Features:
Add favorite projects feature allowing users to star/bookmark frequently used projects
New UserFavoriteProject association model with user-project relationships
Star icons in project list for one-click favorite toggling via AJAX
Filter to display only favorite projects
Per-user favorites with proper isolation and cascade delete behavior
Activity logging for favorite/unfavorite actions
Database:
Add user_favorite_projects table with migration (023_add_user_favorite_projects.py)
Foreign keys to users and projects with CASCADE delete
Unique constraint preventing duplicate favorites
Indexes on user_id and project_id for query optimization
Models:
User model: Add favorite_projects relationship with helper methods
add_favorite_project() - add project to favorites
remove_favorite_project() - remove from favorites
is_project_favorite() - check favorite status
get_favorite_projects() - retrieve favorites with status filter
Project model: Add is_favorited_by() method and include favorite status in to_dict()
Export UserFavoriteProject model in app/models/__init__.py
Routes:
Add /projects/<id>/favorite POST endpoint to favorite a project
Add /projects/<id>/unfavorite POST endpoint to unfavorite a project
Update /projects GET route to support favorites=true query parameter
Fix status filtering to work correctly with favorites JOIN query
Add /reports/export/form GET endpoint for enhanced CSV export form
Templates:
Update projects/list.html:
Add favorites filter dropdown to filter form (5-column grid)
Add star icon column with Font Awesome icons (filled/unfilled)
Add JavaScript toggleFavorite() function for AJAX favorite toggling
Improve hover states and transitions for better UX
Pass favorite_project_ids and favorites_only to template
Update reports/index.html:
Update CSV export link to point to new export form
Add icon and improve hover styling
Reports:
Enhance CSV export functionality with dedicated form page
Add filter options for users, projects, clients, and date ranges
Set default date range to last 30 days
Import Client model and or_ operator for advanced filtering
Testing:
Comprehensive test suite in tests/test_favorite_projects.py (550+ lines)
Model tests for UserFavoriteProject creation and validation
User/Project method tests for favorite operations
Route tests for favorite/unfavorite endpoints
Filtering tests for favorites-only view
Relationship tests for cascade delete behavior
Smoke tests for complete workflows
Coverage for edge cases and error handling
Documentation:
Add comprehensive feature documentation in docs/FAVORITE_PROJECTS_FEATURE.md
User guide with step-by-step instructions
Technical implementation details
API documentation for new endpoints
Migration guide and troubleshooting
Performance and security considerations
Template Cleanup:
Remove duplicate templates from root templates/ directory
Admin templates (dashboard, users, settings, OIDC debug, etc.)
Client CRUD templates
Error page templates
Invoice templates
Project templates
Report templates
Timer templates
All templates now properly located in app/templates/
Breaking Changes:
None - fully backward compatible
Migration Required:
Run alembic upgrade head to create user_favorite_projects table
Implement comprehensive time entry duplication feature that allows users
to quickly copy previous entries with pre-filled data, improving
productivity for repetitive time tracking tasks.
