dependabot[bot]
0c30f7cc99
Bump the dependencies group with 2 updates ( #7925 )
...
Bumps the dependencies group with 2 updates: [docker/build-push-action](https://github.com/docker/build-push-action ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `docker/build-push-action` from 6.6.1 to 6.7.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](16ebe778df...5cd11c3a4c
)
Updates `github/codeql-action` from 3.26.0 to 3.26.3
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](eb055d739a...883d8588e5
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-20 09:38:02 +10:00
dependabot[bot]
3f2e47497c
Bump the dependencies group with 4 updates ( #7860 )
...
Bumps the dependencies group with 4 updates: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ), [docker/build-push-action](https://github.com/docker/build-push-action ), [actions/upload-artifact](https://github.com/actions/upload-artifact ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `sigstore/cosign-installer` from 3.5.0 to 3.6.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](59acb6260d...4959ce089c
)
Updates `docker/build-push-action` from 6.5.0 to 6.6.1
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](5176d81f87...16ebe778df
)
Updates `actions/upload-artifact` from 4.3.5 to 4.3.6
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](89ef406dd8...834a144ee9
)
Updates `github/codeql-action` from 3.25.15 to 3.26.0
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](afb54ba388...eb055d739a
)
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-13 09:43:07 +10:00
Matthias Mair
41f6dd69b8
Adjust docker labels to modern OCI schema ( #7773 )
...
* adapt namespace
* add new labels
* make baseimage available for labels
* remove unneeded ending
* ensure image name is correct for ghcrio
* ensure the right outputs are used
* fix reference
* fix assigment
* only push docker reg image if authd
* swith back to env
this gets provided by the version ci script
* make repo targets changeable
* make readable
* revert ghcr.io change
2024-08-11 11:03:18 +10:00
dependabot[bot]
3733e8a417
Bump the dependencies group across 1 directory with 5 updates ( #7811 )
...
Bumps the dependencies group with 5 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) | `3.5.0` | `3.6.1` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact ) | `4.3.4` | `4.3.5` |
| [oasdiff/oasdiff-action](https://github.com/oasdiff/oasdiff-action ) | `205ce7e2c5ae1511e720cbd307cae79fd7d4a909` | `a2ff6682b27d175162a74c09ace8771bd3d512f8` |
| [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) | `2.3.3` | `2.4.0` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `3.25.13` | `3.25.15` |
Updates `docker/setup-buildx-action` from 3.5.0 to 3.6.1
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](aa33708b10...988b5a0280
)
Updates `actions/upload-artifact` from 4.3.4 to 4.3.5
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](0b2256b8c0...89ef406dd8
)
Updates `oasdiff/oasdiff-action` from 205ce7e2c5ae1511e720cbd307cae79fd7d4a909 to a2ff6682b27d175162a74c09ace8771bd3d512f8
- [Release notes](https://github.com/oasdiff/oasdiff-action/releases )
- [Commits](205ce7e2c5...a2ff6682b2
)
Updates `ossf/scorecard-action` from 2.3.3 to 2.4.0
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](dc50aa9510...62b2cac7ed
)
Updates `github/codeql-action` from 3.25.13 to 3.25.15
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2d790406f5...afb54ba388
)
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: oasdiff/oasdiff-action
dependency-type: direct:production
dependency-group: dependencies
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-08-10 08:13:43 +10:00
dependabot[bot]
b10a20d1ef
Bump the dependencies group with 5 updates ( #7712 )
...
Bumps the dependencies group with 5 updates:
| Package | From | To |
| --- | --- | --- |
| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) | `3.1.0` | `3.2.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) | `3.4.0` | `3.5.0` |
| [docker/login-action](https://github.com/docker/login-action ) | `3.2.0` | `3.3.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action ) | `6.4.0` | `6.5.0` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `3.25.12` | `3.25.13` |
Updates `docker/setup-qemu-action` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](5927c834f5...49b3bc8e6b
)
Updates `docker/setup-buildx-action` from 3.4.0 to 3.5.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](4fd812986e...aa33708b10
)
Updates `docker/login-action` from 3.2.0 to 3.3.0
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](0d4c9c5ea7...9780b0c442
)
Updates `docker/build-push-action` from 6.4.0 to 6.5.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](a254f8ca60...5176d81f87
)
Updates `github/codeql-action` from 3.25.12 to 3.25.13
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4fa2a79536...2d790406f5
)
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-24 14:09:36 +10:00
dependabot[bot]
0d2424a3d9
Bump the dependencies group with 3 updates ( #7661 )
...
