* fix: Bugsnag network connections even with errors reporting disabled (#3190)

* fix: disable Bugsnag auto session tracking to prevent unwanted network connections

Adds autoTrackSessions: false to Bugsnag.start() configuration to prevent
the SDK from automatically connecting to sessions.bugsnag.com on initialization.
This fixes issues in air-gapped networks where the connection attempt triggers
certificate error dialogs even when telemetry is disabled.

Also upgrades @bugsnag/js from v7.22.3 to v8.8.1.

* test: add integration tests for Bugsnag network behavior

- Use nock to intercept real HTTP requests from Bugsnag SDK
- Verify no network calls when reporting is disabled
- Verify sessions are sent when reporting is enabled
- Use Object.defineProperty for env var mocking
- Skip tests on Windows due to Jest module mocking issues

* Version 4.12.1-alpha.1

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar (#3191)

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

---------

Co-authored-by: Pierre Lehnen <[email protected]>

* Add configurable Outlook calendar sync interval (#3198)

* feat: add configurable Outlook calendar sync interval (1-60 min)

Adds a user-editable sync interval setting to Settings > General,
with admin override support via overridden-settings.json. Uses a
nullable override pattern (number | null) to cleanly separate admin
overrides from persisted user preferences, preventing contamination.
Includes debounced runtime restart of the sync task on changes.

* chore: bump version to 4.12.1-alpha.3, improve sync interval change handling

Increases debounce to 10s, triggers an immediate sync before
rescheduling, and adds a log message when the interval changes.

* fix: clean up sync state when credentials are cleared or app shuts down

Prevents stale credentials from being used by the debounced interval
restart callback. Clears timers, nulls module-level state, and
unsubscribes the interval watcher on credential clear and shutdown.

* feat: Add outlook detailed logs toggle (#3199)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: call stopOutlookCalendarSync on app quit

Ensures all sync timers and debounce timers are properly cleaned up
when the application shuts down, preventing sync operations during
shutdown.

* fix: improve logging system security and log viewer context filtering

- Protect active log files from cleanup deletion
- Add IPC rate limiting to prevent renderer process flooding
- Restrict log file permissions to owner-only access
- Add context sanitization to error classification (passwords/tokens only)
- Remove ANSI color codes from OutlookCalendar logger prefixes
- Fix log viewer context filter to use structured tag matching instead of substring search

* feat: add detailed events logging toggle for Outlook calendar sync

Add a new toggle in Settings > Developer to log full event data exchanged
between Exchange and Rocket.Chat during calendar sync. When enabled, logs
raw Exchange appointments, CRUD payloads/responses, event comparisons,
and sync summaries for diagnosing sync issues.

* fix: address PR review feedback

- Fix regex precedence in error classification so 'timeout' doesn't match too broadly
- Add lang="en" to log viewer HTML for accessibility
- Add circular reference guard to redactObject to prevent stack overflow
- Update AGENTS.md with missing outlookDebug/outlookEventDetail imports

* fix: address second round of PR review feedback

- Narrow SSL/TLS regex to match specific error codes instead of broad substrings
- Make sanitizeContext recursive to redact nested sensitive keys
- Align multi-line JSON context with box-drawing prefix in error logs
- Preserve original case in custom path segments in buildEwsPathname

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.4

* fix: log viewer Windows compatibility and Outlook logging in production (#3203)

- Handle CRLF line endings from Windows log files (split on \r?\n)
- Fix regex to allow variable whitespace between bracket groups
- Change outlookLog/outlookDebug/outlookEventDetail to console.info
  so they reach the file transport in production (info threshold)
  instead of being silently dropped as debug level
- Fix Outlook preload console.log calls to console.info (same issue)
- Fix app startup completion log to console.info

* Version 4.12.1-alpha.5

* fix: always send endTime and busy fields in calendar sync payload (#3204)

Remove server version gate (>= 7.5.0) that conditionally included endTime and busy fields when syncing Outlook calendar events to Rocket.Chat server. The gate was failing for some customers because server.version was not populated in the Redux store, causing these fields to be silently dropped from create/update payloads regardless of actual server version.

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)

Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.6

* Merge master into dev — bring bug fixes to dev branch (#3215)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: Add safe guards to prevent The application GUI just crashed (#3206)

* fix: guard store functions against pre-initialization calls on macOS Tahoe

On macOS 26.x (Tahoe), the IPC call to retrieve the server URL is slower
than on earlier macOS versions, causing the preload to retry with a 1-second
delay. During this window the RC webapp loads and calls
`window.RocketChatDesktop.setTitle()` and `setUserPresenceDetection()`, which
internally invoke `dispatch()` and `listen()` from the Redux store before
`createRendererReduxStore()` has completed. Since `reduxStore` is still
`undefined`, accessing `.dispatch` or `.subscribe` throws a TypeError that
propagates back through contextBridge into the React tree, crashing the app
with "The application GUI just crashed".

…

* fix: Bugsnag network connections even with errors reporting disabled (#3190)

* fix: disable Bugsnag auto session tracking to prevent unwanted network connections

Adds autoTrackSessions: false to Bugsnag.start() configuration to prevent
the SDK from automatically connecting to sessions.bugsnag.com on initialization.
This fixes issues in air-gapped networks where the connection attempt triggers
certificate error dialogs even when telemetry is disabled.

Also upgrades @bugsnag/js from v7.22.3 to v8.8.1.

* test: add integration tests for Bugsnag network behavior

- Use nock to intercept real HTTP requests from Bugsnag SDK
- Verify no network calls when reporting is disabled
- Verify sessions are sent when reporting is enabled
- Use Object.defineProperty for env var mocking
- Skip tests on Windows due to Jest module mocking issues

* Version 4.12.1-alpha.1

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar (#3191)

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

---------

Co-authored-by: Pierre Lehnen <[email protected]>

* Add configurable Outlook calendar sync interval (#3198)

* feat: add configurable Outlook calendar sync interval (1-60 min)

Adds a user-editable sync interval setting to Settings > General,
with admin override support via overridden-settings.json. Uses a
nullable override pattern (number | null) to cleanly separate admin
overrides from persisted user preferences, preventing contamination.
Includes debounced runtime restart of the sync task on changes.

* chore: bump version to 4.12.1-alpha.3, improve sync interval change handling

Increases debounce to 10s, triggers an immediate sync before
rescheduling, and adds a log message when the interval changes.

