mirror of
https://github.com/toeverything/AFFiNE.git
synced 2026-02-13 04:48:53 +00:00
d272c4342d6afe23d0d605de8264fb96783b262d
10738 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Cats Juice
|
d272c4342d |
feat(core): replace emoji-mart with affine icon picker (#13644)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Unified icon picker with consistent rendering across the app. - Picker can auto-close after selection. - “Remove” now clears the icon selection. - Refactor - Icon handling consolidated across editors, navigation, and document titles for consistent behavior. - Picker now opens on the Emoji panel by default. - Style - Adjusted line-height and selectors for icon picker visuals. - Chores - Removed unused emoji-mart dependencies. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
DarkSky
|
c540400496 |
feat(server): allow drop session (#13650)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Ensures deleted sessions and their messages are consistently cleaned up, preventing lingering pinned or partially removed items. * **Refactor** * Streamlined session cleanup into a single bulk operation for improved reliability and performance during deletions. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
EYHN
|
54498df247 |
feat(ios): upgrade button in setting (#13645)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Added a Subscription section in Mobile Settings (for signed-in users) with plan info and an Upgrade button that opens the native paywall. - Supports showing “Pro” and “AI” paywalls. - Integrated native paywall provider on iOS. - Style - Introduced new styling for the subscription card, content, and button. - Localization - Added English strings for subscription title, description, and button. - Chores - Minor iOS project cleanup and internal wiring to enable the paywall module. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
DarkSky
|
3f9d9fef63 |
fix(server): rcat event sync (#13648)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Subscriptions now include an explicit "trial" flag so trialing users are identified and treated correctly. - Bug Fixes - More robust handling when webhook fields are missing or null. - Improved family-sharing detection to avoid incorrect async processing. - Refactor - Status determination and store resolution simplified to rely on subscription data rather than event payloads. - Tests - Test fixtures updated to include trial and store details for accuracy. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Lakr
|
7a90e1551c |
fix(ios): complete iap user interface (#13639)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - In-app purchases fully integrated for Pro and AI plans with restore, live product loading, and StoreKit test configuration. - Improvements - Refreshed paywall: intro animation, delayed close button, smoother horizontal paging, page dots interaction, per-item reveal animations, and purchase-state UI (disabled/checked when owned). - Changes - "Believer" plan and related screens removed; Pro simplified to Monthly and Annual offerings. - Chores - iOS project and build settings updated for newer toolchain and StoreKit support. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> |
||
|
Peng Xiao
|
3c9d17c983 |
feat(core): insert artifact as code block (#13641)
#### PR Dependency Tree * **PR #13641** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Insert HTML content directly into the document as a code block with preview enabled. * Default view changed from Code to Preview for faster content inspection. * New “Insert” action replaces the previous “Download” action to add content into the document. * Added a dedicated “Download HTML” button with an icon to save the HTML file. * Toast notifications confirm successful insertions; errors are reported if insertion fails. * Updated button labeling to reflect the new workflow. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
EYHN
|
2f118206cc |
feat(core): mcp server setting (#13630)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * MCP Server integration available in cloud workspaces with a dedicated settings panel. * Manage personal access tokens: generate/revoke tokens and view revealed token. * One-click copy of a prefilled server configuration JSON. * New query to fetch revealed access tokens. * **Improvements** * Integration list adapts to workspace type (cloud vs. local). * More reliable token refresh with clearer loading, error and revalidation states. * **Localization** * Added “Copied to clipboard” message and MCP Server name/description translations. * **Chores** * Updated icon dependency across many packages. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Cats Juice
|
ca9811792d |
feat(component): emoji and icon picker (#13638)
 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Icon Picker added with Emoji and Icon panels, search/filtering, recent selections, color selection, skin tone options, and smooth group navigation. - **Documentation** - Storybook example added to preview and test the Icon Picker. - **Chores** - Bumped icon library dependency to a newer minor version. - Added emoji data dependency to support the Emoji Picker. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Jachin
|
812c2d86d4 |
feat(server): add Swagger API docs (#13455)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Interactive API documentation available at /api/docs when running in development. * **Chores** * Added a development dependency to enable generation of the API documentation. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com> Co-authored-by: DarkSky <darksky2048@gmail.com> |
||
|
DarkSky
|
762b702e46 |
feat: sync rcat data (#13628)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * RevenueCat support: public webhook endpoint, webhook handler/service, nightly reconciliation and per-user sync; subscriptions now expose provider and iapStore; new user-facing error for App Store/Play-managed subscriptions. * **Chores** * Multi-provider subscription schema (Provider, IapStore); Stripe credentials moved into payment.stripe (top-level apiKey/webhookKey deprecated); new payment.revenuecat config and defaults added. * **Tests** * Comprehensive RevenueCat integration test suite and snapshots. * **Documentation** * Admin config descriptions updated with deprecation guidance. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Lakr
|
75a6c79b2c |
fix(ios): crash at swift runtime error (#13635)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Fetch copilot model options per prompt (default, optional, pro) with generated GraphQL query and schema types. * **Chores** * Upgraded iOS deps: Apollo iOS 1.23.0, EventSource 0.1.5, Swift Collections 1.2.1. * Switched Intelligents to static linking and updated project integration. * Parameterized and standardized GraphQL codegen tooling; setup automation now syncs versions and safely backs up/restores custom scalars. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Wu Yue
