[pull] main from calendso:main #313
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* chore: deploy api v2 on vercel * fix: replace console.log with logger.log in Vercel handler Address Cubic AI review feedback to use the logging framework consistently instead of console.log in the serverless handler. Co-Authored-By: unknown <> * chore: enable esModuleInterop * chore: deploy api v2 on vercel * chore: deploy api v2 on vercel * Update apps/api/v2/src/bootstrap.ts Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com> * fixup! Merge branch 'main' into deploy-api-v2-vercel * Revert "chore: deploy api v2 on vercel" This reverts commit 45c704a. * chore: deploy api v2 on vercel * fix: address Cubic AI review feedback in main.ts - Replace console.log with logger.log for consistent logging - Replace console.error with logger.error for consistent error logging - Restore comma: true option in qs.parse to support comma-separated arrays Co-Authored-By: unknown <> * fix: remove comma: true from qs.parse to maintain backward compatibility The main branch does not have comma: true in the query parser, so adding it would be a breaking change for existing API consumers. Removing it to maintain consistency with the current production behavior. Co-Authored-By: unknown <> * chore: deploy api v2 on vercel * small fixes * chore: add try catch around bootstrap.ts * fix: use NestJS Logger and throw error instead of process.exit in bootstrap - Replace console.error with logger.error for consistent logging - Replace process.exit(1) with throw error to avoid breaking Vercel serverless instance reuse Addresses Cubic AI review feedback (confidence 10/10 for both issues) Co-Authored-By: unknown <> * chore: try log redis url * fix: sanitize REDIS_URL logging to avoid exposing credentials Replace full REDIS_URL logging with a boolean check that only indicates whether Redis is configured, without exposing the connection string. Addresses Cubic AI review feedback (confidence 9/10) Co-Authored-By: unknown <> * chore: remove unnecessary logs * fix: prisma adapter * chore: handle USE_POOL platform libraries * fix: use JSON.stringify for Vite define value Wrap usePool with JSON.stringify() to properly serialize the string value. Without this, Vite injects the raw value as an identifier instead of a string literal, breaking runtime behavior. Addresses Cubic AI review feedback (confidence 9/10) Co-Authored-By: unknown <> * fix: docker file builds * fix: correct Dockerfile build order for platform packages Reorder builds to match the dependency graph from dev:build script: constants → enums → utils → types → libraries → trpc → api-v2 platform-libraries depends on the other platform packages, so they must be built first. Addresses Cubic AI review feedback (confidence 9/10) Co-Authored-By: unknown <> * fix: docker file builds * chore: add docker build * chore: upgrade nest/bull --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
) * feat: add tri-state UI settings pages and auto opt-in preference TASK 5: Tri-state UI with ToggleGroup - Create shared TeamOrgFeaturesSettings component - Create user features settings page (features-view.tsx) - Create team features settings page - Create org features settings page TASK 6: Add auto opt-in preference - Add autoOptInExperimentalFeatures field to User and Team models - Add migration for new fields - Add TRPC endpoints for auto opt-in preference (using repository pattern) - Add auto opt-in checkboxes to settings pages Also adds i18n keys for feature opt-in UI. Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> refactor: rename autoOptInExperimentalFeatures to autoOptInFeatures Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> refactor: apply PBAC procedure pattern to featureOptIn router - Create createTeamPbacProcedure for team-scoped endpoints - Create createOrgPbacProcedure for organization-scoped endpoints - Refactor all team/org endpoints to use the new PBAC procedures - Significantly reduces boilerplate code for permission checks Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> add features pages implement hooks update style update style rename slug to featureId show Features page on the side bar only if OPT_IN_FEATURES.length > 0 revert unncessary renaming revert some changes remove some changes * fix repository usage * test: add unit tests for PBAC utility procedures Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * feat: add 'disabled by organization' badge for Team Level Features page Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * a little clean up * feat: add effectiveReason to computeEffectiveStateAcrossTeams for better UI feedback - Update computeEffectiveStateAcrossTeams to return both enabled state and reason - Add EffectiveStateReason type with 6 possible values - Update FeatureOptInService to include effectiveReason in resolved state - Simplify useUserFeatureOptIn.getBlockedWarning to use effectiveReason directly - Add feature_no_explicit_enablement_warning translation - Invalidate feature list when auto-opt-in setting changes in all hooks * test: add tests for FeatureOptInService.listFeaturesForTeam and refactor router to use TeamRepository Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * make it clearer about auto opt in * move hooks to apps/web/module * fix * fix: move types to packages/features/feature-opt-in, fix imports and test mocks - Move types.ts from apps/web/modules/feature-opt-in/hooks to packages/features/feature-opt-in - Update FeaturesSettings.tsx to import types from new location - Update hooks to import types from @calcom/features/feature-opt-in/types - Fix organization features-view import path (~/settings/organizations -> ~/ee/organizations) - Fix PermissionCheckService mock in util.test.ts to use class syntax Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: add validation for team ID and remove isPublic from featureOptIn handler Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: resolve biome lint errors in feature-opt-in files - Add explicit return types to functions and methods - Replace ternary operators with if-else statements - Replace forEach with for...of loops to avoid useIterableCallbackReturn - Extract helper functions to reduce function complexity - Add explicit type annotations to variables - Move exports to end of file to satisfy useExportsLast rule Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: resolve type errors in featureOptIn router - Replace ctx.organizationId with ctx.user.organization.id - Add null checks for organizationId in org procedures - Remove incorrect type annotation from featureOptInRouter Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: address PR feedback on feature opt-in implementation - Refactor createMutationCallbacks to useMutationCallbacks hook with useLocale internally - Restore comment on featureOptIn prop in FeaturesSettings.tsx - Revert getAllTeamIds helper, use ternary operator instead - Use ctx.user.organizationId with proper guard clauses Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix type error * feat: disable toggle when feature is blocked by higher level - Add isBlockedByHigherLevel function to UseFeatureOptInResult interface - Implement blocking detection for user level (org/team disabled) - Implement blocking detection for team level (org disabled) - Organization level never blocked (top level) - Update FeaturesSettings to disable ToggleGroup when blocked Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * change order of toggle buttons * feat: add policy field (permissive/strict) to feature opt-in config - Add OptInFeaturePolicy type with 'permissive' and 'strict' modes - Update computeEffectiveStateAcrossTeams to handle both policies: - Permissive: user opt-in can activate; disables only win if ALL teams disable - Strict: user opt-in alone not enough; ANY explicit disable blocks - Add new EffectiveStateReason values for strict policy - Update FeatureOptInService to read policy from config - Add unit tests for all 9 policy scenarios from spec Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: rewrite test file with scenario tables and make policy required Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix type * fix types * make policy required * disable toggle group if blocked by higher level * refactor: move PBAC procedures to packages/trpc/server/procedures - Move util.ts to pbacProcedures.ts in procedures folder for better reusability - Move util.test.ts to pbacProcedures.test.ts alongside the main file - Update imports in _router.ts to use new location Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: remove redundant null checks in featureOptIn router The createOrgPbacProcedure middleware already validates organizationId and throws if null. Use non-null assertion (!) instead of redundant runtime checks since the middleware guarantees the value exists. Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: improve middleware typing to avoid non-null assertions Remove explicit return type from createOrgPbacProcedure to let TypeScript infer the extended context type. This allows handlers to use ctx.organizationId directly (typed as number) instead of ctx.user.organizationId! assertions. The middleware validates organizationId and adds it to the context, so downstream handlers can safely access ctx.organizationId as a number. Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * feat(pbac): use featureOptIn permissions instead of generic team/org permissions Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * feat(pbac): add PBAC to team features page and pass canEdit to views Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: add effectiveReason to IFeatureOptInService and update listFeaturesForTeam interface Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: add feature_any_team_disabled to isUserBlockedByHigherLevel check Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: add strict-policy reasons to warning helper function Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
The AES256 encryption used for 2FA requires exactly 32 bytes. The previous command `openssl rand -base64 32` generates a 44-character base64 string (32 bytes encoded in base64), which is too long. Changed to `openssl rand -base64 24` which generates exactly 32 characters (24 bytes encoded in base64 = 32 characters). This was causing 2FA setup failures with "Something went wrong" errors and RangeError: Invalid key length in self-hosted Docker installations. Fixes #22365 Co-authored-by: simiondolha <simiondolha@users.noreply.github.com> Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com> Co-authored-by: Keith Williams <keithwillcode@gmail.com>
…25688) * refactor: split large org creation transaction into smaller batches The prisma.team.create call at L418 was creating the organization along with all orgProfiles and memberships in a single large transaction, which could timeout when there are many members. This change splits the operation into smaller, separate transactions: 1. Create the organization (team) with just metadata and organizationSettings 2. Create org profiles in batches of 50 using Promise.all 3. Create memberships in batches of 100 using createMany 4. Fetch created profiles to rebuild the member-profile mapping This approach avoids transaction timeouts while maintaining the same functionality and data integrity. Co-Authored-By: alex@cal.com <me@alexvanandel.com> * Apply suggestion from @cubic-dev-ai[bot] Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com> Co-authored-by: Keith Williams <keithwillcode@gmail.com> Co-authored-by: Anik Dhabal Babu <81948346+anikdhabal@users.noreply.github.com>
* fix(ui): improve Variables Dropdown styling consistency - Change focus ring from brand-800 to subtle for consistent design - Add rounded-md to dropdown container for visual consistency - Add rounded-md to DropdownMenuItem for rounded corners - Remove redundant hover:bg-muted and conditional bg-muted styling Fixes #25848 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: restore keyboard navigation active state indicator Keep the conditional bg-muted styling for the selected item during keyboard navigation, while still removing the redundant hover:bg-muted since DropdownMenuItem already handles hover styling. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: simiondolha <simiondolha@users.noreply.github.com> Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com> Co-authored-by: Anik Dhabal Babu <81948346+anikdhabal@users.noreply.github.com>
#26771) * fix: Yarn installation fails in windows due to mixed path separators in app-store-cli * fix: normalize paths for cross-platform Biome compatibility in app-store-cli
* fix: reschedule behaviour for org admin * fix: use pbac for permissions check --------- Co-authored-by: Peer Richelsen <peeroke@gmail.com> Co-authored-by: Morgan <33722304+ThyMinimalDev@users.noreply.github.com>
* fix #21709: change to error on schedule name empty save * fix comments * minor enahncemnts --------- Co-authored-by: Volnei Munhoz <volnei.munhoz@gmail.com> Co-authored-by: Anik Dhabal Babu <81948346+anikdhabal@users.noreply.github.com>
