Commit Graph

11199 Commits

Author SHA1 Message Date
Saurabh Pardeshi 0009f91d2a feat(editor): add "Copy as Markdown" option in context & export menus (#14705)
- Allow users to select text and copy it as Markdown via the context
menu
- Add "Copy as Markdown" under Export menu to copy entire document to
clipboard

Fixes #12983

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added "Copy as Markdown" to the toolbar clipboard More menu for
selected content.
* Added "Copy as Markdown" to the page export menu to copy entire pages
as Markdown.

* **Behavior**
* Export flow now returns success/failure so the UI shows a dedicated
success or error notification for clipboard exports.

* **Localization**
  * Added strings for "Copy as Markdown" and "Copied as Markdown".
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Whitewater <me@waterwater.moe>
Co-authored-by: lawvs <18554747+lawvs@users.noreply.github.com>
2026-04-18 20:39:20 +08:00
renovate[bot] f7d0f1d5ae chore: bump up Node.js to v22.22.2 (#14836)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [node](https://nodejs.org)
([source](https://redirect.github.com/nodejs/node)) | patch | `22.22.1`
→ `22.22.2` |

---

### Release Notes

<details>
<summary>nodejs/node (node)</summary>

###
[`v22.22.2`](https://redirect.github.com/nodejs/node/compare/v22.22.1...v22.22.2)

[Compare
Source](https://redirect.github.com/nodejs/node/compare/v22.22.1...v22.22.2)

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/toeverything/AFFiNE).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMjMuOCIsInVwZGF0ZWRJblZlciI6IjQzLjEyMy44IiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-04-17 23:59:24 +08:00
renovate[bot] 0849b342fa chore: bump up dompurify version to v3.4.0 [SECURITY] (#14833)
This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [dompurify](https://redirect.github.com/cure53/DOMPurify) | [`3.3.3` →
`3.4.0`](https://renovatebot.com/diffs/npm/dompurify/3.3.3/3.4.0) |
![age](https://developer.mend.io/api/mc/badges/age/npm/dompurify/3.4.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/dompurify/3.3.3/3.4.0?slim=true)
|

### GitHub Vulnerability Alerts

####
[GHSA-39q2-94rc-95cp](https://redirect.github.com/cure53/DOMPurify/security/advisories/GHSA-39q2-94rc-95cp)

## Summary
In `src/purify.ts:1117-1123`, `ADD_TAGS` as a function (via
`EXTRA_ELEMENT_HANDLING.tagCheck`) bypasses `FORBID_TAGS` due to
short-circuit evaluation.

The condition:
```
!(tagCheck(tagName)) && (!ALLOWED_TAGS[tagName] || FORBID_TAGS[tagName])
```
When `tagCheck(tagName)` returns `true`, the entire condition is `false`
and the element is kept — `FORBID_TAGS[tagName]` is never evaluated.

## Inconsistency
This contradicts the attribute-side pattern at line 1214 where
`FORBID_ATTR` explicitly wins first:
```
if (FORBID_ATTR[lcName]) { continue; }
```
For tags, FORBID should also take precedence over ADD.

## Impact
Applications using both `ADD_TAGS` as a function and `FORBID_TAGS`
simultaneously get unexpected behavior — forbidden tags are allowed
through. Config-dependent but a genuine logic inconsistency.

## Suggested Fix
Check `FORBID_TAGS` before `tagCheck`:
```
if (FORBID_TAGS[tagName]) { /* remove */ }
else if (tagCheck(tagName) || ALLOWED_TAGS[tagName]) { /* keep */ }
```

## Affected Version
v3.3.3 (commit 883ac15)

##### Severity
- CVSS Score: 5.3 / 10 (Medium)
- Vector String:
`CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N`

---

### Release Notes

<details>
<summary>cure53/DOMPurify (dompurify)</summary>

###
[`v3.4.0`](https://redirect.github.com/cure53/DOMPurify/releases/tag/3.4.0):
DOMPurify 3.4.0

[Compare
Source](https://redirect.github.com/cure53/DOMPurify/compare/3.3.3...3.4.0)

