Open
Conversation
* feat(api-v2): add GET /v2/bookings/by-seat/{seatUid} endpoint
- Add new endpoint to retrieve a booking by its seat reference UID
- Add getByReferenceUidIncludeBookingWithAttendeesAndUserAndEvent method to BookingSeatRepository
- Add getBookingBySeatUid method to BookingsService
- Add e2e tests for the new endpoint
Co-Authored-By: morgan@cal.com <morgan@cal.com>
* fix: use Object.prototype.hasOwnProperty.call for ES compatibility in e2e tests
Co-Authored-By: morgan@cal.com <morgan@cal.com>
* fix: use select instead of include in BookingSeatRepository for security and performance
Co-Authored-By: morgan@cal.com <morgan@cal.com>
* fix: add teamId and userId to eventType select for access check
Co-Authored-By: morgan@cal.com <morgan@cal.com>
* fix: return seatUid attendee when not admin and seatsShowAttendees is false
Co-Authored-By: morgan@cal.com <morgan@cal.com>
* fix: use select for eventType in repository and fetch full eventType for access check
Co-Authored-By: morgan@cal.com <morgan@cal.com>
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…#27579) Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…27604) * migrate CreateLicenseKeyForm * refactor * migrate * migrate filters components * fix import
* fix: ensure default calendars * test: add E2E tests for delegation credential controller and update tasker config - Add E2E tests to verify ensureDefaultCalendars is called when enabling delegation credentials - Update calendars tasker config to use medium-1x machine for retry on OOM - Set minimum retry backoff to 60 seconds (1 minute between retries) Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: update tasker config to use small-2x machine with outOfMemory retry on medium-1x Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: update E2E tests to properly spy on service instance and use valid workspace platform slug Co-Authored-By: morgan@cal.com <morgan@cal.com> * ci: add CALCOM_SERVICE_ACCOUNT_ENCRYPTION_KEY to E2E API v2 workflow Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: add encryption key to E2E test file for delegation credentials Co-Authored-By: morgan@cal.com <morgan@cal.com> * revert: remove CALCOM_SERVICE_ACCOUNT_ENCRYPTION_KEY from workflow (moved to test file) Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: move encryption key to setEnvVars.ts for E2E tests Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: use valid format for service account encryption key Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: encrypt service account key in E2E test for delegation credentials Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: mock updateDelegationCredentialEnabled to bypass Google API call in E2E tests Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: get service from app.get() after initialization for proper spy setup in E2E tests Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: use jest.mock() to mock toggleDelegationCredentialEnabled and bypass Google API calls in E2E tests Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: use Service.prototype pattern for spying on ensureDefaultCalendars in E2E tests Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: move spy setup to beforeAll before app.init() for proper NestJS interception Co-Authored-By: morgan@cal.com <morgan@cal.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: Deepanshu Verma <deepanshuverma186@email.com>
* fix: useOAuthClient support OAuth 2.0 * fix: cannot read properties of undefined (reading NEXT_PUBLIC_IS_E2E) * fix: allow OAuth 2.0 token to connect gcal or ms calendar * fix: allow OAuth 2.0 token to save gcal or ms calendar credentials * refactor: dont set oauth id header for OAuth 2.0 * fix: calendar events not showing and emails not sent * feat: CalOAuth2Provider * chore: make OAuth 2.0 work in examples app * chore: refresh OAuth 2.0 tokens * docs: running examples app with oauth 2.0 * fix: remove sensitive console.log statements that leak secrets Remove logging of: - OAuth authorization codes (oauth2-user.ts) - Token-bearing exchange responses (oauth2-user.ts) - /me response data containing PII (oauth2-user.ts) - OAuth2 refresh response with tokens (refresh.ts) - Response payload with access tokens (_app.tsx) Addresses Cubic AI review feedback for issues with confidence >= 9/10 Co-Authored-By: unknown <> * docs: update readme * fix: implemente cubic feedback * fix: seed script import * fix: seed script pkce * fix: correct typos and SQLite capitalization in OAuth2 README (#27176) Co-authored-by: cubic-dev-ai[bot] <1082092+cubic-dev-ai[bot]@users.noreply.github.com> * refactor: dont return name in public oauth endpoint * docs: CalOAuthProvider * chore: add NEXT_PUBLIC_IS_E2E constant to test * docs: fix duplicated 'or' in Cal OAuth Provider documentation (#27177) Co-authored-by: cubic-dev-ai[bot] <1082092+cubic-dev-ai[bot]@users.noreply.github.com> * revert: is e2e constant * fix: typecheck * refactor: example app users select * update readme * chore: update oauth atoms readme * refactor: enable booking managed event types with user.username instead of profile.username * fix: EventTypeSettings when viewing round robin * test: add e2e tests for atoms-oauth2 controller Co-Authored-By: lauris@cal.com <lauris.skraucis@gmail.com> * fix: correct error message path in atoms-oauth2 e2e test Co-Authored-By: lauris@cal.com <lauris.skraucis@gmail.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com> Co-authored-by: cubic-dev-ai[bot] <1082092+cubic-dev-ai[bot]@users.noreply.github.com> Co-authored-by: Rajiv Sahal <sahalrajiv-extc@atharvacoe.ac.in>
…-13 API (#27586) * feat: skip platform billing for non-platform-managed users in 2024-08-13 API - Add isPlatformManaged check in billBooking() to skip billing for regular users - Add isPlatformManaged check in billRescheduledBooking() to skip billing for regular users - Add isPlatformManagedUserBooking check in cancelBooking() to skip billing cancellation for regular users - Add E2E tests to verify billing behavior for both regular and platform-managed users Co-Authored-By: morgan@cal.com <morgan@cal.com> * refactor: reuse booking data for isPlatformManaged instead of fetching user - Capture isPlatformManagedUserBooking from raw booking data returned by regularBookingService.createBooking() and recurringBookingService.createBooking() - Pass the flag through the output booking objects - Update billBooking() and billRescheduledBooking() to use the flag instead of fetching user from database - Matches the pattern used in 2024-04-15 controller Co-Authored-By: morgan@cal.com <morgan@cal.com> * fix: skip platform billing in booking service for non platform * fix: use double negation for boolean type safety in isPlatformManagedUserBooking Co-Authored-By: morgan@cal.com <morgan@cal.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…tor (#27613) Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: Lingo.dev <support@lingo.dev> Co-authored-by: Keith Williams <keithwillcode@gmail.com>
