Ryan/documenso
1
0
Fork 1
mirror of https://github.com/documenso/documenso.git synced 2026-06-22 04:12:06 +10:00
Code Issues Packages Projects Releases Wiki Activity
3,801 Commits 254 Branches 220 Tags
v2.7.0
Commit Graph

1646 Commits

Author SHA1 Message Date
Lucas Smith f8ac782f2e deps: 2026-02-26 upgrades (#2545) 2026-02-26 14:17:08 +11:00
Ephraim Duncan 194660d847 fix: return all documents from V1 API regardless of folder (#2471) 2026-02-26 13:55:14 +11:00
Lucas Smith 0d3bd59ec6 fix: handle cjk and special chars when slugifying (#2544) 2026-02-26 13:54:35 +11:00
Konrad 92d82c0423 fix(i18n): mark supported languages for translation (#2377) 2026-02-26 12:06:18 +11:00
Lucas Smith 484e1c20d0 chore: add translations (#2533) 2026-02-26 11:50:08 +11:00
Lucas Smith 6f5014a561 feat: support optional read replicas (#2540) 2026-02-25 19:07:02 +11:00
Lucas Smith c112392da9 feat: add admin email domain management and sync job (#2538) 2026-02-25 15:14:18 +11:00
github-actions[bot] bc72d9cb17 chore: extract translations (#2505) 2026-02-24 22:07:03 +11:00
Lucas Smith 36eef79b1a fix: omit fieldId from embed create endpoints (#2523) 2026-02-21 21:14:51 +11:00
Lucas Smith 653ab3678a feat: better ratelimiting (#2520) 
Replace hono-rate-limiter with a Prisma/PostgreSQL bucketed counter
approach that works correctly across multiple instances without sticky
sessions.

- Add RateLimit model with composite PK (key, action, bucket) and atomic
upsert
- Create rate limit factory with window parsing, bucket computation, and
fail-open
- Define auth-tier and API-tier rate limit instances
- Add Hono middleware, rateLimitResponse helper, and tRPC
assertRateLimit helper
- Wire rate limit headers through AppError constructor (was declared but
never assigned)
- Apply rate limits to auth routes (email-password, passkey), tRPC
routes
  (2FA email, link org account), API routes, and file upload endpoints
- Add cleanup cron job for expired rate limit rows (batched delete every
15 min)
- Remove hono-rate-limiter dependency
 2026-02-20 12:23:02 +11:00
Lucas Smith 006b1d0a57 feat: per-recipient envelope expiration (#2519) 2026-02-20 11:36:20 +11:00
Lucas Smith 9a66d0ebf6 fix: simplify openapi field schemas to fix SDK generation (#2503) 2026-02-18 17:07:46 +11:00
Konrad 29622d3151 fix(i18n): mark strings inside div for translation (#2514) 2026-02-18 13:50:42 +11:00
Lucas Smith 6fcf0a638c chore: add translations (#2507) 2026-02-17 11:31:37 +11:00
Louis Liu ff9e6acb7a fix(ui): clarify email settings labels (#2448) 2026-02-16 17:00:24 +11:00
Lucas Smith a60c6a90ab chore: add translations (#2504) 2026-02-16 16:10:43 +11:00
github-actions[bot] f35c19d098 chore: extract translations (#2458) 2026-02-16 14:34:33 +11:00
Konrad ca199e7885 fix(i18n): mark span strings for translation (#2494) 2026-02-16 12:07:53 +11:00
Konrad 34f14ba69a fix(i18n): mark tabs trigger strings for translation (#2496) 2026-02-16 11:57:44 +11:00
Lucas Smith 2e3d22c856 fix: use instance-specific emails for service accounts (#2502) 2026-02-16 11:52:19 +11:00
Ephraim Duncan d66c330d46 fix: match cert and audit log page dimensions to source document (#2473) 2026-02-12 18:25:11 +11:00
David Nguyen 9bcb240895 fix: revert canceled individual subscriptions to free claim (#2483) 
## Description

Resolves an issue where individual plan customers who cancel are not
correctly put down to the free plan.

To resolve this, we delete the subscription on the stripe subscription
delete webhook. Since the customerId is stored on the organisation they
can still access their old invoices.
 2026-02-12 17:44:33 +11:00
David Nguyen 0d65693d55 fix: highlight rejected certificate text (#2478) 
## Description

- Update the rejected certificate so that is it more clear on who
rejected the document.
- Updated the audit log generation so that the completed audit log is
included

### Before

<img width="681" height="597" alt="image"
src="https://github.com/user-attachments/assets/3dab41c1-c86f-4555-8d50-3d9245be65d5"
/>

### After

Note that the order of the recipient is different in this case

<img width="818" height="769" alt="image"
src="https://github.com/user-attachments/assets/71f0ac12-5859-47b4-8980-2420ef949d18"
/>

