Skip to content

Actions: dotCMS/core

Actions

-2 Merge Group Check

Actions

Loading...
Loading

Show workflow options

Create status badge

Loading
cicd_2-merge-queue.yml
1,871 workflow runs
1,871 workflow runs

Filter by Event

+ click/return to exclude

Filter by Status

+ click/return to exclude

Filter by Branch

+ click/return to exclude

Filter by Actor

+ click/return to exclude
MQ: fix(dotAI): QA fixes - image model default, playground overflow, embeddings host resolution (#35716) ## Summary Bug fixes found during QA testing of the dotAI integration. - **Default image model**: update the example providerConfig JSON in the dotAI config UI from dall-e-3 to gpt-image-1 - **Image Playground overflow**: fix JSON.stringify(json, 2) (wrong signature — JSON was not pretty-printed) and add overflow-wrap, word-break, and <pre> wrapping so the response JSON no longer ov... -2 Merge Group Check #3003: Merge group checks requested
57m 48s
57m 48s
MQ: feat(report-issue): gate toolbar menu item behind FEATURE_FLAG_REPORT_ISSUE_ENABLED (#35759) ## Summary - Adds FEATURE_FLAG_REPORT_ISSUE_ENABLED (default **false**) to gate the "Report an Issue" entry in the toolbar user menu added by #35717. - Whitelists the new key in ConfigurationResource and exposes it in the frontend FeaturedFlags enum so DotPropertiesService can read it. - Flag check intentionally lives in DotToolbarUserComponent (not the store) so it can be cleanly removed once the... -2 Merge Group Check #3002: Merge group checks requested
1h 10m 4s
1h 10m 4s
MQ: feat(security): periodic job to encrypt plaintext passwords in user_ table (#35767) ## Proposed Changes Adds **EncryptPlainPasswordsJob** — a Quartz StatefulJob that runs every 5 minutes, scans the user_ table for rows whose passwordEncrypted flag is false, hashes the cleartext value via PasswordFactoryProxy.generateHash, and flips the flag to true. Defense-in-depth against any code path that lands a plaintext password in user_.password_ — migrations, bulk imports, manual SQL r... -2 Merge Group Check #3001: Merge group checks requested
1h 3m 5s
1h 3m 5s
MQ: fix(postman): pass explicit languageId in WorkflowResource + GraphQL tests (#35780) (#35795) ## Summary Refs #35780. Stabilizes two intermittent Postman tests that hit the language_id = -1 FK violation when their request bodies omit languageId and WorkflowResource falls back to the -1L default. This is **Option B** from #35780 — Postman fixture hardening. Option A (server-side fail-fast in WorkflowResource.fireActionDefaultSinglePart) is intentionally **out of scope** here; the goal of... -2 Merge Group Check #3000: Merge group checks requested
1h 5m 48s
1h 5m 48s
MQ: feat(release): warn in Slack about PRs in a release that lack QA verdict (#35762) ## Summary Adds a QA-coverage warning to the Slack notification we send when a release is generated. For every PR in the release, the new tool inspects its closing-issue references and reports whether the linked issue carries a recognized QA label. Driven by the question: *"which changes shipped in this release haven't been tested?"* ## How it works New standalone tool at .github/scripts/release-qa-status/ (TypeS... -2 Merge Group Check #2999: Merge group checks requested
23m 9s
23m 9s
MQ: fix(postman): pass explicit languageId in WorkflowResource + GraphQL tests (#35780) (#35795) ## Summary Refs #35780. Stabilizes two intermittent Postman tests that hit the language_id = -1 FK violation when their request bodies omit languageId and WorkflowResource falls back to the -1L default. This is **Option B** from #35780 — Postman fixture hardening. Option A (server-side fail-fast in WorkflowResource.fireActionDefaultSinglePart) is intentionally **out of scope** here; the goal of... -2 Merge Group Check #2998: Merge group checks requested
32m 16s
32m 16s
MQ: feat(release): warn in Slack about PRs in a release that lack QA verdict (#35762) ## Summary Adds a QA-coverage warning to the Slack notification we send when a release is generated. For every PR in the release, the new tool inspects its closing-issue references and reports whether the linked issue carries a recognized QA label. Driven by the question: *"which changes shipped in this release haven't been tested?"* ## How it works New standalone tool at .github/scripts/release-qa-status/ (TypeS... -2 Merge Group Check #2997: Merge group checks requested
57m 53s
57m 53s
MQ: feat(security): periodic job to encrypt plaintext passwords in user_ table (#35767) ## Proposed Changes Adds **EncryptPlainPasswordsJob** — a Quartz StatefulJob that runs every 5 minutes, scans the user_ table for rows whose passwordEncrypted flag is false, hashes the cleartext value via PasswordFactoryProxy.generateHash, and flips the flag to true. Defense-in-depth against any code path that lands a plaintext password in user_.password_ — migrations, bulk imports, manual SQL r... -2 Merge Group Check #2996: Merge group checks requested