…n is created (#27623) * fix: optimize myStats tRPC call to only trigger when Intercom is enabled Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * fix: fetch myStats on-demand when Intercom session is created, not upfront Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> * chore: remove unnecessary comments Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* Replace n x m array functions with maps * feat: add attributeIds filter to findManyByOrgMembershipIds Allow filtering attribute-to-user assignments by specific attribute IDs. This enables querying only the attributes needed for a routing rule instead of fetching all attributes for all team members. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: extract attribute IDs from routing rules and filter queries Add extractAttributeIdsFromQueryValue helper to parse routing rules and identify which attributes are referenced. Pass these IDs through getAttributesAssignmentData to _queryAllData to only fetch the attribute assignments that are actually needed for evaluation. For a team with 785 members and 14 attributes, if a routing rule only references 2-3 attributes, this reduces the query from ~3500 rows to ~500 rows. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: use attribute filtering in findTeamMembersMatchingAttributeLogic Extract attribute IDs from the routing rules (main + fallback) and pass them to getAttributesForLogic to only fetch necessary data. This completes the optimization to reduce database load when evaluating routing rules that only reference a subset of attributes. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: filter attributes query by attribute IDs Also filter the attributes query (not just attributeToUser assignments) by the attribute IDs referenced in routing rules. For a routing rule that references 2 out of 14 attributes with 6524 total options, this reduces: - Attributes fetched: 14 → 2 - Options fetched: 6524 → ~930 (proportional reduction) - Fewer regex replacements in replaceAttributeOptionIdsWithOptionLabel Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: add comprehensive test coverage for attribute routing query optimization Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * Revert "Replace n x m array functions with maps" This reverts commit 312eeb0. * fix: re-establish extractAttributeIdsFromQueryValue mock after resetAllMocks Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
… routing (#27599) * Replace n x m array functions with maps * test: add tests and benchmark for Map-based attribute lookup optimization Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * test: add real-world enterprise scenario (14 attrs x 6,530 opts) to benchmark Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * chore: remove benchmark file Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * Rename function * Pass built maps to functions --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* refactor: combine exchange and refresh into token endpoint * refactor: controller error handling * refactor: use snake_case * refactor: use snake_case * refactor: use snake case * refactor: token endpoint accepts application/x-www-form-urlencoded * refactor: token endpoint accepts application/x-www-form-urlencoded * refactor: flat token response data * refactor: error structure * refactor: client_id in the body * fix: address Cubic AI review feedback on OAuth2 endpoints - Fix getClient endpoint to use proper REST API error format instead of OAuth token error format (confidence 9/10) - Add missing space after comma in error format string in token.input.pipe.ts (confidence 9/10) - Support both camelCase and snake_case inputs in authorize endpoint for backward compatibility (confidence 10/10) - Restore legacy /exchange and /refresh endpoints alongside new /token endpoint for backward compatibility (confidence 10/10) - Add OAuth2TokensResponseDto for legacy endpoint wrapped responses - Add OAuth2LegacyExchangeInput and OAuth2LegacyRefreshInput for legacy endpoints Co-Authored-By: unknown <> * fix: address additional Cubic AI feedback on OAuth2 endpoints - Log errors when status code >= 500 in handleClientError (confidence 9/10) - Add Cache-Control: no-store and Pragma: no-cache headers to legacy /exchange and /refresh endpoints (confidence 9/10) Co-Authored-By: unknown <> * docs * Revert "fix: address additional Cubic AI feedback on OAuth2 endpoints" This reverts commit 39cc4aa. * Revert "fix: address Cubic AI review feedback on OAuth2 endpoints" This reverts commit 97bf593. * docs * fix: address Cubic AI review feedback on OAuth2 endpoints - Fix getClient to use handleClientError instead of handleTokenError (confidence 10) - Restore legacy /exchange and /refresh endpoints for backward compatibility (confidence 9) - Fix RFC 6749 error format: use human-readable messages in error_description (confidence 9) - Fix errorDescription in OAuthService to use OAUTH_ERROR_REASONS mapping (confidence 9) Co-Authored-By: unknown <> * fix: address additional Cubic AI feedback on OAuth2 endpoints - Fix security issue: Replace 'CALENDSO_ENCRYPTION_KEY is not set' with generic 'Internal server configuration error' message (confidence 10/10) - Fix backward compatibility: Create OAuth2LegacyTokensDto with camelCase properties for legacy /exchange and /refresh endpoints (confidence 9/10) - Skipped: RFC 6749 error field issue (confidence 8/10, below threshold) Co-Authored-By: unknown <> * e2e * Revert "fix: address additional Cubic AI feedback on OAuth2 endpoints" This reverts commit a080e93. * Revert "fix: address Cubic AI review feedback on OAuth2 endpoints" This reverts commit 04986a1. * fix: re-apply Cubic AI review feedback on OAuth2 endpoints - Restore OAuth2LegacyExchangeInput and OAuth2LegacyRefreshInput classes - Restore legacy /exchange and /refresh endpoints in OAuth2Controller - Restore OAuth2LegacyTokensDto and OAuth2TokensResponseDto classes - Restore OAUTH_ERROR_DESCRIPTIONS mapping in oauth2-error.service.ts - Restore OAUTH_ERROR_REASONS lookup in OAuthService.ts mapErrorToOAuthError - Fix encryption_key_missing error to not expose internal env var name Addresses Cubic AI feedback with confidence >= 9/10: - Comment 32 (9/10): Legacy endpoints and input classes - Comment 34 (9/10): Error description mapping in OAuthService - Comment 35 (10/10): OAUTH_ERROR_DESCRIPTIONS in error service Skipped (confidence < 9/10): - Comment 33 (8/10): getClient handleTokenError vs handleClientError Co-Authored-By: unknown <> * Revert "fix: re-apply Cubic AI review feedback on OAuth2 endpoints" This reverts commit 416bef9. * delete unused file * fix: e2e tests * address cubic review * fix: address Cubic AI review feedback on OAuth2 exception filter - Fix header case sensitivity: use lowercase 'x-request-id' instead of 'X-Request-Id' since Express lowercases all request headers - Redact request body in error logs to prevent exposing sensitive OAuth2 credentials like client_secret, password, and refresh_token Co-Authored-By: unknown <> * docs: api v2 oauth controller docs * chore: remove authorize endpoint * feat: owner can test non accepted OAuth client * fix: remove sensitive data from OAuth2 exception logs Remove Authorization header and userEmail from error logs in OAuth2HttpExceptionFilter to avoid logging sensitive information. Addresses Cubic AI review feedback (confidence 9/10). Co-Authored-By: unknown <> * fix: e2e --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…ll (#28047) Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* init * wiring up * fix type * feat: implement DI pattern for webhook producer in API v2 - Export IWebhookProducerService and getWebhookProducer from platform-libraries - Add WEBHOOK_PRODUCER token and useFactory provider in RegularBookingModule - Inject webhookProducer in RegularBookingService and pass to base class This follows the composition root pattern where only the NestJS module knows about getWebhookProducer(), and all consumers depend only on the IWebhookProducerService interface via constructor injection. Co-Authored-By: ali@cal.com <alishahbaz7@gmail.com> * test: migrate BOOKING_REQUESTED tests to new webhook architecture - Remove failing BOOKING_REQUESTED tests from fresh-booking.test.ts (4 tests) - Remove failing BOOKING_REQUESTED tests from reschedule.test.ts (2 tests) - Remove failing BOOKING_REQUESTED test from collective-scheduling.test.ts (1 test) - Replace WebhookTaskConsumer.test.ts with placeholder (constructor changed) - Create new webhook architecture test suite: - producer/WebhookTaskerProducerService.test.ts (14 tests) - consumer/WebhookTaskConsumer.test.ts (8 tests) - consumer/triggers/booking-requested.test.ts (8 tests) The new test suite is organized by trigger type for extensibility as more triggers are migrated to the producer/consumer pattern. Co-Authored-By: ali@cal.com <alishahbaz7@gmail.com> * test: remove paid events BOOKING_REQUESTED test (moved to new architecture) Co-Authored-By: ali@cal.com <alishahbaz7@gmail.com> * wrap webhook in own try-catch * wire datafetcher * fix * fix v2 * fix circular dependency * -- * merge-conflict-resolve * mreg-conflict-resolve * remove early return * test: add integration tests for BOOKING_REQUESTED webhook producer invocation Cover all 8 scenarios verifying the booking flow correctly invokes the webhook producer for BOOKING_REQUESTED: 1. Basic confirmation → queueBookingRequestedWebhook called 2. Booker-is-organizer + confirmation → still called 3. Confirmation threshold NOT met → not called (BOOKING_CREATED instead) 4. Confirmation threshold IS met → called 5. Paid event + confirmation → called after payment succeeds 6. Reschedule + confirmation (non-organizer) → called (not BOOKING_RESCHEDULED) 7. Reschedule + confirmation (organizer) → not called (BOOKING_RESCHEDULED instead) 8. Collective scheduling + confirmation → called Adds reusable MockWebhookProducer helper in @calcom/testing for extendable use as more webhook triggers migrate to the new architecture. Co-Authored-By: ali@cal.com <alishahbaz7@gmail.com> * fix bug * fix conditional check * remove unnecessary comment * add missing expect * remove empty test * clean up * tasker config * -- * fix missing metadata * remove faulty if else * test: add payload content verification tests for BOOKING_REQUESTED webhook Co-Authored-By: ali@cal.com <alishahbaz7@gmail.com> * remove unnecessary tests --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: Hariom Balhara <1780212+hariombalhara@users.noreply.github.com>
#27428) * feat: add keyboard shortcuts and tooltips to booking slideover buttons Co-Authored-By: peer@cal.com <peer@cal.com> * fix: remove duplicate useBookingLocation import and fix import ordering - Removed duplicate import of useBookingLocation from non-existent @calcom/web/modules/bookings/hooks/useBookingLocation path - Fixed import ordering to satisfy biome organizeImports rules - Removed unnecessary code comment - Original feature by @PeerRich via Devin AI Co-Authored-By: unknown <> * use same style arrows for both button and remove bydefault focus from them * fix join button tooltip hover * fix: disable keyboard shortcuts when overlays/dialogs are open on BookingDetailsSheet Co-Authored-By: unknown <> * fix: use focus-based detection instead of selector-based overlay detection for keyboard shortcuts Co-Authored-By: unknown <> * fix: allow keyboard shortcuts when focus is on sheet ancestors Co-Authored-By: unknown <> * fix: use capture phase for keyboard handler to prevent Enter from activating focused buttons Co-Authored-By: unknown <> * fix: allow shortcuts when focus is on page elements outside any Radix portal Co-Authored-By: unknown <> * fix: handle calendar event clicks in onInteractOutside to prevent sheet close/reopen Co-Authored-By: unknown <> * fix: stop arrow key propagation to prevent Radix dropdown from opening during booking navigation Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: always stop arrow key propagation when sheet is active, even at first/last booking Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * refactor: extract keyboard handler into testable utility with tests Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: resolve type errors in keyboard handler config and test mocks Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * test: add e2e tests for booking sheet keyboard shortcuts Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * fix: replace text= locators with data-testid selectors in e2e tests Co-Authored-By: eunjae@cal.com <hey@eunjae.dev> * made 3 fixes: Fix 1 — Stabilize handleNext/handlePrevious/handleClose with useCallback In BookingDetailsSheet.tsx, all three handler functions were plain arrow functions recreated on every render, causing the useEffect to