* test: verify pre-commit hook
* fix: clean up code formatting and improve readability across multiple components
* chore: update subproject commit reference in frontend/ee
* chore: update eslint to version 9.26.0 and remove unused dependencies from package.json
fix: update submodule reference in server/ee
* chore: refactor ESLint configuration and add quiet linting script; update components to disable specific ESLint rules
* chore: add GitHub Copilot review instructions for App Builder team
Covers backward compatibility rules, styling conventions, state management,
resolution system, widget definitions, and common review flags.
* chore: add review instructions for App Builder, Data Migrations, Server Widget Config, Widget Components, and Widget Config
* Enhance TypeScript support in frontend configuration
- Added TypeScript parser and linting rules to ESLint configuration.
- Updated Babel configuration to include TypeScript preset.
- Modified package.json and package-lock.json to include TypeScript and related dependencies.
- Introduced tsconfig.json for TypeScript compiler options.
- Updated Webpack configuration to support .ts and .tsx file extensions.
- Adjusted linting and formatting scripts to include TypeScript files.
* chore: update TypeScript ESLint packages and subproject commits
---------
Co-authored-by: kavinvenkatachalam <[email protected]>
Co-authored-by: Johnson Cherian <[email protected]>
* feat(custom-domains): add custom domains module for Cloud edition
Full-stack implementation of custom domains feature:
- Backend: entity, migration, repository, CE module stubs, DTOs, ability/guard
- Backend: CloudFeatureGuard on all EE endpoints (Cloud-only)
- Frontend: API service, Zustand store, ManageCustomDomainPage
- License gating via LICENSE_FIELD.CUSTOM_DOMAINS
- Cloudflare Custom Hostnames API integration (EE provider)
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat(custom-domains): add CORS, cookie, scheduler, and e2e tests
- Dynamic CORS origin with 5-min cache for custom domain support
- Cookie SameSite=None when ENABLE_CUSTOM_DOMAINS is set
- Status polling scheduler for pending Cloudflare domain verification
- E2e test suite with Polly.js record/replay for cloud edition
- UI layout fix for custom domain settings page
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat(custom-domains): add frontend domain detection and routing
- Add isCustomDomain() helper to detect non-TOOLJET_HOST hostnames
- Resolve custom domain to workspace in authorizeWorkspace before
session validation
- Resolve custom domain in AuthRoute for login page org config
- Load organization relation in findActiveDomain repository query
- Update e2e test to verify organizationSlug in resolve response
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat: make all URLs custom-domain-aware
When a workspace has a custom domain configured, all generated URLs
(emails, SSO redirects, share links, settings pages) now use that
domain instead of TOOLJET_HOST.
Licensing:
- Add customDomains getter to LicenseBase with plan-level defaults
- Register LICENSE_FIELD.CUSTOM_DOMAINS in license helper
- Add customDomain to features response for frontend access
- Add customDomains to Terms interface
Frontend:
- Make getHostURL() custom-domain-aware using isCustomDomain()
- Replace 14 inline TOOLJET_HOST references with getHostURL()
(SSO modals, OAuth callbacks, invite links, app URLs, etc.)
Backend:
- Add CustomDomainCacheService (Redis-backed, 5-min TTL)
- Add findActiveByOrganizationId() to repository
- Add optional host param to generateInviteURL/generateOrgInviteURL
- Add getHostForOrganization() helper for resolving org domains
- Inject cache service into EmailService and OauthService
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* chore: remove unvalidated custom domains e2e test
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: add customDomains feature flag to cloud license terms
Update ee submodule — adds customDomains to OrganizationPaymentService
so Pro plan correctly gets false and Team plan gets true.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat: extend VerifyDomainResult interface with additional properties
* feat: move custom domain from workspace settings to instance settings
Update frontend/ee submodule to move the custom domain page out of
workspace settings and into instance settings sidebar for both cloud
and EE editions.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: align custom domain buttons with white labelling and Figma design
Update frontend/ee submodule - cancel button always clickable,
test connection button sizing matches Figma (14px font, 6px radius),
save button pattern matches white labelling exactly.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat: add CSRF origin check middleware with Sec-Fetch-Site hardening
Add setupCsrfOriginCheck middleware that validates Origin headers on
mutation requests when custom domains are enabled. Rejects requests
from origins not matching TOOLJET_HOST or active custom domains.
