Commit Graph

2453 Commits

Author SHA1 Message Date
Matthias Mair 3c9b014939
add frontend cookie removal of mfa trust (#11768) 2026-04-21 10:26:39 +10:00
dependabot[bot] a0431b32d6
chore(deps): bump follow-redirects in /src/frontend (#11749)
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.11 to 1.16.0.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-version: 1.16.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-20 09:17:26 +10:00
dependabot[bot] 87326ebb52
chore(deps): bump the dependencies group across 1 directory with 25 updates (#11763)
* chore(deps): bump the dependencies group across 1 directory with 25 updates

Bumps the dependencies group with 25 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [invoke](https://github.com/pyinvoke/invoke) | `2.2.1` | `3.0.3` |
| [bleach](https://github.com/mozilla/bleach) | `4.1.0` | `6.3.0` |
| [boto3](https://github.com/boto/boto3) | `1.42.82` | `1.42.87` |
| [botocore](https://github.com/boto/botocore) | `1.42.82` | `1.42.87` |
| [django-dbbackup](https://github.com/Archmonger/django-dbbackup) | `5.2.0` | `5.3.0` |
| [importlib-metadata](https://github.com/python/importlib_metadata) | `8.7.1` | `9.0.0` |
| [lxml](https://github.com/lxml/lxml) | `6.0.2` | `6.0.3` |
| [opentelemetry-exporter-otlp-proto-common](https://github.com/open-telemetry/opentelemetry-python) | `1.40.0` | `1.41.0` |
| [opentelemetry-exporter-otlp-proto-grpc](https://github.com/open-telemetry/opentelemetry-python) | `1.40.0` | `1.41.0` |
| [opentelemetry-exporter-otlp-proto-http](https://github.com/open-telemetry/opentelemetry-python) | `1.40.0` | `1.41.0` |
| [opentelemetry-instrumentation](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.61b0` | `0.62b0` |
| [opentelemetry-instrumentation-dbapi](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.61b0` | `0.62b0` |
| [opentelemetry-proto](https://github.com/open-telemetry/opentelemetry-python) | `1.40.0` | `1.41.0` |
| [opentelemetry-semantic-conventions](https://github.com/open-telemetry/opentelemetry-python) | `0.61b0` | `0.62b0` |
| [opentelemetry-util-http](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.61b0` | `0.62b0` |
| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.9.4` | `4.9.6` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `6.33.6` | `7.34.1` |
| [python-fsutil](https://github.com/fabiocaccamo/python-fsutil) | `0.16.0` | `0.16.1` |
| [rapidfuzz](https://github.com/rapidfuzz/RapidFuzz) | `3.14.3` | `3.14.5` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.3` | `2.1.2` |
| [click](https://github.com/pallets/click) | `8.3.1` | `8.3.2` |
| [python-discovery](https://github.com/tox-dev/python-discovery) | `1.2.1` | `1.2.2` |
| [types-psycopg2](https://github.com/python/typeshed) | `2.9.21.20260223` | `2.9.21.20260408` |
| [types-pyyaml](https://github.com/python/typeshed) | `6.0.12.20250915` | `6.0.12.20260408` |
| [virtualenv](https://github.com/pypa/virtualenv) | `21.2.0` | `21.2.1` |



Updates `invoke` from 2.2.1 to 3.0.3
- [Commits](https://github.com/pyinvoke/invoke/compare/2.2.1...3.0.3)

Updates `bleach` from 4.1.0 to 6.3.0
- [Changelog](https://github.com/mozilla/bleach/blob/main/CHANGES)
- [Commits](https://github.com/mozilla/bleach/compare/v4.1.0...v6.3.0)

Updates `boto3` from 1.42.82 to 1.42.87
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](https://github.com/boto/boto3/compare/1.42.82...1.42.87)

Updates `botocore` from 1.42.82 to 1.42.87
- [Commits](https://github.com/boto/botocore/compare/1.42.82...1.42.87)

Updates `django-dbbackup` from 5.2.0 to 5.3.0
- [Release notes](https://github.com/Archmonger/django-dbbackup/releases)
- [Changelog](https://github.com/Archmonger/django-dbbackup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Archmonger/django-dbbackup/compare/5.2.0...5.3.0)

Updates `importlib-metadata` from 8.7.1 to 9.0.0
- [Release notes](https://github.com/python/importlib_metadata/releases)
- [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst)
- [Commits](https://github.com/python/importlib_metadata/compare/v8.7.1...v9.0.0)

Updates `lxml` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/lxml/lxml/compare/lxml-6.0.2...lxml-6.0.3)

Updates `opentelemetry-exporter-otlp-proto-common` from 1.40.0 to 1.41.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python/compare/v1.40.0...v1.41.0)

Updates `opentelemetry-exporter-otlp-proto-grpc` from 1.40.0 to 1.41.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python/compare/v1.40.0...v1.41.0)

Updates `opentelemetry-exporter-otlp-proto-http` from 1.40.0 to 1.41.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python/compare/v1.40.0...v1.41.0)

Updates `opentelemetry-instrumentation` from 0.61b0 to 0.62b0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits)

Updates `opentelemetry-instrumentation-dbapi` from 0.61b0 to 0.62b0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits)

Updates `opentelemetry-proto` from 1.40.0 to 1.41.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python/compare/v1.40.0...v1.41.0)

Updates `opentelemetry-semantic-conventions` from 0.61b0 to 0.62b0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python/commits)

Updates `opentelemetry-util-http` from 0.61b0 to 0.62b0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits)

Updates `platformdirs` from 4.9.4 to 4.9.6
- [Release notes](https://github.com/tox-dev/platformdirs/releases)
- [Changelog](https://github.com/tox-dev/platformdirs/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/platformdirs/compare/4.9.4...4.9.6)

Updates `protobuf` from 6.33.6 to 7.34.1
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

Updates `python-fsutil` from 0.16.0 to 0.16.1
- [Release notes](https://github.com/fabiocaccamo/python-fsutil/releases)
- [Changelog](https://github.com/fabiocaccamo/python-fsutil/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fabiocaccamo/python-fsutil/compare/0.16.0...0.16.1)

Updates `rapidfuzz` from 3.14.3 to 3.14.5
- [Release notes](https://github.com/rapidfuzz/RapidFuzz/releases)
- [Changelog](https://github.com/rapidfuzz/RapidFuzz/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/rapidfuzz/RapidFuzz/compare/v3.14.3...v3.14.5)

Updates `wrapt` from 1.17.3 to 2.1.2
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](https://github.com/GrahamDumpleton/wrapt/compare/1.17.3...2.1.2)

Updates `click` from 8.3.1 to 8.3.2
- [Release notes](https://github.com/pallets/click/releases)
- [Changelog](https://github.com/pallets/click/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/click/compare/8.3.1...8.3.2)

Updates `python-discovery` from 1.2.1 to 1.2.2
- [Release notes](https://github.com/tox-dev/python-discovery/releases)
- [Commits](https://github.com/tox-dev/python-discovery/compare/1.2.1...1.2.2)

Updates `types-psycopg2` from 2.9.21.20260223 to 2.9.21.20260408
- [Commits](https://github.com/python/typeshed/commits)

Updates `types-pyyaml` from 6.0.12.20250915 to 6.0.12.20260408
- [Commits](https://github.com/python/typeshed/commits)

Updates `virtualenv` from 21.2.0 to 21.2.1
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](https://github.com/pypa/virtualenv/compare/21.2.0...21.2.1)

---
updated-dependencies:
- dependency-name: invoke
  dependency-version: 3.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: bleach
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: boto3
  dependency-version: 1.42.87
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: botocore
  dependency-version: 1.42.87
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-dbbackup
  dependency-version: 5.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: importlib-metadata
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: lxml
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: opentelemetry-exporter-otlp-proto-common
  dependency-version: 1.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: opentelemetry-exporter-otlp-proto-grpc
  dependency-version: 1.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: opentelemetry-exporter-otlp-proto-http
  dependency-version: 1.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: opentelemetry-instrumentation
  dependency-version: 0.62b0
  dependency-type: direct:production
  dependency-group: dependencies
- dependency-name: opentelemetry-instrumentation-dbapi
  dependency-version: 0.62b0
  dependency-type: direct:production
  dependency-group: dependencies
- dependency-name: opentelemetry-proto
  dependency-version: 1.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: opentelemetry-semantic-conventions
  dependency-version: 0.62b0
  dependency-type: direct:production
  dependency-group: dependencies
- dependency-name: opentelemetry-util-http
  dependency-version: 0.62b0
  dependency-type: direct:production
  dependency-group: dependencies
- dependency-name: platformdirs
  dependency-version: 4.9.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: protobuf
  dependency-version: 7.34.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: python-fsutil
  dependency-version: 0.16.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: rapidfuzz
  dependency-version: 3.14.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: wrapt
  dependency-version: 2.1.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: click
  dependency-version: 8.3.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: python-discovery
  dependency-version: 1.2.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: types-psycopg2
  dependency-version: 2.9.21.20260408
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: types-pyyaml
  dependency-version: 6.0.12.20260408
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: virtualenv
  dependency-version: 21.2.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* reduce diff

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-20 09:17:00 +10:00
dependabot[bot] e6802beb07
chore(deps): bump pypdf from 6.10.0 to 6.10.2 in /src/backend (#11759)
* chore(deps): bump pypdf from 6.10.0 to 6.10.2 in /src/backend

Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.10.0 to 6.10.2.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.10.0...6.10.2)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.10.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-20 09:16:30 +10:00
dependabot[bot] 9324f7c9bb
chore(deps): bump dompurify from 3.3.3 to 3.4.0 in /src/frontend (#11756)
Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.3.3 to 3.4.0.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](https://github.com/cure53/DOMPurify/compare/3.3.3...3.4.0)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-version: 3.4.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-18 10:57:46 +10:00
dependabot[bot] 068f05e58a
chore(deps-dev): bump pytest from 9.0.2 to 9.0.3 in /src/backend (#11743)
* chore(deps-dev): bump pytest from 9.0.2 to 9.0.3 in /src/backend

Bumps [pytest](https://github.com/pytest-dev/pytest) from 9.0.2 to 9.0.3.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/9.0.2...9.0.3)

---
updated-dependencies:
- dependency-name: pytest
  dependency-version: 9.0.3
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-15 09:11:30 +10:00
Oliver cead09bcd8
Fix for SVG sanitizing (#11742)
- Clear our non-breaking-space characters
- These can break SVG rendering in the browser
- Ref: https://github.com/inventree/InvenTree/pull/11655
2026-04-14 12:48:15 +10:00
github-actions[bot] a3584bd452
New Crowdin translations by GitHub Action (#11730)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-04-14 10:56:46 +10:00
Oliver 1e968a533d
Bump UI to 0.11.2 (#11738)
- Expose additional type hints
2026-04-13 22:26:33 +10:00
Oliver 23f43ffd33
[plugin] Render tables (#11733)
* Move useFilterSet state to the @lib

* Refactor useTable hook into @lib

* Refactor string helper functions

* Refactor constructFormUrl func

* Refactor Boundary component

* Refactor StoredTableState

* More refactoring

* Refactor CopyButton and CopyableCell

* Pass table render func to plugins

* Provide internal wrapper function, while allowing the "api" and "navigate" functions to be provided by the caller

* Adds <InvenTreeTable /> component which is exposed to plugins

* Update frontend versioning

* Update docs

* Handle condition where UI does not provide table rendering function

* Move queryFilters out of custom state

* Fix exported type

* Extract searchParams

- Cannot be used outside of router component
- Only provide when the table is generated internally

* Bump UI version

* Fix for right-click context menu

- Function needs to be defined with the context menu provider
2026-04-13 20:36:29 +10:00
Matthias Mair 27ce60dea3
!refactor(backend): remove API quirks (#11723)
* move action to post endpoint

* use default return code

* remove custom permissions on notifications endpoint

* add api bump

* update link

* fix assertation

* fix test to use post - this was refactored
2026-04-13 10:31:08 +10:00
Dään fc06aa354a
Add redis database index support (#11732) 2026-04-13 09:19:34 +10:00
Oliver 40b67f5f12
[API] Filter refactor (#11073)
* Lazy evaluation of optional serializer fields

- Add OptionalField dataclass
- Pass serializer class and kwargs separately

* Refactor BuildLineSerializer class

* Simplify gathering

* Refactor BuildSerializer

* Refactor other Build serializers

* Refactor Part serializers

* Refactoring more serializers to use OptionalField

* More refactoring

* Cleanup for mixin class

* Ensure any optional fields we added in are not missed

* Fixes

* Rehydrate optional fields for metadata

* Add TreePathSerializer class

* Further improvements:

- Handle case where optional field shadows model property
- Consider read_only and write_only fields

* Adjust unit tests

* Fix for "build_relational_field"

- Handle case where optional field shadows model relation

* Fix case where multiple fields can share same filter

* additional unit tests

* Bump API version

* Remove top-level detection

- Request object is only available for the top-level serializer anyway

* Cache serializer to prevent multiple __init__ calls

* Revert caching change

- Breaks search results

* Simplify field removal

* Adjust unit test

* Remove docstring comment which is no longer true

* Ensure read-only fields are skipped for data import

* Use SAFE_METHODS

* Do not convert to lowercase

* Updated docstring

* Remove FilterableSerializerField mixin

- Annotation now performed using OptionalField
- Code can be greatly simplified

* Ensure all fields are returned when generating schema

* Fix order of operations

* Add assertion to unit test

* fix style

* Fix api_version

* Remove duplicate API entries

* Remove duplicate API entries

* Fix formatting in api_version.py

* Tweak ManufacturerPart serializer

* Revert formatting change

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-12 10:50:29 +10:00
github-actions[bot] 5aaf1cfcab
New Crowdin translations by GitHub Action (#11695)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-04-11 21:31:37 +10:00
Oliver 1411673b21
Bump version to 1.4.0 dev (#11725) 2026-04-11 20:20:57 +10:00
Matthias Mair 366d4c398c
refactor(backend): move various endpoints to modelviewsets (#11617)
* move to router based path building

* fix url names

* fix import

* fix test helper

* fix test

* more test fixes

* fix api response

* remove url patch

* bump api version

* reduce diff

* Fix version tag

* fix schema generation errors

* adjust texts

* fix tests

* add test for notification behavior / readakk

* add todo for wrong endpoint

* rename

* adjust docstring

* fix outstanding permission todo - this pattern should be changed in the API
2026-04-11 17:37:16 +10:00
Oliver fffc55c764
Catch keyboard interrupts (#11720) 2026-04-11 13:46:55 +10:00
Oliver 3bd304bb4d
Cache schema checks (#11721)
- The isGeneratingSchema command is potentially expensive
- Cache the result (per thread)
2026-04-11 13:46:40 +10:00
Oliver 4581799d0b
Linkify search results (#11719)
* Linkify search results

- Closes https://github.com/inventree/InvenTree/issues/11717

* Divide search results
2026-04-11 13:23:05 +10:00
Oliver 62588a62a3
Additional report tags (#11718)
* Add some more convenience functions for report helpers

* Add "reverse" tag

* Add unit tests

* Add lstrip and rstrip

* Fix unit tests
2026-04-11 12:03:58 +10:00
Oliver a05d01b759
[UI] Fix superuser banner (#11716)
- Allow it to be dismissed again
2026-04-11 10:48:39 +10:00
dependabot[bot] fcdba5d76a
chore(deps): bump axios from 1.13.6 to 1.15.0 in /src/frontend (#11708)
Bumps [axios](https://github.com/axios/axios) from 1.13.6 to 1.15.0.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.13.6...v1.15.0)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.15.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-11 09:51:23 +10:00
dependabot[bot] 84f3fcf32e
chore(deps): bump pypdf from 6.9.2 to 6.10.0 in /src/backend (#11715)
* chore(deps): bump pypdf from 6.9.2 to 6.10.0 in /src/backend

Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.9.2 to 6.10.0.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.9.2...6.10.0)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.10.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-11 09:50:33 +10:00
dependabot[bot] 8e1e5b73ff
chore(deps): bump the dependencies group across 3 directories with 19 updates (#11714)
* chore(deps): bump the dependencies group across 3 directories with 19 updates

