Commit Graph

169 Commits

Author SHA1 Message Date
Matthias Mair 5d21bf2679
feat(backend)!: bump to dj 5.2 lts / py 3.11 (#10730)
* feat(backend): bump to 5.2 lts / python 3.11

This will give us support till 2027-10 (PEP 664)

* bump dependencies

* fix dflt version

* remove 3.9 precaution

* changes for 5.2

* changes for py 3.10

* debug command

* lower crypto again

* another lowering

* fix version string

* lower minimum version to 3.11

* update refs

* fix text

* reaking: remove now unsupported OS

* disable break

* remove temp changes

* fix ruff call

* fix remaining ruff warnings

* remove old arg

* lower allauth reqs

* replace old method

* fix issue with args passing beeing depreceated

* add changelog entries

* bump dependencies a bit further

* fix broken image init for now
might need a refactor

* fix another test

* refactor image name lookup

* mroe refactoring

* ensure str does not cause an issue

* update referenced function

* fix cal sig

* simplify method and add test

* refactor

* ignore wrong typings

* fix deprecated feature

* simplify

* ensure image tests do their job

* simplify

* re-add type check

* fix test

* fix assertations - wonder how long this was broken

* bump to newer versions

* bump deps

* fix assertation
2025-11-11 11:45:25 +11:00
dependabot[bot] 726e852b7b
chore(deps): bump django from 4.2.25 to 4.2.26 in /src/backend (#10781)
* chore(deps): bump django from 4.2.25 to 4.2.26 in /src/backend

Bumps [django](https://github.com/django/django) from 4.2.25 to 4.2.26.
- [Commits](https://github.com/django/django/compare/4.2.25...4.2.26)

---
updated-dependencies:
- dependency-name: django
  dependency-version: 4.2.26
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

* also bump docker version

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-11-08 22:08:11 +01:00
Matthias Mair e1bf67b32c
fix: typo ins installer stops script from working (#10744) 2025-11-03 10:31:52 +11:00
Matthias Mair d7daf660ef
fix uv (#10742)
https://github.com/inventree/InvenTree/security/dependabot/248
2025-11-03 09:35:35 +11:00
Matthias Mair f47a1a4675
refactor(backend): switch to empty buildpack for package, extend supported OS versions (#10705)
* bump vers

* fix ssl?

Added build dependencies for libbz2, libffi, and libssl.

* try empty buildpack

* clean up

* fix ref

* remove things we now do not need anymore

* add 22.04 as a target

* cleanup installer

* add changelog entry

* add dotenv

* update skript

* make task more robust for package usage

* ensure we have a site-url set

* fix style

* fix syntax
2025-10-29 11:26:40 +11:00
dependabot[bot] ac5909f943
chore(deps): bump the dependencies group across 3 directories with 5 updates (#10667)
* chore(deps): bump the dependencies group across 3 directories with 5 updates

Bumps the dependencies group with 1 update in the /contrib/dev_reqs directory: [jc](https://github.com/kellyjonbrazil/jc).
Bumps the dependencies group with 2 updates in the /docs directory: [mkdocs-material](https://github.com/squidfunk/mkdocs-material) and [mkdocs-mermaid2-plugin](https://github.com/fralau/mkdocs-mermaid2-plugin).
Bumps the dependencies group with 2 updates in the /src/backend directory: [grpcio](https://github.com/grpc/grpc) and [sentry-sdk](https://github.com/getsentry/sentry-python).


Updates `jc` from 1.25.5 to 1.25.6
- [Release notes](https://github.com/kellyjonbrazil/jc/releases)
- [Changelog](https://github.com/kellyjonbrazil/jc/blob/master/CHANGELOG)
- [Commits](https://github.com/kellyjonbrazil/jc/compare/v1.25.5...v1.25.6)

Updates `mkdocs-material` from 9.6.21 to 9.6.22
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.6.21...9.6.22)

Updates `mkdocs-mermaid2-plugin` from 1.2.2 to 1.2.3
- [Release notes](https://github.com/fralau/mkdocs-mermaid2-plugin/releases)
- [Changelog](https://github.com/fralau/mkdocs-mermaid2-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fralau/mkdocs-mermaid2-plugin/compare/v1.2.2...v1.2.3)

Updates `grpcio` from 1.75.1 to 1.76.0
- [Release notes](https://github.com/grpc/grpc/releases)
- [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md)
- [Commits](https://github.com/grpc/grpc/compare/v1.75.1...v1.76.0)

Updates `sentry-sdk` from 2.42.0 to 2.42.1
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.42.0...2.42.1)

---
updated-dependencies:
- dependency-name: jc
  dependency-version: 1.25.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-material
  dependency-version: 9.6.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-mermaid2-plugin
  dependency-version: 1.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: grpcio
  dependency-version: 1.76.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.42.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-10-27 18:58:31 +11:00
Matthias Mair a02d1011e7
chores(backend): bump various deps (#10624)
* bump various deps

* align helpers deps

* revert allauth change

* fix style

* bump allauth too

* bum api version as there is a small allauth change
2025-10-21 06:54:40 +11:00
Oliver f9ce9e20b2
Fixes for SITE_URL validity checks (#10619)
* [docker] Allow HTTPS port to be specified for Caddy proxy

* Fix naming collision for INVENTREE_WEB_PORT

* Push InvenTree version first

* Adjust Caddyfile

- Change backup server

* Fix docstring

* Tweak for site URL check:

- Ignore port if SITE_LAX_PROTOCOL_CHECK is set
- Invert logic for readability

* Additional checks for port mismatch

* Adjust middleware checks

- Allow for less strict checking of CSRF_TRUSTED_ORIGINS

* Slight refactor
2025-10-20 16:05:37 +11:00
Matthias Mair 874be9920d
Setup: allow more python versions (#10615)
* extend supported python versions

* bump max python
2025-10-19 06:07:27 +11:00
dependabot[bot] 835e9e2556
chore(deps): bump the dependencies group across 3 directories with 10 updates (#10482)
* chore(deps): bump the dependencies group across 3 directories with 10 updates

