Open
Conversation
Switch from z.instanceof(FormData) to uploadFileSchema (zod-form-data) so the OpenAPI generator produces a proper multipart/form-data spec with typed fields (zip as binary, applicationId, dropBuildPath). Regenerate openapi.json with the drop-deployment endpoint included.
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
This fixes the issue where the installation instructions are instructing to have the user run the install script under the wrong shell.
… rejection on DB failure
- Added health check functionality for PostgreSQL, Redis, and Traefik services before updating the web server. - Introduced a modal state management system to guide users through the verification and update process. - Updated UI components to display service health status and relevant messages during the update workflow. - Refactored the update server button to reflect the latest version and availability of updates.
…validate-dokploy-services feat: enhance web server update process with health checks
- Bumped the version of @dokploy/trpc-openapi in both package.json and pnpm-lock.yaml. - Removed unnecessary metadata from the dropDeployment procedure in application.ts.
feat: expose drop deployment endpoint in public API
- Changed input class from "focus:ring-0" to "focus-visible:ring-0" for improved accessibility and visual feedback on focus.
feat(ui): Add Vercel-style breadcrumb navigation with project and service switchers
…led-rejection fix: prevent unhandled rejection in trustedOrigins on DB failure
…raints - Introduced new SQL migration to create 'project_tag' and 'tag' tables. - Added unique constraints and foreign key relationships to ensure data integrity. - Updated journal and snapshot metadata to reflect the new migration.
- Added a new HandleTag component to manage tag creation and updates with validation. - Integrated color selection and real-time preview for tags. - Updated tag management references in TagFilter and TagSelector components to use the new HandleTag component.
- Integrated user permissions for tag creation, updating, and deletion in the TagManager component. - Updated API routes to enforce permission checks for tag operations. - Added new permissions for managing tags in the roles configuration. - Improved error handling for unauthorized access in tag-related operations.
- Replaced role-based access control with permission-based checks for tag visibility in the side menu. - Updated API route handlers to utilize protected procedures for tag queries, enhancing security and consistency in permission management.
- Added error handling for user permission fetching in the server-side props. - Implemented a check for tag read permissions, redirecting unauthorized users to the home page. - Enhanced the overall structure of the server-side logic for better clarity and maintainability.
fix: Broken install instructions
…-disk-space-monitoring-graph feat: show only used disk space in server monitoring chart
feat: add RHEL flavors to server setup script
- Updated the authentication process to check if the email of the user matches the email associated with the invitation token. - Improved error handling for cases where the user is not found or the email does not match the invitation.
Also checks that the invitation is not expired and has not already been used before allowing account creation. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…r handling - Normalize emails with toLowerCase().trim() before comparing - Wrap getUserByToken in try/catch since it throws TRPCError on miss, rethrow as APIError for consistent error responses
fix: validate invitation email matches signup email
The naive split(":").pop() approach treated the port number in
registry URLs (e.g. registry:5000/image) as the image tag.
Now uses lastIndexOf(":") and checks if the suffix matches a port
followed by a path (digits + slash), consistent with extractImageName.
Closes #4082
fix: extractImageTag misidentifies registry port as tag
writeDomainsToCompose reads the compose file in Node.js before the shell script runs, so patches applied as shell commands were being overwritten by the stale pre-patch content. Split patch execution into a separate step that runs before getBuildComposeCommand, so the file is already patched when Node.js reads it for domain injection. Also added missing patch support to rebuildCompose which was skipping patches entirely on redeploys. Closes #4113
fix: compose patches overwritten by domain injection
The actions array in Slack attachments requires Interactive Components to be configured on the Slack app, which causes notifications to fail. Replaces with a Details field using mrkdwn hyperlink syntax and adds mrkdwn_in to ensure the link renders as clickable. Closes #4053
…ions-content fix: actions in slack notification
fix: replace deprecated Slack actions with mrkdwn link field
- Change compose.loadServices permission from service:create to service:read since loading services from a compose file is a read-only operation - Add saveEnvironment endpoint to compose router with envVars:write permission - Update show-environment.tsx to use saveEnvironment mutations instead of generic update mutations for all service types (compose, databases) Closes #4052
…oad-services fix: correct permission checks for compose loadServices and env editing
The catch block was swallowing the real error from the ntfy server, making it impossible to diagnose connection failures (e.g. SSL, DNS, auth issues). Now the underlying error message is included in the tRPC error response. Closes #4047
fix: surface actual error message in ntfy test connection
Add an informative tooltip explaining the cleanup behavior and linking to Schedule Jobs docs for custom cleanup strategies. Closes #3973
feat: add tooltip to Daily Docker Cleanup toggle
…ssing-auth-params fix: add authSource and directConnection params to MongoDB connection URLs
…ck failures Move server.listen() before the initialization block so the HTTP server is already responding when Docker healthchecks begin. Previously, slow operations like SMTP timeouts in sendDokployRestartNotifications() could block the server from listening, causing healthcheck failures and container restarts. Closes #4049
fix: start server listener before initialization to prevent healthcheck failures
…ey access Add allForApps endpoint that returns only sshKeyId and name using protectedProcedure instead of withPermission, so members can select SSH keys in the git provider dropdown without needing access to the SSH Keys management panel. closes #4069
fix: allow members to use SSH keys for deployments without full access
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
13 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR promotes changes from
canarytomainfor version v0.29.0.🔍 Changes Include:
✅ Pre-merge Checklist: