references/plane
1
0
Fork 0
mirror of https://github.com/makeplane/plane.git synced 2026-06-14 03:30:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,039 Commits 549 Branches 56 Tags
preview
Commit Graph

7039 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
sriram veeraghanta e972989522 chore(deps): upgrade the undici and flatted versions 2026-03-18 00:05:21 +05:30
Anmol Singh Bhatia 588dc2927e [WEB-6599] feat: instance not ready ui revamp (#8755) 
* feat: instance not ready ui revamp

* chore: code refactoring

* chore: code refactoring
 2026-03-16 14:29:33 +05:30
dependabot[bot] 6627282bc5 chore(deps): bump pytest from 7.4.0 to 9.0.2 in /apps/api (#8693) 
Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.0 to 9.0.2.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/7.4.0...9.0.2)

---
updated-dependencies:
- dependency-name: pytest
  dependency-version: 9.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-07 19:24:21 +05:30
dependabot[bot] d7c12f9730 chore(deps): bump python-json-logger from 3.3.0 to 4.0.0 in /apps/api (#8692) 
Bumps [python-json-logger](https://github.com/nhairs/python-json-logger) from 3.3.0 to 4.0.0.
- [Release notes](https://github.com/nhairs/python-json-logger/releases)
- [Changelog](https://github.com/nhairs/python-json-logger/blob/main/docs/changelog.md)
- [Commits](https://github.com/nhairs/python-json-logger/compare/v3.3.0...v4.0.0)

---
updated-dependencies:
- dependency-name: python-json-logger
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-07 19:22:30 +05:30
Aaryan Khandelwal 2e429e5198 [WIKI-874] refactor: description input component (#8544) 
* refactor: description input component

* fix: add missing prop to rich text editor
 2026-03-05 19:37:36 +05:30
Anmol Singh Bhatia c3a9f99789 [WEB-6420] chore: self-host social icons in project invitation email (#8718) 
* chore: add self-hosted social icon assets for email templates

* chore: pass current_site to project invitation email context

* chore: replace mailinblue CDN icons with self-hosted static assets
v1.2.3 		2026-03-05 18:17:42 +05:30
sriram veeraghanta 7902805635 release: v1.2.3 #8717 2026-03-05 18:15:16 +05:30
sriram veeraghanta 7b1f5a47f5 [SECUR-116] fix: ssrf webhook url for ip address #8716 2026-03-05 17:28:32 +05:30
sriram veeraghanta 71b0d30afb [SECUR-116] fix: ssrf webhook url for ip address #8716 2026-03-05 17:26:06 +05:30
sriramveeraghanta 9a7696acac chore: version upgrade 2026-03-05 17:25:22 +05:30
Aaryan Khandelwal cc7982ca14 [WEB-5911] fix: error outline button text color #8531 2026-03-05 16:48:56 +05:30
Aaryan Khandelwal fc66fba5aa [WIKI-785] refactor: editor markdown handler #8546 2026-03-05 15:43:52 +05:30
Aaryan Khandelwal 5af0f58aa9 [WIKI-892] fix: description input component re-render #8600 2026-03-05 15:27:02 +05:30
Aaryan Khandelwal 98253e3085 [WEB-5606] fix: work item preview word break #8537 2026-03-05 15:03:38 +05:30
Vamsi Krishna 60da3df508 [GIT-40]fix: apply sub-issue display filter when adding work items #8534 2026-03-05 14:43:17 +05:30
sriramveeraghanta d20247e976 chore(deps): django version upgrade 2026-03-05 14:05:30 +05:30
sriram veeraghanta 7fb6696c67 chore: space folders (#8707) 
* chore: change the space folders structure

* fix: format
 2026-03-05 14:03:54 +05:30
darkingtail be8836642a fix: disable react-in-jsx-scope rule in oxlint config (#8682) 
After #8677 replaced ESLint with OxLint, the react-in-jsx-scope rule
was not disabled. This causes all commits touching JSX files to fail
the pre-commit hook (oxlint --deny-warnings).

React 17+ uses automatic JSX runtime so explicit React imports are
not required.

