Commit Graph
100 Commits
Author SHA1 Message Date
9c0cb34106 Merge commit from fork
* fix behaviour

* style fixes

---------

Co-authored-by: Oliver Walters <oliver.henry.walters@gmail.com>
2026-04-08 08:13:39 +10:00
Matthias MairandGitHub e91f306245 feat(frontend): improve comms around danger of staff users (#11659)
* docs: add more details around staff / superuser roles and their dangers

* make clear that staff users are dangerous

* make distinction clearer in API

* add error code and frontend warning about running with staff / admin user

* fix test

* bump api

* adapt banner warning

* make banner locally disableable

* add global option to disable elevated user alert
2026-04-05 22:51:46 +10:00
Matthias MairandGitHub 45de695d4f feat(backend): add request id (#11666)
helpful for https://github.com/inventree/InvenTree/issues/9996
2026-04-03 14:07:27 +11:00
Matthias MairGitHubcopilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
5d1cbf4e9a refactor(backend): replace bleach with nh3 and bump weasy (#11655)
* Replace bleach with nh3 for HTML sanitization

Agent-Logs-Url: https://github.com/matmair/InvenTree/sessions/913a447a-5efa-4fa3-b8b1-6af5feaa24f0

Co-authored-by: matmair <66015116+matmair@users.noreply.github.com>

* reduce diff

* bump weasy

* fix name

* remove old textual refs

* move defaults

* add some comments

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
2026-04-02 15:35:15 +11:00
Matthias MairandGitHub 07a0bd2e24 remove duplicate requirements (#11654) 2026-04-02 10:46:41 +11:00
Matthias MairandGitHub a8cef43484 docs: add more details around staff / superuser roles and their dangers (#11658) 2026-04-02 10:40:10 +11:00
Matthias MairandGitHub 1f01229d30 fix(backend): API description ordering more deterministic (#11649)
* fix(backend): API description ordering more deterministic

* bump API

* Update API version history in api_version.py
2026-04-01 08:54:44 +11:00
Matthias MairandGitHub e3c9a35bae feat(backend): add inventree version to every response (#11611)
* feat(backend): add inventree version to every response

* add more info
2026-03-29 14:27:05 +11:00
8b67fe5e99 fix(frontend): Template Editor Rendering Issues (#11601)
* fix order

* general bump

* allign @codemirror

* fix style

* add playwright test

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-03-27 07:29:03 +11:00
Matthias MairandGitHub ae593bd7c4 chore(backend): full backend/image bump (#11571)
* full bump

* bump base image

* update comment

* fix ty errors

* lower allauth
2026-03-23 21:46:45 +11:00
Matthias MairandGitHub 08e8b43cd4 docs:clear up admin access (#11595) 2026-03-23 07:11:48 +11:00
Matthias MairandGitHub 9c993d1c22 bump drf (#11559) 2026-03-20 07:18:27 +11:00
Matthias MairandGitHub 16103379c9 chore(backend): Bump ty (#11537)
* bump ty - there is better django support now

* more fixes

* fix usage of types

* add missing type

* fix access

* ensure itteration is safe

* fix uncombat decimal usage

* ?potential breaking: change access key

* remove now obsolete igtnore

* ignore errors on StdImageField

* remove usage of unkonw parameter

* fix diff error

* fix schema creation

* fix coverage quirk

* those are unneeded now?

* this seem to have been an issue with 3.12; not occuring on 3.14

* ignore pydantiics

* ignore edge cases for now

* include isGenerating fix

* make typing python 3.11 compatible

* fix more errors
2026-03-18 18:25:50 +11:00
Matthias MairandGitHub ab116309b3 chore(backend): fix isGenerating detection (#11548) 2026-03-18 00:00:33 +11:00
Matthias MairandGitHub 97aec82d33 bump PyJWT (#11532)
fixes https://github.com/inventree/InvenTree/security/dependabot/386
2026-03-15 22:03:45 +11:00
Matthias MairandGitHub 29ac2392db bump undici (#11526) 2026-03-15 01:25:20 +11:00
Matthias MairandGitHub 897e3b9ec6 bump build tooling (#11505) 2026-03-14 22:55:30 +11:00
Matthias MairandGitHub d7af345e20 refactor(frontend): use central user creds (#11520) 2026-03-14 13:29:46 +11:00
Matthias MairandGitHub fda3204e33 fix: low-privilege user token creation (#11492)
* [bug] Users cannot create their own API tokens
Fixes #11486