…t link (#26802) * feat: manifest id for safari * add delete account button
Replace N sequential queries with single batch query for fetching user default schedule IDs Changes: - Add getUsersScheduleDefaultIds batch method to UsersRepository - Add getResponseSchedules batch method to OutputSchedulesService - Extract transformScheduleToOutput for reuse - Simplify OrganizationsSchedulesService and TeamsSchedulesService - Remove dead code (formatInput no-op method) Reduces database round-trips from O(n) to O(1) for schedule lookups
…d domains (#26727) * fix(bookings): fix email exclusion validation for full emails and @-prefixed domains * NIT * make case insensitive * fix: make domain matching case-insensitive in doesEmailMatchEntry Co-Authored-By: unknown <> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* Add db schema * Add `CredentialRepository.findByTeamIdAndSlugs` * Add enabled app slugs for attribute syncing * Create repository for `IntegrationAttributeSync` * Create zod schemas * Create `AttributeSyncUserRuleOutputMapper` * Create `IntegrationAttributeSyncService` * Create DI contianer * Create trpc endpoints * Create page * Include team name in `CredentialRepository.findByTeamIdAndSlugs` * Update schema and relations * Update types and schemas * Add more methods to IntegrationAttributeSyncRepository * Add more services to `IntegrationAttributeSyncService` - getById - Init updateIncludeRulesAndMappings * Refactor `getTeams.handler` to use repository * Create `createAttributeSync` trpc endpoint * Create `updateAttributeSync` trpc endpoint * Add router to trpc * Create attribute sync child components * Pass custom actions to `FormCard` * Create `IntegrationAttributeSyncCard` * Pass inital props via server side * Fix prop * Only refetch on mutation * Fixes * Add form error when duplicate field and attribute combo * Add `updateTransactionWithRUleAndMappings` logic * Adjust zod schemas * Service add `updateIncludeRulesAndMappings` * Pass orgId from server to component * Rename types * Add deleteById method to repository * Add name to integrationAttributeSync * Add deleteById method to service * Rename method * Add deleteAttributeSync trpc endpoint * Make the IntegrationAttributeSyncCard a dummy component * test: add tests for IntegrationAttributeSync feature Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * Move creating a attribute sync record to the service * Add i18n strings * Safe select credential in find by id and team * Fix default credentialId value in form * Update repository return types * Add i18n string * Make credentialId optional for form schema * Fix label * Add cascade deletes * Add verification that syncs belong to org * Create mapper for repository output * Type fixes * Remove old test file * Pass `attributeOptions` from parent to children * Infer types from zod schema * Type fixes * Type fix * Clean up * Add i18n strings * Remove unused file * Address feedback * Add migration file * Address feedback * Add validation for new integration values * Remove unused router * Move away from z.infer to z.ZodType * Clean up comments * Type fix * Type fixes * Type fix * fix: add passthrough to syncFormDataSchema to preserve extra fields Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: remove incorrect test that expected extra fields to pass through syncFormDataSchema Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * Add endpoint for SF to call * Create scratch org config * Create sf cli scripts * Create package logic * Update README * Remove unused file * Add indexes * Add aria label * Address feedback - consistent validation * Fix import paths for attribute types * refactor: change attributeSyncRules array to singular attributeSyncRule The database schema enforces a one-to-one relationship between IntegrationAttributeSync and AttributeSyncRule (via @unique constraint), and the UI only supports a single rule. This change makes the TypeScript type match the database schema and UI behavior. Changes: - Update IntegrationAttributeSync interface to use attributeSyncRule: AttributeSyncRule | null - Update mapper to return singular rule instead of wrapping in array - Update UI component to access sync.attributeSyncRule directly - Update IIntegrationAttributeSyncUpdateParams Omit type - Update tests to use attributeSyncRule: null instead of attributeSyncRules: [] Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * feat: implement FeatureOptInService (#25805) * feat: implement FeatureOptInService WIP * clean up * feat: consolidate feature repositories and add updateFeatureForUser - Implement updateFeatureForUser in FeaturesRepository (similar to updateFeatureForTeam) - Move getUserFeatureState and getTeamFeatureState from PrismaFeatureOptInRepository to FeaturesRepository - Update FeatureOptInService to use only FeaturesRepository - Add setUserFeatureState and setTeamFeatureState methods to FeatureOptInService - Update _router.ts to remove PrismaFeatureOptInRepository usage - Remove PrismaFeatureOptInRepository.ts and FeatureOptInRepositoryInterface.ts - Update features.repository.interface.ts and features.repository.mock.ts - Add integration tests for updateFeatureForUser, getUserFeatureState, getTeamFeatureState - Update service.integration-test.ts to use FeaturesRepository Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: rename updateFeatureForUser to setUserFeatureState Rename to match the convention used for setTeamFeatureState Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: return FeatureState type from getUserFeatureState and getTeamFeatureState * fix integration tests * clean up logics * update services and router * refactor: change getUserFeatureState and getTeamFeatureState to accept featureIds array - Renamed getUserFeatureState to getUserFeatureStates - Renamed getTeamFeatureState to getTeamFeatureStates - Changed parameter from featureId: string to featureIds: string[] - Changed return type from FeatureState to Record<string, FeatureState> - Updated FeatureOptInService to use the new batch methods - Added tests for querying multiple features in a single call - Optimized listFeaturesForTeam to fetch all feature states in one query Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * feat: add getFeatureStateForTeams for batch querying multiple teams - Added getFeatureStateForTeams method to query a single feature across multiple teams in one call - Updated FeatureOptInService.resolveFeatureStateAcrossTeams to use the new batch method - Replaces N+1 queries with a single database query for team states - Added comprehensive integration tests for the new method Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: combine org and team state queries into single call - Include orgId in the teamIds array passed to getFeatureStateForTeams - Extract org state and team states from the combined result - Reduces database queries from 3 to 2 in resolveFeatureStateAcrossTeams Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: use team.isOrganization and clarify computeEffectiveState comment Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: use MembershipRepository.findAllByUserId with isOrganization Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * feat: add featureId validation using isOptInFeature type guard Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * less queries * add fallback value * fix type error * move files * add autoOptInFeatures column * use autoOptInFeatures flag within FeatureOptInService * add setUserAutoOptIn and setTeamAutoOptIn * fix computeEffectiveState logic * rewrite computeEffectiveState * clean up integration tests * clean up in afterEach * fix type error * refactor: use FeaturesRepository methods instead of direct Prisma calls Replace all manual userFeatures and teamFeatures Prisma operations with the new setUserFeatureState and setTeamFeatureState repository methods. Changes include: - Admin handlers (assignFeatureToTeam, unassignFeatureFromTeam) - Test fixtures and integration tests - Playwright fixtures - Development scripts This ensures consistent feature flag management through the repository pattern and supports the new tri-state semantics (enabled/disabled/inherit). Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * clean up * fix the logic * extract some logic into applyAutoOptIn() * remove wrong code * refactor: convert setUserFeatureState and setTeamFeatureState to object params with discriminated union - Convert multiple positional parameters to single object parameter - Use discriminated union types: assignedBy required for enabled/disabled, omitted for inherit - Update all callers across repository, service, handlers, fixtures, and tests * fix type error * use Promise.all * fix --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * Prevent duplicate field and attribute mappings * Add validation that attribute belongs to the org * fix: address Cubic AI review feedback - Add @@index([credentialId]) to IntegrationAttributeSync model for efficient cascade deletes and credential-based queries (confidence: 9/10) - Fix translation key from 'credential_required' to 'attribute_sync_credential_required' to match existing locale definition (confidence: 10/10) Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: address remaining cubic review feedback - RuleBuilder.tsx: Use unique IDs for React keys instead of array index to prevent reconciliation bugs when removing conditions - updateAttributeSync.handler.ts: Add early organization check before service calls for consistency - createAttributeSync.handler.ts: Add CredentialNotFoundError class for type-safe error handling instead of string matching - IntegrationAttributeSyncService.test.ts: Replace expect.fail() with proper Vitest rejects.toSatisfy() pattern Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * Pull test file from main * fix: address Cubic AI review feedback (confidence >= 9/10) - Remove sensitive fields (email, changedFields) from logging in user-sync.ts - Rename scratch-org:open to scratch-org:start in package.json to match README Co-Authored-By: unknown <> * Update README --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: Eunjae Lee <hey@eunjae.dev> Co-authored-by: Hariom Balhara <hariombalhara@gmail.com>
…25945) Add hideCalendarNotes support to reschedule flow The hideCalendarNotes flag was only handled in CalendarManager.createEvent(), not in updateEvent(). This caused notes to become visible again in ICS files after rescheduling. Changes: - Add hideCalendarNotes handling to CalendarManager.updateEvent() - Add hideCalendarNotes checks to reschedule email functions - Move description reset before reschedule call (required for cloned event)
* fix: workflow locale * fix: workflow locale * fix: check if tmeplate is changed * fix: regression * fix: also check subject when determining if template is customized Co-Authored-By: morgan@cal.com <morgan@cal.com> * refactor: extract template matching logic into testable function - Create detectMatchedTemplate function in separate file - Add comprehensive unit tests (20 test cases) - Refactor EmailWorkflowService to use the new function Addresses review comment from hariombalhara requesting abstraction and tests for the template matching logic. Co-Authored-By: udit@cal.com <udit222001@gmail.com> --------- Co-authored-by: Morgan <33722304+ThyMinimalDev@users.noreply.github.com> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: morgan@cal.com <morgan@cal.com>
Platform organizations don't have public-facing subdomains, so non-managed users in platform orgs should get cal.com URLs instead of the platform org subdomain. - Updated EventTypeUser type to include isPlatform field - Modified buildBookingUrl to check isPlatform before using org slug - Added unit test for platform org users Co-authored-by: Morgan <33722304+ThyMinimalDev@users.noreply.github.com>
