Mirrors/plane
1
0
Fork 0
mirror of https://github.com/makeplane/plane.git synced 2026-02-24 12:11:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,898 Commits 547 Branches 53 Tags
fix-api-sentry-errors
Commit Graph

6898 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
pablohashescobar
be261a1b3f chore: update log 2026-02-17 13:36:22 +05:30
pablohashescobar
f9de3cc638 chore: addressed some additional comments 2026-02-17 13:33:47 +05:30
pablohashescobar
69fa0dcdfd chore: address copilot comments 2026-02-17 13:27:41 +05:30
Nikhil
d09185bbb8 Merge branch 'preview' into fix-api-sentry-errors 2026-02-17 12:58:43 +05:30
Sangeetha
c4b3d52466 [WEB-5878] chore: add validation for project name/identifier for special characters (#8529) 
* chore: update ProjectSerializer to raise validation for special characters in name and identifier

* chore: update external endpoints

* fix: external api serializer validation

* update serializer to send error code

* fix: move the regex expression to Project model
 2026-02-17 00:49:02 +05:30
b-saikrishnakanth
f0dcf66167 [WEB-5917] fix: generate clean plain text from HTML email template #8535 2026-02-17 00:44:52 +05:30
Prateek Shourya
e9b011896d [VPAT-27] chore(security): disable autocomplete on sensitive input fields #8517 
Disable autocomplete on authentication and security-related forms to prevent
browsers from storing sensitive credentials. This affects sign-in, password
reset, account security, and onboarding forms across admin, web, and space apps.

Modified components:
- Auth forms (email, password, unique code, forgot/reset/set password)
- Account security pages
- Instance setup and profile onboarding
- Shared UI components (auth-input, password-input)
 2026-02-17 00:43:35 +05:30
Anmol Singh Bhatia
d3c6e5ec94 [WEB-5827] fix: persist external cover image URLs (Unsplash) in project updates #8482 2026-02-17 00:21:43 +05:30
Prateek Shourya
e10deb10f2 [VPAT-16] improvement: add file validation to prevent malicious uploads #8493 
Add client-side checks for double extensions, dangerous file types,
dot files, and path traversal patterns. Addresses security audit
recommendations for file upload validation.
 2026-02-17 00:21:21 +05:30
Prateek Shourya
49fc6aa0a0 [VPAT-55] chore(security): implement input validation across authentication and workspace forms (#8528) 
* chore(security): implement input validation across authentication and workspace forms

  - Add OWASP-compliant autocomplete attributes to all auth input fields
  - Create centralized validation utilities blocking injection-risk characters
  - Apply validation to names, display names, workspace names, and slugs
  - Block special characters: < > ' " % # { } [ ] * ^ !
  - Secure sensitive input fields across admin, web, and space apps

* chore: add missing workspace name validation to settings and admin forms

* feat: enhance validation regex for international names and usernames

- Updated regex patterns to support Unicode characters for person names, display names, company names, and slugs.
- Improved validation functions to block injection-risk characters in names and slugs.
 2026-02-17 00:18:46 +05:30
Anmol Singh Bhatia
55e89cb8fc [WEB-5863] fix: estimate point input validation #8492 
Co-authored-by: sriram veeraghanta <veeraghanta.sriram@gmail.com>
 2026-02-17 00:12:33 +05:30
Vamsi Krishna
4d1e6c499f [WEB-5829] fix: Intake open work count (#8547) 
* fix: open intake count at sidebar header

* chore: reverted inbox store arguments to core store

* fix: intake count update
 2026-02-17 00:05:20 +05:30
Sangeetha
3a99ecf8f3 [WEB-5871] chore: added intake count for projects (#8497) 
* chore: add intake_count in project list endpoint

* chore: sidebar project navigation intake count added

* fix: filter out closed intake issues in the count

* chore: code refactor

* chore: code refactor

* fix: filter out deleted intake issues

---------

Co-authored-by: Anmol Singh Bhatia <anmolsinghbhatia@plane.so>
 2026-02-17 00:04:03 +05:30
Dheeraj Kumar Ketireddy
ef5d481a19 [VPAT-51] fix: update workspace invitation flow to use token for validation #8508 
- Modified the invite link to include a token for enhanced security.
- Updated the WorkspaceJoinEndpoint to validate the token instead of the email.
- Adjusted the workspace invitation task to generate links with the token.
- Refactored the frontend to handle token in the invitation process.

