Single Tenant #1

jacobhrussell · 2025-12-11T04:53:06Z

add env variable to disable multi-tenancy
fix typo
refactor
refactor: tenant config might be better in a separate concern
fix linting
refactor: use MULTI_TENANT env variable, model concern instead of controller (#accepting_signups?)
Fixing Lexxy prompt menu spacing
Rails seeded parallel tests (Rails seeded parallel tests basecamp/fizzy#2037)
Bump Rails to current ast-immediate-variants-process-locally branch
Add blank slate to the main menu
Allow chromium unstable endpoint
Remove semver-major-days from Dependabot on GH actions
allow configuring Active Storage service and add AWS S3 definition
Update config/environments/production.rb
rename Active Storage service to s3 and add checksum env
Don't overwrite storage service from engine
Add API to boards
Add access token authentication via HTTP AUTHORIZATION bearer header
Test the boards API
API index for cards
Correct
Tie access token directly to session
Add developer section to user profile
List, create, and revoke access tokens
Authenticate api requests without needing a session
Drop the need for access tokens to have a session
Handle everything in the same method
Inline now anemic helper methods
Clarify
The magic of it is not needing to manually yield it!
This had gotten stripped
Smooth out the finder API
Access tokens are strictly personal
Inline anemic partial
Only allow new token to be viewed within 10 seconds
Polish
Awaiting JZ's design
Only allow writing when the access token has permission
Allow API JSON requests to sidestep csrf protection
Creating a new board will return the location header
Return json URLs for API actions
Create cards via API
Design show view
Complete the view transition loop
Use built-in authenticate_or_request_with_http_token
Add API support for users
Add top-level API index support for tags
Excess whitespace
Only authenticate with bearer token if the header is present
Compact
Publish any API card as soon as it is created
Include card description and tags
Fix quoting
Add an /identity.json endpoint to obtain the identity accounts and users
Fix identity tests
Fix Current not setting a session in some contexts
Move tests into their controller tests
Add card update & delete actions
Add API for assigning cards
Add API for mobing cards between boards
Add API for closing and opening cards
Add API for comments CRUD
Add API for gilding cards
Add API for removing card images
Add API for postponing cards
Add API for CRUD actions on steps
Add API for tagging cards
Add API for card triage
Add API for watching cards
Add API for reactions
Add API for columns
Add API for updating and deactivating users
Replace external_account_id with slug
Add pagination to most places and fix cards pagination
Add API for creating and updating boards
Add API for reading notifications
Lower the number of returned unread notifications
Ignore documentation in Docker images
Document notifications endpoints
Document users API endpoints
Add detailed guide for creating access tokens
Add steps to cards
Document Card-related APIs
Add index actions for Comments and Columns
Move the tags section close to the cards
Remove endpoints section
Add cache directives
Remove composite cache key
Handle user update failures
Remove redundant respond_to
Return no content on update
Move Identities to My::Identities
Inline partials
Rename /identity to /my/identity in docs
Add validation for the join code usage limit
Escape the names used to generate system comments
Avoid unescaping characters when auto-linking
Autolinking is more robust
In non-SaaS, run jobs in container by default
Fix status and filter mistakes
Fix crash due to missing partial
Improve phrasing
Fix Lexxy prompt list padding by lowering rich-text specificity
Revert "Fix Lexxy prompt list padding by lowering rich-text specificity"
Make labels for webhook switches clickable
Make board publication switch icons clickable
(Optional) Simpler hint
Fix label text wrapping on narrow screens
Cleanup
Cleanup
Don't use IDs, wrap input inside label instead
Cleanup: apply classes to <form>, remove extra div
Add cursor-pointer utility and apply to icon labels
Try using cursor-pointer on text labels
make MySQL SSL mode configurable via env var (Make MySQL SSL mode configurable via env var basecamp/fizzy#2036)
Bump sigstore/cosign-installer from 3.9.2 to 4.0.0 (Bump sigstore/cosign-installer from 3.9.2 to 4.0.0 basecamp/fizzy#2044)
Bump docker/metadata-action from 5.8.0 to 5.10.0 (Bump docker/metadata-action from 5.8.0 to 5.10.0 basecamp/fizzy#2045)
Bump docker/login-action from 3.5.0 to 3.6.0 (Bump docker/login-action from 3.5.0 to 3.6.0 basecamp/fizzy#2046)
Bump actions/checkout from 4 to 6 (Bump actions/checkout from 4 to 6 basecamp/fizzy#2047)
Get gitleaks-audit green again
Gitleaks: ignore legit non-sensitive API keys and tokens in docs/ and test/ (Gitleaks: ignore legit non-sensitive API keys and tokens in docs/ and test/ basecamp/fizzy#2068)
merge conflict
CSP: full config with env vars per source (CSP: full config with env vars per source basecamp/fizzy#2069)
Enforce CSP (Enforce CSP basecamp/fizzy#2070)

…troller (#accepting_signups?)