|
b25759c264 |
feat(core): support gemini model switch in ai (#13631)
<img width="757" height="447" alt="截屏2025-09-22 17 49 34" src="https://github.com/user-attachments/assets/bab96f45-112e-4d74-bc38-54429d8a54ab" /> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Subscription-aware AI model picker in chat: browse models with version and category, see active selection, switch models, and receive notifications when choosing pro models without a subscription. Selections persist across sessions. - Central AI model service wired into chat UI for consistent model selection and availability. - Changes - Streamlined AI model availability: reduced to a curated set for a more focused experience. - Context menu buttons can display supplemental info next to labels. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
renovate[bot]
|
da3e3eb3fa |
chore: bump up @faker-js/faker version to v10 (#13626)
Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more [here](https://redirect.github.com/renovatebot/renovate/discussions/37842). This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [@faker-js/faker](https://fakerjs.dev) ([source](https://redirect.github.com/faker-js/faker)) | [`^9.6.0` -> `^10.0.0`](https://renovatebot.com/diffs/npm/@faker-js%2ffaker/9.8.0/10.0.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [@faker-js/faker](https://fakerjs.dev) ([source](https://redirect.github.com/faker-js/faker)) | [`^9.3.0` -> `^10.0.0`](https://renovatebot.com/diffs/npm/@faker-js%2ffaker/9.8.0/10.0.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>faker-js/faker (@​faker-js/faker)</summary> ### [`v10.0.0`](https://redirect.github.com/faker-js/faker/blob/HEAD/CHANGELOG.md#1000-2025-08-21) [Compare Source](https://redirect.github.com/faker-js/faker/compare/v9.9.0...v10.0.0) ##### New Locales - **locale:** extended list of colors in Polish ([#​3586](https://redirect.github.com/faker-js/faker/issues/3586)) ([9940d54]( |
||
|
DarkSky
|
e3f3c8c4a8 |
feat: add config for mail server name (#13632)
fix #13627 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added configurable display names for primary and fallback SMTP servers, improving email sender identification. * Defaults to “AFFiNE Server,” with support for MAILER_SERVERNAME environment variable for the primary SMTP. * Exposed in admin settings for easy setup alongside existing SMTP options. * Names are now passed through to mail transport options for consistent use across emails. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
3720
|
7fe95f50f4 |
fix(editor): callout delete merge and slash menu (#13597)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Press Enter inside a callout splits the paragraph at the cursor into a new focused paragraph. - Clicking an empty callout inserts and focuses a new paragraph; emoji menu behavior unchanged. - New command to convert a callout paragraph to callout/selection flow for Backspace handling. - New native API: ShareableContent.isUsingMicrophone(processId). - Bug Fixes - Backspace inside callout paragraphs now merges or deletes text predictably and selects the callout when appropriate. - Style - Callout layout refined: top-aligned content and adjusted emoji spacing. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Cats Juice
|
195864fc88 |
feat(core): edit icon in navigation panel (#13595)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Rename dialog now edits per-item explorer icons (emoji or custom) and can skip name-change callbacks. Doc icon picker added to the editor with localized "Add icon" placeholder and readonly rendering. Icon editor supports fallbacks, trigger variants, and improved input/test-id wiring. - **Style** - Updated icon picker and trigger sizing and placeholder visuals; title/icon layout adjustments. - **Chores** - Explorer icon storage and module added to persist and serve icons across the app. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
dependabot[bot]
|
93554304e2 |
chore: bump dompurify from 3.1.6 to 3.2.7 (#13622)
Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.1.6 to 3.2.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cure53/DOMPurify/releases">dompurify's releases</a>.</em></p> <blockquote> <h2>DOMPurify 3.2.7</h2> <ul> <li>Added new attributes and elements to default allow-list, thanks <a href="https://github.com/elrion018"><code>@elrion018</code></a></li> <li>Added <code>tagName</code> parameter to custom element <code>attributeNameCheck</code>, thanks <a href="https://github.com/nelstrom"><code>@nelstrom</code></a></li> <li>Added better check for animated <code>href</code> attributes, thanks <a href="https://github.com/llamakko"><code>@llamakko</code></a></li> <li>Updated and improved the bundled types, thanks <a href="https://github.com/ssi02014"><code>@ssi02014</code></a></li> <li>Updated several tests to better align with new browser encoding behaviors</li> <li>Improved the handling of potentially risky content inside CDATA elements, thanks <a href="https://github.com/securityMB"><code>@securityMB</code></a> & <a href="https://github.com/terjanq"><code>@terjanq</code></a></li> <li>Improved the regular expression for raw-text elements to cover textareas, thanks <a href="https://github.com/securityMB"><code>@securityMB</code></a> & <a href="https://github.com/terjanq"><code>@terjanq</code></a></li> </ul> <h2>DOMPurify 3.2.6</h2> <ul> <li>Fixed several typos and removed clutter from our documentation, thanks <a href="https://github.com/Rotzbua"><code>@Rotzbua</code></a></li> <li>Added <code>matrix:</code> as an allowed URI scheme, thanks <a href="https://github.com/kleinesfilmroellchen"><code>@kleinesfilmroellchen</code></a></li> <li>Added better config hardening against prototype pollution, thanks <a href="https://github.com/EffectRenan"><code>@EffectRenan</code></a></li> <li>Added better handling of attribute removal, thanks <a href="https://github.com/michalnieruchalski-tiugo"><code>@michalnieruchalski-tiugo</code></a></li> <li>Added better configuration for aggressive mXSS scrubbing behavior, thanks <a href="https://github.com/BryanValverdeU"><code>@BryanValverdeU</code></a></li> <li>Removed the script that caused the fake entry <a href="https://security.snyk.io/vuln/SNYK-JS-DOMPURIFY-10176060">CVE-2025-48050</a></li> </ul> <h2>DOMPurify 3.2.5</h2> <ul> <li>Added a check to the mXSS detection regex to be more strict, thanks <a href="https://github.com/masatokinugawa"><code>@masatokinugawa</code></a></li> <li>Added ESM type imports in source, removes patch function, thanks <a href="https://github.com/donmccurdy"><code>@donmccurdy</code></a></li> <li>Added script to verify various TypeScript configurations, thanks <a href="https://github.com/reduckted"><code>@reduckted</code></a></li> <li>Added more modern browsers to the Karma launchers list</li> <li>Added