Tightens the null-Origin fallback using Sec-Fetch-Site: browser
requests with no Origin but Sec-Fetch-Site: cross-site are now
blocked, closing the stripped-Origin CSRF attack vector while
keeping cURL/Postman/server-to-server calls unaffected.
Also removes the in-memory CORS origin cache in favour of direct
DB lookups via fetchCustomDomainOrigins.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat: register CSRF origin check middleware in bootstrap
Wire up setupCsrfOriginCheck in the application bootstrap so the
middleware is active when custom domains are enabled.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: guard sameSite=none cookies with HTTPS check
sameSite=none requires secure=true, which browsers reject on plain
HTTP. Add isHttpsEnabled() guard so custom domain cookie settings
only apply over HTTPS, preventing broken sessions in local dev.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: redirect to main host on custom domain workspace mismatch
When a custom domain resolves to a different workspace than the URL
slug, or when domain resolution fails with no slug fallback, redirect
to TOOLJET_HOST instead of showing a broken state.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* chore: add custom domain dev server hints and update lockfile
Add commented-out webpack devServer options for testing custom domains
locally (host binding, allowed hosts, cache-control). Update lockfile.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat: load Pyodide from CDN for cloud builds
For cloud (Cloudflare Pages) builds, load Pyodide from jsDelivr CDN
instead of bundling the 823MB local copy, avoiding the 25MB per-file
limit. Self-hosted/airgapped builds continue using the local bundle.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* chore: update ee submodule for custom domain workspace URL fix
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* chore: update ee submodule for custom domain input fixes
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* chore: update ee submodule for custom domain dark mode fixes
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* chore: update ee submodule for connection test toast and auto-reset
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: add pre/post build hooks for cloud frontend build
Add prebuild:frontend:cloud and postbuild:frontend:cloud lifecycle hooks
to install devDependencies (webpack, html-webpack-plugin, etc.) before
the cloud build and prune them after, matching the existing
build:frontend pattern.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: CSRF origin check fails closed on DB error
Previously, if fetchCustomDomainOrigins() threw (DB down, connection
timeout), the .catch(() => next()) silently bypassed all CSRF
protection. Now blocks the request with 403 instead.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: stale custom hostname cleanup and license deadlock on delete/status
Remove license gate from DELETE, GET, STATUS endpoints so admins can
always view and remove custom domains even after license expiry. Add
scheduled cleanup job that removes stale pending domains from both
Cloudflare and DB after a configurable TTL (default 2 days).
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: Cloudflare error handling — config validation, 404 tolerance, status mapping
- Update IDomainProvider interface: getHostnameStatus returns null on 404
- Update CE stub to match interface
- Add sslStatus mapping to scheduler (matching provider's mapSslStatus)
- Expand scheduler statusMap with active_redeploying and blocked
- Allow null sslStatus in VerifyDomainResult type
- Update ee submodule
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: update server/ee submodule — correct guard order on custom-domains
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: update frontend/ee submodule — workspace login URL uses custom domain
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: update server/ee submodule — OIDC redirect uses custom domain host
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat: route workspace switch to target custom domain
When switching between workspaces with different custom domains, the URL
now navigates to the target workspace's custom domain instead of staying
on the current origin or falling back to TOOLJET_HOST.
Backend enriches GET /api/organizations with custom_domain (batch query,
Cloud edition only). Frontend reads it and applies 3-way routing:
custom domain redirect, fallback to base domain, or same-origin switch.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: email links use custom domain instead of default TOOLJET_HOST
EmailModule was missing the CustomDomainsModule import, so
CustomDomainCacheService was never injected (always undefined due to
@Optional). All email URLs fell back to process.env.TOOLJET_HOST.
Additionally, several email event emissions were missing organizationId
in their payloads, preventing custom domain lookup even with proper DI.