tear down and re-attach the document keydown listener unnecessarily. Wrapped all three in useCallback with proper dependency arrays (the Zustand store functions they call). Fix 2 — data-booking-list-item verified (no change needed) Confirmed that data-booking-list-item is rendered on BookingListItem.tsx and data-booking-calendar-event is rendered on Event.tsx. The onInteractOutside handler in the final merged state correctly checks both selectors. No code change required. Fix 3 — Removed dead code from JoinMeetingButton Reverted JoinMeetingButton back to a plain function component: Removed forwardRef wrapping (no caller passes a ref) Removed showTooltip prop (unused — tooltip is handled by the parent BookingDetailsSheet) Removed ref prop from the inner Button Removed unused Tod forwardRef imports --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: Dhairyashil <dhairyashil10101010@gmail.com> Co-authored-by: eunjae@cal.com <hey@eunjae.dev> Co-authored-by: Dhairyashil Shinde <93669429+dhairyashiil@users.noreply.github.com>
* feat(meta-pixel): add trackingEvent to zod schema * fix: do not allow trackingEvent to be optional * feat(meta-pixel): add trackingEvent selection dropdown to UI * feat(meta-pixel): add trackingEvent to Event Type App Data * fix(meta-pixel): implement history API hook for SPA conversion tracking * fix(meta-pixel): check for cancel in URL and prevent Re-wrapping of pushState * Update EventTypeAppSettingsInterface.tsx * fix: make trackingEvent optional in zod schema to fix type-check --------- Co-authored-by: Sahitya Chandra <sahityajb@gmail.com>
…8n param support (#27373) * feat: Add infrastructure for no-show audit integration - Add Prisma migrations for SYSTEM source and NO_SHOW_UPDATED audit action - Add NoShowUpdatedAuditActionService with array-based attendeesNoShow schema - Update BookingAuditActionServiceRegistry to include NO_SHOW_UPDATED - Update BookingAuditTaskConsumer and BookingAuditViewerService - Add AttendeeRepository methods for no-show queries - Update IAuditActionService interface with values array support - Update locales with no-show audit translation keys Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * fix: Add NO_SHOW_UPDATED to BookingAuditAction and SYSTEM to ActionSource types Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * fix: Remove HOST_NO_SHOW_UPDATED and ATTENDEE_NO_SHOW_UPDATED from BookingAuditAction type to match Prisma schema Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * fix: Update BookingAuditActionSchema to use NO_SHOW_UPDATED instead of HOST_NO_SHOW_UPDATED and ATTENDEE_NO_SHOW_UPDATED Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * refactor: Remove deprecated no-show audit services and unify to NoShowUpdatedAuditActionService - Delete HostNoShowUpdatedAuditActionService and AttendeeNoShowUpdatedAuditActionService - Update BookingAuditProducerService.interface.ts to use queueNoShowUpdatedAudit - Update BookingAuditTaskerProducerService.ts to use queueNoShowUpdatedAudit - Update BookingEventHandlerService.ts to use onNoShowUpdated - Add integration tests for NoShowUpdatedAuditActionService Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * fix: Add data migration step for deprecated no-show enum values Addresses Cubic AI review feedback (confidence 9/10): The migration now includes an UPDATE statement to convert existing records using the deprecated 'host_no_show_updated' or 'attendee_no_show_updated' enum values to the new unified 'no_show_updated' value before the type cast. This prevents migration failures if any existing data uses the old values. Co-Authored-By: unknown <> * fix: Use CASE expression in USING clause for enum migration Fixes PostgreSQL error 'unsafe use of new value of enum type' by avoiding the ADD VALUE statement and instead using a CASE expression in the ALTER TABLE USING clause to convert deprecated enum values (host_no_show_updated, attendee_no_show_updated) to the new unified value (no_show_updated) during the type conversion. Co-Authored-By: unknown <> * fix: Replace hardcoded color with semantic text-success class Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * fix: Remove color class completely from display fields Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * feat: Add valuesWithParams support for translatable complex field values Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * refactor(booking-audit): use discriminated union for displayFields and update consumers Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * fix: add explicit return type to getBookingHistoryHandler to bust stale tRPC build cache Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * refactor: replace $t() nested interpolation with separate translation keys and add translationsWithParams tests Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
) * fix: add CSRF protection to OAuth callback via HMAC-signed nonce The OAuth state parameter was used only for passing application data (returnTo, teamId) with no cryptographic binding to the user session. An attacker could authorize their own account on a provider, capture the authorization code, and trick a logged-in user into visiting the callback URL to link the attacker's account to the victim's Cal.com profile. Changes: - encodeOAuthState: generate a random nonce and HMAC-sign it with NEXTAUTH_SECRET + userId, injecting both into the OAuth state - decodeOAuthState: verify the HMAC on callback using timingSafeEqual; skip verification when nonce is absent (backwards compatible with apps that don't yet use encodeOAuthState) - Stripe callback: replace raw state.returnTo redirect with getSafeRedirectUrl to prevent open redirect, remove redundant getReturnToValueFromQueryState, add missing return on access_denied Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: make CSRF nonce verification mandatory with allowlist for exempt apps Makes nonce/HMAC verification mandatory by default in decodeOAuthState, preventing attackers from bypassing CSRF protection by omitting nonce fields from the state parameter. Apps not yet migrated to encodeOAuthState (stripe, basecamp3, dub, webex, tandem) are explicitly allowlisted and pass their slug to decodeOAuthState to skip verification. Addresses review feedback (identified by cubic) about the conditional check being trivially bypassable. Co-Authored-By: unknown <> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: prevent deselecting active option in ToggleGroup
Radix UI's single-type ToggleGroup allows deselection by default,
calling onValueChange("") when the active item is clicked.
