Files
actual/upcoming-release-notes/8316.md
lelemm b054e9a013 Bank Sync Provider per budget file [1/3] - Sync server - Add file-scoped bank sync secrets (#8316)
* First PR for secrets per file

* md

* Code Review

* Code rabbit code review

* Removed migration (new column) in favor of string concatenation

* automation UI: reference schedule by ID not name (#8308)

* schedule by id

* migrate schedule indicators

* add tests

* update release note

* fix loading states

* [AI] feat(budget analysis report): Add Balance & Category selector (#8162)

* [AI] feat(budget-report): add balance-only view mode

Add a 'Balance only' toggle to the Budget Analysis report that hides the
Budgeted, Spent, and Overspending Adjustment series and renders the balance
as a plain line chart, similar to the Net Worth graph.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* [AI] fix(budget-report): always display ending balance for consistent header spacing

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* [AI] feat(budget-report): replace balance toggle buttons with series dropdown

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* [AI] fix(budget-report): capitalize Categories in balance mode dropdown

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* [AI] fix(budget-report): fix test imports and lint errors in BudgetAnalysisGraph test

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: added in release note

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

* [AI] Fix Age of Money report widget title not saving correctly (#8320)

* [AI] Fix Age of Money report widget title not saving correctly

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* [AI] Use mutateAsync to properly await mutations in AgeOfMoney widget

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix flaky vrt by increasing timeout (#8323)

* fix test

* note

* Update docs with Actuali iOS app (#8324)

* Update docs with Actuali iOS app

* Update packages/docs/docs/community-repos.md

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

---------

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

* Initial payee location documentation (#8241)

* Initial payee location documentation

* Move to dedicated experimental section

Based on PR feedback

* [AI] feat(budget analysis report): show hidden categories (#8164)

* [AI] feat(budget-report): add toggle to include hidden categories

Add a 'Show hidden categories' button that includes hidden expense
categories in the Budget Analysis report. This prevents historic data
from being misrepresented when a category (e.g. a car fund) is hidden.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* [AI] feat(budget-report): replace hidden categories button with icon toggle

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* [AI] fix(budget-analysis): use correct package alias in test import

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: added in release note

* [AI] refactor(budget-analysis): extract isBaseCategory helper and reuse in tests

Assisted-by: ClaudeCode:claude-sonnet-4-6

* [AI] feat(budget-report): clarify hidden categories toggle state

Replace the ambiguous icon-only toggle with a highlighted active state
and explicit click-to-show/hide tooltip text so the current selection is
clear. Add aria-pressed for accessibility.

Assisted-by: ClaudeCode:claude-opus-4.8

* [AI] feat(budget-report): consolidate chart options into Options dropdown menu

Replace the separate chart-type icon toggle, balance/category Select dropdown,
and hidden-categories eye icon with a single Options popover (Popover + Menu)
matching the pattern used by other reports (Sankey). The menu contains:
- Switch to line/bar chart
- Show balance (toggle)
- Show categories (toggle, replaces balanceOnly)
- Show hidden categories (toggle)

Also rebases onto upstream/master to incorporate the balanceOnly/Select
changes from #8162 before consolidating them.

Assisted-by: ClaudeCode:claude-sonnet-4-6

* [AI] fix(budget-report): use static 'Bar chart' toggle in Options menu for i18n

Replace the dynamic 'Switch to line/bar chart' string with a static
'Bar chart' label and a boolean toggle (on = bar, off = line), matching
the toggle pattern used by other menu items and making the string
straightforward to translate.

Assisted-by: ClaudeCode:claude-sonnet-4-6

* Enhance budget analysis report with dropdown options

Introduced a dropdown to group options and added the ability to show hidden categories in the budget analysis report.

