QT/sure - sure

QT/sure

mirror of https://github.com/we-promise/sure.git synced 2026-05-28 15:04:57 +00:00

Author	SHA1	Message	Date
Guillem Arias Fauste	7c06fe6296	feat(recurring): allow marking transfers as recurring (#895 ) (#1589 ) Refs #895, discussion #1224. Adds a "Mark as recurring" entry point on the transfer detail drawer that creates a `RecurringTransaction` carrying both source and destination accounts. The recurring index, settings toggle (`recurring_transactions_disabled`), and projected upcoming feed all light up automatically once the data shape is there. Schema: * `destination_account_id` nullable FK to accounts. `on_delete: :cascade` matches #20251030172500's precedent for accounts FKs. The existing `account_id` FK is widened to cascade in the same migration so Family destruction with a recurring transfer doesn't FK-violate. * Two predicate-partitioned partial unique indexes per shape: non-transfer rows (`destination_account_id IS NULL`, original 5-column shape preserved) and transfer rows (6-column shape including the destination). Postgres treats NULLs as distinct in unique indexes, so widening would have broken non-transfer dedupe. * Two CHECK constraints enforcing transfer invariants in PostgreSQL: `chk_recurring_txns_transfer_requires_source` (destination implies source) and `chk_recurring_txns_transfer_distinct_accounts` (destination cannot equal source). Per CLAUDE.md "Enforce null checks, unique indexes, and simple validations in the database schema for PostgreSQL". * `Account` gains an `inbound_recurring_transfers` inverse so the destroy chain reaches both ends. Controller / behaviour: * `transfers#mark_as_recurring` mirrors `transactions#mark_as_recurring`: i18n flashes (4 new keys: transfer_marked_as_recurring, transfer_already_exists, transfer_creation_failed, transfer_feature_disabled), `respond_to format.html`, `redirect_back_or_to transactions_path`, server-side gate on `recurring_transactions_disabled?`, and rescue both `RecordInvalid` and `RecordNotUnique` for the race window between the dedupe `find_by` and `create_from_transfer`. The `StandardError` rescue now logs the exception (class, message, transfer/family/user ids) before surfacing the generic flash so production failures aren't context-less. * `RecurringTransaction.accessible_by(user)` now requires destination_account_id (when present) to be in the user's accessible set, so a recurring transfer never leaks to a user without access to BOTH endpoints. * Model validation gains a `destination_account.blank?` branch in `transfer_endpoints_consistent` so a dangling `destination_account_id` (referenced row destroyed) surfaces as a normal validation error instead of an FK exception on save. * `Identifier` filter for transfer-kind transactions moved into SQL. UI: * Recurring index table and projected feed render transfer rows with the existing letter-avatar and the row's `name` field ("Transfer to {destination}"). No special pill or icon -- every row in `/recurring_transactions` is recurring by definition. Amount column on transfers uses `text-secondary` (muted-but-live) instead of the income/expense colour, since transfers are zero-net for the family. Out of scope (called out in the PR body): * Auto-creation of future Transfer rows on a schedule (discussion #1224's primary ask). Behaviour change vs the current projection-only model. * Auto-identification of recurring transfer pairs in `Identifier`. * Frequency model richer than `expected_day_of_month`. * `Cleaner` for recurring transfers (issue #1590 tracks this). Tests: * `RecurringTransaction#transfer?` predicate (with / without destination). * `transfer_endpoints_consistent`: rejects same source and destination, rejects dangling destination_account_id, rejects cross-family destination. * `RecurringTransaction.create_from_transfer` happy path; multi-currency variant stores source-side currency. * `projected_entry` exposes source / destination on transfer rows. * `Identifier` skips transfer-kind transactions; creates a pattern from expense halves while ignoring co-resident transfer halves. * Destroying the destination account cascades to inbound recurring transfers (FK + AR association). * Unique partial index still de-duplicates non-transfer rows after the destination_account_id widening. * `transfers#mark_as_recurring` happy path, idempotent on second call, rejected when `recurring_transactions_disabled`. Suite: 3261 / 0 / 0 / 24 on the latest upstream/main. Lint clean. Brakeman clean. Signed-off-by: Guillem Arias Fauste <gariasf@proton.me>	2026-05-12 00:37:47 +02:00
ghost	be598aecf0	feat(providers): add Kraken exchange sync (#1759 ) * feat(providers): add Kraken exchange sync Adds family-scoped Kraken API-key connections, read-only balance and trade import, account setup/linking flows, provider status wiring, and focused test coverage. Closes #1758 * test(providers): avoid Kraken sample secret false positive * fix(providers): address Kraken review findings * fix(providers): address Kraken review cleanup * test(imports): stabilize transaction import ordering	2026-05-12 00:22:37 +02:00
Guillem Arias Fauste	f50c151e21	fix(design-system): DS::Alert alignment, accessibility, and hierarchy polish (#1734 ) * fix(design-system): align DS::Alert icon with title The icon was rendered at size 'sm' (w-4 h-4) and started at the very top of the flex row (items-start without an offset), which optically sat above the title's cap when the title was present and slightly above the message baseline when it wasn't. The hand-rolled alerts this PR replaced used 'w-5 h-5 mt-0.5' for exactly this reason — restore the same combination in the component: - size: sm -> md (w-4/h-4 -> w-5/h-5). - class adds mt-0.5 so the icon's vertical center lines up with the bold title's cap-height (and with the body baseline in the title-less case). No API change. Visual fix only. Refs #1731 * fix(design-system): split DS::Alert into title-row + indented body Replaces the items-start + margin-fudge approach with a two-row layout that doesn't depend on icon-bounding-box vs text-cap-height arithmetic: - Title case: icon and bold title share a flex row with items-center, so the icon's vertical centre lines up with the title's line. Body (block content or message) renders below in a separate row, padded by pl-8 (= icon md width + gap-3) so it indents under the title text rather than under the icon. - Block-only case (no title, no message — used by the alpha_vantage rate-limit alert): keeps the items-start fallback with a small mt-0.5 on the icon so the cap of the first paragraph still sits near the icon centre. - Single-line message case: items-center between icon and message, no fudge needed. container_classes loses its 'flex items-start gap-3' base since the outer div is no longer the flex container. Each branch declares its own flex/items-* combination. Refs #1731 * fix(design-system): a11y semantics + visual polish on DS::Alert Builds on the title-row restructure with the items the design / a11y review surfaced: - live: keyword (default :none, accepts :status / :polite and :alert / :assertive) maps to role="status" or role="alert" on the outer div. Static, page-baked alerts (the migrated callsites in #1731) keep the default :none and stay role-less. Dynamic surfaces (flash, validation summaries appearing after a Turbo update) opt into the live role they need. - aria-labelledby on the outer div pointing at the title <p> so AT picks the title as the alert's accessible name when one is set. - Variant prefix in the title / message via an sr-only span. Screen reader hears 'Warning: …', 'Error: …', etc.; sighted users see no change. Variant labels live under ds.alert.variants.* in config/locales/views/components/en.yml. - Body text inside titled alerts now defaults to text-secondary instead of text-primary, so hierarchy reads on weight + colour rather than weight alone (Refactoring UI: hierarchy needs both). Single-line message and block-only fallback keep text-primary since there is no second tier. - Icon size goes back from md (20px) to sm (16px) — proportionally closer to text-sm body — and the items-center branches grow -mt-0.5 to compensate for the cap-centre vs line-centre offset that flex's items-center alone can't bridge. - Title weight bumped from font-medium (500) to font-semibold (600) for clearer prominence against the now-softer body. No API breakage: existing callers passing only message:/title:/variant: keep working. The new live: arg defaults to the correct value for the static migration sites. Refs #1731 * fix(design-system): drop aria-labelledby when alert has no role; revert body to text-primary Two corrections after numerical contrast analysis and CodeRabbit feedback: 1. aria-labelledby was being emitted on every titled alert, but the default live: :none leaves the outer <div> with no role. ARIA spec only honours the labelling relationship on elements with a host role, so on a generic <div> the attribute is invalid and accessibility validators flag it. Now only emitted when aria_role is set (live: :status or :alert). Static, page-baked callsites stay role-less and label-less; dynamic callers that opt into a live role get the proper accessible-name relationship. 2. text-secondary on bg-{variant}/10 in light mode lands at ~4.07-4.25:1 contrast — below WCAG AA's 4.5:1 for normal text. Reverting the body wrapper to text-primary brings it back to AAA (~15:1). Loses some of the Refactoring UI body-vs-title colour hierarchy; the title's font-semibold weight + larger optical mass against an otherwise plain body still reads as hierarchy. Single-line message and block-only fallback already used text-primary, so this just unifies the three branches. The remaining contrast gap — text-success (green-600) icon on bg-success/10 light surface at 2.77:1 — is documented in the PR description; fixing it cleanly needs a token-level bump (--color-success: green-600 -> green-700 in light mode) which is out of scope for this PR. Refs #1731 * fix(settings/providers): use DS::Alert title:+message: instead of inline content_tag Three callsites added in #1710 passed block-level markup (`<p>`/`<h2>`) through `message:` via `safe_join + content_tag`. The post-#1731 alert template wraps `message:` in a `<p>`, which makes nesting a `<p>` or `<h2>` invalid HTML — browsers auto-close the outer paragraph and the indented body row collapses. Each of the three is semantically a title + body pair, so swap them to the proper `title:` + `message:` API. No new strings — the i18n keys (`.no_withdraw_title` / `_body`, `encryption_error.title` / `.message`) already split that way; the inline assembly was the artefact. The encryption-error block loses an explicit `<h2>` wrapper around the title; DS::Alert's title is a `<p>`. The visual hierarchy and sr-only variant prefix are unchanged. Worth tracking heading semantics as a follow-up against DS::Alert (a `heading_level:` arg) rather than bringing back the manual markup. fix(design-system): make :destructive variant alias explicit in DS::Alert locale Add `destructive: Error` to `ds.alert.variants` and drop the implicit `:destructive -> :error` aliasing in `DS::Alert#variant_label`. Both the locale file and the component now self-document the variant set; lookup is direct, no conditional needed. Per @jjmata review on #1734.	2026-05-11 23:29:05 +02:00
