LeadMagnet/leadchat
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
5,880 Commits 1 Branch 0 Tags
9a9398b3865cd2ab6ad28ae80eb5ec4bdc29932c
Commit Graph

225 Commits

Author SHA1 Message Date
Sojan Jose
db13049e6f fix: [Snyk] Security upgrade administrate-field-active_storage from 1.0.2 to 1.0.3 (#9496) 
- Security upgrade administrate-field-active_storage from 1.0.2 to 1.0.3
 2024-05-21 13:36:11 -07:00
Sojan Jose
fc1c992cde fix: [Snyk] Security upgrade devise_token_auth from 1.2.1 to 1.2.3 (#9468) 
fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIONCABLE-20338
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-05-15 11:52:40 -07:00
Sojan Jose
e992283993 fix: [Snyk] Security upgrade omniauth-rails_csrf_protection from 1.0.1 to 1.0.2 (#9454) 
fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-05-13 16:07:56 -07:00
Sojan Jose
d34d726b37 chore(snyk): Security upgrade administrate-field-active_storage from 1.0.1 to 1.0.2 (#9332) 
fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIONCABLE-20338
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-05-01 12:05:40 -07:00
Sojan Jose
a5ab8201c6 fix: [Snyk] Fix for 1 vulnerabilities (#9316) 
fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-SIDEKIQ-6689289

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-04-29 14:24:06 +05:30
Pranav
ffd47081bd chore(cleanup): Delete sentiment feature (#9304) 
- The feature is unused, removing it for now, will bring it back with better models later.
 2024-04-25 22:49:10 -07:00
Sojan Jose
ade658ad86 chore: [Snyk] Fix for 1 vulnerabilities (#9229) 
fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-04-15 14:07:37 -07:00
Sojan Jose
6b7a707fef chore: Security upgrade omniauth-google-oauth2 from 1.1.1 to 1.1.2 (#9173) 
fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-04-03 20:22:46 +05:30
Pranav
dca14ef82d fix: Downgrade rack-cors to 2.0.0 to fix CVE-2024-27456 (#9032) 2024-02-27 20:20:59 -08:00
Sojan Jose
ab56374b2f chore: Fix Bundle Audit Breakages (#9016) 
Name: actionpack
Version: 7.0.8
CVE: CVE-2024-26143
Criticality: Unknown
URL: https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947

-----

Name: rack
Version: 2.2.8
CVE: CVE-2024-25126
Criticality: Unknown
URL: https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941
 2024-02-26 15:25:21 +05:30
Pranav Raj S
12916ceca6 fix: Capture delivery errors to avoid false positives (#8790) 
The system did not detect the delivery errors earlier, resulting in some false positives. The user was not informed when an email failed to be delivered. While we do handle failure status in other channels, we were not able to capture the actual delivery status for the email channel.

This pull request makes the following changes:

- Updated the class EmailReplyWorker to use the deliver_now method instead of deliver_later. This change is made to raise any errors that may occur with the SMTP connection. The errors are then captured and sent to Sentry, and the email is marked as failed. Previously, we did not consider the case of retries in the email channel, so this feature is currently not functioning. So, I have disabled the retry option. We will address this in a follow-up ticket.
- Downgraded the net-smtp gem to version 0.3.4. This change is made to avoid an argument error when using XOAUTH2.

