Commit Graph
15388 Commits
Author SHA1 Message Date
Andras Bacsai b4e139929e Merge remote-tracking branch 'origin/next' into fix/oauth-email-normalization 2026-04-27 14:56:16 +02:00
Andras Bacsai d0ed4fa4c4 version ++ finally 2026-04-27 09:09:01 +02:00
Andras BacsaiandGitHub 8deb19e5e4 fix(service): rally invalid next public url (#9041) 2026-04-27 09:08:04 +02:00
Andras BacsaiandGitHub e1a295ac6c fix(service): add missing database alteration step for Logto latest image (#9376) 2026-04-27 09:07:53 +02:00
Andras BacsaiandGitHub 5a4f79441c fix(service): Jitsi Meet doesn't work (#9594) 2026-04-27 09:06:57 +02:00
Andras BacsaiandGitHub 349e9289ad fix(service): twenty fails to deploy due to dependency unhealthy (#9603) 2026-04-27 09:06:41 +02:00
Andras BacsaiandGitHub 43b8304e02 feat(service): enable plane (#9641) 2026-04-27 09:06:32 +02:00
Andras BacsaiandGitHub e9a9a32e87 feat(services): add Cap to templates (#9729) 2026-04-27 09:06:09 +02:00
Andras BacsaiandGitHub 3f736b5afd feat(service): add healthcheck to langfuse-worker (#9772) 2026-04-27 09:05:38 +02:00
Andras BacsaiandGitHub 66ce3009a3 chore(service): update beszel to 0.18.7 (#9775) 2026-04-27 09:05:22 +02:00
Andras BacsaiandGitHub d131066701 feat(service): disable calcom (#9776) 2026-04-27 09:04:56 +02:00
Andras Bacsai 968ae97dfc version++ 2026-04-27 09:01:36 +02:00
Andras BacsaiandGitHub 8ef238d19c fix(helper): stop info icon click from propagating to parent on mobile (#9809) 2026-04-26 13:54:59 +02:00
Andras Bacsai 9cd379e737 fix(helper): add Alpine.js click toggle to info helper popup
Replace CSS-only hover with Alpine.js click-based open/close,
including click.outside to dismiss.
2026-04-26 12:55:34 +02:00
Andras Bacsai cad9fc99d6 docs(sponsors): add ParsecPH to Small sponsors 2026-04-26 12:53:45 +02:00
Andras Bacsai 74cc85139f docs(sponsors): add NetRouting to Small sponsors 2026-04-24 22:33:32 +02:00
ShadowArcanist d2b7dfe92a fix(service): remove volume declaration on jitsi 2026-04-24 09:40:01 +05:30
ShadowArcanistandGitHub 424a41dbd0 fix(service): add missing category to jitsi 2026-04-24 09:30:57 +05:30
ShadowArcanistandGitHub cd47711cd0 feat(service): disable calcom
Not maintained anymore by the calcom team
2026-04-24 02:28:08 +05:30
ShadowArcanistandGitHub 5f45deedce chore(service): update beszel-agent to 0.18.7 2026-04-24 02:22:08 +05:30
ShadowArcanistandGitHub b3d6877404 chore(service): update beszel to 0.18.7 2026-04-24 02:21:33 +05:30
ShadowArcanistandGitHub 32ae288a12 fix(service): add port to metadata on plane 2026-04-24 00:12:17 +05:30
Gauthier POGAM--LE MONTAGNER f77fd2161c feat(service): add healthcheck to langfuse-worker 2026-04-23 18:08:40 +02:00
Andras Bacsai c5ce36018c docs(sponsors): add MindedTech to Small sponsors 2026-04-23 14:13:55 +02:00
Andras Bacsai 237313f5c7 docs(sponsors): update PrivateAlps description 2026-04-23 00:17:53 +02:00
ShadowArcanistandGitHub e26d4e39e6 fix(service): add healthcheck on cap-captcha.yaml 2026-04-23 01:07:14 +05:30
ShadowArcanistandGitHub 716c741fff fix(service): pin docker image on cap-captcha.yaml 2026-04-23 01:07:00 +05:30
ShadowArcanistandGitHub d425998476 fix(service): service url variable on cap-captcha.yaml 2026-04-23 01:06:44 +05:30
ShadowArcanistandGitHub ae1a24a83b fix(service): add category on cap-captcha.yaml 2026-04-23 01:06:25 +05:30
ShadowArcanistandGitHub 833f5769e5 fix(service): docs link on cap-captcha.yaml 2026-04-23 01:06:07 +05:30
Andras BacsaiandGitHub 6b00c31ff2 fix(navigation): replace wire:navigate.hover with wire:navigate (#9742) 2026-04-22 20:56:45 +02:00
Andras Bacsai 19767a569b fix(navigation): replace wire:navigate.hover with wire:navigate
Remove hover prefetching variant from SPA navigation helper,
both in the happy path and the exception fallback.
2026-04-22 20:55:09 +02:00
tiago 0c1c5c5831 feat: add Cap to templates 2026-04-22 10:15:18 +01:00
Andras Bacsai 4e561264b4 docs(sponsors): add PrivateAlps to Huge and YouStable to Small sponsors 2026-04-22 08:58:38 +02:00
Andras BacsaiandGitHub e1aac50b74 refactor(validation): tokenize shell-safe command pattern (#9684) 2026-04-20 22:04:36 +02:00
Andras BacsaiandClaude Opus 4.7 817128c5af refactor(validation): tokenize shell-safe command pattern
Replace the flat character-class regex for SHELL_SAFE_COMMAND_PATTERN with
a token-aware alternation. The parser now recognizes explicit tokens
(`&&`, `||`, balanced single/double quotes, whitespace, and an unquoted
safe-char run) instead of a bag of characters, which lets us extend the
accepted grammar without loosening the guarantees.

New surface area, with tests:
- logical OR chaining (`make build || make clean`)
- shell globs and bang (`rm *.tmp`, `cp src/?.js dist/`, `! grep -q foo`)
- single-quoted arguments are now treated as balanced runs rather than
  rejected per-character

Preserved surface area:
- && chaining, balanced "..." and '...' quotes, the previous safe path /
  argument characters, and the existing error-path contract in
  ApplicationDeploymentJob::validateShellSafeCommand().

Also refreshes the user-facing validation messages in General.php so the
allow/deny list shown on failure matches the new grammar.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 22:00:41 +02:00
Andras BacsaiandGitHub 8e22360139 refactor(database): align Postgres SSL chown escaping with MySQL (#9682) 2026-04-20 21:44:02 +02:00
Andras Bacsai f0e955bf45 refactor(database): escape postgres_user in SSL chown command
Apply escapeshellarg() to the Postgres username before interpolating it
into the chown command used to fix SSL certificate ownership, matching
the handling already in place for StartMysql. This keeps the sink-side
escaping consistent across database actions, independent of upstream
input validation.

Also adjusts an assertion in DatabaseSslCredentialEscapingTest to match
the actual double-escaped output of executeInDocker, and adds Postgres
regression cases for subshell and semicolon payloads.
2026-04-20 21:41:48 +02:00
Andras BacsaiandGitHub 1cf6c7d0ae fix(database): tighten Postgres init script filename handling (#9681) 2026-04-20 21:27:56 +02:00
Andras BacsaiandClaude Opus 4.7 a05d4e3a4b fix(database): tighten Postgres init script filename handling
Validate new init-script filenames against path traversal and shell
metacharacters via a new validateFilenameSafe() helper, and harden the
write/delete paths with basename() + escapeshellarg() so legacy rows
still deploy and can be cleaned up without regressions.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 21:26:34 +02:00
Andras BacsaiandGitHub b1a78df58e feat(security): add expiration support for API tokens (#9677) 2026-04-20 14:29:28 +02:00
Andras BacsaiandClaude Opus 4.7 90ddbb3572 feat(security): support expiration on API tokens with warning notifications
Add optional expiration to personal API tokens. Users pick a duration
(1/7/30/60/90 days or Never) at creation time. Expired tokens are
rejected by Sanctum, pruned hourly by sanctum:prune-expired, and a
team notification fires ~24h before expiry so owners can rotate
before API calls start failing.

- ApiTokens Livewire component stores expires_at from expiresInDays
- Rework issued-tokens UI from card grid to table (matches other views)
- New ApiTokenExpirationWarningJob scheduled hourly (idempotent via RateLimiter)
- New ApiTokenExpiringNotification (email/discord/telegram/slack/pushover)
- api_token_expiring added to alwaysSendEvents so users cannot silence
  expiry warnings from the per-event notification toggle UI
- sanctum:prune-expired cadence moved from daily to hourly

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 14:28:38 +02:00
Andras BacsaiandGitHub bff6d85370 fix(database): credential format validation with dirty-value escape hatch (#9676) 2026-04-20 14:24:06 +02:00
Andras Bacsai 40a9881ef2 fix(database): skip credential pattern validation for unchanged values
Pattern enforcement now conditional on field being dirty (changed vs
saved value). Prevents false validation failures when existing records
hold legacy credential formats that pre-date the stricter regex rules.
2026-04-20 13:58:44 +02:00
Andras Bacsai 03313e54cc fix(database): enforce credential format validation and sanitize init/SSL arguments
Add ValidationPatterns helpers for database identifiers and passwords,
apply them across database Livewire components and the API controller,
encode MongoDB init script values via json_encode, and pass the MySQL
user through escapeshellarg when generating SSL chown commands.
2026-04-20 13:58:36 +02:00
Andras Bacsai 2264a2ef76 docs(tests): replace advisory ID with descriptive comment in healthcheck injection test 2026-04-20 13:28:55 +02:00
Andras BacsaiandGitHub b74f54302b fix(database): mount guard, healthcheck CMD exec-form, port input layout (#9674) 2026-04-20 13:18:27 +02:00
Andras Bacsai 1002d211d0 style(database): wrap public port inputs in flex-col gap-2 container
Add wrapper div around publicPort and publicPortTimeout inputs across
all database general settings views for consistent vertical spacing.
2026-04-20 13:17:15 +02:00
Andras Bacsai 64753b4136 fix(database): prevent command injection in healthcheck via CMD exec-form
Replace CMD-SHELL string interpolation with CMD exec-form arrays in
healthcheck configs for PostgreSQL, Dragonfly, KeyDB, and ClickHouse.

CMD-SHELL passes the string to /bin/sh -c, allowing command injection
through user-controlled fields (username, password, dbname). CMD
exec-form bypasses the shell entirely — each value is a discrete argv
element.

Fixes GHSA-gvc4-f276-r88p.

Adds regression tests covering semicolon, pipe, backtick, $(),
background operator, redirect, newline, and null-byte injection vectors.
2026-04-20 13:17:15 +02:00
Andras Bacsai 245c6a18c8 Merge remote-tracking branch 'origin/next' into fix/empty-db-custom-config-mount 2026-04-20 13:15:57 +02:00