Node 23.x to tested runtimes, removed Node 17.x</li> <li>Fixed the generation of source maps, thanks <a href="https://github.com/reduckted"><code>@reduckted</code></a></li> <li>Fixed an unexpected behavior with <code>ALLOWED_URI_REGEXP</code> using the 'g' flag, thanks <a href="https://github.com/hhk-png"><code>@hhk-png</code></a></li> <li>Fixed a few typos in the README file</li> </ul> <h2>DOMPurify 3.2.4</h2> <ul> <li>Fixed a conditional and config dependent mXSS-style <a href="https://nsysean.github.io/posts/dompurify-323-bypass/">bypass</a> reported by <a href="https://github.com/nsysean"><code>@nsysean</code></a></li> <li>Added a new feature to allow specific hook removal, thanks <a href="https://github.com/davecardwell"><code>@davecardwell</code></a></li> <li>Added <em>purify.js</em> and <em>purify.min.js</em> to exports, thanks <a href="https://github.com/Aetherinox"><code>@Aetherinox</code></a></li> <li>Added better logic in case no window object is president, thanks <a href="https://github.com/yehuya"><code>@yehuya</code></a></li> <li>Updated some dependencies called out by dependabot</li> <li>Updated license files etc to show the correct year</li> </ul> <h2>DOMPurify 3.2.3</h2> <ul> <li>Fixed two conditional sanitizer bypasses discovered by <a href="https://github.com/parrot409"><code>@parrot409</code></a> and <a href="https://x.com/slonser_"><code>@Slonser</code></a></li> <li>Updated the attribute clobbering checks to prevent future bypasses, thanks <a href="https://github.com/parrot409"><code>@parrot409</code></a></li> </ul> <h2>DOMPurify 3.2.2</h2> <ul> <li>Fixed a possible bypass in case a rather specific config for custom elements is set, thanks <a href="https://github.com/yaniv-git"><code>@yaniv-git</code></a></li> <li>Fixed several minor issues with the type definitions, thanks again <a href="https://github.com/reduckted"><code>@reduckted</code></a></li> <li>Fixed a minor issue with the types reference for trusted types, thanks <a href="https://github.com/reduckted"><code>@reduckted</code></a></li> <li>Fixed a minor problem with the template detection regex on some systems, thanks <a href="https://github.com/svdb99"><code>@svdb99</code></a></li> </ul> <h2>DOMPurify 3.2.1</h2> <ul> <li>Fixed several minor issues with the type definitions, thanks <a href="https://github.com/reduckted"><code>@reduckted</code></a> <a href="https://github.com/ghiscoding"><code>@ghiscoding</code></a> <a href="https://github.com/asamuzaK"><code>@asamuzaK</code></a> <a href="https://github.com/MiniDigger"><code>@MiniDigger</code></a></li> <li>Fixed an issue with non-minified dist files and order of imports, thanks <a href="https://github.com/reduckted"><code>@reduckted</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
renovate[bot]
|
2f38953cf9 |
chore: bump up electron version to v35.7.5 [SECURITY] (#13561)
Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more [here](https://redirect.github.com/renovatebot/renovate/discussions/37842). This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [electron](https://redirect.github.com/electron/electron) | [`35.5.1` -> `35.7.5`](https://renovatebot.com/diffs/npm/electron/35.5.1/35.7.5) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2025-55305](https://redirect.github.com/electron/electron/security/advisories/GHSA-vmqv-hx8q-j7mg) ### Impact This only impacts apps that have the `embeddedAsarIntegrityValidation` and `onlyLoadAppFromAsar` [fuses](https://www.electronjs.org/docs/latest/tutorial/fuses) enabled. Apps without these fuses enabled are not impacted. Specifically this issue can only be exploited if your app is launched from a filesystem the attacker has write access too. i.e. the ability to edit files inside the `resources` folder in your app installation on Windows which these fuses are supposed to protect against. ### Workarounds There are no app side workarounds, you must update to a patched version of Electron. ### Fixed Versions * `38.0.0-beta.6` * `37.3.1` * `36.8.1` * `35.7.5` ### For more information If you have any questions or comments about this advisory, email us at [security@electronjs.org](mailto:security@electronjs.org) --- ### Release Notes <details> <summary>electron/electron (electron)</summary> ### [`v35.7.5`](https://redirect.github.com/electron/electron/releases/tag/v35.7.5): electron v35.7.5 [Compare Source](https://redirect.github.com/electron/electron/compare/v35.7.4...v35.7.5) ##### Release Notes for v35.7.5 > \[!WARNING] > Electron 35.x.y has reached end-of-support as per the project's [support policy](https://www.electronjs.org/docs/latest/tutorial/electron-timelines#version-support-policy). Developers and applications are encouraged to upgrade to a newer version of Electron. ##### Fixes - Fixed an issue where `shell.openPath` was not non-blocking as expected. [#​48079](https://redirect.github.com/electron/electron/pull/48079) <span style="font-size:small;">(Also in [36](https://redirect.github.com/electron/electron/pull/48088), [37](https://redirect.github.com/electron/electron/pull/48088), [38](https://redirect.github.com/electron/electron/pull/48088))</span> ### [`v35.7.4`](https://redirect.github.com/electron/electron/releases/tag/v35.7.4): electron v35.7.4 [Compare Source](https://redirect.github.com/electron/electron/compare/v35.7.2...v35.7.4) ##### Release Notes for v35.7.4 - Fix ffmpeg generation on Windows non-x64 ### [`v35.7.2`](https://redirect.github.com/electron/electron/releases/tag/v35.7.2): electron v35.7.2 [Compare Source](https://redirect.github.com/electron/electron/compare/v35.7.0...v35.7.2) ##### Release Notes for v35.7.2 ##### Fixes - Fixed an issue where printing PDFs with `webContents.print({ silent: true })` would fail. [#​47645](https://redirect.github.com/electron/electron/pull/47645) <span style="font-size:small;">(Also in [36](https://redirect.github.com/electron/electron/pull/47624), [37](https://redirect.github.com/electron/electron/pull/47397))</span> ### [`v35.7.0`](https://redirect.github.com/electron/electron/releases/tag/v35.7.0): electron v35.7.0 [Compare Source](https://redirect.github.com/electron/electron/compare/v35.6.0...v35.7.0) ##### Release Notes for v35.7.0 ##### Other Changes - Updated Node.js to v22.16.0. [#​47213](https://redirect.github.com/electron/electron/pull/47213) ### [`v35.6.0`](https://redirect.github.com/electron/electron/releases/tag/v35.6.0): electron v35.6.0 [Compare Source](https://redirect.github.com/electron/electron/compare/v35.5.1...v35.6.0) ##### Release Notes for v35.6.0 ##### Features - Added support for `--no-experimental-global-navigator` flag. [#​47416](https://redirect.github.com/electron/electron/pull/47416) <span style="font-size:small;">(Also in [36](https://redirect.github.com/electron/electron/pull/47417), [37](https://redirect.github.com/electron/electron/pull/47418))</span> - Added support for customizing system accent