Juan José Mata	f6f9feba8a	Bank Sync cleanup (#1710 ) * feat(settings/providers): surface connection status in section headers Lifts the per-panel status indicator up to each collapsed accordion header so admins can see at a glance which providers are connected without expanding every section. Connected providers sort first. - Add optional status: and meta: locals to settings/_section partial; pill hides via group-open:hidden when the section is expanded - New settings/providers/_status_pill partial (ok/warn/err/off states) - Add SettingsHelper#provider_summary to centralise the connected-vs-not logic already scattered across panel partials - Refactor show.html.erb to pass status to every section and sort family_panels by connection state - Add settings.providers.status.* i18n keys - Add system tests asserting pill renders and sort order https://claude.ai/code/session_01KW2HCN9rP1fiyQuw7Cju9D * feat(settings/providers): group providers into Connected and Available Partition the provider list in the controller into @connected_providers and @available_providers based on provider_summary status, and render each group under its own heading with a count. Auto-open the section when only one provider is connected. Adds an empty-state line when nothing is connected yet. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(settings/providers): health strip, action-needed group, and sync error surfacing - Extend provider_summary to return :err/:warn with meta text by checking latest sync per item (window function, same pattern as ProviderConnectionStatus) and Enable Banking session expiry within 7 days - Partition provider entries into three groups: Connected (:ok), Action needed (:warn/:err, auto-opened), Available (:off) - Add Settings::HealthSummary ViewComponent — four-tile grid showing Connected, Action needed, Errors, and Accounts synced counts - Render health strip directly under page description; omit Action needed heading when group is empty - Add i18n keys for tile labels, group heading, and all meta strings Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * feat(settings/providers): card grid for available providers with connect drawer - Add Provider::Metadata registry with static display data (region, kind, tier, maturity, logo) for all 11 providers - Add Settings::ProviderCard ViewComponent rendering logo square, name, Beta/Alpha pill, meta line (region · type · tier), tagline, and Connect link - Add connect_form action + route (GET /settings/providers/:key/connect_form) that opens the existing panel partial or config form in a DS::Dialog drawer - Replace the Available accordion loop with a 2-column responsive card grid; empty state when all providers are connected - Fix layout override: use turbo_rails/frame layout for frame requests so the drawer response is not wrapped in the full settings layout (was causing Turbo to pick the empty outer drawer frame instead of the filled one) - Add SyncAllProvidersJob and last_sync_all_attempted_at migration (sync-all throttle support) - Unify Connected + Action needed into a single "Your connections" section; items with warn/err status auto-open - Fix Enable Banking grouping: items with expired sessions were returning :off (Available) instead of :warn (Your connections); gate now checks any? instead of any?(&:session_valid?) - Add reconsent_required locale key for fully-expired EB sessions - Surface Beta/Alpha maturity pills on connected provider accordion rows via new badge: param on settings_section helper - Add i18n taglines for all 11 providers; add connect and empty_available keys Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * feat(settings): retire /settings/bank_sync; merge into providers page - Delete Settings::BankSyncController and its views (the providers page is now a strict superset of what bank_sync offered) - Add permanent 301 redirect: GET /settings/bank_sync → /settings/providers - Collapse nav to a single "Bank Sync" entry pointing at /settings/providers; remove the duplicate admin-only "Providers" entry from the Advanced section - Remove "Providers" from SETTINGS_ORDER; point "Bank Sync" at settings_providers_path for next/prev navigation - Rename page title to "Bank Sync"; replace admin-credential lede with user-facing copy ("Connect external accounts…") - Update breadcrumb: Home → Bank sync - Add controller test asserting 301 status and Location header Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Migrations are 7.2 here * Minimize schema noise * Schema duplication * Small copy edits * Fix tests * Address provider settings review feedback * refactor(settings/providers): finish design-review cleanup pass Picks up the remaining items from Claude Design's review of #1710 that the previous review-feedback commit didn't cover. DS / casing - Sentence-case the page title ("Bank Sync" -> "Bank sync") and align the nav label. - Drop the card hover-lift (shadow-border-sm) in favour of bg-container-hover; per the DS, card hover is colour-only. - Whole-tile click target on each provider card — the inner "Connect ->" link was a hit-target inversion. - Set Sync all to whitespace-nowrap so the label stops wrapping at narrow viewport widths. UX simplifications - Drop the four health-summary tiles (per-row warn/err pills already surface the signal at the scale this app sees). Removes Settings::HealthSummary, the @health_counts controller block, and the now-unused health.* locale keys. - Hide "Your connections" heading + empty-state line when no providers are connected — the lede already invites a connect. - Drop the redundant "Free" tier from per-card meta lines (printed 10x for one fact); "Paid" still surfaces on Plaid. Tests updated to drop the obsolete tiles assertion and switch the provider-card click selector to look up the (now whole-card) anchor by provider name. * feat(settings/providers): replace Add another provider CTA with a search + kind filter Per the design review, the "Add another provider · Browse providers" card was a redirect to content one scroll-tick away. A search input plus kind chips lets users self-segment the catalog and is the right tool once it grows beyond the four to twelve providers we ship today. - New providers_filter Stimulus controller — case-insensitive free text search across name/region/kind, plus a chip group with All / Banks / Crypto / Investment that toggle visibility via Tailwind's `hidden` class. - _search_filters partial: search box (count-pluralized placeholder) + chip group, ARIA-labelled and aria-pressed for the chips. - ProviderCard exposes filter_data (target + name/region/kind data attrs) so the controller can match without re-rendering. - Lunchflow's `kind` was "Lunch" — switched to "Bank" so it falls under the Banks chip alongside its actual offering (it aggregates banks). - Drops the add_provider_cta partial and its locale entries; adds search_filters.* and an empty_filter message. * Private method fix * refactor(settings/providers): drawer cleanup, header lock-up, trust statement Per the design review's §07. - Drop the trailing "Configured / Not configured" footer status from every provider panel (binance, coinbase, coinstats, indexa_capital, lunchflow, mercury, simplefin, snaptrade, sophtron, provider_form). The parent details section's status pill already carries that signal; the footer was redundant — and the copy/styling was inconsistent across panels (free-text vs. dot pill, "configured" vs. "not connected"). - Connect drawer gets a header lock-up: small logo chip + provider name + maturity badge, mirroring the available-card layout. Implemented as _drawer_header partial; connect_form passes custom_header: true to DS::Dialog so we own the row. - Drawer footer trust statement: "Read-only — Sure can never move money. Stored encrypted." A single-line reassurance covering all panels. - Sentence-case the hardcoded primary buttons that were Title Case: "Save Configuration" -> "Save and connect" "Update Configuration" -> "Update connection" "Connect Bank" -> "Connect bank" Affects simplefin, lunchflow, enable_banking, provider_form. The i18n'd panels (binance, coinbase, coinstats, indexa_capital, mercury, snaptrade, sophtron) keep their existing keys. * chore(locales): drop unused provider-panel status strings Footer "Configured / Not configured" status was removed from each provider panel partial in the prior drawer-cleanup pass; the matching i18n keys are no longer referenced. Removing them across every locale to keep the catalogue clean. Dropped (15 keys × varying locale coverage, 36 line removals across 24 files): - coinstats_items.new.{status_configured_html, status_not_configured} - indexa_capital_items.panel.{status_configured_html, status_not_configured} - mercury_items.provider_panel.{configured_html, not_configured, accounts_link} - sophtron_items.sophtron_panel.status.{configured_html, not_configured} (parent `status:` removed where it became empty) - providers.snaptrade.{status_needs_registration, status_not_configured} (status_connected stays — still used by the lazy-load summary) - settings.providers.{binance_panel, coinbase_panel}.{status_connected, status_not_connected} * feat(settings/providers): connected-state polish per design §05 + Linked institutions rename Building the next phase of the design review. Pulls forward the slim health strip, denser connection rows, and "Linked institutions" heading rename — the small Phase A lift the designer flagged in §08 of the doc. - New _health_strip partial: single-line at-a-glance pulse — connected count + needs-attention count + accounts syncing + last-synced timestamp. Renders only when at least one provider is linked or needs action. - New _connection_row partial replaces the generic settings_section call for providers. Tighter rows: text-sm title (was text-lg), px-4 py-3.5 padding, single-line summary (chevron + name + maturity badge + meta + status pill + sync action). Warn/error rows get a coloured outline (border-warning/25 or border-destructive/25) so the at-risk row stands out without shouting. - "Sync all" button restyled to match the design's secondary button: text-primary, alpha-black-100 border, rounded-[10px], padding 7px 12px (was the broader px-3 py-1.5 ghost). - "Your connections" → "Linked institutions" heading, lifted from the designer's Phase-C reconciliation note. Primes users for the Option-C institution-search wizard six months early; existing i18n key stays as `groups.your_connections` for now to keep the rename to a single value flip. - Controller computes the new @health hash (connected, needs_attention, accounts_syncing, last_synced_at) feeding the strip; brings back the single accounts query that was removed with the four-tile component. System test updated for the new heading copy. * fix(settings/providers): align connected state with the final design mock Tightening the §05 polish to match the user-confirmed final design. - Revert "Linked institutions" → "Your connections". The §08 designer note about the Phase-A heading rename didn't carry forward to the final mock; keep the original wording. - Drop the warn/err auto-open on connection rows. The design shows Enable Banking collapsed with a warn-outline and a status pill — no auto-expanded form. Single-connection auto-open kept (handy when the page is otherwise empty). - Hide the "accounts syncing" segment in the health strip when the count is 0 — the design mock assumes a populated number; an always-visible "0 accounts syncing" reads as a placeholder. - Strip the leading "about " from `time_ago_in_words` everywhere the result is shown to the user (health strip "Last synced %{time} ago" plus per-row "Synced %{time} ago" meta). Matches the design's shorter copy. * refactor(settings/providers): tighten paddings, dedupe maturity badge, semantic + a11y fixes Pixel-level alignment to the design's §05 mock + cleanup from a DS audit pass. Paddings, margins, font sizes - Health strip: my-4 → mt-4 mb-5 to match the design's 16px / 20px vertical breathing room. - Search filters bar: gap-2 → gap-2.5; mt-2 → mt-5 mb-3 (was missing the 12px bottom margin entirely). - Search box: rounded-lg → rounded-[10px]; px-3 py-2 → px-[14px] py-[9px]. Search icon downsized w-4 → w-3.5 to match. - Chip group: p-1 → p-[3px]; rounded-lg → rounded-[10px]. - Chip: py-1 → py-[5px]; rounded-md → rounded-lg. - Group heading: mt-2 → mt-[18px]; mb-1 → mb-1.5. - Status pill: text-xs → text-[11px]. - Provider card: gap-3 → gap-2.5 (outer + top); name gets explicit text-sm; tagline + foot 14px → 13px; arrow icon w-4 → w-3.5. - Sync icon button: p-1 → fixed w-7 h-7 (28×28) so the row hit target matches the design's column width. - Connect drawer header logo glyph: text-[10px] → text-xs (matches the available card's logo-glyph treatment). Component / partial cleanup (DS audit follow-ups) - New _maturity_badge partial replaces the inline span that was duplicated in 3 places (_connection_row, _drawer_header, provider_card.html.erb). - Settings::ProviderCard.maturity_label class method centralizes the MATURITY_LABELS lookup; callers no longer reach into the constant. - _connection_row title: <h2> → <h3> (the row sits inside the "Your connections" h2 group heading; nested h2s flattened the outline). - show.html.erb encryption error: <h3> → <h2> for the same reason. Locale - Drop orphaned keys: settings.providers.groups.connected and groups.needs_attention (no view code uses them) plus the leftover show.coinbase_title block. - Health strip "needs reconsent" → "needs attention" so the strip copy lines up with the per-row status pill ("Action needed") and the original group heading wording. A11y - focus-visible:ring-2 on chip buttons, provider-card link, and focus-within:ring-2 on the search input wrapper. Keyboard