2
0
mirror of https://github.com/inventree/InvenTree.git synced 2025-10-24 18:07:38 +00:00
Commit Graph

110 Commits

Author SHA1 Message Date
dependabot[bot]
835e9e2556 chore(deps): bump the dependencies group across 3 directories with 10 updates (#10482)
* chore(deps): bump the dependencies group across 3 directories with 10 updates

Bumps the dependencies group with 1 update in the /contrib/dev_reqs directory: [pyyaml](https://github.com/yaml/pyyaml).
Bumps the dependencies group with 3 updates in the /docs directory: [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin), [mkdocs-macros-plugin](https://github.com/fralau/mkdocs_macros_plugin) and [mkdocs-material](https://github.com/squidfunk/mkdocs-material).
Bumps the dependencies group with 6 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [pyyaml](https://github.com/yaml/pyyaml) | `6.0.2` | `6.0.3` |
| [django-oauth-toolkit](https://github.com/django-oauth/django-oauth-toolkit) | `3.0.1` | `3.1.0` |
| [docutils](https://github.com/rtfd/recommonmark) | `0.22.1` | `0.22.2` |
| [grpcio](https://github.com/grpc/grpc) | `1.75.0` | `1.75.1` |
| [pypdf](https://github.com/py-pdf/pypdf) | `6.0.0` | `6.1.1` |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | `2.38.0` | `2.39.0` |



Updates `pyyaml` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/6.0.2...6.0.3)

Updates `pyyaml` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/6.0.2...6.0.3)

Updates `mkdocs-include-markdown-plugin` from 7.1.8 to 7.2.0
- [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases)
- [Commits](https://github.com/mondeja/mkdocs-include-markdown-plugin/compare/v7.1.8...v7.2.0)

Updates `mkdocs-macros-plugin` from 1.3.9 to 1.4.0
- [Release notes](https://github.com/fralau/mkdocs_macros_plugin/releases)
- [Changelog](https://github.com/fralau/mkdocs-macros-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fralau/mkdocs_macros_plugin/compare/v1.3.9...v1.4.0)

Updates `mkdocs-material` from 9.6.20 to 9.6.21
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.6.20...9.6.21)

Updates `pyyaml` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/6.0.2...6.0.3)

Updates `django-oauth-toolkit` from 3.0.1 to 3.1.0
- [Release notes](https://github.com/django-oauth/django-oauth-toolkit/releases)
- [Changelog](https://github.com/django-oauth/django-oauth-toolkit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/django-oauth/django-oauth-toolkit/compare/3.0.1...3.1.0)

Updates `docutils` from 0.22.1 to 0.22.2
- [Changelog](https://github.com/readthedocs/recommonmark/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rtfd/recommonmark/commits)

Updates `grpcio` from 1.75.0 to 1.75.1
- [Release notes](https://github.com/grpc/grpc/releases)
- [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md)
- [Commits](https://github.com/grpc/grpc/compare/v1.75.0...v1.75.1)

Updates `pypdf` from 6.0.0 to 6.1.1
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.0.0...6.1.1)

Updates `pyyaml` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/6.0.2...6.0.3)

Updates `sentry-sdk` from 2.38.0 to 2.39.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.38.0...2.39.0)

Updates `setuptools` from 80.9.0 to 
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/setuptools/commits)

---
updated-dependencies:
- dependency-name: pyyaml
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pyyaml
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-include-markdown-plugin
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: mkdocs-macros-plugin
  dependency-version: 1.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: mkdocs-material
  dependency-version: 9.6.21
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pyyaml
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-oauth-toolkit
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: docutils
  dependency-version: 0.22.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: grpcio
  dependency-version: 1.75.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pypdf
  dependency-version: 6.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: pyyaml
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.39.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: setuptools
  dependency-version: 
  dependency-type: direct:production
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2025-10-07 22:51:03 +11:00
Matthias Mair
ac6028b871 fix: correct admin credential msg (#10521)
* fix installers final message

* adjust text
2025-10-07 11:09:22 +11:00
Matthias Mair
c83a9b01ce fix: package distribution (#10515)
* show warning text

* fix formatting

* try to gather site-url correctly

* protect envs that are set in the config

* raise issue if they appear

* prefer app setting over file config

* preserve setting if injected via envs
2025-10-07 08:56:08 +11:00
Oliver
946d4358c3 Tweak docker setup (#10490)
- Set default forwarding values
2025-10-05 22:05:16 +11:00
Matthias Mair
16e8f27872 bump contianer / dev dependencies too (#10472)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2025-10-04 22:00:14 +10:00
Matthias Mair
c9e74c5910 Adress minor dep issues (#10359)
* fix django version

