* feat(backend): add inventree version to every response
* add more info
(cherry picked from commit e3c9a35bae)
Co-authored-by: Matthias Mair <code@mjmair.com>
* Restrict queryset for DataImportSession
- Only allow non-staff users to see their own sessions
* Add unit test
* raise PermissionDenied if no user info available
(cherry picked from commit b98fc9c7a0)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
* Improvements for get_bulk_queryset (#11581)
* Improvements for get_bulk_queryset
- Limit scope to base view queryset
- Remove ability to provide arbitrary filters
- Remove feedback if zero items are found
* Adjust unit test
* Remove filter test
* Update CHANGELOG.md
* Refactoring for report helper functions (#11579)
* Refactoring for media file report helper functions
* Updated unit tests
* Improved error handling
* Generic path return for asset
* Fix return type annotations
* Fix existing test
* Tweaked unit test
* Collect static files in CI
* Run static step for all DB tests
* Update action.yaml
* Fix for action.yaml
* Updated unit tests
* DataOutput API fix
- Prevent non-staff users from accessing unrelated DataOutput instances
* Add unit tests
(cherry picked from commit c5bf915d10)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
* Record user info when creating stock item
* Add unit test
* Add playwright test
(cherry picked from commit fc730b9af7)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
* fix(plugin): use app_name instead of plugin_path when deregistering models
_deactivate_mixin uses plugin_path (the full dotted module path) as the
key into Django's apps.all_models when removing plugin models during
reload. However, Django registers models under the app_label (the short
app_name), not the full plugin_path.
For plugins with nested module paths (e.g. "myplugin.myplugin"),
plugin_path != app_name. Since apps.all_models is a defaultdict, looking
up plugin_path silently creates an empty OrderedDict, then .pop(model)
raises KeyError because the model was never in that dict — it was
registered under app_name.
This causes recurring KeyError crashes every plugin reload cycle
(~1 minute) for any external plugin with a nested package structure.
The fix:
- Use app_name (already computed at line 98) instead of plugin_path
- Add default None to .pop() for defensive safety
- Consistent with line 123 which already correctly uses app_name
* test(plugin): add unit test for nested plugin path model deregistration
Ensures _deactivate_mixin uses app_name (last path component) instead
of the full plugin_path when looking up models in apps.all_models,
preventing KeyError for external plugins with nested module structures.
* style: fix ruff format for context manager parenthesization
(cherry picked from commit 468f0f9c3b)
Co-authored-by: nino-tan-smartee <nino.tan@smartsourcing.co>
* [bug] Users cannot create their own API tokens
Fixes#11486
* fix detection of metadata
* make easier to read
* add handler for IsAuthenticated
* use correct method
* fix style see #11487
* add frontend test
* make test more reliable?
(cherry picked from commit fda3204e33)
Co-authored-by: Matthias Mair <code@mjmair.com>
Required for label printing - pdf2image cannot convert PDFs to images without poppler's pdfinfo binary being present on the system.
(cherry picked from commit 6deed010a3)
Co-authored-by: jbell <jbell101@gmail.com>
Co-authored-by: Justyn Bell <justyn.bell@subinitial.com>
When the plugin registry reloads during an active HTTP request,
create_default_labels() raises ValidationError on duplicate template
inserts. On PostgreSQL this aborts the entire outer atomic() block,
causing TransactionManagementError on all stock operations in that request.
Fixes#11469
(cherry picked from commit a964d6682e)
Co-authored-by: tigger2000ttfn <tigger2000ttfn@gmail.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
* Add unit test to detect unreliable pagination
* Enforce PK field ordering
- Append 'pk' ordering to InvenTreeOrderingFilter
* Use our ordering filter everywhere
* Simplify ordering options
* Enforce list
* Use last term for ordering checks
* Individual delete to fix mysql issue
(cherry picked from commit 3bbdddf51d)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
* Add custom logo and splash to playwright fixtures
* Render custom logo in frontend
* Add playwright tests for customization settings
* Separate playwright run for customization
* Update ci file
* Update playwright config file
* Do not call get_custom_file from withing settings.py
- django app not fully initialized yet
- can cause loops
* Disable default tests (for now)
* Re-enable normal tests
* Update qc checks
* Order of operations?
* Debug output
* Use env
* Add more debug info
* More debug
* Further debug
* Add collectstatic check
* Run normal tests too
* Remove debug prints
* Batch update of records during migration
Reduce issues with very large datasets
* Add short-circuit logic
* Filter and prefetch
(cherry picked from commit a4a399022f)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
* Prevent migration check if performing DB update operations
* Prevent settings write during data imports
* Prevent exchange rate update during migration processes
* Allow exchange rate updates during tests or shell session
(cherry picked from commit 951586a698)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
* Bump software version to 1.2.1
* Fix style issues
* [CI] Allow more test time
* Disable performance testing
---------
Co-authored-by: Matthias Mair <code@mjmair.com>
* [bug] FIx for data migration
Prevent writing of default currency to database during migration or backup
* Ignore error
(cherry picked from commit 7a646946c3)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
* Bump version number to 1.2.0 (#11299)
* Bump version number to 1.2.0
* Update CHANGELOG.md
* Update base image in Dockerfile
Updated base image to the latest version as of 2026-02-12.
* Fix for devcontainer build (#11311) (#11312)
- Install yarn a different way
(cherry picked from commit 2a613809ec)
---------
(cherry picked from commit 723a4be24a)
Co-authored-by: Matthias Mair <code@mjmair.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* add better tracing through the frontend
* extend allowed headers
* add endpoint to end the trace
* end traces correctly in backend
* end trace
* early cop-out if not tracing is enabled
* Update API version link for v447
github-actions[bot]
Matthias Mair
Oliver