289 commits

Author	SHA1	Message	Date
Pavel Zeman	d552098d62	Merge master into debug/binary-timeout	2026-04-10 10:01:55 +00:00
Pavel Zeman	78b2980ed5	fix: remove duplicate allow-failure input in server test template (#36004) ... The allow-failure input was defined twice in the workflow_call inputs, causing GitHub Actions to reject the workflow with 0 jobs on master push. Duplicate was introduced in #35743 merge. Release Note NONE Co-authored-by: Claude <claude@anthropic.com>	2026-04-09 15:47:20 -04:00
Pavel Zeman	860df69621	ci: re-enable server test coverage with 4-shard parallelism (#35743) ... * ci: re-enable server test coverage with 4-shard parallelism The test-coverage job was disabled due to OOM failures when running all tests with coverage instrumentation in a single process. Re-enable it by distributing the workload across 4 parallel runners using the shard infrastructure from the sharding PRs. Changes: - Replace disabled single-runner test-coverage with 4-shard matrix - Add merge-coverage job to combine per-shard cover.out files - Upload merged coverage to Codecov with server flag - Skip per-shard Codecov upload when sharding is active - Add coverage profile merging to run-shard-tests.sh for multi-run shards - Restore original condition: skip coverage on release branch PRs - Keep fullyparallel=true (fast within each shard) - Keep continue-on-error=true (coverage never blocks PRs) Co-authored-by: Claude <claude@anthropic.com> * fix: disable fullyparallel for coverage shards t.Parallel() + t.Setenv() panics kill entire test binaries under fullyparallel mode. With 4-shard splitting, serial execution within each shard should still be fast enough (~15 min). We can re-enable fullyparallel once the incompatible tests are fixed. Co-authored-by: Claude <claude@anthropic.com> * fix: add checkout to coverage merge job for Codecov file mapping Codecov needs the source tree to map coverage data to files. Without checkout, the upload succeeds but reports 0% coverage because it can't associate cover.out lines with source files. Co-authored-by: Claude <claude@anthropic.com> * ci: add codecov.yml and retain merged coverage artifact Add codecov.yml with: - Project coverage: track against parent commit, 1% threshold, advisory - Patch coverage: 50% target for new code, advisory (warns, doesn't block) - Ignore generated code (retrylayer, timerlayer, serial_gen, mocks, storetest, plugintest, searchtest) — these inflate the denominator from 146K to 100K statements, rebasing coverage from 36% to 53% - PR comments on coverage changes with condensed layout Save merged cover.out as artifact with 30-day retention (~3.5MB/run). 90-day retention was considered (~6.3GB total vs ~2.1GB at 30 days) but deferred to keep storage costs low. #### Release Note ```release-note NONE ``` Co-authored-by: Claude <claude@anthropic.com> * ci: add codecov.yml to exclude generated code and enable PR comments (#35748) * ci: add codecov.yml to exclude generated code and enable PR comments Add Codecov configuration to improve coverage signal quality: - Exclude generated code from coverage denominator: - store/retrylayer (~10k stmts, auto-generated retry wrappers) - store/timerlayer (~14k lines, auto-generated timing wrappers) - *_serial_gen.go (serialization codegen) - **/mocks (mockery-generated mocks) - Exclude test infrastructure: - store/storetest (~63k lines, test helpers not production code) - plugin/plugintest (plugin test helpers) - Exclude thin wrappers: - model/client4.go (~4k stmts, HTTP client methods tested via integration) - Enable PR comments with condensed layout - Set project threshold at 0.5% drop tolerance - Set patch target at 60% for new/changed lines This rebases the effective coverage metric from ~33.8% to ~43% by removing ~50k non-production statements from the denominator, giving a more accurate picture of actual test coverage. Co-authored-by: Claude <claude@anthropic.com> * Update codecov.yml --------- Co-authored-by: Claude <claude@anthropic.com> Co-authored-by: Jesse Hallam <jesse.hallam@gmail.com> * fix: bump upload-artifact to v7 and add client4.go to codecov ignore - Align upload-artifact pin with the rest of the workflow (v4 → v7) - Add model/client4.go to codecov.yml ignore list as documented in PR description Co-authored-by: Claude <claude@anthropic.com> * fix(ci): address Jesse review feedback on coverage sharding - Remove client4.go from codecov ignore list (coverage is meaningful) - Remove historical comment block above test-coverage job - Set fullyparallel back to true (safe per-shard since each runs different packages; parallel test fixes tracked in #35751) - Replace merge-coverage job with per-shard Codecov uploads using flags parameter; configure after_n_builds: 4 so Codecov waits for all shards before reporting status - Add clarifying comment in run-shard-tests.sh explaining intra-shard coverage merge (multiple gotestsum runs) vs cross-shard merge (handled natively by Codecov) - Simplify codecov.yml: remove verbose comments, use informational status checks, streamlined ignore list Co-authored-by: Claude <claude@anthropic.com> * fix(ci): set fullyparallel back to false for coverage shards Coverage shards 1-3 failed with hundreds of test failures because fullyparallel: true causes panics and races in tests that use t.Setenv, os.Setenv, and os.Chdir without parallel-safe alternatives. The parallel-safety fixes are tracked in a separate PR chain: - #35746: t.Setenv → test hooks - #35749: os.Setenv → parallel-safe alternatives - #35750: os.Chdir → t.Chdir - #35751: flip fullyparallel: true (final step) Once that chain merges, fullyparallel can be enabled for coverage too. Co-authored-by: Claude <claude@anthropic.com> * fix(ci): split fullyparallel and allow-failure into separate inputs Previously fullyparallel controlled both parallel test execution AND continue-on-error, meaning disabling parallelism also made coverage failures blocking. Split into two independent inputs: - fullyparallel: controls ENABLE_FULLY_PARALLEL_TESTS (test execution) - allow-failure: controls continue-on-error (advisory vs blocking) Coverage shards now run with fullyparallel: true (Claudio's original approach) and allow-failure: true (failures don't block PRs until parallel-safety fixes land in #35746 → #35751). Co-authored-by: Claude <claude@anthropic.com> * ci: use per-flag after_n_builds for server and webapp coverage Replace the global after_n_builds: 2 with per-flag values: - server: after_n_builds: 4 (one per shard) - webapp: after_n_builds: 1 (single merged upload) Tag the webapp Codecov upload with flags: webapp so each flag independently waits for its expected upload count. This prevents Codecov from firing notifications with incomplete data when the webapp upload arrives before all server shards complete. Addresses review feedback from @esarafianou. Co-authored-by: Claude <claude@anthropic.com> * fix: consolidate codecov config into .github/codecov.yml Move all codecov configuration into the existing .github/codecov.yml instead of introducing a duplicate file at the repo root. Merges improvements from the root file (broader ignore list, informational statuses, require_ci_to_pass: false) while preserving the webapp flag from the original config. Updates after_n_builds to 5 (4 server + 1 webapp). Co-authored-by: Claude <claude@anthropic.com> --------- Co-authored-by: Claude <claude@anthropic.com> Co-authored-by: Jesse Hallam <jesse.hallam@gmail.com>	2026-04-09 15:27:50 -04:00
Pavel Zeman	cf102afc17	ci: disable fullyparallel for binary parameters job (#35995) ... Binary parameters tests run unsharded on a single runner. With fullyparallel enabled, all ~755 api4 tests run concurrently, causing resource exhaustion (too many server instances, WebSocket hubs, and DB connections). The test binary gets killed after 11 minutes with no individual test failures — just overwhelmed resources. Disabling fullyparallel for this specific job lets binary parameters tests pass while we evaluate moving them to a nightly/weekly schedule. Co-authored-by: Claude <claude@anthropic.com>	2026-04-09 05:44:50 -04:00
Pavel Zeman	73aa78a925	debug: lower test timeout to 5m and enable verbose for binary mode hang diagnosis ... Temporary branch to capture goroutine dump when binary parameters test hangs under fullyparallel mode. Co-authored-by: Claude <claude@anthropic.com>	2026-04-09 01:48:14 +00:00
