Commit Graph

2465 Commits

Author SHA1 Message Date
kolaente c8349df8b6 feat(desktop): open task in main window with Ctrl/Cmd+Enter
When creating a task via quick entry, pressing Ctrl+Enter (or
Cmd+Enter on macOS) creates the task and opens it in the main
Vikunja window. Adds show-main-window IPC to bring the main
window to focus.
2026-04-01 21:38:38 +00:00
kolaente 37389d6bdb feat(desktop): add quick entry window, global shortcut, and system tray 2026-04-01 21:38:38 +00:00
kolaente 92cc070b1e feat(frontend): listen for cross-window task creation via BroadcastChannel 2026-04-01 21:38:38 +00:00
kolaente 8dc96d61bd feat(frontend): adapt QuickActions for quick-add mode behavior 2026-04-01 21:38:38 +00:00
kolaente 9072ca84d5 feat(frontend): route quick-add mode to QuickAddOverlay in App.vue 2026-04-01 21:38:38 +00:00
kolaente ff4e84a800 feat(frontend): add QuickAddOverlay component for quick-entry window 2026-04-01 21:38:38 +00:00
kolaente d72a3a8c0d feat(frontend): add useQuickAddMode composable for quick-add detection 2026-04-01 21:38:38 +00:00
kolaente af7eaa9aea
fix(desktop): use stored URL instead of window.API_URL in template
window is not accessible as a global in Vue templates, causing
"Cannot read properties of undefined (reading 'API_URL')" when
clicking sign in on the desktop app.
2026-04-01 20:53:29 +02:00
renovate[bot] 59ebfa3b2c chore(deps): update dependency caniuse-lite to v1.0.30001784 2026-04-01 09:17:36 +00:00
Frederick [Bot] 88c8d7a73d chore(i18n): update translations via Crowdin 2026-04-01 01:44:10 +00:00
kolaente cdd46c0d6c fix: add proper autocomplete and name attributes to email update form
Adds name="email" to the email field and fixes the password field's
autocomplete from the invalid "password" to "current-password", also
adding name="current-password". This helps password managers correctly
identify the form as a settings change rather than a login form,
preventing them from autofilling the username into the email field.

Closes go-vikunja/vikunja#2512
2026-03-31 21:57:12 +00:00
renovate[bot] 020aa899f8 chore(deps): update dependency browserslist to v4.28.2 2026-03-31 21:21:12 +00:00
renovate[bot] 167380a01e chore(deps): update dependency @typescript-eslint/parser to v8.58.0 2026-03-30 20:13:08 +00:00
kolaente 495f34f60e feat: show close-tab message after OAuth redirect
Show a "You can close this tab now" message after the OAuth
authorize page redirects to the desktop app, instead of leaving
a stale "Authenticating..." message in the browser tab.
2026-03-30 20:12:25 +00:00
kolaente a12002de6d feat: add server selection UI for desktop OAuth login
Add a server selection screen matching the mobile app UX with
Vikunja Cloud, Try the Demo, and Custom Server URL options.
Extract all desktop login logic into a dedicated DesktopLogin
component. Use the existing ApiConfig component for custom server
URL input. Skip loading server config on startup to avoid showing
motd/demo popups on the login screen.
2026-03-30 20:12:25 +00:00
kolaente dd7532a57a feat: add OAuth PKCE authentication flow to desktop app
Add a complete OAuth 2.0 PKCE flow for the Electron desktop app:

- Implement PKCE code generation and token exchange in Electron
- Register custom protocol handler (vikunja-desktop://) for deep links
- Handle deep link race conditions (buffered URLs, process.argv fallback)
- Prevent duplicate IPC listener accumulation on re-mount
- Preserve sub-paths in OAuth authorize URL for non-root deployments
- Add token refresh support using Electron's net module
2026-03-30 20:12:25 +00:00
renovate[bot] 1a3a18e42b chore(deps): update dependency @typescript-eslint/eslint-plugin to v8.58.0 2026-03-30 19:12:16 +00:00
kolaente c2cfcb4684 feat: add API token hint to CalDAV settings page 2026-03-30 12:09:53 +00:00
renovate[bot] 1c0513de10 chore(deps): update dev-dependencies 2026-03-30 10:24:04 +00:00
Frederick [Bot] fb8c937d77 chore(i18n): update translations via Crowdin 2026-03-29 01:25:40 +00:00
dependabot[bot] 21a450b21f chore(deps): bump serialize-javascript from 7.0.3 to 7.0.5 in /frontend
Bumps [serialize-javascript](https://github.com/yahoo/serialize-javascript) from 7.0.3 to 7.0.5.
- [Release notes](https://github.com/yahoo/serialize-javascript/releases)
- [Commits](https://github.com/yahoo/serialize-javascript/compare/v7.0.3...v7.0.5)

---
updated-dependencies:
- dependency-name: serialize-javascript
  dependency-version: 7.0.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-28 23:35:34 +00:00
Frederick [Bot] ffb291c966 chore(i18n): update translations via Crowdin 2026-03-28 01:16:36 +00:00
renovate[bot] 8d958aef62 chore(deps): update dev-dependencies 2026-03-27 23:06:28 +00:00
kolaente 649043aceb test: add tests for OAuth 2.0 authorization flow
Add web tests covering the authorize endpoint, token exchange, PKCE
verification, single-use codes, and refresh token rotation. Add unit
tests for redirect URI validation and PKCE. Add E2E test for the full
browser-based authorization code flow with login redirect.