Bumps the dependencies group with 1 update in the /contrib/dev_reqs directory: [requests](https://github.com/psf/requests).
Bumps the dependencies group with 2 updates in the /docs directory: [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin) and [mkdocs-redirects](https://github.com/ProperDocs/properdocs-redirects).
Bumps the dependencies group with 17 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [requests](https://github.com/psf/requests) | `2.33.0` | `2.33.1` |
| [bleach](https://github.com/mozilla/bleach) | `4.1.0` | `6.3.0` |
| [blessed](https://github.com/jquast/blessed) | `1.34.0` | `1.38.0` |
| [boto3](https://github.com/boto/boto3) | `1.42.77` | `1.42.82` |
| [botocore](https://github.com/boto/botocore) | `1.42.77` | `1.42.82` |
| [charset-normalizer](https://github.com/jawah/charset_normalizer) | `3.4.6` | `3.4.7` |
| [googleapis-common-protos](https://github.com/googleapis/google-cloud-python) | `1.73.1` | `1.74.0` |
| [grpcio](https://github.com/grpc/grpc) | `1.78.0` | `1.80.0` |
| [importlib-metadata](https://github.com/python/importlib_metadata) | `8.7.1` | `9.0.0` |
| [pillow](https://github.com/python-pillow/Pillow) | `12.1.1` | `12.2.0` |
| [pip-licenses](https://github.com/raimon49/pip-licenses) | `5.5.1` | `5.5.5` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `6.33.6` | `7.34.1` |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | `2.56.0` | `2.57.0` |
| [tzdata](https://github.com/python/tzdata) | `2025.3` | `2026.1` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.3` | `2.1.2` |
| [django-stubs](https://github.com/typeddjango/django-stubs) | `6.0.1` | `6.0.2` |
| [django-stubs-ext](https://github.com/typeddjango/django-stubs) | `6.0.1` | `6.0.2` |



Updates `requests` from 2.33.0 to 2.33.1
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.33.0...v2.33.1)

Updates `mkdocs-include-markdown-plugin` from 7.2.1 to 7.2.2
- [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases)
- [Commits](https://github.com/mondeja/mkdocs-include-markdown-plugin/compare/v7.2.1...v7.2.2)

Updates `mkdocs-redirects` from 1.2.2 to 1.2.3
- [Release notes](https://github.com/ProperDocs/properdocs-redirects/releases)
- [Commits](https://github.com/ProperDocs/properdocs-redirects/compare/v1.2.2...v1.2.3)

Updates `requests` from 2.33.0 to 2.33.1
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.33.0...v2.33.1)

Updates `bleach` from 4.1.0 to 6.3.0
- [Changelog](https://github.com/mozilla/bleach/blob/main/CHANGES)
- [Commits](https://github.com/mozilla/bleach/compare/v4.1.0...v6.3.0)

Updates `blessed` from 1.34.0 to 1.38.0
- [Release notes](https://github.com/jquast/blessed/releases)
- [Changelog](https://github.com/jquast/blessed/blob/master/docs/history.rst)
- [Commits](https://github.com/jquast/blessed/compare/1.34...1.38)

Updates `boto3` from 1.42.77 to 1.42.82
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](https://github.com/boto/boto3/compare/1.42.77...1.42.82)

Updates `botocore` from 1.42.77 to 1.42.82
- [Commits](https://github.com/boto/botocore/compare/1.42.77...1.42.82)

Updates `charset-normalizer` from 3.4.6 to 3.4.7
- [Release notes](https://github.com/jawah/charset_normalizer/releases)
- [Changelog](https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jawah/charset_normalizer/compare/3.4.6...3.4.7)

Updates `googleapis-common-protos` from 1.73.1 to 1.74.0
- [Release notes](https://github.com/googleapis/google-cloud-python/releases)
- [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/packages/google-cloud-documentai/CHANGELOG.md)
- [Commits](https://github.com/googleapis/google-cloud-python/compare/googleapis-common-protos-v1.73.1...googleapis-common-protos-v1.74.0)

Updates `grpcio` from 1.78.0 to 1.80.0
- [Release notes](https://github.com/grpc/grpc/releases)
- [Commits](https://github.com/grpc/grpc/compare/v1.78.0...v1.80.0)

Updates `importlib-metadata` from 8.7.1 to 9.0.0
- [Release notes](https://github.com/python/importlib_metadata/releases)
- [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst)
- [Commits](https://github.com/python/importlib_metadata/compare/v8.7.1...v9.0.0)

Updates `pillow` from 12.1.1 to 12.2.0
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/12.1.1...12.2.0)

Updates `pip-licenses` from 5.5.1 to 5.5.5
- [Release notes](https://github.com/raimon49/pip-licenses/releases)
- [Changelog](https://github.com/raimon49/pip-licenses/blob/master/CHANGELOG.md)
- [Commits](https://github.com/raimon49/pip-licenses/compare/v-5.5.1...v-5.5.5)

Updates `protobuf` from 6.33.6 to 7.34.1
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

Updates `sentry-sdk` from 2.56.0 to 2.57.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.56.0...2.57.0)

Updates `tzdata` from 2025.3 to 2026.1
- [Release notes](https://github.com/python/tzdata/releases)
- [Changelog](https://github.com/python/tzdata/blob/master/NEWS.md)
- [Commits](https://github.com/python/tzdata/compare/2025.3...2026.1)

Updates `wrapt` from 1.17.3 to 2.1.2
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](https://github.com/GrahamDumpleton/wrapt/compare/1.17.3...2.1.2)

Updates `django-stubs` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/typeddjango/django-stubs/releases)
- [Commits](https://github.com/typeddjango/django-stubs/compare/6.0.1...6.0.2)

Updates `django-stubs-ext` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/typeddjango/django-stubs/releases)
- [Commits](https://github.com/typeddjango/django-stubs/compare/6.0.1...6.0.2)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.33.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-include-markdown-plugin
  dependency-version: 7.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-redirects
  dependency-version: 1.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: requests
  dependency-version: 2.33.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: bleach
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: blessed
  dependency-version: 1.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: boto3
  dependency-version: 1.42.82
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: botocore
  dependency-version: 1.42.82
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: charset-normalizer
  dependency-version: 3.4.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: googleapis-common-protos
  dependency-version: 1.74.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: grpcio
  dependency-version: 1.80.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: importlib-metadata
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: pillow
  dependency-version: 12.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: pip-licenses
  dependency-version: 5.5.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: protobuf
  dependency-version: 7.34.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.57.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: tzdata
  dependency-version: '2026.1'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: wrapt
  dependency-version: 2.1.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: django-stubs
  dependency-version: 6.0.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-stubs-ext
  dependency-version: 6.0.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-11 09:49:53 +10:00
Oliver e6e775c1c0
Tweak admin for SelectionList model (#11712) 2026-04-10 14:33:22 +10:00
gunstr 16310617be
Worker debugging (#11677)
* Add debugging info for background workers to the devcontainer docs

* Add debugging info the the EventMixin docs

* Add an option to set sync=True to launch.json
2026-04-10 11:38:35 +10:00
Oliver 01bb113396
[UI] Adjust "superuser warning" banner (#11696)
* Fix typo

- evelevated -> elevated

* Add playwright test

* Add new control settings
2026-04-10 11:37:37 +10:00
Oliver 9965ebcfa1
Selection lists updates (#11705)
* Add search capability to selection list entry endpoint

* Use API lookup for selection entries

* Add renderer func

* Allow API filtering

* Fetch selectionentry data related to the selected data item

* remove now unneeded entry

* add missing modelinfo

* fix ref

* add api bump

* Provide optional single fetch function to API forms

- Useful if we need to perform a custom API call for initial data

* django-admin support for SelectionList

* Docstring improvements

* Apply 'active' filter

* Tweak api version entry

* Playwright tests

* Tweak docs wording

* Fix incorrect docstring

* Adjust playwright tests

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-10 09:22:12 +10:00
Oliver 6701f4085d
Improvements for data import (#11710)
- Do not double migrate if no plugin data imported
- Prevent settings write on a settings read
2026-04-10 09:21:57 +10:00
Oliver 1aa1296be8
Additional shipment helpers for order models (#11711) 2026-04-10 09:21:43 +10:00
Oliver 4b3b03ed4b
Invoke verbosity (#11706)
* Reduce verbosity of invoke tasks

- Suppress some django messages which are not useful to most users
- Verbosity can be added with --verbose flag

* Further improvements

* Better messaging

* Extra options

* No!
2026-04-10 07:58:53 +10:00
dependabot[bot] 8d24abcb2a
chore(deps): bump cryptography from 46.0.6 to 46.0.7 in /src/backend (#11701)
* chore(deps): bump cryptography from 46.0.6 to 46.0.7 in /src/backend

Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.6 to 46.0.7.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/46.0.6...46.0.7)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.7
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* bump the rest

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-10 07:20:24 +10:00
Oliver 9ce5f27375
Template Updates (#11702)
* Display filename pattern in template tables

* Add user update tracking to template models

* Update API / serializers

* Capture user information via API

* Display update information in tables

* Bump API version and CHANGELOG.md

* Prevent double increment of revision

* Fix
2026-04-09 16:10:23 +10:00
dependabot[bot] 2466059e4e
chore(deps-dev): bump vite from 7.1.11 to 7.3.2 in /src/frontend (#11679)
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.1.11 to 7.3.2.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.3.2/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 7.3.2
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-09 08:34:55 +10:00
Matthias Mair ff2c3c7592
bump backend pkg (#11699)
* bump django

* bump jwcrypto
2026-04-09 08:34:30 +10:00
Oliver cc77d1d5e6
[UI] Pass custom fields through to the importer session (#11688)
* [UI] Pass custom fields through to the importer session

* Support custom model rendering within the data import wizard

* Update CHANGELOG.md

* Update UI version
2026-04-08 23:50:16 +10:00
Oliver b9a66da833
Fix storage helpers (#11697)
* Fix storage helpers

- Remove os.path reliance
- Move to standard django accessors

* Refactor rebuild_thumbnails
2026-04-08 22:54:42 +10:00
github-actions[bot] 91bf7619dc
New Crowdin translations by GitHub Action (#11675)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-04-08 21:46:56 +10:00
Oliver 343f0975b6
Export fix (#11693)
* Fix for ManufacturerPartList

- Support data export via API

* Add playwright tests

* Bump API version
2026-04-08 19:16:31 +10:00
Oliver 360beeaf52
Table icon fix (#11694) 2026-04-08 19:16:10 +10:00
dependabot[bot] fea08653c0
chore(deps): bump the dependencies group across 1 directory with 9 updates (#11671)
* chore(deps): bump the dependencies group across 1 directory with 9 updates

Bumps the dependencies group with 9 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [gunicorn](https://github.com/benoitc/gunicorn) | `25.2.0` | `25.3.0` |
| [bleach](https://github.com/mozilla/bleach) | `4.1.0` | `6.3.0` |
| [boto3](https://github.com/boto/boto3) | `1.42.76` | `1.42.77` |
| [botocore](https://github.com/boto/botocore) | `1.42.76` | `1.42.77` |
| [googleapis-common-protos](https://github.com/googleapis/google-cloud-python) | `1.73.0` | `1.73.1` |
| [importlib-metadata](https://github.com/python/importlib_metadata) | `8.7.1` | `9.0.0` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `6.33.6` | `7.34.1` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.3` | `2.1.2` |
| [python-discovery](https://github.com/tox-dev/python-discovery) | `1.2.0` | `1.2.1` |



Updates `gunicorn` from 25.2.0 to 25.3.0
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](https://github.com/benoitc/gunicorn/compare/25.2.0...25.3.0)

Updates `bleach` from 4.1.0 to 6.3.0
- [Changelog](https://github.com/mozilla/bleach/blob/main/CHANGES)
- [Commits](https://github.com/mozilla/bleach/compare/v4.1.0...v6.3.0)

Updates `boto3` from 1.42.76 to 1.42.77
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](https://github.com/boto/boto3/compare/1.42.76...1.42.77)

Updates `botocore` from 1.42.76 to 1.42.77
- [Commits](https://github.com/boto/botocore/compare/1.42.76...1.42.77)

Updates `googleapis-common-protos` from 1.73.0 to 1.73.1
- [Release notes](https://github.com/googleapis/google-cloud-python/releases)
- [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/packages/google-cloud-documentai/CHANGELOG.md)
- [Commits](https://github.com/googleapis/google-cloud-python/compare/googleapis-common-protos-v1.73.0...googleapis-common-protos-v1.73.1)

Updates `importlib-metadata` from 8.7.1 to 9.0.0
- [Release notes](https://github.com/python/importlib_metadata/releases)
- [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst)
- [Commits](https://github.com/python/importlib_metadata/compare/v8.7.1...v9.0.0)

Updates `protobuf` from 6.33.6 to 7.34.1
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

Updates `wrapt` from 1.17.3 to 2.1.2
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](https://github.com/GrahamDumpleton/wrapt/compare/1.17.3...2.1.2)

Updates `python-discovery` from 1.2.0 to 1.2.1
- [Release notes](https://github.com/tox-dev/python-discovery/releases)
- [Commits](https://github.com/tox-dev/python-discovery/compare/1.2.0...1.2.1)

---
updated-dependencies:
- dependency-name: gunicorn
  dependency-version: 25.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: bleach
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: boto3
  dependency-version: 1.42.77
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: botocore
  dependency-version: 1.42.77
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: googleapis-common-protos
  dependency-version: 1.73.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: importlib-metadata
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: protobuf
  dependency-version: 7.34.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: wrapt
  dependency-version: 2.1.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: python-discovery
  dependency-version: 1.2.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-04-08 17:28:59 +10:00
Oliver 71373e3c19
Order line number (#11692)
* Add "line number" field for external orders

* Updated serializers

* Add columns to UI tables

* Update form fields

* Adds API ordering

* Bump API version

* Update CHANGELOG.md
2026-04-08 15:36:08 +10:00
Oliver 4d2ed8fcba
Update parameter report helper (#11690)
* Update parameter report helper

- Fallback to case insensitive lookup

* Add default value in case parameter is not found

* Add new report helper func
2026-04-08 14:14:44 +10:00
Oliver 2753a437cc
Fix spelling error in api_version.py (#11689) 2026-04-08 09:24:42 +10:00
Oliver 76b5cfcca2
Merge commit from fork
* Ensure the MeUserSerializer correctly marks fields as read-only

* Bump API version

* Add unit tests for the "me" endpoint

* Additional unit tests

* Add OPTIONS test
2026-04-08 08:19:39 +10:00
Nozomu Sasaki (Paul) 427a323914
Merge commit from fork
* fix(security): use SandboxedEnvironment for PART_NAME_FORMAT rendering

- Switch jinja2.Environment to jinja2.sandbox.SandboxedEnvironment in
  part/helpers.py to prevent SSTI via template tags in PART_NAME_FORMAT.
- Set pk=1 on the dummy Part instance in the validator to ensure
  conditional expressions like {% if part.pk %} are properly evaluated
  during validation, closing the sandbox bypass vector.

Fixes GHSA-84jh-x777-8pqq

* Style fixes

---------

Co-authored-by: Paul <morimori-dev@github.com>
Co-authored-by: Oliver Walters <oliver.henry.walters@gmail.com>
2026-04-08 08:17:36 +10:00
Oliver b8ec300fbf
Merge commit from fork
* Add note to plugin docs.

* Adjust logic for PluginListTable

* Add superuser scope to PluginInstall API endpoint

* Update unit test for API endpoint

* Explicitly set PLUGINS_INSTALL_DISABLED if PLUGINS_ENABLED = False

* Check for superuser permission in installer.py

* Additional user checks

* Sanitize package name to protect against OS command injection
2026-04-08 08:16:07 +10:00
Matthias Mair 9c0cb34106
Merge commit from fork
* fix behaviour

* style fixes

---------

Co-authored-by: Oliver Walters <oliver.henry.walters@gmail.com>
2026-04-08 08:13:39 +10:00
Oliver 68031d504f
Merge commit from fork
* Fix SSRF in remote image download

Add IP address validation to prevent Server-Side Request Forgery
when downloading images from remote URLs. The resolved IP is now
checked against private, loopback, link-local, and reserved ranges
before connecting.

Redirects are followed manually (up to 5 hops) with SSRF validation
at each step, preventing redirect-based bypass of URL format checks.