**Most relevant changes:**

- Fixed a problem with `FORBID_TAGS` not winning over `ADD_TAGS`, thanks
[@&#8203;kodareef5](https://redirect.github.com/kodareef5)
- Fixed several minor problems and typos regarding MathML attributes,
thanks [@&#8203;DavidOliver](https://redirect.github.com/DavidOliver)
- Fixed `ADD_ATTR`/`ADD_TAGS` function leaking into subsequent
array-based calls, thanks
[@&#8203;1Jesper1](https://redirect.github.com/1Jesper1)
- Fixed a missing `SAFE_FOR_TEMPLATES` scrub in `RETURN_DOM` path,
thanks [@&#8203;bencalif](https://redirect.github.com/bencalif)
- Fixed a prototype pollution via `CUSTOM_ELEMENT_HANDLING`, thanks
[@&#8203;trace37labs](https://redirect.github.com/trace37labs)
- Fixed an issue with `ADD_TAGS` function form bypassing `FORBID_TAGS`,
thanks [@&#8203;eddieran](https://redirect.github.com/eddieran)
- Fixed an issue with `ADD_ATTR` predicates skipping URI validation,
thanks [@&#8203;christos-eth](https://redirect.github.com/christos-eth)
- Fixed an issue with `USE_PROFILES` prototype pollution, thanks
[@&#8203;christos-eth](https://redirect.github.com/christos-eth)
- Fixed an issue leading to possible mXSS via Re-Contextualization,
thanks
[@&#8203;researchatfluidattacks](https://redirect.github.com/researchatfluidattacks)
and others
- Fixed a problem with the type dentition patcher after Node version
bump
- Fixed freezing BS runs by reducing the tested browsers array
- Bumped several dependencies where possible
- Added needed files for OpenSSF scorecard checks

**Published Advisories are here:**

<https://github.com/cure53/DOMPurify/security/advisories?state=published>

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - ""
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/toeverything/AFFiNE).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMjAuMiIsInVwZGF0ZWRJblZlciI6IjQzLjEyMC4yIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-04-16 19:53:00 +08:00
renovate[bot] dc3b95c886 chore: bump up Rust crate rand to v0.9.3 [SECURITY] (#14832)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [rand](https://rust-random.github.io/book)
([source](https://redirect.github.com/rust-random/rand)) | dependencies
| patch | `0.9.1` → `0.9.3` |
| [rand](https://rust-random.github.io/book)
([source](https://redirect.github.com/rust-random/rand)) |
workspace.dependencies | patch | `0.9.2` → `0.9.3` |

### GitHub Vulnerability Alerts

####
[GHSA-cq8v-f236-94qc](https://redirect.github.com/rust-random/rand/pull/1763)

It has been reported (by @&#8203;lopopolo) that the `rand` library is
[unsound](https://rust-lang.github.io/unsafe-code-guidelines/glossary.html#soundness-of-code--of-a-library)
(i.e. that safe code using the public API can cause Undefined Behaviour)
when all the following conditions are met:

- The `log` and `thread_rng` features are enabled
- A [custom
logger](https://docs.rs/log/latest/log/#implementing-a-logger) is
defined
- The custom logger accesses `rand::rng()` (previously
`rand::thread_rng()`) and calls any `TryRng` (previously `RngCore`)
methods on `ThreadRng`
- The `ThreadRng` (attempts to) reseed while called from the custom
logger (this happens every 64 kB of generated data)
- Trace-level logging is enabled or warn-level logging is enabled and
the random source (the `getrandom` crate) is unable to provide a new
seed

`TryRng` (previously `RngCore`) methods for `ThreadRng` use `unsafe`
code to cast `*mut BlockRng<ReseedingCore>` to `&mut
BlockRng<ReseedingCore>`. When all the above conditions are met this
results in an aliased mutable reference, violating the Stacked Borrows
rules. Miri is able to detect this violation in sample code. Since
construction of [aliased mutable references is Undefined
Behaviour](https://doc.rust-lang.org/stable/nomicon/references.html),
the behaviour of optimized builds is hard to predict.

Affected versions of `rand` are `>= 0.7, < 0.9.3` and `0.10.0`.

