Add is_required field to the EnvironmentVariable model's fillable
array to allow mass assignment. Include comprehensive tests to verify
all fillable fields are properly configured for mass assignment.
- Add authorization checks ($this->authorize) for all read/write operations
- Use customApiValidator() instead of Validator::make() to match codebase patterns
- Add extra field rejection to prevent mass assignment
- Use Application::ownedByCurrentTeamAPI() for consistent query patterns
- Remove non-existent standalone_postgresql_id from hidden fields
- Add execution listing endpoints for both applications and services
- Add ScheduledTaskExecution OpenAPI schema
- Use $request->only() instead of $request->all() for safe updates
- Add ScheduledTaskFactory and feature tests
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Implemented Openclaw service in Service.php to manage environment variables and passwords.
- Added Openclaw SVG icon for branding.
- Created openclaw.yaml for Docker Compose configuration, including necessary environment variables and volume mappings.
- Updated service-templates-latest.json and service-templates.json to include Openclaw service details and metadata.
Prevent double-escaping of COMPOSER_AUTH and other JSON environment variables
by detecting valid JSON objects/arrays in realValue() and skipping quote
escaping entirely. This fixes broken JSON values passed to runtime services
while maintaining proper escaping for non-JSON values.
- Add JSON detection before escaping logic in EnvironmentVariable::realValue()
- JSON objects/arrays pass through unmodified, avoiding quote corruption
- Add comprehensive test coverage for JSON vs non-JSON escaping behavior
- raw sql should not be used whenever possible
- using sql to order on the relationship environment_variables() causes custom sorting to break or be additionally complicated
Replace in-memory filtering with database-level query in
Server::destinationsByServer(). Previously loaded all team servers
into memory before filtering by ID. Now uses findOrFail() to query
directly at the database level.
Add email observability platform Sessy to the service catalog with auto-generated HTTP Basic Auth credentials and SQLite storage.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Wraps inline chart initialization scripts in IIFEs to create local scope for variables. This prevents "Identifier has already been declared" errors when Livewire's SPA navigation re-executes scripts, allowing smooth navigation between metrics pages without page refresh.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
- Remove unused $server property and Server import from Advanced.php
- Add proper import for UpdateStripeCustomerEmailJob in User.php
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Adjusted indentation and formatting for better code clarity.
- Simplified conditional statements and removed unnecessary null checks.
- Enhanced user interface elements for Docker Compose and Dockerfile configurations.
- Improved handling of deployment commands and network settings.
- Updated helper texts for better user guidance.
- Include sessionTeamId in currentTeam() cache key to prevent stale
team data when users switch teams
- Update refreshSession() to use new cache key format
- Remove redundant routeIs('settings.index') check since settings.*
already matches it
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix currentTeam() to return null instead of crashing when no session
- Fix role() to use $this->currentTeam() instead of global helper
- Add roleInTeam() method for explicit team context
- Remove unused otherTeams() method
- Fix InviteLink authorization bypass when role() returns null
- Fix confirmEmailChange() null safety for currentTeam()
- Fix ActivityMonitor to handle null currentTeam with fallback chain
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Fix isInstanceAdmin(), currentTeam(), otherTeams(), and role() methods
to operate on the actual User instance instead of always using the
authenticated user. This ensures correct behavior when these methods
are called on non-authenticated user instances (e.g., in ActivityMonitor).
Also fix settings route check to use routeIs() instead of path matching.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Make Server property nullable in Settings components (Index, Advanced, Updates)
- Add conditional server loading: only load when not on cloud
- Add null checks before using server for DNS validation and proxy configuration
- Fix isInstanceAdmin() to check root team's pivot role directly instead of current team
- Make root team (id=0) bypass subscription check on cloud
- Remove isInstanceAdmin() from main middleware bypass: only settings/admin routes are exempted
- Update isSubscribed() to only check isSubscriptionActive() for navbar consistency
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
- Wrap return values in collect() to maintain Collection compatibility
- Add comment explaining threshold <= 2 prevents division by zero
- Refactor tests to use actual Server model method via reflection
- Use seeded mt_rand() for reproducible test results
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implement the Largest-Triangle-Three-Buckets (LTTB) algorithm to downsample
metrics data for large time intervals (30 days generates 260K-500K+ points).
Reduces rendered points to ~1000 while preserving visual accuracy of peaks
and valleys. Fixes unresponsive page when selecting 30-day metrics interval.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Add comment field support to the "New Shared Variable" modal, ensuring it's saved properly for both normal and shared environment variables at all levels (Team, Project, Environment).
Changes:
- Add comment property, validation, and dispatch to Add component (Livewire & view)
- Update saveKey methods in Team, Project, and Environment to accept comment
- Replace SharedEnvironmentVariable model's $guarded with explicit $fillable array
- Include comment field in creation flow for all shared variable types
The comment field (max 256 chars, optional) is now available when creating shared variables and is consistently saved across all variable types.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Replace permissive $guarded = [] with explicit $fillable array for better security and clarity. The fillable array includes all 13 fields that are legitimately mass-assignable:
- Core: key, value, comment
- Polymorphic relationship: resourceable_type, resourceable_id
- Boolean flags: is_preview, is_multiline, is_literal, is_runtime, is_buildtime, is_shown_once, is_shared
- Metadata: version, order
Also adds comprehensive test suite (EnvironmentVariableMassAssignmentTest) with 12 test cases covering:
- Mass assignment of all fillable fields
- Comment field edge cases (null, empty, long text)
- Value encryption verification
- Key mutation (trim and space replacement)
- Protection of auto-managed fields (id, uuid, timestamps)
- Update method compatibility
All tests passing (12 passed, 33 assertions).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add comment field to EnvironmentVariable model and database
- Update parseEnvFormatToArray to extract inline comments from env files
- Update Livewire components to handle comment field
- Add UI for displaying and editing comments
- Add tests for comment parsing functionality
