2
0
mirror of https://github.com/inventree/InvenTree.git synced 2026-07-04 06:00:38 +00:00

2499 Commits

Author SHA1 Message Date
Oliver 3504597e4a Bump InvenTree software version to 1.4.2 (#12291) 2026-07-01 23:41:54 +10:00
github-actions[bot] 9793bba77a Fix stocktake bug for counting serialized items (#12280) (#12282)
* Fix stocktake bug for counting serialized items

* Add unit test

(cherry picked from commit 414aac0224)

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-06-30 17:09:23 +10:00
github-actions[bot] ffc60cb189 [UI] Stock column fix (#12268) (#12269)
* [UI] Fix StockColumn component

* stock table rendering tweaks

(cherry picked from commit 1da71ca3b9)

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-06-27 12:25:10 +10:00
github-actions[bot] 2ac8f608d8 Bug fix for exception handler (#12257) (#12261)
(cherry picked from commit e847d96a88)

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-06-26 09:55:52 +10:00
Oliver 9ea33df847 Bump version to 1.4.1 (#12242) 2026-06-24 15:47:31 +10:00
Oliver 0a9a8b1c54 Add release entry for 1.4.0 (#12237)
* Add release entry for 1.4.0

* Mark version as 1.4.0
2026-06-24 13:53:55 +10:00
Oliver 74dc21b81c [bug] Allocated query fix (#12234)
* Fix BuildLineFilter.filter_allocated

- Required for mysql backend

* Spoecify output field
2026-06-24 12:49:43 +10:00
Oliver 75b27bd10a [UI] Tweak "order parts" wizard (#12236)
- Order supplier parts by "primary" value
- Attempt to auto-fill primary supplier part
2026-06-24 12:49:30 +10:00
Oliver 184ec37975 [UI] Tweak today color (#12235)
- Make "today" more obvious in calendar views
2026-06-24 12:49:19 +10:00
github-actions[bot] 6a2094e2a0 New Crowdin translations by GitHub Action (#12192)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-24 11:44:51 +10:00
Matthias Mair f21bc2d06f extend barcode scans API (#12233)
* extend barcode scans with user perm check

* fix import

* fix call

* align error message

* add missing permissions to test

* remove erronous assign

* ensure permission erros knock through
2026-06-24 10:45:26 +10:00
Phil 3bf410c313 color scheme: Use the users prefered mode by default (#12227)
* color scheme: Use the users prefered colour scheme if one isn't defined in the store

* fix style

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-06-23 16:26:06 +10:00
Matthias Mair ec845c61cd Bump ty (#12211)
* bump ty

* various fixes

* fix settings

* bump stubs

* update pre-commit setup

* update ignore

* fix various issues

* fix style

* fix ignores

* fix wrong ty warnings
2026-06-22 08:26:31 +10:00
Oliver 50577da65a Add meaningful message on CSRF failure (#12216)
* Add meaningful message on CSRF failure

* Add link to CSRF_FAILURE_VIEW

* Add unit test for new CSRF feedback
2026-06-20 23:49:36 +10:00
dependabot[bot] 204cff2f88 chore(deps): bump undici from 6.26.0 to 8.5.0 in /src/frontend (#12214)
Bumps [undici](https://github.com/nodejs/undici) from 6.26.0 to 8.5.0.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v6.26.0...v8.5.0)

---
updated-dependencies:
- dependency-name: undici
  dependency-version: 8.5.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-20 13:14:34 +02:00
Oliver 5eaac37303 Fix signup warning (#12213)
- Should only fire on an actual signup attempt
2026-06-20 20:13:14 +10:00
dependabot[bot] c4d67b65d7 chore(deps): bump undici from 8.4.1 to 8.5.0 in /src/frontend (#12200)
Bumps [undici](https://github.com/nodejs/undici) from 8.4.1 to 8.5.0.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v8.4.1...v8.5.0)

---
updated-dependencies:
- dependency-name: undici
  dependency-version: 8.5.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-06-20 12:02:19 +02:00
Oliver ca16e6ec0a Report locale updates (#12208)
* Optional 'locale' arg to format_money

- Allows override of system locale when generating reports

* Updated documentation

* Add unit tests

* Handle invalid locale

* Handle invalid locale

* Add new global setting to control currency locale in reports

* Use setting in reports

* Add CHANGELOG entry

* Further unit tests

* Add unit tests for new setting

* Update docs

* More docs

* Refactoring:

- Change REPORT_CURRENCY_LOCALE to REPORT_LOCALE

* Extend unit testing

* Refactor format_number

* Add unit tests for explicit format strings

* Update examples for format_date

* Updated unit  tests

* Cleanup unit tests

* Fix more tests

* Adjust wording

* Remove global setting - simplify code

* Simplify unit tests

* Revert 'min_digits' to 'leading'