##### Severity
Low

---

### Release Notes

<details>
<summary>rust-random/rand (rand)</summary>

###
[`v0.9.3`](https://redirect.github.com/rust-random/rand/compare/0.9.2...0.9.3)

[Compare
Source](https://redirect.github.com/rust-random/rand/compare/0.9.2...0.9.3)

###
[`v0.9.2`](https://redirect.github.com/rust-random/rand/blob/HEAD/CHANGELOG.md#092---2025-07-20)

[Compare
Source](https://redirect.github.com/rust-random/rand/compare/0.9.1...0.9.2)

##### Deprecated

- Deprecate `rand::rngs::mock` module and `StepRng` generator
([#&#8203;1634](https://redirect.github.com/rust-random/rand/issues/1634))

##### Additions

- Enable `WeightedIndex<usize>` (de)serialization
([#&#8203;1646](https://redirect.github.com/rust-random/rand/issues/1646))

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - ""
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/toeverything/AFFiNE).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMjAuMiIsInVwZGF0ZWRJblZlciI6IjQzLjEyMC4yIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-04-16 19:52:25 +08:00
Abdul Rehman 1d66e7e8ca fix(editor): allow hyperlink clicks in locked edgeless text blocks (#14829)
Fixes #14673

## Summary

When an edgeless text block is locked, `pointer-events: none` on the
inner content div (`edgeless-text-block.ts:308`) blocks all mouse
interaction — including clicking hyperlinks. Locking is intended to
prevent accidental edits, not to block navigation, so links should
remain clickable.

## Fix

Apply a `locked-content` class on the inner div when the block is locked
and not being edited, and add a targeted CSS rule restoring
`pointer-events: auto` on anchor elements within locked content.

## Context

Re-implements the fix from PR #14692 (authored by @moktamd, reverted per
@darkskygit's comment on #14673 because the original contributor had not
signed the CLA). The CLA is signed for this PR.

## Test plan

- [ ] On edgeless canvas, create a text block with a hyperlink (e.g.
`[link](https://affine.pro)`)
- [ ] Lock the block via the shape toolbar
- [ ] Hover the link → cursor shows pointer
- [ ] Click the link → navigation occurs
- [ ] Unlock and confirm editing still works as before

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Links within locked text blocks are now interactive and clickable with
proper visual cursor feedback.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-15 17:31:48 +08:00
Hana B c5b0057778 fix(core): resolve remaining untranslated doc title case in detail page header (#14820)
fix #14735

This PR fixes a remaining desktop case related to #14467.

The previous fix resolved incorrect translation in navigation panels,
but the detail page header tab title was still passing custom document
titles through `i18n.t()`, causing user-defined titles to be
unexpectedly translated.

### Results


https://github.com/user-attachments/assets/4abad3b9-d5d7-442f-b643-6d9ea63fa741

After:
<img width="2100" height="1722" alt="After"
src="https://github.com/user-attachments/assets/0770eae2-e5c5-4816-8d53-e40a4b52800c"
/>

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Refactor**
* Updated page title retrieval mechanism in workspace detail page
headers. The title is now sourced directly from the document display
metadata service instead of using the previous derivation method.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-15 14:49:41 +08:00
DarkSky a109f069b0 chore: bump deps 2026-04-10 11:46:14 +08:00
DarkSky 0b4d25f332 chore: improve test stability 2026-04-09 13:11:36 +08:00
DarkSky c6a99eb9cb chore: bump deps (#14810)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Chores**
* Updated developer tooling dependencies used for local testing to newer
patch versions for improved stability.
* Bumped backend framework and related packages to newer patch releases
to address fixes and maintain compatibility.
* No functional or public API changes; updates are non-breaking
dependency version bumps.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-09 12:41:38 +08:00
DarkSky 77657a697b feat(mobile): improve notify for login failed 2026-04-09 11:35:15 +08:00
gogo199432 eb953c0565 fix(android): route OAuth deep link to correct server's AuthService (#14809)
Porting over iOS fix for self-hosted SSO to Android from #11563.

Fixes #12819

Tested on own instance using Authentik.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Android authentication now supports an optional server parameter in
the callback URL, enabling sign-in against different server instances.
* If the specified server cannot be found, the authentication attempt is
halted and an error is reported.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
2026-04-09 11:30:34 +08:00
Cats Juice 77c0b2ef47 fix: prevent IME preedit overflow in mind map node editor (#14520)
## Summary

Update the edgeless shape text editor to resize mind map node text
bounds while IME composition is in progress.

## Changes

- listen to `compositionupdate` on the inline editor container
- trigger `_updateElementWH()` on `compositionupdate` and
`compositionend`
- keep text box dimensions in sync before composition is committed

## Testing

- Not run locally: `pnpm` is not available in this environment, so
package build/tests could not be executed here.

Fixes #11515


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Editor mounting tolerates missing/null elements and validates input to
avoid errors.
* Text creation/update consistently targets the refreshed element to
prevent mismatches.
* Inline editor listens for IME composition events and schedules
layout/size recalculation (with proper cleanup) so sizing stays in sync.

* **Tests**
* Added an integration test verifying layout/size updates during IME
composition events.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com>
Co-authored-by: DarkSky <darksky2048@gmail.com>
2026-04-09 11:25:55 +08:00
DarkSky 7138fea9db fix: test stability 2026-04-09 11:21:25 +08:00
Ahsan Khaleeq 156cfc7e76 fix(core): improve table header sorting logic in processTable function (#14797)
Bug Resolved
#14795


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Made row and column sorting deterministic when items share the same
order value, reducing unexpected cell shifts.
* Adjusted comparator behavior to preserve tied-order grouping, which
may change displayed column/row sequence in edge cases.
* Improved consistency of table rendering and cell placement across
refreshes and edits.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
v2026.4.7-canary.925
2026-04-06 19:33:53 +00:00
Whitewater 2ca4973167 fix(editor): make repeated "Cancel line number" clicks work in code blocks (#14804)
Fixes #13555


https://github.com/user-attachments/assets/12e55c21-080c-4c69-9780-893ccad25b45

## Summary
- make the code block More popup reactive to `wrap` and `lineNumber`
prop updates
- read the latest toggle state at click time so same-menu double toggles
do not reuse stale closures
- add e2e coverage for wrap and line number toggling twice without
closing the More menu

## Bug Reason
- the code block More popup was rendered as a static portal, so it
stayed open without re-rendering after the first toggle
- the `Cancel line number` and `Wrap` menu actions captured render-time
state in their click handlers
- after the first click updated the model, a second click in the same
open menu reused stale state and wrote the same value again, so nothing
changed visually

## Testing
- yarn workspace @affine-test/blocksuite test e2e/code/crud.spec.ts

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Menu toggles now read and update the current wrap and line-number
states reliably.

* **Refactor**
* Replaced inline popup rendering with a dedicated more-menu component
for the code toolbar.

* **Style**
* Prevented text selection on menu action elements for smoother
interaction.

* **Tests**
  * Added e2e tests for wrap and line-number toggle flows.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-06 19:18:15 +00:00
DarkSky a1ae7d11a3 feat(core): add integration panel test 2026-04-07 02:12:02 +08:00
Jasper Zeng f41bc2d5c3 fix(editor): restore grouped manual ordering for kanban and arrange (#14630)
Fixes #14531, where mannual vertical order is broken [Root
Cause](https://github.com/toeverything/AFFiNE/issues/14531#issuecomment-4052422436)

- Restored manual row/card sorting when building grouped kanban data.
- Reapplied `sortRow(...)` to each group before rendering `group.rows`.
- Fixed group/board arrange to reorder from the full group list,
including hidden or empty groups.
- Preserved consistent ordering between the settings panel and persisted
`groupProperties`.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Refactor**
* Consolidated internal grouping and sorting logic to ensure consistent
ordering across grouped views; visible behavior unchanged.
* Moving groups or cards now uses a single, consistent ordering approach
to avoid intermittent ordering differences.
* **Tests**
* Added tests to verify manual per-group card order is applied and
preserved when moving cards between groups.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: DarkSky <darksky2048@gmail.com>
2026-04-07 02:09:05 +08:00
chauhan_s e3391c0577 feat: redirect account click & OAuth to Calendar settings (#14693)
### PR Description

* clicking a linked calendar account now switches settings to Workspace
Integrations and opens the Calendar settings directly
* calendar OAuth returns now land on Workspace Integrations with the
Calendar settings opened instead of the homepage
* Improves UX by reducing friction when managing calendar integrations

https://www.loom.com/share/49fa5c448ce049659877beb42d7bd81a


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Calendar integration settings can now be opened automatically
(including from OAuth redirects) and workspace settings support a
scroll-to-anchor.
* Integration account rows are now clickable for quick access to
settings.

* **Improvements**
* Enhanced visual feedback with interactive hover and focus states for
integration controls.

* **Tests**
* Added tests covering the OAuth redirect behavior and workspace
settings scroll/open handling.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: DarkSky <darksky2048@gmail.com>
2026-04-07 02:08:36 +08:00
DarkSky 5806ad8a3a fix(server): online and storage statistics (#14792)
#### PR Dependency Tree


* **PR #14792** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Admin dashboard returns more accurate sync and storage timelines with
carry‑forwarded minute buckets and corrected current totals.

* **Bug Fixes**
* Active-user flushes are debounced/scheduled to prevent overlapping
writes and reduce stale counts.
* Snapshot writes now retry and will skip gracefully when lock
contention prevents completion, avoiding partial snapshots.

