Commit Graph

131 Commits

Author SHA1 Message Date
Matthias Mair
182bc29053
Add db an media backups (#3783)
* [FR] Add backup into inventrees lifecycle
Fixes #3778

* Add env to testing enviros

* block backup from running app commands

* Add more commands

* fix postgres version

* Update used env

* add daily task to run backups

* add installer changes
2022-10-17 00:09:31 +11:00
Matthias Mair
fccbcad63f
Update deps to newest releases (#3782)
* update django to newest release

* security update for oauthlib

* Update possible deps
2022-10-13 11:07:06 +11:00
Oliver
69c3e5e222
Remove hidden characters from form fields (#3597)
* Remove control and non-printable characters from form fields (server side)

* Update regex to properly filter out control characters only

* Add regex lib to requirements flie

* Fix regex in javascript (client side)

* add required unicode flag
2022-08-24 15:12:02 +10:00
Oliver
87e7112326
Fix weasyprint version (#3539)
* Pin weasyprint version

- Revert to 54.3
- Fixes https://github.com/inventree/InvenTree/issues/3528

* Simplify label printing for multiple pages

* Simplify PDF generation for multiple report outputs

* Add content wrapper div for base label template

- Allows more extensibility
2022-08-15 11:27:27 +10:00
Matthias Mair
12a321ed4f
Depenency updates (#3472)
* update requirements

* automate everything
2022-08-06 09:26:27 +10:00
Oliver
67732f8f81
Remove custom 2FA code (#3300)
* Update django-allauth-2fa to latest version

* Remove custom view / form for removing token

* Revert "2FA disable" view to custom view

- Allows specification of custom redirect URL
2022-07-11 10:26:41 +10:00
Oliver
412fdf246a
Bump django version (#3299) 2022-07-06 10:10:09 +10:00
Oliver
830ecd5677
Update package requirements for docker (#3285)
* Include cargo / rustc in the docker image

- Otherwise cryptography library seems to fail

* Revert cryptography lib to older version

- New version requires rust, adds ~300MB to the image size!
2022-07-03 21:44:40 +10:00
Oliver
efbef2dc90
Pin django-stdimage to sub 6.0.0 (#3273)
* Pin django-stdimage to sub 6.0.0

- 6.0.0 breaks model serialization for background worker task
- NFI why it does this

* Fix requirements file

* remove windows deps. and append requirements

* Add unit tests for encoding and offloading tasks

Co-authored-by: Matthias <code@mjmair.com>
2022-06-29 20:47:06 +10:00
Matthias Mair
cf70e4220f
Update requirements (#3228)
* Remove stat context variables

* Revert "Remove stat context variables"

This reverts commit 0989c308d0.

* remove old backport

* move requirements

* move isort

* move migrations-tests

* add pip-tools as req and add hook

* Use hashes and also run when txt files are added

* Update to hashes in requirements

* update requirements install path

* remove allauth-2fa for a test

* install dev-requirements

* re-enable allauth

* remove hashes from pre normal setup

* Remove version bindings if they are the laest

* move depencies to upper bound

* fix django-money

* remove windows specific requirements

* also install dependencies

* update markdownify

* remove django-admin-shell

* remove unneeded packages

* add docs

* remove pins and fix pre-commit pipeline

* pin django-money

* really remove admin shell

* return default behaviour for money serializer

* pip fix

* update filter name

* set decimal for output

* add migrations

* pin coveralls

* update requirements

Co-authored-by: Oliver Walters <oliver.henry.walters@gmail.com>
2022-06-28 22:12:00 +10:00
Matthias Mair
7283197bac
MFA remove improvement (#3239)
* temporary fix for GHSA-8j76-mm54-52xq

* return to setting afterwards
2022-06-23 12:21:10 +10:00
Oliver
63b4ff3eb6
Remove reliance on django-markdownx (#3231)
* Remove reliance on django-markdownx

- We are now rendering notes on the client side using easymde
- No longer any need to utilize the markdownx integration
- Adds character limit for notes fields`