users now get a visible focus state. - Search input: explicit autocomplete="off" (erb_lint hint). * fix(settings/providers): icons + search input height - Icons were rendering at 20px because the application_helper's `icon` default size (`md` = w-5 h-5) was beating the inline class override in compiled CSS source order. Pass `size: "sm"` and use the project's `!w-3.5 !h-3.5` important-prefix pattern (precedent: dashboard.html.erb) so chevron, refresh-cw, search, check, circle-alert, and arrow-right all render at the design's 14px. - Search input was 54px tall because @tailwindcss/forms applies `padding: 8px 12px` to bare `<input type="search">`. Override with `!p-0 focus:ring-0 focus:shadow-none` so the wrapping div's padding alone defines the box (38px total — matches the design). * refactor(settings/providers): align Sync all + search input with DS, address review feedback - Sync all: replace the hand-rolled `button_to` with `DS::Link.new(variant: "outline", method: :post)` — same component as the "Identify Patterns" button on the recurring-transactions page. - Search input: switch to the icon-overlay pattern used by the Manage-currencies and transaction filter rows (relative wrapper + absolutely positioned search icon + bordered input with `focus:ring-gray-500`). Brings the keyboard focus state in line with the rest of the app's filterable lists. - SnapTrade panel: restore the "needs registration" status row that the drawer-cleanup pass dropped along with the redundant Configured/Not configured footer. The unregistered case is meaningful state, not redundant chrome. - Move the slim health-strip computation out of the controller and into `SettingsHelper#provider_health_strip` (Convention 2: skinny controllers). - Extract `concise_time_ago` helper so the "drop leading 'about '" trick stops being duplicated 3x. - `Settings::ProviderCard#maturity_label` (instance) now delegates to `.maturity_label` (class) instead of duplicating the lookup. - Drop unused `warn_or_err` local in `_connection_row`. - Replace the `data-controller` string-injection + html_safe in `_connection_row` with `tag.details(data: ...)`; safer and more idiomatic. - Add a system test for the empty-filter message wiring. * fix(settings/providers): drawer trust statement uses border-tertiary `border-secondary/10` was reaching for the text-foreground token at 10% opacity for a divider. The project ships a dedicated divider token (`border-tertiary`, ~8% black) used by DS::Menu, the holdings page, and admin/sso forms. Switching to it makes the trust-statement HR match every other thin divider in Sure and stops misusing the text token as a border. * refactor(settings/providers): swap arbitrary Tailwind values for scale tokens Per the user's directive — DS-compliance over pixel-perfect alignment with the design mock. Walked the design audit and applied every swap that lands within ±2px of the original. Swaps: - _health_strip: gap-[18px] → gap-5 (+2), px-[14px] → px-3.5 (=), text-[13px] → text-sm (+1). - _search_filters: chip group p-[3px] → p-1, rounded-[10px] → rounded-xl (concentric with rounded-lg inner pills), chip py-[5px] → py-1. - _status_pill: text-[11px] → text-xs. - _group_heading: mt-[18px] → mt-5. - _maturity_badge: text-[10px] → text-xs. - provider_card: tagline + foot text-[13px] → text-sm. Kept arbitrary: `min-w-[200px]` in _search_filters — nearest scale tokens are min-w-48 (192px) and min-w-52 (208px); both are noticeable layout shifts for a one-off responsive guard. Worth keeping the arbitrary here. Net: 9 of 10 arbitrary values gone. Visual delta: max +2px on a single value. Design mock and DS scale now agree. * revert(settings/providers): drop the slim health strip Per-row status pills already carry the at-a-glance signal (connected / action needed) at the scale this app sees (1–4 connections per family). The strip was redundant chrome for almost every user; only worth bringing back if the catalog grows to a point where the row list itself stops fitting on a single screen. - Delete _health_strip.html.erb partial. - Drop @health controller assignment + provider_health_strip helper. - Drop unused settings.providers.health_strip.* locale keys. - concise_time_ago helper stays — still used by per-row meta text. * refactor(settings/providers): align with DS conventions Two consistency wins from the screenshot/DS audit pass. Sync icon button now renders DS::Button (variant: icon, size: sm) instead of a hand-rolled `button_to`. Same component used by other icon-only actions across the app (settings/profiles, layouts/imports). Visual delta: 28×28 → 32×32 (DS sm size). Accept the +4px for consistency. `event.stopPropagation()` still wired via the form opt so the row's <details> doesn't toggle when the user clicks the button. Group heading now follows the established Sure section-label style (`text-xs font-medium text-secondary uppercase`) used by `_settings_nav` and the imports/categories surfaces. The previous sentence-case `text-sm text-primary` was a one-off that didn't match the rest of the app. Locale strings stay sentence-case; uppercase comes from CSS `text-transform`. Tests updated to case-insensitively match the rendered heading text. * fix(provider/metadata): add plaid_eu entry `plaid_eu` is registered as a separate Provider::ConfigurationRegistry entry but had no Provider::Metadata row, so its card in the Available grid fell through to the gray-500 default and rendered empty (no region, kind, tier, or tagline). The title also came out as "Plaid Eu" because `titleize` doesn't know "EU" is an initialism. - Add a `plaid_eu` row to Provider::Metadata::REGISTRY with the same shape as `plaid` (US → EU, otherwise identical). - Introduce an optional `name:` field in metadata; controller falls back to it before titleizing the provider key. Lets `plaid_eu` render as "Plaid EU". - Add the missing `settings.providers.taglines.plaid_eu` translation. * fix(settings/providers): center-align Sync all next to the lede `items-start` made the button hug the first line when the lede wrapped; on a single line the button sat at the top of the text bounding box which read slightly off. Center matches the dominant convention across the rest of settings (api_keys, securities, hostings, _section, _settings_nav_link_large). * fix(settings/providers): drop colour palette + filter polish + drawer warnings Round of design-feedback fixes. Provider chips - Drop the per-provider raw Tailwind palette (bg-blue-600 etc.) from Provider::Metadata. All cards + drawer logo lock-up now use bg-surface-inset + text-primary, matching the design's §04 "drop colour entirely" recommendation. Solves the long-standing §01 BLOCKER without externalising brand assets. Re-introducing logos later just means an optional logo_svg: field on metadata. - ProviderCard component drops the `logo_bg:` parameter; the chip is now styled in the template. Filter / search - "Available · N" count and the empty-filter state now update client-side as the chip filter and free-text search narrow the grid (new `count` Stimulus target + dedicated update path). - Empty-filter state now offers a Clear filters button that resets both the search input and the active chip in one click. - Search placeholder drops the drifting "Search 9 providers" count for plain "Search providers" — the section heading carries the number. - Chip labels normalised to plural where natural: "Banks · Crypto · Investments" (Crypto stays as the mass noun). Drawer copy / treatment - "IP Whitelisting Required" → "IP whitelisting required" (DS sentence-case). - Binance "do NOT enable withdrawal permissions" lifted out of inline red-text into a proper bg-warning-50 border-warning-200 alert block with an alert-triangle icon. Matches the api_keys / hosting alert pattern. - SnapTrade free-tier inline alert-triangle now uses `size: "sm"` so the icon stops rendering at 20px next to 14px body text. Spacing - Group-heading margin top bumped 5 → 6 (20→24px) so the eyebrow has more breathing room above the search bar. * refactor(settings/providers): drawer alerts use DS::Alert; drop card-in-card Two consistency fixes from a design-review pass. DS::Alert adoption - Replaces 9 hand-rolled error blocks across the provider panels (`bg-destructive/10 text-destructive ... line-clamp-3`) with `DS::Alert(variant: :error)` — the project's existing primitive. - Replaces the just-shipped Binance no-withdraw warning block with `DS::Alert(variant: :warning)` instead of a hand-rolled `bg-warning-50 border-warning-200` card. - Replaces the SnapTrade free-tier inline icon-prefixed warning paragraph with `DS::Alert(variant: :warning)` — proper alert treatment for an actual warning, not body copy. - Replaces the Enable Banking "Configuration locked" inline `bg-warning/10` two-paragraph block with `DS::Alert(variant: :warning)` using `safe_join` for the title + body. - Replaces the encryption-error block at the top of show.html.erb with `DS::Alert(variant: :error)`, again via `safe_join`. Mercury card-within-card - The "Add another Mercury connection" form was wrapped in a `<details>` `bg-container shadow-border-xs rounded-xl` card. In the Connect drawer (always 0 existing connections), that wrapping card-inside-the-drawer-card has no value — the form is the only thing on the surface. Drop the wrapper when no connections exist; keep the heading + form inline. When 1+ connections exist (the section page) the heading hints "+ Add another connection" without the disclosure indirection. Trade-off: the error-alert blocks lose their `line-clamp-3` / `title=` truncation. Acceptable for now — DS::Alert can grow a truncate option as a follow-up if needed. Open follow-up: DS::Alert itself uses raw Tailwind palette (`bg-yellow-50` etc.) instead of semantic tokens, and only accepts a single string `message:`. A separate issue tracks this. * fix(settings/providers): hoist warning alerts to top of drawer DS::Alert convention across the rest of the app: alerts sit at the top of the form / page / section, not floating between content blocks. The Binance no-withdraw warning and SnapTrade free-tier warning were rendering between the setup-instructions list and the form fields — visually wonky. Move both to the top of their respective panels so the warning is the first thing the user sees when the connect drawer opens. Existing precedents this aligns with: - accounts/_form.html.erb (error alert above form) - valuations/new.html.erb (error alert above form) - other_assets/new.html.erb (info alert above form) - holdings/show.html.erb (warn alerts above content) * fix(DS::Alert): align icon to cap-height of first text line `items-start` on the container made the icon's top edge flush with the text's top edge, leaving the icon's optical center sitting below the text's first-line center. The hand-rolled alerts elsewhere in the codebase (api_keys/new, hostings/_sync_settings, holdings/show) all add `mt-0.5` to the icon for the same reason — fold that into the primitive so every caller gets the cap-height alignment. * copy(settings/providers): tighten alert messaging per voice review Copy expert pass on the new provider drawer alerts. House style: sentence case for titles, lead with the action, drop "Warning:" / "Please" filler (the alert variant icon already signals tone), prefer one short sentence + optional title-paragraph for emphasis. - Binance no-withdraw warning: was a single line "Warning: do NOT enable withdrawal permissions" — alarmist without context. Now splits into "Read-only key only" (title) + "Don't enable withdrawal permissions when creating your Binance API key — Sure only needs read access." (body). - SnapTrade free-tier note: "Free tier includes 5 brokerage connections. Additional connections require a paid SnapTrade plan." → "SnapTrade's free tier covers 5 brokerage connections. Upgrade on SnapTrade for more." - SnapTrade connection-limit-info inside the brokerage list: cut entirely. The drawer already shows the cap; restating it in the list was noise. - SnapTrade needs-registration: "Credentials saved — finish registration to connect a brokerage." → "Credentials saved. Finish setup to connect a brokerage." ("registration" was ambiguous — register where, with whom?) - Enable Banking "Configuration locked" body: "Credentials cannot be changed while you have active bank connections. Remove all connections first to update credentials." → "Disconnect all linked banks before changing these credentials." Same meaning, half the words. - Encryption-error block: title-cased "Encryption Configuration