* **Tests**
* New e2e tests cover carry‑forward behavior, no backfill outside
requested windows, and storage history accuracy.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-07 02:08:13 +08:00
DarkSky 193ec14ad3 feat(server): synthetic root doc (#14794) v2026.4.6-canary.929 2026-04-06 17:16:34 +08:00
DarkSky 64149d909a feat: follow publish mode if no params 2026-04-05 20:43:09 +08:00
chauhan_s f81abe692d fix(core): shared page mode syncing (#14756)
### Summary
This fixes a few inconsistencies in shared page behavior:
fixes https://github.com/toeverything/AFFiNE/issues/14751
- shared pages now open in the correct published mode when the URL does
not already include ?mode=...
- switching between page and edgeless in shared mode now keeps the URL
query param in sync
- the default Copy Link action now follows the current editor mode
- shared viewers can toggle between page and edgeless mode in readonly
share pages

---

### What Changed
- updated shared page mode resolution to prefer URL mode, with backend
publish mode as fallback
- added query-param syncing for shared page mode changes
- made the default share link copy use:
  - page link in page mode
  - edgeless link in edgeless mode
- allowed EditorModeSwitch to toggle both ways in shared mode
- extracted shared-mode behavior into small hooks to keep share-page.tsx
cleaner

---

### Demo

https://www.loom.com/share/a287172321fb4fc5b94f7c67a39298a9


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Mode switching between page and edgeless no longer blocked by shared
gating; shared pages initialize and respect the resolved editor mode.
* Shared page URLs stay in sync with editor mode and copy-link actions
include/preserve the selected mode.

* **Tests**
* Added tests for publish-mode resolution, query-string mode handling,
and default share-mode behavior.

* **Bug Fixes**
  * Updated shared-page “not found” UI text to match new messaging.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com>
2026-04-05 20:20:58 +08:00
Xuan4781 aa48c1c18b fix: audio waveform clipping in horizontal card view (#14789)
Fixes #13399

### Issue
When viewing an audio attachment card in horizontal view, the waveform 
was being clipped and not fully visible. In vertical view it displayed 
correctly.

### Fix
- `audio-waveform` and `progressContainer` flex children were missing 
  `minWidth: 0` and `flex: 1`, causing container overflow
- `.affine-attachment-container` had a fixed height with `overflow:
hidden`
  that cut off the waveform row

### Screenshot Verification
**Before**
<img width="1661" height="935" alt="image"
src="https://github.com/user-attachments/assets/b2f0908b-94fe-4869-bdfb-cc6a757e703d"
/>

**After**
<img width="750" height="182" alt="image"
src="https://github.com/user-attachments/assets/63caac69-f37b-4894-80de-806b691581c8"
/>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

**New Features**
- Introduced audio embed card functionality allowing users to embed and
display audio content directly in documents with standardized dimensions
and improved responsive layout styling for better visual presentation
and integration.

**Improvements**
- Enhanced styling and layout handling for audio player components to
ensure proper display and optimal rendering in various container sizes
and space constraints.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
v2026.4.5-canary.916
2026-04-05 17:35:39 +08:00
Ahsan Khaleeq 3219b82827 fix(core): hotkey option+cmd+c for Code Block (#14790)
This PR fixes #14755 bug

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Fixed keyboard shortcut handling to properly distinguish between
locale input characters and actual shortcuts when using Alt+Meta key
combinations.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-05 17:21:23 +08:00
DarkSky b0cc2fd389 feat(editor): improve dated doc creation (#14791)
#### PR Dependency Tree


* **PR #14791** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)
2026-04-05 17:16:31 +08:00
chauhan_s 558400b7db feat: add auto-date titles for new documents (#14716)
## Summary

Adds an Editor setting to automatically title blank new documents with
the current date.
fixes https://github.com/toeverything/AFFiNE/issues/14709
https://www.loom.com/share/953b4eafcfb247839e977dca6f457229

## What Changed

- Added `Auto-title new docs with current date` under Editor settings
- Added `New doc date format`, shown only when auto-title is enabled
- Supported formats:
  - `DD-MM-YYYY`
  - `MM-DD-YYYY`
  - `YYYY-MM-DD`
  - `Journal style (localized)`
- Kept titles unique by appending duplicate-style suffixes:
  - `2026-03-24`
  - `2026-03-24(2)`
  - `2026-03-24(3)`