Pavel Zeman	6fdef8c9cc	ci: enable fullyparallel mode for server tests (#35816) ... * ci: enable fullyparallel mode for server tests Replace os.Setenv, os.Chdir, and global state mutations with parallel-safe alternatives (t.Setenv, t.Chdir, test hooks) across 37 files. Refactor GetLogRootPath and MM_INSTALL_TYPE to use package-level test hooks instead of environment variables. This enables gotestsum --fullparallel, allowing all test packages to run with maximum parallelism within each shard. Co-authored-by: Claude <claude@anthropic.com> * ci: split fullyparallel from continue-on-error in workflow template - Add new boolean input 'allow-failure' separate from 'fullyparallel' - Change continue-on-error to use allow-failure instead of fullyparallel - Update server-ci.yml to pass allow-failure: true for test coverage job - Allows independent control of parallel execution and failure tolerance Co-authored-by: Claude <claude@anthropic.com> * fix: protect TestOverrideLogRootPath with sync.Mutex for parallel tests - Replace global var TestOverrideLogRootPath with mutex-protected functions - Add SetTestOverrideLogRootPath() and getTestOverrideLogRootPath() functions - Update GetLogRootPath() to use thread-safe getter - Update all test files to use SetTestOverrideLogRootPath() with t.Cleanup() - Fixes race condition when running tests with t.Parallel() Co-authored-by: Claude <claude@anthropic.com> * fix: configure audit settings before server setup in tests - Move ExperimentalAuditSettings from UpdateConfig() to config defaults - Pass audit config via app.Config() option in SetupWithServerOptions() - Fixes audit test setup ordering to configure BEFORE server initialization - Resolves CodeRabbit's audit config timing issue in api4 tests Co-authored-by: Claude <claude@anthropic.com> * fix: implement SetTestOverrideLogRootPath mutex in logger.go The previous commit updated test callers to use SetTestOverrideLogRootPath() but didn't actually create the function in config/logger.go, causing build failures across all CI shards. This commit: - Replaces the exported var TestOverrideLogRootPath with mutex-protected unexported state (testOverrideLogRootPath + testOverrideLogRootMu) - Adds exported SetTestOverrideLogRootPath() setter - Adds unexported getTestOverrideLogRootPath() getter - Updates GetLogRootPath() to use the thread-safe getter - Fixes log_test.go callers that were missed in the previous commit Co-authored-by: Claude <claude@anthropic.com> * fix(test): use SetupConfig for access_control feature flag registration InitAccessControlPolicy() checks FeatureFlags.AttributeBasedAccessControl at route registration time during server startup. Setting the flag via UpdateConfig after Setup() is too late — routes are never registered and API calls return 404. Use SetupConfig() to pass the feature flag in the initial config before server startup, ensuring routes are properly registered. Co-authored-by: Claude <claude@anthropic.com> * fix(test): restore BurnOnRead flag state in TestRevealPost subtest The 'feature not enabled' subtest disables BurnOnRead without restoring it via t.Cleanup. Subsequent subtests inherit the disabled state, which can cause 501 errors when they expect the feature to be available. Add t.Cleanup to restore FeatureFlags.BurnOnRead = true after the subtest completes. Co-authored-by: Claude <claude@anthropic.com> * fix(test): restore EnableSharedChannelsMemberSync flag via t.Cleanup The test disables EnableSharedChannelsMemberSync without restoring it. If the subtest exits early (e.g., require failure), later sibling subtests inherit a disabled flag and become flaky. Add t.Cleanup to restore the flag after the subtest completes. Co-authored-by: Claude <claude@anthropic.com> * Fix test parallelism: use instance-scoped overrides and init-time audit config Replace package-level test globals (TestOverrideInstallType, SetTestOverrideLogRootPath) with fields on PlatformService so each test gets its own instance without process-wide mutation. Fix three audit tests (TestUserLoginAudit, TestLogoutAuditAuthStatus, TestUpdatePasswordAudit) that configured the audit logger after server init — the audit logger only reads config at startup, so pass audit settings via app.Config() at init time instead. Also revert the Go 1.24.13 downgrade and bump mattermost-govet to v2.0.2 for Go 1.25.8 compatibility. * Fix audit unit tests * Fix MMCLOUDURL unit tests * Fixed unit tests using MM_NOTIFY_ADMIN_COOL_OFF_DAYS * Make app migrations idempotent for parallel test safety Change System().Save() to System().SaveOrUpdate() in all migration completion markers. When two parallel tests share a database pool entry, both may race through the check-then-insert migration pattern. Save() causes a duplicate key fatal crash; SaveOrUpdate() makes the second write a harmless no-op. * test: address review feedback on fullyparallel PR - Use SetLogRootPathOverride() setter instead of direct field access in platform/support_packet_test.go and platform/log_test.go (pvev) - Restore TestGetLogRootPath in config/logger_test.go to keep MM_LOG_PATH env var coverage; test uses t.Setenv so it runs serially which is fine (pvev) - Fix misleading comment in config_test.go: code uses t.Setenv, not os.Setenv (jgheithcock) Co-authored-by: Claude <claude@anthropic.com> * fix: add missing os import in post_test.go The os import was dropped during a merge conflict resolution while burn-on-read shared channel tests from master still use os.Setenv. Co-authored-by: Claude <claude@anthropic.com> --------- Co-authored-by: Claude <claude@anthropic.com> Co-authored-by: wiggin77 <wiggin77@warpmail.net> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-08 20:48:36 -04:00
Jesse Hallam	71ca373de7	Generate instead of hard-coding test passwords, enforce new minimum for FIPS, shard CI, fix FIPS builds (#35905) ... * Replace hardcoded test passwords with model.NewTestPassword() Add model.NewTestPassword() utility that generates 14+ character passwords meeting complexity requirements for FIPS compliance. Replace all short hardcoded test passwords across the test suite with calls to this function. * Enforce FIPS compliance for passwords and HMAC keys FIPS OpenSSL requires HMAC keys to be at least 14 bytes. PBKDF2 uses the password as the HMAC key internally, so short passwords cause PKCS5_PBKDF2_HMAC to fail. - Add FIPSEnabled and PasswordFIPSMinimumLength build-tag constants - Raise the password minimum length floor to 14 when compiled with requirefips, applied in SetDefaults only when unset and validated independently in IsValid - Return ErrMismatchedHashAndPassword for too-short passwords in PBKDF2 CompareHashAndPassword rather than a cryptic OpenSSL error - Validate atmos/camo HMAC key length under FIPS and lengthen test keys accordingly - Adjust password validation tests to use PasswordFIPSMinimumLength so they work under both FIPS and non-FIPS builds * CI: shard FIPS test suite and extract merge template Run FIPS tests on PRs that touch go.mod or have 'fips' in the branch name. Shard FIPS tests across 4 runners matching the normal Postgres suite. Extract the test result merge logic into a reusable workflow template to deduplicate the normal and FIPS merge jobs. * more * Fix email test helper to respect FIPS minimum password length * Fix test helpers to respect FIPS minimum password length * Remove unnecessary "disable strict password requirements" blocks from test helpers * Fix CodeRabbit review comments on PR #35905 - Add server-test-merge-template.yml to server-ci.yml pull_request.paths so changes to the reusable merge workflow trigger Server CI validation - Skip merge-postgres-fips-test-results job when test-postgres-normal-fips was skipped, preventing failures due to missing artifacts - Set guest.Password on returned guest in CreateGuestAndClient helper to keep contract consistent with CreateUserWithClient - Use shared LowercaseLetters/UppercaseLetters/NUMBERS/PasswordFIPSMinimumLength constants in NewTestPassword() to avoid drift if FIPS floor changes https://claude.ai/code/session_01HmE9QkZM3cAoXn2J7XrK2f * Rename FIPS test artifact to match server-ci-report pattern The server-ci-report job searches for artifacts matching "*-test-logs", so rename from postgres-server-test-logs-fips to postgres-server-fips-test-logs to be included in the report. --------- Co-authored-by: Claude <noreply@anthropic.com>	2026-04-08 16:49:43 -03:00
sabril	993c3cb5d2	fix: test analysis override (#35987)	2026-04-09 01:24:08 +08:00
sabril	c303dd8e08	fix: test analysis (#35986)	2026-04-09 00:50:06 +08:00
sabril	fba382d5bd	feat(test analysis): using reusable workflow (#35852) ... * feat(test analysis): using reusable workflow * address comment * pin to main during initial rollout --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-09 00:20:28 +08:00
