Commit Graph

121 Commits

Author SHA1 Message Date
Matthias Mair
7283197bac
MFA remove improvement (#3239)
* temporary fix for GHSA-8j76-mm54-52xq

* return to setting afterwards
2022-06-23 12:21:10 +10:00
Oliver
63b4ff3eb6
Remove reliance on django-markdownx (#3231)
* Remove reliance on django-markdownx

- We are now rendering notes on the client side using easymde
- No longer any need to utilize the markdownx integration
- Adds character limit for notes fields`

* Adjust legacy migrations - remove references to markdownx

* Fix bug for company notes field
2022-06-20 22:20:04 +10:00
Oliver
18cf92ec8b
Update django-allauth to 0.48.0 (#3217)
* Update django-allauth to 0.48.0

* Update allauth settings
2022-06-18 12:30:59 +10:00
Oliver
0d01ea2f2e
Auth forms fix (#3214)
* Improvement and consolidation of various auth forms

* Update "disable 2FA" page to use form fields

Note: Requires merging of https://github.com/valohai/django-allauth-2fa/pull/135

* Update django-allauth-2fa requirements
2022-06-17 11:33:45 +10:00
Matthias Mair
90aa7b8444
Sentry (#3174)
* Add sentry for optional error reporting
Closes https://github.com/inventreedb/org/issues/3
Heavily inspired by https://github.com/netbox-community/netbox/issues/9340

* do not consider optional stuff in coverage

* Add DSN for inventree org

Co-authored-by: Oliver Walters <oliver.henry.walters@gmail.com>
2022-06-11 23:13:13 +10:00
dependabot[bot]
bc8777f93c
Bump pillow from 9.1.0 to 9.1.1 (#3113)
Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.1.0 to 9.1.1.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/9.1.0...9.1.1)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-02 10:40:43 +10:00
Oliver
b9fd263899
Docker improvements (#3042)
* Simplified dockerfile

- Changed from alpine to python:slim
- Removed some database libs (because we *connect* to a db, not host it)

* - Add gettext as required package
- Only create inventree user as part of production build (leave admin access for dev build)

* Tweaks for tasks.py

* Fix user permissions (drop to inventree user)

* Drop to the 'inventree' user level as part of init.sh

- As we have mounted volumes at 'run time' we need to ensure that the inventree user has correct permissions!
- Ref: https://stackoverflow.com/questions/39397548/how-to-give-non-root-user-in-docker-container-access-to-a-volume-mounted-on-the

* Adjust user setup

- Only drop to non-root user as part of "production" build
- Mounted external volumes make it tricky when in the dev build
- Might want to revisit this later on

* More dockerfile changes

- reduce required system packages
-

* Add new docker github workflow

* Print some more debug

* GITHUB_BASE_REF

* Add gnupg to base requirements

* Improve debug output during testing

* Refactoring updates for label printing API

- Update weasyprint version to 55.0
- Generate labels as pdf files
- Provide filename to label printing plugin
- Additional unit testing
- Improve extraction of some hidden debug data during TESTING
- Fix a spelling mistake (notifaction -> notification)

* Working on github action

* More testing

* Add requirement for pdf2image

* Fix label printing plugin and update unit testing

* Add required packages for CI

* Move docker files to the top level directory

- This allows us to build the production image directly from soure
- Don't need to re-download the source code from github
- Note: The docker install guide will need to be updated!

* Fix for docker ci file

* Print GIT SHA

* Bake git information into the production image

* Add some exta docstrings to dockerfile

* Simplify version check script

* Extract git commit info

* Extract docker tag from check_version.py

* Newline

* More work on the docker workflow

* Dockerfile fixes

- Directory / path issues

* Dockerfile fixes

- Directory / path issues

* Ignore certain steps on a pull request

* Add poppler-utils to CI

* Consolidate version check into existing CI file

* Don't run docker workflow on pull request

* Pass docker image tag through to the build

Also check .j2k files

* Add supervisord.conf example file back in

* Remove --no-cache-dir option from pip install
2022-05-29 09:40:37 +10:00
Matthias
3fd5761089
Merge branch 'master' of https://github.com/inventree/InvenTree into devOps 2022-05-18 23:39:58 +02:00
Oliver Walters
dc2351748c Merge remote-tracking branch 'inventree/master' into webp-support 2022-05-17 18:48:19 +10:00
Matthias
545756eacb
add docstring testing 2022-05-16 01:20:04 +02:00
Matthias
af6eac8cc9
Add isort 2022-05-16 01:12:19 +02:00
Matthias
f1553337f7
add pre-commit 2022-05-16 00:15:25 +02:00
Oliver Walters
495798dc98 Install libwebp-dev as part of dockerfile 2022-05-15 23:20:12 +10:00
Kalman Rozsahegyi
32febb010c Fix a wrong merge in requirements.txt 2022-04-28 22:15:11 +02:00
Kalman Rozsahegyi
9e1a143132 Merge branch 'master' into feat-qr-scanner 2022-04-28 22:14:11 +02:00
Kalman Rozsahegyi
5b5a39568b Merge branch 'master' into feat-qr-scanner 2022-04-28 22:09:01 +02:00
Oliver
27c807492d Security patch for django 2022-04-21 11:45:09 +10:00
Oliver Walters
7c126ed712 Added x_forwarded_for middleware
Used to extract remote client IP (when behind balancer / proxy / etc)
2022-04-19 21:19:25 +10:00
Oliver Walters
9e59d90e0e Pin bleach package version
(cherry picked from commit 7af9e9123e)
2022-04-10 20:24:41 +10:00
Kálmán Rózsahegyi
84717f8103 Add secure development server in DEBUG mode 2022-03-26 19:41:51 +01:00
dependabot[bot]
4d2d001879
Bump pillow from 9.0.0 to 9.0.1
Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.0.0 to 9.0.1.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/9.0.0...9.0.1)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-11 23:46:05 +00:00
Oliver
9ad0b66ebc Update base django version 2022-02-10 13:13:51 +11:00
dependabot[bot]
1927daa56d
Bump django from 3.2.10 to 3.2.11
Bumps [django](https://github.com/django/django) from 3.2.10 to 3.2.11.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.10...3.2.11)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-13 02:26:20 +00:00
dependabot[bot]
f997e092b1
Bump pillow from 8.3.2 to 9.0.0
Bumps [pillow](https://github.com/python-pillow/Pillow) from 8.3.2 to 9.0.0.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/8.3.2...9.0.0)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-13 01:11:42 +00:00
Oliver
11d3cd3c0c Change dev environment setup to use postgresql
- sqlite causes too many errors
- fix requirements file
- fixes for docker setup
- A lot of concurrency issues
- Bite the bullet, time to go!
2021-12-21 00:34:23 +11:00
dependabot[bot]
f9b1305f9c
Bump django from 3.2.5 to 3.2.10
Bumps [django](https://github.com/django/django) from 3.2.5 to 3.2.10.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.5...3.2.10)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-12 10:06:07 +00:00
Matthias
3a3f8ba4ef
Merge branch 'master' of https://github.com/inventree/InvenTree into matmair/issue2201 2021-12-08 18:31:33 +01:00
Matthias
0f0460f8ea
merge 2021-12-02 17:24:07 +01:00
Matthias Mair
11e527a02a
Merge branch 'inventree:master' into plugin-2037 2021-12-02 09:23:05 +01:00
Matthias
db1a434f81
[FR] User sessions
Fixes #2327
2021-11-26 23:56:24 +01:00
Matthias
eee9047818
[FR] Two-Factor Authentication
Fixes #2201
2021-11-19 23:48:12 +01:00
Matthias
a95b298c62
Merge branch 'master' of https://github.com/inventree/InvenTree into plugin-2037 2021-11-18 11:37:11 +01:00
Oliver
c0f5205570 Pin markdown package version 2021-11-17 10:56:39 +11:00
Matthias
b783ec566c
add maintenance mode 2021-11-15 22:07:30 +01:00
Matthias
b54f9c9c13
provide backport for 3.7 2021-11-04 10:24:05 +01:00
Matthias
aa7b78f41d
Adding in MFA
Fixes #2201
2021-10-27 21:35:00 +02:00
Nigel
0997ba2eb4
Sort requirements.txt 2021-10-14 14:38:31 -06:00
Oliver
7d88cbe27e Tag specific version of cryptography 2021-10-14 09:25:00 +11:00
Matthias Mair
44c5003839
Merge branch 'inventree:master' into fr-1421-sso 2021-09-24 00:32:38 +02:00
dependabot[bot]
1d85ccd543
Build(deps): Bump django from 3.2.4 to 3.2.5
Bumps [django](https://github.com/django/django) from 3.2.4 to 3.2.5.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.4...3.2.5)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-22 17:46:34 +00:00
Oliver
20788bb559 Bump pillow version for security fix 2021-09-08 13:02:49 +10:00
Oliver
84528df6f8 Re-add gunicorn to requirements file 2021-09-08 08:01:05 +10:00
Matthias
1311558cac
add in SSO for #1421 2021-08-24 19:12:43 +02:00
Oliver
c2af401854 Pin base python package requirements
- Require invoke to be installed before we can run "invoke update"
2021-08-18 12:03:24 +10:00
Oliver
7df4451c08 Move some core pypi deps into requirements file 2021-08-12 22:06:47 +10:00
Oliver
fa6daeb679 Pin weasyprint version to 52.5 2021-08-05 10:30:38 +10:00
dependabot[bot]
0bc190bca5
Build(deps): Bump django from 3.2.2 to 3.2.4
Bumps [django](https://github.com/django/django) from 3.2.2 to 3.2.4.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.2...3.2.4)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-10 17:36:17 +00:00
dependabot[bot]
6e2abc4cde
Build(deps): Bump django from 3.2.1 to 3.2.2
Bumps [django](https://github.com/django/django) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.1...3.2.2)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-09 17:26:23 +00:00
dependabot[bot]
2a059f345e
Build(deps): Bump pillow from 8.1.1 to 8.2.0
Bumps [pillow](https://github.com/python-pillow/Pillow) from 8.1.1 to 8.2.0.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/master/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/8.1.1...8.2.0)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-08 19:49:34 +00:00
Oliver
172700da10 Update django-import-export to 2.5.0
- Fixes an export error introduced after updating to latest django
2021-06-07 00:12:52 +10:00