- Added Feature Policy API: a declarative system to enable/disable/modify default behavior in the SaaS kit
- Team invitation policies with pre-checks using the Feature Policy API: Invite Members dialog now shows loading, errors, and clear reasons when invitations are blocked
- Version bump to 2.16.0 and widespread dependency updates (Supabase, React types, react-i18next, etc.).
- Added comprehensive docs for the new policy system and orchestrators.
- Subscription cancellations now trigger immediate invoicing explicitly
- Use ESM for building the MCP Server
- Added own Postgres dependency to MCP Server for querying tables and other entities in MCP
- Vastly improved AI Agent rules
- Added MCP Prompts for reviewing code and planning features
- Minor refactoring
1. Update dependencies
2. Use cssnano for production
3. Assign an environment variable to Sentry's environment settings
4. `Pill` now accepts React Nodes so we can pass translations using Trans component
5. Switch to mailpit API during tests
6. Do not require Email Sender to be of type email and add proper error messages
1. Handle expired links on signup
2.Reject invitations when user is already a member
3. Make sure not to display errors due to Next.js redirection during team creation
4. Fix documentation sidebar
Updated `render` calls to be `await` in account-delete and invite email templates to ensure proper asynchronous operation. Added an empty line in `account-webhooks.service.ts` for code clarity.
Deleted CloudflareMailer class and its implementation from the mailers package. Updated dependencies across various packages, converting certain imports to use `type` only, and bumped versions for packages like `react-query`, `lucide-react`, and others.
* Add status property to content item structure
This commit introduces a new `status` property to the content item structure, allowing content items to maintain a status such as 'draft', 'published', 'review', 'pending'. This status is mapped to the corresponding status in Wordpress and Keystatic clients to ensure consistent usage across platforms. Content retrieval methods now also include a status filter.
* Refactor code for style and readability improvements
This commit includes changes in various files across different packages to improve code readability, including adjusting spacing and breaking down complex lines into simpler parts. In addition, the switch statement in `wp-client.ts` has been refactored and status values are now held in variables, and the CSS classes in `global-loader.tsx` have been reorganized.
The email-templates package now uses the i18n (internationalization) library to translate email content based on user language preferences. This update involves changes to the email structure, the addition of translation JSON files, and modifications to the files referencing the emails. Email file locations were also restructured for better organization.
Paths such as SIGN_IN_PATH and SIGN_UP_PATH have been hardcoded into the application instead of being environment variables. These changes simplify the configuration of the application, making maintenance and understanding of the codebase easier.
The CSRF protection in middleware has been re-implemented with `@edge-csrf/nextjs`, to catch and handle CSRF errors more effectively. Additionally, some parameters are renamed and functions are added in `database.types.ts` for better role management. The dependency in `package.json` has also been updated to reflect the changes.
Extended the account ownership transfer tests and implemented several updates. This includes transferring the ownership only to an existing account member, sorting team members based on role hierarchy and whether a member is the primary owner. In the permissions check, prevented non-members from creating invitations and enhanced the styling of role badges depending on if they are custom or not.
New test files for database functionalities like transfer of ownership, schema conditions, and updating roles have been added. Changes have also been made in the schema.sql file for checking the role hierarchy levels and updating rules for permissions. Modifications in account permissions test have also been performed for more accuracy.
This commit removes the membersTabDescription, updates the deleteAccountDescription text in the localization files, and adds a condition to check permissions in account invitation component. It also includes test credentials in README and provides a significant amount of seed data for testing the database.
This commit adds data testing attributes to key elements in the team account invitations features. It also modifies e2e tests to make use of these attributes. Additionally, it introduces minor tweaks to other parts of the system to better facilitate testing, such as adjustments in timeouts and update of some log messages.
Multiple updates are made to refine the account management features, including updating the 'Your Teams' text to show the number of teams, and modifying the form data validation process in the 'deletePersonalAccountAction' service. Additionally, improvements have been made in test configurations including updating the test timeout settings, taking screenshots when a test fails, and adjusting the location for saving Playwright reports.
The Next.js version has been updated across multiple dependencies in the pnpm-lock file. This ensures consistency, removes instances of the canary version, and aligns all packages to use the stable 14.2.0 release.
The code changes introduce more detailed logging in the invitation webhook service. These logs provide comprehensive information about invitation webhooks events being handled, potential errors during fetching inviter or team details, as well as the
This commit updates diverse packages such as "@makerkit/data-loader-supabase-core" and "@makerkit/data-loader-supabase-nextjs" to the new versions in the package.json files. Also, several refactorings were done in logging within services and loaders by progressing 'server-only' imports and improving context handling. Additionally, type annotations have been added to several exported functions for better code readability and maintainability.
The account deletion process has been refactored to send account deletion emails from the AccountWebhooksService instead of from the deletePersonalAccount service. This has resulted in the addition of the AccountWebhooksService and modification of the seeds.sql file to trigger a webhook after account deletion. Along with this, the account invitation functionalities within the accountInvitations service have been considerably enhanced, making it much clearer and easier to use.
This commit replaces the use of Logger with getLogger in various parts of the code to handle logging. The Logger has been replaced with getLogger, which assists in getting logs in an asynchronous manner. In addition to this, it updates the next version in pnpm-lock.yaml from next@14.2.0-canary.61 to next@14.2.0-canary.62 and various other dependencies. Also made minor annotations and comments to the function 'isBrowser' and 'formatCurrency' in the 'utils.ts' file.
This commit introduces the updateSubscription method to the BillingStrategyProviderService, ensuring that subscriptions can be updated within the billing core. Additionally, a refactor has been applied to the BillingGatewayFactoryService and stripe-billing-strategy.service to improve error handling and the robustness of subscription updates. Logging in the webhook route has been adjusted for clarity and the data model has been enhanced.
Refactored Supabase server component client to improve type safety. Improved team account management by adjusting role data providers to consider account IDs, and adjusted invite member functionality to use account IDs and slugs. Enhanced invitation update dialog by adding account parameter. Fixed database webhook URLs in seed.sql. Overall, these changes enhance the robustness and usability of the team management functionalities.
This commit updates various components in the billing flow due to a new schema that supports multiple line items per plan. The added flexibility rendered 'line-items-mapper.ts' redundant, which has been removed. Additionally, webhooks have been created for handling account membership insertions and deletions, as well as handling subscription deletions when an account is deleted. This message also introduces a new service to handle sending out invitation emails. Lastly, the validation of the billing provider has been improved for increased security and stability.
Implemented improvements in the data validation methods used in Stripe and Team Account features by refining the schemas. Adapted string types to UUID for accountId attributes in various services and ensured that Stripe keys follow appropriate prefixes. Autocomplete was turned off for destructive actions for enhanced security.
Refactored both Stripe and Team Accounts features' schemas for better data validation and added specificity to keys. Enhanced form validations with methods to ensure Stripe keys follow appropriate prefixes. Replaced generic string types with UUID for accountId attributes in different services. Also turned off autocomplete for destructive actions for improved security.
Updated several components within the team accounts feature to use more specific schema definitions and provide clearer form validation. Several schema files were renamed to better reflect their usage and additional properties were included. The commit also introduces handling for a new accountId property, which provides more accurate user account tracking. Autocomplete was turned off on deletion actions for better security. Changes related to account ownership transfer were also made, including transaction logging and error handling improvements.
Added logging to the 'Leave Team' functionality to track user actions, and implemented a confirmation input to further validate a user's intent to leave a team. Also revised the user-facing prompt for more clarity on the team leaving process. Corresponding changes were applied to the relevant services and front-end components.
Replaced the requireAuth method with requireUser to improve clarity and modified all instances where it was used. Renamed the import throughout multiple files and services and made changes accordingly, thus making it more specific and understandable that a logged-in user is needed. The return type of the method was also updated from Session to User to more accurately reflect the information it provides.
The commit refactors the handling of account roles and enhances permissions checks. The account role has been shifted to use a string type, providing the ability to define custom roles. It also introduces the RolesDataProvider component, which stipulates role-related data for different forms and tables. The modification goes further to consider user role hierarchy in permissions checks, offering a more granular access control.
This commit adds a new function to renew team invitations and a central function for revalidating member page. It also removes redundant revalidations across different actions. The renew invitation function and UI elements are introduced including a new dialog for confirming the renewal action. Furthermore, function revalidateMemberPage() is added to abstract the revalidation path used multiple times in different functions. The code readability and maintainability have thus been improved.
This commit involves improving the user authentication process in the billing and accounts pages for better reliability. It also changes the name of 'organization-account-sidebar.config' to 'team-account-sidebar.config' for improved clarity and consistency.
Updated invitation link generation logic to use 'invitePath' instead of 'siteURL' improving the overall invitation system. The changes also entailed multiple updates to the UI ranging from layout modifications to enhanced alerts and descriptions. Additionally, the text and styling of several components, such as the team account settings container and the layout of personal account settings page, were significantly adjusted.
Implemented a new ModeToggle feature for theme switching in personal account dropdown. The changes also made adjustments to several UI components, such as transforming Dialog to AlertDialog in transfer-ownership-dialog, and introducing invitation-submit-button in team-accounts. Some minor amendments include text changes and styling modifications.
Renamed all instances of "Organization" with "Team" across the entire web application to reflect the latest change in terminology. This further extends to renaming related services, components, and their respective invocation instances. Separate billing permissions have been defined for Team accounts, and security actions have been updated in SQL schema along with some layout adjustments.
Removed services and actions related to team account deletion as well as updated paths within other dependent files, better reflecting their new locations. Also, added a new service titled 'AccountBillingService' for handling billing-related operations and restructured the form layout and handled translation in 'team-account-danger-zone' component.