* fix: clean up sync state when credentials are cleared or app shuts down

Prevents stale credentials from being used by the debounced interval
restart callback. Clears timers, nulls module-level state, and
unsubscribes the interval watcher on credential clear and shutdown.

* feat: Add outlook detailed logs toggle (#3199)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: call stopOutlookCalendarSync on app quit

Ensures all sync timers and debounce timers are properly cleaned up
when the application shuts down, preventing sync operations during
shutdown.

* fix: improve logging system security and log viewer context filtering

- Protect active log files from cleanup deletion
- Add IPC rate limiting to prevent renderer process flooding
- Restrict log file permissions to owner-only access
- Add context sanitization to error classification (passwords/tokens only)
- Remove ANSI color codes from OutlookCalendar logger prefixes
- Fix log viewer context filter to use structured tag matching instead of substring search

* feat: add detailed events logging toggle for Outlook calendar sync

Add a new toggle in Settings > Developer to log full event data exchanged
between Exchange and Rocket.Chat during calendar sync. When enabled, logs
raw Exchange appointments, CRUD payloads/responses, event comparisons,
and sync summaries for diagnosing sync issues.

* fix: address PR review feedback

- Fix regex precedence in error classification so 'timeout' doesn't match too broadly
- Add lang="en" to log viewer HTML for accessibility
- Add circular reference guard to redactObject to prevent stack overflow
- Update AGENTS.md with missing outlookDebug/outlookEventDetail imports

* fix: address second round of PR review feedback

- Narrow SSL/TLS regex to match specific error codes instead of broad substrings
- Make sanitizeContext recursive to redact nested sensitive keys
- Align multi-line JSON context with box-drawing prefix in error logs
- Preserve original case in custom path segments in buildEwsPathname

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.4

* fix: log viewer Windows compatibility and Outlook logging in production (#3203)

- Handle CRLF line endings from Windows log files (split on \r?\n)
- Fix regex to allow variable whitespace between bracket groups
- Change outlookLog/outlookDebug/outlookEventDetail to console.info
  so they reach the file transport in production (info threshold)
  instead of being silently dropped as debug level
- Fix Outlook preload console.log calls to console.info (same issue)
- Fix app startup completion log to console.info

* Version 4.12.1-alpha.5

* fix: always send endTime and busy fields in calendar sync payload (#3204)

Remove server version gate (>= 7.5.0) that conditionally included endTime and busy fields when syncing Outlook calendar events to Rocket.Chat server. The gate was failing for some customers because server.version was not populated in the Redux store, causing these fields to be silently dropped from create/update payloads regardless of actual server version.

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)

Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.6

* Merge master into dev — bring bug fixes to dev branch (#3215)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: Add safe guards to prevent The application GUI just crashed (#3206)

* fix: guard store functions against pre-initialization calls on macOS Tahoe

On macOS 26.x (Tahoe), the IPC call to retrieve the server URL is slower
than on earlier macOS versions, causing the preload to retry with a 1-second
delay. During this window the RC webapp loads and calls
`window.RocketChatDesktop.setTitle()` and `setUserPresenceDetection()`, which
internally invoke `dispatch()` and `listen()` from the Redux store before
`createRendererReduxStore()` has completed. Since `reduxStore` is still
`undefined`, accessing `.dispatch` or `.subscribe` throws a TypeError that
propagates back through contextBridge into the React tree, crashing the app
with "The application GUI just crashed".

…

* fix: Bugsnag network connections even with errors reporting disabled (#3190)

* fix: disable Bugsnag auto session tracking to prevent unwanted network connections

Adds autoTrackSessions: false to Bugsnag.start() configuration to prevent
the SDK from automatically connecting to sessions.bugsnag.com on initialization.
This fixes issues in air-gapped networks where the connection attempt triggers
certificate error dialogs even when telemetry is disabled.

Also upgrades @bugsnag/js from v7.22.3 to v8.8.1.

* test: add integration tests for Bugsnag network behavior

- Use nock to intercept real HTTP requests from Bugsnag SDK
- Verify no network calls when reporting is disabled
- Verify sessions are sent when reporting is enabled
- Use Object.defineProperty for env var mocking
- Skip tests on Windows due to Jest module mocking issues

* Version 4.12.1-alpha.1

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar (#3191)

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

---------

Co-authored-by: Pierre Lehnen <[email protected]>

* Add configurable Outlook calendar sync interval (#3198)

* feat: add configurable Outlook calendar sync interval (1-60 min)

Adds a user-editable sync interval setting to Settings > General,
with admin override support via overridden-settings.json. Uses a
nullable override pattern (number | null) to cleanly separate admin
overrides from persisted user preferences, preventing contamination.
Includes debounced runtime restart of the sync task on changes.

* chore: bump version to 4.12.1-alpha.3, improve sync interval change handling

Increases debounce to 10s, triggers an immediate sync before
rescheduling, and adds a log message when the interval changes.

* fix: clean up sync state when credentials are cleared or app shuts down

Prevents stale credentials from being used by the debounced interval
restart callback. Clears timers, nulls module-level state, and
unsubscribes the interval watcher on credential clear and shutdown.

* feat: Add outlook detailed logs toggle (#3199)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: call stopOutlookCalendarSync on app quit

Ensures all sync timers and debounce timers are properly cleaned up
when the application shuts down, preventing sync operations during
shutdown.

* fix: improve logging system security and log viewer context filtering

- Protect active log files from cleanup deletion
- Add IPC rate limiting to prevent renderer process flooding
- Restrict log file permissions to owner-only access
- Add context sanitization to error classification (passwords/tokens only)
- Remove ANSI color codes from OutlookCalendar logger prefixes
- Fix log viewer context filter to use structured tag matching instead of substring search

* feat: add detailed events logging toggle for Outlook calendar sync

Add a new toggle in Settings > Developer to log full event data exchanged
between Exchange and Rocket.Chat during calendar sync. When enabled, logs
raw Exchange appointments, CRUD payloads/responses, event comparisons,
and sync summaries for diagnosing sync issues.

* fix: address PR review feedback

- Fix regex precedence in error classification so 'timeout' doesn't match too broadly
- Add lang="en" to log viewer HTML for accessibility
- Add circular reference guard to redactObject to prevent stack overflow
- Update AGENTS.md with missing outlookDebug/outlookEventDetail imports

* fix: address second round of PR review feedback

- Narrow SSL/TLS regex to match specific error codes instead of broad substrings
- Make sanitizeContext recursive to redact nested sensitive keys
- Align multi-line JSON context with box-drawing prefix in error logs
- Preserve original case in custom path segments in buildEwsPathname

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.4

* fix: log viewer Windows compatibility and Outlook logging in production (#3203)

- Handle CRLF line endings from Windows log files (split on \r?\n)
- Fix regex to allow variable whitespace between bracket groups
- Change outlookLog/outlookDebug/outlookEventDetail to console.info
  so they reach the file transport in production (info threshold)
  instead of being silently dropped as debug level
- Fix Outlook preload console.log calls to console.info (same issue)
- Fix app startup completion log to console.info

* Version 4.12.1-alpha.5

* fix: always send endTime and busy fields in calendar sync payload (#3204)

Remove server version gate (>= 7.5.0) that conditionally included endTime and busy fields when syncing Outlook calendar events to Rocket.Chat server. The gate was failing for some customers because server.version was not populated in the Redux store, causing these fields to be silently dropped from create/update payloads regardless of actual server version.

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)

Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.6

* Merge master into dev — bring bug fixes to dev branch (#3215)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: Add safe guards to prevent The application GUI just crashed (#3206)

* fix: guard store functions against pre-initialization calls on macOS Tahoe

On macOS 26.x (Tahoe), the IPC call to retrieve the server URL is slower
than on earlier macOS versions, causing the preload to retry with a 1-second
delay. During this window the RC webapp loads and calls
`window.RocketChatDesktop.setTitle()` and `setUserPresenceDetection()`, which
internally invoke `dispatch()` and `listen()` from the Redux store before
`createRendererReduxStore()` has completed. Since `reduxStore` is still
`undefined`, accessing `.dispatch` or `.subscribe` throws a TypeError that
propagates back through contextBridge into the React tree, crashing the app
with "The application GUI just crashed".

…

* fix: Bugsnag network connections even with errors reporting disabled (#3190)

* fix: disable Bugsnag auto session tracking to prevent unwanted network connections

Adds autoTrackSessions: false to Bugsnag.start() configuration to prevent
the SDK from automatically connecting to sessions.bugsnag.com on initialization.
This fixes issues in air-gapped networks where the connection attempt triggers
certificate error dialogs even when telemetry is disabled.

Also upgrades @bugsnag/js from v7.22.3 to v8.8.1.

* test: add integration tests for Bugsnag network behavior

- Use nock to intercept real HTTP requests from Bugsnag SDK
- Verify no network calls when reporting is disabled
- Verify sessions are sent when reporting is enabled
- Use Object.defineProperty for env var mocking
- Skip tests on Windows due to Jest module mocking issues

* Version 4.12.1-alpha.1

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar (#3191)

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

---------

Co-authored-by: Pierre Lehnen <[email protected]>

* Add configurable Outlook calendar sync interval (#3198)

* feat: add configurable Outlook calendar sync interval (1-60 min)

Adds a user-editable sync interval setting to Settings > General,
with admin override support via overridden-settings.json. Uses a
nullable override pattern (number | null) to cleanly separate admin
overrides from persisted user preferences, preventing contamination.
Includes debounced runtime restart of the sync task on changes.

* chore: bump version to 4.12.1-alpha.3, improve sync interval change handling

Increases debounce to 10s, triggers an immediate sync before
rescheduling, and adds a log message when the interval changes.

* fix: clean up sync state when credentials are cleared or app shuts down

Prevents stale credentials from being used by the debounced interval
restart callback. Clears timers, nulls module-level state, and
unsubscribes the interval watcher on credential clear and shutdown.

* feat: Add outlook detailed logs toggle (#3199)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: call stopOutlookCalendarSync on app quit

Ensures all sync timers and debounce timers are properly cleaned up
when the application shuts down, preventing sync operations during
shutdown.

* fix: improve logging system security and log viewer context filtering

- Protect active log files from cleanup deletion
- Add IPC rate limiting to prevent renderer process flooding
- Restrict log file permissions to owner-only access
- Add context sanitization to error classification (passwords/tokens only)
- Remove ANSI color codes from OutlookCalendar logger prefixes
- Fix log viewer context filter to use structured tag matching instead of substring search

* feat: add detailed events logging toggle for Outlook calendar sync

Add a new toggle in Settings > Developer to log full event data exchanged
between Exchange and Rocket.Chat during calendar sync. When enabled, logs
raw Exchange appointments, CRUD payloads/responses, event comparisons,
and sync summaries for diagnosing sync issues.

* fix: address PR review feedback

- Fix regex precedence in error classification so 'timeout' doesn't match too broadly
- Add lang="en" to log viewer HTML for accessibility
- Add circular reference guard to redactObject to prevent stack overflow
- Update AGENTS.md with missing outlookDebug/outlookEventDetail imports

* fix: address second round of PR review feedback

- Narrow SSL/TLS regex to match specific error codes instead of broad substrings
- Make sanitizeContext recursive to redact nested sensitive keys
- Align multi-line JSON context with box-drawing prefix in error logs
- Preserve original case in custom path segments in buildEwsPathname

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.4

* fix: log viewer Windows compatibility and Outlook logging in production (#3203)

- Handle CRLF line endings from Windows log files (split on \r?\n)
- Fix regex to allow variable whitespace between bracket groups
- Change outlookLog/outlookDebug/outlookEventDetail to console.info
  so they reach the file transport in production (info threshold)
  instead of being silently dropped as debug level
- Fix Outlook preload console.log calls to console.info (same issue)
- Fix app startup completion log to console.info

* Version 4.12.1-alpha.5

* fix: always send endTime and busy fields in calendar sync payload (#3204)

Remove server version gate (>= 7.5.0) that conditionally included endTime and busy fields when syncing Outlook calendar events to Rocket.Chat server. The gate was failing for some customers because server.version was not populated in the Redux store, causing these fields to be silently dropped from create/update payloads regardless of actual server version.

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)

Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.6

* Merge master into dev — bring bug fixes to dev branch (#3215)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: Add safe guards to prevent The application GUI just crashed (#3206)

* fix: guard store functions against pre-initialization calls on macOS Tahoe

On macOS 26.x (Tahoe), the IPC call to retrieve the server URL is slower
than on earlier macOS versions, causing the preload to retry with a 1-second
delay. During this window the RC webapp loads and calls
`window.RocketChatDesktop.setTitle()` and `setUserPresenceDetection()`, which
internally invoke `dispatch()` and `listen()` from the Redux store before
`createRendererReduxStore()` has completed. Since `reduxStore` is still
`undefined`, accessing `.dispatch` or `.subscribe` throws a TypeError that
propagates back through contextBridge into the React tree, crashing the app
with "The application GUI just crashed".

…

* fix: Bugsnag network connections even with errors reporting disabled (#3190)

* fix: disable Bugsnag auto session tracking to prevent unwanted network connections

Adds autoTrackSessions: false to Bugsnag.start() configuration to prevent
the SDK from automatically connecting to sessions.bugsnag.com on initialization.
This fixes issues in air-gapped networks where the connection attempt triggers
certificate error dialogs even when telemetry is disabled.

Also upgrades @bugsnag/js from v7.22.3 to v8.8.1.

* test: add integration tests for Bugsnag network behavior

- Use nock to intercept real HTTP requests from Bugsnag SDK
- Verify no network calls when reporting is disabled
- Verify sessions are sent when reporting is enabled
- Use Object.defineProperty for env var mocking
- Skip tests on Windows due to Jest module mocking issues

* Version 4.12.1-alpha.1

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar (#3191)

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

---------

Co-authored-by: Pierre Lehnen <[email protected]>

* Add configurable Outlook calendar sync interval (#3198)

* feat: add configurable Outlook calendar sync interval (1-60 min)

Adds a user-editable sync interval setting to Settings > General,
with admin override support via overridden-settings.json. Uses a
nullable override pattern (number | null) to cleanly separate admin
overrides from persisted user preferences, preventing contamination.
Includes debounced runtime restart of the sync task on changes.

* chore: bump version to 4.12.1-alpha.3, improve sync interval change handling

Increases debounce to 10s, triggers an immediate sync before
rescheduling, and adds a log message when the interval changes.

* fix: clean up sync state when credentials are cleared or app shuts down

Prevents stale credentials from being used by the debounced interval
restart callback. Clears timers, nulls module-level state, and
unsubscribes the interval watcher on credential clear and shutdown.

* feat: Add outlook detailed logs toggle (#3199)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: call stopOutlookCalendarSync on app quit

Ensures all sync timers and debounce timers are properly cleaned up
when the application shuts down, preventing sync operations during
shutdown.

* fix: improve logging system security and log viewer context filtering

- Protect active log files from cleanup deletion
- Add IPC rate limiting to prevent renderer process flooding
- Restrict log file permissions to owner-only access
- Add context sanitization to error classification (passwords/tokens only)
- Remove ANSI color codes from OutlookCalendar logger prefixes
- Fix log viewer context filter to use structured tag matching instead of substring search

* feat: add detailed events logging toggle for Outlook calendar sync

Add a new toggle in Settings > Developer to log full event data exchanged
between Exchange and Rocket.Chat during calendar sync. When enabled, logs
raw Exchange appointments, CRUD payloads/responses, event comparisons,
and sync summaries for diagnosing sync issues.

* fix: address PR review feedback

- Fix regex precedence in error classification so 'timeout' doesn't match too broadly
- Add lang="en" to log viewer HTML for accessibility
- Add circular reference guard to redactObject to prevent stack overflow
- Update AGENTS.md with missing outlookDebug/outlookEventDetail imports

* fix: address second round of PR review feedback

- Narrow SSL/TLS regex to match specific error codes instead of broad substrings
- Make sanitizeContext recursive to redact nested sensitive keys
- Align multi-line JSON context with box-drawing prefix in error logs
- Preserve original case in custom path segments in buildEwsPathname

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.4

* fix: log viewer Windows compatibility and Outlook logging in production (#3203)

- Handle CRLF line endings from Windows log files (split on \r?\n)
- Fix regex to allow variable whitespace between bracket groups
- Change outlookLog/outlookDebug/outlookEventDetail to console.info
  so they reach the file transport in production (info threshold)
  instead of being silently dropped as debug level
- Fix Outlook preload console.log calls to console.info (same issue)
- Fix app startup completion log to console.info

* Version 4.12.1-alpha.5

* fix: always send endTime and busy fields in calendar sync payload (#3204)

Remove server version gate (>= 7.5.0) that conditionally included endTime and busy fields when syncing Outlook calendar events to Rocket.Chat server. The gate was failing for some customers because server.version was not populated in the Redux store, causing these fields to be silently dropped from create/update payloads regardless of actual server version.

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)

Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.6

* Merge master into dev — bring bug fixes to dev branch (#3215)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: Add safe guards to prevent The application GUI just crashed (#3206)

* fix: guard store functions against pre-initialization calls on macOS Tahoe

On macOS 26.x (Tahoe), the IPC call to retrieve the server URL is slower
than on earlier macOS versions, causing the preload to retry with a 1-second
delay. During this window the RC webapp loads and calls
`window.RocketChatDesktop.setTitle()` and `setUserPresenceDetection()`, which
internally invoke `dispatch()` and `listen()` from the Redux store before
`createRendererReduxStore()` has completed. Since `reduxStore` is still
`undefined`, accessing `.dispatch` or `.subscribe` throws a TypeError that
propagates back through contextBridge into the React tree, crashing the app
with "The application GUI just crashed".

…

…OS (#3270)

* Version 4.13.0 (#3233)

* fix: Bugsnag network connections even with errors reporting disabled (#3190)

* fix: disable Bugsnag auto session tracking to prevent unwanted network connections

Adds autoTrackSessions: false to Bugsnag.start() configuration to prevent
the SDK from automatically connecting to sessions.bugsnag.com on initialization.
This fixes issues in air-gapped networks where the connection attempt triggers
certificate error dialogs even when telemetry is disabled.

Also upgrades @bugsnag/js from v7.22.3 to v8.8.1.

* test: add integration tests for Bugsnag network behavior

- Use nock to intercept real HTTP requests from Bugsnag SDK
- Verify no network calls when reporting is disabled
- Verify sessions are sent when reporting is enabled
- Use Object.defineProperty for env var mocking
- Skip tests on Windows due to Jest module mocking issues

* Version 4.12.1-alpha.1

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar (#3191)

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

---------

Co-authored-by: Pierre Lehnen <[email protected]>

* Add configurable Outlook calendar sync interval (#3198)

* feat: add configurable Outlook calendar sync interval (1-60 min)

Adds a user-editable sync interval setting to Settings > General,
with admin override support via overridden-settings.json. Uses a
nullable override pattern (number | null) to cleanly separate admin
overrides from persisted user preferences, preventing contamination.
Includes debounced runtime restart of the sync task on changes.