* fix detection of metadata

* make easier to read

* add handler for IsAuthenticated

* use correct method

* fix style see #11487

* add frontend test

* make test more reliable?
2026-03-14 12:02:49 +11:00
f7da51b752 fix style issue from 11485 (#11487)
* fix https://github.com/inventree/InvenTree/pull/11485

* fix style

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-03-12 12:17:06 +11:00
57949b69e0 chore(frontend): resolution bump (#11465)
* chore(frontend): resolution bump

* bump nyc

* bump vite-plugin-istanbul

* bump @codecov/vite-plugin

* bump @lingui

* fix typing

* fix tests

* make more robust

* fix @codemirror

* fix another switch

* add more "give" to test

* ifnore demo dataset

* fix assert

* revert test change

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-03-12 12:14:36 +11:00
Matthias MairandGitHub 7d61e59046 bump django (#11463) 2026-03-05 16:02:37 +11:00
Matthias MairandGitHub 511d97b912 re-enable codspeed (#11457)
* re-enable codspeed

* fix style

* use 2 step check

* use more verbose syntax

* run performance even if not needed otherwise

* fix possible injection

* another possible injection

* fix syntax

* run python api instead of backend perf test forced

* only submit tests when running in correct enviroment
2026-03-05 09:45:26 +11:00
Matthias MairandGitHub 2c67454163 fix requirements (#11445) 2026-03-02 18:47:56 +11:00
Matthias MairandGitHub cdd102f215 feat(docs): add next breaking docs (#11433) 2026-02-27 23:01:09 +11:00
Matthias MairandGitHub 71b77136ef chore(docs): remove old structure entry (#11435) 2026-02-27 11:10:11 +11:00
Matthias MairandGitHub ac9a1f2251 feat(backend): ensure restore of backups only works in correct enviroments (#11372)
* [FR] ensure restore of backups only works in correct enviroments
Fixes #11214

* update PR nbr

* fix wrong ty detection

* fix link

* ensure tracing does not enagage while running backup ops

* fix import

* remove debugging string

* add error codes

* add tests for backup and restore

* complete test for restore

* we do not need e2e on every matrix entry
there is no realy db dep here

* fix changelog format

* add flag to allow bypass
2026-02-25 10:23:00 +11:00
Matthias MairandGitHub 00be7abda2 bump docker image to python 3.14 (#11414) 2026-02-24 07:33:54 +11:00
Matthias MairandGitHub 33c57887ad bump django-allauth (#11401)
* bump django-allauth

* bump api
2026-02-23 19:55:09 +11:00
Matthias MairandGitHub fe921f2b8e fix pkg release pipeline (#11403)
* fix pkg release pipeline

* ammend version command

* fix release steps

* hardn version detection

* add doc string

* fix case

* use build-in env for security
2026-02-23 07:18:39 +11:00
782c765685 make INVENTREE_WEB_PORT more usefull (#11352)
* make INVENTREE_WEB_PORT more usefull

* Update contrib/container/docker-compose.yml

Co-authored-by: Philipp Fruck <dev@p-fruck.de>

* revert change

* Fix indentation for environment variable in docker-compose

---------

Co-authored-by: Philipp Fruck <dev@p-fruck.de>
2026-02-20 21:10:49 +11:00
Matthias MairandGitHub 1ac3f5e479 fix change from #11387 (#11388) 2026-02-20 13:01:47 +11:00
Matthias MairandGitHub 1cc1f059c8 refactor(backend): switch release pipeline to new pkgr version (#11336)
* refactor(backend): switch release pipeline to new pkgr version

* fix wrong assign

* fix warnings

* also publish to release artifacts
2026-02-17 21:42:14 +11:00
Matthias MairandGitHub b8cf2db68e disable traceid gen in unsecure context (#11349) 2026-02-17 10:46:09 +11:00
Matthias MairandGitHub 25e054a613 remove funding (#11347)
this is now done by the org die setting in inventree/.github
2026-02-17 08:52:38 +11:00
Matthias MairGitHubOlivergithub-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
723a4be24a Update base image in Dockerfile (#11309)
* Bump version number to 1.2.0 (#11299)

* Bump version number to 1.2.0

* Update CHANGELOG.md

* Update base image in Dockerfile

Updated base image to the latest version as of 2026-02-12.

