inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2026-02-06 13:25:53 +00:00
Code Activity
17,319 Commits 6 Branches 145 Tags
27c4c5b467c84ce19cc2f05b27f174a10e7471ad
Commit Graph

94 Commits

Author SHA1 Message Date
Matthias Mair
03278c56c9 Remove django-allauth-2fa, dj-rest-auth and django-user-sessions (#6293) 
* Remove django-allauth-2fa
Fixes #6281

* fix req

* fix file again

* remove allauth_2fa flows

* reintroduce otp

* fix rq

* remove old ref

* remove otp things from settings

* reintroduce otp codes

* remove totp section

* bump version

* fix reqs

* add missing model

* ignore TOTP migration if the model is not laoded

* add model deps

* add extra migrations step for easier testing

* add migration testing

* remove old catch

* cover static devies too

* remove more old stuff

* fix import

* mrege migrations

* bump API version

* switch to allauth.usersessions

* add headless

* re-add saml/openid

* user sessions cleanup

* turn off normal allauth urls if CUI is not active

* disable tests that rely on old endpoints - to be replaced

* always track session changes

* remove old allauth templates

* remove old ref

* add missing model

* fix session lookup

* always logout when pwd is changed

* reimplement session ending

* fix merge

* upgrade reqs

* lower cryptography version

* clean allauth_2fa reference

* disable test temporarly

* fix migration check

* disable tests temporarly

* Re-implement auth flow using new APIs; adds MFA to PUI

* re-implement logoff

* stop failure message from appearing when in MFA flow

* remove jwt mention

* fix: email endpoints (to be cleaned TODO@matmair)

* remove unused endpoints

* ignore the now often-used 410 error

* fix auth for email actions in MFA scenarios

* add mfa listing use build-in forms

* add dummy entry for missing frontend urls; see TODO@matmair

* remove unneeded change of confirm url

* add mfa reg endpoint (not fully implemented)

* implement more provider stuff

* simplify calls

* make calls more robust

* switch to browser based sessions

* add todo's

* update api version

* remove x-session, not needed anymore

* remove old urls

* remove ui preference - there is no decision anymore

* fix login redirect logic

* change name to ensure 1p can detect field

* add mfa table

* fix remove sso provider account action; provider (user) admin stuff is done

* reduce templates to the raw basics

* fix tests

* more exclusions

* rewrite url structure

* move buildin token test

* re-enable registration tests

* re-implement registrations

* enable registration for now

* re-implement password change

* adjust tests

* fix asserts

* align names with allauth

* simplify

* refactor and rephrasing

* fix nesting issue

* clean up urls even more

* add mfa add and remove screens

* add type

* revert dep change

* fix api version

* re-add settings

* simplify urls

* Add timeout to login wait for

* fix url assertation

* remove unneded mfa_enabled

* add setting for configuring types

* bump api version

* fix password reset flow

* change settings order

* save auth context

* rename var to remove confusion

* make login/register seperate paths

* make info text better

* adjust urls

* add error message

* disable buttons if no email is set

* add custom adapters for MFA and headless authentication to use upstreamed features

* move auth settings to status

* respect more settings

* update settings

* bump api version

* remove depreceated docs part

* remove dj_rest_auth stuff

* fix api_version bump

* remove temp fix

* fix provider login

* remove unsupported option

* remove hash requirement for now

* simplify customisation

* implement email-verification

* remove auth from api docs

* fix override of get_frontend_url
details in https://codeberg.org/allauth/django-allauth/pulls/4248

* bump api again

* fix req

* Revert "remove hash requirement for now"

This reverts commit 00bb6c5274.

* remove usage of git repo

* fix doc string

* extend schema generation to just patch in allauth

* patch allauth OAI ref names

* reduce types

* refactor code structure

* fix ref patching a bit more

* add param cleanup

* ensure strings, number, bools are handled correctly in cleanup

* move fnc

* shorten names

* bump allauth

* re-add auth doc section

* fix doc structure

* revert playwrigth change

* ckean up browser only path

* clean up parameters that we do not use

* re-add 2fa required middleware

* fix mail sending hook

* fix password set texts

* Add forced mfa setup

* remove type

* adjust api_version

* Remove debug prints

* Add error message for TOTP creation

* Handle failed TOTP login

* fix reqs

* Add error on 409 during login

* fix tested url

* fix api_version

* fix allauth version

* minimize req diff

* further minimize diff

---------

Co-authored-by: Oliver Walters <oliver.henry.walters@gmail.com>
 2025-02-22 11:11:04 +11:00
dependabot[bot]
2521862b1a Bump the dependencies group across 1 directory with 9 updates (#9134) use 
* Bump the dependencies group across 1 directory with 9 updates