* bump @vanilla-extract/vite-plugin to adress https://github.com/inventree/InvenTree/security/dependabot/226
2025-09-20 09:13:02 +10:00
Matthias Mair
f0beb4a426 fix a few docker security holes (#10260)
* fix no-cache statements

* fix possible security escape

* fix possible globbing

* merge statements that belong together

* pin image
2025-09-04 09:02:17 +10:00
Oliver
085381fa70 Debian docker image (#10227)
* Debian docker image

- Swap from alpine to debian slim-trixie
- Refactor Dockerfile
- Optimize image size
- Reduce @vitejs/plugin-react version

* Remove commented-out lines

* Ensure invoke is installed

* Adjust Dockerfile

* Actually build the python libs

* Adjust dockerfile

* Install git in dev image

* Tweaks
2025-09-03 17:05:03 +10:00
Oliver
e9b8c264b1 Update dockerfile (#10225)
* Update dockerfile

Updated dockerfile to provide support for new node LTS

* Tweak plugin-react version

* Fix Dockerfile
2025-08-25 22:50:39 +10:00
dependabot[bot]
0d7e3fa068 chore(deps): bump the dependencies group across 3 directories with 3 updates (#10212)
* chore(deps): bump the dependencies group across 3 directories with 3 updates

Bumps the dependencies group with 1 update in the /contrib/dev_reqs directory: [requests](https://github.com/psf/requests).
Bumps the dependencies group with 2 updates in the /docs directory: [requests](https://github.com/psf/requests) and [mkdocs-material](https://github.com/squidfunk/mkdocs-material).
Bumps the dependencies group with 2 updates in the /src/backend directory: [requests](https://github.com/psf/requests) and [coverage[toml]](https://github.com/nedbat/coveragepy).


Updates `requests` from 2.32.4 to 2.32.5
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.32.4...v2.32.5)

Updates `requests` from 2.32.4 to 2.32.5
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.32.4...v2.32.5)

Updates `mkdocs-material` from 9.6.17 to 9.6.18
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.6.17...9.6.18)

Updates `requests` from 2.32.4 to 2.32.5
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.32.4...v2.32.5)

Updates `coverage[toml]` from 7.10.3 to 7.10.4
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.10.3...7.10.4)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.32.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: requests
  dependency-version: 2.32.5
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-material
  dependency-version: 9.6.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: requests
  dependency-version: 2.32.5
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: coverage[toml]
  dependency-version: 7.10.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-08-23 08:10:42 +10:00
Daniil Chudo
669a155467 fix: The function should return early when in Docker environment (#10178)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-08-18 11:16:28 +10:00
Matthias Mair
6cb9327a1c chore(backend): bump deps (#10154)
* bump backend devs

* bump helper-deps
2025-08-17 07:04:44 +10:00
gunstr
c8f82d3e90 Update to Bare Metal installation docs (#10086)
* Install PostgreSQL client when needed

* Fix supervisor path to server/worker

* Supervisor IP configuration
2025-07-27 23:40:49 +10:00
dependabot[bot]
8f1f03ed1c chore(deps): bump the dependencies group across 3 directories with 6 updates (#10035)
* chore(deps): bump the dependencies group across 3 directories with 6 updates

Bumps the dependencies group with 1 update in the /contrib/dev_reqs directory: [jc](https://github.com/kellyjonbrazil/jc).
Bumps the dependencies group with 2 updates in the /docs directory: [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin) and [mkdocs-material](https://github.com/squidfunk/mkdocs-material).
Bumps the dependencies group with 3 updates in the /src/backend directory: [django-allauth[mfa,openid,saml,socialaccount]](https://github.com/sponsors/pennersr), [pypdf](https://github.com/py-pdf/pypdf) and [sentry-sdk](https://github.com/getsentry/sentry-python).


Updates `jc` from 1.25.4 to 1.25.5
- [Release notes](https://github.com/kellyjonbrazil/jc/releases)
- [Changelog](https://github.com/kellyjonbrazil/jc/blob/master/CHANGELOG)
- [Commits](https://github.com/kellyjonbrazil/jc/compare/v1.25.4...v1.25.5)

Updates `mkdocs-include-markdown-plugin` from 7.1.5 to 7.1.6
- [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases)
- [Commits](https://github.com/mondeja/mkdocs-include-markdown-plugin/compare/v7.1.5...v7.1.6)

Updates `mkdocs-material` from 9.6.14 to 9.6.15
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.6.14...9.6.15)

Updates `django-allauth[mfa,openid,saml,socialaccount]` from 65.9.0 to 65.10.0
- [Commits](https://github.com/sponsors/pennersr/commits)

Updates `pypdf` from 5.7.0 to 5.8.0
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/5.7.0...5.8.0)

Updates `sentry-sdk` from 2.32.0 to 2.33.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.32.0...2.33.0)

---
updated-dependencies:
- dependency-name: jc
  dependency-version: 1.25.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-include-markdown-plugin
  dependency-version: 7.1.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-material
  dependency-version: 9.6.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-allauth[mfa,openid,saml,socialaccount]
  dependency-version: 65.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: pypdf
  dependency-version: 5.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-07-22 10:38:34 +10:00
Matthias Mair
df6965088f bump backend deps (#10003) 2025-07-11 08:44:33 +10:00
Matthias Mair
370baeff8b fix instrumentation code (#9872) 2025-06-26 16:51:50 +10:00
Matthias Mair
797b5f57b0 feat(backend): improve worker tracing (#9808)
* feat(backend): improve worker log

* refactor tracing details

* add tracing to gunicorn setup

* add sqlite tracing

* add system metrics

* instument wsgi

* make dbengine better accessible

* fix instruction

* instrument worker

* track task scheduling

* trace common tasks

* patch in support for django q

* trace various tasks

* add trcing for other dbs

* ignore coverage on tracing stuff

* more ignorance
2025-06-20 09:47:28 +10:00
dependabot[bot]
f7c8788ad5 chore(deps): bump urllib3 from 2.4.0 to 2.5.0 in /src/backend (#9809)
* chore(deps): bump urllib3 from 2.4.0 to 2.5.0 in /src/backend

Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/2.4.0...2.5.0)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-version: 2.5.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* bump all instances

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-06-19 10:37:53 +10:00
dependabot[bot]
5915a1e13d chore(deps): bump requests from 2.32.3 to 2.32.4 in /contrib/dev_reqs (#9765)
* chore(deps): bump requests from 2.32.3 to 2.32.4 in /contrib/dev_reqs

Bumps [requests](https://github.com/psf/requests) from 2.32.3 to 2.32.4.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.32.3...v2.32.4)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.32.4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-06-12 16:39:48 +10:00
Matthias Mair
25d13b4201 chore(backend): remove constraints (#9748)
* remove constraints

* general dep bump

* bump opentelemetry
2025-06-08 09:22:10 +10:00
Oliver
a63efc4089 Docker tweaks (#9738)
* Tweak docker compose file

* Tweak docs

* Cleanup docker-compose file
2025-06-05 15:08:51 +10:00
Matthias Mair
7a984f831f bump backend deps (#9713)
* bump backend deps

* lower xmlsec to fix build

* add permament pin

* lower allauth as there are api changes

* unify dependabot config
2025-06-02 11:26:49 +10:00
Matthias Mair
d7c293788b fix(backend): ensure deps are coupled (#9649)
* fix(backend): ensure deps are coupled

* bump deps

* more constraints

* run dep resolver

* expand resolve even more

* lower lxml / xmlsec

* lower allauth
2025-05-10 22:39:07 +01:00
dependabot[bot]
d619932ae4 chore(deps): bump django from 4.2.20 to 4.2.21 in /src/backend (#9648)
* chore(deps): bump django from 4.2.20 to 4.2.21 in /src/backend

Bumps [django](https://github.com/django/django) from 4.2.20 to 4.2.21.
- [Commits](https://github.com/django/django/compare/4.2.20...4.2.21)

---
updated-dependencies:
- dependency-name: django
  dependency-version: 4.2.21
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* adjust setuptools to be equal

* ensure same version is used

* add missing constraint

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-05-09 07:44:57 +01:00
dependabot[bot]
964a14754e Bump the dependencies group across 1 directory with 2 updates (#9585)
* Bump the dependencies group across 1 directory with 2 updates

Bumps the dependencies group with 2 updates in the /src/backend directory: [django-q2](https://github.com/GDay/django-q2) and [sentry-sdk](https://github.com/getsentry/sentry-python).


Updates `django-q2` from 1.7.6 to 1.8.0
- [Release notes](https://github.com/GDay/django-q2/releases)
- [Changelog](https://github.com/django-q2/django-q2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/GDay/django-q2/compare/v1.7.6...v1.8.0)

Updates `sentry-sdk` from 2.26.1 to 2.27.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.26.1...2.27.0)

---
updated-dependencies:
- dependency-name: django-q2
  dependency-version: 1.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* sync setuptools

* Add missing API key - see https://github.com/inventree/InvenTree/actions/runs/14673293670/job/41184590051?pr=9585#step:5:1230

* fix this call too

* add an easier to debug assert

* ensure token is set

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-04-26 10:01:38 +10:00
Matthias Mair
8bb03b7afd feat(backend): add oauth2 (#9333)
* feat(backend): add oauth2

* fix import

* Add inventree roles

* refactor to make lookup more efficient

* fix single scope definitions

* cleanup

* fix schema

* reduce auth methods

* fix OAuth validator

* re-enable token and basic auth again

* Add models to role mapping

* change scope args

* add debug step for schema generation

* add oauth config for schema generation

* improve token -> permission mapping

* fix req

* extend checks to ensure normal auth also passes

* fix api version

* fix ignore

* fix rule name

* bump api version

* remove old modelref

* move scope definition

* make test results easier to work with

* add tests to ensure scopes are in sync with rulesets

* fix docstring

* fix various permissions and their mapping to oauth

* refactor

* simplify

* fix permission mapping

* ignore failure cases

* fix unauthenticated access

* flag oAuth2 till it is done

* Add OIDC support

* add RSA key generation and docs

* fix test

* move imports

* update ignore

* feat(backend): Add API Schema stats

* add scope stats

* fix name

* fix scope output

* feat(backend): test custom command

* add warning for unknown scopes

* reduce diff in launch.json

* cleanup  diff

* add error code for ruleset / scope issues

* update structure

* add oauth docs

* add experimetnal feature docs

* simplify metadata endpoint

* add importer model

* refactor(backend): simplify metadata endpoint

* fix imports

* simplify even more

* remove unneeded schema tooling

* fix permission mappings

* fix testing

* fix role calculations

* fix mapping

* remove importer change to unblock this

* remove importer scope everywhere

* fix merge conflict in test

* add missing models

* fix api version

* fix OASToken matcher

* revert permission class change

* reduce size of test log by writing schema

* fix permissions

* fix file path

* extend schema to remove need for TokenMatchesOASRequirements

* cleanup permissions file

* add base object permission
2025-04-18 19:27:32 +10:00
Matthias Mair
2712f30382 fix: ci security issues (#9451)
* fix possible code injection errors

* pin n
2025-04-04 09:04:06 +11:00
Oliver
b116e09717 Docker updates (#9414)
* Typo fix

* Examples to .env file
2025-03-31 07:45:53 +11:00
Oliver
99ec486b79 [Docker] Update node version (#9383)
* Update node version

* Install nvm

* Use n instead of nvm

* Use same approach in devcontainer

* nvm -> npm

* Split commands

* Fix typo

* Workaround : install bash

* Tweak playwright tests

* Bump number of retries

* Update deps

* Only one worker

* SEcurity fix

* Adjust
2025-03-27 01:25:58 +11:00
Matthias Mair
9bc0d599bc chore: improve ci security (#9384)
* pin docker files

* pin github actions

* enforce hashes that are already present

* run style checks on cicd changes
2025-03-26 13:04:45 +11:00
Matthias Mair
2bc2cb6363 chore: bump container deps (#9329) 2025-03-18 08:08:48 +11:00
Oliver
191c0b1007 Docker Compose Fix (#9311)
* Fix postgres version in docker-compose file

- Pin to version 16
- Compatible with the alpine image

* Add check for backup and restore procedures
2025-03-16 10:43:40 +11:00
Oliver
15ad62494f [Docker] Alpine image fix (#9118)
* Revert to alpine3:20 / postgres:16

* Remove old hack

- No longer needed as we are using python 3.11

* Update package requirements for devcontainer

Also fixes some docker warnings from the alpine Dockerfile

* Specify SITE_URL

* Reduce log output during docker image testing
2025-02-21 18:02:39 +11:00
Oliver
6f939931ca Docker postgres fix (#9041)
* Update docker image

- Move from alpine 3.19 to alpine 3.21
- Move from postgres13_client to postgres17_client

* Update docker-compose file

- Move from postgres:13 to postgres:16
- Move from redis:7.0 to redis:7-alpine

* Update docs

* Update docker docs

* Separate Dockerfile for devcontainer

- Debian based (python3.11-bookworm)
- Install essential system packages

* Instal postgres client

* Further devcontainer updates

- Bump postgresql image from 13 to 15
- Store psql data in the dev/psql directory
- Install required frontend packages

