* test: verify pre-commit hook
* fix: clean up code formatting and improve readability across multiple components
* chore: update subproject commit reference in frontend/ee
* chore: update eslint to version 9.26.0 and remove unused dependencies from package.json
fix: update submodule reference in server/ee
* chore: refactor ESLint configuration and add quiet linting script; update components to disable specific ESLint rules
* chore: add GitHub Copilot review instructions for App Builder team
Covers backward compatibility rules, styling conventions, state management,
resolution system, widget definitions, and common review flags.
* chore: add review instructions for App Builder, Data Migrations, Server Widget Config, Widget Components, and Widget Config
* Enhance TypeScript support in frontend configuration
- Added TypeScript parser and linting rules to ESLint configuration.
- Updated Babel configuration to include TypeScript preset.
- Modified package.json and package-lock.json to include TypeScript and related dependencies.
- Introduced tsconfig.json for TypeScript compiler options.
- Updated Webpack configuration to support .ts and .tsx file extensions.
- Adjusted linting and formatting scripts to include TypeScript files.
* chore: update TypeScript ESLint packages and subproject commits
---------
Co-authored-by: kavinvenkatachalam <kavin.saratha@gmail.com>
Co-authored-by: Johnson Cherian <johnsonc.dev@gmail.com>
* feat(custom-domains): add custom domains module for Cloud edition
Full-stack implementation of custom domains feature:
- Backend: entity, migration, repository, CE module stubs, DTOs, ability/guard
- Backend: CloudFeatureGuard on all EE endpoints (Cloud-only)
- Frontend: API service, Zustand store, ManageCustomDomainPage
- License gating via LICENSE_FIELD.CUSTOM_DOMAINS
- Cloudflare Custom Hostnames API integration (EE provider)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(custom-domains): add CORS, cookie, scheduler, and e2e tests
- Dynamic CORS origin with 5-min cache for custom domain support
- Cookie SameSite=None when ENABLE_CUSTOM_DOMAINS is set
- Status polling scheduler for pending Cloudflare domain verification
- E2e test suite with Polly.js record/replay for cloud edition
- UI layout fix for custom domain settings page
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(custom-domains): add frontend domain detection and routing
- Add isCustomDomain() helper to detect non-TOOLJET_HOST hostnames
- Resolve custom domain to workspace in authorizeWorkspace before
session validation
- Resolve custom domain in AuthRoute for login page org config
- Load organization relation in findActiveDomain repository query
- Update e2e test to verify organizationSlug in resolve response
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: make all URLs custom-domain-aware
When a workspace has a custom domain configured, all generated URLs
(emails, SSO redirects, share links, settings pages) now use that
domain instead of TOOLJET_HOST.
Licensing:
- Add customDomains getter to LicenseBase with plan-level defaults
- Register LICENSE_FIELD.CUSTOM_DOMAINS in license helper
- Add customDomain to features response for frontend access
- Add customDomains to Terms interface
Frontend:
- Make getHostURL() custom-domain-aware using isCustomDomain()
- Replace 14 inline TOOLJET_HOST references with getHostURL()
(SSO modals, OAuth callbacks, invite links, app URLs, etc.)
Backend:
- Add CustomDomainCacheService (Redis-backed, 5-min TTL)
- Add findActiveByOrganizationId() to repository
- Add optional host param to generateInviteURL/generateOrgInviteURL
- Add getHostForOrganization() helper for resolving org domains
- Inject cache service into EmailService and OauthService
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: remove unvalidated custom domains e2e test
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: add customDomains feature flag to cloud license terms
Update ee submodule — adds customDomains to OrganizationPaymentService
so Pro plan correctly gets false and Team plan gets true.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: extend VerifyDomainResult interface with additional properties
* feat: move custom domain from workspace settings to instance settings
Update frontend/ee submodule to move the custom domain page out of
workspace settings and into instance settings sidebar for both cloud
and EE editions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: align custom domain buttons with white labelling and Figma design
Update frontend/ee submodule - cancel button always clickable,
test connection button sizing matches Figma (14px font, 6px radius),
save button pattern matches white labelling exactly.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add CSRF origin check middleware with Sec-Fetch-Site hardening
Add setupCsrfOriginCheck middleware that validates Origin headers on
mutation requests when custom domains are enabled. Rejects requests
from origins not matching TOOLJET_HOST or active custom domains.
Tightens the null-Origin fallback using Sec-Fetch-Site: browser
requests with no Origin but Sec-Fetch-Site: cross-site are now
blocked, closing the stripped-Origin CSRF attack vector while
keeping cURL/Postman/server-to-server calls unaffected.
