- Added a new blueprint for OIDC logout that invalidates the Authentik session and redirects to a specified landing page.
- Introduced custom CSS and JS files for branding, improving the visual integration of Authentik flows.
- Updated Nginx configuration to serve the new branding assets and handle specific routes for signup and password recovery.
- Enhanced the flow completion logic to support OIDC bridge functionality, including session management and redirect handling.
- Implemented unit tests for the new OIDC bridge and flow context functionalities to ensure reliability.
- Added a new handler for completing authentication flows, including session validation and cookie management.
- Implemented flow rate limiting to restrict the number of flow start requests per client IP.
- Enhanced flow session management with Redis support for persistent session storage.
- Updated existing handlers to integrate the new flow completion logic and error handling for various session states.
- Introduced unit tests for the new flow completion and rate limiting functionalities to ensure reliability.
- Added a new blueprint for password recovery (`05-ulti-recovery.yaml`) to facilitate user password reset via email.
- Introduced a new API handler for managing Authentik flow sessions, including starting and responding to flows.
- Implemented flow session management with in-memory storage for tracking user sessions during the recovery process.
- Enhanced error handling for flow session operations and added unit tests for the new functionalities.
- Updated README to include the new recovery flow in the Authentik blueprints documentation.
- Introduced a new location block in the Nginx configuration to handle requests for marketing product pages under the /suite path.
- Configured proxy settings to forward requests to the specified MAIL_FRONTEND_UPSTREAM, ensuring proper routing for the frontend application.
- Updated resolver and proxy headers to enhance request handling and maintain compatibility with existing services.
- Added repairUTF8Mojibake function to fix UTF-8 text misread as Latin-1, addressing common encoding issues in email bodies.
- Enhanced RepairStoredBodies and RepairSnippetWithBodies functions to utilize the new mojibake repair logic.
- Introduced unit tests for mojibake repair functionality to ensure accurate text restoration.
- Updated charset handling in repairLegacyCharsetString to incorporate mojibake repair, improving overall text processing reliability.
- Enhanced .env.example with new variables for PUBLIC_HOST, SECURE, and SUITE_ORIGIN to streamline environment setup.
- Updated Authentik blueprints to utilize the new configuration variables for redirect URIs and launch URLs.
- Introduced a new script to render Authentik blueprint templates dynamically based on environment variables.
- Modified docker-compose files to reference the updated environment variables for better maintainability.
- Improved expose.sh script to derive public URLs from the new configuration, ensuring consistency across deployments.
- Added device token management API for mobile devices, including registration, unregistration, and listing of devices.
- Implemented push notification functionality using FCM for Android and APNS for iOS.
- Introduced new endpoints for device registration and management in the devices API.
- Enhanced the configuration to support mobile push notifications with optional credentials for FCM and APNS.
- Updated database schema to include a new table for storing device tokens.
- Added integration tests for device management and push notification features.
- Corrected frontend route references in README to reflect updated paths for account and settings.
- Modified Nginx configuration comments to align with the new route structure, ensuring clarity for development and production setups.
- Added new Nginx location blocks for handling account settings and redirecting old paths to the new structure.
- Refactored AI gateway to utilize new cost management structures for usage tracking.
- Replaced deprecated token extraction methods with a unified cost parsing approach.
- Enhanced usage fallback mechanisms and introduced detailed usage metrics in responses.
- Added new metering functionality to record AI usage and costs effectively.
- Updated tests to reflect changes in usage parsing and cost calculations.
- Introduced new API endpoints for retrieving AI usage summaries and pricing information.
- Updated publicOfficeSessionRequest to include a new DisplayName field.
- Modified PublicEditorConfig to accept and utilize the display name for editor configuration.
- Implemented editorLabelPath function to determine the correct file name for single-file public shares.
- Added unit tests for editor label path and build editor config functionalities.
- Updated .env.example to include new configuration options for the UltiAI branding and API endpoints.
- Enhanced Nginx configuration to support new API routes for the MCP and WebSocket connections.
- Introduced sub-filters for branding adjustments in Nginx responses.
- Added new JavaScript patch for API endpoint adjustments.
- Implemented tests for new API functionalities and improved error handling in the AI gateway.
- Added WEBUI_NAME variable to .env.example and Docker Compose for consistent branding.
- Enhanced Nginx configuration with sub_filters to replace 'Open WebUI' with 'UltiAI' in responses.