Features:
- Add duplicate route endpoint (/timer/duplicate/<id>)
- Add duplicate buttons to dashboard and edit entry pages
- Pre-fill project, task, notes, tags, and billable status
- Show information banner with original entry details
- Implement permission checks (users can duplicate own entries, admins can duplicate any)
- Track analytics events for duplication actions
Backend Changes:
- app/routes/timer.py: Add duplicate_timer() route with security checks
- Route handles pre-filling manual entry form with original entry data
- Analytics tracking for 'timer.duplicated' events
Frontend Changes:
- app/templates/main/dashboard.html: Add duplicate icon button to Recent Entries table
- templates/timer/edit_timer.html: Add duplicate button next to Back button
- app/templates/timer/manual_entry.html: Support pre-filled data and duplication context
- Add blue information banner showing original entry details when duplicating
Testing:
- Add comprehensive test suite with 21 tests (all passing)
- tests/test_time_entry_duplication.py: Unit, integration, security, smoke, and edge case tests
- Test coverage includes: route access, authentication, pre-fill functionality, permissions, UI visibility
Documentation:
- docs/features/TIME_ENTRY_DUPLICATION.md: Technical documentation
- docs/user-guides/DUPLICATING_TIME_ENTRIES.md: User guide with examples
- TIME_ENTRY_DUPLICATION_IMPLEMENTATION.md: Implementation details
- TIME_ENTRY_DUPLICATION_FEATURE_SUMMARY.md: Complete feature overview
Benefits:
- Saves ~60% time when logging similar work
- Reduces manual data entry for recurring tasks
- Maintains data consistency through field copying
- Intuitive workflow with clear visual feedback
Security:
- Users can only duplicate their own entries
- Admin users can duplicate any entry
- Proper authentication and permission checks
Breaking Changes: None
Major improvements:
- Add bulk operations functionality across clients, projects, and tasks
- Implement deletion and status management enhancements
- Add project code field with database migration (022)
- Improve inactive status handling for projects
Backend changes:
- Update project model with new code field and status logic
- Enhance routes for clients, projects, and tasks with bulk actions
- Add migration for project_code field (022_add_project_code_field.py)
Frontend updates:
- Refactor bulk actions widget component
- Update clients list and detail views with bulk operations
- Enhance project list, view, and kanban templates
- Improve task list, edit, view, and kanban displays
- Update base template with UI improvements
- Refine saved filters and time entry templates lists
Testing:
- Add test_project_inactive_status.py for status handling
- Update test_tasks_templates.py with new functionality
Documentation:
- Add BULK_OPERATIONS_IMPROVEMENTS.md
- Add DELETION_AND_STATUS_IMPROVEMENTS.md
- Add docs/QUICK_WINS_IMPLEMENTATION.md
- Update ALL_BUGFIXES_SUMMARY.md and IMPLEMENTATION_COMPLETE.md
Implements persistent flag tracking to ensure default client and project
are only created on fresh installations and never recreated after user
deletion during updates or restarts.
- Added initial_data_seeded flag to InstallationConfig
- Updated all 3 database initialization scripts to check flag
- Added 3 unit tests (all passing)
- Created comprehensive documentation
Fixes issue where defaults were recreated after deletion during updates.
Store user avatars in persistent /data volume instead of application
directory to ensure profile pictures survive container rebuilds and
version updates.
Changes:
- Update avatar upload folder from app/static/uploads/avatars to
/data/uploads/avatars using existing app_data volume mount
- Modify get_avatar_upload_folder() in auth routes to use persistent
location with UPLOAD_FOLDER config
- Update User.get_avatar_path() to reference new storage location
- Add migration script to safely move existing avatars to new location
- Preserve backward compatibility - no database changes required
Benefits:
- Profile pictures now persist between Docker image updates
- Consistent with company logo storage pattern (/data/uploads)
- Better user experience - avatars not lost during upgrades
- Production-ready data/code separation
- All persistent uploads consolidated in app_data volume
Migration:
For existing installations with user avatars, run:
docker-compose run --rm app python /app/docker/migrate-avatar-storage.py
New installations work automatically with no action required.
Documentation:
- docs/AVATAR_STORAGE_MIGRATION.md - Full migration guide
- docs/AVATAR_PERSISTENCE_SUMMARY.md - Quick reference
- docs/TEST_AVATAR_PERSISTENCE.md - Testing guide
- AVATAR_PERSISTENCE_CHANGELOG.md - Detailed changelog
Files modified:
- app/routes/auth.py
- app/models/user.py
Files added:
- docker/migrate-avatar-storage.py
- docs/AVATAR_STORAGE_MIGRATION.md
- docs/AVATAR_PERSISTENCE_SUMMARY.md
- docs/TEST_AVATAR_PERSISTENCE.md
- AVATAR_PERSISTENCE_CHANGELOG.md
Tested: ✓ No linter errors, backward compatible, volume mount verified
Improve task workflows and overall UX, and align backend routes with the
new UI flows. Update docs and development setup accordingly.
