references/openproject
1
0
Fork 0
mirror of https://github.com/opf/openproject.git synced 2026-06-14 03:30:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
108,128 Commits 457 Branches 316 Tags
b7640dfccd04d5d7df65fd64bbca4a6bf89a8bf1
Commit Graph

108128 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Klaus Zanders b7640dfccd Implement journaling for resource allocations 2026-06-09 10:31:37 +02:00
Klaus Zanders ccf61ead91 Add GlobalID handling for ResourceAllocation#entity 2026-06-09 10:31:37 +02:00
Klaus Zanders 204d0516f8 Accessors to set allocated time in hours 2026-06-09 10:31:36 +02:00
Klaus Zanders cff618a153 Add reviewed_by and requested_by to the resource allocation 2026-06-09 10:31:36 +02:00
Klaus Zanders 45afae52d6 Ensure ResourceAllocation is scoped to a work package for now, allow further classes later 2026-06-09 10:31:35 +02:00
Klaus Zanders 63cf1dea7e Implement stub controller for Resource Allocations 2026-06-09 10:31:34 +02:00
dependabot[bot] de3f31f3df Bump the typescript-eslint group in /frontend with 2 updates (#23621) 
Bumps the typescript-eslint group in /frontend with 2 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser).


Updates `@typescript-eslint/eslint-plugin` from 8.59.4 to 8.60.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.60.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.59.4 to 8.60.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.60.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.60.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: typescript-eslint
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.60.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: typescript-eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-09 08:35:17 +01:00
Oliver Günther 92a0c03c42 Fix fetching of SAML metadata for large aggregate endpoints (#23531) 
* Fix fetching of SAML metadata for large aggregate endpoints

https://community.openproject.org/work_packages/OP-19420

* Use XML pull parser to avoid text parsing
 2026-06-09 09:13:52 +02:00
Oliver Günther adfe334449 Merge pull request #23605 from opf/feat/flat-meeting-objects 
Flat meeting API objects
 2026-06-09 09:06:44 +02:00
Klaus Zanders b25543b490 Merge pull request #23622 from opf/dependabot/bundler/dev/retriable-3.5.1 
Bump retriable from 3.5.0 to 3.5.1
 2026-06-09 08:57:48 +02:00
Kabiru Mwenja 96d5b5805f Merge pull request #23587 from opf/code-maintenance/68063-lateral-predecessor-changes-filter 
Code Maintenance/STC-462: Fix slow "only changes" activity filter on work packages with long histories
 2026-06-09 09:53:32 +03:00
Dombi Attila 9cd2b2a262 Merge pull request #23545 from opf/reviewdog-failures 
fix and cleanup linter actions
 2026-06-09 09:17:49 +03:00
dependabot[bot] 8998fa0606 Bump retriable from 3.5.0 to 3.5.1 
Bumps [retriable](https://github.com/kamui/retriable) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/kamui/retriable/releases)
- [Changelog](https://github.com/kamui/retriable/blob/main/CHANGELOG.md)
- [Commits](https://github.com/kamui/retriable/compare/v3.5.0...v3.5.1)

