public/once-campfire
1
0
Fork 0
mirror of https://github.com/basecamp/once-campfire.git synced 2026-03-18 20:23:38 +09:00
Code Issues Packages Projects Releases Wiki Activity
110 Commits 1 Branch 5 Tags
b3d97ecb0efdec145c541ea8afa0f2ff450f68a1
Commit Graph

110 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stanko K.R.
b3d97ecb0e Add safety checks to release script 2025-12-03 08:24:04 +01:00
Stanko Krtalić
94692026d3 Merge pull request #122 from basecamp/unfurl-blind-ssrf 
Security: disallow blind SSRF to link-local IPs via URL unfurling
v1.4.2 		2025-12-03 08:12:24 +01:00
Stanko K.R.
0672673916 Disallow SSRF via IPv6 addresses mapped to IPv4 addresses 2025-12-03 08:08:34 +01:00
Jeremy Daer
5667262d1c Security: disallow blind SSRF to link-local IPs via URL unfurling 2025-12-02 21:33:44 -08:00
Stanko Krtalić
1babf3f9ed Merge pull request #121 from basecamp/fix-crash-on-mentions-when-upgrading-from-rails-7-to-8 
Parse Rails 7 GIDs
v1.4.1 		2025-12-02 11:37:51 +01:00
Stanko K.R.
4d04f9beee Use urlsafe base64 decode 2025-12-02 11:34:12 +01:00
Stanko K.R.
bebe518c74 Parse Rails 7 GIDs 2025-12-02 11:06:23 +01:00
Stanko K.R.
13897eac59 Set title on new releases to be the version number v1.4.0 2025-12-02 08:36:15 +01:00
Stanko Krtalić
6bb0ee2436 Merge pull request #120 from basecamp/allow-restricting-new-room-creation-to-admins 
Add new has_json to add Account#settings to restrict room creation to only administrators
 2025-12-02 08:27:29 +01:00
Stanko K.R.
550d4c75bd Invert the icon color in dark mode 2025-12-02 08:22:32 +01:00
Jason Zimdars
7b7b3f8a67 Rework toggle as switch 2025-12-01 23:13:54 -06:00
Stanko K.R.
aec8747710 Fix failing system tests 
Something broke when the dependencies were updated so I copied over the Gemfile.lock file from main - which is known to work
 2025-12-01 16:34:51 +01:00
Stanko K.R.
71b5edae01 Run migrations 2025-12-01 15:31:53 +01:00
Stanko K.R.
b1325ccee7 Bump Redis 2025-12-01 15:31:07 +01:00
David Heinemeier Hansson
5266ffc049 Always just go through the settings object 2025-12-01 15:26:06 +01:00
David Heinemeier Hansson
bd3b0c5988 Not needed 2025-12-01 15:26:06 +01:00
David Heinemeier Hansson
e8626f9d5d Use rails edge that now includes the feature 2025-12-01 15:26:06 +01:00
David Heinemeier Hansson
796195c2cc Give up on the auto delegation to get a cleaner API 2025-12-01 15:26:06 +01:00
David Heinemeier Hansson
559629537b We don't need to specify the default any more 2025-12-01 15:26:06 +01:00
David Heinemeier Hansson
42c411b660 Use upstream version of has_json 2025-12-01 15:25:39 +01:00
David Heinemeier Hansson
6c59b8c82b Use public_send instead of send 2025-12-01 15:25:39 +01:00
David Heinemeier Hansson
20ba1cf2ae Ensure mutable string is used to prevent warning 2025-12-01 15:25:06 +01:00
David Heinemeier Hansson
d323c3cfc0 Now required to be explicitly included 
Not sure why
 2025-12-01 15:23:57 +01:00
David Heinemeier Hansson
53671b48e0 Update to latest Rails 8.2.0 alpha 2025-12-01 15:23:23 +01:00
David Heinemeier Hansson
66b4e41281 Rename 2025-12-01 15:23:23 +01:00
David Heinemeier Hansson
6476bab4cc Use consistent yield naming 2025-12-01 15:23:23 +01:00
David Heinemeier Hansson
f7c3aaa2a9 Allow for default values 2025-12-01 15:23:23 +01:00
David Heinemeier Hansson
