2956 commits

Author	SHA1	Message	Date
Pavel Zeman	d552098d62	Merge master into debug/binary-timeout	2026-04-10 10:01:55 +00:00
Pavel Zeman	860df69621	ci: re-enable server test coverage with 4-shard parallelism (#35743) ... * ci: re-enable server test coverage with 4-shard parallelism The test-coverage job was disabled due to OOM failures when running all tests with coverage instrumentation in a single process. Re-enable it by distributing the workload across 4 parallel runners using the shard infrastructure from the sharding PRs. Changes: - Replace disabled single-runner test-coverage with 4-shard matrix - Add merge-coverage job to combine per-shard cover.out files - Upload merged coverage to Codecov with server flag - Skip per-shard Codecov upload when sharding is active - Add coverage profile merging to run-shard-tests.sh for multi-run shards - Restore original condition: skip coverage on release branch PRs - Keep fullyparallel=true (fast within each shard) - Keep continue-on-error=true (coverage never blocks PRs) Co-authored-by: Claude <claude@anthropic.com> * fix: disable fullyparallel for coverage shards t.Parallel() + t.Setenv() panics kill entire test binaries under fullyparallel mode. With 4-shard splitting, serial execution within each shard should still be fast enough (~15 min). We can re-enable fullyparallel once the incompatible tests are fixed. Co-authored-by: Claude <claude@anthropic.com> * fix: add checkout to coverage merge job for Codecov file mapping Codecov needs the source tree to map coverage data to files. Without checkout, the upload succeeds but reports 0% coverage because it can't associate cover.out lines with source files. Co-authored-by: Claude <claude@anthropic.com> * ci: add codecov.yml and retain merged coverage artifact Add codecov.yml with: - Project coverage: track against parent commit, 1% threshold, advisory - Patch coverage: 50% target for new code, advisory (warns, doesn't block) - Ignore generated code (retrylayer, timerlayer, serial_gen, mocks, storetest, plugintest, searchtest) — these inflate the denominator from 146K to 100K statements, rebasing coverage from 36% to 53% - PR comments on coverage changes with condensed layout Save merged cover.out as artifact with 30-day retention (~3.5MB/run). 90-day retention was considered (~6.3GB total vs ~2.1GB at 30 days) but deferred to keep storage costs low. #### Release Note ```release-note NONE ``` Co-authored-by: Claude <claude@anthropic.com> * ci: add codecov.yml to exclude generated code and enable PR comments (#35748) * ci: add codecov.yml to exclude generated code and enable PR comments Add Codecov configuration to improve coverage signal quality: - Exclude generated code from coverage denominator: - store/retrylayer (~10k stmts, auto-generated retry wrappers) - store/timerlayer (~14k lines, auto-generated timing wrappers) - *_serial_gen.go (serialization codegen) - **/mocks (mockery-generated mocks) - Exclude test infrastructure: - store/storetest (~63k lines, test helpers not production code) - plugin/plugintest (plugin test helpers) - Exclude thin wrappers: - model/client4.go (~4k stmts, HTTP client methods tested via integration) - Enable PR comments with condensed layout - Set project threshold at 0.5% drop tolerance - Set patch target at 60% for new/changed lines This rebases the effective coverage metric from ~33.8% to ~43% by removing ~50k non-production statements from the denominator, giving a more accurate picture of actual test coverage. Co-authored-by: Claude <claude@anthropic.com> * Update codecov.yml --------- Co-authored-by: Claude <claude@anthropic.com> Co-authored-by: Jesse Hallam <jesse.hallam@gmail.com> * fix: bump upload-artifact to v7 and add client4.go to codecov ignore - Align upload-artifact pin with the rest of the workflow (v4 → v7) - Add model/client4.go to codecov.yml ignore list as documented in PR description Co-authored-by: Claude <claude@anthropic.com> * fix(ci): address Jesse review feedback on coverage sharding - Remove client4.go from codecov ignore list (coverage is meaningful) - Remove historical comment block above test-coverage job - Set fullyparallel back to true (safe per-shard since each runs different packages; parallel test fixes tracked in #35751) - Replace merge-coverage job with per-shard Codecov uploads using flags parameter; configure after_n_builds: 4 so Codecov waits for all shards before reporting status - Add clarifying comment in run-shard-tests.sh explaining intra-shard coverage merge (multiple gotestsum runs) vs cross-shard merge (handled natively by Codecov) - Simplify codecov.yml: remove verbose comments, use informational status checks, streamlined ignore list Co-authored-by: Claude <claude@anthropic.com> * fix(ci): set fullyparallel back to false for coverage shards Coverage shards 1-3 failed with hundreds of test failures because fullyparallel: true causes panics and races in tests that use t.Setenv, os.Setenv, and os.Chdir without parallel-safe alternatives. The parallel-safety fixes are tracked in a separate PR chain: - #35746: t.Setenv → test hooks - #35749: os.Setenv → parallel-safe alternatives - #35750: os.Chdir → t.Chdir - #35751: flip fullyparallel: true (final step) Once that chain merges, fullyparallel can be enabled for coverage too. Co-authored-by: Claude <claude@anthropic.com> * fix(ci): split fullyparallel and allow-failure into separate inputs Previously fullyparallel controlled both parallel test execution AND continue-on-error, meaning disabling parallelism also made coverage failures blocking. Split into two independent inputs: - fullyparallel: controls ENABLE_FULLY_PARALLEL_TESTS (test execution) - allow-failure: controls continue-on-error (advisory vs blocking) Coverage shards now run with fullyparallel: true (Claudio's original approach) and allow-failure: true (failures don't block PRs until parallel-safety fixes land in #35746 → #35751). Co-authored-by: Claude <claude@anthropic.com> * ci: use per-flag after_n_builds for server and webapp coverage Replace the global after_n_builds: 2 with per-flag values: - server: after_n_builds: 4 (one per shard) - webapp: after_n_builds: 1 (single merged upload) Tag the webapp Codecov upload with flags: webapp so each flag independently waits for its expected upload count. This prevents Codecov from firing notifications with incomplete data when the webapp upload arrives before all server shards complete. Addresses review feedback from @esarafianou. Co-authored-by: Claude <claude@anthropic.com> * fix: consolidate codecov config into .github/codecov.yml Move all codecov configuration into the existing .github/codecov.yml instead of introducing a duplicate file at the repo root. Merges improvements from the root file (broader ignore list, informational statuses, require_ci_to_pass: false) while preserving the webapp flag from the original config. Updates after_n_builds to 5 (4 server + 1 webapp). Co-authored-by: Claude <claude@anthropic.com> --------- Co-authored-by: Claude <claude@anthropic.com> Co-authored-by: Jesse Hallam <jesse.hallam@gmail.com>	2026-04-09 15:27:50 -04:00
Carlos Garcia	2be57a7ec0	adds team member data sanitizing (#35562) ... * adds team member data sanitizing * assert using require * adds data sanitizing to team members for user endpoint * team admin data visibility now tests with different user	2026-04-09 16:12:15 +02:00
Pavel Zeman	d1ca297721	Revert "Strip remote_id field from user patch API requests (#35910)" (#35996) ... This reverts commit fc9d3be368 which introduced a CI regression.	2026-04-09 05:06:42 -04:00
Rajat Dabade	1c093d3760	Upgraded board prepackaged version to v9.2.4 (#35969)	2026-04-09 13:20:50 +05:30
