[pull] master from mattermost:master#402
Open
pull[bot] wants to merge 7882 commits intoDithn:masterfrom
Open
Conversation
* Rename Content Flagging to Data Spillage Handling
Update all user-facing text to use "Data Spillage Handling" and
"Quarantine for Review" terminology. Rename i18n keys that referenced
content flagging. Auto-patch bot display name on pre-existing servers.
Co-authored-by: Cursor <cursoragent@cursor.com>
* Fixed searchable stringgs
* Revert unintended package-lock.json changes
Co-authored-by: Cursor <cursoragent@cursor.com>
* Fix i18n extract check: correct typo and key ordering
Fix "posed" -> "posted" typo in keep/remove quarantine modal
defaultMessages. Move admin.contentFlagging.title to correct
alphabetical position in en.json.
Co-authored-by: Cursor <cursoragent@cursor.com>
* Fix webapp tests for Data Spillage Handling rename
Update test assertions to match renamed i18n strings:
notification settings, content reviewers, and additional
settings tests now expect the new quarantine terminology.
Co-authored-by: Cursor <cursoragent@cursor.com>
* Use translatable i18n strings for notification messages
Replace hardcoded "flagged for review" notification templates with
i18n.T() calls using "quarantined for review" terminology. Add six
new server i18n keys for author, reporter, and reviewer notifications.
Co-authored-by: Cursor <cursoragent@cursor.com>
* Fix server i18n key mismatches and update test assertions
Rename remaining app.content_flagging.* keys to app.data_spillage.*
in server/i18n/en.json to match Go code references. Fix the
quarantine_post_confirmation key name. Update test assertions to
match new "quarantined for review" terminology.
Co-authored-by: Cursor <cursoragent@cursor.com>
* Fix gofmt formatting in content_flagging.go
Co-authored-by: Cursor <cursoragent@cursor.com>
* Prevent nil bot on PatchBot failure in getContentReviewBot
Use a separate variable for PatchBot result so the original bot
is preserved if the display name update fails.
Co-authored-by: Cursor <cursoragent@cursor.com>
* Reorder server i18n keys after extract
Run mmgotool i18n extract to sort entries into correct
alphabetical order.
Co-authored-by: Cursor <cursoragent@cursor.com>
* Replace i18n.T() with fmt.Sprintf for notification messages and fix test assertions
Use direct string formatting for bot notification messages instead of
i18n translation keys, which were being removed by mmgotool i18n extract
due to indirect key references. Also update test expectations for renamed
error keys (content_flagging -> data_spillage).
Co-authored-by: Cursor <cursoragent@cursor.com>
* Update default quarantine reasons to DISC-aligned terminology
Replace generic content moderation reasons with defense/intelligence
sector terminology: Classification mismatch, Need-to-know violation,
PII exposure, OPSEC concern, CUI violation, Unauthorized disclosure,
and Other. Updated across model, API tests, webapp tests, and e2e tests.
Co-authored-by: Cursor <cursoragent@cursor.com>
* Adding a string missing from bad merge
* Update remaining flagged terminology and icon for data spillage rename
- Change post menu icon from flag-outline to alert-outline
- Update reviewer notification: "quarantined" -> "submitted" a message
- Update action notifications: "flagged message" -> "quarantined message"
- Update modal errors: "flagging" -> "quarantining" this message
- Update report title: "flagged" -> "submitted" a message for review
- Update e2e page object locator for renamed menu item
Made-with: Cursor
* Fix tests
* Fix quarantine icon alignment in post dot menu
Use AlertOutlineIcon React component with size={18} instead of raw
<i> tag to match the sizing of all other menu item icons.