Also removes the in-memory CORS origin cache in favour of direct
DB lookups via fetchCustomDomainOrigins.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: register CSRF origin check middleware in bootstrap
Wire up setupCsrfOriginCheck in the application bootstrap so the
middleware is active when custom domains are enabled.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: guard sameSite=none cookies with HTTPS check
sameSite=none requires secure=true, which browsers reject on plain
HTTP. Add isHttpsEnabled() guard so custom domain cookie settings
only apply over HTTPS, preventing broken sessions in local dev.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: redirect to main host on custom domain workspace mismatch
When a custom domain resolves to a different workspace than the URL
slug, or when domain resolution fails with no slug fallback, redirect
to TOOLJET_HOST instead of showing a broken state.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: add custom domain dev server hints and update lockfile
Add commented-out webpack devServer options for testing custom domains
locally (host binding, allowed hosts, cache-control). Update lockfile.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: load Pyodide from CDN for cloud builds
For cloud (Cloudflare Pages) builds, load Pyodide from jsDelivr CDN
instead of bundling the 823MB local copy, avoiding the 25MB per-file
limit. Self-hosted/airgapped builds continue using the local bundle.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: update ee submodule for custom domain workspace URL fix
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: update ee submodule for custom domain input fixes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: update ee submodule for custom domain dark mode fixes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: update ee submodule for connection test toast and auto-reset
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: add pre/post build hooks for cloud frontend build
Add prebuild:frontend:cloud and postbuild:frontend:cloud lifecycle hooks
to install devDependencies (webpack, html-webpack-plugin, etc.) before
the cloud build and prune them after, matching the existing
build:frontend pattern.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: CSRF origin check fails closed on DB error
Previously, if fetchCustomDomainOrigins() threw (DB down, connection
timeout), the .catch(() => next()) silently bypassed all CSRF
protection. Now blocks the request with 403 instead.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: stale custom hostname cleanup and license deadlock on delete/status
Remove license gate from DELETE, GET, STATUS endpoints so admins can
always view and remove custom domains even after license expiry. Add
scheduled cleanup job that removes stale pending domains from both
Cloudflare and DB after a configurable TTL (default 2 days).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: Cloudflare error handling — config validation, 404 tolerance, status mapping
- Update IDomainProvider interface: getHostnameStatus returns null on 404
- Update CE stub to match interface
- Add sslStatus mapping to scheduler (matching provider's mapSslStatus)
- Expand scheduler statusMap with active_redeploying and blocked
- Allow null sslStatus in VerifyDomainResult type
- Update ee submodule
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: update server/ee submodule — correct guard order on custom-domains
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: update frontend/ee submodule — workspace login URL uses custom domain
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: update server/ee submodule — OIDC redirect uses custom domain host
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: route workspace switch to target custom domain
When switching between workspaces with different custom domains, the URL
now navigates to the target workspace's custom domain instead of staying
on the current origin or falling back to TOOLJET_HOST.
Backend enriches GET /api/organizations with custom_domain (batch query,
Cloud edition only). Frontend reads it and applies 3-way routing:
custom domain redirect, fallback to base domain, or same-origin switch.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: email links use custom domain instead of default TOOLJET_HOST
EmailModule was missing the CustomDomainsModule import, so
CustomDomainCacheService was never injected (always undefined due to
@Optional). All email URLs fell back to process.env.TOOLJET_HOST.
Additionally, several email event emissions were missing organizationId
in their payloads, preventing custom domain lookup even with proper DI.
Changes:
- Import CustomDomainsModule in EmailModule for DI wiring
- Pass organizationId in forgotPassword email payload
- Pass organizationId in 5 onboarding welcome-email payloads
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: block custom domain access after plan downgrade to Pro
- Frontend: always redirect to TOOLJET_HOST when custom domain resolve
fails (removes slug-based fallthrough that allowed bypassing the check)
- Frontend: extract redirectToMainHost() helper, add console.error logging
- Update server/ee submodule with license check in resolveCustomDomain
Closes#15228
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: proxy API through Cloudflare Worker to fix incognito sign-in on custom domains
Incognito browsers block third-party cookies, causing silent sign-in
failure on custom domains where the frontend origin differs from the
API server. Three changes:
- Frontend: override config.apiUrl to /api on custom domains so
requests route through the Cloudflare Worker proxy (first-party)
- Worker docs: add API/WebSocket proxy to the Cloudflare Worker with
proper forwarding headers and 502 fallback
- server/ee submodule: add ENABLE_CUSTOM_DOMAINS guard to OIDC cookie
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: update frontend/ee submodule — prefill default domain on clear
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: compare hostnames not origins for custom domain API proxy override
The origin comparison (`localhost:3000` vs `localhost:8082`) triggered the
proxy rewrite in local dev, routing API calls to webpack dev server which
returned index.html instead of JSON — breaking app initialization.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: update server/ee submodule — pass customDomainRepository to EE OrganizationsService
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* revert: remove "prefill default domain on clear" from custom domains
Reverts the frontend/ee submodule from a21b75aed back to e8191629e.
Showing a pre-filled default domain when the input is empty implies
the user owns that domain, which is misleading.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: harden custom domains — CORS caching, error handling, scheduler guards, and frontend safety
PR review fixes for #15228:
Backend:
- Cache CORS/CSRF custom domain origins in-memory (30s TTL) to avoid per-request DB queries
- Normalize TOOLJET_HOST (strip trailing slash) before origin comparison in CORS and CSRF middleware
- Add ENABLE_CUSTOM_DOMAINS guard to scheduler handleCron (was only on handleStaleCleanup)
- Log Cloudflare API errors in scheduler instead of silently continuing
- Fix scheduler stale cleanup TOCTOU: mark domain deleted before remove()
- Invalidate Redis cache after scheduler status transitions and stale cleanup
- Add Redis error handler, connectTimeout, and try-catch with DB fallback in cache service
- Add comment explaining CSRF exempt paths rationale
- Import CustomDomainsModule in AuthModule for @Optional() cache injection
- Remove dead 'no_records' variant from VerifyDomainResult.dnsStatus
- Update server/ee submodule (rate limiting, TOCTOU fix, DNS logging, auth response)
Frontend:
- Guard SwitchWorkspacePage against undefined TOOLJET_HOST
- Add console.error in isCustomDomain() and redirectToMainHost() for config issues
- Defensively strip protocol prefix in getTargetDomainURL()
- Add redirect-to-custom-domain logic in authorizeWorkspace with cooldown
- Enable webpack dev server proxy for custom domain local testing
Docs:
- Fix Cloudflare proxy statement: applies to any CF-hosted domain, not same-account
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: update server/ee submodule — OIDC redirect_uri uses request origin for custom domains
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: prevent flash of base-domain UI during custom domain redirect
- Move redirect check before setUser()/setOrganization() store updates
so no authenticated UI (avatar, org name) renders on the base domain
- Remove no-op clearRedirectAttempt() on custom domain — sessionStorage
is origin-scoped so it can't clear the base domain's flag; the cooldown
expires naturally after REDIRECT_COOLDOWN_MS
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: remove ThrottlerGuard from custom domain resolve endpoint
Update server/ee submodule — ThrottlerGuard on the resolve endpoint
caused a NestJS dependency crash (THROTTLER:MODULE_OPTIONS missing
in CustomDomainsModule). CloudFeatureGuard is sufficient protection
for this unauthenticated, cloud-only endpoint.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: extract applyCustomDomainCookieOptions, fix org list for super admins
- Extract duplicated cookie SameSite/Secure logic into shared applyCustomDomainCookieOptions() helper
- Replace 3 inline copies (session util x2, OIDC service) with one-liner calls
- Rename customDomain → custom_domain in OrganizationWithPlan for consistent API casing
- Refactor fetchOrganizations so super admins also get license/custom domain enrichment
- Add @Req() param to OpenID redirect controller for custom domain host detection
- Update server/ee submodule
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: remove dead verifyDomain from IDomainProvider, fix cookie type
- Remove verifyDomain() from IDomainProvider interface and all implementations
(service does inline DNS resolution, method was never called)
- Fix applyCustomDomainCookieOptions type: sameSite accepts string | boolean
- Update server/ee submodule
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* revert: remove dev-only webpack proxy and host overrides for custom domains
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: remove internal custom domains Cloudflare setup doc
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: rename 'Workspace ID' label to 'Workspace URL' on custom domain page
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: match custom domain save button loading style with whitelabelling
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: reduce custom domain redirect cooldown from 5 minutes to 10 seconds
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: strip trailing slash from TOOLJET_HOST in URL helpers
Prevents double-slash URLs when TOOLJET_HOST is configured with a
trailing slash (e.g. `https://example.com/` → `https://example.com//error/404`).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: strip trailing slash from TOOLJET_HOST in workspace switchers
Same defensive fix as the URL helpers — raw TOOLJET_HOST concatenation
in SwitchWorkspacePage and BaseOrganizationList could produce
double-slash URLs when the host has a trailing slash.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(custom-domains): add rebuildOriginsSet/getOriginsSet to cache service
Stores active custom domain origins in a Redis Set for cross-pod
CORS/CSRF consistency. rebuildOriginsSet uses a pipeline (DEL + SADD +
EXPIRE) for atomicity. getOriginsSet returns null on empty/error so