Fixes: https://linear.app/chatwoot/issue/CW-3032/argumenterror-wrong-authentication-type-xoauth2-argumenterror
 2024-01-26 14:22:18 +04:00
Sojan Jose
59184122f7 fix: [Snyk] Security upgrade administrate from 0.19.0 to 0.20.1 (#8741) 
-  Upgrade  administrate  gem to latest
- Update the `show` partial with changes from upstream
 2024-01-25 17:33:21 +04:00
Sojan Jose
d2c5c2f9a3 chore: [Snyk] Security upgrade sidekiq from 7.2.0 to 7.2.1 (#8748) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-01-22 13:12:26 +04:00
Sojan Jose
c6ecf80dff chore(synk): Upgrade administrate to fix 2 vulnerabilities (#8625) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
 2024-01-04 13:38:03 -08:00
Sojan Jose
c29b77c214 chore(snyk): Security upgrade factory_bot_rails from 6.4.2 to 6.4.3 (#8628) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-01-04 10:47:48 -08:00
Sojan Jose
1ddb73ea97 chore(security): Security upgrade omniauth from 2.1.1 to 2.1.2 (#8591) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-12-20 13:38:34 -08:00
Sojan Jose
03ebb6947b chore(synk): Upgrade sentry-rails from 5.13.0 to 5.14.0 (#8420) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
 2023-12-10 22:00:17 -08:00
Sojan Jose
c53591f049 chore(snyk): Security upgrade sidekiq-cron from 1.11.0 to 1.12.0 (#8523) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
 2023-12-10 21:59:12 -08:00
Sojan Jose
2ae9bbb24e chore(snyk): Security upgrade factory_bot_rails from 6.2.0 to 6.4.2 (#8371) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
 2023-12-10 20:43:58 -08:00
Sojan Jose
38240a68aa [Snyk] Security upgrade rack-mini-profiler from 3.1.1 to 3.2.0 (#8508) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-12-10 15:02:59 -08:00
Sojan Jose
e750ee6d28 chore: [Snyk] Security upgrade administrate-field-active_storage from 0.4.2 to 1.0.0 (#8382) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-11-20 19:42:54 -08:00
Sojan Jose
59ace66c6f chore: [Snyk] Fix for vulnerabilities (#8340) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-11-17 15:24:00 -08:00
Sojan Jose
decef1ad52 chore: Add rails_panel gem for query debugging (#8370) 2023-11-18 02:30:35 +05:30
Sojan Jose
f891cfbf47 chore: [Snyk] Security upgrade sidekiq-cron from 1.10.1 to 1.11.0 (#8294) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-11-08 10:32:04 +05:30
Sojan Jose
66229b0d6b chore: [Snyk] Security upgrade audited from 5.4.0 to 5.4.1 (#8305) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-11-07 17:45:32 -08:00
Sojan Jose
f34cd3ea61 chore: [Snyk] Security upgrade newrelic-sidekiq-metrics from 1.6.1 to 1.6.2 (#8254) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-10-31 18:24:18 -07:00
Sojan Jose
7b09fa4a03 chore(snyk): Upgrade gems to fix SNYK-RUBY-RACK-1061917 (#8104) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-10-13 09:24:50 +05:30
Muhsin Keloth
26e8877cd9 feat: Support link unfurling for all the channels within the same connected channel account. (#8033) 2023-10-08 17:55:03 +05:30
Sojan Jose
d8b53f5d2f chore: [Snyk] Security upgrade audited from 5.3.3 to 5.4.0 (#8023) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-09-30 19:49:03 -07:00
Sojan Jose
dd0930d75e chore: Improve search in super admin panel (#7952) 
Co-authored-by: Vishnu Narayanan <vishnu@chatwoot.com>
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
 2023-09-22 19:41:13 +05:30
Sojan Jose
cb07ac16d1 chore: [Snyk] Fix for 1 vulnerabilities (#7906) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-09-12 18:03:58 -07:00
Sojan Jose
272f920811 chore: [Snyk] Security upgrade rails from 7.0.7.2 to 7.0.8 (#7888) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-09-11 19:12:38 -07:00
Sojan Jose
4acb824857 chore: [Snyk] Fix for 1 vulnerabilities (#7870) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-09-06 18:36:32 -07:00
Sojan Jose
99bb074656 chore: Security upgrade web-console from 4.2.0 to 4.2.1 (#7864) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-09-06 11:31:05 +05:30
Shivam Mishra
24468d71fb feat: update rails (#7786) 
Bump up rails
 2023-08-23 13:45:55 -07:00
Sojan Jose
7f0ca8b15d fix: Security upgrade rack-mini-profiler from 3.1.0 to 3.1.1 [Snyk] (#7657) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-08-07 14:09:28 -07:00
Sojan Jose
c084ad5a68 [Snyk] Security upgrade lograge from 0.12.0 to 0.13.0 (#7635) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-08-04 16:56:11 -07:00
Sojan Jose
2d07577731 fix: [Snyk] Security upgrade rack-attack from 6.6.1 to 6.7.0 (#7625) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-07-27 09:06:56 +03:00
Sojan Jose
480f34803b feat: Response Bot using GPT and Webpage Sources (#7518) 
This commit introduces the ability to associate response sources to an inbox, allowing external webpages to be parsed by Chatwoot. The parsed data is converted into embeddings for use with GPT models when managing customer queries.

The implementation relies on the `pgvector` extension for PostgreSQL. Database migrations related to this feature are handled separately by `Features::ResponseBotService`. A future update will integrate these migrations into the default rails migrations, once compatibility with Postgres extensions across all self-hosted installation options is confirmed.

Additionally, a new GitHub action has been added to the CI pipeline to ensure the execution of specs related to this feature.
 2023-07-21 18:11:51 +03:00
Sojan Jose
2b4f4f0b5c [Snyk] Security upgrade administrate from 0.18.0 to 0.19.0 (#7547) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-07-20 12:47:54 -07:00
Sojan Jose
f72be94323 chore: [Snyk] Fix for 1 vulnerabilities (#7466) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-07-19 21:41:55 +03:00
Vishnu Narayanan
8babf7dec3 feat: add debug gem and more make commands (#7509) 2023-07-18 13:22:02 +05:30
Tejaswini Chile
10dd0ba647 feat: Sentiment Analysis (#7475) 2023-07-12 15:03:31 +05:30
TOMMY
26a75b250d Merge pull request from GHSA-2472-ggjh-43h2 2023-06-27 17:22:54 +05:30
Sojan Jose
48f2e58e59 feat: Ability to update avatars from super admin (#7264) 
- Ability to update user avatars from super admin
- Ability to update bot avatars from super admin

fixes: #7060
 2023-06-09 15:32:24 +05:30
Pranav Raj S
5e0ce7793c fix: Re-order gem list to fix rubocop errors (#7043) 2023-05-08 16:15:27 -07:00
Pranav Raj S
ce3e38df0f chore: Update the design of the help center portal (#6775) 2023-05-08 15:31:38 -07:00
Sojan Jose
022383d942 chore: Upgrade to Rails 7 (#6719) 
fixes: #6736
 2023-05-06 10:44:52 +05:30
dependabot[bot]
937338e3ea chore(deps): bump audited from 5.2.0 to 5.3.3 (#7016) 
Bumps [audited](https://github.com/collectiveidea/audited) from 5.2.0 to 5.3.3.
- [Release notes](https://github.com/collectiveidea/audited/releases)
- [Changelog](https://github.com/collectiveidea/audited/blob/main/CHANGELOG.md)
- [Commits](https://github.com/collectiveidea/audited/compare/v5.2.0...v5.3.3)

---
updated-dependencies:
- dependency-name: audited
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-03 14:13:04 +05:30
Tejaswini Chile
44837aa657 Fix: save twitter profile for inbox (#6667) 
Fixes: #737
 2023-04-12 14:16:24 +05:30