Commit Graph

369 Commits

Author SHA1 Message Date
Lucas Smith 8704c731c0 chore: upgrade libpdf (#2435) 2026-01-29 23:34:46 +11:00
Lucas Smith eaee0d4bc6 v2.6.0 2026-01-29 18:44:58 +11:00
Lucas Smith d08049ed3b v2.5.1 2026-01-27 20:25:31 +11:00
Ted Liang 9c6ee88cc4 fix: security CVE-2026-23527 (#2399) 2026-01-27 15:52:34 +11:00
Lucas Smith 7d38e18f93 v2.5.0 2026-01-26 15:59:30 +11:00
Lucas Smith 42d6e1cbbd chore: upgrade libpdf (#2409) 2026-01-26 12:20:33 +11:00
Lucas Smith 67da488f63 chore: upgrade libpdf (#2408) 2026-01-23 21:38:48 +11:00
Lucas Smith fd3ebc08ec chore: upgrade libpdf (#2406) 2026-01-22 12:45:20 +11:00
Lucas Smith 9035240b4d refactor: replace pdf-sign with libpdf/core for PDF operations (#2403)
Migrate from @documenso/pdf-sign and @cantoo/pdf-lib to @libpdf/core
for all PDF manipulation and signing operations. This includes:

- New signing transports for Google Cloud KMS and local certificates
- Consolidated PDF operations using libpdf API
- Added TSA (timestamp authority) helper for digital signatures
- Removed deprecated flatten and insert utilities
- Updated tests to use new PDF library
2026-01-21 15:16:23 +11:00
Ted Liang 158b36a9b7 fix: security CVE-2026-22817 CVE-2026-22818 (#2390) 2026-01-15 18:27:04 +11:00
Lucas Smith fabd69bd62 build: upgrade simplewebauthn packages from v9 to v13 (#2389)
The v9 packages are deprecated. This updates to v13 which includes
breaking API changes: optionsJSON wrapper for auth functions,
renamed properties (authenticator→credential), and base64 encoding
for credential IDs via isoBase64URL helper.
2026-01-15 14:22:37 +11:00
Karlo db913e95b6 fix: downgrade pdfjs-dist to version 5.4.296 and update react-pdf to version 10.3.0 (#2383) 2026-01-13 21:01:29 +11:00
Lucas Smith 5bc73a7471 chore: npm audit fix (#2367) 2026-01-13 16:39:10 +11:00
Lucas Smith 6b041c23b4 v2.4.0 2026-01-08 15:16:57 +11:00
Lucas Smith 1e20561e91 v2.3.2 2025-12-24 16:20:23 +11:00
Catalin Pit baa2c51123 feat: add delegate document ownership option (#2272)
When using an API key created in a team context, the
documents/templates’ owner always defaults to the team API token
creator, rather than the actual uploader.

For example, John creates the API key for the team "Lawyers". Tom and
Maria use the API key to upload documents. All the uploaded documents
are attributed to John.

This makes it impossible to see who actually uploaded a document.

The new feature allows users to enable document ownership delegation
from the organization/team settings.
2025-12-23 22:08:54 +11:00
Ted Liang 5624484631 fix: security CVE-2025-68130 (#2343)
## Description

Fix security
[CVE-2025-68130](https://github.com/advisories/GHSA-43p4-m455-4f4j)
2025-12-22 21:53:49 +11:00
Lucas Smith eeeee2fa0e v2.3.1 2025-12-18 12:02:04 +11:00
Lucas Smith df678d7d69 v2.3.0 2025-12-17 22:10:47 +11:00
Lucas Smith b0248c20eb v2.2.8 2025-12-16 16:04:07 +11:00
Lucas Smith c5c87e3fd1 v2.2.7 2025-12-16 12:38:53 +11:00
Vincent Vu 51e3d5030d fix(security): CVE-2025-55184, CVE-2025-55183 (#2314) 2025-12-12 16:50:00 +11:00
Lucas Smith 43486d8448 v2.2.6 2025-12-09 21:11:01 +11:00
Ted Liang c5032d0c43 refactor: extract image-helpers (#2261) 2025-12-09 09:19:49 +11:00
Lucas Smith bac2bf11f4 v2.2.5 2025-12-08 14:33:00 +11:00
Lucas Smith d93b2a70a7 fix: upgrade react-email/render (#2297)
Upgrade the `@react-email/render` package to handle
suspense during renders.

We could have just swapped to `renderAsync` for the 0.0.x
version of the package but it's better to upgrade as part
of this change.

CI has been run locally and emails have been verified to
work and render as expected in our local mail trap.
2025-12-08 13:08:34 +11:00
Lucas Smith 9238f759a6 v2.2.4 2025-12-05 12:23:23 +11:00
Lucas Smith 3f70082146 v2.2.3 2025-12-05 09:53:40 +11:00
Lucas Smith 08a9ab3aaf v2.2.2 2025-12-04 14:50:09 +11:00
Lucas Smith e66bd422e3 chore: upgrade dependencies (#2278) 2025-12-04 14:31:30 +11:00
Lucas Smith 22d99c7410 v2.2.1 2025-12-04 11:39:19 +11:00
Lucas Smith f70e6ac50a v2.2.0 2025-12-04 00:31:11 +11:00
Lucas Smith 7a94ee3b83 feat: add ai detection for recipients and fields (#2271)
Use Gemini to handle detection of recipients and fields within
documents.

Opt in using organisation or team settings.

Replaces #2128 since the branch was cursed and would include
dependencies that weren't even in the lock file.



https://github.com/user-attachments/assets/e6cbb58f-62b9-4079-a9ae-7af5c4f2e4ec
2025-12-03 23:39:41 +11:00
Lucas Smith 6ae672c16b v2.1.0 2025-11-25 16:38:06 +11:00
Lucas Smith 11a56f3228 chore: telemetry (#2240) 2025-11-25 16:01:31 +11:00
Lucas Smith d2176627ca chore: dependency updates (#2229) 2025-11-22 20:28:20 +11:00
Lucas Smith 17c6098638 v2.0.14 2025-11-20 15:12:40 +11:00
Lucas Smith fa1680aaf1 v2.0.13 2025-11-18 16:59:02 +11:00
Lucas Smith a07f3090cf v2.0.12 2025-11-15 00:48:27 +11:00
Lucas Smith ce53bcea8c v2.0.11 2025-11-13 10:56:58 +11:00
Lucas Smith 1772c3ee36 v2.0.10 2025-11-12 18:57:24 +11:00
Lucas Smith 50db4e39be v2.0.9 2025-11-12 18:22:46 +11:00
Lucas Smith 29d40f1cca v2.0.8 2025-11-12 17:19:53 +11:00
Lucas Smith 378dd605b9 v2.0.7 2025-11-12 13:09:18 +11:00
Lucas Smith 4ade408001 fix: include cmaps for pdf viewer (#2177)
We were previously omitting cmaps meaning that
when signing documents with certain UTF-8 characters or CJK characters
they would appear as outlined squares in the pdf viewer despite the
actual pdf looking as expected with the characters displaying correctly.
2025-11-12 11:00:44 +11:00
Lucas Smith ff44ffbc03 v2.0.6 2025-11-10 19:08:43 +11:00
Lucas Smith 0977c16e33 v2.0.5 2025-11-08 16:03:59 +11:00
Lucas Smith 1e6292b1d9 v2.0.4 2025-11-08 13:58:11 +11:00
Lucas Smith fe8915162f v2.0.3 2025-11-08 12:53:50 +11:00
Lucas Smith eff7d90f43 v2.0.2 2025-11-08 00:48:31 +11:00