* feat: add scope configuration for feature opt-in Add scope field to OptInFeatureConfig that allows features to be scoped to specific levels (org, team, user). This enables features to be shown only at certain settings pages rather than all three. Changes: - Add OptInFeatureScope type with values 'org', 'team', 'user' - Add optional scope field to OptInFeatureConfig interface - Add getOptInFeaturesForScope helper function to filter features by scope - Update FeatureOptInService to filter features based on scope - Update tRPC router to pass scope parameter for org/team endpoints Features without a scope field default to all scopes for backward compatibility. Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * feat: add scope validation to setUserFeatureState and setTeamFeatureState - Add isFeatureAllowedForScope helper function to check if a feature is allowed for a scope - Update setUserFeatureState to reject if feature is not scoped to 'user' - Update setTeamFeatureState to accept scope parameter and reject if feature is not allowed - Update tRPC router to pass scope parameter for team and org endpoints - Fix unit test mock to include new config exports Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * feat: use ErrorWithCode for scope validation and add tests - Replace raw Error with ErrorWithCode using ErrorCode.BadRequest - Add comprehensive tests for setUserFeatureState scope validation - Add comprehensive tests for setTeamFeatureState scope validation - Test both enabled/disabled and inherit state scenarios - Test error messages include feature ID and scope name Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * feat: improve Features menu visibility to use scope configuration Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: remove unused hasOptInFeaturesForScope function Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: allow features not in config at all scopes (permissive default) Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: revert permissive default and mock scope validation in integration tests Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Managed users (isPlatformManaged: true) don't have public booking pages - their scheduling is handled through the platform's app. - Fetch isPlatformManaged in event-types repository - Return empty string for managed users in buildBookingUrl - Added unit test for managed users case Co-authored-by: Morgan <33722304+ThyMinimalDev@users.noreply.github.com>
…e them instead of Prisma in cancellation flow (#24159) * chore: Inject repositories instead of Prisma in canellation flow * simplify * simplify * fix formatting issue * chore: resolve merge conflicts for PR #24159 (#26820) * matched colour of icons across website (#26394) * fix(auth): resolve session user by token subject ID (#26399) * fix(auth): align session user resolution with token subject * test(auth): add unit tests for getServerSession user resolution * chore: release v6.0.7 * fix: Custom time input for availability (#26373) * add custom time input * add unit test * add validation logic * feat(companion): Add DropdownMenu and Alert Dialog for Android (#26385) * feat(companion): add DropdownMenu for Android event types list Replace Alert.alert with react-native-reusables DropdownMenu component for Android event type list items, providing a native-feeling menu experience that matches iOS functionality. Changes: - Install react-native-reusables dropdown-menu component and dependencies (lucide-react-native, tailwindcss-animate, class-variance-authority, clsx, tailwind-merge) - Create EventTypeListItem.android.tsx with DropdownMenu implementation - Single ellipsis button triggers dropdown menu - Menu includes: Preview, Copy link, Edit, Duplicate, Delete - Delete action marked as destructive variant - Proper safe area insets handling - Add PortalHost to app/_layout.tsx for portal rendering support - Create lib/utils.ts with cn() helper for className merging - Update global.css with theme CSS variables (popover, border, accent, destructive, etc.) for dropdown menu styling - Update tailwind.config.js with theme colors and tailwindcss-animate plugin - Update metro.config.js with inlineRem: 16 for proper rem unit handling - Remove Android Alert.alert fallback from event types index.tsx - Fix lint issues in generated dropdown-menu.tsx (remove unnecessary fragments) The Android experience now matches iOS with a single menu button that opens a dropdown containing all event type actions, replacing the previous Alert.alert dialog and separate action buttons. Refs: https://reactnativereusables.com/docs/components/dropdown-menu * adjust with of menu * feat(companion): add DropdownMenu for Android booking and availability list items - Add BookingListItem.android.tsx with DropdownMenu for booking actions - Add BookingDetailScreen.android.tsx with DropdownMenu in header - Add AvailabilityListItem.android.tsx with DropdownMenu for schedule actions Actions include: Reschedule, Edit Location, Add Guests, View Recordings, Meeting Session Details, Mark as No-Show, Report Booking, Cancel Event for bookings; Set as Default, Duplicate, Delete for availability schedules. * fix lint issues * feat(android): replace native alerts with AlertDialog and Toast in event types - Install AlertDialog and Alert components from react-native-reusables - Create Android-specific event types screen (index.android.tsx) - Replace native Alert.alert() with AlertDialog for delete confirmation - Add inline validation errors (red border + error text) in create modal - Implement Toast snackbar for success/error notifications (no layout shift) - Auto-dismiss toast after 2.5 seconds - Fix React Compiler compatibility by removing animated refs This provides a more consistent and polished UI experience on Android, matching the design system used in other parts of the app. * feat(android): add AlertDialog for availability delete and booking cancel - Add index.android.tsx for availability with AlertDialog for delete confirmation - Add index.android.tsx for bookings with AlertDialog for cancel (with reason input) - Both screens include Toast snackbar for success/error notifications - Follows the same pattern as event types Android implementation * feat(companion): add DropdownMenu and AlertDialog for Android - Replace native Alert.alert context menus with DropdownMenu component for event types, bookings, and availability lists - Replace FullScreenModal with AlertDialog for create/delete/cancel flows - Add toast notifications for success/error feedback on Android - Set consistent 380px max-width for all AlertDialogs - Fix layout headers showing "index" text on event-types and availability - Create Android-specific More screen with AlertDialog logout confirmation Uses react-native-reusables components for polished Android UI * better code * fix cubics comments * refactor(android): revert delete confirmations to native Alert.alert() - Logout: reverted to native Alert.alert() (simple yes/no) - Event Types Delete: reverted to native Alert.alert() (simple yes/no) - Availability Delete: reverted to native Alert.alert() (simple yes/no) Keep AlertDialog only where user input is needed: - Event Types Create (has TextInput for title) - Availability Create (has TextInput for name) - Bookings Cancel (has TextInput for cancellation reason) * refactor(android): remove redundant index.android.tsx files The main index.tsx files already handle Android via Platform.OS checks. Android-specific behavior for actions is in the list item components: - EventTypeListItem.android.tsx - BookingListItem.android.tsx - AvailabilityListItem.android.tsx This consolidates the code and reduces duplication. * corrected the implementation both native and alert dialog * address cubics comments * fix lint issue and address cubic comments * chore: add logging in next-auth (#26404) * Add logging in next-auth * Add logging at other return * fix: Make incomplete booking form mobile-responsive (#26413) * fix: update bundle identifier (#26402) * fix: patch React 19 vulnerabilities by upgrading to 19.2.3 (#26411) * security: patch React 19 vulnerabilities by upgrading to 19.2.3 * chore: revert lingo.dev upgrade * refactor(companion): event type details screen improvements (#26415) * refactor(companion): move EventTypeDetail component to a new file and update routing * refactor(companion): format code for better readability in TabLayout and EventTypeDetail components * refactor(companion): improve code formatting and readability in EventTypeDetail component * refactor(companion): enhance code readability and formatting in EventTypeDetail component * refactor(companion): improve code formatting and readability in EventTypeDetail component * refactor(companion): enhance code formatting and readability in EventTypeDetail component * refactor(companion): improve code formatting and readability in TabLayout component * fix: add vertical spacing when hovered (#26419) * fix(seed): add missing Host entries for seeded round‑robin team events (#26426) * feat(companion): new availability detail and actions pages for ios (#26424) * version 1 * version 1.1 * better code * covered all edge cases * address cubics comments * address cubics comments * fix(auth): enhance SAML login handling by introducing userId field and updating JWT token structure (#26428) * fix(ci): delete old prod build caches on cache miss (#26437) Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * fix(ci): add yarn prisma generate before cache key generation (#26439) This ensures consistent cache keys between the Build Web App job and E2E shards by running yarn prisma generate before generating the cache key. The issue was that packages/prisma/enums/index.ts is: 1. Generated by yarn prisma generate 2. In .gitignore (not committed to git) 3. Included in the SOURCE_HASH (matches packages/**/**.[jt]s) 4. NOT excluded from the hash E2E jobs already run yarn prisma generate before cache-build, but the Build Web App job did not, causing different cache keys in the same workflow run. Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * fix: show empty screen from event type availability tab (#26396) * fix * update * fix * Remove copying of App Store static files step Removed step to copy App Store static files from the workflow. * feat: queue or cancel payment reminder flow (#24889) Co-authored-by: Pallav <90088723+Pallava-Joshi@users.noreply.github.com> Co-authored-by: Ryukemeister <sahalrajiv6900@gmail.com> Co-authored-by: Rajiv Sahal <sahalrajiv-extc@atharvacoe.ac.in> Co-authored-by: Peer Richelsen <peeroke@gmail.com> * feat: integrate BookingHistory with Bookings V3 design (#26301) * Integrate BookingHistory with Bookings V3 design * Enhance booking features by integrating booking audit functionality - Updated the booking page to retrieve user feature statuses for "bookings-v3" and "booking-audit". - Modified BookingDetailsSheet and BookingListContainer components to accept and utilize the new bookingAuditEnabled prop. - Adjusted the BookingHistory display logic to conditionally render based on the bookingAuditEnabled state. - Refactored SegmentedControl to support generic types for better type safety. This change improves the user experience by allowing conditional access to booking audit features based on user permissions. * Refactor BookingDetailsSheet to manage active segment state with Zustand store - Removed local state management for active segment in BookingDetailsSheet and integrated Zustand store for better state synchronization. - Introduced useActiveSegmentFromUrl hook to sync active segment with URL query parameters. - Updated BookingDetailsSheet to handle derived active segment logic based on bookingAuditEnabled state. - Adjusted SegmentedControl to ensure it defaults to "info" when activeSegment is null. This refactor enhances the maintainability and responsiveness of the booking details component. * refactor: rename useBiDirectionalSyncBetweenZustandAndNuqs to useBiDirectionalSyncBetweenStoreAndUrl Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> --------- Co-authored-by: Udit Takkar <53316345+Udit-takkar@users.noreply.github.com> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * feat: create BookingHistoryViewerService to combine audit logs with routing form submissions (#26045) * feat: create BookingHistoryViewerService to combine audit logs with routing form submissions Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * refactor(booking): rename audit log query and enhance type safety - Updated the booking logs view to use the new getBookingHistory query instead of getAuditLogs. - Introduced DisplayBookingAuditLog type for improved clarity in BookingAuditViewerService. - Refactored BookingHistoryViewerService to utilize the new DisplayBookingAuditLog type and added sorting functionality for history logs. - Adjusted related types and methods to ensure consistency across services. * refactor(routing-forms): streamline imports and enhance type definitions - Consolidated type exports and imports from the features library for better organization. - Removed redundant type definitions and functions in zod.ts, findFieldValueByIdentifier.ts, getFieldIdentifier.ts, and parseRoutingFormResponse.ts. - Introduced new utility functions for handling field responses and parsing routing form responses. - Improved type safety and clarity across routing form response handling. * fix: remove double prefix from uniqueId in form submission entry Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * 1c97f9cc5d50416788c01876fe539bcc9750e9b2 (#26453) --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * chore: Ensure that uuid is available in server session[Booking Audit Prerequisite] (#25963) ## What does this PR do? Similar to #25721, adds uuid in session so that BookingAudit has it readily available Adds the user's UUID to the booking metadata by: 1. Extending the NextAuth `User` interface to include an optional `uuid` property from PrismaUser 2. Making `uuid` required on `Session.user` via intersection type (`User & { uuid: PrismaUser["uuid"] }`) 3. Adding `uuid` to the session user object in `getServerSession.ts` 4. Adding `uuid` to the `AdapterUser` transformation in `next-auth-custom-adapter.ts` 5. Passing `userUuid` from the session to the booking creation flow 6. Updating the API key verification flow to include `uuid` in the user data (repository, service, and type definitions) 7. Adding `req.userUuid` as a required field on the request object (like `req.userId`) 8. Adding `uuid` to mock session objects in web app routes and test context 9. Adding `uuid` to the `findByEmailAndIncludeProfilesAndPassword` query in UserRepository Also removes commented-out code that was placeholder for future work and fixes lint warnings for unused variables. ## Mandatory Tasks (DO NOT REMOVE) - [x] I have self-reviewed the code (A decent size PR without self-review might be rejected). - [x] I have updated the developer docs in /docs if this PR makes changes that would require a [documentation change](https://cal.com/docs). N/A - no documentation changes needed. - [x] I confirm automated tests are in place that prove my fix is effective or that my feature works. ## How should this be tested? 