---
updated-dependencies:
- dependency-name: retriable
  dependency-version: 3.5.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-09 05:41:32 +00:00
Kabiru Mwenja 32a8bc43cc Surface the predecessor lateral alias at each call site 
The LATERAL subquery is aliased `predecessor` where it is joined rather
than inside the helper, so the relation each EXISTS clause references is
visible without reading the helper.
 2026-06-09 08:36:32 +03:00
OpenProject Actions CI 2e96f3379d update locales from crowdin [ci skip] 2026-06-09 04:31:52 +00:00
Judith Roth dc1d965423 Merge pull request #23363 from opf/jr/improve-docker-tls-setup-documentation 
Set host setting for docker tls setup to avoid broken links with port
 2026-06-08 17:43:41 +02:00
Oliver Günther c25e8a15ea Test all paths with varying project memberships 2026-06-08 16:35:11 +02:00
Ivan Kuchin 370ae18262 name and newline consistency 2026-06-08 15:53:49 +02:00
Ivan Kuchin 522c75e9b5 rely on ruby/setup-ruby to install bundle for erb_lint action and use it 2026-06-08 15:53:49 +02:00
Ivan Kuchin c1c34cf8db use our fork of tk0miya/action-erblint 2026-06-08 15:53:49 +02:00
Ivan Kuchin 5ea0c74f1d cleanup options of all linters 2026-06-08 15:53:49 +02:00
Ivan Kuchin 46aa3fed2a fix yamllint job name and workflow permissions (checks is needed) 2026-06-08 15:53:49 +02:00
Ivan Kuchin bbca8a5c5c full version in comment of actions/checkout 2026-06-08 15:53:49 +02:00
Ivan Kuchin 684b7c7c57 separate erb lint workflow 2026-06-08 15:53:49 +02:00
Oliver Günther 2ae44de6c6 Trigger tag-based flavour build 2026-06-08 15:53:02 +02:00
Mir Bhatia 24265c1fa0 Merge pull request #23596 from opf/bug/meet-556-patch-api-v3-meetings-id-participants-cannot-be-removed-via-_links-participants 
[MEET-556] PATCH /api/v3/meetings/{id} - participants cannot be removed via _links.participants
 2026-06-08 13:49:03 +02:00
Oliver Günther 968d53c07d Add release notes section 2026-06-08 13:19:05 +02:00
Oliver Günther ccdaa9f534 Update openapi docs 2026-06-08 13:16:23 +02:00
Oliver Günther 164e31c1d5 Add flat paths for meeting API 2026-06-08 13:16:22 +02:00
ulferts 5bc54dd1ec fix flickering work package table on my page spec 
rspec ./modules/my_page/spec/features/my/work_package_table_spec.rb:81

The spec actually tested a differnt widget
 2026-06-08 13:09:08 +02:00
Jan Sandbrink 857d51aee7 Merge pull request #23555 from opf/precise-ssrf-error 
Be more precise about SSRF errors
 2026-06-08 11:04:41 +02:00
Alexander Brandon Coles d49e116b10 Merge pull request #23561 from opf/code-maintenance/OP-19461-inject-field 
[OP-19461, DREAM-544] Migrate `@InjectField` usages to inject(), fix more console warnings
 2026-06-08 10:02:58 +01:00
Jens Ulferts e0820e04aa Merge pull request #23591 from opf/dependabot/bundler/dev/appsignal-4.8.5 
Bump appsignal from 4.8.4 to 4.8.5
 2026-06-08 10:46:25 +02:00
Jens Ulferts ca8f39df05 Merge pull request #23592 from opf/dependabot/bundler/dev/retriable-3.5.0 
Bump retriable from 3.4.1 to 3.5.0
 2026-06-08 10:46:04 +02:00
dependabot[bot] d2c45f665b Bump appsignal from 4.8.4 to 4.8.5 
Bumps [appsignal](https://github.com/appsignal/appsignal-ruby) from 4.8.4 to 4.8.5.
- [Changelog](https://github.com/appsignal/appsignal-ruby/blob/main/CHANGELOG.md)
- [Commits](https://github.com/appsignal/appsignal-ruby/compare/v4.8.4...v4.8.5)

---
updated-dependencies:
- dependency-name: appsignal
  dependency-version: 4.8.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-08 07:54:15 +00:00
Alexander Brandon Coles ccdeee4550 Merge pull request #23589 from opf/bug/DREAM-707-tracking-expressions-not-stable 
[DREAM-707] Stabilize Angular track keys
 2026-06-08 08:52:07 +01:00
dependabot[bot] 6eb2cc7d15 Bump retriable from 3.4.1 to 3.5.0 
Bumps [retriable](https://github.com/kamui/retriable) from 3.4.1 to 3.5.0.
- [Release notes](https://github.com/kamui/retriable/releases)
- [Changelog](https://github.com/kamui/retriable/blob/main/CHANGELOG.md)
- [Commits](https://github.com/kamui/retriable/compare/v3.4.1...v3.5.0)