Required" → "Encryption keys missing"; body strips "Please ensure" filler and the parenthetical credential dump, leaving the three credential names inline as a clean list. Self-hosters still get exactly the names they need to set. * feat(settings/providers): SetupSteps partial for connect-drawer instructions Per the design's drawer-cleanup follow-up. Replaces the per-panel "Setup instructions:" + ordered list + "Field descriptions:" block with a shared boxed-step component. The new partial — `_setup_steps.html.erb` — takes a `steps:` array of strings (or html_safe strings for inline links / code) plus an optional `help:` hash for a docs link below the steps. The eyebrow label is "Setup" (uppercase, tracking-wider) matching Sure's other section labels. Applied across all eleven provider panels: - _provider_form (Plaid + Plaid EU): field descriptions move to per-field helper text below the input. - _binance, _coinbase, _coinstats, _indexa_capital, _lunchflow, _mercury, _simplefin, _snaptrade, _sophtron, _enable_banking: ordered list + duplicate "Field descriptions" block both replaced by the partial. - Some panels' inline copy tightened in the same pass (Lunch Flow, SimpleFIN, Enable Banking) — the design copy is shorter than the current legacy strings; a copy-pass through every panel can follow as a separate cleanup. Token notes: uses scale tokens (`rounded-xl`, `text-xs`/`text-sm`, `tracking-wider`) instead of the design mock's exact arbitrary values, per the consistency-over-design-specs directive on this branch. * fix(settings/providers): tighten panel spacing + relocate per-panel notes Read-flow audit on each connect drawer. The uniform `space-y-4` treated every block (alert, steps, info card, fields, button) the same — visually they were five sibling boxes with no grouping. The fix is per panel; some notes belong as helper text on a specific field, others as a tightly-grouped pre-fill primer. Per panel: - Binance: IP-whitelisting card now matches the setup_steps box (`bg-surface-inset rounded-xl`) and is wrapped with setup_steps in an inner `space-y-2` so they read as a single pre-fill primer cluster. Same eyebrow treatment ("IP whitelisting required") so the two boxes look like sister panels, not unrelated chrome. - SnapTrade: drop the description paragraph above setup_steps. The available-providers card grid already markets SnapTrade ("Connect brokerage accounts via the SnapTrade aggregation network."); repeating in the drawer was duplication. - Mercury: move the sandbox-API note out of its standalone <p> below setup_steps and into per-field helper text under the base_url field — the user only cares about the sandbox URL when they're filling that field. Applied to both the per-item edit form and the add-new form. - _setup_steps partial: drop the now-pointless `mb-2` (outer `space-y-4` already controls the gap; bottom-margin was dead CSS thanks to margin-collapse rules with the next sibling's margin-top). * fix(settings/providers): plaid + indexa drawers join the SetupSteps look Two unifying fixes after the panel-by-panel screenshots showed mixed treatments. Plaid + Plaid EU - The registry-driven panel (_provider_form) was still rendering each adapter's markdown `description` block as plain prose ("Setup instructions: 1. Visit the Plaid Dashboard ..."). Other panels switched to the SetupSteps box; Plaid was the odd one out. - Drop the markdown `description` block from both plaid_adapter and plaid_eu_adapter. Render setup_steps in _provider_form for these two provider keys via inline ERB (link helper handles the Plaid Dashboard link cleanly; the regional differences fold to the same dashboard URL with a different account scope). - Other registry-based providers fall through to the previous markdown description path — no behavior change for them. Indexa Capital - The API token field was wrapped in a `bg-surface border` "card" that duplicated the field label inside as a heading and put the description above the input. Same pattern the user flagged as the "card within input" anti-shape. - Drop the wrapper. The styled-form input renders its own label; description moves to per-field helper text below the input, matching the pattern used by Plaid (provider_form) and Mercury. * fix(settings/providers): surface configured plaid_eu + dedup show context provider_summary had no plaid_eu branch — configured plaid_eu was falling through to status :off and rendering in Available even with credentials set. Collapse plaid + plaid_eu into a single registry check. Drawer title for non-panel configurations was provider_key.titleize, which produced "Plaid Eu" while the available card grid used metadata[:name] = "Plaid EU". Read from metadata first. While here: - compute_provider_sync_health no longer relies on instance_variable_get; pass family_panel_items explicitly so the hash-key/ivar-name coupling is gone. - drop unused .includes(:syncs, :mercury_accounts) and .includes(:snaptrade_accounts) from prepare_show_context. The show view only consults summary[:status]; the eager-loads were carried over from connect_form (which has its own load_provider_items). * i18n(settings/providers): localize plaid setup steps + drop dead defaults The plaid + plaid_eu setup steps in _provider_form.html.erb were hardcoded English strings. Move them to settings.providers.plaid_panel (shared) + plaid_eu_panel (EU-specific step 1) so they can be translated like every other panel. _setup_steps.html.erb was passing default: "Setup" / "Need help?" to t(), masking missing translations in non-EN locales. Both keys exist in en.yml — drop the defaults so missing translations actually surface. * test(settings/providers): cover plaid_eu, clear filters, warn outline Three system test additions: - Configured plaid_eu surfaces in Your connections (regression guard for the helper fix; previously fell through to Available). - Clear filters button resets input + chip state and brings cards back into view. - :warn-state connection row carries the border-warning/25 outline that distinguishes it from an :ok row. * copy(settings/providers): drop em dashes, naturalize phrasing Sweep through every string this branch added and replace em-dash splices with full sentences or simple connectives. en.yml: - drawer_trust_statement now reads "Read-only access. Sure can never move money, and your credentials are stored encrypted." instead of em-dash splicing. - sync_all_recently / recently_synced split into two sentences. - binance_panel.no_withdraw_body, plaid_panel.step_1_html / step_2, plaid_eu_panel.step_1_html same treatment. Hardcoded panel steps (enable_banking, lunchflow, simplefin) become "Go to <link> and …" or "Go to <link> for …" instead of the "<link> — get …" splice. Same setup_steps comment cleaned up. * fix(settings/providers): address CodeRabbit pass on PR #1717 Fixed: - Localize the setup steps in _enable_banking_panel, _lunchflow_panel, and _simplefin_panel. The em-dash sweep had rewritten these into hardcoded English; they now route through settings.providers.{enable_banking,lunchflow,simplefin}_panel step_1_html / step_2 / step_3 keys, mirroring the plaid_panel treatment. - connect_form: silent redirect when provider_key is unknown now carries an alert (settings.providers.not_found) so misrouted links don't drop users on the page with no feedback. - sync action: redirect notice now reflects whether anything was actually scheduled — adds settings.providers.sync_provider_no_items for the "all items already syncing or none exist" path. - Family::Syncer test: count plaid_items via the .syncable scope to match what Family::Syncer actually schedules (already done for binance_items in the same test). Skipped, with reasons: - focus:ring-gray-500/-gray-900 in coinstats / coinbase / simplefin / search_filters: tracked under issue #1715 as part of the raw-palette → DS-token sweep across the whole codebase. - Coinbase #0052FF brand-color wrapper: tracked under PR #1710's follow-up tracking comment as the deferred Provider::Metadata colour-palette decision (designer §01). - Sophtron submit-button extraction into DS::Button: same deferred sweep — every panel hand-rolls this class string; one-off extraction would just churn. - Redundant .html_safe on _html keys in coinstats: tracked in #1715. - _provider_form.html.erb env hint, "Optional" placeholder, "Save and connect" submit: pre-existing strings not added on this branch. - Renaming sync_health_for's :stale to :data_stale: pre-existing shape, refactor scope. - Plaid_eu using plaid_panel.step_2/step_3 keys: deliberate. Same English copy across both providers; duplicating keys would just give translators twice the work for identical strings. - _enable_banking_panel / _lunchflow_panel / _simplefin_panel alert + submit + button labels: pre-existing hardcoded strings from before this branch. Setup steps were the strings actually touched in the em-dash sweep, so those got localized; the rest belong in a broader panel-i18n pass. Verified: - bundle exec erb_lint on the three panels: clean. - bin/rubocop on controller + test: clean. - bin/rails test test/models/family/syncer_test.rb test/controllers/settings/providers_controller_test.rb: 23 runs, 85 assertions, 0 failures. - DISABLE_PARALLELIZATION=true bin/rails test test/system/settings/providers_test.rb: 15 runs, 38 assertions, 0 failures. * fix(db): rename migration to clear collision with main's 20260508120000 Main's PR #1705 (Sophtron manual sync) shipped a migration with the same 20260508120000 timestamp as our add_last_sync_all_attempted_at_to_families migration. The merge that brought main into this branch left both files at the same prefix, which trips Rails' "Duplicate migration" guard at db:schema:load time and broke CI. Renaming our migration to 20260510120000 keeps the column it adds intact (already in db/schema.rb) and bumps the schema version to match. No DB-level change. * fix(settings/providers): card + strip a11y polish - Bring back the slim health strip; gate behind 10+ accounts (HEALTH_STRIP_MIN_ACCOUNTS) so it stays out of the way for small libraries where per-row pills already carry the signal. - Status pill: drop the bg-{c}/10 text-{c} pattern (failed AA on warn / err); switch to bg-surface-inset text-primary with the dot still carrying semantic colour. Passes AA in both themes; the dot is the only colourful affordance. - Maturity badge: bg-alpha-black-50 was invisible against the hovered card bg in light mode and against bg-container in dark mode. Move to bg-surface-inset + border-tertiary so it stays delineated through hover and dark theme. - Provider card: keep the bg shift on hover (now bg-surface-inset for a perceptible delta), focus ring promoted alpha-black-100 -> alpha-black-300 (visible to keyboard users), meta line text-subdued -> text-secondary (text-subdued failed AA at 2.86:1 against bg-container). - Restore the per-provider logo palette dropped in `6abceb07`. Yellow-on-white was the BLOCKER then; bumped Binance to yellow-600 and CoinStats to pink-600 (distinct from Binance and AA-safe with white text). - Health strip dividers: bg-alpha-black-100 was invisible in dark mode. Switch to border-l border-secondary so the DS variant flips correctly. * fix(settings/providers): keep row height on open The right-side meta + status pill + sync button group is hidden via group-open:hidden, but the sync button (DS::Button size sm, h-8) is what dictated the row's natural height. With it gone, the row collapsed from 60px to 48px and the title appeared to jump upward. Pin a min-h-15 on the <summary> so the height stays constant through open/close. * Let's not regress IPv6 * Keep the only real change in schema.rb --------- Signed-off-by: Juan José Mata <juanjo.mata@gmail.com> Signed-off-by: Guillem Arias Fauste <accounts@gariasf.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Guillem Arias <accounts@gariasf.com> Co-authored-by: Guillem Arias Fauste <gariasf@proton.me>	2026-05-10 22:13:57 +02:00
Sure Admin (bot)	f62aed66e4	i18n(es): fill high-value locale gaps (#1733 ) * i18n(es): fill small high-value locale gaps * Small tweak --------- Co-authored-by: KiloClaw <kiloclaw@openclaw.ai> Co-authored-by: Juan José Mata <jjmata@jjmata.com>	2026-05-10 17:17:45 +02:00
Juan José Mata	c92b984cef	[codex] Add Sophtron manual sync fixes (#1714 ) * Add manual Sophtron sync flow (#1705) Branch-to-branch merge. * Copy edits * Make Sophtron manual sync institution scoped * Populate Sophtron manual sync stats * Restore Sophtron bank credential copy * Address Sophtron manual sync review feedback * Scope manual sync processing failure handling * Hide raw Sophtron processor errors from flash * Clear Sophtron manual sync pointers on provider errors * Keep manual Sophtron MFA on manual sync records * Preserve manual sync processing error details	2026-05-09 21:55:20 +02:00