color and highlighting of active window border. [#​47539](https://redirect.github.com/electron/electron/pull/47539) <span style="font-size:small;">(Also in [36](https://redirect.github.com/electron/electron/pull/47538), [37](https://redirect.github.com/electron/electron/pull/47537))</span> ##### Fixes - Fixed a potential crash using `session.clearData` in some circumstances. [#​47410](https://redirect.github.com/electron/electron/pull/47410) <span style="font-size:small;">(Also in [36](https://redirect.github.com/electron/electron/pull/47411), [37](https://redirect.github.com/electron/electron/pull/47412))</span> - Fixed an error when importing `electron` for the first time from an ESM module loaded by a CJS module in a packaged app. [#​47344](https://redirect.github.com/electron/electron/pull/47344) <span style="font-size:small;">(Also in [36](https://redirect.github.com/electron/electron/pull/47343), [37](https://redirect.github.com/electron/electron/pull/47342))</span> - Fixed an issue where calling `Fetch.continueResponse` via debugger with `WebContentsView` could cause a crash. [#​47443](https://redirect.github.com/electron/electron/pull/47443) <span style="font-size:small;">(Also in [36](https://redirect.github.com/electron/electron/pull/47442), [37](https://redirect.github.com/electron/electron/pull/47444))</span> - Fixed an issue where utility processes could leak file handles. [#​47542](https://redirect.github.com/electron/electron/pull/47542) <span style="font-size:small;">(Also in [36](https://redirect.github.com/electron/electron/pull/47541), [37](https://redirect.github.com/electron/electron/pull/47543))</span> - Partially fixes an issue with printing a PDF via `webContents.print()` where the callback would not be called. [#​47399](https://redirect.github.com/electron/electron/pull/47399) <span style="font-size:small;">(Also in [36](https://redirect.github.com/electron/electron/pull/47400), [37](https://redirect.github.com/electron/electron/pull/47398))</span> ##### Other Changes - Backported fix for [`4206375`](https://redirect.github.com/electron/electron/commit/420637585). [#​47369](https://redirect.github.com/electron/electron/pull/47369) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS45MS4xIiwidXBkYXRlZEluVmVyIjoiNDEuOTcuMTAiLCJ0YXJnZXRCcmFuY2giOiJjYW5hcnkiLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com> |
||
|
renovate[bot]
|
ebf75e4d31 |
chore: bump up apollographql/apollo-ios version to v1.23.0 (#13623)
Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more [here](https://redirect.github.com/renovatebot/renovate/discussions/37842). This PR contains the following updates: | Package | Update | Change | |---|---|---| | [apollographql/apollo-ios](https://redirect.github.com/apollographql/apollo-ios) | minor | `from: "1.22.0"` -> `from: "1.23.0"` | | [apollographql/apollo-ios](https://redirect.github.com/apollographql/apollo-ios) | minor | `1.22.0` -> `1.23.0` | --- ### Release Notes <details> <summary>apollographql/apollo-ios (apollographql/apollo-ios)</summary> ### [`v1.23.0`](https://redirect.github.com/apollographql/apollo-ios/blob/HEAD/CHANGELOG.md#v1230) [Compare Source](https://redirect.github.com/apollographql/apollo-ios/compare/1.22.0...1.23.0) ##### New - **Added `requireNonOptionalMockFields` flag to `ApolloCodegenConfiguration.OutputOptions`. ([#​669](https://redirect.github.com/apollographql/apollo-ios-dev/pull/669)):** Added new flag to codegen output options to allow having non-optional fields in the test mocks if desired. *Thank you to [@​dwroth](https://redirect.github.com/dwroth) for the contribution.* ##### Improvement - **Added public initializer to `DatabaseRow`. ([#​664](https://redirect.github.com/apollographql/apollo-ios-dev/pull/664)):** Not having a public initializer on `DatabasRow` was hindering the ability to create custom `SQLiteDatabase` implementations. This solves that by adding a public initializer to `DatabaseRow`.*Thank you to [@​ChrisLaganiere](https://redirect.github.com/ChrisLaganiere) for the contribution.* ##### Fixed - **Unncessary deprecation warning in codegen options initializer. ([#​3563](https://redirect.github.com/apollographql/apollo-ios/issues/3563)):** Added `@_disfavoredOverload` to the deprecated initialized in `ApolloCodegenConfiguration` to prevent possible warnings caused by the compiler selecting a deprecated initializer versus the new/current initializer. See PR [#​682](https://redirect.github.com/apollographql/apollo-ios-dev/pull/682). *Thank you to [@​CraigSiemens](https://redirect.github.com/CraigSiemens) for raising the issue.* </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS45Ny4xMCIsInVwZGF0ZWRJblZlciI6IjQxLjk3LjEwIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
2d0721a78f |
chore: bump axios from 1.9.0 to 1.12.2 (#13621)
Bumps [axios](https://github.com/axios/axios) from 1.9.0 to 1.12.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/releases">axios's releases</a>.</em></p> <blockquote> <h2>Release v1.12.2</h2> <h2>Release notes:</h2> <h3>Bug Fixes</h3> <ul> <li><strong>fetch:</strong> use current global fetch instead of cached one when env fetch is not specified to keep MSW support; (<a href="https://redirect.github.com/axios/axios/issues/7030">#7030</a>) (<a href=" |
||
|
Jachin
|
e08fc5ef06 |
feat(server): change the playground option to GraphiQL. (#13451)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * The GraphQL interactive UI is now available only in development environments and will not be accessible in production. This change affects only the availability of the interactive interface; public exports and API context types remain unchanged. Users in development can continue to use the tool as before, while production deployments will no longer expose the interactive UI. <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com> |
||
|
Finn Weigand
|
363f64ebfa |
feat: add dedicated sign-up config for oauth (#13610)
Currently, it is only possible to disable all registrations. However, it would be helpful if you could disable normal registration but enable OAuth registration. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added a setting to enable/disable new user signups via OAuth (default: enabled). * Admin Settings (Authentication) now includes a toggle for OAuth signups. * OAuth signup flow now respects this setting, preventing new registrations via OAuth when disabled. * Self-hosted configuration schema updated to include the new option. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Signed-off-by: Hudint Finn Weigand <dev@hudint.de> Co-authored-by: DarkSky <darksky2048@gmail.com> Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com> |
||
|
renovate[bot]
|
21bb8142b0 |
chore: bump up Recouse/EventSource version to from: "0.1.5" (#13620)
Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more [here](https://redirect.github.com/renovatebot/renovate/discussions/37842). This PR contains the following updates: | Package | Update | Change | |---|---|---| | [Recouse/EventSource](https://redirect.github.com/Recouse/EventSource) | patch | `from: "0.1.4"` -> `from: "0.1.5"` | --- ### Release Notes <details> <summary>Recouse/EventSource (Recouse/EventSource)</summary> ### [`v0.1.5`](https://redirect.github.com/Recouse/EventSource/releases/tag/0.1.5) [Compare Source](https://redirect.github.com/Recouse/EventSource/compare/0.1.4...0.1.5) #### What's Changed - Fix potential data corruption by [@​Recouse](https://redirect.github.com/Recouse) in [#​30](https://redirect.github.com/Recouse/EventSource/pull/30) - Concurrency improvements by [@​Recouse](https://redirect.github.com/Recouse) in [#​31](https://redirect.github.com/Recouse/EventSource/pull/31) - Update EventParser.swift to Support CR LF by [@​Lakr233](https://redirect.github.com/Lakr233) in [#​28](https://redirect.github.com/Recouse/EventSource/pull/28) #### New Contributors - [@​Lakr233](https://redirect.github.com/Lakr233) made their first contribution in [#​28](https://redirect.github.com/Recouse/EventSource/pull/28) **Full Changelog**: <https://github.com/Recouse/EventSource/compare/0.1.4...0.1.5> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS45Ny4xMCIsInVwZGF0ZWRJblZlciI6IjQxLjk3LjEwIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
Bl4ckspell
|
750b008dc8 |
feat(android): add monochrome icon support (#13527)
Add missing themed icon support for android app icon. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Android app icon now supports a monochrome variant for adaptive icons, enabling themed icons on compatible launchers. * Improved icon consistency and visibility across system themes (including dark mode). * Applied to both standard and round launcher icons. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
renovate[bot]
|
d231b47f1f |
chore: bump up nestjs (#13614)
Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more [here](https://redirect.github.com/renovatebot/renovate/discussions/37842). This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [@nestjs/bullmq](https://redirect.github.com/nestjs/bull) | [`11.0.2` -> `11.0.3`](https://renovatebot.com/diffs/npm/@nestjs%2fbullmq/11.0.2/11.0.3) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [@nestjs/common](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/common)) | [`11.1.5` -> `11.1.6`](https://renovatebot.com/diffs/npm/@nestjs%2fcommon/11.1.5/11.1.6) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [@nestjs/core](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/core)) | [`11.1.5` -> `11.1.6`](https://renovatebot.com/diffs/npm/@nestjs%2fcore/11.1.5/11.1.6) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [@nestjs/platform-express](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/platform-express)) | [`11.1.5` -> `11.1.6`](https://renovatebot.com/diffs/npm/@nestjs%2fplatform-express/11.1.5/11.1.6) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [@nestjs/platform-socket.io](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/platform-socket.io)) | [`11.1.5` -> `11.1.6`](https://renovatebot.com/diffs/npm/@nestjs%2fplatform-socket.io/11.1.5/11.1.6) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [@nestjs/schedule](https://redirect.github.com/nestjs/schedule) | [`6.0.0` -> `6.0.1`](https://renovatebot.com/diffs/npm/@nestjs%2fschedule/6.0.0/6.0.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [@nestjs/websockets](https://redirect.github.com/nestjs/nest) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/websockets)) | [`11.1.5` -> `11.1.6`](https://renovatebot.com/diffs/npm/@nestjs%2fwebsockets/11.1.5/11.1.6) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>nestjs/bull (@​nestjs/bullmq)</summary> ### [`v11.0.3`](https://redirect.github.com/nestjs/bull/releases/tag/%40nestjs/bullmq%4011.0.3) [Compare Source](https://redirect.github.com/nestjs/bull/compare/@nestjs/bullmq@11.0.2...@nestjs/bullmq@11.0.3) #### What's Changed - feat(bullmq): add telemetry support for workers by [@​noeljackson](https://redirect.github.com/noeljackson) in [#​2585](https://redirect.github.com/nestjs/bull/pull/2585) #### New Contributors - [@​noeljackson](https://redirect.github.com/noeljackson) made their first contribution in [#​2585](https://redirect.github.com/nestjs/bull/pull/2585) **Full Changelog**: <https://github.com/nestjs/bull/compare/@nestjs/bull-shared@11.0.0...@​nestjs/bullmq@11.0.3> </details> <details> <summary>nestjs/nest (@​nestjs/common)</summary> ### [`v11.1.6`](https://redirect.github.com/nestjs/nest/releases/tag/v11.1.6) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.5...v11.1.6) ##### v11.1.6 (2025-08-07) ##### Bug fixes - `core` - [#​15504](https://redirect.github.com/nestjs/nest/pull/15504) fix(core): fix race condition in class dependency resolution from imported modules ([@​hajekjiri](https://redirect.github.com/hajekjiri)) - [#​15469](https://redirect.github.com/nestjs/nest/pull/15469) fix(core): attach root inquirer for nested transient providers ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) - `microservices` - [#​15508](https://redirect.github.com/nestjs/nest/pull/15508) fix(microservices): report correct buffer length in exception ([@​kim-sung-jee](https://redirect.github.com/kim-sung-jee)) - [#​15492](https://redirect.github.com/nestjs/nest/pull/15492) fix(microservices): fix kafka serilization of class instances ([@​LeonBiersch](https://redirect.github.com/LeonBiersch)) ##### Dependencies - `platform-fastify` - [#​15493](https://redirect.github.com/nestjs/nest/pull/15493) chore(deps): bump [@​fastify/cors](https://redirect.github.com/fastify/cors) from 11.0.1 to 11.1.0 ([@​dependabot\[bot\]](https://redirect.github.com/apps/dependabot)) ##### Committers: 6 - Jiri Hajek ([@​hajekjiri](https://redirect.github.com/hajekjiri)) - Kamil Mysliwiec ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) - Leon Biersch ([@​LeonBiersch](https://redirect.github.com/LeonBiersch)) - Seongjee Kim ([@​kim-sung-jee](https://redirect.github.com/kim-sung-jee)) - [@​premierbell](https://redirect.github.com/premierbell) - pTr ([@​ptrgits](https://redirect.github.com/ptrgits)) </details> <details> <summary>nestjs/schedule (@​nestjs/schedule)</summary> ### [`v6.0.1`](https://redirect.github.com/nestjs/schedule/releases/tag/6.0.1) [Compare Source](https://redirect.github.com/nestjs/schedule/compare/6.0.0...6.0.1) #### What's Changed - Add threshold to CronOptions by [@​arjunatlightspeed](https://redirect.github.com/arjunatlightspeed) in [#​2085](https://redirect.github.com/nestjs/schedule/pull/2085) - refactor : clear jobs before application shutdown by [@​spotlight21c](https://redirect.github.com/spotlight21c) in [#​2053](https://redirect.github.com/nestjs/schedule/pull/2053) - fix(deps): update dependency cron to v4.3.3 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​2001](https://redirect.github.com/nestjs/schedule/pull/2001) #### New Contributors - [@​arjunatlightspeed](https://redirect.github.com/arjunatlightspeed) made their first contribution in [#​2085](https://redirect.github.com/nestjs/schedule/pull/2085) - [@​spotlight21c](https://redirect.github.com/spotlight21c) made their first contribution in [#​2053](https://redirect.github.com/nestjs/schedule/pull/2053) **Full Changelog**: <https://github.com/nestjs/schedule/compare/6.0.0...6.0.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS45Ny4xMCIsInVwZGF0ZWRJblZlciI6IjQxLjk3LjEwIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