Bumps the dependencies group with 9 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [coverage[toml]](https://github.com/nedbat/coveragepy) | `7.6.11` | `7.6.12` |
| [dj-rest-auth](https://github.com/iMerica/dj-rest-auth) | `7.0.0` | `7.0.1` |
| [django-allauth-2fa](https://github.com/valohai/django-allauth-2fa) | `0.11.1` | `0.12.0` |
| [django-filter](https://github.com/carltongibson/django-filter) | `24.3` | `25.1` |
| [django-money](https://github.com/django-money/django-money) | `3.2.0` | `3.5.3` |
| [djangorestframework](https://github.com/encode/django-rest-framework) | `3.14.0` | `3.15.2` |
| [pydyf](https://github.com/CourtBouillon/pydyf) | `0.10.0` | `0.11.0` |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | `2.20.0` | `2.22.0` |
| [weasyprint](https://github.com/Kozea/WeasyPrint) | `62.3` | `64.1` |



Updates `coverage[toml]` from 7.6.11 to 7.6.12
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.6.11...7.6.12)

Updates `dj-rest-auth` from 7.0.0 to 7.0.1
- [Release notes](https://github.com/iMerica/dj-rest-auth/releases)
- [Commits](https://github.com/iMerica/dj-rest-auth/compare/7.0.0...7.0.1)

Updates `django-allauth-2fa` from 0.11.1 to 0.12.0
- [Release notes](https://github.com/valohai/django-allauth-2fa/releases)
- [Changelog](https://github.com/valohai/django-allauth-2fa/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/valohai/django-allauth-2fa/compare/v0.11.1...v0.12.0)

Updates `django-filter` from 24.3 to 25.1
- [Release notes](https://github.com/carltongibson/django-filter/releases)
- [Changelog](https://github.com/carltongibson/django-filter/blob/main/CHANGES.rst)
- [Commits](https://github.com/carltongibson/django-filter/compare/24.3...25.1)

Updates `django-money` from 3.2.0 to 3.5.3
- [Release notes](https://github.com/django-money/django-money/releases)
- [Changelog](https://github.com/django-money/django-money/blob/main/docs/changes.rst)
- [Commits](https://github.com/django-money/django-money/compare/3.2...3.5.3)

Updates `djangorestframework` from 3.14.0 to 3.15.2
- [Release notes](https://github.com/encode/django-rest-framework/releases)
- [Commits](https://github.com/encode/django-rest-framework/compare/3.14.0...3.15.2)

Updates `pydyf` from 0.10.0 to 0.11.0
- [Release notes](https://github.com/CourtBouillon/pydyf/releases)
- [Changelog](https://github.com/CourtBouillon/pydyf/blob/main/docs/changelog.rst)
- [Commits](https://github.com/CourtBouillon/pydyf/compare/v0.10.0...v0.11.0)

Updates `sentry-sdk` from 2.20.0 to 2.22.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.20.0...2.22.0)

Updates `weasyprint` from 62.3 to 64.1
- [Release notes](https://github.com/Kozea/WeasyPrint/releases)
- [Changelog](https://github.com/Kozea/WeasyPrint/blob/main/docs/changelog.rst)
- [Commits](https://github.com/Kozea/WeasyPrint/compare/v62.3...v64.1)

---
updated-dependencies:
- dependency-name: coverage[toml]
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: dj-rest-auth
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-allauth-2fa
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: django-filter
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: django-money
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: djangorestframework
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: pydyf
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: weasyprint
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* clean up req file

* lower drf again

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2025-02-22 08:02:53 +11:00
dependabot[bot]
40c1dc704f Bump cryptography from 43.0.3 to 44.0.1 in /src/backend (#9064) 
* Bump cryptography from 43.0.3 to 44.0.1 in /src/backend

Bumps [cryptography](https://github.com/pyca/cryptography) from 43.0.3 to 44.0.1.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/43.0.3...44.0.1)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* set upper limit

* use highest version available on bullseye

* remove lower limit

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2025-02-12 17:14:37 +11:00
Matthias Mair
3b7bda1e4f chore(backend): bump deps (#9055) 2025-02-11 11:37:18 +11:00
Matthias Mair
73b46c1c15 bump python deps (#9032) 2025-02-05 09:20:29 +11:00
Matthias Mair
f7f6e27c6e feat(backend): improve tag docs (#8960) 
* add admindocs