Juan José Mata	81cdccb768	[codex] Complete Sophtron account mapping (#1698 ) * Complete Sophtron account mapping * Clarify Sophtron login challenge flow * Add Sophtron connection UI timeout * Treat Sophtron timeout jobs as failed * Reset failed Sophtron connection state * Handle stale Sophtron connection jobs * Advance Sophtron polling timeout * Shorten Sophtron connection timeout * Fix Sophtron modal polling updates * Stabilize Sophtron MFA polling * Give Sophtron OTP challenges more time * Clarify Sophtron institution login failures * Extend Sophtron polling during login progress * Probe Sophtron accounts after completed MFA step * Align Sophtron dialogs with design system * Start Sophtron initial load after linking accounts * Fix Sophtron initial transaction load * Fail Sophtron sync without institution connection * Fix tests * Wrap Sophtron account linking in transaction * Wrap Sophtron provider responses * Fix Sophtron MFA security tests * Guard Sophtron MFA challenge arrays * Respect Sophtron initial load window * Use unique Sophtron MFA answer field ids * Address Sophtron review follow-ups * Fix Sophtron transaction sync refresh * Avoid blocking Sophtron refresh polling * Move Sophtron account helpers to model * Keep Sophtron grouping provider-level * Start new Sophtron institution links * Isolate Sophtron institution connections --------- Signed-off-by: Juan José Mata <juanjo.mata@gmail.com>	2026-05-08 15:15:23 +02:00
Brendon Scheiber	dce2213a98	feat: add Hungarian (hu) localization (#1677 ) * Add Hungarian (hu) localization Add complete Hungarian translation files and register hu locale * Update hu.yml * Hungarian locale: currency formatting & fixes	2026-05-06 22:38:51 +02:00
sentry[bot]	ec4559ba26	feat(entries): Add amount validation and robustify monetizable concern (#1680 ) * feat(entries): Add amount validation and robustify monetizable concern * fix(valuations): localize blank amount errors --------- Co-authored-by: sentry[bot] <39604003+sentry[bot]@users.noreply.github.com> Co-authored-by: SureBot <sure-bot@we-promise.com>	2026-05-05 20:07:40 +02:00
Abhinav Dhiman	139c89d0f4	feat(investments): add India investment subtypes and exchange support (#1659 ) * feat(investments): add India investment subtypes and exchange support * fix(yahoo-finance): scope Indian exchange de-duplication per company instead of globally Resolves feedback from Codex and CodeRabbit on #1413. prefer_indian_exchange previously collapsed all Indian securities into a single entry, silently dropping unrelated tickers. Now groups Indian listings by name and only de-duplicates within each group, so distinct companies (e.g. Reliance and Infosys) are preserved while NSE/BSE dual-listings still prefer NSE. - Derive India subtype keys dynamically from Investment::SUBTYPES in tests - Fix missing keyword arguments in Security.new test calls * refactor(yahoo-finance): generalize exchange config and dual-listing de-duplication Replaces hardcoded Indian exchange logic with a declarative EXCHANGE_CONFIG hash that maps ISO MIC codes to Yahoo-specific settings (symbol suffix, default currency, dual-listing group, and preference rank). This makes adding new markets a one-line hash entry instead of scattered conditionals. * fix(yahoo-finance): normalize security names for dual-listing de-duplication * fix(yahoo-finance): skip dual-listing de-duplication when filtering by exchange * fix: address PR review feedback for India market support - fix cache key mismatch in fetch_security_price by normalizing symbol before building cache key - remove dead YAHOO_EXCHANGE_CURRENCY constant - tighten normalize_symbol guard to use end_with?(suffix) instead of include?('.') - remove misleading '# India' comment from Property::SUBTYPES - remove 'rented' property subtype in favor of 'investment_property' - rename 'demat' to 'indian_stocks' for clarity - add INR to CURRENCY_REGION_MAP so India appears first for INR users - add dotted-symbol regression test for normalize_symbol * fix(investments): rename 'demat' subtype to 'indian_stocks' and remove trailing comma	2026-05-05 01:04:29 +02:00
ghost	911aa34ba9	feat(auth): add WebAuthn MFA credentials (#1628 ) * feat(auth): add WebAuthn MFA credentials * fix(auth): harden WebAuthn MFA review paths * fix(auth): polish WebAuthn error handling * fix(auth): handle duplicate WebAuthn credential races * fix(auth): permit WebAuthn credential params * fix(auth): trim WebAuthn registration controller cleanup * fix(auth): tighten WebAuthn MFA handling * fix(auth): pin WebAuthn relying party config	2026-05-03 22:13:28 +02:00
Michal Tajchert	ccd6a53071	fix(chat): eager pending AssistantMessage to fix Turbo subscribe race (#1657 ) (#1658 ) * fix(chat): persist eager pending assistant message to fix subscribe race When the LLM replies in ~1-2s the assistant message broadcast could fire before the client's Turbo stream subscription was established, leaving the UI stuck on the thinking indicator while the response was already persisted. Create the AssistantMessage as `pending` synchronously in `Chat#ask_assistant_later`, so it is rendered server-side on the chat show page with a "Thinking ..." inline placeholder. The worker then finds and updates the existing row via `append_text!`, which flips the status to `complete` and broadcasts updates against a DOM id that is already in the page — no race possible. On error, the placeholder is destroyed if no content streamed, otherwise demoted to `failed`. Replaces the standalone thinking indicator partial and the `Assistant::Broadcastable` thinking helpers, both now redundant. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * fix(chat): bind each assistant job to its specific pending placeholder Addressing review feedback on #1658: 1. The pending placeholder lookup based on `last pending` was racy — back-to-back user messages would let one job fill another job's placeholder. Pass the placeholder through the job arguments (`AssistantResponseJob.perform_later(user_message, pending)`) so each turn is bound to its own row. 2. In `Assistant::External#respond_to`, the configured/authorized guards raise before the local was bound, leaving rescue cleanup with `nil` and the placeholder visible forever. Bind the parameter first so cleanup can destroy it on the misconfigured path. The kwarg defaults to nil so the API#retry path (`AssistantResponseJob.perform_later(new_message)`) and the model-level test calls continue to work — they fall back to an in-memory new message, restoring the original test count assertions. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * fix(chat): i18n the pending assistant placeholder string Move the hardcoded "Thinking ..." indicator into the locale file per CLAUDE.md i18n guidelines. With i18n.fallbacks enabled, non-en locales fall back to English until translated. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Add thinking label translations * Fix chat pending assistant expectations * Fix external assistant pending test lookup * Scope chat stream targets per chat * Update message broadcast target tests --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-03 20:33:29 +02:00
ghost	6c84fc760e	fix(mercury): support named multiple API connections (#1627 ) * fix(mercury): support named multiple connections * fix(mercury): address multi-connection review feedback * fix(mercury): localize connection labels * fix(mercury): strip API tokens before provider calls * test(mercury): localize provider config assertions * fix(mercury): address multi-connection review * refactor(mercury): simplify connection selection failure	2026-05-03 10:56:31 +02:00
sentry[bot]	268f5aebfc	refactor(i18n): standardize product name placeholder in import mappings (#1631 ) Co-authored-by: sentry[bot] <39604003+sentry[bot]@users.noreply.github.com>	2026-05-01 23:46:01 +02:00
maverick	ee352dada4	Added ability to bulk-edit transaction names for multiple selected transactions (#1553 ) * Added ability to bulk-edit transaction names for multiple selected transactions. * Added ability to bulk-edit transaction names for multiple selected transactions. * Added ability to bulk-edit transaction names for multiple selected transactions. * Lint, minimize changes --------- Co-authored-by: Juan José Mata <jjmata@jjmata.com>	2026-04-29 18:35:00 +02:00
Juan José Mata	d49250826b	Improve error handling with user-friendly messages and classification (#1591 ) * Improve chat LLM error messages * Fix chat visibility regression in tests * Harden chat error handling for review feedback * Fix rubocop private method indentation * Fix nil presentable_error_message, i18n strings, bare rescue - Guard `presentable_error_message` with `return nil if error.blank?` so chats with no error return nil instead of the fallback string; this prevents the API serialisers from emitting a spurious error message and stops the mobile polling guard from firing on every successful chat - Move all hardcoded user-facing error strings into config/locales/models/chat/en.yml and reference them via I18n.t() - Replace bare `rescue` in `error_message_for` with `rescue StandardError` to avoid swallowing system-level exceptions - Update tests to reference I18n keys instead of raw strings, and add tests for the nil-error case and the unrecognized-error fallback https://claude.ai/code/session_01YFMjEds5WVyKPL42xBqMCX --------- Co-authored-by: SureBot <sure-bot@we-promise.com> Co-authored-by: Claude <noreply@anthropic.com>	2026-04-29 17:51:06 +02:00
Brian Richard	162caf0e9f	fix(localization): update API usage instructions to include product name placeholder (#1555 ) * fix(localization): update API usage instructions to include product name placeholder * Fix: Update show and created views to use dynamic usage_instructions per CodeRabbit * fix: update usage instructions translation key for API key usage	2026-04-26 09:29:23 +02:00
Roger Saner	1297078f7e	Feature: improve transfer matcher UI copy (#1526 ) * refactor: improve UI copy for transaction matcher drawer * refactor: transfer matcher UI copy * fix: improvement * feat: use i18n	2026-04-20 08:17:38 +02:00
Juan José Mata	2a708168c4	Fix LLM demo message	2026-04-19 16:50:48 +00:00
Sophtron Rocky	b32e9dbc45	Add Sophtron Provider (#596 ) * Add Sophtron Provider * fix syncer test issue * fix schema wrong merge * sync #588 * sync code for #588 * fixed a view issue * modified by comment * modified * modifed * modified * modified * fixed a schema issue * use global subtypes * add some locales * fix a safe_return_to_path * fix exposing raw exception messages issue * fix a merged issue * update schema.rb * fix a schema issue * fix some issue * Update bank sync controller to reflect beta status Signed-off-by: Juan José Mata <jjmata@jjmata.com> * Rename settings section title to 'Sophtron (alpha)' Signed-off-by: Juan José Mata <jjmata@jjmata.com> * Consistency in alpha/beta for Sophtron * Good PR suggestions from CodeRabbit --------- Signed-off-by: soky srm <sokysrm@gmail.com> Signed-off-by: Sophtron Rocky <rocky@sophtron.com> Signed-off-by: Juan José Mata <juanjo.mata@gmail.com> Signed-off-by: Juan José Mata <jjmata@jjmata.com> Co-authored-by: soky srm <sokysrm@gmail.com> Co-authored-by: Juan José Mata <juanjo.mata@gmail.com> Co-authored-by: Juan José Mata <jjmata@jjmata.com>	2026-04-19 11:16:04 +02:00