- Introduced custom CSS for UltiAI branding and added logo and favicon assets.
- Implemented routing adjustments in Nginx to support SPA navigation without prefix issues.
- Updated .env.example to include new configuration options for AI gateway and WebUI secret key.
- Modified Nginx configuration to support additional API routes for model management and migration.
- Implemented new API endpoints for discovering organization-level LLM models and managing hosted mail services.
- Enhanced AI gateway logic to support organization-specific model access and permissions.
- Improved error handling and response structures in the AI and mail APIs.
- Added integration tests for new features and updated existing tests for model access control.
- Added resolver and upstream variable for Authentik server in Nginx configuration.
- Enhanced proxy_pass directive to use the defined upstream variable for better maintainability.
- Updated .env.example to clarify database password usage for OpenWebUI.
- Modified compose-up.sh to ensure databases are created if they do not exist after bringing services up.
- Added ensure-databases.sh script to check and create necessary Postgres databases.
- Adjusted health check for Nextcloud service in docker-compose to point to the correct status endpoint.
- Updated OpenWebUI's DATABASE_URL to use environment variables for Postgres credentials.
- Added new functionality to resolve external URLs for files on Google Drive and Microsoft OneDrive mounts.
- Introduced `mount_cloud_service.go` to handle OAuth token extraction and URL resolution.
- Enhanced `mounts_service.go` to update mount configurations with OAuth tokens.
- Updated API routes to include a new endpoint for fetching external URLs.
- Implemented enrichment functions in `cloud_native.go` to mark files that should open in the provider's web editor.
- Added tests for cloud-native file enrichment in `cloud_native_test.go` to ensure correct behavior.
- Added endpoints for listing and importing migration rosters.
- Introduced audit export functionality for migration jobs in CSV and NDJSON formats.
- Implemented tenant mismatch validation for Microsoft migration claims.
- Enhanced error handling for email claiming and migration processes.
- Added integration tests for roster import and claim workflows.
- Added configuration options for Stalwart hosted mail in .env.example.
- Updated Docker Compose to include Stalwart service with health checks.
- Introduced new API endpoints for managing mail domains and migration projects.
- Enhanced Authentik blueprints for user enrollment and post-migration security.
- Updated OAuth handling for Google and Microsoft migration processes.
- Improved error handling and response structures in the mail API.
- Added integration tests for email claiming and migration workflows.
- Added support for Faster Whisper transcription via Jigasi and Skynet.
- Updated .env.example to include new environment variables for transcription settings.
- Enhanced Jitsi Docker Compose configuration to include Skynet and Jigasi services.
- Introduced new API endpoints for managing organizational folders in the drive service.
- Updated Nextcloud initialization script to enable external file mounting.
- Improved error handling and response structures in the drive API.
- Added new properties for organization settings related to transcription and agenda management.
- Introduced new endpoints for managing identity providers, including retrieval of redirect URIs and testing/syncing providers.
- Enhanced organization settings to include identity provider configurations, allowing for self-enrollment and domain restrictions.
- Implemented caching for access policies and added validation for identity provider secrets.
- Added integration tests to ensure proper functionality of identity provider management and policy enforcement.
- Introduced a new `.env.test.example` file for integration test configuration.
- Added a `Makefile` to streamline test commands for unit and integration tests.
- Implemented an integration testing harness with support for PostgreSQL, MinIO, and Redis using testcontainers.
- Created a suite of integration tests covering health checks and user management functionalities.
- Enhanced CI workflow to include integration tests with necessary environment variables.
- Updated environment configuration to unify frontend for mail and drive under a single service.
- Revised README to reflect changes in frontend setup and routing for the unified application.
- Introduced new API documentation endpoints for better accessibility of API specifications.
- Enhanced drive and mail services with improved handling of file uploads and metadata enrichment.
- Implemented new API token management features, including creation, listing, and revocation of tokens.
- Added tests for new functionalities in drive and mail services to ensure reliability and correctness.
- Introduced new endpoints for contact discovery, including scanning, listing, and managing discovered contacts.
- Implemented retry logic for handling missing DAV credentials during contact operations.
- Added public share functionality for drive API, allowing users to manage public shares, including upload, delete, and rename operations.
- Updated Nextcloud configuration to support public share links and improved error handling for public share permissions.
- Enhanced logging and validation across contact and drive APIs for better error tracking and user feedback.
- Added tests for new contact matching and ranking functionalities to ensure accuracy and reliability.
- Improved the `RepairSnippetWithBodies` function to streamline snippet rebuilding logic and reduce redundancy.
- Introduced new utility functions for stripping CSS noise and decoding HTML entities in snippets.
- Enhanced boilerplate detection to better identify low-quality snippets, including legal footers and view-in-browser prompts.
- Added comprehensive tests for new functionality and edge cases in snippet processing.
Move mail, compose, contacts, and accounts off mocks onto REST + WS.
Add client, auth store, IDB-backed query cache, offline queue, and
sync bar; hybrid Zustand for UI-only state. Settings still local until
backend has preferences API.
- Introduced CRUD operations for user management, including create, invite, update, disable, and reactivate functionalities.
- Enhanced user listing with filtering options based on status and search queries.
- Implemented multi-service quota management for users, allowing specification of mail, drive, and photos storage limits.
- Added audit log export functionality with validation for format and limit parameters.
- Established strict RBAC for admin routes, ensuring proper permission checks for read and write operations.
- Updated validation logic for user-related requests and improved error handling across the user management API.
- Revised database schema to support new user status and quota fields, along with necessary migrations.
- Updated project checklist to reflect the completion of user management and admin RBAC enhancements.
Improve Immich-backed photos endpoints with robust mapping/error handling, full albums CRUD, reliable list pagination/sorting/filtering, and shared Nextcloud quota checks before upload.
- Updated the Contacts API to support contact synchronization with incremental updates using sync tokens.
- Added functionality for merging duplicate contacts on the server side.
- Introduced new endpoints for enriching contact interactions, including mail, meetings, and files.
- Implemented ETag support for contact updates to ensure data integrity.
- Enhanced validation for sync tokens and interaction queries.
- Updated project checklist to reflect the completion of Contacts API enhancements.
- Added new endpoints for listing calendars, events, creating/updating/deleting events, and handling free/busy requests.
- Implemented ETag/If-Match support for event updates to ensure data integrity.
- Introduced functionality for responding to invitations and creating Meet links from events.
- Enhanced validation for event creation and updates, including attendee email checks.
- Updated README documentation to reflect the new Calendar API features and usage examples.
- Revised project checklist to indicate completion of Calendar API enhancements.
- Added new endpoints for listing trash, recent, and starred files.
- Implemented chunked file uploads to support large file handling.
- Introduced copy and rename functionalities for file management.
- Enhanced error handling with specific drive-related error responses.
- Updated validation for copy and rename requests.
- Improved service methods to handle new functionalities and ensure quota checks.
- Updated project checklist to reflect completion of file management features.
- Added support for Typesense as a search engine alongside Meilisearch and PostgreSQL.
- Updated configuration structure to include Typesense parameters in `Config` and `.env.example`.
- Enhanced search handler and service to accommodate external search clients and filters.
- Implemented new tests for external search clients and search service functionalities.
- Updated project checklist to reflect completion of multi-index search features and contextual snippets.
- Updated the WebSocket hub to replace the insecure `user_id` query parameter with an authentication token for secure connections.
- Introduced typed events for mail operations (created, updated, deleted) to streamline event handling.
- Implemented heartbeat functionality (ping/pong) to maintain connection health.
- Enhanced client reconnection logic and delta replay for improved user experience.
- Added limits on connections per user/session to prevent abuse and ensure stability.
- Added a new endpoint for simulating rules based on sample messages, allowing users to test rule conditions and actions.
- Enhanced webhook management with versioning, preview capabilities, and improved validation for webhook requests.
- Updated service interfaces to support new functionalities, including max retries for webhooks and signing secrets.
- Implemented observability metrics for webhook retries and dead-letter tracking, improving error handling and monitoring.
- Enhanced unit tests to cover new simulation and webhook features, ensuring robust functionality and validation.
- Added new API endpoints for sending, rescheduling, and canceling scheduled outbox messages.
- Implemented outbox processing logic to handle attachments and manage message statuses.
- Introduced a dead-letter strategy for failed outbox messages, enhancing reliability.
- Updated database schema to support new outbox statuses and dead-letter entries.
- Enhanced unit tests for outbox functionalities, ensuring robust error handling and validation.
- Improved attachment handling in the outbox processor to support inline and regular attachments.