Eva Sarafianou	252eb9661d	Update docs-impact workflow to keep stale comment instead of deleting (#35940) ... * Update docs-impact workflow to keep stale comment instead of deleting When a re-run of the docs impact analysis determines that documentation updates are no longer needed, the previous bot comment was deleted while the Docs/Needed label was kept. This left the label without context. Instead of deleting the comment, update it to explain that a previous analysis had flagged the PR but the latest run found no docs impact. This preserves the audit trail and gives maintainers context to decide whether to remove the label. Made-with: Cursor * Update .github/workflows/docs-impact-review.yml Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>	2026-04-07 13:20:03 +03:00
Jesse Hallam	4d20645a5b	Inline mattermost-govet into the monorepo (#35869) ... * inline mattermost-govet * fix style issues * simplify the openApiSync spec test * README.md tweaks * fix missing licenses * simplify README.md * trigger server-ci on tools/mattermost-govet/** * Apply 470cf78253 --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-01 13:24:22 +00:00
Eva Sarafianou	aaefd4109b	MM-68120 - Use repo checkout for build files in server-ci-artifacts (#35842) ... * Use repo checkout for Dockerfile in server-ci-artifacts build-docker job The build-docker job was downloading server-build-artifact to get the Dockerfile and supporting files for every PR. Switch to checking out server/build/ directly from the repo for external PRs, while keeping the artifact-based flow for same-repo PRs so that Dockerfile changes can be tested before merge. Only upload server-build-artifact when the PR comes from the same repo, since external PRs no longer use it. Made-with: Cursor * retrigger pipelines * undo previous commit --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-01 14:12:56 +03:00
Amy Blais	47d2c6074d	Docs impact fixes (#35877) ... * Update docs-impact-review.yml * Update docs-impact-review.yml * Update docs-impact-review.yml * Apply suggestions from code review Co-authored-by: Eva Sarafianou <eva.sarafianou@mattermost.com> * Update .github/workflows/docs-impact-review.yml Co-authored-by: Eva Sarafianou <eva.sarafianou@gmail.com> * Update docs-impact-review.yml * Update docs-impact-review.yml * Update docs-impact-review.yml --------- Co-authored-by: Eva Sarafianou <eva.sarafianou@mattermost.com> Co-authored-by: Eva Sarafianou <eva.sarafianou@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-01 09:44:52 +03:00
yasser khan	2550ecd87b	ci: post success to required e2e status contexts when no relevant changes (#35880) ... * ci: post correct skip status from within cypress/playwright reusable workflows The 'Required Status Checks' ruleset requires e2e-test/cypress-full/enterprise and e2e-test/playwright-full/enterprise on master and release-*.* branches. When a PR has no E2E-relevant changes, the jobs were silently skipped, leaving required statuses unset and the PR permanently blocked. Architecture fix: instead of a separate skip-e2e job in the caller that hardcodes status context names, the skip logic now lives inside the reusable workflows that already own and compute those context names. Changes: - e2e-tests-cypress.yml: add should_run input (default 'true') + skip job that uses the dynamically-computed context_name when should_run == 'false' - e2e-tests-playwright.yml: same pattern - e2e-tests-ci.yml: change e2e-cypress/e2e-playwright job conditions from should_run == 'true' to PR_NUMBER != '' (always run when there's a PR), pass should_run as input to both reusable workflows	2026-04-01 10:34:55 +05:30
Carlos Garcia	fd2dd1c618	updated go to version 1.25.8 (#35817) ... * updated go to version 1.25.8 * updated gotestsum version to work with go 1.25.8 go 1.25 does not work with indirect tools 0.11 dependency pulled by gotestsum. * Use sync.WaitGroup.Go to simplify goroutine creation Replace the wg.Add(1) + go func() { defer wg.Done() }() pattern with wg.Go(), which was introduced in Go 1.25. * pushes fips image on workflow dispatch to allow fips test to run on go version update * fix new requirements for FIPS compliance imposed on updating to go 1.25.8 * updates openssl symbol check for library shipped with FIPS new versions go-openssl v2 shipped with FIPS versions starting from 1.25 uses mkcgo to generate bindings causing symbol names to be different. * removes temp workflow-dispatch condition * keep versions out of agents md file	2026-03-27 21:11:52 +01:00
Eva Sarafianou	d012849219	Fix docs-impact-review workflow to reliably post analysis comments (#35831) ... - Skip draft PRs and trigger on ready_for_review to run when a draft is marked ready - Remove use_sticky_comment (broken upstream, see anthropics/claude-code-action#1052) and inline review comments which caused claude[bot] to appear as a PR reviewer - Write analysis to a file and post it via github-script as a sticky comment from github-actions[bot], avoiding conflicts with the Claude Code Review App - Manage docs/needed label from the file directly Made-with: Cursor	2026-03-27 19:20:21 +02:00
Eva Sarafianou	66894045e7	Allow Cursor bot to trigger docs impact review workflow (#35756) ... The claude-code-action blocks bot-initiated workflows by default. Adding cursor to allowed_bots so PRs opened by Cursor are analyzed. Made-with: Cursor	2026-03-27 13:07:03 +02:00
Amy Blais	a6d1942ff6	Fix issue where "Docs/Needed label is not getting added (#35794) ... * Update docs-impact-review.yml * Update docs-impact-review.yml --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-03-27 08:32:53 +02:00
Pavel Zeman	51232b58ef	ci: shard server Postgres tests into 4 parallel runners (#35739) ... * ci: add test sharding plumbing to server CI Add infrastructure for upcoming test sharding without changing behavior: - Add shard-index and shard-total inputs to server-test-template.yml (defaults preserve existing single-runner behavior) - Add timing cache restore step (activates only when shard-total > 1) - Add merge-postgres-test-results job to server-ci.yml that: - Merges JUnit XML reports from shard artifacts - Saves timing data cache for future shard balancing - Handles both single-artifact and multi-shard scenarios - Add .gitignore entries for timing cache and shard work files Co-authored-by: Claude <claude@anthropic.com> * ci: shard server Postgres tests into 4 parallel runners Extract sharding logic into standalone, tested scripts and enable 4-shard parallel test execution for server Postgres CI: Scripts: - server/scripts/shard-split.js: Node.js bin-packing solver that assigns test packages to shards using timing data from previous runs. Two-tier strategy: light packages (<2min) whole, heavy packages (api4, app) split at individual test level. - server/scripts/run-shard-tests.sh: Multi-run wrapper that calls gotestsum directly for each package group with -run regex filters. - server/scripts/shard-split.test.js: 8 test cases covering round-robin fallback, timing-based balancing, heavy package splitting, JUnit XML fallback, and enterprise package separation. Workflow changes: - server-test-template.yml: Add shard splitting step that discovers test packages and runs the solver. Modified Run Tests step to use wrapper script when sharding is active. - server-ci.yml: Add 4-shard matrix to test-postgres-normal. Update merge job artifact patterns for shard-specific names. Performance: 7.2 min with timing cache vs 62.5 min baseline = 88% wall-time improvement. First run without cache uses JUnit XML fallback or round-robin, then populates the cache for subsequent runs. Co-authored-by: Claude <claude@anthropic.com> * fix: raise heavy package threshold to 5 min to preserve test isolation sqlstore integrity tests scan the entire database and fail when other packages' test data is present. At 182s, sqlstore was just over the 120s threshold and getting split at test level. Raising to 300s keeps only api4 (~38 min) and app (~15 min) as heavy — where the real sharding gains are — while sqlstore, elasticsearch, etc. stay whole and maintain their test isolation guarantees. Co-authored-by: Claude <claude@anthropic.com> * ci: only save test timing cache on default branch PR branches always restore from master's timing cache via restore-keys prefix matching. Timing data is stable day-to-day so this eliminates cache misses on first PR runs and reduces cache storage. Co-authored-by: Claude <claude@anthropic.com> * ci: skip FIPS tests on PRs (enterprise CI handles compile check) Per review feedback: the enterprise