callers can fall back to DB.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(custom-domains): use Redis for CORS/CSRF origins in middleware
fetchCustomDomainOrigins now reads from Redis Set first, falls back to
DB. Local cache TTL reduced from 30s to 5s. Both setupCsrfOriginCheck
and setSecurityHeaders lazily capture CustomDomainCacheService via a
shared tryGetCacheService helper (DRY, CE-safe with strict: false).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(custom-domains): rebuild Redis origins set in scheduler and EE service
Status poll, stale cleanup, and all EE domain lifecycle operations now
trigger rebuildOriginsSet() so CORS origins stay consistent after
background status changes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(custom-domains): seed Redis CORS origins set on startup
Ensures the origins set is populated immediately when the server starts,
before any CORS/CSRF checks are needed.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): increase Redis origins TTL and fix success logging
Raise ORIGINS_TTL_SECONDS from 300s to 700s so the key outlasts the
10-minute scheduler interval (avoids sustained DB fallback). Skip the
success log when individual pipeline commands fail.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(custom-domains): add Redis pending-flag methods to cache service
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(custom-domains): gate scheduler polling behind Redis pending flag
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(custom-domains): set pending flag on domain creation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): resolve redirect loop between base and custom domain
After login, excludeWorkspaceIdFromURL stripped the workspace slug from the
redirect URL, producing bare paths like /home. On the custom domain,
getWorkspaceIdOrSlugFromURL then misinterpreted 'home' as a workspace slug,
triggering redirectToMainHost and creating an infinite loop.
- Re-prepend workspace slug to the custom domain redirect URL
- Always trust the resolved slug on custom domains (1:1 mapping)
- Remove mismatch guard in AuthRoute that redirected back to main host
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(custom-domains): session transfer token + OAuth redirect_uri fix
Two problems with the custom domain redirect flow:
1. Session lost on redirect: tj_auth_token cookie is domain-scoped — doesn't
follow the user from gcpstage.tooljet.ai to app.company.com. Added a one-time
Redis transfer token (30s TTL, GETDEL atomic) — the frontend creates a token,
redirects to /api/session/transfer on the custom domain, the CF Worker proxies
to the backend which sets the cookie as first-party via 302.
2. OAuth redirect_uri mismatch: Google/OIDC redirect_uri used the custom domain
hostname via getHostURL()/resolveRedirectHost(). If the IdP doesn't have the
custom domain registered, auth fails. Now always use TOOLJET_HOST for
redirect_uri. Session transfer handles the hop to the custom domain after auth.
Changes:
- Add CE session-transfer module stubs (SubModule pattern)
- Add frontend session-transfer service
- Update authorizeWorkspace.js: transfer token flow replaces direct redirect
- Update GoogleSSOLoginButton.jsx: use TOOLJET_HOST for redirect_uri
- Register SessionTransferModule conditionally for Cloud edition in AppModule
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): update server/ee submodule — restore OIDC redirect_uri resolution
Points to server/ee commit that restores request-origin based
redirect_uri for OIDC, supporting both base domain and custom domain
IdP registrations.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(custom-domains): add session transfer to workspace switching
Use session transfer tokens for cross-domain workspace switches so
the auth cookie is set on the target domain. Passes target org ID
in the token to land on the correct workspace immediately.
- Extract useSessionTransferRedirect hook (shared debounce + redirect)
- Add TOOLJET_HOST null guard in BaseOrganizationList
- Debounce new-tab opens with 500ms cooldown
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): defer HttpClient host resolution to request time
HttpClient eagerly captured config.apiUrl at module load time, before
index.jsx overrides it to '/api' on custom domains. This caused
tooljet-db, comments, and plugins services to make cross-origin
requests directly to the backend, bypassing the CF Worker proxy.
The cookie (scoped to the custom domain) wasn't sent, resulting in
401s and an infinite reload loop.
Use a lazy getter so config.apiUrl is read at request time. Also
convert marketplace.service.js to use hostFn callback for the same
lazy resolution.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): cross-domain logout — clear base domain session
Logging out from a custom domain only killed the custom domain's
session. The base domain session survived, causing authorizeWorkspace
to re-authenticate the user via session transfer.