## Behavior

- Only applies to blank new docs
- Does not override explicitly provided titles
- Uses the existing journal-style localized formatter for the localized
option

## Implementation Notes

- Extended editor setting schema with:
  - `autoTitleNewDocWithCurrentDate`
  - `newDocDateTitleFormat`
- Added a helper for generating unique date-based titles
- Wired title generation into doc creation middleware
- Synced created titles into doc metadata so uniqueness works
consistently

## Tests

- Added unit coverage for:
  - date title formatting
  - duplicate suffix generation
  - doc creation middleware behavior
  - settings UI behavior


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* General settings: toggle to auto-insert current date into new document
titles; selectable formats: DD-MM-YYYY, MM-DD-YYYY, YYYY-MM-DD, and
localized "journal". Date-format chooser appears only when enabled.

* **Behavior**
* Blank new-docs are auto-populated per chosen format; user-provided
titles are preserved. Auto-generated titles avoid collisions by
appending incrementing suffixes.

* **Localization**
* Added translations for the setting, description, format chooser, and
all format labels.

* **Tests**
* Added UI and unit tests covering formatting, uniqueness, middleware
behavior, and interaction.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-05 17:10:01 +08:00
DarkSky fc5329a1be fix(server): skip watch for external cal (#14788)
#### PR Dependency Tree


* **PR #14788** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Calendar subscriptions now gracefully fall back to polling when push
notifications aren’t supported, keeping syncs working.
* Affected subscriptions have webhook details cleared and are marked
with a long-lived expiration to avoid repeated webhook attempts.
* Prevents repeated retries for unsupported push channels, reducing
unnecessary errors and retries.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-05 16:47:25 +08:00
DarkSky 547ab47a5e chore: improve ci (#14787) 2026-04-05 13:59:32 +08:00
DarkSky fee0cfa3f4 chore: bump deps (#14785)
#### PR Dependency Tree


* **PR #14785** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Chores**
  * Updated error-tracking SDK versions across frontend packages.
* Upgraded Electron build toolchain and front-end build plugins for
improved compatibility.
* Replaced a SWC-based React plugin with the standard React Vite plugin.
  * Removed unused development dependencies from CLI tooling.
  * Bumped a Rust workspace dependency to a patch release.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-05 12:25:18 +08:00
DarkSky ffc27af3ba fix(server): update version check (#14784)
fix #14780


#### PR Dependency Tree


* **PR #14784** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Release Notes

* **Bug Fixes**
* Improved upgrade availability detection to properly compare semantic
versions, including support for prerelease and canary versions. The
system now accurately identifies when new versions are available,
ensuring users receive timely update notifications.

* **Tests**
* Added comprehensive unit tests for version comparison and upgrade
detection functionality.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-05 10:56:05 +08:00
DarkSky d975bf46fb feat(server): improve calendar sync queue (#14783)
#### PR Dependency Tree


* **PR #14783** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
  * Configurable request timeout for calendar integrations.
* Calendar polling now enqueues per-subscription sync jobs (larger
batch) for improved throughput.

* **Bug Fixes / Improvements**
* Persisted next-sync timestamps and retry counts for more reliable
scheduling and retry behavior.
* Exponential backoff and webhook renewal now update scheduling
consistently.

* **Refactor**
* Calendar sync flow moved to a job-queue-driven design for better
concurrency and observability.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-05 10:52:18 +08:00
chauhan_s bfcf7fc2ba fix: close docs bulk toolbar after delete (#14711)
### Before 
https://www.loom.com/share/a626b23f29cb4a48b33d721341d734f8

### After

https://www.loom.com/share/0c88ef4f92ac470fbb76608e2de43fa7


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Fixed floating toolbar remaining visible after deleting multiple
documents via the confirmation dialog so it reliably closes when
deletion completes.

* **Tests**
* Added end-to-end checks to verify the floating toolbar is dismissed
after multi-item and “select all” deletions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com>
2026-04-04 23:51:21 +08:00
DarkSky 5a6c65085a feat(mobile): adapt new endpoint (#14778)
#### PR Dependency Tree


* **PR #14778** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)
2026-04-04 20:39:42 +08:00
DarkSky 4be0cba9b5 chore(server): db health check (#14779)
#### PR Dependency Tree


* **PR #14779** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Chores**
* Added conditional init checks to service deployments and jobs to wait
for the database proxy before starting
* Exposed a new health port (9801) for the database proxy to enable
readiness probing

* **Tests**
  * Minor test reordering and formatting changes (no behavioral changes)
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-04 00:09:37 +08:00
Hana B afea9121cf fix: save column header edits when pressing Enter (#14775)
## The Fix

Fixes #14744.