Bumps the dependencies group with 3 updates: [actions/setup-python](https://github.com/actions/setup-python ), [docker/build-push-action](https://github.com/docker/build-push-action ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `actions/setup-python` from 5.1.0 to 5.1.1
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](82c7e631bb...39cd14951b
)
Updates `docker/build-push-action` from 6.3.0 to 6.4.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](1a162644f9...a254f8ca60
)
Updates `github/codeql-action` from 3.25.11 to 3.25.12
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b611370bb5...4fa2a79536
)
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-16 09:44:07 +10:00
dependabot[bot]
c05cf86c8e
Bump the dependencies group with 5 updates ( #7590 )
...
Bumps the dependencies group with 5 updates:
| Package | From | To |
| --- | --- | --- |
| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) | `3.0.0` | `3.1.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) | `3.3.0` | `3.4.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action ) | `6.2.0` | `6.3.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact ) | `4.3.3` | `4.3.4` |
| [actions/download-artifact](https://github.com/actions/download-artifact ) | `4.1.7` | `4.1.8` |
Updates `docker/setup-qemu-action` from 3.0.0 to 3.1.0
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](68827325e0...5927c834f5
)
Updates `docker/setup-buildx-action` from 3.3.0 to 3.4.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](d70bba72b1...4fd812986e
)
Updates `docker/build-push-action` from 6.2.0 to 6.3.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](15560696de...1a162644f9
)
Updates `actions/upload-artifact` from 4.3.3 to 4.3.4
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](65462800fd...0b2256b8c0
)
Updates `actions/download-artifact` from 4.1.7 to 4.1.8
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](65a9edc588...fa0a91b85d
)
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: actions/download-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-09 13:35:17 +10:00
dependabot[bot]
13ee755ad3
Bump the dependencies group with 2 updates ( #7541 )
...
Bumps the dependencies group with 2 updates: [docker/build-push-action](https://github.com/docker/build-push-action ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `docker/build-push-action` from 6.1.0 to 6.2.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](31159d49c0...15560696de
)
Updates `github/codeql-action` from 3.25.10 to 3.25.11
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](23acc5c183...b611370bb5
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-07 08:07:15 +10:00
dependabot[bot]
c6ad902ccc
Bump docker/build-push-action in the dependencies group ( #7502 )
...
Bumps the dependencies group with 1 update: [docker/build-push-action](https://github.com/docker/build-push-action ).
Updates `docker/build-push-action` from 6.0.0 to 6.1.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](c382f710d3...31159d49c0
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-25 09:27:07 +10:00
Oliver
432e0c622c
Single table for file attachments ( #7420 )
...
