Skip to content

[pull] master from mattermost:master #402

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
pull wants to merge 8,035 commits into
base: master
from
Open

[pull] master from mattermost:master #402

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8035 commits
Select commit Hold shift + click to select a range
ad35eba
Added nil checks (#35755)
harshilsharma63 Apr 6, 2026
0ca124f
Fixed a bug where attachment-only post would send on enter when when …
harshilsharma63 Apr 6, 2026
ca72686
MM-67743 Fixing styling issues in Browse Channels modal (#35772)
avasconcelos114 Apr 6, 2026
f68557c
Fix Enterprise Advanced upsell messaging for Enterprise licenses (#35…
marianunez Apr 6, 2026
e694e86
MM-68204: Use multi-level logging for shared channel and remote clust…
wiggin77 Apr 6, 2026
1c26ab9
test(enzyme migration): final bulk migration, removed enzyme dependen…
saturninoabril Apr 7, 2026
6662021
Update latest minor version to 11.7.0 (#35964)
unified-ci-app[bot] Apr 7, 2026
087b20d
E2E | Fix mock server response for translations (#35929)
yasserfaraazkhan Apr 7, 2026
252eb96
Update docs-impact workflow to keep stale comment instead of deleting…
esarafianou Apr 7, 2026
faa7d75
Improved processing of attachments (#35854)
avasconcelos114 Apr 7, 2026
e2e7aed
Add prepackaged version of github plugin v2.7. (#35968)
Apr 7, 2026
83819e3
Specify target Safari version as a string (#35955)
hmhealey Apr 7, 2026
540ccc5
MM-68179: Run sendLoop workers on all HA nodes (#35909)
wiggin77 Apr 7, 2026
8eb9863
Redact password reset token from audit log (#35911)
jgheithcock Apr 7, 2026
cf40f44
Markdown message preview fixed (#34942)
Aryakoste Apr 7, 2026
7dccd6e
MM-68199: Fix shared channel membership sync error for local users (#…
wiggin77 Apr 7, 2026
9075204
Add demo plugin E2E tests for hook toggle and crash recovery (#35337)
DHaussermann Apr 8, 2026
9a412c5
MM-67946 Added entity decoding to message attachments (#35667)
avasconcelos114 Apr 8, 2026
12aedfd
Simplify Apple Silicon docker-compose support (#35975)
lieut-data Apr 8, 2026
5b76fb1
MM-67647: Rename shared_channel_manager roles to follow system_ prefi…
wiggin77 Apr 8, 2026
220cd72
MM-66887 Fix results in Invite to Team modal (#35936)
hmhealey Apr 8, 2026
f9b6989
Remove babel-plugin-typescript-to-proptypes and use of prop-types fro…
hmhealey Apr 8, 2026
fba382d
feat(test analysis): using reusable workflow (#35852)
saturninoabril Apr 8, 2026
c303dd8
fix: test analysis (#35986)
saturninoabril Apr 8, 2026
993c3cb
fix: test analysis override (#35987)
saturninoabril Apr 8, 2026
71ca373
Generate instead of hard-coding test passwords, enforce new minimum f…
lieut-data Apr 8, 2026
6fdef8c
ci: enable fullyparallel mode for server tests (#35816)
pavelzeman Apr 9, 2026
fc9d3be
Strip remote_id field from user patch API requests (#35910)
jgheithcock Apr 9, 2026
010aad6
Fixed a bug where signup link showed up when signup was disabled (#35…
harshilsharma63 Apr 9, 2026
1c093d3
Upgraded board prepackaged version to v9.2.4 (#35969)
Rajat-Dabade Apr 9, 2026
d1ca297
Revert "Strip remote_id field from user patch API requests (#35910)" …
pavelzeman Apr 9, 2026
cf102af
ci: disable fullyparallel for binary parameters job (#35995)
pavelzeman Apr 9, 2026
6878d09
refactor(brand_image_setting): migrate BrandImageSetting to a functio…
Victor-Nyagudi Apr 9, 2026
f441b34