* chore: bump version to 4.12.1-alpha.3, improve sync interval change handling

Increases debounce to 10s, triggers an immediate sync before
rescheduling, and adds a log message when the interval changes.

* fix: clean up sync state when credentials are cleared or app shuts down

Prevents stale credentials from being used by the debounced interval
restart callback. Clears timers, nulls module-level state, and
unsubscribes the interval watcher on credential clear and shutdown.

* feat: Add outlook detailed logs toggle (#3199)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: call stopOutlookCalendarSync on app quit

Ensures all sync timers and debounce timers are properly cleaned up
when the application shuts down, preventing sync operations during
shutdown.

* fix: improve logging system security and log viewer context filtering

- Protect active log files from cleanup deletion
- Add IPC rate limiting to prevent renderer process flooding
- Restrict log file permissions to owner-only access
- Add context sanitization to error classification (passwords/tokens only)
- Remove ANSI color codes from OutlookCalendar logger prefixes
- Fix log viewer context filter to use structured tag matching instead of substring search

* feat: add detailed events logging toggle for Outlook calendar sync

Add a new toggle in Settings > Developer to log full event data exchanged
between Exchange and Rocket.Chat during calendar sync. When enabled, logs
raw Exchange appointments, CRUD payloads/responses, event comparisons,
and sync summaries for diagnosing sync issues.

* fix: address PR review feedback

- Fix regex precedence in error classification so 'timeout' doesn't match too broadly
- Add lang="en" to log viewer HTML for accessibility
- Add circular reference guard to redactObject to prevent stack overflow
- Update AGENTS.md with missing outlookDebug/outlookEventDetail imports

* fix: address second round of PR review feedback

- Narrow SSL/TLS regex to match specific error codes instead of broad substrings
- Make sanitizeContext recursive to redact nested sensitive keys
- Align multi-line JSON context with box-drawing prefix in error logs
- Preserve original case in custom path segments in buildEwsPathname

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.4

* fix: log viewer Windows compatibility and Outlook logging in production (#3203)

- Handle CRLF line endings from Windows log files (split on \r?\n)
- Fix regex to allow variable whitespace between bracket groups
- Change outlookLog/outlookDebug/outlookEventDetail to console.info
  so they reach the file transport in production (info threshold)
  instead of being silently dropped as debug level
- Fix Outlook preload console.log calls to console.info (same issue)
- Fix app startup completion log to console.info

* Version 4.12.1-alpha.5

* fix: always send endTime and busy fields in calendar sync payload (#3204)

Remove server version gate (>= 7.5.0) that conditionally included endTime and busy fields when syncing Outlook calendar events to Rocket.Chat server. The gate was failing for some customers because server.version was not populated in the Redux store, causing these fields to be silently dropped from create/update payloads regardless of actual server version.

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)

Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.6

* Merge master into dev — bring bug fixes to dev branch (#3215)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: Add safe guards to prevent The application GUI just crashed (#3206)

* fix: guard store functions against pre-initialization calls on macOS Tahoe

On macOS 26.x (Tahoe), the IPC call to retrieve the server URL is slower
than on earlier macOS versions, causing the preload to retry with a 1-second
delay. During this window the RC webapp loads and calls
`window.RocketChatDesktop.setTitle()` and `setUserPresenceDetection()`, which
internally invoke `dispatch()` and `listen()` from the Redux store before
`createRendererReduxStore()` has completed. Since `reduxStore` is still
`undefined`, accessing `.dispatch` or `.subscribe` throws a TypeError that
propagates back through contextBrid…

* Version 4.13.0 (#3233)

* fix: Bugsnag network connections even with errors reporting disabled (#3190)

* fix: disable Bugsnag auto session tracking to prevent unwanted network connections

Adds autoTrackSessions: false to Bugsnag.start() configuration to prevent
the SDK from automatically connecting to sessions.bugsnag.com on initialization.
This fixes issues in air-gapped networks where the connection attempt triggers
certificate error dialogs even when telemetry is disabled.

Also upgrades @bugsnag/js from v7.22.3 to v8.8.1.

* test: add integration tests for Bugsnag network behavior

- Use nock to intercept real HTTP requests from Bugsnag SDK
- Verify no network calls when reporting is disabled
- Verify sessions are sent when reporting is enabled
- Use Object.defineProperty for env var mocking
- Skip tests on Windows due to Jest module mocking issues

* Version 4.12.1-alpha.1

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar (#3191)

* feat: add admin setting to bypass SSL certificate validation for Outlook calendar

Add `allowInsecureOutlookConnections` setting for air-gapped environments
where Exchange servers use self-signed or internal CA certificates.

Configurable via overridden-settings.json:
{ "allowInsecureOutlookConnections": true }

Changes:
- Add new reducer for the setting (defaults to false)
- Apply setting to both Exchange (XhrApi) and Rocket.Chat (axios) connections
- Reuse single HTTPS agent per sync for better performance
- Fix missing await on createEventOnRocketChatServer call

* Version 4.12.1-alpha.2

* chore: patch @ewsjs/xhr to stop overwriting request errors

* lock file

* fix: make allowInsecureOutlookConnections override-only setting

The setting was being persisted to config.json, which meant once set to
true it would stay true even after removing from overridden-settings.json.

Changes:
- Remove from PersistableValues type and migrations
- Remove from selectPersistableValues selector
- Explicitly read from override files on each app start
- Accept case-insensitive "true" values for robustness
- Always defaults to false when key is missing

This ensures admins have full control over the setting in air-gapped
environments where remote debugging is not possible.

---------

Co-authored-by: Pierre Lehnen <[email protected]>

* Add configurable Outlook calendar sync interval (#3198)

* feat: add configurable Outlook calendar sync interval (1-60 min)

Adds a user-editable sync interval setting to Settings > General,
with admin override support via overridden-settings.json. Uses a
nullable override pattern (number | null) to cleanly separate admin
overrides from persisted user preferences, preventing contamination.
Includes debounced runtime restart of the sync task on changes.