Changes:
- Import CustomDomainsModule in EmailModule for DI wiring
- Pass organizationId in forgotPassword email payload
- Pass organizationId in 5 onboarding welcome-email payloads
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: block custom domain access after plan downgrade to Pro
- Frontend: always redirect to TOOLJET_HOST when custom domain resolve
fails (removes slug-based fallthrough that allowed bypassing the check)
- Frontend: extract redirectToMainHost() helper, add console.error logging
- Update server/ee submodule with license check in resolveCustomDomain
Closes#15228
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: proxy API through Cloudflare Worker to fix incognito sign-in on custom domains
Incognito browsers block third-party cookies, causing silent sign-in
failure on custom domains where the frontend origin differs from the
API server. Three changes:
- Frontend: override config.apiUrl to /api on custom domains so
requests route through the Cloudflare Worker proxy (first-party)
- Worker docs: add API/WebSocket proxy to the Cloudflare Worker with
proper forwarding headers and 502 fallback
- server/ee submodule: add ENABLE_CUSTOM_DOMAINS guard to OIDC cookie
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: update frontend/ee submodule — prefill default domain on clear
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: compare hostnames not origins for custom domain API proxy override
The origin comparison (`localhost:3000` vs `localhost:8082`) triggered the
proxy rewrite in local dev, routing API calls to webpack dev server which
returned index.html instead of JSON — breaking app initialization.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: update server/ee submodule — pass customDomainRepository to EE OrganizationsService
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* revert: remove "prefill default domain on clear" from custom domains
Reverts the frontend/ee submodule from a21b75aed back to e8191629e.
Showing a pre-filled default domain when the input is empty implies
the user owns that domain, which is misleading.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: harden custom domains — CORS caching, error handling, scheduler guards, and frontend safety
PR review fixes for #15228:
Backend:
- Cache CORS/CSRF custom domain origins in-memory (30s TTL) to avoid per-request DB queries
- Normalize TOOLJET_HOST (strip trailing slash) before origin comparison in CORS and CSRF middleware
- Add ENABLE_CUSTOM_DOMAINS guard to scheduler handleCron (was only on handleStaleCleanup)
- Log Cloudflare API errors in scheduler instead of silently continuing
- Fix scheduler stale cleanup TOCTOU: mark domain deleted before remove()
- Invalidate Redis cache after scheduler status transitions and stale cleanup
- Add Redis error handler, connectTimeout, and try-catch with DB fallback in cache service
- Add comment explaining CSRF exempt paths rationale
- Import CustomDomainsModule in AuthModule for @Optional() cache injection
- Remove dead 'no_records' variant from VerifyDomainResult.dnsStatus
- Update server/ee submodule (rate limiting, TOCTOU fix, DNS logging, auth response)
Frontend:
- Guard SwitchWorkspacePage against undefined TOOLJET_HOST
- Add console.error in isCustomDomain() and redirectToMainHost() for config issues
- Defensively strip protocol prefix in getTargetDomainURL()
- Add redirect-to-custom-domain logic in authorizeWorkspace with cooldown
- Enable webpack dev server proxy for custom domain local testing
Docs:
- Fix Cloudflare proxy statement: applies to any CF-hosted domain, not same-account
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: update server/ee submodule — OIDC redirect_uri uses request origin for custom domains
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: prevent flash of base-domain UI during custom domain redirect
- Move redirect check before setUser()/setOrganization() store updates
so no authenticated UI (avatar, org name) renders on the base domain
- Remove no-op clearRedirectAttempt() on custom domain — sessionStorage
is origin-scoped so it can't clear the base domain's flag; the cooldown
expires naturally after REDIRECT_COOLDOWN_MS
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: remove ThrottlerGuard from custom domain resolve endpoint
Update server/ee submodule — ThrottlerGuard on the resolve endpoint
caused a NestJS dependency crash (THROTTLER:MODULE_OPTIONS missing
in CustomDomainsModule). CloudFeatureGuard is sufficient protection
for this unauthenticated, cloud-only endpoint.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* refactor: extract applyCustomDomainCookieOptions, fix org list for super admins
- Extract duplicated cookie SameSite/Secure logic into shared applyCustomDomainCookieOptions() helper
- Replace 3 inline copies (session util x2, OIDC service) with one-liner calls
- Rename customDomain → custom_domain in OrganizationWithPlan for consistent API casing
- Refactor fetchOrganizations so super admins also get license/custom domain enrichment
- Add @Req() param to OpenID redirect controller for custom domain host detection
- Update server/ee submodule
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* refactor: remove dead verifyDomain from IDomainProvider, fix cookie type
- Remove verifyDomain() from IDomainProvider interface and all implementations
(service does inline DNS resolution, method was never called)
- Fix applyCustomDomainCookieOptions type: sameSite accepts string | boolean
- Update server/ee submodule
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* revert: remove dev-only webpack proxy and host overrides for custom domains
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* chore: remove internal custom domains Cloudflare setup doc
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: rename 'Workspace ID' label to 'Workspace URL' on custom domain page
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: match custom domain save button loading style with whitelabelling
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: reduce custom domain redirect cooldown from 5 minutes to 10 seconds
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: strip trailing slash from TOOLJET_HOST in URL helpers
Prevents double-slash URLs when TOOLJET_HOST is configured with a
trailing slash (e.g. `https://example.com/` → `https://example.com//error/404`).