Made-with: Cursor
* Fixed E2E tests
* Missing test fix
* Fix E2E tests
---------
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Mattermost Build <build@mattermost.com>
* test: batches m21 to h1 bulk Enzyme to RTL migration * update per suggestions --------- Co-authored-by: Mattermost Build <build@mattermost.com>
Bumps the github-actions-updates group with 11 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `6.0.2` | | [actions/setup-node](https://github.com/actions/setup-node) | `6.2.0` | `6.3.0` | | [docker/login-action](https://github.com/docker/login-action) | `3.7.0` | `4.0.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.19.2` | `7.0.0` | | [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) | `1.0.54` | `1.0.70` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.32.3` | `4.32.6` | | [actions/setup-go](https://github.com/actions/setup-go) | `6.2.0` | `6.3.0` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `47.0.4` | `47.0.5` | | [getsentry/action-release](https://github.com/getsentry/action-release) | `3.1.1` | `3.5.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.12.0` | `4.0.0` | | [mikepenz/action-junit-report](https://github.com/mikepenz/action-junit-report) | `6.2.0` | `6.3.1` | Updates `actions/checkout` from 4.2.2 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.2.2...de0fac2) Updates `actions/setup-node` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@6044e13...53b8394) Updates `docker/login-action` from 3.7.0 to 4.0.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@c94ce9f...b45d80f) Updates `docker/build-push-action` from 6.19.2 to 7.0.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@10e90e3...d08e5c3) Updates `anthropics/claude-code-action` from 1.0.54 to 1.0.70 - [Release notes](https://github.com/anthropics/claude-code-action/releases) - [Commits](anthropics/claude-code-action@0cf5eee...26ec041) Updates `github/codeql-action` from 4.32.3 to 4.32.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@9e907b5...0d579ff) Updates `actions/setup-go` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@7a3fe6c...4b73464) Updates `tj-actions/changed-files` from 47.0.4 to 47.0.5 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](tj-actions/changed-files@7dee1b0...22103cc) Updates `getsentry/action-release` from 3.1.1 to 3.5.0 - [Release notes](https://github.com/getsentry/action-release/releases) - [Changelog](https://github.com/getsentry/action-release/blob/master/CHANGELOG.md) - [Commits](getsentry/action-release@00ed2a6...dab6548) Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@8d2750c...4d04d5d) Updates `mikepenz/action-junit-report` from 6.2.0 to 6.3.1 - [Release notes](https://github.com/mikepenz/action-junit-report/releases) - [Commits](mikepenz/action-junit-report@74626db...49b2ca0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: actions/setup-node dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: docker/login-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: docker/build-push-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: anthropics/claude-code-action dependency-version: 1.0.70 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates - dependency-name: github/codeql-action dependency-version: 4.32.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates - dependency-name: actions/setup-go dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: tj-actions/changed-files dependency-version: 47.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates - dependency-name: getsentry/action-release dependency-version: 3.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: docker/setup-buildx-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: mikepenz/action-junit-report dependency-version: 6.3.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* docs(auth): Add clarification note about Google SSO username/email sync behavior * i18n: Add translation for SSO username sync note * Fix linting errors in User Settings Security Fixed react/jsx-tag-spacing and other linting issues in user_settings_security.tsx. Also updated webapp/package.json to enforce npm engines. * Fix: Revert whitespace changes in package.json and en.json * Fix: Reorder en.json keys alphabetically to satisfy check-i18n * Fix: Scope Google SSO sync note to Google service and use block element
* chore: upgrade cypress to 15.11 * update per comment * update flaky test (while here) --------- Co-authored-by: Mattermost Build <build@mattermost.com>
* Translated using Weblate (Polish) Currently translated at 96.0% (6775 of 7053 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Polish) Currently translated at 96.3% (6799 of 7053 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Polish) Currently translated at 96.6% (6820 of 7053 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Polish) Currently translated at 96.9% (6840 of 7053 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Polish) Currently translated at 97.2% (6860 of 7053 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Update translation files Updated by "Cleanup translation files" hook in Weblate. Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ * Update translation files Updated by "Cleanup translation files" hook in Weblate. Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ --------- Co-authored-by: master7 <marcin.karkosz@rajska.info>
* Port scripts/update-versions to a shell script * Update the scripts to change the version to use jq * Add the shared package * Update webapp/scripts/CLAUDE.OPTIONAL.md * Update webapp/scripts/CLAUDE.OPTIONAL.md
When a multiselect dialog field uses data_source: "dynamic", a comma-separated default value (e.g. "Product1,Product2") was rendered as a single chip instead of two separate pre-selected chips. --------- Co-authored-by: Scott Bishel <scott.bishel@mattermost.com> Co-authored-by: Mattermost Build <build@mattermost.com>
* Add agent-browser skill * Update AGENTS.CURSOR.md * Add guidance for localization * Update .agents/skills/agent-browser/references/authentication.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Improve job progress estimation with no data
For the Elasticsearch indexing job, we compute the job progress
executing analytics queries to get the total number of posts, channels,
users and files in the database.
