From 10c724425ddad50fbe167a718fdee08c6b495af3 Mon Sep 17 00:00:00 2001
From: Adam <x_1337@outlook.com>
Date: Thu, 26 Jun 2025 11:52:54 -0700
Subject: [PATCH] minor fixes (#1500)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

# READ CAREFULLY THEN REMOVE

Remove bullet points that are not relevant.

PLEASE REFRAIN FROM USING AI TO WRITE YOUR CODE AND PR DESCRIPTION. IF YOU DO USE AI TO WRITE YOUR CODE PLEASE PROVIDE A DESCRIPTION AND REVIEW IT CAREFULLY. MAKE SURE YOU UNDERSTAND THE CODE YOU ARE SUBMITTING USING AI.

- Pull requests that do not follow these guidelines will be closed without review or comment.
- If you use AI to write your PR description your pr will be close without review or comment.
- If you are unsure about anything, feel free to ask for clarification.

## Description

Please provide a clear description of your changes.

---

## Type of Change

Please delete options that are not relevant.

- [ ] 🐛 Bug fix (non-breaking change which fixes an issue)
- [ ] ✨ New feature (non-breaking change which adds functionality)
- [ ] 💥 Breaking change (fix or feature with breaking changes)
- [ ] 📝 Documentation update
- [ ] 🎨 UI/UX improvement
- [ ] 🔒 Security enhancement
- [ ] ⚡ Performance improvement

## Areas Affected

Please check all that apply:

- [ ] Email Integration (Gmail, IMAP, etc.)
- [ ] User Interface/Experience
- [ ] Authentication/Authorization
- [ ] Data Storage/Management
- [ ] API Endpoints
- [ ] Documentation
- [ ] Testing Infrastructure
- [ ] Development Workflow
- [ ] Deployment/Infrastructure

## Testing Done

Describe the tests you've done:

- [ ] Unit tests added/updated
- [ ] Integration tests added/updated
- [ ] Manual testing performed
- [ ] Cross-browser testing (if UI changes)
- [ ] Mobile responsiveness verified (if UI changes)

## Security Considerations

For changes involving data or authentication:

- [ ] No sensitive data is exposed
- [ ] Authentication checks are in place
- [ ] Input validation is implemented
- [ ] Rate limiting is considered (if applicable)

## Checklist

- [ ] I have read the [CONTRIBUTING](https://github.com/Mail-0/Zero/blob/staging/.github/CONTRIBUTING.md) document
- [ ] My code follows the project's style guidelines
- [ ] I have performed a self-review of my code
- [ ] I have commented my code, particularly in complex areas
- [ ] I have updated the documentation
- [ ] My changes generate no new warnings
- [ ] I have added tests that prove my fix/feature works
- [ ] All tests pass locally
- [ ] Any dependent changes are merged and published

## Additional Notes

Add any other context about the pull request here.

## Screenshots/Recordings

Add screenshots or recordings here if applicable.

---

_By submitting this pull request, I confirm that my contribution is made under the terms of the project's license._
---
 .github/dependabot.yml                        |  64 ----------
 SECURITY.md                                   |  25 ++++
 .../app/(routes)/settings/general/page.tsx    | 111 ++++++++----------
 apps/server/src/lib/schemas.ts                |   2 +-
 4 files changed, 76 insertions(+), 126 deletions(-)
 delete mode 100644 .github/dependabot.yml
 create mode 100644 SECURITY.md

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
deleted file mode 100644
index de941520d..000000000
--- a/.github/dependabot.yml
+++ /dev/null
@@ -1,64 +0,0 @@
-version: 2
-updates:
-  # Enable version updates for npm
-  - package-ecosystem: "npm"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 10
-    groups:
-      # Group all minor and patch updates for the main repo together
-      dependencies:
-        patterns:
-          - "*"
-
-  # Enable version updates for the mail app
-  - package-ecosystem: "npm"
-    directory: "/apps/mail"
-    schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 10
-    groups:
-      # Group React ecosystem updates together
-      react:
-        patterns:
-          - "react*"
-          - "@types/react*"
-      # Group UI-related packages
-      ui-dependencies:
-        patterns:
-          - "@tiptap*"
-          - "@dnd-kit*"
-          - "@hookform*"
-      # Group all other dependencies
-      other-dependencies:
-        patterns:
-          - "*"
-
-  # Enable version updates for the server app
-  - package-ecosystem: "npm"
-    directory: "/apps/server"
-    schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 10
-
-  # Enable version updates for Docker
-  - package-ecosystem: "docker"
-    directory: "/docker/app"
-    schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 5
-
-  # Enable version updates for Docker DB
-  - package-ecosystem: "docker"
-    directory: "/docker/db"
-    schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 5
-
-  # Enable version updates for GitHub Actions
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 5
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..9a2764090
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,25 @@
+# Security Policy
+
+## Supported Versions
+
+Currently supported, maintained and updated versions:
+
+| Version | Supported          | Support Status                        |
+| ------- | ------------------ | ------------------------------------- |
+| 4.x     | :white_check_mark: | Active Development & Security Updates |
+| < 4.0   | :x:                | End of Life (no security updates)     |
+
+## Security Updates
+
+We take security seriously. Security updates are released as soon as possible after a vulnerability is discovered and verified.
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability, please follow these steps:
+
+1. **DO NOT** disclose the vulnerability publicly.
+2. Send a detailed report to: `cto@0.email`.
+3. Include in your report:
+   - A description of the vulnerability
+   - Steps to reproduce the issue
+   - Potential impact
diff --git a/apps/mail/app/(routes)/settings/general/page.tsx b/apps/mail/app/(routes)/settings/general/page.tsx
index 190288fb8..6b543fc80 100644
--- a/apps/mail/app/(routes)/settings/general/page.tsx
+++ b/apps/mail/app/(routes)/settings/general/page.tsx
@@ -13,15 +13,16 @@ import {
   SelectTrigger,
   SelectValue,
 } from '@/components/ui/select';
+import { Tooltip, TooltipContent, TooltipTrigger } from '@/components/ui/tooltip';
 import { Popover, PopoverContent, PopoverTrigger } from '@/components/ui/popover';
 import { useForm, type ControllerRenderProps } from 'react-hook-form';
 import { useMutation, useQueryClient } from '@tanstack/react-query';
 import { SettingsCard } from '@/components/settings/settings-card';
+import { Globe, Clock, XIcon, Mail, InfoIcon } from 'lucide-react';
 import { useEmailAliases } from '@/hooks/use-email-aliases';
 import { useState, useEffect, useMemo, memo } from 'react';
 import { userSettingsSchema } from '@zero/server/schemas';
 import { ScrollArea } from '@/components/ui/scroll-area';
-import { Globe, Clock, XIcon, Mail } from 'lucide-react';
 import { zodResolver } from '@hookform/resolvers/zod';
 import { useTranslations, useLocale } from 'use-intl';
 import { useTRPC } from '@/providers/query-provider';
@@ -200,7 +201,7 @@ export default function GeneralPage() {
       >
         <Form {...form}>
           <form id="general-form" onSubmit={form.handleSubmit(onSubmit)} className="space-y-8">
-            <div className="flex w-full items-center gap-5">
+            <div className="flex w-full items-center gap-4">
               <FormField
                 control={form.control}
                 name="language"
@@ -235,70 +236,58 @@ export default function GeneralPage() {
                   </FormItem>
                 )}
               />
-            </div>
-            {aliases && aliases.length > 0 && (
-              <FormField
-                control={form.control}
-                name="defaultEmailAlias"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel>{t('pages.settings.general.defaultEmailAlias')}</FormLabel>
-                    <Select onValueChange={field.onChange} value={field.value || ''}>
-                      <FormControl>
-                        <SelectTrigger className="w-[300px] justify-start">
-                          <Mail className="mr-2 h-4 w-4" />
-                          <SelectValue
-                            placeholder={t('pages.settings.general.selectDefaultEmail')}
-                          />
-                        </SelectTrigger>
-                      </FormControl>
