- Introduced optional keepalive settings: `keepalive_idle` and `keepalive_count` in the Server struct.
- Implemented UI controls for keepalive settings in System Settings, including validation and persistence.
- Added localization support for new keepalive fields in multiple languages.
- Created a manual test tracking plan for verifying keepalive controls and their behavior.
- Updated existing tests to cover new functionality and ensure proper validation of keepalive inputs.
- Ensured safe defaults and fallback behavior for missing or invalid keepalive values.
- Add API tests for validatePublicURL, testPublicURL, previewInviteURL
- Add UI tests for Public URL validation states and test button
- Add invite URL preview display and debouncing tests
- Increase frontend coverage from 34.85% to 87.7%
Addresses Codecov coverage gaps in PR #450
Closes coverage requirements for beta release
Coverage: 87.7% (1174 tests passing)
Add configurable public-facing URL setting to fix issue where invite emails
contained internal localhost addresses inaccessible to external users.
Features:
- New "Application URL" setting in System Settings (key: app.public_url)
- Real-time URL validation with visual feedback and HTTP warnings
- Test button to verify URL accessibility
- Invite preview showing actual link before sending
- Warning alerts when URL not configured
- Fallback to request-derived URL for backward compatibility
- Complete i18n support (EN, DE, ES, FR, ZH)
Backend:
- Created utils.GetPublicURL() for centralized URL management
- Added POST /settings/validate-url endpoint
- Added POST /users/preview-invite-url endpoint
- Updated InviteUser() to use configured public URL
Frontend:
- New Application URL card in SystemSettings with validation
- URL preview in InviteModal with warning banners
- Test URL button and configuration warnings
- Updated API clients with validation and preview functions
Security:
- Admin-only access for all endpoints
- Input validation prevents path injection
- SSRF-safe (URL only used in email generation)
- OWASP Top 10 compliant
Coverage: Backend 87.6%, Frontend 86.5% (both exceed 85% threshold)
Refs: #application-url-feature
- Added translation support using react-i18next in WafConfig and CrowdSecConfig components.
- Updated UI elements to use translation keys instead of hardcoded strings.
- Enhanced test coverage for i18n integration, including mocks for translation in tests.
- Fixed various test cases to align with new translation structure.
- Created a QA report for i18n implementation, noting validation of translation files and areas for improvement.
- Add comprehensive design token system (colors, typography, spacing)
- Create 12 new UI components with Radix UI primitives
- Add layout components (PageShell, StatsCard, EmptyState, DataTable)
- Polish all pages with new component library
- Improve accessibility with WCAG 2.1 compliance
- Add dark mode support with semantic color tokens
- Update 947 tests to match new UI patterns
Closes#409
- Created `qa-test-output-after-fix.txt` and `qa-test-output.txt` to log results of certificate page authentication tests.
- Added `build.sh` for deterministic backend builds in CI, utilizing `go list` for efficiency.
- Introduced `codeql_scan.sh` for CodeQL database creation and analysis for Go and JavaScript/TypeScript.
- Implemented `dockerfile_check.sh` to validate Dockerfiles for base image and package manager mismatches.
- Added `sourcery_precommit_wrapper.sh` to facilitate Sourcery CLI usage in pre-commit hooks.
- Removed the Cerberus toggle functionality from the Security page.
- Introduced a new feature flags section in the System Settings page to manage Cerberus and Uptime Monitoring features.
- Updated tests to reflect the changes in the Security and System Settings components.
- Added loading overlays for feature toggling actions.
docs: Modify security documentation to indicate Cerberus is enabled by default
test: Adjust frontend feature flag tests to align with new Cerberus flag
feat: Integrate feature flags into Layout component for conditional rendering
test: Enhance Layout component tests for feature flag visibility
feat: Implement Optional Features section in System Settings page
test: Add tests for Optional Features toggles in System Settings
fix: Remove unused Cerberus state from System Settings component
- Added functionality to select SSL Provider (Auto, Let's Encrypt, ZeroSSL) in the Caddy Manager.
- Updated the ApplyConfig method to handle different SSL provider settings and staging flags.
- Created unit tests for various SSL provider scenarios, ensuring correct behavior and backward compatibility.
- Enhanced frontend System Settings page to include SSL Provider dropdown with appropriate options and descriptions.
- Updated documentation to reflect new SSL Provider feature and its usage.
- Added QA report detailing testing outcomes and security verification for the SSL Provider implementation.
GitHub Actions
copilot-swe-agent[bot]