Two fixes:
1. clearCookie now passes matching cookie options (sameSite, secure,
httpOnly) so the browser actually deletes the cookie
2. Frontend makes a parallel cross-origin logout call to the base
domain when on a custom domain (works because cookies are
sameSite=none and CORS allows custom domain origins)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): use base domain for workspace creation on custom domains
When creating a workspace from a custom domain, the workspace link
preview incorrectly showed the custom domain URL and the post-creation
redirect stayed on the custom domain (which is bound to a different
workspace). Now the link preview always shows TOOLJET_HOST and the
redirect uses session transfer to carry auth to the base domain.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): update ee-frontend submodule — SSO redirect URLs
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor(custom-domains): reuse getBaseHostURL() in workspace creation redirect
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): update ee-frontend submodule — SAML ACS URL fix
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): SAML SSO custom domain support + update server/ee submodule
Update CE interfaces and base classes to accept optional host/requestHost
parameters for SAML custom domain resolution. Updates server/ee submodule
with the full SAML custom domain fix.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): update ee-frontend submodule — hide custom domain for non-cloud
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): update server/ee submodule — SAML audience mismatch fix
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): update server/ee submodule — SAML issuer fix + error handling
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(custom-domains): update submodules — SAML ACS URL fix for all topologies
- server/ee: Add #resolveBackendBaseUrl() fallback chain for ACS URL;
only pass host override for custom domains
- frontend/ee: Show correct backend-derived ACS URL in SAML modal
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* chore: update bcrypt to version 6.0.0 in package.json
* chore: remove unused devDependencies from package.json
* Implement feature X to enhance user experience and optimize performance
* feat: add key rotation scripts and dual key encryption service
* update lockbox key rotation script to correct environment variable usage
* implement dual key encryption service for lockbox key rotation
- Refactor lockbox key rotation script to use a new DualKeyEncryptionService.
- Remove dependency on old environment variable for old master key.
- Add prompts for user input to enhance usability during key rotation.
- Implement automatic transaction management using dbTransactionWrap.
- Improve validation and error handling for key formats.
- Update documentation within the script for clarity on usage and steps.
* Delete frontend/package-lock.json
* Implement feature X to enhance user experience and fix bug Y in module Z
* revert lock file
* chore: revert unrelated frontend/package-lock.json changes
* fix: update rotate keys scripts to ensure proper argument handling and improve dry-run functionality
* chore: update version to 3.20.61-lts
---------
Co-authored-by: gsmithun4 <gsmithun4@gmail.com>
- Added `shadcn` dependency to package.json and package-lock.json.
- Introduced new `LoginForm` component for user authentication.
- Updated styles and structure in `frontend/components.json` and `frontend/src/styles/globals.css`.
- Enhanced existing UI components and updated Radix UI dependencies.
- Refactored onboarding background wrapper to integrate the new login form.
* feat: update Dockerfiles and entrypoint for PostgreSQL and Temporal integration
* fix: update Docker image tags for ee-latest versioning
* fix: remove default Dockerfile path and update tag generation logic
* fix: remove unnecessary newline in manual Docker build workflow
* fix: remove duplicate TOOLJET_EDITION environment variable declaration
* fix: update PostgreSQL source list for compatibility and enhance entrypoint script for improved logging and error handling
* update PostgreSQL source list to use bookworm for compatibility
* bump version
* Sample data source (#9501)
* Added sample data populating script
* added expand-collapse in add data soure menu
* Sample database
* Design changes
* Added CTA to buttons and added design changes
* Added code sanity fix for some services
* changed configration for create sampke db and code sanity fix
* Removed logs
* Added xlsx in dependency
* added migration for sample db
* Added loggin for testing
* Added await in migration
* Replace excel sheet with JSON files
* reverted package-lock file
* Fixed issues
* dependecy deletion
* Added schedular
* Added changes for bug fixes and typeorm query for creating sample db
* Removed color.scss file import
* Add logo in sample application
* add documentation link for sample db
* fixed migration issue for data queries creation
* removed sample db intergration
* bump version
* Remove .env file and code sanity
* deleted migration file
---------
Co-authored-by: Kritagya <kriks.iitk@.com>
Co-authored-by: Kritagya Kumar <kritagyakumar@192.168.1.6>
Co-authored-by: kriks7raptor <kritagya@raptorx.ai>