Bumps the dependencies group with 1 update in the /contrib/dev_reqs directory: [pyyaml](https://github.com/yaml/pyyaml).
Bumps the dependencies group with 3 updates in the /docs directory: [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin), [mkdocs-macros-plugin](https://github.com/fralau/mkdocs_macros_plugin) and [mkdocs-material](https://github.com/squidfunk/mkdocs-material).
Bumps the dependencies group with 6 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [pyyaml](https://github.com/yaml/pyyaml) | `6.0.2` | `6.0.3` |
| [django-oauth-toolkit](https://github.com/django-oauth/django-oauth-toolkit) | `3.0.1` | `3.1.0` |
| [docutils](https://github.com/rtfd/recommonmark) | `0.22.1` | `0.22.2` |
| [grpcio](https://github.com/grpc/grpc) | `1.75.0` | `1.75.1` |
| [pypdf](https://github.com/py-pdf/pypdf) | `6.0.0` | `6.1.1` |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | `2.38.0` | `2.39.0` |



Updates `pyyaml` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/6.0.2...6.0.3)

Updates `pyyaml` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/6.0.2...6.0.3)

Updates `mkdocs-include-markdown-plugin` from 7.1.8 to 7.2.0
- [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases)
- [Commits](https://github.com/mondeja/mkdocs-include-markdown-plugin/compare/v7.1.8...v7.2.0)

Updates `mkdocs-macros-plugin` from 1.3.9 to 1.4.0
- [Release notes](https://github.com/fralau/mkdocs_macros_plugin/releases)
- [Changelog](https://github.com/fralau/mkdocs-macros-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fralau/mkdocs_macros_plugin/compare/v1.3.9...v1.4.0)

Updates `mkdocs-material` from 9.6.20 to 9.6.21
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.6.20...9.6.21)

Updates `pyyaml` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/6.0.2...6.0.3)

Updates `django-oauth-toolkit` from 3.0.1 to 3.1.0
- [Release notes](https://github.com/django-oauth/django-oauth-toolkit/releases)
- [Changelog](https://github.com/django-oauth/django-oauth-toolkit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/django-oauth/django-oauth-toolkit/compare/3.0.1...3.1.0)

Updates `docutils` from 0.22.1 to 0.22.2
- [Changelog](https://github.com/readthedocs/recommonmark/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rtfd/recommonmark/commits)

Updates `grpcio` from 1.75.0 to 1.75.1
- [Release notes](https://github.com/grpc/grpc/releases)
- [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md)
- [Commits](https://github.com/grpc/grpc/compare/v1.75.0...v1.75.1)

Updates `pypdf` from 6.0.0 to 6.1.1
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/6.0.0...6.1.1)

Updates `pyyaml` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/6.0.2...6.0.3)

Updates `sentry-sdk` from 2.38.0 to 2.39.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.38.0...2.39.0)

Updates `setuptools` from 80.9.0 to 
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/setuptools/commits)

---
updated-dependencies:
- dependency-name: pyyaml
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pyyaml
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-include-markdown-plugin
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: mkdocs-macros-plugin
  dependency-version: 1.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: mkdocs-material
  dependency-version: 9.6.21
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pyyaml
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-oauth-toolkit
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: docutils
  dependency-version: 0.22.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: grpcio
  dependency-version: 1.75.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pypdf
  dependency-version: 6.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: pyyaml
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.39.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: setuptools
  dependency-version: 
  dependency-type: direct:production
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2025-10-07 22:51:03 +11:00
Matthias Mair ac6028b871
fix: correct admin credential msg (#10521)
* fix installers final message

* adjust text
2025-10-07 11:09:22 +11:00
Matthias Mair c83a9b01ce
fix: package distribution (#10515)
* show warning text

* fix formatting

* try to gather site-url correctly

* protect envs that are set in the config

* raise issue if they appear

* prefer app setting over file config

* preserve setting if injected via envs
2025-10-07 08:56:08 +11:00
Oliver 946d4358c3
Tweak docker setup (#10490)
- Set default forwarding values
2025-10-05 22:05:16 +11:00
Matthias Mair 16e8f27872
bump contianer / dev dependencies too (#10472)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2025-10-04 22:00:14 +10:00
Matthias Mair c9e74c5910
Adress minor dep issues (#10359)
* fix django version

* bump @vanilla-extract/vite-plugin to adress https://github.com/inventree/InvenTree/security/dependabot/226
2025-09-20 09:13:02 +10:00
Matthias Mair f0beb4a426
fix a few docker security holes (#10260)
* fix no-cache statements

* fix possible security escape

* fix possible globbing

* merge statements that belong together

* pin image
2025-09-04 09:02:17 +10:00
Oliver 085381fa70
Debian docker image (#10227)
* Debian docker image

- Swap from alpine to debian slim-trixie
- Refactor Dockerfile
- Optimize image size
- Reduce @vitejs/plugin-react version

* Remove commented-out lines

* Ensure invoke is installed

* Adjust Dockerfile

* Actually build the python libs

* Adjust dockerfile

* Install git in dev image

* Tweaks
2025-09-03 17:05:03 +10:00
Oliver e9b8c264b1
Update dockerfile (#10225)
* Update dockerfile

Updated dockerfile to provide support for new node LTS

* Tweak plugin-react version

* Fix Dockerfile
2025-08-25 22:50:39 +10:00
dependabot[bot] 0d7e3fa068
chore(deps): bump the dependencies group across 3 directories with 3 updates (#10212)
* chore(deps): bump the dependencies group across 3 directories with 3 updates

Bumps the dependencies group with 1 update in the /contrib/dev_reqs directory: [requests](https://github.com/psf/requests).
Bumps the dependencies group with 2 updates in the /docs directory: [requests](https://github.com/psf/requests) and [mkdocs-material](https://github.com/squidfunk/mkdocs-material).
Bumps the dependencies group with 2 updates in the /src/backend directory: [requests](https://github.com/psf/requests) and [coverage[toml]](https://github.com/nedbat/coveragepy).


Updates `requests` from 2.32.4 to 2.32.5
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.32.4...v2.32.5)

Updates `requests` from 2.32.4 to 2.32.5
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.32.4...v2.32.5)

Updates `mkdocs-material` from 9.6.17 to 9.6.18
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.6.17...9.6.18)

Updates `requests` from 2.32.4 to 2.32.5
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.32.4...v2.32.5)

Updates `coverage[toml]` from 7.10.3 to 7.10.4
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.10.3...7.10.4)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.32.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: requests
  dependency-version: 2.32.5
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-material
  dependency-version: 9.6.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: requests
  dependency-version: 2.32.5
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: coverage[toml]
  dependency-version: 7.10.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-08-23 08:10:42 +10:00
Daniil Chudo 669a155467
fix: The function should return early when in Docker environment (#10178)
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-08-18 11:16:28 +10:00
Matthias Mair 6cb9327a1c
chore(backend): bump deps (#10154)
* bump backend devs

* bump helper-deps
2025-08-17 07:04:44 +10:00
gunstr c8f82d3e90
Update to Bare Metal installation docs (#10086)
* Install PostgreSQL client when needed

* Fix supervisor path to server/worker

* Supervisor IP configuration
2025-07-27 23:40:49 +10:00
dependabot[bot] 8f1f03ed1c
chore(deps): bump the dependencies group across 3 directories with 6 updates (#10035)
* chore(deps): bump the dependencies group across 3 directories with 6 updates

Bumps the dependencies group with 1 update in the /contrib/dev_reqs directory: [jc](https://github.com/kellyjonbrazil/jc).
Bumps the dependencies group with 2 updates in the /docs directory: [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin) and [mkdocs-material](https://github.com/squidfunk/mkdocs-material).
Bumps the dependencies group with 3 updates in the /src/backend directory: [django-allauth[mfa,openid,saml,socialaccount]](https://github.com/sponsors/pennersr), [pypdf](https://github.com/py-pdf/pypdf) and [sentry-sdk](https://github.com/getsentry/sentry-python).


Updates `jc` from 1.25.4 to 1.25.5
- [Release notes](https://github.com/kellyjonbrazil/jc/releases)
- [Changelog](https://github.com/kellyjonbrazil/jc/blob/master/CHANGELOG)
- [Commits](https://github.com/kellyjonbrazil/jc/compare/v1.25.4...v1.25.5)

Updates `mkdocs-include-markdown-plugin` from 7.1.5 to 7.1.6
- [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases)
- [Commits](https://github.com/mondeja/mkdocs-include-markdown-plugin/compare/v7.1.5...v7.1.6)

Updates `mkdocs-material` from 9.6.14 to 9.6.15
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.6.14...9.6.15)

Updates `django-allauth[mfa,openid,saml,socialaccount]` from 65.9.0 to 65.10.0
- [Commits](https://github.com/sponsors/pennersr/commits)

Updates `pypdf` from 5.7.0 to 5.8.0
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/py-pdf/pypdf/compare/5.7.0...5.8.0)

Updates `sentry-sdk` from 2.32.0 to 2.33.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.32.0...2.33.0)

---
updated-dependencies:
- dependency-name: jc
  dependency-version: 1.25.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-include-markdown-plugin
  dependency-version: 7.1.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-material
  dependency-version: 9.6.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django-allauth[mfa,openid,saml,socialaccount]
  dependency-version: 65.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: pypdf
  dependency-version: 5.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-07-22 10:38:34 +10:00
Matthias Mair df6965088f
bump backend deps (#10003) 2025-07-11 08:44:33 +10:00
Matthias Mair 370baeff8b
fix instrumentation code (#9872) 2025-06-26 16:51:50 +10:00
Matthias Mair 797b5f57b0
feat(backend): improve worker tracing (#9808)
* feat(backend): improve worker log

* refactor tracing details

* add tracing to gunicorn setup

* add sqlite tracing

* add system metrics

* instument wsgi

* make dbengine better accessible

* fix instruction

* instrument worker

* track task scheduling

* trace common tasks

* patch in support for django q

* trace various tasks

* add trcing for other dbs

* ignore coverage on tracing stuff

* more ignorance
2025-06-20 09:47:28 +10:00
dependabot[bot] f7c8788ad5
chore(deps): bump urllib3 from 2.4.0 to 2.5.0 in /src/backend (#9809)
* chore(deps): bump urllib3 from 2.4.0 to 2.5.0 in /src/backend

Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/2.4.0...2.5.0)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-version: 2.5.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* bump all instances

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-06-19 10:37:53 +10:00
dependabot[bot] 5915a1e13d
chore(deps): bump requests from 2.32.3 to 2.32.4 in /contrib/dev_reqs (#9765)
* chore(deps): bump requests from 2.32.3 to 2.32.4 in /contrib/dev_reqs

Bumps [requests](https://github.com/psf/requests) from 2.32.3 to 2.32.4.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.32.3...v2.32.4)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.32.4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-06-12 16:39:48 +10:00
Matthias Mair 25d13b4201
chore(backend): remove constraints (#9748)
* remove constraints

* general dep bump

* bump opentelemetry
2025-06-08 09:22:10 +10:00
Oliver a63efc4089
Docker tweaks (#9738)
* Tweak docker compose file

* Tweak docs

* Cleanup docker-compose file
2025-06-05 15:08:51 +10:00
Matthias Mair 7a984f831f
bump backend deps (#9713)
* bump backend deps

* lower xmlsec to fix build

* add permament pin

* lower allauth as there are api changes

* unify dependabot config
2025-06-02 11:26:49 +10:00
Matthias Mair d7c293788b
fix(backend): ensure deps are coupled (#9649)
* fix(backend): ensure deps are coupled

* bump deps

* more constraints

* run dep resolver

* expand resolve even more

* lower lxml / xmlsec

* lower allauth
2025-05-10 22:39:07 +01:00
dependabot[bot] d619932ae4
chore(deps): bump django from 4.2.20 to 4.2.21 in /src/backend (#9648)
* chore(deps): bump django from 4.2.20 to 4.2.21 in /src/backend

Bumps [django](https://github.com/django/django) from 4.2.20 to 4.2.21.
- [Commits](https://github.com/django/django/compare/4.2.20...4.2.21)

---
updated-dependencies:
- dependency-name: django
  dependency-version: 4.2.21
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* adjust setuptools to be equal

* ensure same version is used

* add missing constraint

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-05-09 07:44:57 +01:00
dependabot[bot] 964a14754e
Bump the dependencies group across 1 directory with 2 updates (#9585)
* Bump the dependencies group across 1 directory with 2 updates

Bumps the dependencies group with 2 updates in the /src/backend directory: [django-q2](https://github.com/GDay/django-q2) and [sentry-sdk](https://github.com/getsentry/sentry-python).


Updates `django-q2` from 1.7.6 to 1.8.0
- [Release notes](https://github.com/GDay/django-q2/releases)
- [Changelog](https://github.com/django-q2/django-q2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/GDay/django-q2/compare/v1.7.6...v1.8.0)

Updates `sentry-sdk` from 2.26.1 to 2.27.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.26.1...2.27.0)

---
updated-dependencies:
- dependency-name: django-q2
  dependency-version: 1.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

* sync setuptools

* Add missing API key - see https://github.com/inventree/InvenTree/actions/runs/14673293670/job/41184590051?pr=9585#step:5:1230

* fix this call too

* add an easier to debug assert

* ensure token is set

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2025-04-26 10:01:38 +10:00
Matthias Mair 8bb03b7afd
feat(backend): add oauth2 (#9333)
* feat(backend): add oauth2

* fix import

* Add inventree roles

* refactor to make lookup more efficient

* fix single scope definitions

* cleanup

* fix schema

* reduce auth methods

* fix OAuth validator

* re-enable token and basic auth again

* Add models to role mapping

* change scope args

* add debug step for schema generation

* add oauth config for schema generation

* improve token -> permission mapping

* fix req

* extend checks to ensure normal auth also passes

* fix api version

* fix ignore

* fix rule name

* bump api version

* remove old modelref

* move scope definition

* make test results easier to work with

* add tests to ensure scopes are in sync with rulesets

* fix docstring

* fix various permissions and their mapping to oauth

* refactor

* simplify

* fix permission mapping

* ignore failure cases

* fix unauthenticated access

* flag oAuth2 till it is done

* Add OIDC support

* add RSA key generation and docs

* fix test

* move imports

* update ignore

* feat(backend): Add API Schema stats

* add scope stats

* fix name

* fix scope output

* feat(backend): test custom command

* add warning for unknown scopes

* reduce diff in launch.json

* cleanup  diff

* add error code for ruleset / scope issues

* update structure

* add oauth docs

* add experimetnal feature docs

* simplify metadata endpoint

* add importer model

* refactor(backend): simplify metadata endpoint

* fix imports

* simplify even more

* remove unneeded schema tooling

* fix permission mappings

* fix testing

* fix role calculations

* fix mapping

* remove importer change to unblock this

* remove importer scope everywhere

* fix merge conflict in test

* add missing models

* fix api version

* fix OASToken matcher

* revert permission class change

* reduce size of test log by writing schema

* fix permissions

* fix file path

* extend schema to remove need for TokenMatchesOASRequirements

* cleanup permissions file

* add base object permission
2025-04-18 19:27:32 +10:00
Matthias Mair 2712f30382
fix: ci security issues (#9451)
* fix possible code injection errors

* pin n
2025-04-04 09:04:06 +11:00
Oliver b116e09717
Docker updates (#9414)
* Typo fix

* Examples to .env file
2025-03-31 07:45:53 +11:00
Oliver 99ec486b79
[Docker] Update node version (#9383)
* Update node version

* Install nvm

* Use n instead of nvm

* Use same approach in devcontainer

* nvm -> npm

* Split commands

* Fix typo

* Workaround : install bash

* Tweak playwright tests

* Bump number of retries

* Update deps

* Only one worker

* SEcurity fix

* Adjust
2025-03-27 01:25:58 +11:00
Matthias Mair 9bc0d599bc
chore: improve ci security (#9384)
* pin docker files

* pin github actions

* enforce hashes that are already present

* run style checks on cicd changes
2025-03-26 13:04:45 +11:00
Matthias Mair 2bc2cb6363
chore: bump container deps (#9329) 2025-03-18 08:08:48 +11:00
Oliver 191c0b1007
Docker Compose Fix (#9311)
* Fix postgres version in docker-compose file

- Pin to version 16
- Compatible with the alpine image

* Add check for backup and restore procedures
2025-03-16 10:43:40 +11:00
Oliver 15ad62494f
[Docker] Alpine image fix (#9118)
* Revert to alpine3:20 / postgres:16

* Remove old hack

- No longer needed as we are using python 3.11

* Update package requirements for devcontainer

Also fixes some docker warnings from the alpine Dockerfile

* Specify SITE_URL

* Reduce log output during docker image testing
2025-02-21 18:02:39 +11:00
Oliver 6f939931ca
Docker postgres fix (#9041)
* Update docker image

- Move from alpine 3.19 to alpine 3.21
- Move from postgres13_client to postgres17_client

* Update docker-compose file

- Move from postgres:13 to postgres:16
- Move from redis:7.0 to redis:7-alpine

* Update docs

* Update docker docs

* Separate Dockerfile for devcontainer

- Debian based (python3.11-bookworm)
- Install essential system packages

* Instal postgres client

* Further devcontainer updates

- Bump postgresql image from 13 to 15
- Store psql data in the dev/psql directory
- Install required frontend packages

* Use --host mode for frontend server

* Tweak devcontainer docs

* Bump pre commit config file

* Revert "Bump pre commit config file"