Richard Lora
|
4efbb630fc |
fix(core): correct emoji extraction logic using regex (#12749)
https://github.com/user-attachments/assets/ef612f34-0388-49a2-bcad-0cac07a5f785 This PR solves the issue where a majority of emoji's are unable to become the document or folders icon. The regex used is below with the test string of a variety of emoji's: https://regex101.com/r/0anB6Z/1 Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com> |
||
|
renovate[bot]
|
19bd29e90c |
chore: bump up apple/swift-collections version to from: "1.2.1" (#13535)
Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more [here](https://redirect.github.com/renovatebot/renovate/discussions/37842). This PR contains the following updates: | Package | Update | Change | |---|---|---| | [apple/swift-collections](https://redirect.github.com/apple/swift-collections) | patch | `from: "1.2.0"` -> `from: "1.2.1"` | --- ### Release Notes <details> <summary>apple/swift-collections (apple/swift-collections)</summary> ### [`v1.2.1`](https://redirect.github.com/apple/swift-collections/releases/tag/1.2.1): Swift Collections 1.2.1 [Compare Source](https://redirect.github.com/apple/swift-collections/compare/1.2.0...1.2.1) This is a patch release with the following minor improvements: - `BigString` sometimes miscounted distances in its character view, resulting in an invalid collection conformance. This is now fixed. ([#​485](https://redirect.github.com/apple/swift-collections/issues/485)) - `BigString`'s Unicode Scalar and character views now make better use of known lengths of the text chunks stored in the tree, resulting in significantly improved performance for their distance measurements. ([#​486](https://redirect.github.com/apple/swift-collections/issues/486)) - The Foundation-specific toolchain configuration was updated to include the Deque type. ([#​496](https://redirect.github.com/apple/swift-collections/issues/496)) #### What's Changed - \[BigString] Fix character indexing operations by [@​lorentey](https://redirect.github.com/lorentey) in [#​485](https://redirect.github.com/apple/swift-collections/pull/485) - \[BigString] Harvest some low-hanging performance fruit by [@​lorentey](https://redirect.github.com/lorentey) in [#​486](https://redirect.github.com/apple/swift-collections/pull/486) - Include DequeModule in the Foundation toolchain build by [@​cthielen](https://redirect.github.com/cthielen) in [#​496](https://redirect.github.com/apple/swift-collections/pull/496) **Full Changelog**: <https://github.com/apple/swift-collections/compare/1.2.0...1.2.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS44Mi43IiwidXBkYXRlZEluVmVyIjoiNDEuOTcuMTAiLCJ0YXJnZXRCcmFuY2giOiJjYW5hcnkiLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
ShellWen | 颉文, Chen Chang
|
2a2793eada |
fix: Correct spacing in AI partner description (#13593)
Fixed spacing issue in AI partner description. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Improved readability by fixing a minor punctuation/spacing issue in the project’s introductory text (added a space after a comma). * Polished wording to better reflect professional tone without altering meaning. * No changes to functionality, configuration, or user workflows. * No impact on APIs, interfaces, or compatibility. * No additional steps required for users; purely a documentation refinement. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Cats Juice
|
b6a3241451 |
chore(core): hide embedding status in chat (#13605)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Style** * Simplified the AI chat composer tip: removed the dynamic embedding-status tooltip so only a single static caution remains — “AI outputs can be misleading or wrong.” * **Tests** * One end-to-end test related to embedding status was commented out and is no longer executed. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Lakr
|
360c9545f4 |
feat(ios): [IAP] Paywall Initial Commit (#13609)
Requires https://github.com/toeverything/AFFiNE/pull/13606 to be merged. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced an in-app Paywall with Pro, AI, and Believer plans, feature previews, paging dots, and selectable pricing options. - Added purchase and restore actions, plus a unified, polished UI using new color/icon resources. - Documentation - Added Swift Code Style Guidelines. - Chores - Updated dependencies (including MarkdownView 3.4.2), added new resource packages, and removed an unused dependency. - Raised iOS deployment target to 16.5 and refreshed project settings. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com> |
||
|
Lakr
|
1f228382c2 |
chore: fix building the app (#13606)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Built-in Then-style DSL for fluent configuration. - Centralized theming via a new resources library exposing standardized colors and icons for SwiftUI and UIKit. - Refactor - Migrated color and icon accessors to the new resources provider. - Removed redundant imports and streamlined UI configuration. - Dependencies - Updated MarkdownView to 3.4.2. - Removed the Then third-party dependency; updated package sources; added resources package and assets. - Documentation - Added iOS Swift code style and architecture guidelines. - Chores - Updated Xcode project format and repository ignore rules. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
DarkSky
|
ee77c548ca |
feat: get prompt model names (#13607)
fix AI-419 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - New API to fetch available models for a prompt, returning default, optional, and pro models with human‑readable names. - Added temperature and topP settings to prompt configuration for finer control. - Refactor - When no model is chosen, the default model is used instead of auto-picking a pro model. - Model metadata across providers now includes readable names, improving listings and selection UX. - Tests - Updated test snapshots and descriptions to reflect the new default-model behavior. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
DarkSky
|
a0b73cdcec |
feat: improve model resolve (#13601)
fix AI-419 |
||
|
EYHN
|
89646869e4 |