---------

Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Lucas Smith <me@lucasjamessmith.me>
 2026-02-12 16:06:43 +11:00
Lucas Smith e3dee5e565 fix: auto placement field meta (#2480) 2026-02-12 14:20:52 +11:00
Catalin Pit f1c91c4951 fix: bulk actions improvements (#2440) 2026-02-10 20:13:03 +11:00
Lucas Smith a5ef1d23e6 feat: add team memberships section to admin user detail page (#2457) 2026-02-09 17:35:22 +11:00
github-actions[bot] d91414697d chore: extract translations (#2429) 2026-02-09 17:30:46 +11:00
Konrad e222a872d2 fix(i18n): rewrite audit log messages to support correct grammar (#2455) 2026-02-09 13:20:12 +11:00
Ephraim Duncan e3b0087be6 feat: create plain customer (#2442) 
Co-authored-by: Catalin Pit <catalinpit@gmail.com>
 2026-02-09 11:24:45 +11:00
Lucas Smith 1669216a91 fix: flatten pdf-lib form fields before sealing document (#2441) 
- Fixes checkbox fields not displaying correctly in sealed documents by
calling `flatten()` on the pdf-lib form before saving
 2026-02-03 14:24:23 +11:00
Lucas Smith 594a0f0c3f fix: store formValues in database when creating document from template (#2437) 2026-02-02 11:36:06 +11:00
Konrad 2df41b9f01 feat(ui): rename sign up button for better clarity (#2427) 2026-01-30 12:30:33 +11:00
David Nguyen 97ceb317a8 fix: license banner not correctly showing (#2432) 2026-01-29 15:09:23 +11:00
David Nguyen c83109628d fix: add license logging (#2431) 2026-01-29 14:08:36 +11:00
David Nguyen a4d0e3e873 fix: resolve safari cert download issues (#2430) 2026-01-29 14:08:07 +11:00
David Nguyen 1b0df2d082 feat: add license integration (#2346) 
Changes:
- Adds integration for the license server.
- Prevent adding flags that the instance is not allowed to add
 2026-01-29 13:30:48 +11:00
Catalin Pit d18dcb4d60 feat: autoplace fields from placeholders (#2111) 
This PR introduces automatic detection and placement of fields and
recipients based on PDF placeholders.

The placeholders have the following structure:
- `{{fieldType,recipientPosition,fieldMeta}}` 
- `{{text,r1,required=true,textAlign=right,fontSize=50}}`

When the user uploads a PDF document containing such placeholders, they
get converted automatically to Documenso fields and assigned to
recipients.
 2026-01-29 13:13:45 +11:00
Konrad d77f81163b fix(i18n): mark missing strings for translation in card components (#2308) 2026-01-29 12:22:07 +11:00
github-actions[bot] 53b0131740 chore: extract translations (#2418) 2026-01-28 21:25:23 +11:00
Catalin Pit 155310b028 feat: add bulk document selection and move functionality (#2387) 
This PR introduces bulk actions for documents, allowing users to select
multiple envelopes and perform actions such as moving or deleting 1 or
more documents simultaneously.
 2026-01-28 18:27:32 +11:00
Catalin Pit 28bc2dc975 fix: send organisation member removal email to correct user (#2405) 2026-01-28 09:18:58 +02:00
David Nguyen eb3b3b18ce chore: add v1 deprecated docs (#2423) 2026-01-28 14:09:13 +11:00
misha 8bc4f1a713 fix: exclude soft-deleted documents from folder count (#2410) 2026-01-28 13:07:57 +11:00
Lucas Smith 7a583aa7af fix: preserve prompt parameter in OAuth authorize URL builder (#2421) 
The prompt option was being discarded for OAuth authorize URLs after
adding support for the NEXT_PRIVATE_OIDC_PROMPT env var. This meant
select_account (used elsewhere) was not being passed through.

Now defaults prompt to the provided option (or 'login'), and only
overwrites it when a valid OIDC prompt env var is set. Also adds a
type guard to validate the env var value.
 2026-01-27 20:25:16 +11:00
David Nguyen b590076d85 fix: allow past due subscriptions (#2420) 
Allow plans with past_due subscriptions to continue to use the platform
until the subscription becomes inactive.
 2026-01-27 18:45:58 +11:00
Lucas Smith 65e30b88be fix: persist formValues in document creation endpoints (#2419) 2026-01-27 16:21:09 +11:00
Ted Liang 9c6ee88cc4 fix: security CVE-2026-23527 (#2399) 2026-01-27 15:52:34 +11:00
Lucas Smith 6028ad9158 chore: add translations (#2412) 
Co-authored-by: Crowdin Bot <support+bot@crowdin.com>
 2026-01-27 15:44:01 +11:00
Lucas Smith 7fc6f5bb6e fix: make teamId optional in support form validation (#2417) 
The contact form accepts teamId as an optional param based on
where the user clicks "Support" from. Previously, when opened
from a non-team context, the null teamId would be parsed to NaN
and fail validation, causing the form to error out. Now the
validation only runs when a teamId is actually provided.
 2026-01-27 15:00:53 +11:00
Jorge Ramirez 17b261df1f fix(api): add take parameter to template search query for pagination (#2396) 
This PR fixes a bug in the `/api/v2/template` endpoint where the
pagination parameter `perPage` was being ignored. Previously, the
endpoint would return all matching templates regardless of the requested
limit, which could lead to performance issues and incorrect API
behavior.
 2026-01-27 15:00:37 +11:00