This reverts commit bbfd875ac8.
2025-02-15 08:00:12 +11:00
Matthias Mair a3be8e986b
chore(contrib): include pkg source in pkg logging (#9035)
* fix(backend): wrong path for version was used

* chore(contrib): Include Pkg source in pkg logging
2025-02-06 09:17:42 +11:00
Matthias Mair 73b46c1c15
bump python deps (#9032) 2025-02-05 09:20:29 +11:00
Matthias Mair c57b51cb0e
chore(backend): bump deps (#8905)
* bump backend reqs

* raq down cryptography

* fix req

* bump api version
2025-01-19 17:50:22 +11:00
Matthias Mair 64b9365947
chore: bump pre commit (#8904)
* bump pre-commit

* auto-fixes

* ignore error

* fix a few more issues

* fix pattern
2025-01-18 09:38:00 +11:00
Oliver 0614f01247
Docker fix (#8835)
* Fix server command in Dockerfile

* Ensure invoke is installed into the venv

* Run extra check in docker build step

* Improve documentation

* Intercept ModuleNotFoundError

- Clear error message

* Docs updates

* Add extra check to dev docker build

* Cleanup tasks.py

* Prevent double activation of venv

* Change order of operations

---------

Co-authored-by: Matthias Mair <code@mjmair.com>
2025-01-06 09:46:16 +11:00
Oliver decccf8163
Fix for buggy Caddyfile (#8830) 2025-01-05 22:18:24 +11:00
Matthias Mair d7939efaa9
Fix package install in envs using python lower than 3.12 on debian like OSs (#8793)
* do not install with uv for now - fixes #8789
#8742 #8495 #8494

* Ensure errors are raised if install / update fails
2024-12-31 23:13:35 +11:00
Oliver 74cd0b9aed
Update .env file (#8799)
* Update .env file

- No functional changes
- Improved file comments

* Update .env

Improved comment
2024-12-31 14:44:34 +11:00
Oliver ecc1c937ed
Caddyfile documentation (#8798)
* basic mixin file

* Add basic check for model type support

* Enhanced documentation for Caddyfile

* Additional documentation around proxy server

* Remove code from other PR
2024-12-31 13:35:51 +11:00
Matthias Mair dd83735710
Fix vulnerable dependencies (#8655)
* bump container reqs

* bump vul frontend dep

* fix tests
2024-12-12 08:38:11 +11:00
dependabot[bot] 893a54c38a
Bump the dependencies group across 2 directories with 3 updates (#8621)
* Bump the dependencies group across 2 directories with 3 updates

Bumps the dependencies group with 1 update in the /contrib/dev_reqs directory: [jc](https://github.com/kellyjonbrazil/jc).
Bumps the dependencies group with 2 updates in the /docs directory: [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin) and [mkdocs-material](https://github.com/squidfunk/mkdocs-material).


Updates `jc` from 1.25.3 to 1.25.4
- [Release notes](https://github.com/kellyjonbrazil/jc/releases)
- [Changelog](https://github.com/kellyjonbrazil/jc/blob/master/CHANGELOG)
- [Commits](https://github.com/kellyjonbrazil/jc/compare/v1.25.3...v1.25.4)

Updates `mkdocs-include-markdown-plugin` from 7.1.1 to 7.1.2
- [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases)
- [Commits](https://github.com/mondeja/mkdocs-include-markdown-plugin/compare/v7.1.1...v7.1.2)

Updates `mkdocs-material` from 9.5.46 to 9.5.47
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.46...9.5.47)

---
updated-dependencies:
- dependency-name: jc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-include-markdown-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-12-03 09:08:27 +11:00
Matthias Mair 594dc49b84
Bump backend deps (#8559)
* bump backend deps

* bump api
2024-11-26 09:25:06 +11:00
Matthias Mair 0f194af585
Fix spelling of InvenTree in code base (#8561)
* fix spelling of InvenTree in code

* fix spelling in frontend
2024-11-26 08:29:47 +11:00
Oliver 33a686ace8
Enable redis by default for docker setup (#8501)
* Enable redis by default for docker setup

* Bring cache up before server
2024-11-17 00:14:30 +11:00
Matthias Mair 8d27144f78
bump container deps (#8337) 2024-10-23 09:52:35 +11:00
Oliver d75ef7c9c9
Revert int.worker to worker (#8126)
- Prevent existing docker compose installs from breaking
2024-09-16 11:07:24 +10:00
Matthias Mair 360171fac5
use uv for install (#8082) 2024-09-08 09:12:57 +10:00
Matthias Mair 3d9db2543d
Packager: easier to parse debug messages (#8083)
* Add new version to logging

* Add easier to search logging

* shorten appended string

* make migrations that run on fresh installs easier to read
2024-09-06 07:33:59 +10:00
Matthias Mair e3205184be
Add namespaces to tasks (#7904)
* Namespaces for invoke tasks
Fixes #7852

* adjust various places that call re-namespaced tasks

* use full invoke command
easier for future refactors

* fix call name

* move worker to int

* adapt calls in tasks

* fix changed path

* ignore localhost links

* Avoid using internal names
2024-09-05 13:04:57 +10:00
Matthias Mair 3951b3f56e
Fix package upgrade process (#8034)
* ensure site_url is preserved

* check if clear-generated is available
2024-08-30 09:06:32 +10:00
Matthias Mair d647471588
Chore: Bump python requirements (#7961)
* bump requirements

* lower bound on pydyf
2024-08-23 23:03:31 +00:00
dependabot[bot] 8a52bd60af
Bump the dependencies group across 2 directories with 3 updates (#7861)
* Bump the dependencies group across 2 directories with 3 updates

Bumps the dependencies group with 1 update in the /contrib/dev_reqs directory: [pyyaml](https://github.com/yaml/pyyaml).
Bumps the dependencies group with 3 updates in the /docs directory: [pyyaml](https://github.com/yaml/pyyaml), [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin) and [neoteroi-mkdocs](https://github.com/Neoteroi/mkdocs-plugins).


Updates `pyyaml` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/main/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/6.0.1...6.0.2)

Updates `pyyaml` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/main/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/6.0.1...6.0.2)

Updates `mkdocs-include-markdown-plugin` from 6.2.1 to 6.2.2
- [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases)
- [Commits](https://github.com/mondeja/mkdocs-include-markdown-plugin/compare/v6.2.1...v6.2.2)

Updates `neoteroi-mkdocs` from 1.0.5 to 1.1.0
- [Release notes](https://github.com/Neoteroi/mkdocs-plugins/releases)
- [Changelog](https://github.com/Neoteroi/mkdocs-plugins/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Neoteroi/mkdocs-plugins/compare/v1.0.5...v1.1.0)

---
updated-dependencies:
- dependency-name: pyyaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pyyaml
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-include-markdown-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: neoteroi-mkdocs
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-08-19 07:54:26 +10:00
Oliver 70a52c9385
Update default fonts for docker image (#7881)
* Update default fonts for docker image

Ref: https://github.com/inventree/InvenTree/issues/7737

* Remove extra fonts from Dockerfile
2024-08-14 21:16:07 +10:00
Matthias Mair 41f6dd69b8
Adjust docker labels to modern OCI schema (#7773)
* adapt namespace

* add new labels

* make baseimage available for labels

* remove unneeded ending

* ensure image name is correct for ghcrio

* ensure the right outputs are used

* fix reference

* fix assigment

* only push docker reg image if authd

* swith back to env

this gets provided by the version ci script

* make repo targets changeable

* make readable

* revert ghcr.io change
2024-08-11 11:03:18 +10:00
dependabot[bot] a5564090bb
Bump django from 4.2.14 to 4.2.15 in /src/backend (#7827)
* Bump django from 4.2.14 to 4.2.15 in /src/backend

Bumps [django](https://github.com/django/django) from 4.2.14 to 4.2.15.
- [Commits](https://github.com/django/django/compare/4.2.14...4.2.15)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix formatting

* bump everywhere

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-08-08 17:17:51 +10:00
dependabot[bot] 5144b7733a
Bump the dependencies group across 2 directories with 7 updates (#7769)
* Bump the dependencies group across 2 directories with 7 updates

Bumps the dependencies group with 2 updates in the /contrib/dev_reqs directory: [jc](https://github.com/kellyjonbrazil/jc) and [requests](https://github.com/psf/requests).
Bumps the dependencies group with 6 updates in the /docs directory:

| Package | From | To |
| --- | --- | --- |
| [requests](https://github.com/psf/requests) | `2.32.2` | `2.32.3` |
| [mkdocs-git-revision-date-localized-plugin](https://github.com/timvink/mkdocs-git-revision-date-localized-plugin) | `1.2.5` | `1.2.6` |
| [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin) | `6.0.6` | `6.2.1` |
| [mkdocs-material](https://github.com/squidfunk/mkdocs-material) | `9.5.24` | `9.5.30` |
| [mkdocstrings[python]](https://github.com/mkdocstrings/mkdocstrings) | `0.25.1` | `0.25.2` |
| [regex](https://github.com/mrabarnett/mrab-regex) | `2024.5.15` | `2024.7.24` |



Updates `jc` from 1.25.2 to 1.25.3
- [Release notes](https://github.com/kellyjonbrazil/jc/releases)
- [Changelog](https://github.com/kellyjonbrazil/jc/blob/master/CHANGELOG)
- [Commits](https://github.com/kellyjonbrazil/jc/compare/v1.25.2...v1.25.3)

Updates `requests` from 2.32.2 to 2.32.3
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.32.2...v2.32.3)

Updates `requests` from 2.32.2 to 2.32.3
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.32.2...v2.32.3)

Updates `mkdocs-git-revision-date-localized-plugin` from 1.2.5 to 1.2.6
- [Release notes](https://github.com/timvink/mkdocs-git-revision-date-localized-plugin/releases)
- [Commits](https://github.com/timvink/mkdocs-git-revision-date-localized-plugin/compare/v1.2.5...v1.2.6)

Updates `mkdocs-include-markdown-plugin` from 6.0.6 to 6.2.1
- [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases)
- [Commits](https://github.com/mondeja/mkdocs-include-markdown-plugin/compare/v6.0.6...v6.2.1)

Updates `mkdocs-material` from 9.5.24 to 9.5.30
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.24...9.5.30)

Updates `mkdocstrings[python]` from 0.25.1 to 0.25.2
- [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases)
- [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mkdocstrings/mkdocstrings/compare/0.25.1...0.25.2)

Updates `regex` from 2024.5.15 to 2024.7.24
- [Changelog](https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt)
- [Commits](https://github.com/mrabarnett/mrab-regex/compare/2024.5.15...2024.7.24)

---
updated-dependencies:
- dependency-name: jc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: requests
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: requests
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-git-revision-date-localized-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocs-include-markdown-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: mkdocstrings[python]
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: regex
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix req

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-08-04 11:18:57 +10:00
Josip Medved c33e91a42b
Removed obsoleted version element from docker-compose examples (#7760) 2024-07-30 21:12:02 +10:00
Matthias Mair 4edea65e00
Make libffi version more flexible (#7734)
* Make libffi version more flexible
Can not install on debian 12
Fixes #6036

* target v11 packaging on v12 install
we are only targeting one version per debian / ubuntu channel. This should not present a problem
2024-07-25 21:55:49 +10:00
Oliver d5afc37264
Revert postgres version to 13 (#7717)
* Adjust playwright test

* Update docker compose for devcontainer

* Revert docker container changes

* Update notes

* Revert base alpine version
2024-07-24 11:02:25 +10:00
Matthias Mair 0effb44402
Bump docker image alpine base from 3.18 to 3.20 (#7699)
* bump docker image from 3.18 to 3.20

* bump postgres from 13 to 14
2024-07-22 07:46:41 +10:00
Matthias Mair 0f1645e389
Various small packaging fixes (#7686)
* move repo setting for packager to yml

* fix python detection

* fix persistent setting writing (during onboarding)

* clean up OS before uninstalling
2024-07-19 08:49:51 +10:00
Matthias Mair 105dd7152e
Optimize PUI package delivery for package installs (#7655)
* Package frontend in deb

* Add artifact download

* remove 0.8.0 check

* remove array casting

* fix format once more

* another try

* add brackets again

* add version

* and bash

* and shell

* more debuging

* various style fixes

* small fixes

* and ls for prosperity

* debug

* maybe git as source?

* fix download cmd?

* debug a bit

* debug a bit more

* remove sha download - is not working with GHA restrictions

* write version number

* check if a new frontend must be dowloaded

* write versions into frontend packages

* Matmair/issue7338 (#205)

* Package frontend in deb

* Add artifact download

* remove 0.8.0 check

* remove array casting

* fix format once more

* another try

* add brackets again

* add version

* and bash

* and shell

* more debuging

* various style fixes

* small fixes

* and ls for prosperity

* debug

* maybe git as source?

* fix download cmd?

* debug a bit

* debug a bit more

* remove sha download - is not working with GHA restrictions

* write version number

* check if a new frontend must be dowloaded

* write versions into frontend packages

* change ref dir for tests

* add better build logging

* extend task to get ref from package

* fix downloading syntax

* fix name ref

* make more robust

* more logging

* move import

* turn down unzipping noise

* strip content (spaces, newlines)

* add info what happens now

* fix quite flag

* adjust publisher
2024-07-18 15:35:09 +10:00
Matthias Mair dae173e84c
Bump development deps (#7606)
* bump pre-commit

* add config for codespell

* re-add hashes
2024-07-18 09:53:17 +10:00
Matthias Mair 25c91323c9
bump setuptools (#7663)
fixes https://github.com/inventree/InvenTree/security/dependabot/121
2024-07-16 08:33:11 +10:00
Matthias Mair be2beeca61
bumpd django to 4.2.14 (#7620)
Fixes https://github.com/inventree/InvenTree/security/dependabot/116
2024-07-11 16:49:10 +10:00
Matthias Mair 3845260106
Add cleanup task (#7581)
* [FR] Add invoke task to remove compiled files
Fixes #7559

* add optional clear step before install ensuring clean updates

* add pre-install

* Update preinstall.sh

* Update functions.sh

* Update preinstall.sh

* add a generic run helper to ensure commands run from top directory

* use generic run for other helpers
2024-07-09 09:51:52 +10:00
Matthias Mair 473268a10f
Add variable to stop creation of admin account (#7580) 2024-07-08 08:13:04 +10:00
dependabot[bot] 71680f6fc3
Bump certifi from 2024.2.2 to 2024.7.4 in /contrib/dev_reqs (#7568)
* Bump certifi from 2024.2.2 to 2024.7.4 in /contrib/dev_reqs

Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.2.2 to 2024.7.4.
- [Commits](https://github.com/certifi/python-certifi/compare/2024.02.02...2024.07.04)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix style

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-07-06 22:19:36 +10:00
Matthias Mair 720651602b
Package is not checking for already existing installs (#7555)
* rename var

* Single-line installer is not looking for already exsisting installs
Fixes #6891

* move update script up

* fix check

* small syntax fix

* fix missing var assigment

* fix assigment

* better message

* log found settingsmore logging

* also check for 'null'

* fix name confusion
2024-07-05 09:21:07 +10:00
Matthias Mair dc3f2011fd
detect python version for installer (#7547) 2024-07-02 22:38:44 +10:00
Matthias Mair c9e9ef1754
Bump pre commit versions (#7255)
* bump pre-commit tools

* move uv config to pyproject

* style fix

* bump pre-commit deps again

* add config for code spell

* spelling fixes

* bump regex

* bump pre-commit

* bump versions again

* roll back regex version

* reverse uv bump

* compile for 3.12

* use 3.12 for ci

* remove unused env vars

* only cache main version

* set caching dep path

* remove caching distinction

* pip installl regex

* switch back to 3.9 default

* remove install test

* reset versions

* remove tomli

* Update playwright.config.ts

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2024-06-25 20:52:34 +10:00
dependabot[bot] 2cb5df288e
Bump urllib3 from 2.2.1 to 2.2.2 in /contrib/dev_reqs (#7467)
* Bump urllib3 from 2.2.1 to 2.2.2 in /contrib/dev_reqs

Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/2.2.1...2.2.2)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix reqs file

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-06-22 08:35:35 +10:00
Matthias Mair 960c27b142
fix: Add installer check for python version (#7440)
* fix: Add installer check for python version

Closes #7439
Closes #7437
Closes #7377

* fix error message

* Add color
2024-06-14 08:25:58 +10:00
Oliver cdac7465b2
Cache updates (#7388)
* Add redis container to development setup

* Improve configurability of global cache:

- Push configuration into separate file

* Settings cache default depends on global cache configuration

* Update docker compose file

* Remove debug flag

* Allow caching for registry checks

* Cleanup docstring

* Adjust defautl behaviour

* Update docs for caching

* Adjust default docker compose file

* Update docs for devcontainer

* Cleanup config template file

* Update docker docs

* Update cache behaviour
2024-06-02 21:43:31 +10:00
Matthias Mair bdebf878c3
Fixes for installer (#7344)
* - move reqs file to contrib
- detect previously used python version
- safe extra requirements to INSTALLER_EXTRA

* add missing fi

* move site setting
2024-05-27 17:49:05 +10:00
Philipp Fruck b26640fb36
fix: SELinux labels for Caddyfile (#7261) 2024-05-20 07:56:31 +10:00
Oliver 2265055785
Docker fix (#7228)
* Copy requirements file

* Test more files when building docker image

* Refactor install task

* Raise exception

* Run install task

* Fix typos

- The tests work!
2024-05-15 09:19:35 +10:00
Oliver 6a9d833251
Nginx example (#7207)
* Add sample nginx config file