* Fix for devcontainer build (#11311) (#11312)

- Install yarn a different way

(cherry picked from commit 2a613809ec)

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-02-14 09:19:57 +11:00
Matthias MairandGitHub b11bbfb92c feat(frontend): Add better frontend tracing (#11244)
* add better tracing through the frontend

* extend allowed headers

* add endpoint to end the trace

* end traces correctly in backend

* end trace

* early cop-out if not tracing is enabled

* Update API version link for v447
2026-02-12 15:53:58 +11:00
Matthias MairandGitHub 9fbc7ac40c feat(frontend): add warning to SO line calcs (#11296) 2026-02-12 13:05:12 +11:00
Matthias MairandGitHub ee10bbb766 Update README with Artifact Hub badge (#11291)
Added Artifact Hub badge to README.
2026-02-12 09:26:31 +11:00
Matthias MairandGitHub fa32d5f0d2 chore(backend): allign dep pinning (#11292) 2026-02-12 09:26:04 +11:00
Matthias MairandGitHub 232cc08ddc bump django due to... all the releases vulns (#11265) 2026-02-07 11:22:46 +11:00
Matthias MairandGitHub 619da6e619 refactor(frontend): load server and auth info in paralell (#11245) 2026-02-03 08:16:17 +11:00
e6077565c5 refactor(backend): SSO registration cleanup (#11239)
* add more debugging and remove possible problematic inheritance

* remove unused functions

* remove extra conversion

* ensure cirrect type is used

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-02-02 13:14:06 +11:00
5d34bd1ea6 chore(backend): sync protobuff version (#11234)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-02-01 22:01:21 +11:00
Matthias MairandGitHub e554cf2a58 feat(frontend): disable_theme_storage (#11208)
* feat(frontend): disable_theme_storage

* bump API version

* fix access pattern
2026-01-29 20:50:05 +11:00
Matthias MairandGitHub 620e69be4d feat(backend): extend schema intro (#10628)
* small refactor

* add inventree vendor extension

* bump api version

* Add control over schema to settings

* add more details

* disable config as requested

* adjust 3.14 diff

* cleanup diff

* add docs on the new feature

* revert bumping of api version - there is no cahnge by default
2026-01-29 16:31:58 +11:00
Matthias MairandGitHub ec10c1ef1b fix deps (#11219) 2026-01-29 10:17:36 +11:00
Matthias MairandGitHub c7a0da1a68 feat: matrix testing for python 3.14 (#10904)
* feat: matrix testing

* remove unneeded args

* remove hashes for now

* remove require-hashes for now

* try manually fixing cffi for now

* remove wrong cache syntax

* remove cache for now

* move to 3.14?

* make version specific install req

* re-add hashes

* Revert "remove require-hashes for now"

This reverts commit 7a7e12130a.

* also compile requirements-dev

* move more install commands

* fix generation setting

* more logging

* remove cache exception

* remove cffi fix

* remove hash inforcement for now

* remove dev for now

* default to 3.14 to val

* Revert "default to 3.14 to val"

This reverts commit 7a28e46604.

* fix constraints

* remove pin requirement from plugins.txt

* do not use uv for now

* do not use uv for now

* fix test file format

* revert small change

* use 3.14 for benchmarks

* keep tests on 3.11

* use invoke for install

* try 3.14 for performance testing again

* prolong time for slower CI on 3.14

* adjust dep versions

* Keep performance ci on 3.12

Updated the Python version in the QC checks workflow.
2026-01-28 13:17:51 +11:00
Matthias MairandGitHub 8cec42c266 bump react-router-dom (#11210) 2026-01-27 20:01:53 +11:00
Matthias MairandGitHub 060e917fc9 fix (backend): finer grained registration control for Single Sign On (#11190)
* finer grained registration control for Single Sign On
Fixes #11162

* fix for python 3.11
2026-01-22 23:36:34 +11:00
Matthias MairandGitHub 98a5919a94 bump pyasn1 (#11163)
https://github.com/inventree/InvenTree/security/dependabot/292
2026-01-20 07:50:19 +11:00
Matthias MairandGitHub 9fa40ae572 fix: MFA enforce flows / interactions (#10796)
* Add a explicit confirm when MFA Enforcing is turned on

https://github.com/inventree/InvenTree/issues/10754

* add error boundary for the case of a login enforcement

* ensure registration setup is redirected to

* fix auth url

* adjust error boundary

* update test

* be more specific in enforcement flow

* ensure we log the admin also out immidiatly after removing all mfa

* small cleanup

* sml chg

* fix execution order issues

* clean up args

* cleanup

* add test for mfa change logout

* fix IP in test

* add option to require an explicit confirm

* adapt ui to ask before patching

* bump API version
2026-01-16 09:33:10 +11:00
Matthias MairandGitHub 07e1a72261 feat(backend): enable reseting mfa via username from the cli (#11133)
* feat(backend): enable reseting mfa via username

* fix tests

* extend testing saveguards to username cli
2026-01-14 22:04:21 +11:00
Matthias MairandGitHub 22d6f7d191 chore(ci): Re-enable codspeed runner (#11120)
* re-enable codspeed runner

* dummy change

* add readme entry

* do not run codspeed in forks

* set node version

* also set up node

* fix link
2026-01-14 22:03:23 +11:00
Matthias MairandGitHub e1b5fbd38d feat(backend): better for logging to detect issues with static files discovery (#11067)
* reduce noise in docker

* refactor path infos

* add more info during local frontend build

* add frontend info during release build

* ignore "special" import

* change var name
2026-01-10 12:53:55 +11:00
Matthias MairandGitHub 26f105fe88 feat(backend): Add dedicated health endpoint (#11104)
* feat(backend): Add dedicated health endpoint

* bump api version

* add test for new endpoint

* fix check
2026-01-09 14:06:51 +11:00
Matthias MairandGitHub eba1cdcbd4 backend: bump deps (#11097)
* bump backend deps

* lower ty again
2026-01-09 09:15:21 +11:00
Matthias MairandGitHub f01d56ec0b Switch away from codspeed-macro to ubuntu-24.04 (#11099)
The current usage limits are not feasible for our deploy model
2026-01-08 18:55:43 +11:00
Matthias MairandGitHub 2457197446 Bump tooling (#11096)
* Matmair/issue10740 (#497)

* reduce noise in docker

* refactor path infos

* add more info during local frontend build

* add frontend info during release build

* Revert "Matmair/issue10740 (#497)" (#498)

This reverts commit 415c52813b.

* bum pre-commit and update to new formatting rule

* fix style
2026-01-08 10:01:23 +11:00
Matthias MairandGitHub 5b290f44c0 refactor(backend): reduce API surface by unifying metadata endpoints (#11035)
* replace individual metadata endpoints with a generic endpoint an a lot of permanent redirects

* remove more names

* reduce duplication more

* remove now unneeded tests

* update remaining tests to use urls

* bump api

* follow redirects in tests

* reduce new fncs

* fix redirect setup

* fix test

* update to fix schema collissions

* fix permission check

* simplify and fix lookup

* clone fork for now

* add changelog entry

* update api version date

* remove temporary change to python lib

* update docs
2026-01-07 07:13:25 +11:00
0a685c09de refactor(backend): use walltime for performance testing (#11081)
* Matmair/issue10740 (#497)

* reduce noise in docker

* refactor path infos

* add more info during local frontend build

* add frontend info during release build

* Revert "Matmair/issue10740 (#497)" (#498)

This reverts commit 415c52813b.

* use walltime

* switch measure mode

* dummy change

* dummy change

* ensure npm works

* pin needed version

* split out performance test to also use walltime

* roll back split, is too slow

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-01-07 07:05:12 +11:00
Matthias MairandGitHub 75d6cbf729 feat (backend): Add more performance tests (#11080)
* Matmair/issue10740 (#497)

* reduce noise in docker

* refactor path infos

* add more info during local frontend build

* add frontend info during release build

* Revert "Matmair/issue10740 (#497)" (#498)

This reverts commit 415c52813b.

