1030 Commits

Author SHA1 Message Date
Ephraim Duncan 36bbd97514 feat: add organisation template type (#2611) 2026-03-17 01:29:34 +11:00
Ephraim Duncan 943a0b50e3 perf: parallelize async operations in duplicateEnvelope (#2619) 2026-03-16 02:34:08 +00:00
Ephraim Duncan ac09a48eaa perf: parallelize independent async operations in createEnvelope (#2618) 2026-03-16 11:13:36 +11:00
Ephraim Duncan 70fb834a6a feat: add more webhook events (#2125) 2026-03-15 19:47:52 +11:00
Ephraim Duncan 66e357c9b3 feat: add email domain restriction for signups (#2266)
Co-authored-by: Lucas Smith <me@lucasjamessmith.me>
2026-03-14 16:32:34 +11:00
Ted Liang 83fbc70a1c refactor: avoid recipient color duplication (#2355) 2026-03-13 15:52:15 +11:00
Lucas Smith 1ee6ec87a2 chore: add translations (#2614) 2026-03-13 15:22:20 +11:00
Lucas Smith 6b1b1d0417 fix: improve webhook execution (#2608)
Webhook URLs were being fetched without validating whether they
resolved to private/loopback addresses, exposing the server to SSRF.

Current SSRF is best effort and fail open, you should never host
services that
you cant risk exposure of.

This extracts webhook execution into a shared module that validates
URLs against private IP ranges (including DNS resolution), enforces
timeouts, and disables redirect following. The resend route now
queues through the job system instead of calling fetch inline.
2026-03-13 15:02:09 +11:00
Lucas Smith 9f680c7a61 perf: set global prisma transaction timeouts and reduce transaction scope (#2607)
Configure default transaction options (5s maxWait, 10s timeout) on the
PrismaClient instead of per-transaction overrides. Move side effects
like email sending, webhook triggers, and job dispatches out of
$transaction blocks to avoid holding database connections open during
network I/O.

Also extracts the direct template email into a background job and fixes
a bug where prisma was used instead of tx inside a transaction.
2026-03-13 14:51:53 +11:00
github-actions[bot] 76d96d2f65 chore: extract translations (#2583) 2026-03-13 14:50:48 +11:00
David Nguyen 2f2b5dd232 feat: allow creating embeds in folder (#2612)
## Description

Allow passing in a `folderId` when creating an embedded envelope 

## Embed repo changes here

https://github.com/documenso/embeds/pull/69/changes
2026-03-13 14:50:14 +11:00
David Nguyen 8d97f1dcfa fix: resolve error flash on page refresh (#2606) 2026-03-13 12:37:30 +11:00
David Nguyen e67e19358a fix: add hipaa flag (#2603) 2026-03-13 12:06:10 +11:00
VIVEK TIWARI a5fd814fbc fix: handle invalid qr share tokens without 500 (#2597) 2026-03-12 13:46:17 +11:00
Lucas Smith 03ca3971a0 perf: upgrade @libpdf/core to 0.3.3 and deduplicate font registration (#2598)
Upgrade @libpdf/core from 0.2.12 to 0.3.3, which includes:
- WebCrypto SHA-256 replacing pure-JS @noble/hashes (10x signing
speedup)
- Iterative collectReachableRefs (fixes stack overflow on large PDFs)
- Iterative Math.max helpers in xref writer (fixes remaining stack
overflow)

Extract duplicated FontLibrary.use() calls from render-certificate,
render-audit-logs, and insert-field-in-pdf-v2 into a shared
ensureFontLibrary() helper with has() guards so fonts are only
registered once per process.
2026-03-11 20:23:18 +11:00
Lucas Smith af346b179c feat: add recipient role editing and audit log PDF download in admin (#2594)
- Allow admins to update recipient role from document detail page
- Add download button to export audit logs as PDF
- Display recipient status details in accordion
- Add LocalTime component with hover popover for timestamps
2026-03-10 21:41:46 +11:00
Catalin Pit ab69ee627b fix: include extra recipient info in missing fields error msg (#2590) 2026-03-10 12:17:24 +11:00
Lucas Smith eaaf8f9e63 chore: add translations (#2582) 2026-03-09 11:56:17 +11:00
github-actions[bot] 7cfe876762 chore: extract translations (#2577) 2026-03-09 11:39:37 +11:00
Ephraim Duncan 15399cbe8e feat: auto-disable telemetry when license key is configured (#2562) 2026-03-09 11:24:24 +11:00
Catalin Pit c4754553c9 feat: implement template search functionality (#2376)
- Added  function to handle template searches based on user input
- Introduced in the TRPC router to facilitate authenticated template
searches
- Updated to include template search results alongside document search
results
- Enhanced query handling by enabling searches only when the input is
valid
- Created corresponding Zod schemas for request and response validation
in
2026-03-09 10:44:51 +11:00
Lucas Smith abd031b58b chore: add translations (#2575) 2026-03-06 16:10:54 +11:00
github-actions[bot] 1ff8680c32 chore: extract translations (#2566) 2026-03-06 14:15:37 +11:00
David Nguyen 7ea664214a feat: add embedded envelopes (#2564)
## Description

Add envelopes V2 embedded support

---------

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2026-03-06 14:11:27 +11:00
David Nguyen 6faa01d384 feat: add pdf image renderer (#2554)
## Description

Replace the PDF renderer with an custom image renderer.