1. Verify that the NextAuth session callback is already populating the `uuid` field on the user object 2. Create a booking and confirm `userUuid` is included in the booking metadata 3. Test API v1 endpoints (`/api/invites` POST and `/api/teams/[teamId]/publish`) to verify they receive the uuid from the authenticated user 4. Check that the booking flow works correctly with the new parameter 5. Test SAML login flow to verify session still works correctly (uuid is resolved from database after authentication) ## Human Review Checklist - [ ] Verify the NextAuth session callback populates `uuid` - if not, this change will pass `undefined` at runtime - [ ] Confirm `userUuid` is consumed downstream in the booking service - [ ] Verify that `PrismaApiKeyRepository.findByHashedKey()` correctly fetches the user's uuid from the database - [ ] Verify the discriminated union type in `ApiKeyService.ts` ensures `result.user` is always defined when `result.valid` is true - [ ] Confirm all API v1 endpoints using `req.userUuid` go through the `verifyApiKey` middleware - [ ] Verify `UserRepository.findByEmailAndIncludeProfilesAndPassword()` includes `uuid` in the select clause - [ ] Verify SAML login still works correctly - uuid is now optional on User interface so SAML providers don't need to supply it at profile stage ## Updates since last revision - **Made uuid optional on User, required on Session**: Changed the type strategy so `uuid` is optional on the NextAuth `User` interface but required on `Session.user` via intersection type. This allows SAML providers to not supply uuid at the profile stage while ensuring uuid is always present on the session after the user is resolved from the database. - **Removed uuid from SAML functions**: Since uuid is now optional on User, the SAML profile and authorize functions no longer need to include it. --- Link to Devin run: https://app.devin.ai/sessions/97e5603b719a420b9b35041252c9db26 Requested by: hariom@cal.com (@hariombalhara) * fix: add @calcom/trpc#build dependency to @calcom/web#dev task (#26460) Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * fix(auth): make identityProviderId lookup case-insensitive (#26405) SAML IdPs may send NameIDs with different casing than stored, causing login failures. Aligns with the existing case-insensitive email lookup pattern * fix: cancel running CI workflow before re-triggering and allow trusted GitHub Apps (#26461) * fix: cancel running CI workflow before re-triggering and allow trusted bots Co-Authored-By: keith@cal.com <keithwillcode@gmail.com> * fix: remove hardcoded bot allowlist, keep only cancel-and-rerun improvement Co-Authored-By: keith@cal.com <keithwillcode@gmail.com> * fix: add app_id verification for trusted GitHub Apps (Graphite) Co-Authored-By: keith@cal.com <keithwillcode@gmail.com> * fix: simplify trusted bot check to use sender type, login, and installation context Co-Authored-By: keith@cal.com <keithwillcode@gmail.com> * chore: remove unnecessary comments Co-Authored-By: keith@cal.com <keithwillcode@gmail.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * feat: update translations via @LingoDotDev (#26445) Co-authored-by: Lingo.dev <support@lingo.dev> Co-authored-by: Keith Williams <keithwillcode@gmail.com> * fix: remove installation requirement from trusted bot check (#26466) * fix: remove installation requirement from trusted bot check The installation object is not present in the webhook payload when GitHub Apps add labels via pull_request_target events. This caused graphite-app[bot] to fail the authorization check and fall through to the human permission check, which doesn't work for bots. The fix removes the installation requirement and relies on: - sender.type === 'Bot' - sender.login matching the trusted bot list This is secure because the sender fields come from GitHub's webhook payload and cannot be forged by contributors. Co-Authored-By: keith@cal.com <keithwillcode@gmail.com> * chore: add extra logging about sender type Co-Authored-By: keith@cal.com <keithwillcode@gmail.com> * chore: remove senderId from logging Co-Authored-By: keith@cal.com <keithwillcode@gmail.com> * Update run-ci.yml --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * refactor: Move trpc-dependent components from features to web [2] (#26420) * fix * move event types components to web * update import paths * mv apps components * migrate form builder * fix * mv sso * fix * mv * update import paths * update import paths * mv * mv * mv * fix * update Booker * fix * fix * fix * fix * mv video * mv embed components to web * update import paths * mv calendar weekly view components * update import paths * fix * fixp * fix * fix * fix * fix: update FormBuilder imports to use @calcom/features/form-builder Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: update broken import paths after file migrations Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: correct import paths for platform atoms and moved components Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: apply CSS type fixes and add missing atoms exports Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: resolve type errors in test files after component migrations Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: resolve remaining type errors in test files Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix * migrate * fix: resolve type errors in test and mock files - Add missing bookingForm, bookerFormErrorRef, instantConnectCooldownMs to Booker.test.tsx bookings prop - Add all required BookerEvent properties to event.mock.ts - Add vi import from vitest to all mock files - Fix date parameter types in packages/dayjs/__mocks__/index.ts - Add verificationCode and setVerificationCode to test-utils.tsx mock store - Remove children.type access in Section.tsx mock to fix type error - Fix lint issues: remove unused React imports, use import type where needed, add return types - Add biome-ignore comments for pre-existing lint warnings in test files Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * migrate * migrate * migrate * update import paths * update import paths * update import paths * fix * migrate data table * migrate data table * fix * fix * fix * migrate insights components * migrate insights components * fix * mv * update import paths * fix * fix * fix * fix * fix * fix: resolve type errors in test mocks - Booker.test.tsx: Add all required UseFormReturn methods to bookingForm mock - event.mock.ts: Fix entity, subsetOfHosts, instantMeetingParameters, fieldTranslations, image types - dayjs/__mocks__/index.ts: Use Object.assign for proper typing of mock properties - Section.tsx: Change 'class' to 'className' in JSX with biome-ignore comment Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: add missing hasDataErrors and dataErrors to bookings.errors mock Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: add missing loadingStates properties to bookings mock Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: add missing slots properties (setTentativeSelectedTimeslots, tentativeSelectedTimeslots, slotReservationId) Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: update quickAvailabilityChecks to include utcEndIso and use valid status type Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: add missing bookerForm properties (formName, beforeVerifyEmail, formErrors) Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: add missing UseFormReturn properties to bookerForm.bookingForm mock Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: add hasFormErrors and formErrors to bookerForm.formErrors mock Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: add hasFormErrors and formErrors to bookerForm.errors mock Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: add missing isError property to mockEvent Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: use complete BookerEvent mock in Booker.test.tsx Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: use branded bookingFields type in event mock Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: add missing schedule mock properties (isError, isSuccess, isLoading, dataUpdatedAt) Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * revert * fix * fix * fix * fix build * fix * fix * fix * fix: correct AddMembersWithSwitch test wrapper to use initial assignAllTeamMembers value - Fixed test wrapper to initialize useState with componentProps.assignAllTeamMembers instead of hardcoded false, allowing tests to properly test different states - Updated test expectations for ALL_TEAM_MEMBERS_ENABLED_AND_SEGMENT_NOT_APPLICABLE state to match actual component behavior (toggle should be present and checked) - Fixed 'should show Segment when toggled on' test to start with assignAllTeamMembers: false to properly test the flow of enabling it - Added explicit types to satisfy biome lint requirements Co-Authored-By: benny@cal.com <sldisek783@gmail.com> * fix: use JSX.Element instead of React.JSX.Element for type compatibility Co-Authored-By: benny@cal.com <sldisek783@gmail.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * chore(deps): update dependencies and add version constraints (#26390) - Update sanitize-html to 2.17.0 - Remove unused Storybook dependencies from @calcom/ui - Add resolutions for consistent dependency versions - Clean up packageExtensions * feat: add lightweight E2E session warmup page (#26451) * feat: add lightweight E2E session warmup endpoint - Add /api/__e2e__/session-warmup endpoint that triggers NextAuth session loading - Update apiLogin fixture to use the new endpoint instead of navigating to /settings/my-account/profile - The endpoint is gated by NEXT_PUBLIC_IS_E2E=1 (already set in playwright.config.ts) - This reduces overhead in E2E tests by avoiding loading a full UI page just to warm up the session Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: move session warmup endpoint to App Router - Move /api/__e2e__/session-warmup from pages/api to app/api - Use App Router patterns (NextResponse, buildLegacyRequest) - Maintains same functionality for E2E session warming Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * rename path * refactor: switch from API route to minimal SSR page (Option 2) - Replace /api/e2e/session-warmup API route with /e2e/session-warmup page - Use App Router page pattern with getServerSession for session warmup - Update apiLogin fixture to navigate to the page instead of API request Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * revert users fixture but with a new url * render nothing on success * clean up * trying something * Revert "trying something" This reverts commit 2ae2f7dcb42612e54eb072a9f09857272020889a. --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: Keith Williams <keithwillcode@gmail.com> * Disable noReactSpecificProps as we use react (#26479) * fix(auth): fix SAML tenant extraction and validation (#26482) - Extract tenant from userInfo in saml-idp (IdP-initiated) - Add profile.requested?.tenant fallback for OAuth (SP-initiated) - Block invalid tenant format in hosted (security) * fix: atoms build by updating import paths (#26489) * fix build * fix build * fix: "New" button sizing inconsistent between Workflows and Event Types pages (#26066) * fix: consistent button sizing between fab and button variants on desktop * fix: consistent button sizing between fab and button variants on desktop * fix(ui): align New button sizing across pages * fix: New button sizing inconsistent between Workflows and Event Types pages * Update Button.tsx * test: fix unit test flake (#25557) * fix: revalidate teams cache after accepting invite via token When a user accepts a team invite via token on the /teams page, the teams cache was not being invalidated. This caused the page to show stale data (empty list) while the sidebar correctly showed the teams. This fix adds a call to revalidateTeamsList() after processing an invite token, ensuring the cache is invalidated and fresh data is fetched immediately. Co-Authored-By: anik@cal.com <adhabal2002@gmail.com> * fix: revalidate teams cache after creating team in onboarding flow Co-Authored-By: anik@cal.com <adhabal2002@gmail.com> * Remove comments on teams cache revalidation Removed comments about revalidating teams cache after invite processing. * fix unit test flake * Remove unused import in useCreateTeam hook Removed unused import for revalidateTeamsList. * Remove unused import for revalidateTeamsList --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * chore: Add impersonation context support to booking audit (#26014) ## What does this PR do? Adds infrastructure to track impersonation context in booking audit records and displays it in the UI. When an admin impersonates another user and performs booking actions, the audit system now: - Records the **admin** as the actor (who actually performed the action) - Stores the **impersonated user's UUID** in a separate `context` field - Displays **"Impersonated By"** in the booking logs UI when viewing audit details This separation ensures audit trail integrity (the admin is accountable) while preserving full context about whose account was being used. ### Changes - Added `uuid` to `impersonatedBy` session object for actor identification - Added `uuid` to top-level `User` type in next-auth types for session enrichment - Added `context Json?