Tags from sendrec

v1.82.0

2026-03-19T18:14:55Z

fix: remove invalid table alias from ListOwnerComments query (#117)

The query used `v.user_id` and `v.comment_mode` but the FROM clause
had no `v` alias, causing a PostgreSQL error that was caught as a
generic error and returned as 404. This broke the comments section
on VideoDetail for all users.

v1.81.0

2026-03-10T21:20:04Z

refactor: clean code phase 2 — file splits and DRY fixes (#116)

* refactor: extract plans.IsPaid helper, replace 5 inline checks

* refactor: extract organization.IsAdminOrOwner, replace 7 inline checks

* refactor: deduplicate token functions — export from auth, remove from sso

* refactor: extract ValidateRetentionDays to shared validate package

Add RetentionDays validator to the validate package and remove the
duplicate inline validRetentionDays map from organization.go. Also
add Password validator and corresponding tests in preparation for
deduplicating the three password validation blocks in auth.go.

* refactor: extract ValidatePassword to shared validate package

Replace the three duplicate password length checks in auth.go
(Register, ResetPassword, UpdateUser) with validate.Password calls,
and replace the inline validRetentionDays map with validate.RetentionDays.

* refactor: extract recordViewAsync, deduplicate 3 identical goroutines

* refactor: extract lookupVideoByShareToken, deduplicate 3 queries

* fix: use httputil.WriteError in integration handler for consistent JSON errors

* refactor: extract shared Video/Folder/Tag types to types/video.ts

Creates web/src/types/video.ts with canonical Video, VideoTag, Folder, and
Tag interfaces. Removes duplicate inline declarations from VideoDetail.tsx and
Library.tsx. VideoDetail-only fields (document, documentStatus,
transcriptionLanguage, noiseReduction, playlists) are marked optional so
Library can safely use the same type without carrying unused fields.

* refactor: extract formatDuration/formatDate/expiryLabel/copyToClipboard to shared utils

Creates web/src/utils/format.ts with formatDuration, formatDate, formatChartDate,
and expiryLabel, and web/src/utils/clipboard.ts with copyToClipboard. Removes all
inline duplicate definitions from VideoDetail.tsx, Library.tsx, PlaylistDetail.tsx,
Playlists.tsx, Analytics.tsx, Recorder.tsx, and CameraRecorder.tsx, replacing them
with imports from the new shared modules.

* refactor: extract useToast hook and Toast component, deduplicate 3 pages

* refactor: extract ConfirmDialog component and shared type

* refactor: extract useRecording hook, deduplicate Recorder and CameraRecorder

* refactor: deduplicate billing handlers with parameterized entity helpers

* refactor: extract shared playlist JS and loadPlaylistVideos helper

* refactor: split VideoDetail into focused sub-components

Extract SharingSection, TranscriptSection, and CommentsSection from
the 2088-line VideoDetail.tsx into a VideoDetail/ directory with an
index.tsx orchestrator and three focused sub-components.

* refactor: split Settings into focused section components

Break up the 1923-line Settings.tsx into Settings/ directory with
index.tsx orchestrator plus 7 section components and shared types.

* refactor: split OrgSettings into focused section components

Break up the 1237-line OrgSettings.tsx into OrgSettings/ directory
with index.tsx orchestrator plus 4 section components and shared types.

* refactor: replace duplicated formatTime/formatTimestamp with shared formatDuration

Remove 5 identical time-formatting functions from TrimModal,
FillerRemovalModal, SilenceRemovalModal, CommentsSection, and
TranscriptSection — all replaced with existing formatDuration from
utils/format.ts.

* refactor: split SSO handler into protocol-specific files

Split the 1124-line handler.go into handler.go (shared utilities,
identity/SCIM management), handler_oidc.go (OIDC flows), and
handler_saml.go (SAML flows).

* refactor: split Analytics, PlaylistDetail, and Library into sub-components

Analytics.tsx (920 lines) → Analytics/ with 8 files.
PlaylistDetail.tsx (960 lines) → PlaylistDetail/ with 3 files.
Library.tsx (893 lines) → Library/ with 3 files.

v1.80.0

2026-03-07T05:38:22Z

feat: growth quick wins — watch page CTA, GitHub star in welcome emai…

…l, README Docker snippet, Railway template

v1.79.0

2026-03-06T22:57:19Z

Add SCIM 2.0 provisioning (#114)

* feat: add SCIM tokens migration and resource types

Migration 000057 creates organization_scim_tokens table.
internal/scim/types.go defines SCIM 2.0 resource types.

* feat: add SCIM bearer token auth middleware

* feat: add SCIM token management endpoints

* feat: add SCIM ServiceProviderConfig and Schemas endpoints

* feat: add SCIM Create User endpoint

* feat: add SCIM Get and List Users endpoints

* feat: add SCIM Patch and Delete User endpoints

* feat: register SCIM routes and token management endpoints

* feat: add SCIM provisioning card to OrgSettings

* fix: SCIM status field as numeric string, constant-time token comparison, emailVerified check

* fix: handle unchecked error returns in SCIM package

* Fix SCIM provisioning edge cases

* Upgrade Go toolchain and polish SCIM guide

* Update golangci-lint for Go 1.26

v1.78.0

2026-03-06T20:30:08Z

feat: add SAML 2.0 support for workspace SSO (#113)

* feat: add SAML columns to organization_sso_configs

* feat: add crewjam/saml dependency

* feat: add SAML metadata parsing

* feat: implement SAMLProvider with AuthURL and Exchange

* feat: extend SaveConfig to support SAML provider

* feat: extend GetConfig to return SAML fields

* feat: add SAML ACS callback and update InitiateOrgSSO for SAML

* feat: add SP metadata endpoint for SAML

* feat: register SAML ACS and SP metadata routes

* feat: add SAML protocol toggle to SSO settings

* fix: address code review issues in SAML implementation

- Use SameSite=None; Secure for SAML state cookie (cross-origin POST)
- Add 1MB body size limit on metadata URL fetch
- Accept KeyDescriptors with unspecified use attribute (Azure AD compat)
- Scan nullable OIDC columns into pointer types in OrgCallback
- Add happy-path test for InitiateOrgSSO with SAML config
- Add test for unspecified KeyDescriptor use attribute

* fix: surface crewjam/saml private error for SAML debugging

* fix: track SAML AuthnRequest ID for InResponseTo validation

crewjam/saml requires the AuthnRequest ID to validate the response's
InResponseTo attribute. Store the request ID alongside the state in the
sso_state cookie (state|requestID format) and pass it to ParseResponse.

* feat: add OIDC and SAML setup guides to SSO settings

v1.77.0

2026-03-06T18:02:35Z

Add workspace E2E tests (#111)

* test: add workspace E2E tests for CRUD, viewer role, and video transfer

Add 18 new Playwright E2E tests across 3 spec files:
- workspace.spec.ts: create, rename, settings, delete (5 tests)
- workspace-viewer.spec.ts: viewer permissions and role changes (8 tests)
- workspace-transfer.spec.ts: move videos between scopes (5 tests)

Supporting changes:
- Add second test user for multi-user scenarios
- Add workspace API helpers (create, invite, accept, switch, upload)
- Add workspace tables to truncate list in global setup

* ci: add workflow_dispatch trigger to CI workflow

Allow manual triggering of CI including e2e tests on any branch.
Only users with repo write access can trigger workflow_dispatch.

* fix: correct table names in e2e truncate list

sso_configs → organization_sso_configs
social_identities → external_identities

* fix: pass access token in workspace e2e API calls

loginViaAPI stores the access token from the login response.
Workspace helpers and spec files pass it as Authorization header
on direct page.request calls (page navigation works via SPA
refresh flow, but direct API calls need the Bearer token).

* fix: set e2e test user to pro plan to allow multiple workspaces

Free plan limits to 1 workspace owned. E2e specs each create their
own workspace, so the test user needs pro to avoid 403 on the
second workspace creation.