- Taken from 0.13.x branch

* Add alternative setup for nginx

* Add brief note in the docs
2024-05-13 14:15:45 +10:00
Matthias Mair 7e9d2f79ab
[PUI] More style fixes (#7142)
* fix interface names

* use Readonly for props

* fix typescript:S3863

* require hashes in package installer too
2024-04-30 19:24:52 +10:00
Matthias Mair 83191d3fbf
Improve reproduciblity of image (#7120)
* hard-pin doc requirements

* update docs and commands

* hard pin container requirements

* check hashes in image build

* remove seperate uv install (is in base_requirements)

* containers already ships 3.11 - adjust packaging

* move build deps to general ci requirements

* install yarn using native tools

Closes https://github.com/inventree/InvenTree/security/code-scanning/95
Closes https://github.com/inventree/InvenTree/security/code-scanning/96

* merge install steps

* adapt install command args to be similar

* adapt docs to suggest safer install arg

* fix install path

* update dependabot settings
2024-04-29 11:04:45 +10:00
Matthias Mair 938c724395
Pin hashes in requirements (#7081)
* use global pin for requests

* unify on yaml for workflo files

* format workflow files

* pin action versions

* fix pinned version

* use system venv

* switch args

* remove uv for now and add setting for pyyaml

* use requirements file

* also switch on docker flow

* generate hashes

* added hashes to reqs

* add hashes for CI too

* add hash checking

* require hashes everywhere possible

* require hashes where possible in docker
2024-04-23 17:15:52 +10:00
dependabot[bot] df5fcf7d62
Bump gunicorn from 21.2.0 to 22.0.0 in /src/backend (#7054)
* Bump gunicorn from 21.2.0 to 22.0.0 in /src/backend

Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 21.2.0 to 22.0.0.
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](https://github.com/benoitc/gunicorn/compare/21.2.0...22.0.0)

---
updated-dependencies:
- dependency-name: gunicorn
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* req fix

* bump versions everywhere

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-04-17 16:39:18 +10:00
Oliver cdeaa81295
Fix CMD for production docker image (#6960) 2024-04-05 11:30:45 +11:00
Oliver 6730cdbccf
[Docker] Fix broken production image (#6953)
* Check for presense of manage.py

* Fix directory copying
2024-04-04 23:55:55 +11:00
Matthias Mair 85e672831b
Some small style fixes (#6916)
* fix dockerfile syntax

* remove unused import

* Merge unnecessary if statements

* fix PUI package name

* remove unused vars

* Remove unneeded pass

* merge if to reduce likelyhood of future errors

* add ignroe script to secure against shell scripts

* fix possible collisions

* export strings

* fix types
2024-04-03 19:26:03 +11:00
Matthias Mair 0bace3f3af
Code structure refactor (#5582)
* moved docker files to /contrib/container

* changed code owners to make more precise

* updated CI to use new subdirs

* added manual trigger for testing

* moved ci files

* moved assets into subdir

* moved deploy template file to contrib

* moved django files to src/backend

* updated paths in scripts etc

* updated reqs path

* fixed version file path

* fixed flake8 path

* fixed path to node ressources

* fixed task paths

* added dep path for node

* removed unused yarn lockfile

* removed unused ci script

* updated internal backend paths for tasks

* updated translation stats path

* fixed source path for coverage

* fixed main commit repo path

* fit in changes from testing

* gather packager improvements (#149)

* Matmair/issue5578 (#143)

* moved docker files to /contrib/container

* changed code owners to make more precise

* updated CI to use new subdirs

* added manual trigger for testing

* moved ci files

* moved assets into subdir

* moved deploy template file to contrib

* moved django files to src/backend

* updated paths in scripts etc

* updated reqs path

* fixed version file path

* fixed flake8 path

* fixed path to node ressources

* fixed task paths

* added dep path for node

* removed unused yarn lockfile

* removed unused ci script

* updated internal backend paths for tasks

* updated translation stats path

* fixed source path for coverage

* fixed main commit repo path

* fix docker path

* use project dir

* move project dir command

* fixed docker paths

* another fix?

* seperate tasks out

* remove tasks

* some debugging

* ci: add .deepsource.toml

* Update .deepsource.toml

* also ignore migrations

* more debugging

* fix path issues

* remove debug script

* fix style

* change locale path

* Fixed paths for requirements

* Added dummy requirements to fool packager

* fixed exec path

* remove deepsource

---------

Co-authored-by: deepsource-io[bot] <42547082+deepsource-io[bot]@users.noreply.github.com>

* Added docs for file structure

* Fixed style errors

* updated deepsource paths

* fix deepsource paths

* fixed reqs

* merge fixes

* move newly added dirs too

* fix reqs files

* another dep fix

* merge upstream/master

* revert removal of tags

* merge upstream

* enabled detection of old config files

* adapt coverage src

* also detect and support old location for plugins.txt

* style fix

* fix ~/init.sh location

* fix requirements path

* fix config to current master

* move new folders

* fix import order

* fix paths for qc_check

* fix docs build

* fix fix path

* set docker project dir

* just use a cd

* set image path?

* set file correct

* fix copy path

* fix tasks dir

* fix init path

* fix copy path

* set prject dir

* fix paths

* remove old prod files

* fix dev env path

* set docker file

* Fix devcontainer docker compose file

* fix login attempt values

* fix init.sh path

* Fix pathing for Docker

* Docker build fix

- Set INVENTREE_BACKEND_DIR separately

* Update init.sh

* Fix path

* Update requirements.txt

* merge

* fix rq merge

* fix docker compose usage

---------

Co-authored-by: deepsource-io[bot] <42547082+deepsource-io[bot]@users.noreply.github.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2024-04-03 12:16:59 +11:00
Matthias Mair 4db61df8cd
Security improvements (#6890)
* Set write permissions at job level

* publish scorecard results

* Update scorecard.yml

* Update scorecard.yml

* Create .sonarcloud.properties

* Delete .deepsource.toml

* replace badge

* pin requests, pyyaml, jc

* pin yarn version

* pin uv

* reduce settings

* set test path
2024-04-02 17:35:01 +11:00