Fix by converting to controlled mode with proper dual-mode support:
- Controlled (value prop): parent owns state, component just filters
empty values from onValueChange. Parent can still reject changes.
- Uncontrolled (defaultValue prop): internal useState prevents
deselection by only updating state for non-empty values.
* Update ToggleGroup.tsx
---------
Co-authored-by: Sahitya Chandra <sahityajb@gmail.com>
Co-authored-by: Eunjae Lee <hey@eunjae.dev>
…27837) * fix: update routing form identifier hint text with learn more link Co-Authored-By: carina@cal.com <c.wollendorfer@me.com> * UI improvements --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: CarinaWolli <wollencarina@gmail.com>
…erViewed vs bookerReloaded events (#27379) Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…e:process (#27387) * fix: use import.meta.env instead of process.env in embed.ts Using import.meta.env is Vite's native way to handle environment variables in browser bundles. This prevents biome from auto-adding 'import process from node:process' which breaks the embed.js in browsers. Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * Remove unncessar comment * fix: migrate remaining process.env to import.meta.env in embed.ts Complete the migration started by @hariombalhara by also converting process.env usages at lines 1681, 1682, and 1700 to import.meta.env. Update env.d.ts to include EMBED_PUBLIC_EMBED_FINGER_PRINT, EMBED_PUBLIC_EMBED_VERSION, and INTEGRATION_TEST_MODE types. This ensures no process.env references remain in embed.ts, fully preventing Biome from auto-adding import process from node:process. Co-Authored-By: unknown <> * fix: add biome overrides for embed-core to prevent auto-import of node:process Reverts import.meta.env back to process.env since API V2's tsconfig uses module: commonjs which doesn't support import.meta. Instead, adds biome overrides for embed-core to disable useNodejsImportProtocol, noProcessEnv, and noProcessGlobal rules that were causing biome to auto-add 'import process from node:process' on save. Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…arser.ts (#28096) * refactor: replace manual provider logic with getAppFromLocationValue * chore: revert changes and remove stale comment --------- Co-authored-by: Romit <85230081+romitg2@users.noreply.github.com>
* fix(caldav): use consistent UIDs and inject VTIMEZONE in iCalendar output Two remaining CalDAV interop issues from #9485: 1. UID consistency: use the booking's canonical UID (event.uid) instead of always generating a new random UUID. CalDAV servers use UID as the event identifier — different UIDs cause duplicate calendar entries. 2. VTIMEZONE injection: the ics library generates UTC times with no VTIMEZONE block. CalDAV servers like Fastmail read this as UTC and send scheduling emails with wrong times. Per RFC 5545 §3.6.5, DTSTART with TZID requires a matching VTIMEZONE component. We now build a proper VTIMEZONE using binary-searched DST transitions for the event's year, handling Northern/Southern hemisphere correctly. * fix: use pre-transition offset for VTIMEZONE DTSTART per RFC 5545 The DTSTART in VTIMEZONE components must represent the local time interpreted with the pre-transition offset (TZOFFSETFROM), not the post-transition offset. For example, US Eastern spring forward DTSTART should be 02:00 (EST), not 03:00 (EDT). * Remove comments on UID handling in createEvent Removed comments about UID handling for calendar events. * Revise injectVTimezone documentation Update injectVTimezone function documentation to clarify UTC handling. --------- Co-authored-by: Anik Dhabal Babu <81948346+anikdhabal@users.noreply.github.com>
…ailsSheet (#28140) Co-Authored-By: unknown <> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…lling strategies (#28143) - Add strategyName property to ISeatBillingStrategy interface and all implementations - Log which strategy handled the invoice.upcoming webhook (not just whether it applied) - Always log strategy result (not just when applied=true) for better observability - Rename highWaterMarkApplied to strategyApplied since applied covers multiple strategies Co-Authored-By: unknown <> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…rs (#27942) * SMS reminders not trigger * addressed devin review * Add tests: packages/features/ee/workflows/lib/service/scheduleLazySMSWorkflow.test.ts Generated by Paragon from proposal for PR #27942 * Add tests: packages/features/ee/workflows/lib/reminders/reminderScheduler.smsLazy.test.ts Generated by Paragon from proposal for PR #27942 * Add tests: packages/features/tasker/tasks/sendWorkflowSMS.test.ts Generated by Paragon from proposal for PR #27942 * Add tests: packages/features/ee/workflows/lib/reminders/smsReminderManager.test.ts Generated by Paragon from proposal for PR #27942 * Delete packages/features/ee/workflows/lib/reminders/reminderScheduler.smsLazy.test.ts * fix: update sendWorkflowSMS tests to match refactored implementation Co-Authored-By: anik@cal.com <adhabal2002@gmail.com> * fix: use smsReminderNumber fallback for attendee phone in SMS workflows Co-Authored-By: anik@cal.com <adhabal2002@gmail.com> * revert: keep only scheduleSMSReminders.ts changes, revert all other files Co-Authored-By: anik@cal.com <adhabal2002@gmail.com> * fix: restore reminderScheduler.ts and smsReminderManager.ts to original branch state Co-Authored-By: anik@cal.com <adhabal2002@gmail.com> * fix: use smsReminderNumber fallback for attendee phone in WhatsApp reminders Co-Authored-By: anik@cal.com <adhabal2002@gmail.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…st behind proxy (#28144) Replace request.url with WEBAPP_URL from @calcom/lib/constants as the base URL for NextResponse.redirect() in booking confirmation API routes. Behind a reverse proxy, request.url resolves to http://localhost:3000 instead of the public domain. Fixes #20358 Co-Authored-By: unknown <> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…7588) * feat: add no users found fallback action for routing forms - Add NoUsersFoundFallbackActionType enum with CustomPageMessage and ExternalRedirectUrl options - Add noUsersFoundFallbackAction field to zodNonRouterRoute schema - Add NoUsersFoundFallback UI component in RouteBuilder for configuring fallback action - Update handleResponse to return noUsersFoundFallbackAction when no team members match - Add i18n translation keys for new UI strings Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * refactor: change fallback to use same action options as main route - Replace noUsersFoundFallbackAction with fallbackAction that has same structure as main action - Add action dropdown and input fields to fallback attributes query builder section - Support Event redirect, External URL, and Custom page options in fallback - Remove separate NoUsersFoundFallback toggle component - Update handleResponse to return fallbackAction Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: ensure fallbackAction type is always defined in onChange handlers Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: add guards