Fixes #8681
 2026-03-04 13:36:44 +05:30
sriram veeraghanta 2578c5311b fix: dependabot and codeql CI 2026-03-04 13:25:19 +05:30
Anmol Singh Bhatia a75301d6c6 [WEB-6420] chore: migrate community references from Discord to Forum (#8657) 
* chore: replace Discord references with Forum links

* chore: migrate help and community CTAs from Discord to Forum

* refactor: replace Discord icons with lucide MessageSquare

* chore: rename Discord labels and keys to Forum

* chore: remove obsolete Discord icon component

* chore: update Discord references to Forum in templates

* chore: code refactoring
 2026-03-04 13:08:36 +05:30
Nikhil 351344ecbb [WEB-5225] feat: enhance authentication logging with detailed error and info message (#7998) 
* feat: enhance authentication logging with detailed error and info messages

- Added logging for various authentication events in the Adapter and its subclasses, including email validation, user existence checks, and password strength validation.
- Implemented error handling for GitHub OAuth email retrieval, ensuring proper logging of unexpected responses and missing primary emails.
- Updated logging configuration in local and production settings to include a dedicated logger for authentication events.

* chore: address copilot comments

* chore: addressed some additional comments

* chore: update log

* fix: lint
 2026-03-03 19:35:34 +05:30
Bavisetti Narayan a58642ed10 [WIKI-852] chore: update page version save logic (#8440) 
* chore: updated the logic for page version task

* chore: updated the html variable

* chore: handled the exception

* chore: changed the function name

* chore: added a custom variable
 2026-03-03 19:10:42 +05:30
Saurabh Kumar a9d688f290 [SILO-1028] feat: Project Summary external API (#8661) 
* add project summary endpoint

* update response structure
 2026-03-03 01:33:07 +05:30
sriram veeraghanta da870a1513 chore(deps): minimatch and rollup package vulnerabilities (#8675) 
* fix: package updates

* fix: package upgrades

* fix: minimatch package vulnerabilities

* fix: ajv package vulnerabilities

* fix: lint

* fix: format
 2026-03-03 01:26:29 +05:30
sriram veeraghanta c5542438a1 fix: replace eslint with oxlint (#8677) 
* fix: replace eslint with oxlint

* chore: adding max warning

* fix: formatting
 2026-03-03 00:46:05 +05:30
sriram veeraghanta 41abaffc6e chore: replace prettier with oxfmt (#8676) 2026-03-02 20:40:50 +05:30
Vipin Chaudhary 9ee73d57ef fix: merge lists in editor (#8639) 2026-03-02 20:29:20 +05:30
Vipin Chaudhary 779f5e272f [WIKI-887] fix: add scroll in heading layout (#8596) 
* fix: add scroll in heading layout

* chore: remove visible scroll  bar

* fix :format

* chore: fix outline scroll

* chore: fix format

* chore: fix translation

---------

Co-authored-by: Aaryan Khandelwal <aaryankhandu123@gmail.com>
 2026-03-02 18:59:07 +05:30
sriram veeraghanta bf52fa22be Change Dependabot update interval from weekly to daily 2026-03-02 18:58:07 +05:30
Akshat Jain 5c9f2a17c2 fix: Update healthcheck endpoint in Dockerfile to target /spaces/ path (#8674) 2026-03-02 18:52:57 +05:30
Vihar Kurama 9425c66eb5 chore: Add forum link and remove discord link on readme (#8655) 
* Update README to remove Discord and add Forum link

Removed Discord badge and replaced Releases link with Forum link.

* Fix forum link in README.md
 2026-02-23 17:11:17 +05:30
sriram veeraghanta 2a978e3ac0 release: v1.2.2 #8645 2026-02-23 14:14:21 +05:30
sriram veeraghanta 8c23fdd1d8 fix: Member Information Disclosure via Public Endpoint #8646 2026-02-20 18:34:56 +05:30
sriram veeraghanta f53446340b fix: Member Information Disclosure via Public Endpoint #8646 v1.2.2 2026-02-20 18:33:45 +05:30
sriram veeraghanta a77af4e67e Update apps/api/plane/app/views/issue/attachment.py 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-02-20 18:33:09 +05:30
Sangeetha b783f25bfa [SECUR-113] fix: ssrf for work item links (#8607) 2026-02-20 18:29:42 +05:30
sriramveeraghanta 95d121ce38 chore(deps): upgrade django version 2026-02-20 18:27:13 +05:30
Sangeetha 318c993082 [SECUR-104] fix: Arbitrary Modification of API Token Rate Limits#8612 2026-02-20 18:27:13 +05:30
dependabot[bot] 6c984e18ae chore(deps): bump cryptography (#8625) 
Bumps the pip group with 1 update in the /apps/api/requirements directory: [cryptography](https://github.com/pyca/cryptography).