* chore: bump version to 4.12.1-alpha.3, improve sync interval change handling

Increases debounce to 10s, triggers an immediate sync before
rescheduling, and adds a log message when the interval changes.

* fix: clean up sync state when credentials are cleared or app shuts down

Prevents stale credentials from being used by the debounced interval
restart callback. Clears timers, nulls module-level state, and
unsubscribes the interval watcher on credential clear and shutdown.

* feat: Add outlook detailed logs toggle (#3199)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: call stopOutlookCalendarSync on app quit

Ensures all sync timers and debounce timers are properly cleaned up
when the application shuts down, preventing sync operations during
shutdown.

* fix: improve logging system security and log viewer context filtering

- Protect active log files from cleanup deletion
- Add IPC rate limiting to prevent renderer process flooding
- Restrict log file permissions to owner-only access
- Add context sanitization to error classification (passwords/tokens only)
- Remove ANSI color codes from OutlookCalendar logger prefixes
- Fix log viewer context filter to use structured tag matching instead of substring search

* feat: add detailed events logging toggle for Outlook calendar sync

Add a new toggle in Settings > Developer to log full event data exchanged
between Exchange and Rocket.Chat during calendar sync. When enabled, logs
raw Exchange appointments, CRUD payloads/responses, event comparisons,
and sync summaries for diagnosing sync issues.

* fix: address PR review feedback

- Fix regex precedence in error classification so 'timeout' doesn't match too broadly
- Add lang="en" to log viewer HTML for accessibility
- Add circular reference guard to redactObject to prevent stack overflow
- Update AGENTS.md with missing outlookDebug/outlookEventDetail imports

* fix: address second round of PR review feedback

- Narrow SSL/TLS regex to match specific error codes instead of broad substrings
- Make sanitizeContext recursive to redact nested sensitive keys
- Align multi-line JSON context with box-drawing prefix in error logs
- Preserve original case in custom path segments in buildEwsPathname

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.4

* fix: log viewer Windows compatibility and Outlook logging in production (#3203)

- Handle CRLF line endings from Windows log files (split on \r?\n)
- Fix regex to allow variable whitespace between bracket groups
- Change outlookLog/outlookDebug/outlookEventDetail to console.info
  so they reach the file transport in production (info threshold)
  instead of being silently dropped as debug level
- Fix Outlook preload console.log calls to console.info (same issue)
- Fix app startup completion log to console.info

* Version 4.12.1-alpha.5

* fix: always send endTime and busy fields in calendar sync payload (#3204)

Remove server version gate (>= 7.5.0) that conditionally included endTime and busy fields when syncing Outlook calendar events to Rocket.Chat server. The gate was failing for some customers because server.version was not populated in the Redux store, causing these fields to be silently dropped from create/update payloads regardless of actual server version.

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)

Co-authored-by: Sisyphus <[email protected]>

* Version 4.12.1-alpha.6

* Merge master into dev — bring bug fixes to dev branch (#3215)

* feat: Add Exchange/EWS debugging patches and error classification (#3187)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(outlook): add @ewsjs/xhr debugging patches

Add comprehensive NTLM authentication debugging to @ewsjs/xhr library:

- patches-src/ directory structure for maintainable patches
- Enhanced ntlmProvider.ts with detailed NTLM handshake logging
- Enhanced xhrApi.ts with HTTP request/response debugging
- Yarn patch resolution for @ewsjs/[email protected]
- apply-patches.sh script for regenerating patches

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add type definitions for calendar sync

Add error-related type definitions to support error classification:

- ErrorSource: exchange, rocket_chat, desktop_app, network, authentication, configuration
- ErrorSeverity: low, medium, high, critical
- OutlookCalendarError: full error object with context
- ErrorClassification: pattern matching result type

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): add error classification system

Add comprehensive error classification for Outlook calendar sync:

- Pattern-based error detection for Exchange, Rocket.Chat, and desktop errors
- Automatic severity and source classification
- User-friendly error messages with suggested actions
- Structured logging format for debugging
- Support for NTLM auth, network, SSL, and credential errors

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* feat(outlook): enhance calendar sync with debugging and mutex

* test(outlook): add tests for getOutlookEvents

* feat(outlook): add logging infrastructure for calendar debugging

* chore: fix linting issues for Outlook calendar debugging

- Exclude patches-src/ from eslint (not part of main build)
- Fix has-credentials handler return type to match expected signature

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude)

Co-authored-by: Sisyphus <[email protected]>

* fix: address CodeRabbit review issues for Outlook calendar

- Fix console transport recursion by using originalConsole in writeFn
- Fix infinite recursion in redactObject using destructuring
- Remove NTLM Type 3 message logging (contains credentials)
- Fix queued sync promises never resolving by tracking resolve/reject
- Fix unhandled async errors in preload using .then().catch()
- Accept HTTP 2xx status codes instead of only 200
- Fix URL validation to check pathname instead of full URL
- Update tests to match actual implementation behavior

* feat(settings): add Developer tab with verbose Outlook logging toggle

- Add Developer tab in Settings (only visible when developer mode enabled)
- Add verbose Outlook logging toggle to control [OutlookCalendar] console output
- Add colored console output for better visibility on dark themes
- Redirect to General tab when developer mode disabled while on Developer tab
- Create centralized logger (outlookLog, outlookError, etc.) in src/outlookCalendar/logger.ts
- Convert all direct console.log calls to use centralized logger
- Fix infinite recursion bug in patches (verboseLog calling itself)
- Add AGENTS.md documentation files for knowledge management
- Use theme-aware colors for Settings UI text

* fix(ci): remove conflicting patch-package patch for @ewsjs/xhr

The @ewsjs/xhr package is already patched via Yarn's patch protocol
(.yarn/patches/). The patch-package patch was accidentally added and
conflicts with the already-applied Yarn patch, causing CI failures.

* docs: add patching mechanism documentation to AGENTS.md

Clarify that @ewsjs/xhr uses Yarn patch protocol (.yarn/patches/)
while patch-package (patches/) is only for other packages.
This prevents accidental CI breakage from conflicting patches.

* fix: address CodeRabbit review comments

- logger.ts: Use shared prefix constants instead of duplicating strings
- getOutlookEvents.ts: Replace Promise.reject() with throw statements
- getOutlookEvents.ts: Route console.error through outlookError
- ipc.ts: Route all console.* through outlookLog/outlookWarn/outlookError
- ipc.ts: Replace Promise.reject(e) with throw e
- AGENTS.md: Fix markdown formatting and update versions

* fix(outlook): address CodeRabbit review issues

- Add JSDoc to syncEventsWithRocketChatServer documenting sync coalescing
- Remove isSyncInProgress check in initial sync (let queue handle it)
- Remove logging implementation details test (tested console.log colors)

* chore: remove unused patches-src directory

The debugging code in patches-src/ was never applied - only the minimal
bug fix in .yarn/patches/ is used. Removing dead code to avoid confusion.

* fix: address all code review issues from PR #3187 review

CRITICAL fixes:
- Support multi-server sync state (Map instead of globals)
- Fix Promise<Promise<boolean>> return type
- Use JSON.stringify for safe string escaping in executeJavaScript

MAJOR fixes:
- Add RocketChat calendar event types for type safety
- CRUD operations now return {success, error?} instead of swallowing errors
- Replace sync fs.appendFileSync with async fs.promises.appendFile
- Add useId() and htmlFor for accessibility in ThemeAppearance
- Apply privacy redaction to all transports (not just file)

MINOR fixes:
- Extract magic numbers to named constants
- Extract duplicate buildEwsPathname helper function
- Remove unused _context parameter from classifyError
- Remove fire-and-forget connectivity test calls
- Add originalConsole fallback in preload logging
- Optimize getComponentContext to skip stack trace for log/info/debug
- Fix email regex typo: [A-Z|a-z] -> [A-Za-z]
- Fix double timestamp in createClassifiedError
- Replace inline style with Fuselage pt prop

* fix(outlook): fix race condition in sync queue processing

Changed 'if' to 'while' loop to ensure all queued syncs are processed.
Previously, syncs queued while lastSync.run() was executing would be lost
because the queue was cleared before processing started.

* fix: address additional code review issues

- Fix pool exhaustion bug in context.ts: add overflow counter fallback
  when availableServerIds is depleted, emit warning with diagnostics
- Fix PII leak in ipc.ts error logging: move sensitive fields (subject,
  responseData) to verbose-only outlookLog calls at 5 locations
- Fix silent failure in performSync: throw error instead of silent
  return when eventsOnRocketChatServer fetch fails

* fix(logging): add captureComponentStack parameter to getLogContext

Allows callers to opt into stack-based component detection by passing
captureComponentStack=true, while preserving default behavior.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>
Co-authored-by: Sisyphus <[email protected]>

* feat: Add scoped logging infrastructure and log viewer window (#3186)

* chore(theme): transparency mode not removing background of server view (#3156)

* Language update from Lingohub 🤖 (#3165)

Project Name: Rocket.Chat.Electron
Project Link: https://app.lingohub.com/project/pr_1Ag2Vlx6MWNt-16038/branches/prb_16rm9BiWK53b-4144
User: Lingohub Robot

Easy language translations with Lingohub 🚀

Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>

* feat: Implement user theme preference settings  (#3160)

* feat: Implement user theme preference settings and remove legacy theme appearance handling

- Introduced a new `ThemeAppearance` component to manage user theme preferences, allowing selection between 'auto', 'light', and 'dark' themes.
- Updated state management to include `userThemePreference`, replacing the previous `themeAppearance` handling.
- Removed deprecated theme appearance logic from various components and files, streamlining the codebase.
- Added internationalization support for theme appearance settings across multiple languages.
- Enhanced the UI to reflect user-selected theme preferences dynamically.

* fix(i18n): Correct Norwegian translation for theme appearance description

* fix(theme): Validate theme preference values before dispatching

- Updated the `handleChangeTheme` function to include validation for theme preference values, ensuring only 'auto', 'light', or 'dark' are accepted. This change prevents invalid values from being dispatched, enhancing the robustness of the theme management logic.

* refactor(DocumentViewer): Update theme management to utilize Redux state for user preferences

- Replaced the use of `useDarkMode` with Redux selectors to determine the theme based on user preferences and machine theme.
- Enhanced theme logic to support 'auto', 'light', and 'dark' settings, improving the flexibility and responsiveness of the theme management in the DocumentViewer component.

* refactor(DocumentViewer): Simplify theme management by removing Redux dependencies

- Eliminated the use of Redux selectors for theme management in the DocumentViewer component, replacing it with a static 'tint' background and default color settings.
- Streamlined the component's code by removing unnecessary theme logic, enhancing readability and maintainability.

* chore: Clean up code by removing unnecessary blank lines in ThemeAppearance, TransparentWindow, and userThemePreference files

* fix: Address PR review comments and restore API compatibility

- Remove trailing blank lines from ThemeAppearance.tsx, TransparentWindow.tsx, and userThemePreference.ts
- Restore setUserThemeAppearance as no-op function for backwards compatibility with @rocket.chat/desktop-api interface

* fix: resolve 91 security vulnerabilities in dependencies (#3173)

* fix: resolve 91 security vulnerabilities in dependencies

- Update axios 1.6.4 -> 1.13.2 (SSRF, DoS, credential leakage)
- Update electron-updater 5.3.0 -> 6.3.9 (code signing bypass)
- Update rollup 4.9.6 -> 4.32.0 (DOM clobbering XSS)
- Update glob 11.0.3 -> 11.1.0 in workspace (command injection)
- Add resolutions for transitive dependencies:
  - cross-spawn, braces, ws, follow-redirects
  - form-data, tar-fs, undici
- Add comprehensive security remediation documentation

* docs: fix markdown lint - add language specifier to code block

* chore: Remove security documentation from repository

Security vulnerability remediation documentation kept locally for reference.

* fix: Issues in German translation (#3155)

* chore: Upgrade Electron and Node.js versions, update README and packa… (#3179)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* chore: Update @types/node version in package.json and yarn.lock

- Upgraded @types/node from version 16.18.69 to 25.0.10 in both package.json and yarn.lock to ensure compatibility with the latest TypeScript features and improvements.

* chore: Enable alpha releases (#3180)

* chore: Upgrade Electron and Node.js versions, update README and package configurations

- Updated Electron dependency from version 39.2.5 to 40.0.0 in package.json and yarn.lock.
- Bumped Node.js version requirements in package.json and devEngines to >=24.11.1.
- Revised README.md to reflect new supported platforms and minimum version requirements.
- Removed deprecated tests related to ELECTRON_OZONE_PLATFORM_HINT in app.main.spec.ts.
- Enhanced documentation for development prerequisites and troubleshooting sections.

* chore: Bump version numbers in configuration files

- Updated the bundle version in electron-builder.json from 26010 to 26011.
- Incremented the application version in package.json from 4.11.1 to 4.12.0.

* docs: Update README to reflect new platform support and installation formats

- Revised the supported platforms section to include additional architectures and installation formats for Windows, macOS, and Linux.
- Updated download links for Microsoft Store and Mac App Store, ensuring accurate access to application sources.

* docs: Revise README layout for download links

- Updated the formatting of download links for Microsoft Store, Mac App Store, and Snap Store to improve visual presentation and accessibility.
- Changed from a div-based layout to a paragraph-based layout with adjusted image sizes for better responsiveness.

* docs: Add alpha release process documentation

- Introduced a new document detailing the alpha release process for the Rocket.Chat Desktop app, including channel definitions, versioning guidelines, and steps for creating and publishing alpha releases.
- Included instructions for users to opt into the alpha channel and troubleshooting tips for common issues.

* chore: Update architecture support and Node.js version requirements

- Added 'arm64' architecture support to the build targets in electron-builder.json for NSIS, MSI, and ZIP formats.
- Lowered the minimum Node.js version requirement in package.json from >=24.11.1 to >=20.0.0 for better compatibility.

* chore: Change develop branch to dev for release workflow

Update build-release workflow and desktop-release-action to use 'dev'
branch instead of 'develop' for development releases.

* chore: Update versioning and add release tag script

- Bumped version in package.json to 4.12.0.alpha.1.
- Added scripts/release-tag.ts for automated release tagging.
- Updated .eslintignore to exclude the new scripts directory.

* chore: Correct version format in package.json

- Updated version format in package.json from "4.12.0.alpha.1" to "4.12.0-alpha.1" for consistency.

* chore: Update all workflows to use dev branch instead of develop

- validate-pr.yml: Add dev to PR target branches
- powershell-lint.yml: Change develop to dev
- pull-request-build.yml: Change develop to dev

* fix: Normalize tags for consistent comparison in release-tag script

Strip leading 'v' prefix when comparing tags to handle both v-prefixed
and non-prefixed tag formats consistently.

* chore: Increment bundle version in electron-builder.json to 26012

* chore: Address nitpick comments in release-tag script

- Add comment explaining why /scripts is excluded from eslint
- Return null on exec error to distinguish from empty output
- Add warning when git tag list fails
- Use -- separator in git commands for safety

* fix: Add jsign to GITHUB_PATH in Windows CI setup

The jsign tool was being installed but not added to PATH for subsequent
steps. This caused the "Verify tools" step to fail with "jsign not found".

* chore: Bump version to 4.12.0-alpha.2

- Updated version in package.json to 4.12.0-alpha.2
- Incremented bundleVersion in electron-builder.json to 26013

* docs: Add QA testing guide for alpha channel updates

* docs: Rename alpha docs to pre-release and fix workflow concurrency

- Rename alpha-release-process.md to pre-release-process.md
- Add beta release documentation
- Add detailed channel switching instructions
- Fix concurrency group using github.ref instead of github.head_ref
  (github.head_ref is empty for push events, causing tag builds to cancel)

* feat(logging): add scoped logging infrastructure

* feat(log-viewer): add log viewer window and components

* build: add log viewer window build configuration

* feat: integrate logging and log viewer into app lifecycle

* feat: add log viewer IPC channels and menu item

* feat: add i18n translations and fix UI color tokens

* chore: add logging dependencies and fix type error

* fix: address code review feedback

- Add 'silly' log level to LogLevel type for electron-log compatibility
- Fix duplicate server IDs by using overflow counter instead of MAX_SERVER_ID
- Reset startInProgress flag when retry count exceeded in preload
- Add statLog to log viewer preload API
- Use contextIsolation and preload script for log viewer window security
- Replace direct ipcRenderer usage with window.logViewerAPI in renderer

* revert: restore log viewer window settings and add architecture guidelines

- Revert nodeIntegration/contextIsolation changes that broke log viewer
- Add CLAUDE.md guidelines to prevent destructive architecture changes
- Document that existing code patterns exist for specific reasons

* fix: address code review feedback from CodeRabbit

This commit addresses three major review comments:

1. Remove unused preload script for log viewer window
   - The preload.ts was built but never wired to the BrowserWindow
   - Current implementation uses nodeIntegration: true and contextIsolation: false
   - Removed unused build entry from rollup.config.mjs
   - Deleted unused src/logViewerWindow/preload.ts file

2. Guard programmatic scrolls to prevent disabling auto-scroll
   - Added isAutoScrollingRef to track programmatic vs user-initiated scrolls
   - Set flag before calling scrollToIndex and reset after
   - handleScroll now returns early if scroll is programmatic
   - Prevents auto-scroll from being disabled when virtuosoRef.scrollToIndex triggers onScroll

3. Don't swallow startup failures - exit after logging
   - Changed start().catch(console.error) to properly log error and exit
   - Uses logger.error for structured logging
   - Calls app.exit(1) to prevent partial initialization
   - Prevents app running in broken state after critical failures

4. Add error handling to log viewer menu item
   - Wrapped openLogViewer click handler in try-catch
   - Matches pattern used by videoCallDevTools menu item
   - Logs errors to console for debugging

* fix(log-viewer): guard against non-positive limits in getLastNEntries

Return empty content when limit <= 0 to prevent undefined behavior
from negative slice indices.

---------

Co-authored-by: Rodrigo Nascimento <[email protected]>
Co-authored-by: lingohub[bot] <69908207+lingohub[bot]@users.noreply.github.com>
Co-authored-by: Max Lee <[email protected]>

* fix: Add safe guards to prevent The application GUI just crashed (#3206)

* fix: guard store functions against pre-initialization calls on macOS Tahoe

On macOS 26.x (Tahoe), the IPC call to retrieve the server URL is slower
than on earlier macOS versions, causing the preload to retry with a 1-second
delay. During this window the RC webapp loads and calls
`window.RocketChatDesktop.setTitle()` and `setUserPresenceDetection()`, which
internally invoke `dispatch()` and `listen()` from the Redux store before
`createRendererReduxStore()` has completed. Since `reduxStore` is still
`undefined`, accessing `.dispatch` or `.subscribe` throws a TypeError that
propagates back through contextBridge into the React tree,…