* Fix docs

* Refactor the render_currency function

- Move all functionality into report.py

* Cleanup duplicate code

* Updated docs

* Allow user to specify date_format

* Add support for 'leading' digits in render_currency

* Bug fix

* Fix unit test

* Add tests for "include_symbol"
2026-06-20 11:00:12 +10:00
dependabot[bot] 8a092b4d1d chore(deps): bump the dependencies group across 1 directory with 12 updates (#12210)
* chore(deps): bump the dependencies group across 1 directory with 12 updates

Bumps the dependencies group with 12 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [boto3](https://github.com/boto/boto3) | `1.43.23` | `1.43.28` |
| [botocore](https://github.com/boto/botocore) | `1.43.23` | `1.43.28` |
| [django-js-asset](https://github.com/feincms/django-js-asset) | `3.1.2` | `4.0.1` |
| [django-money](https://github.com/django-money/django-money) | `3.6.0` | `3.6.1` |
| [grpcio](https://github.com/grpc/grpc) | `1.81.0` | `1.81.1` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `6.33.6` | `7.35.1` |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | `2.61.1` | `2.62.0` |
| [structlog](https://github.com/hynek/structlog) | `25.5.0` | `26.1.0` |
| [tqdm](https://github.com/tqdm/tqdm) | `4.68.1` | `4.68.2` |
| [wcwidth](https://github.com/jquast/wcwidth) | `0.7.0` | `0.8.1` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.3` | `2.2.1` |
| [zopfli](https://github.com/fonttools/py-zopfli) | `0.4.2` | `0.4.3` |



Updates `boto3` from 1.43.23 to 1.43.28
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](https://github.com/boto/boto3/compare/1.43.23...1.43.28)

Updates `botocore` from 1.43.23 to 1.43.28
- [Commits](https://github.com/boto/botocore/compare/1.43.23...1.43.28)

Updates `django-js-asset` from 3.1.2 to 4.0.1
- [Changelog](https://github.com/feincms/django-js-asset/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/feincms/django-js-asset/compare/3.1.2...4.0.1)

Updates `django-money` from 3.6.0 to 3.6.1
- [Release notes](https://github.com/django-money/django-money/releases)
- [Changelog](https://github.com/django-money/django-money/blob/main/docs/changes.rst)
- [Commits](https://github.com/django-money/django-money/compare/3.6.0...3.6.1)

Updates `grpcio` from 1.81.0 to 1.81.1
- [Release notes](https://github.com/grpc/grpc/releases)
- [Commits](https://github.com/grpc/grpc/compare/v1.81.0...v1.81.1)

Updates `protobuf` from 6.33.6 to 7.35.1
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

Updates `sentry-sdk` from 2.61.1 to 2.62.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.61.1...2.62.0)

Updates `structlog` from 25.5.0 to 26.1.0
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hynek/structlog/compare/25.5.0...26.1.0)

Updates `tqdm` from 4.68.1 to 4.68.2
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](https://github.com/tqdm/tqdm/compare/v4.68.1...v4.68.2)

Updates `wcwidth` from 0.7.0 to 0.8.1
- [Release notes](https://github.com/jquast/wcwidth/releases)
- [Commits](https://github.com/jquast/wcwidth/compare/0.7.0...0.8.1)

Updates `wrapt` from 1.17.3 to 2.2.1
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](https://github.com/GrahamDumpleton/wrapt/compare/1.17.3...2.2.1)

Updates `zopfli` from 0.4.2 to 0.4.3
- [Release notes](https://github.com/fonttools/py-zopfli/releases)
- [Commits](https://github.com/fonttools/py-zopfli/compare/v0.4.2...v0.4.3)

---
updated-dependencies:
- dependency-name: boto3
  dependency-version: 1.43.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: botocore
  dependency-version: 1.43.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-js-asset
  dependency-version: 4.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: django-money
  dependency-version: 3.6.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: grpcio
  dependency-version: 1.81.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: protobuf
  dependency-version: 7.35.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.62.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: structlog
  dependency-version: 26.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: tqdm
  dependency-version: 4.68.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: wcwidth
  dependency-version: 0.8.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: wrapt
  dependency-version: 2.2.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: zopfli
  dependency-version: 0.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* general bump

* bump dev tools

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-06-20 09:50:45 +10:00
Oliver 6657000d89 [UI] Fix NewsWidget (#12205) 2026-06-19 17:18:59 +10:00
Oliver 01fb74af25 [UI] Tree improvements (#12204)
* Hide expand icon for items without children