* add tag export command

* add filter export

* switch to yaml

* upload meta info to artifacts

* format workflow file

* fix creation command

* keep all artifacts in schema repo

* fix namespace

* use one command for export

* include tags and filters in docs

* change default filename

* fix call

* fix itteration syntax

* clean up rendering

* fix formatting

* simple escape
 2025-01-28 09:42:13 +11:00
Matthias Mair
c57b51cb0e chore(backend): bump deps (#8905) 
* bump backend reqs

* raq down cryptography

* fix req

* bump api version
 2025-01-19 17:50:22 +11:00
Oliver
c815455461 Datamatrix (#8853) 
* Implement datamatrix barcode generation

* Update documentation

* Update package requirements

* Add unit test

* Raise error on empty barcode data

* Update docs/hooks.py
 2025-01-08 12:06:00 +11:00
dependabot[bot]
02e43061b2 Bump jinja2 from 3.1.4 to 3.1.5 in /src/backend (#8751) 
* Bump jinja2 from 3.1.4 to 3.1.5 in /src/backend

Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.4 to 3.1.5.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/3.1.4...3.1.5)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-12-24 11:54:10 +11:00
Oliver
71eb2814d4 Remove django-import-export (#8685) 
* Remove django-import-export requirement

* Update settings.py

* Clean up admin files

* Remove much of the old BOM exporter framework

* Add note for future self

* Remove dead unit test files

* Remove defunct AjaxView classes

* Remove InvenTreeRoleMixin

* Update docs for data import

* Export docs
 2024-12-24 07:19:36 +11:00
Oliver
9f1d1abd5b Remove "crispy forms" integration (#8684) 
* Remove "crispy forms" integration

- No longer doing any back-end form rendering

* Remove django-formtools package

* Fix comment in settings.py

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-12-18 09:25:14 +11:00
dependabot[bot]
987e0272f4 Bump django from 4.2.16 to 4.2.17 in /src/backend (#8634) 
* Bump django from 4.2.16 to 4.2.17 in /src/backend

Bumps [django](https://github.com/django/django) from 4.2.16 to 4.2.17.
- [Commits](https://github.com/django/django/compare/4.2.16...4.2.17)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-12-09 07:37:13 +11:00
dependabot[bot]
47b8f8fb32 Bump pyjwt from 2.10.0 to 2.10.1 in /src/backend (#8619) 
* Bump pyjwt from 2.10.0 to 2.10.1 in /src/backend

Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.10.0 to 2.10.1.
- [Release notes](https://github.com/jpadilla/pyjwt/releases)
- [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1)

---
updated-dependencies:
- dependency-name: pyjwt
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-12-03 14:04:39 +11:00
Oliver
368f3b7bd4 Remove regex dependency (#8547) 
* Remove regex from requirements file

* Fix order of operations

- Remove hidden chars before removing HTML tags

* Remove requirement for regex package

* Additional unit tests

* Remove debug msg

* Fix for newline removal

* Fix variable shadowing

* Defer import of PIL.Image
 2024-11-26 20:29:51 +11:00
Matthias Mair
594dc49b84 Bump backend deps (#8559) 
* bump backend deps

* bump api
 2024-11-26 09:25:06 +11:00
Matthias Mair
e4a39692ff Add structlog (#7937) 
* Add structlog
Closes #3960

* fix formatting

* make log writing optional

* ignore logfiles

* fix variable naming
 2024-11-19 19:48:20 +11:00
Matthias Mair
61ca68090a bump backend deps (#8290) 2024-10-16 07:03:59 +11:00
dependabot[bot]
a3f045e12c Bump django from 4.2.15 to 4.2.16 in /src/backend (#8257) 
* Bump django from 4.2.15 to 4.2.16 in /src/backend

Bumps [django](https://github.com/django/django) from 4.2.15 to 4.2.16.
- [Commits](https://github.com/django/django/compare/4.2.15...4.2.16)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-10-10 21:00:10 +11:00
dependabot[bot]
690308d032 Bump cryptography from 43.0.0 to 43.0.1 in /src/backend (#8064) 
* Bump cryptography from 43.0.0 to 43.0.1 in /src/backend

