- Added a new component for linking Google and GitHub accounts to user profiles.
- Integrated account linking functionality with the authentication client, allowing users to link and unlink their social accounts.
- Updated the profile settings page to conditionally display the linking account component based on cloud settings.
- Enhanced error handling and loading states for a better user experience.
- Changed the default value of BETTER_AUTH_SECRET to ensure compatibility for users who enabled 2FA before the introduction of the new secret.
- This update maintains existing authentication functionality while transitioning to a more secure default.
close https://github.com/Dokploy/dokploy/issues/3645
- Updated the authentication configuration to conditionally include advanced cookie settings only when not in a cloud environment.
- This change enhances flexibility in cookie management while maintaining existing security practices.
- Introduced advanced cookie settings in the authentication configuration, including options for secure cookies and default cookie attributes.
- This enhancement aims to improve security practices related to cookie handling in the application.
- Deleted the SQL file that added a unique constraint on the combination of applicationId and pullRequestId in the preview_deployments table.
- Removed the corresponding entry from the _journal.json to reflect the deletion of the migration.
- Deleted the snapshot file for version 142, which is no longer needed.
- Updated the preview-deployments schema to remove the unique index, reverting to the previous state.
- Introduced a new SQL file to add a unique constraint on the combination of applicationId and pullRequestId in the preview_deployments table.
- Updated the _journal.json to include the new migration entry for version 142.
- Created a new snapshot file for version 142 to reflect the current database schema.
- Modified the preview-deployments schema to include a unique index for applicationId and pullRequestId, enhancing data integrity.
- Updated the ShowDockerLogs component to use optional chaining when accessing the error property of services, preventing potential runtime errors.
- Refactored the deployApplication function to create an applicationEntity object, ensuring consistent use of serverId across repository cloning functions.
- Removed unused createEnvFile function from utils, streamlining the codebase.
- Updated the cron schedule for Docker cleanup tasks across multiple files to use the new CLEANUP_CRON_JOB constant.
- This change enhances maintainability by centralizing the cron schedule configuration, ensuring consistency across the application.
- Added a locking mechanism to prevent concurrent volume backups, ensuring data integrity during backup operations.
- Introduced a `lockWrapper` function that manages the locking process using either `flock` or directory-based locking.
- Updated the `backupVolume` function to utilize the locking mechanism for both application and compose service types, enhancing the reliability of backup processes.
- Updated the database query in the `reconnectServicesToTraefik` function to remove optional chaining, ensuring proper execution of the query.
- This change enhances the reliability of service reconnections to Traefik by ensuring the database connection is correctly utilized.
- Added a new function `reconnectServicesToTraefik` to facilitate the reconnection of services to Traefik based on the server ID.
- The function queries the database for isolated deployments and constructs Docker network connect commands for each service.
- Enhanced the existing Traefik setup process by ensuring services are properly reconnected after setup.
- Introduced a new field `giteaInternalUrl` in the Gitea provider settings to allow users to specify an internal URL for OAuth token exchange when Gitea runs on the same instance as Dokploy.
- Updated the Gitea provider forms to include the new field with appropriate descriptions.
- Modified the token exchange logic to utilize the internal URL if provided, enhancing connectivity options for users.
- Updated database schema to accommodate the new field.
- Introduced a new field `gitlabInternalUrl` in the GitLab provider settings to allow users to specify an internal URL for OAuth token exchange when GitLab runs on the same instance as Dokploy.
- Updated the GitLab provider forms to include the new field with appropriate descriptions.
- Modified the token exchange logic to utilize the internal URL if provided, enhancing connectivity options for users.
- Added error message display for containers in both the application and stack log views when using the "swarm" option.
- Updated Docker command to include error information for containers, enhancing visibility into container issues.
- Added support for displaying "ready" state in badge color logic.
- Updated logs display to include container status and current state in the dashboard components.
- Modified Docker command outputs to include status and current state for better visibility of container health.
- Introduced a new column "created_at" with a default timestamp to the "invitation" table.
- Updated the account schema to reflect this change, ensuring consistency across the database structure.
- Added corresponding metadata in the snapshot and journal files for versioning.
- Updated the addDokployNetworkToService function to automatically include the "default" network when adding new networks.
- Modified test cases to reflect the new behavior, ensuring no duplicates of the default network are added.
- Improved handling of network addition for both arrays and objects.
- Eliminated the getDokployImage and pullLatestRelease functions to streamline the settings service.
