LeadMagnet/leadchat
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
4,132 Commits 1 Branch 0 Tags
db13049e6f5d6a64afed47e0692967513d7025d0
Commit Graph

251 Commits

Author SHA1 Message Date
Sojan Jose
db13049e6f fix: [Snyk] Security upgrade administrate-field-active_storage from 1.0.2 to 1.0.3 (#9496) 
- Security upgrade administrate-field-active_storage from 1.0.2 to 1.0.3
 2024-05-21 13:36:11 -07:00
dependabot[bot]
85dcb84675 chore(deps): bump rexml from 3.2.5 to 3.2.8 (#9489) 
Bumps rexml from 3.2.5 to 3.2.8.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-16 18:19:22 -07:00
Sojan Jose
fc1c992cde fix: [Snyk] Security upgrade devise_token_auth from 1.2.1 to 1.2.3 (#9468) 
fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIONCABLE-20338
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-05-15 11:52:40 -07:00
dependabot[bot]
1d4798a3bf chore(deps): bump nokogiri from 1.16.4 to 1.16.5 (#9459) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.16.4 to 1.16.5.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.16.4...v1.16.5)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-13 18:12:02 -07:00
Sojan Jose
e992283993 fix: [Snyk] Security upgrade omniauth-rails_csrf_protection from 1.0.1 to 1.0.2 (#9454) 
fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-05-13 16:07:56 -07:00
Sojan Jose
d34d726b37 chore(snyk): Security upgrade administrate-field-active_storage from 1.0.1 to 1.0.2 (#9332) 
fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIONCABLE-20338
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-05-01 12:05:40 -07:00
Sojan Jose
a5ab8201c6 fix: [Snyk] Fix for 1 vulnerabilities (#9316) 
fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-SIDEKIQ-6689289

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-04-29 14:24:06 +05:30
Pranav
ffd47081bd chore(cleanup): Delete sentiment feature (#9304) 
- The feature is unused, removing it for now, will bring it back with better models later.
 2024-04-25 22:49:10 -07:00
Sojan Jose
ade658ad86 chore: [Snyk] Fix for 1 vulnerabilities (#9229) 
fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-04-15 14:07:37 -07:00
Sojan Jose
6b7a707fef chore: Security upgrade omniauth-google-oauth2 from 1.1.1 to 1.1.2 (#9173) 
fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-04-03 20:22:46 +05:30
Pranav
dca14ef82d fix: Downgrade rack-cors to 2.0.0 to fix CVE-2024-27456 (#9032) 2024-02-27 20:20:59 -08:00
Sojan Jose
ab56374b2f chore: Fix Bundle Audit Breakages (#9016) 
Name: actionpack
Version: 7.0.8
CVE: CVE-2024-26143
Criticality: Unknown
URL: https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947

-----

Name: rack
Version: 2.2.8
CVE: CVE-2024-25126
Criticality: Unknown
URL: https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941
 2024-02-26 15:25:21 +05:30
dependabot[bot]
8b5735c915 chore(deps): bump grpc from 1.54.0 to 1.54.3 (#8906) 
Bumps [grpc](https://github.com/google/grpc) from 1.54.0 to 1.54.3.
- [Release notes](https://github.com/google/grpc/releases)
- [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md)
- [Commits](https://github.com/google/grpc/compare/v1.54.0...v1.54.3)

---
updated-dependencies:
- dependency-name: grpc
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-12 12:52:45 +05:30
dependabot[bot]
47c0decf1e chore(deps): bump nokogiri from 1.16.0 to 1.16.2 (#8861) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.16.0 to 1.16.2.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.16.0...v1.16.2)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-06 09:47:16 +04:00
Vishnu Narayanan
17cb788193 fix: Upgrade gmail_xoauth gem to 0.4.3 (#8817) 2024-01-30 11:11:38 -08:00
Pranav Raj S
12916ceca6 fix: Capture delivery errors to avoid false positives (#8790) 
The system did not detect the delivery errors earlier, resulting in some false positives. The user was not informed when an email failed to be delivered. While we do handle failure status in other channels, we were not able to capture the actual delivery status for the email channel.

This pull request makes the following changes:

- Updated the class EmailReplyWorker to use the deliver_now method instead of deliver_later. This change is made to raise any errors that may occur with the SMTP connection. The errors are then captured and sent to Sentry, and the email is marked as failed. Previously, we did not consider the case of retries in the email channel, so this feature is currently not functioning. So, I have disabled the retry option. We will address this in a follow-up ticket.
- Downgraded the net-smtp gem to version 0.3.4. This change is made to avoid an argument error when using XOAUTH2.

Fixes: https://linear.app/chatwoot/issue/CW-3032/argumenterror-wrong-authentication-type-xoauth2-argumenterror
 2024-01-26 14:22:18 +04:00
Sojan Jose
59184122f7 fix: [Snyk] Security upgrade administrate from 0.19.0 to 0.20.1 (#8741) 
-  Upgrade  administrate  gem to latest
- Update the `show` partial with changes from upstream
 2024-01-25 17:33:21 +04:00
Sojan Jose
d2c5c2f9a3 chore: [Snyk] Security upgrade sidekiq from 7.2.0 to 7.2.1 (#8748) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-01-22 13:12:26 +04:00
dependabot[bot]
e34ab5957f chore(deps): bump puma from 6.3.1 to 6.4.2 (#8663) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 16:51:30 -08:00
Sojan Jose
c6ecf80dff chore(synk): Upgrade administrate to fix 2 vulnerabilities (#8625) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
 2024-01-04 13:38:03 -08:00
Sojan Jose
c29b77c214 chore(snyk): Security upgrade factory_bot_rails from 6.4.2 to 6.4.3 (#8628) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-01-04 10:47:48 -08:00
Sojan Jose
1ddb73ea97 chore(security): Security upgrade omniauth from 2.1.1 to 2.1.2 (#8591) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-12-20 13:38:34 -08:00
Sojan Jose
03ebb6947b chore(synk): Upgrade sentry-rails from 5.13.0 to 5.14.0 (#8420) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
 2023-12-10 22:00:17 -08:00
Sojan Jose
c53591f049 chore(snyk): Security upgrade sidekiq-cron from 1.11.0 to 1.12.0 (#8523) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
 2023-12-10 21:59:12 -08:00
Sojan Jose
2ae9bbb24e chore(snyk): Security upgrade factory_bot_rails from 6.2.0 to 6.4.2 (#8371) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
 2023-12-10 20:43:58 -08:00
Sojan Jose
38240a68aa [Snyk] Security upgrade rack-mini-profiler from 3.1.1 to 3.2.0 (#8508) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-12-10 15:02:59 -08:00
Sojan Jose
e750ee6d28 chore: [Snyk] Security upgrade administrate-field-active_storage from 0.4.2 to 1.0.0 (#8382) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-11-20 19:42:54 -08:00
Sojan Jose
59ace66c6f chore: [Snyk] Fix for vulnerabilities (#8340) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-11-17 15:24:00 -08:00
Sojan Jose
decef1ad52 chore: Add rails_panel gem for query debugging (#8370) 2023-11-18 02:30:35 +05:30
Sojan Jose
f891cfbf47 chore: [Snyk] Security upgrade sidekiq-cron from 1.10.1 to 1.11.0 (#8294) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-11-08 10:32:04 +05:30
Sojan Jose
66229b0d6b chore: [Snyk] Security upgrade audited from 5.4.0 to 5.4.1 (#8305) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-11-07 17:45:32 -08:00
Pranav Raj S
1e70223ed7 chore: Upgrade Cypress to 13.4.0 (#8271) 2023-10-31 19:39:34 -07:00
Sojan Jose
f34cd3ea61 chore: [Snyk] Security upgrade newrelic-sidekiq-metrics from 1.6.1 to 1.6.2 (#8254) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-10-31 18:24:18 -07:00
Sojan Jose