Enable work stealing by default for a tiny speedup at the cost of small loss in reproducibility. References rails/rails#56175

Co-authored-by: Alex Ghiculescu <[email protected]>

We need to present them differently in the session list and prevent them from being deleted

which could lead to Nokogiri unintentionally parsing tags from a previously-escaped text node.

and handles URLs with CGI params, recognizes more (and multiple) trailing punctuation marks including entity-encoded punctuation like `"`.

This reverts commit 31fec69.

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.9.2 to 4.0.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@v3.9.2...v4.0.0) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.8.0 to 5.10.0. - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@v5.8.0...v5.10.0) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-version: 5.10.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/login-action](https://github.com/docker/login-action) from 3.5.0 to 3.6.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v3.5.0...v3.6.0) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 3.6.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

… test/ (basecamp#2068)

* Configure all sources with CSP_* vars. Space separated source list. * Fall back to `config.x.content_security_policy.*` * Move our sources to fizzy-saas References basecamp/fizzy-saas#24

harisadam and others added 30 commits December 9, 2025 15:40

add env variable to disable multi-tenancy

0780b51

fix typo

fec93e2

refactor

bec6036

refactor: tenant config might be better in a separate concern

ab5a5c4

fix linting

64ca9e5

refactor: use MULTI_TENANT env variable, model concern instead of con…

eb8655d

…troller (#accepting_signups?)

Fixing Lexxy prompt menu spacing

331ae3c

Rails seeded parallel tests (basecamp#2037)

78a4d27

Enable work stealing by default for a tiny speedup at the cost of small loss in reproducibility. References rails/rails#56175

Bump Rails to current ast-immediate-variants-process-locally branch

bbe6ac0

Add blank slate to the main menu

cc64c14

Allow chromium unstable endpoint

0d137f6

Remove semver-major-days from Dependabot on GH actions

d840a0b

allow configuring Active Storage service and add AWS S3 definition

b567848

Update config/environments/production.rb

4cd9d5d

Co-authored-by: Alex Ghiculescu <[email protected]>

rename Active Storage service to s3 and add checksum env

30edeb6

Don't overwrite storage service from engine

db095cd

Add API to boards

110b9f5

Add access token authentication via HTTP AUTHORIZATION bearer header

6820630

Test the boards API

e3c72c7

API index for cards

1ade22a

Correct

330b15b

Tie access token directly to session

8f626fd

We need to present them differently in the session list and prevent them from being deleted

Add developer section to user profile

cfb494a

List, create, and revoke access tokens

45d2d8d

Authenticate api requests without needing a session

3fded9e

Drop the need for access tokens to have a session

a18d349

Handle everything in the same method

b91daaa

Inline now anemic helper methods

b56ec33

Clarify

22a50a8

The magic of it is not needing to manually yield it!

9ef3fd2

flavorjones and others added 28 commits December 10, 2025 22:50

Avoid unescaping characters when auto-linking

fc57b81

which could lead to Nokogiri unintentionally parsing tags from a previously-escaped text node.

Autolinking is more robust

5ce96f5

and handles URLs with CGI params, recognizes more (and multiple) trailing punctuation marks including entity-encoded punctuation like `"`.

In non-SaaS, run jobs in container by default

ae34e9c

Fix status and filter mistakes

19111d9

Fix crash due to missing partial

da2d101

Improve phrasing

94b37b5

Fix Lexxy prompt list padding by lowering rich-text specificity

216a54a

Revert "Fix Lexxy prompt list padding by lowering rich-text specificity"

3edcd19

This reverts commit 31fec69.

Make labels for webhook switches clickable

c62795b

Make board publication switch icons clickable

5343a8c

(Optional) Simpler hint

e9a3700

Fix label text wrapping on narrow screens

2c2a665

Cleanup

205d520

Cleanup

3aaa2ae

Don't use IDs, wrap input inside label instead

debcc18

Cleanup: apply classes to <form>, remove extra div

1c3bfa4

Add cursor-pointer utility and apply to icon labels

fd54924

Try using cursor-pointer on text labels

cc85c16

make MySQL SSL mode configurable via env var (basecamp#2036)

0be979c

Get gitleaks-audit green again

2610e05

Gitleaks: ignore legit non-sensitive API keys and tokens in docs/ and…

c917b23

… test/ (basecamp#2068)

merge conflict

c34329e

CSP: full config with env vars per source (basecamp#2069)

c92e671

* Configure all sources with CSP_* vars. Space separated source list. * Fall back to `config.x.content_security_policy.*` * Move our sources to fizzy-saas References basecamp/fizzy-saas#24

Enforce CSP (basecamp#2070)

d0a28ed

jacobhrussell closed this Dec 11, 2025

jacobhrussell deleted the single_tenant branch December 11, 2025 05:04

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Single Tenant #1

Single Tenant #1

Uh oh!

jacobhrussell commented Dec 11, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

15 participants

Single Tenant #1

Single Tenant #1

Uh oh!

Conversation

jacobhrussell commented Dec 11, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

15 participants