Co-authored-by: gsmithun4 <gsmithun4@gmail.com>
* Add data-cy for drag drop empty canvas card (#9513)
* Add sample db condition on all components (#9516)
* Add sample db condition on all components
* Changed empty state for container
* Condiiton on sample data source
---------
Co-authored-by: kriks7raptor <kritagya@raptorx.ai>
* Release fix: subpath (#9535)
* Add sample db condition on all components
* Changed empty state for container
* Condiiton on sample data source
* fixed subpath issue for workspace setting and folders
* Folder change handler in subpath
---------
Co-authored-by: kriks7raptor <kritagya@raptorx.ai>
* fixed version
* fixed version
* fixed version
* update server version
* Bump version to v2.39.0
---------
Co-authored-by: kriks7iitk <34170719+kriks7iitk@users.noreply.github.com>
Co-authored-by: Kritagya <kriks.iitk@.com>
Co-authored-by: Kritagya Kumar <kritagyakumar@192.168.1.6>
Co-authored-by: kriks7raptor <kritagya@raptorx.ai>
Co-authored-by: Ajith KV <ajith.jaban@gmail.com>
Co-authored-by: kriks7iitk <kriks.iitk@gmail.com>
Co-authored-by: Adish M <44204658+adishM98@users.noreply.github.com>
Co-authored-by: Muhsin Shah <muhsinshah21@gmail.com>
* started working on node upgrade to 18.18.2
* testing ci
* updated ci node version
* updated action code
* deleted all package-lock.json files
* deleted and ovverrided some packages
* deleted and fixed server & frontend vulnerabilities
* updated firestore version
* fix: ws type issue
* fix: upgraded lerna version
* regenerated package-lock.json files again
* regenerated marketplace lock file
* updated node version in other ci and docker files
* update: lock file plugin side
* updated the npm version in docker & ci files
* removed unused imports from events file
* removed dependency-review action
* updated some packages
* tried to go with current node-module of jest. had to upgrade
* fix: deprecated function usage - ts-jest
* fix: server directory lint issues
* fixed login page issue after router-dom upgrade
* updated import/no-unresolved rule to ignore import errors of react-loading-skeleton, react-spring packages
* fix: cypress node version & package-lock issue
* regenerated cli package-lock.json
* fix: new webpack version might cause runtime issues (had issues with enterprise). lets use old version only
* fix: form-data docker issue
* removed comment
* Added a fix for snake case properties
* Setup sentry logging as per version and upload its source map
* Remove version
* Fix process not being defined
* Add version to sentry release
* Add release version in config api
* Changes in docker file
* Create a version file in frontend
* Remove docker changes
* fix
* Add a script to bump .version files
---------
Co-authored-by: Muhsin Shah <muhsinshah21@gmail.com>
* init--
* org constants: controllers, services, module and api for creating new constants
* read operation: all constants from all envs and all constants from a env
* update and delete operation
* updated delete msg
* encrypt constant value before saving and decrypt before sending back to controller
* adds group permission for org constants and required migrations
* adds ability to create constant
* adds group permissions and fixes migrations
* adds workspace constant permission to workspace settings UI
* ToolJetUI - componenst, ref: ee/5c92dc9c03b73d7006562d71d639fe4eb1971dee
* Org constants UI
* UI updates: display constant value as per enviroment
* Added client side pagination
* groups without create/edit/delete permission can only view the the constants
* group permission: Create and Edit - UI updates
* create/update/date flow - UI
* extending api support to create constant in multiple environments
* UI - add constant for multiple envs
* disable name input for update operation
* UI fixes and updates
* adds deprecating banner to variables dashboard
* removes update/create from UI --variables
* adding depricating soon alert in codehinter when workspace vars are used
* extra check to display the banner in preview of cdehinter
* resolves constants for admin in client-side
* resolves constants client-side and server side for queries
* include grp permission for create/delete for org constants
* resolves org constants in runJS and runPY
* cleanup
* updated the tab UI
* fixed: constant pagination footer
* fixes client side pagination bug
* adds docs link
* ui updates and fixes ui flickering on closing the drawer
* refactor updating table data
* adds error state to constant forms
* remove the alert from runJS and runPY after 5s
* added max length constraint for constant value
* refactor: component form
* delete only constant as per environment
* remove unwanted logs
* resolves constants in gds connection forms
* resolve gds source options for testConnections, preview and runQuery
* UI style fixes: banner
* remove alert banner for runJS and runPY
* input text color fixed
* style fixes for disabled inputs
* Edit constant- Until value is changed- CTA should be disabled
* adds tooltip for table name and value
* adds tooltip for disbaled input in edit drawer
* updated the tooltip position
* handle input height on type for large strings
* added empty state
* adds new badge for workspace constants
* substring should be different for viewers
