Merged
Conversation
[Feat] Plugin UI Integration
* feat(desktop-timer): add dark theme styles and fix css formatting Add overrides for the nb-theme-gauzy-dark class to support dark mode. Update body background, text colors, and spinner shadows. Improve CSS formatting by splitting selectors and normalizing hex color codes. * perf(desktop-ui): implement OnPush change detection for shared login components Apply ChangeDetectionStrategy.OnPush to LogoComponent, SocialLinksComponent, and WorkspaceSelectionComponent to improve rendering performance. Additionally, add a loading input to the WorkspaceSelectionComponent to support reactive state updates. * refactor(ui): improve login flow loading states and change detection Ensure proper UI updates by explicitly calling `markForCheck()` during asynchronous login operations. Use the `finalize` operator to manage loading states consistently across different login features and pass the loading state to the workspace selection component. Additionally, refine the navigation sequence after successful authentication using `concatMap`. * refactor(desktop): use reactive streams and ui routing for logout Refactor the logout process to use RxJS observable streams instead of imperative async/await logic. This migration shifts navigation responsibility from the Electron main process to the Angular router, ensuring a smoother UI transition. Key changes: - Implement `exhaustMap` and `concatMap` to handle logout events sequentially and prevent redundant triggers. - Use `Router.navigate` for UI-side routing to the login page. - Remove manual window URL loading from the Electron IPC main process. - Improve state handling and cleanup during the logout flow. * fix(time-tracker): prevent memory leaks and cleanup logout calls Add untilDestroyed to the logout subscription to ensure proper cleanup when the component is destroyed. Remove redundant await keywords from logout calls since the method returns a subscription instead of a promise. * feat(ui): add retry functionality to magic login workspace Add a retry button to the magic login workspace selection screen to allow users to recover from sign-in failures. Improve state management by resetting error and success flags during the selection process. Refactor ChangeDetectorRef and Router property names to use the underscore prefix convention for consistency across the login components. * refactor: move dark theme overrides to shared styles Relocate the nb-theme-gauzy-dark styles from the desktop-timer app index.html to the ui-core package's shared overrides. This change centralizes theme management and promotes style reusability. * fix(desktop-ui-lib): improve login retry flow and localize logout message Update the magic login workspace component to properly reset its state when a user attempts to retry after a failed sign-in. Additionally, replace the hardcoded logout message in the time tracker with a localized translation key and use asObservable on the logout stream. * refactor(ui-core): use css variables for dark theme overrides Replace hardcoded hex colors with CSS variables in the gauzy-dark theme overrides for body and spinner elements. This change improves theme consistency and maintainability by utilizing the existing theme tokens. * fix(login): navigate to magic login on retry Update the retry method in MagicSignInWorkspaceComponent to redirect users back to the magic login page. This ensures a consistent user flow by allowing users to restart the authentication process after an error. - Convert retry to an asynchronous method - Add router navigation to the magic login route - Remove manual change detection call - Clean up module imports * fix(login): improve formatting and structure of magic login workspace template
* fix(ui-plugin): updated job employee ui plugin * Update packages/plugins/job-employee-ui/src/lib/components/job-search-status-editor/job-search-status-editor.component.ts Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fix(ui): apply AI suggestion by bot agent reviewers * Update `job-employee.component` * fix(ui): apply AI suggestion by bot agent reviewers * fix(ui): apply AI suggestion by bot agent reviewers --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
#9479) * fix: desktop timer on linux, blink tray icon, prevent right click menu * fix: clean code * fix: missing about window * fix: missing about window
Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.7 to 7.5.8. - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v7.5.7...v7.5.8) --- updated-dependencies: - dependency-name: tar dependency-version: 7.5.8 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
chore(deps): bump tar from 7.5.7 to 7.5.8
* fix: window titlebar color theme * fix: menubar font * fix: typo variable name
fix(plugins): render jobs menu based on integration entity settings
* build(core): add @nestjs/schedule dependency Add @nestjs/schedule to the core package to support automated token cleanup tasks. * feat(core): implement centralized token management system Introduce a comprehensive TokenModule using the CQRS pattern to handle token lifecycle management, including creation, rotation, validation, and revocation. This system replaces manual JWT handling with a structured service-oriented approach. Key changes include: - Addition of a base Token entity with support for both TypeORM and MikroORM. - Implementation of token rotation with pessimistic locking for concurrency. - Specialized AccessToken and RefreshToken services for the auth layer. - Automated cleanup of expired and inactive tokens via a background scheduler. - Integration of new token services into the AuthService and AuthController. - Detailed audit tracking for token rotation chains. * refactor(token): resolve jwt service from registry by token type Update command and query handlers to fetch the required IJwtService from the TokenConfigRegistry instead of using direct injection. This enables the system to handle different JWT configurations for distinct token types dynamically at runtime. - Add registerJwtService and getJwtService to TokenConfigRegistry - Update handlers to resolve jwtService using the provided tokenType - Configure TokenModule to register scoped JWT services into the registry during initialization * fix(token): move command and query handlers to scoped providers Move the registration of CommandHandlers and QueryHandlers to the providers array to ensure they are correctly included and handled for the scoped service. * feat(token): streamline token repository methods and enhance type definitions in token module * feat(auth): include request metadata in tokens and refactor rotation Move token rotation logic from AuthController to AuthService to improve separation of concerns. Update JWT access and refresh token payloads to include the client IP address, user agent, and optional client ID. Add helper methods to RequestContext to extract client request details directly from the request context. * feat(token): add ValidateTokenHandler for token validation logic * refactor(token): enhance token validation logic and improve readability * feat(token): add isActivated method to token entity Add an isActivated helper method to the Token entity and IToken interface to determine if a token is currently active. Update the ValidateTokenHandler to use this method instead of direct status comparison for better encapsulation. * feat(token): require explicit provider tokens for async registration to prevent collisions * feat(token): enhance date filtering logic in query methods using Between for improved range queries * feat(token): enhance refresh token rotation logic to prevent revocation on access token generation failure * fix(token): preserve token-type mismatch error in ScopedJwtService.verify Move token-type validation outside jwt.verify() try/catch so a thrown "Token type mismatch" is not replaced by the generic "Token verification failed". This ensures callers receive the specific application error. * fix(token): log error when failing to decode token in ScopedJwtService.decode * fix(token): ensure threshold check for inactive tokens is not empty * refactor(token): clarify metadata handling in token rotation process * refactor(refresh-token): expose revoke method and remove internal call Change the visibility of the revoke method from private to public and remove the automatic revocation of the old token during the rotation process. This allows external callers to manage token lifecycle and revocation more explicitly. * refactor(auth): rename 'ip' to 'ipAddress' for clarity in token metadata * refactor(refresh-token): update ApiProperty to ApiPropertyOptional for clientId * fix(token): correct typo in comment regarding metadata handling * fix(access-token): correct expiration comment for JWT token duration * refactor(request-context): update return type of currentIp and currentUserAgent methods to string * fix(access-token): correct typo in client identifier comment and remove unused email field * fix(auth): await the token rotation process in refreshToken method * fix(token): update getCurrentUserId return type to string | null and adjust token creation metadata handling * refactor(token): wrap token creation and update in a transaction for improved consistency * feat(token): implement canRevoke method and update revoke logic for token handling * fix(token): change onDelete behavior for rotated tokens to SET NULL * refactor(token): extract token hashing to dedicated service Move token hashing logic from IJwtService into a standalone ITokenHasher interface and TokenHasherService. This improves separation of concerns by decoupling JWT-related operations from one-way hashing used for database storage. - Create ITokenHasher and TokenHasherService - Update command and query handlers to inject TokenHasher - Update TokenModule to provide the new service and injection token - Clean up JwtService and ScopedJwtService implementations * refactor(token): remove deprecated tokenHash fields from DTOs * refactor(token): remove resolveRawToken function and update token handlers to use rawToken directly * fix(token): change onDelete behavior for revoked tokens