feat(ios): create paywall api (#13602)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced a new iOS Paywall plugin with a simple API to display a paywall and receive a success response. - Added JavaScript wrapper and type definitions for easy integration. - Refactor - Reorganized the iOS project structure for plugins. - Chores - Removed unused legacy iOS plugins to streamline the app and reduce build complexity. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
L-Sun
|
34a3c83d84 |
fix(editor): prevent SwiftKey IME double input (#13590)
Close [BS-3610](https://linear.app/affine-design/issue/BS-3610/bug-每次按空格会出现重复单词-,特定输入法,比如swiftkey) #### PR Dependency Tree * **PR #13591** * **PR #13590** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - Bug Fixes - Android: More reliable Backspace/delete handling, preventing missed inputs and double-deletions. - Android: Cursor/selection is correctly restored after merging a paragraph with the previous block. - Android: Smoother IME composition input; captures correct composition range. - Deletion across lines and around embeds/empty lines is more consistent. - Chores - Internal event handling updated to improve Android compatibility and stability (no user-facing changes). <!-- end of auto-generated comment: release notes by coderabbit.ai --> #### PR Dependency Tree * **PR #13591** * **PR #13590** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal)v0.24.2 v0.25.0-beta.0 |
||
|
L-Sun
|
fd717af3db |
fix(core): update and fix oxlint error (#13591)
#### PR Dependency Tree * **PR #13591** 👈 * **PR #13590** This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - Bug Fixes - Improved drag-and-drop stability: draggables, drop targets, and monitors now respond when option sources or external data change. - Improved async actions and permission checks to always use the latest callbacks and error handlers. - Chores - Lint/Prettier configs updated to ignore the Git directory. - Upgraded oxlint dev dependency. - Tests - Updated several end-to-end tests for more reliable text selection, focus handling, and timing. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
renovate[bot]
|
039976ee6d |
chore: bump up vite version to v6.3.6 [SECURITY] (#13573)
This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [vite](https://vite.dev) ([source](https://redirect.github.com/vitejs/vite/tree/HEAD/packages/vite)) | [`6.3.5` -> `6.3.6`](https://renovatebot.com/diffs/npm/vite/6.3.5/6.3.6) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2025-58751](https://redirect.github.com/vitejs/vite/security/advisories/GHSA-g4jq-h2w9-997c) ### Summary Files starting with the same name with the public directory were served bypassing the `server.fs` settings. ### Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite dev server to the network (using --host or [`server.host` config option](https://vitejs.dev/config/server-options.html#server-host)) - uses [the public directory feature](https://vite.dev/guide/assets.html#the-public-directory) (enabled by default) - a symlink exists in the public directory ### Details The [servePublicMiddleware]( |
||
|
dependabot[bot]
|
e158e11608 |
chore: bump sha.js from 2.4.11 to 2.4.12 (#13560)
Bumps [sha.js](https://github.com/crypto-browserify/sha.js) from 2.4.11 to 2.4.12. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/browserify/sha.js/blob/master/CHANGELOG.md">sha.js's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/browserify/sha.js/compare/v2.4.11...v2.4.12">v2.4.12</a> - 2025-07-01</h2> <h3>Commits</h3> <ul> <li>[eslint] switch to eslint <a href=" |
||
|
renovate[bot]
|
18faaa38a0 |
chore: bump up mermaid version to v10.9.4 [SECURITY] (#13518)
This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [mermaid](https://redirect.github.com/mermaid-js/mermaid) | [`10.9.3` -> `10.9.4`](https://renovatebot.com/diffs/npm/mermaid/10.9.3/10.9.4) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2025-54881](https://redirect.github.com/mermaid-js/mermaid/security/advisories/GHSA-7rqq-prvp-x9jh) ### Summary In the default configuration of mermaid 11.9.0, user supplied input for sequence diagram labels is passed to `innerHTML` during calculation of element size, causing XSS. ### Details Sequence diagram node labels with KaTeX delimiters are passed through `calculateMathMLDimensions`. This method passes the full label to `innerHTML` which allows allows malicious users to inject arbitrary HTML and cause XSS when mermaid-js is used in it's default configuration (with KaTeX support enabled). The vulnerability lies here: ```ts export const calculateMathMLDimensions = async (text: string, config: MermaidConfig) => { text = await renderKatex(text, config); const divElem = document.createElement('div'); divElem.innerHTML = text; // XSS sink, text has not been sanitized. divElem.id = 'katex-temp'; divElem.style.visibility = 'hidden'; divElem.style.position = 'absolute'; divElem.style.top = '0'; const body = document.querySelector('body'); body?.insertAdjacentElement('beforeend', divElem); const dim = { width: divElem.clientWidth, height: divElem.clientHeight }; divElem.remove(); return dim; }; ``` The `calculateMathMLDimensions` method was introduced in 5c69e5fdb004a6d0a2abe97e23d26e223a059832 two years ago, which was released in [Mermaid 10.9.0](https://redirect.github.com/mermaid-js/mermaid/releases/tag/v10.9.0). ### PoC Render the following diagram and observe the modified DOM. ``` sequenceDiagram participant A as Alice<img src="x" onerror="document.write(`xss on ${document.domain}`)">$$\\text{Alice}$$ A->>John: Hello John, how are you? Alice-)John: See you later! ``` Here is a PoC on mermaid.live: https://mermaid.live/edit#pako:eNpVUMtOwzAQ_BWzyoFKaRTyaFILiio4IK7ckA-1km1iKbaLY6spUf4dJ0AF68uOZ2dm7REqXSNQ6PHDoarwWfDGcMkUudaJGysqceLKkj3hPdl3osJ7IRvSm-qBwcCAaIXGaONRrSsnUdnobITF28PQ954lwXglai25UNNhxWAXBMyXxcGOi-3kL_5k79e73atuFSUv2HWazH1IWn0m3CC5aPf4b3p2WK--BW-4DJCOWzQ3TM0HQmiMqIFa4zAEicZv4iGMsw0D26JEBtS3NR656ywDpiYv869_11r-Ko12TQv0yLveI3eqfcjP111HUNVonrRTFuhdsVgAHWEAmuRxlG7SuEzKMi-yJAnhAjTLIk_EcbFJtuk2y9MphM8lM47KIp--AOZghtU ### Impact XSS on all sites that use mermaid and render user supplied diagrams without further sanitization. ### Remediation The value of the `text` argument for the `calculateMathMLDimensions` method needs to be sanitized before getting passed on to `innerHTML`. --- ### Release Notes <details> <summary>mermaid-js/mermaid (mermaid)</summary> ### [`v10.9.4`](https://redirect.github.com/mermaid-js/mermaid/releases/tag/v10.9.4) [Compare Source](https://redirect.github.com/mermaid-js/mermaid/compare/v10.9.3...v10.9.4) This release backports the fix for GHSA-7rqq-prvp-x9jh from [v11.10.0](https://redirect.github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.10.0), preventing a potential XSS attack in labels in sequence diagrams. See: [`9d68517`]( |
||
|
DarkSky
|
e2156ea135 | feat(server): integrate blob to context (#13491) v0.24.1 | ||
|
L-Sun
|
795bfb2f95 |
fix(ios): enable horizontal scroll for database (#13494)