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix: strip trailing slash from TOOLJET_HOST in workspace switchers
Same defensive fix as the URL helpers — raw TOOLJET_HOST concatenation
in SwitchWorkspacePage and BaseOrganizationList could produce
double-slash URLs when the host has a trailing slash.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat(custom-domains): add rebuildOriginsSet/getOriginsSet to cache service
Stores active custom domain origins in a Redis Set for cross-pod
CORS/CSRF consistency. rebuildOriginsSet uses a pipeline (DEL + SADD +
EXPIRE) for atomicity. getOriginsSet returns null on empty/error so
callers can fall back to DB.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat(custom-domains): use Redis for CORS/CSRF origins in middleware
fetchCustomDomainOrigins now reads from Redis Set first, falls back to
DB. Local cache TTL reduced from 30s to 5s. Both setupCsrfOriginCheck
and setSecurityHeaders lazily capture CustomDomainCacheService via a
shared tryGetCacheService helper (DRY, CE-safe with strict: false).
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat(custom-domains): rebuild Redis origins set in scheduler and EE service
Status poll, stale cleanup, and all EE domain lifecycle operations now
trigger rebuildOriginsSet() so CORS origins stay consistent after
background status changes.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat(custom-domains): seed Redis CORS origins set on startup
Ensures the origins set is populated immediately when the server starts,
before any CORS/CSRF checks are needed.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): increase Redis origins TTL and fix success logging
Raise ORIGINS_TTL_SECONDS from 300s to 700s so the key outlasts the
10-minute scheduler interval (avoids sustained DB fallback). Skip the
success log when individual pipeline commands fail.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat(custom-domains): add Redis pending-flag methods to cache service
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat(custom-domains): gate scheduler polling behind Redis pending flag
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat(custom-domains): set pending flag on domain creation
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): resolve redirect loop between base and custom domain
After login, excludeWorkspaceIdFromURL stripped the workspace slug from the
redirect URL, producing bare paths like /home. On the custom domain,
getWorkspaceIdOrSlugFromURL then misinterpreted 'home' as a workspace slug,
triggering redirectToMainHost and creating an infinite loop.
- Re-prepend workspace slug to the custom domain redirect URL
- Always trust the resolved slug on custom domains (1:1 mapping)
- Remove mismatch guard in AuthRoute that redirected back to main host
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat(custom-domains): session transfer token + OAuth redirect_uri fix
Two problems with the custom domain redirect flow:
1. Session lost on redirect: tj_auth_token cookie is domain-scoped — doesn't
follow the user from gcpstage.tooljet.ai to app.company.com. Added a one-time
Redis transfer token (30s TTL, GETDEL atomic) — the frontend creates a token,
redirects to /api/session/transfer on the custom domain, the CF Worker proxies
to the backend which sets the cookie as first-party via 302.
2. OAuth redirect_uri mismatch: Google/OIDC redirect_uri used the custom domain
hostname via getHostURL()/resolveRedirectHost(). If the IdP doesn't have the
custom domain registered, auth fails. Now always use TOOLJET_HOST for
redirect_uri. Session transfer handles the hop to the custom domain after auth.
Changes:
- Add CE session-transfer module stubs (SubModule pattern)
- Add frontend session-transfer service
- Update authorizeWorkspace.js: transfer token flow replaces direct redirect
- Update GoogleSSOLoginButton.jsx: use TOOLJET_HOST for redirect_uri
- Register SessionTransferModule conditionally for Cloud edition in AppModule
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): update server/ee submodule — restore OIDC redirect_uri resolution
Points to server/ee commit that restores request-origin based
redirect_uri for OIDC, supporting both base domain and custom domain
IdP registrations.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* feat(custom-domains): add session transfer to workspace switching
Use session transfer tokens for cross-domain workspace switches so
the auth cookie is set on the target domain. Passes target org ID
in the token to land on the correct workspace immediately.