to SET NULL * fix(auth): re-throw UnauthorizedException for proper 401 response handling * refactor(token): enhance cycle detection in token audit trail retrieval * feat(core): implement pessimistic locking for MikroORM in token repository Add implementation for findByHashWithLock when using MikroORM by utilizing the PESSIMISTIC_WRITE lock mode. * fix(token): prevent metadata from overwriting core jwt claims Ensure that mandatory JWT claims such as userId, tokenType, and tokenId take precedence by spreading metadata at the beginning of the payload object. This prevents potential claim spoofing via metadata collisions. Additionally, remove redundant optional chaining when accessing metadata from the DTO. * refactor(token): update metadata structure in token entity * feat(cspell): add new words "Hasher" and "VARCHAR" to the spellcheck dictionary * refactor(token): streamline CleanupExpiredTokensCommand and update crypto import in TokenHasherService * refactor(core): remove raw-token export from shared index Remove the export of raw-token from the shared token module index to clean up the public API surface area. * feat(token): make provider tokens optional in forFeatureAsync Update TokenModule to automatically generate provider tokens based on the factory name when they are not explicitly provided. This simplifies the asynchronous registration of feature modules by removing the requirement for manual token configuration. Additionally, update RevokeTokenHandler to use the TokenHasher class constant for dependency injection instead of a string literal. * feat(token): log error when failing to update last used timestamp in token validation * refactor(token): remove unused jwt service from revoke handler Remove the IJwtService dependency and its associated token from the RevokeTokenHandler as they are no longer being used. * feat(token): enhance session control and implement usage limits Improve token lifecycle management by moving single-session revocation logic into transactions for atomicity. Implement max usage count validation during token verification and ensure rotation respects session constraints. Clean up unused repository dependencies and improve error handling during rotation. * refactor(token): migrate to @nestjs/jwt for token handling Replace the custom JWT service implementation with the @nestjs/jwt package. Update the IJwtService interface and ScopedJwtService to support asynchronous signing and verification operations. Ensure all callers in command handlers are updated to await the new asynchronous sign method. Standardize error handling by using NestJS built-in exceptions during token verification. * refactor(token): mark jwtService as readonly in ScopedJwtService Update the ScopedJwtService constructor to mark the jwtService property as readonly, ensuring it cannot be reassigned after initialization, and format the parameters for improved readability. * feat(token): enhance metadata column type for cross-database compatibility * feat(token): enhance token entity with unique index and refine column types * feat(database): add tokens table migration Implement a new migration to create the tokens table for managing authentication or access tokens. The schema supports token rotation, revocation reasons, metadata storage, and usage tracking across Postgres, SQLite, and MySQL. * feat(token): change user relationship onDelete behavior to CASCADE * fix(token): handle metadata serialization for sqlite Update token creation and rotation handlers to manually stringify and parse metadata when using SQLite. Since SQLite stores JSON as text, this ensures consistent behavior across different database providers and prevents type errors during JWT generation. * fix(token): bypass row lock for sqlite in token rotation Check the database type and avoid using findByHashWithLock when using better-sqlite3. This prevents errors as SQLite does not support row-level locking in the same way as other relational databases. * feat(core): add unified json column decorators Introduce JsonColumn, JsonbColumn, and JsonArrayColumn decorators to provide a consistent API for handling JSON data across TypeORM and MikroORM. These decorators automatically resolve the underlying storage type (e.g., jsonb for Postgres, json for MySQL) based on the database driver and handle serialization logic. The implementation allows native ORM column options to be passed directly, maintaining full type safety and autocomplete without resorting to generic record types. * refactor(token): simplify metadata handling with JsonColumn decorator Remove database-specific conditional logic for JSON serialization and parsing in token handlers and entities. Use the @JsonColumn decorator to abstract JSON storage logic across different database providers, and update types to consistently use objects for metadata. * fix(migration): generate new migration * refactor(token): remove deprecated token DTO definition * feat(token): implement token cleanup scheduler for automatic token management * fix(token): replace generic error with UnauthorizedException for token type mismatch * refactor(token): optimize findByHashWithLock method for TypeORM locking * fix(core): assign temporary uuid to token hash during rotation Assign a temporary random UUID to the tokenHash field during the initial token creation phase of the rotation process. This avoids potential database issues with empty strings before the actual JWT hash is generated and updated. * refactor(token): extract orm adapters to simplify repository Extract TypeORM and MikroORM repository logic into a dedicated adapter factory. This removes massive code duplication within the transaction method and ensures a consistent interface across different ORM implementations. * refactor(token): use UnauthorizedException for rotation errors Update RotateTokenHandler to consistently throw UnauthorizedException instead of ConflictException or NotFoundException for all validation failures. This ensures a uniform error response and prevents information leakage regarding the existence or specific state of tokens. Additionally, update the crypto import to use the node: prefix. * fix(token): use randomUUID for temporary tokenHash during creation * feat(core): enhance token entity with lifecycle and diagnostic methods Expand the Token entity and IToken interface with a comprehensive set of utility methods for state validation, lineage tracking, and observability. These changes facilitate more robust token management and debugging. Key additions: - Status predicates: isTerminal, isRotated, isUsable, isAtUsageLimit. - Lineage helpers: hasParent, hasSuccessor, isRootToken. - Temporal/Metadata helpers: getRemainingTime, getAgeTime, hasMetadata. - Diagnostic tools: toDebugInfo and getHealthReport for structured validity analysis. - Interface updates: New DTOs (BulkRevoke, Extend, Transfer) and expanded ITokenFilters for advanced querying. * refactor(token): improve robustness of create and validate handlers Refactor token command and query handlers to enhance error handling, logging, and logic flow. The create handler now fails fast on configuration errors and explicitly handles JWT signing or database persistence failures. The validation handler is restructured to delegate business rules to the domain entity and uses a centralized helper method to identify and persist specific failure reasons such as expiration, inactivity, or usage limits. Both handlers now utilize a structured logger instead of console logs. * feat(core): add verify method to AccessTokenService Implement a centralized token verification method in AccessTokenService that handles validation and inactivity checks. Refactor AuthService to use this new method, simplifying the isAuthenticated logic and ensuring consistent token validation and error handling across the application. * feat(auth): implement logout with token revocation Update the logout process to revoke both refresh and access tokens. The logout endpoint is changed from GET to POST and now requires a refresh_token in the body. Added a revoke method to AccessTokenService and unified the logout logic in AuthService to ensure secure session termination. * feat(auth): enhance logout process and improve token revocation handling * feat(auth): enhance logout process by conditionally revoking tokens * fix(auth): send refresh token during logout Update the logout process to use a POST request and include the refresh token in the request body. This ensures the backend can correctly identify and invalidate the specific session being terminated. The changes affect both the desktop-ui-lib and ui-core packages. * fix(token): improve logging for JWT verification failure to ensure sensitive info is redacted * fix(auth): require authentication for logout endpoint Remove the @public() decorator from the logout route to ensure it is protected by the default authentication guard. This prevents unauthenticated requests from accessing the logout functionality. * chore(core): disable token module scheduler Disable the scheduler in TokenModule by setting enableScheduler to false. Additionally, reorganize and sort all imports in the AppModule for better maintainability and consistency. * chore(token): update comment to clarify default state of token cleanup scheduler * fix(auth): handle errors during logout by returning an empty observable * fix(core): enhance auth security and token validation logic Ensure the logout process awaits all token revocations using Promise.allSettled and add defense-in-depth verification by comparing token payloads against database records. Implement proper pessimistic locking and column escaping in token repositories for both TypeORM and MikroORM to prevent race conditions during usage count increments. Update token validation to strictly enforce usage limits by awaiting database updates for capped tokens. Additionally, improve JSON column serialization for text-based storage. * fix(auth): handle logout request errors Add error handling to the doLogout call within the auth strategy. This ensures that the client-side logout flow is not interrupted if the server-side token revocation request fails.
Replace the persistent Subject in RefreshStateManager with a per-refresh ReplaySubject to handle concurrent token requests more reliably. This ensures that queued requests receive the refresh result even if they subscribe after the refresh has started and eliminates the need for manual ID tracking. Additionally, update the RefreshTokenInterceptor to only trigger the session expired handler if the user is currently authenticated, preventing redundant logout actions during authentication failures.
Replace the persistent Subject in RefreshStateManager with a per-refresh ReplaySubject to handle concurrent token requests more reliably. This ensures that queued requests receive the refresh result even if they subscribe after the refresh has started and eliminates the need for manual ID tracking. Additionally, update the RefreshTokenInterceptor to only trigger the session expired handler if the user is currently authenticated, preventing redundant logout actions during authentication failures.
* fix: last screen capture on app starting up * fix: window automatically grow after start timer at first time * fix: image-viewer handle last capture image * fix: image-viewer handle last capture image
* @rahul-rocket chore(deps): chore(deps): bump @angular/core from ^20.2.4 to 21.1.2 * fix(ui): update missing jest.preset.js * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 * chore(deps): bump jest-preset-angular to 16.0.0 * chore(deps): bump @nebular/* packages to 17.0.0 for Angular 21 compatibility * chore(deps): upgrade all packages to Angular 21 and compatible dependencies * chore(deps): upgrade all packages to Angular 21 and compatible dependencies * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 * Update yarn.lock * Update yarn.lock * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 Replace 'jest-preset-angular/setup-jest' imports with the new 'setupZoneTestEnv' function. * @nx/jest: replace-removed-matcher-aliases-v22-3 Replace removed matcher aliases in Jest v30 with their corresponding matcher * chore(deps): @angular/common and @angular/core peerDependencies to ^21.1.0 * Update package.json * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 * chore(deps): bump @nebular/theme from ^16.0.0 to ^17.0.0 * chore(deps): upgrade all packages to Angular 21 * chore(deps): upgrade all packages to Angular 21 * fix(build): update helmet import to support 8.x default export * fix(build): resolve TypeScript errors and improve code quality - Fix TemplateRef type conflicts caused by duplicate @angular/core packages (ngx-permissions) - Change moment imports from namespace to default imports for ESM compatibility - Convert constructor injection to inject() function in multiple components - Add OnPush change detection strategy to WindowLayoutComponent - Make CountdownConfirmationComponent standalone - Update LayoutWithDraggableObject to use any[] for draggableObject type * fix(build): fix moment & timezone namespace packages * fix(build): add jest config for missing packages * chore(deps): bump swiper from 8.3.1 to 12.1.0 * fix(build): update swiper module and syntax * Update time-tracking.component.ts * chore(deps): downgrade `node-polyfill-webpack-plugin` from 4.1.0 to 1.1.4 * fix(deps): resolve browserslist "Unknown version 143 of and_chr" error Add caniuse-lite and browserslist to yarn resolutions to force all * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 * fix(deps): standardize Angular 21.0.0 versions across all packages and fix compatibility issues - Fix @angular/* packages to use exact version 21.0.0 (remove caret ^) across all apps, packages, and plugins - Add @angular/cdk resolution to 21.0.0 to force consistent version * fix(build): `ui-config` replace env files module issue * fix(build): `ui-config` replace env files module issue * fix(build): replace all TemplateRef<HTMLElement> with TemplateRef<any> * Update package.json * Update apps\agent\tsconfig.json * chore(deps): upgrade packages to latest version * Update yarn.lock * Update yarn.lock * fix(build): apply AI suggestion by bot agent reviewers * fix(build): apply AI suggestion by bot agent reviewers * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 * chore(deps): bump @nestjs/common and @nestjs/core to 11.1.14 * fix(build): replace all TemplateRef<HTMLElement> with TemplateRef<any> * fix(plugins): apply AI suggestion by bot agent reviewers * Update yarn.lock * chore(deps): bump packages * Update yarn.lock * chore(deps): bump packages * chore(deps): bump packages * fix(plugins): replace 'jest-preset-angular/setup-jest' imports with the new 'setupZoneTestEnv' * fix(plugins): apply AI suggestion by bot agent reviewers * fix(cspell): typo spelling :-) * fix(plugins): apply AI suggestion by bot agent reviewers * fix: fontawesome icon change version to FA 7 * refactor(ui-core): migrate dashboard directives to standalone * refactor(ui-core): migrate pipes/directives to standalone * fix(plugins): apply AI suggestion by bot agent reviewers * fix(plugins): apply AI suggestion by bot agent reviewers * chore(deps): bump packages * refactor(ui-core): migrate directives to standalone * fix(plugins): apply AI suggestion by bot agent reviewers --------- Co-authored-by: Ruslan Konviser <evereq@gmail.com> Co-authored-by: syns2191 <sutralian@gmail.com>
Bumps [hono](https://github.com/honojs/hono) from 4.11.9 to 4.12.0. - [Release notes](https://github.com/honojs/hono/releases) - [Commits](honojs/hono@v4.11.9...v4.12.0) --- updated-dependencies: - dependency-name: hono dependency-version: 4.12.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
…12.0 chore(deps): bump hono from 4.11.9 to 4.12.0
* chore(deps): bump nx from 22.3.0 to 22.4.0 * chore(deps): bump nx from 22.3.0 to 22.4.0 * Update package.json * Update package.json * chore(deps): bump @angular/cdk from 21.0.0 to 21.0.1 * chore(deps): bump @angular/cdk from 21.0.1 to 21.0.6
…Is (#9493) * fix: improved articles entities and generate migration * fix: improved articles services * fix: unecessary docs * fix: AI suggestions * fix: AI suggestions * feat: added get articles by project id API * fix: deepscan issue
fix: failed load window url
…ys for API calls in activepieces plugin(Gauzy --> Activepieces)) (#9461) * feat: implement and extend the oauth app for gauzy and thirdparty * fix: add review suggestions and set environment * fix: add review suggestions and enhance security * fix: fixe typos spelling * fix: add AI review suggestions * fix: add AI review suggestions * feat: implement redis GETDEL for cache-manager in race condition * fix: enhance security and fix review suggestions * fix: fix typos spelling * fix(activepieces): refactor activepieces plugin integration by start using API Key for API calls * chore(activepieces): refactor config for activepieces, add API keys as access token for activepieces plugin integration * feat: implement method for setting up authorization with API key * fix: refactor activepieces plugin ui integration by starting using API key * fix: cleaned up i18n and update UI service implementation * fix: add review suggestions from AI agents * fix: add review suggestions from AI * fix: wrap all call across services in try/catch to avoid not found issues on first attempts * fix: add review suggestions * fix: add review suggestions * fix(Oauth2): separate Auth0 concerns from OAuth2.0 App flow for a better developer experience * fix: fix typos spelling
* fix: improve security of registration endpoint * fix(security): harden type checks in RegisterAuthorizationGuard Add typeof === 'object' safety checks when extracting role.id and tenant.id from the raw request body. The guard runs before the validation pipe, so it cannot rely on DTO type enforcement. This prevents potential edge cases where role or tenant are non-object values (e.g. strings) from being misinterpreted during ID extraction. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: improve security of registration endpoint * Update register-authorization.guard.ts * fix: removed console.log * Update auth.register.handler.ts * fix: scope role lookups to tenant to avoid relying solely on guard validation * fix(build): apply AI suggestion by bot agent reviewers * Apply suggestion from @coderabbitai[bot] Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Rahul R. <rahulrathore576@gmail.com> Co-authored-by: Rahul R. <41804588+rahul-rocket@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* chore: updated *ng directives with @ directives via 'nx generate @angular/core:control-flow' command * chore: manually updated the template directives and ran nx format on them. * fix(candidates): format edit-candidate-feedbacks template with @for syntax * refactor: modernize templates with improved bindings, control flow, and performance optimizations * refactor: migrate ngClass/ngStyle to bindings and format templates * style: apply nx formatting to html templates * refactor(desktop-ui): remove unused NgClass imports * style: apply nx format to changed files * fix(gauzy): correct control flow syntax in time-tracking template * fix: resolved ai suggestions for improvements (untested) * refactor(desktop-ui-lib): remove unused NgClass/NgStyle imports from standalone components * git commit -m "refactor(ui-core): migrate toggle-filter ngClass to class bindings" * refactor(desktop-ui-lib): remove unused NgClass and NgStyle imports * fix: cubic-ai's suggestion * refactor(pages): apply CodeRabbit suggestions for template control flow * fix(pages): resolve CodeRabbit issues for security, UI feedback and logic regressions * fix(pages): correct syntax errors in human-resources and teams templates * fix (pages): resolve CoderRabbit issues * refactor: format dynamic-tabs template and remove unused NgClass from image-viewer * feat(i18n): update translations for permission error * refactor(client): migrate goals - CodeRabbit recommendations, enhance approval policy UX, and resolve miscellaneous UI bugs * fix (bug) : documents page, undefined 'i' bug fixed. * chore: fix ai recommendations marked as critical * refactor: remove legacy NgStyle, NgClass directives and use native style/class bindings * fix(ui): correct positions grid, optimize inventory validation, and refine help center template * refactor(ui): update components (HelpCenter, TimeTracking, Import, Invoices) with standalone migration, strict type fixes, and template improvements. * refactor(ui): extract employment type dialog logic to component methods * refactor(ui): optimize Angular templates with improved control flow, track expressions, and formatting * refactor(goals): replace ngClass with class binding * fix(cubic-ai) : fixed dialog closing issue * refactor(goals): optimize imports and consolidate shared modules for standalone component * style: apply nx format on merge conflict resolved files * refactor: migrate ngTemplateOutlet to property binding (+nx format) * fix(dashboard): fixed empty arrays in component, to render templates * fix: restore duplicate validation toasts and remove non-existent track property references * fix: remove invalid id property from activity track in time-tracking template
* Merge pull request #9449 from ever-co/feat/ui-plugin-integration [Feat] Plugin UI Integration * [Bug] Login flow routing and change detection (#9475) * feat(desktop-timer): add dark theme styles and fix css formatting Add overrides for the nb-theme-gauzy-dark class to support dark mode. Update body background, text colors, and spinner shadows. Improve CSS formatting by splitting selectors and normalizing hex color codes. * perf(desktop-ui): implement OnPush change detection for shared login components Apply ChangeDetectionStrategy.OnPush to LogoComponent, SocialLinksComponent, and WorkspaceSelectionComponent to improve rendering performance. Additionally, add a loading input to the WorkspaceSelectionComponent to support reactive state updates. * refactor(ui): improve login flow loading states and change detection Ensure proper UI updates by explicitly calling `markForCheck()` during asynchronous login operations. Use the `finalize` operator to manage loading states consistently across different login features and pass the loading state to the workspace selection component. Additionally, refine the navigation sequence after successful authentication using `concatMap`. * refactor(desktop): use reactive streams and ui routing for logout Refactor the logout process to use RxJS observable streams instead of imperative async/await logic. This migration shifts navigation responsibility from the Electron main process to the Angular router, ensuring a smoother UI transition. Key changes: - Implement `exhaustMap` and `concatMap` to handle logout events sequentially and prevent redundant triggers. - Use `Router.navigate` for UI-side routing to the login page. - Remove manual window URL loading from the Electron IPC main process. - Improve state handling and cleanup during the logout flow. * fix(time-tracker): prevent memory leaks and cleanup logout calls Add untilDestroyed to the logout subscription to ensure proper cleanup when the component is destroyed. Remove redundant await keywords from logout calls since the method returns a subscription instead of a promise. * feat(ui): add retry functionality to magic login workspace Add a retry button to the magic login workspace selection screen to allow users to recover from sign-in failures. Improve state management by resetting error and success flags during the selection process. Refactor ChangeDetectorRef and Router property names to use the underscore prefix convention for consistency across the login components. * refactor: move dark theme overrides to shared styles Relocate the nb-theme-gauzy-dark styles from the desktop-timer app index.html to the ui-core package's shared overrides. This change centralizes theme management and promotes style reusability. * fix(desktop-ui-lib): improve login retry flow and localize logout message Update the magic login workspace component to properly reset its state when a user attempts to retry after a failed sign-in. Additionally, replace the hardcoded logout message in the time tracker with a localized translation key and use asObservable on the logout stream. * refactor(ui-core): use css variables for dark theme overrides Replace hardcoded hex colors with CSS variables in the gauzy-dark theme overrides for body and spinner elements. This change improves theme consistency and maintainability by utilizing the existing theme tokens. * fix(login): navigate to magic login on retry Update the retry method in MagicSignInWorkspaceComponent to redirect users back to the magic login page. This ensures a consistent user flow by allowing users to restart the authentication process after an error. - Convert retry to an asynchronous method - Add router navigation to the magic login route - Remove manual change detection call - Clean up module imports * fix(login): improve formatting and structure of magic login workspace template * fix(ui-plugin): updated job employee ui plugin (#9476) * fix(ui-plugin): updated job employee ui plugin * Update packages/plugins/job-employee-ui/src/lib/components/job-search-status-editor/job-search-status-editor.component.ts Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fix(ui): apply AI suggestion by bot agent reviewers * Update `job-employee.component` * fix(ui): apply AI suggestion by bot agent reviewers * fix(ui): apply AI suggestion by bot agent reviewers --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fix(plugins): apply AI suggestion by bot agent reviewers (#9477) * chore: win builds * fix: desktop timer on linux, blink tray icon, prevent right click menu (#9479) * fix: desktop timer on linux, blink tray icon, prevent right click menu * fix: clean code * fix: missing about window * fix: missing about window * chore(deps): bump tar from 7.5.7 to 7.5.8 Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.7 to 7.5.8. - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v7.5.7...v7.5.8) --- updated-dependencies: - dependency-name: tar dependency-version: 7.5.8 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * fix(plugins): apply AI suggestion by bot agent reviewers * Fix/window title bar (#9481) * fix: window titlebar color theme * fix: menubar font * fix: typo variable name * Merge pull request #9485 from ever-co/fix/jobs-menu-rendering fix(plugins): render jobs menu based on integration entity settings * [Feat] Enhance refresh token mechanism (#9474) * build(core): add @nestjs/schedule dependency Add @nestjs/schedule to the core package to support automated token cleanup tasks. * feat(core): implement centralized token management system Introduce a comprehensive TokenModule using the CQRS pattern to handle token lifecycle management, including creation, rotation, validation, and revocation. This system replaces manual JWT handling with a structured service-oriented approach. Key changes include: - Addition of a base Token entity with support for both TypeORM and MikroORM. - Implementation of token rotation with pessimistic locking for concurrency. - Specialized AccessToken and RefreshToken services for the auth layer. - Automated cleanup of expired and inactive tokens via a background scheduler. - Integration of new token services into the AuthService and AuthController. - Detailed audit tracking for token rotation chains. * refactor(token): resolve jwt service from registry by token type Update command and query handlers to fetch the required IJwtService from the TokenConfigRegistry instead of using direct injection. This enables the system to handle different JWT configurations for distinct token