vvzvlad/gitmost
1
0
Fork 0
Code Issues 14 Pull Requests 12 Packages Projects Releases Activity
Files
34a210b257c7927bf6107c820b2d7b4db245c2a4
gitmost/CHANGELOG.md
claude_code 34a210b257 fix(offline,server,docs): apply PR #116 review findings to offline-sync 
Carries the still-applicable findings from the PR #116 review into PR #120,
since #120 includes the mobile-bootstrap commit. CORS hardening (removing the
unconditional localhost/capacitor origins) is intentionally left out of scope.

Service worker routing (latent bug fix + testability):
- vite.config.ts: anchor Workbox path matching to a segment boundary
  (^/<seg>(/|$)) instead of startsWith, so siblings like /apidocs,
  /collaborators, /socket.iox are no longer mis-routed as API/realtime and
  forced NetworkOnly; align navigateFallbackDenylist with the same anchors.
- new apps/client/src/pwa/sw-strategy.ts holds the canonical predicates
  (isApiPath, isCollabOrSocketPath) + unit tests; the vite.config regexes
  mirror it inline (Workbox generateSW serializes urlPattern fns standalone,
  so they cannot import the module).

Server CORS (R1 extraction + coverage):
- extract buildCorsAllowlist / isOriginAllowed into cors.util.ts with unit
  tests (evil-origin rejected, WebView/no-Origin allowed); main.ts rewired to
  use them with byte-for-byte identical behavior.

Privacy — clear offline cache on logout:
- new clear-offline-cache.ts purges the persisted query cache
  (idb-keyval gitmost-rq-cache), the Yjs page.* IndexedDB databases, and the
  service-worker api-get-cache; wired into handleLogout (best-effort, before
  the redirect) so a previous user's private data does not linger locally.

Conventions & docs:
- prettier fixes on main.ts and login.dto.ts.
- CHANGELOG: document offline reading, returnToken opt-in, optional Swagger,
  new env vars, logout cache-clear, and the CORS open->allowlist breaking
  change.
- docs/mobile-app-plan.md: correct the now-false §2.4 claims and update the
  §12 checklist (native cap add ios left unchecked — generated locally,
  gitignored).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-21 19:11:40 +03:00

7.1 KiB
Raw Blame History

Changelog

All notable changes to this project are documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Releases prior to 0.91.0 predate this changelog; see the git tags for earlier history.

Unreleased

Added

  • Admin-only "Analytics / tracker" workspace setting: a raw HTML/JS snippet injected into the <head> of public share pages only (for analytics such as Google Analytics or Yandex.Metrika).
  • Offline reading support: opened pages, their sidebar tree, breadcrumb children, and comments are cached in IndexedDB (TanStack Query persister plus y-indexeddb for the page's Yjs document), and a PWA service worker (vite-plugin-pwa) serves an app shell so previously opened pages stay readable offline.
  • returnToken opt-in on login: native/mobile clients can request the access JWT in the response body (data.authToken) in addition to the httpOnly cookie; the web client stays cookie-only.
  • Optional OpenAPI/Swagger UI at /api/docs, gated by the SWAGGER_ENABLED env var (off by default), to speed up typed mobile-client generation.
  • New environment variables: CORS_ALLOWED_ORIGINS, SWAGGER_ENABLED, and CAP_SERVER_URL (see .env.example).
  • The offline cache (persisted query cache, Yjs page documents, and the service-worker API cache) is cleared on logout so a previous user's private data does not remain in the browser.

Changed

  • HTML embed blocks now render inside a sandboxed iframe (separate origin) and, when the workspace HTML-embed toggle is on, can be inserted by any member (previously admin-only). Turning the toggle off hides existing embeds and stops serving them on public share pages.
  • Remove the server-side role-based stripping of HTML-embed blocks from the write paths (collab/REST/MCP, page create/duplicate, import, transclusion unsync); sandboxing makes per-write gating unnecessary. The only remaining server-side strip is the public-share read path, which still honors the workspace HTML-embed toggle.

Breaking Changes

  • CORS is now an explicit allowlist (replaces the previous unconfigured app.enableCors()). The same-origin web client is unaffected, but any separately-hosted cross-domain client must now be listed in CORS_ALLOWED_ORIGINS (native Capacitor/Ionic/localhost WebView origins are allowed automatically). Requests with no Origin header (server-to-server) are still allowed.
  • MCP shared-token auth moved to its own header. The /mcp shared guard no longer reads Authorization: Bearer <MCP_TOKEN>; it now reads only the X-MCP-Token header. Existing MCP clients (e.g. Claude Desktop) configured with Authorization: Bearer <MCP_TOKEN> must be reconfigured to send X-MCP-Token: <MCP_TOKEN> instead. The Authorization header is now reserved for per-user HTTP Basic / Bearer access JWT credentials. See MCP_TOKEN in .env.example. As a one-time aid, the server logs a single migration warning when it sees the old-style header.

0.91.0 - 2026-06-18

Gitmost is a community-focused fork of Docmost. This release drops the Enterprise-Edition code paths and introduces the in-app AI agent chat, a RAG knowledge layer, an embedded MCP server, and the Gitmost rebrand.

Breaking Changes

  • Remove all frontend Enterprise-Edition code — the project now builds as a pure community edition.
  • AI agent: drop the updateComment tool from the agent toolset.

Added

  • AI agent chat: per-user in-app AI agent with a floating chat window. Includes live streaming responses, open-page context awareness, a typing indicator, a Stop control, and copy/export of a conversation as Markdown.
  • AI agent write tools & provenance: reversible write tools (page create/update/move/soft-delete, comment reply/resolve) enforced by Docmost CASL, plus non-spoofable agent provenance signed into access/collab tokens and recorded on pages and comments. No permanent/force delete.
  • RAG knowledge retrieval: workspace bulk reindex with a manual "Reindex now" action, hybrid RRF retrieval with heading-breadcrumb chunks and a merged search tool, dimension-agnostic embeddings, and RAG indexing coverage shown in AI settings.
  • MCP: embedded community MCP server served at /mcp; an admin UI to list/add/edit/delete external MCP servers with per-server enable toggle, Test, write-only auth headers, a tool allowlist, and a Tavily preset; insert_image/ replace_image can now fetch sources from web URLs.
  • AI configuration: dedicated AI provider settings with separate base URL and API key for the chat vs. embedding model, and per-endpoint test buttons.
  • Branding: Gitmost logo, favicon, and app name.
  • Collaboration: comment resolution for the community build; agent edits are separated from human edits in page history.
  • Editor / client: page-tree open/closed state is persisted per workspace+user; the brand logo shows the current git describe version.

Changed

  • Move AI settings to a dedicated /settings/ai page and redesign it with per-endpoint test buttons.
  • edit_page_text now returns verifiable mutation results and refuses formatting-only edits; the agent tolerates Markdown in edit_page_text/insert_node locators.
  • Compact large tool outputs before persisting them.
  • Reduce the chat window corner radius, shrink the chat message font size, and shrink the default page-tree indentation from 16px to 8px.

Fixed

  • AI chat: stable streaming store id so optimistic and streamed messages render immediately; provider errors stay visible and surface the real provider status/message; the composer draft survives the new-chat id-adoption remount; the workspace AI-chat enable toggle is restored for self-hosted.
  • AI providers: use OpenAI Chat Completions for multi-turn requests; self-heal the stored provider settings JSON; drop the hard output-token cap that truncated complex tool calls.
  • RAG: make the indexer observable and bound hung embedding calls; stop the coverage bar from sticking below 100% on empty pages.
  • Collaboration: use - instead of : in the agent page-history job id.
  • Accessibility fixes (#2275) and table jitter on the edit/read toggle (#2252).

Removed

  • Non-functional DOCX / PDF / Confluence import buttons.

Documentation

  • README: rebrand to the Gitmost fork with EE-free positioning, an MCP comparison, a grouped roadmap, a Russian translation, a "Migration from Docmost" section, and AI agent chat documentation.
  • Add plans for mobile app, voice dictation, arbitrary HTML/CSS/JS embeds, and offline sync & PWA.

Internal

  • Add .claude/worktrees/ to .gitignore.
  • CI: add a develop workflow with workflow_dispatch; ignore cache errors in the develop and release builds.
  • Build: drop the private EE submodule, retarget CI to GHCR, and update the Docker image to the GHCR registry.
Reference in New Issue View Git Blame Copy Permalink