JG Heithcock	fc9d3be368	Strip remote_id field from user patch API requests (#35910) ... * Strip remote_id from user patch API requests * Ignore remote_id in user update API endpoints Add SetUserRemoteID test helper in testlib to set remote_id via direct SQL, bypassing the now-protected store Update method. Update existing tests in app and api4 packages to use the new helper. --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-08 21:47:57 -07:00
Pavel Zeman	b109e39127	debug: isolate binary hang to channels/api4 with sequential execution ... - Remove --rerun-fails (avoids retrying hung tests) - Target only channels/api4 package - Add -count=1 to disable test caching - Add -parallel=1 to run tests sequentially - Keep -timeout=10m for goroutine dump if hang persists - Keep -v and standard-verbose for real-time output If the hang disappears with -parallel=1, it confirms parallel contention specific to binary mode. Co-authored-by: Claude <claude@anthropic.com>	2026-04-09 02:50:28 +00:00
Pavel Zeman	13fc03eca4	debug: use standard-verbose format for gotestsum to prevent output buffering ... gotestsum's default 'testname' format buffers output, hiding which tests are currently running. standard-verbose streams go test -v output in real time, so we can see === RUN lines for hanging tests. Co-authored-by: Claude <claude@anthropic.com>	2026-04-09 02:03:38 +00:00
Pavel Zeman	73aa78a925	debug: lower test timeout to 5m and enable verbose for binary mode hang diagnosis ... Temporary branch to capture goroutine dump when binary parameters test hangs under fullyparallel mode. Co-authored-by: Claude <claude@anthropic.com>	2026-04-09 01:48:14 +00:00
Pavel Zeman	6fdef8c9cc	ci: enable fullyparallel mode for server tests (#35816) ... * ci: enable fullyparallel mode for server tests Replace os.Setenv, os.Chdir, and global state mutations with parallel-safe alternatives (t.Setenv, t.Chdir, test hooks) across 37 files. Refactor GetLogRootPath and MM_INSTALL_TYPE to use package-level test hooks instead of environment variables. This enables gotestsum --fullparallel, allowing all test packages to run with maximum parallelism within each shard. Co-authored-by: Claude <claude@anthropic.com> * ci: split fullyparallel from continue-on-error in workflow template - Add new boolean input 'allow-failure' separate from 'fullyparallel' - Change continue-on-error to use allow-failure instead of fullyparallel - Update server-ci.yml to pass allow-failure: true for test coverage job - Allows independent control of parallel execution and failure tolerance Co-authored-by: Claude <claude@anthropic.com> * fix: protect TestOverrideLogRootPath with sync.Mutex for parallel tests - Replace global var TestOverrideLogRootPath with mutex-protected functions - Add SetTestOverrideLogRootPath() and getTestOverrideLogRootPath() functions - Update GetLogRootPath() to use thread-safe getter - Update all test files to use SetTestOverrideLogRootPath() with t.Cleanup() - Fixes race condition when running tests with t.Parallel() Co-authored-by: Claude <claude@anthropic.com> * fix: configure audit settings before server setup in tests - Move ExperimentalAuditSettings from UpdateConfig() to config defaults - Pass audit config via app.Config() option in SetupWithServerOptions() - Fixes audit test setup ordering to configure BEFORE server initialization - Resolves CodeRabbit's audit config timing issue in api4 tests Co-authored-by: Claude <claude@anthropic.com> * fix: implement SetTestOverrideLogRootPath mutex in logger.go The previous commit updated test callers to use SetTestOverrideLogRootPath() but didn't actually create the function in config/logger.go, causing build failures across all CI shards. This commit: - Replaces the exported var TestOverrideLogRootPath with mutex-protected unexported state (testOverrideLogRootPath + testOverrideLogRootMu) - Adds exported SetTestOverrideLogRootPath() setter - Adds unexported getTestOverrideLogRootPath() getter - Updates GetLogRootPath() to use the thread-safe getter - Fixes log_test.go callers that were missed in the previous commit Co-authored-by: Claude <claude@anthropic.com> * fix(test): use SetupConfig for access_control feature flag registration InitAccessControlPolicy() checks FeatureFlags.AttributeBasedAccessControl at route registration time during server startup. Setting the flag via UpdateConfig after Setup() is too late — routes are never registered and API calls return 404. Use SetupConfig() to pass the feature flag in the initial config before server startup, ensuring routes are properly registered. Co-authored-by: Claude <claude@anthropic.com> * fix(test): restore BurnOnRead flag state in TestRevealPost subtest The 'feature not enabled' subtest disables BurnOnRead without restoring it via t.Cleanup. Subsequent subtests inherit the disabled state, which can cause 501 errors when they expect the feature to be available. Add t.Cleanup to restore FeatureFlags.BurnOnRead = true after the subtest completes. Co-authored-by: Claude <claude@anthropic.com> * fix(test): restore EnableSharedChannelsMemberSync flag via t.Cleanup The test disables EnableSharedChannelsMemberSync without restoring it. If the subtest exits early (e.g., require failure), later sibling subtests inherit a disabled flag and become flaky. Add t.Cleanup to restore the flag after the subtest completes. Co-authored-by: Claude <claude@anthropic.com> * Fix test parallelism: use instance-scoped overrides and init-time audit config Replace package-level test globals (TestOverrideInstallType, SetTestOverrideLogRootPath) with fields on PlatformService so each test gets its own instance without process-wide mutation. Fix three audit tests (TestUserLoginAudit, TestLogoutAuditAuthStatus, TestUpdatePasswordAudit) that configured the audit logger after server init — the audit logger only reads config at startup, so pass audit settings via app.Config() at init time instead. Also revert the Go 1.24.13 downgrade and bump mattermost-govet to v2.0.2 for Go 1.25.8 compatibility. * Fix audit unit tests * Fix MMCLOUDURL unit tests * Fixed unit tests using MM_NOTIFY_ADMIN_COOL_OFF_DAYS * Make app migrations idempotent for parallel test safety Change System().Save() to System().SaveOrUpdate() in all migration completion markers. When two parallel tests share a database pool entry, both may race through the check-then-insert migration pattern. Save() causes a duplicate key fatal crash; SaveOrUpdate() makes the second write a harmless no-op. * test: address review feedback on fullyparallel PR - Use SetLogRootPathOverride() setter instead of direct field access in platform/support_packet_test.go and platform/log_test.go (pvev) - Restore TestGetLogRootPath in config/logger_test.go to keep MM_LOG_PATH env var coverage; test uses t.Setenv so it runs serially which is fine (pvev) - Fix misleading comment in config_test.go: code uses t.Setenv, not os.Setenv (jgheithcock) Co-authored-by: Claude <claude@anthropic.com> * fix: add missing os import in post_test.go The os import was dropped during a merge conflict resolution while burn-on-read shared channel tests from master still use os.Setenv. Co-authored-by: Claude <claude@anthropic.com> --------- Co-authored-by: Claude <claude@anthropic.com> Co-authored-by: wiggin77 <wiggin77@warpmail.net> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-08 20:48:36 -04:00
Jesse Hallam	71ca373de7	Generate instead of hard-coding test passwords, enforce new minimum for FIPS, shard CI, fix FIPS builds (#35905) ... * Replace hardcoded test passwords with model.NewTestPassword() Add model.NewTestPassword() utility that generates 14+ character passwords meeting complexity requirements for FIPS compliance. Replace all short hardcoded test passwords across the test suite with calls to this function. * Enforce FIPS compliance for passwords and HMAC keys FIPS OpenSSL requires HMAC keys to be at least 14 bytes. PBKDF2 uses the password as the HMAC key internally, so short passwords cause PKCS5_PBKDF2_HMAC to fail. - Add FIPSEnabled and PasswordFIPSMinimumLength build-tag constants - Raise the password minimum length floor to 14 when compiled with requirefips, applied in SetDefaults only when unset and validated independently in IsValid - Return ErrMismatchedHashAndPassword for too-short passwords in PBKDF2 CompareHashAndPassword rather than a cryptic OpenSSL error - Validate atmos/camo HMAC key length under FIPS and lengthen test keys accordingly - Adjust password validation tests to use PasswordFIPSMinimumLength so they work under both FIPS and non-FIPS builds * CI: shard FIPS test suite and extract merge template Run FIPS tests on PRs that touch go.mod or have 'fips' in the branch name. Shard FIPS tests across 4 runners matching the normal Postgres suite. Extract the test result merge logic into a reusable workflow template to deduplicate the normal and FIPS merge jobs. * more * Fix email test helper to respect FIPS minimum password length * Fix test helpers to respect FIPS minimum password length * Remove unnecessary "disable strict password requirements" blocks from test helpers * Fix CodeRabbit review comments on PR #35905 - Add server-test-merge-template.yml to server-ci.yml pull_request.paths so changes to the reusable merge workflow trigger Server CI validation - Skip merge-postgres-fips-test-results job when test-postgres-normal-fips was skipped, preventing failures due to missing artifacts - Set guest.Password on returned guest in CreateGuestAndClient helper to keep contract consistent with CreateUserWithClient - Use shared LowercaseLetters/UppercaseLetters/NUMBERS/PasswordFIPSMinimumLength constants in NewTestPassword() to avoid drift if FIPS floor changes https://claude.ai/code/session_01HmE9QkZM3cAoXn2J7XrK2f * Rename FIPS test artifact to match server-ci-report pattern The server-ci-report job searches for artifacts matching "*-test-logs", so rename from postgres-server-test-logs-fips to postgres-server-fips-test-logs to be included in the report. --------- Co-authored-by: Claude <noreply@anthropic.com>	2026-04-08 16:49:43 -03:00
Doug Lauder	5b76fb11a5	MM-67647: Rename shared_channel_manager roles to follow system_ prefix convention (#35944) ... * Rename shared_channel_manager and secure_connection_manager roles to use system_ prefix The new roles added in PR #35354 broke the naming convention that all system-level roles stored in Users.Roles are prefixed with "system_". Client-side code (role.includes('system')) and server-side code (explicit switch cases in applyMultiRoleFilters) relied on this convention, causing users assigned to these roles to not appear in the System Console. Also adds both roles to the applyMultiRoleFilters switch statement in user_store.go, which was missing them entirely.	2026-04-08 08:01:33 -04:00
Jesse Hallam	12aedfdcae	Simplify Apple Silicon docker-compose support (#35975)	2026-04-08 07:59:04 -04:00
Doug Lauder	7dccd6eba6	MM-68199: Fix shared channel membership sync error for local users (#35938) ... When a channel is shared between two instances, the sender was including membership changes for users that originated from the target remote. On the receiver those users are local (RemoteID=""), causing the RemoteID check to fail with "remoteID mismatch", creating log noise. Fix both sides: sender now skips users belonging to the target remote, and receiver silently skips local users instead of logging an error.	2026-04-07 15:59:18 -04:00
JG Heithcock	8eb9863215	Redact password reset token from audit log (#35911) ... Log only a 5-character prefix of the password reset token in audit entries instead of the full 64-character bearer credential (CWE-532). Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-07 10:55:16 -07:00
Doug Lauder	540ccc599b	MM-68179: Run sendLoop workers on all HA nodes (#35909) ... * MM-68179: Run sendLoop workers on all HA nodes In HA clusters, sendLoop worker goroutines only ran on the leader node. When an API request to send a channel invite landed on a non-leader node, SendMsg enqueued the task to a local in-memory channel but no goroutine consumed it, silently losing the message. Fix by starting sendLoop workers in Start() on all nodes, independent of the leader-only ping lifecycle. - Separate sendLoop lifecycle (Start/Shutdown) from ping lifecycle (pingStart/pingStop on leader change) - Rename resume/pause to pingStart/pingStop for clarity - Change Active() to mean "service started" via atomic.Bool - Remove SetActive (no longer needed; tests use Start()) * address review comment * Added idempotency guard to Start() * Start() and Shutdown(): CompareAndSwap instead of Load/Store — eliminates races where concurrent calls could both proceed. Only the winner of the CAS executes; the loser returns nil immediately. Ping test: replaced time.Sleep with assert.Never/assert.Eventually — no more brittle fixed sleeps. Uses assert.Never to verify no pings fire on non-leader, and assert.Eventually to verify pings stop after losing leadership (snapshot-then-compare pattern). * make unit tests parallel capable --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-07 18:49:54 +02:00
Just Nev	e2e7aed678	Add prepackaged version of github plugin v2.7. (#35968) ... Co-authored-by: Nevyana Angelova <nevyangelova@192.168.100.47>	2026-04-07 17:26:53 +03:00
Andre Vasconcelos	faa7d75b4e	Improved processing of attachments (#35854)	2026-04-07 13:25:38 +03:00
unified-ci-app[bot]	6662021dd5	Update latest minor version to 11.7.0 (#35964) ... Co-authored-by: unified-ci-app[bot] <121569378+unified-ci-app[bot]@users.noreply.github.com>	2026-04-07 09:34:34 +03:00
Doug Lauder	e694e86d63	MM-68204: Use multi-level logging for shared channel and remote cluster service errors (#35949) ... * Use multi-level logging for shared channel and remote cluster service errors Service-specific log levels (LvlRemoteClusterServiceError, LvlSharedChannelServiceError) were hidden from the main log by default, requiring explicit configuration to see them. Switch all call sites to use LogM with multi-level combos so each log line is attributed to both the standard level (error/warn) and the service-specific level. This surfaces errors in the main log while preserving the ability to isolate them into dedicated files. Each instance was reviewed and either kept as error (DB failures, security issues, config errors, exhausted retries on critical data) or downgraded to warn (transient network failures, remote-side reported errors with retry logic, non-critical data like profile images, reactions, acknowledgements, and status).	2026-04-06 12:17:47 -04:00
Harshil Sharma	ad35eba60b	Added nil checks (#35755) ... * Added nil checks * Added test for DM and GM * Updated operation order	2026-04-06 08:47:24 +05:30
Jesse Hallam	f6d5d9e1bc	[MM-67859] Update license renewal and expiry email branding (#35701)	2026-04-04 20:30:36 -03:00
Bill Gardner	24e38f2bd7	Update server/public to v0.3.0 to avoid import cycle in v0.2.1 (#35946)	2026-04-03 17:20:45 -04:00
yy	38e26fbd2d	chore: fix typos in comments (#34960) ... Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-03 13:43:25 +00:00
Doug Lauder	3888a69479	MM-68158: Fix shared channel remote display and notify UI on invite completion (#35908) ... * MM-68158: Fix shared channel remote display and add WebSocket notification Fix getSharedChannelRemotes API handler passing ChannelId instead of RemoteId to GetRemoteCluster, which always failed the lookup. Add RemoteId to SharedChannelRemoteStatus model and store query. Add shared_channel_remote_updated WebSocket event published from the onInvite callback so the UI refreshes its cached remote names when the async invite completes, instead of showing the generic "Shared with trusted organizations" fallback. * Improved unit tests per review comments	2026-04-03 02:06:01 -04:00
Weblate (bot)	5a73fb022d	Translations update from Mattermost Weblate (#35890) ... * Translated using Weblate (Russian) Currently translated at 86.2% (2583 of 2996 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ru/ * Translated using Weblate (Russian) Currently translated at 86.8% (2603 of 2996 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ru/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 77.4% (5489 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 77.6% (5503 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Polish) Currently translated at 98.2% (2943 of 2996 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pl/ * Translated using Weblate (Russian) Currently translated at 89.0% (2667 of 2996 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ru/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 78.0% (5530 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Polish) Currently translated at 97.0% (6877 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Polish) Currently translated at 98.3% (2948 of 2996 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pl/ * Translated using Weblate (Portuguese) Currently translated at 6.9% (207 of 2996 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pt/ * Translated using Weblate (Portuguese) Currently translated at 28.2% (1999 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pt/ * Translated using Weblate (Portuguese) Currently translated at 28.3% (2012 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pt/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 78.2% (5546 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 78.2% (5548 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 78.6% (5577 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 78.8% (5591 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Dutch) Currently translated at 100.0% (2996 of 2996 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/nl/ * Translated using Weblate (Polish) Currently translated at 99.0% (2968 of 2996 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pl/ * Translated using Weblate (Dutch) Currently translated at 100.0% (7087 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nl/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 78.9% (5597 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Polish) Currently translated at 97.2% (6894 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 79.1% (5608 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Swedish) Currently translated at 91.9% (6513 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/sv/ * Translated using Weblate (German) Currently translated at 100.0% (2997 of 2997 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/de/ * Translated using Weblate (Polish) Currently translated at 100.0% (2997 of 2997 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pl/ * Translated using Weblate (Polish) Currently translated at 97.4% (6903 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Swedish) Currently translated at 92.0% (6523 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/sv/ * Translated using Weblate (Polish) Currently translated at 97.8% (6932 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Russian) Currently translated at 78.3% (5553 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ru/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 79.2% (5615 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 79.3% (5622 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Russian) Currently translated at 78.6% (5575 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ru/ * Translated using Weblate (Russian) Currently translated at 78.9% (5597 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ru/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 79.3% (5623 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Japanese) Currently translated at 88.8% (6294 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ja/ * Translated using Weblate (Polish) Currently translated at 97.8% (6933 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Japanese) Currently translated at 89.0% (6308 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ja/ * Translated using Weblate (Polish) Currently translated at 98.0% (6947 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Japanese) Currently translated at 89.3% (6329 of 7087 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ja/ * Update translation files Updated by "Cleanup translation files" hook in Weblate. Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ * Update translation files Updated by "Cleanup translation files" hook in Weblate. Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ * Translated using Weblate (Japanese) Currently translated at 90.0% (6385 of 7089 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ja/ * Translated using Weblate (German) Currently translated at 99.9% (7085 of 7089 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/de/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 79.4% (5629 of 7089 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 79.4% (5631 of 7089 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (Russian) Currently translated at 79.7% (5656 of 7089 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ru/ --------- Co-authored-by: Dmitriy Q <krotesk@mail.ru> Co-authored-by: Frank Paul Silye <frankps@gmail.com> Co-authored-by: master7 <marcin.karkosz@rajska.info> Co-authored-by: Manuela Silva <mmsrs@sky.com> Co-authored-by: Tom De Moor <tom@controlaltdieliet.be> Co-authored-by: Kristoffer Grundström <swedishsailfishosuser@tutanota.com> Co-authored-by: jprusch <rs@schaeferbarthold.de> Co-authored-by: Takayuki Maruyama <bis5.wsys@gmail.com>	2026-04-02 22:44:54 +00:00
Christopher Speller	9b01e406f4	Move password hashers from server/v8 to server/public to fix module layering violation (#35805)a ... * Move password hashers from server/v8 to server/public to fix layering violation * Revert "Move password hashers from server/v8 to server/public to fix layering violation" This reverts commit 8cad5b8dc9. * invert dependency between hashers and model * make modules-tidy --------- Co-authored-by: Jesse Hallam <jesse@mattermost.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-01 15:20:12 +00:00
Carlos Garcia	50f31ae87c	Mm 66662 bump dependencies (#35849) ... * replace for tablewriter not longer needed jaytaylof/html2text project has been updated and now it supports tablewriter 1.0.0 * Replace fwSeeker with bufReadSeeker to support backward seeks for imagemeta v0.17 * Bump server dependencies (includes imagemeta v0.12→v0.17) * revert the imagemeta upgrade to reduce risk this time * modules-tidy --------- Co-authored-by: Jesse Hallam <jesse@mattermost.com>	2026-04-01 10:46:46 -03:00
Jesse Hallam	4d20645a5b	Inline mattermost-govet into the monorepo (#35869) ... * inline mattermost-govet * fix style issues * simplify the openApiSync spec test * README.md tweaks * fix missing licenses * simplify README.md * trigger server-ci on tools/mattermost-govet/** * Apply 470cf78253 --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-01 13:24:22 +00:00
Jesse Hallam	eb8310a30c	simplify CODEOWNERS (#35770) ... * simplify CODEOWNERS * dont .gitignore AGENTS.md * AGENTS.md to document previous CODEOWNERS responsibilities * update from https://developers.mattermost.com/contribute/more-info/server/schema-migration-guide/ * CREATE INDEX CONCURRENTLY now vetted * rewrite and move to README.md * dont limit to 80 chars * rewrite webapp AGENTS.md and add to README.md --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-01 13:03:36 +00:00
Ibrahim Serdar Acikgoz	d00125121e	disable burn on read posts on shared channels (#35460)	2026-04-01 11:30:35 +02:00
