Commit Graph

2259 Commits

Author SHA1 Message Date
renovate[bot] 31eda396e2
chore(deps): update dev-dependencies (#2257)
This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
|
[electron-builder](https://redirect.github.com/electron-userland/electron-builder)
([source](https://redirect.github.com/electron-userland/electron-builder/tree/HEAD/packages/electron-builder))
| [`26.8.0` →
`26.8.1`](https://renovatebot.com/diffs/npm/electron-builder/26.8.0/26.8.1)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/electron-builder/26.8.1?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/electron-builder/26.8.0/26.8.1?slim=true)
|
| [happy-dom](https://redirect.github.com/capricorn86/happy-dom) |
[`20.6.1` →
`20.6.2`](https://renovatebot.com/diffs/npm/happy-dom/20.6.1/20.6.2) |
![age](https://developer.mend.io/api/mc/badges/age/npm/happy-dom/20.6.2?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/happy-dom/20.6.1/20.6.2?slim=true)
|

---

### Release Notes

<details>
<summary>electron-userland/electron-builder (electron-builder)</summary>

###
[`v26.8.1`](https://redirect.github.com/electron-userland/electron-builder/blob/HEAD/packages/electron-builder/CHANGELOG.md#2681)

[Compare
Source](https://redirect.github.com/electron-userland/electron-builder/compare/electron-builder@26.8.0...electron-builder@26.8.1)

##### Patch Changes

<details><summary>Updated 3 dependencies</summary>

<small>


[`4edd695`](4edd695045)
[`8940ec6`](8940ec63ba)
[`4edd695`](4edd695045)
[`dde4309`](dde4309b91)

</small>

- `app-builder-lib@26.8.1`
- `builder-util@26.8.1`
- `dmg-builder@26.8.1`

</details>

</details>

<details>
<summary>capricorn86/happy-dom (happy-dom)</summary>

###
[`v20.6.2`](https://redirect.github.com/capricorn86/happy-dom/releases/tag/v20.6.2)

[Compare
Source](https://redirect.github.com/capricorn86/happy-dom/compare/v20.6.1...v20.6.2)

##### :construction\_worker\_man: Patch fixes

- Update entities package version to resolve missing export for vue and
vue-compat v3.5 - By
**[@&#8203;acollins1991](https://redirect.github.com/acollins1991)** in
task
[#&#8203;2066](https://redirect.github.com/capricorn86/happy-dom/issues/2066)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3
* * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/go-vikunja/vikunja).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMi4wIiwidXBkYXRlZEluVmVyIjoiNDMuMjIuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-02-18 15:44:19 +00:00
Ian Driver 48074d2358
feat: add optional project column to table view (#2182)
Adds a Project column to the table view, useful when viewing tasks
across multiple projects (e.g. in saved filters).

Disabled by default to keep the current behavior.

Co-authored-by: 2ZZ <ian@driv3r.uk>
2026-02-18 15:29:51 +00:00
kolaente 2cf69c7503
chore(deps): upgrade markdown-it to 14.1.1 2026-02-18 10:22:46 +01:00
kolaente 14628ca182
chore(deps): upgrade qs to 6.15.0 2026-02-18 10:21:32 +01:00
renovate[bot] f67802721a chore(deps): update dependency @vue/eslint-config-typescript to v14.7.0 2026-02-17 15:38:34 +01:00
Martin Lindvik e3695c17c6
feat: add Swedish for language selection (#2248)
The Swedish translations were finished on crowdin recently but I noticed
that the language selection was still missing so I went ahead and added
it.
2026-02-17 14:32:01 +00:00
renovate[bot] 7b7b883139 chore(deps): pin dependency eslint-plugin-depend to 1.4.0 2026-02-17 15:19:07 +01:00
kolaente e6ae87d703 chore: downgrade depend/ban-dependencies to warning 2026-02-17 12:00:31 +01:00
kolaente 2fe66c8944 feat: add eslint-plugin-depend to frontend 2026-02-17 12:00:31 +01:00
renovate[bot] c3b760ec04 chore(deps): update dev-dependencies to v8.56.0 2026-02-16 21:09:53 +01:00
kolaente 17360a820c
fix: correct indentation in API tokens table after thead/tbody wrap 2026-02-16 11:45:45 +01:00
kolaente b66b75f5be
fix: wrap API tokens table rows in thead and tbody elements 2026-02-16 10:52:51 +01:00
kolaente 30e53dbd9f
fix: reset group permission checkboxes when creating a new API token
The group-level "select all" checkboxes (e.g. "Labels", "Backgrounds")
were not reset after creating a token, causing them to appear visually
checked when opening the form again even though the individual
permissions were unchecked.