types dynamically at runtime. - Add registerJwtService and getJwtService to TokenConfigRegistry - Update handlers to resolve jwtService using the provided tokenType - Configure TokenModule to register scoped JWT services into the registry during initialization * fix(token): move command and query handlers to scoped providers Move the registration of CommandHandlers and QueryHandlers to the providers array to ensure they are correctly included and handled for the scoped service. * feat(token): streamline token repository methods and enhance type definitions in token module * feat(auth): include request metadata in tokens and refactor rotation Move token rotation logic from AuthController to AuthService to improve separation of concerns. Update JWT access and refresh token payloads to include the client IP address, user agent, and optional client ID. Add helper methods to RequestContext to extract client request details directly from the request context. * feat(token): add ValidateTokenHandler for token validation logic * refactor(token): enhance token validation logic and improve readability * feat(token): add isActivated method to token entity Add an isActivated helper method to the Token entity and IToken interface to determine if a token is currently active. Update the ValidateTokenHandler to use this method instead of direct status comparison for better encapsulation. * feat(token): require explicit provider tokens for async registration to prevent collisions * feat(token): enhance date filtering logic in query methods using Between for improved range queries * feat(token): enhance refresh token rotation logic to prevent revocation on access token generation failure * fix(token): preserve token-type mismatch error in ScopedJwtService.verify Move token-type validation outside jwt.verify() try/catch so a thrown "Token type mismatch" is not replaced by the generic "Token verification failed". This ensures callers receive the specific application error. * fix(token): log error when failing to decode token in ScopedJwtService.decode * fix(token): ensure threshold check for inactive tokens is not empty * refactor(token): clarify metadata handling in token rotation process * refactor(refresh-token): expose revoke method and remove internal call Change the visibility of the revoke method from private to public and remove the automatic revocation of the old token during the rotation process. This allows external callers to manage token lifecycle and revocation more explicitly. * refactor(auth): rename 'ip' to 'ipAddress' for clarity in token metadata * refactor(refresh-token): update ApiProperty to ApiPropertyOptional for clientId * fix(token): correct typo in comment regarding metadata handling * fix(access-token): correct expiration comment for JWT token duration * refactor(request-context): update return type of currentIp and currentUserAgent methods to string * fix(access-token): correct typo in client identifier comment and remove unused email field * fix(auth): await the token rotation process in refreshToken method * fix(token): update getCurrentUserId return type to string | null and adjust token creation metadata handling * refactor(token): wrap token creation and update in a transaction for improved consistency * feat(token): implement canRevoke method and update revoke logic for token handling * fix(token): change onDelete behavior for rotated tokens to SET NULL * refactor(token): extract token hashing to dedicated service Move token hashing logic from IJwtService into a standalone ITokenHasher interface and TokenHasherService. This improves separation of concerns by decoupling JWT-related operations from one-way hashing used for database storage. - Create ITokenHasher and TokenHasherService - Update command and query handlers to inject TokenHasher - Update TokenModule to provide the new service and injection token - Clean up JwtService and ScopedJwtService implementations * refactor(token): remove deprecated tokenHash fields from DTOs * refactor(token): remove resolveRawToken function and update token handlers to use rawToken directly * fix(token): change onDelete behavior for revoked tokens to SET NULL * fix(auth): re-throw UnauthorizedException for proper 401 response handling * refactor(token): enhance cycle detection in token audit trail retrieval * feat(core): implement pessimistic locking for MikroORM in token repository Add implementation for findByHashWithLock when using MikroORM by utilizing the PESSIMISTIC_WRITE lock mode. * fix(token): prevent metadata from overwriting core jwt claims Ensure that mandatory JWT claims such as userId, tokenType, and tokenId take precedence by spreading metadata at the beginning of the payload object. This prevents potential claim spoofing via metadata collisions. Additionally, remove redundant optional chaining when accessing metadata from the DTO. * refactor(token): update metadata structure in token entity * feat(cspell): add new words "Hasher" and "VARCHAR" to the spellcheck dictionary * refactor(token): streamline CleanupExpiredTokensCommand and update crypto import in TokenHasherService * refactor(core): remove raw-token export from shared index Remove the export of raw-token from the shared token module index to clean up the public API surface area. * feat(token): make provider tokens optional in forFeatureAsync Update TokenModule to automatically generate provider tokens based on the factory name when they are not explicitly provided. This simplifies the asynchronous registration of feature modules by removing the requirement for manual token configuration. Additionally, update RevokeTokenHandler to use the TokenHasher class constant for dependency injection instead of a string literal. * feat(token): log error when failing to update last used timestamp in token validation * refactor(token): remove unused jwt service from revoke handler Remove the IJwtService dependency and its associated token from the RevokeTokenHandler as they are no longer being used. * feat(token): enhance session control and implement usage limits Improve token lifecycle management by moving single-session revocation logic into transactions for atomicity. Implement max usage count validation during token verification and ensure rotation respects session constraints. Clean up unused repository dependencies and improve error handling during rotation. * refactor(token): migrate to @nestjs/jwt for token handling Replace the custom JWT service implementation with the @nestjs/jwt package. Update the IJwtService interface and ScopedJwtService to support asynchronous signing and verification operations. Ensure all callers in command handlers are updated to await the new asynchronous sign method. Standardize error handling by using NestJS built-in exceptions during token verification. * refactor(token): mark jwtService as readonly in ScopedJwtService Update the ScopedJwtService constructor to mark the jwtService property as readonly, ensuring it cannot be reassigned after initialization, and format the parameters for improved readability. * feat(token): enhance metadata column type for cross-database compatibility * feat(token): enhance token entity with unique index and refine column types * feat(database): add tokens table migration Implement a new migration to create the tokens table for managing authentication or access tokens. The schema supports token rotation, revocation reasons, metadata storage, and usage tracking across Postgres, SQLite, and MySQL. * feat(token): change user relationship onDelete behavior to CASCADE * fix(token): handle metadata serialization for sqlite Update token creation and rotation handlers to manually stringify and parse metadata when using SQLite. Since SQLite stores JSON as text, this ensures consistent behavior across different database providers and prevents type errors during JWT generation. * fix(token): bypass row lock for sqlite in token rotation Check the database type and avoid using findByHashWithLock when using better-sqlite3. This prevents errors as SQLite does not support row-level locking in the same way as other relational databases. * feat(core): add unified json column decorators Introduce JsonColumn, JsonbColumn, and JsonArrayColumn decorators to provide a consistent API for handling JSON data across TypeORM and MikroORM. These decorators automatically resolve the underlying storage type (e.g., jsonb for Postgres, json for MySQL) based on the database driver and handle serialization logic. The implementation allows native ORM column options to be passed directly, maintaining full type safety and autocomplete without resorting to generic record types. * refactor(token): simplify metadata handling with JsonColumn decorator Remove database-specific conditional logic for JSON serialization and parsing in token handlers and entities. Use the @JsonColumn decorator to abstract JSON storage logic across different database providers, and update types to consistently use objects for metadata. * fix(migration): generate new migration * refactor(token): remove deprecated token DTO definition * feat(token): implement token cleanup scheduler for automatic token management * fix(token): replace generic error with UnauthorizedException for token type mismatch * refactor(token): optimize findByHashWithLock method for TypeORM locking * fix(core): assign temporary uuid to token hash during rotation Assign a temporary random UUID to the tokenHash field during the initial token creation phase of the rotation process. This avoids potential database issues with empty strings before the actual JWT hash is generated and updated. * refactor(token): extract orm adapters to simplify repository Extract TypeORM and MikroORM repository logic into a dedicated adapter factory. This removes massive code duplication within the transaction method and ensures a consistent interface across different ORM implementations. * refactor(token): use UnauthorizedException for rotation errors Update RotateTokenHandler to consistently throw UnauthorizedException instead of ConflictException or NotFoundException for all validation failures. This ensures a uniform error response and prevents information leakage regarding the existence or specific state of tokens. Additionally, update the crypto import to use the node: prefix. * fix(token): use randomUUID for temporary tokenHash during creation * feat(core): enhance token entity with lifecycle and diagnostic methods Expand the Token entity and IToken interface with a comprehensive set of utility methods for state validation, lineage tracking, and observability. These changes facilitate more robust token management and debugging. Key additions: - Status predicates: isTerminal, isRotated, isUsable, isAtUsageLimit. - Lineage helpers: hasParent, hasSuccessor, isRootToken. - Temporal/Metadata helpers: getRemainingTime, getAgeTime, hasMetadata. - Diagnostic tools: toDebugInfo and getHealthReport for structured validity analysis. - Interface updates: New DTOs (BulkRevoke, Extend, Transfer) and expanded ITokenFilters for advanced querying. * refactor(token): improve robustness of create and validate handlers Refactor token command and query handlers to enhance error handling, logging, and logic flow. The create handler now fails fast on configuration errors and explicitly handles JWT signing or database persistence failures. The validation handler is restructured to delegate business rules to the domain entity and uses a centralized helper method to identify and persist specific failure reasons such as expiration, inactivity, or usage limits. Both handlers now utilize a structured logger instead of console logs. * feat(core): add verify method to AccessTokenService Implement a centralized token verification method in AccessTokenService that handles validation and inactivity checks. Refactor AuthService to use this new method, simplifying the isAuthenticated logic and ensuring consistent token validation and error handling across the application. * feat(auth): implement logout with token revocation Update the logout process to revoke both refresh and access tokens. The logout endpoint is changed from GET to POST and now requires a refresh_token in the body. Added a revoke method to AccessTokenService and unified the logout logic in AuthService to ensure secure session termination. * feat(auth): enhance logout process and improve token revocation handling * feat(auth): enhance logout process by conditionally revoking tokens * fix(auth): send refresh token during logout Update the logout process to use a POST request and include the refresh token in the request body. This ensures the backend can correctly identify and invalidate the specific session being terminated. The changes affect both the desktop-ui-lib and ui-core packages. * fix(token): improve logging for JWT verification failure to ensure sensitive info is redacted * fix(auth): require authentication for logout endpoint Remove the @public() decorator from the logout route to ensure it is protected by the default authentication guard. This prevents unauthenticated requests from accessing the logout functionality. * chore(core): disable token module scheduler Disable the scheduler in TokenModule by setting enableScheduler to false. Additionally, reorganize and sort all imports in the AppModule for better maintainability and consistency. * chore(token): update comment to clarify default state of token cleanup scheduler * fix(auth): handle errors during logout by returning an empty observable * fix(core): enhance auth security and token validation logic Ensure the logout process awaits all token revocations using Promise.allSettled and add defense-in-depth verification by comparing token payloads against database records. Implement proper pessimistic locking and column escaping in token repositories for both TypeORM and MikroORM to prevent race conditions during usage count increments. Update token validation to strictly enforce usage limits by awaiting database updates for capped tokens. Additionally, improve JSON column serialization for text-based storage. * fix(auth): handle logout request errors Add error handling to the doLogout call within the auth strategy. This ensures that the client-side logout flow is not interrupted if the server-side token revocation request fails. * fix(auth): token refresh state management Replace the persistent Subject in RefreshStateManager with a per-refresh ReplaySubject to handle concurrent token requests more reliably. This ensures that queued requests receive the refresh result even if they subscribe after the refresh has started and eliminates the need for manual ID tracking. Additionally, update the RefreshTokenInterceptor to only trigger the session expired handler if the user is currently authenticated, preventing redundant logout actions during authentication failures. * Fix/last screen capture (#9484) * fix: last screen capture on app starting up * fix: window automatically grow after start timer at first time * fix: image-viewer handle last capture image * fix: image-viewer handle last capture image * chore: update Angular to v21 (#9390) * @rahul-rocket chore(deps): chore(deps): bump @angular/core from ^20.2.4 to 21.1.2 * fix(ui): update missing jest.preset.js * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 * chore(deps): bump jest-preset-angular to 16.0.0 * chore(deps): bump @nebular/* packages to 17.0.0 for Angular 21 compatibility * chore(deps): upgrade all packages to Angular 21 and compatible dependencies * chore(deps): upgrade all packages to Angular 21 and compatible dependencies * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 * Update yarn.lock * Update yarn.lock * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 Replace 'jest-preset-angular/setup-jest' imports with the new 'setupZoneTestEnv' function. * @nx/jest: replace-removed-matcher-aliases-v22-3 Replace removed matcher aliases in Jest v30 with their corresponding matcher * chore(deps): @angular/common and @angular/core peerDependencies to ^21.1.0 * Update package.json * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 * chore(deps): bump @nebular/theme from ^16.0.0 to ^17.0.0 * chore(deps): upgrade all packages to Angular 21 * chore(deps): upgrade all packages to Angular 21 * fix(build): update helmet import to support 8.x default export * fix(build): resolve TypeScript errors and improve code quality - Fix TemplateRef type conflicts caused by duplicate @angular/core packages (ngx-permissions) - Change moment imports from namespace to default imports for ESM compatibility - Convert constructor injection to inject() function in multiple components - Add OnPush change detection strategy to WindowLayoutComponent - Make CountdownConfirmationComponent standalone - Update LayoutWithDraggableObject to use any[] for draggableObject type * fix(build): fix moment & timezone namespace packages * fix(build): add jest config for missing packages * chore(deps): bump swiper from 8.3.1 to 12.1.0 * fix(build): update swiper module and syntax * Update time-tracking.component.ts * chore(deps): downgrade `node-polyfill-webpack-plugin` from 4.1.0 to 1.1.4 * fix(deps): resolve browserslist "Unknown version 143 of and_chr" error Add caniuse-lite and browserslist to yarn resolutions to force all * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 * fix(deps): standardize Angular 21.0.0 versions across all packages and fix compatibility issues - Fix @angular/* packages to use exact version 21.0.0 (remove caret ^) across all apps, packages, and plugins - Add @angular/cdk resolution to 21.0.0 to force consistent version * fix(build): `ui-config` replace env files module issue * fix(build): `ui-config` replace env files module issue * fix(build): replace all TemplateRef<HTMLElement> with TemplateRef<any> * Update package.json * Update apps\agent\tsconfig.json * chore(deps): upgrade packages to latest version * Update yarn.lock * Update yarn.lock * fix(build): apply AI suggestion by bot agent reviewers * fix(build): apply AI suggestion by bot agent reviewers * fix(nx-migrations): migrate nx from 21.5.1 to 22.4.4 * chore(deps): bump @nestjs/common and @nestjs/core to 11.1.14 * fix(build): replace all TemplateRef<HTMLElement> with TemplateRef<any> * fix(plugins): apply AI suggestion by bot agent reviewers * Update yarn.lock * chore(deps): bump packages * Update yarn.lock * chore(deps): bump packages * chore(deps): bump packages * fix(plugins): replace 'jest-preset-angular/setup-jest' imports with the new 'setupZoneTestEnv' * fix(plugins): apply AI suggestion by bot agent reviewers * fix(cspell): typo spelling :-) * fix(plugins): apply AI suggestion by bot agent reviewers * fix: fontawesome icon change version to FA 7 * refactor(ui-core): migrate dashboard directives to standalone * refactor(ui-core): migrate pipes/directives to standalone * fix(plugins): apply AI suggestion by bot agent reviewers * fix(plugins): apply AI suggestion by bot agent reviewers * chore(deps): bump packages * refactor(ui-core): migrate directives to standalone * fix(plugins): apply AI suggestion by bot agent reviewers --------- Co-authored-by: Ruslan Konviser <evereq@gmail.com> Co-authored-by: syns2191 <sutralian@gmail.com> * chore(deps): bump hono from 4.11.9 to 4.12.0 Bumps [hono](https://github.com/honojs/hono) from 4.11.9 to 4.12.0. - [Release notes](https://github.com/honojs/hono/releases) - [Commits](honojs/hono@v4.11.9...v4.12.0) --- updated-dependencies: - dependency-name: hono dependency-version: 4.12.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump @angular/core from 21.0.0 to 21.0.7 (#9492) * chore(deps): bump nx from 22.3.0 to 22.4.0 * chore(deps): bump nx from 22.3.0 to 22.4.0 * Update package.json * Update package.json * chore(deps): bump @angular/cdk from 21.0.0 to 21.0.1 * chore(deps): bump @angular/cdk from 21.0.1 to 21.0.6 * [Fix] Help center Article and Article version table structures and APIs (#9493) * fix: improved articles entities and generate migration * fix: improved articles services * fix: unecessary docs * fix: AI suggestions * fix: AI suggestions * feat: added get articles by project id API * fix: deepscan issue * Merge pull request #9496 from ever-co/fix/failed-load-window-url fix: failed load window url * [FIX] Refactor API Reference, replace Oauth2 implementation to API keys for API calls in activepieces plugin(Gauzy --> Activepieces)) (#9461) * feat: implement and extend the oauth app for gauzy and thirdparty * fix: add review suggestions and set environment * fix: add review suggestions and enhance security * fix: fixe typos spelling * fix: add AI review suggestions * fix: add AI review suggestions * feat: implement redis GETDEL for cache-manager in race condition * fix: enhance security and fix review suggestions * fix: fix typos spelling * fix(activepieces): refactor activepieces plugin integration by start using API Key for API calls * chore(activepieces): refactor config for activepieces, add API keys as access token for activepieces plugin integration * feat: implement method for setting up authorization with API key * fix: refactor activepieces plugin ui integration by starting using API key * fix: cleaned up i18n and update UI service implementation * fix: add review suggestions from AI agents * fix: add review suggestions from AI * fix: wrap all call across services in try/catch to avoid not found issues on first attempts * fix: add review suggestions * fix: add review suggestions * fix(Oauth2): separate Auth0 concerns from OAuth2.0 App flow for a better developer experience * fix: fix typos spelling * Fix/security (#9497) * fix: improve security of registration endpoint * fix(security): harden type checks in RegisterAuthorizationGuard Add typeof === 'object' safety checks when extracting role.id and tenant.id from the raw request body. The guard runs before the validation pipe, so it cannot rely on DTO type enforcement. This prevents potential edge cases where role or tenant are non-object values (e.g. strings) from being misinterpreted during ID extraction. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: improve security of registration endpoint * Update register-authorization.guard.ts * fix: removed console.log * Update auth.register.handler.ts * fix: scope role lookups to tenant to avoid relying solely on guard validation * fix(build): apply AI suggestion by bot agent reviewers * Apply suggestion from @coderabbitai[bot] Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Rahul R. <rahulrathore576@gmail.com> Co-authored-by: Rahul R. <41804588+rahul-rocket@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Feat: Migrate Angular Templates to New Control Flow Syntax #9368 (#9381) * chore: updated *ng directives with @ directives via 'nx generate @angular/core:control-flow' command * chore: manually updated the template directives and ran nx format on them. * fix(candidates): format edit-candidate-feedbacks template with @for syntax * refactor: modernize templates with improved bindings, control flow, and performance optimizations * refactor: migrate ngClass/ngStyle to bindings and format templates * style: apply nx formatting to html templates * refactor(desktop-ui): remove unused NgClass imports * style: apply nx format to changed files * fix(gauzy): correct control flow syntax in time-tracking template * fix: resolved ai suggestions for improvements (untested) * refactor(desktop-ui-lib): remove unused NgClass/NgStyle imports from standalone components * git commit -m "refactor(ui-core): migrate toggle-filter ngClass to class bindings" * refactor(desktop-ui-lib): remove unused NgClass and NgStyle imports * fix: cubic-ai's suggestion * refactor(pages): apply CodeRabbit suggestions for template control flow * fix(pages): resolve CodeRabbit issues for security, UI feedback and logic regressions * fix(pages): correct syntax errors in human-resources and teams templates * fix (pages): resolve CoderRabbit issues * refactor: format dynamic-tabs template and remove unused NgClass from image-viewer * feat(i18n): update translations for permission error * refactor(client): migrate goals - CodeRabbit recommendations, enhance approval policy UX, and resolve miscellaneous UI bugs * fix (bug) : documents page, undefined 'i' bug fixed. * chore: fix ai recommendations marked as critical * refactor: remove legacy NgStyle, NgClass directives and use native style/class bindings * fix(ui): correct positions grid, optimize inventory validation, and refine help center template * refactor(ui): update components (HelpCenter, TimeTracking, Import, Invoices) with standalone migration, strict type fixes, and template improvements. * refactor(ui): extract employment type dialog logic to component methods * refactor(ui): optimize Angular templates with improved control flow, track expressions, and formatting * refactor(goals): replace ngClass with class binding * fix(cubic-ai) : fixed dialog closing issue * refactor(goals): optimize imports and consolidate shared modules for standalone component * style: apply nx format on merge conflict resolved files * refactor: migrate ngTemplateOutlet to property binding (+nx format) * fix(dashboard): fixed empty arrays in component, to render templates * fix: restore duplicate validation toasts and remove non-existent track property references * fix: remove invalid id property from activity track in time-tracking template --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Rahul R. <41804588+rahul-rocket@users.noreply.github.com> Co-authored-by: Kifungo A <45813955+adkif@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: syns <sutralian@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Rahul R. <rahulrathore576@gmail.com> Co-authored-by: adkif <akifungo@gmail.com> Co-authored-by: Gloire Mutaliko (Salva) <86450367+GloireMutaliko21@users.noreply.github.com> Co-authored-by: Roland MN <manfulmweze99@gmail.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Rishiraj S <131572506+rishi-rj-s@users.noreply.github.com>
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
Contributor
|
Too many files changed for review. ( |
Contributor
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Tip Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
|
|
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
3 issues found across 1089 files
Note: This PR contains a large number of files. cubic only reviews up to 75 files per PR, so some files may not have been reviewed.
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="apps/desktop-timer/src/app/app.component.ts">
<violation number="1" location="apps/desktop-timer/src/app/app.component.ts:192">
P2: Logout navigation now runs outside Angular’s NgZone, which can prevent change detection and leave the UI stuck after logout. Wrap the login navigation in `_ngZone.run` as the previous implementation did.</violation>
</file>
<file name="apps/gauzy/src/app/pages/employees/activity/screenshot/screenshot/screenshot.component.html">
<violation number="1" location="apps/gauzy/src/app/pages/employees/activity/screenshot/screenshot/screenshot.component.html:55">
P2: `SCREEN_SELECTED` is not defined in the i18n assets, so the UI will display the raw key. Add the translation key to the i18n JSON files or reuse an existing key.</violation>
<violation number="2" location="apps/gauzy/src/app/pages/employees/activity/screenshot/screenshot/screenshot.component.html:64">
P2: `UNSELECT_ALL` is missing from the i18n assets, so the button will display the raw key. Add the translation key to the i18n JSON files or use an existing key.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
Comment on lines
+192
to
+193
| this.electronService.ipcRenderer.send('navigate_to_login'); | ||
| this.router.navigate(['/auth/login']); |
Contributor
There was a problem hiding this comment.
P2: Logout navigation now runs outside Angular’s NgZone, which can prevent change detection and leave the UI stuck after logout. Wrap the login navigation in _ngZone.run as the previous implementation did.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At apps/desktop-timer/src/app/app.component.ts, line 192:
<comment>Logout navigation now runs outside Angular’s NgZone, which can prevent change detection and leave the UI stuck after logout. Wrap the login navigation in `_ngZone.run` as the previous implementation did.</comment>
<file context>
@@ -172,4 +175,21 @@ export class AppComponent implements OnInit, AfterViewInit {
+ return;
+ }
+
+ this.electronService.ipcRenderer.send('navigate_to_login');
+ this.router.navigate(['/auth/login']);
+ }
</file context>
Suggested change
| this.electronService.ipcRenderer.send('navigate_to_login'); | |
| this.router.navigate(['/auth/login']); | |
| this._ngZone.run(() => { | |
| this.electronService.ipcRenderer.send('navigate_to_login'); | |
| this.router.navigate(['/auth/login']); | |
| }); |
| size="small" | ||
| (click)="toggleAllSelect()" | ||
| > | ||
| {{ (allSelected ? 'UNSELECT_ALL' : 'SELECT_ALL') | translate }} |
Contributor
There was a problem hiding this comment.
P2: UNSELECT_ALL is missing from the i18n assets, so the button will display the raw key. Add the translation key to the i18n JSON files or use an existing key.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At apps/gauzy/src/app/pages/employees/activity/screenshot/screenshot/screenshot.component.html, line 64:
<comment>`UNSELECT_ALL` is missing from the i18n assets, so the button will display the raw key. Add the translation key to the i18n JSON files or use an existing key.</comment>
<file context>
@@ -1,87 +1,81 @@
+ size="small"
+ (click)="toggleAllSelect()"
+ >
+ {{ (allSelected ? 'UNSELECT_ALL' : 'SELECT_ALL') | translate }}
+ </button>
+ <button
</file context>
| <div class="selected-items-action"> | ||
| <div class="card p-4 w-100"> | ||
| <div class="row align-items-center"> | ||
| <div class="col">{{ selectedIdsCount }} {{ 'SCREEN_SELECTED' | translate }}</div> |
Contributor
There was a problem hiding this comment.
P2: SCREEN_SELECTED is not defined in the i18n assets, so the UI will display the raw key. Add the translation key to the i18n JSON files or reuse an existing key.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At apps/gauzy/src/app/pages/employees/activity/screenshot/screenshot/screenshot.component.html, line 55:
<comment>`SCREEN_SELECTED` is not defined in the i18n assets, so the UI will display the raw key. Add the translation key to the i18n JSON files or reuse an existing key.</comment>
<file context>
@@ -1,87 +1,81 @@
+ <div class="selected-items-action">
+ <div class="card p-4 w-100">
+ <div class="row align-items-center">
+ <div class="col">{{ selectedIdsCount }} {{ 'SCREEN_SELECTED' | translate }}</div>
+ <div class="col-auto">
+ <button
</file context>
|
| Command | Status | Duration | Result |
|---|---|---|---|
nx run-many -t build -c development -p constant... |
❌ Failed | 5s | View ↗ |
nx build desktop --base-href ./ |
✅ Succeeded | 1s | View ↗ |
nx build desktop-api --output-path=dist/apps/de... |
✅ Succeeded | <1s | View ↗ |
nx run api:desktop-api |
✅ Succeeded | 9s | View ↗ |
nx run gauzy:desktop-ui --base-href ./ |
✅ Succeeded | 3m 55s | View ↗ |
nx run-many -t build -c production -p constants... |
✅ Succeeded | 10s | View ↗ |
nx build gauzy -c=production --prod --verbose |
✅ Succeeded | 1m 6s | View ↗ |
☁️ Nx Cloud last updated this comment at 2026-02-23 14:21:17 UTC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PR
Please note: we will close your PR without comment if you do not check the boxes above and provide ALL requested information.
Summary by cubic
Upgraded apps to Angular 21 and bootstrapped Plugin UI across the web app. Migrated templates to the new Angular control flow, refreshed desktop auth flows, and switched Activepieces integration to API key for simpler setup.
New Features
Dependencies
Migration
Written for commit d93d3c6. Summary will update on new commits.