Nick Misasi	f4d1abe7e8	MM-68140: Validate post read access before rewrite thread context (#35864) ... Ensure thread context for message rewrite is only built when the session may read the anchor post, and surface context build failures to the client. Made-with: Cursor	2026-04-01 02:07:45 -07:00
Pavel Zeman	3e2c3f70c2	fix: prevent sql.DB connectionCleaner race and harden flaky tests (#35891) ... * fix: prevent sql.DB connectionCleaner race with testify mock diffing The previous fix (#35881) moved store.Close()/th.Shutdown() before AssertExpectations, but the race actually occurs earlier — during mock.Called() when RegisterDBCollector fires inside initConnection. Root cause: testify's Arguments.Diff() unconditionally calls fmt.Sprintf("%v", *sql.DB) on every recorded argument (mock.go:976), which uses reflect to read sql.DB internal fields. The connectionCleaner goroutine concurrently writes to those same fields, triggering a DATA RACE under Go 1.25's stricter race detector. Fix: Set ConnMaxLifetimeMilliseconds=0 and ConnMaxIdleTimeMilliseconds=0 in test SqlSettings before initConnection. This prevents the connectionCleaner goroutine from starting at all — no concurrent writer means no race. Connection pool cleanup serves no purpose in tests. For store_test.go: settings are set directly before SqlStore creation. For platform tests: settings are set in setupTestHelper's config before sqlstore.New() is called via platform.New(). Co-authored-by: Claude <claude@anthropic.com> * fix: harden flaky TestScheduleOnceSequential and TestGroupStore tests TestScheduleOnceSequential: Replace fixed 300ms sleep with require.Eventually polling (5s timeout, 50ms interval). Under the race detector, execution is significantly slower and 25+ scheduled jobs may not complete within a fixed 300ms window. TestGroupStore/GetGroups: Use unique uid-prefixed display names for test groups to avoid collisions with groups created by other parallel subtests sharing the same database. Search queries and result checks updated to use the uid prefix. Co-authored-by: Claude <claude@anthropic.com> * fix: address CodeRabbit review feedback - Restore mixed-case search coverage in TestGroupStore by using mixed-case query strings (uid + "-GrOuP-3") to verify case-insensitive matching behavior. - Strengthen exactly-once validation in TestScheduleOnceSequential by checking callback count == 1 instead of > 0, ensuring duplicate executions are caught. Co-authored-by: Claude <claude@anthropic.com> --------- Co-authored-by: Claude <claude@anthropic.com>	2026-03-31 16:58:09 -04:00
Pavel Zeman	4b8a4ae2b3	fix: resolve DATA RACE in TestReplicaLagQuery, TestInvalidReplicaLagDataSource, and TestMetrics (#35881) ... These three tests have been failing deterministically on every master build since Go 1.25.8 was merged (PR #35817, March 27). The failures only manifest on master because PR CI does not run with the -race flag. ## Root Cause The race is between Go's database/sql connection pool and testify's mock assertion logic: 1. When a *sql.DB connection pool is opened, Go spawns a background connectionCleaner goroutine that periodically runs connectionCleanerRunLocked(), which acquires the DB's internal mutex via atomic.CompareAndSwapInt32. 2. The tests pass a *sql.DB argument to mock expectations via RegisterDBCollector(). When testify's AssertExpectations() runs, it uses reflect to diff the recorded call arguments, which reads the internal fields of the *sql.DB struct (including the mutex state and connection pool fields) via reflect.Value.Int() and reflect.typedmemmove(). 3. Go 1.25 ships a stricter race detector that catches this concurrent read (reflect in the test goroutine) vs write (atomic CAS in the connectionCleaner goroutine) on the same memory. Go 1.24's race detector did not flag this pattern. The race existed latently in the code for a long time. Go 1.25 simply made it detectable. ## Fix Close/shut down the store (and all its background goroutines, including the sql.DB connection cleaner) BEFORE calling AssertExpectations. This ensures there is no concurrent writer when testify uses reflect to inspect the *sql.DB arguments. - TestReplicaLagQuery: move store.Close() before AssertExpectations (was previously deferred, running after AssertExpectations) - TestInvalidReplicaLagDataSource: replace defer store.Close() with explicit store.Close() at end of test - TestMetrics/ensure_advanced_metrics_have_database_metrics: call th.Shutdown(t) before AssertExpectations (Shutdown was previously registered via t.Cleanup, running after the test function returns) Co-authored-by: Claude <claude@anthropic.com>	2026-03-31 11:32:37 -04:00
Doug Lauder	96e4d7a769	MM-68076 Chunk bulk INSERTs to respect PostgreSQL parameter limit (#35767) ... * MM-68076 Chunk bulk INSERTs to respect PostgreSQL 65,535 parameter limit (#35761) PostgreSQL's wire protocol uses a 16-bit integer for parameter count, causing bulk imports to fail when multi-row INSERTs exceed 65,535 parameters. Add a generic chunkSlice helper that splits rows into sub-batches capped at 50,000 parameters, and apply it to saveMultipleMembers (channel), SaveMultipleMembers (team), and SaveMultipleMemberships (thread). Normal operations (< 3,333 rows) remain a single INSERT with negligible overhead. Wrap all chunked INSERT loops in transactions so multi-chunk batches are atomic — previously channel and team member inserts could leave partial data if a later chunk failed. Add threadMembershipSliceColumns helper so thread membership chunk size is derived dynamically. Includes integration tests for multi-chunk insertion and rollback verification for channel members, team members, posts, and groups.	2026-03-30 22:40:40 -04:00
Jesse Hallam	f7f2d944e8	upgrade golangci-lint (#35845)	2026-03-30 13:41:32 -03:00
Nick Misasi	c81d0ddd73	Ability to E2E AI Bridge features + Initial Recaps E2E (#35541) ... * Add shared AI bridge seam Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Add AI bridge test helper API Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Add AI bridge seam test coverage Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Add Playwright AI bridge recap helpers Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix recap channel persistence test Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Restore bridge client compatibility shim Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Expand recap card in Playwright spec Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Recaps e2e test coverage (#35543) * Add Recaps Playwright page object Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Expand AI recap Playwright coverage Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Format recap Playwright coverage Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix recap regeneration test flows Co-authored-by: Nick Misasi <nick13misasi@gmail.com> --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> * Fix AI bridge lint and OpenAPI docs Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix recap lint shadowing Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Stabilize failed recap regeneration spec Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fill AI bridge i18n strings Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix i18n * Add service completion bridge path and operation tracking fields Extend AgentsBridge with CompleteService for service-based completions, add ClientOperation/OperationSubType tracking to BridgeCompletionRequest, and propagate operation metadata through to the bridge client. Made-with: Cursor * Fill empty i18n translation strings for enterprise keys The previous "Fix i18n" commit added 145 i18n entries with empty translation strings, causing the i18n check to fail in CI. Fill in all translations based on the corresponding error messages in the enterprise and server source code. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Fix i18n * Fix i18n again * Rename Complete/CompleteService to AgentCompletion/ServiceCompletion Align the AgentsBridge interface method names with the underlying bridge client methods they delegate to (AgentCompletion, ServiceCompletion). Made-with: Cursor * Refactor * Add e2eAgentsBridge implementation The new file was missed from the prior refactor commit. Made-with: Cursor * Address CodeRabbit review feedback - Add 400 BadRequest response to AI bridge PUT endpoint OpenAPI spec - Add missing client_operation, operation_sub_type, service_id fields to AIBridgeTestHelperRecordedRequest schema - Deep-clone nested JSON schema values in cloneJSONOutputFormat - Populate ChannelID on recap summary bridge requests - Fix msg_count assertion to mention_count for mark-as-read verification - Make AgentCompletion/ServiceCompletion mutex usage atomic Made-with: Cursor * fix(playwright): align recaps page object with placeholder and channel menu Made-with: Cursor * fix(playwright): update recaps expectEmptyState to match RecapsList empty state After the master merge, the recaps page now renders RecapsList's "You're all caught up" empty state instead of the old placeholder. Made-with: Cursor * chore(playwright): update package-lock.json after npm install Made-with: Cursor * Revert "chore(playwright): update package-lock.json after npm install" This reverts commit 95c670863a. * style(playwright): fix prettier formatting in recaps page object Made-with: Cursor * fix(playwright): handle both recaps empty states correctly The recaps page has two distinct empty states: - Setup placeholder ("Set up your recap") when allRecaps is empty - RecapsList caught-up state ("You're all caught up") when the filtered tab list is empty Split expectEmptyState into expectSetupPlaceholder and expectCaughtUpEmptyState, used by the delete and bridge-unavailable tests respectively. Made-with: Cursor --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-30 16:20:47 +00:00
Maria A Nunez	ece6b956fa	Add single-channel guest count to support packet stats (#35846) ... Single-channel guests are excluded from billable seat counts for licensing. Include this metric in the support packet so support engineers can understand seat calculation discrepancies. Made-with: Cursor Co-authored-by: Mattermost Build <build@mattermost.com>	2026-03-30 11:13:09 -04:00
Carlos Garcia	fd2dd1c618	updated go to version 1.25.8 (#35817) ... * updated go to version 1.25.8 * updated gotestsum version to work with go 1.25.8 go 1.25 does not work with indirect tools 0.11 dependency pulled by gotestsum. * Use sync.WaitGroup.Go to simplify goroutine creation Replace the wg.Add(1) + go func() { defer wg.Done() }() pattern with wg.Go(), which was introduced in Go 1.25. * pushes fips image on workflow dispatch to allow fips test to run on go version update * fix new requirements for FIPS compliance imposed on updating to go 1.25.8 * updates openssl symbol check for library shipped with FIPS new versions go-openssl v2 shipped with FIPS versions starting from 1.25 uses mkcgo to generate bindings causing symbol names to be different. * removes temp workflow-dispatch condition * keep versions out of agents md file	2026-03-27 21:11:52 +01:00
Jesse Hallam	71fe83aea2	Add concurrentIndex vet rule and fix migrations (#35809) ... * dont panic in CleanupSqlSettings so we can surface migration failures * update mattermost-govet * nolint existing missing CONCURRENT * Revert "nolint existing missing CONCURRENT" This reverts commit 45b3110bf0. * simplify * approve up to 166	2026-03-27 16:34:17 -03:00
Scott Bishel	30837f7c4e	move error back to logging warning...as caused breaking change (#35841) ... * move error back to logging warning...as caused breaking change * remove unnecessary translation * update test expectations * revert test changes	2026-03-27 11:29:56 -06:00
Miguel de la Cruz	dad9cab483	Add guards to avoid cards being created when the integrated boards feature flag is disabled (#35836)	2026-03-27 08:51:29 -07:00
Carlos Garcia	a19cc4b909	improves time limit checks (#35638) ... * improves time limit checks * consistently check for presence of patch fields * fix variable shadowing in test * allow idempotent pinning operations with time limit expired * new utility function for post limit time check * fix style issue	2026-03-27 16:29:06 +01:00
Miguel de la Cruz	006f102768	Adds COALESCE guard for property fields before PSAv2 migrations (#35830) ... Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es>	2026-03-27 12:05:15 +01:00
Miguel de la Cruz	48f2fd0873	Merge the Integrated Boards MVP feature branch (#35796) ... * Add CreatedBy and UpdatedBy to the properties fields and values (#34485) * Add CreatedBy and UpdatedBy to the properties fields and values * Fix types --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds ObjectType to the property fields table (#34908) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Update ObjectType migration setting an empty value and marking the column as not null (#34915) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds uniqueness mechanisms to the property fields (#35058) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Fixing retrylayer mocks * Remove retrylayer duplication * Address review comments * Fix comment to avoid linter issues * Address PR comments * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.down.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update field validation to check only for valid target types * Update migrations to avoid concurrent index creation within a transaction * Update migrations to make all index ops concurrent * Update tests to use valid PSAv2 property fields * Adds a helper for valid PSAv2 TargetTypes --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Fix property tests (#35388) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards feature flag (#35378) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards MVP API changes (#34822) This PR includes the necessary changes for channels and posts endpoints and adds a set of generic endpoints to retrieve and manage property fields and values following the new Property System approach. Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Mattermost Build <build@mattermost.com> * Property System Architecture permissions for v2 (#35113) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Fix i18n sorting --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Add Views store and app layer (#35361) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor test loops in ViewStore tests for improved readability * change pagination to limit/offset * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * MM-67388, MM-66528, MM-67750: Add View REST API endpoints, websocket events, and sort order (#35442) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Add View API endpoints with OpenAPI spec, client methods, and i18n Implement REST API for channel views (board-type) behind the IntegratedBoards feature flag. Adds CRUD endpoints under /api/v4/channels/{channel_id}/views with permission checks matching the channel bookmark pattern. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add cursor-based pagination to View API for channel views * Enhance cursor handling in getViewsForChannel and update tests for pagination * Refactor test loops in ViewStore tests for improved readability * Refactor loop in TestGetViewsForChannel for improved readability * change pagination to limit/offset * switch to limit/offset pagination * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add view sort order API endpoint Add POST /api/v4/channels/{channel_id}/views/{view_id}/sort_order endpoint following the channel bookmarks reorder pattern. Includes store, app, and API layers with full test coverage at each layer. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add connectionId to view WebSocket events and sort_order API spec Thread connectionId from request header through all view handlers (create, update, delete, sort_order) to WebSocket events, matching the channel bookmarks pattern. Add sort_order endpoint to OpenAPI spec. Update minimum server version to 11.6. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove duplicate View/ViewPatch definitions from definitions.yaml The merge from integrated-boards-mvp introduced duplicate View and ViewPatch schema definitions that were already defined earlier in the file with more detail (including ViewBoardProps ref and enums). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update minimum server version to 11.6 in views API spec Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add missing translations for view sort order error messages Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Merge integrated-boards-mvp into ibmvp_api-views; remove spec files Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix flaky TestViewStore timestamp test on CI Add sleep before UpdateSortOrder to ensure timestamps differ, preventing same-millisecond comparisons on fast CI machines. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * remove duplicate views.yaml imclude * Use c.boolString() for include_deleted query param in GetViewsForChannel Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix views.yaml sort order schema: use integer type and require body Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor view sort order tests to use named IDs instead of array indices Extract idA/idB/idC from views slice and add BEFORE/AFTER comments to make stateful subtest ordering easier to follow. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Return 404 instead of 403 for view operations on deleted channels Deleted channels should appear non-existent to callers rather than revealing their existence via a 403. Detailed error text explains the context for debugging. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * add missing channel deleteat checks * Use c.Params.Page instead of manual page query param parsing in getViewsForChannel c.Params already validates and defaults page/per_page, so the manual parsing was redundant. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add support for total count in views retrieval * Add tests for handling deleted views in GetViewsForChannel and GetView * Short-circuit negative newIndex in UpdateSortOrder before opening transaction Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add per-channel limit on views to bound UpdateSortOrder cost Without a cap, unbounded view creation makes sort-order updates increasingly expensive (CASE WHEN per view, row locks). Adds MaxViewsPerChannel=50 constant and enforces it in the app layer before saving. Includes API and app layer tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove include_deleted support from views API Soft-deleted views are structural metadata with low risk, but no other similar endpoint (e.g. channel bookmarks) exposes deleted records without an admin gate. Rather than adding an admin-only permission check for consistency, remove the feature entirely since there is no current use case. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update view permissions to require `create_post` instead of channel management permissions * Remove obsolete view management error messages for direct and group messages --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * feat(migrations): add user tracking and object type to property fields - Introduced user tracking columns (CreatedBy, UpdatedBy) to PropertyFields and PropertyValues. - Added ObjectType column to PropertyFields with associated unique indexes for legacy and typed properties. - Created new migration scripts for adding and dropping these features, including necessary indexes for data integrity. - Established views for managing property fields with new attributes. This update enhances the schema to support better tracking and categorization of property fields. * Add Property System Architecture v2 API endpoints (#35583) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Require target_type filter when searching property fields * Add objectType validation as part of field.IsValid() * Fix linter * Fix test with bad objecttpye * Fix test grouping --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * MM-67968: Flatten view model — remove icon, subviews, typed board props (#35726) * feat(views): flatten view model by removing icon, subview, and board props Simplifies the View data model as part of MM-67968: removes Icon, Subview, and ViewBoardProps types; renames ViewTypeBoard to ViewTypeKanban; replaces typed Props with StringInterface (map[string]any); adds migration 000167 to drop the Icon column from the Views table. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * feat(api): update views OpenAPI spec to reflect flattened model Removes ViewBoardProps, Subview, and icon from the View and ViewPatch schemas. Changes type enum from board to kanban. Replaces typed props with a free-form StringInterface object. Aligns with MM-67968. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * refactor(views): simplify store by dropping dbView and marshalViewProps StringInterface already implements driver.Valuer and sql.Scanner, so the manual JSON marshal/unmarshal and the dbView intermediate struct were redundant. model.View now scans directly from the database. Also removes the dead ViewMaxLinkedProperties constant and wraps the Commit() error in UpdateSortOrder. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * fix(api): allow arbitrary JSON in view props OpenAPI schema The props field was restricted to string values via additionalProperties: { type: string }, conflicting with the Go model's StringInterface (map[string]any). Changed to additionalProperties: true in View, ViewPatch, and inline POST schemas. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * Adds basic implementation of the generic redux store for PSAv2 (#35512) * Adds basic implementation of the generic redux store for PSAv2 * Add created_by and updated_by to the test fixtures * Make target_id, target_type and object_type mandatory * Wrap getPropertyFieldsByIds and getPropertyValuesForTargetByFieldIds with createSelector * Address PR comments --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds websocket messages for the PSAv2 API events (#35696) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Adds websocket messages for the PSAv2 API events * Add IsPSAv2 helper to the property field for clarity * Add guard against nil returns on field deletion * Add docs to the websocket endpoints --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * migrations: consolidate views migrations and reorder after master - Merged 000165 (create Views) with 000167 (drop Icon) since Icon was never needed - Renumbered branch migrations 159-166 → 160-167 so master's 000159 (deduplicate_policy_names) runs first - Regenerated migrations.list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Add API endpoint to retrieve posts for a specific view (#35604) Automatic Merge * Apply fixes after merge * Return a more specific error from getting multiple fields * Prevent getting broadcast params on field deletion if not needed * Remove duplicated migration code * Update property conflict code to always use master * Adds nil guard when iterating on property fields * Check that permission level is valid before getting rejected by the database * Validate correctness on TargetID for PSAv2 fields * Avoid PSAv1 using permissions or protected * Fix test data after validation change * Fix flaky search test * Adds more posts for filter use cases to properly test exclusions --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> Co-authored-by: Julien Tant <julien@craftyx.fr> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Julien Tant <785518+JulienTant@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-27 10:36:35 +01:00