CI already runs a FIPS compile check on every PR. Running the full FIPS test suite on PRs is redundant since it uses the identical test suite as non-FIPS — the only FIPS-specific failure mode is a build failure from non-approved crypto imports, which the enterprise compile check catches. Full FIPS tests continue to run on every push to master. Co-authored-by: Claude <claude@anthropic.com> * fix: address review feedback on run-shard-tests.sh - Remove set -e so all test runs execute even if earlier ones fail; track failures and exit with error at the end (wiggin77) - Remove unused top-level COVERAGE_FLAG variable (wiggin77) - Fix RUN_IDX increment position so report, json, and coverage files share the same index (wiggin77) - Update workflow comment: heavy threshold is 5 min, not 2 min (wiggin77) Co-authored-by: Claude <claude@anthropic.com> * style: use node: prefix for built-in fs module in shard-split.js Co-authored-by: Claude <claude@anthropic.com> * fix: avoid interpolating file paths into generated shell script Read shard package lists from files at runtime instead of interpolating them into the generated script via printf. This prevents theoretical shell metacharacter injection from directory names, as flagged by DryRun Security. Co-authored-by: Claude <claude@anthropic.com> * fix(ci): rename merged artifact to match server-ci-report glob The merged artifact was named postgres-server-test-logs-merged which does not match the *-test-logs pattern in server-ci-report.yml, causing Postgres test results to be missing from PR/commit reports. Also pins junit-report-merger to exact version 7.0.0 for supply chain safety. Co-authored-by: Claude <claude@anthropic.com> * fix(ci): pass RACE_MODE env into Docker container RACE_MODE was set on the host runner but never included in the docker run --env list. The light-package path worked because the heredoc expanded on the host, but run-shard-tests.sh reads RACE_MODE at runtime inside the container where it was unset. This caused heavy packages (api4, app) to silently lose -race detection. Co-authored-by: Claude <claude@anthropic.com> * fix(ci): discover new tests in heavy packages not in timing cache Tests not present in the timing cache (newly added or renamed) would not appear in any shard -run regex, causing them to silently skip. After building items from the cache, run go test -list to discover current test names and assign any cache-missing tests to shards via the normal bin-packing algorithm with a small default duration. Co-authored-by: Claude <claude@anthropic.com> * fix(ci): add missing line continuation backslash in docker run The previous --env FIPS_ENABLED line was missing a trailing backslash after adding --env RACE_MODE, causing docker run to see a truncated command and fail with "requires at least 1 argument". Co-authored-by: Claude <claude@anthropic.com> * fix(ci): add setup-go step for shard test discovery go test -list in shard-split.js runs on the host runner via execSync, but Go is only available inside the Docker container. Without this step, every invocation fails silently and new-test discovery is a no-op. Adding actions/setup-go before the shard split step ensures the Go toolchain is available on the host. Co-authored-by: Claude <claude@anthropic.com> --------- Co-authored-by: Claude <claude@anthropic.com>	2026-03-26 15:07:40 -04:00
Daniel Schalla	a3cdef8b0f	Fix docs-impact-review CI hitting max turns limit (#35744) ... * Fix docs-impact-review hitting max turns by adding filesystem tools The claude-code-action workflow instructs Claude to search ./docs/source/ for existing documentation, but only grants gh and MCP tools. Claude repeatedly attempts filesystem access, gets denied, and exhausts the 30-turn limit. Add find, grep, cat, and ls to --allowedTools so the docs checkout can actually be searched. * Harden docs-impact-review against prompt-injection exfiltration - Drop find from allowedTools (unsafe due to -exec) - Scope ls, cat, grep to ./docs/source* paths only - Add persist-credentials: false to both checkout steps to prevent token extraction from .git/config * Use built-in Read/Glob/Grep tools instead of scoped Bash wrappers Built-in tools cannot execute commands, chain via shell operators, or abuse flags like -exec, making them inherently safer than any Bash glob pattern for filesystem access.	2026-03-23 21:57:24 +01:00
sabril	ae1691a368	fix(pr-analysis): on large diff and reduce gh pr calls (#35734) ... * fix(pr-analysis): on large diff and reduce gh pr calls * address comments	2026-03-23 17:51:18 +08:00
Pavel Zeman	b416344931	ci: cache prepackaged plugins in mmctl tests (#35720) ... * ci: cache prepackaged plugins in mmctl tests Cache the prepackaged_plugins directory between mmctl test runs using actions/cache. The cache key is derived from a SHA-256 hash of the PLUGIN_PACKAGES lines in server/Makefile, so the cache automatically invalidates whenever any plugin version is bumped — no manual key updates needed. Uses actions/cache output (cache-hit) to skip the download step entirely on cache hits. Saves ~1-2 minutes per mmctl test run by avoiding repeated plugin downloads. Co-authored-by: Claude <claude@anthropic.com> * fix: align plugin cache key with actual downloaded packages Address CodeRabbit review: cache key was derived from all 15 plugins in the Makefile, but the download only fetched jira plugin. Now both the hash and the download use the same MMCTL_PLUGIN_PACKAGES value, defined once, preventing stale cache or unnecessary invalidation. Co-authored-by: Claude <claude@anthropic.com> * Revert "fix: align plugin cache key with actual downloaded packages" This reverts commit 73303864bf. * Revert "ci: cache prepackaged plugins in mmctl tests" This reverts commit acd1ec757a. * prepackage the existing test plugin to speed up tests * fix: use public key for plugin signature verification in test --------- Co-authored-by: Claude <claude@anthropic.com> Co-authored-by: Jesse Hallam <jesse@mattermost.com>	2026-03-22 22:34:33 +08:00
sabril	e6b8e12fb9	SEC-9862: Add CI check for test analysis (#35555) ... * feat: add CI check for test analysis * update per comments * address comments * on silence mode, with general prompt and webhook message for analysis and suggestions * update test analysis and override only via comment not label * address reviews	2026-03-22 22:18:39 +08:00
Pavel Zeman	a357d4f024	ci: skip server CI for docs-only changes (#35719) ... Add path exclusions for markdown files, NOTICE.txt, and CHANGELOG.md to the pull_request trigger. This prevents the full 60-minute CI suite from running when a PR only changes documentation. Exclusions added: - server/**/*.md - server/NOTICE.txt - server/CHANGELOG.md Co-authored-by: Claude <claude@anthropic.com>	2026-03-20 12:44:06 -04:00
Eva Sarafianou	5af5b6dfac	[MM-67744] Add -buildvcs=false to default GOFLAGS (#35587) ... * Add -buildvcs=false to default GOFLAGS This prevents Go from embedding VCS information into binaries, which avoids false positives in container vulnerability scanners like Trivy when using Go workspaces with enterprise dependencies. Also updates mmctl-build target to use $(GO) and $(GOFLAGS) for consistency with other build targets. Made-with: Cursor * Update comment wording Trigger PR sync to test Enterprise CI Made-with: Cursor * Trigger CI to test Enterprise CI fix Made-with: Cursor * Test Enterprise CI Made-with: Cursor * replace buildvcs metadata in mmctl * rm redundant -buildvcs=false in GitHub actions * update mmctl-docs to $(GO) * simplify getVersionInfo signature * use GOOS/GOARCH convention * export GOFLAGS for common use * Clarify version.go var block comment --------- Co-authored-by: Jesse Hallam <jesse@mattermost.com>	2026-03-20 10:28:36 -03:00
Eva Sarafianou	fee649d063	Run docs-impact-review as regular CI instead of slash command (#35620) ... * Run docs-impact-review as regular CI instead of slash command Switch the Documentation Impact Review workflow from a `/docs-review` slash command trigger to running automatically on pull_request events. The analysis posts a sticky PR comment and inline comments, and adds a `docs/needed` label when documentation changes are needed. Made-with: Cursor * Address review feedback: harden docs-impact-review workflow - Remove invalid `direct_prompt` input not recognized by the pinned claude-code-action version (auto-detects mode from event type). - Guard Claude step with secret availability check so fork and Dependabot PRs skip gracefully instead of failing. - Move label management out of the LLM into a deterministic github-script step that parses the sticky comment, eliminating prompt-injection and excessive-agency risks. Made-with: Cursor * Fix secret check: use job-level env var instead of secrets context in step if The secrets context is not available in step-level if expressions. Evaluate it as a job-level env var and reference that instead. Made-with: Cursor * Use paginated API call to fetch all PR comments Prevents missing the bot comment on busy PRs with more than 30 comments. Made-with: Cursor * Address review: add issues:write permission, remove auto-label-removal - Upgrade issues permission from read to write (required for addLabels API) - Remove automatic docs/needed label removal to avoid stripping the label prematurely when the analysis comment hasn't been posted yet Made-with: Cursor	2026-03-19 09:47:36 +02:00