Close [BS-3625](https://linear.app/affine-design/issue/BS-3625/移动端database-table-view无法横向滚动) #### PR Dependency Tree * **PR #13494** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Improved iOS mobile table view scrolling: horizontal overflow is no longer forcibly hidden, preventing clipped content and enabling smoother horizontal navigation. * Users can now access columns that previously appeared truncated on narrow screens. * Vertical scrolling behavior remains unchanged. * No impact on non‑iOS devices. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
L-Sun
|
0710da15c6 |
fix(editor): hook of database is invoked repeatedly (#13493)
Close [AF-2789](https://linear.app/affine-design/issue/AF-2789/安卓客户端日期没了) #### PR Dependency Tree * **PR #13493** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Improved editing mode stability in mobile Kanban cells by preventing redundant enter/exit transitions, resulting in smoother interactions and reduced flicker. * Enhanced mobile Table cells to avoid duplicate editing state changes, minimizing unnecessary updates and improving responsiveness. * Overall, editing transitions are now idempotent across affected mobile views, reducing visual jitter and improving performance during edit operations. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Peng Xiao
|
693ae9c834 |
fix(core): pasted code artifact should be inserted as codeblock (#13492)
fix AI-417 #### PR Dependency Tree * **PR #13492** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Copying code snippets now uses a rich format for improved paste fidelity in compatible editors. * Preserves code block formatting and language when pasted, reducing manual cleanup. * Continues to support plain text and HTML paste for broad compatibility. * Works more reliably when moving content within the app. * Existing copy confirmation remains unchanged. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
L-Sun
|
9d38f79395 |
fix(editor): deactivate editor when selection out of editor (#13490)
Close [AI-415](https://linear.app/affine-design/issue/AI-415/code-artifact-复制更好的支持code-block和插入正文) #### PR Dependency Tree * **PR #13490** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Editor now deactivates when text selection moves outside the app, preventing unintended interactions. * Better handling when selection changes to external content, reducing cases where the editor stayed active incorrectly. * **Stability** * Improved reliability around selection, focus, and visibility changes to avoid accidental edits or actions. <!-- end of auto-generated comment: release notes by coderabbit.ai --> #### PR Dependency Tree * **PR #13490** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal)v0.24.1-beta.1 |
||
|
L-Sun
|
680f3b3006 |
feat(editor): impl shape text with dom renderer (#13471)
#### PR Dependency Tree
* **PR #13464**
* **PR #13465**
* **PR #13471** 👈
* **PR #13472**
* **PR #13473**
This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* DOM rendering added for groups, mind maps and connectors so group
titles/outlines and mindmap connectors are visible on canvas.
* Shapes now support right-to-left text with proper vertical alignment.
* **Improvements**
* Connector labels scale with viewport zoom for crisper display.
* Group-related selections (including nested groups) now update visuals
consistently.
* **Performance**
* Reduced DOM churn and fewer redraws during rendering and selection
changes.
* **Refactor**
* Renderer import/export surfaces consolidated with no user-facing
behavior changes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
|
||
|
Peng Xiao
|
fbf234f9fa |
fix(core): code artifact copy should retain the original format (#13489)
fix AI-415 #### PR Dependency Tree * **PR #13489** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Improved code block stability to prevent layout shifts and overlapping during syntax highlighting. * Ensured consistent height and alignment for code snippets. * **Style** * Refined code block appearance for clearer, more polished presentation. * **Chores** * Internal adjustments to support more reliable rendering of highlighted code. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
L-Sun
|
e9ede5213e |
fix(core): incorrect position of mobile notification card (#13485)
#### PR Dependency Tree * **PR #13485** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Style** * Improved mobile toast notification layout for better responsiveness across screen sizes. * Replaced fixed left alignment with dynamic edge offsets, ensuring consistent spacing near screen edges. * Removed forced centering and rigid width constraints to reduce clipping and overlap on narrow viewports. * Visual behavior only; no changes to interaction or functionality. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
德布劳外 · 贾贵
|
aea6f81937 |
fix(core): remove attachment chip failed (#13468)
> CLOSE PD-2697 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Removing an attachment chip now also removes duplicate attachments with the same source, preventing duplicate attachments in the AI chat chip list. * Removing a selected context chip now also removes duplicate selected contexts with the same identifier, preventing duplicate context chips. * Attachments from different sources and chips of other types (document, file, tag, collection) remain unaffected. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
L-Sun
|
66c2bf3151 |
fix(editor): incorrect z-index in dom renderer (#13465)
#### PR Dependency Tree * **PR #13464** * **PR #13465** 👈 * **PR #13471** * **PR #13472** * **PR #13473** This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Improved stacking order across canvas elements (shapes, connectors, brush, highlighter), reducing unexpected overlap. * Corrected z-index application for placeholders and fully rendered elements to ensure consistent layering during edits. * **Refactor** * Centralized z-index handling for canvas elements to provide predictable, uniform layering behavior across the app. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
L-Sun
|
aa052096c1 |
feat(editor): brush and highlighter dom renderer (#13464)
#### PR Dependency Tree * **PR #13464** 👈 * **PR #13465** This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * DOM-based SVG rendering for Brush and Highlighter with zoom, rotation, layering and improved visualization. * **Refactor** * Consolidated renderer exports into a single entry point for simpler integration. * **Chores** * Updated view registrations to include the new DOM renderer extensions. * Improved highlighter sizing consistency based on serialized bounds. * **Revert** * Removed highlighter renderer registration from the shape module. <!-- end of auto-generated comment: release notes by coderabbit.ai --> #### PR Dependency Tree * **PR #13464** 👈 * **PR #13465** * **PR #13471** * **PR #13472** * **PR #13473** This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) |