43m 15s
43m 15s
MQ: fix(dotAI): QA fixes - image model default, playground overflow, embeddings host resolution (#35716) ## Summary Bug fixes found during QA testing of the dotAI integration. - **Default image model**: update the example providerConfig JSON in the dotAI config UI from dall-e-3 to gpt-image-1 - **Image Playground overflow**: fix JSON.stringify(json, 2) (wrong signature — JSON was not pretty-printed) and add overflow-wrap, word-break, and <pre> wrapping so the response JSON no longer ov... -2 Merge Group Check #2995: Merge group checks requested
1h 24m 0s
1h 24m 0s
MQ: Make grid block VTL renderer responsive on small screens (#35783) Injects a scoped <style> block (once per page via Velocity flag) with a 768px media query that collapses grid columns to full-width stacking. !important overrides are required because column spans are applied as inline styles. https://claude.ai/code/session_01UwG1xgHsvUanDJjESapt9s https://github.com/user-attachments/assets/4361ecec-6415-4676-9e91-e39ff66c5676 --------- Co-authored-by: Claude <noreply@anthropic.com> -2 Merge Group Check #2994: Merge group checks requested
1h 15m 29s
1h 15m 29s
MQ: feat(request-cost): publish aggregate token telemetry to external endpoint (#35749) Fixes #35750 ## Summary - Adds scheduled publishing of the per-window + lifetime request-cost (a.k.a. token) counters to an external REST collector. - Reuses the existing RequestCostApiImpl monitor scheduler tick (default 60s, controlled by REQUEST_COST_TIME_WINDOW_SECONDS) — no new threads, no new schedulers. - HTTP POST runs on DotConcurrentFactory.getInstance().getSubmitter() so a slow or dead collector ... -2 Merge Group Check #2993: Merge group checks requested
1h 2m 45s
1h 2m 45s
MQ: Make grid block VTL renderer responsive on small screens (#35783) Injects a scoped <style> block (once per page via Velocity flag) with a 768px media query that collapses grid columns to full-width stacking. !important overrides are required because column spans are applied as inline styles. https://claude.ai/code/session_01UwG1xgHsvUanDJjESapt9s https://github.com/user-attachments/assets/4361ecec-6415-4676-9e91-e39ff66c5676 --------- Co-authored-by: Claude <noreply@anthropic.com> -2 Merge Group Check #2992: Merge group checks requested
1h 5m 35s
1h 5m 35s
MQ: feat(request-cost): publish aggregate token telemetry to external endpoint (#35749) Fixes #35750 ## Summary - Adds scheduled publishing of the per-window + lifetime request-cost (a.k.a. token) counters to an external REST collector. - Reuses the existing RequestCostApiImpl monitor scheduler tick (default 60s, controlled by REQUEST_COST_TIME_WINDOW_SECONDS) — no new threads, no new schedulers. - HTTP POST runs on DotConcurrentFactory.getInstance().getSubmitter() so a slow or dead collector ... -2 Merge Group Check #2991: Merge group checks requested
1h 0m 40s
1h 0m 40s
MQ: feat(security): periodic job to encrypt plaintext passwords in user_ table (#35767) ## Proposed Changes Adds **EncryptPlainPasswordsJob** — a Quartz StatefulJob that runs every 5 minutes, scans the user_ table for rows whose passwordEncrypted flag is false, hashes the cleartext value via PasswordFactoryProxy.generateHash, and flips the flag to true. Defense-in-depth against any code path that lands a plaintext password in user_.password_ — migrations, bulk imports, manual SQL r... -2 Merge Group Check #2990: Merge group checks requested
22m 12s
22m 12s
MQ: feat(request-cost): publish aggregate token telemetry to external endpoint (#35749) Fixes #35750 ## Summary - Adds scheduled publishing of the per-window + lifetime request-cost (a.k.a. token) counters to an external REST collector. - Reuses the existing RequestCostApiImpl monitor scheduler tick (default 60s, controlled by REQUEST_COST_TIME_WINDOW_SECONDS) — no new threads, no new schedulers. - HTTP POST runs on DotConcurrentFactory.getInstance().getSubmitter() so a slow or dead collector ... -2 Merge Group Check #2989: Merge group checks requested
1h 6m 1s
1h 6m 1s
MQ: feat(security): periodic job to encrypt plaintext passwords in user_ table (#35767) ## Proposed Changes Adds **EncryptPlainPasswordsJob** — a Quartz StatefulJob that runs every 5 minutes, scans the user_ table for rows whose passwordEncrypted flag is false, hashes the cleartext value via PasswordFactoryProxy.generateHash, and flips the flag to true. Defense-in-depth against any code path that lands a plaintext password in user_.password_ — migrations, bulk imports, manual SQL r... -2 Merge Group Check #2988: Merge group checks requested