-                      <SelectContent>
-                        {aliases.map((alias) => (
-                          <SelectItem key={alias.email} value={alias.email}>
-                            <div className="flex flex-row items-center gap-1">
-                              <span className="text-sm">
-                                {alias.name ? `${alias.name} <${alias.email}>` : alias.email}
-                              </span>
-                              {alias.primary && (
-                                <span className="text-muted-foreground text-xs">(Primary)</span>
-                              )}
-                            </div>
-                          </SelectItem>
-                        ))}
-                      </SelectContent>
-                    </Select>
-                    <FormDescription>
-                      {t('pages.settings.general.defaultEmailDescription')}
-                    </FormDescription>
-                  </FormItem>
-                )}
-              />
-            )}
-            <FormField
-              control={form.control}
-              name="customPrompt"
-              render={({ field }) => (
-                <FormItem>
-                  <FormLabel>{t('pages.settings.general.customPrompt')}</FormLabel>
-                  <FormControl>
-                    <Textarea
-                      placeholder={t('pages.settings.general.customPromptPlaceholder')}
-                      className="min-h-[150px]"
-                      maxLength={3000}
-                      {...field}
-                    />
-                  </FormControl>
-                  <FormDescription>
-                    {t('pages.settings.general.customPromptDescription')}
-                  </FormDescription>
-                </FormItem>
+              {aliases && aliases.length > 0 && (
+                <FormField
+                  control={form.control}
+                  name="defaultEmailAlias"
+                  render={({ field }) => (
+                    <FormItem>
+                      <FormLabel className="flex items-center gap-1">
+                        {t('pages.settings.general.defaultEmailAlias')}{' '}
+                        <Tooltip>
+                          <TooltipTrigger asChild>
+                            <InfoIcon className="h-4 w-4" />
+                          </TooltipTrigger>
+                          <TooltipContent>
+                            {t('pages.settings.general.defaultEmailDescription')}
+                          </TooltipContent>
+                        </Tooltip>
+                      </FormLabel>
+                      <Select onValueChange={field.onChange} value={field.value || ''}>
+                        <FormControl>
+                          <SelectTrigger className="w-[300px] justify-start">
+                            <Mail className="mr-2 h-4 w-4" />
+                            <SelectValue
+                              placeholder={t('pages.settings.general.selectDefaultEmail')}
+                            />
+                          </SelectTrigger>
+                        </FormControl>
+                        <SelectContent>
+                          {aliases.map((alias) => (
+                            <SelectItem key={alias.email} value={alias.email}>
+                              <div className="flex flex-row items-center gap-1">
+                                <span className="text-sm">
+                                  {alias.name ? `${alias.name} <${alias.email}>` : alias.email}
+                                </span>
+                                {alias.primary && (
+                                  <span className="text-muted-foreground text-xs">(Primary)</span>
+                                )}
+                              </div>
+                            </SelectItem>
+                          ))}
+                        </SelectContent>
+                      </Select>
+                    </FormItem>
+                  )}
+                />
               )}
-            />
+            </div>
+
             <FormField
               control={form.control}
               name="zeroSignature"
               render={({ field }) => (
-                <FormItem className="flex max-w-xl flex-row items-center justify-between rounded-lg border p-3 shadow-sm">
+                <FormItem className="flex max-w-xl flex-row items-center justify-between rounded-lg border px-4 py-2">
                   <div className="space-y-0.5">
                     <FormLabel>{t('pages.settings.general.zeroSignature')}</FormLabel>
                     <FormDescription>
diff --git a/apps/server/src/lib/schemas.ts b/apps/server/src/lib/schemas.ts
index 49637edca..7cd0aab39 100644
--- a/apps/server/src/lib/schemas.ts
+++ b/apps/server/src/lib/schemas.ts
@@ -121,7 +121,7 @@ export const userSettingsSchema = z.object({
   timezone: z.string(),
   dynamicContent: z.boolean().optional(),
   externalImages: z.boolean(),
-  customPrompt: z.string(),
+  customPrompt: z.string().default(''),
   isOnboarded: z.boolean().optional(),
   trustedSenders: z.string().array().optional(),
   colorTheme: z.enum(['light', 'dark', 'system']).default('system'),