* Adjust legacy migrations - remove references to markdownx

* Fix bug for company notes field
2022-06-20 22:20:04 +10:00
Oliver
18cf92ec8b
Update django-allauth to 0.48.0 (#3217)
* Update django-allauth to 0.48.0

* Update allauth settings
2022-06-18 12:30:59 +10:00
Oliver
0d01ea2f2e
Auth forms fix (#3214)
* Improvement and consolidation of various auth forms

* Update "disable 2FA" page to use form fields

Note: Requires merging of https://github.com/valohai/django-allauth-2fa/pull/135

* Update django-allauth-2fa requirements
2022-06-17 11:33:45 +10:00
Matthias Mair
90aa7b8444
Sentry (#3174)
* Add sentry for optional error reporting
Closes https://github.com/inventreedb/org/issues/3
Heavily inspired by https://github.com/netbox-community/netbox/issues/9340

* do not consider optional stuff in coverage

* Add DSN for inventree org

Co-authored-by: Oliver Walters <oliver.henry.walters@gmail.com>
2022-06-11 23:13:13 +10:00
dependabot[bot]
bc8777f93c
Bump pillow from 9.1.0 to 9.1.1 (#3113)
Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.1.0 to 9.1.1.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/9.1.0...9.1.1)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-02 10:40:43 +10:00
Oliver
b9fd263899
Docker improvements (#3042)
* Simplified dockerfile

- Changed from alpine to python:slim
- Removed some database libs (because we *connect* to a db, not host it)

* - Add gettext as required package
- Only create inventree user as part of production build (leave admin access for dev build)

* Tweaks for tasks.py

* Fix user permissions (drop to inventree user)

* Drop to the 'inventree' user level as part of init.sh

- As we have mounted volumes at 'run time' we need to ensure that the inventree user has correct permissions!
- Ref: https://stackoverflow.com/questions/39397548/how-to-give-non-root-user-in-docker-container-access-to-a-volume-mounted-on-the

* Adjust user setup

- Only drop to non-root user as part of "production" build
- Mounted external volumes make it tricky when in the dev build
- Might want to revisit this later on

* More dockerfile changes

- reduce required system packages
-

* Add new docker github workflow

* Print some more debug

* GITHUB_BASE_REF

* Add gnupg to base requirements

* Improve debug output during testing

* Refactoring updates for label printing API

- Update weasyprint version to 55.0
- Generate labels as pdf files
- Provide filename to label printing plugin
- Additional unit testing
- Improve extraction of some hidden debug data during TESTING
- Fix a spelling mistake (notifaction -> notification)

* Working on github action

* More testing

* Add requirement for pdf2image

* Fix label printing plugin and update unit testing

* Add required packages for CI

* Move docker files to the top level directory

- This allows us to build the production image directly from soure
- Don't need to re-download the source code from github
- Note: The docker install guide will need to be updated!