Bumps [cryptography](https://github.com/pyca/cryptography) from 43.0.0 to 43.0.1.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/43.0.0...43.0.1)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-09-05 09:07:16 +10:00
Oliver
99e37de1d8 Update pint library to latest version (#8028) 
* Update pint library to latest version

* Fix hash

* Handle AssertionError
 2024-08-29 12:37:38 +10:00
Matthias Mair
d647471588 Chore: Bump python requirements (#7961) 
* bump requirements

* lower bound on pydyf
 2024-08-23 23:03:31 +00:00
dependabot[bot]
a5564090bb Bump django from 4.2.14 to 4.2.15 in /src/backend (#7827) 
* Bump django from 4.2.14 to 4.2.15 in /src/backend

Bumps [django](https://github.com/django/django) from 4.2.14 to 4.2.15.
- [Commits](https://github.com/django/django/compare/4.2.14...4.2.15)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix formatting

* bump everywhere

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-08-08 17:17:51 +10:00
dependabot[bot]
ba4b1bc07a Bump sentry-sdk from 2.7.0 to 2.8.0 in /src/backend (#7683) 
* Bump sentry-sdk from 2.7.0 to 2.8.0 in /src/backend

Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.7.0...2.8.0)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix requirements format

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-07-19 08:48:59 +10:00
Matthias Mair
dae173e84c Bump development deps (#7606) 
* bump pre-commit

* add config for codespell

* re-add hashes
 2024-07-18 09:53:17 +10:00
Matthias Mair
25c91323c9 bump setuptools (#7663) 
fixes https://github.com/inventree/InvenTree/security/dependabot/121
 2024-07-16 08:33:11 +10:00
Matthias Mair
be2beeca61 bumpd django to 4.2.14 (#7620) 
Fixes https://github.com/inventree/InvenTree/security/dependabot/116
 2024-07-11 16:49:10 +10:00
Matthias Mair
1d4114b6f5 General backend deps bump (#7521) 
* bump backend deps

* use lower version of drf

* pin import-export to under 4.9

* pin drf below 3.15

* add note about pins

* lower regex version
 2024-07-08 08:14:04 +10:00
dependabot[bot]
48fb087a96 Bump certifi from 2024.2.2 to 2024.7.4 in /src/backend (#7566) 
* Bump certifi from 2024.2.2 to 2024.7.4 in /src/backend

Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.2.2 to 2024.7.4.
- [Commits](https://github.com/certifi/python-certifi/compare/2024.02.02...2024.07.04)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* another fix

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
 2024-07-07 20:32:01 +10:00
Matthias Mair
c9e9ef1754 Bump pre commit versions (#7255) 
* bump pre-commit tools

* move uv config to pyproject

* style fix

* bump pre-commit deps again

* add config for code spell

* spelling fixes

* bump regex

* bump pre-commit

* bump versions again

* roll back regex version

* reverse uv bump

* compile for 3.12

* use 3.12 for ci

* remove unused env vars

* only cache main version

* set caching dep path

* remove caching distinction

* pip installl regex

* switch back to 3.9 default

* remove install test

* reset versions

* remove tomli

* Update playwright.config.ts

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
 2024-06-25 20:52:34 +10:00
dependabot[bot]
38a96e0352 Bump requests from 2.31.0 to 2.32.0 in /src/backend (#7283) 
* ---
updated-dependencies:
- dependency-name: requests
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-05-22 09:38:55 +10:00
Matthias Mair
f51a5d799c Bump django and adjacent deps (#7174) 
* bump django and adjacent deps

* adjust test to bot be so specific
 2024-05-07 23:57:00 +10:00
dependabot[bot]
df36f902fa Bump idna from 3.6 to 3.7 in /src/backend (#7110) 
* Bump idna from 3.6 to 3.7 in /src/backend

Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7.
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](https://github.com/kjd/idna/compare/v3.6...v3.7)

---
updated-dependencies:
- dependency-name: idna
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-04-23 21:05:29 +10:00
Matthias Mair
938c724395 Pin hashes in requirements (#7081) 
* use global pin for requests

* unify on yaml for workflo files

* format workflow files

* pin action versions

* fix pinned version

* use system venv

* switch args

* remove uv for now and add setting for pyyaml

* use requirements file

* also switch on docker flow

* generate hashes

* added hashes to reqs

* add hashes for CI too

* add hash checking

* require hashes everywhere possible

* require hashes where possible in docker
 2024-04-23 17:15:52 +10:00
dependabot[bot]
df5fcf7d62 Bump gunicorn from 21.2.0 to 22.0.0 in /src/backend (#7054) 
* Bump gunicorn from 21.2.0 to 22.0.0 in /src/backend

Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 21.2.0 to 22.0.0.
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](https://github.com/benoitc/gunicorn/compare/21.2.0...22.0.0)

---
updated-dependencies:
- dependency-name: gunicorn
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* req fix

* bump versions everywhere

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-04-17 16:39:18 +10:00
dependabot[bot]
5bf246c478 Bump sentry-sdk from 1.44.1 to 1.45.0 in /src/backend (#7039) 
* Bump sentry-sdk from 1.44.1 to 1.45.0 in /src/backend

Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.44.1 to 1.45.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.44.1...1.45.0)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* fix reqs... again

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-04-16 22:28:31 +10:00
dependabot[bot]
477765dbcb Bump setuptools from 69.2.0 to 69.5.1 in /src/backend (#7041) 
* Bump setuptools from 69.2.0 to 69.5.1 in /src/backend

Bumps [setuptools](https://github.com/pypa/setuptools) from 69.2.0 to 69.5.1.
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/setuptools/compare/v69.2.0...v69.5.1)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-04-16 22:28:15 +10:00
dependabot[bot]
ff8eeca8c0 Bump rapidfuzz from 3.8.0 to 3.8.1 in /src/backend (#6980) 
* Bump rapidfuzz from 3.8.0 to 3.8.1 in /src/backend

Bumps [rapidfuzz](https://github.com/rapidfuzz/RapidFuzz) from 3.8.0 to 3.8.1.
- [Release notes](https://github.com/rapidfuzz/RapidFuzz/releases)
- [Changelog](https://github.com/rapidfuzz/RapidFuzz/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/rapidfuzz/RapidFuzz/compare/v3.8.0...v3.8.1)

---
updated-dependencies:
- dependency-name: rapidfuzz
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-04-12 07:29:38 +10:00
Matthias Mair
94478a5fb2 Bump dependencies (#6969) 
* update pre-commit versions

* bump dependencies

* dummy changes

* update frontend dependencies

* remove dummy changes
 2024-04-07 12:01:42 +10:00
dependabot[bot]
3ef968ffa3 Bump pillow from 10.2.0 to 10.3.0 in /src/backend (#6944) 
* Bump pillow from 10.2.0 to 10.3.0 in /src/backend

Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.2.0 to 10.3.0.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/10.2.0...10.3.0)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-04-07 06:46:13 +10:00
Matthias Mair
fddcb629b6 [PUI] Add licenses texts to PUI (#6855) 
* compile a license texts bundle

* add backend license extraction on install

* change path for licenses

* add to gitignore

* Add api to expose license paths

* add texts

* add frontend rendering of licensing files

* Handle errors when fetching license information

* Format backend packages.txt in json

* Improved API rendering:

- Handle file errors
- Render as JSON object

* Improve frontend modal rendering

- Separate frontend / backend into tabs
- Split packages into accordion

* Generate JSON file for fronten deps

* Fix rendering for frontend deps

* Update src/frontend/src/components/modals/LicenseModal.tsx

Co-authored-by: Lukas <76838159+wolflu05@users.noreply.github.com>

* Update src/frontend/src/components/modals/LicenseModal.tsx

Co-authored-by: Lukas <76838159+wolflu05@users.noreply.github.com>

* make reading of licenses objects dynamic

* remove unsued import

* style fixes

* style fixes

* default to first value

* use new syntax to call docker compose

* merge fix

* fix path

* Roll back #6942

* Update qc_checks.yaml

Run migration checks when requirements file changes

---------

Co-authored-by: Oliver Walters <oliver.henry.walters@gmail.com>
Co-authored-by: Lukas <76838159+wolflu05@users.noreply.github.com>
 2024-04-04 10:31:20 +11:00
dependabot[bot]
5484450072 Bump rapidfuzz from 3.6.2 to 3.7.0 in /src/backend (#6938) 
* Bump rapidfuzz from 3.6.2 to 3.7.0 in /src/backend

Bumps [rapidfuzz](https://github.com/rapidfuzz/RapidFuzz) from 3.6.2 to 3.7.0.
- [Release notes](https://github.com/rapidfuzz/RapidFuzz/releases)
- [Changelog](https://github.com/rapidfuzz/RapidFuzz/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/rapidfuzz/RapidFuzz/compare/v3.6.2...v3.7.0)