* Add basic model for handling generic attachments
* Refactor migration
* Data migration to convert old files across
* Admin updates
* Increase comment field max_length
* Adjust field name
* Remove legacy serializer classes / endpoints
* Expose new model to API
* Admin site list filters
* Remove legacy attachment models
- Add new mixin class to designate which models can have attachments
* Update data migration
- Ensure other apps are at the correct migration state beforehand
* Add migrations to remove legacy attachment tables
* Fix for "rename_attachment" callback
* Refactor model_type field
- ContentType does not allow easy API serialization
* Set allowed options for admin
* Update model verbose names
* Fix logic for file upload
* Add choices for serializer
* Add API filtering
* Fix for API filter
* Fix for attachment tables in PUI
- Still not solved permission issues
* Bump API version
* Record user when uploading attachment via API
* Refactor <AttachmentTable /> for PUI
* Display 'file_size' in PUI attachment table
* Fix company migrations
* Include permission informtion in roles API endpoint
* Read user permissions in PUI
* Simplify permission checks for <AttachmentTable />
* Automatically clean up old content types
* Cleanup PUI
* Fix typo in data migration
* Add reverse data migration
* Update unit tests
* Use InMemoryStorage for media files in test mode
* Data migration unit test
* Fix "model_type" field
- It is a required field after all
* Add permission check for serializer
* Fix permission check for CUI
* Fix PUI import
* Test python lib against specific branch
- Will be reverted once code is merged
* Revert STORAGES setting
- Might be worth looking into again
* Fix part unit test
* Fix unit test for sales order
* Use 'get_global_setting'
* Use 'get_global_setting'
* Update setting getter
* Unit tests
* Tweaks
* Revert change to settings.py
* More updates for get_global_setting
* Relax API query count requirement
* remove illegal chars and add unit tests
* Fix unit tests
* Fix frontend unit tests
* settings management updates
* Prevent db write under more conditions
* Simplify settings code
* Pop values before creating filters
* Prevent settings write under certain conditions
* Add debug msg
* Clear db on record import
* Refactor permissions checks
- Allows extension / customization of permission checks at a later date
* Unit test updates
* Prevent delete of attachment without correct permissions
* Adjust odcker.yaml
* Cleanup data migrations
* Tweak migration tests for build app
* Update data migration
- Handle case with missing data
* Prevent debug shell in TESTING mode
* Update migration dependencies
- Ensure all apps are "up to date" before removing legacy tables
* add file size test
* Update migration tests
* Revert some settings caching changes
* Fix incorrect logic in migration
* Update unit tests
* Prevent create on CURRENCY_CODES
- Seems to play havoc with bootup sequence
* Fix unit test
* Some refactoring
- Use get_global_setting
* Fix typo
* Revert change
* Add "tags" and "metadata"
* Include "tags" field in API serializer
* add "metadata" endpoint for attachments
2024-06-19 14:38:46 +10:00
dependabot[bot]
2c50620acc
Bump the dependencies group with 4 updates ( #7462 )
...
Bumps the dependencies group with 4 updates: [actions/checkout](https://github.com/actions/checkout ), [docker/build-push-action](https://github.com/docker/build-push-action ), [codecov/codecov-action](https://github.com/codecov/codecov-action ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `actions/checkout` from 4.1.6 to 4.1.7
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a5ac7e51b4...692973e3d9
)
Updates `docker/build-push-action` from 5.4.0 to 6.0.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](ca052bb54a...c382f710d3
)
Updates `codecov/codecov-action` from 4.4.1 to 4.5.0
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](125fc84a9a...e28ff129e5
)
Updates `github/codeql-action` from 3.25.8 to 3.25.10
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2e230e8fe0...23acc5c183
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: dependencies
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-18 23:42:05 +10:00
dependabot[bot]
1a57973b4d
Bump the dependencies group across 1 directory with 3 updates ( #7427 )
...
Bumps the dependencies group with 3 updates in the / directory: [docker/login-action](https://github.com/docker/login-action ), [docker/build-push-action](https://github.com/docker/build-push-action ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `docker/login-action` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](e92390c5fb...0d4c9c5ea7
)
Updates `docker/build-push-action` from 5.3.0 to 5.4.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](2cdde995de...ca052bb54a
)
Updates `github/codeql-action` from 3.25.6 to 3.25.8
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](9fdb3e4972...2e230e8fe0
)
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-11 23:30:09 +10:00
Matthias Mair
bdebf878c3
Fixes for installer ( #7344 )
...
* - move reqs file to contrib
- detect previously used python version
- safe extra requirements to INSTALLER_EXTRA
* add missing fi
* move site setting
2024-05-27 17:49:05 +10:00
dependabot[bot]
1c6e81eae5
--- ( #7276 )
...
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-21 15:10:06 +10:00
Oliver
2265055785
Docker fix ( #7228 )
...
* Copy requirements file
* Test more files when building docker image
* Refactor install task
* Raise exception
* Run install task
* Fix typos
- The tests work!
