From 5235b78cb8f205ce8a6b7ad181f07ba24a1cddae Mon Sep 17 00:00:00 2001 From: sriram veeraghanta Date: Tue, 26 Mar 2024 19:24:42 +0530 Subject: [PATCH 1/6] fix: sentry config fixes --- space/next.config.js | 8 +- space/package.json | 2 +- turbo.json | 24 ++---- web/next.config.js | 8 +- web/package.json | 2 +- yarn.lock | 189 +++++++++++++++++++++++-------------------- 6 files changed, 120 insertions(+), 113 deletions(-) diff --git a/space/next.config.js b/space/next.config.js index 18b9275a1..b36368720 100644 --- a/space/next.config.js +++ b/space/next.config.js @@ -1,3 +1,4 @@ +/* eslint-disable @typescript-eslint/no-var-requires */ /** @type {import('next').NextConfig} */ require("dotenv").config({ path: ".env" }); const { withSentryConfig } = require("@sentry/nextjs"); @@ -26,8 +27,11 @@ const nextConfig = { output: "standalone", }; -if (parseInt(process.env.NEXT_PUBLIC_ENABLE_SENTRY || "0")) { - module.exports = withSentryConfig(nextConfig, { silent: true }, { hideSourceMaps: true }); +if (parseInt(process.env.NEXT_PUBLIC_ENABLE_SENTRY || "0"), 10) { + module.exports = withSentryConfig(nextConfig, + { silent: true, authToken: process.env.SENTRY_AUTH_TOKEN }, + { hideSourceMaps: true } + ); } else { module.exports = nextConfig; } diff --git a/space/package.json b/space/package.json index 4951d5e30..3d6127edb 100644 --- a/space/package.json +++ b/space/package.json @@ -22,7 +22,7 @@ "@plane/rich-text-editor": "*", "@plane/types": "*", "@plane/ui": "*", - "@sentry/nextjs": "^7.85.0", + "@sentry/nextjs": "^7.108.0", "axios": "^1.3.4", "clsx": "^2.0.0", "dotenv": "^16.3.1", diff --git a/turbo.json b/turbo.json index 9302a7183..4e8c4ee81 100644 --- a/turbo.json +++ b/turbo.json @@ -17,37 +17,25 @@ "NEXT_PUBLIC_POSTHOG_KEY", "NEXT_PUBLIC_POSTHOG_HOST", "NEXT_PUBLIC_POSTHOG_DEBUG", - "JITSU_TRACKER_ACCESS_KEY", - "JITSU_TRACKER_HOST" + "SENTRY_AUTH_TOKEN" ], "pipeline": { "build": { - "dependsOn": [ - "^build" - ], - "outputs": [ - ".next/**", - "dist/**" - ] + "dependsOn": ["^build"], + "outputs": [".next/**", "dist/**"] }, "develop": { "cache": false, "persistent": true, - "dependsOn": [ - "^build" - ] + "dependsOn": ["^build"] }, "dev": { "cache": false, "persistent": true, - "dependsOn": [ - "^build" - ] + "dependsOn": ["^build"] }, "test": { - "dependsOn": [ - "^build" - ], + "dependsOn": ["^build"], "outputs": [] }, "lint": { diff --git a/web/next.config.js b/web/next.config.js index e018ea317..a7c658b59 100644 --- a/web/next.config.js +++ b/web/next.config.js @@ -1,3 +1,4 @@ +/* eslint-disable @typescript-eslint/no-var-requires */ require("dotenv").config({ path: ".env" }); const { withSentryConfig } = require("@sentry/nextjs"); @@ -24,8 +25,11 @@ const nextConfig = { output: "standalone", }; -if (parseInt(process.env.NEXT_PUBLIC_ENABLE_SENTRY || "0")) { - module.exports = withSentryConfig(nextConfig, { silent: true }, { hideSourceMaps: true }); +if (parseInt(process.env.NEXT_PUBLIC_ENABLE_SENTRY || "0"), 10) { + module.exports = withSentryConfig(nextConfig, + { silent: true, authToken: process.env.SENTRY_AUTH_TOKEN }, + { hideSourceMaps: true } + ); } else { module.exports = nextConfig; } diff --git a/web/package.json b/web/package.json index bdd880ce1..3ec941b80 100644 --- a/web/package.json +++ b/web/package.json @@ -28,7 +28,7 @@ "@plane/types": "*", "@plane/ui": "*", "@popperjs/core": "^2.11.8", - "@sentry/nextjs": "^7.85.0", + "@sentry/nextjs": "^7.108.0", "axios": "^1.1.3", "clsx": "^2.0.0", "cmdk": "^0.2.0", diff --git a/yarn.lock b/yarn.lock index 6f50b05ac..4442a5cd5 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2149,35 +2149,46 @@ dependencies: "@daybrush/utils" "^1.4.0" -"@sentry-internal/feedback@7.91.0": - version "7.91.0" - resolved "https://registry.yarnpkg.com/@sentry-internal/feedback/-/feedback-7.91.0.tgz#be09e5aec2959fcf503e2cf78496d5e2d263bc5a" - integrity sha512-SJKTSaz68F5YIwF79EttBm915M2LnacgZMYRnRumyTmMKnebGhYQLwWbZdpaDvOa1U18dgRajDX8Qed/8A3tXw== +"@sentry-internal/feedback@7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry-internal/feedback/-/feedback-7.108.0.tgz#7033352abd304f1383ec47640e056a0dfd5132b7" + integrity sha512-8JcgZEnk1uWrXJhsd3iRvFtEiVeaWOEhN0NZwhwQXHfvODqep6JtrkY1yCIyxbpA37aZmrPc2JhyotRERGfUjg== dependencies: - "@sentry/core" "7.91.0" - "@sentry/types" "7.91.0" - "@sentry/utils" "7.91.0" + "@sentry/core" "7.108.0" + "@sentry/types" "7.108.0" + "@sentry/utils" "7.108.0" -"@sentry-internal/tracing@7.91.0": - version "7.91.0" - resolved "https://registry.yarnpkg.com/@sentry-internal/tracing/-/tracing-7.91.0.tgz#fbb6e1e3383e1eeee08633384e004da73ac1c37d" - integrity sha512-JH5y6gs6BS0its7WF2DhySu7nkhPDfZcdpAXldxzIlJpqFkuwQKLU5nkYJpiIyZz1NHYYtW5aum2bV2oCOdDRA== +"@sentry-internal/replay-canvas@7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry-internal/replay-canvas/-/replay-canvas-7.108.0.tgz#641133c19c0e1c423617b8d791f53d6cd0b0a862" + integrity sha512-R5tvjGqWUV5vSk0N1eBgVW7wIADinrkfDEBZ9FyKP2mXHBobsyNGt30heJDEqYmVqluRqjU2NuIRapsnnrpGnA== dependencies: - "@sentry/core" "7.91.0" - "@sentry/types" "7.91.0" - "@sentry/utils" "7.91.0" + "@sentry/core" "7.108.0" + "@sentry/replay" "7.108.0" + "@sentry/types" "7.108.0" + "@sentry/utils" "7.108.0" -"@sentry/browser@7.91.0": - version "7.91.0" - resolved "https://registry.yarnpkg.com/@sentry/browser/-/browser-7.91.0.tgz#de3b9ae3ca7716a35cfabc97ac376944a67e6e34" - integrity sha512-lJv3x/xekzC/biiyAsVCioq2XnKNOZhI6jY3ZzLJZClYV8eKRi7D3KCsHRvMiCdGak1d/6sVp8F4NYY+YiWy1Q== +"@sentry-internal/tracing@7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry-internal/tracing/-/tracing-7.108.0.tgz#d1e660701fb860cfae72b6ebfa8fb267533421fa" + integrity sha512-zuK5XsTsb+U+hgn3SPetYDAogrXsM16U/LLoMW7+TlC6UjlHGYQvmX3o+M2vntejoU1QZS8m1bCAZSMWEypAEw== dependencies: - "@sentry-internal/feedback" "7.91.0" - "@sentry-internal/tracing" "7.91.0" - "@sentry/core" "7.91.0" - "@sentry/replay" "7.91.0" - "@sentry/types" "7.91.0" - "@sentry/utils" "7.91.0" + "@sentry/core" "7.108.0" + "@sentry/types" "7.108.0" + "@sentry/utils" "7.108.0" + +"@sentry/browser@7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry/browser/-/browser-7.108.0.tgz#b95810bb6572b63781f253615896f5afb1a3a5c0" + integrity sha512-FNpzsdTvGvdHJMUelqEouUXMZU7jC+dpN7CdT6IoHVVFEkoAgrjMVUhXZoQ/dmCkdKWHmFSQhJ8Fm6V+e9Aq0A== + dependencies: + "@sentry-internal/feedback" "7.108.0" + "@sentry-internal/replay-canvas" "7.108.0" + "@sentry-internal/tracing" "7.108.0" + "@sentry/core" "7.108.0" + "@sentry/replay" "7.108.0" + "@sentry/types" "7.108.0" + "@sentry/utils" "7.108.0" "@sentry/cli@^1.77.1": version "1.77.1" @@ -2191,95 +2202,95 @@ proxy-from-env "^1.1.0" which "^2.0.2" -"@sentry/core@7.91.0": - version "7.91.0" - resolved "https://registry.yarnpkg.com/@sentry/core/-/core-7.91.0.tgz#229334d7f03dd5d90a17495e61ce4215ab730b2a" - integrity sha512-tu+gYq4JrTdrR+YSh5IVHF0fJi/Pi9y0HZ5H9HnYy+UMcXIotxf6hIEaC6ZKGeLWkGXffz2gKpQLe/g6vy/lPA== +"@sentry/core@7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry/core/-/core-7.108.0.tgz#a27e8d6f85f59c5730ce86071474f15ac899fde0" + integrity sha512-I/VNZCFgLASxHZaD0EtxZRM34WG9w2gozqgrKGNMzAymwmQ3K9g/1qmBy4e6iS3YRptb7J5UhQkZQHrcwBbjWQ== dependencies: - "@sentry/types" "7.91.0" - "@sentry/utils" "7.91.0" + "@sentry/types" "7.108.0" + "@sentry/utils" "7.108.0" -"@sentry/integrations@7.91.0": - version "7.91.0" - resolved "https://registry.yarnpkg.com/@sentry/integrations/-/integrations-7.91.0.tgz#b0496c9e404783bc433b1d2464d8f9aa180ebc8e" - integrity sha512-LGRfb+WfG3FaWHtDnJIhtupweat0imCQr2z/5SSbQKzqxHhtlaEU+9IExBmBdzq90n4lRBaVQHA3zGuU02uOhg== +"@sentry/integrations@7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry/integrations/-/integrations-7.108.0.tgz#307c61966208f2a126c1a93e712277c8f86a3d3c" + integrity sha512-b/WbK1f3x2rQ4aJJSA4VSwpBXrXFm1Nzrca3Y9qW0MI1wjZEYsDDrh9m6ulLdVBl4YDc2VqYp1COwU/NjuHlog== dependencies: - "@sentry/core" "7.91.0" - "@sentry/types" "7.91.0" - "@sentry/utils" "7.91.0" + "@sentry/core" "7.108.0" + "@sentry/types" "7.108.0" + "@sentry/utils" "7.108.0" localforage "^1.8.1" -"@sentry/nextjs@^7.85.0": - version "7.91.0" - resolved "https://registry.yarnpkg.com/@sentry/nextjs/-/nextjs-7.91.0.tgz#42eb3af10ff230e8a3fe9f0e50cdbac94b7d290e" - integrity sha512-wE83+OTEH4yYnDrhMw9eVEARSfZc6xY5qJb9xyYm5rW3+gVjNQZQaUY+wkM61Xdo0T35BN+7U4T88HbwzGeMqA== +"@sentry/nextjs@^7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry/nextjs/-/nextjs-7.108.0.tgz#31d903d75bbf4b4530046360daff4d51dcf62f53" + integrity sha512-etBrMSLRbNAzozetBeL6D+lR9lRAyHmV7NUBGCX9lQvgmcdxkQa15EX8pIKjsMejZ8xAZNsqYVIByIs67A77rg== dependencies: "@rollup/plugin-commonjs" "24.0.0" - "@sentry/core" "7.91.0" - "@sentry/integrations" "7.91.0" - "@sentry/node" "7.91.0" - "@sentry/react" "7.91.0" - "@sentry/types" "7.91.0" - "@sentry/utils" "7.91.0" - "@sentry/vercel-edge" "7.91.0" + "@sentry/core" "7.108.0" + "@sentry/integrations" "7.108.0" + "@sentry/node" "7.108.0" + "@sentry/react" "7.108.0" + "@sentry/types" "7.108.0" + "@sentry/utils" "7.108.0" + "@sentry/vercel-edge" "7.108.0" "@sentry/webpack-plugin" "1.21.0" chalk "3.0.0" resolve "1.22.8" rollup "2.78.0" stacktrace-parser "^0.1.10" -"@sentry/node@7.91.0": - version "7.91.0" - resolved "https://registry.yarnpkg.com/@sentry/node/-/node-7.91.0.tgz#26bf13c3daf988f9725afd1a3cc38ba2ff90d62a" - integrity sha512-hTIfSQxD7L+AKIqyjoq8CWBRkEQrrMZmA3GSZgPI5JFWBHgO0HBo5TH/8TU81oEJh6kqqHAl2ObMhmcnaFqlzg== +"@sentry/node@7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry/node/-/node-7.108.0.tgz#ed113dc1d39aaae32f7e9f681dcea41cf28eb5f1" + integrity sha512-pMxc9txnDDkU4Z8k2Uw/DPSLPehNtWV3mjJ3+my0AMORGYrXLkJI93tddlE5z/7k+GEJdj1HsOLgxUN0OU+HGA== dependencies: - "@sentry-internal/tracing" "7.91.0" - "@sentry/core" "7.91.0" - "@sentry/types" "7.91.0" - "@sentry/utils" "7.91.0" - https-proxy-agent "^5.0.0" + "@sentry-internal/tracing" "7.108.0" + "@sentry/core" "7.108.0" + "@sentry/types" "7.108.0" + "@sentry/utils" "7.108.0" -"@sentry/react@7.91.0": - version "7.91.0" - resolved "https://registry.yarnpkg.com/@sentry/react/-/react-7.91.0.tgz#620e6ce9452af025d2cc1b2eca3dd1dd730dc439" - integrity sha512-7JH2rWaX3WKHHvBcZQ4f/KnkYIXTf7hMojRFncUwPocdtDlhJw/JUvjAYNpEysixXIgsMes3B32lmtZjGjRhwQ== +"@sentry/react@7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry/react/-/react-7.108.0.tgz#26a50324f6d7a9576f3753c099e7bcd8def94f3c" + integrity sha512-C60arh5/gtO42eMU9l34aWlKDLZUO+1j1goaEf/XRSwUcyJS9tbJrs+mT4nbKxUsEG714It2gRbfSEvh1eXmCg== dependencies: - "@sentry/browser" "7.91.0" - "@sentry/types" "7.91.0" - "@sentry/utils" "7.91.0" + "@sentry/browser" "7.108.0" + "@sentry/core" "7.108.0" + "@sentry/types" "7.108.0" + "@sentry/utils" "7.108.0" hoist-non-react-statics "^3.3.2" -"@sentry/replay@7.91.0": - version "7.91.0" - resolved "https://registry.yarnpkg.com/@sentry/replay/-/replay-7.91.0.tgz#95077868aee3c3cc670affe13156434f858e1755" - integrity sha512-XwbesnLLNtaVXKtDoyBB96GxJuhGi9zy3a662Ba/McmumCnkXrMQYpQPh08U7MgkTyDRgjDwm7PXDhiKpcb03g== +"@sentry/replay@7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry/replay/-/replay-7.108.0.tgz#baa679bd19b4e3729e607d3f84cff5048aeb3415" + integrity sha512-jo8fDOzcZJclP1+4n9jUtVxTlBFT9hXwxhAMrhrt70FV/nfmCtYQMD3bzIj79nwbhUtFP6pN39JH1o7Xqt1hxQ== dependencies: - "@sentry-internal/tracing" "7.91.0" - "@sentry/core" "7.91.0" - "@sentry/types" "7.91.0" - "@sentry/utils" "7.91.0" + "@sentry-internal/tracing" "7.108.0" + "@sentry/core" "7.108.0" + "@sentry/types" "7.108.0" + "@sentry/utils" "7.108.0" -"@sentry/types@7.91.0": - version "7.91.0" - resolved "https://registry.yarnpkg.com/@sentry/types/-/types-7.91.0.tgz#5b68954e08986fecb0d4bef168df58eef62c32c7" - integrity sha512-bcQnb7J3P3equbCUc+sPuHog2Y47yGD2sCkzmnZBjvBT0Z1B4f36fI/5WjyZhTjLSiOdg3F2otwvikbMjmBDew== +"@sentry/types@7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry/types/-/types-7.108.0.tgz#5ceb959c4dabe511fc441fec8c2465f2d624900f" + integrity sha512-bKtHITmBN3kqtqE5eVvL8mY8znM05vEodENwRpcm6TSrrBjC2RnwNWVwGstYDdHpNfFuKwC8mLY9bgMJcENo8g== -"@sentry/utils@7.91.0": - version "7.91.0" - resolved "https://registry.yarnpkg.com/@sentry/utils/-/utils-7.91.0.tgz#3b1a94c053c885877908cd3e1365e3d23e21a73f" - integrity sha512-fvxjrEbk6T6Otu++Ax9ntlQ0sGRiwSC179w68aC3u26Wr30FAIRKqHTCCdc2jyWk7Gd9uWRT/cq+g8NG/8BfSg== +"@sentry/utils@7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry/utils/-/utils-7.108.0.tgz#0231042956aed2ef35809891592238530349dfd9" + integrity sha512-a45yEFD5qtgZaIFRAcFkG8C8lnDzn6t4LfLXuV4OafGAy/3ZAN3XN8wDnrruHkiUezSSANGsLg3bXaLW/JLvJw== dependencies: - "@sentry/types" "7.91.0" + "@sentry/types" "7.108.0" -"@sentry/vercel-edge@7.91.0": - version "7.91.0" - resolved "https://registry.yarnpkg.com/@sentry/vercel-edge/-/vercel-edge-7.91.0.tgz#df67ee39d10570b71eccf831a181c064974d62b1" - integrity sha512-CounqhXPwFh67zf6L/q4ACBHHqknT6YY9LdgIAnUd0GGgHzrJPyKcthvh8Je4lNdpo5LFg2gnR+6g6JS8DDYDQ== +"@sentry/vercel-edge@7.108.0": + version "7.108.0" + resolved "https://registry.yarnpkg.com/@sentry/vercel-edge/-/vercel-edge-7.108.0.tgz#c5ca35094bc46029ec5a72f7ee09fd3705582baa" + integrity sha512-dUuUEswaVIzsJnzTfaJxrvkfOowrlJxxHo2AybPDym2rob7CdaLdDJIYJa83X7QeAKMkTgLny/gYSQYC0E4UyA== dependencies: - "@sentry-internal/tracing" "7.91.0" - "@sentry/core" "7.91.0" - "@sentry/types" "7.91.0" - "@sentry/utils" "7.91.0" + "@sentry-internal/tracing" "7.108.0" + "@sentry/core" "7.108.0" + "@sentry/types" "7.108.0" + "@sentry/utils" "7.108.0" "@sentry/webpack-plugin@1.21.0": version "1.21.0" From a1369311685bd00aa1173dfad1402e0c9ade7678 Mon Sep 17 00:00:00 2001 From: sriram veeraghanta Date: Tue, 26 Mar 2024 19:40:48 +0530 Subject: [PATCH 2/6] fix: codeql workflow push and pull request chanages --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index a858bcc59..d7b94d245 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -3,7 +3,7 @@ name: "CodeQL" on: workflow_dispatch: push: - branches: ["master"] + branches: ["develop", "preview", "master"] pull_request: branches: ["develop", "preview", "master"] schedule: From f3d9053d81727a2e5a2a13659d2dd7546de42425 Mon Sep 17 00:00:00 2001 From: sriram veeraghanta Date: Tue, 26 Mar 2024 19:43:22 +0530 Subject: [PATCH 3/6] fix: unsafe external link fixes --- .../invitations/project_invitation.html | 2146 ++++++++++++++--- 1 file changed, 1806 insertions(+), 340 deletions(-) diff --git a/apiserver/templates/emails/invitations/project_invitation.html b/apiserver/templates/emails/invitations/project_invitation.html index 630a5eab3..def576601 100644 --- a/apiserver/templates/emails/invitations/project_invitation.html +++ b/apiserver/templates/emails/invitations/project_invitation.html @@ -1,349 +1,1815 @@ - - - - - - - {{ first_name }} invited you to join {{ project_name }} on Plane - - - - - - - - + + + + - - - - - - + + + + + + From 4c46b075b44480a87e2ec8ce7fc20fcb6dda0506 Mon Sep 17 00:00:00 2001 From: Nikhil <118773738+pablohashescobar@users.noreply.github.com> Date: Tue, 26 Mar 2024 19:48:52 +0530 Subject: [PATCH 4/6] fix: module endpoint validations (#4071) --- apiserver/plane/app/views/module/base.py | 75 ++++++++++--------- .../plane/app/views/workspace/estimate.py | 9 +-- 2 files changed, 42 insertions(+), 42 deletions(-) diff --git a/apiserver/plane/app/views/module/base.py b/apiserver/plane/app/views/module/base.py index 7769aee3f..3fe3a078a 100644 --- a/apiserver/plane/app/views/module/base.py +++ b/apiserver/plane/app/views/module/base.py @@ -1,54 +1,57 @@ # Python imports import json -# Django Imports -from django.utils import timezone -from django.db.models import ( - Prefetch, - F, - OuterRef, - Exists, - Count, - Q, - Func, - Subquery, - IntegerField, -) from django.contrib.postgres.aggregates import ArrayAgg from django.contrib.postgres.fields import ArrayField -from django.db.models import Value, UUIDField +from django.db.models import ( + Count, + Exists, + F, + Func, + IntegerField, + OuterRef, + Prefetch, + Q, + Subquery, + UUIDField, + Value, +) from django.db.models.functions import Coalesce +# Django Imports +from django.utils import timezone +from rest_framework import status + # Third party imports from rest_framework.response import Response -from rest_framework import status -# Module imports -from .. import BaseViewSet, BaseAPIView, WebhookMixin -from plane.app.serializers import ( - ModuleWriteSerializer, - ModuleSerializer, - ModuleLinkSerializer, - ModuleFavoriteSerializer, - ModuleUserPropertiesSerializer, - ModuleDetailSerializer, -) from plane.app.permissions import ( ProjectEntityPermission, ProjectLitePermission, ) -from