7b09fa4a03 chore(snyk): Upgrade gems to fix SNYK-RUBY-RACK-1061917 (#8104) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-10-13 09:24:50 +05:30
Muhsin Keloth
26e8877cd9 feat: Support link unfurling for all the channels within the same connected channel account. (#8033) 2023-10-08 17:55:03 +05:30
Sojan Jose
d8b53f5d2f chore: [Snyk] Security upgrade audited from 5.3.3 to 5.4.0 (#8023) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-09-30 19:49:03 -07:00
Sojan Jose
dd0930d75e chore: Improve search in super admin panel (#7952) 
Co-authored-by: Vishnu Narayanan <vishnu@chatwoot.com>
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
 2023-09-22 19:41:13 +05:30
Sojan Jose
cb07ac16d1 chore: [Snyk] Fix for 1 vulnerabilities (#7906) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-09-12 18:03:58 -07:00
Sojan Jose
272f920811 chore: [Snyk] Security upgrade rails from 7.0.7.2 to 7.0.8 (#7888) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-09-11 19:12:38 -07:00
Sojan Jose
4acb824857 chore: [Snyk] Fix for 1 vulnerabilities (#7870) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-09-06 18:36:32 -07:00
Sojan Jose
99bb074656 chore: Security upgrade web-console from 4.2.0 to 4.2.1 (#7864) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-09-06 11:31:05 +05:30
Sojan Jose
4cbb3208e8 chore: Revert gem update (#7792) 
- updating redis client caused deployment issues in Heroku, hence reverting to prev version until its resolved
 2023-08-24 01:08:34 -07:00
Sojan Jose
acb7debd3f chore: Contact import improvements (#7787) 
- Ensure existing contact information is updated on data import
- Refactor the existing job to make it more readable
- Fixes issues with import files in the wrong encoding
fixes: #7307
 2023-08-23 23:24:47 -07:00
Shivam Mishra
24468d71fb feat: update rails (#7786) 
Bump up rails
 2023-08-23 13:45:55 -07:00
dependabot[bot]
22421b5ac8 chore(deps): bump puma from 6.2.2 to 6.3.1 (#7765) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shivam Mishra <scm.mymail@gmail.com>
 2023-08-21 13:09:20 +07:00
dependabot[bot]
b5dec067a1 chore(deps): bump commonmarker from 0.23.9 to 0.23.10 (#7695) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-08 14:25:42 -07:00
Sojan Jose
7f0ca8b15d fix: Security upgrade rack-mini-profiler from 3.1.0 to 3.1.1 [Snyk] (#7657) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-08-07 14:09:28 -07:00
Sojan Jose
c084ad5a68 [Snyk] Security upgrade lograge from 0.12.0 to 0.13.0 (#7635) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-08-04 16:56:11 -07:00
Sojan Jose
2d07577731 fix: [Snyk] Security upgrade rack-attack from 6.6.1 to 6.7.0 (#7625) 
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2023-07-27 09:06:56 +03:00
Sojan Jose
480f34803b feat: Response Bot using GPT and Webpage Sources (#7518) 
This commit introduces the ability to associate response sources to an inbox, allowing external webpages to be parsed by Chatwoot. The parsed data is converted into embeddings for use with GPT models when managing customer queries.

The implementation relies on the `pgvector` extension for PostgreSQL. Database migrations related to this feature are handled separately by `Features::ResponseBotService`. A future update will integrate these migrations into the default rails migrations, once compatibility with Postgres extensions across all self-hosted installation options is confirmed.

Additionally, a new GitHub action has been added to the CI pipeline to ensure the execution of specs related to this feature.
 2023-07-21 18:11:51 +03:00