* Add searching to CategoryTree API

* Add "level" filter

* Automatically include parent tree when searching

* Include tree_id field

* Add search input to NavigationTree

* Add more API filters

* Load child nodes iteratively

* Fix dynamic loading of nodes

* Highlight selected item

* Include pathstring

* Fix insertion order

* Auto-expand to the selected ID

* Add "no results" message

* Refactor into generic components

* Expand to multi level

* Use async node loading functionality

* Add hovercard

* Implement same functionality for StockLocationTree API endpoint

* Adjust spacing

* Add connecting lines

* Add playwright test

* Bump API version

* Add CHANGELOG entry

* Update docs

* Update screenshot
2026-06-19 15:33:12 +10:00
dependabot[bot] 6285a11a65 chore(deps): bump pypdf from 6.13.0 to 6.13.3 in /src/backend (#12201)
* chore(deps): bump pypdf from 6.13.0 to 6.13.3 in /src/backend

Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.13.0 to 6.13.3.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.13.0...6.13.3)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.13.3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-06-19 13:47:50 +10:00
Oliver f70d3e68d8 [UI] Fix status renderer functions (#12202)
Broken in recent refactor
2026-06-19 10:45:11 +10:00
dependabot[bot] 5ddccf8913 chore(deps): bump dompurify from 3.4.9 to 3.4.11 in /src/frontend (#12199)
Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.9 to 3.4.11.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](https://github.com/cure53/DOMPurify/compare/3.4.9...3.4.11)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-version: 3.4.11
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-19 09:29:50 +10:00
Oliver 29b8ed91d2 [API] Adjust permissions for machine restart (#12197)
* [API] Adjust permissions for machine restart

Can only be actioned by a staff user

* Fix import

* Wrong class

* Extend unit test

* Bump API version

* Update CHANGELOG
2026-06-18 22:18:14 +10:00
Oliver 5b97acb79f [bug] Fix double save (#12194)
* Prevent double-save when creating an order

* Prevent double-save for BuildOrder

* More fixes

* Additional unit tests

* Revert code, remove create method against StockTrackingList

* Fix mixins
2026-06-18 20:18:46 +10:00
Oliver 2ca86808bb Fix order event name (#12196) 2026-06-18 20:00:18 +10:00
dependabot[bot] c2f213a6c0 chore(deps): bump form-data from 4.0.5 to 4.0.6 in /src/frontend (#12175)
Bumps [form-data](https://github.com/form-data/form-data) from 4.0.5 to 4.0.6.
- [Release notes](https://github.com/form-data/form-data/releases)
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](https://github.com/form-data/form-data/compare/v4.0.5...v4.0.6)

---
updated-dependencies:
- dependency-name: form-data
  dependency-version: 4.0.6
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-06-18 18:36:16 +10:00
Oliver fc15f30f8f Report Generation Updates (#12187)
* Fix for TemplateEditor

- Allow dragging of split section

* Cleaner report template code

* Pass correct error message through

* Prevent multiple retries if running in worker thread

* Handle report merge error

* Add playwright tests for broken report printing

* Reduce scope for exception messages

* Reduce comment deltas

* Adjust unit test

* Raise ValidaitonError

* Handle message parsing

* Additional comment

* Fix unit tests
2026-06-18 13:41:44 +10:00
Oliver 4b29032c6e System Health Checks (#12193)
* Add worker health check invoke task

* Increase frequency of heartbeat task

* Adjust default threshold for worker health check

* Add server_health invoke func
2026-06-18 12:46:46 +10:00
github-actions[bot] c126e2b0af New Crowdin translations by GitHub Action (#12167)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-18 11:47:28 +10:00
dependabot[bot] dbda5a783a chore(deps): bump dompurify from 3.4.8 to 3.4.9 in /src/frontend (#12174)
Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.8 to 3.4.9.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](https://github.com/cure53/DOMPurify/compare/3.4.8...3.4.9)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-version: 3.4.9
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-06-18 09:57:52 +10:00
Matthias Mair f602714dc9 fix(backend): import session metadata (#12184)
* add storage for historic import metadata for reporting and display purposes

fixes breakage fromhttps://github.com/inventree/InvenTree/pull/12169

* add api bump

* re-enable test

* fix migration

* ensure session is not overwritten

* fix statusrender without custom key
2026-06-18 08:10:32 +10:00
John Luetke 83a6729755 Change order custom status via api (#11982)
* Set custom_status_key via API

Refactor `custom_status_key` to be writable via the API and validate that the proposed value is valid for the current order status

* Refactor status_text serializer to consider custom status label

* Update api_version.py

* Additional unit testagainst N + 1

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
Co-authored-by: Oliver Walters <oliver.henry.walters@gmail.com>
2026-06-17 17:59:37 +10:00
Oliver 546958a1cb [UI] Additional table filters (#12186) 2026-06-17 15:02:07 +10:00
Oliver 38008d8204 Mysql filter fix (#12185)
* Improve "available" filter for BuildLine API endpoint

* Fix typo

* Additional unit tests

* Additional playwright tests
2026-06-17 14:50:17 +10:00
Oliver a670eabd10 [import] specify fk lookup field (#12180)
* Raise error on multiple matches

* add new field to handle lookup_field selection

* Add unit tests

* Update frontend

* Bump API version

* Ensure string-iness of lookup field
2026-06-17 11:03:26 +10:00
Matthias Mair 91a4b2a1a5 fix(frontend): adress broken UI tests (#12183)
* try different matching mechanism

* fix for changes in #12168

* disable broken test from https://github.com/inventree/InvenTree/pull/12169

* revert observability perm change
2026-06-17 09:39:00 +10:00
dependabot[bot] 7da65c8e50 chore(deps): bump cryptography from 48.0.0 to 48.0.1 in /src/backend (#12176)
* chore(deps): bump cryptography from 48.0.0 to 48.0.1 in /src/backend

Bumps [cryptography](https://github.com/pyca/cryptography) from 48.0.0 to 48.0.1.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/48.0.0...48.0.1)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 48.0.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-06-16 20:47:42 +02:00
Oliver a8e5c83a94 Stocktake exporter updates (#12179)
* Optionally exclude zero-stock entries

* Add more columns to exported dataset

* Adjust unit test

* More test fixes
2026-06-16 14:14:51 +10:00
Matthias Mair 92419b3bdf bump frontend (#12137)
* bump react-router

* upgrade to remove uuid

* upgrade

* bump a bit more

* lower mantine
2026-06-16 08:35:17 +10:00
Oliver 6c18e64020 Permissions fix (#12168)
* Tighten API permissions

- Require authenticated user for NotFoundView
- Hide 'active_plugins' behind is_authenticated

* Patch permissions hole in GlobalSettingsPermissions

* Additional API unit tests

* Require auth for observability endpoint

* Add explicit permission for PluginAdminDetail

* Bump API version

* Update unit tests

* Revert changes
2026-06-15 22:06:49 +10:00
Oliver 3c17367e3c Data import permissions (#12169)
* Update data importer child permissions

- Row data
- Column data

* Add unit tests

* Cleanup session data after import is completed

* Further scope narrowing
2026-06-15 21:03:44 +10:00
Oliver aece90512c [UI] Edit cat param (#12166)
* Refactor form hook components

* Reset values when opening form

* Rebuild form field
2026-06-15 20:07:40 +10:00
Oliver d951638e75 Part category parameters (#12165)
* Add parameter support for PartCategory

* Update frontend

* Bump API version

* Update CHANGELOG
2026-06-15 18:49:01 +10:00
Oliver 0b5db2f16a Suppress dulwich warnings (#12163)
- Prevent erroneous dulwich warning messages
2026-06-14 18:20:57 +10:00
Khairil 9706bc672a fix: support non-integer PKs in NotificationMessage (fixes UUID overflow) (#12162)
NotificationMessage.target_object_id and source_object_id were typed as
PositiveIntegerField, which overflows when the referenced model uses a
UUID primary key (e.g. MachineConfig). Django's GenericForeignKey stores
the PK as a string in the database, so the field type should be
CharField to accommodate any PK type (int, UUID, slug, etc.).

Changes:
- common/models.py: change target_object_id and source_object_id from
  PositiveIntegerField to CharField(max_length=255) on NotificationMessage
- common/migrations/0044: AlterField migration for both columns
- order/tests.py: update assertion from integer 1 to str(1) since
  CharField will now store the PK as a string

Fixes #12131

Signed-off-by: kaizeenn <khairil0153@gmail.com>
2026-06-14 18:20:16 +10:00
github-actions[bot] 43396284fa New Crowdin translations by GitHub Action (#12156)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-14 17:29:15 +10:00
Oliver 6638dba0b9 SelectionList Updates (#12139)
* Adjust panel layout

* edit list on click

* Optionally fetch selection list items

* Display in DetailDrawer

* Fix component locations

* Refactor entry table

* Add new entry

* Disable if locked

* Only validate choices if provided via API

* Mark "choices" as read-only

* Prevent delete of locked items

* Add more API unit tests

* Bump API version

* Adjust unit tests

* Default include choices

* Updated playwright test

* Improve test robustness
2026-06-14 12:12:15 +10:00
Oliver 2b4f303770 Improve security posture of PDF reporting (#12160)
* Add custom URL fetcher for PDF rendering

* Fix for report helper functions

* Use new fetcher

* Additional unit tests

* Add new setting to control remote URL fetching

* validate URLs against SSRF

* Add global setting to disable URL fetching entirely

* Update docs

* Fix capitalization

* Fix logging backend

* Update CHANGELOG
2026-06-14 10:55:51 +10:00