Amy Blais	9e73b9bb0c	Update docs-impact-review.yml (#35589) ... Automatic Merge	2026-03-16 08:55:21 +01:00
Jesse Hallam	5aefff30cf	Add CI check for broken mattermost.com links in webapp (#35093) ... * Add CI check for broken mattermost.com links in webapp Add a script that scans the webapp source files for links to mattermost.com domains and tests each unique URL for 404s. This helps detect broken documentation and marketing links early. - New script: webapp/scripts/check-external-links.mjs - New npm target: check-external-links - New CI job in webapp-ci.yml to run on every commit * Add --markdown flag for GitHub Actions job summary * Fix job summary: use pipefail and suppress progress output * Require mattermost.com links to use /pl/ permalink format * Require all mattermost.com links (including subdomains) to use /pl/ * Allow exceptions for push servers and root domain * Make non-permalink URLs warnings instead of errors * Add User-Agent header and retry GET on 403 * Follow redirects when checking URLs Check the final destination of redirects to catch broken links that redirect to error pages. If a redirect response has the Cloudflare cf-mitigated header, assume the URL is OK and stop following. * Simplify link checker code - Combine PUSH_SERVER_PATTERN and HPNS_PATTERN into single regex - Simplify validatePermalink to return boolean (reason was unused) - Consolidate Cloudflare header checks in processResponse * replace broken links with valid ones * updates	2026-03-11 17:43:08 -04:00
sabril	0c0d2eb373	fix: E2E-only PR image tag for release branches (#35472)	2026-03-09 16:00:29 +08:00
dependabot[bot]	56953189f3	Bump the github-actions-updates group with 11 updates (#35500) ... Bumps the github-actions-updates group with 11 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `6.0.2` | | [actions/setup-node](https://github.com/actions/setup-node) | `6.2.0` | `6.3.0` | | [docker/login-action](https://github.com/docker/login-action) | `3.7.0` | `4.0.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.19.2` | `7.0.0` | | [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) | `1.0.54` | `1.0.70` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.32.3` | `4.32.6` | | [actions/setup-go](https://github.com/actions/setup-go) | `6.2.0` | `6.3.0` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `47.0.4` | `47.0.5` | | [getsentry/action-release](https://github.com/getsentry/action-release) | `3.1.1` | `3.5.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.12.0` | `4.0.0` | | [mikepenz/action-junit-report](https://github.com/mikepenz/action-junit-report) | `6.2.0` | `6.3.1` | Updates `actions/checkout` from 4.2.2 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.2.2...de0fac2e4500dabe0009e67214ff5f5447ce83dd) Updates `actions/setup-node` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](6044e13b5d...53b83947a5) Updates `docker/login-action` from 3.7.0 to 4.0.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](c94ce9fb46...b45d80f862) Updates `docker/build-push-action` from 6.19.2 to 7.0.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](10e90e3645...d08e5c354a) Updates `anthropics/claude-code-action` from 1.0.54 to 1.0.70 - [Release notes](https://github.com/anthropics/claude-code-action/releases) - [Commits](0cf5eeec4f...26ec041249) Updates `github/codeql-action` from 4.32.3 to 4.32.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](9e907b5e64...0d579ffd05) Updates `actions/setup-go` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](7a3fe6cf4c...4b73464bb3) Updates `tj-actions/changed-files` from 47.0.4 to 47.0.5 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](7dee1b0c15...22103cc46b) Updates `getsentry/action-release` from 3.1.1 to 3.5.0 - [Release notes](https://github.com/getsentry/action-release/releases) - [Changelog](https://github.com/getsentry/action-release/blob/master/CHANGELOG.md) - [Commits](00ed2a6cc2...dab6548b3c) Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](8d2750c68a...4d04d5d948) Updates `mikepenz/action-junit-report` from 6.2.0 to 6.3.1 - [Release notes](https://github.com/mikepenz/action-junit-report/releases) - [Commits](74626db735...49b2ca06f6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: actions/setup-node dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: docker/login-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: docker/build-push-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: anthropics/claude-code-action dependency-version: 1.0.70 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates - dependency-name: github/codeql-action dependency-version: 4.32.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates - dependency-name: actions/setup-go dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: tj-actions/changed-files dependency-version: 47.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates - dependency-name: getsentry/action-release dependency-version: 3.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: docker/setup-buildx-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: mikepenz/action-junit-report dependency-version: 6.3.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-03-07 13:36:18 +08:00
sabril	c513d04e7e	chore: bump versions of actions (#35386) ... * chore: bump versions of actions * bump download and upload artifacts * revert dependabot to weekly	2026-03-06 09:35:11 +08:00
sabril	4e81e504c4	Fix E2E-only PRs and duplicate E2E test runs after PR merges (#35368) ... * use master or release base branch correctly for e2e-test-change only * prevent duplicate run for PR already merged to master or release branch	2026-02-19 23:24:54 +08:00
Daniel Schalla	202334aaa0	Allow GH Bash Invocations (#35376)	2026-02-19 12:27:06 +00:00
Daniel Schalla	7ccafd7988	Fix PR Checkout (#35375)	2026-02-19 11:59:02 +00:00
Daniel Schalla	0fa5e235bc	Fix Permission Request for Docs Agent (#35373)	2026-02-19 12:07:09 +01:00
Daniel Schalla	45f54a0e3f	Implementation of Documentation Impact Review Workflow via GH Actions (#35358) ... * Experiemntal Docs Agent * Improve analysis section * Remove PR Creation Features; Add some safety instructions * Remove Safety Instructions after riskier operations were removed	2026-02-18 20:13:51 +01:00
sabril	0ec4a474d5	E2E/Test: Increase parallel tests and removed smoke tests (#35271) ... * test: increase parallel tests and removed smoke tests both in cypress and playwright * add duration and retest info * indicate overall, first-pass and re-run run and test durations	2026-02-17 10:23:41 +08:00
