🚀 Release v0.29.3#4372
Open
github-actions[bot] wants to merge 55 commits intomainfrom
Open
Conversation
Allows users to quickly copy the AI-generated log analysis to their clipboard from the analyze-logs popover, matching the copy UX used in the deployment and docker logs views. Made-with: Cursor
- Added a maximum length constraint of 255 characters for the email input field. - Updated validation schema to include a message for exceeding the maximum length.
…ength fix: enforce 255-char max length on forgot password email field
Closes #3909 The previous 10s interval triggered a DB query (SELECT 1) 360 times/hour, keeping Node.js heap under constant pressure and preventing the GC from reclaiming memory efficiently. Increasing to 30s reduces query load by 3x. Also adds start-period=60s to avoid false failures during startup.
fix: reduce healthcheck frequency to lower memory pressure
…ture fix(webhook): return 401 when signature header is missing
Replace permanent (301) redirects with temporary (302) redirects across all pages that check authentication state in getServerSideProps. Permanent redirects are cached by the browser indefinitely, causing a bug where users had to manually refresh after login: the browser would cache the unauthenticated redirect (dashboard → login page) and replay it even after a successful login, preventing navigation to the dashboard. Fixes #4220
fix: use temporary redirects for auth checks in getServerSideProps
Add 10s AbortSignal timeout to all template fetch calls so they fail cleanly instead of hanging indefinitely when templates.dokploy.com is unreachable. Add try/catch to getTags endpoint which was missing error handling, causing a 500 instead of returning an empty list. Closes #4282
…r-handling fix(templates): add fetch timeout and handle network errors gracefully
Three stray debug console.log calls had been left in production code paths: - restore-backup.tsx: logged the full form payload on every backup restore submission. - add-database.tsx: logged the libsql `enableNamespaces` field value from inside a `render` callback, firing on every re-render of the parent form. - project.ts (duplicateProject mutation): logged the freshly-created target project/environment row on the server on every duplicate. No behaviour change; strictly removes log noise.
…igation fix(sidebar): close mobile sidebar on navigation
Cards with descriptions appeared taller than those without, causing the 'Created at' and service count text to be misaligned across cards in the same row. - Add flex-col and mt-auto to project cards so footer sticks to bottom - Add h-full to service card Link and Card so they fill the grid cell
….tsx Signed-off-by: Nahidujjaman Hridoy <hridoyboss12@gmail.com>
….tsx Signed-off-by: Nahidujjaman Hridoy <hridoyboss12@gmail.com>
….tsx Signed-off-by: Nahidujjaman Hridoy <hridoyboss12@gmail.com>
….tsx Signed-off-by: Nahidujjaman Hridoy <hridoyboss12@gmail.com>
….tsx Signed-off-by: Nahidujjaman Hridoy <hridoyboss12@gmail.com>
Signed-off-by: Nahidujjaman Hridoy <hridoyboss12@gmail.com>
Signed-off-by: Nahidujjaman Hridoy <hridoyboss12@gmail.com>
Signed-off-by: Nahidujjaman Hridoy <hridoyboss12@gmail.com>
…ment fix: align card footers to bottom on project and service cards
feat: add copy button to AI log analysis result
fix: remove leftover debug console.log statements
fix: UI Responsiveness for both mobile, Tab and desktop Screens
Fixes #4365 — traefik.me had availability issues. sslip.io uses the same IP-in-subdomain format, supports both IPv4 and IPv6, and is more reliable.
…ip-io fix: replace traefik.me with sslip.io for auto-generated domains
Templates using network_mode: host (e.g. cloudflared) can now declare isolated = false in their [config] section to prevent Dokploy from injecting networks into the compose, which would cause a Docker error. Default behavior (isolated = true) is unchanged for all existing templates. Fixes #4366
…plate Introduced an optional 'isolated' boolean property in the CompleteTemplate interface to manage isolated deployment settings. Added tests to verify default behavior (isolated=true) and explicit settings (isolated=true/false) in the deployment configuration. This change enhances template flexibility for deployment configurations.
feat(templates): support isolated = false opt-out in template.toml
…display - Updated the schedule form schema to include an optional 'description' field. - Enhanced the form to allow users to input a description for each schedule. - Modified the schedule display component to show the description if available. - Added a database migration to include the 'description' column in the schedule table.
feat(schedules): add optional description field
dosubot
Bot
added
the
size:L
- Introduced a regex validation for branch names in Bitbucket, Git, Gitea, GitHub, and GitLab provider schemas to ensure valid branch formats. - Updated the corresponding schemas to include the new validation rule, enhancing input integrity and preventing potential errors. - Added a utility for branch validation in the server utils.
- Modified the `writeConfigRemote` function to encode the Traefik configuration in base64 before saving it to the remote YAML file. - This change ensures that the configuration is correctly handled and prevents potential issues with special characters in the config.
- Updated the WebSocket server to encode the log path in base64 before executing the tail command on the remote server. - Added validation to ensure the directory name adheres to a specified regex pattern, improving input integrity for directory paths.
…schema - Updated the `destinationPath` field in the upload file schema to include a regex validation, ensuring only alphanumeric characters, dots, dashes, underscores, and forward slashes are allowed. - Added a corresponding regex check in the `uploadFileToContainer` function to validate the destination path before processing, improving input integrity and preventing errors.
- Introduced a new validation schema for registry URLs, ensuring they conform to a specific format (hostname[:port]) and disallow shell metacharacters. - Updated the `createSchema`, `apiCreateRegistry`, and `apiTestRegistry` functions to utilize the new registry URL validation. - Improved security and input integrity for registry URL fields. - Updated the `removeRegistry` function to escape the registry URL during logout to prevent command injection vulnerabilities.
…ecret handling - Added a new script `migrate-auth-secret.ts` to facilitate the migration of 2FA secrets when changing the BETTER_AUTH_SECRET. - Updated `package.json` to include a command for running the migration script. - Refactored the handling of BETTER_AUTH_SECRET to improve security by removing the hardcoded default and introducing a fallback mechanism using environment variables or Docker secrets. - Updated the authentication logic to utilize the new `betterAuthSecret` function for retrieving the secret.
fix(security): replace hardcoded BETTER_AUTH_SECRET with Docker secret support
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR promotes changes from
canarytomainfor version v0.29.3.🔍 Changes Include:
✅ Pre-merge Checklist: