- Remove var_dump debug calls leaking API keys to stdout
- Stop embedding secret keys in HTML data attributes on upgrades
- Strip sensitive fields from sessionStorage install lock
- Quote hostPath in Docker Compose YAML template
- Remove stack traces from client-facing error responses
- Strip sessionSecret and traces from Status endpoint response
- Fix undefined $input variable (should be $userInput) in CLI install
- Add backtick escaping in .env template to prevent shell injection
- Add 2-hour timeout to isInstallationComplete infinite loop
- Escape user-supplied startCommand in shell strings
- Add LOCK_EX to progress file writes
- Fix typo in Upgrade.php error message
- Remove unused variable in V21 response filter
- Remove dead code in applyLockPayload after sessionStorage sanitization
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Optimize updateDocument() calls across the codebase to pass only changed
attributes as sparse Document objects rather than full documents. This is
more efficient because updateDocument() internally performs array_merge().
Changes:
- Updated 58 files to use sparse Document objects
- Added Performance Patterns section to AGENTS.md with optimization guidelines
- Applied pattern to Workers, Functions, Sites, Teams, VCS modules
- Updated app/controllers/api files (account, users, messaging)
- Updated app infrastructure files (realtime, general, init/resources, shared/api)
Exceptions maintained:
- Migration files (need full document updates by design)
- Cases with 6+ attributes (marginal benefit)
- Complex nested relationship logic
Stale in-memory project documents in ScheduleBase (and request-scoped
copies in api.php/general.php) were overwriting current DB state when
updateProjectAccess triggered. Because Database::updateDocument uses
array_merge with the passed document taking priority, cached projects
missing recent OAuth provider changes would silently disable them.
Now fetches a fresh project document from the DB before writing, so only
accessedAt is updated without clobbering other fields.
Introduce a generic event bus (Utopia\Bus) with typed events, listener
base class, Span instrumentation, and coroutine dispatch. Replace all
direct queueForExecutions and inline execution usage calls with
ExecutionCompleted event and dedicated listeners (Log, Usage).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Move teams API to Modules
* lint
* Move team prefs & logs API to Modules (#11359)
* Move team prefs & logs API to Modules
* format
* missin desc
* Move team memberships API to Modules (#11362)
* Move team memberships API to Modules
* fix config dir
* Cloud parity
* params
* Cloud conflicts
* refactor
* prop
* refactor
* set teamId
* feedback
* feedback 2
* fix url-encoding
- Updated versions for several dependencies in composer.lock, including utopia-php/database (5.3.3), utopia-php/detector (0.2.4), utopia-php/dns (1.6.5), utopia-php/framework (0.33.40), utopia-php/queue (0.15.6), and utopia-php/storage (1.0.1).
- Improved error logging in app/http.php and app/controllers/general.php to handle null routes gracefully, ensuring that the HTTP method and request URI are logged correctly even when the route is not defined.
Updated the handling of OAuth provider configurations to ensure that defaults are set when parameters are missing. This change improves error handling by checking for null values and ensuring class existence before proceeding with OAuth operations.
* Added checks to ensure project references a valid database and throws exceptions if not configured.
* Improved error messaging for non-existent projects in VCS controller.
- Remove unused WhiteList import in teams.php (linter fix)
- Add missing $teamId and $newTeam params to setupProject() in ProjectsBase.php (fixes 401 errors in all Projects tests)
- Filter execution logs by requestPath in testSSRLogs to avoid picking up screenshot worker executions
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: sanitize branch names for valid domain generation
Branch names containing invalid domain characters (like '/') were being
used directly when creating VCS preview domains, resulting in invalid
domains like 'branch-abc/test.appwrite.network'. This adds a Domain
helper class that sanitizes branch names by replacing invalid characters
with hyphens before generating domains.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor: use Text constants for branch name sanitization
Replace regex with explicit character validation using Utopia Text
constants for better readability and maintainability.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Move to transformation adapter
* lint
* tiny
* fix test
* ut
* use Filter
* lint
* more lint
* simplify
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Merge from 1.8.x left 6 unresolved conflicts in SMS/email template
endpoints. Resolved by keeping both the dynamic UID validator from
feat-mongodb and the strict WhiteList comparison from 1.8.x.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Jake Barnby
loks0n
eldadfux
Matej Bačo
Chirag Aggarwal
Hemachandar
Damodar Lohani
Matej Bačo
Harsh Mahajan