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

* update release process (#8334)

* [AI] Add cross-platform hook adding 🤖 emoji to comments (#8331)

* [AI] Add cross-platform hook keeping GitHub comments/issues in Chinese or pirate voice

Adds a shared agent hook that requires anything an agent posts to GitHub
(PR/issue comments, PR reviews, created issues) to be written in 简体中文
(preferred) or, failing that, a fun pirate voice — never plain English.

- scripts/agent-hooks/github-comment-style.sh: shared guard. Reads
  tool_input.body/.title, allows CJK or pirate-flavoured text, blocks plain
  English via exit 2. Fails open on malformed payloads.
- Wired for Claude (.claude/settings.json PreToolUse), Codex
  (.codex/config.toml PreToolUse) and Cursor (beforeMCPExecution adapter).
- Documents the rule in AGENTS.md, the canonical pr-and-commit-rules.md and
  the Cursor rule so platforms without hook support apply it manually.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Lqu3eZi5djm2cPAEm3yVht

* [AI] Use a slug for the release-note filename; document slug naming in AGENTS.md

Release-note filenames don't need to be the PR number — a short descriptive
slug works too (the PR link is resolved at release time). Rename the new note
accordingly and note this in AGENTS.md's directory reference.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Lqu3eZi5djm2cPAEm3yVht

* [autofix.ci] apply automated fixes

* [AI] Auto-label PRs with Chinese descriptions as "ai spam" via CodeRabbit

Add a CodeRabbit labeling instruction (auto_apply_labels is already on) that
applies the "ai spam" label when a PR description contains Chinese/CJK
characters — a strong signal of AI-generated spam for this English-language
project.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Lqu3eZi5djm2cPAEm3yVht

* [AI] Exempt CodeRabbit-addressed comments from the Chinese/pirate voice hook

CodeRabbit parses its commands (@coderabbitai review/resolve/etc.) as plain
English, so the github-comment-style guard now skips any comment mentioning
@coderabbitai / @coderabbit instead of forcing it into Chinese or pirate.
Documented the exception in the canonical and Cursor rule files.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Lqu3eZi5djm2cPAEm3yVht

* [AI] Key CodeRabbit voice exemption on authorship, not mentions

The hook only ever runs on the agent's own outgoing comments, so CodeRabbit's
own comments are already out of scope (it posts under its own identity). Drop
the @coderabbitai mention bypass — a comment merely name-dropping the bot is
still the agent's prose and must follow the Chinese/pirate rule, closing an
easy plain-English bypass. Docs updated to match.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Lqu3eZi5djm2cPAEm3yVht

* [AI] Pin CodeRabbit reviews to English

CodeRabbit was reading AGENTS.md / pr-and-commit-rules.md (which ask
contributors to comment in Chinese/pirate) and applying that to its own
reviews, posting them in Chinese. Set `language: en-US` and `tone_instructions`
so the bot's own reviews, summaries and replies stay in English; the
Chinese/pirate rule is for contributor/agent comments, not CodeRabbit.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Lqu3eZi5djm2cPAEm3yVht

* [AI] Replace Chinese/pirate comment voice with a robot-emoji prefix

Scrap the 简体中文/pirate voice scheme (and its CodeRabbit language override and
Chinese-based "ai spam" label) in favour of one simple rule: every GitHub
comment, review or issue an agent posts must be prefixed with 🤖. The shared
guard now blocks any body — or, for issues, title — that doesn't start with the
robot emoji; docs and per-platform wiring updated to match. .coderabbit.yaml is
restored to its original state.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Lqu3eZi5djm2cPAEm3yVht

* [AI] Silence SC1007 false positive on CDPATH= cd in Cursor MCP adapter

shellcheck flags the intentional `CDPATH= cd` empty-env prefix as SC1007
(mistaking it for an assignment). Add a scoped inline disable directive on that
line; behaviour is unchanged.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Lqu3eZi5djm2cPAEm3yVht