Extract setupApiUrl helper for E2E tests to avoid duplication.
2026-03-27 23:05:04 +00:00
kolaente 0471f8a729 feat: add frontend OAuth authorize route and component
Add /oauth/authorize frontend route with OAuthAuthorize.vue that
handles the OAuth authorization flow: validates required query params,
calls the API to generate an authorization code, and redirects to the
callback URI. Authentication is handled by the standard router guard.
2026-03-27 23:05:04 +00:00
Frederick [Bot] a2e19f8d38 chore(i18n): update translations via Crowdin 2026-03-27 01:22:35 +00:00
renovate[bot] 9d8c6a0a72 chore(deps): update dev-dependencies 2026-03-26 09:02:42 +00:00
Miikka Kulmala b89b402bc2
feat: improve wording and UX around CalDAV tokens (#2476) 2026-03-26 10:02:04 +01:00
Frederick [Bot] 39238333dd chore(i18n): update translations via Crowdin 2026-03-26 01:22:26 +00:00
kolaente 98ac119f44
fix(deps): update yaml to fix stack overflow vulnerability
Updates yaml from 2.5.0 to 2.8.3 in the frontend workspace to
address stack overflow via deeply nested YAML collections.
2026-03-25 23:33:56 +01:00
kolaente d60e2f6685
fix(deps): update picomatch to fix ReDoS and method injection vulnerabilities
Updates picomatch to 2.3.2 and 4.0.4 in the frontend workspace to
address CVE for ReDoS via extglob quantifiers and method injection
in POSIX character classes.
2026-03-25 23:31:28 +01:00
kolaente 44d01a0f82 refactor: rename parseTaskText module to quickAddMagic
Rename the frontend parsing module from `parseTaskText` to `quickAddMagic`
for clarity. The module handles much more than text parsing — it's the
core of the quick add magic feature. This rename makes its purpose
immediately obvious and aligns with how the feature is referenced
throughout the UI and documentation.

No logic changes — only directory/file renames and import updates.
2026-03-25 09:38:41 +00:00
kolaente dca041459f feat: show info when saved homepage filter is ignored for label browsing 2026-03-24 21:55:26 +00:00
kolaente fd4f7accc3 fix: ignore saved homepage filter when browsing by label 2026-03-24 21:55:26 +00:00
kolaente 7208c11556 feat: add translation for saved filter ignored message 2026-03-24 21:55:26 +00:00
kolaente 6d2bf1f084 fix: resolve TDZ error on password update settings page
Move the watchEffect call after the validate function declaration
to fix "Cannot access 'c' before initialization" error that occurred
when visiting the password update page with validateInitially=true.

Fixes #2463
2026-03-24 15:17:32 +00:00
renovate[bot] 4b16d72e28 chore(deps): update dev-dependencies 2026-03-24 15:14:31 +00:00
Frederick [Bot] 74ecc6fffd chore(i18n): update translations via Crowdin 2026-03-24 01:11:44 +00:00
kolaente 772316b47f
chore: v2.2.2 release preparations 2026-03-23 21:49:15 +01:00
kolaente 74d1bddb3a fix: hide link sharing section in UI for non-admin users 2026-03-23 20:39:31 +00:00
kolaente 6d5d3e051f
chore: v2.2.1 release preparations 2026-03-23 19:50:19 +01:00
renovate[bot] 2c1104ca86 chore(deps): update dev-dependencies to v8.57.2 2026-03-23 18:30:13 +00:00
kolaente 07b9742d98 fix: skip quick add magic parsing when text is wrapped in quotes
Closes go-vikunja/vikunja#2392
2026-03-23 17:34:56 +00:00
kolaente 8538b4c885 test: add failing tests for quote-escaped task text parsing 2026-03-23 17:34:56 +00:00
renovate[bot] 36bd716e04 chore(deps): update dev-dependencies 2026-03-23 16:33:59 +00:00
MidoriKurage 4dd18e379e fix(frontend): origUrlToCheck references the same object as urlToCheck
When later `urlToCheck` is restored in catch blocks, `origUrlToCheck`
will already be mutated.

Fixed by storing the original pathname as a string copy instead of
keeping a reference to the same URL object.
2026-03-23 15:43:23 +00:00
kolaente 1d45b385a5
fix(deps): update flatted to 3.4.2 to fix prototype pollution vulnerability 2026-03-23 12:53:13 +01:00
renovate[bot] 8bf450b98f chore(deps): update dependency caniuse-lite to v1.0.30001781 2026-03-23 10:28:55 +00:00
Frederick [Bot] 1ebe913181 chore(i18n): update translations via Crowdin 2026-03-23 01:19:01 +00:00
Claude cb81cf1aa8 refactor: reorganize quick add magic into focused modules
Split the monolithic parseTaskText.ts into a parseTaskText/ directory with
separate files for types, prefixes, prefix parsing, priority parsing, repeat
parsing, date parsing, and text cleanup. Moved parseDate.ts from helpers/time/
into the module since it's only consumed by the task text parser. Barrel export
in index.ts maintains backward compatibility — no consumer import changes needed.

https://claude.ai/code/session_01Aeo1ZunQUGKbWx2watMFdW
2026-03-22 20:47:10 +00:00