- Extract useSessionTransferRedirect hook (shared debounce + redirect)
- Add TOOLJET_HOST null guard in BaseOrganizationList
- Debounce new-tab opens with 500ms cooldown
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): defer HttpClient host resolution to request time
HttpClient eagerly captured config.apiUrl at module load time, before
index.jsx overrides it to '/api' on custom domains. This caused
tooljet-db, comments, and plugins services to make cross-origin
requests directly to the backend, bypassing the CF Worker proxy.
The cookie (scoped to the custom domain) wasn't sent, resulting in
401s and an infinite reload loop.
Use a lazy getter so config.apiUrl is read at request time. Also
convert marketplace.service.js to use hostFn callback for the same
lazy resolution.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): cross-domain logout — clear base domain session
Logging out from a custom domain only killed the custom domain's
session. The base domain session survived, causing authorizeWorkspace
to re-authenticate the user via session transfer.
Two fixes:
1. clearCookie now passes matching cookie options (sameSite, secure,
httpOnly) so the browser actually deletes the cookie
2. Frontend makes a parallel cross-origin logout call to the base
domain when on a custom domain (works because cookies are
sameSite=none and CORS allows custom domain origins)
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): use base domain for workspace creation on custom domains
When creating a workspace from a custom domain, the workspace link
preview incorrectly showed the custom domain URL and the post-creation
redirect stayed on the custom domain (which is bound to a different
workspace). Now the link preview always shows TOOLJET_HOST and the
redirect uses session transfer to carry auth to the base domain.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): update ee-frontend submodule — SSO redirect URLs
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* refactor(custom-domains): reuse getBaseHostURL() in workspace creation redirect
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): update ee-frontend submodule — SAML ACS URL fix
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): SAML SSO custom domain support + update server/ee submodule
Update CE interfaces and base classes to accept optional host/requestHost
parameters for SAML custom domain resolution. Updates server/ee submodule
with the full SAML custom domain fix.
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): update ee-frontend submodule — hide custom domain for non-cloud
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): update server/ee submodule — SAML audience mismatch fix
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): update server/ee submodule — SAML issuer fix + error handling
Co-Authored-By: Claude Opus 4.6 <[email protected]>
* fix(custom-domains): update submodules — SAML ACS URL fix for all topologies
- server/ee: Add #resolveBackendBaseUrl() fallback chain for ACS URL;
only pass host override for custom domains
- frontend/ee: Show correct backend-derived ACS URL in SAML modal
Co-Authored-By: Claude Opus 4.6 <[email protected]>
---------
Co-authored-by: Claude Opus 4.6 <[email protected]>
* update submodule commit for server
* Fix: App history timeline UI in left sidebar
* Fix: App history entry options menu UI
* Fix: App history rename modal UI
* Fix: App history restore modal UI
* Feat: Implement server-sent events for app history updates and add authentication guard
* Remove all the unused logic from inside the store
* Fix: Minor UI change
* Fix: Added a loader
* Update submodule references
* Implemented flow to prevent full reload on restoring history
* Fix: Minor UI issue for history options menu
* feat: Add pushHistoryEntry method to appHistoryStore
* feat: Implement history entry limit in appHistoryStore
* Fix: Horizontal page menu minor enhancements
* feat: add migration for app_history table and update entity structure
* feat: refactor AppHistory module imports and add new services and guards
* Fix: Vertical page menu minor enhancements
* feat: add stream history feature and update related permissions and constants
* feat: add AppStateRepository to AppHistoryModule imports and providers
* feat: add NameResolverRepository to AppHistoryModule imports and providers
* feat: implement NameResolverRepository and NameResolverService for component and page name resolution
* feat: remove QueueHistoryIntegrationService and update AppHistoryModule to reflect changes
* feat: update AppHistoryModule and AppHistoryRepository with new methods and refactor imports
* feat: refactor AppHistoryModule and related services to streamline name resolution and history capture
* feat: add AppStateRepository and HistoryQueueProcessor, refactor AppStateAggregatorService to utilize repository methods
* feat: rename methods in AppStateRepository for clarity and update AppStateAggregatorService to reflect changes
* feat: refactor history capture logic to use synchronous execution and improve error handling across services
* Fix: Mobile view page menu UI enhancements
* feat: enhance ability guards and repository methods for app history validation
* Update submodule references
* Migrate to shadcn sidebar component
* Fix: Components not getting pasted at correct position if user scrolled and pasted inside container components
* Fix: Group components not getting pasted at correct position horizontally inside container components
* POC for removing overlap prevention logic if not enough space present, incase user clicks somewhere to respect click position
* Update frontend/src/AppBuilder/AppCanvas/Container.jsx
Co-authored-by: Copilot <[email protected]>
* feat: enhance AppHistoryModule registration with isMainImport flag
* feat: update settings method to queue history capture after successful update
* chore: update subproject commit reference in frontend/ee
* feat: add function to delete app history for structural migrations
* Refactor imports and enhance code organization across multiple files
- Updated import paths to reflect the new directory structure in TooljetDatabase and AppBuilder components.