---
updated-dependencies:
- dependency-name: retriable
  dependency-version: 3.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-08 07:51:20 +00:00
Jens Ulferts 2bf0cf5892 Merge pull request #23598 from opf/fix/bump_bundler 
bump bundler
 2026-06-08 09:49:24 +02:00
Mir Bhatia e684d98324 Merge pull request #23584 from opf/bug/meet-554-get-api-v3-meetings-id-_links-participants-count-does-not-match-_embedded-participants-count 
[MEET-554, -555] Meetings API fixes
 2026-06-08 09:46:51 +02:00
Jan Sandbrink caac871cc0 Merge pull request #23576 from opf/ssrf-fix 
Work around SSRF issue
 2026-06-08 09:37:59 +02:00
Jan Sandbrink 07372e3514 Try to order some YAML keys 2026-06-08 09:36:24 +02:00
Jan Sandbrink b4ba7ac8c0 Include SSRF hint in release notes 
Our changes to SSRF filtering (notably: applying it everywhere) can easily
affect running instances of OpenProject. Including this hint in the release
notes hopefully helps admins deploying their own instances to be aware of the
upcoming change.
 2026-06-08 09:36:06 +02:00
Jan Sandbrink 40301c3463 Make SSRF error message more specific 
Feedback from devs that were confronted with the "is not an allowed host"
message shows, that the message is not very actionable. It's not clear why something
that is clearly a legitimate and existing host would be considered "not allowed".

The new error message clearly points at the SSRF policy as the source. Making the
problem more search engine friendly and hopefully allowing admins to better understand
what they have to fix.
 2026-06-08 09:34:34 +02:00
Alexander Brandon Coles 860393d5dd Merge branch 'dev' into code-maintenance/OP-19461-inject-field 2026-06-08 08:27:38 +01:00
ulferts b52044ddad bump bundler 
This might fix the dependabot issue where the CHECKSUMS section is removed. https://github.com/dependabot/dependabot-core/issues/14913
 2026-06-08 09:20:33 +02:00
Kabiru Mwenja 879cb108c9 Seek changes-filter predecessor via LATERAL instead of a version scan 
The :only_changes activity filter identified each journal's predecessor
with `version = (SELECT MAX(version) WHERE version < current)`. That
predicate cannot use the (journable_type, journable_id, version) index,
so Postgres scanned every journal of the journable and filtered by
version — turning a per-page filter into an O(history) sweep run twice
(pagy's count plus the page query). A LATERAL `ORDER BY version DESC
LIMIT 1` seeks the predecessor through that index in a single row,
preserving gap-tolerant matching on `< version`.
 2026-06-08 10:18:05 +03:00
Alexander Brandon Coles 9cc828195e Remove stale query filter imports 
Drop dead imports surfaced during review of the tracking key changes.
 2026-06-08 08:17:24 +01:00
Alexander Brandon Coles e419c22c95 [DREAM-707] Stabilize Angular track keys 
Use stable scalar keys for Angular `@for` loops with rebuilt object
values across breadcrumbs and related list templates to avoid DOM
recreation warnings.

https://community.openproject.org/wp/DREAM-707
 2026-06-08 08:17:19 +01:00
Jens Ulferts e1926d0424 Merge pull request #23594 from opf/dependabot/npm_and_yarn/frontend/dev/html-eslint-a8d5f35c5d 
Bump the html-eslint group in /frontend with 2 updates
 2026-06-08 09:11:23 +02:00
Jens Ulferts ccf904893b Merge pull request #23593 from opf/dependabot/npm_and_yarn/frontend/dev/blocknote-48319ec752 
Bump the blocknote group in /frontend with 3 updates
 2026-06-08 09:11:07 +02:00