Fix interactive dialog bugs: dynamic select lookups, radio values, fi…
sbishel Apr 9, 2026
2be57a7
adds team member data sanitizing (#35562)
carlisgg Apr 9, 2026
860df69
ci: re-enable server test coverage with 4-shard parallelism (#35743)
pavelzeman Apr 9, 2026
78b2980
fix: remove duplicate allow-failure input in server test template (#3…
pavelzeman Apr 9, 2026
c96d215
Translations update from Mattermost Weblate (#35966)
weblate Apr 10, 2026
a244c17
Fixed URL validation for integration actions (#35857)
harshilsharma63 Apr 10, 2026
5476f69
[MM-68048] Add focus/blur listeners for popouts to determine focused …
devinbinnie Apr 10, 2026
1574bda
Server: Docs label prompt fix (#36020)
amyblais Apr 10, 2026
4d028d5
Support Elasticsearch v9 alongside v8 (#35781)
lieut-data Apr 10, 2026
f3c2e52
Bumping prepackaged zoom version to 1.13.0 (#35998)
avasconcelos114 Apr 10, 2026
73c6e6a
MM-68258 Remove `system_secure_connection_manager` role (#36009)
wiggin77 Apr 10, 2026
008373a
fix: add explicit permission grant in team members test (#36007)
pavelzeman Apr 10, 2026
f83d32e
Strip remote_id field from user patch API requests (#36008)
jgheithcock Apr 10, 2026
1793982
Update msgpack fork dependency (#35988)
calebroseland Apr 10, 2026
8f45806
MM-63588: Add e2e tests for System Console User Attributes (#35931)
jgheithcock Apr 11, 2026
b3a0ad9
Fix FIPS-incompatible passwords and config in e2e test suites (#36001)
lieut-data Apr 13, 2026
a2a896a
MM-67433: Elasticsearch health monitor (#35747)
agarciamontoro Apr 13, 2026
f2a964f
fix(cypress): demo plugin (#36056)
saturninoabril Apr 13, 2026
4dcf691
feat: automatically trigger fips e2e tests for relevant prs (#36014)
saturninoabril Apr 13, 2026
8e14c8e
MM-67505 Add AnalyticsQueryTimeout setting and use when refreshing ma…
hmhealey Apr 13, 2026
28dffaa
MM-68235: Rename user-visible "Custom Profile Attributes" to "User At…
jgheithcock Apr 13, 2026
e3b2b0a
Improve CJK handling in autocompletes and Find Channels modal and usi…
hmhealey Apr 13, 2026
2fb38fe
[MM-68266] Pass through menu props to popout menu item, guard at menu…
devinbinnie Apr 13, 2026
161f071
MM-66612: Add health flag to fast-fail when ES is offline (#35843)
agarciamontoro Apr 13, 2026
e7b60bb
MM-67291: ES health metric (#35844)
agarciamontoro Apr 13, 2026
ed80e8b
Shared channel UI for channel admins (#35448)
larkox Apr 14, 2026
baea603
Updated sharedchannel test package dependencies to match those in ser…
harshilsharma63 Apr 14, 2026
01219ef
[MM-68037] Managed Sidebar Categories (MVF) (#35935)
devinbinnie Apr 14, 2026
5af77b7
MM-67095: Hide Workspace Optimization for cloud-licensed workspaces (…
nickmisasi Apr 14, 2026
2b2ae47
test: clean up channel store data after TestChannelStore (#36066)
lieut-data Apr 14, 2026
9be83a9
Fix command injection in server-test-template workflow (#36080)
lieut-data Apr 14, 2026
88954db
[MM-63434] Use forked PDF library with parsing depth limit (#35947)
jgheithcock Apr 14, 2026
fff3820
fix(ci): restore testname format in sharded gotestsum runs (#36078)
lieut-data Apr 14, 2026
c3ab0f7
MM-68191: Add plugin Receive APIs for shared channel sync (#35962)
wiggin77 Apr 14, 2026
0f2c167
Add pluggable AI actions menu with custom prompts extension point (#3…
crspeller Apr 14, 2026
3cb0084
Add COALESCE guard for property values before PSAv2 migrations (#36079)
mgdelacroix Apr 14, 2026
b712595
Fixed the UI for compact mode file editing (#35878)
harshilsharma63 Apr 15, 2026
9fa8c8c
Add bulk set (replace) channel memberships API endpoint (#36031)
wiggin77 Apr 15, 2026
c66bb0e
[MM-68109] Introduce new policy version v0.3 (#35904)
isacikgoz Apr 15, 2026
bff3577
chore(playwright): upgrade to v1.59 and to typescript@6.0 (#36071)
saturninoabril Apr 15, 2026
0fcf3b5
Update docs-impact-review.yml (#36105)
amyblais Apr 15, 2026
62d0ab6
[GH-29948] [GH-32467] Avoid fetching resources requiring a license if…
KuSh Apr 15, 2026
d4d65c8
Add manage_own_agent and manage_others_agent permissions (#35924)
nickmisasi Apr 15, 2026
455815a
Update permission_system_scheme_settings snapshots (#36121)
nickmisasi Apr 15, 2026
80b9778
Feature mm 64509 team admin abac channels (#36061)
pvev Apr 15, 2026
beb9618
[MM-68183] Permission policies (#36003)
isacikgoz Apr 16, 2026
d165799
add override for e2e test on fips (#36128)
saturninoabril Apr 16, 2026
7bd18f5
fix(editor): restore focus to main textbox after editing a post (#35518)
Br1an67 Apr 16, 2026
ab0a579
SEC-10098 E2E/Cypress chore(cypress): upgrade to v15.13 and to typesc…
saturninoabril Apr 16, 2026
034799c
Fixed a bug where user profile popover closed automatically when open…
harshilsharma63 Apr 16, 2026
d2848a8
MM-68274 - Adding watermarking toggle in server (#36025)
asaadmahmood Apr 16, 2026
49f3c74
Bumping prepackaged MS Calendar plugin version to v1.6.1 (#36137)
avasconcelos114 Apr 16, 2026
a21e25e
MM-68352 - update permission policy ff correctly checks in tests (#36…
pvev Apr 16, 2026
faf1118
Update en.json (#36139)
amyblais Apr 16, 2026
983ea5a
MM-68356 - ensure files are stripped when session is nil for fail-sec…
pvev Apr 16, 2026
dc72419
MM-68276: Apply default values for plugin settings inside sections (#…
agarciamontoro Apr 16, 2026
846e45a
[MM-68103] Add channel banner to thread view (#35942)
davidkrauser Apr 16, 2026
f6341a1
MM-68247 Move user agent utilities into shared package and clean it u…
hmhealey Apr 16, 2026
23ab604
ci: pin enterprise repo to explicit commit hash (#35957)
pavelzeman Apr 17, 2026
588ee42
MM-68155: Add tooltip for urgent mention badges (#35912)
jgheithcock Apr 17, 2026
41e59bf
Update Agents plugin to v2.0.0-rc3 (#36157)
crspeller Apr 17, 2026
66461e7
[MM-67949] Harden notification email filename rendering (#36082)
nickmisasi Apr 17, 2026
73100fc
Bump Boards FIPS version to v9.2.4 (#36165)
agarciamontoro Apr 17, 2026
bf84301
MM-38308 Remove remaining support for IE and pre-Chromium Edge (#36034)
hmhealey Apr 17, 2026
0c99cc3
Add Playwright E2E tests for demo plugin server-side slash commands (…
DHaussermann Apr 20, 2026
8cd48d4
[MM-67880] Add /mobile-logs slash command (#35658)
Willyfrog Apr 20, 2026
978b038
chore: Update NOTICE.txt file with updated dependencies (#36184)
unified-ci-app[bot] Apr 20, 2026
827fafc
MM-68367: Warn in System Console when cluster sniffing is enabled (#3…
lieut-data Apr 20, 2026
c8f0a31
ci: move FIPS and binary params tests to weekly schedule (#36036)
pavelzeman Apr 20, 2026
5b810f9
fix(tests): re-enable 10 flaky tests across 12 JIRA tickets (#36159)
pavelzeman Apr 20, 2026
9c8191c
ci: add yamllint workflow to detect duplicate YAML keys (#36010)
pavelzeman Apr 20, 2026
39d25d9
MM-68259 Fixing text and emojis being clipped in channel banners (#36…
avasconcelos114 Apr 21, 2026
9aae84b
[MM-67981] Add process ID (PID) to support packet diagnostics (#35832)
