Signed-off-by: Serhat <49079271+onwp@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>

Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>

Reject non-standard truthy numeric expressions in filters and document the parser as a supported subset of standard CEL syntax.

- remove legacy filter rewrites
- support standard equality in tag exists predicates
- add regression coverage for accepted and rejected expressions

Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>

fix(lint): correct goimports struct literal alignment after removing write-only credential fields (#5794)
Co-authored-by: Claude <noreply@anthropic.com>

Security fixes for credential leakage across three resources:

- NOTIFICATION setting: restrict GetInstanceSetting to admin-only
  (was publicly accessible, exposing SMTP credentials)
- SMTP password: never return SmtpPassword in API responses (write-only)
- S3 secret: never return AccessKeySecret in API responses (write-only)
- OAuth2 ClientSecret: never return in API responses for any role
  (was previously returned to admins); remove redactIdentityProviderResponse
  in favor of omitting the field at the conversion layer
- Preserve-on-empty: when updating settings with an empty credential
  field, preserve the existing stored value instead of overwriting
  (applies to SmtpPassword, AccessKeySecret, and ClientSecret)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

- Fix duplicate SSE event on comment creation: CreateMemoComment now
  suppresses the redundant memo.created broadcast from the inner
  CreateMemo call, emitting only memo.comment.created
- Extract reaction event-building IIFEs into buildMemoReactionSSEEvent
  helper, removing duplicated inline DB-fetch logic
- Promote resolveSSEAudienceCreatorID from method to free function
  (resolveSSECreatorID) since it never used the receiver
- Add userID to SSE connect/disconnect log lines for traceability
- Change canReceive default from permissive (return true) to
  deny-with-warning for unknown visibility types
- Add comprehensive tests covering all new helpers, visibility edge
  cases, slow-client drop behavior, and the double-broadcast fix
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Removed the old sponsors table and replaced it with individual sponsor links and descriptions.
Signed-off-by: boojack <stevenlgtm@gmail.com>

Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>

Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>

Updated featured sponsors section with new layout and content.
Signed-off-by: boojack <stevenlgtm@gmail.com>

Signed-off-by: boojack <stevenlgtm@gmail.com>

Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>

When truncate mode is active (comment list), display an inline file icon
with attachment count instead of rendering full image thumbnails.

Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>

Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>

Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>

Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>