plane.db.models import ( - Module, - ModuleIssue, - Project, - Issue, - ModuleLink, - ModuleFavorite, - ModuleUserProperties, +from plane.app.serializers import ( + ModuleDetailSerializer, + ModuleFavoriteSerializer, + ModuleLinkSerializer, + ModuleSerializer, + ModuleUserPropertiesSerializer, + ModuleWriteSerializer, ) from plane.bgtasks.issue_activites_task import issue_activity +from plane.db.models import ( + Issue, + Module, + ModuleFavorite, + ModuleIssue, + ModuleLink, + ModuleUserProperties, + Project, +) from plane.utils.analytics_plot import burndown_plot +# Module imports +from .. import BaseAPIView, BaseViewSet, WebhookMixin + class ModuleViewSet(WebhookMixin, BaseViewSet): model = Module @@ -392,9 +395,11 @@ class ModuleViewSet(WebhookMixin, BaseViewSet): "completion_chart": {}, } - if queryset.first().start_date and queryset.first().target_date: + # Fetch the modules + modules = queryset.first() + if modules and modules.start_date and modules.target_date: data["distribution"]["completion_chart"] = burndown_plot( - queryset=queryset.first(), + queryset=modules, slug=slug, project_id=project_id, module_id=pk, diff --git a/apiserver/plane/app/views/workspace/estimate.py b/apiserver/plane/app/views/workspace/estimate.py index 8ca24efd7..59a23d867 100644 --- a/apiserver/plane/app/views/workspace/estimate.py +++ b/apiserver/plane/app/views/workspace/estimate.py @@ -3,15 +3,10 @@ from rest_framework import status from rest_framework.response import Response # Module imports +from plane.app.permissions import WorkspaceEntityPermission from plane.app.serializers import WorkspaceEstimateSerializer from plane.app.views.base import BaseAPIView -from plane.db.models import Project, Estimate -from plane.app.permissions import WorkspaceEntityPermission - -# Django imports -from django.db.models import ( - Prefetch, -) +from plane.db.models import Estimate, Project from plane.utils.cache import cache_response From 30cee781702a4354ad1fd44d5e23a74e26d380b1 Mon Sep 17 00:00:00 2001 From: Nikhil <118773738+pablohashescobar@users.noreply.github.com> Date: Tue, 26 Mar 2024 20:38:25 +0530 Subject: [PATCH 5/6] dev: fix api security error (#4072) --- apiserver/plane/api/serializers/issue.py | 31 ++++++++++++------------ 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/apiserver/plane/api/serializers/issue.py b/apiserver/plane/api/serializers/issue.py index b8f194b32..c78b109ef 100644 --- a/apiserver/plane/api/serializers/issue.py +++ b/apiserver/plane/api/serializers/issue.py @@ -1,32 +1,33 @@ -from lxml import html +from django.core.exceptions import ValidationError +from django.core.validators import URLValidator # Django imports from django.utils import timezone -from django.core.validators import URLValidator -from django.core.exceptions import ValidationError +from lxml import html # Third party imports from rest_framework import serializers # Module imports from plane.db.models import ( - User, Issue, - State, + IssueActivity, IssueAssignee, - Label, + IssueAttachment, + IssueComment, IssueLabel, IssueLink, - IssueComment, - IssueAttachment, - IssueActivity, + Label, ProjectMember, + State, + User, ) + from .base import BaseSerializer -from .cycle import CycleSerializer, CycleLiteSerializer -from .module import