* resolve constants in viewer
* add support to resolve constants for widgets and queires in public apps
* changed the api endpoint for org constant for env
* bugfix: handle org constants for encrypted value from source options
* add support to resolve app variables and constants in a single single
* fixes: multiple multiline and same line variables
* refactor
* cleanup
* remove encryption for ce
* remove group permission from permission dashboard
* text transform for badge
* added padding for each table row
* updated alert banner padding
* updated alert banner padding
* updates width for empty banner
* refactor
* adds tests for constant api
* added validations for constant name
* updates textare dynamic form
* updates the resolvers for constants
* removes decryptiong for source options in services
* refactor - frontend
* resolved conflicts
* fixes: typo-1 ~ workspace variables alert
* fixes: inconsistency in alert info icon
* fixes: naming convention consistency
* fixes: dark theme for confirm box
* disable create button for add constant with same name,
* adds error state for updating constant with same value
* fixes: error message typo
* fixes: error message typo
* fixes position of tooltip
* fixes frontend lint issues
* update lock file
* UI updates and typos
* cleanup-refactor
* checking error state before creating
* should check all error states
* resolving multiple constants and app variables in a single line
* reafactore
* fixed: depricating icon : codehinter preview box
* remove log
* remove repeated logic for deleteOrgEnvironmentConstant
* only return status code for delete request for org constants
* Add data-cy for workspace constants elements (#7251)
* updates contants doc link
---------
Co-authored-by: Ajith KV <ajith.jaban@gmail.com>
* Updated package.json to support node 18
* Updated package-lock.json with force install
* Updated frontend package.json
* Updated server package.json
* update frontend package-lock.json
* update render dockerfile
* update dockerfiles for node 18
* update node version in actions
* fix setup script for AMI
* install using nvm
* debug
* source bashrc
* change ami os version
* change base ami
* make use of ubuntu focal lts version
* update script
* change branch name
* revert branch name
* update workflow
* node upgrade [plugins] modules updated (#5482)
* modules updated
* adds saphana and oracle package
* adds saphana and oracle package
* eslint rules for -unresolved and resolved properties
---------
Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
Co-authored-by: Arpit <arpitnath42@gmail.com>
* Remove cypress and its dependencies from root dir
* Install cypress to cypress-tests directory
* Move cypress specs and utils
* Remove older files
* Fix package.json
* Add and modify data-cy for widgets
* Add selectors
* Add constant texts and methods
* Add common widget operations
* Add momet to Cypress
* Add common utils and optimized commands
* Add methods specific for Datepicker
* Add spec datePickerHappyPath
* Minor selector modification
* Add verification of value from inspector
* Added Package Name and Version
For Me the npm was not installing the package and it's reason was that this package is not have `name` and `version` key specified.
don't know why it happened but most of my project don't need that data
* Update package.json
* Updated package-lock.json after `npm i`
* Update package-lock.json
* Update package-lock.json
* merge develop
* Add eslint dependencies, configs and scripts to plugins project
* run lint with Github action
* ignore tests and dist folders
* fun eslint with --fix and manual fixes, renamed __tests_ to __tests__
* add plugins packages folder to lint-staged config
* fix lint issue
* add plugins to docker compose
* build common
* change cmd
* build:pkgs
* fix'
* temp: add named vol
* update docker-compose for plugins dev
* update seed script to transpile only
* fix ci
* fix ci
Co-authored-by: gandharv <gandharvkumargarg@gmail.com>
* add migrations for versioning datasources and dataqueries
* eslint migrations folder
* update ormconfig to use app context in migrations
* make app to make use versioned data sources and queries in editor
* app import should honor data source and query versioning
* register ts-node path on running migrations
* load data queries when finding versions
* update e2e tests
* handle for invalid oauth2 datasources
* update e2e tests
* introduce db migrations access lock to handle concurrent backfill
* scope migrations by missing version id
* fix import export without data source/query versions
* fix import
* fix spec
* handle invalid data on migration
* fix import
* remove console logs
* handle new app imports
* fix version check
* fix async creation
* explicitly add timestamps on version import
* github actions for PR and push to develop branch
* test workflow
* move to workflows folder
* add setup node action
* modify build
* specify npm version
* config unit test
* specify host postgres
* specify container to run on
* add postgresql dependency
* add specify ws adapter for test
* add e2e test
* fix linting
* only log errors on tests
* update eslint config
* fix linting
* run e2e test in silent mode
* fix library app spec
* dont send email on test env
* fix org scope