Harrison Healey	1e98250566	MM-66867/MM-67318 Add initial version of shared package (#35065) ... * Change moduleResolution to bundler This makes TS follow the module resolution of newer versions of Node.js which makes it use the `imports` and `exports` fields of the package.json while not requiring file extensions in some cases which it does when set to node16 or nodenext. I'm changing this to make it so that VS Code can correctly import things from our types package without adding `/src/` to the import path erroneously. Hopefully it doesn't introduce any other issues. * Change make clean to use package.json script * Remove missing fields from SystemEmoji type These were removed from emoji.json in https://github.com/mattermost/mattermost-webapp/pull/9597, but we forgot to remove the fields from the type definition. They weren't used anyway. * MM-66867 Add initial version of shared package This initial version includes the shared context, React Intl support (although that's currently untested), linting, and testing support. It builds with Parcel. * Move isSystemEmoji into Types package * MM-67318 Add Emoji component to shared package To limit the number of changes to the web app, it still uses RenderEmoji which wraps the new component for the time being. I'll likely replace RenderEmoji with using it directly in a future PR, but I may leave it as-is if the changes are too big because the API is different. * Add postinstall script to build shared package * Revert changes to moduleResolution and add typesVersions to shared package I plan to still change moduleResolution to bundler since it's the new default for TS projects, and since it lets TS use the exports field in package.json, but it requires other changes to fix some minor issues in this repo which I don't want to muddy this PR with. Adding typesVersions lets TS resolve the components in the shared package like it does with the types package while using the old value for moduleResolution. Plugins still use the old value for moduleResolution, so this will let them use the shared package with fewer updates changes as well. * Fix Webpack not always watching other packages for changes * Add shared package dependencies and build output to CI cache * Update @parcel/watcher to fix segfaults This package seems to be older than the rest of the newly added Parcel dependencies because it's used by sass. * Fix build script not doing that * Go back to manually specifying postinstall order I just learned that postinstall scripts run in parallel because I was running into an issue where the client and types packages were building at the same time, causing one of them to fail. They still run in parallel, so that may still occasionally happen, but by specifying the order manually, we hopefully avoid that happening like we seemed to do before. * Further revert changes to postinstall script The subpackages were also being built when installed by a plugin * Increment cache keys * Fix typo * Change the cache busting to look at shared/package.json * Attempt to debug tests and caching * Debugging... * Add shared package to platform code coverage * Remove caching of package builds and manually run postinstall during web app CI setup * Debugging... * Remove CI debugging logic * Update package-lock.json * Change Emoji component back to taking an emojiName prop * Add .parcel-cache to .gitignore	2026-02-13 14:53:10 -05:00
sabril	a711b22717	SEC-9513 feat: e2e tests on master and releases (#35205) ... * feat: e2e tests on master and releases * (for pipelines testing only, will be removed after) * remove test pipelines	2026-02-11 13:02:25 +08:00
sabril	5a408b757c	(fix): verified by label and playwright rerun on failed specs (#35161)	2026-02-05 08:48:29 +08:00
sabril	981ff0bc46	MM-66362 feat: run e2e full tests after successful smoke tests both in cypress and playwright (#34868) ... * feat: run e2e full tests after successful smoke tests both in cypress and playwright * fix lint check on jsdoc req in playwright test * update smoke test filter * update test filter for cypress tests * update docker services, fix branch convention and rearrange secrets * update e2e-test workflow docs * reorganized * fix lint * fix playwright template * fix results assertion * add retest, e2e-test-verified, gh comments of failed tests, path filters, run e2e-tests check first and demote unstable tests * run using master image for e2e-only changes, add ts/js actions for cypress and playwright calculations, add verified by label --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-02 08:37:55 +08:00
sabril	dab04576a1	MM-66972 Upgrade to node 24 and main dependencies with babel, webpack and jest (#34760) ... * chore: upgrade to node 24 and dependencies mainly with babel, webpack and jest * fix components tests, make trial modal passed on all node 20-24 * fix cache for platform packages * updated test --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-01-14 13:14:01 +08:00
Caleb Roseland	db55f9fa43	MM-66653: migrate i18n extraction from mmjstool to @formatjs/cli (#34498) ... * feat(webapp): migrate i18n extraction from mmjstool to @formatjs/cli Replace custom mmjstool with industry-standard @formatjs/cli for i18n message extraction. Adds support for localizeMessage as a recognized extraction function and enables comprehensive ESLint rules for i18n. Changes by area: Dependencies (package.json): - Add @formatjs/cli v6.7.4 - Remove @mattermost/mmjstool dependency - Replace i18n-extract script with formatjs command - Remove mmjstool-specific scripts (clean-empty, check-empty-src) - Add i18n-extract:check for diff validation Code (utils.tsx): - Refactor localizeMessage to accept MessageDescriptor format - Support {id, defaultMessage, description} parameters - Maintain Redux store access (non-React context compatible) - Add comprehensive JSDoc documentation Linting (.eslintrc.json): - Configure formatjs settings with additionalFunctionNames - Enable 9 formatjs ESLint rules including enforce-id (error) - Ensure all messages require explicit manual IDs CI/CD (webapp-ci.yml): - Simplify i18n check to formatjs extraction + diff - Remove mmjstool and mobile-dir references Context: Second attempt at PR #25830. Uses manual IDs only with [id] placeholder pattern to enforce explicit ID requirements. ESLint will catch missing IDs during development. * chore(webapp): add temporary i18n reconciliation tooling Add helper script to analyze conflicts between en.json and defaultMessage values in code. This tooling will be reverted after initial migration cleanup is complete. Tooling added: - scripts/i18n-reconcile-conflicts.js: Analyzes conflicts - Detects spelling corrections - Identifies placeholder mismatches - Flags significant content changes - Provides recommendations on which version to keep - npm script: i18n-reconcile Usage: npm run i18n-reconcile This will be reverted after reconciling the ~50 duplicate message warnings and determining correct versions for conflicting messages. * chore(webapp): upgrade eslint-plugin-formatjs and centralize formatjs deps Move @formatjs/cli to root webapp package.json alongside other formatjs dependencies for better monorepo organization. Upgrade eslint-plugin-formatjs from 4.12.2 to 5.4.2 for latest features and bug fixes. Changes: - Upgrade eslint-plugin-formatjs: 4.12.2 → 5.4.2 - Move @formatjs/cli to webapp/package.json (from channels) - Centralize formatjs tooling at monorepo root level This provides: - Better dependency management in monorepo - Latest formatjs ESLint rules and features - Consistent tooling across workspaces * feat(webapp): make localizeMessage fully compatible with formatMessage API Extend localizeMessage to accept a values parameter for placeholder interpolation, making it fully compatible with react-intl's formatMessage API. Remove the now-redundant localizeAndFormatMessage function. Changes to localizeMessage: - Add values parameter for {placeholder} interpolation - Use getIntl() for proper ICU message formatting - Support full formatMessage feature parity outside React contexts - Update JSDoc with interpolation examples - Mark as deprecated (prefer useIntl in React components) Code cleanup: - Remove localizeAndFormatMessage function (redundant) - Migrate all localizeAndFormatMessage usages to localizeMessage - Remove unused imports: getCurrentLocale, getTranslations - Add getIntl import Files migrated: - notification_actions.tsx: notification.crt message - app_command_parser_dependencies.ts: intlShim formatMessage This consolidates i18n logic and provides a single, feature-complete localization function for non-React contexts. Example usage: // Before (old function) localizeAndFormatMessage( {id: 'welcome', defaultMessage: 'Hello {name}'}, {name: 'John'} ) // After (consolidated) localizeMessage( {id: 'welcome', defaultMessage: 'Hello {name}'}, {name: 'John'} ) * refactor(i18n): remove intlShim abstraction, use IntlShape directly Remove intlShim wrapper and use react-intl's IntlShape type throughout. Key Changes: - Remove intlShim constant from app_command_parser_dependencies.ts - Update errorMessage() signature to accept IntlShape parameter - Use IntlShape for intl properties in AppCommandParser and ParsedCommand - Call getIntl() at function start in actions (command.ts, marketplace.ts) - Pass IntlShape to AppCommandParser and doAppSubmit consistently Files Modified: - app_command_parser_dependencies.ts: Remove intlShim, update errorMessage - app_command_parser.ts: Use IntlShape type - command.ts, marketplace.ts: Call getIntl() early, pass to parser - app_provider.tsx, command_provider.tsx: Use getIntl() in constructor - apps.ts: Update doAppSubmit signature Benefits: Better type safety, standard react-intl patterns, eliminates unnecessary abstraction. Context: Part of migration to @formatjs/cli tooling. * refactor(webapp): remove