This allows us to remove the "react-pdf" dependency and allows us to use
a virtual list to improve performance.
2026-03-06 12:39:03 +11:00
Lucas Smith 0ce909a298 refactor: find envelopes (#2557) 2026-03-06 12:38:40 +11:00
Lucas Smith 406e77e4be chore: add translations (#2570) 2026-03-05 17:33:36 +11:00
Lucas Smith ef0a5b54ba fix: verify before re-registering in email sync (#2568) 2026-03-05 15:12:20 +11:00
David Nguyen 1f985e2cd3 fix: invalid po translations (#2567) 2026-03-05 14:54:36 +11:00
Konrad 525dd92a56 fix(i18n): mark SUBSCRIPTION_STATUS_MAP for translation (#2515) 2026-03-05 14:42:40 +11:00
github-actions[bot] 8b0231825f chore: extract translations (#2539) 2026-03-05 14:11:53 +11:00
Lucas Smith 7f5f2b22ed feat: add seal-document sweep job and admin unsealed documents page (#2563) 2026-03-05 13:56:40 +11:00
Catalin Pit f1323679aa fix: use default field meta for embedding template fields (#2556) 2026-03-03 22:24:57 +11:00
Lucas Smith f8ac782f2e deps: 2026-02-26 upgrades (#2545) 2026-02-26 14:17:08 +11:00
Lucas Smith 0d3bd59ec6 fix: handle cjk and special chars when slugifying (#2544) 2026-02-26 13:54:35 +11:00
Konrad 92d82c0423 fix(i18n): mark supported languages for translation (#2377) 2026-02-26 12:06:18 +11:00
Lucas Smith 484e1c20d0 chore: add translations (#2533) 2026-02-26 11:50:08 +11:00
Lucas Smith c112392da9 feat: add admin email domain management and sync job (#2538) 2026-02-25 15:14:18 +11:00
github-actions[bot] bc72d9cb17 chore: extract translations (#2505) 2026-02-24 22:07:03 +11:00
Lucas Smith 653ab3678a feat: better ratelimiting (#2520)
Replace hono-rate-limiter with a Prisma/PostgreSQL bucketed counter
approach that works correctly across multiple instances without sticky
sessions.

- Add RateLimit model with composite PK (key, action, bucket) and atomic
upsert
- Create rate limit factory with window parsing, bucket computation, and
fail-open
- Define auth-tier and API-tier rate limit instances
- Add Hono middleware, rateLimitResponse helper, and tRPC
assertRateLimit helper
- Wire rate limit headers through AppError constructor (was declared but
never assigned)
- Apply rate limits to auth routes (email-password, passkey), tRPC
routes
  (2FA email, link org account), API routes, and file upload endpoints
- Add cleanup cron job for expired rate limit rows (batched delete every
15 min)
- Remove hono-rate-limiter dependency
2026-02-20 12:23:02 +11:00
Lucas Smith 006b1d0a57 feat: per-recipient envelope expiration (#2519) 2026-02-20 11:36:20 +11:00
Lucas Smith 6fcf0a638c chore: add translations (#2507) 2026-02-17 11:31:37 +11:00
Lucas Smith a60c6a90ab chore: add translations (#2504) 2026-02-16 16:10:43 +11:00
github-actions[bot] f35c19d098 chore: extract translations (#2458) 2026-02-16 14:34:33 +11:00
Lucas Smith 2e3d22c856 fix: use instance-specific emails for service accounts (#2502) 2026-02-16 11:52:19 +11:00
Ephraim Duncan d66c330d46 fix: match cert and audit log page dimensions to source document (#2473) 2026-02-12 18:25:11 +11:00
David Nguyen 0d65693d55 fix: highlight rejected certificate text (#2478)
## Description

- Update the rejected certificate so that is it more clear on who
rejected the document.
- Updated the audit log generation so that the completed audit log is
included

### Before

<img width="681" height="597" alt="image"
src="https://github.com/user-attachments/assets/3dab41c1-c86f-4555-8d50-3d9245be65d5"
/>

### After

Note that the order of the recipient is different in this case

<img width="818" height="769" alt="image"
src="https://github.com/user-attachments/assets/71f0ac12-5859-47b4-8980-2420ef949d18"
/>

---------

Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Lucas Smith <me@lucasjamessmith.me>
2026-02-12 16:06:43 +11:00
Lucas Smith e3dee5e565 fix: auto placement field meta (#2480) 2026-02-12 14:20:52 +11:00
Catalin Pit f1c91c4951 fix: bulk actions improvements (#2440) 2026-02-10 20:13:03 +11:00
github-actions[bot] d91414697d chore: extract translations (#2429) 2026-02-09 17:30:46 +11:00