* fix: resolve e2e test failures for workspace specs

- Extract invite token from API response instead of DB query
(DB stores hash, not raw token)
- Use getByLabel for rename assertion instead of input[value]
- Scope transfer dialog selectors to dialog role to avoid
strict mode violations from duplicate text matches
- Remove unused queryRows import from workspace helpers

* fix: wait for settings page load before asserting workspace name and members

* fix: set org context before navigating to settings in e2e tests

OrgSettings page redirects to / when selectedOrgId doesn't match the
route orgId. Fresh Playwright pages have empty localStorage, so the
workspace was never "selected". Fix by setting localStorage before
navigating to settings. Also add Date.now() suffix to workspace names
to avoid duplicates when serial suites retry.

* fix: use specific role selector in viewer members list test

getByText('viewer') matched 5 elements (role dropdowns, invite dropdown).
Use getByLabel('Role for email') to target the specific user's role
dropdown and check its value instead.

* fix: use member name for role selector aria-label in viewer test

The role dropdown aria-label uses member.name || member.email, and the
test user has name "E2E Viewer User", so the label doesn't match email.

* fix: scope dropdown assertions to .dropdown-menu in viewer tests

getByText('Analytics') matched both nav link and dropdown action link.
Scope all dropdown assertions to the .dropdown-menu container.

* fix: use member.id instead of member.userId in role change tests

The members API returns { id, name, email, role, joinedAt }, not userId.

* feat: hide write actions from viewers on VideoDetail page

Viewers can still watch videos, view analytics, download, copy share
links, and read comments/transcripts. Hidden for viewers: edit title,
pin, delete, share settings, AI actions, editing, organize, CTA, and
delete comments.

* fix: add RequireWriter to folder/tag/playlist routes, viewer tests, and UX fixes

- Apply RequireWriter middleware to write routes for folders, tags, and playlists
(security gap: viewers could mutate these resources via direct API calls)
- Add 8 VideoDetail viewer role unit tests verifying write actions are hidden
- Simplify TransferDialog disabled button logic
- Replace flaky waitForTimeout with meaningful assertions in E2E workspace helpers

* fix: add type annotations to useOrganization mock to fix typecheck

The mock's default null values caused TS to infer literal null types,
breaking the viewer test overrides that set string/object values.

* docs: add workspace endpoints to OpenAPI spec

Add 15 new endpoints: members (list, remove, update role), invites
(send, list, revoke, accept), org billing (get, checkout, cancel),
org SSO config (get, save, delete), and video transfer.

Add 15 new schemas and update role enums to include viewer,
plan enums to include business.

v1.76.0

2026-03-05T09:56:57Z

feat: add data retention with auto-delete, pin exemption, and warning…

… emails (#109)

* feat(retention): add migration for retention_days, pinned, retention_warned_at

* feat(retention): add PUT /api/videos/{id}/pin toggle endpoint

* feat(retention): add retentionDays to user profile GET/PUT

- Add RetentionDays field to userResponse and updateUserRequest
- Include retention_days in GetUser SELECT query
- Add validation (0, 30, 60, 90, 180, 365) in UpdateUser handler
- Add 2 tests for valid and invalid retention_days updates

* feat(retention): add retentionDays to org settings GET/PUT

- Add RetentionDays field to orgListItem, orgDetailResponse, updateOrgRequest
- Include retention_days in List, Get, and Update SELECT queries
- Add validation (0, 30, 60, 90, 180, 365) and dynamic SET clause in Update
- Add 2 tests for valid and invalid retention_days updates

* feat(retention): expose retentionDays in limits API

Resolve effective retention for current context: org retention_days
for workspace videos, user retention_days for personal videos.

* feat(retention): add SendRetentionWarning email method

Listmonk transactional email for 7-day retention warning.
Bypasses allowlist. Template ID via LISTMONK_RETENTION_WARNING_TEMPLATE_ID.

* feat(retention): add daily retention worker with warn + delete passes

Daily ticker warns users 7 days before deletion, then soft-deletes
videos after grace period. Cleans up playlist_videos on delete.

* feat(retention): add Data Retention dropdown to Settings and Workspace Settings

Select from Off/30/60/90/180/365 days. Personal and workspace scopes.
Pinned videos excluded (noted in description).

* feat(retention): add pin toggle on VideoDetail and pin indicator on Library

Pin/Unpin button in video actions bar with filled/outline icon.
Pinned badge in metadata. Pin indicator overlay on library video cards.

* docs: add retention and pin endpoints to OpenAPI spec

Add PUT /videos/{id}/pin, retentionDays to user/org/limits responses,
pinned + retentionWarnedAt to video schema, org endpoints with retention.

* fix: consistent card footer height and add pin shortcut in library

Use flexbox on video cards so the Copy link footer aligns at the
bottom regardless of metadata height. Add Pin/Unpin option to the
three-dot menu on library video cards.

* fix: include pinned field in video list API response

Without this, the Library page couldn't show pin indicators and
VideoDetail lost pinned state on refresh.

* fix: use share_token instead of share_id in retention worker query

Column is share_token, not share_id.

v1.75.0

2026-03-04T20:13:20Z

fix: remove videos from playlists on delete (#108)

Videos are soft-deleted (status='deleted') so the ON DELETE CASCADE
on playlist_videos never fires. Explicitly delete playlist_videos
rows in both single and batch delete handlers.

v1.74.0

2026-03-03T11:25:36Z

feat: add Jira and GitHub integrations (#107)

* feat: add user_integrations migration (000050)

Create user_integrations table to store per-user integration
configs (Jira, GitHub) with encrypted JSONB config column.

* feat: add core integration types and AES-256-GCM encryption

IssueCreator interface, request/response types, DeriveKey,
Encrypt, Decrypt, MaskToken — 4 passing tests.

* feat: add GitHub and Jira issue creation clients

GitHubClient: Bearer auth, POST /repos/{owner}/{repo}/issues,
markdown body with collapsible transcript. JiraClient: Basic
auth, POST /rest/api/3/issue, ADF body format. Both implement
IssueCreator interface — 10 passing tests total.

* feat: add integration handler with CRUD and create-issue endpoints

List, Save, Delete, Test, CreateIssue handlers with encrypted
token storage, config validation, and provider factory — 15 tests.

* feat: wire integration routes into server

* feat: add Integrations card to Settings and Create Issue to VideoDetail

Settings: expandable GitHub/Jira config forms with save, test
connection, and disconnect. VideoDetail: Create Issue button
with dropdown for configured providers. 677 frontend tests pass.

* docs: add integration endpoints to OpenAPI spec

5 new endpoints: list/save/delete integrations, test connection,
create issue from video. Schemas for GitHub/Jira configs.

* fix: address lint issues in integration package

Check error returns for resp.Body.Close, io.Copy, and json
Encode/Decode. Lowercase error string per staticcheck ST1005.

* fix: use org-aware video query in CreateIssue handler

Apply the same organization_id filter used by other video
endpoints — personal videos require organization_id IS NULL,
org videos require matching organization_id.

* fix: use transcript_json column in create-issue query

The videos table has transcript_json (JSONB) not transcript (TEXT).
The non-existent column caused SQL errors returning 404.

* fix: persist integration settings on page reload

- Frontend: populate form fields from saved integration config on load
- Backend: detect masked token values and preserve existing encrypted
tokens when re-saving without changing the token

* fix: remove unused encryptTokenFields function

v1.73.0

2026-03-02T17:21:29Z

feat: add REGISTRATION_ENABLED env var to disable signups (#105)

* feat: add REGISTRATION_ENABLED env var to disable signups

Closes #104.

- Backend: guard on Register handler returns 403 when disabled
- Health endpoint exposes registrationEnabled for frontend
- Frontend: Register redirects to /login, Login hides sign-up link
- Default: true (registration enabled), set to "false" to disable

* refactor: move staging and preview deploys to Coolify Dockerfile builds

- Staging: remove Docker Hub publish, Coolify builds from repo on deploy
- Preview: replace SSH + docker run with Coolify API (PATCH branch + deploy)
- Docker images now only published on production releases (v* tags)

* refactor: dynamic Coolify preview apps per PR

Replace single shared preview app with dynamic per-PR app creation.
Each PR gets its own Coolify app (sendrec-pr-{N}) with a unique URL
(pr-{N}.app.sendrec.eu). Apps are auto-deleted on PR close.