Updated the menu input Enter key behavior so that pressing Enter now
saves the edited database column header name and closes the menu
immediately.

This reuses the existing `blur()` save flow, keeping the behavior
consistent with clicking outside the input.

The Tab key behavior remains unchanged and still saves through the
existing blur flow.

## Video Demonstration

### After


https://github.com/user-attachments/assets/820a7c41-cae5-477c-8b65-b0667e0ce82b

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Improved keyboard handling in context menu input to properly blur the
input field when pressing Enter, ensuring cleaner interaction behavior.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-03 20:18:58 +08:00
DarkSky 3912d8d74d fix: lint 2026-04-03 20:10:44 +08:00
DarkSky d3ec008b0c chore: bump deps (#14777)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Migration and config commands now feature interactive prompts for
required inputs.

* **Bug Fixes**
  * Enhanced error handling in CLI operations.

* **Chores**
  * Updated GraphQL Code Generator toolchain to v6.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-03 19:36:18 +08:00
Vitaly Barakov d0607b5ce7 chore(i18n): improve RU translate (#14718)
improve RU translate

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Improvements**
  * Enhanced Russian language support across the application.
* Updated messaging for self-hosted installations and workspace
licensing.
* Added Russian text for document analytics UI, including metrics and
viewer information.
* Added Russian text for workspace sharing controls and calendar
integration features.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-03 10:53:02 +08:00
DarkSky 8ca3f2d53d fix(core): settings i18n refresh (#14760)
replace #14758


#### PR Dependency Tree


* **PR #14760** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Enhanced language switching to ensure the settings dialog properly
reflects language changes when users update their language preference.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-03 03:37:49 +08:00
DarkSky 0da32d61ae fix(server): race condition for sync (#14770)
#### PR Dependency Tree


* **PR #14770** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Release Notes

* **New Features**
* Implemented batch processing for calendar synchronization to improve
performance and resource utilization.
* Added distributed locking to prevent concurrent operations in
multi-instance environments.

* **Bug Fixes**
* Improved reliability by preventing duplicate synchronization attempts.

* **Tests**
  * Enhanced test coverage for batch processing and locking mechanisms.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-03 03:37:09 +08:00
DarkSky 233004f867 chore: bump oxlint & enable more supported rules (#14769) 2026-04-03 03:36:52 +08:00
sanabriageorge cdadf8588a fix(core): nested numbered list order (#14764)
## The Fix ##
Fixes #13396. The issue happened because 'doc.getPrev(model)' returns
previous node based in document order instead of previous sibling within
list level. This caused nested list items to inherit the numbering from
their parent rather than restarting. The fix ensures that numbering is
calculated relative to correct list context.

## Video Demonstration ##
### Before ###

https://github.com/user-attachments/assets/9523209a-93d9-4984-aa9e-149ac1941036

### After ###

https://github.com/user-attachments/assets/ff28b166-3572-4536-9893-0ab5c05c8d9f






<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
  * Enhanced numbered list ordering logic for improved list handling.

* **Chores**
* Updated environment configuration template with active sample values
for database connectivity, caching services, AI integrations, and email
delivery settings.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-02 20:06:25 +08:00
chauhan_s 8c07ea2a0e fix: allow PDF preview on readonly public pages (#14761)
fixes https://github.com/toeverything/AFFiNE/issues/14727

https://www.loom.com/share/dfcd558332404896b3e02aad97b18f02

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
  * PDF attachments can now be previewed in read-only documents.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-01 19:12:14 +08:00
DarkSky 91ad783973 fix(test): e2e stability (#14749)
#### PR Dependency Tree


* **PR #14749** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Improved link preview reliability by updating request identification
to better match modern browsers.
* **Tests**
* Made end-to-end and integration tests deterministic and more robust,
improving AI chat, image generation, attachment handling, settings
visibility, and editor flows.
* **Chores**
* Updated underlying tooling versions to enhance stability and
compatibility.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
v2026.3.30-canary.932
2026-03-29 23:26:15 +08:00
DarkSky 9ca520a81f feat(core): auto scroll for chat panel (#14748)
#### PR Dependency Tree


* **PR #14748** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Enhanced auto-scroll behavior for AI chat messages—the chat now
intelligently pauses auto-scrolling when you manually scroll away and
resumes when you scroll back near the bottom.
* Auto-scroll now pauses when expanding or collapsing AI tool results
and document edits.