ModuleSerializer, ModuleLiteSerializer -from .user import UserLiteSerializer +from .cycle import CycleLiteSerializer, CycleSerializer +from .module import ModuleLiteSerializer, ModuleSerializer from .state import StateLiteSerializer +from .user import UserLiteSerializer class IssueSerializer(BaseSerializer): @@ -79,7 +80,7 @@ class IssueSerializer(BaseSerializer): data["description_html"] = parsed_str except Exception as e: - raise serializers.ValidationError(f"Invalid HTML: {str(e)}") + raise serializers.ValidationError("Invalid HTML passed") # Validate assignees are from project if data.get("assignees", []): @@ -294,7 +295,7 @@ class IssueLinkSerializer(BaseSerializer): raise serializers.ValidationError("Invalid URL format.") # Check URL scheme - if not value.startswith(('http://', 'https://')): + if not value.startswith(("http://", "https://")): raise serializers.ValidationError("Invalid URL scheme.") return value @@ -366,7 +367,7 @@ class IssueCommentSerializer(BaseSerializer): data["comment_html"] = parsed_str except Exception as e: - raise serializers.ValidationError(f"Invalid HTML: {str(e)}") + raise serializers.ValidationError("Invalid HTML passed") return data From 9249e6d5b9e66f28603b1e440104a91df87cac20 Mon Sep 17 00:00:00 2001 From: Anmol Singh Bhatia <121005188+anmolsinghbhatia@users.noreply.github.com> Date: Tue, 26 Mar 2024 20:38:54 +0530 Subject: [PATCH 6/6] [WEB-849] fix: issue detail identifier and workspace settings (#4073) * fix: issue detail identifier * fix: workspace settings user role validation --- web/components/issues/issue-update-status.tsx | 5 +++-- web/layouts/settings-layout/workspace/sidebar.tsx | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/web/components/issues/issue-update-status.tsx b/web/components/issues/issue-update-status.tsx index 277404dfa..a3a8ca83b 100644 --- a/web/components/issues/issue-update-status.tsx +++ b/web/components/issues/issue-update-status.tsx @@ -1,4 +1,5 @@ import React from "react"; +import { observer } from "mobx-react"; import { RefreshCw } from "lucide-react"; import { TIssue } from "@plane/types"; // types @@ -9,7 +10,7 @@ type Props = { issueDetail?: TIssue; }; -export const IssueUpdateStatus: React.FC = (props) => { +export const IssueUpdateStatus: React.FC = observer((props) => { const { isSubmitting, issueDetail } = props; // hooks const { getProjectById } = useProject(); @@ -33,4 +34,4 @@ export const IssueUpdateStatus: React.FC = (props) => { ); -}; +}); diff --git a/web/layouts/settings-layout/workspace/sidebar.tsx b/web/layouts/settings-layout/workspace/sidebar.tsx index d6cb77cf9..f49eb84d9 100644 --- a/web/layouts/settings-layout/workspace/sidebar.tsx +++ b/web/layouts/settings-layout/workspace/sidebar.tsx @@ -1,4 +1,5 @@ import React from "react"; +import { observer } from "mobx-react"; import Link from "next/link"; import { useRouter } from "next/router"; // hooks @@ -6,7 +7,7 @@ import { EUserWorkspaceRoles, WORKSPACE_SETTINGS_LINKS } from "@/constants/works import { useUser } from "@/hooks/store"; // constants -export const WorkspaceSettingsSidebar = () => { +export const WorkspaceSettingsSidebar = observer(() => { // router const router = useRouter(); const { workspaceSlug } = router.query; @@ -44,4 +45,4 @@ export const WorkspaceSettingsSidebar = () => { ); -}; +});