* [AI] Fail closed on guard execution errors in Cursor MCP adapter

The adapter previously allowed the call on any non-0/2 exit from
github-comment-style.sh, so a broken or missing guard would silently disable
enforcement. Deny on unexpected exits instead (matching guard-shell.sh), with a
message that marks it as an execution problem rather than a real policy denial.
The shared guard still fails open on malformed payloads (its own exit-0 choice).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Lqu3eZi5djm2cPAEm3yVht

* [AI] Add hook requiring a blank PR template when agents create PRs

New shared guard pr-template-blank.sh blocks mcp__github__create_pull_request
unless the body is the repo's PR template, unmodified (cosmetic whitespace
aside) — agents must leave it blank for the human, per AGENTS.md. Wired for
Claude (PreToolUse), Codex (PreToolUse) and Cursor (the beforeMCPExecution
adapter now dispatches per-tool to the right guard). Docs and a release note
updated.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Lqu3eZi5djm2cPAEm3yVht

* [AI] Simplify agent-hook guard scripts

- github-comment-style.sh: fold the empty/whitespace-only case into the
  prefix check, dropping a redundant tr subshell per field.
- pr-template-blank.sh: drop the dead CR strip in canon() (the trailing
  whitespace sub already removes a trailing carriage return).
- before-mcp-github.sh: emit the constant allow payload with printf instead
  of spawning jq on the common (allow) path.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* [AI] Drop duplicated PR-template/robot-emoji rules now that hooks enforce them

The PR-template-blank and GitHub-comment robot-emoji-prefix rules are enforced
by cross-platform hooks, so the copies scattered across AGENTS.md and the
Cursor rules file are redundant. Remove them and point at the canonical
pr-and-commit-rules.md, which keeps the full rule (including the PR-template
Chinese exception that no hook can enforce). Also delete the internal
PR-template-guard release note.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* [AI] Drop "enforced by hooks" wording from the PR/comment rule docs

State the rules plainly without the meta-commentary about hook enforcement.
Keeps the actual rules (don't fill the PR template, prefix GitHub
comments/reviews/issues with 🤖, the Chinese exception, and the
your-own-comments-only note) intact.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* [AI] Trim enforcement meta-commentary; shorten robot-emoji release note

Drop the "isn't enforced automatically" / "handled by tooling" framing from
AGENTS.md and pr-and-commit-rules.md (keeping the rule and the "apply it
yourself" responsibility), and shorten the robot-emoji-prefix release note.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* [AI] Fail closed on unreadable payloads in the GitHub agent guards

Align the new guards with the git-guard.sh / guard-shell.sh convention: fail
closed when the hook payload can't be read, fail open only on a genuinely
absent optional field.

- github-comment-style.sh: block on invalid JSON / missing / non-object
  .tool_input; allow only an absent body/title within a valid object.
- before-mcp-github.sh: deny on a jq parse failure / missing .tool_name
  instead of falling through to allow.
- pr-template-blank.sh: an absent/null body now fails open (previously it
  normalized to "" and wrongly blocked PR creation); an empty-string body is
  still treated as a real non-template submission.
- .codex/config.toml: describe the full guard scope (comment body + issue
  title) in the hook comment and statusMessage.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

* speed up electron builds (#8337)

* size up runners, skip translations where possible

* note

* mdx -> md (#8338)

* mdx -> md

* [AI] Outlaw .mdx in the docs package

Docusaurus 3 compiles .md through MDX, so JSX and imports work in plain
.md files and there is no need for the .mdx extension. Narrow the
enforce-doc-links remark plugin to only accept .md: reject any .mdx
source file at build time, flag links that target a .mdx file, and drop
the .mdx branches from the directory scanner and link resolution.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* [AI] Add performance indexes for transactions table (#8335)

* [AI] Add performance indexes for transactions table

* release notes

* [AI] Remove unselective tombstone-only index from performance migration

* [AI] api: make the browser build work in consumer production bundles (#8289)

* api: make the browser build work in consumer production bundles

The browser build shipped `new Worker(new URL("./worker.js", import.meta.url))`
in dist/browser.js. A consumer bundler (Vite/Rollup) recognizes that as a worker
entry and re-bundles the already-prebuilt worker.js from scratch, which desyncs
the absurd-sql/connection RPC so `init` throws a structured-clone error. It only
worked in dev and in the package's own e2e because both serve dist verbatim.