* Style fix

---------

Co-authored-by: tikket1 <chrisveres1@gmail.com>
2026-04-08 08:11:18 +10:00
Oliver 437dddc75f
[UI] Import context (#11685)
* Refactor ImporterDrawer

- Use a single, globally accessible object
- Provide global state management

* Expose global importer state to the plugin interface

* Improve registration of data import serializers

* Update frontend version / docs

* Bump API version
2026-04-08 06:01:00 +10:00
Matthias Mair e91f306245
feat(frontend): improve comms around danger of staff users (#11659)
* docs: add more details around staff / superuser roles and their dangers

* make clear that staff users are dangerous

* make distinction clearer in API

* add error code and frontend warning about running with staff / admin user

* fix test

* bump api

* adapt banner warning

* make banner locally disableable

* add global option to disable elevated user alert
2026-04-05 22:51:46 +10:00
github-actions[bot] d358001827
New Crowdin translations by GitHub Action (#11662)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-04-05 12:08:50 +10:00
Oliver a721a0fe35
Add documentation on background worker configuration options (#11673) 2026-04-04 12:41:55 +11:00
Oliver 3a1e860789
Storage fixes (#11672)
* Use storage class rather than manually constructing URL

* Fix for report helpers
2026-04-04 11:49:21 +11:00
Oliver bb3293ef31
Updates to part revision support (#11670)
* Update revision validation

* Refactor UI display

* Fix for usePartFields

* Rearrange part settings

* Better visuals

* Update docs

* use 'full_name' field

* Update playwright tests

* Adjust unit test

* Fix playwright tests
2026-04-04 00:10:25 +11:00
dependabot[bot] 884b0aa966
chore(deps): bump the dependencies group across 1 directory with 20 updates (#11661)
* chore(deps): bump the dependencies group across 1 directory with 20 updates

Bumps the dependencies group with 20 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [bleach](https://github.com/mozilla/bleach) | `4.1.0` | `6.3.0` |
| [blessed](https://github.com/jquast/blessed) | `1.33.0` | `1.34.0` |
| [boto3](https://github.com/boto/boto3) | `1.42.72` | `1.42.76` |
| [botocore](https://github.com/boto/botocore) | `1.42.72` | `1.42.76` |
| [djangorestframework](https://github.com/encode/django-rest-framework) | `3.17.0` | `3.17.1` |
| [gunicorn](https://github.com/benoitc/gunicorn) | `25.1.0` | `25.2.0` |
| [importlib-metadata](https://github.com/python/importlib_metadata) | `8.7.1` | `9.0.0` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `6.33.6` | `7.34.1` |
| [redis](https://github.com/redis/redis-py) | `7.3.0` | `7.4.0` |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | `2.55.0` | `2.56.0` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.3` | `2.1.2` |
| [build](https://github.com/pypa/build) | `1.4.0` | `1.4.2` |
| [coverage](https://github.com/coveragepy/coveragepy) | `7.13.4` | `7.13.5` |
| [django-silk](https://github.com/jazzband/django-silk) | `5.4.3` | `5.5.0` |
| [django-stubs](https://github.com/typeddjango/django-stubs) | `5.2.9` | `6.0.1` |
| [django-stubs-ext](https://github.com/typeddjango/django-stubs) | `5.2.9` | `6.0.1` |
| [filelock](https://github.com/tox-dev/py-filelock) | `3.25.0` | `3.25.2` |
| [identify](https://github.com/pre-commit/identify) | `2.6.17` | `2.6.18` |
| [python-discovery](https://github.com/tox-dev/python-discovery) | `1.1.0` | `1.2.0` |
| [virtualenv](https://github.com/pypa/virtualenv) | `21.1.0` | `21.2.0` |



Updates `bleach` from 4.1.0 to 6.3.0
- [Changelog](https://github.com/mozilla/bleach/blob/main/CHANGES)
- [Commits](https://github.com/mozilla/bleach/compare/v4.1.0...v6.3.0)

Updates `blessed` from 1.33.0 to 1.34.0
- [Release notes](https://github.com/jquast/blessed/releases)
- [Changelog](https://github.com/jquast/blessed/blob/master/docs/history.rst)
- [Commits](https://github.com/jquast/blessed/compare/1.33...1.34)

Updates `boto3` from 1.42.72 to 1.42.76
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](https://github.com/boto/boto3/compare/1.42.72...1.42.76)

Updates `botocore` from 1.42.72 to 1.42.76
- [Commits](https://github.com/boto/botocore/compare/1.42.72...1.42.76)

Updates `djangorestframework` from 3.17.0 to 3.17.1
- [Release notes](https://github.com/encode/django-rest-framework/releases)
- [Commits](https://github.com/encode/django-rest-framework/compare/3.17.0...3.17.1)

Updates `gunicorn` from 25.1.0 to 25.2.0
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](https://github.com/benoitc/gunicorn/compare/25.1.0...25.2.0)

Updates `importlib-metadata` from 8.7.1 to 9.0.0
- [Release notes](https://github.com/python/importlib_metadata/releases)
- [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst)
- [Commits](https://github.com/python/importlib_metadata/compare/v8.7.1...v9.0.0)

Updates `protobuf` from 6.33.6 to 7.34.1
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

Updates `redis` from 7.3.0 to 7.4.0
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/v7.3.0...v7.4.0)

Updates `sentry-sdk` from 2.55.0 to 2.56.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.55.0...2.56.0)

Updates `wrapt` from 1.17.3 to 2.1.2
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](https://github.com/GrahamDumpleton/wrapt/compare/1.17.3...2.1.2)

Updates `build` from 1.4.0 to 1.4.2
- [Release notes](https://github.com/pypa/build/releases)
- [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pypa/build/compare/1.4.0...1.4.2)

Updates `coverage` from 7.13.4 to 7.13.5
- [Release notes](https://github.com/coveragepy/coveragepy/releases)
- [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst)
- [Commits](https://github.com/coveragepy/coveragepy/compare/7.13.4...7.13.5)

Updates `django-silk` from 5.4.3 to 5.5.0
- [Release notes](https://github.com/jazzband/django-silk/releases)
- [Changelog](https://github.com/jazzband/django-silk/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jazzband/django-silk/compare/5.4.3...5.5.0)

Updates `django-stubs` from 5.2.9 to 6.0.1
- [Release notes](https://github.com/typeddjango/django-stubs/releases)
- [Commits](https://github.com/typeddjango/django-stubs/compare/5.2.9...6.0.1)

Updates `django-stubs-ext` from 5.2.9 to 6.0.1
- [Release notes](https://github.com/typeddjango/django-stubs/releases)
- [Commits](https://github.com/typeddjango/django-stubs/compare/5.2.9...6.0.1)

Updates `filelock` from 3.25.0 to 3.25.2
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/py-filelock/compare/3.25.0...3.25.2)

Updates `identify` from 2.6.17 to 2.6.18
- [Commits](https://github.com/pre-commit/identify/compare/v2.6.17...v2.6.18)

Updates `python-discovery` from 1.1.0 to 1.2.0
- [Release notes](https://github.com/tox-dev/python-discovery/releases)
- [Commits](https://github.com/tox-dev/python-discovery/compare/1.1.0...1.2.0)

Updates `virtualenv` from 21.1.0 to 21.2.0
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](https://github.com/pypa/virtualenv/compare/21.1.0...21.2.0)

---
updated-dependencies:
- dependency-name: bleach
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: blessed
  dependency-version: 1.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: boto3
  dependency-version: 1.42.76
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: botocore
  dependency-version: 1.42.76
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: djangorestframework
  dependency-version: 3.17.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: gunicorn
  dependency-version: 25.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: importlib-metadata
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: protobuf
  dependency-version: 7.34.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: redis
  dependency-version: 7.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.56.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: wrapt
  dependency-version: 2.1.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: build
  dependency-version: 1.4.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: coverage
  dependency-version: 7.13.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-silk
  dependency-version: 5.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: django-stubs
  dependency-version: 6.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: django-stubs-ext
  dependency-version: 6.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: filelock
  dependency-version: 3.25.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: identify
  dependency-version: 2.6.18
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: python-discovery
  dependency-version: 1.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: virtualenv
  dependency-version: 21.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* more fixes

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-03 14:16:39 +11:00
dependabot[bot] 2eb675ae9e
chore(deps): bump pygments from 2.19.2 to 2.20.0 in /docs (#11637)
* chore(deps): bump pygments from 2.19.2 to 2.20.0 in /docs

Bumps [pygments](https://github.com/pygments/pygments) from 2.19.2 to 2.20.0.
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](https://github.com/pygments/pygments/compare/2.19.2...2.20.0)

---
updated-dependencies:
- dependency-name: pygments
  dependency-version: 2.20.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* bump rest of deps

* fix pygments

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-03 14:16:25 +11:00
Matthias Mair 45de695d4f
feat(backend): add request id (#11666)
helpful for https://github.com/inventree/InvenTree/issues/9996
2026-04-03 14:07:27 +11:00
Oliver 5c55f4f4c0
Migrate plugin tables (#11648)
* Prevent creation of PluginConfig during migrations

* Refactor data import process

- Split into multiple separate steps

* Load plugins during data load / dump

- Required, otherwise we cannot dump the data

* Refactor export_records

- Use temporary file
- Cleanup docstring

* Force apps check on second validation step

* Improve import sequencing

* Update CI script

* Update migration docs

* CI pipeline for running import/export test

* Fix workflow naming

* Fix env vars

* Add placeholder script

* Fix matrix env vars

* Fix missing env var

* Install required packages

* Fix typo

* Tweak tasks.py

* Install dummy plugin as part of the

* Updated CI workflow

* Validate exported data

* Additional CI process

* Log mandatory plugins to INFO

* Force global setting

* Refactor CI pipeline

* Tweak file test

* Workflow updates

* Enable auto-update

* Test if import/export test should run

* Trigger if tasks.py changes
2026-04-02 21:26:34 +11:00
github-actions[bot] 9aa2308f52
New Crowdin translations by GitHub Action (#11623)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-04-02 16:56:15 +11:00
Matthias Mair 5d1cbf4e9a
refactor(backend): replace bleach with nh3 and bump weasy (#11655)
* Replace bleach with nh3 for HTML sanitization

Agent-Logs-Url: https://github.com/matmair/InvenTree/sessions/913a447a-5efa-4fa3-b8b1-6af5feaa24f0

Co-authored-by: matmair <66015116+matmair@users.noreply.github.com>

* reduce diff

* bump weasy

* fix name

* remove old textual refs

* move defaults

* add some comments

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
2026-04-02 15:35:15 +11:00
Matthias Mair 07a0bd2e24
remove duplicate requirements (#11654) 2026-04-02 10:46:41 +11:00
Oliver c8bcb924ca
Reduce load on background worker (#11651)
* Do not save setting with identical value

* Prevent task duplication

* Logic fixes

* Add unit test for task de-duplication

* Updated unit test
2026-04-01 17:42:48 +11:00
Oliver c89b0b7131
Memoize parameters for useInstance (#11652) 2026-04-01 17:06:38 +11:00
Oliver 080edc870f
Better ordering for plugin settings (#11646)
* Better ordering for plugin settings

- Followup to https://github.com/inventree/InvenTree/pull/11643
- Use order as provided by plugin

* Bug fix
2026-04-01 16:18:55 +11:00
Oliver 6243aec9b7
Shipment parameters (#11641)
* Add 'parameter' support for SalesOrderShipment model

* Add "parameters" tab for shipment view

* Playwright test

* Update CHANGELOG

* Update API version

* Install gettext

* Try yaml format

* Revert "Try yaml format"

This reverts commit 394a5551c8.

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-04-01 10:31:49 +11:00
Matthias Mair 1f01229d30
fix(backend): API description ordering more deterministic (#11649)
* fix(backend): API description ordering more deterministic

* bump API

* Update API version history in api_version.py
2026-04-01 08:54:44 +11:00
Oliver 5f3e9a0652
Enforce deterministic ordering for plugin settings (#11643)
* Enforce deterministic ordering for plugin settings

* Fix typo
2026-03-31 20:45:25 +11:00
Oliver 092c43b49a
Update "date" field for StockItemTestResult (#11586)
* Update "date" field for StockItemTestResult

- Allow editing of date (via admin)

* Mark 'date' and 'user' as read-only unless importing

* Revert API field name

* Fix default value

* Fix migration

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-03-31 07:13:12 +11:00
Oliver 4c0a3c5545
Add copy function to more columns (#11635) 2026-03-31 00:22:28 +11:00
Oliver 77744aeeac
Enhancements for recort import/export (#11630)
* Add management command to list installed apps

* Add metadata to exported data file

* Validate metadata for imported file

* Update CHANGELOG.md

* Update docs

* Use internal codes

* Refactor and add more metadata

* Adjust github action workflow

* Run with --force option to setup demo dataset
2026-03-31 00:18:48 +11:00
Oliver 67d6026637
Remove duplicate entries in the API version list (#11629) 2026-03-30 19:58:57 +11:00
Oliver dab4319033
Receive virtual parts (#11627)
* Handle receive of virtual parts

- Update line item quantity
- Do not add any stock

* Add unit test

* Additional unit test

* UI form improvements

* Add playwright test

* Updated playwright tests
2026-03-30 19:10:56 +11:00
dependabot[bot] b4f230753f
chore(deps): bump cryptography from 46.0.5 to 46.0.6 in /src/backend (#11619)
* chore(deps): bump cryptography from 46.0.5 to 46.0.6 in /src/backend

Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.5 to 46.0.6.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/46.0.5...46.0.6)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.6
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-03-30 09:24:07 +11:00
Oliver 2c7b2d27f9
Badge fix (#11624)
* Fix "in production" badge

- Use the total scheduled build quantity

* Add "Allocated" badge

* Tweak playwright tests
2026-03-30 08:38:53 +11:00
Oliver 79aa824c14
Keep allocation forms open (#11621)
- Following https://github.com/inventree/InvenTree/pull/11074
- Option to keep allocation forms open
2026-03-29 17:49:46 +11:00
github-actions[bot] b4ab985e1e
New Crowdin translations by GitHub Action (#11593)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-03-29 17:49:33 +11:00
Oliver 571b46c9ff
Fix order of hooks for stabilizing table columns (#11482)
* Fix order of hooks for stabilizing table columns

Ref: https://github.com/icflorescu/mantine-datatable/issues/759

* Reset column ordering and widths when the component is mounted

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-03-29 15:21:53 +11:00
Jan Krajdl 9cd0b520c2
Added keep open boolean field to Stock Location modal form (#11074)
* Added keep open boolean field to Stock Location modal form

* Rewrite keep form open field feature to avoid calling methods in form field definitions

* Rewrite keep form open feature as common form property

* Removed unused artefact from previous implementation

* keepOpenOption removed as default option for all create forms. Instead it's enabled on selected forms.

* keepOpenOption field speed improvement

- using useRef instead of useState
- keepOpenSwitch moved to own component

* Added keep form open feature to changelog

* Updated documentation: keep form open feature added to concepts/user_interface docs

* Added test case for "keep form open" feature

* Changed switch selector in keep form open feature test

---------

Co-authored-by: spm <jan.krajdl@cecolo.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-03-29 15:09:47 +11:00
Matthias Mair e3c9a35bae
feat(backend): add inventree version to every response (#11611)
* feat(backend): add inventree version to every response

* add more info
2026-03-29 14:27:05 +11:00
HuaYangTian 7614973a04
fix(frontend): complete zh-Hans UI localization (#11612)
* fix(frontend): complete zh-Hans localization

* fix(frontend): address i18n review feedback
2026-03-29 14:25:27 +11:00
dependabot[bot] 100555c9db
chore(deps): bump pypdf from 6.9.1 to 6.9.2 in /src/backend (#11608)
* chore(deps): bump pypdf from 6.9.1 to 6.9.2 in /src/backend

Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.9.1 to 6.9.2.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.9.1...6.9.2)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.9.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* add playwright test

* Revert "add playwright test"

This reverts commit f0c661d6eb.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-03-27 07:29:54 +11:00
dependabot[bot] d2e8c75de4
chore(deps): bump requests from 2.32.5 to 2.33.0 in /src/backend (#11609)
* chore(deps): bump requests from 2.32.5 to 2.33.0 in /src/backend

Bumps [requests](https://github.com/psf/requests) from 2.32.5 to 2.33.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.32.5...v2.33.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.33.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* style fix

* reduce diff

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-03-27 07:29:32 +11:00
Matthias Mair 8b67fe5e99
fix(frontend): Template Editor Rendering Issues (#11601)
* fix order

* general bump

* allign @codemirror

* fix style

* add playwright test

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-03-27 07:29:03 +11:00
dependabot[bot] 7e18555a6b
chore(deps): bump yaml from 1.10.2 to 1.10.3 in /src/frontend (#11607)
Bumps [yaml](https://github.com/eemeli/yaml) from 1.10.2 to 1.10.3.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](https://github.com/eemeli/yaml/compare/v1.10.2...v1.10.3)

---
updated-dependencies:
- dependency-name: yaml
  dependency-version: 1.10.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-26 11:59:40 +11:00
Oliver a1ec46a6b8
isGeneratingSchema fix (#11606)
- Ignore sqlflush command
2026-03-25 01:09:00 +11:00
Oliver 8ec61aca0a
Update DataExport functionality (#11604)
* Update DataExport functionality

- Chunk queryset into memory

* Allow larger number of queries for chunked database fetching

* Handle possible exception in unit testing
2026-03-25 00:35:08 +11:00
Oliver b98fc9c7a0
Restrict queryset for DataImportSession (#11602)
* Restrict queryset for DataImportSession

- Only allow non-staff users to see their own sessions

* Add unit test

* raise PermissionDenied if no user info available
2026-03-24 23:28:58 +11:00
Miklós Márton 4865a2b2a0
Remove unnecessary semicolon passed to FontFace constructor (#11603)
Fixes #11583
2026-03-24 22:15:44 +11:00
Matthias Mair ae593bd7c4
chore(backend): full backend/image bump (#11571)
* full bump

* bump base image

* update comment

* fix ty errors

* lower allauth
2026-03-23 21:46:45 +11:00
Miklós Márton 7100569e45
Support image upload from clipboard (#11577)
* Support image upload from clipboard

* Suffix the image upload dialog message with the clipboard paste capability
2026-03-23 21:45:36 +11:00
Oliver 1e0a0aa79d
Add option to "asset" tag to control error raising (#11591) 2026-03-22 17:15:14 +11:00
github-actions[bot] 0feba9fbfb
New Crowdin translations by GitHub Action (#11498)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-03-22 13:31:14 +11:00
Oliver 8e289a3208
[API] Category star fix (#11588)
* [API] Bug fix for PartStar and PartCategoryStar

- Logic refactor and fixes

* Add playwright tests

* Remove debug statements

* Revert API string changes
2026-03-21 23:47:11 +11:00
Bradley Zylstra cf619b4184
[Bug] Import-records fix when importing from older InvenTree+Postgres version (#10862)
* Fixed issue where importing data from older versions of InvenTree+Postgres would fail

* Update tasks.py

Changed .startswith to exact matching for users.userprofile.

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update tasks.py

Added validation checks to user primary key pairing dict.

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Reverted tasks.py, disabled signals in user model when importing data

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-03-21 22:46:03 +11:00
Oliver 3a3816307e
Make WAL mode configurable for sqlite (#11585) 2026-03-21 19:46:22 +11:00
Oliver 6d8606bbe4
Refactoring for report helper functions (#11579)
* Refactoring for media file report helper functions

* Updated unit tests

* Improved error handling

* Generic path return for asset

* Fix return type annotations

* Fix existing test

* Tweaked unit test

* Collect static files in CI

* Run static step for all DB tests

* Update action.yaml

* Fix for action.yaml

* Updated unit tests
2026-03-21 17:38:41 +11:00
Oliver 5adf33d354
Improvements for get_bulk_queryset (#11581)
* Improvements for get_bulk_queryset

- Limit scope to base view queryset
- Remove ability to provide arbitrary filters
- Remove feedback if zero items are found

* Adjust unit test

* Remove filter test

* Update CHANGELOG.md
2026-03-21 17:17:35 +11:00
Oliver c5bf915d10
Adjust DataOutput API endpoint (#11580)
* DataOutput API fix

- Prevent non-staff users from accessing unrelated DataOutput instances

* Add unit tests
2026-03-21 15:14:59 +11:00
Oliver 5f9972e75e
[plugin] Cache busting for plugin static files (#11565)
* Add helper to check the existence of a static file

* Log error if plugin static file does not exist

* Support cache busting for plugin files

* Use Pathlib instead

* Improve generic URL resolution

* Add unit test
2026-03-20 15:42:15 +11:00
Oliver fc730b9af7
Save user info (#11572)
* Record user info when creating stock item

* Add unit test

* Add playwright test
2026-03-20 15:41:44 +11:00
Oliver 8c2592b3c2
Fix parent field for StockItemSerializer (#11573)
* Fix parent field for StockItemSerializer

- Closes https://github.com/inventree/InvenTree/issues/11507

* Bump API version
2026-03-20 15:41:35 +11:00
dependabot[bot] a64b15af76
chore(deps): bump pypdf from 6.8.0 to 6.9.1 in /src/backend (#11556)
* chore(deps): bump pypdf from 6.8.0 to 6.9.1 in /src/backend

Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.8.0 to 6.9.1.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.8.0...6.9.1)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.9.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-03-20 10:39:10 +11:00
Oliver 7f0610502d
Build line fix (#11566)
* Fix for RenderBuildLine

* Simple playwright test
2026-03-20 08:51:21 +11:00
Matthias Mair 9c993d1c22
bump drf (#11559) 2026-03-20 07:18:27 +11:00
Oliver ef2f05a418
[API] Bug fix for PartCategory cascade filter (#11562)
* Bug fix for PartCategory cascade filter

* Additional unit test
2026-03-19 23:40:44 +11:00
Oliver 4599edd375
[UI Update image fix (#11557)
* Improve thumbnail selector

- Center image
- Better descriptive text

* Updated playwrigth testing
2026-03-19 16:56:13 +11:00
Matthias Mair 16103379c9
chore(backend): Bump ty (#11537)
* bump ty - there is better django support now

* more fixes

* fix usage of types

* add missing type

* fix access

* ensure itteration is safe

* fix uncombat decimal usage

* ?potential breaking: change access key

* remove now obsolete igtnore

* ignore errors on StdImageField

* remove usage of unkonw parameter

* fix diff error

* fix schema creation

* fix coverage quirk

* those are unneeded now?

* this seem to have been an issue with 3.12; not occuring on 3.14

* ignore pydantiics

* ignore edge cases for now

* include isGenerating fix

* make typing python 3.11 compatible

* fix more errors
2026-03-18 18:25:50 +11:00
Oliver 865ec47a3b
Fix error generation on failed background task (#11552)
* Fix error generation on failed background task

* Tweak unit test
2026-03-18 18:23:47 +11:00
nino-tan-smartee 468f0f9c3b
fix(plugin): use app_name instead of plugin_path when deregistering models (#11536)
* fix(plugin): use app_name instead of plugin_path when deregistering models

_deactivate_mixin uses plugin_path (the full dotted module path) as the
key into Django's apps.all_models when removing plugin models during
reload. However, Django registers models under the app_label (the short
app_name), not the full plugin_path.

For plugins with nested module paths (e.g. "myplugin.myplugin"),
plugin_path != app_name. Since apps.all_models is a defaultdict, looking
up plugin_path silently creates an empty OrderedDict, then .pop(model)
raises KeyError because the model was never in that dict — it was
registered under app_name.

This causes recurring KeyError crashes every plugin reload cycle
(~1 minute) for any external plugin with a nested package structure.

The fix:
- Use app_name (already computed at line 98) instead of plugin_path
- Add default None to .pop() for defensive safety
- Consistent with line 123 which already correctly uses app_name

* test(plugin): add unit test for nested plugin path model deregistration

Ensures _deactivate_mixin uses app_name (last path component) instead
of the full plugin_path when looking up models in apps.all_models,
preventing KeyError for external plugins with nested module structures.

* style: fix ruff format for context manager parenthesization
2026-03-18 13:45:40 +11:00
Oliver 488bd5f923
Fix complete_sales_order_shipment task (#11525)
* Fix complete_sales_order_shipment task

- Perform allocation *before* marking shipment as complete
- Ensure task is not marked as complete before it is actually done

* Add unit test

* Provide task status tracking for shipment completion

* Add integration testing

* Address unit test issues

* Bump API version

* Enhance playwright test
2026-03-18 08:05:16 +11:00
Oliver b10fd949d3
Remove error handling for complete_build_allocations task (#11551)
- We *want* this to fail, and run again
- It is handled by the background task manager
2026-03-18 07:07:25 +11:00
Oliver 756c0be0b5
[db] Backend setting improvements (#11500)
* Refactor database engine options

- Move to setting/db_backend.py
- Cleanup settings.py

* Fix documentation for postgres settings

* docs updates

* Add transaction_mode options for sqlite

* Update CHANGELOG with breaking changes

* Remove hard-coded database config

* Raise error on invalid backend

* Fix typos

* Fix broken redis link

* Limit to single worker thread for sqlite

* Update docs

* Add verbosity switch to dev.test task

* Add test timeout - kill hanging tests after 120s

* Set WAL mode for sqlite

* Use IMMEDIATE mode for background worker thread

* Use config to set WAL rather than custom hook

* Tweak pyproject settings

* Tweak code

* Increase timeouts

* Reset requirements to master
2026-03-18 00:01:17 +11:00
Matthias Mair ab116309b3
chore(backend): fix isGenerating detection (#11548) 2026-03-18 00:00:33 +11:00
Oliver 84cd81d9a8
Build consume fix (#11529)
* Add new build task

* Refactor background task for consuming build stock

- Run as a single task
- Improve query efficiency

* Refactor consuming stock against build via API

- Return task_id for monitoring
- Keep frontend updated

* Task tracking for auto-allocation

* Add e2e integration tests:

- Auto-allocate stock
- Consume stock

* Bump API version

* Playwright test fixes

* Adjust unit tests

* Robustify unit test

* Widen test scope

* Adjust playwright test

* Loosen test requirements again

* idk, another change :|

* Robustify test
2026-03-17 20:51:12 +11:00
Matthias Mair 97aec82d33
bump PyJWT (#11532)
fixes https://github.com/inventree/InvenTree/security/dependabot/386
2026-03-15 22:03:45 +11:00
Oliver 609a3f4a36
[UI] Library fix (#11530)
* Ensure "lib" is built as part of CI

* Fix useMonitorBackgroundTask hook
2026-03-15 15:37:56 +11:00
Oliver 6830ba5efe
[API] Monitor task (#11527)
* Enhance docstring

* Return the ID of an offloaded task

* Add API endpoint for background task detail

* Add UI hook for monitoring background task  progress

* Handle queued tasks (not yet started)

* Improve UX

* Update frontend lib version

* Bump API version

* Fix notification

* Simplify UI interface

* Implement internal hook

* Fix API path sequence

* Add unit tests for task detail endpoint

* Refactor code into reusable model

* Explicit operation_id for API endpoints

* Further refactoring

* Use 200 response code

- axios does not like 202, simplify it

* Return task response for validation of part BOM

* Fix schema

* Cleanup

* Run background worker during playwright tests

- For full e2e integration testing

* Improve hooks and unit testing

* Rename custom hooks to meet react naming requirements
2026-03-15 14:11:22 +11:00
dependabot[bot] 133d254ba7
chore(deps): bump the dependencies group across 2 directories with 25 updates (#11516)
* chore(deps): bump the dependencies group across 2 directories with 25 updates

Bumps the dependencies group with 1 update in the /docs directory: [mkdocs-material](https://github.com/squidfunk/mkdocs-material).
Bumps the dependencies group with 24 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [blessed](https://github.com/jquast/blessed) | `1.30.0` | `1.32.0` |
| [boto3](https://github.com/boto/boto3) | `1.42.58` | `1.42.62` |
| [botocore](https://github.com/boto/botocore) | `1.42.58` | `1.42.62` |
| [charset-normalizer](https://github.com/jawah/charset_normalizer) | `3.4.4` | `3.4.5` |
| [icalendar](https://github.com/collective/icalendar) | `7.0.2` | `7.0.3` |
| [opentelemetry-exporter-otlp-proto-common](https://github.com/open-telemetry/opentelemetry-python) | `1.39.1` | `1.40.0` |
| [opentelemetry-exporter-otlp-proto-grpc](https://github.com/open-telemetry/opentelemetry-python) | `1.39.1` | `1.40.0` |
| [opentelemetry-exporter-otlp-proto-http](https://github.com/open-telemetry/opentelemetry-python) | `1.39.1` | `1.40.0` |
| [opentelemetry-instrumentation](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.60b1` | `0.61b0` |
| [opentelemetry-instrumentation-dbapi](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.60b1` | `0.61b0` |
| [opentelemetry-proto](https://github.com/open-telemetry/opentelemetry-python) | `1.39.1` | `1.40.0` |
| [opentelemetry-semantic-conventions](https://github.com/open-telemetry/opentelemetry-python) | `0.60b1` | `0.61b0` |
| [opentelemetry-util-http](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.60b1` | `0.61b0` |
| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.9.2` | `4.9.4` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `6.33.5` | `7.34.0` |
| [python-dotenv](https://github.com/theskumar/python-dotenv) | `1.2.1` | `1.2.2` |
| [redis](https://github.com/redis/redis-py) | `7.2.1` | `7.3.0` |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | `2.53.0` | `2.54.0` |
| [tinycss2](https://github.com/Kozea/tinycss2) | `1.4.0` | `1.5.1` |
| [tinyhtml5](https://github.com/CourtBouillon/tinyhtml5) | `2.0.0` | `2.1.0` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.3` | `2.1.2` |
| [filelock](https://github.com/tox-dev/py-filelock) | `3.24.3` | `3.25.0` |
| [identify](https://github.com/pre-commit/identify) | `2.6.16` | `2.6.17` |
| [isort](https://github.com/PyCQA/isort) | `8.0.0` | `8.0.1` |



Updates `mkdocs-material` from 9.7.3 to 9.7.4
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.7.3...9.7.4)

Updates `blessed` from 1.30.0 to 1.32.0
- [Release notes](https://github.com/jquast/blessed/releases)
- [Changelog](https://github.com/jquast/blessed/blob/master/docs/history.rst)
- [Commits](https://github.com/jquast/blessed/commits)

Updates `boto3` from 1.42.58 to 1.42.62
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](https://github.com/boto/boto3/compare/1.42.58...1.42.62)

Updates `botocore` from 1.42.58 to 1.42.62
- [Commits](https://github.com/boto/botocore/compare/1.42.58...1.42.62)

Updates `charset-normalizer` from 3.4.4 to 3.4.5
- [Release notes](https://github.com/jawah/charset_normalizer/releases)
- [Changelog](https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jawah/charset_normalizer/compare/3.4.4...3.4.5)

Updates `icalendar` from 7.0.2 to 7.0.3
- [Release notes](https://github.com/collective/icalendar/releases)
- [Changelog](https://github.com/collective/icalendar/blob/main/CHANGES.rst)
- [Commits](https://github.com/collective/icalendar/compare/v7.0.2...v7.0.3)

Updates `opentelemetry-exporter-otlp-proto-common` from 1.39.1 to 1.40.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python/compare/v1.39.1...v1.40.0)

Updates `opentelemetry-exporter-otlp-proto-grpc` from 1.39.1 to 1.40.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python/compare/v1.39.1...v1.40.0)

Updates `opentelemetry-exporter-otlp-proto-http` from 1.39.1 to 1.40.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python/compare/v1.39.1...v1.40.0)

Updates `opentelemetry-instrumentation` from 0.60b1 to 0.61b0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits)

Updates `opentelemetry-instrumentation-dbapi` from 0.60b1 to 0.61b0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits)

Updates `opentelemetry-proto` from 1.39.1 to 1.40.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python/compare/v1.39.1...v1.40.0)

Updates `opentelemetry-semantic-conventions` from 0.60b1 to 0.61b0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python/commits)

Updates `opentelemetry-util-http` from 0.60b1 to 0.61b0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits)

Updates `platformdirs` from 4.9.2 to 4.9.4
- [Release notes](https://github.com/tox-dev/platformdirs/releases)
- [Changelog](https://github.com/tox-dev/platformdirs/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/platformdirs/compare/4.9.2...4.9.4)

Updates `protobuf` from 6.33.5 to 7.34.0
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

Updates `python-dotenv` from 1.2.1 to 1.2.2
- [Release notes](https://github.com/theskumar/python-dotenv/releases)
- [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md)
- [Commits](https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2)

Updates `redis` from 7.2.1 to 7.3.0
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/v7.2.1...v7.3.0)

Updates `sentry-sdk` from 2.53.0 to 2.54.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.53.0...2.54.0)

Updates `tinycss2` from 1.4.0 to 1.5.1
- [Release notes](https://github.com/Kozea/tinycss2/releases)
- [Changelog](https://github.com/Kozea/tinycss2/blob/main/docs/changelog.rst)
- [Commits](https://github.com/Kozea/tinycss2/compare/v1.4.0...v1.5.1)

Updates `tinyhtml5` from 2.0.0 to 2.1.0
- [Release notes](https://github.com/CourtBouillon/tinyhtml5/releases)
- [Changelog](https://github.com/CourtBouillon/tinyhtml5/blob/main/docs/changelog.rst)
- [Commits](https://github.com/CourtBouillon/tinyhtml5/compare/2.0.0...2.1.0)

Updates `wrapt` from 1.17.3 to 2.1.2
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](https://github.com/GrahamDumpleton/wrapt/compare/1.17.3...2.1.2)

Updates `filelock` from 3.24.3 to 3.25.0
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/py-filelock/compare/3.24.3...3.25.0)

Updates `identify` from 2.6.16 to 2.6.17
- [Commits](https://github.com/pre-commit/identify/compare/v2.6.16...v2.6.17)

Updates `isort` from 8.0.0 to 8.0.1
- [Release notes](https://github.com/PyCQA/isort/releases)
- [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md)
- [Commits](https://github.com/PyCQA/isort/compare/8.0.0...8.0.1)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-version: 9.7.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: blessed
  dependency-version: 1.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: boto3
  dependency-version: 1.42.62
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: botocore
  dependency-version: 1.42.62
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: charset-normalizer
  dependency-version: 3.4.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: icalendar
  dependency-version: 7.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: opentelemetry-exporter-otlp-proto-common
  dependency-version: 1.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: opentelemetry-exporter-otlp-proto-grpc
  dependency-version: 1.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: opentelemetry-exporter-otlp-proto-http
  dependency-version: 1.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: opentelemetry-instrumentation
  dependency-version: 0.61b0
  dependency-type: direct:production
  dependency-group: dependencies
- dependency-name: opentelemetry-instrumentation-dbapi
  dependency-version: 0.61b0
  dependency-type: direct:production
  dependency-group: dependencies
- dependency-name: opentelemetry-proto
  dependency-version: 1.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: opentelemetry-semantic-conventions
  dependency-version: 0.61b0
  dependency-type: direct:production
  dependency-group: dependencies
- dependency-name: opentelemetry-util-http
  dependency-version: 0.61b0
  dependency-type: direct:production
  dependency-group: dependencies
- dependency-name: platformdirs
  dependency-version: 4.9.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: protobuf
  dependency-version: 7.34.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: python-dotenv
  dependency-version: 1.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: redis
  dependency-version: 7.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: tinycss2
  dependency-version: 1.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: tinyhtml5
  dependency-version: 2.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: wrapt
  dependency-version: 2.1.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: filelock
  dependency-version: 3.25.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: identify
  dependency-version: 2.6.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: isort
  dependency-version: 8.0.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix syle

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-03-15 07:16:39 +11:00
Matthias Mair 29ac2392db
bump undici (#11526) 2026-03-15 01:25:20 +11:00
Matthias Mair 897e3b9ec6
bump build tooling (#11505) 2026-03-14 22:55:30 +11:00
Jacob Felknor c3cedd25c0
Fix stuck-in-past expiry date filter (#11518)
* fix stuck-in-past expiry date filter

* also fix OVERDUE_FILTER date problem
2026-03-14 22:50:08 +11:00
Oliver 649ff009b9
[CI] Add unit test for large shipment (#11503) 2026-03-14 17:21:25 +11:00
Matthias Mair d7af345e20
refactor(frontend): use central user creds (#11520) 2026-03-14 13:29:46 +11:00
Matthias Mair fda3204e33
fix: low-privilege user token creation (#11492)
* [bug] Users cannot create their own API tokens
Fixes #11486

* fix detection of metadata

* make easier to read

* add handler for IsAuthenticated

* use correct method

* fix style see #11487

* add frontend test

* make test more reliable?
2026-03-14 12:02:49 +11:00
dependabot[bot] c8d41bc207
chore(deps): bump dompurify from 3.2.6 to 3.3.2 in /src/frontend (#11477)
* chore(deps): bump dompurify from 3.2.6 to 3.3.2 in /src/frontend

Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.2.6 to 3.3.2.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](https://github.com/cure53/DOMPurify/compare/3.2.6...3.3.2)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-version: 3.3.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-03-13 11:47:58 +11:00
dependabot[bot] 7d739e5927
chore(deps): bump the dependencies group across 1 directory with 4 updates (#11494)
* chore(deps): bump the dependencies group across 1 directory with 4 updates

Bumps the dependencies group with 4 updates in the /src/frontend directory: [@codemirror/view](https://github.com/codemirror/view), [@uiw/codemirror-theme-vscode](https://github.com/uiwjs/react-codemirror), [@playwright/test](https://github.com/microsoft/playwright) and [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@codemirror/view` from 6.38.2 to 6.39.16
- [Changelog](https://github.com/codemirror/view/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codemirror/view/compare/6.38.2...6.39.16)

Updates `@uiw/codemirror-theme-vscode` from 4.25.1 to 4.25.7
- [Release notes](https://github.com/uiwjs/react-codemirror/releases)
- [Commits](https://github.com/uiwjs/react-codemirror/compare/v4.25.1...v4.25.7)

Updates `@playwright/test` from 1.56.0 to 1.58.2
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](https://github.com/microsoft/playwright/compare/v1.56.0...v1.58.2)

Updates `@types/node` from 24.11.0 to 25.3.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@codemirror/view"
  dependency-version: 6.39.16
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: "@uiw/codemirror-theme-vscode"
  dependency-version: 4.25.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: "@playwright/test"
  dependency-version: 1.58.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: "@types/node"
  dependency-version: 25.3.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix test

* fix test

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-03-13 10:57:53 +11:00
Oliver 6ca102cb5f
Allow bulk edit of stock batch code (#11499)
* Allow bulk edit of stock batch code

Closes https://github.com/inventree/InvenTree/issues/10817

* Bump API version

* Add unit test
2026-03-13 01:23:55 +11:00
github-actions[bot] 98b56e1a49
New Crowdin translations by GitHub Action (#11407)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-03-12 20:38:18 +11:00
Oliver 1be08e4420
[API] Allow filtering ScheduledTask objects by name (#11497)
* [API] Allow filtering ScheduledTask objects by name

* Bump API version
2026-03-12 18:03:31 +11:00
Oliver 1e2c9ed273
Refactor part.on_order (#11496)
More intelligent DB querying for significant speed improvement
2026-03-12 15:31:44 +11:00
Oliver aafda4bece
[UI] Fix hook deps for BuildOutputTable (#11483)
- Closes https://github.com/inventree/InvenTree/issues/11280
2026-03-12 13:18:22 +11:00
Oliver c292e807b9
Enhance MonitorDataOutput (#11458)
* Enhance MonitorDataOutput

- Optionally pass QueryClient
- Required when running outside of <ApiContext />

* Fix default base URL if not specified

* Remove "allow_null" from Mantine props

* Bump lib version to 0.8.2

* Bump CHANGELOG.md
2026-03-12 12:22:16 +11:00
Matthias Mair f7da51b752
fix style issue from 11485 (#11487)
* fix https://github.com/inventree/InvenTree/pull/11485

* fix style

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-03-12 12:17:06 +11:00
Matthias Mair 57949b69e0
chore(frontend): resolution bump (#11465)
* chore(frontend): resolution bump

* bump nyc

* bump vite-plugin-istanbul

* bump @codecov/vite-plugin

* bump @lingui

* fix typing

* fix tests

* make more robust

* fix @codemirror

* fix another switch

* add more "give" to test

* ifnore demo dataset

* fix assert

* revert test change

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-03-12 12:14:36 +11:00
tigger2000ttfn a964d6682e
fix: wrap create_default_labels in transaction.atomic() savepoint to prevent PostgreSQL transaction abort (#11484)
When the plugin registry reloads during an active HTTP request, 
create_default_labels() raises ValidationError on duplicate template 
inserts. On PostgreSQL this aborts the entire outer atomic() block, 
causing TransactionManagementError on all stock operations in that request.

Fixes #11469

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-03-11 22:21:03 +11:00
Oliver 27809d712a
Copy order params (#11479)
* Copy parameters when duplicating an order

* Add unit test for order parameter duplication

* Bunmp API version

* Fix test reliability

* Disable image fetching for SampleSupplierPlugin

- Allow turning on manually
- Prevent CI issues due to rate limiting

* Revery pypdf.. ???
2026-03-11 19:26:56 +11:00
dependabot[bot] bcde2706c7
chore(deps): bump pypdf from 6.7.5 to 6.8.0 in /src/backend (#11485)
Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.7.5 to 6.8.0.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.7.5...6.8.0)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.8.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-11 12:47:32 +11:00
dependabot[bot] 2c8ef25894
chore(deps): bump the dependencies group across 2 directories with 12 updates (#11467)
* chore(deps): bump the dependencies group across 2 directories with 12 updates

Bumps the dependencies group with 1 update in the /docs directory: [mkdocs-material](https://github.com/squidfunk/mkdocs-material).
Bumps the dependencies group with 11 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [boto3](https://github.com/boto/boto3) | `1.42.54` | `1.42.58` |
| [botocore](https://github.com/boto/botocore) | `1.42.54` | `1.42.58` |
| [certifi](https://github.com/certifi/python-certifi) | `2026.1.4` | `2026.2.25` |
| [icalendar](https://github.com/collective/icalendar) | `7.0.1` | `7.0.2` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `6.33.5` | `7.34.0` |
| [redis](https://github.com/redis/redis-py) | `7.2.0` | `7.2.1` |
| [tinycss2](https://github.com/Kozea/tinycss2) | `1.4.0` | `1.5.1` |
| [whitenoise](https://github.com/evansd/whitenoise) | `6.11.0` | `6.12.0` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.3` | `2.1.1` |
| [types-psycopg2](https://github.com/typeshed-internal/stub_uploader) | `2.9.21.20251012` | `2.9.21.20260223` |
| [virtualenv](https://github.com/pypa/virtualenv) | `20.38.0` | `21.1.0` |



Updates `mkdocs-material` from 9.7.2 to 9.7.3
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.7.2...9.7.3)

Updates `boto3` from 1.42.54 to 1.42.58
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](https://github.com/boto/boto3/compare/1.42.54...1.42.58)

Updates `botocore` from 1.42.54 to 1.42.58
- [Commits](https://github.com/boto/botocore/compare/1.42.54...1.42.58)

Updates `certifi` from 2026.1.4 to 2026.2.25
- [Commits](https://github.com/certifi/python-certifi/compare/2026.01.04...2026.02.25)

Updates `icalendar` from 7.0.1 to 7.0.2
- [Release notes](https://github.com/collective/icalendar/releases)
- [Changelog](https://github.com/collective/icalendar/blob/main/CHANGES.rst)
- [Commits](https://github.com/collective/icalendar/compare/v7.0.1...v7.0.2)

Updates `protobuf` from 6.33.5 to 7.34.0
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

Updates `redis` from 7.2.0 to 7.2.1
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/v7.2.0...v7.2.1)

Updates `tinycss2` from 1.4.0 to 1.5.1
- [Release notes](https://github.com/Kozea/tinycss2/releases)
- [Changelog](https://github.com/Kozea/tinycss2/blob/main/docs/changelog.rst)
- [Commits](https://github.com/Kozea/tinycss2/compare/v1.4.0...v1.5.1)

Updates `whitenoise` from 6.11.0 to 6.12.0
- [Changelog](https://github.com/evansd/whitenoise/blob/main/docs/changelog.rst)
- [Commits](https://github.com/evansd/whitenoise/compare/6.11.0...6.12.0)

Updates `wrapt` from 1.17.3 to 2.1.1
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](https://github.com/GrahamDumpleton/wrapt/compare/1.17.3...2.1.1)

Updates `types-psycopg2` from 2.9.21.20251012 to 2.9.21.20260223
- [Commits](https://github.com/typeshed-internal/stub_uploader/commits)

Updates `virtualenv` from 20.38.0 to 21.1.0
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](https://github.com/pypa/virtualenv/compare/20.38.0...21.1.0)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-version: 9.7.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: boto3
  dependency-version: 1.42.58
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: botocore
  dependency-version: 1.42.58
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: certifi
  dependency-version: 2026.2.25
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: icalendar
  dependency-version: 7.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: protobuf
  dependency-version: 7.34.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: redis
  dependency-version: 7.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: tinycss2
  dependency-version: 1.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: whitenoise
  dependency-version: 6.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: wrapt
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: types-psycopg2
  dependency-version: 2.9.21.20260223
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: virtualenv
  dependency-version: 21.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* fix again

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-03-10 16:54:54 +11:00
Matthias Mair 7d61e59046
bump django (#11463) 2026-03-05 16:02:37 +11:00
dependabot[bot] 3ed21e00cf
chore(deps): bump pypdf from 6.7.4 to 6.7.5 in /src/backend (#11454)
* chore(deps): bump pypdf from 6.7.4 to 6.7.5 in /src/backend

Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.7.4 to 6.7.5.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.7.4...6.7.5)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.7.5
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-03-05 06:52:11 +11:00
Oliver 4d404352f4
[ui] Fix Reference column in SalesOrderLineItemTable (#11455)
- Closes https://github.com/inventree/InvenTree/issues/11448
2026-03-04 17:06:10 +11:00
Oliver cdcfdd8f2f
[bug] Import Session bug fix (#11456)
- Check session completion when deleting rows
2026-03-04 09:29:50 +11:00
Oliver 948818bc78
Expose monitorDataOutput hook to plugin library (#11453)
- Allow plugins to process data outputs
2026-03-03 15:10:03 +11:00
Jacob Felknor 41a617febd
Allow Zero Quantity BOM Item with System Setting (#11437)
* allow zero qty bom item with setting

* add allow zero bom qty setting to docs

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-03-03 11:10:20 +11:00
Oliver 3bbdddf51d
[API] Enforce pk ordering for API endpoints (#11446)
* Add unit test to detect unreliable pagination

* Enforce PK field ordering

- Append 'pk' ordering to InvenTreeOrderingFilter

* Use our ordering filter everywhere

* Simplify ordering options

* Enforce list

* Use last term for ordering checks

* Individual delete to fix mysql issue
2026-03-02 22:45:44 +11:00
Matthias Mair 2c67454163
fix requirements (#11445) 2026-03-02 18:47:56 +11:00
dependabot[bot] 428e782eac
chore(deps): bump pypdf from 6.7.3 to 6.7.4 in /src/backend (#11443)
Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.7.3 to 6.7.4.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.7.3...6.7.4)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.7.4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-02 09:39:57 +11:00
Jack 3d9104e9a5
Add "updated_at" field to Orders model (#11374)
* add "updated_at" field to PurchaseOrder model

* change to use abstract po instead

* add api filters

* add show, order and filter by po updated_at date to frontend

* add tests and increment api_version

* change updated_at to null by default

* never trust github conflict resolution

* bump docker image to python 3.14 (#11414)

* chore(deps): bump the dependencies group across 1 directory with 4 updates (#11416)

Bumps the dependencies group with 4 updates in the / directory: [depot/setup-action](https://github.com/depot/setup-action), [depot/build-push-action](https://github.com/depot/build-push-action), [anchore/sbom-action](https://github.com/anchore/sbom-action) and [actions/stale](https://github.com/actions/stale).


Updates `depot/setup-action` from 1.6.0 to 1.7.1
- [Release notes](https://github.com/depot/setup-action/releases)
- [Commits](b0b1ea4f69...15c09a5f77)

Updates `depot/build-push-action` from 1.16.2 to 1.17.0
- [Release notes](https://github.com/depot/build-push-action/releases)
- [Commits](9785b135c3...5f3b3c2e5a)

Updates `anchore/sbom-action` from 0.21.1 to 0.22.2
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](0b82b0b1a2...28d71544de)

Updates `actions/stale` from 10.1.1 to 10.2.0
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](997185467f...b5d41d4e1d)

---
updated-dependencies:
- dependency-name: depot/setup-action
  dependency-version: 1.7.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: depot/build-push-action
  dependency-version: 1.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: anchore/sbom-action
  dependency-version: 0.22.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: actions/stale
  dependency-version: 10.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* [UI] Copy cells expansion (#11410)

* Prevent copy button if copy value is null

* Add "link" columns to order tables

* Support copy for default column types

* Tweak padding to avoid flickering issues

* Refactor IPNColumn

* Adjust visual styling

* Copy for SKU and MPN columns

* Add more copy columns

* More tweaks

* Tweak playwright testing

* Further cleanup

* More copy cols

* Fix auto pricing overwriting manual purchase price #10846 (#11411)

* Fix auto pricing overwriting manual purchase price #10846

* Added entry to api_version.py

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>

* [UI] Default locale (#11412)

* [UI] Support default server language

* Handle faulty theme

* Add option for default language

* Improve language selection

* Brief docs entry

* Fix typo

* Fix yarn build

* Remove debug msg

* Fix calendar locale

* feat(backend): ensure restore of backups only works in correct enviroments (#11372)

* [FR] ensure restore of backups only works in correct enviroments
Fixes #11214

* update PR nbr

* fix wrong ty detection

* fix link

* ensure tracing does not enagage while running backup ops

* fix import

* remove debugging string

* add error codes

* add tests for backup and restore

* complete test for restore

* we do not need e2e on every matrix entry
there is no realy db dep here

* fix changelog format

* add flag to allow bypass

* update CHANGELOG.md

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: JustusRijke <53965859+JustusRijke@users.noreply.github.com>
2026-02-28 09:07:02 +11:00
dependabot[bot] 23d60bf05f
chore(deps): bump pypdf from 6.7.2 to 6.7.3 in /src/backend (#11436)
* chore(deps): bump pypdf from 6.7.2 to 6.7.3 in /src/backend

Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.7.2 to 6.7.3.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.7.2...6.7.3)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.7.3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-02-28 09:06:37 +11:00
dependabot[bot] 05a63fe143
chore(deps): bump the dependencies group across 2 directories with 8 updates (#11438)
* chore(deps): bump the dependencies group across 2 directories with 8 updates

Bumps the dependencies group with 1 update in the /docs directory: [mkdocs-material](https://github.com/squidfunk/mkdocs-material).
Bumps the dependencies group with 7 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [tinycss2](https://github.com/Kozea/tinycss2) | `1.4.0` | `1.5.1` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.3` | `2.1.1` |
| [filelock](https://github.com/tox-dev/py-filelock) | `3.21.2` | `3.24.3` |
| [isort](https://github.com/PyCQA/isort) | `7.0.0` | `8.0.0` |
| [pytest-django](https://github.com/pytest-dev/pytest-django) | `4.11.1` | `4.12.0` |
| [rich](https://github.com/Textualize/rich) | `14.3.2` | `14.3.3` |
| [virtualenv](https://github.com/pypa/virtualenv) | `20.36.1` | `20.38.0` |



Updates `mkdocs-material` from 9.7.1 to 9.7.2
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.7.1...9.7.2)

Updates `tinycss2` from 1.4.0 to 1.5.1
- [Release notes](https://github.com/Kozea/tinycss2/releases)
- [Changelog](https://github.com/Kozea/tinycss2/blob/main/docs/changelog.rst)
- [Commits](https://github.com/Kozea/tinycss2/compare/v1.4.0...v1.5.1)

Updates `wrapt` from 1.17.3 to 2.1.1
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](https://github.com/GrahamDumpleton/wrapt/compare/1.17.3...2.1.1)

Updates `filelock` from 3.21.2 to 3.24.3
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/py-filelock/compare/3.21.2...3.24.3)

Updates `isort` from 7.0.0 to 8.0.0
- [Release notes](https://github.com/PyCQA/isort/releases)
- [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md)
- [Commits](https://github.com/PyCQA/isort/compare/7.0.0...8.0.0)

Updates `pytest-django` from 4.11.1 to 4.12.0
- [Release notes](https://github.com/pytest-dev/pytest-django/releases)
- [Changelog](https://github.com/pytest-dev/pytest-django/blob/main/docs/changelog.rst)
- [Commits](https://github.com/pytest-dev/pytest-django/compare/v4.11.1...v4.12.0)

Updates `rich` from 14.3.2 to 14.3.3
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Textualize/rich/compare/v14.3.2...v14.3.3)

Updates `virtualenv` from 20.36.1 to 20.38.0
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](https://github.com/pypa/virtualenv/compare/20.36.1...20.38.0)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-version: 9.7.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: tinycss2
  dependency-version: 1.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: wrapt
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: filelock
  dependency-version: 3.24.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: isort
  dependency-version: 8.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: pytest-django
  dependency-version: 4.12.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: rich
  dependency-version: 14.3.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: virtualenv
  dependency-version: 20.38.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-02-28 09:06:05 +11:00
Oliver fb3b1189fd
Prevent exchange rate update during migration (#11429) 2026-02-26 19:18:44 +11:00
Oliver b18016e43e
[UI] Disable copy button if not secure (#11427)
- Hide copy button if not within secure context
- Ref: https://github.com/inventree/InvenTree/discussions/11422
2026-02-26 09:53:04 +11:00
Matthias Mair ac9a1f2251
feat(backend): ensure restore of backups only works in correct enviroments (#11372)
* [FR] ensure restore of backups only works in correct enviroments
Fixes #11214

* update PR nbr

* fix wrong ty detection

* fix link

* ensure tracing does not enagage while running backup ops

* fix import

* remove debugging string

* add error codes

* add tests for backup and restore

* complete test for restore

* we do not need e2e on every matrix entry
there is no realy db dep here

* fix changelog format

* add flag to allow bypass
2026-02-25 10:23:00 +11:00
Oliver 8a4ad4ff62
[UI] Default locale (#11412)
* [UI] Support default server language

* Handle faulty theme

* Add option for default language

* Improve language selection

* Brief docs entry

* Fix typo

* Fix yarn build

* Remove debug msg

* Fix calendar locale
2026-02-24 16:08:26 +11:00
JustusRijke 246108e732
Fix auto pricing overwriting manual purchase price #10846 (#11411)
* Fix auto pricing overwriting manual purchase price #10846

* Added entry to api_version.py

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-02-24 12:58:01 +11:00
Oliver 449bd4e5a0
[UI] Copy cells expansion (#11410)
* Prevent copy button if copy value is null

* Add "link" columns to order tables

* Support copy for default column types

* Tweak padding to avoid flickering issues

* Refactor IPNColumn

* Adjust visual styling

* Copy for SKU and MPN columns

* Add more copy columns

* More tweaks

* Tweak playwright testing

* Further cleanup

* More copy cols
2026-02-24 11:44:14 +11:00
Tin Pham edc639d55c
feat: add copyable cells feature with CopyButton component (#11406) 2026-02-23 19:59:22 +11:00
Matthias Mair 33c57887ad
bump django-allauth (#11401)
* bump django-allauth

* bump api
2026-02-23 19:55:09 +11:00
Oliver cef5d4d9c0
[UI] Default table filters (#11405)
* Support "default filters" for table views

- User overrides apply in preference
- Only when there is no stored value (null)

* Correctly handle partially constructed filters

- Reverse lookup on available filter set

* Add default filters for order tables

* Default filters for company tables

* More default filters

* Add some more default filters

* Bump CHANGELOG

* build fix

* Tweaks for playwright testing

* Tweak playwright test

* Improve test flexibility
2026-02-23 19:46:17 +11:00
github-actions[bot] d48643319c
New Crowdin translations by GitHub Action (#11301)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-02-23 14:01:18 +11:00
dependabot[bot] 3d5631d62c
chore(deps): bump the dependencies group across 2 directories with 19 updates (#11390)
* chore(deps): bump the dependencies group across 2 directories with 19 updates

Bumps the dependencies group with 1 update in the /docs directory: [mkdocstrings[python]](https://github.com/mkdocstrings/mkdocstrings).
Bumps the dependencies group with 18 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [gunicorn](https://github.com/benoitc/gunicorn) | `25.0.3` | `25.1.0` |
| [setuptools](https://github.com/pypa/setuptools) | `80.10.2` | `82.0.0` |
| [blessed](https://github.com/jquast/blessed) | `1.29.0` | `1.30.0` |
| [boto3](https://github.com/boto/boto3) | `1.42.47` | `1.42.48` |
| [botocore](https://github.com/boto/botocore) | `1.42.47` | `1.42.48` |
| [cssselect2](https://github.com/Kozea/cssselect2) | `0.8.0` | `0.9.0` |
| [django-dbbackup](https://github.com/Archmonger/django-dbbackup) | `5.1.2` | `5.2.0` |
| [django-flags](https://github.com/cfpb/django-flags) | `5.1.0` | `5.2.0` |
| [icalendar](https://github.com/collective/icalendar) | `6.3.2` | `7.0.0` |
| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.5.1` | `4.7.1` |
| [redis](https://github.com/redis/redis-py) | `7.1.0` | `7.1.1` |
| [tinycss2](https://github.com/Kozea/tinycss2) | `1.4.0` | `1.5.1` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.3` | `2.1.1` |
| [zopfli](https://github.com/fonttools/py-zopfli) | `0.4.0` | `0.4.1` |
| [coverage[toml]](https://github.com/coveragepy/coveragepy) | `7.13.3` | `7.13.4` |
| [filelock](https://github.com/tox-dev/py-filelock) | `3.20.3` | `3.21.2` |
| [pip-tools](https://github.com/jazzband/pip-tools) | `7.5.2` | `7.5.3` |
| [pytest-codspeed](https://github.com/CodSpeedHQ/pytest-codspeed) | `4.2.0` | `4.3.0` |



Updates `mkdocstrings[python]` from 1.0.2 to 1.0.3
- [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases)
- [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mkdocstrings/mkdocstrings/compare/1.0.2...1.0.3)

Updates `gunicorn` from 25.0.3 to 25.1.0
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](https://github.com/benoitc/gunicorn/compare/25.0.3...25.1.0)

Updates `setuptools` from 80.10.2 to 82.0.0
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/setuptools/compare/v80.10.2...v82.0.0)

Updates `blessed` from 1.29.0 to 1.30.0
- [Release notes](https://github.com/jquast/blessed/releases)
- [Changelog](https://github.com/jquast/blessed/blob/master/docs/history.rst)
- [Commits](https://github.com/jquast/blessed/commits/1.30)

Updates `boto3` from 1.42.47 to 1.42.48
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](https://github.com/boto/boto3/compare/1.42.47...1.42.48)

Updates `botocore` from 1.42.47 to 1.42.48
- [Commits](https://github.com/boto/botocore/compare/1.42.47...1.42.48)

Updates `cssselect2` from 0.8.0 to 0.9.0
- [Release notes](https://github.com/Kozea/cssselect2/releases)
- [Changelog](https://github.com/Kozea/cssselect2/blob/main/docs/changelog.rst)
- [Commits](https://github.com/Kozea/cssselect2/compare/0.8.0...0.9.0)

Updates `django-dbbackup` from 5.1.2 to 5.2.0
- [Release notes](https://github.com/Archmonger/django-dbbackup/releases)
- [Changelog](https://github.com/Archmonger/django-dbbackup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Archmonger/django-dbbackup/compare/5.1.2...5.2.0)

Updates `django-flags` from 5.1.0 to 5.2.0
- [Release notes](https://github.com/cfpb/django-flags/releases)
- [Changelog](https://github.com/cfpb/django-flags/blob/main/docs/releasenotes.md)
- [Commits](https://github.com/cfpb/django-flags/compare/5.1.0...5.2.0)

Updates `icalendar` from 6.3.2 to 7.0.0
- [Release notes](https://github.com/collective/icalendar/releases)
- [Changelog](https://github.com/collective/icalendar/blob/main/CHANGES.rst)
- [Commits](https://github.com/collective/icalendar/compare/v6.3.2...v7.0.0)

Updates `platformdirs` from 4.5.1 to 4.7.1
- [Release notes](https://github.com/tox-dev/platformdirs/releases)
- [Changelog](https://github.com/tox-dev/platformdirs/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/platformdirs/compare/4.5.1...4.7.1)

Updates `redis` from 7.1.0 to 7.1.1
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/v7.1.0...v7.1.1)

Updates `tinycss2` from 1.4.0 to 1.5.1
- [Release notes](https://github.com/Kozea/tinycss2/releases)
- [Changelog](https://github.com/Kozea/tinycss2/blob/main/docs/changelog.rst)
- [Commits](https://github.com/Kozea/tinycss2/compare/v1.4.0...v1.5.1)

Updates `wrapt` from 1.17.3 to 2.1.1
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](https://github.com/GrahamDumpleton/wrapt/compare/1.17.3...2.1.1)

Updates `zopfli` from 0.4.0 to 0.4.1
- [Release notes](https://github.com/fonttools/py-zopfli/releases)
- [Commits](https://github.com/fonttools/py-zopfli/compare/v0.4.0...v0.4.1)

Updates `coverage[toml]` from 7.13.3 to 7.13.4
- [Release notes](https://github.com/coveragepy/coveragepy/releases)
- [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst)
- [Commits](https://github.com/coveragepy/coveragepy/compare/7.13.3...7.13.4)

Updates `filelock` from 3.20.3 to 3.21.2
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/py-filelock/compare/3.20.3...3.21.2)

Updates `pip-tools` from 7.5.2 to 7.5.3
- [Release notes](https://github.com/jazzband/pip-tools/releases)
- [Changelog](https://github.com/jazzband/pip-tools/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jazzband/pip-tools/compare/v7.5.2...v7.5.3)

Updates `pytest-codspeed` from 4.2.0 to 4.3.0
- [Release notes](https://github.com/CodSpeedHQ/pytest-codspeed/releases)
- [Changelog](https://github.com/CodSpeedHQ/pytest-codspeed/blob/master/CHANGELOG.md)
- [Commits](https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.2.0...v4.3.0)

---
updated-dependencies:
- dependency-name: mkdocstrings[python]
  dependency-version: 1.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: gunicorn
  dependency-version: 25.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: setuptools
  dependency-version: 82.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: blessed
  dependency-version: 1.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: boto3
  dependency-version: 1.42.48
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: botocore
  dependency-version: 1.42.48
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: cssselect2
  dependency-version: 0.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: django-dbbackup
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: django-flags
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: icalendar
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: platformdirs
  dependency-version: 4.7.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: redis
  dependency-version: 7.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: tinycss2
  dependency-version: 1.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: wrapt
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: zopfli
  dependency-version: 0.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: coverage[toml]
  dependency-version: 7.13.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: filelock
  dependency-version: 3.21.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: pip-tools
  dependency-version: 7.5.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pytest-codspeed
  dependency-version: 4.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* bump related reqs

* bump a bit further

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-02-23 07:17:18 +11:00
Oliver 6c58cc709f
Merge commit from fork
- Change one renderer from jinja to django
- Move the other to a sandboxed environment
2026-02-22 22:48:05 +11:00
Oliver e1a9200f1e
[bug] Fix custom logo and splash (#11391)
* Add custom logo and splash to playwright fixtures

* Render custom logo in frontend

* Add playwright tests for customization settings

* Separate playwright run for customization

* Update ci file

* Update playwright config file

* Do not call get_custom_file from withing settings.py

- django app not fully initialized yet
- can cause loops

* Disable default tests (for now)

* Re-enable normal tests

* Update qc checks

* Order of operations?

* Debug output

* Use env

* Add more debug info

* More debug

* Further debug

* Add collectstatic check

* Run normal tests too

* Remove debug prints
2026-02-22 22:04:49 +11:00
Oliver 2e22245255
Auto allocate tracked (#10887)
* Add "item_type" to BuildAutoAllocationSerializer

* Update frontend to allow selection

* Stub for allocating tracked items

* Code for auto-allocating tracked outputs

* Refactor auto-allocation code

* UI updates

* Bump API version

* Auto refresh tracked items

* Update CHANGELOG.md

* docs entry

* Add unit test

* Add playwright testing
2026-02-22 20:15:31 +11:00
Oliver cca35bb268
Change warning to info (#11370)
- Generates a lot of scary logs during update process

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-02-22 19:14:22 +11:00
Oliver 2e675ee87a
[bug] Check for null plugin config (#11394)
* Check for null plugin config

* Handle potential errors
2026-02-22 12:47:43 +11:00
Oliver 3910cc5a50
Supplier Part Updates (#11303)
* Add "primary" field to SupplierPart model

* Remove "default_supplier" field from the Part model

* Ensure only one SupplierPart can be "primary" for a given Part

* Update references to "default_supplier"

* Add 'primary' field to the SupplierPart API serializer

* update SupplierPart table

* Use bulk-update operations

* Bug fix for data migration

* Allow ordering by 'primary' field

* Tweak import message

* Edit 'primary' field in UI

* Fix checks in save() methods

* Better table updates

* Update CHANGELOG

* Bump API version

* Fix unit test

* Add unit test for API

* Playwright tests
2026-02-20 18:25:26 +11:00
Oliver 14d6d2354f
[Enhancement] Import by natural key fields (#11288)
* Data import flexibility

- Allow specification of alternative lookup fields for data import

* Observe field filters during data import

* Add alternative import fields for Part models

* More options for IMPORT_ID_FIELDS

* Update src/backend/InvenTree/importer/models.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Bump CHANGELOG

* Handle empty input values

* Add IMPORT_ID_FIELDS for more models

* PK field takes highest priority

* Update import docs

* Tweak return type

* Handle multiple date formats

* Add playwright testing

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-02-20 15:30:00 +11:00
Matthias Mair 1ac3f5e479
fix change from #11387 (#11388) 2026-02-20 13:01:47 +11:00
Oliver dd423dccd6
[API] Enhanced filtering for generic parameters (#11383)
* Enhanced filtering for parameter templates

- Allow filtering by model ID as well as model type

* Enhanced filtering for ParameterTemplate

- Required for the parameteric data tables
- Enable filtering by base model ID
- Enable filtering by related model ID

* Bump API version

* Remove outdated comments

* Fix typo

* Remove debug statement

* Added unit tests

* Playwright tests

* Fix unit test

* Bump requirements

* Revert
2026-02-20 09:32:33 +11:00
dependabot[bot] fc1bfe876c
chore(deps): bump pypdf from 6.6.2 to 6.7.1 in /src/backend (#11387)
Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.6.2 to 6.7.1.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.6.2...6.7.1)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.7.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-20 07:32:22 +11:00
Oliver 46e0205ad5
[bug] fix short-circuit for isGeneratingSchema (#11378)
* [bug] fix short-circuit for isGeneratingSchema

* Additional exclusions

* Even more exclusions

* More exclusions

* Updated comment
2026-02-19 20:58:21 +11:00
Oliver 4e1862a860
Purchase price ordering (#11379)
* Support ordering stock by purchase price

* Enhanced error output

* Bump API version
2026-02-19 20:58:11 +11:00
Oliver 3dbe168939
[UI] Bug fix for stock column ordering (#11376)
- Cannot have a blank accessor
2026-02-19 17:18:53 +11:00
Oliver a4a399022f
Batch update of records during migration (#11371)
* Batch update of records during migration

Reduce issues with very large datasets

* Add short-circuit logic

* Filter and prefetch
2026-02-19 12:03:37 +11:00
Oliver f6206305d5
[UI] Log Form error (#11363)
* [UI] Log console error for invalid field

- Help catch form issues during CI

* Use console logging
2026-02-18 14:15:34 +11:00
Oliver 7c92ecbe90
[UI] Hide "accept_incomplete_allocation" field (#11362)
- Hide this field if the build does not have any tracked items
- Ref: https://github.com/inventree/InvenTree/discussions/11324
2026-02-18 11:34:15 +11:00
Oliver 951586a698
Prevent migration check if performing DB update operations (#11356)
* Prevent migration check if performing DB update operations

* Prevent settings write during data imports

* Prevent exchange rate update during migration processes

* Allow exchange rate updates during tests or shell session
2026-02-18 00:19:58 +11:00
Matthias Mair b8cf2db68e
disable traceid gen in unsecure context (#11349) 2026-02-17 10:46:09 +11:00
Oliver 14a2e4c5af
Fix for ready.py (#11346)
* Fix for ready.py

- Early exit for isGeneratingSchema when removing stale content types
- Prevents blocking on update process

* Rearrange
2026-02-17 08:56:11 +11:00
Oliver 033ad420ce
Change default barcode type (#11304)
* Change default barcode type

* Bump plugin version

* Adjust unit testing

* Tweak unit tests

* Tweak docs
2026-02-17 00:22:44 +11:00
Oliver 430dfbbae5
[setup] invoke command updates (#11340)
* invoke command updates

- wait for db before migrating data
- improve task state reporting
- early return from isGeneratingSchema

* Disable warning message (for now)

* Fix typo

- This caused large delay when restoring data

* Remove debug statement

* Add warning message if isGeneratingSchema called falls through unexpectedly
2026-02-17 00:22:35 +11:00
dependabot[bot] 5f4dd49b12
chore(deps): bump the dependencies group across 2 directories with 18 updates (#11321)
* chore(deps): bump the dependencies group across 2 directories with 18 updates

Bumps the dependencies group with 3 updates in the /docs directory: [mkdocs-git-revision-date-localized-plugin](https://github.com/timvink/mkdocs-git-revision-date-localized-plugin), [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin) and [mkdocstrings[python]](https://github.com/mkdocstrings/mkdocstrings).
Bumps the dependencies group with 15 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [asgiref](https://github.com/django/asgiref) | `3.11.0` | `3.11.1` |
| [babel](https://github.com/python-babel/babel) | `2.17.0` | `2.18.0` |
| [blessed](https://github.com/jquast/blessed) | `1.25.0` | `1.29.0` |
| [django-money](https://github.com/django-money/django-money) | `3.5.4` | `3.6.0` |
| [grpcio](https://github.com/grpc/grpc) | `1.76.0` | `1.78.0` |
| [jmespath](https://github.com/jmespath/jmespath.py) | `1.0.1` | `1.1.0` |
| [pip-licenses](https://github.com/raimon49/pip-licenses) | `5.5.0` | `5.5.1` |
| [psutil](https://github.com/giampaolo/psutil) | `7.2.1` | `7.2.2` |
| [pyjwt[crypto]](https://github.com/jpadilla/pyjwt) | `2.10.1` | `2.11.0` |
| [tinycss2](https://github.com/Kozea/tinycss2) | `1.4.0` | `1.5.1` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.3` | `2.1.1` |
| [coverage[toml]](https://github.com/coveragepy/coveragepy) | `7.13.1` | `7.13.3` |
| [django-types](https://github.com/sbdchd/django-types) | `0.22.0` | `0.23.0` |
| [pip](https://github.com/pypa/pip) | `26.0` | `26.0.1` |
| [rich](https://github.com/Textualize/rich) | `14.2.0` | `14.3.2` |



Updates `mkdocs-git-revision-date-localized-plugin` from 1.5.0 to 1.5.1
- [Release notes](https://github.com/timvink/mkdocs-git-revision-date-localized-plugin/releases)
- [Commits](https://github.com/timvink/mkdocs-git-revision-date-localized-plugin/compare/v1.5.0...v1.5.1)

Updates `mkdocs-include-markdown-plugin` from 7.2.0 to 7.2.1
- [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases)
- [Commits](https://github.com/mondeja/mkdocs-include-markdown-plugin/compare/v7.2.0...v7.2.1)

Updates `mkdocstrings[python]` from 1.0.1 to 1.0.2
- [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases)
- [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mkdocstrings/mkdocstrings/compare/1.0.1...1.0.2)

Updates `asgiref` from 3.11.0 to 3.11.1
- [Changelog](https://github.com/django/asgiref/blob/main/CHANGELOG.txt)
- [Commits](https://github.com/django/asgiref/compare/3.11.0...3.11.1)

Updates `babel` from 2.17.0 to 2.18.0
- [Release notes](https://github.com/python-babel/babel/releases)
- [Changelog](https://github.com/python-babel/babel/blob/master/CHANGES.rst)
- [Commits](https://github.com/python-babel/babel/compare/v2.17.0...v2.18.0)

Updates `blessed` from 1.25.0 to 1.29.0
- [Release notes](https://github.com/jquast/blessed/releases)
- [Changelog](https://github.com/jquast/blessed/blob/master/docs/history.rst)
- [Commits](https://github.com/jquast/blessed/commits)

Updates `django-money` from 3.5.4 to 3.6.0
- [Release notes](https://github.com/django-money/django-money/releases)
- [Changelog](https://github.com/django-money/django-money/blob/main/docs/changes.rst)
- [Commits](https://github.com/django-money/django-money/compare/3.5.4...3.6.0)

Updates `grpcio` from 1.76.0 to 1.78.0
- [Release notes](https://github.com/grpc/grpc/releases)
- [Commits](https://github.com/grpc/grpc/compare/v1.76.0...v1.78.0)

Updates `jmespath` from 1.0.1 to 1.1.0
- [Changelog](https://github.com/jmespath/jmespath.py/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/jmespath/jmespath.py/compare/1.0.1...1.1.0)

Updates `pip-licenses` from 5.5.0 to 5.5.1
- [Release notes](https://github.com/raimon49/pip-licenses/releases)
- [Changelog](https://github.com/raimon49/pip-licenses/blob/master/CHANGELOG.md)
- [Commits](https://github.com/raimon49/pip-licenses/compare/v-5.5.0...v-5.5.1)

Updates `psutil` from 7.2.1 to 7.2.2
- [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst)
- [Commits](https://github.com/giampaolo/psutil/compare/release-7.2.1...release-7.2.2)

Updates `pyjwt[crypto]` from 2.10.1 to 2.11.0
- [Release notes](https://github.com/jpadilla/pyjwt/releases)
- [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/jpadilla/pyjwt/compare/2.10.1...2.11.0)

Updates `tinycss2` from 1.4.0 to 1.5.1
- [Release notes](https://github.com/Kozea/tinycss2/releases)
- [Changelog](https://github.com/Kozea/tinycss2/blob/main/docs/changelog.rst)
- [Commits](https://github.com/Kozea/tinycss2/compare/v1.4.0...v1.5.1)

Updates `wrapt` from 1.17.3 to 2.1.1
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](https://github.com/GrahamDumpleton/wrapt/compare/1.17.3...2.1.1)

Updates `coverage[toml]` from 7.13.1 to 7.13.3
- [Release notes](https://github.com/coveragepy/coveragepy/releases)
- [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst)
- [Commits](https://github.com/coveragepy/coveragepy/compare/7.13.1...7.13.3)

Updates `django-types` from 0.22.0 to 0.23.0
- [Changelog](https://github.com/sbdchd/django-types/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sbdchd/django-types/commits)

Updates `pip` from 26.0 to 26.0.1
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/pip/compare/26.0...26.0.1)

Updates `rich` from 14.2.0 to 14.3.2
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Textualize/rich/compare/v14.2.0...v14.3.2)

---
updated-dependencies:
- dependency-name: mkdocs-git-revision-date-localized-plugin
  dependency-version: 1.5.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-include-markdown-plugin
  dependency-version: 7.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocstrings[python]
  dependency-version: 1.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: asgiref
  dependency-version: 3.11.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: babel
  dependency-version: 2.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: blessed
  dependency-version: 1.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: django-money
  dependency-version: 3.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: grpcio
  dependency-version: 1.78.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: jmespath
  dependency-version: 1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: pip-licenses
  dependency-version: 5.5.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: psutil
  dependency-version: 7.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pyjwt[crypto]
  dependency-version: 2.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: tinycss2
  dependency-version: 1.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: wrapt
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: coverage[toml]
  dependency-version: 7.13.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-types
  dependency-version: 0.23.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: pip
  dependency-version: 26.0.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: rich
  dependency-version: 14.3.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* disable performance for now

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-02-16 23:15:46 +11:00
Oliver 7a646946c3
[bug] FIx for data migration (#11329)
* [bug] FIx for data migration

Prevent writing of default currency to database during migration or backup

* Ignore error
2026-02-15 11:37:13 +11:00
Oliver a95ee3ccd9
[CI] Allow more test time (#11314)
* [CI] Allow more test time

* Fix style issues
2026-02-13 12:58:03 +11:00
Oliver b568e82d31
[UI] Spotlight tweaks (#11305)
* Add spotlight action to navigate to data import screen

* Hide barcode action if disabled

* Sort actions

* Make spotlight scrollable

* Docs for spotlight
2026-02-13 00:04:19 +11:00
github-actions[bot] 2fef749583
New Crowdin translations by GitHub Action (#11251)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-02-12 21:42:55 +11:00
Oliver 1793ad453c
Bump version number to 1.3.0-dev (#11300)
* Bump version number to 1.3.0-dev

* Update CHANGELOG.md

* Add entry for next release
2026-02-12 19:53:12 +11:00
Oliver 1ade79398d
[UI] Data import fixes (#11298)
- Refresh session and table after deleting rows
2026-02-12 17:41:45 +11:00
Matthias Mair b11bbfb92c
feat(frontend): Add better frontend tracing (#11244)
* add better tracing through the frontend

* extend allowed headers

* add endpoint to end the trace

* end traces correctly in backend

* end trace

* early cop-out if not tracing is enabled

* Update API version link for v447
2026-02-12 15:53:58 +11:00
Matthias Mair 9fbc7ac40c
feat(frontend): add warning to SO line calcs (#11296) 2026-02-12 13:05:12 +11:00
Matthias Mair fa32d5f0d2
chore(backend): allign dep pinning (#11292) 2026-02-12 09:26:04 +11:00
dependabot[bot] dee285133c
chore(deps): bump pillow from 12.1.0 to 12.1.1 in /src/backend (#11290)
Bumps [pillow](https://github.com/python-pillow/Pillow) from 12.1.0 to 12.1.1.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/12.1.0...12.1.1)

---
updated-dependencies:
- dependency-name: pillow
  dependency-version: 12.1.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-12 07:27:29 +11:00
Oliver 3ebf27df36
Display more output information in "build allocated stock" table (#11276)
* Add "install_into_detail" to BuildItem serializer

* Enhance the "resolveItem" function

* Add "StockColumn" renderer

* Fix output column for BuildAllocatedStockTable

* Replace column in stock item table

* More column refactoring

* Bump API version

* Add InvenTreeOutputOption descriptions

* Prefetch for better API performance

* Updated playwright testing
2026-02-11 23:25:56 +11:00
Oliver e963b8219b
[UI] Edit BOM item from "Used In" table (#11286)
- Allows editing BOM item from the "used in" table
- Useful for editing from the context of the component / subassembly
2026-02-11 21:46:54 +11:00
Oliver d24ba7965c
[bug] Fix table ordering (#11277)
* Additional filtering options for stock list

* Fix ordering for stock table

* Ordering fix for build order table

* Ordering for supplier parts and manufacturer parts

* SalesOrderLineItem: Order by IPN

* ReturnOrderLineItem table:

- Order by part name
- Order by part IPN

* Update API version to 451

Increment API version to 451 and update changelog.

* Add playwright tests for column sorting

* Add backend tests for API ordering

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-02-11 17:52:21 +11:00
dependabot[bot] 384f8282fd
chore(deps): bump cryptography from 46.0.3 to 46.0.5 in /src/backend (#11285)
Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.3 to 46.0.5.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/46.0.3...46.0.5)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.5
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-11 15:24:21 +11:00
Oliver 1c1933b694
[enhancements] Stock tracking enhancements (#11260)
* Data migrations for StockItemTracking

- Propagate the 'part' links

* Enable filtering of stock tracking entries by part

* Enable filtering by date range

* Display stock tracking for part

* Table enhancements

* Bump API version

* Display stock item column

* Ensure 'quantity' is recorded for stock tracking entries

* Add new global settings

* Adds background task for deleting old stock tracking entries

* Docs updates

* Enhanced docs

* Cast quantity to float

* Rever data migration

* Ensure part link gets created

* Improved prefetch for API

* Playwright testing

* Tweak unit test thresholds

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-02-10 21:54:35 +11:00
Oliver 613ed40843
[UI] Build updates (#11274)
* Hide "child build orders" for builds without any subassemblies

* Hide "build stock" button for inactive build orders
2026-02-10 12:00:06 +11:00
Joe Rogers 3c44787dc0
Add missing part/stocktake nullable annotations for schema (#11266)
* Add missing nullable annotations for schema

* Bump schema version
2026-02-10 09:53:56 +11:00
Jacob Felknor 026011131e
change role for allocation table multiselect (#11264) 2026-02-10 09:53:29 +11:00
Matthias Mair 232cc08ddc
bump django due to... all the releases vulns (#11265) 2026-02-07 11:22:46 +11:00
Oliver 2429bc2192
[build] Check for allocated items which are in production (#11263) 2026-02-06 17:46:24 +11:00
Oliver 9bb431dd2f
UI documentation (#11262)
* Rough in UI docs

* Fix links

* Table documentation

* Forms

* search

* Notifications
2026-02-06 16:56:49 +11:00
Oliver b4eeba5e31
[enhancement] Stocktake updates (#11257)
* Allow part queryset to be passed to 'perform_stocktake' function

* Add new options to perform_stocktake

* Allow download of part stocktake snapshot data

* API endpoint for generating a stocktake entry

* Simplify code

* Generate report output

* Dashboard stocktake widget

- Generate stocktake snapshot from the dashboard

* Force stocktake entry for part

* Add docs

* Cleanup docs

* Update API version

* Improve efficiency of stocktake generation

* Error handling

* Add simple playwright test

* Fix typing
2026-02-06 10:21:30 +11:00
Oliver 2c59c165ba
[UI] Add plugin website (#11255)
- To plugin table
- To plugin detail drawer
2026-02-05 18:26:25 +11:00
Oliver 8f27063e40
[UI] Fix SupplierPartTable (#11253)
* [UI] Fix SupplierPartTable

- Ensure manufacturer_part_detail is fetched too

* Updated playwright tests
2026-02-04 17:18:24 +11:00
dependabot[bot] 6a5f01ae57
chore(deps-dev): bump pip from 25.3 to 26.0 in /src/backend (#11248)
* chore(deps-dev): bump pip from 25.3 to 26.0 in /src/backend

Bumps [pip](https://github.com/pypa/pip) from 25.3 to 26.0.
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/pip/compare/25.3...26.0)

---
updated-dependencies:
- dependency-name: pip
  dependency-version: '26.0'
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

* also bump in normal reqs

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-02-04 12:41:37 +11:00
github-actions[bot] 11f3493d0a
New Crowdin translations by GitHub Action (#11243)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-02-03 15:39:51 +11:00
Oliver a5b6e4eda3
[UI] Indicate over-allocation (#11247)
- Display red text when stock item is over-allocated
2026-02-03 15:39:44 +11:00
Oliver 05b8c812f5
[API] BOM active filter (#11242)
* Add 'sub_part_active' filter for BOM list

* Add UI filter

* Bump API version
2026-02-03 09:11:57 +11:00
Matthias Mair 619da6e619
refactor(frontend): load server and auth info in paralell (#11245) 2026-02-03 08:16:17 +11:00
github-actions[bot] 02b10ccd75
New Crowdin translations by GitHub Action (#11240)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-02-02 22:13:57 +11:00
Matthias Mair e6077565c5
refactor(backend): SSO registration cleanup (#11239)
* add more debugging and remove possible problematic inheritance

* remove unused functions

* remove extra conversion

* ensure cirrect type is used

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-02-02 13:14:06 +11:00
github-actions[bot] e1a45ec289
New Crowdin translations by GitHub Action (#11193)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-02-01 23:51:25 +11:00
Oliver c8c6a6af5f
[API] Allow sorting of test results by start/finish time (#11232)
* [API] Allow sorting of test results by start/finish time

- Bring API in line with UI expectation

* Bump API version

* Allow ordering by "test_station" field

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-02-01 22:01:31 +11:00
Matthias Mair 5d34bd1ea6
chore(backend): sync protobuff version (#11234)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-02-01 22:01:21 +11:00
Oliver 94be4ebb26
[UI] Bug fix for test result table (#11236)
* [UI] Bug fix for test result table

- Do not retain test choices when selecting a new test

* Remove quick-pass action if test has defined choices
2026-02-01 21:21:38 +11:00
Oliver 218e492a9d
Fix spelling error (#11230)
* Fix spelling error

* Fix another simple typo

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-02-01 20:57:21 +11:00
dependabot[bot] b240e006fd
chore(deps): bump protobuf from 6.33.4 to 6.33.5 in /src/backend (#11231)
Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 6.33.4 to 6.33.5.
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

---
updated-dependencies:
- dependency-name: protobuf
  dependency-version: 6.33.5
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-01 17:33:00 +11:00
Oliver 26ba24374e
[UI] Fix datetime field (#11229)
* [UI] Fix datetime field

- Fixes bug in UI which prevented "datetime" fields from working
- Specifically, the "time" portion was removed and set to 00:00

* Display seconds
2026-02-01 17:32:43 +11:00
dependabot[bot] 72f4e172b3
chore(deps): bump the dependencies group across 2 directories with 22 updates (#11227)
* chore(deps): bump the dependencies group across 2 directories with 22 updates

Bumps the dependencies group with 1 update in the /docs directory: [mkdocstrings[python]](https://github.com/mkdocstrings/mkdocstrings).
Bumps the dependencies group with 21 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [gunicorn](https://github.com/benoitc/gunicorn) | `23.0.0` | `24.0.0` |
| [blessed](https://github.com/jquast/blessed) | `1.25.0` | `1.27.0` |
| [boto3](https://github.com/boto/boto3) | `1.42.24` | `1.42.33` |
| [botocore](https://github.com/boto/botocore) | `1.42.24` | `1.42.33` |
| [django-dbbackup](https://github.com/Archmonger/django-dbbackup) | `5.1.1` | `5.1.2` |
| [dulwich](https://github.com/dulwich/dulwich) | `0.25.1` | `1.0.0` |
| [fido2](https://github.com/Yubico/python-fido2) | `2.0.0` | `2.1.1` |
| [jmespath](https://github.com/jmespath/jmespath.py) | `1.0.1` | `1.1.0` |
| [markdown](https://github.com/Python-Markdown/markdown) | `3.10` | `3.10.1` |
| [packaging](https://github.com/pypa/packaging) | `25.0` | `26.0` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `6.33.2` | `6.33.4` |
| [pycparser](https://github.com/eliben/pycparser) | `2.23` | `3.0` |
| [python-fsutil](https://github.com/fabiocaccamo/python-fsutil) | `0.15.0` | `0.16.0` |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | `2.49.0` | `2.50.0` |
| [tinycss2](https://github.com/Kozea/tinycss2) | `1.4.0` | `1.5.1` |
| [wcwidth](https://github.com/jquast/wcwidth) | `0.2.14` | `0.3.1` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.3` | `2.0.1` |
| [build](https://github.com/pypa/build) | `1.3.0` | `1.4.0` |
| [django-stubs](https://github.com/sponsors/typeddjango) | `5.2.8` | `5.2.9` |
| [django-stubs-ext](https://github.com/sponsors/typeddjango) | `5.2.8` | `5.2.9` |
| [identify](https://github.com/pre-commit/identify) | `2.6.15` | `2.6.16` |



Updates `mkdocstrings[python]` from 1.0.0 to 1.0.1
- [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases)
- [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mkdocstrings/mkdocstrings/compare/1.0.0...1.0.1)

Updates `gunicorn` from 23.0.0 to 24.0.0
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](https://github.com/benoitc/gunicorn/compare/23.0.0...24.0.0)

Updates `blessed` from 1.25.0 to 1.27.0
- [Release notes](https://github.com/jquast/blessed/releases)
- [Changelog](https://github.com/jquast/blessed/blob/master/docs/history.rst)
- [Commits](https://github.com/jquast/blessed/compare/1.25...1.27)

Updates `boto3` from 1.42.24 to 1.42.33
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](https://github.com/boto/boto3/compare/1.42.24...1.42.33)

Updates `botocore` from 1.42.24 to 1.42.33
- [Commits](https://github.com/boto/botocore/compare/1.42.24...1.42.33)

Updates `django-dbbackup` from 5.1.1 to 5.1.2
- [Release notes](https://github.com/Archmonger/django-dbbackup/releases)
- [Changelog](https://github.com/Archmonger/django-dbbackup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Archmonger/django-dbbackup/compare/5.1.1...5.1.2)

Updates `dulwich` from 0.25.1 to 1.0.0
- [Release notes](https://github.com/dulwich/dulwich/releases)
- [Changelog](https://github.com/jelmer/dulwich/blob/main/NEWS)
- [Commits](https://github.com/dulwich/dulwich/compare/dulwich-0.25.1...dulwich-1.0.0)

Updates `fido2` from 2.0.0 to 2.1.1
- [Release notes](https://github.com/Yubico/python-fido2/releases)
- [Changelog](https://github.com/Yubico/python-fido2/blob/main/NEWS)
- [Commits](https://github.com/Yubico/python-fido2/compare/2.0.0...2.1.1)

Updates `jmespath` from 1.0.1 to 1.1.0
- [Changelog](https://github.com/jmespath/jmespath.py/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/jmespath/jmespath.py/compare/1.0.1...1.1.0)

Updates `markdown` from 3.10 to 3.10.1
- [Release notes](https://github.com/Python-Markdown/markdown/releases)
- [Changelog](https://github.com/Python-Markdown/markdown/blob/master/docs/changelog.md)
- [Commits](https://github.com/Python-Markdown/markdown/compare/3.10.0...3.10.1)

Updates `packaging` from 25.0 to 26.0
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pypa/packaging/compare/25.0...26.0)

Updates `protobuf` from 6.33.2 to 6.33.4
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

Updates `pycparser` from 2.23 to 3.0
- [Release notes](https://github.com/eliben/pycparser/releases)
- [Commits](https://github.com/eliben/pycparser/compare/release_v2.23...release_v3.00)

Updates `python-fsutil` from 0.15.0 to 0.16.0
- [Release notes](https://github.com/fabiocaccamo/python-fsutil/releases)
- [Changelog](https://github.com/fabiocaccamo/python-fsutil/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fabiocaccamo/python-fsutil/compare/0.15.0...0.16.0)

Updates `sentry-sdk` from 2.49.0 to 2.50.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.49.0...2.50.0)

Updates `tinycss2` from 1.4.0 to 1.5.1
- [Release notes](https://github.com/Kozea/tinycss2/releases)
- [Changelog](https://github.com/Kozea/tinycss2/blob/main/docs/changelog.rst)
- [Commits](https://github.com/Kozea/tinycss2/compare/v1.4.0...v1.5.1)

Updates `wcwidth` from 0.2.14 to 0.3.1
- [Release notes](https://github.com/jquast/wcwidth/releases)
- [Commits](https://github.com/jquast/wcwidth/compare/0.2.14...0.3.1)

Updates `wrapt` from 1.17.3 to 2.0.1
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](https://github.com/GrahamDumpleton/wrapt/compare/1.17.3...2.0.1)

Updates `build` from 1.3.0 to 1.4.0
- [Release notes](https://github.com/pypa/build/releases)
- [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pypa/build/compare/1.3.0...1.4.0)

Updates `django-stubs` from 5.2.8 to 5.2.9
- [Commits](https://github.com/sponsors/typeddjango/commits)

Updates `django-stubs-ext` from 5.2.8 to 5.2.9
- [Commits](https://github.com/sponsors/typeddjango/commits)

Updates `identify` from 2.6.15 to 2.6.16
- [Commits](https://github.com/pre-commit/identify/compare/v2.6.15...v2.6.16)

---
updated-dependencies:
- dependency-name: mkdocstrings[python]
  dependency-version: 1.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: gunicorn
  dependency-version: 24.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: blessed
  dependency-version: 1.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: boto3
  dependency-version: 1.42.33
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: botocore
  dependency-version: 1.42.33
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-dbbackup
  dependency-version: 5.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: dulwich
  dependency-version: 1.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: fido2
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: jmespath
  dependency-version: 1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: markdown
  dependency-version: 3.10.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: packaging
  dependency-version: '26.0'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: protobuf
  dependency-version: 6.33.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pycparser
  dependency-version: '3.0'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: python-fsutil
  dependency-version: 0.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.50.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: tinycss2
  dependency-version: 1.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: wcwidth
  dependency-version: 0.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: wrapt
  dependency-version: 2.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: build
  dependency-version: 1.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: django-stubs
  dependency-version: 5.2.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-stubs-ext
  dependency-version: 5.2.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: identify
  dependency-version: 2.6.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-02-01 17:01:27 +11:00
Tom Murray d00d472d35
Patch Sales Order line items progress bar to count fully allocated line items (#11102)
* Added "allocated_lines" to the backend and frontend tables

* Remove incorrectly added UI panels from Sales Order Detail

* bump api version

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2026-01-30 10:42:30 +11:00
Matthias Mair e554cf2a58
feat(frontend): disable_theme_storage (#11208)
* feat(frontend): disable_theme_storage

* bump API version

* fix access pattern
2026-01-29 20:50:05 +11:00
Matthias Mair 620e69be4d
feat(backend): extend schema intro (#10628)
* small refactor

* add inventree vendor extension

* bump api version

* Add control over schema to settings

* add more details

* disable config as requested

* adjust 3.14 diff

* cleanup diff

* add docs on the new feature

* revert bumping of api version - there is no cahnge by default
2026-01-29 16:31:58 +11:00
Jacob Felknor 0d80d495cc
split assign batch code and assign serial numbers in po receive (#11213) 2026-01-29 10:19:34 +11:00
Matthias Mair ec10c1ef1b
fix deps (#11219) 2026-01-29 10:17:36 +11:00
Matthias Mair c7a0da1a68
feat: matrix testing for python 3.14 (#10904)
* feat: matrix testing

* remove unneeded args

* remove hashes for now

* remove require-hashes for now

* try manually fixing cffi for now

* remove wrong cache syntax

* remove cache for now

* move to 3.14?

* make version specific install req

* re-add hashes

* Revert "remove require-hashes for now"

This reverts commit 7a7e12130a.

* also compile requirements-dev

* move more install commands

* fix generation setting

* more logging

* remove cache exception

* remove cffi fix

* remove hash inforcement for now

* remove dev for now

* default to 3.14 to val

* Revert "default to 3.14 to val"

This reverts commit 7a28e46604.

* fix constraints

* remove pin requirement from plugins.txt

* do not use uv for now

* do not use uv for now

* fix test file format

* revert small change

* use 3.14 for benchmarks

* keep tests on 3.11

* use invoke for install

* try 3.14 for performance testing again

* prolong time for slower CI on 3.14

* adjust dep versions

* Keep performance ci on 3.12

Updated the Python version in the QC checks workflow.
2026-01-28 13:17:51 +11:00
Matthias Mair 8cec42c266
bump react-router-dom (#11210) 2026-01-27 20:01:53 +11:00
Jacob Felknor df90934f0c
Stock Tracking - Add Old Status to Deltas (#11179)
* match custom status tracking entry in edit

* add old_status to stockitemtracking

* test old_status tracking

* use vars for readability

* split custom status test

* move custom status from fixture to setup

* add old status to tracking table

* fallback to logical status if custom removed

* avoid shared deltas reference in loop

* track old status in stock add/remove/count/transfer

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-01-27 18:44:28 +11:00
dependabot[bot] 67c67a1650
chore(deps): bump pypdf from 6.6.0 to 6.6.2 in /src/backend (#11207)
* chore(deps): bump pypdf from 6.6.0 to 6.6.2 in /src/backend

Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.6.0 to 6.6.2.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.6.0...6.6.2)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.6.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-01-27 12:45:40 +11:00
Sam W ec60a37cd1
[UI] Add notification dot to all notes panel tabs when there's a note (#11195)
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-01-27 11:55:54 +11:00
dependabot[bot] 89ff4be082
chore(deps): bump wheel from 0.45.1 to 0.46.2 in /src/backend (#11197)
* chore(deps): bump wheel from 0.45.1 to 0.46.2 in /src/backend

Bumps [wheel](https://github.com/pypa/wheel) from 0.45.1 to 0.46.2.
- [Release notes](https://github.com/pypa/wheel/releases)
- [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst)
- [Commits](https://github.com/pypa/wheel/compare/0.45.1...0.46.2)

---
updated-dependencies:
- dependency-name: wheel
  dependency-version: 0.46.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* bump wheel verywhere

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-01-27 11:41:01 +11:00
dependabot[bot] 4e5921277a
chore(deps): bump the dependencies group across 1 directory with 4 updates (#11149)
* chore(deps): bump the dependencies group across 1 directory with 4 updates

Bumps the dependencies group with 4 updates in the /src/backend directory: [django-dbbackup](https://github.com/Archmonger/django-dbbackup), [django-oauth-toolkit](https://github.com/django-oauth/django-oauth-toolkit), [dulwich](https://github.com/dulwich/dulwich) and [sentry-sdk](https://github.com/getsentry/sentry-python).


Updates `django-dbbackup` from 5.1.0 to 5.1.1
- [Release notes](https://github.com/Archmonger/django-dbbackup/releases)
- [Changelog](https://github.com/Archmonger/django-dbbackup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Archmonger/django-dbbackup/compare/5.1.0...5.1.1)

Updates `django-oauth-toolkit` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/django-oauth/django-oauth-toolkit/releases)
- [Changelog](https://github.com/django-oauth/django-oauth-toolkit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/django-oauth/django-oauth-toolkit/compare/3.1.0...3.2.0)

Updates `dulwich` from 0.25.0 to 0.25.1
- [Release notes](https://github.com/dulwich/dulwich/releases)
- [Changelog](https://github.com/jelmer/dulwich/blob/main/NEWS)
- [Commits](https://github.com/dulwich/dulwich/compare/dulwich-0.25.0...dulwich-0.25.1)

Updates `sentry-sdk` from 2.48.0 to 2.49.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.48.0...2.49.0)

---
updated-dependencies:
- dependency-name: django-dbbackup
  dependency-version: 5.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-oauth-toolkit
  dependency-version: 3.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: dulwich
  dependency-version: 0.25.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.49.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* add new model for new oauth toolkit variant

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2026-01-27 11:40:31 +11:00
Matthias Mair 060e917fc9
fix (backend): finer grained registration control for Single Sign On (#11190)
* finer grained registration control for Single Sign On
Fixes #11162

* fix for python 3.11
2026-01-22 23:36:34 +11:00
Oliver ec2bf23627
[UI] Fix broken links (#11189) 2026-01-22 19:06:36 +11:00
github-actions[bot] 7f3c86163d
New Crowdin translations by GitHub Action (#11158)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-01-22 19:06:17 +11:00
Oliver 3343514631
Improved handling for non-git-repo in docker mode (#11187)
- Handle error condition caused by loading order of operations
2026-01-22 12:30:08 +11:00
Oliver 64acdd6ccf
[bug] Fix "can_build" quantity (#11185)
- Ignore virtual parts when considering "can_build" quantity
- Closes https://github.com/inventree/InvenTree/issues/11182
2026-01-22 12:14:35 +11:00
Oliver 00c36e9366
Stock status fix (#11183)
* Fill in default value

* Ensure status values are converted to integer in set_status

* Updated unit testing

* Additional unit testing
2026-01-22 11:46:36 +11:00
dependabot[bot] d43c4e08f0
chore(deps): bump lodash from 4.17.21 to 4.17.23 in /src/frontend (#11184)
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.21...4.17.23)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-22 11:22:02 +11:00
Oliver e025180242
Sort by ipn (#11177)
* Enable sorting by IPN in BOM table

* Ordering by IPN in build line table

* Bump API version
2026-01-21 17:01:24 +11:00
Oliver c15805db67
[UI] Sort category by path (#11170)
- Enable category table sorting by "pathstring"
2026-01-20 15:33:39 +11:00
Sam W 6311f75201
[ui] Show generated serial numbers as placeholder when receving stock (#11147) 2026-01-20 07:54:07 +11:00
Philipp Fruck 2b091832d0
fix(auth): Use correct data for SSO group sync (#11164)
https://docs.allauth.org/en/latest/release-notes/recent.html#id18
Since django-allauth 65.11.0 (InvenTree v1.1.X), the extra_data
is divided into separate userinfo and id_token objects
2026-01-20 07:49:48 +11:00
Oliver 56719655b3
Fix typos identified by translators (#11157)
* Fix typos identified by translators

* bump api version

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2026-01-18 10:45:46 +11:00
Oliver 75121c068e
Enable export of supplier price break data (#11153)
* Enable export of supplier price break data

* Bump API version
2026-01-17 23:23:15 +11:00
Oliver 31f32c3753
[UI] Fix "assign to customer" (#11151)
- Hide if base part is not salable
- Closes https://github.com/inventree/InvenTree/issues/11134
2026-01-17 21:18:28 +11:00
github-actions[bot] 4ad241ce47
New Crowdin translations by GitHub Action (#11121)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-01-17 19:15:05 +11:00