2024-05-15 09:19:35 +10:00
dependabot[bot]
770dbb9c35
Bump the dependencies group with 2 updates ( #7169 )
...
Bumps the dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout ) and [codecov/codecov-action](https://github.com/codecov/codecov-action ).
Updates `actions/checkout` from 4.1.4 to 4.1.5
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](0ad4b8fada...44c2b7a8a4
)
Updates `codecov/codecov-action` from 4.3.0 to 4.3.1
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](84508663e9...5ecb98a3c6
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-09 07:04:38 +10:00
dependabot[bot]
6837b0e753
Bump the dependencies group across 1 directory with 5 updates ( #7134 )
...
Bumps the dependencies group with 5 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout ) | `3.1.0` | `4.1.4` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) | `3.2.0` | `3.3.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact ) | `4.3.1` | `4.3.3` |
| [actions/download-artifact](https://github.com/actions/download-artifact ) | `4.1.4` | `4.1.7` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `3.25.0` | `3.25.3` |
Updates `actions/checkout` from 3.1.0 to 4.1.4
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3.1.0...0ad4b8fadaa221de15dcec353f45205ec38ea70b )
Updates `docker/setup-buildx-action` from 3.2.0 to 3.3.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](2b51285047...d70bba72b1
)
Updates `actions/upload-artifact` from 4.3.1 to 4.3.3
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](5d5d22a312...65462800fd
)
Updates `actions/download-artifact` from 4.1.4 to 4.1.7
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](c850b930e6...65a9edc588
)
Updates `github/codeql-action` from 3.25.0 to 3.25.3
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](df5a14dc28...d39d31e687
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: dependencies
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: actions/download-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-30 07:47:18 +10:00
Matthias Mair
d2827df3b8
fix ci filters ( #7121 )
2024-04-27 10:51:42 +10:00
Matthias Mair
938c724395
Pin hashes in requirements ( #7081 )
...
* use global pin for requests
* unify on yaml for workflo files
* format workflow files
* pin action versions
* fix pinned version
* use system venv
* switch args
* remove uv for now and add setting for pyyaml
* use requirements file
* also switch on docker flow
* generate hashes
* added hashes to reqs
* add hashes for CI too
* add hash checking
* require hashes everywhere possible
* require hashes where possible in docker
2024-04-23 17:15:52 +10:00
Matthias Mair
ca03562d25
[CI] Small nitpick changes ( #7016 )
...
* use global pin for requests
* unify on yaml for workflo files
* format workflow files
* pin action versions
* fix pinned version
* use system venv
* switch args
* remove uv for now and add setting for pyyaml
* fix qc args
* bix doc paths
2024-04-21 22:20:13 +10:00
dependabot[bot]
1c67a92958
Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 ( #7035 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](e1523de757...59acb6260d
)
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 09:56:34 +10:00
Oliver
6730cdbccf
[Docker] Fix broken production image ( #6953 )
...
* Check for presense of manage.py
* Fix directory copying
2024-04-04 23:55:55 +11:00
Oliver
d0fccaf14e
Fix docker push action ( #6934 )
2024-04-03 08:58:17 +00:00
Matthias Mair
0bace3f3af
Code structure refactor ( #5582 )
...
* moved docker files to /contrib/container
* changed code owners to make more precise
* updated CI to use new subdirs
* added manual trigger for testing
* moved ci files
* moved assets into subdir
* moved deploy template file to contrib
* moved django files to src/backend
* updated paths in scripts etc
* updated reqs path
* fixed version file path
* fixed flake8 path
* fixed path to node ressources
* fixed task paths
* added dep path for node
* removed unused yarn lockfile
* removed unused ci script
* updated internal backend paths for tasks
* updated translation stats path
* fixed source path for coverage
* fixed main commit repo path
* fit in changes from testing
* gather packager improvements (#149 )
* Matmair/issue5578 (#143 )
* moved docker files to /contrib/container
* changed code owners to make more precise
* updated CI to use new subdirs
* added manual trigger for testing
* moved ci files
* moved assets into subdir
* moved deploy template file to contrib
* moved django files to src/backend
* updated paths in scripts etc
* updated reqs path
* fixed version file path
* fixed flake8 path
* fixed path to node ressources
* fixed task paths
* added dep path for node
* removed unused yarn lockfile
* removed unused ci script
* updated internal backend paths for tasks
* updated translation stats path
* fixed source path for coverage
* fixed main commit repo path
* fix docker path
* use project dir
* move project dir command
* fixed docker paths
* another fix?