---
updated-dependencies:
- dependency-name: rapidfuzz
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* merge fix

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-04-03 23:05:00 +11:00
dependabot[bot]
5548254c48 Bump django-money from 3.2.0 to 3.4.1 in /src/backend (#6942) 
* Bump django-money from 3.2.0 to 3.4.1 in /src/backend

Bumps [django-money](https://github.com/django-money/django-money) from 3.2.0 to 3.4.1.
- [Release notes](https://github.com/django-money/django-money/releases)
- [Changelog](https://github.com/django-money/django-money/blob/main/docs/changes.rst)
- [Commits](https://github.com/django-money/django-money/compare/3.2...3.4.1)

---
updated-dependencies:
- dependency-name: django-money
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* merge fix

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-04-03 21:56:22 +11:00
dependabot[bot]
e46ddb8cd4 Bump dj-rest-auth from 5.0.2 to 5.1.0 in /src/backend (#6940) 
* Bump dj-rest-auth from 5.0.2 to 5.1.0 in /src/backend

Bumps [dj-rest-auth](https://github.com/iMerica/dj-rest-auth) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/iMerica/dj-rest-auth/releases)
- [Commits](https://github.com/iMerica/dj-rest-auth/compare/5.0.2...5.1.0)

---
updated-dependencies:
- dependency-name: dj-rest-auth
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* merge fix

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
 2024-04-03 21:56:07 +11:00
Matthias Mair
0bace3f3af Code structure refactor (#5582) 
* moved docker files to /contrib/container

* changed code owners to make more precise

* updated CI to use new subdirs

* added manual trigger for testing

* moved ci files

* moved assets into subdir

* moved deploy template file to contrib

* moved django files to src/backend

* updated paths in scripts etc

* updated reqs path

* fixed version file path

* fixed flake8 path

* fixed path to node ressources

* fixed task paths

* added dep path for node

* removed unused yarn lockfile

* removed unused ci script

* updated internal backend paths for tasks

* updated translation stats path

* fixed source path for coverage

* fixed main commit repo path

* fit in changes from testing

* gather packager improvements (#149)

* Matmair/issue5578 (#143)

* moved docker files to /contrib/container

* changed code owners to make more precise

* updated CI to use new subdirs

* added manual trigger for testing

* moved ci files

* moved assets into subdir

* moved deploy template file to contrib

* moved django files to src/backend

* updated paths in scripts etc

* updated reqs path

* fixed version file path

* fixed flake8 path

* fixed path to node ressources

* fixed task paths

* added dep path for node

* removed unused yarn lockfile

* removed unused ci script

* updated internal backend paths for tasks

* updated translation stats path

* fixed source path for coverage

* fixed main commit repo path

* fix docker path

* use project dir

* move project dir command

* fixed docker paths

* another fix?

* seperate tasks out

* remove tasks

* some debugging

* ci: add .deepsource.toml

* Update .deepsource.toml

* also ignore migrations

* more debugging

* fix path issues

* remove debug script

* fix style

* change locale path

* Fixed paths for requirements

* Added dummy requirements to fool packager

* fixed exec path

* remove deepsource

---------

Co-authored-by: deepsource-io[bot] <42547082+deepsource-io[bot]@users.noreply.github.com>

* Added docs for file structure

* Fixed style errors

* updated deepsource paths

* fix deepsource paths

* fixed reqs

* merge fixes

* move newly added dirs too

* fix reqs files

* another dep fix

* merge upstream/master

* revert removal of tags

* merge upstream

* enabled detection of old config files

* adapt coverage src

* also detect and support old location for plugins.txt

* style fix

* fix ~/init.sh location

* fix requirements path

* fix config to current master

* move new folders

* fix import order

* fix paths for qc_check

* fix docs build

* fix fix path

* set docker project dir

* just use a cd

* set image path?

* set file correct

* fix copy path

* fix tasks dir

* fix init path

* fix copy path

* set prject dir

* fix paths

* remove old prod files

* fix dev env path

* set docker file

* Fix devcontainer docker compose file

* fix login attempt values

* fix init.sh path

* Fix pathing for Docker

* Docker build fix

- Set INVENTREE_BACKEND_DIR separately

* Update init.sh

* Fix path

* Update requirements.txt

* merge

* fix rq merge

* fix docker compose usage

---------

Co-authored-by: deepsource-io[bot] <42547082+deepsource-io[bot]@users.noreply.github.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
 2024-04-03 12:16:59 +11:00