` field to `BookingAudit` Prisma model - Added `BookingAuditContextSchema` for type-safe context handling with `actingAsUserUuid` field - Updated producer service interface and implementation to pass context through all queue methods - Updated consumer service to persist context to database - Updated repository to store and fetch context in BookingAudit records - Added `impersonatedBy` field to `EnrichedAuditLog` type in `BookingAuditViewerService` - Added `enrichImpersonationContext` method to resolve impersonated user details - Updated booking logs UI to display "Impersonated By" in expanded details - Added `impersonated_by` translation key Link to Devin run: https://app.devin.ai/sessions/3f1252527aef4ead9401bdf055c0817b Requested by: hariom@cal.com (@hariombalhara) ## Mandatory Tasks (DO NOT REMOVE) - [x] I have self-reviewed the code (A decent size PR without self-review might be rejected). - [x] I have updated the developer docs in /docs if this PR makes changes that would require a [documentation change](https://cal.com/docs). N/A - internal infrastructure change - [ ] I confirm automated tests are in place that prove my fix is effective or that my feature works. ## How should this be tested? 1. Verify type checks pass: `yarn type-check:ci --force` 2. Verify existing audit tests still pass: `TZ=UTC yarn test` 3. To fully test impersonation context display: - Have an admin impersonate a user - Perform a booking action (create, cancel, reschedule) - Navigate to the booking's audit logs - Expand the details for the action - Verify "Impersonated By" row appears showing the impersonated user's name - Verify the BookingAudit record has: - `actorId` pointing to the admin's AuditActor - `context` containing `{ actingAsUserUuid: "<impersonated-user-uuid>" }` ## Human Review Checklist - [ ] Verify the `context` field schema design is appropriate for future extensibility - [ ] Confirm the `uuid` addition to User type in next-auth doesn't break existing auth flows - [ ] Check that the optional `context` parameter doesn't break existing queue method callers - [ ] Verify no migration file is needed (or if squashing is handled separately) - [ ] Verify the UI displays "Impersonated By" correctly when impersonation context is present - [ ] Confirm `enrichImpersonationContext` handles edge cases (null context, invalid context, deleted user) ## Checklist - [x] My code follows the style guidelines of this project - [x] I have commented my code, particularly in hard-to-understand areas - [x] I have checked if my changes generate no new warnings * perf: improve cal video webhook (#26495) * perf: improve cal video webhook * save format * refactor: use errorMs * chore: change API codeowner to Foundation (#26504) * chore(auth): add error logging for saml-idp silent failures (#26484) * chore(auth): add error logging for saml-idp silent failures * chore(auth): add warn-level logging for saml-idp silent failures * chore(auth): change 'No user found' log to warn level * chore(auth): add warn-level logging for silent auth failures - saml-idp authorize: credentials, code, token, userInfo, user lookup - callbacks:signIn: account type, email, name, catch-all - callbacks:jwt: unknown account type (info → warn) - saml:profile: missing email from IdP - getServerSession: user not found for valid token * feat(api): add team event-types webhooks controller (#26449) * feat(api): add team event-types webhooks controller - Add TeamsEventTypesWebhooksController for managing webhooks on team event types - Add IsTeamEventTypeWebhookGuard for authorization - Add TeamEventTypeWebhooksService for business logic - Register new controller in TeamsEventTypesModule - Enable unsafeParameterDecoratorsEnabled in biome.json for NestJS support Co-Authored-By: morgan@cal.com <morgan@cal.com> * test(api): add e2e tests for team event-types webhooks controller Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix(api): restrict team event-type webhooks to admins/owners only Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix(api): use regular imports instead of type imports for DI and DTOs Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix(api): use regular imports for DI in guard file Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: circular depndency in modules * delete teams in test * fix roles guard * fix biome * fix guard * resolve type import * resolve review feedback --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * chore: remove Mintlify AI chat from CMD+K widget (#26485) * chore: remove Mintlify AI chat from CMD+K widget - Remove MintlifyChat component and related state from Kbar.tsx - Delete packages/features/mintlify-chat directory (MintlifyChat.tsx, util.ts) - Delete apps/web/app/api/mintlify-chat API routes and tests - Delete packages/lib/server/mintlifyChatValidation.ts - Remove Mintlify-related env vars from .env.example and turbo.json - Refactor Kbar.tsx to fix lint issues (explicit types, exports at end) Co-Authored-By: peer@cal.com <peer@cal.com> * fix: use ReactNode import instead of JSX from react The JSX type is not exported from 'react' module. Use the global JSX.Element type (available in React projects) and import ReactNode for the children prop type. Co-Authored-By: peer@cal.com <peer@cal.com> * feat: add all event-types and upcoming bookings to KBar - Increase event types limit from 10 to 100 to show more event types - Add useUpcomingBookingsAction hook to fetch and display upcoming bookings - Bookings show title, date, and time in KBar search results - Navigate to booking details page when selecting a booking Co-Authored-By: peer@cal.com <peer@cal.com> * Revert "feat: add all event-types and upcoming bookings to KBar" This reverts commit 69d03397e3820e45e7207eb55b38117d269eae5e. --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * feat: update translations via @LingoDotDev (#26497) Co-authored-by: Lingo.dev <support@lingo.dev> * feat: implement FeatureOptInService (#25805) * feat: implement FeatureOptInService WIP * clean up * feat: consolidate feature repositories and add updateFeatureForUser - Implement updateFeatureForUser in FeaturesRepository (similar to updateFeatureForTeam) - Move getUserFeatureState and getTeamFeatureState from PrismaFeatureOptInRepository to FeaturesRepository - Update FeatureOptInService to use only FeaturesRepository - Add setUserFeatureState and setTeamFeatureState methods to FeatureOptInService - Update _router.ts to remove PrismaFeatureOptInRepository usage - Remove PrismaFeatureOptInRepository.ts and FeatureOptInRepositoryInterface.ts - Update features.repository.interface.ts and features.repository.mock.ts - Add integration tests for updateFeatureForUser, getUserFeatureState, getTeamFeatureState - Update service.integration-test.ts to use FeaturesRepository Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: rename updateFeatureForUser to setUserFeatureState Rename to match the convention used for setTeamFeatureState Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: return FeatureState type from getUserFeatureState and getTeamFeatureState * fix integration tests * clean up logics * update services and router * refactor: change getUserFeatureState and getTeamFeatureState to accept featureIds array - Renamed getUserFeatureState to getUserFeatureStates - Renamed getTeamFeatureState to getTeamFeatureStates - Changed parameter from featureId: string to featureIds: string[] - Changed return type from FeatureState to Record<string, FeatureState> - Updated FeatureOptInService to use the new batch methods - Added tests for querying multiple features in a single call - Optimized listFeaturesForTeam to fetch all feature states in one query Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * feat: add getFeatureStateForTeams for batch querying multiple teams - Added getFeatureStateForTeams method to query a single feature across multiple teams in one call - Updated FeatureOptInService.resolveFeatureStateAcrossTeams to use the new batch method - Replaces N+1 queries with a single database query for team states - Added comprehensive integration tests for the new method Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: combine org and team state queries into single call - Include orgId in the teamIds array passed to getFeatureStateForTeams - Extract org state and team states from the combined result - Reduces database queries from 3 to 2 in resolveFeatureStateAcrossTeams Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: use team.isOrganization and clarify computeEffectiveState comment Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: use MembershipRepository.findAllByUserId with isOrganization Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * feat: add featureId validation using isOptInFeature type guard Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * less queries * add fallback value * fix type error * move files * add autoOptInFeatures column * use autoOptInFeatures flag within FeatureOptInService * add setUserAutoOptIn and setTeamAutoOptIn * fix computeEffectiveState logic * rewrite computeEffectiveState * clean up integration tests * clean up in afterEach * fix type error * refactor: use FeaturesRepository methods instead of direct Prisma calls Replace all manual userFeatures and teamFeatures Prisma operations with the new setUserFeatureState and setTeamFeatureState repository methods. Changes include: - Admin handlers (assignFeatureToTeam, unassignFeatureFromTeam) - Test fixtures and integration tests - Playwright fixtures - Development scripts This ensures consistent feature flag management through the repository pattern and supports the new tri-state semantics (enabled/disabled/inherit). Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * clean up * fix the logic * extract some logic into applyAutoOptIn() * remove wrong code * refactor: convert setUserFeatureState and setTeamFeatureState to object params with discriminated union - Convert multiple positional parameters to single object parameter - Use discriminated union types: assignedBy required for enabled/disabled, omitted for inherit - Update all callers across repository, service, handlers, fixtures, and tests * fix type error * use Promise.all * fix --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * feat: add organization banner to user profile page (#26514) Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * feat: Hubspot write to meeting object (#26039) * feat: Hubspot write to meeting object * fix: translate hardcoded strings and remove debug console.log Co-Authored-By: amit@cal.com <samit91848@gmail.com> * refactor * fix: improve static value detection for placeholder replacement - Changed condition from startsWith/endsWith to includes('{') to properly detect embedded placeholders - Strings like 'Hello {name}!' are now correctly processed for placeholder replacement - Pure placeholder tokens that can't be resolved return null - Partially resolved values are returned as-is Co-Authored-By: amit@cal.com <samit91848@gmail.com> * refactor: split WriteToObjectSettings into types and utils files - Extract interfaces, enums, and type definitions to WriteToObjectSettings.types.ts - Extract constants and utility functions to WriteToObjectSettings.utils.ts - Update main component to use the new utility functions - Improves code organization and maintainability Co-Authored-By: amit@cal.com <samit91848@gmail.com> * revert: restore original static value detection logic Per user request - the startsWith/endsWith check was intentional Co-Authored-By: amit@cal.com <samit91848@gmail.com> * test: add unit tests for HubSpot CRM service Tests cover: - ensureFieldsExistOnMeeting: field validation against HubSpot properties - getTextValueFromBookingTracking: UTM parameter extraction - getTextValueFromBookingResponse: placeholder replacement - getDateFieldValue: date field resolution for different date types - getFieldValue: main field value resolution for all field types - generateWriteToMeetingBody: write-to-meeting body generation - getContacts: contact search functionality Co-Authored-By: amit@cal.com <samit91848@gmail.com> * fix: correct type errors in HubSpot CRM service tests - Import WhenToWrite enum from crm-enums - Replace string literals with WhenToWrite.EVERY_BOOKING enum values - Add missing whenToWrite property to field config objects Co-Authored-By: amit@cal.com <samit91848@gmail.com> * fix: use type casting for intentional type errors in tests - Cast numeric fieldValue to string for testing non-string handling - Cast invalid field type string to CrmFieldType for testing unsupported types Co-Authored-By: amit@cal.com <samit91848@gmail.com> * fix: prevent unhandled promise rejections in HubSpot CRM tests - Re-apply mockGetAppKeysFromSlug implementation in beforeEach to ensure mock is always set correctly after clearAllMocks - Change vi.resetAllMocks() to vi.clearAllMocks() to preserve mock implementations between tests - Add explicit types to satisfy biome lint rules - This fixes the 'Cannot read properties of undefined (reading client_id)' errors that were causing CI to fail with exit code 1 Co-Authored-By: amit@cal.com <samit91848@gmail.com> * refactor: convert HubSpot tests to black-box testing through public methods Co-Authored-By: amit@cal.com <samit91848@gmail.com> * fix: properly type mock CalendarEvent in HubSpot tests Co-Authored-By: amit@cal.com <samit91848@gmail.com> * fix: properly type TFunction in mock CalendarEvent Co-Authored-By: amit@cal.com <samit91848@gmail.com> * chore: graceful owner fail test * refactor * fix: type check * fix: remove null fields * Update packages/app-store/hubspot/lib/CrmService.ts Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com> * docs: add DTO location and naming conventions to knowledge base (#26478) * docs: add DTO location and naming conventions to knowledge base Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * docs: clarify DTO location rules for new features vs refactored code Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * docs: simplify DTO location - all DTOs go in packages/lib/dto/ Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * refactor: convert PrismaAttributeToUserRepository to accept Prisma as dependency (#26515) * refactor: convert PrismaAttributeToUserRepository to accept Prisma as dependency Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: use Prisma types from generated client instead of custom types Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * fix: handle existing users on invite token flow (#26217) * fix(auth): validate user before signup with invite token Validate if user already exists before creating account when signing up with team or organization invite tokens. Existing users are redirected to login to accept the invitation. - Add user existence check in signup handlers - Return 409 for existing users with redirect to login - Extract signup fetch logic to dedicated module - Add e2e test coverage * fix(auth): address code review feedback - Fix fetchSignup tests to use vi.spyOn for proper mock restoration - Add content-type validation before parsing JSON response - Guard against undefined error in Stripe callback - Use t() for localized error message - Fix race condition in handlers by catching P2002 on create * fix(auth): address additional code review feedback - Add INVALID_SERVER_RESPONSE constant to follow established pattern - Check error.meta.target includes email before returning USER_ALREADY_EXISTS to avoid false positives from other unique constraint violations - Add select: { id: true } to user.create calls since downstream functions only need the user id * test: add unit tests for P2002 handling in signup handlers - Add shared test suite covering all P2002 edge cases - Ensure 409 only for email constraint violations - Fix non-token paths to use atomic create + catch pattern * fix: update error message copy per review feedback * fix(auth): address code review feedback and prevent orphan Stripe customers - Add user existence check before Stripe customer creation (token flow) - Add select clause to user.create for consistency - Fix showToast argument order (pre-existing bug) - Use toHaveURL instead of waitForURL in E2E tests * fix(auth): resolve 500 errors by fixing Prisma error detection across module boundaries The instanceof check for PrismaClientKnownRequestError fails when different Prisma client instances are loaded. Added fallback check by constructor name * fix(auth): validate invitedTo before upsert on team invite signup * test(auth): update P2002 tests for new invite flow P2002 tests now use non-token flow since token flow uses upsert Added tests for invitedTo validation on invite signup * fix(auth): add guards and P2002 handling per review feedback - Guard existingUser check with if (foundToken?.teamId) - Guard username check with if (username) for premium flow - Add `select` clause to findFirst/findUnique queries - Add try-catch on upsert for race condition P2002 errors * fix(auth): narrow P2002 handling to email/username targets * chore: release v6.0.8 * fix: Support 10-digit phone numbers for Ivory Coast (+225) (#26465) * fix: update ivory coast mask to 10 digits * update formating for Benin numbers --------- Co-authored-by: Dhairyashil Shinde <93669429+dhairyashiil@users.noreply.github.com> Co-authored-by: Dhairyashil <dhairyashil10101010@gmail.com> * fix(ci): use env vars for input interpolation in workflow run steps (#26520) Co-authored-by: Alex van Andel <me@alexvanandel.com> * refactor: use structured logger in video adapters (#26285) - Remove debug console.log/console.error statements - Add logger.debug for observability (meeting lifecycle events) - Add logger.error with safe error pattern (message + name only) - Fix error messages to avoid exposing response details - Remove redundant try/catch blocks (errors propagate naturally) * fix: validate owner email on platform org creation (#26286) Remove isPlatform bypass from owner verification to ensure users can only create organizations where they are the designated owner. Add test coverage for create and intentToCreateOrg handlers: - Regression tests for isPlatform bypass fix - Happy path for admin creating org for another user * perf: batch booking queries in output service (#25900) Replace N sequential queries with single batch queries in: - getOutputRecurringBookings - getOutputRecurringSeatedBookings Uses existing batch repository methods. Reduces database roundtrips from O(n) to O(1) for recurring booking lookups Co-authored-by: Morgan <33722304+ThyMinimalDev@users.noreply.github.com> * Make booking-audit integration test utils reusable (#26526) * fix: generate compliant passwords using meeting_password_requirement (#26148) * fix(zoomvideo): generate compliant passwords using meeting_password_requirement - Add meetingPasswordRequirementSchema to parse Zoom's password policy settings - Implement validatePasswordAgainstRequirements() to check if a password meets the policy - Implement generateCompliantPassword() to create passwords that comply with the policy - Update translateEvent() to use getCompliantPassword() which validates the default password or generates a new compliant one based on meeting_password_requirement - Add meeting_password_requirement to the settings API filter - Improve error handling for non-JSON responses in OAuthManager (XML validation errors) This fixes the frequent 'Error in JSON parsing Zoom API response' errors caused by Zoom returning XML validation errors when the password doesn't comply with the account's password policy (e.g., numeric-only requirement). Co-Authored-By: anik@cal.com <adhabal2002@gmail.com> * refactor: use cleaner single-pass consecutive character check - Replace nested-loop O(n*k) implementation with single-pass O(n) helper - Add proper guard for consecutiveLength < 4 (Zoom allows 0, 4-8) - Move consecutive check before only_allow_numeric to apply it for all cases - Fix edge-case bug where consecutiveLength 1-3 could incorrectly reject passwords Co-Authored-By: anik@cal.com <adhabal2002@gmail.com> * Optimize OAuth response handling Refactor OAuth response validation to read body only once. * Improve error handling in Zoom API response parsing Refactor error handling for Zoom API response parsing to improve logging and clarity. * Improve compliant password generation logic Enhance password generation to avoid consecutive characters when numeric only is required. * Remove password requirement handling from VideoApiAdapter Removed meeting password requirement schema and related functions for password validation and generation. --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * refactor: Clean up the /tests in the root (#26525) * refactor: Delete mockTRPCContext and mockData, and relocate mockStripeSubscription to stripe mock. * chore: Delete unused Stripe, video client, and reminder scheduler mock files. * feat(companion): UI Enhancements for Android and Extension (#26434) * feat: companion-android-ui-upgrade version 1 * recurrings and unconfirmed booking filter and page implementation * add badge and links to event type list page * address cubics comments * feat(companion): unify dropdown menu for Android and extension (#26486) * feat(companion): unify dropdown menu for Android and extension - Merge Android-specific dropdown implementations into base component files - EventTypeListItem: Add DropdownMenu with Preview, Copy link, Edit, Duplicate, Delete actions - BookingListItem: Add DropdownMenu with booking actions (reschedule, edit location, add guests, etc.) - RecurringBookingListItem: Add DropdownMenu with recurring booking actions - AvailabilityListItem: Add DropdownMenu with Set as Default, Duplicate, Delete actions - BookingDetailScreen: Add DropdownMenu in header for Android with AlertDialog for cancel confirmation - Delete all .android.tsx files as implementations are now unified * fix(companion): fix typecheck errors after dropdown unification - Remove unused props from EventTypeListItem.ios.tsx (copiedEventTypeId, handleEventTypeLongPress) - Remove unused onActionsPress prop from BookingListItem.ios.tsx - Remove copiedEventTypeId and handleEventTypeLongPress props from index.ios.tsx and index.tsx - Remove onLongPress and onActionsPress props from BookingListScreen.tsx - Remove handleScheduleLongPress, setSelectedSchedule, setShowActionsModal props from AvailabilityListScreen.tsx - Fix BookingDetailScreen.tsx to use correct action property names (reschedule.visible instead of canReschedule, etc.) * fix(companion): remove unused code after dropdown unification - Remove unused handleEventTypeLongPress function and ActionSheetIOS import from index.ios.tsx - Remove unused copiedEventTypeId state, handleEventTypeLongPress function, and ActionSheetIOS import from index.tsx - Prefix unused setSelectedBooking with underscore in BookingListScreen.tsx - Remove unused handleScheduleLongPress function and ActionSheetIOS import from AvailabilityListScreen.tsx * feat(companion): unify booking filter UI for Android and extension - Remove SegmentedControl from web/extension booking list page - Use Header dropdown for booking status filter on both Android and web - Use unified event type filter dropdown for both platforms - Remove unused showFilterModal state and related code - Pass filterOptions, activeFilter, and onFilterChange to Header for all platforms * fix(companion): add header padding for web/extension to prevent button clipping - Add headerLeftContainerStyle and headerRightContainerStyle with 12px padding for web platform - Applied to root Stack and all nested tab Stack layouts - Fixes issue where header buttons were touching edges and getting chopped off on extension/web - Android remains unaffected as the fix is web-only * fix(companion): add HeaderButtonWrapper for web-only header padding - Create HeaderButtonWrapper component that adds 12px margin on web only - Wrap all header buttons with HeaderButtonWrapper to prevent clipping - Revert invalid screenOptions changes that caused typecheck errors - Apply fix to all screens with native header buttons: - reschedule.tsx, edit-location.tsx, add-guests.tsx - mark-no-show.tsx, view-recordings.tsx, meeting-session-details.tsx - event-type-detail.tsx, BookingDetailScreen.tsx, profile-sheet.tsx - edit-availability-day.tsx, edit-availability-name.tsx, edit-availability-override.tsx * update more ui-ux * address cubics comments * address cubics comments & open event type list page first for inttial render of app * chore: Integrate booking cancellation audit (#26458) ## What does this PR do? > **⚠️ Note: This PR does not enable booking audit in production.** The `BookingAuditTaskerProducerService` has an [`IS_PRODUCTION` guard](https://github.com/calcom/cal.com/blob/integrate-booking-creation-reschedule-audit/packages/features/booking-audit/lib/service/BookingAuditTaskerProducerService.ts#L106-L108) that skips audit task queueing in production environments. This allows the integration to be tested in development before enabling it in production. Integrates audit logging for booking cancellations, following the pattern established in PR #26046 for booking creation/rescheduling audit. - Related to #25125 (Booking Audit Infrastructure) ### Changes: - Add audit logging for single booking cancellation via `onBookingCancelled` - Add audit logging for bulk recurring booking cancellation via `onBulkBookingsCancelled` - Pass `userUuid` and `actionSource` from webapp cancel route (WEBAPP) - Pass `userUuid` and `actionSource` from API-v2 bookings service (API_V2) - Create `getAuditActor` helper to derive actor from userUuid or create synthetic guest actor - Add `getUniqueIdentifier` helper for generating unique actor identifiers - Add warning log when `actionSource` is "UNKNOWN" for observability - Add integration tests for booking cancellation audit ### Audit Data Captured: - `cancellationReason` (simple string value) - `cancelledBy` (simple string value) - `status` (old → new, e.g., "ACCEPTED" → "CANCELLED") ### Updates since last revision: - Simplified `CancelledAuditActionService` schema: `cancellationReason` and `cancelledBy` are now stored as simple nullable strings instead of change objects (old/new), since cancellation is a one-time event where tracking previous values doesn't apply - Added integration tests for cancelled booking audit in `booking-audit-cancelled.integration-test.ts` - Added `getUniqueIdentifier` helper function in actor.ts for generating unique identifiers with prefixes ## Mandatory Tasks (DO NOT REMOVE) - [x] I have self-reviewed the code (A decent size PR without self-review might be rejected). - [x] I have updated the developer docs in /docs if this PR makes changes that would require a [documentation change](https://cal.com/docs). N/A - no documentation changes needed. - [ ] I confirm automated tests are in place that prove my fix is effective or that my feature works. ## How should this be tested? 1. Cancel a single booking via the webapp - verify audit record is created with actor and actionSource="WEBAPP" 2. Cancel a single booking via API v2 - verify audit record is created with actionSource="API_V2" 3. Cancel all remaining bookings in a recurring series - verify bulk audit records are created with shared operationId 4. Cancel via unauthenticated cancel link - verify guest actor is created with synthetic email (prefixed with "param-" or "fallback-") 5. Run integration tests: `yarn test packages/features/booking-audit/lib/service/__tests__/booking-audit-cancelled.integration-test.ts` ## Human Review Checklist - [ ] Verify `onBookingCancelled` and `onBulkBookingsCancelled` methods exist in `BookingEventHandlerService` - [ ] Review the `getAuditActor` fallback logic - creates synthetic email with "fallback-" or "param-" prefix when no userUuid available - [ ] Confirm the simplified schema for `cancellationReason`/`cancelledBy` (no longer tracking old→new) is intentional - [ ] Note: Audit logging calls are awaited directly - if audit service fails, the cancellation will fail. Confirm this is the desired behavior. - [ ] Verify `CancelledAuditDisplayData` type no longer includes `previousReason` and `previousCancelledBy` fields --- Link to Devin run: https://app.devin.ai/sessions/42404e76a66946fe9e46fa07fb12e779 Requested by: @hariombalhara (hariom@cal.com) * feat: OAuth2 controller api v2 + refactor oAuth Trpc handlers (#25989) * feat(api-v2): add OAuth2 controller skeleton for auth module - Add new OAuth2 module under /auth with controller, service, repository, and DTOs - Implement skeleton endpoints: - GET /v2/auth/oauth2/clients/:clientId - Get OAuth client info - POST /v2/auth/oauth2/clients/:clientId/authorize - Generate authorization code - POST /v2/auth/oauth2/clients/:clientId/exchange - Exchange code for tokens - POST /v2/auth/oauth2/clients/:clientId/refresh - Refresh access token - Create input DTOs for authorize, exchange, and refresh operations - Create output DTOs for client info, authorization code, and tokens - Register OAuth2Module in endpoints.module.ts Co-Authored-By: morgan@cal.com <morgan@cal.com> * chore: add missing functions to platform libraries * feat(api-v2): integrate OAuthService from platform-libraries into OAuth2 controller - Add OAuthService export to platform-libraries - Refactor OAuth2Service to use OAuthService.validateClient() and OAuthService.verifyPKCE() - Remove duplicate local implementations of validateClient and verifyPKCE methods Co-Authored-By: morgan@cal.com <morgan@cal.com> * feat(api-v2): use local validateClient and verifyPKCE implementations - Remove OAuthService export from platform-libraries (will be deprecated) - Reimplement validateClient and verifyPKCE methods locally in OAuth2Service - Use verifyCodeChallenge and generateSecret from platform-libraries directly Co-Authored-By: morgan@cal.com <morgan@cal.com> * refactor(api-v2): separate repositories for OAuth2, access codes, and teams - Create AccessCodeRepository for access code Prisma operations - Add findTeamBySlugWithAdminRole method to TeamsRepository - Move generateAuthorizationCode, createTokens, verifyRefreshToken to OAuth2Service - Update OAuth2Repository to only contain OAuth client operations - Update OAuth2Module to import TeamsModule and provide AccessCodeRepository Addresses PR review comments to properly separate concerns Co-Authored-By: morgan@cal.com <morgan@cal.com> * feat(api-v2): implement JWT token creation and verification for OAuth2 - Implement createTokens method using jsonwebtoken to sign access and refresh tokens - Implement verifyRefreshToken method to verify JWT refresh tokens - Add ConfigService injection for CALENDSO_ENCRYPTION_KEY access - Import ConfigModule in OAuth2Module for dependency injection Based on logic from apps/web/app/api/auth/oauth/token/route.ts and apps/web/app/api/auth/oauth/refreshToken/route.ts Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: refactor and dayjs import fix * feat(api-v2): add ApiAuthGuard to getClient endpoint and e2e tests for OAuth2 - Add @UseGuards(ApiAuthGuard) to getClient endpoint for authentication - Add comprehensive e2e tests for all OAuth2 endpoints: - GET /v2/auth/oauth2/clients/:clientId - POST /v2/auth/oauth2/clients/:clientId/authorize - POST /v2/auth/oauth2/clients/:clientId/exchange - POST /v2/auth/oauth2/clients/:clientId/refresh - Tests cover happy paths and error cases (invalid client, invalid code, etc.) Co-Authored-By: morgan@cal.com <morgan@cal.com> * chore(api-v2): hide OAuth2 endpoints from Swagger documentation Co-Authored-By: morgan@cal.com <morgan@cal.com> * hide endpoints from doc * fix(api-v2): address PR feedback for OAuth2 controller - Fix P0 critical bug: token_type field name mismatch in DecodedRefreshToken interface - Add @Equals('authorization_code') validation to exchange.input.ts grantType - Add @Equals('refresh_token') validation to refresh.input.ts grantType - Add @IsNotEmpty() validation to get-client.input.ts clientId - Add @Expose() decorators to all output DTOs for proper serialization - Add security test assertion to verify clientSecret is not returned in response Co-Authored-By: morgan@cal.com <morgan@cal.com> * feat(api-v2): implement redirect behavior for OAuth2 authorize endpoint - Update authorize endpoint to return HTTP 303 redirect with authorization code - Add exact match validation for redirect URI (security requirement) - Implement error handling with redirect to redirect URI and error query params - Add state parameter support for CSRF protection - Update e2e tests to verify redirect behavior (303 status, Location header, error redirects) Co-Authored-By: morgan@cal.com <morgan@cal.com> * refactor(api-v2): address PR feedback for OAuth2 authorize endpoint - Make redirectUri a required input parameter (remove optional fallback) - Move buildRedirectUrl and mapErrorToOAuthError to oauth2Service - Add return statements to res.redirect() calls - Simplify controller by delegating redirect URL building to service Co-Authored-By: morgan@cal.com <morgan@cal.com> * wip move code outside of api v2 * feat(oauth): wire up dependency injection for OAuthService and repositories Co-Authored-By: morgan@cal.com <morgan@cal.com> * refactor: oAuthService used in routes * fix imports * fix(api-v2): return 404 for invalid client ID instead of redirect in authorize endpoint Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix(api-v2): fix E2E test URL paths and remove bootstrap() in authenticated section - Remove bootstrap() call in authenticated section to match working test pattern - Change URL paths from /api/v2/... to /v2/... in authenticated section - Keep bootstrap() and /api/v2/... paths in unauthenticated section Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix(api-v2): mock getToken from next-auth/jwt for E2E tests - Add jest.mock for next-auth/jwt getToken function - Mock returns null for unauthenticated tests - Mock returns { email: userEmail } for authenticated tests - Remove withNextAuth helper since ApiAuthGuard uses ApiAuthStrategy which calls getToken directly, not NextAuthStrategy Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix tests and code review * cleanup generate secrets * cleanup controller * chore: remove console.log from OAuthService.validateClient Co-Authored-By: morgan@cal.com <morgan@cal.com> * Update apps/web/app/api/auth/oauth/refreshToken/route.ts Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com> * fix(api-v2): add bootstrap() to authenticated E2E tests and update URL paths to /api/v2/ Co-Authored-By: morgan@cal.com <morgan@cal.com> * Merge remote-tracking branch 'origin/devin/oauth2-controller-skeleton-1765988792' and remove console.log from token route Co-Authored-By: morgan@cal.com <morgan@cal.com> * chore: remove dead code * refactor * refactor: generateAuthCode trpc handler and getClient trpc handler * remove pkce check for refreshToken endpoint * Update packages/trpc/server/routers/viewer/oAuth/getClient.handler.ts Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com> * refactor: error handling * refactor: error handling * refactor: error handling * remove console log * provide redirectUri in generateAuthCodeHandler * provide redirectUri in authorize view * refactor: replace HttpError with ErrorWithCode in OAuth files - Update OAuthService to use ErrorWithCode instead of HttpError - Update mapErrorToOAuthError to check ErrorCode instead of status codes - Update token/route.ts and refreshToken/route.ts to use ErrorWithCode - Add ErrorWithCode export to platform-libraries - Use getHttpStatusCode to map ErrorCode to HTTP status codes Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: update generateAuthCode handler to use ErrorWithCode instead of HttpError The handler was still checking for HttpError in its catch block, but OAuthService now throws ErrorWithCode. This caused the error messages to be lost and replaced with 'server_error' instead of the specific error messages. Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: update OAuth2 controller to use ErrorWithCode instead of HttpError The controller was still checking for HttpError in its catch blocks, but OAuthService now throws ErrorWithCode. This caused all errors to return 500 Internal Server Error instead of the correct HTTP status codes (400, 401, 404). Also added getHttpStatusCode export to platform-libraries. Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: add explicit unknown type annotation to catch blocks in OAuth2 controller Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: change NotFoundException to HttpException in authorize endpoint Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: handle err with ErrorWithCode in authorize endpoint catch block Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: move errorWithCode * fix: error code rfc * fix: no need to handle errors there is a middleware * refactor errors * refactor errors * refactor redirecturi and state from api * refactor: address PR comments for OAuth2 controller - Remove unused GetOAuth2ClientInput class - Change API tag from 'Auth / OAuth2' to 'OAuth2' - Move OAuthClientFixture to separ…
Fixes prototype pollution in _.unset and _.omit
* docs: add guidance for creating smaller, self-contained PRs Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * fix: remove PR size check from cubic-devin-review.yml per review feedback Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * docs: clarify PR size limits apply to code files only Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* quick cleanup * more fixes
* fixed text issue * matched style of api keys page * made changes to the upgradetip * made changes to the upgradetip * made changes to the upgradetip * Refactor TextField component properties --------- Co-authored-by: Pallav <90088723+pallava-joshi@users.noreply.github.com>
- Update .env.example with clarified Unkey configuration comments - Update README.md with explainer of Unkey and how it's optional.