1h 2m 1s
1h 2m 1s
MQ: feat(release): warn in Slack about PRs in a release that lack QA verdict (#35762) ## Summary Adds a QA-coverage warning to the Slack notification we send when a release is generated. For every PR in the release, the new tool inspects its closing-issue references and reports whether the linked issue carries a recognized QA label. Driven by the question: *"which changes shipped in this release haven't been tested?"* ## How it works New standalone tool at .github/scripts/release-qa-status/ (TypeS... -2 Merge Group Check #2987: Merge group checks requested
52m 33s
52m 33s
MQ: fix(edit-content): locale translation fixes — preserve HOST_FOLDER & RELATIONSHIP, resolve related items to target language (#35738) https://github.com/user-attachments/assets/d95282d4-eeb9-4be8-b838-117075811990 ## Summary Fixes several bugs in the locale translation flow (populate & manually translate) for the edit content form. - **Binary fields** are now cleared on both _Populate from current locale_ and _Translate Manually_ — binary assets live on the filesystem and must be re-uploaded... -2 Merge Group Check #2986: Merge group checks requested
1h 0m 13s
1h 0m 13s
MQ: fix: Feature flag boolean parsing error (#35551) (#35769) ## Summary Fixes #35551 — Feature flag boolean parsing is case-sensitive. - **Backend (ConfigurationResource):** recoveryFromConfig previously fell through to Config.getStringProperty for all unprefixed FEATURE_FLAG_* keys, returning raw strings ("True", "FALSE", "1") that the frontend could not reliably coerce. A new BOOLEAN_FEATURE_FLAGS set identifies every boolean flag in the whitelist. For those keys, a dedicated `par... -2 Merge Group Check #2985: Merge group checks requested
1h 10m 51s
1h 10m 51s
MQ: create new endpoint to retrieve workflow schemas by multiple Content Types (#35729) ### Proposed Changes * Added GET /api/v1/workflow/contenttypes/schemes endpoint (findAllSchemesByContentTypeList) that accepts a comma-separated contentTypeIds query parameter and returns workflow schemes grouped by content type * Created AbstractContentTypeWorkflowSchemesView (Immutables) with contentTypeId + contentTypeSchemes fields, and ResponseEntityContentTypeWorkflowSchemesView as the typed resp... -2 Merge Group Check #2984: Merge group checks requested
1h 15m 45s
1h 15m 45s
MQ: feat(uve): Add validation of FF TOGGLE_LOCK on different pageViews (#35747) https://github.com/user-attachments/assets/e577f03c-f8e2-44de-a8b7-6163fe8a0c6b ### Screenshots Original | Updated :-------------------------:|:-------------------------: ** original screenshot ** | ** updated screenshot ** This PR fixes: #35743 -2 Merge Group Check #2983: Merge group checks requested
1h 3m 45s
1h 3m 45s
MQ: fix(UVE Palette): Add sorting parameters to content retrieval (#35774) ### Video https://github.com/user-attachments/assets/5faa696b-e67f-43bb-9f2b-df78543611a3 This PR fixes: #35770 -2 Merge Group Check #2982: Merge group checks requested
1h 5m 52s
1h 5m 52s
MQ: feat(content-search): add date range filters for date/datetime fields (#35745) ## Summary - Replaces free-text Lucene date inputs in the Content Search portlet with proper **FROM / TO date picker pairs** (Dojo dijit.form.DateTextBox) for each date and date_time field in the selected content type - Pickers automatically build a Lucene range value ([YYYYMMDD000000 TO YYYYMMDD235959]) stored in the existing hidden field consumed by ContentletAjax — no backend changes required - `clearSearc... -2 Merge Group Check #2981: Merge group checks requested
56m 34s
56m 34s
MQ: **ci(filters): update exclusion patterns for CI workflows** (#35779) - Adjusted .github/filters.yaml to include refined exclusion patterns under specific directories: - Added dotCMS/src/main/webapp/WEB-INF/messages/!(Language*.properties) to avoid excluding language property files. - Updated patterns to ensure that non-relevant changes in src/main/webapp/html and WEB-INF/messages directories are correctly filtered. - Updated area_backend filters to align with the modified path matching rul... -2 Merge Group Check #2980: Merge group checks requested
57m 0s
57m 0s
MQ: feat(push-publishing): add per-endpoint failure details to failure events (#34356) (#35765) ## Summary - Enhances AllPushPublishEndpointsFailureEvent and SinglePushPublishEndpointFailureEvent with an optional List<EndpointFailureDetail> payload (new EndpointFailureDetail value object + FailureCategory enum). Subscribers can now distinguish authentication, authorization, server, network and bundle failures, capture HTTP status codes, and inspect a per-endpoint retryable hint. - **Backwar... -2 Merge Group Check #2979: Merge group checks requested
1h 30m 30s
1h 30m 30s