release: 2.0.2

.version

@@ -1 +1 @@
-2.0.1
+2.0.2

CHANGELOG.md

@@ -1,3 +1,17 @@
+## v2.0.2
+
+### Bug Fixes
+
+- migration fails if users exist with no email address ([2f651ad](https://github.com/pocket-id/pocket-id/commit/2f651adf3b4e8d689461da2083c3afcb1eb1d477) by @stonith404)
+- allow version downgrade database is dirty ([ba00f40](https://github.com/pocket-id/pocket-id/commit/ba00f40bd4b06f31d251599fcb1db63e902a6987) by @stonith404)
+- localhost callback URLs with port don't match correctly ([7c34501](https://github.com/pocket-id/pocket-id/commit/7c345010556f11a593948b2a1ae558b7a8003696) by @stonith404)
+
+### Other
+
+- add no-op migration to postgres ([a24b2af](https://github.com/pocket-id/pocket-id/commit/a24b2afb7b8165bed05976058a8ae797adc245df) by @stonith404)
+
+**Full Changelog**: https://github.com/pocket-id/pocket-id/compare/v2.0.1...v2.0.2
+
 ## v2.0.1
 
 ### Bug Fixes

backend/internal/utils/callback_url_util.go

@@ -17,31 +17,38 @@ func GetCallbackURLFromList(urls []string, inputCallbackURL string) (callbackURL
 	//   time of the request for loopback IP redirect URIs, to accommodate
 	//   clients that obtain an available ephemeral port from the operating
 	//   system at the time of the request.
-	loopbackRedirect := ""
+	loopbackCallbackURLWithoutPort := ""
 	u, _ := url.Parse(inputCallbackURL)
 
 	if u != nil && u.Scheme == "http" {
 		host := u.Hostname()
 		ip := net.ParseIP(host)
 		if host == "localhost" || (ip != nil && ip.IsLoopback()) {
-			loopbackRedirect = u.String()
 			u.Host = host
-			inputCallbackURL = u.String()
+			loopbackCallbackURLWithoutPort = u.String()
 		}
 	}
 
 	for _, pattern := range urls {
+		// Try the original callback first
 		matches, err := matchCallbackURL(pattern, inputCallbackURL)
 		if err != nil {
 			return "", err
-		} else if !matches {
-			continue
+		}
+		if matches {
+			return inputCallbackURL, nil
 		}
 
-		if loopbackRedirect != "" {
-			return loopbackRedirect, nil
+		// If we have a loopback variant, try that too
+		if loopbackCallbackURLWithoutPort != "" {
+			matches, err = matchCallbackURL(pattern, loopbackCallbackURLWithoutPort)
+			if err != nil {
+				return "", err
+			}
+			if matches {
+				return inputCallbackURL, nil
+			}
 		}
-		return inputCallbackURL, nil
 	}
 
 	return "", nil

backend/internal/utils/callback_url_util_test.go

@@ -392,6 +392,13 @@ func TestGetCallbackURLFromList_LoopbackSpecialHandling(t *testing.T) {
 			expectedURL:      "http://127.0.0.1:8080/callback",
 			expectMatch:      true,
 		},
+		{
+			name:             "127.0.0.1 with same port - exact match",
+			urls:             []string{"http://127.0.0.1:8080/callback"},
+			inputCallbackURL: "http://127.0.0.1:8080/callback",
+			expectedURL:      "http://127.0.0.1:8080/callback",
+			expectMatch:      true,
+		},
 		{
 			name:             "127.0.0.1 with different port",
 			urls:             []string{"http://127.0.0.1/callback"},

backend/internal/utils/db_migration_util.go

@@ -38,7 +38,14 @@ func MigrateDatabase(sqlDb *sql.DB) error {
 		return migrateDatabaseFromGitHub(sqlDb, requiredVersion)
 	}
 
-	if err := m.Migrate(requiredVersion); err != nil && !errors.Is(err, migrate.ErrNoChange) {
+	err = m.Migrate(requiredVersion)
+	if err != nil {
+		if errors.Is(err, migrate.ErrNoChange) {
+			return nil
+		}
+		if errors.As(err, &migrate.ErrDirty{}) {
+			return fmt.Errorf("database migration failed. Please create an issue on GitHub and temporarely downgrade to the previous version: %w", err)
+		}
 		return fmt.Errorf("failed to apply embedded migrations: %w", err)
 	}
 	return nil
@@ -98,7 +105,7 @@ func migrateDatabaseFromGitHub(sqlDb *sql.DB, version uint) error {
 		return fmt.Errorf("failed to create GitHub migration instance: %w", err)
 	}
 
