Skip to content

glossboss-labs/glossboss

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

294 Commits
.codex/skills/uncodixfy
.codex/skills/uncodixfy
 
 
.github
.github
 
 
.husky
.husky
 
 
e2e
e2e
 
 
functions/ingest
functions/ingest
 
 
public
public
 
 
scripts
scripts
 
 
src
src
 
 
supabase
supabase
 
 
.env.example
.env.example
 
 
.env.production.example
.env.production.example
 
 
.env.staging.example
.env.staging.example
 
 
.gitignore
.gitignore
 
 
.prettierignore
.prettierignore
 
 
AGENTS.md
AGENTS.md
 
 
CLAUDE.md
CLAUDE.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
NOTICE.md
NOTICE.md
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
commitlint.config.js
commitlint.config.js
 
 
index.html
index.html
 
 
package.json
package.json
 
 
playwright.config.ts
playwright.config.ts
 
 
pnpm-lock.yaml
pnpm-lock.yaml
 
 
renovate.json
renovate.json
 
 
tsconfig.app.json
tsconfig.app.json
 
 
tsconfig.json
tsconfig.json
 
 
tsconfig.node.json
tsconfig.node.json
 
 
vite.config.ts
vite.config.ts
 
 
wrangler.toml
wrangler.toml
 
 

Repository files navigation

GlossBoss
A translation platform for gettext .po / .pot, i18next JSON, CSV, and XLIFF files — edit, translate, and collaborate in the browser.

CI Deploy License

Features

Editor

  • Edit gettext .po / .pot, i18next JSON, CSV, and XLIFF files in the browser
  • Translate entries and batches through DeepL, Azure Translator, or Gemini — switch providers at any time
  • Translation memory — reuse approved translations across files with exact and fuzzy matching, import / export as JSON or TMX
  • QA checks — catch broken placeholders, mismatched HTML tags, ICU variable drift, glossary conflicts, and more before export
  • Text-to-speech — play strings with browser TTS or ElevenLabs BYO cloud voices
  • Auto-save local drafts in the browser, including review state

Collaboration

  • Projects — group translation files by project, manage target languages, and track progress
  • Organizations — create teams, invite members, and manage permissions
  • Review workflow — assign per-entry statuses (draft, in-review, approved, needs-changes), add threaded comments with resolution tracking, lock approved translations from further edits, and view change history
  • Repo sync — open files directly from GitHub or GitLab, commit changes, and create pull / merge requests without leaving the editor
  • Explore — browse and discover public translation projects

WordPress tooling

  • Load WordPress.org glossary data and sync it to DeepL glossaries
  • Inspect plugin source references through proxied SVN lookups
  • Gemini translations include WordPress source file context for improved accuracy

Platform

  • Dashboard — overview of projects, recent activity, and quick access
  • Onboarding — guided setup flow for new users
  • Cloud settings sync — optionally sync settings across devices with AES-256-GCM encrypted credential storage
  • Billing — subscription management via Polar.sh
  • Public roadmap — vote on and track upcoming features

Getting started

Requires pnpm v10+ and Node.js v22+.

pnpm install --frozen-lockfile
cp .env.example .env.local
pnpm run supabase:start
# then fill in VITE_SUPABASE_ANON_KEY from `pnpx supabase status -o env`
pnpm run dev
VITE_SUPABASE_URL=http://127.0.0.1:54321
VITE_SUPABASE_ANON_KEY=your-local-anon-key
VITE_TURNSTILE_SITE_KEY=your-cloudflare-turnstile-site-key

Environment templates:

Real environment files stay untracked. Only the example templates are committed.

Run pnpm run to see all available scripts.

Deployment

Frontend — Cloudflare Pages

.github/workflows/cloudflare-pages.yml deploys the Vite build to Cloudflare Pages: main updates the production environment, pull requests get preview branches. The target project is set via the CLOUDFLARE_PAGES_PROJECT secret (falls back to the GitHub repo name).

A Cloudflare Pages Function at functions/ingest/ reverse-proxies PostHog analytics events.

Required GitHub repository secrets: CLOUDFLARE_ACCOUNT_ID, CLOUDFLARE_API_TOKEN, CLOUDFLARE_PAGES_PROJECT, VITE_SUPABASE_URL, VITE_SUPABASE_ANON_KEY, VITE_TURNSTILE_SITE_KEY

Database migrations — staging before production

.github/workflows/supabase-database.yml validates migrations locally on every PR/push that touches supabase/migrations/**, pushes them to staging on main, and supports an explicit production promotion via manual dispatch after staging succeeds.

Required GitHub repository secrets:

Secret Purpose
SUPABASE_ACCESS_TOKEN Supabase management API token
SUPABASE_STAGING_PROJECT_REF Hosted staging project reference
SUPABASE_STAGING_DB_PASSWORD Hosted staging Postgres password
SUPABASE_PRODUCTION_PROJECT_REF Hosted production project reference for promotion
SUPABASE_PRODUCTION_DB_PASSWORD Hosted production Postgres password for promotion

SUPABASE_PROJECT_REF is still accepted as a staging fallback for older edge-function deploy setups.

Backend — Supabase Edge Functions

Edge functions proxy external services and keep server-managed secrets out of the browser. .github/workflows/supabase-functions.yml deploys to staging on main and can promote the same function set to production via manual dispatch.

Supabase secrets reference

Required:

Secret Purpose
ALLOWED_ORIGINS Comma-separated list of allowed CORS origins
TURNSTILE_SECRET Cloudflare Turnstile server secret
GITHUB_TOKEN PAT with repo scope — used for feedback issues and roadmap (reads both public and private repos)
SETTINGS_ENCRYPTION_KEY Server-side secret for AES-256-GCM credential encryption

Optional (translation providers):

Secret Purpose
DEEPL_KEY Server-side DeepL API key
AZURE_TRANSLATOR_KEY Azure Translator key
AZURE_TRANSLATOR_REGION Azure region
AZURE_TRANSLATOR_ENDPOINT Azure endpoint URL
GEMINI_API_KEY Google Gemini API key

Optional (billing):

Secret Purpose
POLAR_ACCESS_TOKEN Polar.sh API token for checkout flow
POLAR_WEBHOOK_SECRET Polar webhook signature verification

Optional (feedback):

Secret Purpose
FEEDBACK_GITHUB_OWNER Override GitHub org/user for feedback issues
FEEDBACK_GITHUB_REPO Override GitHub repo for feedback issues
ROADMAP_GITHUB_OWNER Override GitHub org/user for roadmap issues
ROADMAP_GITHUB_REPO Override GitHub repo for roadmap issues
ALLOW_TURNSTILE_BYPASS Allow dev bypass tokens

GitHub repository secrets for CI deploy:

Secret Purpose
SUPABASE_ACCESS_TOKEN Supabase management API token
SUPABASE_STAGING_PROJECT_REF Staging project reference
SUPABASE_PRODUCTION_PROJECT_REF Production project reference

Security and privacy

  • Edge functions reject requests from origins not listed in ALLOWED_ORIGINS.
  • Repo sync tokens default to session-only storage and are never sent to GlossBoss servers — they go directly to the GitHub / GitLab API from the browser.
  • Translation provider API keys can optionally be stored in the browser. On shared machines, saved keys should be removed after use.
  • When cloud settings sync is enabled with credential sync, API keys are encrypted with AES-256-GCM using a per-user key derived server-side. The encryption key never lives in the database.
  • Azure Translator endpoint URLs are validated against a domain allowlist to prevent SSRF.

If you find a security issue, please follow SECURITY.md instead of opening a public issue. See also /privacy/ and NOTICE.md.

Contributing

See CONTRIBUTING.md.

License

AGPL-3.0-only — maintained by Toine Rademacher and Bjorn Lammers.

About

Open-source translation platform for PO, POT, and i18next JSON files. AI translation from DeepL, OpenAI, Claude, Gemini, Mistral, DeepSeek & Azure.

glossboss.ink

Topics

react i18n open-source wordpress typescript translation localization translation-management gettext deepl po-editor wordpress-translation supabase

Resources

Readme

License

AGPL-3.0 license

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

4 stars

Watchers

0 watching

Forks

0 forks
Report repository

Sponsor this project

 
Learn more about GitHub Sponsors

Contributors

Languages