Skip to content

Releases: 686f6c61/gitpins

v3.9.6

23 Mar 21:01

Choose a tag to compare

Added

  • Added admin:access CLI tooling to grant, revoke and inspect admin allowlist entries from the database.
  • Added audit identity snapshots to admin logs so admin actions remain traceable even after user deletion.
  • Added versioned SQL migration for admin hardening in prisma/migrations/20260323205246_m6_admin_hardening/migration.sql.
  • Added SonarQube project configuration for local static analysis runs.
  • Added a visual before/after landing demo that simulates how GitHub ordering changes with GitPins.
  • Added a dashboard status summary with saved state, pinned repo count, sync mode and last sync visibility.
  • Added new public docs pages for API, admin, deployment and troubleshooting.

Changed

  • Updated core dependencies including Next.js, Prisma, pg, Jest, ESLint and Tailwind-related packages.
  • Switched runtime admin authorization to the admin_accounts allowlist only.
  • Hardened admin mutations with shared authorization checks, CSRF/origin validation, rate limiting and sudo reauthentication.
  • Linked pre-granted admin allowlist entries to users on login without relying on environment fallbacks.
  • Improved privacy exports with admin allowlist metadata and audit snapshots.
  • Replaced temporary sync tag suffix generation with crypto.randomUUID().
  • Improved repository filter sorting and accessibility behavior in the help demo.
  • Expanded automated test coverage for security and sanitization helpers.
  • Reworked the settings modal into clearer sections for ordering, scheduled sync, privacy and danger actions.
  • Localized and polished the install, banned and admin surfaces for both Spanish and English.
  • Replaced the admin-side inferred gitpins-config link with the real saved setup state to avoid pointing to repos that may not exist.
  • Refreshed README and docs to explain that GitPins exposes the sync API while scheduling can be handled by GitHub Actions or any external scheduler.

Security

  • Removed runtime dependence on ADMIN_GITHUB_ID as an authorization fallback.
  • Reworked HTML validation to avoid regex-based hotspot findings.
  • Centralized plain-text sanitization for admin reasons and notes.
  • Applied admin hardening migration to local and production databases without deleting existing data.

v3.9.5

12 Feb 14:46

Choose a tag to compare

v0.3.9.2: Filtros y seguridad

09 Jan 10:31

Choose a tag to compare

Cambios

Filtro de visibilidad en dashboard

  • Nuevos tabs: Todos / Publicos / Privados
  • Solo afecta visualizacion, no modifica el orden guardado
  • Drag & drop funciona con cualquier filtro activo

Boton Ejecutar ahora mejorado

  • Estilo mas visible con fondo destacado
  • Mejor feedback visual durante sincronizacion

Seguridad admin

  • Verificacion CSRF en rutas destructivas (ban/unban/delete)
  • Eliminado campo isAdmin del JWT (redundante)
  • Token CSRF enviado en headers desde frontend admin

v0.3.9.1: Fixes menores

22 Dec 16:23

Choose a tag to compare

Cambios

Fix: Ejecutar ahora ignora preferredHour

  • El boton "Ejecutar ahora" siempre funciona, ignorando la hora preferida configurada
  • La hora preferida (preferredHour) solo aplica a sincronizaciones automaticas desde GitHub Actions
  • Añadido parametro force=true para ejecuciones manuales desde el dashboard

Notas

  • Parche sobre v0.3.9 para corregir comportamiento del sync manual

v0.3.9: Historial unificado, página de ayuda y preferredHour

22 Dec 15:48

Choose a tag to compare

Novedades

Historial de Actividad Unificado

  • Combinados "Histórico de cambios" y "Actividad de Sincronización" en un único componente
  • Nueva API /api/activity con paginación
  • Exportación a CSV y JSON
  • Funcionalidad de restauración desde snapshots

Implementación de preferredHour

  • El endpoint de sync ahora respeta la hora preferida (UTC)
  • Si la hora actual no coincide, la sincronización se salta y se registra
  • Eliminado preferredDays para simplificar la configuración

Nueva Página de Ayuda

  • Guía completa en /help con secciones:
    • Quick Start
    • Permisos de GitHub App
    • Demo interactivo de ordenación
    • Configuración de sincronización
    • Estrategias de commit
    • Historial y exportación
    • Troubleshooting

Mejoras en Landing

  • Añadido paso 4 "Sin rastro" en sección How it Works
  • Sección "Coming Soon" actualizada a "Funcionalidades v0.3.5"
  • Enlace a Help en header

Limpieza

  • Eliminados scripts de cleanup obsoletos
  • Corregidas fechas @created 2024 → 2025 en todos los archivos

v0.3.8: Refactorización Prisma

22 Dec 15:03

Choose a tag to compare

Cambios en Schema

  • Nueva tabla UserToken: Tokens de autenticación separados de la tabla User
  • Nueva tabla AdminLog: Auditoría completa de acciones administrativas (ban/unban/delete)
  • Schema actualizado de 4 a 6 tablas

Cambios en Código

  • Auth callback almacena tokens en UserToken
  • API repos lee tokens desde relación user.token
  • ensureValidToken actualizado para usar UserToken
  • Acciones de admin crean registros en AdminLog

Correcciones de Lint

  • anyunknown con type casting apropiado
  • <a href="proxy.php?url=https%3A%2F%2Fgithub.com%2F"><Link> para navegación interna
  • Lazy initialization en theme-provider e i18n
  • Eliminados imports no usados
  • Corregidas dependencias de useMemo