hanzei Apr 21, 2026
52fa113
[MM-67977] Add Go runtime version to support packet diagnostics (#35833)
hanzei Apr 21, 2026
bfaff4d
Add server/AGENTS.md (#35903)
lieut-data Apr 21, 2026
848ceb3
[MM-67978] Add open file descriptor count to support packet diagnosti…
hanzei Apr 21, 2026
58052db
[MM-67976] Add server uptime to support packet (#35838)
hanzei Apr 21, 2026
0431659
[MM-68237] Unshare channels when remote is removed (#35997)
larkox Apr 21, 2026
66502c2
MM-68047: Hide update status button in RHS post header (#36120)
nickmisasi Apr 21, 2026
d3ecc09
MM-67782: Fetch group members on popover open to fix empty member lis…
nickmisasi Apr 21, 2026
67a645d
MM-68378: Fix silent bulk failures in OpenSearch/Elasticsearch indexe…
lieut-data Apr 21, 2026
ef80288
MM-68160: Fix post reminder confirmation not appearing for replies in…
nickmisasi Apr 21, 2026
2d7a71b
ci: fix startup_failure in nightly race and weekly workflows (#36198)
pavelzeman Apr 21, 2026
3fa8776
[MM-68100] Implement Linked Properties for the Property System (#35808)
davidkrauser Apr 21, 2026
29bab21
e2e: adjust some pipeline settings (#36178)
NARSimoes Apr 21, 2026
50b8e10
Quick fixes for docs label automation (#36185)
amyblais Apr 22, 2026
863d581
Update Agents plugin to v2.0.0-rc5 (#36207)
crspeller Apr 22, 2026
694e6f4
fix: bot import panic when user exists without bot record (#36072)
fmartingr Apr 22, 2026
8d169e9
Rename system statistics sidebar label (#36179)
marianunez Apr 22, 2026
65500cc
MM Build 2025 - Skadoosh - Serve plugin metrics to standard /metrics …
cpoile Apr 22, 2026
b63e320
docs: document enterprise.pin workflow in root AGENTS.md (#36200)
lieut-data Apr 22, 2026
b82cfe1
ci: collect coverage inline on Postgres job, remove duplicate Coverag…
lieut-data Apr 22, 2026
e5a7230
ci: fix cypress statuses perms (#36220)
NARSimoes Apr 22, 2026
435a6d1
Surface WebSocket event context in oversized cluster publish message …
lieut-data Apr 22, 2026
7627784
Require sysadmin permission to create templates (#36217)
davidkrauser Apr 22, 2026
e8c9e52
Fix silent test discovery failure in sharded CI (#36222)
davidkrauser Apr 23, 2026
ee9938f
[MM-68162] Allow only "in" operator for multiselect type attributes i…
isacikgoz Apr 23, 2026
795672f
Raise shard-split HEAVY_MS above sqlstore timing (#36233)
hanzei Apr 23, 2026
0b1d172
[MM-67975] Add container CPU and memory limits to support packet diag…
hanzei Apr 23, 2026
93ab9a4
[MM-68351] Fix nil pointer panic in mmctl websocket command on connec…
hanzei Apr 23, 2026
6bb9c58
MM-67352 Prevent composer scroll jumps on formatting click (#36081)
nickmisasi Apr 23, 2026
bc9c69b
MM-66082: Fix paste into Invite People modal (#36201)
marianunez Apr 23, 2026
9d33d87
Fix Managed Category creatable input color on dark themes (#36242)
devinbinnie Apr 23, 2026
3f97021
Keep recap menu available after read (#35547)
nickmisasi Apr 23, 2026
c021eea
MM-68439 Centralize filename handling for FileInfo (#36223)
wiggin77 Apr 23, 2026
1911e18
Fix invite modal input text clipping and modal width overflow (#36241)
marianunez Apr 23, 2026
6ce4db6
Skip sqlstore DB setup during go test -list discovery (#36249)
davidkrauser Apr 24, 2026
9c684e6
Property System v2 Generic APIs blacklist (#36171)
mgdelacroix Apr 24, 2026
5817a6d
Simplify PULL_REQUEST_TEMPLATE.md and document it in AGENTS.md (#36239)
lieut-data Apr 24, 2026
46624d1