* **Tests**
* Added unit tests for AI chat message scroll behavior and interactions.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-29 22:17:10 +08:00
DarkSky 64f385817d feat(server): add perf metrics for apply update (#14736)
#### PR Dependency Tree


* **PR #14736** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Enhanced Kubernetes deployment health check configurations with
explicit timeout, period, failure threshold, and success threshold
settings for improved reliability.
* Improved document synchronization infrastructure with enhanced codec
comparison and merge update capabilities for better data consistency
handling.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-27 19:50:53 +08:00
chauhan_s 9cf98d9345 fix: restore kanban scroll in fullscreen mode (#14708)
fixes #14679

This fixes a layout issue where Kanban boards stopped horizontally
scrolling in fullscreen/full-width page mode.

https://github.com/user-attachments/assets/375fb8f7-3652-4207-8f9c-ee4cdae881ad


The root cause was not in the Kanban view itself, but in the page-mode
viewport wrapper. In fullscreen mode, the editor expands to full width,
and the existing display: table wrapper caused the outer editor
container to size from Kanban content instead of the viewport. That
prevented the Kanban scroller from owning horizontal overflow correctly.

### What changed
Keep the fullscreen editor wrapper constrained to the viewport width
Override the page-mode viewport content wrapper from display: table to
display: block only when a fullscreen editor is present
Leave the default/non-fullscreen layout behavior unchanged
### Why this works
With the outer fullscreen wrapper locked to viewport width, horizontal
overflow stays inside the Kanban view, so its existing overflow-x:
scroll behavior works again.



<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Improved full-screen editor layout rendering to ensure proper width
and display constraints are applied correctly in full-screen mode.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-27 02:18:55 +08:00
chauhan_s a617da99e2 fix: iCloud CalDAV discovery fallback and resolve calendarsCount in GraphQL (#14728)
fixes #14696

iCloud was returning 400 Bad Request for /.well-known/caldav, which
caused AFFiNE to fail before reaching the actual CalDAV endpoints. This
change makes discovery fall back to the base CalDAV URL for that case,
which lets the iCloud account link flow continue successfully.

This also adds a GraphQL field resolver for
CalendarAccountObjectType.calendarsCount. The field is requested by the
frontend, but some mutation return paths were returning a raw account
object without that computed value, which caused GraphQL to fail on a
non-null field.

---

### Why this was needed

iCloud rejected the standard well-known discovery probe with 400, even
though the rest of the CalDAV flow worked.
calendarsCount is a computed field used by the frontend, so it should be
resolved by GraphQL rather than manually attached in individual service
methods.

---

### How to test

Generate an Apple app-specific password: [Apple
Support](https://support.apple.com/en-gb/102654)
In AFFiNE, add an iCloud CalDAV account using:
your Apple Account email
the new app-specific password
Confirm the account links successfully and calendars load without the
previous GraphQL error.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
  * Calendar accounts now display the total number of calendars.

* **Bug Fixes**
* Enhanced calendar discovery process to handle additional HTTP error
conditions.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-27 02:16:25 +08:00
DarkSky a41c5e4366 feat: adapt cloudflare worker ai (#14732)
#### PR Dependency Tree


* **PR #14732** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Cloudflare Workers AI added as a Copilot provider (configurable in
admin settings).
  * Gemini 3.1 Flash Lite Preview model made available.

* **Behavior Changes**
* Reranking now uses a different default model identifier (affects
relevancy scores).

* **Tests**
* Rerank tests adjusted to focus on the updated model and expected
results.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-27 02:15:49 +08:00
DarkSky 5b05c5a1b2 feat(server): refactor record schema (#14729)
#### PR Dependency Tree


* **PR #14729** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Transcriptions now produce structured meeting summaries (strict JSON)
and a normalized, speaker‑tagged, non‑overlapping transcript with legacy
projection support.

* **API**
* Submission accepts richer transcription input; results return
source‑audio metadata, slice manifest, quality indicators, normalized
segments/transcript, and structured summary JSON.

* **Frontend**
* Recording flow stores transcription metadata and uploads preprocessed
audio slices with slice/quality info; UI-side result normalization
applied.

* **Tests**
* Expanded unit, contract, and e2e coverage for normalization, payload
parsing, persistence/retry, and end‑to‑end transcription flows.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-26 21:32:36 +08:00