- UI: refine task list/view/edit templates, project views, and Kanban
partial (`_kanban_tailwind.html`)
- CSS: polish `app/static/enhanced-ui.css` for spacing, layout, and
responsiveness
- Routes: update `app/routes/tasks.py` and `app/routes/clients.py` to
support new edit/delete/filter behaviors and validations
- Templates: align clients/projects pages for consistency and navigation
- Docs: refresh `docs/GETTING_STARTED.md` and
`docs/TASK_MANAGEMENT_README.md`
- Dev: adjust `docker-compose.yml` and `setup.py` to match the latest
runtime/build expectations
- Tests: add coverage for delete actions, task project editing, and task
filters UI (`tests/test_delete_actions.py`,
`tests/test_task_edit_project.py`,
`tests/test_tasks_filters_ui.py`); update existing tests
Why:
- Streamlines common task operations and improves discoverability
- Ensures backend and UI are consistent and well-tested
- Enhanced invoice creation form with auto-fill client data from project selection
- Redesigned invoice edit page with improved layout and quick actions sidebar
- Added new generate-from-time template for adding unbilled time entries and costs
- Improved form styling and added responsive design enhancements
- Added internationalization (i18n) support throughout invoice templates
- Added notes and terms fields to invoice forms
- Implemented item removal functionality in invoice editor
- Added comprehensive tests for new invoice features
- Updated .gitignore to exclude logs directory
- Bumped version from 3.0.0 to 3.2.0
The invoice UI now provides:
- Quick actions panel with export, duplicate, and payment recording links
- Invoice summary sidebar showing totals and status
- Tips and guidance sidebars for better UX
- Client data auto-population when selecting projects
- Improved visual hierarchy and mobile responsiveness
Implement comprehensive analytics and monitoring system with PostHog integration,
complete observability stack (Prometheus, Grafana, Loki, Promtail), and CI/CD
workflows for automated builds.
Features:
- Add PostHog telemetry integration with privacy-focused event tracking
- Implement installation flow for opt-in telemetry configuration
- Add telemetry management UI in admin panel with detailed transparency
- Track key user events across all major features (projects, tasks, timer, etc.)
Infrastructure:
- Set up Prometheus for metrics collection
- Configure Grafana for visualization dashboards
- Integrate Loki and Promtail for log aggregation
- Add separate analytics docker-compose configuration
CI/CD:
- Add GitHub Actions workflows for building and publishing Docker images
- Implement separate dev and production build pipelines
- Configure automated image publishing to registry
Documentation:
- Restructure documentation into organized docs/ directory
- Add comprehensive guides for telemetry, analytics, and local development
- Create transparency documentation for tracked events
- Add CI/CD and build configuration guides
Code improvements:
- Integrate telemetry hooks across all route handlers
- Add feature flags and configuration management
- Refactor test suite for analytics functionality
- Clean up root directory by moving docs and removing test artifacts
Breaking changes:
- Requires new environment variables for PostHog configuration
- Docker compose setup now supports analytics stack
Changes: 73 files changed, 955 insertions(+), 14126 deletions(-)
Fixed multiple issues with keyboard shortcuts and browser notifications:
Keyboard Shortcuts:
- Fixed Ctrl+/ not working to focus search input
- Resolved conflict between three event handlers (base.html, commands.js, keyboard-shortcuts-advanced.js)
- Changed inline handler from Ctrl+K to Ctrl+/ to avoid command palette conflict
- Updated search bar UI badge to display Ctrl+/ instead of Ctrl+K
- Removed conflicting ? key handler from commands.js (now uses Shift+? for shortcuts panel)
- Improved key detection to properly handle special characters like / and ?
