Skip to content

v0.10.0

Latest
Latest

Choose a tag to compare

View all tags
@rsmithlal rsmithlal released this 25 Mar 05:25
· 304 commits to main since this release
v0.10.0
d0b23ce
This commit was signed with the committer’s verified signature.
rsmithlal Robert Smith
GPG key ID: 02D14E52B1A64C2E
Verified
Learn about vigilant mode.

Better Together Community Engine v0.10.0 Release Notes

v0.10.0 extends the developer integration surface introduced in v0.9.0. It adds a personal Developer settings tab with OAuth app and token management, community-scoped webhook configuration, comprehensive API documentation, and a full Swagger/OpenAPI spec covering 30 endpoints.

Overview

  • Developer Settings Tab: Users can manage their own OAuth applications and access tokens directly from /settings.
  • Community Webhook Management: Community admins can configure webhook endpoints scoped to their community.
  • API & MCP Documentation: Four new integration guides covering OAuth2, MCP tools, webhooks, and JWT auth.
  • Swagger/OpenAPI spec: 30 endpoints fully documented with rswag.

New Features & Enhancements

Settings — Developer Tab

  • New Developer tab in /settings for authenticated users
  • Personal OAuth application management: list, create, edit, delete owned OAuth apps
  • Active access token table: view scopes, creation date, and revoke tokens
  • Dedicated route GET /settings/applications for personal OAuth app CRUD

Community-Scoped Webhooks

  • Community admins can manage webhook endpoints scoped to their community
  • New CommunityWebhookEndpointsController with full CRUD and test delivery
  • Routes nested under /c/:community_id/webhook_endpoints
  • Community policy: manage_integrations? permission (delegates to update?)
  • WebhookEndpoint model gains optional community_id FK

API Documentation

  • docs/api/oauth-integration-guide.md — OAuth2 flows, scopes, token acquisition, GitHub login
  • docs/api/mcp-integration-guide.md — MCP tool reference (20 tools), auth, client config
  • docs/api/webhook-integration-guide.md — endpoint setup, event types, HMAC-SHA256 signing
  • docs/api/jwt-auth-guide.md — Devise JWT auth, sign-in/sign-out, token claims

Host App Extension Points

  • Extension points for MCP tools, API v1 routes, and Swagger spec in host apps

Improvements & Bug Fixes

  • Fixed SettingsController#update_preferences crashing when re-rendering :index on validation failure — load_developer_tab_data extracted as shared private method
  • Fixed TypeError: Community is not a module namespace collision — controller renamed to CommunityWebhookEndpointsController
  • Fixed before_action ordering in CommunityWebhookEndpointsControllerset_community now uses prepend_before_action
  • Fixed JWT sign-out to use authenticate_api_user! correctly
  • Fixed auth/webhooks/invitation/event bugs in API controllers
  • Restored tabs.account/blocked_people/developer i18n keys across es/fr/uk locales
  • MCP: aligned tool RBAC with CE permissions and fixed IP allowlist

Tests

  • 62 new request spec examples covering Developer tab, personal OAuth apps, and community webhooks
  • Swagger specs cover all 30 API endpoints via rswag
Assets 2
Loading