* add more performance tests (dummy)

* dummy change

* disable debug for a more realistic test

* revert debug change

* add "real" tests

* fix style

* specify backend for type check

* add setup prep step

* fix uninstall command

* fix install?

* fix instanciation

* fix test

* fix format

* disable tests

* add auth test

* fix test
2026-01-06 14:41:01 +11:00
64650781be deps(frontend): bump mantine packages (#11020)
* bump mantine packages

* bump helpers

* Adjust frontend test

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-01-04 09:45:09 +11:00
Matthias MairGitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>MichaelOliverMitch DavisMitch Davis
79c43be4f1 feat(backend): add performance tests (#11017)
* feat(backend): add performance test

ref #11002

* feat(backend): add performance test (#486)

* chore(deps): bump the dependencies group across 1 directory with 2 updates (#11003)

* chore(deps): bump the dependencies group across 1 directory with 2 updates

Bumps the dependencies group with 2 updates in the /src/backend directory: [django-q2](https://github.com/GDay/django-q2) and [sentry-sdk](https://github.com/getsentry/sentry-python).


Updates `django-q2` from 1.8.0 to 1.9.0
- [Release notes](https://github.com/GDay/django-q2/releases)
- [Changelog](https://github.com/django-q2/django-q2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/GDay/django-q2/compare/v1.8.0...v1.9.0)

Updates `sentry-sdk` from 2.46.0 to 2.47.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.46.0...2.47.0)

---
updated-dependencies:
- dependency-name: django-q2
  dependency-version: 1.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>

* Rearrange python package installs in are metal setup  (#11005)

* Reorder pip installation steps in bare metal setup

* Reorder pip installation steps in bare metal setup

* remove unused lines

* Fix docs formatting (#11008)

* Remove prefetch_related from parametric data filter (#11007)

- Not required as we do not process the parameter fields in python

* [refactor] Generic status API (#11009)

* Fix docs formatting

* [refactor] cache custom states

- Generic state API endpoint executed  query for each state type
- We can run a single database query and cache these in memory
- Reduces query time by ~50%

* [refactor] Build list (#11010)

- Prefetch project_code
- Annotate parameter data

* Improve the documentation installation instructions. (#11011)

Co-authored-by: Mitch Davis <mjd@afork.com>

* [refactor] Improve primary_address annotation for Company API (#11006)

* Refactor primary_address annotation

- Remove SerializerMethodField
- Better cache introspection

* Allow address detail to be optional

* Refactor address caching

* Fix primary_address annotation

* Remove "address_count" field

- Pointless annotation which is not used anywhere

* Update API version

* Tweak docs page

* Tweak unit tests

* feat(backend): add performance test

ref #11002

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Michael <michael@buchmann.ruhr>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
Co-authored-by: Mitch Davis <mjd+github@afork.com>
Co-authored-by: Mitch Davis <mjd@afork.com>

* add oidc perm

* fix run setup

* add gitignore

* pin action

* enable DB for test

* patch test detection

* move test argument into tasks

* seperate performance testing into own step

* add automigration

* update test

* Increase MAX_QUERY_TIME to 60 seconds

* use newer python for better prerformance / measurement options

* skip plugin install step

* add debug step

* add debug stmt

* make version import safe

* fix command

* more debugging

* move import

* rollback changes

* do full install

* rollback skip_plugins too

* hide version

* new debug try

* add more debug

* try 3.13

* try reinstalling the cffi

* reinstall cffi?

* reset debug

* rollback debug steos

* add initial tests

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Michael <michael@buchmann.ruhr>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
Co-authored-by: Mitch Davis <mjd+github@afork.com>
Co-authored-by: Mitch Davis <mjd@afork.com>
2025-12-19 08:45:49 +11:00
Matthias MairandGitHub 8a614f4501 deps(backend): bump allauth (#11030)
* bump allauth

* fix api schema generation

* bump api
2025-12-17 10:20:58 +11:00
Matthias MairandGitHub 2eccf13c93 Default Supplier Support Missing in 1.X.X (#10980)
Fixes #10979
2025-12-16 22:12:35 +11:00
Matthias MairandGitHub dc409c4efb bump precommit (#10981)
* bump precommit

* also bump gitleaks
2025-12-09 07:52:16 +11:00
Matthias MairandGitHub a0cfdd72a5 fix(frontend): deps (#10970)
https://github.com/inventree/InvenTree/security/dependabot/260
https://github.com/inventree/InvenTree/security/dependabot/243
https://github.com/inventree/InvenTree/security/dependabot/258
https://github.com/inventree/InvenTree/security/dependabot/257
2025-12-07 07:04:06 +11:00
Matthias MairandGitHub be9ec848c3 fix(backend): fix various vulns (#10967)
* fix urllib

* fix fonttools

* fix django
2025-12-07 00:13:57 +11:00
Matthias MairandGitHub c8b1bfb716 refactor (frontend): address code scanning issues (#10935)
* remove unused defs

* optimize

* revert rename
2025-12-02 18:11:02 +11:00
Matthias MairandGitHub 7b592f157c feat: add cooldown to dependabot (#10930) 2025-11-29 09:14:45 +11:00
Matthias MairandGitHub be5814112d refactor(backend): port typo fixes from #10699 (#10926)
* typo fxes from #10699

* bump api version
2025-11-29 07:03:02 +11:00
Matthias MairandGitHub fcea1383d0 Installer missing some required packages from REQS (#10897)
Fixes #10813
2025-11-24 09:12:21 +11:00
Matthias MairandGitHub 5d21bf2679 feat(backend)!: bump to dj 5.2 lts / py 3.11 (#10730)
* feat(backend): bump to 5.2 lts / python 3.11

This will give us support till 2027-10 (PEP 664)

* bump dependencies

* fix dflt version

* remove 3.9 precaution

* changes for 5.2

* changes for py 3.10

* debug command

* lower crypto again

* another lowering

* fix version string

* lower minimum version to 3.11

* update refs

* fix text

* reaking: remove now unsupported OS

* disable break

* remove temp changes

* fix ruff call

* fix remaining ruff warnings

* remove old arg

* lower allauth reqs

* replace old method

* fix issue with args passing beeing depreceated

* add changelog entries

* bump dependencies a bit further

* fix broken image init for now
might need a refactor

* fix another test

* refactor image name lookup

* mroe refactoring

* ensure str does not cause an issue

* update referenced function

* fix cal sig

* simplify method and add test

* refactor

* ignore wrong typings

* fix deprecated feature

* simplify

* ensure image tests do their job

* simplify

* re-add type check

* fix test

* fix assertations - wonder how long this was broken

* bump to newer versions

* bump deps

* fix assertation
2025-11-11 11:45:25 +11:00
Matthias MairandGitHub f3e8482469 fix(backend): auth check middleware for specific media access (#10784)
* simplify

* fix return type

* handle token (app access)

* reduce lookup amount

* add positive test again

* add poisitive test

* move out settings

* add tests for Check2FAMiddleware

* add test for auth_request

* add a reverse name for auth_request

* auth tests refactors

* move test

* disable check for things that do not trigger

* fix typing for python 3.9

* make names clearer and add comments

* finish tests

* fix call

* re-enable mfa test without the timing component

* cleanup helper

* ignore easy out

* ignore scenario that can not happen
2025-11-10 08:58:58 +11:00
Matthias MairandGitHub b048ca3a04 refactor (frontend): reduce message and time in recovery codes (#10778)
* reduce showing of wrong info boxes

* stop waiting 30 sec when there is an error
2025-11-06 10:44:03 +11:00
Matthias MairandGitHub 2fc7c7eb54 improve docker dx with empty migration set (#10774)
* if we are in docker and empty - init db

* use structlog

* remove logging change

* reduce diff

* ignore in test mode

* add changes from review
2025-11-06 10:42:34 +11:00
Matthias MairandGitHub e1bf67b32c fix: typo ins installer stops script from working (#10744) 2025-11-03 10:31:52 +11:00
Matthias MairandGitHub d7daf660ef fix uv (#10742)
https://github.com/inventree/InvenTree/security/dependabot/248
2025-11-03 09:35:35 +11:00
1159418b17 feat(frontend): Add start page with quick actions to Admin Center (#7995)
* add option to set leftMargin