Until now, if that call failed, we instead used an estimate. That
estimate is a hardcoded number that is in no way related to the server
data. If that estimate was smaller than the number of already processed
entities, the job progress would show up as larger than 100%.
This commit changes that behaviour by caching the result of the
analytics query:
1. If the analytics query succeeds, we store that value in the job data.
2. If the analytics query fails, we pick a value for the total as
follows:
- Use the value previously stored in the job data if available.
- If not, use the hardcoded estimate.
- If the hardcoded estimate is smaller than the current count of
processed entities, use that count instead.
* Add defensive code against division by zero
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
…mbership (#35298) * UpdateByQuery methods for channel_type; rewrite reindexChannelPosts log pre-fetch error in channel Update and upgrade reindexChannelPosts to error level * add backfill orchestration, config listener, webapp toggle changes fix misleading backfill complete log when SaveOrUpdate fails * add integration & unit tests for public channel search and backfill * fix nil pointer dereference on UpdateByQuery response and log partial failures * add tests for compliance mode override and P channel post leakage * update system console snapshots * add instructions to error message * improve compliance-mode test * getAllChannels doesn't filter by O/S, need to do ourselves * in search, load channel info for channels we're not a member of * blank commit -- something is wrong with github, maybe this will help * improve channelType passing; error msg; simplify settings naming * debug logging for timing backfill and channel change; TO BE REVERTED * fix getMissingChannelsFromFiles in search as well * blank commit
When TeamSettings.RestrictDirectMessage is set to "team", the system bot could not create DM channels with users on different teams (or no shared team). This broke SendTestMessage, CheckPostReminders, and other background jobs that use an empty session context. The existing bypass in GetOrCreateDirectChannel only covered bots owned by the current session user or a plugin. The system bot is owned by a system admin, so it failed the ownership check and hit the common-team guard. Changes: - Rename IsBotOwnedByCurrentUserOrPlugin to IsBotExemptFromDMRestrictions to better reflect its purpose - Add an explicit system bot exemption (bot.Username == BotSystemBotUsername) as the first check in the function - Add tests covering the system bot exemption with both empty and user sessions
…35539) The OpenSearch implementation used 10,000 requests/sec but Elasticsearch was set to 1,000. Align both to 10,000.
* feat: pass unicode emojis from emoji picker to textare * fi test * PR feedback * fix unit tests * fix linter * fix emoji test * fix e2e test * e2e test * Fix MM-T155 emoji test to use flexible recently used assertions Made-with: Cursor --------- Co-authored-by: Nevyana Angelova <nevyangelova@Nevy-Macbook-16-2025.local>
* Add operation tracking fields to bridge client CompletionRequest calls Populate UserID, Operation, and OperationSubType on CompletionRequest for recaps (SummarizePosts) and message rewrite (RewriteMessage) so token usage logs show correct values instead of defaults. Also bumps mattermost-plugin-ai v1.8.1 → v1.12.0 which adds the Operation/OperationSubType fields to the bridgeclient struct. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Address PR feedback: normalize rewrite action and use session-derived userID - post.go: Add normalizeRewriteAction() that validates action against a whitelist of known RewriteAction values, mapping unknown values to "unknown" before assigning to OperationSubType. - summarization.go: Use sessionUserID (derived from rctx.Session().UserId) instead of the userID parameter for tracking, ensuring operation tracking always uses the authenticated session user. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>
* Add agent-browser skill * Update AGENTS.CURSOR.md * Add guidance for localization * Fix recap channel checkbox selection Co-authored-by: Nick Misasi <nick13misasi@gmail.com> --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: Mattermost Build <build@mattermost.com>
* Add agent-browser skill * Update AGENTS.CURSOR.md * Add guidance for localization * Fix permalink preview priority badges Co-authored-by: Nick Misasi <nick13misasi@gmail.com> --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com>
* Add single-channel guest tracking and reporting - Add AnalyticsGetSingleChannelGuestCount store method to count guests in exactly one channel - Exclude single-channel guests from active user seat count in GetServerLimits - Add single-channel guest count to standard analytics response - Add Single-channel Guests card to System Statistics page with overage warning - Add Single-channel guests row to Edition and License page with overage styling - Add dismissible admin-only banner when single-channel guest limit is exceeded - Gate feature behind non-Entry SKU and guest accounts enabled checks - Re-fetch server limits on config changes for reactive UI updates - Fix label alignment in license details panel Made-with: Cursor * Refine single-channel guest tracking - Remove license GuestAccounts feature check from shouldTrackSingleChannelGuests (only config matters) - Re-add getServerLimits calls on page mount for fresh data - Remove config-change reactivity code (componentDidUpdate, useEffect) - Add server i18n translations for error strings - Sync webapp i18n via extract - Add inline comments for business logic - Restore struct field comments in ServerLimits model - Add Playwright E2E tests for single-channel guest feature - Fix label alignment in license details panel Made-with: Cursor * Guests over limit fixes and PR feedback * Fix linter issues and code quality improvements - Use max() builtin to clamp adjusted user count instead of if-statement (modernize linter) - Change banner type from ADVISOR to CRITICAL for proper red color styling Made-with: Cursor * Fix overage warnings incorrectly counting single-channel guests Single-channel guests are free and should not trigger license seat overage warnings. Update all overage checks to use serverLimits.activeUserCount (seat-adjusted, excluding SCG) instead of the raw total_users_count or TOTAL_USERS analytics stat. - UserSeatAlertBanner on License page: use serverLimits.activeUserCount - UserSeatAlertBanner on Site Statistics page: use serverLimits.activeUserCount - ActivatedUserCard display and overage check: use serverLimits.activeUserCount - OverageUsersBanner: use serverLimits.activeUserCount Made-with: Cursor * Use license.Users as fallback for singleChannelGuestLimit before limits load This prevents the SingleChannelGuestsCard from showing a false overage state before serverLimits has been fetched, while still rendering the card immediately on page load. Made-with: Cursor * Fix invite modal overage banner incorrectly counting single-channel guests Made-with: Cursor * Fix invitation modal tests missing limits entity in mock state Made-with: Cursor * Fix tests * Add E2E test for single-channel guest exceeded limit scenario Made-with: Cursor * Fix TypeScript errors in single channel guests E2E test Made-with: Cursor * Fix channel name validation error caused by unawaited async getRandomId() Made-with: Cursor * Add contextual tooltips to stat cards when guest accounts are enabled Made-with: Cursor * Code review feedback: query builder, readability, tooltips, and alignment fixes Made-with: Cursor * Fix license page tooltip alignment, width, and SaveLicense SCG exclusion Made-with: Cursor * Fix banner dismiss, license spacing, and add dismiss test Made-with: Cursor * Exclude DM/GM channels from single-channel guest count and fix E2E tests Filter the AnalyticsGetSingleChannelGuestCount query to only count memberships in public/private channels, excluding DMs and GMs. Update store tests with DM-only, GM-only, and mixed membership cases. Fix E2E overage test to mock the server limits API instead of skipping, and correct banner locator to use data-testid. Made-with: Cursor
…ebase (#35445) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>
Co-authored-by: Cursor Agent <cursoragent@cursor.com>
* Replace TextFormatting.escapeRegex with built-in RegExp.escape * Remove unused definition --------- Co-authored-by: Mattermost Build <build@mattermost.com>
* improves logging during slack import * add imported users with no password and force reset flow * use i18n key ids during test
* [MM-67626] Update Playbooks plugin to v2.8.0 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Prepackage FIPS version for Playbooks --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
…5930) * Add pluggable AI actions menu with rewrite submenu and plugin extension point * Use cascading hover popover for AI actions submenus * Fix lint errors in AI actions menu and related files * Update i18n strings for AI actions menu * Fix coding guideline violations in AI actions menu and tests * Fix spacing * Fix stylelint errors in use_rewrite.scss * Support ReactNode for AI action menu item text * Fix empty menu guard, keyboard a11y, and rewrite follow-up placeholder * Hide rewrite actions while a rewrite is in progress * Remove subMenuHeader from plugin API and pass isRHS context to plugin components * Support simple click actions in AI action menu plugin API * Fix import order in ai_actions_menu tests * Flip AI actions submenu to open left when insufficient space on right Adapts the viewport-aware positioning pattern from the existing SubMenu component so the cascading submenu renders on the side with more space. * Only flip submenu to left when right space is insufficient
Rows created before the CreatedBy/UpdatedBy columns were added have NULL in those fields, causing a scan error when reading them. Wraps those columns with COALESCE(..., '') in the tableSelectQuery and in the Upsert RETURNING clause. Also removes the propertyValueColumns shared variable, inlining the column lists directly in each INSERT statement to match the pattern used in the property field store. Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es>
* Fixed the UI for compact mode file editing * Added test * Updated file container height and font size for compact mode * Updated snapshot * File name truncation fix * lint fix * updated snapshot * Updated snapshot
* Add bulk set (replace) channel memberships API
PUT /api/v4/channels/{channel_id}/members accepts a complete desired
membership list and reconciles it against the current state, adding
missing users and removing extras while leaving existing members
untouched. Results stream back as NDJSON with configurable batch size
and delay to manage server load. Sysadmin only. Private channels
cannot be emptied entirely.