Make the browser build fully self-contained instead:

- Inline the worker into browser.js and spawn it from a Blob URL, so consumer
  bundlers never see a worker entry to re-bundle. The worker is built as an IIFE
  (classic worker), mirroring the web app's kcab.worker.
- Embed the sql.js wasm and the default filesystem data (migrations + default
  DB) into the worker so it performs no PUBLIC_URL asset fetches:
  - loot-core sqlite gains an opt-in `setWasmBinary` (dormant for web/node);
  - the worker installs a scoped fetch shim serving the embedded data/* files
    from a sentinel base URL.
- Share the asset-collection logic between the Node disk copy and the embedded
  build via scripts/embedded-assets.mjs so the two never drift.

Result: `import '@actual-app/api'` + `init()` works in any bundler with zero
config; only COOP/COEP headers remain required (SharedArrayBuffer).

Adds an e2e (e2e/consumer + e2e/global-setup.mjs) that builds a real consumer
app for production and boots it under COOP/COEP — coverage the verbatim-dist
harness can't provide. Docs note the build is self-contained and that
cross-origin isolation is still required.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* [AI] api: address review feedback (guard DOM lookup, revoke blob URL on worker failure)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* [AI] api: address review nitpicks (drop BodyInit cast, reword release note)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* [AI] api: build the browser worker via Vite ?worker&inline

Replace the hand-rolled worker inlining (a custom Vite plugin that read the
prebuilt worker.js off disk and inlined it as a string, plus a second build
config and a build-ordering dependency) with Vite's native `?worker&inline`
import. This collapses the two browser build configs into one, removes the
`virtual:actual-worker-code` module and the manual Blob URL spawn, and drops
the worker-before-facade build step.

Vite's `?worker&inline` sub-build doesn't receive vite-plugin-node-polyfills'
global-shim injection (the plugin writes it to `build.rollupOptions`, but the
worker sub-build reads `worker.rollupOptions`), so the worker crashed on
`process is not defined`. Patch the plugin to also emit the injection on
`worker.rollupOptions` — additive and backwards compatible (the web app build,
including loot-core's nodePolyfills worker, is unaffected).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* [AI] api: embed browser assets via Vite, drop the embedded-assets script

Replace scripts/embedded-assets.mjs with Vite-native asset imports in the
worker entry: `?inline` for the sql.js wasm and default DB, `import.meta.glob`
(`?raw`) for the migrations. The worker builds the default-filesystem wire
format from those at module load, so the embedded set comes straight from
loot-core and can't drift.

The Node build only needs migrations + the default DB on disk (it reads them at
runtime); the old script also wrote sql-wasm.wasm and the data/ fetch tree,
which are dead now that the browser worker is self-contained. Replace
writeEmbeddedAssetsToDist with a small closeBundle copy of just those two.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* [AI] api: simplify embedded data map; drop loot-core comment churn

Merge the worker's binData/textData into a single dataFiles map (Response
accepts both bytes and strings), collapsing the fetch shim's two lookups into
one. Revert the unrelated comment edits to loot-core's backend-worker.ts and
fs/index.ts.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* [AI] api: rename e2e consumer-dist to consumer/dist; drop a prose comment

Use the standard `dist` directory name for the consumer fixture's build output
(now e2e/consumer/dist), and remove the verbose comment from index.browser.ts.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* [AI] loot-core: own the default-filesystem assets; consumers stop reaching in

Add packages/loot-core/default-filesystem.mjs as the single source of truth for
loot-core's runtime assets (sql.js wasm, default DB, migrations) and the
data-file-index wire format, exported as @actual-app/core/default-filesystem.