Co-authored-by: sriram veeraghanta <veeraghanta.sriram@gmail.com>
 2026-02-17 00:02:18 +05:30
Dheeraj Kumar Ketireddy
c8a800104c [SILO-820] fix: update serializer for module detail API endpoint to use ModuleUpdateSerializer (#8496) 2026-02-17 00:01:33 +05:30
Anmol Singh Bhatia
e92b835869 [WEB-5873] fix: user avatar ui consistency (#8495) 
* fix: user avatar ui consistency

* chore: code refactor
 2026-02-13 19:04:57 +05:30
Cornelius
7e5b5066c5 Update translations.ts: issue-artifacts discoverd (#7979) 2026-02-13 19:04:02 +05:30
Jayash Tripathy
53b3358a63 [GIT-44] refactor(auth): add PASSWORD_TOO_WEAK error code (#8522) 
* refactor(auth): add PASSWORD_TOO_WEAK error code and update related error handling in password change flow

* fix(auth): update import to use type for EAuthenticationErrorCodes in security page

* Update apps/web/app/(all)/profile/security/page.tsx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update apps/web/app/(all)/[workspaceSlug]/(settings)/settings/account/security/page.tsx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* refactor: updated auth error exception accross zxcvbn usages

* fix: improve error handling for password strength validation and update error messages

* i18n(ru): update Russian translations for stickies and automation description

Added translation for 'stickies' and improved formatting of the automation description in Russian locale.

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-02-13 18:51:33 +05:30
Anmol Singh Bhatia
bf521b7b03 [WEB-1201] chore: dropdown options hierarchy improvements (#8501) 
* chore: sortBySelectedFirst and sortByCurrentUserThenSelected utils added

* chore: members dropdown updated

* chore: module dropdown updated

* chore: project and label dropdown updated

* chore: code refactor
 2026-02-13 18:50:18 +05:30
Anmol Singh Bhatia
7607cc9b10 [WEB-5884] chore: layout loader enhancements #8500 2026-02-13 18:49:53 +05:30
Aaryan Khandelwal
d497304de5 refactor: table drag preview using decorations (#8597) 
* refactor: table drag preview using decorations

* fix: history meta for table drag state
 2026-02-13 17:59:37 +05:30
Anmol Singh Bhatia
8fa08b2506 [GIT-57 | WEB-5912] fix: app sidebar ux and responsiveness (#8560) 
* fix: project extended sidebar accordion ux

* fix: app sidebar mobile responsiveness ux

* chore: code refactor
 2026-02-13 17:43:07 +05:30
sriram veeraghanta
efc600ad8c chore(deps): update axios dependency 2026-02-13 16:35:16 +05:30
stelmsk
a3a1d141cb i18n(ru): expand Russian translation coverage (#8603) 
Added missing translations for:
- Profile preferences (language, timezone settings)
- Account settings sections (preferences, notifications, security, api-tokens, activity)
- Workspace settings (billing, exports, webhooks headings/descriptions)
- Project settings (states, labels, estimates, automations headings/descriptions)
- Power-K command palette (contextual actions, navigation, creation, preferences, help)
- Sidebar elements (stickies, your_work, pin/unpin)
- Common actions (copy_markdown, overview)
- Navigation customization options
 2026-02-13 16:30:33 +05:30
sriram veeraghanta
dfce8c6278 chore: admin folder structure (#8632) 
* chore: admin folder structure

* fix: copy right check and formatting

* fix: types
 2026-02-13 16:29:45 +05:30
Vamsi Krishna
fab84eb058 [WEB-5899]fix: project sort order (#8530) 
* fix: project sort order