- Consolidated utility functions in appUtils.js, removing redundant code and improving readability.
- Enhanced error handling and state management in dataQueriesStore and resolverStore.
- Added Bundle Analyzer plugin to webpack configuration for better performance insights.
- Improved chunking strategy in webpack to optimize loading of libraries and components.
- Refactored ErrorBoundary imports to maintain consistency across UI components.
* feat: enhance UI components with new icons and styling adjustments
* refactor: remove unused components and icons from QueryManager
- Deleted QueryManagerHeader component and its associated logic.
- Removed SuccessNotificationInputs component and its functionality.
- Eliminated Transformation component and related code.
- Deleted BreadcrumbsIcon, CreateIcon, PreviewIcon, RenameIcon, RunIcon, and ToggleQueryEditorIcon.
- Updated imports in appUtils.js to reflect new icon paths.
* Refactor editorHelpers and utils: Remove unused functions and imports, streamline background update logic, and adjust state handling. Comment out or delete handleReferenceTransactions and related logic in various stores to simplify data flow and improve maintainability.
* Refactor queryPanelStore and storeHelper by commenting out unused imports and code. This cleanup improves code readability and maintainability.
* revert: Reverted the lazy loading changes
* revert: Reverted the changes on App & AppRoute
* Fix: Inside side effects, get the correct canvas element, disable page scrolling and reposition modal container when modal is opened
* Fix: Use the side effects when modal is opened and closed
* Update submodule references
* fix: Corrected zustandDevTools enabled option logic
* update ee-frontend submodule ref
* Enhance: Vertical page menu default styles
* chore: merged with lts
* chore: moved components from Editor to AppBuilder folder
* chore: cleaned up the appbuilder imports
* chore: update subproject commit reference
* update submodule ref
* Enhance: Horizontal page menu default styles
* fix: Global search for multiselect column
* Fix: More button on pages overflow is getting cropped and remove unnecessary calculations related to it
* Refactor page menu code
* Integrate shadcn navigation menu component for horizontal page menu
* Update submodule ref
* update submodule ref
* Fix: Minimum width of the popup in horizontal page menu
* Fixed UI issues
* Removed commented code
* Removed wrapper and unwanted code
* Fix: Minor page menu bugs inside Editor
* Fix: popover overflow issue and other minor bugs
* Remove unnecessary package.json change
* chore: fix import path casing for RealTimeEditor
* Fix: Grid resizing issue and component selector overflow
* Fix: Increased transition duration to 200
* Removed the classname change
* Fix: Scrollbar visible in viewer in vertical page menu
* Fix: Remove arbitrary variant chains since not supported in Tailwind v3 to fix animations in horizontal page menu
* chore: update subproject commits for frontend and server
* Refactored code
* Update ee-frontend submodule reference
* Removed leading and trailing icon width
* Refactor page menu styling part to make it reusable for mobile view
* Integrate Shacn Sidebar component in page menu for mobile view
* Update submodule references
* fix: merge issues and minor bugs
* Update frontend/src/_styles/pages-sidebar.scss
Co-authored-by: Copilot <[email protected]>
* update submodule ref
* fixed: custom validation working for dropdown inside the listview
* update submodule references
* Fix: Broken app logo in editor incase app logo url is incorrect
* Fix: Default styles
* update submodule reference
* Fix: Implement changes for legacy modal as well
* Fix: Change state logic to dom manipulation logic on canvas scroll to prevent unnecessary re-renders
* Fix: Change default border color to cc-Border/weak
* Fix: Remove max width on overflow menu in horizontal page menu and prevent right sidebar to open on toggling page groups in overflow menu
* Fix: Box shadow should only be visible for horizontal page menu only when canvas is scrolled and not on top
* Update submodule references
* Feat: Add support for icon in modal trigger
* Update frontend/src/AppBuilder/Widgets/ModalV2/ModalV2.jsx
Co-authored-by: Copilot <[email protected]>
* Update frontend/src/AppBuilder/Widgets/ModalV2/helpers/stylesFactory.js
Co-authored-by: Copilot <[email protected]>
* chore: update subproject commit reference in frontend/ee
* refactor: clean up controller methods and remove unused streamHistory and getEvents methods
* chore: update subproject commit reference in frontend/ee
* update submodule references
* Fix: Scrollbar behaviour in vertical page menu
* Fix: Group closes on selecting a page on vertical page menu
* Remove log
* feat: Add RootRouter for bundle isolation and viewer routing
- Introduced RootRouter component to handle route splitting for viewer isolation.