* seperate tasks out
* remove tasks
* some debugging
* ci: add .deepsource.toml
* Update .deepsource.toml
* also ignore migrations
* more debugging
* fix path issues
* remove debug script
* fix style
* change locale path
* Fixed paths for requirements
* Added dummy requirements to fool packager
* fixed exec path
* remove deepsource
---------
Co-authored-by: deepsource-io[bot] <42547082+deepsource-io[bot]@users.noreply.github.com>
* Added docs for file structure
* Fixed style errors
* updated deepsource paths
* fix deepsource paths
* fixed reqs
* merge fixes
* move newly added dirs too
* fix reqs files
* another dep fix
* merge upstream/master
* revert removal of tags
* merge upstream
* enabled detection of old config files
* adapt coverage src
* also detect and support old location for plugins.txt
* style fix
* fix ~/init.sh location
* fix requirements path
* fix config to current master
* move new folders
* fix import order
* fix paths for qc_check
* fix docs build
* fix fix path
* set docker project dir
* just use a cd
* set image path?
* set file correct
* fix copy path
* fix tasks dir
* fix init path
* fix copy path
* set prject dir
* fix paths
* remove old prod files
* fix dev env path
* set docker file
* Fix devcontainer docker compose file
* fix login attempt values
* fix init.sh path
* Fix pathing for Docker
* Docker build fix
- Set INVENTREE_BACKEND_DIR separately
* Update init.sh
* Fix path
* Update requirements.txt
* merge
* fix rq merge
* fix docker compose usage
---------
Co-authored-by: deepsource-io[bot] <42547082+deepsource-io[bot]@users.noreply.github.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2024-04-03 12:16:59 +11:00
Matthias Mair
4db61df8cd
Security improvements ( #6890 )
...
* Set write permissions at job level
* publish scorecard results
* Update scorecard.yml
* Update scorecard.yml
* Create .sonarcloud.properties
* Delete .deepsource.toml
* replace badge
* pin requests, pyyaml, jc
* pin yarn version
* pin uv
* reduce settings
* set test path
2024-04-02 17:35:01 +11:00
dependabot[bot]
7ed51dfff5
Bump actions/setup-python from 5.0.0 to 5.1.0 ( #6864 )
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 5.0.0 to 5.1.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](0a5c615913...82c7e631bb
)
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-27 07:11:37 +11:00
dependabot[bot]
1fea796b25
Bump docker/setup-buildx-action from 3.0.0 to 3.2.0 ( #6850 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.0.0 to 3.2.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](f95db51fdd...2b51285047
)
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-26 07:49:03 +11:00
dependabot[bot]
7328fc0af5
Bump sigstore/cosign-installer from 3.1.2 to 3.4.0 ( #6853 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.2 to 3.4.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](11086d2504...e1523de757
)
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-26 07:48:49 +11:00
Matthias Mair
7c6eefbcdf
CI-Actions: Security fixes ( #6835 )
...
* add security commitment
* fix badge path
* set token permissions
see https://github.com/inventree/InvenTree/security/code-scanning/48
* add more chapters
* break up flow text
* spellchecking
* clean diff
* bump setup-python to node 20 version
* fix docker version too
2024-03-25 09:11:16 +11:00
dependabot[bot]
08ad0f8e28
Bump docker/login-action from 3.0.0 to 3.1.0 ( #6800 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](343f7c4344...e92390c5fb
)
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-23 18:11:47 +11:00
Matthias Mair
15388d3dc3
Run publish CI actions only on main repo ( #6592 )
...
* only run if in an inventree org repo
* only sign into docker hub if username set
* use repo name for ghcr name
* renmae to not cause confusion
* rename vars
* use seperate step
* disable a bunch of stuff for testing
* use echo instead
* Revert "disable a bunch of stuff for testing"
This reverts commit 0ab5ff6d6d
.
2024-03-22 09:08:24 +11:00
dependabot[bot]
bb465078d3
Bump docker/build-push-action from 5.0.0 to 5.3.0 ( #6776 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 5.0.0 to 5.3.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](0565240e2d...2cdde995de
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-21 10:59:04 +11:00
dependabot[bot]
f2c0c7dcc1
Bump docker/metadata-action from 5.0.0 to 5.5.1 ( #6778 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 5.0.0 to 5.5.1.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](96383f4557...8e5442c4ef
)
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-21 10:50:49 +11:00
dependabot[bot]
8e775c8502
Bump dorny/paths-filter from 2.11.1 to 3.0.2 ( #6775 )
...
Bumps [dorny/paths-filter](https://github.com/dorny/paths-filter ) from 2.11.1 to 3.0.2.
- [Release notes](https://github.com/dorny/paths-filter/releases )
- [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md )
- [Commits](4512585405...de90cc6fb3
)
---
updated-dependencies:
- dependency-name: dorny/paths-filter
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-21 10:50:28 +11:00
Matthias Mair
b46b200101
Add OSSF Scorecard ( #6769 )
...
* Create scorecard.yml
* Add badge
* disable publishing
* Add security improvements (#181 )
* Add OSSF Scorecard (#179 )
* Create scorecard.yml
* Add badge
* disable publishing
* [StepSecurity] Apply security best practices (#180 )
* [StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
* Update .pre-commit-config.yaml
* Update dependabot.yml
* Delete .github/workflows/dependency-review.yml
---------
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: Matthias Mair <code@mjmair.com>
---------
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: StepSecurity Bot <bot@stepsecurity.io>
* Update to upstream project
* disable shellcheck for now
---------
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: StepSecurity Bot <bot@stepsecurity.io>
2024-03-21 10:11:49 +11:00
Oliver
82654eabdc
Site access tweaks ( #6738 )
...
* Adjust docker filter
- Run if settings.py changes
* Revert API version
* Adjust logic in settings.py
- Only exit if in main server thread
* Update qc_checks.yaml
* Add wildcard for CSRF_TRUSTED_ORIGINS in DEBUG mode
* Update wildcard
* Simplify settings.py logic
2024-03-18 15:27:56 +11:00
Oliver
cbc879f618
[Docker] Fix broken image ( #6621 )
...
* Install grpcio faster
- Pin version
- Update build packages
* Test dockerfile before push
- SImply test if invoke is present
* Revert commit to docker-compose
* Remove VIRTUAL_ENV from Dockerfile
* Fix pip install
* Run extra checks on docker image
* Ensure mariadb links are installed:
- Closes https://github.com/inventree/InvenTree/issues/6625
* Adjust CI
build docker image manually
* Should fail
- Test that revert fails CI
* Ok, this should break it
* Fix Dockerfile
2024-03-04 22:50:00 +11:00
Oliver
3b9fae6279
docker: push both multiple image tags ( #6614 )
...
* docker: push both multiple image tags
* Remove matrix strategy
2024-03-02 11:29:20 +11:00
Oliver
6962b61fff
Fix docker tags ( #6606 )
...
- Revert to previous approach
2024-03-01 07:01:46 +11:00
Matthias Mair
ea63a03fe4
Refactor docker CI for speed increases ( #6562 )
...
* push to ghcr (#168 )
* Update docker.yaml
* Update docker.yaml
* Update docker.yaml
* use matrix to build for the plattforms (faster amd pub)
* try Buildjet
* switch to pyhton 3.9
* Update docker.yaml
* path python manually?
* bump python to 3.11
* Update Dockerfile
* step down vm
* cleanup workflow
* install docker on mac
* and docker compose too
* switch back to linux
* Docker tests (#175 )
* push to ghcr (#168 )
* Update docker.yaml
* Update docker.yaml
* Update docker.yaml
* use matrix to build for the plattforms (faster amd pub)
* try Buildjet
* switch to pyhton 3.9
* Update docker.yaml
* path python manually?
