Improved the Release Build workflow to clearly show that PostHog and Sentry
credentials are being injected from the GitHub Secret Store, providing better
transparency and auditability.
Changes:
- Enhanced workflow step name to explicitly mention "GitHub Secrets"
- Added comprehensive logging with visual separators and clear sections
- Added before/after file content display showing placeholder replacement
- Added secret availability verification with format validation
- Added detailed error messages with step-by-step fix instructions
- Enhanced release summary to highlight successful credential injection
- Updated build configuration documentation with cross-references
Benefits:
- Developers can immediately see credentials come from GitHub Secret Store
- Security teams have clear audit trail of credential injection process
- Better troubleshooting with detailed error messages
- Secrets remain protected with proper redaction (first 8 + last 4 chars)
- Multiple validation steps ensure correct injection
The workflow now outputs 50+ lines of structured logging showing:
- Secret store location (Settings → Secrets and variables → Actions)
- Target file being modified (app/config/analytics_defaults.py)
- Verification that secrets are available
- Format validation (phc_* pattern for PostHog)
- Confirmation of successful placeholder replacement
- Summary with redacted credential previews
Workflow: .github/workflows/cd-release.yml
Documentation: docs/cicd/README_BUILD_CONFIGURATION.md
Fully backward compatible - no breaking changes.
Implements persistent flag tracking to ensure default client and project
are only created on fresh installations and never recreated after user
deletion during updates or restarts.
- Added initial_data_seeded flag to InstallationConfig
- Updated all 3 database initialization scripts to check flag
- Added 3 unit tests (all passing)
- Created comprehensive documentation
Fixes issue where defaults were recreated after deletion during updates.
This commit introduces several high-impact features to improve user experience
and productivity:
New Features:
- Activity Logging: Comprehensive audit trail tracking user actions across the
system with Activity model, including IP address and user agent tracking
- Time Entry Templates: Reusable templates for frequently logged activities with
usage tracking and quick-start functionality
- Saved Filters: Save and reuse common search/filter combinations across
different views (projects, tasks, reports)
- User Preferences: Enhanced user settings including email notifications,
timezone, date/time formats, week start day, and theme preferences
- Excel Export: Generate formatted Excel exports for time entries and reports
with styling and proper formatting
- Email Notifications: Complete email system for task assignments, overdue
invoices, comments, and weekly summaries with HTML templates
- Scheduled Tasks: Background task scheduler for periodic operations
Models Added:
- Activity: Tracks all user actions with detailed context and metadata
- TimeEntryTemplate: Stores reusable time entry configurations
- SavedFilter: Manages user-saved filter configurations
Routes Added:
- user.py: User profile and settings management
- saved_filters.py: CRUD operations for saved filters
- time_entry_templates.py: Template management endpoints
UI Enhancements:
- Bulk actions widget component
- Keyboard shortcuts help modal with advanced shortcuts
- Save filter widget component
- Email notification templates
- User profile and settings pages
- Saved filters management interface
- Time entry templates interface
Database Changes:
- Migration 022: Creates activities and time_entry_templates tables
- Adds user preference columns (notifications, timezone, date/time formats)
- Proper indexes for query optimization
Backend Updates:
- Enhanced keyboard shortcuts system (commands.js, keyboard-shortcuts-advanced.js)
- Updated projects, reports, and tasks routes with activity logging
- Safe database commit utilities integration
- Event tracking for analytics
Dependencies:
- Added openpyxl for Excel generation
- Added Flask-Mail dependencies
- Updated requirements.txt
All new features include proper error handling, activity logging integration,
and maintain existing functionality while adding new capabilities.
Implement comprehensive analytics and monitoring system with PostHog integration,
complete observability stack (Prometheus, Grafana, Loki, Promtail), and CI/CD
workflows for automated builds.
Features:
- Add PostHog telemetry integration with privacy-focused event tracking
- Implement installation flow for opt-in telemetry configuration
- Add telemetry management UI in admin panel with detailed transparency
- Track key user events across all major features (projects, tasks, timer, etc.)