Ref: https://community.vikunja.io/t/token-creation-malfunction-in-ticking-system/4318
2026-02-16 10:02:50 +01:00
renovate[bot] ad1d769f5b chore(deps): update dependency caniuse-lite to v1.0.30001770 2026-02-15 19:53:52 +01:00
renovate[bot] e8d8f9cbec chore(deps): update dependency eslint-plugin-vue to v10.8.0 2026-02-14 20:16:39 +01:00
renovate[bot] 5a3c17aed1 chore(deps): update dev-dependencies 2026-02-13 19:02:57 +01:00
kolaente 0e4d3ef663 test(e2e): add Playwright test for avatar cache invalidation
Uploads two different avatars in sequence and verifies the header
avatar src changes after the second upload. This confirms both the
backend cache (via DelPrefix) and the frontend cache are properly
invalidated when a new avatar is uploaded.
2026-02-13 09:31:28 +01:00
Frederick [Bot] 1e2b861ea5 chore(i18n): update translations via Crowdin 2026-02-12 01:15:53 +00:00
renovate[bot] 016229faad chore(deps): update dev-dependencies 2026-02-11 22:37:26 +01:00
rhclayto b196c986cd
feat: use credentials when accessing PWA manifest (#2218) 2026-02-11 22:28:52 +01:00
renovate[bot] b25243ef62 chore(deps): update dependency happy-dom to v20.5.1 2026-02-11 22:24:47 +01:00
dependabot[bot] ba84ac2f70 chore(deps): bump axios from 1.13.2 to 1.13.5 in /frontend
Bumps [axios](https://github.com/axios/axios) from 1.13.2 to 1.13.5.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.13.2...v1.13.5)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.13.5
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-02-11 12:36:11 +01:00
renovate[bot] aec05b12eb chore(deps): update dev-dependencies 2026-02-11 09:56:20 +01:00
Frederick [Bot] be4fb77981 chore(i18n): update translations via Crowdin 2026-02-10 01:25:29 +00:00
kolaente ed5dfa1ad4 fix(gantt): render done tasks with strikethrough and reduced opacity
The gantt chart rebuild lost the visual distinction for completed tasks.
Restore strikethrough on task labels and add reduced opacity on bars
for done tasks.

Regression introduced in the gantt chart rebuild in 5fc255cb3.

Resolves #2211
2026-02-09 15:28:48 +01:00
kolaente dd0b82f00a fix(task): use DOMParser in task glance tooltip description preview
Replace innerHTML on a detached element with DOMParser for extracting
plain text from task descriptions.
2026-02-09 11:01:38 +01:00
Frederick [Bot] 3c2977b126 chore(i18n): update translations via Crowdin 2026-02-09 01:16:51 +00:00
kolaente e90cb2631d fix(auth): remove unnecessary fields from JWT token payloads
Remove email, name, emailRemindersEnabled, and isLocalUser from user JWT
claims, and isLocalUser from link share JWT claims. These fields are never
used from the token - the backend always fetches the full user from the
database by ID, and the frontend fetches user data from the /user API
endpoint immediately after login.

Also simplify GetUserFromClaims to only extract id and username, and
remove the now-unnecessary email override in the frontend's
refreshUserInfo.
2026-02-08 21:30:07 +01:00
kolaente eb369cf3ee fix: handle attachment upload errors with user-visible notifications 2026-02-08 15:48:04 +01:00
kolaente 7256a14194 fix: format attachment upload error messages as readable strings 2026-02-08 15:48:04 +01:00
kolaente 8830dc56ad chore(deps): update lodash to 4.17.23 2026-02-08 11:35:27 +01:00
kolaente 5cb1787dd6 chore(deps): update @isaacs/brace-expansion to 5.0.1 2026-02-08 11:31:22 +01:00
kolaente cdca790325 fix: guard against undefined route.name in auth layout check
route.name can be undefined during initial route resolution or for
unnamed routes. Without this guard, AUTH_ROUTE_NAMES.has() would
return false and the authenticated layout could flash briefly.
2026-02-06 10:58:50 +01:00
kolaente e9a6abfe44 refactor: extract auth route names into shared constant
Move the list of authentication route names (login, register, password
reset, openid, link-share) into a shared constant in
src/constants/authRouteNames.ts. Use it in both App.vue (layout gate)
and router/index.ts (auth redirect guard) to keep them in sync.
2026-02-06 10:58:50 +01:00
kolaente 5d9f62cc93 fix: prevent auth layout swap while still on login/register route
The v-if in App.vue switches to the authenticated layout (navbar +
sidebar) as soon as authStore.authUser becomes truthy. But Vue's
reactivity flush runs before the await continuation in submit(), so
the layout swaps while the route is still /login, causing the login
form to flash inside the authenticated shell for ~250ms.