593f8dd04c No need for self 2025-12-01 15:23:23 +01:00
David Heinemeier Hansson
d3b6507ce2 Layer on top a more pleasant API for the default case 2025-12-01 15:23:23 +01:00
David Heinemeier Hansson
32be03a240 Rely on method missing 2025-12-01 15:23:23 +01:00
David Heinemeier Hansson
8e94a4aa1e Better wording 2025-12-01 15:23:23 +01:00
David Heinemeier Hansson
15db4033bc Enforce restriction to create new rooms 2025-12-01 15:22:37 +01:00
David Heinemeier Hansson
f56e33e323 Fix fetching missing values 2025-12-01 15:22:36 +01:00
David Heinemeier Hansson
bea2c89c2b Add new has_json to add Account#settings to restrict room creation to only administrators 2025-12-01 15:22:36 +01:00
Stanko Krtalić
b7c7d99dcd Merge pull request #119 from basecamp/upgrade-to-rails-8.2.alpha 
Upgrade to Rails 8.2.0.alpha
 2025-12-01 13:59:28 +01:00
Stanko K.R.
6197f20a31 Upgrade to Rails 8.2.0.alpha 2025-12-01 13:50:53 +01:00
Stanko Krtalić
02023b0f0c Merge pull request #118 from basecamp/modernize-scripts 
Create release first
 2025-12-01 12:22:04 +01:00
Stanko K.R.
af81a4c1ac Create release first 2025-12-01 12:21:08 +01:00
Stanko Krtalić
d4a132865a Merge pull request #117 from basecamp/modernize-scripts 
Modernize scripts
 2025-12-01 12:01:13 +01:00
Stanko K.R.
f423bb9b07 Remove structure.sql v1.3.0 2025-12-01 11:48:53 +01:00
Stanko K.R.
3367ffaf8f Switch to using schema.rb 
Previously we had to use structure.sql since schema.rb didn't have support for virtual tables that we needed for search. Since Campfire's release virtuals tables have been added to Rails, so there is no need to use structure.sql anymore
 2025-12-01 11:47:51 +01:00
Stanko K.R.
7593a27a6b Use bash for the setup script 
This allows us to bootstrap Ruby during setup
 2025-12-01 11:21:18 +01:00
Stanko K.R.
133859b8fb Create a Github release 2025-12-01 11:20:31 +01:00
Stanko Krtalić
13690f754d Merge pull request #116 from basecamp/port-release-script 
Port over release script
 2025-12-01 10:51:10 +01:00
Stanko K.R.
ead80316e0 Port over release script 
Co-Authored-By: Kevin McConnell <kevin@37signals.com>
 2025-12-01 10:40:24 +01:00
Stanko Krtalić
59b322edc6 Merge pull request #111 from basecamp/ip-ban 
Add IP-based user banning
Closes: #95
 2025-11-27 15:26:34 +01:00
Jason Zimdars
c8ac878353 Polish banned states and confirm 2025-11-26 13:08:35 -06:00
Kevin McConnell
30fe6ab121 Add IP-based user banning 
This adds the ability to ban a user by their IP address.

When an admin is viewing a user profile, a new "Ban user" button is
present. Clicking on that will:

- Create a ban on the IP addresses that were tracked for that user's
  sessions
- Remove all the messages authored by that user
- Log the user out immediately

In addition, that user will no longer be shown in most user lists in the
app. They are still shown to admins, in account settings. Viewing their
profile from there will now show a "Remove ban" button which can be used
to restore their access (it doesn't restore their messages though --
those are already gone -- it just removes the blocks so they can log in
again).
 2025-11-26 14:30:38 +00:00
Kevin McConnell
612ca32d2c Merge pull request #112 from basecamp/update-brakeman 
Bump Brakeman to latest
 2025-11-26 14:30:26 +00:00
Kevin McConnell
5f58a183cd Bump Brakeman to latest 2025-11-26 14:26:32 +00:00