deprecated t() function and refactor login validation Remove the deprecated t() function that was used as a marker for the old mmjstool extraction. With @formatjs/cli, this is no longer needed as extraction happens directly from formatMessage calls. Changes: - Remove t() function definition from utils/i18n.tsx - Remove t() import and marker calls from login.tsx - Refactor login validation logic from multiple if statements to a clean switch(true) pattern that evaluates boolean combinations directly - Add helpful comments documenting the structure of login method combinations - Add default case as safety fallback The switch(true) pattern eliminates the need to build a key string and makes the login method combination logic clearer and more maintainable. Prompt: Remove deprecated t() translation marker function used by old mmjstool. Refactor login validation from if blocks to switch(true) with boolean cases. * refactor(i18n): share IntlProvider's intl instance with getIntl() Make getIntl() return the same IntlShape instance that IntlProvider creates, ensuring consistency between React components (using useIntl()) and non-React contexts (using getIntl()). Changes: - Add intlInstance storage in utils/i18n.tsx - Export setIntl() function to store the intl instance - Modify getIntl() to return stored instance if available, with fallback to createIntl() for tests and early initialization - Add IntlCapture component in IntlProvider that uses useIntl() hook to capture and store the intl instance via setIntl() Benefits: - Single source of truth: Both React and non-React code use the same IntlShape - Consistent translations: No duplicate translation loading or potential desync - Leverages IntlProvider's translation loading lifecycle automatically - Maintains fallback for edge cases where IntlProvider hasn't mounted yet Prompt: Refactor getIntl() to reuse IntlProvider's intl instance instead of creating a separate instance, ensuring both React and non-React contexts use the same translations and intl configuration. * 1 * exclude test files * reset en.json * refactor(i18n): inline message ID constants for formatjs extraction Replace dynamic ID references with literal strings to enable proper formatjs extraction. Formatjs can only extract from static message IDs, not from variables or computed IDs. Changes: - configuration_bar.tsx: Inline AnnouncementBarMessages constants to literal string IDs ('announcement_bar.error.past_grace', 'announcement_bar.error.preview_mode') - system_analytics.test.tsx: Replace variable IDs (totalPlaybooksID, totalPlaybookRunsID) with literal strings ('total_playbooks', 'total_playbook_runs') - password.tsx: Use full message descriptor from passwordErrors object instead of dynamic ID with hardcoded defaultMessage. The errorId is still built dynamically using template strings, but the actual message is looked up from the passwordErrors defineMessages block where formatjs can extract it. This eliminates all "[id]" placeholder entries from extraction output and ensures all messages have proper extractable definitions. Prompt: Fix dynamic message ID references that formatjs extraction can't parse. Inline constants and use message descriptor lookups to enable clean extraction without [id] placeholders. * fix(i18n): add missing defaultMessage to drafts.tooltipText The drafts.tooltipText FormattedMessage had an empty defaultMessage, causing formatjs extraction to output an empty string for this message. Added the proper defaultMessage with plural formatting for draft and scheduled post counts. Prompt: Fix empty defaultMessage in drafts tooltip causing extraction issues. * feat(i18n): add --preserve-whitespace flag to formatjs extraction Add the --preserve-whitespace flag to ensure formatjs extraction maintains exact whitespace from defaultMessage values. This is important for messages with intentional formatting like tabs, multiple spaces, or line breaks. Prompt: Add --preserve-whitespace to i18n extraction to maintain exact formatting. * feat(i18n): add custom formatjs formatter matching mmjstool ordering Create custom formatter that replicates mmjstool's sorting behavior: - Case-insensitive alphabetical sorting - Underscore (_) sorts before dot (.) to match existing en.json ordering - Simple key-value format (extracts defaultMessage) The underscore-before-dot collation matches mmjstool's actual behavior and reduces diff size by 50% compared to standard alphabetical sorting. Changes: - scripts/formatter.js: Custom compareMessages, format, and compile functions - package.json: Use --format scripts/formatter.js instead of --format simple Prompt: Create custom formatjs formatter matching mmjstool's exact sorting behavior including underscore-before-dot collation to minimize migration diff. * feat(i18n): enhance reconciliation script with git history metadata Add git log lookups to show when each message was last modified in both en.json and code files. This enables data-driven decisions about which version to keep when resolving conflicts. Enhancements: - getEnJsonLastModified(): Find when an en.json entry last changed - findCodeFile(): Locate source file for a message ID (handles id= and id:) - getCodeLastModified(): Get last modification date for source files - Caching for performance (minimizes git operations) Output includes: 📅 en.json: [date] | [hash] | [commit message] 📅 code: [date] | [hash] | [commit message] 📂 file: [source file path] Analysis shows en.json entries from 2023 while code actively updated 2024-2025, indicating code is more authoritative. Prompt: Add git history to reconciliation report showing modification dates for data-driven conflict resolution decisions. * feat(i18n): add optional duplicate message ID check script Add i18n-extract:check-duplicates script that fails if the same message ID has different defaultMessages in multiple locations. This is kept as an optional standalone script rather than auto-chained with i18n-extract to allow the migration to proceed while duplicates are addressed separately. Usage: npm run i18n-extract:check-duplicates The script runs formatjs extract to /dev/null and checks stderr for "Duplicate message id" warnings, failing if any are found. Prompt: Add optional duplicate ID check as standalone npm script for gradual migration without blocking on existing duplicate message IDs. * about.enterpriseEditionLearn * admin.accesscontrol.title * eslint-plugin-formatjs version to eslint 8 compat * admin.channel_settings.channel_detail.access_control_policy_title * admin.connectionSecurityTls - now: admin.connectionSecurityTls.title * admin.customProfileAttribDesc now: - admin.customProfileAttribDesc.ldap - admin.customProfileAttribDesc.saml * admin.gitlab.clientSecretExample * package-lock * admin.google.EnableMarkdownDesc - fix err `]` in admin.google.EnableMarkdownDesc.openid - now: - admin.google.EnableMarkdownDesc.oauth - admin.google.EnableMarkdownDesc.openid * admin.image.amazonS3BucketExample - now: - admin.image.amazonS3BucketExample - admin.image.amazonS3BucketExampleExport * admin.license.trialCard.contactSales * admin.log.AdvancedLoggingJSONDescription - now: - admin.log.AdvancedLoggingJSONDescription - admin.log.AdvancedAuditLoggingJSONDescription * admin.rate.noteDescription - now - admin.rate.noteDescription - admin.info_banner.restart_required.desc (3) * admin.system_properties.user_properties.title - now: - admin.system_properties.user_properties.title - admin.accesscontrol.user_properties.link.label * admin.system_users.filters.team.allTeams, admin.system_users.filters.team.noTeams * admin.user_item.email_title * announcement_bar.error.preview_mode * channel_settings.error_purpose_length * deactivate_member_modal.desc - now: - deactivate_member_modal.desc - deactivate_member_modal.desc_with_confirmation * deleteChannelModal.canViewArchivedChannelsWarning * edit_channel_header_modal.error * filtered_channels_list.search - now: - filtered_channels_list.search - filtered_channels_list.search.label * flag_post.flag * generic_icons.collapse * installed_outgoing_oauth_connections.header * intro_messages.group_message * intro_messages.notificationPreferences - now: - intro_messages.notificationPreferences - intro_messages.notificationPreferences.label * katex.error * multiselect.placeholder - now: - multiselect.placeholder - multiselect.placeholder.addMembers * post_info.pin, post_info.unpin, rhs_root.mobile.flag take en.json * texteditor.rewrite.rewriting * user_groups_modal.addPeople split to user_groups_modal.addPeople.field_title * user.settings.general.validImage take en.json * userSettings.adminMode.modal_header take en.json * webapp.mattermost.feature.start_call split to user_profile.call.start * admin.general.localization.enableExperimentalLocalesDescription take en.json * login.contact_admin.title, login.contact_admin.detail take en.json * fix: correct spelling of "complementary" in accessibility sections * Revert "about.enterpriseEditionLearn" This reverts commit 23ababe1ce. * about.enterpriseEditionLearn, about.planNameLearn * fix: improve clarity and consistency in activity log and command descriptions * fix: update emoji upload limits and improve help text for emoji creation * fix easy round 1 * fix: improve messaging for free trial notifications and sales contact take en.json * admin.billing.subscription.planDetails.features.limitedFileStorage take en.json * admin.billing.subscription.updatePaymentInfo take en.json * fix easy round 2 * admin.complianceExport.exportFormat.globalrelay take en.json * fix round 3 * fix round 4 * fix round 5 * fix round 6 * fix closing tag, newlines, and popout title * fix linting, + * update snapshots * test(webapp): update tests to match formatjs migration message changes Update test assertions to reflect message text changes from the mmjstool → @formatjs/cli migration. All changes align with the corresponding i18n message updates in the codebase. Changes: - limits.test.tsx: Update capitalization (Message History → Message history, File Storage → File storage) - emoji_picker.test.tsx: Update label (Recent → Recently Used) - command.test.js: Add period to error message - channel_activity_warning_modal.test.tsx: Update warning text assertion - channel_settings_archive_tab.test.tsx: Update archive warning text - feature_discovery.test.tsx: Update agreement name (Software and Services License Agreement → Software Evaluation Agreement) - flag_post_modal.test.tsx: Update placeholder text (Select a reason for flagging → Select a reason) - channel_intro_message.test.tsx: Remove trailing space from assertion - elasticsearch_settings.tsx: Fix searchableStrings placeholder names (documentationLink → link) to match updated message format All 983 test suites passing (12 tests fixed, 9088 tests total). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * chore(i18n): improve cross-platform compatibility and cleanup temporary tooling Simplify i18n check scripts to reuse npm run i18n-extract, improving cross-platform compatibility and reducing duplication. Changes: - Refactor i18n-extract:check to reuse base extraction command - Uses project-local temp file instead of /tmp (Windows compatible) - Simplified from duplicated formatjs command to npm run reuse - Add --throws flag to fail fast on extraction errors - Add helpful error message: "To update: npm run i18n-extract" - Add i18n-extract:check to main check script - Now runs alongside ESLint and Stylelint checks - Ensures en.json stays in sync with code changes - Remove i18n-extract:check-duplicates script - Redundant - duplicates are caught by i18n-extract automatically - Avoided grep dependency (not cross-platform) - Remove temporary reconciliation tooling - Deleted scripts/i18n-reconcile-conflicts.js (served its purpose) - Removed i18n-reconcile npm script - Add .i18n-check.tmp.json to .gitignore i18n-extract:check now works on Windows, macOS, and Linux. Requires only diff command (available via Git on Windows). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * ci(webapp): simplify i18n check using npm script Replace custom i18n check in CI with npm run i18n-extract:check for consistency with local development workflow. Changes: - Update check-i18n job to use npm run i18n-extract:check - Remove manual cp/extract/diff steps (3 lines → 1 line) - Consistent behavior between CI and local development - Cross-platform compatible (no /tmp dependency) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * feat(i18n): add i18n extraction targets to Makefile and workspace scripts Add Make targets and npm workspace scripts for i18n message extraction to provide consistent tooling access across the project. Changes: - Add make i18n-extract target to webapp/Makefile - Extracts i18n messages from code to en.json - Add make i18n-extract-check target to webapp/Makefile - Checks if en.json is in sync with code - Add i18n-extract workspace script to webapp/package.json - Runs extraction across all workspaces - Add i18n-extract:check workspace script to webapp/package.json - Runs sync check across all workspaces Usage: make i18n-extract # Extract messages make i18n-extract-check # Check if en.json needs update npm run i18n-extract # From webapp root npm run i18n-extract:check 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * feat(i18n): add cross-platform cleanup utility for temp files Add Node.js cleanup script to handle temporary file removal in a cross-platform manner, replacing platform-specific rm commands. Changes: - Add webapp/scripts/cleanup.js - Cross-platform file deletion utility - Silently handles missing files - Works on Windows/Mac/Linux - Update i18n-extract:check to use cleanup script - Removes .i18n-check.tmp.json after diff - Cleans up on both success and failure paths Usage: node scripts/cleanup.js <file1> [file2] [...] 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * chore(i18n): remove 'defineMessage' from additionalFunctionNames in ESLint config * chore(i18n): update i18n-extract check script and remove unused cleanup utility context: WSL is already required on windows * chore(i18n): remove ESLint rule disabling for formatjs placeholders in admin definition * chore(i18n): admin_definition - re-add defineMessage to eslint additionalfunctionnames - mark additional individual placeholder lines in admin_definition * fix(i18n): correct typo in enterprise edition link message * chore(i18n): fix escape sequences * revert emoji.ts changes * fix snapshots * fix admin.google.EnableMarkdownDesc - keep en.json but fix linkAPI and <strong>Create</strong> * restore newlines, and final corrections check * update snapshots * fix: i18n * chore(e2e): admin.complianceExport.exportJobStartTime.title * chore(e2e): emoji_picker.travel-places * chore(e2e): user.settings.general.incorrectPassword * chore(e2e): signup_user_completed.create * chore(e2e): fix Invite People * chore(fix): admin console email heading * chore(e2e): fix edit_channel_header_modal.placeholder * chore(e2e): fix Create account * chore(e2e): fix Create account * chore(e2e): correct success message text in password update alert * fix: admin guide label * chore(e2e): update role name in invite people combobox * chore(e2e): more "Create account" * chore(e2e): fix authentication_spec * lint --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-01-12 17:22:04 -06:00
Carlos Garcia	0f432a1ee3	fixes registry used for mattermost-build-server image push and pull (#34882) ... * fixes registry used for mattermost-build-server image push and pull * fixes credentials needed for logging in to mattermosr registry	2026-01-08 19:57:02 +00:00
Jesse Hallam	895aa387d9	MM-66952: Disable Generate Test Coverage job in CI (#34749) ... Temporarily disable the test coverage job which is running out of memory and causing spurious CI failures.	2025-12-15 16:08:37 -04:00
Pablo Vélez	8d1bde6daa	Fix: Split CI cache for platform builds to use source-based key (#34713)	2025-12-12 15:55:58 +01:00
sabril	c14d5e6eef	Add shard and log heap usage in Jest (#34656) ... * add shard and log heap usage in jest * separate each type of tests * fix code coverage and indicate heap usage to all tests * exercise each 10 times, change channels shard to 4 * revert to single run, fix npm cache and merge/report code coverage with nyc	2025-12-11 10:54:12 +08:00
Jesse Hallam	3c47f2055b	Fix missing server ci reporting (#34641) ... * s/Server CI (PR|Master)/Server CI/ * whitespace changes * fixup! s/Server CI (PR|Master)/Server CI/ * Check workflow event type instead of name for PR reporting Address code review feedback by checking github.event.workflow_run.event instead of github.event.workflow_run.name since Server CI now runs for both PRs and master branches. --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2025-12-08 16:47:03 -04:00
sabril	5de5102b99	MM-66555: Add GH action to save mmctl E2E test report to Zephyr (#34429) ... * add GH action to save mmctl e2e test report to zephyr * test on pr * bundle dependencies and set conditonal run on local and GH * ensure test keys are saved * improve github summary * add test, organize types * update dependencies * only run on master and release branch	2025-11-14 09:22:00 +08:00