Fix by adding a route check: don't show the authenticated layout while
the current route is an auth page (login, register, password reset,
openid). The NoAuthWrapper stays visible until redirectIfSaved()
navigates away, then the authenticated layout renders cleanly.
2026-02-06 10:58:50 +01:00
kolaente 0e2ea5c42a fix: avoid clearing saved redirect in onBeforeMount to prevent race with submit
When Login.vue re-mounts inside the authenticated layout after a
successful login, its onBeforeMount hook fires again. If it calls
redirectIfSaved(), it clears the saved route from localStorage before
the submit() handler's redirectIfSaved() can use it, causing a redirect
to home instead of the saved route. Use router.push({name: 'home'})
directly since the only purpose here is to redirect already-authenticated
users away from the login page.
2026-02-06 10:58:50 +01:00
kolaente b3e95e9f4e test: add E2E test for login form flash regression 2026-02-06 10:58:50 +01:00
kolaente dcff454755 fix: redirect immediately after registration to prevent form flash in app shell 2026-02-06 10:58:50 +01:00
kolaente 8bccf21a81 fix: redirect immediately after login to prevent form flash in app shell 2026-02-06 10:58:50 +01:00
kolaente 77b8403c24 fix: iterate past rejected middle matches in matchDateAtBoundary()
When the first regex match is a rejected middle-of-text date, continue
searching for subsequent matches instead of returning null. This fixes
cases like "The 9/11 Report due 10/12" where 9/11 is rejected but
10/12 at the end should still be parsed.
2026-02-06 10:57:50 +01:00
kolaente 3f0bf71d30 fix: allow middle-of-text dates when followed by time expressions (#2195)
Reworked matchDateAtBoundary() to use a single regex pass instead of
two-pass start/end anchoring. Middle-of-text matches are now accepted
when followed by a time expression (at/@ prefix), so inputs like
"meeting 9/11 at 10:00" still parse correctly while "The 9/11 Report"
is rejected.
2026-02-06 10:57:50 +01:00
kolaente cee258edc3 refactor: remove unnecessary comment from getDateFromText() 2026-02-06 10:57:50 +01:00
kolaente 61448bb028 refactor: remove unnecessary flags parameter from matchDateAtBoundary() 2026-02-06 10:57:50 +01:00
kolaente c544886524 test: add positive boundary tests for date parsing (#2195) 2026-02-06 10:57:50 +01:00
kolaente 829b10bfd2 test: add dot-separated middle-of-text date false positive test (#2195) 2026-02-06 10:57:50 +01:00
kolaente a82efa01b5 fix: restrict numeric date regex matching to text boundaries (#2195) 2026-02-06 10:57:50 +01:00
kolaente 1013305fc6 feat: add matchDateAtBoundary() helper for position-aware date matching (#2195) 2026-02-06 10:57:50 +01:00
kolaente e9b10e67f3 test: add failing tests for middle-of-text date false positives (#2195) 2026-02-06 10:57:50 +01:00
kolaente b741c2d891 fix: add touch CSS properties to list view for mobile drag-and-drop
Adds user-select, touch-action, and webkit-touch-callout CSS to the list
view's draggable task items, matching what KanbanCard.vue already has.

Without these properties, the browser's native long-press text selection
fires before SortableJS's 1-second touch delay expires, preventing drag
from ever starting on mobile devices.

Ref: https://community.vikunja.io/t/missing-positioning-option-in-list-view/4278
2026-02-05 23:51:38 +01:00
Frederick [Bot] 1ddb4f1438 chore(i18n): update translations via Crowdin 2026-02-03 01:15:10 +00:00