- Created ViewerApp component to manage viewer-specific routes and logic.
- Removed BrowserRouter from App.jsx and integrated routing into RootRouter.
- Updated package.json to include madge for circular dependency checks.
- Refactored App.jsx to remove viewer-related imports and routes.
- Moved useConfirm hook to a new file for better organization.
- Updated various components to reflect new import paths and structure.
- Enhanced webpack configuration for improved chunk splitting and performance.
- Added new directories for future feature development under src/v2.
* feat: Add scripts to check bundle size and circular dependencies
* feat: Refactor to use dynamic imports for edition-specific components and helpers
* fix: update BoundedBox widget styles and fix class names; add datepicker styles
* feat: add permission checks based on selected data source scope in QueryCard component
* fix: enhance error handling in streamHistoryUpdates and update subproject reference
* fix: fixed the bug on app history in capturing the query deletion
* fix: Fixed unknown component issue while adding an event in query and pages. Added resolveEntityName method to handle entity name resolution for components, queries, and pages
* feat: Add captureSettingsUpdateHistory method to log app version settings updates
* fix: pageSettings were not properly restored while restoring the app history and version change
* fix: Enhance settings update history capture with action type differentiation
* feat: Optimize layout updates by batching component layout changes
* fix: Prevent redundant canvasHeight updates when the value is unchanged
* chore: Added script & logic for view parsed and gzip bundle
* Perf: Reduces main chunk size by almost 140KB, hence reducing overall bundle size
* chore: submodule update (Perf: reduces main chunk size by almost 220KB, hence reducing overall bundle size)
* fix: update entrypoint script to use ce-preview.sh for PostgreSQL initialization
* Perf: Extract CSS from JS bundle to allow css minification and removal of comments in production bundle
* style: Update padding and spacing in app history styles for improved layout
* feat: Implement lazy loading for editor-only components to optimize viewer bundle size
* chore: Update subproject reference to latest commit
* chore: Update subproject commit reference for frontend/ee
* chore: Update subproject commit references for frontend and server
* Fix: update hover effect for app name display in EditAppName component
* Fix: remove redundant darkMode prop from FormField component
* fix: add !important to primary color for rc-slider track and handle
* feat: implement batching for form component updates and layout changes
* feat: enhance form component handling with batching and parent ID extraction
* fix: removed some of the barrel imports
* chore: Update subproject reference to latest commit
* Update submodule references
* Fix: Page of type app or url gets converted to default page on app import
* feat: enhance page cloning with history capture functionality
* fix: optimize parent change detection to prevent unnecessary batch updates during drag operations
* feat: optimize query saving logic to skip unnecessary updates for name changes
* Fix: Group not selected after nested page selection until hovered in horizontal menu
* Revert "Revert "[refactor]: Fix leftsidebar on opening disturbing the scroll""
This reverts commit d712c47f9c.
* Fix: Navigation menu disappears when view switched between desktop and mobile view in editor
* update ee-server submodule ref
* update submodule references
* Fix: Icon alignment issue
* feat: implement bulk creation of event handlers and optimize component event handling
* chore: update subproject commit reference in frontend/ee
* Revert "POC for removing overlap prevention logic if not enough space present, incase user clicks somewhere to respect click position"
This reverts commit 8aec525e9a.
* feat: disable client overlay in webpack configuration
* update the submodule refs
* update submodule refs
* update submodule reference for server/ee
* refactor: rename `defaultDataSources` prop to `staticDataSources` in `DataSourceSelect` component.