[MM-68231] Tighten post info authorization (#36111)
nickmisasi Apr 24, 2026
1ed4d02
Fix FIPS test failures by using model.NewTestPassword() for short pas…
lieut-data Apr 24, 2026
9eb070b
Reorder channel banner (#36268)
davidkrauser Apr 24, 2026
5b4efbd
Remove unused property fields index (#36279)
mgdelacroix Apr 27, 2026
dda4bb1
Mm 68353 show placeholder for redacted files in preview (#36153)
pvev Apr 27, 2026
24f9da3
Update docs-impact-review.yml (#36260)
amyblais Apr 27, 2026
95f1f32
Fixing weblate (#36283)
ctlaltdieliet Apr 27, 2026
291c7cd
MM-68378: Fix empty error fields and spurious failures for OS/ES bulk…
lieut-data Apr 27, 2026
5e42f6f
Fix web app run script crashing (#36271)
hmhealey Apr 27, 2026
1af7d82
Remove AGENTS.CLOUD.md (#36286)
nickmisasi Apr 27, 2026
6bb804c
ci: treat HTTP 429 as a warning in check-external-links (#36221)
lieut-data Apr 27, 2026
f8bf924
MM-67319/MM-67320 Move ShortcutKey and WithTooltip into shared packag…
hmhealey Apr 27, 2026
6103e95
ci: resolve enterprise branch from mattermost merge-base time (#36245)
lieut-data Apr 27, 2026
016e2fd
ci: compile mmctl e2e tests with requirefips when FIPS_ENABLED=true (…
lieut-data Apr 28, 2026
45ec78b
[MM-68457] Expose audit logging API via pluginapi.Client (#36232)
hanzei Apr 28, 2026
81d4fe3
MM-68339: Add XML struct tags and multi-remote registration for share…
wiggin77 Apr 28, 2026
2283b51
MM-67974: Add disk space info to Support Packet for local file store …
hanzei Apr 28, 2026
5c43e4b
[MM-68459] Implement dictionary style end user indicators for members…
isacikgoz Apr 28, 2026
c85601d
[MM-67979] [MM-67980] Add SMTP and push proxy connectivity status to …
hanzei Apr 28, 2026
bd8fc92
MM-68526: Harden remote cluster patch response (#36288)
marianunez Apr 28, 2026
c79c383
MM-68264: return error on bot username conflict (#36064)
calebroseland Apr 28, 2026
fdaea9d
MM-68339: slugify RemoteCluster.Name in plugin registration (#36309)
wiggin77 Apr 28, 2026
2b7b398
[MM-68102] Add Classification Markings admin console page (#35934)
davidkrauser Apr 28, 2026
85dc085
[MM-68535] Invalidate channel cache after policy assignment (#36292)
isacikgoz Apr 28, 2026
320383d
MM-67326 - add channel settings abac e2e (#36277)
pvev Apr 29, 2026
f275a33
MM-67913: fix white flash on product navigation by centralizing app__…
nickmisasi Apr 29, 2026
641d5a4
[MM-68538] Wrap incoming query from the CEL -> SQL conversion with pa…
isacikgoz Apr 29, 2026
c2ec9e9
Add stronger EnableTesting warnings (#36158)
nickmisasi Apr 29, 2026
6c0e0fe
[MM-68464] Introduce system object type for property fields and value…
davidkrauser Apr 29, 2026
4da11e8
[MM-68497] Enables membership policies on public channels with adviso…
isacikgoz Apr 29, 2026
ba9c96a
fix: detect ADFS when IdpDescriptorURL has no trailing slash (#36333)
hanzei Apr 30, 2026
b0b9f2e
MM-68499 - auto run sync jobs on team admin abac policy creation (#36…
pvev Apr 30, 2026
797c737
Avoid setting an empty value on slash command IconURL (#36327)
mgdelacroix Apr 30, 2026
1cb4653
Update Agents plugin to v2.0.0 (#36336)
crspeller Apr 30, 2026
e70e8c0
Fix themed text colors in Invite Guest modal channel picker (#36299)
cursor[bot] Apr 30, 2026
cad4a45
Disable morph logging in NewTestPool (#36308)
lieut-data Apr 30, 2026
8d7507b
Update Agents plugin FIPS version to v2.0.0 (#36344)
agarciamontoro Apr 30, 2026
082f6ba
Prepackage Agents plugin v2.0.2 (#36349)
nickmisasi Apr 30, 2026
1ead9ff
update buildserver go base image versions to 1.25.9 (#36348)
esarafianou May 1, 2026
01bb3dc
MM-64977: Fix channel switcher row overlap with long channel and team…
marianunez May 1, 2026
99b73d4
[MM-68393] Tighten protected role patch authorization (#36197)
nickmisasi May 1, 2026
035c3ba
Update go version to 1.25.9 (#36357)
cpoile May 1, 2026
7d6816a
MM-68382: Align team creation invite permission checks (#36188)
nickmisasi May 1, 2026
5bad893
Move interactive dialog date/datetime properties into datetime_conf…
sbishel May 1, 2026
0aa28f9
Fix the gap between trail branner and the button (#34688)
Rajat-Dabade May 1, 2026
ace28cd
[MM-67867] Update Playbooks plugin to v2.8.1 (#36361)
jgheithcock May 3, 2026
d4f147e
Data spillage deletion summary (#36018)
harshilsharma63 May 4, 2026
e5344bc
Update Agents plugin FIPS version to v2.0.2 (#36389)
agarciamontoro May 4, 2026
1b7b15b
MM-67931: Prepackage the FIPS flavour of Playbooks v2.8.1 (#36387) (#…
mattermost-build May 4, 2026
7ddf584
Removing Beta Label From Hungarian Language (#36386)
amyblais May 4, 2026
b7a97f4
ci: disable fullyparallel for unsharded weekly Postgres jobs (#36390)
esarafianou May 4, 2026
846791a
MM-68622: start inter-cluster services before plugin activation (#36366)
wiggin77 May 4, 2026
724c5b7
CPA Display Name Support (#36247)
marianunez May 4, 2026
154286f
fix: only run e2e tests for fips for versions v11+ (#36374)
saturninoabril May 4, 2026
49260c4
Prepackage mattermost-plugin-agents v2.0.3 (#36401)
nickmisasi May 4, 2026
022acb7
MM-68536: Show actual remote names in system console channel list (#3…
wiggin77 May 4, 2026
8f9b08f
MM-56762: Bookmarks overflow menu with drag-and-drop reordering (#35118)
calebroseland May 4, 2026
9e955bf
Edit attachment permission (#36227)
harshilsharma63 May 5, 2026
969ae19
MM-68500 - add AttributeValueMasking flag and HasMaskedValues field (…
pvev May 5, 2026
9bbe9ea
Update Agents plugin FIPS version to v2.0.3 (#36417)
agarciamontoro May 5, 2026
8c72083
MM-68547: Tighten authorization on group syncable link and patch endp…
marianunez May 5, 2026
357d1ef
MM-67982 Only focus mobile search box when search is opened (#36346)
hmhealey May 5, 2026
ebc066e
[MM-68273] Add system messages for share / unshare events (#36032)
larkox May 5, 2026
0502d6b
[MM-68655] Surface RPC errors from plugin hooks (#36414)
cpoile May 5, 2026
dd9d161
MM-68149: upgrade mattermost-server-build images to Go 1.26.2 (#36419)
lieut-data May 5, 2026
e436087
docs: clarify PR template rules in AGENTS.md (#36422)
lieut-data May 5, 2026
c787d06
MM-68494 Directly import WithTooltip/ShortcutKey from shared package …
hmhealey May 5, 2026
2b753c4
Remove unused GetChannelCounts store and app methods (#36351)
JulienTant May 5, 2026
71fb5b1
fix: tolerate concurrent update conflicts in content flagging migrati…
lieut-data May 6, 2026
7d1ee48
MM-68647: Fix Data Spillage reviewer pill background in dark mode (#3…
marianunez May 6, 2026
d5946e9
Update latest minor version to 11.8.0 (#36437)
unified-ci-app[bot] May 6, 2026
1a88e3b
Adds experimental label to the views endpoints (#36398)
mgdelacroix May 6, 2026
5124cc7
[MM-68590] Clarify membership policy UI copy (#36428)
isacikgoz May 6, 2026
97c3b53
MM-68532: default EnableSearchPublicChannelsWithoutMembership to true…
lieut-data May 6, 2026
ecf8a74