* Add home tab and action button

* make home button actually go to home

* Add general info text

* Add dependeant quick action section

* Add Quickaction to home page

* use Carousel

* style check

* small fixes

* add permanent alerts to Admin Center Home

* also show inactive alerts

* fix order of alerts

* simplify attrs

* remove security section for now

* bring quick actions alive

* adjust text

* Use StylishText

* Make alert columns reactive

* Adjust text formatting

* Refactor <QuickActions />

- Use responsive grid instead of carousel
- Add icons
- Translate text

---------

Co-authored-by: Oliver Walters <oliver.henry.walters@gmail.com>
2025-10-30 22:06:07 +11:00
Matthias MairandGitHub 8152ccee99 fix(frontend): webauth action order (#10716) 2025-10-30 14:03:17 +11:00
Matthias MairandGitHub edd920e594 fix(backend): disable MFA test for now (#10717) 2025-10-30 11:34:02 +11:00
Matthias MairandGitHub 6581af7165 feat(backend): add storages to make usage of s3/sftp easier (#10140)
* feat(backend): add storages to make usage of S3 easy

* add S3/SFTP settings

* add changelog entry

* also configure static

* get it running on hetzner / exo

* doc additional settings

* fix style

* adress various review comments

* move setting files

* use enum for backends

* revert change

* split up storage settings

* fix comparison
2025-10-30 07:57:22 +11:00
Matthias MairandGitHub f47a1a4675 refactor(backend): switch to empty buildpack for package, extend supported OS versions (#10705)
* bump vers

* fix ssl?

Added build dependencies for libbz2, libffi, and libssl.

* try empty buildpack

* clean up

* fix ref

* remove things we now do not need anymore

* add 22.04 as a target

* cleanup installer

* add changelog entry

* add dotenv

* update skript

* make task more robust for package usage

* ensure we have a site-url set

* fix style

* fix syntax
2025-10-29 11:26:40 +11:00
Matthias MairandGitHub 5c556a2a80 use config (#10704) 2025-10-29 07:15:08 +11:00
Matthias MairandGitHub 2e4b1d65f7 feat(frontend): add passkey/webauthn for secondary MFA (#9729)
* bump allauth

* add trust

* add device trust handling

* fix style

* [FR] Add passkey as a factor
Fixes #4002

* add registration

* allow better testing

* add mfa context

* fix login

* add changelog entry

* fix registration

* remove multi device packages

* move to helper

* handle mfa trust

* simplify page fnc
2025-10-28 18:52:39 +11:00
Matthias MairandGitHub 3babad796e fix medium sec issues in frontend dependencies (#10686)
* bump @playwright/test to address https://github.com/inventree/InvenTree/security/dependabot/242

* bump vite to address https://github.com/inventree/InvenTree/security/dependabot/243

* remove splitVendorChunkPlugin
2025-10-28 07:09:51 +11:00
Matthias MairandGitHub 6cd733a83a refactor(backend): add enums for ordering fields (#10629)
* Add enums for ordering fields

* add version bump
2025-10-21 10:13:32 +11:00
Matthias MairandGitHub d71aae1ca9 refactor(backend): filtered endpoints - generic testing and small fixes (#10602)
* move filtering of serializer fields out of functions into mixin

* fix def

* temp fix

* rollback rollback

* more adoption

* fix many serializer behaviour

* optimize mro

* set many serializer

* adjust default filtering

* fix import

* add missed field

* make can_filter suppport more complex scenarios:
- different filtername from fieldname
- multiple fields with one filtername

* fix removal

* fix schema?

* add missing def

* add test

* fix schema fields

* fix another serializer issue

* further fixes

* extend tests

* also process strings

* fix serializer for schema

* ensure popped values are persisted

* move test around

* cleanup

* simplify tests

* fix typo

* fix another test

* var tests

* disable additional tests

* make application of PathScopedMixin more intentional -> more efficient

* make safer to use with various sanity checks

* fix list serializer

* add option to ignore special cases

* generalize addition

* remove generalize addition

* re-add missing schema generation exception

* remove new duplication

* fix style

* adjust naming and docs, add typing to clean stuff up

* simplify more

* fix ref calc

* Add generic test for serializer

* enable query based filtering

* enable previously disabled filters

* test failure modes

* reduce diff

* make check more robust

* add more INVE-I2 checks

* improve check

* make check and test more robust

* enable controlling query parameters per field

* ignore in coverage

* Remove project_code filter from BuildSerializer

Removed project_code filter from BuildSerializer.

* fix style

* Revert "Remove project_code filter from BuildSerializer"

This reverts commit 504eff0fd7.

* Revert "fix style"

This reverts commit 8e31db95d3.
2025-10-21 08:55:43 +11:00
Matthias MairandGitHub a02d1011e7 chores(backend): bump various deps (#10624)
* bump various deps

* align helpers deps

* revert allauth change

* fix style

* bump allauth too

* bum api version as there is a small allauth change
2025-10-21 06:54:40 +11:00
Matthias MairandGitHub e3ef9e48f6 refactor(backend): Editorial changes to machine serializer descriptions (#10630)
* improve serializer text

* small type improvs

* more precise text (for API)

* bump api version

* more fixes
2025-10-20 09:20:15 +11:00
Matthias MairandGitHub 874be9920d Setup: allow more python versions (#10615)
* extend supported python versions

* bump max python
2025-10-19 06:07:27 +11:00
Matthias MairandGitHub 5b7820eef0 refactor(backend): shift filterable serializer responses to a more introspection friendly model (#10498)
* move filtering of serializer fields out of functions into mixin

* fix def

* temp fix

* rollback rollback

* more adoption

* fix many serializer behaviour

* optimize mro

* set many serializer

* adjust default filtering

* fix import

* add missed field

* make can_filter suppport more complex scenarios:
- different filtername from fieldname
- multiple fields with one filtername

* fix removal

* fix schema?

* add missing def

* add test

* fix schema fields

* fix another serializer issue

* further fixes

* extend tests

* also process strings

* fix serializer for schema

* ensure popped values are persisted

* move test around

* cleanup

* simplify tests

* fix typo

* fix another test

* var tests

* disable additional tests

* make application of PathScopedMixin more intentional -> more efficient

* make safer to use with various sanity checks

* fix list serializer

* add option to ignore special cases

* generalize addition

* remove generalize addition

* re-add missing schema generation exception

* remove new duplication

* fix style

* adjust naming and docs, add typing to clean stuff up

* simplify more

* fix ref calc
2025-10-18 09:17:01 +11:00
Matthias MairandGitHub ac1eb85334 refactor(backend): reduce duplication in tests (#10579)
* refactor(backend): reduce duplication for tests

* fix tests

* fix text

* adjust last test
2025-10-14 08:23:25 +11:00
Matthias MairandGitHub 6327707c0e fix(installer): make VERSION information accessible in invoke calls (#10558)
* implement version loading in more contexts
closes #10554

* factor version file out

* ensure results do not contain new strings
2025-10-13 09:01:53 +11:00
Matthias MairandGitHub 49f8f72a46 chore(backend)!: fix spelling (#10557)
* fix spelling

* add changelog entry
2025-10-13 07:06:14 +11:00
Matthias MairandGitHub 13845c69da feat(backend): Improve error message on INVE-7 (#10518)
* feat(backend): Improve error message on INVE-7

* change wording

* fix test

* another fix
2025-10-07 11:25:13 +11:00
Matthias MairandGitHub ac6028b871 fix: correct admin credential msg (#10521)
* fix installers final message

* adjust text
2025-10-07 11:09:22 +11:00
Matthias MairandGitHub c83a9b01ce fix: package distribution (#10515)
* show warning text

* fix formatting

* try to gather site-url correctly

* protect envs that are set in the config

* raise issue if they appear

* prefer app setting over file config

* preserve setting if injected via envs
2025-10-07 08:56:08 +11:00
Matthias MairandGitHub a2ee45ea2d chore(backend): fix missing ignore (#10512)
* fix ignore

* ignore sentry that is not used in prod
2025-10-07 08:28:40 +11:00