- @actual-app/api: the browser worker embeds them via the actual-embedded-assets
  Vite plugin (which calls collectEmbeddedAssets), replacing the relative
  ?inline/?raw/import.meta.glob reaches into ../loot-core; the Node build copies
  migrations + default DB using the helper's paths. Drops the direct
  @jlongster/sql.js devDependency (loot-core resolves the wasm).
- @actual-app/web: stagePublicData copies from the helper's paths instead of
  hardcoding loot-core's tree and the sql.js wasm location.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* [AI] loot-core: scan migrations once when collecting embedded assets

collectEmbeddedAssets() read the migrations directory twice — once in its
own loop and once via buildDataFileIndex(). List the names once and pass
them through, keeping the index wire-format defined in a single place.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>

* Restore budget table scroll position when navigating back from spent transactions (#8144)

* feat: Restore budget table scroll position when navigating back from spent transactions page

* fix: Update transaction tests to include new categories and adjust assertions

* Add release notes for budget scroll position restoration

* refactor: Improve error handling when clicking on visible spent-amount cells, per suggestion from coderabbit bot

* refactor: revert changes to test budget, add separate scroll-test test budget

* revert previous snapshot changes

* Add gitignore pattern for personal devcontainer config

* fix: broken tests

* refactor: address coderabbitai feedback

https://github.com/actualbudget/actual/pull/8144#discussion_r3446850158

* fix: update VRT snapshots for onboarding screen

* [autofix.ci] apply automated fixes

* refactor: modify scrolling test to add categories to existing test budget instead of creating separate budget

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

* [AI] Add design competition blog post for sidenav redesign (#8297)

* [AI] Add design competition blog post for sidenav redesign

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01HbXFM9ooWVw9SRA9No7vhF

* [AI] Set design competition blog post publish date to 27th July 2026

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01HbXFM9ooWVw9SRA9No7vhF

* [AI] Remove stray closing tags from design competition blog post

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01HbXFM9ooWVw9SRA9No7vhF

* Update 2026-07-27-design-competition-sidenav.md

---------

Co-authored-by: Claude <noreply@anthropic.com>

* Always show stacked bar graph tooltip label on hover (#8356)

* Always show stacked bar graph tooltip label on hover

* Handle edge case with maxToolTipItems+1 labels showing

* Replace last item label instead of adding new one

* Filter visible items on non zero values for consistency

* make SimpleFIN token 'forbidden' check more flexible (#8339)

* make SimpleFIN token 'forbidden' check more flexible

* clear accessKey when token is updated

* https -> fetch

* [AI] Add tests for SimpleFIN token claim fix

Cover the flexible 'Forbidden' matching, full claim-response handling, and access-key invalidation when the setup token changes.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* note

* Update upcoming-release-notes/fix-simplefin-token-claim.md

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

* coderabbit feedback

* [AI] Test SimpleFIN blank access key handling

Cover rejecting a blank claim response (not persisted) and re-claiming when an empty access key is cached.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

---------

Co-authored-by: Matt Fiddaman <github@m.fiddaman.uk>
Co-authored-by: tabedzki <35670232+tabedzki@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: youngcw <calebyoung94@gmail.com>
Co-authored-by: Matt Farrell <10377148+MattFaz@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: Dustin Brewer <mannkind@thenullpointer.net>
Co-authored-by: Matiss Janis Aboltins <matiss@mja.lv>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Alec Bakholdin <43560338+alecbakholdin@users.noreply.github.com>
Co-authored-by: clintharris <336401+clintharris@users.noreply.github.com>
Co-authored-by: Darwin Do <8429648+dsmaugy@users.noreply.github.com>
2026-07-03 19:58:35 +00:00

131 B

category, authors
category authors
Enhancements
lelemm

Allow bank sync credentials to be stored globally or for a specific budget file.