* update submodule refs
* Merge pull request #14663 from ToolJet/feature/viewer-isolation-and-bundle-optimization
Perf: lazy load components not required on viewer page and widgets with bigger external dependencies
* refactor: change exports to default for CodeEditor, ColorPicker, and Table components
* feat: add loading spinner to PreviewSettings and update loading fallback in RootRouter
* feat: lazy load jsPDF and jspdf-autotable to optimize bundle size and improve performance
* feat: replace Tabler icons with dynamic loading to optimize bundle size and improve performance
* feat: add AppHistoryStreamService to manage app history streaming
* update submodule reference for server/ee
* update submodule reference for server/ee
* update submodule reference for server/ee
* chore: update submodule reference for frontend/ee to latest commit
* fix: handle default icon for home page in RenderPage component
* feat: implement SuspenseCountProvider and TrackedSuspense for handling the onLoad queries for lazy widgets
* feat: add SuspenseLoadingOverlay for improved loading state handling in AppCanvas while components are lazy loaded
* refactor: simplify scrolling logic in useEnableMainCanvasScroll and remove unnecessary state
* fix: added missed import of `DynamicHeightInfo` in `ConfigHandle` component
* fix: improve animation handling for TablerIcon component and clean up suspense fallback
* feat: implement viewer isolation for embedded apps routing
* fix: Map MODULE type to APP permissions in FeatureAbilityGuard
* Revert "fix: Map MODULE type to APP permissions in FeatureAbilityGuard"
This reverts commit ccb53f8d89.
* fix: Exclude MODULE type apps from environment access validation
* fix: Add deferCheck prop to SuspenseCountProvider for improved lazy loading handling to support modules
* chore: update subproject commits for frontend and server components
* chore: update subproject commit reference in server/ee
* chore: added logs to print the pat
* Revert "chore: added logs to print the pat"
This reverts commit d0c075f148.
* chore: update version to 3.20.76-lts
---------
Co-authored-by: devanshu052000 <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: manishkushare <[email protected]>
Co-authored-by: Nishidh Jain <[email protected]>
Co-authored-by: adishM98 Bot <[email protected]>
Co-authored-by: Johnson Cherian <[email protected]>
Co-authored-by: Nishidh Jain <[email protected]>
* fix: update documentation links from tooljet.ai to tooljet.com across various components
- Changed documentation links in DataSourcePicker, QueryManagerBody, Transformation, Workflows, QueryCard, Inspector, AddNewPagePopup, and others to point to the new domain.
- Ensured consistency in link formatting and structure.
- Minor code style adjustments for readability.
* chore: update version to 3.20.42-lts across all components
- Added `util` package to package.json and package-lock.json for utility functions.
- Updated `LoginForm` to include new props for organization name and signup visibility.
- Refactored LoginForm styles and structure for improved readability and functionality.
- Enhanced Storybook stories for LoginForm to support new props and scenarios.
- Updated webpack configuration to resolve the `util` module correctly.
* Added a fix for snake case properties
* Setup sentry logging as per version and upload its source map
* Remove version
* Fix process not being defined
* Add version to sentry release
* Add release version in config api
* Changes in docker file
* Create a version file in frontend
* Remove docker changes
* fix
* Add a script to bump .version files
---------
Co-authored-by: Muhsin Shah <[email protected]>
* adds marketplace icon to the dashboard and minor UI fixes
* fixes: capitalizeFirstLetter for toast message
* updates to docs: how to build marketplace plugin
* update confirm dialog box
* removing beta tag from leftsidebar
* updated tooltip
* in dev mode, start watching for changes in all packages
* plugin reload service
* typo
* fixes updates from fs
* checks if marketplace dev mode is on to decode the run code from plugin index file
* clean up
* removes console.log
* refactor: marketplace dashboard
* prep to merge
* dotenv
* fixes: install new upadates for one plugin at a time
* fixes app crash for new plugins(marketplace/datasource) with default schema
* avoid creating docs for marketplace to root docs
* Before starting watcher, build the marketplace once.
* fixes: installed plugin crashes if deleting the entire plugin from the dir, but the build still haves the plugin files
* reverse proxy
* reverse proxy
* Fix for yjs
* Fix for ws
* Fixes org switching
* Fixes org creation
* Fixes login logo
* Fixes download icon
* Construct use invite URL from base URI
* Fixes apiUrl if sub path is set
* Remove commented code
* Fix profile link
* invitation url changes
* Fixes dev env
* Use url-join lib to connect urls for goto app and invitation link
* Use useHistory instead of helper to get history for template modal
* Review changes
Co-authored-by: Sherfin Shamsudeen <[email protected]>
Co-authored-by: gsmithun4 <[email protected]>