Add unread badge to Recaps sidebar link (#36246)
Willyfrog May 6, 2026
a6ea65b
Bumping prepackaged gitlab version to 1.12.2 (#36430)
avasconcelos114 May 6, 2026
34ef034
MM-68261 Add Button component to shared package (#36191)
hmhealey May 6, 2026
076beaf
Update interdependency between packages to 11.8.0 (#36449)
hmhealey May 6, 2026
6293e35
Translations update from Mattermost Weblate (#36404)
weblate May 6, 2026
e898ccd
MM-68397 Add shared package to STYLE_GUIDE.md (#36425)
hmhealey May 6, 2026
3b86b9e
refactor(color_input): migrate ColorInput to a function component (#3…
Victor-Nyagudi May 6, 2026
7f161bb
Lower default test console log level from stdlog to debug (#36455)
lieut-data May 6, 2026
c1ddd77
MM-68654 Add Button to the Component Library (#36412)
hmhealey May 6, 2026
10ad250
Split out buttonClassNames utility and use for most places Button isn…
hmhealey May 6, 2026
c110762
docs: import server/AGENTS.md from platform/AGENTS.md to ensure eager…
lieut-data May 7, 2026
870c2c6
Add root id to webhooks (#36415)
larkox May 7, 2026
5da794a
MM-68543 Invalidate active WebConn session cache on global session re…
marianunez May 7, 2026
b1e4442
Update jira prepackaged version (#36442)
nang2049 May 7, 2026
d9b0e27
Fix flaky TestPluginAPIUpdateUserPreferences (#36458)
cursor[bot] May 7, 2026
69fbaec
[MM-68496] Feature flag Managed Categories, expose Default Category N…
devinbinnie May 7, 2026
81f3af4
MM-67904 Fix inflated count in search results Messages tab (#36465)
mgdelacroix May 7, 2026
d1a4d74
MM-68589 add ever-member history lookup for ABAC sync (#36429)
isacikgoz May 7, 2026
826c2ce
fix(bookmarks): disable DnD with one item; don't open menu without ov…
calebroseland May 7, 2026
6d30bff
fix: use Blob with application/json type for client_perf sendBeacon (…
mgdelacroix May 7, 2026
97f0ad7
[MM-68697] Preserve sender file ID in plugin-relayed shared channel a…
wiggin77 May 8, 2026
91de3d2
SEC-10179 Integrate test system IO for Playwright and Cypress (#36376)
saturninoabril May 8, 2026
33ddd8a
fix: permission required by test-system-io actions (#36477)
saturninoabril May 8, 2026
c3322b3
fix: permission required by e2e test-system-io actions (#36478)
saturninoabril May 8, 2026
7795766
Update user active endpoint (#36469)
mgdelacroix May 8, 2026
e7c517b
Fix modal title line-height regression (#36452)
mgdelacroix May 8, 2026
5608992
Data spillage report generation (#36339)
harshilsharma63 May 8, 2026
3c792a0
MM-68433 - Fix DM/GM menu gating and header save in Channel Settings …
pvev May 8, 2026
40fe878
Fix compact mode: consecutive bot reply header floating incorrectly i…
mgdelacroix May 8, 2026
4a1fa5e
Fix autocomplete clipping when RHS is open (#36287)
cursor[bot] May 8, 2026
5504435
MM-68705 - Order-tolerant Shared Channel plugin API's for receiving a…
wiggin77 May 8, 2026
b052f34
E2E/Playwright: balance shard timing by enabling fullyParallel in CI …
yasserfaraazkhan May 8, 2026
e2700a9
test: mark autotranslation tests as fixme for quick green in ci and t…
saturninoabril May 10, 2026
52c400e
Update E2E test workflows to use context names and server images and …
saturninoabril May 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
The diff you're trying to view is too large. We only load the first 3000 changed files.
539 changes: 539 additions & 0 deletions .agents/skills/agent-browser/SKILL.md
View file
Open in desktop