Infrastructure:
- Set up Prometheus for metrics collection
- Configure Grafana for visualization dashboards
- Integrate Loki and Promtail for log aggregation
- Add separate analytics docker-compose configuration
CI/CD:
- Add GitHub Actions workflows for building and publishing Docker images
- Implement separate dev and production build pipelines
- Configure automated image publishing to registry
Documentation:
- Restructure documentation into organized docs/ directory
- Add comprehensive guides for telemetry, analytics, and local development
- Create transparency documentation for tracked events
- Add CI/CD and build configuration guides
Code improvements:
- Integrate telemetry hooks across all route handlers
- Add feature flags and configuration management
- Refactor test suite for analytics functionality
- Clean up root directory by moving docs and removing test artifacts
Breaking changes:
- Requires new environment variables for PostHog configuration
- Docker compose setup now supports analytics stack
Changes: 73 files changed, 955 insertions(+), 14126 deletions(-)
BREAKING CHANGE: Removed legacy license server in favor of Stripe billing
Major changes:
- Remove license server system (563 lines removed from license_server.py)
- Add multi-tenant support with organizations and memberships
- Integrate Stripe billing and subscription management
- Enhance authentication with 2FA, password reset, and JWT tokens
- Add provisioning and onboarding flows for new customers
- Implement row-level security (RLS) for data isolation
- Add GDPR compliance features and data retention policies
- Enhance admin dashboard with billing reconciliation and customer management
- Add security scanning tools (Bandit, Gitleaks, GitHub Actions workflow)
- Implement rate limiting and enhanced password policies
- Update all routes to support organization context
- Enhance user model with billing and security fields
- Add promo code system for marketing campaigns
- Update Docker initialization for better database setup
Modified files:
- Core: app.py, app/__init__.py, app/config.py
- Models: Enhanced user model (+175 lines), updated all models for multi-tenancy
- Routes: Enhanced admin routes (+479 lines), updated all routes for org context
- Templates: Updated login, admin dashboard, and settings
- Docker: Enhanced database initialization scripts
- Dependencies: Added stripe, pyotp, pyjwt, and security packages
Deleted files:
- app/utils/license_server.py
- docs/LICENSE_SERVER_*.md (3 files)
- templates/admin/license_status.html
- test_license_server.py
New features:
- Organizations and membership management
- Stripe billing integration with webhook handling
- Enhanced authentication (2FA, password reset, refresh tokens)
- GDPR compliance and data export/deletion
- Onboarding checklist for new customers
- Promo code system
- Security enhancements (rate limiting, password policies)
- Admin tools for customer and billing management
Net change: 46 files changed, 1490 insertions(+), 1968 deletions(-)
Add Pomodoro focus mode with session summaries
Model: FocusSession; API: /api/focus-sessions/; UI: Focus modal on timer page
Add estimates vs actuals with burndown and budget alerts
Project fields: estimated_hours, budget_amount, budget_threshold_percent
API: /api/projects/<id>/burndown; Charts in project view and project report
Implement recurring time blocks/templates
Model: RecurringBlock; API CRUD: /api/recurring-blocks; CLI: flask generate_recurring
Add tagging and saved filters across views
Model: SavedFilter; /api/entries supports tag and saved_filter_id
Support billable rate overrides per project/member
Model: RateOverride; invoicing uses effective rate resolution
Also:
Migration: 016_add_focus_recurring_rates_filters_and_project_budget.py
Integrations and UI updates in projects view, timer page, and reports
Docs updated (startup, invoice, task mgmt) and README feature list
Added basic tests for new features
- Fix header alignment issues with comments counter and action button
- Remove nested card styling conflicts in comments list
- Improve comment header flex layout with proper spacing
- Fix timestamp text overflow with ellipsis for long content
- Make comment actions always visible instead of hover-only
- Remove conflicting CSS resets that broke flex layouts
- Remove decorative guideline to prevent double left borders
- Optimize comment metadata flex behavior for better responsiveness
Resolves vertical alignment issues in comment headers and improves
overall visual consistency of the comment system.