for route.fallbackAction in onChange handlers Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: only return fallbackAction when no users are found Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * refactor: restructure fallback section to mirror main route structure Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: ensure backwards compatibility for existing routes with fallbackAttributesQueryValue Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: initialize fallbackAction with main event type for backwards compatibility Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: include fallbackAction in getRoutesToSave to persist changes Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: use fallbackAction in getRoutedUrl when no team members found Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: use i18n for fallback label and add tests for fallback action Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: do not trigger fallback action when CRM contact owner is found Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: prioritize fallbackAction over fallbackAttributesQueryValue When a route has a fallbackAction configured, skip the fallbackAttributesQueryValue to ensure the fallbackAction is triggered when no team members are found. This maintains backwards compatibility by only using fallbackAttributesQueryValue when fallbackAction is not set. Also treats teamMemberIdsMatchingAttributeLogic being null (routing couldn't run, e.g., missing orgId) the same as an empty array for the purpose of triggering the fallbackAction. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor: extract RouteActionSelector shared component for action selection UI Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: add i18n string for default custom page message Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * feat: add webhook trigger when routing form fallback route is hit - Add ROUTING_FORM_FALLBACK_HIT to WebhookTriggerEvents enum in Prisma schema - Add new trigger to routing-forms webhook triggers in constants - Add translation string for the new webhook trigger - Implement triggerFallbackWebhook function in formSubmissionUtils.ts - Call webhook trigger from handleResponse.ts when fallback action is used Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: remove webhook object from error log to avoid exposing secrets Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * revert: remove webhook trigger changes (to be moved to separate PR) Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * feat: add webhook trigger when routing form fallback route is hit - Add ROUTING_FORM_FALLBACK_HIT to WebhookTriggerEvents enum in Prisma schema - Add new trigger to routing-forms webhook triggers in constants - Add translation string for the new webhook trigger - Implement triggerFallbackWebhook function in formSubmissionUtils.ts - Call webhook trigger from handleResponse.ts when fallback action is used Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: remove webhook object from error log to avoid exposing secrets Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: add ROUTING_FORM_FALLBACK_HIT to PayloadBuilderFactory trigger mapping Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * style: apply biome formatting fixes Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: restore removed comments in RouteBuilder Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * chore: add prisma migration for ROUTING_FORM_FALLBACK_HIT enum value Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * fix: add ROUTING_FORM_FALLBACK_HIT to FormTriggerEvents type union Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * test: add test coverage for triggerFallbackWebhook function Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * refactor: consolidate fallback webhook firing with form submission webhooks Move ROUTING_FORM_FALLBACK_HIT webhooks into the same Promise.all() batch as FORM_SUBMITTED / FORM_SUBMITTED_NO_EVENT, eliminating redundant getWebhooks/getWebhookTargetEntity/getOrgIdFromMemberOrTeamId calls. - Add fallbackAction parameter to _onFormSubmission and onSubmissionOfFormResponse - Remove triggerFallbackWebhook function and all its usages/imports - Move getFallbackAction() earlier in handleResponse.ts and pass result through - Update all tests to verify batched webhook behavior Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com> * Add UI option for trigger * feat: persist fallbackAction on queued form responses When a routing form response is queued, the fallbackAction determined during routing is now stored on the QueuedFormResponse record. When the queued response is later converted to a real FormResponse, the stored fallbackAction is passed to onSubmissionOfFormResponse so the ROUTING_FORM_FALLBACK_HIT webhook fires correctly. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * test: add coverage for fallbackAction in queued form response flow Verify that fallbackAction is persisted when queuing and passed through to onSubmissionOfFormResponse when the queued response is converted. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
…27853) * sessionUser in features * update sessionMiddleware * update * format changes * update import paths * fix * fix ts errors * refactor * fix * fix * fix * fix * rename * rename * rename * use error with code objs
Co-Authored-By: unknown <> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* feat: Configure cancellation reason * fix: use enums * tests: add unit tests * fix: type error * chore: remove duplicate dialog * fix: type erro * refator: improvements * refator: improvements --------- Co-authored-by: Keith Williams <keithwillcode@gmail.com> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* perf: improve getTotalBookingDuration query * perf: improve getTotalBookingDuration query * test: add unit tests for getTotalBookingDurationForUsers and yearly duration pre-fetching Co-Authored-By: udit@cal.com <udit222001@gmail.com> * fix: integration tests * fix: update tests * fix: use vi.stubEnv instead of direct process.env modification for test isolation Replace direct deletion of process.env variables with vi.stubEnv() to ensure automatic restoration after tests, preventing flaky tests and side effects in parallel execution. Issue identified by Cubic AI (confidence: 9/10) Co-Authored-By: unknown <> * chore: add log * refactor: imports --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* feat: workflow auto translation * tests: add unit tests * refactor: tests and workflow * fix: type err * fix: type err * fix: remove redundant index on WorkflowStepTranslation The @@index on [workflowStepId, field, targetLocale] duplicates the @@unique constraint on the same columns. A unique index already provides efficient lookups, so the separate @@index adds storage overhead and write latency without benefit. Addresses Cubic AI review feedback (confidence 9/10). Co-Authored-By: unknown <> * fix: correct locale mapping when translation API returns null Map translations with their corresponding locales before filtering to preserve correct locale-to-translation associations. Previously, filtering out null translations would reindex the array, causing incorrect locale mappings when any translation in the batch failed. Also fixes pre-existing lint warnings: - Move exports to end of file - Add explicit return type to processTranslations - Replace ternary with if-else for upsertMany selection Co-Authored-By: udit@cal.com <udit222001@gmail.com> * fix: address review feedback for workflow auto-translation - Add change detection before creating translation tasks - Rename userLocale to sourceLocale in task props for clarity - Show source language in UI with new translation key - Extract SUPPORTED_LOCALES to shared translationConstants.ts - Fix locale mapping bug in translateEventTypeData.ts - Add WhatsApp translation support - Abstract translation lookup into shared translationLookup.ts helper - Restore if-else readability for SCANNING_WORKFLOW_STEPS Co-authored-by: Udit Takkar <udit.takkar@cal.com> Co-Authored-By: unknown <> * fix: update test to use sourceLocale instead of userLocale Co-Authored-By: unknown <> * refactor: feedback * fix: handle first time * fix: tests * fix: tests * fix: address Cubic AI review feedback (confidence 9/10 issues) - WhatsApp translation: Apply variable substitution using getSMSMessageWithVariables and clear contentSid when using translated body to ensure Twilio uses the translated text instead of the original template - update.handler.ts: Change sourceLocale assignment from ?? to || for consistency with tasker payload behavior (line 481) - ITranslationService.ts: Rename methods from plural to singular naming: - getWorkflowStepTranslations -> getWorkflowStepTranslation - getEventTypeTranslations -> getEventTypeTranslation Updated all call sites and tests accordingly Co-Authored-By: unknown <> * fix: address Cubic AI review feedback (confidence 9/10+ issues) - Fix getSMSMessageWithVariables to handle WHATSAPP_ATTENDEE action for locale and timezone (confidence 9/10) - Remove WhatsApp translation feature that set contentSid to undefined since Twilio ignores body parameter for WhatsApp and requires pre-approved Message Templates (confidence 10/10) Co-Authored-By: unknown <> * fix: translatio * Add tests: packages/features/eventTypeTranslation/repositories/EventTypeTranslationRepository.test.ts Generated by Paragon from proposal for PR #27087 * Add tests: packages/features/tasker/tasks/translateWorkflowStepData.test.ts Generated by Paragon from proposal for PR #27087 * chore: nit * chore: verfied atg * fix: set sourceLocale for new steps, add shouldDirty to checkbox, remove spec docs - Set sourceLocale fallback in addedSteps mapping to fix stale detection mismatch - Add { shouldDirty: true } to autoTranslateEnabled checkbox onChange - Remove specs/workflow-translation/ directory (planning docs, not for repo) Co-authored-by: Udit Takkar <udit.07.takkar@gmail.com> Co-Authored-By: unknown <> * chore: add specs back * fix: type error * fix: type error * fix: type err * fix: tests * refactor: feedback * fix: type err * refactor --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: Udit Takkar <udit.takkar@cal.com> Co-authored-by: Udit Takkar <udit.07.takkar@gmail.com>
* fix: hide branding for teams * fix: remove unused organizationId and username fields from profiles select Addresses Cubic AI review feedback (confidence 9/10) to select only the profile fields that are actually used. The organizationId and username fields were fetched but never referenced in this function. Co-Authored-By: unknown <> * fix: unit tests * fix: add prisma named export to test mock Co-Authored-By: rajiv@cal.com <sahalrajiv6900@gmail.com> * Add tests: packages/features/profile/lib/hideBranding.test.ts Generated by Paragon from proposal for PR #27643 * chore: implement cubic feedback * fix: merge conflicts * fix: unit tests * fixup * refactor: implement DI pattern for event type service * fix: atoms build --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* feat: calendar cache and sync - wip * Add env.example * refactor on CalendarCacheEventService * remove test console.log * Fix type checks errors * chore: remove pt comment * add route.ts * chore: fix tests * Improve cache impl * chore: update recurring event id * chore: small improvements * calendar cache improvements * Fix remove dynamic imports * Add cleanup stale cache * Fix tests * add event update * type fixes * feat: add comprehensive tests for new calendar subscription API routes - Add tests for /api/cron/calendar-subscriptions-cleanup route (9 tests) - Add tests for /api/cron/calendar-subscriptions route (10 tests) - Add tests for /api/webhooks/calendar-subscription/[provider] route (11 tests) - Add missing feature flags for calendar-subscription-cache and calendar-subscription-sync - All 30 tests pass with comprehensive coverage of authentication, feature flags, error handling, and service instantiation Tests cover: - Authentication scenarios (API key validation, Bearer tokens, query parameters) - Feature flag combinations (cache/sync enabled/disabled states) - Success and error handling (including non-Error exceptions) - Service instantiation with proper dependency injection - Provider validation for webhook endpoints Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * feat: add comprehensive tests for calendar subscription services, repositories, and adapters - Add unit tests for CalendarSubscriptionService with subscription, webhook, and event processing - Add unit tests for CalendarCacheEventService with cache operations and cleanup - Add unit tests for CalendarSyncService with Cal.com event filtering and booking operations - Add unit tests for CalendarCacheEventRepository with CRUD operations - Add unit tests for SelectedCalendarRepository with calendar selection management - Add unit tests for GoogleCalendarSubscriptionAdapter with subscription and event fetching - Add unit tests for Office365CalendarSubscriptionAdapter with placeholder implementation - Add unit tests for AdaptersFactory with provider management and adapter creation - Fix lint issues by removing explicit 'any' type casting and unused variables - All tests follow Cal.com conventions using Vitest framework with proper mocking Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * fix: improve calendar-subscriptions-cleanup test performance by adding missing mocks - Add comprehensive mocks for defaultResponderForAppDir, logger, performance monitoring, and Sentry - Fix slow test execution (933ms -> <100ms) caused by missing dependency mocks - Ensure consistent test performance across different environments Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * Fix tests * Fix tests * type fix * Fix coderabbit comments * Fix types * Fix test * Update apps/web/app/api/cron/calendar-subscriptions/route.ts Co-authored-by: Alex van Andel <me@alexvanandel.com> * Fixes by first review * feat: add database migrations for calendar cache and sync fields - Add CalendarCacheEventStatus enum with confirmed, tentative, cancelled values - Add new fields to SelectedCalendar: channelId, channelKind, channelResourceId, channelResourceUri, channelExpiration, syncSubscribedAt, syncToken, syncedAt, syncErrorAt, syncErrorCount - Create CalendarCacheEvent table with foreign key to SelectedCalendar - Add necessary indexes and constraints for performance and data integrity Fixes database schema issues causing e2e test failures with 'column does not exist' errors. Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * only google-calendar for now * docs: add Calendar Cache and Sync feature documentation - Add comprehensive feature overview and motivation - Document feature flags with SQL examples - Include SQL examples for enabling features for users and teams - Reference technical documentation files Addresses PR #23876 documentation requirements Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * docs: update calendar subscription README with comprehensive documentation - Undo incorrect changes to main README.md - Update packages/features/calendar-subscription/README.md with: - Feature overview and motivation - Environment variables section - Complete feature flags documentation with SQL examples - SQL examples for enabling features for users and teams - Detailed architecture documentation Addresses PR #23876 documentation requirements Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * fix docs * Fix test to available calendars * Fix test to available calendars * add migration and sync boilerplate * fix typo * remove double log * sync boilerplate * remove console.log * only subscribe for google calendar * adjust for 3 months fetch * only subscribe for teams that have feature enabled * adjust tests * chore: safe increment error count Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * calendar sync * test: add comprehensive tests for CalendarSyncService - Add comprehensive test coverage for CalendarSyncService methods - Test handleEvents, cancelBooking, and rescheduleBooking functionality - Cover edge cases like missing UIDs, malformed UIDs, and error handling - Fix dynamic import usage in CalendarSyncService to use .default - Remove invalid properties from handleNewBooking call to fix type errors Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * fix: add skipCalendarSyncTaskCreation flag to handleCancelBooking to prevent infinite loops - Add skipCalendarSyncTaskCreation field to bookingCancelSchema in zod-utils.ts - Update handleCancelBooking to skip EventManager.cancelEvent when flag is true - Update CalendarSyncService.cancelBooking to pass skipCalendarSyncTaskCreation: true - Update CalendarSyncService.rescheduleBooking to pass skipCalendarSyncTaskCreation: true - Update tests to verify the flags are passed correctly This prevents infinite loops when calendar events are cancelled/rescheduled from external calendars (Google/Office365) which trigger webhooks to Cal.com, which would otherwise try to update the external calendar again. Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * refactor: rename flag to skipCalendarSyncTaskCancellation and use static imports - Rename skipCalendarSyncTaskCreation to skipCalendarSyncTaskCancellation in handleCancelBooking - Convert dynamic imports to static imports in CalendarSyncService - Update tests to use vi.hoisted for proper mock hoisting with static imports Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * feat: add error handling and static import for handleNewBooking - Create index.ts entry point for handleNewBooking directory - Add try-catch error handling to cancelBooking and rescheduleBooking - Log errors but don't block calendar sync operations - Update tests to verify errors are caught and logged, not thrown Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * refactor: use RegularBookingService directly and fix safeStringify usage - Remove handleNewBooking/index.ts and call getRegularBookingService().createBooking() directly in CalendarSyncService - Fix safeStringify usage: apply to error itself, not wrapper object - Update tests to mock getRegularBookingService instead of handleNewBooking Addresses PR comments from Volnei and Cubic-dev-ai Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * fix: restore handleNewBooking/index.ts and fix bookingData structure for calendar sync - Restore handleNewBooking/index.ts as entry point for static imports - Fix CalendarSyncService.rescheduleBooking to use correct bookingData structure with required fields (eventTypeId, start, end, timeZone, language, metadata) - Use rescheduleUid to indicate this is a reschedule operation - Fix safeStringify usage in error logging (wrap only the error, not the whole object) - Update tests to match new bookingData structure Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * refactor: address PR comments - use RegularBookingService directly, remove unnecessary flags, fix booking reference update - Remove handleNewBooking/index.ts wrapper and use getRegularBookingService().createBooking() directly in CalendarSyncService - Remove allRemainingBookings and cancelSubsequentBookings flags from cancelBooking (only cancel the specific booking, not the entire series) - Move bookingReference update outside skipCalendarSyncTaskCancellation block for data consistency - Update tests to match new implementation Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * chore: remove unnecessary comment from zod-utils.ts Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * feat: add Sentry metrics telemetry and fix null assertions in CalendarSyncService Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * fix: use dynamic import for getRegularBookingService to avoid RAQB import in server context Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * fix: use dynamic import for findTeamMembersMatchingAttributeLogic to avoid RAQB import in server context Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com> * improve booking update * add more tests and edge cases * fix: add required actionSource and Sentry mocks to calendar sync Add actionSource: "SYSTEM" to handleCancelBooking call after it became required, and mock @sentry/nextjs in test files. --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: Alex van Andel <me@alexvanandel.com> Co-authored-by: Keith Williams <keithwillcode@gmail.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* fix: host location option * feat: add per-host locations seed data for Round Robin event type Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * refactor: move per-host locations seed to Acme Org with dedicated event type Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * fix: check app existence before creating credentials in per-host location seed Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> * refactor: remove credential-based app seeding, use simple location types instead Co-Authored-By: hariom@cal.com <hariombalhara@gmail.com> --------- Co-authored-by: Udit Takkar <udit222001@gmail.com> Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: Udit Takkar <53316345+Udit-takkar@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )