Skip to content

v0.29.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 13 Feb 17:07
· 1933 commits to main since this release
v0.29.0
52370b1

Added

  • OIDC claim-to-role mapping: automatically assign users to guilds and initiatives based on OIDC token claims (e.g., groups, realm_access.roles) on every login
    • Configurable claim path and mapping rules in Platform Settings > Auth
    • Supports guild and initiative target types with role selection
    • OIDC-managed memberships tracked separately from manual assignments; manual memberships are never overwritten
    • Stale OIDC-managed memberships automatically removed when claims change
  • OIDC refresh token periodic re-sync: stores encrypted refresh tokens and periodically re-fetches userinfo claims in the background, keeping guild/initiative memberships in sync without requiring re-login
    • 5-minute poll cycle with 15-minute per-user sync interval
    • Automatic token rotation support; graceful handling of revoked tokens
    • offline_access added to default OIDC scopes for refresh token issuance
  • Extracted background task runner into dedicated background_tasks.py module
  • PKCE (S256) support for OIDC authentication, required by many identity providers
  • Multi-sort support for task list API (sort_by=date_group,due_date&sort_dir=asc,asc)
  • New cinematic landing page with parallax starfield, scroll-driven animations, interactive screenshot lightbox, and dark/light theme support
  • No-guild empty state for users with no guild membership after login, with options to create a guild, redeem an invite, or log out
  • "Source" column in guild and initiative member tables showing whether membership is managed by OIDC or manual

Changed

  • Renamed OIDC_DISCOVERY_URL env variable to OIDC_ISSUER (old name still works as fallback); issuer URL no longer requires /.well-known/openid-configuration suffix
  • Guild deletion now uses a name-confirmation dialog instead of browser prompt
  • Logout now clears the React Query cache to prevent stale data when switching accounts

Fixed

  • Role-based write users now appear in task assignee dropdowns (previously only explicit user permissions were considered)
  • My Tasks page now sorts by date group (overdue, today, this week, this month, later) then by due date, matching the visual grouping order
  • BEHIND_PROXY=true now passes --proxy-headers and --forwarded-allow-ips to Uvicorn so real client IPs appear in logs and request.client.host (#92)
  • Users with no guild membership no longer get 500 errors; backend returns 403 with descriptive message
  • Documents on project dashboard are now filtered by user's document-level permissions (guild admins see all)
  • Project settings button in sidebar now correctly appears for users with role-based write access
  • Removing a user from a guild or initiative now clears their task assignments
  • OIDC sync membership removal now cleans up task assignments
  • Fixed loading state flicker on no-guild screen caused by useGuilds dependency cycle

Downloads

Android App

Download the APK from the assets below and install on your Android device.

Docker Image

docker pull morelitea/initiative:0.29.0

Or use latest tag. View on Docker Hub.

Assets 3
Loading