* Fix for docker ci file

* Print GIT SHA

* Bake git information into the production image

* Add some exta docstrings to dockerfile

* Simplify version check script

* Extract git commit info

* Extract docker tag from check_version.py

* Newline

* More work on the docker workflow

* Dockerfile fixes

- Directory / path issues

* Dockerfile fixes

- Directory / path issues

* Ignore certain steps on a pull request

* Add poppler-utils to CI

* Consolidate version check into existing CI file

* Don't run docker workflow on pull request

* Pass docker image tag through to the build

Also check .j2k files

* Add supervisord.conf example file back in

* Remove --no-cache-dir option from pip install
2022-05-29 09:40:37 +10:00
Matthias
3fd5761089
Merge branch 'master' of https://github.com/inventree/InvenTree into devOps 2022-05-18 23:39:58 +02:00
Oliver Walters
dc2351748c Merge remote-tracking branch 'inventree/master' into webp-support 2022-05-17 18:48:19 +10:00
Matthias
545756eacb
add docstring testing 2022-05-16 01:20:04 +02:00
Matthias
af6eac8cc9
Add isort 2022-05-16 01:12:19 +02:00
Matthias
f1553337f7
add pre-commit 2022-05-16 00:15:25 +02:00
Oliver Walters
495798dc98 Install libwebp-dev as part of dockerfile 2022-05-15 23:20:12 +10:00
Kalman Rozsahegyi
32febb010c Fix a wrong merge in requirements.txt 2022-04-28 22:15:11 +02:00
Kalman Rozsahegyi
9e1a143132 Merge branch 'master' into feat-qr-scanner 2022-04-28 22:14:11 +02:00
Kalman Rozsahegyi
5b5a39568b Merge branch 'master' into feat-qr-scanner 2022-04-28 22:09:01 +02:00
Oliver
27c807492d Security patch for django 2022-04-21 11:45:09 +10:00
Oliver Walters
7c126ed712 Added x_forwarded_for middleware
Used to extract remote client IP (when behind balancer / proxy / etc)
2022-04-19 21:19:25 +10:00
Oliver Walters
9e59d90e0e Pin bleach package version
(cherry picked from commit 7af9e9123e)
2022-04-10 20:24:41 +10:00
Kálmán Rózsahegyi
84717f8103 Add secure development server in DEBUG mode 2022-03-26 19:41:51 +01:00
dependabot[bot]
4d2d001879
Bump pillow from 9.0.0 to 9.0.1
Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.0.0 to 9.0.1.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/9.0.0...9.0.1)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-11 23:46:05 +00:00
Oliver
9ad0b66ebc Update base django version 2022-02-10 13:13:51 +11:00
dependabot[bot]
1927daa56d
Bump django from 3.2.10 to 3.2.11
Bumps [django](https://github.com/django/django) from 3.2.10 to 3.2.11.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.10...3.2.11)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-13 02:26:20 +00:00
dependabot[bot]
f997e092b1
Bump pillow from 8.3.2 to 9.0.0
Bumps [pillow](https://github.com/python-pillow/Pillow) from 8.3.2 to 9.0.0.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/8.3.2...9.0.0)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-13 01:11:42 +00:00
Oliver
11d3cd3c0c Change dev environment setup to use postgresql
- sqlite causes too many errors
- fix requirements file
- fixes for docker setup
- A lot of concurrency issues
- Bite the bullet, time to go!
2021-12-21 00:34:23 +11:00
dependabot[bot]
f9b1305f9c
Bump django from 3.2.5 to 3.2.10
Bumps [django](https://github.com/django/django) from 3.2.5 to 3.2.10.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.5...3.2.10)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-12 10:06:07 +00:00
Matthias
3a3f8ba4ef
Merge branch 'master' of https://github.com/inventree/InvenTree into matmair/issue2201 2021-12-08 18:31:33 +01:00
Matthias
0f0460f8ea
merge 2021-12-02 17:24:07 +01:00
Matthias Mair
11e527a02a
Merge branch 'inventree:master' into plugin-2037 2021-12-02 09:23:05 +01:00
Matthias
db1a434f81
[FR] User sessions
Fixes #2327
2021-11-26 23:56:24 +01:00
Matthias
eee9047818
[FR] Two-Factor Authentication
Fixes #2201
2021-11-19 23:48:12 +01:00
Matthias
a95b298c62
Merge branch 'master' of https://github.com/inventree/InvenTree into plugin-2037 2021-11-18 11:37:11 +01:00
Oliver
c0f5205570 Pin markdown package version 2021-11-17 10:56:39 +11:00
Matthias
b783ec566c
add maintenance mode 2021-11-15 22:07:30 +01:00
Matthias
b54f9c9c13
provide backport for 3.7 2021-11-04 10:24:05 +01:00
Matthias
aa7b78f41d
Adding in MFA
Fixes #2201
2021-10-27 21:35:00 +02:00
Nigel
0997ba2eb4
Sort requirements.txt 2021-10-14 14:38:31 -06:00
Oliver
7d88cbe27e Tag specific version of cryptography 2021-10-14 09:25:00 +11:00
Matthias Mair
44c5003839
Merge branch 'inventree:master' into fr-1421-sso 2021-09-24 00:32:38 +02:00
dependabot[bot]
1d85ccd543
Build(deps): Bump django from 3.2.4 to 3.2.5
Bumps [django](https://github.com/django/django) from 3.2.4 to 3.2.5.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.4...3.2.5)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-22 17:46:34 +00:00