mirror of
https://github.com/actualbudget/actual.git
synced 2026-07-18 01:03:42 -05:00
delay-initial-sync-until-loaded
96 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
df45b50412 |
[AI] DX: scope CI Lage cache key per job (#8311)
* [AI] DX: scope CI Lage cache key per job The Lage cache key was shared across every job in the Build and Test workflows. The `setup` job (a dependency that finishes first) runs no Lage task, so it persisted an empty cache under the shared key; every other job then saw the key already existed and skipped saving its real cache. The next run restored that empty cache, causing a 100% cache miss. Key the cache per job so each job restores and persists its own Lage cache. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01GsWzGLUnt9TWkmNVDiYTof * [AI] DX: remove comment and shorten release note Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01GsWzGLUnt9TWkmNVDiYTof --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
|
2825f52138 |
[AI] DX: fix CI Lage cache (#8305)
* [AI] Fix CI Lage cache to target the real cache directory The "Cache Lage" step in the shared setup action cached the repo-root .lage directory, but Lage writes its build/test cache to node_modules/.cache/lage. The configured directory was always empty (the step even mkdir -p's it first), so the cache step did nothing and Lage results only persisted incidentally inside the yarn.lock-keyed node_modules cache, frozen between lockfile changes. Point both the mkdir and the cache step at node_modules/.cache/lage so the existing sha key + prefix restore-key actually roll the cache forward: each run restores the most recent prior entry and saves a fresh one, letting CI jobs/shards and reruns reuse earlier build/test results. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_013fQ9w27xTJdsb4Q9QUmHD9 * [AI] Address review: drop comment, use slug release note Remove the explanatory comment from the Cache Lage step and rename the release note to a descriptive slug with a shorter, user-facing body, per the repo's release-note conventions. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_013fQ9w27xTJdsb4Q9QUmHD9 --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
|
d19b4ddb70 |
improve CI yarn cache to make the fetch step quicker (#8252)
* restore partial yarn caches * note |
||
|
|
e5747b2f2a |
[AI] Replace archived check-spelling action with typos for docs spell-check (#8249)
* [AI] Replace archived check-spelling action with typos for docs spell-check The check-spelling/check-spelling action was archived upstream and shipped a self-disabling "secpoll" kill-switch after a maintainer-account compromise (2026-06-16), causing the Check Spelling (Docs) workflow to fail fatally with a security-advisory error. There is no patched release to bump to. Replace it with crate-ci/typos, which is actively maintained and runs entirely from the checked-out tree (no PR-comment or bot-apply machinery, so the workflow only needs contents: read): - Rewrite .github/workflows/docs-spelling.yml to run crate-ci/typos, dropping the check-spelling comment/apply jobs and the pull_request_target trigger. - Replace the check-spelling config files with typos.toml: scope to packages/docs, exclude auto-generated release notes and binary assets, and allowlist words typos otherwise mis-flags (HSA, Lage/lage, BA). - Fix genuine typos surfaced in current docs (schedules.md, paying-in-full.md). - Update the contributing guide and docs-writing skill to describe the new allowlist location. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01DstzjPjGYdWMCG4jsrH6a1 * [AI] Add docs-spelling release note and format README Fix the remaining CI checks on the spell-check migration: - Add upcoming-release-notes/8249.md (Maintenance) so the "Release notes" check passes. - Reformat .github/actions/docs-spelling/README.md with oxfmt so the lint ("Test") and autofix.ci checks pass (autofix.ci is not permitted to modify files under .github, so the formatting has to be committed directly). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01DstzjPjGYdWMCG4jsrH6a1 * [AI] Disable credential persistence in docs-spelling checkout Address the code-scanning (zizmor) and CodeRabbit review finding: the read-only spell-check job performs no authenticated git operations, so set persist-credentials: false on actions/checkout as a hardening measure. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01DstzjPjGYdWMCG4jsrH6a1 --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
|
674c6f1b53 |
Formula feedback improvements (#7989)
* [AI] Add FORMATNUMBER and FORMATCURRENCY functions to address TEXT() formatting limitations Feedback from GitHub issue #5949: - Users reported TEXT(value, "$#,##0.00") doesn't properly format numbers with thousands separators - Users requested proper currency formatting for formula cards - Tooltip examples had inconsistent quote usage (backticks vs no backticks) Changes: 1. Added FORMATNUMBER() function for number formatting with thousands separators - Supports custom decimal places, thousands separator, and decimal separator - Example: FORMATNUMBER(1234567.89, 2) returns "1,234,567.89" 2. Added FORMATCURRENCY() function for currency formatting - Supports custom currency symbol, decimals, and separators - Handles negative values correctly - Example: FORMATCURRENCY(1234567.89, "$") returns "$1,234,567.89" 3. Fixed tooltip quote inconsistency - Removed backticks from formula examples in tooltips for consistency - All examples now use plain text without backticks 4. Updated function documentation in both queryModeFunctions.ts and transactionModeFunctions.ts 5. Added comprehensive tests for new formatting functions Note: BALANCEONDAY() and LASTSYNCEDBALANCE() functions were not implemented as they would require database access not available in the formula execution context. These would be better suited as future enhancements with proper architecture support. Co-authored-by: lelemm <lelemm@users.noreply.github.com> * [AI] Add support for line breaks in formula card results Feedback from GitHub issue #5949: - User @Juulz reported that line breaks don't work in formula cards - Requested ability to use CHAR(10) or CHAR(13) in CONCATENATE for multi-line displays - Example: Displaying multiple totals on separate lines instead of one long line Changes: 1. Added whiteSpace: 'pre-wrap' to FormulaResult span to preserve line breaks 2. Added textAlign: 'center' to keep multi-line text centered 3. Added wordBreak: 'break-word' to handle long words gracefully 4. Updated font size calculation to account for multi-line text: - Splits display value by line breaks - Calculates based on longest line length - Divides available height by number of lines to fit all lines Usage: Users can now use CHAR(10) in formulas to create line breaks: =CONCATENATE("Total 1: ", value1, CHAR(10), "Total 2: ", value2, CHAR(10), "Total 3: ", value3) This will display: Total 1: 100 Total 2: 200 Total 3: 300 Instead of all on one line. Co-authored-by: lelemm <lelemm@users.noreply.github.com> * [AI] Remove unusable formula functions that require cell ranges User requested cleanup of formula functions that don't make sense in Actual's context. Actual uses named expressions (like QUERY results and transaction fields) rather than spreadsheet-style cell ranges. Removed from queryModeFunctions.ts: - AVERAGEA, COUNT, COUNTA, COUNTBLANK, COUNTIF, COUNTIFS (use QUERY_COUNT instead) - MAXA, MINA (kept MAX and MIN which work with individual values) - SUMIF, SUMIFS, SUMPRODUCT, SUMSQ (use QUERY with filters instead) - Statistical functions: MEDIAN, MODE, STDEV, STDEVP, VAR, VARP, PERCENTILE, QUARTILE, RANK (these require arrays of data which don't exist in our context) - Lookup functions: VLOOKUP, HLOOKUP, INDEX, MATCH, LOOKUP (these require table arrays and cell references) - ISREF (checks for cell references which don't exist) Kept useful functions: - CHOOSE (works with index and individual values) - All math functions that work with individual numbers (SUM, AVERAGE, MAX, MIN, etc.) - All text functions (CONCATENATE, UPPER, LEFT, etc.) - All date functions (TODAY, YEAR, MONTH, etc.) - All logical functions (IF, AND, OR, etc.) - Query-specific functions (QUERY, QUERY_COUNT, BUDGET_QUERY, etc.) Updated syntax highlighting in codeMirror-excelLanguage.tsx to match. This cleanup makes the autocomplete suggestions more relevant and less confusing for users working with Actual's formula system. Co-authored-by: lelemm <lelemm@users.noreply.github.com> * [AI] Add comprehensive integration tests for formula rules and formula cards User requested integration tests with real database queries and complex nested formulas. These tests go beyond unit testing HyperFormula to validate the full integration with Actual's transaction rules and query system. Formula Rule Integration Tests (36 tests): - Basic formula operations with FORMATCURRENCY and nested IFs - Text manipulation: CONCATENATE, UPPER, LEFT, RIGHT, TRIM, PROPER - Math functions: ROUND, ABS, MAX, MIN, CEILING, SQRT, SUM, PRODUCT - Date functions: YEAR, MONTH, DAY, DAYS, EOMONTH, WEEKDAY - Logical functions: AND, OR, NOT, IFERROR, SWITCH - New formatting functions: FORMATNUMBER, FORMATCURRENCY with various options - Multi-line output with CHAR(10) for line breaks - Information functions: ISNUMBER, ISTEXT, ISEVEN, ISODD, ISBLANK - Error handling and validation - Complex nested formulas combining multiple function types Formula Card Integration Tests (14 tests): - Single and multiple query integration - Query results with FORMATCURRENCY and FORMATNUMBER - Percentage calculations across queries - Date-based query filtering - Complex nested calculations with multiple queries - Multi-line output with query results - Error handling with empty queries and division by zero - Running totals across accounts - MAX/MIN operations with query results Test Coverage: - Every formula function type is tested in at least one integration test - Tests use real database operations (insertAccount, insertPayee, insertCategory, etc.) - Tests validate complex nested formulas with 3-4 levels of nesting - Tests cover edge cases (empty results, division by zero, type mismatches) - All 50 integration tests pass ✅ Note: Tests demonstrate proper usage patterns for users: - Transaction amounts are in cents, divide by 100 for dollar display - Rules must have conditions on 'imported_payee' or 'payee' to be indexed - Query results are automatically converted from cents to dollars - FORMATCURRENCY places negative sign before currency symbol (standard format) Co-authored-by: lelemm <lelemm@users.noreply.github.com> * Potential fix for pull request finding 'Unused variable, import, function or class' Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com> * [AI] Make formatting functions respect app settings with locale-based fallbacks User feedback: FORMATCURRENCY and FORMATNUMBER should use app currency and number format settings instead of hardcoded defaults. Implementation approach: - Added async loadUserPreferencesForFormulas() function that queries preferences DB - Caches preferences globally to avoid repeated DB queries - Called on module initialization to load preferences once - Custom functions access cached preferences synchronously (no reactor needed) Settings hierarchy (priority order): 1. Explicit function parameters (if provided) 2. User's app settings (currency code, number format) 3. Locale-based defaults (inferred from user's language setting) Locale-based defaults: - en-GB → GBP (£) with comma-dot format - de/fr/es/it/nl → EUR (€) with dot-comma format - ja → JPY (¥) with comma-dot format - en-IN/hi → INR (₹) with comma-dot format - en-CA → CAD ($) with comma-dot format - en-AU → AUD ($) with comma-dot format - Default → USD ($) with comma-dot format Number format patterns: - comma-dot: 1,000.00 (US/UK/Canada) - dot-comma: 1.000,00 (Europe) - space-comma: 1 000,00 (France) - apostrophe-dot: 1'000.00 (Switzerland) - comma-dot-in: 1,00,000.00 (India) Usage examples: - FORMATCURRENCY(1234.56) → Uses app currency symbol and format - FORMATNUMBER(1234.56) → Uses app number format - FORMATCURRENCY(1234.56, "€") → Override with Euro symbol - FORMATNUMBER(1234.56, 2, ".", ",") → Override with custom separators Updated documentation to reflect that parameters are optional and use app settings. All tests pass ✅ Co-authored-by: lelemm <lelemm@users.noreply.github.com> * Update VRT screenshots Auto-generated by VRT workflow PR: #7451 * [AI] Fix type errors after rebase with master Co-authored-by: lelemm <lelemm@users.noreply.github.com> * [autofix.ci] apply automated fixes * Add release notes for PR #7451 * [AI] Fix category group filter support in formula card queries BUG: When adding a Category Group filter to a Query Definition in formula cards, nothing happened. Only category filters worked. FIX: Updated extractCategoryConditions to include both 'category' and 'category_group' fields, and updated getCategoriesFromConditions to properly expand category group conditions to their member categories using cat.group. The fix follows the same pattern used in budget-analysis-spreadsheet.ts. Co-authored-by: lelemm <lelemm@users.noreply.github.com> * [AI] Exclude adm-zip from browser bundle to fix 'process is not defined' error BUG: Browser console shows 'Uncaught ReferenceError: process is not defined' at adm-zip.js when loading the app. This is caused by adm-zip (a Node.js-only package) being incorrectly bundled into browser code. FIX: Add adm-zip to optimizeDeps.exclude in Vite config to prevent it from being bundled for browser environments. Co-authored-by: lelemm <lelemm@users.noreply.github.com> * [AI] HACK: Add global process polyfill in HTML to fix 'process is not defined' error - Removed ineffective optimizeDeps.exclude for adm-zip - Added inline script in index.html that runs before any module loads - Ensures process global is available before CommonJS wrappers execute - Polyfill includes process.env.NODE_ENV and mocked process.emit() - Fixes ReferenceError in inflater.js/adm-zip when theme chunks load Co-authored-by: lelemm <lelemm@users.noreply.github.com> * [autofix.ci] apply automated fixes * [AI] Fix 'process is not defined' by making db import dynamic in customFunctions Root cause: customFunctions.ts is imported by client-side code, but had a static import of '#server/db', causing entire server db module (and transitive dependencies like adm-zip) to be bundled into browser. Solution: Changed to dynamic import inside loadUserPreferencesForFormulas() so server code is only imported when actually called (server-side only). - Removed static 'import * as db from "#server/db"' from top of file - Added dynamic 'const db = await import("#server/db")' inside function - Removed HTML polyfill hack that was masking the root cause - Browser clients can still use CustomFunctionsPlugin (falls back to locale defaults) Co-authored-by: lelemm <lelemm@users.noreply.github.com> * [AI] Fix 'process is not defined' by separating client and server code Root cause: customFunctions.ts was imported by client-side code but had server dependencies, causing db module (and transitive dependencies like adm-zip) to be bundled into browser. Solution: Split into two files to properly separate concerns: 1. customFunctions.ts - Plugin only (no server imports, safe for browser) 2. customFunctionsPreferences.ts - Server-only preferences loading (uses aqlQuery) Changes: - Created customFunctionsPreferences.ts with loadUserPreferencesForFormulas() - Uses aqlQuery (Actual's custom SQL) instead of direct db imports - Moved helper functions (getLocaleDefaults, getCurrencyFromLocale) to new file - customFunctions.ts now only has setCachedUserPreferences() setter - action.ts loads prefs and caches them at module init - Client code can still import CustomFunctionsPlugin safely Co-authored-by: lelemm <lelemm@users.noreply.github.com> * [AI] Clean up feedback-related comments from code Removed explanatory comments referencing user feedback: - Removed feedback comments from customFunctions.ts - Removed feedback comments from formula-action.test.ts - Removed feedback comments from formula-action-integration.test.ts - Removed feedback comment from FormulaResult.tsx Code functionality remains unchanged, only comments were cleaned up. Co-authored-by: lelemm <lelemm@users.noreply.github.com> * Improve formula autocomplete popover scrolling * [autofix.ci] apply automated fixes * renamed MD for the new PR * wording * code cleanup * [autofix.ci] apply automated fixes * more cleanup * comment on a workaround to make scroll work inside codemirror not on focus/under a react aria popover * [autofix.ci] apply automated fixes * fixing FORMATCURRENCY and FORMATNUMBER to use proper send() method * resolving issue when bundling the application * removed useless re-export * code review feedbacks * retrigger actions * Adjusted minimum formula card to 1x1 and allows the title to be removed from the dashboard * 🔖 (26.6.0) (#7947) * 🔖 (26.6.0) * Generate release notes for v26.6.0 * Generate release notes for v26.6.0 * Update check-spelling metadata * Generate release notes for v26.6.0 * add release summary * links * Generate release notes for v26.6.0 * update links * Generate release notes for v26.6.0 * Generate release notes for v26.6.0 * Generate release notes for v26.6.0 * add EB link * Add initial docs for Enable Banking (#7961) * Add initial docs for Enable Banking * Delete upcoming-release-notes/7961.md * [Docs] UI Budget automations & month-end cleanup (#7863) * Add files via upload * Create documentation for budget automation feature Added documentation for the budget automation feature, detailing its functionalities, usage, and examples. * Add files via upload * Revise budget automation documentation for clarity Updated the documentation for budget automation, enhancing clarity and consistency in the descriptions of features and options. * [autofix.ci] apply automated fixes * Update Markdown headers for budget automation section * Add files via upload * Improve formatting in budget automation documentation Updated formatting and added line breaks for better readability in the budget automation documentation. * [autofix.ci] apply automated fixes * Fix HTML line breaks in budget-automation.md Updated HTML line breaks from '</br>' to '<br>' in budget automation documentation. * Fix HTML line breaks in budget automation documentation * Fix headings and formatting in budget-automation.md Updated formatting and corrected headings in budget automation documentation. * Add budget-automation to sidebar items * Add files via upload * Add files via upload * Revise budget automation documentation Updated budget automation documentation to clarify usage of notes templates and detailed instructions for month-end cleanup processes, including named pools and weight calculations. * [autofix.ci] apply automated fixes * Refactor budget automation documentation for clarity Updated various sections for clarity and consistency, including grammar corrections and improved phrasing. * [autofix.ci] apply automated fixes * Enhance budget automation documentation Updated budget automation documentation with new blog links and improved formatting. * Fix links in budget-automation.md Updated links in the budget automation documentation to remove 'docs' prefix for consistency. * Revise budget automation documentation with updates Updated images and text for budget automation documentation, including corrections and enhancements to clarity. * Improve clarity and add save reminders in budget automation Updated wording for clarity and added reminders for saving work. * Update budget automation documentation for clarity Clarify the process of handling leftover funds in the budget automation script. * [autofix.ci] apply automated fixes * Add 'overfund' and 'overfunded' to spelling expect list * Update spelling expectations by removing 'overfunded' Removed 'overfunded' from the spelling expectations. * Add files via upload * 'overfund' to 'overfunded' First the bot tells me overfunded isn't needed if overfund is there. Now, it tells me that overfunded IS needed. I give up. * Enhance budget automation documentation Added new sections on automation adjustments, moved some sections around, added horizontal separators. * Update images and descriptions in budget automation docs * Add files via upload * Add automation notes section to budget automation docs Added a section on automation notes to document how automations, balance caps, and long-term goals can have associated notes for clarity and tracking. * Add files via upload * Update budget automation examples in documentation * Add files via upload * Apply suggestions from code review Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> * [autofix.ci] apply automated fixes * Add 'unmigrate' to spelling expectations * Improve clarity in budget automation documentation Clarified descriptions for budget automation features and improved wording for better understanding. * Correct spelling of 'unmigrate' to 'Unmigrate' They are the same and github is punking me again. * Clarify automation notes description * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Fix typos in budget-automation documentation Corrected typos and improved clarity in the budget automation documentation. --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> --------- Co-authored-by: github-merge-queue <118344674+github-merge-queue@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> Co-authored-by: Mats Nilsson <matni403@gmail.com> Co-authored-by: Juulz <julesmcn@gmail.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * [AI] Improve Balance Forecast captions (#7957) * [AI] Add visible low point helper for forecasts * [AI] Show ending balance in forecast report * [AI] Show ending balance on forecast card * [AI] Update balance forecast report snapshots * [AI] Add release note for forecast captions * [AI] API: improve messaging for version/schema mismatch errors (#8026) * [AI] Improve messaging for API version/schema mismatch errors When an outdated client or @actual-app/api connects to a budget whose data uses a newer database schema, sync-apply fails with a cryptic "no such column" error that surfaced as a generic download/sync error. Add a version-mismatch message in getDownloadError/getSyncError, gated on the actual SQLite schema-error signature (no such column/table) so other invalid-schema failures keep their generic messaging and otherwise compatible API versions remain usable. * [AI] Set release note author to MatissJanis * Add release notes for PR #8026 * [AI] Address review: use Vitest globals and remove duplicate release note - Drop the explicit `vitest` import in errors.test.ts and rely on the configured test globals (per CodeRabbit review). - Remove the duplicate 8021.md release note, keeping the PR-numbered 8026.md with the clearer description. * [AI] Avoid i18n in loot-core for schema-mismatch message Return the schema-mismatch error as a plain string instead of going through i18next, and drop the i18next setup from the test. loot-core does not depend on i18n, and this message is surfaced verbatim through the programmatic API. * [AI] Remove unnecessary code comments * [AI] Add missing-meta test for getDownloadError --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * Fix typo in Budget Automation math expression (#8035) * Fix typo in Budget Automation math expression * Remove release note --------- Co-authored-by: youngcw <calebyoung94@gmail.com> * [AI] docs: update reset-password instructions (#7950) * [AI] docs: update reset-password instructions Clarify the current host-side command and keep the source-checkout workflow documented. Closes #7943 * [AI] docs: keep npm reset path alongside actual-server * Fix CSV import settings reset when skipping end lines (#7827) * [AI] fix(api): prevent navigator crash when loading @actual-app/api in Node.js (#8037) * [AI] fix(api): prevent navigator crash when loading @actual-app/api in Node.js Problem ------- @actual-app/api 26.5.0 and 26.6.0 throw "ReferenceError: navigator is not defined" on import in Node.js environments. The loot-core shared bundle includes three platform variants: platform.ts – browser (references navigator at module load time) platform.electron.ts – Electron/desktop (uses Node.js os module) platform.api.ts – Node.js API (safe constants only) The API vite build uses `resolve: { conditions: ['api'] }` to pick the right variant via the loot-core package imports map (#shared/platform). However, months.ts was importing via a bare relative path (`./platform`) instead of the imports-map alias (`#shared/platform`). Vite's conditions-based resolution does not apply to relative imports, so the build fell back to platform.ts (the browser variant), bundling navigator references that crash at load time. Fix --- Change months.ts to import `#shared/platform` instead of `./platform`. This goes through the loot-core package imports map, which the vite `api` condition resolves to platform.api.ts — the Node.js-safe variant. platform.api.ts was already added to the repo alongside this condition infrastructure (in the same 26.6.0 release) but the months.ts import was missed, leaving the crash in the published package. Testing ------- Added packages/api/platform.test.ts, which imports @actual-app/core/shared/ platform under the `api` vite condition and asserts that isBrowser, isPlaywright and isIOSAgent are all false. This test: - Fails if platform.api.ts is deleted (module not found) - Fails if platform.api.ts is modified to reference navigator (ReferenceError) - Fails if the api vite condition is removed, falling back to platform.ts which throws ReferenceError at import time in Node.js Verified by Kyle Slattery against a live Actual Budget instance via the actual-flow integration tool (https://github.com/lunchflow/actual-flow). * Add release note * Update upcoming-release-notes/8037.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Delete packages/api/platform.test.ts --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * [AI] Move i18n usage outside of loot-core (#8027) * [AI] Move i18n usage outside of loot-core loot-core should be platform-agnostic and free of i18n concerns. This moves all user-facing translated string helpers (rule/schedule labels, error formatters) into desktop-client's #util/{rule,schedule,error} modules, while keeping the underlying logic in loot-core. - Headless @actual-app/api error formatters in loot-core now return plain English strings (the API has no i18n runtime). - The persisted "Unknown" institution name and the platform storage alert use plain strings. - Removed the unused i18next dependency from loot-core. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * [AI] Address review feedback on i18n-out-of-loot-core PR - Wrap switch default arms in blocks to satisfy noSwitchDeclarations (desktop-client and loot-core getDownloadError) - getSecretsError: return a localized generic message instead of leaking the raw backend error token - getRecurringDescription: always separate the weekend annotation so it no longer renders as "Monday(after weekend)"; add test coverage - IndexedDB quota error: surface a typed 'indexeddb-quota-error' event from loot-core and present the localized alert in desktop-client instead of a hard-coded English string - Persist a null bank name (instead of English "Unknown") when the provider reports no institution, and render a localized fallback in the bank sync UI --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * [AI] Fix Balance Forecast chart colors with custom themes (#8031) * [AI] Use report theme colors for Balance Forecast chart lines * [AI] Add release notes for Balance Forecast custom theme fix * fix react compiler on Windows (#8049) * hmm.. * note * [Docs] Revise fly.io deployment instructions for nightly builds (#8059) * Revise deployment instructions for nightly builds Updated instructions for deploying unstable versions of Actual. * Clarify fly deploy commands in installation guide Updated deployment commands for clarity and added example for nightly version. * [autofix.ci] apply automated fixes --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * [AI] Scope Electron update to v41 (#8044) * Initial plan * Bump desktop Electron runtime to v42.3.0 * Add release notes entry for PR #8044 * Change author from Copilot to MikesGlitch Updated author information in release notes. * Update node-abi mappings to support Electron 42 ABI detection * Address validation feedback for Electron update PR * Add better-sqlite3 Electron 42 patch * Update lockfile for better-sqlite3 patch * Remove better-sqlite patch protocol and target Electron 41 * Align release note with Electron 41.7.1 change * Update better-sqlite3 ranges to ^12.8.0 --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Michael Clark <5285928+MikesGlitch@users.noreply.github.com> Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> * [Enhancements] Removed regex from excel formula execution (#7990) * Removed regex from excel formula execution * [autofix.ci] apply automated fixes * Surface error for BUDGET_QUERY * code review --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * [AI] Fix balance forecast report Y-axis label clipping (#8030) * [AI] Fix balance forecast report Y-axis label clipping * [AI] Add release notes for #8030 * docs: add actual-bench to community projects (#8045) * docs: add actual-bench to community projects * [autofix.ci] apply automated fixes * docs: add release note for actual-bench community entry * [autofix.ci] apply automated fixes * fix: address coderabbit comments * fix: remove upcoming release notes --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * [AI] Add Sort A to Z / Sort Z to A options to budget category groups (#7831) * [AI] Add Sort A to Z / Sort Z to A options to budget category groups (#7831) * Simplify release notes and apply coderabbitai suggestions * [AI] fix(api): trigger SimpleFin batch sync with a single account (#8052) The condition required more than one SimpleFin account before running batch sync, causing a single SimpleFin account to be skipped entirely. Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * add pikapods desktop warning (#8061) * add pikapods desktop warning * better link * add to spelling list * more spelling * [AI] Fix bug when linking accounts (#8006) Fixes a bug that when selecting Link Account from the account page one has to reselect the same account in the modal even though its prepopulated. Co-authored-by: Gemini <noreply@google.com> * add MXN peso (#8060) * ♻️ remove unnecessary playwright container pulls to speed up CI (#8067) * don't use playwright where it's not needed * note * [AI] Add auto-generated Upcoming Release docs page (#8065) * [AI] Add auto-generated Upcoming Release docs page Adds a docs page that always reflects the current contents of the repo-root upcoming-release-notes/ directory — the changes that have been merged but not yet published in a stable release (i.e. what ships in the nightly/edge builds). - Extract parseReleaseNotes/formatNotes from the release-notes generator into the shared ci-actions util so both the release generator and the docs build reuse the same formatting. - Add a docs build script that regenerates docs/upcoming-release-notes.md on every start/build, with an intro explaining the notes are unreleased and how to try them, plus the categorized notes list. - Wire the generator into the docs start/build scripts, add a sidebar entry next to Release Notes, and gitignore the generated page. https://claude.ai/code/session_01MuY9Phome8uJKH51HbrsQw * [AI] Simplify upcoming-release-notes generator - Declare @actual-app/ci-actions as a workspace dependency and import the shared util by package name instead of a relative cross-package path, so the dependency is registered in the workspace graph. - Resolve the repo root once via new URL() and drop the dirname import. - Use a ternary for the page body instead of let + if/else. https://claude.ai/code/session_01MuY9Phome8uJKH51HbrsQw * Add release notes for PR #8065 * [AI] Remove edge references, keep only nightly in docs Co-authored-by: Matiss Janis Aboltins <MatissJanis@users.noreply.github.com> * Update packages/docs/scripts/generate-upcoming-release-notes.mjs Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: Matiss Janis Aboltins <MatissJanis@users.noreply.github.com> Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> * Bump the npm_and_yarn group across 2 directories with 1 update (#8071) Bumps the npm_and_yarn group with 1 update in the / directory: [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router). Bumps the npm_and_yarn group with 1 update in the /packages/desktop-client directory: [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router). Updates `react-router` from 7.13.1 to 7.14.2 - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router@7.14.2/packages/react-router) Updates `react-router` from 7.13.1 to 7.14.2 - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router@7.14.2/packages/react-router) --- updated-dependencies: - dependency-name: react-router dependency-version: 7.14.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: react-router dependency-version: 7.14.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * When resetting SimpleFIN credentials, parse error and error_code if response body exists (#8068) * Initial commit * Add release note * Update release note file name to match PR number * Flip operands when checking for 2xx * Release notes grammar * Better release note for non-devs * Simplify to naive solution of checking on nullable response * Hiding tags and tag table bulk actions (#7919) * [AI] Make TypeScript work in test files across packages Match the CRDT package's tsconfig pattern in loot-core, desktop-client, api, and desktop-electron so test files participate in the project graph (IDE intellisense, project-wide typecheck) while production builds still emit clean declaration files. - Remove test-file exclusions from each package's main tsconfig - Add tsconfig.build.json for loot-core and api with test exclusions, used by the build scripts - Add e2e/tsconfig.json for desktop-client and desktop-electron with Playwright types - Fix latent type errors in test files now caught by typecheck - Disable typescript/unbound-method for test files (mock matcher pattern) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * [AI] Address review feedback on test type fixes - goal-template.test.ts: extract amounts to typed locals so single-value assertions no longer compare against unknown - category-template-context.test.ts: replace `as unknown as DbCategory` double-cast with a fully-typed object using `satisfies DbCategory` (the previous mock had `is_income: true` which doesn't match the `1 | 0` shape the cast was hiding) - api/tsconfig.build.json: broaden test exclude pattern to `**/*.test.ts` Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * [AI] Drop tsconfig.build.json for loot-core and api The build-config indirection was incomplete protection: typecheck (`tsgo -b` against the main tsconfig, which now includes test files) already emits `*.test.d.ts` into `@types/`, and the build step does not clean before re-emitting. The same is observable in crdt's `dist/`, which currently contains test declarations on disk. What actually keeps test declarations out of the npm tarball is the `files` field in package.json — and loot-core already uses that mechanism for source files (`\!src/**/*.test.ts`). Extending the same pattern to `@types/` is more direct than maintaining a duplicate tsconfig that doesn't reliably do its job. - Delete loot-core/tsconfig.build.json; revert build to `tsgo -b`; add `\!@types/**/*.test.d.ts*`, `\!@types/**/__tests__/**`, `\!@types/**/__mocks__/**` to `files`. - Delete api/tsconfig.build.json; revert build to `vite build && tsgo --emitDeclarationOnly`; add `\!@types/**/*.test.d.ts*` to `files`. Verified: `yarn pack --dry-run` excludes all test declarations from both packages while production declarations still pack (428 .d.ts files for loot-core, methods.d.ts for api). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * first pass at implementation * finished implementing what I feel would be a good user experience * padding update * added ability to use tab to select * release notes * updated release notes * auto highlights first entry * removed debug info * linting formatting * updated behavior with tags in the middle of stuff * minor improvements to ux * extracted TagAutocomplete functionality into its own file * rewrote TagAutocomplete using react-aria-components from scratch * linting * restored old autocomplete since I'm no longer using it * linting * capped results at 10 * bugfix * used tag css hook instead of notes tag formatter * added mobile support * fixed bug where inserting a tag at the end of the note wouldn't fire onChange handler * fixed bug where note would hover even though field was not focused * fixed bug with currentWord detection * some more minor UI bugs with the mobile UI * removed log statement * added aria-label * [autofix.ci] apply automated fixes * name to Input * updatedt ests * fixed tests * whitespace adjustment * removed debug from test * added tests and made a few fixes * tried to fix vrt * some new hooks to use * removed log statement * removed input from useCursorPosition * input ref value hook now triggers on mount * add extra padding * hide browser autocomplete when our popup is shown to avoid doubles * useFilteredTags hook and adjustments to mobile tag UI * switched from opacity to height transitioning * sorted filtered tags by startsWith first * updated highlighting logic for mouseover * [autofix.ci] apply automated fixes * fix tag ordering * button type * [autofix.ci] apply automated fixes * release note update * release note to trigger ci * reverted db change * Revert "reverted db change" This reverts commit 24ce5450e5e4261e77fe5056620c240da22869a3. * can now filter by tags without hashes * extracted a method and added a new hasAnyTags rule * added hasAnyTag, still need to figure out why tests are failing * fixed unit tests * release notes * fixed based on coderabbit * tag.toLowerCase() * variable scope fix * fixed some focus-related bugs * allow creating tags in the dropdown for desktop * fixed focus issues with useCursorPosition * added Create Tag functionality to mobile * tests and added some length clipping as qol * can now use enter to submit new tag properly * centralized overflow CSS for tags * centered the text horizontally * added textnowrap * release notes * linting * fixed issue with async keydown handler * specified only to use new tag css for the autocomplete stuff * forgot to add new option to tag table * removed Trans * started working on multiselect * multiselect is now functional * finished multiAutocomplete implementation * [autofix.ci] apply automated fixes * removed double input * added multi autocomplete to rule editor * adjusted padding for TagMultiAutocomplete * adjusted hover cursor * release notes * fixed rule conditions * added tag styling to filter multiselect * spacing adjustment * release notes for retriggering build * added hidden migration * added hidden to models * added tags-hide-all and tags-unhide-all actions * added hide and unhide tags actions * added SelectedTagsButton * added UI elements for hiding/showing tags * release notes * removed delete from ManageTags * added icons to menu * coderabbit * coderabbit * updated mutations for translations * coderabbit * removed not null requirement * attempted to fix tests? * removed duplicate filterTags * [autofix.ci] apply automated fixes * updated release notes * release note update * updated migration timestamp * moved tags menu button --------- Co-authored-by: github-actions[bot] <matiss@mja.lv> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> Co-authored-by: Alec Bakholdin <alecbakholdin.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * automation UI: improve scaling (#8080) * improve scaling on high zoom levels * note * automation UI: rework balance cap and fix error when clearing fields (#8082) * fix safeNumber error * rework balance cap UI to be more readable * note * add explanation to balance cap * Bump react-router in the npm_and_yarn group across 1 directory (#8072) Bumps the npm_and_yarn group with 1 update in the / directory: [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router). Updates `react-router` from 7.14.2 to 7.15.0 - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router@7.15.0/packages/react-router) --- updated-dependencies: - dependency-name: react-router dependency-version: 7.15.0 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [AI] feat(currencies): add currency-precision-aware helpers (#8064) * [AI] feat(currencies): add getDecimalPlaces/getCurrencyPrecisionMultiplier helpers, encodeAmount, currency-aware integerToCurrencyWithDecimal * Fix typo in release note * Use it.each in unit tests * Rename encodeAmount and replace its body; remove getCurrencyPrecisionMultiplier * [AI] Remove AI-generated release notes workflow and support custom filenames (#7963) * [AI] Relax release-notes filename convention Allow descriptive filenames (e.g. add-payee-autocomplete.md) for upcoming release notes instead of requiring {PR_NUMBER}.md. The PR number was only used to build the [#1234](.../pull/1234) link in the generated changelog. The generation script now resolves the PR per file by finding the commit that added it (git log --diff-filter=A --follow) and querying GitHub's commits/{sha}/pulls endpoint. Numeric filenames remain valid via a fast path. Also retires the CodeRabbit/OpenAI-triggered auto-creator workflow, which existed to guess summaries and stamp the PR-numbered filename; neither is needed once contributors can pick a slug up front. * Add release notes for PR #7963 * [AI] Use execFile to look up release-note add-commits resolvePrNumber() interpolated a path from fs.readdir into a shell- evaluated `git log` command. Switch to execFile with an argv array so filenames containing shell metacharacters can't break out of the intended command. * [AI] Drop duplicate release note added by the to-be-removed auto-creator The CodeRabbit-triggered workflow ran one last time from master before this PR removes it, and committed upcoming-release-notes/7963.md duplicating the existing relax-release-notes-filenames.md entry. Keep the slug-named note since it exercises the new flexible-filename code introduced in this PR. * [AI] Don't fail release-notes generation on transient API errors fetchPrForCommit() handled non-OK HTTP responses but let fetch() and res.json() exceptions propagate, so a single network blip or malformed response would abort the whole release-notes generation. Wrap them in a try/catch that logs and returns null, matching the pattern already used in resolvePrNumber for execFile errors. * [AI] Address CodeRabbit full-review nits - bin/release-note-generator.ts: tighten slug regex to reject trailing and consecutive dashes (matching slugify output), and make slugify fall back to "untitled" so an all-non-alphanumeric input can't produce a hidden ".md" filename. - packages/ci-actions/bin/release-notes-check.mjs: switch to execFile for git fetch/diff, matching release-notes-generate.mjs and removing shell interpolation of BASE_REF. - packages/ci-actions/bin/release-notes-generate.mjs: explicitly check GITHUB_REPOSITORY before splitting, consistent with the other env var guards a few lines below. - upcoming-release-notes/relax-release-notes-filenames.md: fix author casing (matiss -> MatissJanis) so changelog attribution is correct. * [AI] Reject empty release-note bodies content.trim().split('\n').length === 1 is true for the empty string (''.split('\n') returns [''] of length 1), so blank notes slipped past the single-line check. Reject empty trimmed content explicitly. * [AI] Resolve PR numbers from commit subjects instead of GitHub's API parseReleaseNotes was doing one GitHub API round-trip per non-numeric release-note file. That scales badly for release generation, and the docs site's generate-upcoming-release-notes.mjs runs on every docs build — so contributors were hitting the GitHub API (or failing 401 without a token) every time they previewed docs locally. actualbudget squash-merges every PR through the GitHub UI, which appends "(#NNNN)" to the resulting commit subject. So: git log -1 --format=%s -- <path> plus a /\(#(\d+)\)\s*$/ match recovers the PR number without touching the network, and works offline / without a GITHUB_TOKEN. Side effect: switched from "first commit that added this file" to "most recent commit touching this file", which is what we actually want — when a file is renamed (e.g. 7907.md -> 7954.md when a wrong PR number is corrected), the changelog should point at the rename PR, not the original add. The SHA->PR cache and fetchPrForCommit go away; no longer needed. If a file's subject doesn't match (direct push to master, manually rewritten subject), the entry still emits without a PR-link prefix — same graceful degradation as before. * [AI] Pin PR-number lookup to each note's add commit resolvePrNumber was using git log -1 with no diff filter, returning the latest commit that touched the file. That's fine until someone edits an existing release note in a follow-up PR (typo fix, author correction) — at which point the changelog entry would suddenly point at the wrong PR. Add --diff-filter=A so the lookup pins to the commit that originally added the path. Empirically verified against this repo: renames keep working (git records a rename as A at the new path when --follow isn't used), and the edit case now correctly returns the original add commit instead of the most recent touch. --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * [AI] Add GitHub workflow to block PRs with "do not merge" label (#8090) * [AI] Add CI job that fails when 'do not merge' label is set * [AI] Rename do not merge check job to "Block PRs with do not merge label" * [AI] Rename do not merge workflow to "Block PRs with do not merge label" * [AI] Add release notes for do not merge CI check * Update 8090.md --------- Co-authored-by: Claude <noreply@anthropic.com> * [AI] Persist bank sync status in the accounts table (#8017) * [AI] Persist bank sync status in the accounts table Extracts the persisted bank-sync-status half of #7782 (by @jcam): adds a bank_sync_status column to the accounts table, writes the status (pending/ok/failed/reauth-required/attention-required) during native bank syncs, and reads the persisted value in the UI (sidebar, account header, mobile account pages, and the sync banner) instead of ephemeral Redux state. https://claude.ai/code/session_014MXn6Qi8skvFL9kXw7ctFD * [AI] Add release note for persisted bank sync status https://claude.ai/code/session_014MXn6Qi8skvFL9kXw7ctFD * [AI] Persist only durable failure states, keep pending ephemeral Addresses review feedback: a transient 'pending' write could get stuck in the DB (and propagated via CRDT) if the app closed mid-sync. The DB now only stores durable result states (ok / failed / reauth-required / attention- required); pending stays in ephemeral Redux state (account.accountsSyncing) as before. The UI reads only the persisted failure state via isAccountFailedSync, and the BankSyncStatus banner reverts to the ephemeral in-flight count. Also extracts a persistBankSyncError helper and inlines a redundant wrapper. https://claude.ai/code/session_014MXn6Qi8skvFL9kXw7ctFD * [AI] Un-export AccountSyncSidebar, refine release note - AccountSyncSidebar is internal again; drop the export-only-for-test and its test (the failure logic is already covered by syncStatus.test.ts). - Credit MatissJanis in the release note and make it user-centric. https://claude.ai/code/session_014MXn6Qi8skvFL9kXw7ctFD * [AI] Publish account changes in bank-sync sync-events handleSyncResponse writes accounts.last_sync and accounts.bank_sync_status, but the sync-events following it only declared tables: ['transactions'], so clients only refetch useAccounts when the event includes 'accounts'. Add 'accounts' to the six emissions that follow handleSyncResponse (the four link flows and the two batch-sync finals) so the persisted account changes are published everywhere, not just on the triggering client. https://claude.ai/code/session_014MXn6Qi8skvFL9kXw7ctFD * [AI] Re-timestamp bank_sync_status migration after master A newer migration (add_tags_hidden) landed on master, so bump the bank_sync_status migration's timestamp to remain the latest and satisfy the migration-ordering check. https://claude.ai/code/session_014MXn6Qi8skvFL9kXw7ctFD --------- Co-authored-by: Claude <noreply@anthropic.com> * Remove environment from release notes workflow (#8091) * Remove environment from release notes workflow Removed the environment specification from the release notes workflow. * Update release-notes CI job configuration Removed the unnecessary 'environment' from the release-notes CI job. * [AI] Enable "do not merge" check on merge queue events (#8092) * [AI] Run do-not-merge check on merge_group events The block-do-not-merge workflow only triggered on pull_request events, so it never ran in the merge queue and could not be made a required check. Adding the merge_group trigger lets the job run and pass in the queue context (where pull_request labels are absent), allowing it to be required. * [AI] Add release notes for merge queue do-not-merge fix --------- Co-authored-by: Claude <noreply@anthropic.com> * Make payee & categories searching to be case-insentive (#8079) * make payee & categories searching to be case-insentive * add release notes * [autofix.ci] apply automated fixes * Update VRT screenshots Auto-generated by VRT workflow PR: #8079 * update release-note * [autofix.ci] apply automated fixes * fix release-note format --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * Add files via upload (#8096) * [AI] Fix incorrect schedule value when saving full amount (#8085) If one has a yearly schedule and the budget template uses "Cover each occurence when it occurs", it still showed a value for the yearly schedule even though it's not the month where the schedule occurs. Co-authored-by: Gemini <noreply@google.com> * feat: add SharedArrayBuffer warning indicator in title bar (#7922) * feat: add SharedArrayBuffer warning indicator in title bar * improve styling * add warning label * fix typo * review comments fixed * use link instead of button * fix tooltip styles * add hover effect --------- Co-authored-by: Awais Saeed <dev@awaissaeed.com> * [AI] Remove experimental status from Actual CLI (#8102) * [AI] Move actual-cli out of experimental status * [AI] Rename CLI release note to a feature slug --------- Co-authored-by: Claude <noreply@anthropic.com> * add warning when schedule/save by automation priorities don't match (#8088) * add warning when schedle/save by automation priorities don't match * note * italicise * feat(reports): scoped ErrorBoundaries for individual report routes (#7658) * feat(reports): scoped ErrorBoundaries for individual report routes (#7391) Wrap each route in ReportRouter for NetWorth, CashFlow, Spending, etc. in ErrorBoundary with FeatureErrorFallback. Matches the pattern used for /rules routes in FinancesApp.tsx so a render error in a single report no longer takes down the whole app. * chore: rename release note to PR number * refactor(reports): extract withReportBoundary helper to remove route boilerplate Each report route was wrapping its element in the same ErrorBoundary block with FeatureErrorFallback and resetKeys={[location.pathname]}. Pull that into a small withReportBoundary(element) helper inside ReportRouter so each route is one line again. Behavior is unchanged. The ErrorBoundary, FallbackComponent, and resetKeys are identical to before; the helper just closes over location.pathname. Addresses review feedback from @joel-jeremy and the CodeRabbit nitpick on the same file (a custom Route component is not viable since react-router v6's <Routes> requires literal <Route> children, but a helper function gives the same boilerplate reduction). * refactor(reports): hoist withReportBoundary to ReportBoundary component Move the per-route error-boundary helper out of ReportRouter as a module-scoped component. ReportBoundary calls useLocation() internally so each call site stays clean. Addresses review feedback. --------- Co-authored-by: github-actions[bot] <matiss@mja.lv> Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * [AI] Add configurable average ranges to Monthly Spending report (#7920) * Add configurable average ranges to Monthly Spending report * Delete upcoming-release-notes/temp.md * Update packages/desktop-client/src/components/reports/spendingAverageRange.test.ts Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Fix spending average range test import * Update VRT screenshots Auto-generated by VRT workflow PR: #7920 --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: youngcw <calebyoung94@gmail.com> * [AI] Fix custom report transfer drilldown filters (#8001) Co-authored-by: youngcw <calebyoung94@gmail.com> * Make tag search case-insensitive (#8093) * makes tags case insensitive * release notes --------- Co-authored-by: Alec Bakholdin <alecbakholdin.com> * docs: add Hostim to Additional Installation Options (#8066) * docs: add Hostim to community install options Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * docs: add release note for #8066 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * docs: drop release note (not required for docs-only change) --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Co-authored-by: youngcw <calebyoung94@gmail.com> * [AI] Add SSRF protection to SimpleFIN bank sync integration (#8012) * [AI] Add SSRF protection to SimpleFIN bank sync integration The SimpleFIN integration made server-side HTTP requests to user-controlled URLs (the base64-encoded claim token and the resulting access-key base URL) without any validation, unlike the CORS proxy which blocks private IPs via ipaddr.js. Add a shared assertUrlAllowed() helper that rejects non-http(s) URLs and blocks requests to private, loopback, link-local, unique-local, reserved, broadcast and unspecified addresses. Hostnames are resolved via DNS so names pointing at internal addresses are blocked too, not just literal IPs. Apply it before both outbound requests in getAccessKey() and getAccounts(). * [AI] Unify CORS proxy private-IP check with shared SSRF helper The CORS proxy had its own inline ipaddr.js private-IP check that duplicated the logic in the SimpleFIN SSRF helper. Export isBlockedIp() from util/ssrf and reuse it in app-cors-proxy, removing the duplicate. This also widens the CORS proxy's coverage to the reserved and broadcast ranges and normalizes IPv4-mapped IPv6 addresses, matching the SimpleFIN helper. The cors-proxy tests now exercise the real ipaddr.js against real private IPs instead of mocking it. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * [AI] Rename SimpleFIN SSRF release note to match PR number Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * Implement SSRF protection for SimpleFIN bank sync Requests to private, loopback, link-local, and other internal addresses are now blocked. * [AI] Allow self-hosted private SimpleFIN servers by default The SSRF protection blocked all private/loopback addresses, which broke self-hosters running their own SimpleFIN bridge on a LAN or VPN IP with no way to opt back in. Split the blocked ranges into two tiers: link-local (cloud metadata), reserved, broadcast and unspecified stay blocked unconditionally, while private/loopback/unique-local are blocked by default but can be permitted per-caller via { allowPrivateNetwork: true }. SimpleFIN opts in, so self-hosting works out of the box with no env var, while the worst-case cloud-metadata credential-theft vector remains closed. The CORS proxy keeps the strict default. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * [AI] Re-validate SSRF rules on each SimpleFIN redirect hop getAccounts used fetch with redirect: 'follow', so a 3xx response from the validated SimpleFIN URL could redirect to a blocked internal address after only the initial URL had been checked. Follow redirects manually instead, calling assertUrlAllowed on every hop before fetching, capping at 5 redirects, and dropping Authorization on cross-origin hops so the bridge credentials cannot leak to a redirect target. getAccessKey uses https.request, which does not auto-follow redirects, so it is unaffected. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com> * [AI] Skip unimportable Enable Banking transactions instead of failing the whole sync (#8086) * [AI] Skip unimportable Enable Banking transactions instead of failing the whole sync Enable Banking bank-sync aborts the whole account import with a client-side SQLITE_ERROR when a fetched transaction cannot be inserted — most commonly a pending transaction with no booking/value/transaction date (normalized to date ''), or a non-numeric amount. Add an isImportableTransaction helper and skip such records in the /transactions handler (logging the count) so the rest of the account imports. Dated pending transactions are unaffected. * [AI] Add release note for #8086 * [AI] Reject empty Enable Banking transaction amounts Number('') is 0 (finite), so an empty/whitespace amount slipped through isImportableTransaction as a zero transaction. Trim and reject empty amounts explicitly, with a test. Addresses PR review feedback. * Update packages/sync-server/src/app-enablebanking/services/enablebanking-service.ts Co-authored-by: Matiss Janis Aboltins <matiss@mja.lv> * Update packages/sync-server/src/app-enablebanking/app-enablebanking.ts Co-authored-by: Matiss Janis Aboltins <matiss@mja.lv> * [AI] Remove now-unused skippedCount counter The summary log that read it was removed when accepting the review suggestion; drop the dangling write-only counter so the loop matches the per-transaction skip log that remains. --------- Co-authored-by: Matiss Janis Aboltins <matiss@mja.lv> * [AI] Disable ESLint in CodeRabbit configuration (#8110) * [AI] Disable ESLint in CodeRabbit config * [AI] Add release notes for CodeRabbit ESLint change * [AI] Rename release notes to match PR number 8110 * [AI] Rename release notes file to a slug --------- Co-authored-by: Claude <noreply@anthropic.com> * Feature: Add Akahu New Zealand bank sync (#6041) * add akahu integration for nz banks * akahu fix bank name being set to account name * rename apiToken and fix reset pointing to the wrong function * fix apitoken wording in akahu init modal * add upcoming-release-notes * fix lint issues * fix lint issues * add loan account type to starting balance inversion * fix initial sync balance * initially select 365 days of transactions on first sync for akahu sync * add SyncServerAkahuAccount to onSetLinkedAccount * set transaction currency to account currency * remove unnecessary code * handle TFR TO/FROM payees and account for loan account type in transactions * [autofix.ci] apply automated fixes * rename Error to ErrorAlert and fix intial sync start date * extract note from description for TFR TO/FROM transactions * fix normalizeNotes not referencing the transaction * refactor app-akahu code * [autofix.ci] apply automated fixes * Add Akahu to ExternalAccount type * Update yarn.lock * update yarn.lock * Remove unused error var in catch block * [autofix.ci] apply automated fixes * require authentication for akahu endpoint * fix lint issue in mutations.ts * fix up import paths * fix lint issues * reorder form fields * remove unnecessary handling for debt accounts * lint fixes * Put Akahu bank sync under feature flag * remove incorrect feedback link * [autofix.ci] apply automated fixes * Add feedback link for feature toggle * use uuidv4 * prevent fetch if feature not enabled * change app-akahu to ts and tidy up * fix typecheck errors * [autofix.ci] apply automated fixes * fix browser client build issues * [autofix.ci] apply automated fixes * update akahu npm package to latest version * use amountToInteger for balance reducer * add additional details to transactions * change initial sync start date logic * add akahu fields to mappable fields in desktop-client * [autofix.ci] apply automated fixes * getDate use formatISO to get the timezone adjusted date * remove duplicate payeeName --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * automation UI: add mobile support 📱 (#8099) * generalise out to hooks * add mobile modal * wire up mobile * tidy up field styling on mobile * [AI] add mobile automations e2e test Covers opening the editor from the mobile category menu, the drill-down list/editor navigation, touch-sized fields, and that Cancel dismisses it. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * note * Update VRT screenshots Auto-generated by VRT workflow PR: #8099 * fix date picker on schedule page * fix conflict * fix cramped space in save by automation --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * [Docs] Starting at the top, Introduction & Vision (#8083) * Enhance introduction and navigation details in docs Revised wording for clarity and improved navigation instructions in the documentation. * Update vision.md for clarity and formatting Refine language for clarity and consistency, and update formatting for better readability. * Improve formatting of third-party use section Reformatted the third-party use section for clarity. * Revise documentation introduction and navigation details Updated the introduction and navigation instructions for clarity and conciseness. * Revise documentation overview and navigation details Updated documentation for clarity and navigation instructions. * Refine Local-first explanation in vision.md Removed redundant text in the Local-first section. * [autofix.ci] apply automated fixes * Revise contribution guidelines in documentation Updated links to contributing guides and documentation readme. * Revise headings and improve hyphenation in vision.md Updated headings and corrected hyphenation in vision.md. * [autofix.ci] apply automated fixes * Fix wording in contribution guidelines section Corrected the wording from 'documentation standard' to 'documentation standards' for clarity. --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Matiss Janis Aboltins <matiss@mja.lv> * [AI] Fix bank sync deadlock from nested mutator (#8111) * [AI] Fix bank sync deadlock from nested mutator PR #8017 wrapped the accounts-bank-sync and simplefin-batch-sync handlers in mutator(). runHandler runs mutators via runMutator, which is sequential() — only one mutator may run at a time and re-entrant calls are queued. These handlers call syncAccount -> reconcileTransactions, which already invokes runMutator internally. The inner runMutator gets queued behind the still-running outer one while the outer awaits it, deadlocking forever. The bank sync send() never resolves, so the mobile spinner spins indefinitely. Remove the mutator() wrapping (restoring pre-#8017 registration). The DB writes for bank_sync_status/last_sync already ran outside a mutator before #8017, and transaction reconciliation manages its own mutator context. * [AI] Add regression tests for bank sync mutator deadlock Guards against re-wrapping the accounts-bank-sync / simplefin-batch-sync handlers in mutator(), which deadlocks because the sync internally calls runMutator (reconcileTransactions) and runMutator is sequential. - An invariant test asserts neither handler is a mutating method. - A behavioral test drives accounts-bank-sync through runHandler with a syncAccount mock that performs its own runMutator, and fails via a timeout if the nested mutators deadlock. * [AI] Simplify deadlock regression test Collapse the two-step Promise.race into a single race result and clear the timeout timer on the success path so it doesn't linger after the test. * [AI] Remove explanatory comments from deadlock regression test * [AI] Add release note for bank sync deadlock fix * Update packages/loot-core/src/server/accounts/app-bank-sync.test.ts Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> * Update packages/loot-core/src/server/accounts/app-bank-sync.test.ts Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> * [AI] Fix desktop settings resetting after an interrupted update (#8101) * [AI] Fix desktop settings resetting after an interrupted update Desktop global prefs (language, theme, etc.) live in a single global-store.json that was written non-atomically and silently reset to {} whenever it failed to parse. An app update's forced quit can truncate the file mid-write, so the next launch wiped every global pref - the language reverted to "System default" (the OS language). - Write the store via a unique temp file + atomic rename so it is never left half-written. - Serialize writes so a slower older write can't land after and clobber a newer one. - Back up an unparseable store to .corrupt and log loudly instead of silently discarding the user's preferences. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * [AI] Reject non-object global-store contents during load JSON.parse could return a non-object (null, an array, a primitive) for parseable-but-wrong-shaped contents, which would then break store[key] access. Validate the parsed value is a plain object and route anything else through the existing back-up-and-default recovery path. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * :electron: Removed new shared array buffer warning on Electron (#8118) * removed shared array buffer warning one electron * release notes * cleanup a bit * Enhance translation contribution guidelines in i18n.md (#8113) * Enhance translation contribution guidelines in i18n.md Updated i18n.md to include new guidelines for contributing translations, account requirements, and voting on suggestions. * Update i18n.md * [AI] update contributor guidelines for AI usage (#8135) * [AI] Surface anti-slop and self-review expectations at PR time Drive-by, LLM-generated PRs (often many at once from one author) burn maintainer review time. The repo's AI usage policy already covers this, but contributors never see it in the PR flow. - Strengthen the fork-PR welcome comment to ask for a human self-review confirmation, a plain-language testing note, and AI disclosure, plus a note discouraging opening many PRs at once. - Add a "Quality Over Quantity" section to the AI usage policy naming the volume pattern and its consequences. - Add an AI-disclosure prompt and tighten the self-review item in the PR template. No mechanical CI gates on PR body content: those are trivially satisfied by the same tools that generate the slop, so the change relies on human accountability and a linkable policy instead. * [AI] Point welcome comment at the PR template instead of inline asks Replace the three "reply on this PR with" bullets with a single checklist item asking contributors to use the PR template and fill in its checkboxes, keeping the welcome comment short. * [AI] Add AI disclosure checklist item to fork PR welcome comment --------- Co-authored-by: Claude <noreply@anthropic.com> * [AI] Fix CLI server version without open budget (#8117) * [AI] fix cli server version without open budget * Remove redundant expectation in get-server-version test Remove redundant expectation for get-server-version handler call. --------- Co-authored-by: Matiss Janis Aboltins <matiss@mja.lv> * [AI] Skip posted schedule occurrences in balance forecast (#8029) * [AI] Extract schedule occurrence match start date helper Centralize the lower-bound rules for matching posted transactions to schedule dates and reuse them in getHasTransactionsQuery, including the correct 2-day lookback for recurring schedules stored with op is. * [AI] Add schedule occurrence posted matching helpers Add isScheduleOccurrencePosted with the match-start logic built in and indexPostedScheduleTransactions for efficient per-schedule lookups. * [AI] Skip posted schedule occurrences in balance forecast Skip synthetic schedule occurrences when a posted transaction already covers that date, using indexed per-schedule lookups in the forecast path. * [AI] Add release notes for balance forecast schedule dedup fix * [AI] Treat op is schedule dates as exact match start Restore master semantics: recurring schedules with op is use exact occurrence matching, not a 2-day lookback. Remove conflicting tests. * [AI] Add daily recurring forecast dedup regression test Prove daily schedules with op is do not double-count when posted on the due date, while subsequent occurrences are still forecast. * [AI] Move browser web-worker logic into loot-core (#8143) * [AI] Move browser web-worker logic into loot-core Relocate the browser Web Worker bootstrap (WorkerBridge + startBrowserBackend) and the multi-tab SharedWorker coordinator from desktop-client into loot-core so they can be reused (e.g. by the api package in a browser). Behavior is preserved as faithfully as possible. The two Vite worker entry targets stay in desktop-client (the browser-server.js classic worker and the ?sharedworker entry); the ?sharedworker entry now imports the coordinator from loot-core. console.* calls in the moved code route through loot-core's logger, except the SharedWorker console-forwarding mechanism, which must keep the real console. absurd-sql's initBackend is imported directly (loot-core already depends on absurd-sql); the desktop-client dependency was dropped. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * [AI] Rename release note to match PR number 8143 * Update release notes for Web Worker migration Removed mention of reuse by the API package in the release notes. * [AI] Drop move-related header comments per review Remove the "moved from desktop-client" header comments that only made sense in the context of this PR. worker-bridge.ts and start.ts had no header comment in the original source, so they're removed entirely; coordinator.ts's header is restored to its original wording. --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * Refresh akahu account if stale (#8115) * Refresh akahu account if stale * Update upcoming-release-notes/akahu-refresh.md * wait for the refresh to complete * check account is defined * use local variable * move into helper * increase poll delay * bump refresh interval to 1 hour * ensure only one account refresh is running at a time * [AI] Drop ACTIONS_UPDATE_TOKEN from release workflows (#8142) * [AI] Drop ACTIONS_UPDATE_TOKEN from release workflows Replace the implicit push-triggers-workflow link (which relied on the ACTIONS_UPDATE_TOKEN PAT) with an explicit workflow_run chain from "Cut release branch" to "Release notes", falling back to the built-in GITHUB_TOKEN. The PAT stays in vrt-update-apply.yml, which genuinely needs it to push to contributor forks and re-trigger their PR CI. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * [AI] Add release note for ACTIONS_UPDATE_TOKEN removal Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * Update 8142.md --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * [AI] Consolidate agent tooling and simplify developer guidance (#8089) * [AI] Replace mechanical agent rules with shared agent hooks + nano-staged Move the mechanical "remember to run X" rules out of AGENTS.md and the agent guidance docs into deterministic, cross-agent hooks, and migrate the pre-commit runner from lint-staged to nano-staged. - Add shared hook scripts in scripts/agent-hooks/ (git-guard, format-edited-file, no-strict-ignore-new-file, prefer-one-component, check-on-stop, common helpers) wired for Claude (.claude/settings.json), Codex (.codex/config.toml), and Cursor (.cursor/hooks.json + adapters). - Enforce "avoid enum" via a new actual/no-enum lint rule, grandfathering the two existing declarations in .oxlintrc.json overrides. - Migrate lint-staged -> nano-staged (.nano-staged.json, .husky/pre-commit, package.json). - Trim AGENTS.md, .github/agents/pr-and-commit-rules.md, the Cursor rule, and the committing skill down to the rules that aren't auto-enforced. - Add release note 8089.md. * [AI] Align PR-title wording in AGENTS.md with canonical rules * [AI] Fix check-on-stop hook on bash 3.2 and TSV column collapse The Stop hook silently no-op'd in two ways: - `declare -A` isn't supported on stock macOS bash 3.2, and the slash/hyphen path subscript aborted under `set -u`. Dedupe via a space-padded string match instead. - jq emitted an empty middle TSV field for a package with test but no typecheck; tab is IFS-whitespace so `read` collapsed it and shifted the columns (eslint-plugin-actual then ran neither). Emit non-empty sentinels (-, yes/no) so no field can collapse. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com> * [AI] docs(migration): expand nYNAB export with tabbed alternatives (#8155) Add CLI tool (ynab-export), YNAB API Documentation UI, and cURL as fallback export methods for when the third-party web exporter is unavailable. Converts nynab.md to MDX to support Docusaurus Tabs. Six new screenshots added for the API Documentation UI method. * merge * removed useless reexports * code review * spelling * missing feedback * code reviews --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: lelemm <lelemm@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Matiss Janis Aboltins <matiss@mja.lv> Co-authored-by: github-merge-queue <118344674+github-merge-queue@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> Co-authored-by: Mats Nilsson <matni403@gmail.com> Co-authored-by: Juulz <julesmcn@gmail.com> Co-authored-by: Sebastián Maluk <samaluk@miuandes.cl> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Joseph Coffa <josephco440@gmail.com> Co-authored-by: youngcw <calebyoung94@gmail.com> Co-authored-by: narutamaaurum <narutamaaurum@gmail.com> Co-authored-by: Henghui Zhu <2193638829@qq.com> Co-authored-by: Kyle Slattery <k@kslat.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: Michael Clark <5285928+MikesGlitch@users.noreply.github.com> Co-authored-by: Manaf <manaf.aboalrous@gmail.com> Co-authored-by: David Bettis <david.bettis@gmail.com> Co-authored-by: dzickusrh <dzickus@redhat.com> Co-authored-by: Gemini <noreply@google.com> Co-authored-by: Matiss Janis Aboltins <MatissJanis@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Kevin <36412364+KevinIsMyName@users.noreply.github.com> Co-authored-by: Alec Bakholdin <43560338+alecbakholdin@users.noreply.github.com> Co-authored-by: Stephen Brown II <Stephen.Brown2@gmail.com> Co-authored-by: yoshiboi3 <josed.hc96@gmail.com> Co-authored-by: Awais Saeed <awaissaeed530@gmail.com> Co-authored-by: Awais Saeed <dev@awaissaeed.com> Co-authored-by: Trevin Chow <trevin@trevinchow.com> Co-authored-by: Matt Farrell <10377148+MattFaz@users.noreply.github.com> Co-authored-by: kikiminyes <66829008+kikiminyes@users.noreply.github.com> Co-authored-by: Pavel Voronov <31508908+pavel1337@users.noreply.github.com> Co-authored-by: mheiland <15824364+mheiland@users.noreply.github.com> Co-authored-by: ItsThatDude <81509659+ItsThatDude@users.noreply.github.com> Co-authored-by: Julian Dominguez-Schatz <julian.dominguezschatz@gmail.com> Co-authored-by: Tifan Dwi Avianto <33323177+tifandotme@users.noreply.github.com> Co-authored-by: Tim <hello@timsmart.co> |
||
|
|
123cf1e25a |
[AI] docs: fix broken blog links and add enforce-doc-links remark plugin (#8180)
* [AI] docs: fix broken blog links and add enforce-doc-links remark plugin - Fix three docs/ pages that linked to blog posts using URL slugs instead of file paths, with an extra ../ level in the relative path - Add src/remark/enforce-doc-links.js: remark plugin that enforces link hygiene in docs/ and blog/ at build time (no absolute internal links, .md extension required, slug-style links caught via frontmatter cache) - Upgrade onBrokenMarkdownLinks from 'warn' to 'throw' so broken .md file-path links fail the build rather than being silently ignored * [autofix.ci] apply automated fixes * [AI] docs: add vfile to spell-check allowlist * [AI] docs: fix build failures from cross-plugin and absolute links - Revert docs→blog links to URL-slug style (Docusaurus cannot resolve .md file paths across content plugins — blog is a separate plugin from docs) - Fix absolute /docs/... links in two blog posts to relative URL form - Fix generate-upcoming-release-notes.mjs hardcoded /docs/releases absolute URLs to relative ./releases.md paths - Update enforce-doc-links plugin: exempt docs→blog URL-slug links from Rule 3 (cross-plugin constraint means slug URLs are the required format there); improve Rule 1 error hint to distinguish docs vs blog context * [AI] docs: fix blog→docs links to use absolute URLs Blog posts are embedded in multiple Docusaurus URL contexts (individual post, paginated list pages, tag pages), so relative URLs resolve differently per context. Blog→docs links must use absolute URLs (/docs/...) — relative URLs like ../docs/... incorrectly resolve to /blog/docs/... on list pages. Update enforce-doc-links plugin to exempt blog files from Rule 1 (absolute link check) since absolute URLs are the required format for blog→docs links. --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> |
||
|
|
87af93605c |
docs: fix docs build & broken anchors, migrate to consistent link format (#8173)
* fix broken anchors * enable build fail on broken anchors * move to relative links * Update check-spelling metadata * update style guide to match * coderabbit |
||
|
|
0ae9f91e62 |
[AI] docs(migration): expand nYNAB export with tabbed alternatives (#8155)
Add CLI tool (ynab-export), YNAB API Documentation UI, and cURL as fallback export methods for when the third-party web exporter is unavailable. Converts nynab.md to MDX to support Docusaurus Tabs. Six new screenshots added for the API Documentation UI method. |
||
|
|
360c932b5b |
docs: add Hostim to Additional Installation Options (#8066)
* docs: add Hostim to community install options Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * docs: add release note for #8066 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * docs: drop release note (not required for docs-only change) --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Co-authored-by: youngcw <calebyoung94@gmail.com> |
||
|
|
ab35bd633b |
[AI] Remove AI-generated release notes workflow and support custom filenames (#7963)
* [AI] Relax release-notes filename convention
Allow descriptive filenames (e.g. add-payee-autocomplete.md) for
upcoming release notes instead of requiring {PR_NUMBER}.md.
The PR number was only used to build the [#1234](.../pull/1234) link in
the generated changelog. The generation script now resolves the PR per
file by finding the commit that added it (git log --diff-filter=A
--follow) and querying GitHub's commits/{sha}/pulls endpoint. Numeric
filenames remain valid via a fast path.
Also retires the CodeRabbit/OpenAI-triggered auto-creator workflow,
which existed to guess summaries and stamp the PR-numbered filename;
neither is needed once contributors can pick a slug up front.
* Add release notes for PR #7963
* [AI] Use execFile to look up release-note add-commits
resolvePrNumber() interpolated a path from fs.readdir into a shell-
evaluated `git log` command. Switch to execFile with an argv array so
filenames containing shell metacharacters can't break out of the
intended command.
* [AI] Drop duplicate release note added by the to-be-removed auto-creator
The CodeRabbit-triggered workflow ran one last time from master before
this PR removes it, and committed upcoming-release-notes/7963.md
duplicating the existing relax-release-notes-filenames.md entry. Keep
the slug-named note since it exercises the new flexible-filename code
introduced in this PR.
* [AI] Don't fail release-notes generation on transient API errors
fetchPrForCommit() handled non-OK HTTP responses but let fetch() and
res.json() exceptions propagate, so a single network blip or malformed
response would abort the whole release-notes generation. Wrap them in a
try/catch that logs and returns null, matching the pattern already used
in resolvePrNumber for execFile errors.
* [AI] Address CodeRabbit full-review nits
- bin/release-note-generator.ts: tighten slug regex to reject trailing
and consecutive dashes (matching slugify output), and make slugify
fall back to "untitled" so an all-non-alphanumeric input can't
produce a hidden ".md" filename.
- packages/ci-actions/bin/release-notes-check.mjs: switch to execFile
for git fetch/diff, matching release-notes-generate.mjs and removing
shell interpolation of BASE_REF.
- packages/ci-actions/bin/release-notes-generate.mjs: explicitly check
GITHUB_REPOSITORY before splitting, consistent with the other env
var guards a few lines below.
- upcoming-release-notes/relax-release-notes-filenames.md: fix author
casing (matiss -> MatissJanis) so changelog attribution is correct.
* [AI] Reject empty release-note bodies
content.trim().split('\n').length === 1 is true for the empty string
(''.split('\n') returns [''] of length 1), so blank notes slipped past
the single-line check. Reject empty trimmed content explicitly.
* [AI] Resolve PR numbers from commit subjects instead of GitHub's API
parseReleaseNotes was doing one GitHub API round-trip per non-numeric
release-note file. That scales badly for release generation, and the
docs site's generate-upcoming-release-notes.mjs runs on every docs
build — so contributors were hitting the GitHub API (or failing 401
without a token) every time they previewed docs locally.
actualbudget squash-merges every PR through the GitHub UI, which
appends "(#NNNN)" to the resulting commit subject. So:
git log -1 --format=%s -- <path>
plus a /\(#(\d+)\)\s*$/ match recovers the PR number without touching
the network, and works offline / without a GITHUB_TOKEN.
Side effect: switched from "first commit that added this file" to
"most recent commit touching this file", which is what we actually
want — when a file is renamed (e.g. 7907.md -> 7954.md when a wrong
PR number is corrected), the changelog should point at the rename PR,
not the original add. The SHA->PR cache and fetchPrForCommit go away;
no longer needed.
If a file's subject doesn't match (direct push to master, manually
rewritten subject), the entry still emits without a PR-link prefix —
same graceful degradation as before.
* [AI] Pin PR-number lookup to each note's add commit
resolvePrNumber was using git log -1 with no diff filter, returning
the latest commit that touched the file. That's fine until someone
edits an existing release note in a follow-up PR (typo fix, author
correction) — at which point the changelog entry would suddenly
point at the wrong PR.
Add --diff-filter=A so the lookup pins to the commit that originally
added the path. Empirically verified against this repo: renames keep
working (git records a rename as A at the new path when --follow
isn't used), and the edit case now correctly returns the original
add commit instead of the most recent touch.
---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
|
||
|
|
a11793e90d |
add pikapods desktop warning (#8061)
* add pikapods desktop warning * better link * add to spelling list * more spelling |
||
|
|
1f492387b7 |
🔖 (26.6.0) (#7947)
* 🔖 (26.6.0) * Generate release notes for v26.6.0 * Generate release notes for v26.6.0 * Update check-spelling metadata * Generate release notes for v26.6.0 * add release summary * links * Generate release notes for v26.6.0 * update links * Generate release notes for v26.6.0 * Generate release notes for v26.6.0 * Generate release notes for v26.6.0 * add EB link * Add initial docs for Enable Banking (#7961) * Add initial docs for Enable Banking * Delete upcoming-release-notes/7961.md * [Docs] UI Budget automations & month-end cleanup (#7863) * Add files via upload * Create documentation for budget automation feature Added documentation for the budget automation feature, detailing its functionalities, usage, and examples. * Add files via upload * Revise budget automation documentation for clarity Updated the documentation for budget automation, enhancing clarity and consistency in the descriptions of features and options. * [autofix.ci] apply automated fixes * Update Markdown headers for budget automation section * Add files via upload * Improve formatting in budget automation documentation Updated formatting and added line breaks for better readability in the budget automation documentation. * [autofix.ci] apply automated fixes * Fix HTML line breaks in budget-automation.md Updated HTML line breaks from '</br>' to '<br>' in budget automation documentation. * Fix HTML line breaks in budget automation documentation * Fix headings and formatting in budget-automation.md Updated formatting and corrected headings in budget automation documentation. * Add budget-automation to sidebar items * Add files via upload * Add files via upload * Revise budget automation documentation Updated budget automation documentation to clarify usage of notes templates and detailed instructions for month-end cleanup processes, including named pools and weight calculations. * [autofix.ci] apply automated fixes * Refactor budget automation documentation for clarity Updated various sections for clarity and consistency, including grammar corrections and improved phrasing. * [autofix.ci] apply automated fixes * Enhance budget automation documentation Updated budget automation documentation with new blog links and improved formatting. * Fix links in budget-automation.md Updated links in the budget automation documentation to remove 'docs' prefix for consistency. * Revise budget automation documentation with updates Updated images and text for budget automation documentation, including corrections and enhancements to clarity. * Improve clarity and add save reminders in budget automation Updated wording for clarity and added reminders for saving work. * Update budget automation documentation for clarity Clarify the process of handling leftover funds in the budget automation script. * [autofix.ci] apply automated fixes * Add 'overfund' and 'overfunded' to spelling expect list * Update spelling expectations by removing 'overfunded' Removed 'overfunded' from the spelling expectations. * Add files via upload * 'overfund' to 'overfunded' First the bot tells me overfunded isn't needed if overfund is there. Now, it tells me that overfunded IS needed. I give up. * Enhance budget automation documentation Added new sections on automation adjustments, moved some sections around, added horizontal separators. * Update images and descriptions in budget automation docs * Add files via upload * Add automation notes section to budget automation docs Added a section on automation notes to document how automations, balance caps, and long-term goals can have associated notes for clarity and tracking. * Add files via upload * Update budget automation examples in documentation * Add files via upload * Apply suggestions from code review Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> * [autofix.ci] apply automated fixes * Add 'unmigrate' to spelling expectations * Improve clarity in budget automation documentation Clarified descriptions for budget automation features and improved wording for better understanding. * Correct spelling of 'unmigrate' to 'Unmigrate' They are the same and github is punking me again. * Clarify automation notes description * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Fix typos in budget-automation documentation Corrected typos and improved clarity in the budget automation documentation. --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> --------- Co-authored-by: github-merge-queue <118344674+github-merge-queue@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> Co-authored-by: Mats Nilsson <matni403@gmail.com> Co-authored-by: Juulz <julesmcn@gmail.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> |
||
|
|
c9c2d502d0 |
[Docs] UI Budget automations & month-end cleanup (#7863)
* Add files via upload * Create documentation for budget automation feature Added documentation for the budget automation feature, detailing its functionalities, usage, and examples. * Add files via upload * Revise budget automation documentation for clarity Updated the documentation for budget automation, enhancing clarity and consistency in the descriptions of features and options. * [autofix.ci] apply automated fixes * Update Markdown headers for budget automation section * Add files via upload * Improve formatting in budget automation documentation Updated formatting and added line breaks for better readability in the budget automation documentation. * [autofix.ci] apply automated fixes * Fix HTML line breaks in budget-automation.md Updated HTML line breaks from '</br>' to '<br>' in budget automation documentation. * Fix HTML line breaks in budget automation documentation * Fix headings and formatting in budget-automation.md Updated formatting and corrected headings in budget automation documentation. * Add budget-automation to sidebar items * Add files via upload * Add files via upload * Revise budget automation documentation Updated budget automation documentation to clarify usage of notes templates and detailed instructions for month-end cleanup processes, including named pools and weight calculations. * [autofix.ci] apply automated fixes * Refactor budget automation documentation for clarity Updated various sections for clarity and consistency, including grammar corrections and improved phrasing. * [autofix.ci] apply automated fixes * Enhance budget automation documentation Updated budget automation documentation with new blog links and improved formatting. * Fix links in budget-automation.md Updated links in the budget automation documentation to remove 'docs' prefix for consistency. * Revise budget automation documentation with updates Updated images and text for budget automation documentation, including corrections and enhancements to clarity. * Improve clarity and add save reminders in budget automation Updated wording for clarity and added reminders for saving work. * Update budget automation documentation for clarity Clarify the process of handling leftover funds in the budget automation script. * [autofix.ci] apply automated fixes * Add 'overfund' and 'overfunded' to spelling expect list * Update spelling expectations by removing 'overfunded' Removed 'overfunded' from the spelling expectations. * Add files via upload * 'overfund' to 'overfunded' First the bot tells me overfunded isn't needed if overfund is there. Now, it tells me that overfunded IS needed. I give up. * Enhance budget automation documentation Added new sections on automation adjustments, moved some sections around, added horizontal separators. * Update images and descriptions in budget automation docs * Add files via upload * Add automation notes section to budget automation docs Added a section on automation notes to document how automations, balance caps, and long-term goals can have associated notes for clarity and tracking. * Add files via upload * Update budget automation examples in documentation * Add files via upload * Apply suggestions from code review Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> * [autofix.ci] apply automated fixes * Add 'unmigrate' to spelling expectations * Improve clarity in budget automation documentation Clarified descriptions for budget automation features and improved wording for better understanding. * Correct spelling of 'unmigrate' to 'Unmigrate' They are the same and github is punking me again. * Clarify automation notes description * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Fix typos in budget-automation documentation Corrected typos and improved clarity in the budget automation documentation. --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> |
||
|
|
ecfe43fdda |
split release into two branches (#7844)
* split release into two branches * update docs to match the new process * note * zizmor comment * Update check-spelling metadata * use single long lived release branch * coderabbit * jfdoming suggestions |
||
|
|
62d7c0e479 |
[AI] zizmor: fix template injection in setup action's Lage cache step (#7858)
* [AI] Fix template injection in setup action's Lage cache step
The 'Ensure Lage cache directory exists' step expanded
${{ inputs.working-directory }} directly into the shell command via
format(), which zizmor flags as a code-injection risk. Pass the input
through an env var and reference it with shell expansion instead.
* [AI] Add release note for template injection fix
* [AI] Rename release note to match PR #7858
---------
Co-authored-by: Claude <noreply@anthropic.com>
|
||
|
|
d3e7c1ee87 |
Fix some issues caught by zizmor (#7826)
* Fix some issues caught by zizmor * Add release notes * Add more cache ignores * Add comments on reasoning |
||
|
|
fb95d4c92d |
[AI] Document Dev Container option in development-setup docs (#7729)
* [AI] Document Dev Container option in development-setup docs * [AI] Add release notes for #7729 * [AI] Update spell-check dictionary for Codespaces |
||
|
|
852b95524b |
[AI] Revert crypto.randomUUID back to uuid library (#7734)
* [AI] Revert crypto.randomUUID back to uuid library
Partial revert of #7529. Restores the `uuid` package dependency in
api, crdt, desktop-client, loot-core, and sync-server, swapping every
`crypto.randomUUID()` call introduced by that PR back to `uuidv4()`
(and the `uuid()` alias in RuleEditor.tsx and ruleUtils.ts where it
was previously used). The lint rule, docs entry, and `vi.mock('uuid')`
test setup are restored as well. The `fs-extra` removals in
desktop-electron from the same PR are left in place.
https://claude.ai/code/session_01KTg1g416Jdjf5feGke8MQw
* Add release notes for PR #7734
* [check-spelling] Update metadata
Update for https://github.com/actualbudget/actual/actions/runs/25480733101/attempts/1
Accepted in https://github.com/actualbudget/actual/pull/7734#issuecomment-4394811498
Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com>
on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev>
* [AI] Use the uuidv4 alias in RuleEditor and ruleUtils
The previous commit preserved the `v4 as uuid` alias in these two files
to match their pre-#7529 state, but the project convention (and lint
rule message) is `v4 as uuidv4`. CodeRabbit flagged the inconsistency,
so normalize the alias and call sites in both files.
https://claude.ai/code/session_01KTg1g416Jdjf5feGke8MQw
* [AI] Pin uuid to ^11.1.0 to fix Electron e2e
uuid v13 is ESM-only (no CJS entry, only an exports map with `node` and
`default` conditions both pointing to ESM files). The Electron backend is
bundled as CJS by `loot-core/vite.desktop.config.mts` and loaded via a
dynamic `await import(process.env.lootCoreScript!)` in the
desktop-electron utilityProcess; that pipeline appears to fall over on
the ESM-to-CJS transform of uuid v13 in Vite 8 / rolldown, which makes
the Functional Desktop App e2e job fail consistently while every other
check (web e2e, VRT, unit tests, lint, typecheck) passes.
uuid v11 still ships `dist/cjs/index.js`, so pinning each workspace's
uuid range to ^11.1.0 sidesteps the resolution path entirely. The API
is unchanged (`v4` is still the same export), so no source-code changes
are needed.
https://claude.ai/code/session_01KTg1g416Jdjf5feGke8MQw
* [AI] Capture Electron stdout/stderr in desktop e2e fixture (TEMP DEBUG)
Pipe the Electron main+utility process stdout/stderr into both the
playwright runner stderr and an electron.log file inside the test's
output directory. This makes the actual backend error visible in the
Functional Desktop App job output and in the desktop-app-test-results
artifact.
Will be reverted once the failure cause is identified.
https://claude.ai/code/session_01KTg1g416Jdjf5feGke8MQw
* Revert "[AI] Capture Electron stdout/stderr in desktop e2e fixture (TEMP DEBUG)"
This reverts commit
|
||
|
|
f68e4fbb2a |
Updated API Documentation for Splitting Transactions (#7593)
* Updated API Documentation for Splitting Transactions * Update check-spelling metadata * Updated category name in example * Update packages/docs/docs/api/reference.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Fixed documentation to CodeRabbits feedback * Update packages/docs/docs/api/reference.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Updated wording of reference document --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: youngcw <calebyoung94@gmail.com> |
||
|
|
c2987af64f | fix lint (#7643) | ||
|
|
1c97388654 |
[AI] Consolidate npm release and nightly publishing into one workflow (#7583)
* [AI] Unify npm release and nightly publish workflows Agent-Logs-Url: https://github.com/actualbudget/actual/sessions/3f8de051-a9a7-4527-88d8-5c44bc06a562 Co-authored-by: jfdoming <9922514+jfdoming@users.noreply.github.com> * [AI] Harden unified npm publish workflow conditionals Agent-Logs-Url: https://github.com/actualbudget/actual/sessions/3f8de051-a9a7-4527-88d8-5c44bc06a562 Co-authored-by: jfdoming <9922514+jfdoming@users.noreply.github.com> * [AI] Clarify nightly install step and add concise release note Agent-Logs-Url: https://github.com/actualbudget/actual/sessions/af3d68aa-d217-47be-addb-1b40b08f533b Co-authored-by: jfdoming <9922514+jfdoming@users.noreply.github.com> * [AI] Revert release note edit and make npm publish workflow ACT-compatible (#7584) * Initial plan * [AI] Revert release note edit and validate workflow with act Agent-Logs-Url: https://github.com/actualbudget/actual/sessions/df98a192-197a-4df4-a804-80b69116f742 Co-authored-by: jfdoming <9922514+jfdoming@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: jfdoming <9922514+jfdoming@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: jfdoming <9922514+jfdoming@users.noreply.github.com> |
||
|
|
29275a573d |
Run zizmor auto-fix tool (#7533)
* Run `zizmor` auto-fix tool * Add release notes * Enable credential persistence for string extraction Updated workflow to allow pushing extracted strings. * Enable credential persistence for release notes Enable credential persistence to allow committing release notes. |
||
|
|
f8d5d38d0a | Skip release notes generation for docs-only PRs (#6815) | ||
|
|
eac26fa4ef |
Remove duplicate excludes.txt entry (#7499)
* Remove duplicate excludes.txt entry Remove package-lock.json from spelling exclusions * Add release notes for PR #7499 * Fix duplicate exclusion in spelling checks --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> |
||
|
|
c4f3fb0b93 |
[AI] Fix type errors for API consumers by shipping .d.ts declarations (#7468)
* [AI] Fix type errors for API consumers by shipping .d.ts declarations from loot-core Downstream consumers of @actual-app/api with strict: true get type errors because @actual-app/core exports raw .ts source files. Consumers' tsc follows the import chain into core's source (compiled with strict: false), and skipLibCheck doesn't help since it only skips .d.ts files. Add "types" conditions to all imports/exports entries in loot-core's package.json, pointing to the pre-built declarations in lib-dist/decl/. Add .npmignore to include lib-dist/decl/ in the published package. Fixes #7410 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * [AI] Use prepack/postpack scripts instead of inflating package.json Replace the inline "types" conditions in imports/exports with a prepack script that adds them at pack/publish time. This keeps the checked-in package.json clean while still shipping .d.ts declarations to npm consumers. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * [AI] Convert prepack/postpack scripts to TypeScript Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * [AI] Add release notes for #7468 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * [AI] Fix recursive ExportValue type and remove redundant comment Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * [AI] Rename scripts to .mts and inline types conditions Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * [AI] Make backup/restore scripts safer - Check if backup exists before creating it in prepack - Make restore idempotent by checking if backup exists in postpack - Prevents overwriting existing backups from interrupted runs - Addresses CodeRabbit review feedback Co-authored-by: Matiss Janis Aboltins <MatissJanis@users.noreply.github.com> * [AI] Type api-handlers.ts fields to drop implicit any The `fields` / export-args slots in the ApiHandlers contract were untyped, surfacing as TS7008 errors in strict consumers. Replace them with the `Partial<APIXxxEntity>` shapes the `@actual-app/api` wrappers already pass, and annotate the matching call sites in `api.ts` with `@ts-expect-error` where the legacy helpers still declare full-entity parameters despite accepting partial updates at runtime. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * [AI] Replace vite-plugin-dts with tsgo for api types Drops vite-plugin-dts in favor of running tsgo --emitDeclarationOnly after the vite bundle, eliminating a heavy dev dependency tree (api-extractor, volar, vue language-core) from the api package build. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * [AI] Add build script to loot-core to emit declarations via lage `yarn build:cli` failed in CI with TS6305 because api's `tsgo --emitDeclarationOnly` depends on loot-core's pre-built `lib-dist/decl/*.d.ts`, but loot-core had no `build` script, so lage's `^build` cascade silently skipped it. Add `"build": "tsgo -b"` so loot-core slots into the dependency chain; its tsconfig already has `emitDeclarationOnly: true`, so the output is declarations only. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Simplify API build * [AI] Document TypeScript moduleResolution requirement for @actual-app/api The published declarations rely on package.json exports conditions, which classic node / node10 resolvers don't honor. Document the supported modes (bundler / nodenext / node16) in the package README and in the Getting Started section of the API docs. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * [AI] Type-guard default value in add-types-conditions prepack `value.default` is typed `ExportValue | undefined`, which allows nested conditional objects. The previous truthy check fell through to `shouldSkip(defaultValue)` and would crash on `.endsWith()` if that shape ever appeared. Replace with a `typeof === 'string'` narrowing and drop a now-redundant "Insert types as the first key" comment. No runtime change on current package.json — no nested `default` values exist today — but the script is not covered by loot-core's tsconfig include, so the latent type issue was silent. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * [AI] Allow "nodenext" in docs spellcheck expect list Referenced in the new TypeScript moduleResolution note in the API docs. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * [AI] Move loot-core declarations to @types and whitelist publish with files Relocate loot-core's composite TypeScript output from lib-dist/decl to the top-level @types directory, matching the api package's convention. Replace the old .npmignore blacklist with an explicit package.json files whitelist. - tsconfig.json: outDir @types, exclude test/mock dirs from decl emission - scripts/add-types-conditions.mts: rewrite paths to ./@types/src/... - package.json: files whitelist shipping only src, @types, migrations, typings, default-db.sqlite; drop legacy typesVersions (docs now require moduleResolution bundler/nodenext/node16, so the classic-resolution fallback is unused) - .gitignore: ignore the new @types build artifact - lage.config.js: factor outputGlob into a shared BUILD_OUTPUT_GLOBS constant and add @types/** so lage caches loot-core's decl output - root tsconfig.json: tighten exclude from packages/api/@types to packages/*/@types to cover both api and loot-core - delete .npmignore entirely Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * [AI] Build loot-core declarations inside prepack yarn workspace @actual-app/core pack is the first non-setup step in the publish workflow, running before any build. Without a build chained into prepack the @types/ tree is empty at pack time, so the tarball shipped a transformed package.json pointing at ./@types/src/... paths that didn't exist. npm publish doesn't re-run hooks on a pre-packed tarball, so the frozen snapshot must be self-contained; prepack now runs yarn build first to populate @types/ before add-types-conditions rewrites the exports. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: Matiss Janis Aboltins <MatissJanis@users.noreply.github.com> |
||
|
|
db72948d7c |
change release process to use a branch and add automation (#7418)
* release automation * note * harden tokens for release notes workflow * fix yarn install on release notes check * amend release docs * address coderabbit * change back to auto version resolution * more coderabbit * clarify a poorly worded comment * drop cherry pick workflows * fix docker tag * coderabbit * drop `v` from release branch name Co-authored-by: Matiss Janis Aboltins <matiss@mja.lv> * simplify release note workflows --------- Co-authored-by: Matiss Janis Aboltins <matiss@mja.lv> |
||
|
|
d76d7d3204 |
Security hardening: validate release notes and workflow inputs (#7448)
* [AI] Harden GitHub Actions workflows against low-severity security issues - generate-release-pr.yml: replace `eval` with an associative array for per-package version tracking. The version input was already moved to an env var in #7433, so this removes the remaining defense-in-depth concern of `eval`ing subshell output. - create-release-notes-file.js: validate the OpenAI-returned category against the known allow-list (Features, Bugfixes, Enhancements, Maintenance), validate the author against the GitHub username regex, and collapse the summary to a single line before embedding it in the markdown body. Prevents indirect prompt-injection via CodeRabbit comments from producing malformed YAML frontmatter. - generate-summary.js: stop logging the full CodeRabbit comment body to CI logs. - netlify-release.yml, i18n-string-extract-master.yml: pass secrets via `env:` blocks rather than as CLI arguments, so they do not appear in argv / process listings. https://claude.ai/code/session_012pZSkUBbabmmuaxbwysW33 * Add release notes for PR #7448 * [AI] Address review feedback on security hardening - create-release-notes-file.js: stop logging the full fileContent body. Only log the target filename plus the (already-validated) category and author metadata, so the model-generated release-note text doesn't end up in CI logs. - create-release-notes-file.js: validate summaryData.prNumber as a positive integer before using it in the file path or commit message, and switch both usages to the validated numeric value. - i18n-string-extract-master.yml: write the Weblate API key into ~/.config/weblate under a [keys] section in a new "Configure Weblate API credentials" step, then drop the per-step env blocks and the --key CLI flag from every wlc invocation so the secret is no longer visible in process listings at all. https://claude.ai/code/session_012pZSkUBbabmmuaxbwysW33 * [AI] Remove debug console.log statements for category in release notes script Remove the four "Debug - ..." console.log calls that printed the raw category env var (value/type/JSON-stringified form) plus the cleanCategory value. They were clutter in CI logs; the existing info-level "Creating release notes file: ... (category: ..., author: ...)" log already surfaces the sanitized category. https://claude.ai/code/session_012pZSkUBbabmmuaxbwysW33 --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> |
||
|
|
5009f01218 |
generate docs from release notes directly (#7408)
* move workflows to use the local actions * generate docs from release notes directly * note * fix create PR workflow from SHA |
||
|
|
d42f6c7437 |
improve release notes actions (#7407)
* consolidate find-comment, post-comment into single action * use release notes in current branch for both generation and deletion * note |
||
|
|
bb7d7275a6 |
migrate actualbudget/actions to the main repo (#7406)
* migrate release note actions * move workflows to use the local actions * note * fix failing cleanup in release notes action * fix codeQL violation |
||
|
|
64b2d9b31a |
[Docs] Tour: Update reports, payees, schedules and rules pages. (#7405)
* Improve clarity of reports documentation Revised descriptions for built-in and custom reports for clarity and conciseness. * Revise schedules documentation for clarity and conciseness * Update payees management documentation for clarity * Update wording and formatting in rules documentation * Fix formatting issue in schedules.md * Clarify Payees management overview Revised the description to clarify the overview of Payees management. * [autofix.ci] apply automated fixes * Fix hyphenation in reports documentation * [autofix.ci] apply automated fixes * Update packages/docs/docs/tour/reports.md Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> * Apply suggestions from code review Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> * Update transaction rule example in documentation * Apply suggestions from code review Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * [autofix.ci] apply automated fixes * Add 'PAYPAL' to spelling expectations --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> |
||
|
|
a12b971670 |
🔖 (26.4.0) (#7389)
* bump versions * Remove used release notes * add docs pages * Update check-spelling metadata * bump cli * change release date --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> |
||
|
|
cded36f083 |
docs: update formulas.md for BUDGET_QUERY and QUERY_EXTRACT functions (#7244)
* docs: update formulas.md for BUDGET_QUERY and QUERY_EXTRACT functions * [autofix.ci] apply automated fixes * update spellings --------- Co-authored-by: sys044 <tomgriffin@localhost> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> |
||
|
|
a43b6f5c47 |
[AI] Experimental CLI tool for Actual (#7208)
* [AI] Add @actual-app/cli package New CLI tool wrapping the full @actual-app/api surface for interacting with Actual Budget from the command line. Connects to a sync server and supports all CRUD operations across accounts, budgets, categories, transactions, payees, tags, rules, schedules, and AQL queries. * Refactor CLI options: replace `--quiet` with `--verbose` for improved message control. Update related configurations and tests to reflect this change. Adjust build command in workflow for consistency. * Refactor tests: streamline imports in connection and accounts test files for improved clarity and consistency. Remove dynamic imports in favor of static imports. * Enhance package.json: Add exports configuration for module resolution and publish settings. This includes specifying types and default files for better compatibility and clarity in package usage. * Update package.json exports configuration to support environment-specific module resolution. Added 'development' and 'default' entries for improved clarity in file usage. * Enhance CLI functionality: Update configuration loading to support additional search places for config files. Refactor error handling in command options to improve validation and user feedback. Introduce new utility functions for parsing boolean flags and update related commands to utilize these functions. Add comprehensive tests for new utility functions to ensure reliability. * Update CLI TypeScript configuration to include Vitest globals and streamline test imports across multiple test files for improved clarity and consistency. * Update CLI dependencies and build workflow - Upgrade Vite to version 8.0.0 and Vitest to version 4.1.0 in package.json. - Add rollup-plugin-visualizer for bundle analysis. - Modify build workflow to prepare and upload CLI bundle stats. - Update size comparison workflow to include CLI stats. - Remove obsolete vitest.config.ts file as its configuration is now integrated into vite.config.ts. * Enhance size comparison workflow to include CLI build checks and artifact downloads - Added steps to wait for CLI build success in both base and PR workflows. - Included downloading of CLI build artifacts for comparison between base and PR branches. - Updated failure reporting to account for CLI build status. * Update documentation to replace "CLI tool" with "Server CLI" for consistency across multiple files. This change clarifies the distinction between the command-line interface for the Actual Budget application and the sync-server CLI tool. * Refactor configuration to replace "budgetId" with "syncId" across CLI and documentation * Enhance configuration validation by adding support for 'ACTUAL_ENCRYPTION_PASSWORD' and implementing a new validation function for config file content. Update documentation to clarify error output format for the CLI tool. * Enhance configuration tests to include 'encryptionPassword' checks for CLI options and environment variables, ensuring proper priority handling in the configuration resolution process. * Update nightly versioning script to use yarn * Align versions --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
|
1f821d2849 |
⬆️ bump github actions (#7234)
* actions/setup-node * actions/cache * actions/checkout * docker/* * actions/*-artifact * actions/stale * others * note |
||
|
|
448da13cf5 |
Move migrations script to typescript (#7075)
* Move migrations script to typescript * Add release notes * Setup * Fix * PR feedback * Make imports work as expected * Rabbit |
||
|
|
3797cff716 |
[AI] Skip AI-generated release notes for release/ branch PRs (#7107)
* Initial plan * [AI] Make AI-generated release notes not run on release/ branches Co-authored-by: jfdoming <9922514+jfdoming@users.noreply.github.com> * [AI] Use explicit startsWith(github.head_ref) if conditions instead of JS changes Co-authored-by: jfdoming <9922514+jfdoming@users.noreply.github.com> * Delete extra condition * Add release notes for PR #7107 * [autofix.ci] apply automated fixes * FIx note * Add head branch information to PR details * Refactor conditions for release notes generation * Sec --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: jfdoming <9922514+jfdoming@users.noreply.github.com> Co-authored-by: Julian Dominguez-Schatz <julian.dominguezschatz@gmail.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> |
||
|
|
f9e09ca59b |
🔖 (26.3.0) (#7097)
* 🔖 (26.3.0) * Remove used release notes * Add release notes for PR #7097 * Remove used release notes * Remove used release notes * Add release notes for version 26.3.0 * Add new terms to spelling expectation list * Fix spelling and capitalization in release notes Corrected spelling of 'reorganisation' to 'reorganization' and updated 'coderabbit' to 'CodeRabbit' for consistency. * Update patterns.txt to allowlist 'CodeRabbit' Add 'CodeRabbit' to allowlist of proper nouns. * Clarify chart theming support in release notes Updated the release notes to specify bar/pie chart theming support and added details about theme variables for customization. * Remove 'CodeRabbit' from spelling expectations * Refactor release notes and improve formatting Reorganize release notes for clarity and update content. * Create 2026-03-02-release-26-3-0.md * Change release date to 2026-03-02 Updated the release date for version 26.3.0. * Update release notes for version 26.3.0 --------- Co-authored-by: jfdoming <9922514+jfdoming@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Julian Dominguez-Schatz <julian.dominguezschatz@gmail.com> |
||
|
|
0472211925 |
[AI] lint: await-thenable, no-floating-promises (#6987)
* [AI] Desktop client, E2E, loot-core, sync-server and tooling updates Co-authored-by: Cursor <cursoragent@cursor.com> * Refactor database handling in various modules to use async/await for improved readability and error handling. This includes updates to database opening and closing methods across multiple files, ensuring consistent asynchronous behavior. Additionally, minor adjustments were made to encryption functions to support async operations. * Refactor sync migration tests to utilize async/await for improved readability. Updated transaction handling to streamline event expectations and cleanup process. * Refactor various functions to utilize async/await for improved readability and error handling. Updated service stopping, encryption, and file upload/download methods to ensure consistent asynchronous behavior across the application. * Refactor BudgetFileSelection component to use async/await for onSelect method, enhancing error handling and readability. Update merge tests to utilize async/await for improved clarity in transaction merging expectations. * Refactor filesystem module to use async/await for init function and related database operations, enhancing error handling and consistency across file interactions. Updated tests to reflect asynchronous behavior in database operations and file writing. * Fix typo in init function declaration to ensure it returns a Promise<void> instead of Proise<void>. * Update VRT screenshots Auto-generated by VRT workflow PR: #6987 * Update tests to use async/await for init function in web filesystem, ensuring consistent asynchronous behavior in database operations. * Update VRT screenshot for payees filter test to reflect recent changes * [AI] Fix no-floating-promises lint error in desktop-electron Wrapped queuedClientWinLogs.map() with Promise.all and void operator to properly handle the array of promises for executing queued logs. Co-authored-by: Matiss Janis Aboltins <MatissJanis@users.noreply.github.com> * Refactor promise handling in global and sync event handlers * Update VRT screenshots Auto-generated by VRT workflow PR: #6987 --------- Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Matiss Janis Aboltins <MatissJanis@users.noreply.github.com> |
||
|
|
0d6742664b |
🔖 (26.2.0) (#6837)
* 🔖 (26.2.0) * Remove used release notes * docs pages * s/flathub/Flathub * s/coderabbit/CodeRabbit * allowlist --------- Co-authored-by: matt-fidd <81489167+matt-fidd@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk> |
||
|
|
49d583e4ad |
docs: add ANZ Plus Bank to community repos (#6785)
* docs: add ANZ Plus Bank to community repos Added ANZ Plus Bank to the Community Repos page. Link(s): https://github.com/spydisec/PDFtoOFX/ Short summary: Convert ANZ Plus bank statement PDFs to OFX format for seamless import into Actual Budget and other personal finance applications. Placement: https://actualbudget.org/docs/community-repos/ * Update packages/docs/docs/community-repos.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Fix typo in ANZ Plus bank converter description * chore: update docs spelling allowlist --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> |
||
|
|
e79d91b000 |
Change 'Bugfix' -> 'Bugfixes' in release notes (#6707)
* Change 'Bugfix' -> 'Bugfixes' * Add release notes for PR #6707 --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> |
||
|
|
84a1d12dae |
Remove duplicate spelling check (#6691)
* Remove duplicate spelling check * Correct Flathub store capitalization in release notes * Fix typo in Flathub store automation entry * Add release notes for PR #6691 --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> |
||
|
|
5d82435700 |
Restrict AI-generated release notes workflow to PRs targeting master branch (#6622)
* Initial plan * Add release notes for PR #6622 * Update release-notes workflow to only trigger for PRs against master Co-authored-by: MatissJanis <886567+MatissJanis@users.noreply.github.com> * Fix: Apply branch filter to AI release notes workflow instead of check workflow Co-authored-by: MatissJanis <886567+MatissJanis@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: MatissJanis <886567+MatissJanis@users.noreply.github.com> |
||
|
|
30953d3d9f |
Add Wallos schedule importer to community repos (#6585)
* Add Wallos schedule importer to community repos Added a new entry for Wallos schedule importer with a brief description. * Add Wallos to expected words |
||
|
|
9e7a4cde36 |
Remove ESLint and complete migration to oxlint (#6584)
* Remove ESLint and migrate fully to oxlint * Add release notes for PR #6584 --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> |
||
|
|
f1faf45659 |
lint: move last remaining native eslint rules to oxlint (create new alternatives) (#6468)
* lint: clean up unnecessary config and disables * fix: update package import path in browser preload script * lint: create custom ESLint rules for rules not in oxlint - Add object-shorthand-properties rule (replaces object-shorthand) - Add prefer-const rule (replaces prefer-const) - Add no-anchor-tag rule (replaces no-restricted-syntax for <a> tags) - Add no-react-default-import rule (replaces no-restricted-syntax for React.*) These custom rules are needed because oxlint doesn't support these rules yet. All rules are properly tested and integrated into the ESLint config. * refactor: enhance prefer-const rule to track variable reassignments by scope - Introduced a mapping of scopes to reassigned variable names, improving the accuracy of the prefer-const rule. - Added helper functions to determine variable scopes and reassignment status. - Updated logic to check variable reassignments during declaration analysis. - Adjusted test cases to reflect changes in variable handling. |
||
|
|
88fbfe7078 |
docs: add guidance on avoiding Nginx header collisions for COOP/COEP (#6477)
* fix-nginx-header-collision Added a note on Cross-Origin Isolation and header collisions for Nginx configuration, including a sample Nginx configuration to prevent header duplication. * Fix formatting of headers in NGINX documentation * Add new terms to spelling expectations * Fix placement of 'COOP' in expect.txt * Update reverse-proxies.md doc display |
||
|
|
47ffa61f75 |
🔖 (26.1.0) (#6520)
* 🔖 (26.1.0) * Trigger CI * Remove used release notes * Add release notes for version 26.1.0 This commit introduces the release notes for version 26.1.0, highlighting notable improvements such as currency display in the budget, mobile schedules functionality, link detection in transaction notes, and an extension of historical data. The release also includes various enhancements, bug fixes, and maintenance updates, acknowledging contributions from multiple developers. * Update spelling expectations and release notes for version 26.1.0 This commit adds new terms to the spelling expectations file and updates the release notes to reflect changes in the documentation, including formatting improvements for clarity. Notable contributions from various developers are acknowledged. * Add new terms to spelling expectations file This commit updates the spelling expectations by adding new terms, enhancing the accuracy of the documentation spell-checking process. The changes include the addition of 'jws' and 'oxc' to the list of expected terms. * Update release notes for version 26.1.0 to include Flathub availability for Linux users * Update release notes to reflect Docker tag for version 26.1.0 in documentation --------- Co-authored-by: MatissJanis <886567+MatissJanis@users.noreply.github.com> Co-authored-by: Matiss Janis Aboltins <matiss@mja.lv> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> |
||
|
|
a7ab3f375e |
Release notes newline fix (#6492)
* Refactor: Remove trailing newline from release notes file Co-authored-by: matiss <matiss@mja.lv> * Fix template string for release notes summary * Add release notes for PR #6492 * [autofix.ci] apply automated fixes * Add finishing_touches section to config --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> |