Large diffs are not rendered by default.

199 changes: 199 additions & 0 deletions .agents/skills/agent-browser/references/authentication.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,199 @@
# Authentication Patterns

Login flows, session persistence, OAuth, 2FA, and authenticated browsing.

**Related**: [session-management.md](session-management.md) for state persistence details, [SKILL.md](../SKILL.md) for quick start.

## Contents

- [Basic Login Flow](#basic-login-flow)
- [Saving Authentication State](#saving-authentication-state)
- [Restoring Authentication](#restoring-authentication)
- [OAuth / SSO Flows](#oauth--sso-flows)
- [Two-Factor Authentication](#two-factor-authentication)
- [HTTP Basic Auth](#http-basic-auth)
- [Cookie-Based Auth](#cookie-based-auth)
- [Token Refresh Handling](#token-refresh-handling)
- [Security Best Practices](#security-best-practices)

## Basic Login Flow

```bash
# Navigate to login page
agent-browser open https://app.example.com/login
agent-browser wait --load networkidle

# Get form elements
agent-browser snapshot -i
# Output: @e1 [input type="email"], @e2 [input type="password"], @e3 [button] "Sign In"

# Fill credentials
agent-browser fill @e1 "user@example.com"
agent-browser fill @e2 "password123"

# Submit
agent-browser click @e3
agent-browser wait --load networkidle

# Verify login succeeded
agent-browser get url # Should be dashboard, not login
```

## Saving Authentication State

After logging in, save state for reuse:

```bash
# Login first (see above)
agent-browser open https://app.example.com/login
agent-browser snapshot -i
agent-browser fill @e1 "user@example.com"
agent-browser fill @e2 "password123"
agent-browser click @e3
agent-browser wait --url "**/dashboard"

# Save authenticated state
agent-browser state save ./auth-state.json
```

## Restoring Authentication

Skip login by loading saved state:

```bash
# Load saved auth state
agent-browser state load ./auth-state.json

# Navigate directly to protected page
agent-browser open https://app.example.com/dashboard

# Verify authenticated
agent-browser snapshot -i
```

## OAuth / SSO Flows

For OAuth redirects:

```bash
# Start OAuth flow
agent-browser open https://app.example.com/auth/google

# Handle redirects automatically
agent-browser wait --url "**/accounts.google.com**"
agent-browser snapshot -i

# Fill Google credentials
agent-browser fill @e1 "user@gmail.com"
agent-browser click @e2 # Next button
agent-browser wait 2000
agent-browser snapshot -i
agent-browser fill @e3 "password"
agent-browser click @e4 # Sign in

# Wait for redirect back
agent-browser wait --url "**/app.example.com**"
agent-browser state save ./oauth-state.json
```

## Two-Factor Authentication

Handle 2FA with manual intervention:

```bash
# Login with credentials
agent-browser open https://app.example.com/login --headed # Show browser
agent-browser snapshot -i
agent-browser fill @e1 "user@example.com"
agent-browser fill @e2 "password123"
agent-browser click @e3

# Wait for user to complete 2FA manually
echo "Complete 2FA in the browser window..."
agent-browser wait --url "**/dashboard" --timeout 120000

# Save state after 2FA
agent-browser state save ./2fa-state.json
```

## HTTP Basic Auth

For sites using HTTP Basic Authentication:

```bash
# Set credentials before navigation
agent-browser set credentials username password

# Navigate to protected resource
agent-browser open https://protected.example.com/api
```

## Cookie-Based Auth

Manually set authentication cookies:

```bash
# Set auth cookie
agent-browser cookies set session_token "abc123xyz"

# Navigate to protected page
agent-browser open https://app.example.com/dashboard
```

## Token Refresh Handling

For sessions with expiring tokens:

```bash
#!/bin/bash
# Wrapper that handles token refresh

STATE_FILE="./auth-state.json"

# Try loading existing state
if [[ -f "$STATE_FILE" ]]; then
agent-browser state load "$STATE_FILE"
agent-browser open https://app.example.com/dashboard

# Check if session is still valid
URL=$(agent-browser get url)
if [[ "$URL" == *"/login"* ]]; then
echo "Session expired, re-authenticating..."
# Perform fresh login
agent-browser snapshot -i
agent-browser fill @e1 "$USERNAME"
agent-browser fill @e2 "$PASSWORD"
agent-browser click @e3
agent-browser wait --url "**/dashboard"
agent-browser state save "$STATE_FILE"
fi
else
# First-time login
agent-browser open https://app.example.com/login
# ... login flow ...
fi
```

## Security Best Practices

1. **Never commit state files** - They contain session tokens

2. **Use environment variables for credentials**
```bash
agent-browser fill @e1 "$APP_USERNAME"
agent-browser fill @e2 "$APP_PASSWORD"
```

3. **Clean up after automation**
```bash
agent-browser cookies clear
rm -f ./auth-state.json
```

4. **Use short-lived sessions for CI/CD**
```bash
# Don't persist state in CI
agent-browser open https://app.example.com/login
# ... login and perform actions ...
agent-browser close # Session ends, nothing persisted
```
Loading