* mock env vars
* remove reset modules
* force colors
* explicitly close db connection
* add eslint rule for floating promises
* update workflow
* fix floating promise
* fix lint
* update workflow
* run on all push and pulls
* update lint check files
* simplify workflow
* increase js heap size on env
* separate lint and build
Co-authored-by: arpitnath <arpitnath42@gmail.com>
* feat: initial commit for collaboration feature
* add dnd to comments
* add positions endpoint
* feat: encapsulate all http common logic in http-client
* segregate sections and transfer responsibility of state
* feat: use-spring to add fade effect ⚡
* fix: open in right
* fix: left-right position css
* add footer for message
* integrate getcomment endpoint
* use fromnow for date ago
* add dnd
* - Add data trasfer object for comment
- Add class-validator package to check the response type from client
- Add comment repository class for persistance layer
- Add comment service with std. http methods
- Update controller with all http methods
- Update comment module
- Fix http-client bug when error is thrown
* fix http client bug when error is thrown
* feat: add entity thread
* feat: add migrations for thread and comment
* update entitites
* add tid to migration
* filter comments by tid(thread_id)
* fix: comment migration, add missing column comment
* feat: integrate in ui
* feat: split comments based on app_id
* fix: dnd to correct position
* package json engines
* engines update
* update npm
* npm 6 to 7
* fix: add user initials to thread
* fix: add firtname lastname to the comments
* - Return user object when save thread called
- Hide password field from user response
- Fix created_at date typo
- Instead of fetch all threads on new thread added, add the response to array of existing threads
* feat: update ui components
* change icon on comments view
* ui fixes
* fix: close icon close the popover
* temp: comment select: false
* use currentUser from localStorage
* fix: on click outside if comment is open, dont hit addThread
* fix: auth token issue in http-client
* on drag hide the comment if open
* add jwt auth
* spec: add test for comment & thread
* cleanup: remove console.log
* feat: add comment actions
* feat: add edit, delete, resolve options
* feat: add mentions component
* feat: add nestjs websockets
* temp
* websocket: establish client-server communication
* ws: add message listner to comments module in ui
* feat: add broadcast method to broadcast new events to all clients 💣
* ws: cleanup 🤙
* fix: remove max height from comment actions
* feat: add user mentions, emoji support
* fix: add static list of users - temp
* update and delete iterations
* - Rename comment, thread to comments, threads
- Add conditional actions
- Show edit, delete only if he is comment owner
- Show resolve only if he is thread owner
* reset engines
* move svgr webpack to deps
* fix: ui issues
* remove log stmt
* refactor: move resolved icon to comment-header
* feat: allow comments to be added on top of widgets
* feat: add keyboard shortcut
* scroll to bottom on comment add
* ui fixes
* feat: add react toast for notification display
* feat: add comment badge
* fix: ws connection
* fix: ws
* remove rvrse
* feat: add comment sidebar
* feat: add comment right sidebar
* fix: add missing foreign key elements
* - upgrade typeorm to 0.2.38
- comment sidebar ui
- added filter ui
* feat: on click of right sidebar notificaiton open the comment box
* reset engines
* fix: add organization id to the comment and thread module
* fix: add current version id
* add currentversion id
* disable comments if no id present
* temp:checking for heroku deploy
* fetch app on edit and deploy version
* rename current_version_id to app_versions_id
* ui fixes
* show mentioned user in blue color
* add ui changes
* add authorization for create thread
* change color to blue on click of comment, add auth for other endpoints of thread
* update threads, notifications using socket
* add auth for comments
* remove events spec file
* fix duplicate key error
* fix notificaitons updation on edit, delete, resolve buttons clicked
* update notifications for edit
* feature toggle changes for frontend
* add check for comments server
* add emoji mart package for emoji
* add reply count in comment sidebar
* subtract 1 from count in comment sidebar
* change empty text when no comments available
* Render app only after ENV variables are fetched from server
* Specify node and npm versions in root package.json
* Specify engine npm version: 7.20.0
* fix: striped table when element selected is text
* fix: when column type is dropdown fix ui
* fix: when category-type is multiselect
* fix: make overflow-x scroll so that more radio buttons can fit
* fix: when column is editable fix styles
* add text styles: additional
* fix: datepicker + striped table
* multicursor trick if to switch - witchcraft
* fix: add array check in tags component
* fix: action buttons
* merge badge and badges case
* change overflow x to initial - temporary
* fix conflict
* add padding left, right
* Update frontend/src/Editor/Components/Table/Table.jsx
Co-authored-by: Sherfin Shamsudeen <sherfin@tooljet.io>
* increase min height from 35 -> 55
Co-authored-by: Sherfin Shamsudeen <sherfin@tooljet.io>