* Use --host mode for frontend server

* Tweak devcontainer docs

* Bump pre commit config file

* Revert "Bump pre commit config file"

This reverts commit bbfd875ac8.
2025-02-15 08:00:12 +11:00
Matthias Mair
a3be8e986b chore(contrib): include pkg source in pkg logging (#9035)
* fix(backend): wrong path for version was used

* chore(contrib): Include Pkg source in pkg logging
2025-02-06 09:17:42 +11:00
Matthias Mair
73b46c1c15 bump python deps (#9032) 2025-02-05 09:20:29 +11:00
Matthias Mair
c57b51cb0e chore(backend): bump deps (#8905)
* bump backend reqs

* raq down cryptography

* fix req

* bump api version
2025-01-19 17:50:22 +11:00
Matthias Mair
64b9365947 chore: bump pre commit (#8904)
* bump pre-commit

* auto-fixes

* ignore error

* fix a few more issues

* fix pattern
2025-01-18 09:38:00 +11:00
Oliver
0614f01247 Docker fix (#8835)
* Fix server command in Dockerfile

* Ensure invoke is installed into the venv

* Run extra check in docker build step

* Improve documentation

* Intercept ModuleNotFoundError

- Clear error message

* Docs updates

* Add extra check to dev docker build

* Cleanup tasks.py

* Prevent double activation of venv

* Change order of operations

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2025-01-06 09:46:16 +11:00
Oliver
decccf8163 Fix for buggy Caddyfile (#8830) 2025-01-05 22:18:24 +11:00
Matthias Mair
d7939efaa9 Fix package install in envs using python lower than 3.12 on debian like OSs (#8793)
* do not install with uv for now - fixes #8789
#8742 #8495 #8494

* Ensure errors are raised if install / update fails
2024-12-31 23:13:35 +11:00
Oliver
74cd0b9aed Update .env file (#8799)
* Update .env file

- No functional changes
- Improved file comments

* Update .env

Improved comment
2024-12-31 14:44:34 +11:00
Oliver
ecc1c937ed Caddyfile documentation (#8798)
* basic mixin file

* Add basic check for model type support

* Enhanced documentation for Caddyfile

* Additional documentation around proxy server

* Remove code from other PR
2024-12-31 13:35:51 +11:00
Matthias Mair
dd83735710 Fix vulnerable dependencies (#8655)
* bump container reqs

* bump vul frontend dep

* fix tests
2024-12-12 08:38:11 +11:00
dependabot[bot]
893a54c38a Bump the dependencies group across 2 directories with 3 updates (#8621)
* Bump the dependencies group across 2 directories with 3 updates

Bumps the dependencies group with 1 update in the /contrib/dev_reqs directory: [jc](https://github.com/kellyjonbrazil/jc).
Bumps the dependencies group with 2 updates in the /docs directory: [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin) and [mkdocs-material](https://github.com/squidfunk/mkdocs-material).


Updates `jc` from 1.25.3 to 1.25.4
- [Release notes](https://github.com/kellyjonbrazil/jc/releases)
- [Changelog](https://github.com/kellyjonbrazil/jc/blob/master/CHANGELOG)
- [Commits](https://github.com/kellyjonbrazil/jc/compare/v1.25.3...v1.25.4)

Updates `mkdocs-include-markdown-plugin` from 7.1.1 to 7.1.2
- [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases)
- [Commits](https://github.com/mondeja/mkdocs-include-markdown-plugin/compare/v7.1.1...v7.1.2)

Updates `mkdocs-material` from 9.5.46 to 9.5.47
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.46...9.5.47)

---
updated-dependencies:
- dependency-name: jc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-include-markdown-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-12-03 09:08:27 +11:00
Matthias Mair
594dc49b84 Bump backend deps (#8559)
* bump backend deps

* bump api
2024-11-26 09:25:06 +11:00
Matthias Mair
0f194af585 Fix spelling of InvenTree in code base (#8561)
* fix spelling of InvenTree in code

* fix spelling in frontend
2024-11-26 08:29:47 +11:00
Oliver
33a686ace8 Enable redis by default for docker setup (#8501)
* Enable redis by default for docker setup

* Bring cache up before server
2024-11-17 00:14:30 +11:00
Matthias Mair
8d27144f78 bump container deps (#8337) 2024-10-23 09:52:35 +11:00
Oliver
d75ef7c9c9 Revert int.worker to worker (#8126)
- Prevent existing docker compose installs from breaking
2024-09-16 11:07:24 +10:00