* chore: updated queryset for sort_order
 2026-02-13 15:52:22 +05:30
Vipin Chaudhary
60734b25ba [WIKI-877] fix: order of this dropdown options in pages #8563 2026-02-13 15:49:10 +05:30
Sangeetha
cd613e5f8f [SECUR-105] fix: csv injection vulnerability sanitization #8611 2026-02-13 15:37:13 +05:30
Anmol Singh Bhatia
a8d81656fc [WEB-6137] fix: work item peek view outside click #8610 2026-02-12 16:28:51 +05:30
Anmol Singh Bhatia
dbe059b7b5 fix: workitem description input inital load (#8617) 2026-02-12 14:03:01 +05:30
Anmol Singh Bhatia
c93f9fc865 [WEB-6038] fix: work item empty title flicker #8618 2026-02-12 13:35:08 +05:30
Akshat Jain
bcc8fb4d1d style: update ASCII art in install script header (#8628) 2026-02-12 13:34:31 +05:30
dependabot[bot]
b59e541b35 chore(deps): bump cryptography (#8625) 
Bumps the pip group with 1 update in the /apps/api/requirements directory: [cryptography](https://github.com/pyca/cryptography).


Updates `cryptography` from 44.0.1 to 46.0.5
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/44.0.1...46.0.5)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.5
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-11 13:06:42 +05:30
sriram veeraghanta
2b6e24d526 chore: merge helpers and layouts (#8624) 
* fix: remove constants and services

* fix: formatting

* chore: merge helpers and layouts

* fix: workspace disbale flag handling
 2026-02-10 22:04:07 +05:30
sriram veeraghanta
7793febcf8 chore: merge constants and services (#8623) 
* fix: remove constants and services

* fix: formatting

* fix: types check
 2026-02-10 21:10:54 +05:30
sriram veeraghanta
06e4a1624c fix: remove ee folder from web (#8622) 2026-02-10 20:01:42 +05:30
Sangeetha
57ce2a5429 [WEB-6149] migration: change estimate point key max value to 50 #8620 2026-02-10 17:07:14 +05:30
sriramveeraghanta
0887cbbda8 chore(deps): update lodash package 2026-02-09 19:26:39 +05:30
M. Palanikannan
e1227f0b58 fix: type fix for description payload (#8619) 
* fix: type fix

* fix: duplicate type fix
 2026-02-09 15:18:09 +05:30
sriramveeraghanta
ea7b30bc9c chore(deps): update the node pacakges 2026-02-09 14:59:33 +05:30
Vipin Chaudhary
dfbd043e50 [WEB-6058] chore : add logic to handle save#8614 2026-02-09 14:53:35 +05:30
sriramveeraghanta
13a679437d chore(deps): upgrade django version 2026-02-09 14:51:53 +05:30
Sangeetha
78729277e8 [SECUR-104] fix: Arbitrary Modification of API Token Rate Limits#8612 2026-02-09 14:50:29 +05:30
Sangeetha
d191615a5e [SECUR-113] fix: ssrf for work item links (#8607) 2026-02-05 15:03:43 +05:30
sriramveeraghanta
587cb3ecfe fix: file fomatting 2026-02-02 18:08:44 +05:30
Bavisetti Narayan
b8d3b3c5eb fix: module percentage calculation (#8595) 2026-01-29 14:48:43 +05:30
sriram veeraghanta
02d0ee3e0f chore: add copyright (#8584) 
* feat: adding new copyright info on all files

* chore: adding CI
 2026-01-27 13:54:22 +05:30
Ship it
66decf6617 fully translated into Ukrainian language (#8579) 2026-01-27 01:29:56 +05:30
Prateek Shourya
32a2584578 [GIT-66] improvement: prevent disabling last enabled authentication method (#8570) 2026-01-27 00:47:37 +05:30
Sangeetha
f7d5200ed8 migration: back migrate all product tour fields to set true (#8575) 2026-01-27 00:47:02 +05:30