- Updated the code to focus on dynamic image retrieval, enhancing clarity and maintainability.
- Introduced DriverOptsEntries to the network form schema, allowing users to specify driver options for networks.
- Updated the form UI to support adding, editing, and removing driver options dynamically.
- Adjusted the backend schema to accept driver options as a record of key-value pairs.
- Updated the backupVolume function to use `docker service update --replicas` instead of `docker service scale` for stopping and starting application replicas.
- This change enhances the backup process by ensuring proper handling of service updates with registry authentication.
- Added BETTER_AUTH_SECRET constant to manage authentication secret, defaulting to a predefined value if not set in the environment.
- Updated betterAuth configuration to utilize BETTER_AUTH_SECRET for enhanced security in authentication processes.
- Moved LICENSE_KEY_URL definition to a centralized location for better maintainability.
- Updated license validation function to utilize the new LICENSE_KEY_URL import, enhancing clarity and consistency in API calls.
- Upgraded @types/node from version ^18.19.104 to ^20.16.0 in package.json files for apps/api, apps/dokploy, apps/schedules, and packages/server.
- Adjusted pnpm-lock.yaml to reflect the updated @types/node version across all relevant dependencies.
- Added a new setup file for mock database interactions in the dokploy app to enhance testing capabilities.
- Updated drizzle-orm from version ^0.39.3 to ^0.41.0 for enhanced performance and features.
- Upgraded @better-auth/utils from version 0.2.4 to 0.3.0 to incorporate the latest improvements.
- Adjusted pnpm-lock.yaml to reflect these dependency updates.
- Added logic to retrieve and delete SSO providers, ensuring proper permission checks and error handling.
- Updated user trusted origins when adding or removing SSO providers, maintaining accurate origin lists.
- Refactored trusted origins retrieval to improve clarity and efficiency in the authentication process.
- Introduced utility functions for normalizing trusted origins and converting request headers.
- Added a condition to display the deprecation warning for legacy database credentials only in non-test environments.
- This change prevents unnecessary warnings during testing, improving the developer experience.
- Modified the database URL assignment logic to differentiate between production and development environments.
- Ensured that the correct database URL is used based on the NODE_ENV variable, improving deployment flexibility.
- Deleted the import statement for `getSSOProviders` and the associated logic for fetching issuer origins from SSO providers.
- This cleanup improves code clarity by removing unnecessary dependencies and streamlining the trusted origins configuration.
- Added a new service to fetch SSO providers from the database, including relevant fields such as id, providerId, issuer, domain, oidcConfig, and samlConfig.
- This functionality will support future enhancements in SSO integration.
- Updated user context to include `enableEnterpriseFeatures` and `isValidEnterpriseLicense` properties.
- Modified request validation to set these properties based on user data, enhancing enterprise feature management.
- Adjusted the enterprise procedure to check user flags directly from the context instead of querying the database.
- Changed the export of the `handler` and `api` constants to local scope for better clarity.
- Enhanced the trusted origins logic by restructuring the code for improved readability and maintainability.
- Commented out the cloud environment redirection logic for future consideration, aligning with previous changes in the codebase.
- Commented out the old database URL for security reasons.
- Updated the database connection string to use the Docker service name for PostgreSQL, ensuring proper connectivity in containerized environments.
- Added support for IdP metadata XML in the SAML registration dialog, allowing users to paste full metadata for configuration.
- Updated the callback URL and audience handling to dynamically incorporate the base URL.
- Refactored the SSO settings to enable SAML provider registration and improved the display of callback URLs based on provider details.
- Enhanced trusted origins configuration in the authentication logic to include additional domains for development and production environments.
- Included a new Okta domain in the array of allowed domains for SSO authentication.
- Modified the SSO request handling logic to return early if the request is an SSO callback, enhancing the flow of authentication.
- Refactored `register-oidc-dialog` and `register-saml-dialog` to accept an array of domains instead of a single domain string.
- Enhanced server-side validation to check for duplicate domains across registered providers.
- Updated SSO schema to reflect the change from a single domain to an array of domains, including validation for domain format.
- Refactored SSO registration logic in `register-oidc-dialog` and `register-saml-dialog` to use a new mutation method.
- Removed unused imports and error handling for registration failures.
- Added foreign key constraint for `organization_id` in the `sso_provider` table.
- Introduced new SSO schema and updated user relations to include SSO providers.
- Enhanced authentication flow to support SSO provider registration.