-	if err := m.Migrate(version); err != nil && !errors.Is(err, migrate.ErrNoChange) {
+	if err := m.Force(int(version)); err != nil && !errors.Is(err, migrate.ErrNoChange) { //nolint:gosec
 		return fmt.Errorf("failed to apply GitHub migrations: %w", err)
 	}
 	return nil

backend/resources/migrations/postgres/20260102231700_ldap_admin_group_rename.up.sql

@@ -1 +1,8 @@
-UPDATE app_config_variables SET key = 'ldapAdminGroupName' WHERE key = 'ldapAttributeAdminGroup';
+UPDATE app_config_variables
+SET key = 'ldapAdminGroupName'
+WHERE key = 'ldapAttributeAdminGroup'
+  AND NOT EXISTS (
+    SELECT 1
+    FROM app_config_variables
+    WHERE key = 'ldapAdminGroupName'
+);

backend/resources/migrations/postgres/20260103142200_user_nullable_fields.down.sql

@@ -0,0 +1 @@
+-- No-op on Postgres

backend/resources/migrations/postgres/20260103142200_user_nullable_fields.up.sql

@@ -0,0 +1 @@
+-- No-op on Postgres

backend/resources/migrations/sqlite/20251217141000_v2_export_normalization.up.sql

@@ -10,8 +10,8 @@ CREATE TABLE users_new
     id           TEXT                  NOT NULL PRIMARY KEY,
     created_at   DATETIME,
     username     TEXT COLLATE NOCASE   NOT NULL UNIQUE,
-    email        TEXT                  NOT NULL UNIQUE,
-    first_name   TEXT,
+    email        TEXT UNIQUE,
+    first_name   TEXT                  NOT NULL,
     last_name    TEXT                  NOT NULL,
     display_name TEXT                  NOT NULL,
     is_admin     BOOLEAN DEFAULT FALSE NOT NULL,

backend/resources/migrations/sqlite/20260102231700_ldap_admin_group_rename.up.sql

@@ -1,7 +1,14 @@
 PRAGMA foreign_keys= OFF;
 BEGIN;
 
-UPDATE app_config_variables SET key = 'ldapAdminGroupName' WHERE key = 'ldapAttributeAdminGroup';
+UPDATE app_config_variables
+SET key = 'ldapAdminGroupName'
+WHERE key = 'ldapAttributeAdminGroup'
+  AND NOT EXISTS (
+    SELECT 1
+    FROM app_config_variables
+    WHERE key = 'ldapAdminGroupName'
+);
 
 COMMIT;
 PRAGMA foreign_keys= ON;

backend/resources/migrations/sqlite/20260103142200_user_nullable_fields.down.sql

@@ -0,0 +1 @@
+-- No-op

backend/resources/migrations/sqlite/20260103142200_user_nullable_fields.up.sql

@@ -0,0 +1,52 @@
+PRAGMA foreign_keys= OFF;
+BEGIN;
+
+CREATE TABLE users_new
+(
+    id           TEXT                  NOT NULL PRIMARY KEY,
+    created_at   DATETIME,
+    updated_at   DATETIME,
+    username     TEXT COLLATE NOCASE   NOT NULL UNIQUE,
+    email        TEXT UNIQUE,
+    first_name   TEXT                  NOT NULL,
+    last_name    TEXT                  NOT NULL,
+    display_name TEXT                  NOT NULL,
+    is_admin     BOOLEAN DEFAULT FALSE NOT NULL,
+    ldap_id      TEXT UNIQUE,
+    locale       TEXT,
+    disabled     BOOLEAN DEFAULT FALSE NOT NULL
+);
+
+INSERT INTO users_new (
+    id,
+    created_at,
+    updated_at,
+    username,
+    email,
+    first_name,
+    last_name,
+    display_name,
+    is_admin,
+    ldap_id,
+    locale,
+    disabled
+) SELECT
+    id,
+    created_at,
+    updated_at,
+    username,
+    email,
+    first_name,
+    last_name,
+    display_name,
+    is_admin,
+    ldap_id,
+    locale,
+    disabled FROM users;
+
+DROP TABLE users;
+ALTER TABLE users_new RENAME TO users;
+
+
+COMMIT;
+PRAGMA foreign_keys= ON;

frontend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pocket-id-frontend",
-  "version": "2.0.1",
+  "version": "2.0.2",
   "private": true,
   "type": "module",
   "scripts": {