Co-authored-by: peer@cal.com <peer@cal.com> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…/members to /members (#27053) * refactor: move organization members page from /settings/organizations/members to /members - Create new /members route under main-nav with same functionality - Add permanent redirect from /settings/organizations/members to /members - Include loading skeleton and server actions for the new route Co-Authored-By: peer@cal.com <peer@cal.com> * refactor: Deduplicate organization members page logic (#27168) * refactor(web): extract shared org members data fetching logic - Extract data fetching, coaching, and permission logic into [getOrgMembersPageData.ts](cci:7://file:///Users/dhairyashilshinde/work/cal.com/apps/web/modules/members/getOrgMembersPageData.ts:0:0-0:0) - Deduplicate logic between [/members](cci:7://file:///Users/dhairyashilshinde/work/cal.com/apps/web/app/%28use-page-wrapper%29/%28main-nav%29/members:0:0-0:0) and pages - Reduce page component size and improve maintainability * safe guard for org id null --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: Dhairyashil Shinde <93669429+dhairyashiil@users.noreply.github.com>
- Fix 'recieve' -> 'receive' in booking scenario test comment - Fix 'occured' -> 'occurred' in routing playground HTML - Fix 'childrenSeperated' -> 'childrenSeparated' in Breadcrumb component
## What does this PR do? Implements booking audit logging for round-robin reassignment events (both manual and automatic). This is part of the booking audit integration plan (PR 7). Changes: - Added audit logging to `roundRobinManualReassignment.ts` for manual host reassignments - Added audit logging to `roundRobinReassignment.ts` for automatic round-robin reassignments - Updated tRPC handlers to pass `actionSource: "WEBAPP"` and `reassignedByUuid` - Updated API v2 bookings service to pass `actionSource: "API_V2"` and `reassignedByUuid` - Updated `ReassignmentAuditActionService.ts` with proper field schemas and translation keys The audit logging uses `BookingEventHandlerService.onReassignment()` with proper actor identification and action source tracking. ## Updates since last revision Addressed review feedback: - Renamed `title` field to `hostName` for semantic clarity (tracks host name changes, not booking titles) - Fixed `assignedById` schema: changed from `NumberChangeSchema` to `z.number()` (no old/new pattern needed - it's always the user who performed the reassignment) - Fixed `reassignmentReason` schema: changed from `StringChangeSchema` to `z.string().nullable()` (no old/new pattern needed) - Added `ValidActionSource` type that excludes `UNKNOWN` - clients must pass explicit action sources - Made `actionSource` required in both reassignment functions (no longer optional) - Added integration tests for `ReassignmentAuditActionService` (15 tests covering all methods) - Updated `roundRobinManualReassign.handler.ts` to pass required `actionSource` and `reassignedByUuid` params **Latest fixes:** - Fixed `hasAttendeeUpdated` check in `ReassignmentAuditActionService.ts`: changed from `!== null` to `!= null` to properly handle undefined values - Updated test expectations in `ReassignmentAuditActionService.test.ts` to match the new display JSON field names (`hostAttendeeUserUuidNew`/`hostAttendeeUserUuidOld` instead of `newAssignedRRHostUuid`/`previousAssignedRRHostUuid`) - Fixed async `getDisplayFields` tests to properly await the Promise and include the `previous_assignee` field - Fixed `hasAttendeeUpdated` to check for `hostAttendeeUpdated` object presence instead of optional `id` field - host changes with only `withUserUuid` populated were being ignored (identified by Cubic AI, confidence 9/10) - Fixed test expectation in `getDisplayJson` test: removed incorrect null expectations for `hostAttendeeIdUpdated`, `hostAttendeeUserUuidNew`, `hostAttendeeUserUuidOld` - the implementation uses conditional spreading to omit these fields when `hostAttendeeUpdated` is not present, rather than setting them to null ## Mandatory Tasks (DO NOT REMOVE) - [x] I have self-reviewed the code (A decent size PR without self-review might be rejected). - [x] I have updated the developer docs in /docs if this PR makes changes that would require a [documentation change](https://cal.com/docs). N/A - no documentation changes needed. - [x] I confirm automated tests are in place that prove my fix is effective or that my feature works. ## How should this be tested? 1. Trigger a manual round-robin reassignment via the webapp and verify audit logs are created with `actionSource: "WEBAPP"` 2. Trigger an automatic round-robin reassignment and verify audit logs are created 3. Use API v2 to reassign a booking and verify audit logs are created with `actionSource: "API_V2"` 4. Verify the audit data contains correct values for `organizerUuid`, `hostAttendeeUpdated`, `reassignmentReason`, and `reassignmentType` ## Checklist - [x] My code follows the style guidelines of this project - [x] I have checked if my changes generate no new warnings ## Human Review Checklist - [x] Verify the `hasAttendeeUpdated` fix is correct: now checks `fields.hostAttendeeUpdated != null` to detect any host attendee update regardless of whether `id` is populated - [x] Verify `getDisplayJson` test fix: fields are correctly omitted (not set to null) when `hostAttendeeUpdated` is not present, matching the conditional spreading implementation - [ ] Verify all callers of reassignment functions pass required `actionSource` and `reassignedByUuid` - [ ] Confirm `getDisplayFields` is properly awaited in all call sites (it's now async) - [ ] Check that `ValidActionSource` type properly excludes `UNKNOWN` for client-side validation ## Important Notes for Reviewer 1. **Dependency on base PR**: The translation key changes use the format from base PR (#26046). This PR should be merged after the base PR. 2. **Schema changes**: The `organizerUuid` and `hostAttendeeUpdated` fields track both organizer changes and round-robin host attendee changes separately for complete audit trail. --- Link to Devin run: https://app.devin.ai/sessions/e4353e2ec6ea4a51ab33313bdc630aba Requested by: @hariombalhara
* feat: add graceful error handling for audit log enrichment - Add hasError field to EnrichedAuditLog type - Create buildFallbackAuditLog() method for failed enrichments - Wrap enrichAuditLog() in try-catch to handle errors gracefully - Add booking_audit_action.error_processing translation key - Update BookingHistory.tsx to show warning icon for error logs - Hide 'Show details' button for logs with hasError - Add comprehensive test cases for error handling scenarios Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * fix: include actionType in error_processing translation and allow expanded content for error logs Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* feat: add seat tracking infrastructure for monthly proration Add seat change logging infrastructure with operationId for idempotency. This PR adds the foundation for monthly proration billing by tracking seat additions and removals, gated behind the monthly-proration feature flag. - Add operationId field to SeatChangeLog for idempotency - Update SeatChangeLogRepository to support upsert with operationId - Add feature flag guard in SeatChangeTrackingService - Integrate seat tracking in team member invites - Integrate seat tracking in bulk user deletions - Integrate seat tracking in team service operations - Integrate seat tracking in DSYNC user creation When monthly-proration feature flag is disabled, seat logging is skipped and behavior remains unchanged. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * feat: add monthly proration processing Add monthly proration billing processing that works on top of the seat tracking infrastructure. This PR implements the core proration logic, webhook handlers, and integration with Stripe billing. - Enhance MonthlyProrationService to process seat change logs - Add payment webhook handlers (invoice.payment_succeeded, invoice.payment_failed) - Update subscription webhook to sync billing period on renewals - Update TeamBillingService to skip real-time updates when proration enabled - Enhance StripeBillingService with proration capabilities - Add Tasker enhancements for processing queues - Update team creation/upgrade routes Depends on: feat/monthly-proration-seat-tracking Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix: remove unused logger from SeatChangeTrackingService * fix: description for calculation * fix null check on trial * feat: add scheduled trigger.dev task for monthly proration * feat: add custom month key support and use batchTrigger * feat: add isValidMonthKey and return result from batch task * fix merge artifact --------- Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
… option (#26835) * feat: allow normal users to see userId filter with only themselves as option Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: return empty map when canReadOthersBookings is false and currentUser doesn't exist Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: use generic type parameter for Table to fix type compatibility Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * perf: disable listSimpleMembers query when canReadOthersBookings is false Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix(coss-ui): convert /settings/my-account/general to coss-ui
* update guide
* fix: add menuPosition fixed to TimezoneSelect in TravelScheduleModal
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* fix: use menuPortalTarget to render TimezoneSelect dropdown above dialog footer
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* fix: use Object.assign for type-safe styles in TimezoneSelect
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* revert comment
* fix: guard document access for SSR in TravelScheduleModal
Addresses Cubic AI review feedback: menuPortalTarget={document.body} will
throw during server rendering where document is undefined. Added typeof
check to guard against SSR.
Co-Authored-By: unknown <>
* change dialog backdrop from blur to dim
* fix: add menuPlacement auto to open dropdown upward on mobile
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* fix: use menuPlacement top on mobile for TimezoneSelect dropdown
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* fix: make timezone button stack vertically on mobile to prevent overflow
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* fix: make timezone select and button 50/50 width on larger viewports
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* fix date range picker issue on mobile
* prevent travel schedule dialog dismissal with date picker
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…ture (#27170) * --init * clean up * unnecessary comment * remove comment * fix factory resolver * Add active filter to webhook query
* chore: save progress * chore: * feat: add input dialog * fix: type error * feat: mass apply dialog * test: per host location * test: fix test * fix: address Cubic AI review feedback (confidence >= 9/10) - Remove PII (address, phone number) from tracing logs in RegularBookingService.ts - Constrain HostLocation.type to EventLocationType["type"] for compile-time validation Co-Authored-By: unknown <> * fix: translation * refactor: improvements * fix: correct grammar in custom host locations tooltip Change 'custom host locations is enabled' to 'custom host locations are enabled' (plural subject requires plural verb). Addresses Cubic AI review feedback (confidence 9/10). Co-Authored-By: unknown <> * refactor: improvements * fix: auth * fix: check * refactor: improvements * fix: address Cubic AI review feedback (confidence >= 9/10) - Add scheduleId to newly created hosts in update.handler.ts to persist host-specific schedules during create operations - Change host location deletion filter from !host.location to host.location === null to only delete when explicitly set to null - Fix static-link per-host locations to use actual link instead of type in locationBodyString for bookingLocationService.ts Co-Authored-By: unknown <> * fix: preserve existing host scheduleId when not explicitly provided Change scheduleId handling for existing hosts from 'host.scheduleId ?? null' to 'host.scheduleId === undefined ? undefined : host.scheduleId' so that when the client doesn't provide a scheduleId, the existing value is preserved instead of being cleared to null. Co-Authored-By: unknown <> * fix; type erro * fix; type erro * fix; type erro * refactor: move repository * refactor: move repository * fix: add singular/plural translations for location_applied_to_hosts Addresses Cubic AI review feedback (confidence 9/10) to fix '1 hosts' rendering as '1 host' by using i18next plural format with _one and _other suffixes. Co-Authored-By: unknown <> * refactor: feedback * fix: type err * fix: use uuid in schema and remove attendee locaiton * fix: type err * fix: type err * fix: validate eventTypeId as integer in massApplyHostLocation schema Co-Authored-By: unknown <> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…#27194) Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: unknown <> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: skip Select Account step if only one account is available * chore * chore * chore * test fixes * chore * refactor: address biome linting issues and decompose getServerSideProps --------- Co-authored-by: Kartik Saini <41051387+kart1ka@users.noreply.github.com> Co-authored-by: Dhairyashil Shinde <93669429+dhairyashiil@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )