2
0
mirror of https://github.com/inventree/InvenTree.git synced 2025-10-24 18:07:38 +00:00
Commit Graph

23 Commits

Author SHA1 Message Date
Matthias Mair
16e8f27872 bump contianer / dev dependencies too (#10472)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2025-10-04 22:00:14 +10:00
Matthias Mair
c9e74c5910 Adress minor dep issues (#10359)
* fix django version

* bump @vanilla-extract/vite-plugin to adress https://github.com/inventree/InvenTree/security/dependabot/226
2025-09-20 09:13:02 +10:00
Matthias Mair
6cb9327a1c chore(backend): bump deps (#10154)
* bump backend devs

* bump helper-deps
2025-08-17 07:04:44 +10:00
Matthias Mair
df6965088f bump backend deps (#10003) 2025-07-11 08:44:33 +10:00
Matthias Mair
25d13b4201 chore(backend): remove constraints (#9748)
* remove constraints

* general dep bump

* bump opentelemetry
2025-06-08 09:22:10 +10:00
Matthias Mair
7a984f831f bump backend deps (#9713)
* bump backend deps

* lower xmlsec to fix build

* add permament pin

* lower allauth as there are api changes

* unify dependabot config
2025-06-02 11:26:49 +10:00
Matthias Mair
d7c293788b fix(backend): ensure deps are coupled (#9649)
* fix(backend): ensure deps are coupled

* bump deps

* more constraints

* run dep resolver

* expand resolve even more

* lower lxml / xmlsec

* lower allauth
2025-05-10 22:39:07 +01:00
dependabot[bot]
d619932ae4 chore(deps): bump django from 4.2.20 to 4.2.21 in /src/backend (#9648)
* chore(deps): bump django from 4.2.20 to 4.2.21 in /src/backend

Bumps [django](https://github.com/django/django) from 4.2.20 to 4.2.21.
- [Commits](https://github.com/django/django/compare/4.2.20...4.2.21)

---
updated-dependencies:
- dependency-name: django
  dependency-version: 4.2.21
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* adjust setuptools to be equal

* ensure same version is used

* add missing constraint

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-05-09 07:44:57 +01:00
dependabot[bot]
964a14754e Bump the dependencies group across 1 directory with 2 updates (#9585)
* Bump the dependencies group across 1 directory with 2 updates

Bumps the dependencies group with 2 updates in the /src/backend directory: [django-q2](https://github.com/GDay/django-q2) and [sentry-sdk](https://github.com/getsentry/sentry-python).


Updates `django-q2` from 1.7.6 to 1.8.0
- [Release notes](https://github.com/GDay/django-q2/releases)
- [Changelog](https://github.com/django-q2/django-q2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/GDay/django-q2/compare/v1.7.6...v1.8.0)

Updates `sentry-sdk` from 2.26.1 to 2.27.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.26.1...2.27.0)

---
updated-dependencies:
- dependency-name: django-q2
  dependency-version: 1.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* sync setuptools

* Add missing API key - see https://github.com/inventree/InvenTree/actions/runs/14673293670/job/41184590051?pr=9585#step:5:1230

* fix this call too

* add an easier to debug assert

* ensure token is set

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-04-26 10:01:38 +10:00
Matthias Mair
2bc2cb6363 chore: bump container deps (#9329) 2025-03-18 08:08:48 +11:00
Matthias Mair
73b46c1c15 bump python deps (#9032) 2025-02-05 09:20:29 +11:00
Matthias Mair
c57b51cb0e chore(backend): bump deps (#8905)
* bump backend reqs

* raq down cryptography

* fix req

* bump api version
2025-01-19 17:50:22 +11:00
Matthias Mair
dd83735710 Fix vulnerable dependencies (#8655)
* bump container reqs

* bump vul frontend dep

* fix tests
2024-12-12 08:38:11 +11:00
Matthias Mair
594dc49b84 Bump backend deps (#8559)
* bump backend deps

* bump api
2024-11-26 09:25:06 +11:00
Matthias Mair
8d27144f78 bump container deps (#8337) 2024-10-23 09:52:35 +11:00
Matthias Mair
d647471588 Chore: Bump python requirements (#7961)
* bump requirements

* lower bound on pydyf
2024-08-23 23:03:31 +00:00
dependabot[bot]
a5564090bb Bump django from 4.2.14 to 4.2.15 in /src/backend (#7827)
* Bump django from 4.2.14 to 4.2.15 in /src/backend

Bumps [django](https://github.com/django/django) from 4.2.14 to 4.2.15.
- [Commits](https://github.com/django/django/compare/4.2.14...4.2.15)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix formatting

* bump everywhere

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-08-08 17:17:51 +10:00
Matthias Mair
dae173e84c Bump development deps (#7606)
* bump pre-commit

* add config for codespell

* re-add hashes
2024-07-18 09:53:17 +10:00
Matthias Mair
25c91323c9 bump setuptools (#7663)
fixes https://github.com/inventree/InvenTree/security/dependabot/121
2024-07-16 08:33:11 +10:00
Matthias Mair
be2beeca61 bumpd django to 4.2.14 (#7620)
Fixes https://github.com/inventree/InvenTree/security/dependabot/116
2024-07-11 16:49:10 +10:00
Matthias Mair
83191d3fbf Improve reproduciblity of image (#7120)
* hard-pin doc requirements

* update docs and commands

* hard pin container requirements

* check hashes in image build

* remove seperate uv install (is in base_requirements)

* containers already ships 3.11 - adjust packaging

* move build deps to general ci requirements

* install yarn using native tools

Closes https://github.com/inventree/InvenTree/security/code-scanning/95
Closes https://github.com/inventree/InvenTree/security/code-scanning/96

* merge install steps

* adapt install command args to be similar

* adapt docs to suggest safer install arg

* fix install path

* update dependabot settings
2024-04-29 11:04:45 +10:00
dependabot[bot]
df5fcf7d62 Bump gunicorn from 21.2.0 to 22.0.0 in /src/backend (#7054)
* Bump gunicorn from 21.2.0 to 22.0.0 in /src/backend

Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 21.2.0 to 22.0.0.
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](https://github.com/benoitc/gunicorn/compare/21.2.0...22.0.0)

---
updated-dependencies:
- dependency-name: gunicorn
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* req fix

* bump versions everywhere

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-04-17 16:39:18 +10:00
Matthias Mair
0bace3f3af Code structure refactor (#5582)
* moved docker files to /contrib/container

* changed code owners to make more precise

* updated CI to use new subdirs

* added manual trigger for testing

* moved ci files

* moved assets into subdir

* moved deploy template file to contrib

* moved django files to src/backend

* updated paths in scripts etc

* updated reqs path

* fixed version file path

* fixed flake8 path

* fixed path to node ressources

* fixed task paths

* added dep path for node

* removed unused yarn lockfile

* removed unused ci script

* updated internal backend paths for tasks

* updated translation stats path

* fixed source path for coverage

* fixed main commit repo path

* fit in changes from testing

* gather packager improvements (#149)

* Matmair/issue5578 (#143)

* moved docker files to /contrib/container

* changed code owners to make more precise

* updated CI to use new subdirs

* added manual trigger for testing

* moved ci files

* moved assets into subdir

* moved deploy template file to contrib

* moved django files to src/backend

* updated paths in scripts etc

* updated reqs path

* fixed version file path

* fixed flake8 path

* fixed path to node ressources

* fixed task paths

* added dep path for node

* removed unused yarn lockfile

* removed unused ci script

* updated internal backend paths for tasks

* updated translation stats path

* fixed source path for coverage

* fixed main commit repo path

* fix docker path

* use project dir

* move project dir command

* fixed docker paths

* another fix?

* seperate tasks out

* remove tasks

* some debugging

* ci: add .deepsource.toml

* Update .deepsource.toml

* also ignore migrations

* more debugging

* fix path issues

* remove debug script

* fix style

* change locale path

* Fixed paths for requirements

* Added dummy requirements to fool packager

* fixed exec path

* remove deepsource

---------

Co-authored-by: deepsource-io[bot] <42547082+deepsource-io[bot]@users.noreply.github.com>

* Added docs for file structure

* Fixed style errors

* updated deepsource paths

* fix deepsource paths

* fixed reqs

* merge fixes

* move newly added dirs too

* fix reqs files

* another dep fix

* merge upstream/master

* revert removal of tags

* merge upstream

* enabled detection of old config files

* adapt coverage src

* also detect and support old location for plugins.txt

* style fix

* fix ~/init.sh location

* fix requirements path

* fix config to current master

* move new folders

* fix import order

* fix paths for qc_check

* fix docs build

* fix fix path

* set docker project dir

* just use a cd

* set image path?

* set file correct

* fix copy path

* fix tasks dir

* fix init path

* fix copy path

* set prject dir

* fix paths

* remove old prod files

* fix dev env path

* set docker file

* Fix devcontainer docker compose file

* fix login attempt values

* fix init.sh path

* Fix pathing for Docker

* Docker build fix

- Set INVENTREE_BACKEND_DIR separately

* Update init.sh

* Fix path

* Update requirements.txt

* merge

* fix rq merge

* fix docker compose usage

---------

Co-authored-by: deepsource-io[bot] <42547082+deepsource-io[bot]@users.noreply.github.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2024-04-03 12:16:59 +11:00