Add admin PDF Layout Editor with local GrapesJS (no CDN)
Routes:
GET/POST /admin/pdf-layout (save, server-side default seeding)
POST /admin/pdf-layout/reset (clear custom template)
GET /admin/pdf-layout/default (serve default body HTML/CSS)
POST /admin/pdf-layout/preview (render preview with sample context)
Invoice PDF generator: support custom HTML/CSS and i18n; add default template and CSS
Preview: sanitize Jinja, add helpers (format_date, format_money), sample item
Base layout: include head_extra and scripts_extra
Editor UI: removed quick blocks, preview, and insert variables; keep load/save/reset
Vendor GrapesJS under app/static/vendor/grapesjs and load locally
README: document the new feature and usage
- Integrate Flask-Babel and i18n utilities; initialize in app factory
- Add `preferred_language` to `User` with Alembic migration (011_add_user_preferred_language)
- Add `babel.cfg` and `scripts/extract_translations.py`
- Add `translations/` for en, de, fr, it, nl, fi
- Update templates to use `_()` and add language picker in navbar/profile
- Respect locale in routes and context processors; persist user preference
- Update requirements and Docker/Docker entrypoint for Babel/gettext support
- Minor copy and style adjustments across pages
Migration: run `alembic upgrade head`
Add app/utils/backup.py with create_backup/restore_backup
Include DB dump (SQLite file or pg_dump custom), settings.json, uploads/, manifest.json (incl. alembic_revision)
Use local-time timestamps in filenames and metadata
PostgreSQL: call pg_dump/pg_restore with host/port/user/db and PGPASSWORD
Restore runs migrations to head for older data compatibility
Admin
/admin/backup now generates and downloads a .zip archive
New /admin/restore (template: templates/admin/restore.html) for uploading and restoring backups
Refresh admin dashboard visuals (hero header, hover-lift cards, soft buttons), keep color scheme
Remove “System Overview” card from dashboard
CLI
Add flask backup_create and flask backup_restore <archive.zip>
Docker
Install PostgreSQL client tools; switch to PGDG postgresql-client-16 to match server v16
Docs/Config
No schema changes; retains existing settings and migrations
Notes:
Requires pg_dump/pg_restore inside the app image (now included)
Backups saved under project-root/backups and streamed to user on demand
- Add organized screenshot sections for better visual presentation
- Include all 12 available screenshots from assets/screenshots/
- Group screenshots into logical categories:
* Core Application Views (Dashboard, Projects, Tasks, Clients)
* Management & Analytics (Reports, Visual Analytics, Task Management, Admin)
* Data Entry & Creation (Log Time, New Task, New Client, New Project)
- Improve visual layout with proper spacing and responsive design
- Enhance user experience by showcasing full application capabilities
- Improve web interface layout for better user-friendliness and mobile responsiveness
* Update CSS variables for consistent spacing and component sizing
* Enhance card layouts with improved padding, borders, and shadows
* Optimize button and form element dimensions for better touch targets
* Add hover effects and animations for improved user interaction
* Implement responsive grid system with mobile-first approach
- Refactor mobile JavaScript to prevent duplicate initialization
* Consolidate mobile enhancements into dedicated utility classes
* Add initialization guards to prevent double loading
* Implement MobileUtils and MobileNavigation classes
* Remove duplicate event listeners and mobile enhancements
- Fix circular import issue in logo handling
* Replace problematic 'from app import app' with Flask's current_app
* Add error handling for cases where current_app is unavailable
* Improve logo path resolution with fallback mechanisms
* Fix settings model to use proper Flask context
- Clean up template code and remove duplication
* Remove duplicate mobile enhancements from base template
* Clean up dashboard template JavaScript
* Centralize all mobile functionality in mobile.js
* Add proper error handling and debugging
- Update CSS variables and spacing system
* Introduce --section-spacing and --card-spacing variables
* Add mobile-specific spacing variables
* Improve border-radius and shadow consistency
* Enhance typography and visual hierarchy
This commit resolves the double loading issue and logo import errors while
significantly improving the overall user experience and mobile responsiveness
of the web interface.
Dries Peeters