloud—it's the fastest way to get up and running without worrying about infrastructure.
-
Self-host Plane Prefer full control over your data and infrastructure? Install and run Plane on your own servers. Follow our detailed deployment guides to get started.
| Installation methods | Docs link |
|---|---|
| Docker |  |
| Kubernetes |  |
Instance admins can configure instance settings with God mode.
🌟 Features
-
Work Items Efficiently create and manage tasks with a robust rich text editor that supports file uploads. Enhance organization and tracking by adding sub-properties and referencing related issues.
-
Cycles Maintain your team’s momentum with Cycles. Track progress effortlessly using burn-down charts and other insightful tools.
-
Modules Simplify complex projects by dividing them into smaller, manageable modules.
-
Views Customize your workflow by creating filters to display only the most relevant issues. Save and share these views with ease.
-
Pages Capture and organize ideas using Plane Pages, complete with AI capabilities and a rich text editor. Format text, insert images, add hyperlinks, or convert your notes into actionable items.
-
Analytics Access real-time insights across all your Plane data. Visualize trends, remove blockers, and keep your projects moving forward.
🛠️ Local development
See CONTRIBUTING
⚙️ Built with
📸 Screenshots
📝 Documentation
Explore Plane's product documentation and developer documentation to learn about features, setup, and usage.
❤️ Community
Join the Plane community on GitHub Discussions and our Forum. We follow a Code of conduct in all our community channels.
Feel free to ask questions, report bugs, participate in discussions, share ideas, request features, or showcase your projects. We’d love to hear from you!
🛡️ Security
If you discover a security vulnerability in Plane, please report it responsibly instead of opening a public issue. We take all legitimate reports seriously and will investigate them promptly. See Security policy for more info.
To disclose any security issues, please email us at security@plane.so.
🤝 Contributing
There are many ways you can contribute to Plane:
- Report bugs or submit feature requests.
- Review the documentation and submit pull requests to improve it—whether it's fixing typos or adding new content.
- Talk or write about Plane or any other ecosystem integration and let us know!
- Show your support by upvoting popular feature requests.
Please read CONTRIBUTING.md for details on the process for submitting pull requests to us.
Repo activity
We couldn't have done this without you.
License
This project is licensed under the GNU Affero General Public License v3.0.