Nicolas	c962b1f420	Complete French translations for views, models, and settings (#1501 ) * i18n(fr): complete provider_sync_summary translations Add 13 missing French translations under provider_sync_summary in config/locales/views/components/fr.yml to bring it to parity with en.yml. Covers: transactions.fetching/protected/view_protected, full skip_reasons section, full trades section (investment activities), and health.view_error_details. * chore(i18n): fix i18n-tasks scanner config Add app/components to i18n-tasks relative_roots so component .erb files using t(".relative_key") are correctly resolved by the scanner. Without this, the scanner crashed on any component using relative i18n keys. * i18n(fr): complete high-impact view translations Bring full FR parity to the 5 most-visited user-facing screens: - accounts (+25 keys) - transactions (+168) - holdings (+53) - settings (+81) - reports (+20) Vocabulary aligned with docs/i18n/fr-glossary.md (Holding → Avoir, Trade → Transaction boursière, Brokerage → Courtier, Posted → Validée, Merchant → Commerçant, Net worth → Patrimoine net, etc.). * i18n(fr): complete remaining incomplete view translations Bring full FR parity to 23 partially-translated view locale files: Mid-size (8-68 keys each): investments, pages, merchants, imports, coinstats_items, sessions, cryptos, rules, transfers, trades, invitations, entries, onboardings, simplefin_items. Small (1-4 keys each): plaid_items, recurring_transactions, users, password_resets, other_assets, loans, shared, registrations, oidc_accounts. Total: ~430 new FR keys. Existing FR translations preserved where already in place; only missing keys were added. Note: shared/fr.yml retains a `breadcrumbs:` block not present in EN (used by FR breadcrumb controllers — removing would regress). * i18n(fr): complete nested admin & settings translations Cover the nested view subdirectories missed by the top-level scan: - defaults/fr.yml (+3 custom keys: global.expand, helpers.select.default_label, helpers.select.search_placeholder) - admin/sso_providers (+2 keys: role_guest, guest_groups) - admin/users (+25 keys: section title, family/role/trial filters, table columns, summary, role descriptions, invitations) - settings/api_keys (+1 key + structural fix: no_api_key and current_api_key were nested incorrectly, now match en.yml) - settings/hostings (+93 keys: assistant_settings, provider_selection, tiingo/eodhd/alpha_vantage/openai blocks, twelve_data plan upgrade) * i18n(fr): add fr.yml for 11 previously untranslated views Create French locale files for all view directories that had no fr.yml: Core features (6 files, 112 keys): - account_sharings, budgets, splits, pdf_import_mailer (view scope), pending_duplicate_merges, securities Provider integrations (5 files, 575 keys): - binance_items (Binance crypto exchange) - coinbase_items (Coinbase crypto exchange) - indexa_capital_items (Indexa Capital robo-advisor) - mercury_items (Mercury business banking) - snaptrade_items (SnapTrade broker aggregator) Provider names kept in English. Domain vocabulary follows docs/i18n/fr-glossary.md (Reconnect → Reconnecter, Refresh → Actualiser, Wallet → Portefeuille, Cost basis → Coût d'acquisition, Canadian retirement accounts mapped to official FR-CA acronyms RRSP→REER, TFSA→CELI, RRIF→FERR). * i18n(fr): add models, mailer, breadcrumb & Doorkeeper translations Create French locale files for the remaining non-view scopes: - models/coinbase_account/fr.yml (1 key) - models/transaction/fr.yml (3 keys) - mailers/pdf_import_mailer/fr.yml (1 key) - breadcrumbs/fr.yml (5 root-level breadcrumb labels) - doorkeeper.fr.yml (89 keys: full OAuth2 UI translation modeled on the doorkeeper-i18n FR conventions; PKCE/scope/ Client Credentials kept in English as proper grant names; date_format adjusted to %d/%m/%Y %H:%M:%S) * i18n(fr): use "Inscription des utilisateurs" for invite_codes onboarding In the invite_codes settings section, EN "Onboarding" was translated as "Intégration" — wrong context. The page controls how new people sign up to the instance, so "Inscription des utilisateurs" is the natural French term for this UX flow. * i18n(fr): use "Marchand" consistently for Merchant Aligns transactions/, settings/, and settings/hostings/ with the FR fintech convention (Lydia, Revolut FR, Boursorama, N26 FR all use "Marchand"). Earlier waves had introduced "Commerçant" via a glossary choice that turned out to imply a small physical retailer rather than a generic transaction payee. Net effect: a single consistent term across all FR screens. * i18n(fr): address CodeRabbit review feedback Fixes 9 of 17 actionable items from the CodeRabbit review: - Remove duplicate breadcrumbs block from shared/fr.yml (item 2) - Standardize "Indexa Capital" naming throughout (item 6) - Pluralize merchants.perform_merge.success in EN+FR (item 7) - Add rel="noopener noreferrer" to Coinbase + Binance external links in EN+FR settings (item 9, security) - Replace "rappeler" with "invoquer" for MCP tool calling (item 10) - Localize Doorkeeper "Single Page Apps" + grant names with FR-first phrasing (item 12) - Reorder twelve_data_settings to put title first (item 14) - Enrich IRA/SEP/SIMPLE/ISA/LISA/SIPP long labels with FR expansion + acronym in parens (item 15) - Use "Transfert" (not "Virement") for investment activity_labels.transfer to disambiguate from banking transfers (item 16) Items deferred (require non-FR code changes or are pre-existing EN bugs): 1, 3, 4, 5, 8, 11, 13. * i18n(fr): address second-wave CodeRabbit review feedback - transactions: fix gender agreement on one_time_title ("%{type} ponctuel" → "Transaction ponctuelle (%{type})") so that "Dépense" no longer renders as "Dépense ponctuel" - transactions: fix bare-noun-modifier in rule_description_prefix ("Les futures transactions %{type}…" → "…de type %{type}…") - settings/hostings: clarify email_confirmation_description ("lors du changement" → "lorsqu'ils la modifient") - settings/hostings: fix dangling "Utilisé de préférence" in EODHD and Alpha Vantage rate_limit_warning ("À utiliser de préférence")	2026-04-19 00:18:40 +02:00
LPW	0a96bf199d	SimpleFIN: setup UX + same-provider relink + card-replacement detection (#1493 ) * SimpleFIN: setup UX + same-provider relink + card-replacement detection Fixes three bugs and adds auto-detection for credit-card fraud replacement. Bugs: - Importer: per-institution auth errors no longer flip the whole item to requires_update. Partial errors stay on sync_stats so other institutions keep syncing. - Setup page: new activity badges (recent / dormant / empty / likely-closed) via SimplefinAccount::ActivitySummary. Likely-closed (dormant + near-zero balance + prior history) defaults to "skip" in the type picker. - Relink: link_existing_account allows SimpleFIN to SimpleFIN swaps by atomically detaching the old AccountProvider inside a transaction. Adds "Change SimpleFIN account" menu item on linked-account dropdowns. Feature (credit-card scope only): - SimplefinItem::ReplacementDetector runs post-sync. Pairs a linked dormant zero-balance sfa with an unlinked active sfa at the same institution and account type. Persists suggestions on Sync#sync_stats. - Inline banner on the SimpleFIN item card prompts relink via CustomConfirm. Per-pair dismiss button scoped to the current sync (resurfaces on next sync if still applicable). Auto-suppresses once the relink has landed. Dev tooling: - bin/rails simplefin:seed_fraud_scenario[email] creates a realistic broken pair for manual QA; cleanup_fraud_scenario reverses it. * Address review feedback on #1493 - ReplacementDetector: symmetric one-to-one matching. Two dormant cards pointing at the same active card are now both skipped — previously the detector could emit two suggestions that would clobber each other if the user accepted both. - ReplacementDetector: require non-blank institution names on both sides before matching. Blank-vs-blank was accidentally treated as equal, risking cross-provider false matches when SimpleFIN omitted org_data. - ActivitySummary: fall back to "posted" when "transacted_at" is 0 (SimpleFIN's "unknown" sentinel). Integer 0 is truthy in Ruby, so the previous `\|\| fallback` short-circuited and ignored posted. - Controller: dismiss key is now the (dormant, active) pair so dismissing one candidate for a dormant card doesn't suppress others. - Helper test: freeze time around "6.hours.ago" and "5.days.ago" assertions so they don't flake when the suite runs before 06:00. * Address second review pass on #1493 - ReplacementDetector: canonicalize account_type in one place so filtering (supported_type?) and matching (type_matches?) agree on "credit card" vs "credit_card" variants. - ReplacementDetector: skip candidates with nil current_balance. nil is "unknown," not "zero" — previously fell back to 0 and passed the near- zero gate, allowing suggestions without balance evidence.	2026-04-18 09:50:34 +02:00
Ang Wei Feng (Ted)	c46aa09607	feat(settings): improve currency preferences UI (#1483 ) * feat(settings): improve currency preferences UI * fix: remove redundant keydown action from currency search input * fix(settings): localize currency count pluralization in dialog * feat: update selected count handling with pluralization support	2026-04-18 00:06:08 +02:00
Juan José Mata	7b2b1dd367	Rebase PR #784 and fix OpenAI model/chat regressions (#1384 ) * Wire conversation history through OpenAI responses API * Fix RuboCop hash brace spacing in assistant tests * Pipelock ignores * Batch fixes --------- Co-authored-by: sokiee <sokysrm@gmail.com>	2026-04-15 18:45:24 +02:00
Tao Chen	aacbb5ef3b	Budget page refactor: split into(All - Over Budget - On Track) (#1195 ) * Optimize UI in budget * update locales * Optimize UI * optimize suggested_daily_spending * try over_budget and on_track * update locale * optimize * add budgets_helper.rb * fix * hide no buget and no expense sub-catogory * Optimize * Optimize button on phone * Fix Pipelock CI noise * using section to render both overbudget and onTrack * hide last ruler * fix * update test --------- Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>	2026-04-13 20:03:55 +02:00
Ang Wei Feng (Ted)	60929cdee0	feat: add currency management for families with enabled currencies (#1419 ) * feat: add currency management for families with enabled currencies * feat: update currency selection logic and improve accessibility * feat: update currency preferences to use group moniker in titles --------- Signed-off-by: Ang Wei Feng (Ted) <hello@tedawf.com> Signed-off-by: Juan José Mata <juanjo.mata@gmail.com> Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>	2026-04-13 19:53:04 +02:00
soky srm	e40811b1ee	Add improvements from security providers to FX providers also (#1445 ) * FIX prefer provider rate always - add debugging also * Move logic from securities over * FIXes * Review fixes * Update provided.rb --------- Signed-off-by: soky srm <sokysrm@gmail.com>	2026-04-13 00:51:23 +02:00
Juan José Mata	342524847a	Testing models other than Qwen	2026-04-12 23:41:16 +02:00
Louis	7427b753e5	fix(enable-banking): refactor error handling and add missing GIN index (#1432 ) * fix(enable-banking): refactor error handling and add missing GIN index * fix(enable-banking): handle wrapped network errors and fix concurrent index migration * fix(enable-banking): extract network errors to frozen constant * fix(enable-banking): consolidate error handling and enforce strict localization * fix(enable-banking): improve sync error handling and fix invalid test status * test(enable_banking): use OpenStruct instead of mock for provider	2026-04-11 21:32:20 +02:00
Louis	e96fb0c23f	feat(enable-banking): enhance transaction import, metadata handling, and UI (#1406 ) * feat(enable-banking): enhance transaction import, metadata handling, and UI * fix(enable-banking): address security, sync edge cases and PR feedback * fix(enable-banking): resolve silent failures, auth overrides, and sync logic bugs * fix(enable-banking): resolve sync logic bugs, trailing whitespaces, and apply safe_psu_headers * test(enable-banking): mock set_current_balance to return success result * fix(budget): properly filter pending transactions and classify synced loan payments * style: fix trailing whitespace detected by rubocop * refactor: address code review feedback for Enable Banking sync and reporting --------- Signed-off-by: Louis <contact@boul2gom.com> Signed-off-by: Juan José Mata <juanjo.mata@gmail.com> Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>	2026-04-10 23:19:48 +02:00
soky srm	0aca297e9c	Add binance security provider for crypto (#1424 ) * Binance as securities provider * Disable twelve data crypto results * Add logo support and new currency pairs * FIX importer fallback * Add price clamping and optiimize retrieval * Review * Update adding-a-securities-provider.md * day gap miss fix * New fixes * Brandfetch doesn't support crypto. add new CDN * Update _investment_performance.html.erb	2026-04-10 15:43:22 +02:00
soky srm	7908f7d8a4	Expand financial providers (#1407 ) * Initial implementation * Tiingo fixes * Adds 2 providers, remove 2 * Add extra checks * FIX a big hotwire race condition // Fix hotwire_combobox race condition: when typing quickly, a slow response for // an early query (e.g. "A") can overwrite the correct results for the final query // (e.g. "AAPL"). We abort the previous in-flight request whenever a new one fires, // so stale Turbo Stream responses never reach the DOM. * pipelock * Update price_test.rb * Reviews * i8n * fixes * fixes * Update tiingo.rb * fixes * Improvements * Big revamp * optimisations * Update 20260408151837_add_offline_reason_to_securities.rb * Add missing tests, fixes * small rank tests * FIX tests * Update show.html.erb * Update resolver.rb * Update usd_converter.rb * Update holdings_controller.rb * Update holdings_controller.rb * Update holdings_controller.rb * Update holdings_controller.rb * Update holdings_controller.rb * Update _yahoo_finance_settings.html.erb	2026-04-09 18:33:59 +02:00