Verificaciones

  • ✅ Lint: 0 errores, 0 warnings
  • ✅ Tests: 75/75 passed
  • ✅ Build: Compilado correctamente

v0.3.7: Fix sync loop

18 Dec 22:03

Choose a tag to compare

Correcciones

  • Fix bucle de sync: Añadido lock de 10 minutos entre syncs para evitar que se repita
  • Cleanup mejorado: Movido al final de todos los commits para mantener el orden correcto
  • Nuevo campo lastSyncAt para tracking de syncs

Este fix soluciona el problema donde el sync se repetía automáticamente después de terminar.

v0.3.6: Nuevas funcionalidades

18 Dec 21:43

Choose a tag to compare

Nuevas funcionalidades

  • Filtros avanzados: búsqueda por nombre, lenguaje, propietario y estrellas mínimas
  • Histórico de cambios: ver y restaurar órdenes anteriores (últimos 20)
  • Programación horaria: elegir hora y días preferidos para sincronización
  • Soporte para organizaciones: filtrar repos personales vs organizaciones
  • Sección "Nuevas funcionalidades" en landing page

Correcciones

  • Fix crítico: branches de backup (gitpins-backup-*) ahora se eliminan automáticamente después del cleanup
  • Corregido fecha en página legal (2024 → 2025)
  • Corregidos errores de tipos TypeScript en rutas de API

Cambios técnicos

  • Nuevo modelo OrderSnapshot en Prisma para historial
  • Nuevos campos preferredHour y preferredDays en RepoOrder
  • Campo owner e isOrg en tipo Repo
  • Nueva ruta /api/repos/history

v0.3.1: dependencias vercel y cambio de timeout

18 Dec 19:10

Choose a tag to compare

Cambios

  • Añadido @vercel/speed-insights para métricas de rendimiento
  • Configurado maxDuration=800 en sync API para evitar timeouts

v0.3.0 - Simplified Architecture & Detailed Sync Logs

06 Dec 17:56

Choose a tag to compare

Major Release: Simplified Architecture

This release represents a significant simplification of GitPins' architecture. We've eliminated the need for the gitpins-config repository, making the system more straightforward and easier to use.

What's New

No More Config Repository

  • Removed: The gitpins-config repository is no longer created or required
  • Simplified: Direct API-based synchronization without additional repos
  • Cleaner: Your GitHub profile stays clean - only your actual projects are visible

Real-time Sync Activity Logs

  • New Component: Sync Activity Log displays detailed progress for each sync operation
  • Step-by-step tracking: See exactly what's happening during sync:
    • [1/10] Ordering owner/repo...
    • - Creating commit for position 1/10...
    • - Reverting commit...
    • - Cleaning GitPins commits...
    • - Cleaned 2 commit(s)
    • [1/10] owner/repo - SUCCESS
  • Expandable details: Click on any sync log to see full operation details
  • Better troubleshooting: Identify exactly which repos succeeded or failed

Improved User Experience

  • No setup complexity: Save your order and sync immediately
  • Transparent operations: See what GitPins is doing in real-time
  • Better error visibility: Failed operations are clearly marked with detailed messages

Removed Features

Config Repository System

  • Removed automatic creation of gitpins-config repository
  • Removed GitHub Actions workflow generation
  • Removed repository secrets management
  • Removed config repo settings and UI
  • Removed disclaimer modals

Note: If you have an existing gitpins-config repository, you can safely delete it. It's no longer used.

Technical Changes

Database Schema

  • Removed configRepoName field
  • Removed configRepoCreated field
  • Removed configRepoPrivate field
  • Streamlined RepoOrder model for better performance

API Changes

  • Removed /api/config/create endpoint
  • Added /api/sync-logs endpoint for fetching sync activity
  • Simplified /api/repos response (no config repo fields)
  • Cleaner /api/repos/order payload

Architecture Improvements

  • Reduced codebase complexity by ~300 lines
  • Eliminated unnecessary GitHub App permissions
  • Improved error handling and logging
  • Better separation of concerns

Breaking Changes

  1. Existing Config Repos: The gitpins-config repository in your account is no longer used. You can delete it if you wish.

  2. API Response Changes: The /api/repos endpoint no longer returns configRepoName, configRepoCreated, or configRepoPrivate fields.

  3. Sync Method: Synchronization now works entirely through the API without creating any additional repositories.

Migration Guide

For Existing Users

  1. Your repo order is preserved - No action needed
  2. Delete old config repo (optional):
    # You can safely delete your gitpins-config repo
    # It's no longer needed
  3. Continue using GitPins - Everything works the same, just simpler!

What Still Works

  • Drag and drop ordering
  • Automatic synchronization
  • Sync frequency settings
  • Commit strategies (branch/revert)
  • Private repo support
  • Post-commit cleanup

Bug Fixes

  • Fixed admin dashboard config repo metrics (removed obsolete field)
  • Fixed settings modal default values (now 7 days default frequency)
  • Improved error messages in sync logs
  • Fixed import paths in sync-logs API route
  • Removed obsolete config repo visibility settings

Statistics

  • Code removed: ~300 lines
  • New features: Sync Activity Log component
  • Files changed: 18
  • Database schema updates: 3 fields removed

Full Changelog: v0.2.5...v0.3.0