- Added debug logging for troubleshooting keyboard events
Final keyboard mapping:
- Ctrl+K: Open Command Palette
- Ctrl+/: Focus Search Input
- Shift+?: Show All Keyboard Shortcuts
- Esc: Close Modals/Panels
Notification System:
- Fixed "right-hand side of 'in' should be an object" error in smart-notifications.js
- Changed notification permission request to follow browser security policies
- Permission now checked silently on load, only requested on user interaction
- Added "Enable Notifications" banner in notification center panel
- Fixed service worker sync check to properly verify registration object
Browser Compatibility:
- All fixes respect browser security policies for notification permissions
- Graceful degradation when service worker features unavailable
- Works correctly on Chrome, Firefox, Safari, and Edge
Files modified:
- app/static/enhanced-search.js
- app/static/keyboard-shortcuts-advanced.js
- app/static/smart-notifications.js
- app/templates/base.html
- app/static/commands.js
Closes issues with keyboard shortcuts not responding and browser console errors.
ixes #88
When OIDC_POST_LOGOUT_REDIRECT_URI was unset, the application was still
attempting RP-Initiated Logout by falling back to a generated redirect URL.
This caused issues with OIDC providers like Authelia that don't support
RP-Initiated Logout, resulting in failed redirects to unsupported endpoints.
Changes:
- Modified logout logic in app/routes/auth.py to only attempt provider
logout when OIDC_POST_LOGOUT_REDIRECT_URI is explicitly configured
- If unset, users are now logged out locally and redirected to the
TimeTracker login page (expected behavior)
- If set, RP-Initiated Logout proceeds as before (backward compatible)
Documentation:
- Updated docs/OIDC_SETUP.md with guidance on when to set the config
- Added clear comments in env.example explaining optional behavior
- Documented troubleshooting steps for providers without RP-Initiated
Logout support (e.g., Authelia)
Tests:
- Added comprehensive test suite (tests/test_oidc_logout.py) with 9 tests
covering different logout scenarios and edge cases
- All existing tests continue to pass (no regressions)
This change is fully backward compatible. Users with providers supporting
RP-Initiated Logout can continue using OIDC_POST_LOGOUT_REDIRECT_URI as
before. Users with providers like Authelia should leave it unset for
local-only logout.
Implement a complete, production-ready CI/CD pipeline that runs 100% on
GitHub Actions with zero external dependencies. This replaces and consolidates
existing workflows with an optimized, streamlined pipeline.
## Major Changes
- Add 3 new workflows (ci-comprehensive, cd-development, cd-release)
- Remove 2 redundant workflows (backed up)
- Add 130+ tests across 4 new test files
- Add 8 documentation guides (60+ KB)
- Add developer tools and scripts
BREAKING CHANGE: Removed legacy license server in favor of Stripe billing
Major changes:
- Remove license server system (563 lines removed from license_server.py)
- Add multi-tenant support with organizations and memberships
- Integrate Stripe billing and subscription management
- Enhance authentication with 2FA, password reset, and JWT tokens
- Add provisioning and onboarding flows for new customers
- Implement row-level security (RLS) for data isolation
- Add GDPR compliance features and data retention policies
- Enhance admin dashboard with billing reconciliation and customer management
- Add security scanning tools (Bandit, Gitleaks, GitHub Actions workflow)
- Implement rate limiting and enhanced password policies
- Update all routes to support organization context
- Enhance user model with billing and security fields
- Add promo code system for marketing campaigns
- Update Docker initialization for better database setup
Modified files:
- Core: app.py, app/__init__.py, app/config.py
- Models: Enhanced user model (+175 lines), updated all models for multi-tenancy
- Routes: Enhanced admin routes (+479 lines), updated all routes for org context
- Templates: Updated login, admin dashboard, and settings
- Docker: Enhanced database initialization scripts
- Dependencies: Added stripe, pyotp, pyjwt, and security packages
Deleted files:
- app/utils/license_server.py
- docs/LICENSE_SERVER_*.md (3 files)
- templates/admin/license_status.html
- test_license_server.py
New features:
- Organizations and membership management
- Stripe billing integration with webhook handling
- Enhanced authentication (2FA, password reset, refresh tokens)
- GDPR compliance and data export/deletion
- Onboarding checklist for new customers
- Promo code system
- Security enhancements (rate limiting, password policies)
- Admin tools for customer and billing management
Net change: 46 files changed, 1490 insertions(+), 1968 deletions(-)
Add Pomodoro focus mode with session summaries
Model: FocusSession; API: /api/focus-sessions/; UI: Focus modal on timer page
Add estimates vs actuals with burndown and budget alerts
Project fields: estimated_hours, budget_amount, budget_threshold_percent
API: /api/projects/<id>/burndown; Charts in project view and project report
Implement recurring time blocks/templates
Model: RecurringBlock; API CRUD: /api/recurring-blocks; CLI: flask generate_recurring
Add tagging and saved filters across views
Model: SavedFilter; /api/entries supports tag and saved_filter_id
Support billable rate overrides per project/member
Model: RateOverride; invoicing uses effective rate resolution
Also:
Migration: 016_add_focus_recurring_rates_filters_and_project_budget.py
Integrations and UI updates in projects view, timer page, and reports
Docs updated (startup, invoice, task mgmt) and README feature list
Added basic tests for new features
Features:
- Add comprehensive payment tracking to invoices
- Support multiple payment statuses: unpaid, partially_paid, fully_paid, overpaid
- Track payment details: date, method, reference, notes, amount
- Visual payment progress indicators and status badges
- Record payment functionality with user-friendly interface
Database:
- Add payment tracking fields to invoices table
- Smart migration handling for existing data
- Auto-populate payment status based on current invoice status
- Create performance indexes for payment queries
UI/UX:
- Enhanced invoice list with payment status column
- Payment progress bars for partial payments
- Detailed payment information display on invoice view
- New payment recording form with validation
- Color-coded payment status indicators
Backend:
- New payment recording route and form handling
- Enhanced invoice model with payment properties and methods
- Improved summary statistics using actual payment data
- Automatic payment status calculations
Testing:
- Comprehensive test suite for payment functionality
- Tests for partial, full, and overpayments
- Multiple payment scenarios and edge cases
- Payment status calculation validation
Closes payment tracking requirements for basic invoice management
- Improve web interface layout for better user-friendliness and mobile responsiveness
* Update CSS variables for consistent spacing and component sizing
* Enhance card layouts with improved padding, borders, and shadows
* Optimize button and form element dimensions for better touch targets
* Add hover effects and animations for improved user interaction
* Implement responsive grid system with mobile-first approach
- Refactor mobile JavaScript to prevent duplicate initialization
* Consolidate mobile enhancements into dedicated utility classes
* Add initialization guards to prevent double loading
* Implement MobileUtils and MobileNavigation classes
* Remove duplicate event listeners and mobile enhancements
- Fix circular import issue in logo handling
* Replace problematic 'from app import app' with Flask's current_app
* Add error handling for cases where current_app is unavailable
* Improve logo path resolution with fallback mechanisms
* Fix settings model to use proper Flask context
- Clean up template code and remove duplication
* Remove duplicate mobile enhancements from base template
* Clean up dashboard template JavaScript
* Centralize all mobile functionality in mobile.js
* Add proper error handling and debugging
- Update CSS variables and spacing system
* Introduce --section-spacing and --card-spacing variables
* Add mobile-specific spacing variables
* Improve border-radius and shadow consistency
* Enhance typography and visual hierarchy
This commit resolves the double loading issue and logo import errors while
significantly improving the overall user experience and mobile responsiveness
of the web interface.