Pablo Vélez	7a339a6438	MM-68001 - enforce X-Requested-With header validation on BoR reveal endpoint (#35793) ... * MM-68001 - enforce X-Requested-With header validation on BoR reveal endpoint * adjust message --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-03-26 19:17:45 -05:00
Adam Schildkraut	656a0248eb	Fix datetime MinDate/MaxDate validation and add sub-day relative patterns (#35327) ... * Add H/M/S sub-day units to validateRelativePattern * Fix datetime MinDate/MaxDate to use validateDateTimeFormat * Add H/M/S sub-day resolution to resolveRelativeDateToMoment * Add minDateTime/maxDateTime props to DateTimeInput * Wire min_date/max_date resolution in AppsFormDateTimeField * Align client relative pattern bounds with server validation * Fix allowPastDates when minDateTime is in the past	2026-03-26 17:19:15 -06:00
Carlos Garcia	0d01619585	updates buildserver go base image versions to 1.25.8 (#35811)	2026-03-26 23:21:00 +01:00
Rajat Dabade	fac92f4a71	Added FakeSetting for keys generation for support package (#35346) ... Co-authored-by: Mattermost Build <build@mattermost.com>	2026-03-27 01:56:06 +05:30
Pavel Zeman	51232b58ef	ci: shard server Postgres tests into 4 parallel runners (#35739) ... * ci: add test sharding plumbing to server CI Add infrastructure for upcoming test sharding without changing behavior: - Add shard-index and shard-total inputs to server-test-template.yml (defaults preserve existing single-runner behavior) - Add timing cache restore step (activates only when shard-total > 1) - Add merge-postgres-test-results job to server-ci.yml that: - Merges JUnit XML reports from shard artifacts - Saves timing data cache for future shard balancing - Handles both single-artifact and multi-shard scenarios - Add .gitignore entries for timing cache and shard work files Co-authored-by: Claude <claude@anthropic.com> * ci: shard server Postgres tests into 4 parallel runners Extract sharding logic into standalone, tested scripts and enable 4-shard parallel test execution for server Postgres CI: Scripts: - server/scripts/shard-split.js: Node.js bin-packing solver that assigns test packages to shards using timing data from previous runs. Two-tier strategy: light packages (<2min) whole, heavy packages (api4, app) split at individual test level. - server/scripts/run-shard-tests.sh: Multi-run wrapper that calls gotestsum directly for each package group with -run regex filters. - server/scripts/shard-split.test.js: 8 test cases covering round-robin fallback, timing-based balancing, heavy package splitting, JUnit XML fallback, and enterprise package separation. Workflow changes: - server-test-template.yml: Add shard splitting step that discovers test packages and runs the solver. Modified Run Tests step to use wrapper script when sharding is active. - server-ci.yml: Add 4-shard matrix to test-postgres-normal. Update merge job artifact patterns for shard-specific names. Performance: 7.2 min with timing cache vs 62.5 min baseline = 88% wall-time improvement. First run without cache uses JUnit XML fallback or round-robin, then populates the cache for subsequent runs. Co-authored-by: Claude <claude@anthropic.com> * fix: raise heavy package threshold to 5 min to preserve test isolation sqlstore integrity tests scan the entire database and fail when other packages' test data is present. At 182s, sqlstore was just over the 120s threshold and getting split at test level. Raising to 300s keeps only api4 (~38 min) and app (~15 min) as heavy — where the real sharding gains are — while sqlstore, elasticsearch, etc. stay whole and maintain their test isolation guarantees. Co-authored-by: Claude <claude@anthropic.com> * ci: only save test timing cache on default branch PR branches always restore from master's timing cache via restore-keys prefix matching. Timing data is stable day-to-day so this eliminates cache misses on first PR runs and reduces cache storage. Co-authored-by: Claude <claude@anthropic.com> * ci: skip FIPS tests on PRs (enterprise CI handles compile check) Per review feedback: the enterprise CI already runs a FIPS compile check on every PR. Running the full FIPS test suite on PRs is redundant since it uses the identical test suite as non-FIPS — the only FIPS-specific failure mode is a build failure from non-approved crypto imports, which the enterprise compile check catches. Full FIPS tests continue to run on every push to master. Co-authored-by: Claude <claude@anthropic.com> * fix: address review feedback on run-shard-tests.sh - Remove set -e so all test runs execute even if earlier ones fail; track failures and exit with error at the end (wiggin77) - Remove unused top-level COVERAGE_FLAG variable (wiggin77) - Fix RUN_IDX increment position so report, json, and coverage files share the same index (wiggin77) - Update workflow comment: heavy threshold is 5 min, not 2 min (wiggin77) Co-authored-by: Claude <claude@anthropic.com> * style: use node: prefix for built-in fs module in shard-split.js Co-authored-by: Claude <claude@anthropic.com> * fix: avoid interpolating file paths into generated shell script Read shard package lists from files at runtime instead of interpolating them into the generated script via printf. This prevents theoretical shell metacharacter injection from directory names, as flagged by DryRun Security. Co-authored-by: Claude <claude@anthropic.com> * fix(ci): rename merged artifact to match server-ci-report glob The merged artifact was named postgres-server-test-logs-merged which does not match the *-test-logs pattern in server-ci-report.yml, causing Postgres test results to be missing from PR/commit reports. Also pins junit-report-merger to exact version 7.0.0 for supply chain safety. Co-authored-by: Claude <claude@anthropic.com> * fix(ci): pass RACE_MODE env into Docker container RACE_MODE was set on the host runner but never included in the docker run --env list. The light-package path worked because the heredoc expanded on the host, but run-shard-tests.sh reads RACE_MODE at runtime inside the container where it was unset. This caused heavy packages (api4, app) to silently lose -race detection. Co-authored-by: Claude <claude@anthropic.com> * fix(ci): discover new tests in heavy packages not in timing cache Tests not present in the timing cache (newly added or renamed) would not appear in any shard -run regex, causing them to silently skip. After building items from the cache, run go test -list to discover current test names and assign any cache-missing tests to shards via the normal bin-packing algorithm with a small default duration. Co-authored-by: Claude <claude@anthropic.com> * fix(ci): add missing line continuation backslash in docker run The previous --env FIPS_ENABLED line was missing a trailing backslash after adding --env RACE_MODE, causing docker run to see a truncated command and fail with "requires at least 1 argument". Co-authored-by: Claude <claude@anthropic.com> * fix(ci): add setup-go step for shard test discovery go test -list in shard-split.js runs on the host runner via execSync, but Go is only available inside the Docker container. Without this step, every invocation fails silently and new-test discovery is a no-op. Adding actions/setup-go before the shard split step ensures the Go toolchain is available on the host. Co-authored-by: Claude <claude@anthropic.com> --------- Co-authored-by: Claude <claude@anthropic.com>	2026-03-26 15:07:40 -04:00