* bump python to 3.11
* Update Dockerfile
* step down vm
* cleanup workflow
* install docker on mac
* and docker compose too
* switch back to linux
* switch to uv
* fix uv install
* reintroduce checks
* cleanup diff
2024-02-27 09:50:44 +11:00
Matthias Mair
85225538e6
Create test files in seperate folder & cleanup before image build ( #6571 )
...
* move ignore
* create testfiles in seperate folder
* add cleanup step to docker build
* use pathlib for paths
2024-02-26 11:23:49 +11:00
Oliver
e1e63fa644
Fix for tasks.py - docker ( #6380 )
...
* Instrument tasks.py
* Enforce no_frontend
* Run docker CI step if tasks.py changes
2024-02-01 12:25:24 +11:00
Oliver
f96055a33f
Refactor docker image for devcontainer ( #6029 )
...
* Make base image configurable
* Refactor dockerfile
- Place extra packages into extra shell script
- Add pre-build stage where packages are installed, and then cache removed
- Run same script in dev target, but do not remove
* Run docker workflow whenever package requirements change
* Replace devcontainer dockerfile
* Install base packages in devcontainer
* --no-cache-dir
2023-12-05 07:05:48 +11:00
Oliver
15b2437392
Docker CI Updates ( #5909 )
...
* Update docker image - base python version
- Also, build docker image on PR if any docker-related files have changed
* Update setuptools
* Update base level packages for docker image
* Reduce version
* Include docker workflow in filter
* Revert to python 3.10
* Remove call to upgrade setuptools
* Try newer version of setuptools
* Remove reliance on "minimal"
* Fix package URL
* Whoops. Fix typo
2023-11-22 00:25:13 +11:00
Matthias Mair
8308f36923
bump action versions ( #5776 )
2023-10-25 09:18:53 +11:00
Oliver
2be2ea4f8f
Docker CI test ( #5544 )
...
* Docker CI test
* Pin setuptools version
* Don't run docker build on pull-request
2023-09-15 22:44:54 +10:00
Oliver
3b4e20b54a
Unit Test Improvements ( #5087 )
...
* Disable migration testing
- Compare how long the unit tests take
* Change file
- To get unit tests to run
* Fix format
* Consolidate tasks.py
- Remove coverage task
- Add --coverage flag to test task
* Fix typo
* Run migration unit tests if migration files are updated
* Fix
* Touch migration file
- Should cause migration unit tests to be run
* Force migration checks for docker build
* Prevent default report creation in unit tests
- Should save some time
* Add simple profiling for plugin loading
- Display time taken to load each plugin
* Fix to invoke test
* Disable get_git_log (for testing)
* Disable get_git_path in CI
- Might remove this entirely?
- For now, bypass for unit testing
* Add debug for unit registry
- Display time taken to load registry
* Don't full-reload unit registry
* Adjust migration test workflow
- env var updates
- change paths-filter output
* Fix for migration_test.yaml
- Actually need to set the output
* env fix
* db name
* Prevent sleep if in test mode
* Reduce sleep time on wait_for_db
2023-06-23 17:25:59 +10:00
Matthias Mair
f3a13fc625
Add SBOM to container ( #5017 )
...
* Add sbom to docker
* Enable manual release
* remove dispatch
2023-06-11 23:37:03 +10:00
Matthias Mair
d710efb64b
remove concurrency checks ( #5002 )
...
Fixes https://github.com/inventree/InvenTree/issues/4999
2023-06-09 10:30:03 +10:00
dependabot[bot]
2ed7eefa27
Bump cryptography from 40.0.1 to 41.0.0 ( #4955 )
...
* Bump cryptography from 40.0.1 to 41.0.0
Bumps [cryptography](https://github.com/pyca/cryptography ) from 40.0.1 to 41.0.0.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/40.0.1...41.0.0 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
* bump everything
* do not build for linux/arm/v7
see https://github.com/inventree/InvenTree/pull/4955#issuecomment-1575909025
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2023-06-05 19:27:27 +10:00