… it isn't the case (#34206) * [GH-30388] Don't load custom profile attributes if not licensed or disabled * [GH-29948] Don't load scheduled posts if not enabled Fixes #29948 * chore: add and use isCustomProfileAttributesEnabled selector * tests: fix type check error * review: fix lint, handle props update, add tests and cleanup uneeded code --------- Co-authored-by: Mattermost Build <build@mattermost.com>
* Add PermissionCreateAgent server-side permission definition Define PermissionCreateAgent in the model layer with system scope, add to SystemScopedPermissionsMinusSysconsole (feeds AllPermissions), grant to system_user in MakeDefaultRoles(), and register a permissions migration for existing installations (system_admin + system_user). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add exhaustive tests for PermissionCreateAgent permission Model tests: verify create_agent is in AllPermissions, has system scope, correct i18n fields, present in system_admin and system_user default roles, and absent from system_guest. Migration test: verify getAddCreateAgentPermissionMigration adds create_agent to both system_admin and system_user, and is idempotent on re-run. Also register the migration key in testlib mock store so server initialization skips it during test setup. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add webapp permission constants and i18n for create_agent Add CREATE_AGENT constant to permissions.ts, display strings with defineMessages in permissions.tsx, and i18n entries in en.json so the permission appears in System Console Permission Schemes UI. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Clean up tests and minor fixups for create_agent permission Consolidate role_test.go into table-driven tests, remove redundant comments in permissions_migrations_test.go, add .planning/ to .gitignore, and refresh webapp/package-lock.json. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Split create_agent into manage_own_agent and manage_others_agent Replace PermissionCreateAgent with system-scoped own/others permissions, update migration and defaults, and wire System Scheme UI for integrations. Made-with: Cursor * fixes * Stabilize autotranslation E2E by pinning mock source language Set LibreTranslate mock to English before the pre-enable post and Spanish before the post-enable message so parallel tests cannot leave the mock in a state where the new message is not translated. Made-with: Cursor * Revert package-lock, add more chnages * Revert "Revert package-lock, add more chnages" This reverts commit 7f6752c. * Drop unrelated autotranslation E2E tweak; restore package-lock The Playwright autotranslation change was not caused by MM-65671. Revert that test edit and restore webapp/package-lock.json after an accidental revert of the prior package-lock update. Made-with: Cursor * Put package-lock back again * fixes * Fix migration tests for manage_own_agent on system_user role Made-with: Cursor --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>
Snapshots were stale after manage_own_agent and manage_others_agent permissions were added in d4d65c8 without a snapshot update. Made-with: Cursor
* MM-67592 - be changes for team admin abac channels (#35353) * MM-67592 - be changes for team admin abac channels * Revert team-scoped API routes, keep app layer business logic * move from config to permission; Add cluster-aware LRU cache for policy team scope lookup * remove unnecessary references to config value * local/remote cache invalidation consistency for policy scope * Replace policy scope cache with store-level team scope query * rename functions and add comments to query --------- Co-authored-by: Mattermost Build <build@mattermost.com> * MM 67594 - policies CUD operations to team settings modal channels ABAC (#35590) * MM-67592 - be changes for team admin abac channels * Revert team-scoped API routes, keep app layer business logic * move from config to permission; Add cluster-aware LRU cache for policy team scope lookup * remove unnecessary references to config value * local/remote cache invalidation consistency for policy scope * Replace policy scope cache with store-level team scope query * format files correctly * fix mock expectations for store-query approach in tests * rename functions and add comments to query * revert error ids to original to prevent break tests * adjust translations * MM-67669 - add tab to team settings modal and basic listing * adjust tests and fix linter * use existing search api logic * fix style and adjust flaky test to clean up and restore orinals * address ai corabbit feedback and fix linter * fix unit tests * MM-67592 - be changes for team admin abac channels (#35353) * MM-67592 - be changes for team admin abac channels * fix linter * fix ts linter for playwright * Revert team-scoped API routes, keep app layer business logic * move from config to permission; Add cluster-aware LRU cache for policy team scope lookup * remove unnecessary references to config value * local/remote cache invalidation