Updates `cryptography` from 44.0.1 to 46.0.5
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/44.0.1...46.0.5)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.5
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 18:27:13 +05:30
sriramveeraghanta ec44b63027 chore: pacakge version 2026-02-20 18:05:15 +05:30
sriram veeraghanta 1548288e95 fix: IDOR Vulnerabilities in Asset & Attachment Endpoints (#8644) 
* fix: idor issues in project assets and issue attachements

* fix: comments
 2026-02-20 18:03:57 +05:30
sriram veeraghanta 9070acbbe8 fix: IDOR Vulnerabilities in Asset & Attachment Endpoints (#8644) 
* fix: idor issues in project assets and issue attachements

* fix: comments
 2026-02-20 18:02:12 +05:30
Sangeetha b5fe8a2825 [WEB-6194]migration: added archived_at in IssueView #8641 
* migration: added archived_at in IssueView

* fix: lint
 2026-02-17 19:06:13 +05:30
Sangeetha c4b3d52466 [WEB-5878] chore: add validation for project name/identifier for special characters (#8529) 
* chore: update ProjectSerializer to raise validation for special characters in name and identifier

* chore: update external endpoints

* fix: external api serializer validation

* update serializer to send error code

* fix: move the regex expression to Project model
 2026-02-17 00:49:02 +05:30
b-saikrishnakanth f0dcf66167 [WEB-5917] fix: generate clean plain text from HTML email template #8535 2026-02-17 00:44:52 +05:30
Prateek Shourya e9b011896d [VPAT-27] chore(security): disable autocomplete on sensitive input fields #8517 
Disable autocomplete on authentication and security-related forms to prevent
browsers from storing sensitive credentials. This affects sign-in, password
reset, account security, and onboarding forms across admin, web, and space apps.

Modified components:
- Auth forms (email, password, unique code, forgot/reset/set password)
- Account security pages
- Instance setup and profile onboarding
- Shared UI components (auth-input, password-input)
 2026-02-17 00:43:35 +05:30
Anmol Singh Bhatia d3c6e5ec94 [WEB-5827] fix: persist external cover image URLs (Unsplash) in project updates #8482 2026-02-17 00:21:43 +05:30
Prateek Shourya e10deb10f2 [VPAT-16] improvement: add file validation to prevent malicious uploads #8493 
Add client-side checks for double extensions, dangerous file types,
dot files, and path traversal patterns. Addresses security audit
recommendations for file upload validation.
 2026-02-17 00:21:21 +05:30
Prateek Shourya 49fc6aa0a0 [VPAT-55] chore(security): implement input validation across authentication and workspace forms (#8528) 
* chore(security): implement input validation across authentication and workspace forms

  - Add OWASP-compliant autocomplete attributes to all auth input fields
  - Create centralized validation utilities blocking injection-risk characters
  - Apply validation to names, display names, workspace names, and slugs
  - Block special characters: < > ' " % # { } [ ] * ^ !
  - Secure sensitive input fields across admin, web, and space apps

* chore: add missing workspace name validation to settings and admin forms

* feat: enhance validation regex for international names and usernames

- Updated regex patterns to support Unicode characters for person names, display names, company names, and slugs.
- Improved validation functions to block injection-risk characters in names and slugs.
 2026-02-17 00:18:46 +05:30
Anmol Singh Bhatia 55e89cb8fc [WEB-5863] fix: estimate point input validation #8492 
Co-authored-by: sriram veeraghanta <veeraghanta.sriram@gmail.com>
 2026-02-17 00:12:33 +05:30