Pedro J. Aramburu	f699660479	Add exchange rate feature with multi-currency transactions and transfers support (#1099 ) Co-authored-by: Pedro J. Aramburu <pedro@joakin.dev>	2026-04-08 21:05:58 +02:00
sentry[bot]	117ab2b45f	refactor(accounts): Improve destroy_later atomicity and add controller error handling (#1395 ) * refactor(accounts): Improve destroy_later atomicity and add controller error handling * Address PR comment --------- Co-authored-by: sentry[bot] <39604003+sentry[bot]@users.noreply.github.com> Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>	2026-04-07 15:53:25 +02:00
Louis	455c74dcfa	Add Binance support, heavily inspired by the Coinbase one (#1317 ) * feat: add Binance support (Items, Accounts, Importers, Processor, and Sync) * refactor: deduplicate 'stablecoins' constant and push stale_rate filter to SQL --------- Signed-off-by: Juan José Mata <juanjo.mata@gmail.com> Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>	2026-04-07 14:43:17 +02:00
UberDudePL	cebdf1d4f7	Polish localization: complete translations, pluralization fixes, and reusable locale audit tooling (#1356 ) * Add production-ready Polish localization and reusable locale audit tooling - add and update Polish locale files across models, views, mailers, and shared translations - add runtime rails-i18n dependency and Polish locale support in language helper - add regression coverage for Polish pluralization and locale-aware money formatting - introduce reusable locale audit script for any locale plus backward-compatible PL wrapper - add localization audit docs and generated PL readiness/pluralization reports - resolve one/few/many/other pluralization consistency for Polish locales * Fix Polish locale review feedback * Fix locale compatibility regressions * Polish locale typo pass and wrapper cleanup * Final language improvements and test isolation for Polish locales - Improved partial_success wording in SnapTrade with proper noun inflection - Fixed typos: Pomin → Pomiń in Mercury and LunchFlow items - Isolated I18n backend state in polish_pluralization_test to prevent test coupling * Fix code review comments in locale audit scripts - Use RbConfig.ruby instead of 'ruby' to ensure consistent interpreter - Remove Symbol from permitted_classes and explicitly allow CLDR plural symbols (one, few, many, other) in YAML loading * Simplify i18n flow and align locale interpolation keys * Remove locale audit scripts and localization docs	2026-04-07 11:55:58 +02:00
Jorge Victor Gamboa	745c804289	Update and add Portuguese translations for various features (#1344 ) * feat: update translations for pt-BR Add new translations and update existing ones Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> * Add Portuguese translations for admin invitations Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> * Add Portuguese translations for budget views Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> * Add unlock and protection messages in pt-BR.yml Added unlock and protection messages in Portuguese. Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> * Fix translation key from 'provedores' to 'providers' Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> * Update config/locales/views/settings/pt-BR.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> * Translate account sharing strings to Portuguese Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> * Add Portuguese (Brazil) localization for components Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> * Add Portuguese translations for transaction model errors Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> * Translate user management strings to Portuguese Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> * Fix typo in Portuguese translation for 'member' Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> * Add appearance settings localization in pt-BR Added localization for appearance settings and dashboard layout options in Portuguese. Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> * Remove theme options from preferences in pt-BR localization, these keys were moved to appearances.show. * Adds translations for financial reports and investment performance in Brazilian Portuguese. * fix: Corrects Portuguese translations for 'vender' (to sell), 'neste período' (in this period), and adjusts the formatting of 'saques' (withdrawals) in investment performance. * Fix: Corrects the indentation of the print section in the pt-BR translation file. * Fix: Corrects the translation of 'this period' to 'este período' in the pt-BR localization file. --------- Signed-off-by: Jorge Victor Gamboa <gamboajorge49@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2026-04-07 11:40:19 +02:00
Geoffrey	ac2817d704	Fixed crypto and loan add menus (#1306 ) * Fixed crypto and loan add menus * Changed unspecified crypto account type to none for consistency * Added default add message for loan subtype * Made the short form of non-mortgage loans in loans.rb match the long form * Edited the crypto tooltip to be country generic * Update config/locales/views/loans/en.yml Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: Geoffrey <79559478+CYBRXT@users.noreply.github.com> * Update app/views/loans/_form.html.erb Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: Geoffrey <79559478+CYBRXT@users.noreply.github.com> * Following Dosu's comment on my issue for consistency --------- Signed-off-by: Geoffrey <79559478+CYBRXT@users.noreply.github.com> Co-authored-by: Geoffrey <geoffrey@github.worker> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>	2026-04-07 11:39:18 +02:00
Mikael Møller	0870ebb56b	Add Quick Categorize Wizard (#1386 ) * Add Quick Categorize Wizard (iteration 1) Adds a step-by-step wizard for bulk-categorizing uncategorized transactions and optionally creating auto-categorization rules, reducing friction after connecting a new bank account. New files: - Transaction::Grouper abstraction + ByMerchantOrName strategy (groups by merchant name when present, falls back to entry name; sorted by count desc) - Transactions::CategorizesController (GET show / POST create) - Wizard view at app/views/transactions/categorizes/show.html.erb - Stimulus categorize_controller.js (Enter-key-to-select-first) - Tests for grouper and controller Modified files: - routes.rb: resource :categorize inside namespace :transactions - transactions_controller.rb: expose @uncategorized_count to index - transactions/index.html.erb: Categorize (N) button in header - family.rb: uncategorized_transaction_count query - rules_controller.rb: return_to param support for wizard → rule editor flow - rules/_form.html.erb, rules/new.html.erb: pass return_to through form - i18n: categorizes show/create keys + rules.create.success Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Quick Categorize Wizard — iteration 2 polish Six improvements from live testing: - Breadcrumb: Home > Transactions > Categorize - Layout: category picker + confirmation dialog above transaction list - Inline confirmation dialog: clicking a category pill shows a <dialog> summarising what will happen (N transactions → category, rule if checked) with Confirm and Cancel buttons — no redirect to rule editor - Direct rule creation: rule created with active: true in the controller instead of redirecting to the rule editor; revert return_to plumbing from RulesController, rules/_form, rules/new, rules/en.yml - Individual row assignment: per-row category <select> submits via PATCH /transactions/categorize/assign_entry and removes the row via Turbo Stream (assign_entry action + route) - Enter key guard: selectFirst only fires when exactly 1 pill is visible after filtering Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Quick Categorize Wizard — iteration 3 reliability fixes and UX polish - Fix Stimulus controller not loading: remove invalid `@hotwired/turbo` named import (not in importmap); use global `Turbo.renderStreamMessage` instead - Fix Enter key submitting form with wrong category when search field is unfocused: move keydown listener to document so it fires regardless of focus - Prevent Enter from submitting when multiple categories are visible - Clear search filter after bulk category assignment (pill click or Enter), but not after individual row dropdown assignment - Update group transaction count and total amount live as entries are assigned via row dropdown or partial bulk assignment - Add turbo frames for remaining count and group summary so they update without a full page reload Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Quick categorization polish * refactoring * Remove unused GROUPS_PER_BATCH constant, fix ERB self-closing tags Wizard only ever uses one group at a time so limit: 1 is correct and more honest than fetching 20 and discarding 19. ERB linter fixes are whitespace/void-element corrections with no functional change. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Move Categorize button into ... menu on transactions index Reduces header clutter by putting it in the overflow menu at the bottom, where it only appears when there are uncategorized transactions. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Scope categorize wizard to accessible entries only Fixes a security issue where users with restricted account access via account sharing could view and categorize transactions from accounts they cannot access through normal transaction flows. - Pass Current.accessible_entries to Transaction::Grouper so the wizard only displays groups from accounts the user can see - Use Current.accessible_entries on all write paths in create and assign_entry, matching the pattern in TransactionCategoriesController - Refactor Grouper to accept an entries scope instead of a family object, keeping authorization concerns in the controller - Add tests verifying inaccessible entries are hidden from the wizard and cannot be categorized via forged POST/PATCH params Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Clamp position param to >= 0 to guard against negative offset Prevents ArgumentError from Array#drop when a negative position is passed via a tampered query string or form value. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Surface rule creation failure and add accessible names to entry row - Capture Rule.create_from_grouping! return value; set flash[:alert] when nil so users who checked "Create Rule" know it wasn't created (e.g. a duplicate already exists); stream the notification for partial updates - Add aria-label to the per-row checkbox and category select in _entry_row so screen readers can identify which transaction each control belongs to Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Localize breadcrumb labels in categorizes controller Follows the pattern used by FamilyExportsController and ImportsController. Adds 'transactions' and 'categorize' keys to the breadcrumbs locale file. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Add error handling to categorize controller fetch calls Check response.ok before parsing the body and add .catch handlers so network failures and non-2xx responses are logged rather than silently swallowed. On assignment failure the per-row select is reset to empty so the user can retry. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Scope preview_rule to accessible entries only Entry.uncategorized_matching now accepts an entries scope instead of a family object, matching the same pattern used for Transaction::Grouper. The preview_rule action passes Current.accessible_entries so rule previews respect account sharing permissions. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Scope remaining count to accessible entries Adds Entry.uncategorized_count(entries) following the same pattern as uncategorized_matching. Replaces all three uses of Current.family.uncategorized_transaction_count in the categorize controller so the remaining-count badge reflects only the transactions the current user can actually access and categorize. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Comments got separated from their function * Remove quick-categorize-wizard dev notes This was a planning document used during development, not intended for the final branch. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Recompute remaining entries from server state after writes Adds uncategorized_entries_for helper that reloads remaining entries from the DB with a category_id IS NULL filter after each write, so the partial-update Turbo Stream reflects server-side state rather than trusting the client-provided remaining_ids. This handles the case where a concurrent request has categorized one of the remaining entries between page render and form submit. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Rename create_from_grouping! to create_from_grouping The method rescues RecordInvalid and returns nil, which contradicts the bang convention. Dropping the ! correctly signals that callers should check the return value. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Clamp offset in grouper to guard against negative values The controller already clamps position before passing it as offset, but clamping in the grouper itself prevents ArgumentError from Array#drop if the grouper is ever called directly with a negative offset. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Juan José Mata <jjmata@jjmata.com>	2026-04-07 11:24:50 +02:00
Serge L	78b334277c	QIF imports: Add date format auto-detection and manual override (#1368 ) * feat: improve QIF import date format selection - Added a reusable date format auto-detection method. - Show a live preview of the first parsed date that updates client-side as the user changes the dropdown selection, via a new qif-date-format Stimulus controller. - Show an error alert and disable the submit button when no supported date format can parse the file's dates. * A few polishing fixes: - Missing return on redirects Stale REASONABLE_DATE_RANGE constant. - Replaced the frozen constant with a class method Bare inline rescue — Replaced Date.strptime(s, fmt) rescue nil with an explicit begin/rescue catching. - save!(validate: false) in controller — Changed to update_column(:column_mappings, ...) in qif_category_selections_controller.rb:22, matching the pattern used in detect_and_set_qif_date_format!. - Unescaped JSON in HTML attribute — Replaced the raw <div> with tag.div ... do block in show.html.erb:16, letting Rails properly escape the data attribute value. * fix: address review feedback for QIF date format feature - Add missing `return` after redirect for non-QIF imports - Pass date_format to parse_opening_balance in will_adjust_opening_anchor? - Return empty array when no usable date sample exists for format preview - Add sr-only label to date format select for accessibility - Consolidate duplicate try_parse_date/parse_qif_date into single method - Remove misleading ambiguity scoring comment from detect_date_format - Skip redundant sync_mappings when date format already triggered a sync Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Use %{product_name} interpolation in locale strings --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-05 09:27:24 +02:00
Anas Limouri	a90f9b7317	Add CoinStats exchange portfolio sync and normalize linked investment charts (#1308 ) * [FEATURE] Add CoinStats exchange portfolios and normalize linked investment charts * [BUGFIX] Fix CoinStats PR regressions * [BUGFIX] Fix CoinStats PR review findings * [BUGFIX] Address follow-up CoinStats PR feedback * [REFACTO] Extract CoinStats exchange account helpers * [BUGFIX] Batch linked CoinStats chart normalization * [BUGFIX] Fix CoinStats processor lint --------- Signed-off-by: Juan José Mata <juanjo.mata@gmail.com> Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>	2026-04-01 20:25:06 +02:00
Serge L	ab9b97639b	Record dividends and interest as Trades in investment accounts (#1311 ) * Record dividends and interest as Trades in investment accounts All investment income (dividends and interest) is now modeled as a Trade with qty: 0 and price: 0, keeping security_id NOT NULL on trades intact. Dividends require a security; interest falls back to a per-account synthetic cash security (kind: "cash", offline: true) when none is selected, matching how brokerages handle uninvested cash internally. - Add `kind` column to securities ("standard" \| "cash") with DB check constraint; `Security.cash_for(account)` lazily finds or creates the synthetic cash security; `scope :standard` excludes synthetic securities from user-facing pickers - Trade::CreateForm: new `dividend` type (security required); `interest` now creates a Trade instead of a Transaction - Trade form: Dividend and Interest in the type dropdown with a security combobox (required for dividend, optional for interest) - transactions table: untouched * UI fixes * HealthChecker — both scopes now chain .standard to exclude cash securities from provider health checks. DB query moved to model — Account#traded_standard_securities in app/models/account.rb, view uses account.traded_standard_securities. DRY income creation — create_income_trade(sec:, label:, name:) extracted as shared private method; create_dividend_income and create_interest_income delegate to it. show.html.erb blocks merged — single unless trade.qty.zero? block covers qty/price/fee fields. Test extended — assert_response :unprocessable_entity added after the assert_no_difference block. * Hide cash account ticker from no-security trade detail * Fix CodeRabbit review issues from PR #1311 - Remove duplicate YAML keys in translation files (de, es, fr) - Add error handling for security resolution in create_dividend_income - Extract income trade check to reduce duplication in header template Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> * Include holdings in dividend/interest security picker The security picker for dividend/interest trades should include all securities in holdings, not just those with trade history. This fixes the issue where accounts with imported holdings (e.g., SimpleFIN) but no trades would have an empty picker and be unable to record dividends. Uses UNION to combine securities from both trades and holdings. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> * scope picker to holdings only (a trade creates a holding anyway) --------- Co-authored-by: Claude Haiku 4.5 <noreply@anthropic.com>	2026-03-29 10:08:54 +02:00
Serge L	cc7d675500	Add transaction fee support to trades (#1248 ) Add an optional fee field (decimal, precision: 19, scale: 4) to trades. Fee is included in the total amount calculation (qty * price + fee) for both create and update flows. The fee field appears on both the create and edit forms, defaults to 0, and auto-submits like other trade fields. Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-28 19:03:16 +01:00
Juan Manuel Reyes	f42b593b9e	Show inflow/outflow totals for transfer filter (#1134 ) * Show inflow/outflow totals when filtering by transfers When filtering transactions by "Transfer" type, the summary bar previously showed $0 for both Income and Expenses because transfers were excluded from those sums. Now computes transfer inflow/outflow in the same SQL pass and switches labels to "Inflow"/"Outflow" when transfer amounts are non-zero. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add mixed filter comment and transfer-only test coverage Document the intentional mixed filter behavior where transfer amounts are excluded from the summary bar when non-transfer types are present. Add test exercising Inflow/Outflow label switching for transfer-only results. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-26 21:12:01 +01:00
soky srm	9410e5b38d	Providers sharing (#1273 ) * third party provider scoping * Simplify logic and allow only admins to mange providers * Broadcast fixes * FIX tests and build * Fixes * Reviews * Scope merchants * DRY fixes	2026-03-25 17:47:04 +01:00
soky srm	560c9fbff3	Family sharing (#1272 ) * Initial account sharing changes * Update schema.rb * Update schema.rb * Change sharing UI to modal * UX fixes and sharing controls * Scope include in finances better * Update totals.rb * Update totals.rb * Scope reports to finance account scope * Update impersonation_sessions_controller_test.rb * Review fixes * Update schema.rb * Update show.html.erb * FIX db validation * Refine edit permissions * Review items * Review * Review * Add application level helper * Critical review * Address remaining review items * Fix modals * more scoping * linter * small UI fix * Fix: Sync broadcasts push unscoped balance sheet to all users * Update sync_complete_event.rb The fix removes the sidebar broadcasts (which rendered unscoped account groups using family.balance_sheet without user context) along with the now-unused sidebar_targets, account_group, and family_balance_sheet private methods. The sidebar will still update correctly — when the sync completes, Family::SyncCompleteEvent#broadcast fires family.broadcast_refresh, which triggers a morph-based page refresh for each user with their own authenticated session, rendering properly scoped sidebar content.	2026-03-25 10:50:23 +01:00
soky srm	65f439e4da	Add appearance setting for 2 column layout (#1285 )	2026-03-24 19:19:05 +01:00
soky srm	c7b9bc48bc	Adapt holdings to number inputs (#1258 ) * Adapt holdings to number inputs * Reviews * FIX a small provider hardcoded name * PR l10n request --------- Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>	2026-03-23 18:27:53 +01:00
Juan José Mata	2595885eb7	Full `.ndjson` import / reorganize UI with Financial Tools / Raw Data tabs (#1208 ) * Reorganize import UI with Financial Tools / Raw Data tabs Split the flat list of import sources into two tabbed sections using DS::Tabs: "Financial Tools" (Mint, Quicken/QIF, YNAB coming soon) and "Raw Data" (transactions, investments, accounts, categories, rules, documents). This prepares for adding more tool-specific importers without cluttering the list. https://claude.ai/code/session_01BM4SBWNhATqoKTEvy3qTS3 * Fix import controller test to account for YNAB coming soon entry The new YNAB "coming soon" disabled entry adds a 5th aria-disabled element to the import dialog. https://claude.ai/code/session_01BM4SBWNhATqoKTEvy3qTS3 * Fix system tests to click Raw Data tab before selecting import type Transaction, trade, and account imports are now under the Raw Data tab and need an explicit tab click before the buttons are visible. https://claude.ai/code/session_01BM4SBWNhATqoKTEvy3qTS3 * feat: Add bulk import for NDJSON export files Implements an import flow that accepts the full all.ndjson file from data exports, allowing users to restore their complete data including: - Accounts with accountable types - Categories with parent relationships - Tags and merchants - Transactions with category, merchant, and tag references - Trades with securities - Valuations - Budgets and budget categories - Rules with conditions and actions (including compound conditions) Key changes: - Add BulkImport model extending Import base class - Add Family::DataImporter to handle NDJSON parsing and import logic - Update imports controller and views to support NDJSON workflow - Skip configuration/mapping steps for structured NDJSON imports - Add i18n translations for bulk import UI - Add tests for BulkImport and DataImporter * fix: Fix category import and test query issues - Add default lucide_icon ("shapes") for categories when not provided - Fix valuation test to use proper ActiveRecord joins syntax * Linter errors * fix: Add default color for tags when not provided in import * fix: Add default kind for transactions when not provided in import * Fix test * Fix tests * Fix remaining merge conflicts from PR 766 cherry-pick Resolve conflict markers in test fixtures and clean up BulkImport entry in new.html.erb to use the _import_option partial consistently. https://claude.ai/code/session_01BM4SBWNhATqoKTEvy3qTS3 * Import Sure `.ndjson` * Remove `.ndjson` import from raw data * Fix support for Sure "bulk" import from old branch * Linter * Fix CI test * Fix more CI tests * Fix tests * Fix tests / move PDF import to first tab * Remove redundant title --------- Co-authored-by: Claude <noreply@anthropic.com>	2026-03-23 14:27:41 +01:00
soky srm	12d2f4e36d	Provider merchants enhancement (#1254 ) * Add AI merchant enhancement and dedup * Enhancements Add error if job is already running add note that we also merge merchants * Allow updating provider website * Review fixes * Update provider_merchant.rb * Linter and fixes * FIX transaction quick menu modal	2026-03-23 12:34:43 +01:00

1 2 3 4 5 ...

412 Commits