github/penpot
1
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2026-05-16 21:43:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,669 Commits 188 Branches 286 Tags
Commit Graph

173 Commits

Author SHA1 Message Date
Andrey Antukh
1b8afccba2 Remove usage of multipart body size config on backend 2026-02-23 14:44:44 +01:00
Andrey Antukh
f5996a7235 ♻️ Make several improvements to management API authentication 2026-01-27 15:14:32 +01:00
Pablo Alba
d5abc52dac
🎉 Add first integration with nitrate (#7803) 
* 🐛 Display missing selected tokens set info (#8098)

* 🐛 Display missing selected tokens set info

*  Add integration tests to verify current active set

* 🎉 Integration with nitrate platform

* 🐛 Fix nitrate get-teams returns deleted teams

*  Add nitrate to tmux devenv

*  Add retry and validation to nitrate module

*  Add photoUrl to profile on nitrate authenticate

*  Move nitrate url to an env variable

* ♻️ Change Nitrate organization-id schema to text

* ♻️ Cleanup unused imports

* 🔧 Add control-center to nginx

*  Add create org link

* 🔧 Fix nginx entrypoint

* 🐛 Fix control-center proxy pass

* 🎉 Add nitrate licence check

* Revert " Add nitrate to tmux devenv"

This reverts commit dc6f6c458995dac55cab7be365ced0972760a058.

*  Add feature flag check

* 🐛 Rename licences for licenses

*  MR changes

*  MR changes 2

* 📎 Add the ability to have local config on start backend

* 📎 Add FIXME comment

---------

Co-authored-by: Xaviju <xavier.julian@kaleidos.net>
Co-authored-by: Juanfran <juanfran.ag@gmail.com>
Co-authored-by: Yamila Moreno <yamila.moreno@kaleidos.net>
Co-authored-by: Marina López <marina.lopez.yap@gmail.com>
Co-authored-by: Andrey Antukh <niwi@niwi.nz>
 2026-01-27 10:04:53 +01:00
Andrey Antukh
4fddf3d986 ♻️ Make management key derivable from secret key 
Still preserves the ability to set management
 2025-11-20 12:20:13 +01:00
Andrey Antukh
363b4e3778
♻️ Make the SSO code more modular (#7575) 
* 📎 Disable by default social auth on devenv

* 🎉 Add the ability to import profile picture from SSO provider

* 📎 Add srepl helper for insert custom sso config

* 🎉 Add custom SSO auth flow
 2025-11-12 12:49:10 +01:00
Andrey Antukh
28cf67e7ff
🎉 Add management RPC API (#7700) 
* 🎉 Add management RPC API

And refactor internal http auth flow

* 📎 Adjust final url namings

* 📚 Update changelog
 2025-11-10 17:10:59 +01:00
Andrey Antukh
49721c0bcd Add better logging context report on worker runner 2025-11-04 12:44:38 +01:00
Andrey Antukh
5717708b56 ♻️ Refactor file storage 
Make it more scallable and make it easily extensible
 2025-10-13 12:24:05 +02:00
Andrey Antukh
0aadc3b6b3 Add management shared key authentication 2025-10-13 11:49:58 +02:00
Andrey Antukh
14d53c224f 🔥 Remove unused auth-data cookie asignation 2025-10-07 12:47:12 +02:00
Andrey Antukh
27945ace65 Revert deprecated storage config cleaning 2025-09-29 13:23:01 +02:00
Andrey Antukh
c1058c7fdb ♻️ Add minor refactor for internal concurrency model 
Replace general usage of virtual threads with platform threads
and use virtual threads for lightweight procs such that websocket
connections. This decision is made mainly because virtual threads
does not appear on thread dumps in an easy way so debugging issues
becomes very difficult.

The threads requirement of penpot for serving http requests
is not very big so having so this decision does not really affects
the resource usage.
 2025-09-26 14:35:06 +02:00
Andrey Antukh
283eb0419c ♻️ Refactor time related namespaces 
Mainly removes the custom app.util.time namespace
from frontend and backend and normalize all to use
the app.common.time namespace
 2025-08-01 11:20:01 +02:00
Yamila Moreno
fac2314d62
🔧 Relax secure cookies requirement when non-https public uri is set (#5939) 2025-02-25 09:10:53 +01:00
Yamila Moreno
807b8d82e3
🔧 Improve flags documentation (#5863) 
* 📎 Fix typo

* 🔧 Enable certain flags by default

* 🔧 Compile all flags in a single source of truth

* 📎 Move all default flags to common

---------

Co-authored-by: Andrey Antukh <niwi@niwi.nz>
 2025-02-18 12:36:16 +01:00
Andrey Antukh
1bb25bb89d 🔥 Remove file-xlog-gc task 
It is no longer necessary because snapshots are managed by the objects-gc task
 2024-12-10 12:19:12 +01:00
Andrey Antukh
036e335fc4 🎉 Add quote definitions for team access requests 2024-11-15 11:14:30 +01:00
Andrey Antukh
88fb5e7ab5 ♻️ Update integrant to latest version 
This upgrade also includes complete elimination of use spec
from the backend codebase, completing the long running migration
to fully use malli for validation and decoding.
 2024-11-13 19:09:19 +01:00
Andrey Antukh
9409078069 Add usage quotes for snapshots 2024-10-30 13:39:38 +01:00
Andrey Antukh
0117a4767d 📎 Rename file-snapshot to auto-file-snapshot 2024-09-02 11:52:19 +02:00
Andrey Antukh
cacee40d11 🎉 Add proper schema encoding/decoding mechanism 
this allows almost all api operations to success usin application/json
encoding with the exception of the update-file, which we need to
approach a bit differently;

the reason update-file is different, is because the operations vector
is right now defined without the context of shape type, so we are just
unable to properly parse the value to correct type using the schema
decoding mechanism
 2024-08-21 11:27:36 +02:00
Andrey Antukh
0e92bcc0de 🎉 Add file-data offload mechanism 2024-08-09 14:28:18 +02:00
Andrey Antukh
5cf54c6384 Improve file snapshoting mechanism 2024-07-29 10:19:34 +02:00
Andrey Antukh
9174bb140b ♻️ Refactor configuration validation 
Replace spec with schema
 2024-07-10 15:16:28 +02:00
Alejandro Alonso
bbd9207191 Improve email verify threshold 2024-06-12 13:56:19 +02:00
Andrey Antukh
5aa62ef1dd Add email blacklist mechanism 2024-06-04 10:45:55 +02:00
Andrey Antukh
abff7d324d Improve auth-data xdomain cookie 2024-05-27 10:58:05 +02:00
Andrey Antukh
c55ceb4bca Add automatic v2 migration process on startup 2024-04-10 15:31:49 +02:00
Andrey Antukh
34534c924f Set smaller default deletion delay for devenv 
And make the deletion delay configurable
 2024-04-10 15:31:49 +02:00
Andrey Antukh
944d167bbb Simplify SVGO module API 2024-01-25 15:59:45 +01:00
Andrey Antukh
fede8c9975 Setup better media max file-size on devenv 2024-01-10 14:00:31 +01:00
Andrey Antukh
41287d8fc5 Improve migration script performance and api usability 2024-01-04 14:40:22 +01:00
Andrey Antukh
4c190e385e Make the s3 client io-threads configurable and adaptable 2023-11-15 13:49:26 +01:00
Andrey Antukh
b892242915 🐛 Fix rpc climit initialization 2023-11-08 17:34:50 +01:00
Andrey Antukh
8cda8924df Add the ability to select user info source 
using the PENPOT_OIDC_USER_INFO_SOURCE environment variable
with two possible values: token and userinfo
 2023-07-03 10:46:29 +02:00
Andrey Antukh
6339b07fba Add the ability to parse OIDC JWT token 
If jwks-uri is provided or properly discovered, they will be used
for unsign JWT token and get use info data from that token instead
of making an additional call to the userinfo endpoint
 2023-06-28 00:25:48 +02:00
Andrey Antukh
5ca3d01ea1 🎉 Add malli based validation and coersion subsystem 2023-05-17 16:05:29 +02:00
Andrey Antukh
c0ccc4a5c5 Improve OICD attrs lookup mechanism 2023-04-25 12:18:06 +02:00
Andrey Antukh
c31eb2df42 🐛 Fix OICD auth provider roles checking mechanism 2023-04-24 15:13:24 +02:00
Andrey Antukh
bb055a3c84 ♻️ Refactor logging subsystem and error reporting 2023-02-02 13:38:04 +01:00
Andrey Antukh
8a5afefc1c 🎉 Add prepl support 
And rename the current repl to urepl (user-repl).
 2023-01-18 17:14:22 +01:00
Andrey Antukh
db689d151e ♻️ Refactor profile and session handling 
- makes the profile access more efficient (replace in-app joins to a
  simple select query on profile table
- add partial support for access-tokens (still missing some RPC methods)
- move router definitions to specific modules and simplify the main http
  module definitions to simple includes
- simplifiy authentication code related to access-tokens and sessions
- normalize db parameters with proper namespaced props
- more work on convert all modules initialization to use proper specs
  with fully-qualified keyword config props
 2023-01-18 10:51:58 +01:00
Andrey Antukh
b4fc39f73c 📎 Disable quotes by default 2023-01-13 10:23:00 +01:00
Andrey Antukh
bafe3ec087 Revert some changes related to admin that are no longer necessary 2023-01-13 10:19:39 +01:00
Andrey Antukh
f628955a15 🐛 Set the same tenant default on backend and exporter 2023-01-09 11:57:13 +01:00
Andrey Antukh
27451b9796 ♻️ Refactor comments RPC methods and add tests 2022-12-31 12:00:57 +01:00
Andrey Antukh
73a3e0c0ae 🎉 Add usage quotes 2022-12-31 11:22:36 +01:00
Andrey Antukh
941aa6ad5d 🔥 Remove unused configuration attrs 2022-12-31 09:22:57 +01:00
Andrey Antukh
b929564fa7 ♻️ Add admin facilities on the code base 
- Fix bugs related to orphan teams on profile deletion
- Separate session based profile-id param from api user provided
 2022-12-22 16:42:45 +01:00
Andrey Antukh
c0a4b7dc76 Improve worker queue management 
and add specific worker instance for webhooks
 2022-12-13 16:17:31 +01:00