consistency for policy scope * Replace policy scope cache with store-level team scope query * format files correctly * fix mock expectations for store-query approach in tests * rename functions and add comments to query * revert error ids to original to prevent break tests * adjust translations --------- Co-authored-by: Mattermost Build <build@mattermost.com> * MM-67594 - support cud operations for team abac BE changes * create the team settings policy edit section, reuse most components, add basic e2e * move optional refresh policy list button to list component * temp get team admins cud policies and sync job * enhance validation and adjust e2e * Fix testExpression permission; fix pagination of team policies; add isValidId validation * adjust styles, handling renaming and add permission migrations * update the permissions names, use the simple confirmation modal, define the delete modal * fix policy deletion flow * fix some linter issues and adjust helper tests * remove delete from list and fix e2e * code comments clean up * remove CEL editor for now, clean styles, enhance e2e * fix linter, adjust unit test * fix linter and add missing translation * fix policy deletion ownership and sanitize test expression * fixed e2e tests * rollback orphaned policy on failed channel assignment * enforce channelless check before last_team_id fallback * enforce channelless guard on assign fallback too * add translations missing * add teamId to audit payload when present * fix refresh button pagination reset * fix null safety in channel selector loadChannels * use responsive width cap for team settings modal and adjust header size * remove redundant raw term from channel search URL, add showRefreshButton prop to PolicyList component * handle error when stamping last team ID on channelless policy * replace Props-based ownership with in-memory LRU cache, disable save on zero channels * make e2e tests more reliable in CI * test skip if no license valid found * add childCount guard to cache-hit paths and reduce TTL to 5s * fix e2e, adjust translation * address review feedback: flatten permission checks and separate error types - Flatten nested permission branching in deleteAccessControlPolicy using early returns to reduce indentation (review: isacikgoz) - Validate teamID as input (400) before using it for permission checks (403) in testExpression and validateExpressionAgainstRequester handlers - Remove redundant hasSystemPermission check in searchAccessControlPolicies since system_admin role already includes manage_team_access_rules - Refactor ValidateTeamAdminPolicyOwnership to return (bool, *model.AppError) separating "not owned" from "internal error" across all 8 call sites - Update tests to assert on both return values Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * add persistent team scope to access control policies, replace in-memory cache * fix translation * fix case-insensitive policy search and sanitize search term input * make policies tests have a unique name * decouple scope/scopeID filter from TeamID in policy store * Fix authZ bypass searchChannelsForAccessControlPolicy by forcing TeamIds to authorized team * show unsaved changes on navigator back, and list all private channels on load * filter already applied channels to a policy * adjust the styles to dark mode; do not show added channels to the policy in the add channels modal * fix linter * MM-67967 add sync status footer to team settings (#35729) * MM-67967 add sync status footer to team settings * remove magic numbers and strings and polish the code * fix linter * fix linter: replace interface{} with any per gofmt rewrite rule Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * refine getJobsByType team-scoped filtering and permissions * fix sync footer stuck in syncing state on job creation error * fix team-scoped job pagination in getJobsByType * Fix authZ bypass searchChannelsForAccessControlPolicy by forcing TeamIds to authorized team * implement ux feedback, change titles font, fix marging and scroll view jump * MM-68135 - migrate add channels to policy modal to generic modal (#35907) * MM-67920 unify e2e team settings tests (#35867) * MM-67920 - extract duplicated policy editor helpers * remove duplicate team icon test file * rename Access Control to Membership Policies in e2e * replace networkidle with explicit element waits * fix attribute loading issue --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix playwright feedback issues and persist filters to the store layer in the no systemconsole path * Improve policy scope validation and team admin security checks * Renamed public channels to "AAA Public Channel %03d" and private ones to "ZZZ Private..." so the 55 public channels now fill the 50-result cap * fix e2e tests and add new unit tests to improve coverage * Improve e2e test stability: race condition handling and timeout adjustments * Improve team-scoped ABAC policies: scope preservation, input validation, shared exclusion * Add comprehensive ABAC test coverage: team admin ops and security validation to reduce flakyness * Fix team policy editor back button: preserve navigation intent through Undo * style: format import statements for better readability * Enhance access control policy creation for team admins: enforce scope stamping from query parameters to prevent unauthorized team assignments --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
After editing a post, the main textbox now properly regains focus. The fix uses the stored refocusId to focus the correct textbox element (post_textbox or reply_textbox) before unsetting edit mode. Co-authored-by: Mattermost Build <build@mattermost.com>
…ript@6.0 (#36091) * chore(cypress): upgrade to v15.13 and to typescript@6.0 * fix comments and update exposing cypress env
…ed for the first time for a user from channel member list in RHS (#35918) * Fixed a bug where user profile popover closed automatically when opened for the first time for a user from channel member list in RHS * Added tests * fixed a test
* Adding watermarking toggle in server * Update setting to enterprise * Adding it to mobile security * Updating experimental section * Moved back to experimental settings. Added license checks * Updating tests --------- Co-authored-by: maria.nunez <maria.nunez@mattermost.com>
Automatic Merge
…36119) * MM-68276: Apply default values for plugin settings inside sections Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Revert work-around from #36056 This is no longer needed with the previous fix in place. --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>
#36033) * Start moving user agent utils into shared package * Remove inobounce and stop exporting isIosSafari Based on some quick testing on my phone, inobounce is no longer needed. Both local and Community: 1. Let you overscroll on the landing and login pages 2. Don't overscroll in a channel, a thread, or the LHS while fully zoomed out 3. Do let you overscroll when zoomed in That also lets me reduce the size of the interface for utils/user_agent. * Remove unneeded exports and unused functions * Remove outdated workarounds from FileUpload component These were only needed to support a 10 year old version of iOS Chrome and the classic app. * Remove useOrientationHandler This was added in mattermost/mattermost-webapp#2504, but I don't think the extra complexity is worth keeping it around when we mostly support mobile view for desktop accessibility reasons. * Replace isIosWeb/isAndroidWeb with isIos/isAndroid These were previously needed to differentiate between the mobile web app and the classic app. * Replace isMobileApp with isMobile Similar to the last commit, we used to need to differentiate between the mobile web and the classic app. For most places, I just replaced isMobileApp with isMobile, but I removed the check in ProductMenuList because we want to show that link on mobile web. * Move isInternetExplorer and isEdge out of the shared package Those should be removed, so I don't want to include them in the shared package at all. I also renamed isChromiumEdge to just isEdge since that should be its name once the old ones are removed. * Change how functions are re-exported to fix tests * Update web app code to use shared user agent utils directly * Removed useless mock * Fix how tests mock utils/user_agent now that it's fully moved * Actually export user_agent utils from shared package
* ci: pin enterprise repo to explicit commit hash Introduces an enterprise.pin file that explicitly pins the enterprise commit the server is built and tested against. This replaces the implicit HEAD checkout, eliminating the CI race condition for all cross-repo changes. Changes: - enterprise.pin: pinned enterprise commit SHA - server/Makefile: new bump-enterprise target to update the pin Co-authored-by: Claude <claude@anthropic.com> * ci: fix bump-enterprise error handling and path resolution - Add set -e so recipe fails fast if git rev-parse fails - Use $(ROOT)/../enterprise.pin instead of ../enterprise.pin to resolve path relative to Makefile location, not CWD Co-authored-by: Claude <claude@anthropic.com> * fix: add missing 'all' to .PHONY declaration in Makefile Pre-existing issue flagged by CodeRabbit — the 'all' target (line 199) was never declared phony. Out of scope for the enterprise.pin change but trivial to fix. Co-authored-by: Claude <claude@anthropic.com> * ci: trigger Enterprise CI re-run Co-authored-by: Claude <claude@anthropic.com> --------- Co-authored-by: Claude <claude@anthropic.com>
* [MM-67949] Harden notification email filename rendering Escape and normalize attachment filenames before inserting them into notification email content, and add focused regression coverage for file-only and image-only notification paths. Made-with: Cursor * chore: retrigger CI checks --------- Co-authored-by: Edgar <edgar.bellotmico@mattermost.com>
* Remove logic for supporting pre-Chromium versions of Edge * Remove support for IE11 * Remove IE/Edge-specific CSS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )