Commit Graph

389 Commits

Author SHA1 Message Date
github-actions[bot]
c7ea06cff1
Bump the dependencies group across 1 directory with 5 updates (#7811) (#7849)
Bumps the dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.5.0` | `3.6.1` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.4` | `4.3.5` |
| [oasdiff/oasdiff-action](https://github.com/oasdiff/oasdiff-action) | `205ce7e2c5ae1511e720cbd307cae79fd7d4a909` | `a2ff6682b27d175162a74c09ace8771bd3d512f8` |
| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.3` | `2.4.0` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.25.13` | `3.25.15` |

Updates `docker/setup-buildx-action` from 3.5.0 to 3.6.1
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](aa33708b10...988b5a0280)

Updates `actions/upload-artifact` from 4.3.4 to 4.3.5
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](0b2256b8c0...89ef406dd8)

Updates `oasdiff/oasdiff-action` from 205ce7e2c5ae1511e720cbd307cae79fd7d4a909 to a2ff6682b27d175162a74c09ace8771bd3d512f8
- [Release notes](https://github.com/oasdiff/oasdiff-action/releases)
- [Commits](205ce7e2c5...a2ff6682b2)

Updates `ossf/scorecard-action` from 2.3.3 to 2.4.0
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](dc50aa9510...62b2cac7ed)

Updates `github/codeql-action` from 3.25.13 to 3.25.15
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](2d790406f5...afb54ba388)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: oasdiff/oasdiff-action
  dependency-type: direct:production
  dependency-group: dependencies
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
(cherry picked from commit 3733e8a417)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-10 08:37:27 +10:00
Matthias Mair
dcc351be11
Add provenance to releases and publish SBOMs (#7784)
* Add more names

* split build and publish

* add attestation and SBOM

* format file

* Add toplevel permissions

* fix missing path

* move provenance down

* fix release workflow

* simplify steps
2024-08-02 10:54:19 +10:00
Matthias Mair
c8870c4ade
Pin OAS action (#7767) 2024-07-31 00:33:39 +10:00
dependabot[bot]
b10a20d1ef
Bump the dependencies group with 5 updates (#7712)
Bumps the dependencies group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3.1.0` | `3.2.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.4.0` | `3.5.0` |
| [docker/login-action](https://github.com/docker/login-action) | `3.2.0` | `3.3.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `6.4.0` | `6.5.0` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.25.12` | `3.25.13` |


Updates `docker/setup-qemu-action` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](5927c834f5...49b3bc8e6b)

Updates `docker/setup-buildx-action` from 3.4.0 to 3.5.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](4fd812986e...aa33708b10)

Updates `docker/login-action` from 3.2.0 to 3.3.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](0d4c9c5ea7...9780b0c442)

Updates `docker/build-push-action` from 6.4.0 to 6.5.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](a254f8ca60...5176d81f87)

Updates `github/codeql-action` from 3.25.12 to 3.25.13
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](4fa2a79536...2d790406f5)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-24 14:09:36 +10:00
Matthias Mair
77693c18a1
bump node to 20 (#7698) 2024-07-22 07:44:42 +10:00
Matthias Mair
105dd7152e
Optimize PUI package delivery for package installs (#7655)
* Package frontend in deb

* Add artifact download

* remove 0.8.0 check

* remove array casting

* fix format once more

* another try

* add brackets again

* add version

* and bash

* and shell

* more debuging

* various style fixes

* small fixes

* and ls for prosperity

* debug

* maybe git as source?

* fix download cmd?

* debug a bit

* debug a bit more

* remove sha download - is not working with GHA restrictions

* write version number

* check if a new frontend must be dowloaded

* write versions into frontend packages

* Matmair/issue7338 (#205)

* Package frontend in deb

* Add artifact download

* remove 0.8.0 check

* remove array casting

* fix format once more

* another try

* add brackets again

* add version

* and bash

* and shell

* more debuging

* various style fixes

* small fixes

* and ls for prosperity

* debug

* maybe git as source?

* fix download cmd?

* debug a bit

* debug a bit more

* remove sha download - is not working with GHA restrictions

* write version number

* check if a new frontend must be dowloaded

* write versions into frontend packages

* change ref dir for tests

* add better build logging

* extend task to get ref from package

* fix downloading syntax

* fix name ref

* make more robust

* more logging

* move import

* turn down unzipping noise

* strip content (spaces, newlines)

* add info what happens now

* fix quite flag

* adjust publisher
2024-07-18 15:35:09 +10:00
Matthias Mair
44a5f76213
[CI] Add nicer OpenAPI diffs (#7002)
* add diff action

* Update api_version.py

* always diff schemas

* move model lookup to subpath

* Add diff to step summary

* fix arg name

* use echo step instead

* split action and fail curl

* fail if download not possible

* capture code

* remove wrong syntax

* decrease download number

* revert qc

* extend version_check

* fix exit cond

* fix link

* add dummy change

* Update api_version.py

* use html for format
2024-07-17 23:45:26 +10:00
dependabot[bot]
0d2424a3d9
Bump the dependencies group with 3 updates (#7661)
Bumps the dependencies group with 3 updates: [actions/setup-python](https://github.com/actions/setup-python), [docker/build-push-action](https://github.com/docker/build-push-action) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `actions/setup-python` from 5.1.0 to 5.1.1
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](82c7e631bb...39cd14951b)

Updates `docker/build-push-action` from 6.3.0 to 6.4.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](1a162644f9...a254f8ca60)

Updates `github/codeql-action` from 3.25.11 to 3.25.12
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](b611370bb5...4fa2a79536)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-16 09:44:07 +10:00
dependabot[bot]
c05cf86c8e
Bump the dependencies group with 5 updates (#7590)
Bumps the dependencies group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3.0.0` | `3.1.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.3.0` | `3.4.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `6.2.0` | `6.3.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.3` | `4.3.4` |
| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.7` | `4.1.8` |


Updates `docker/setup-qemu-action` from 3.0.0 to 3.1.0
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](68827325e0...5927c834f5)

Updates `docker/setup-buildx-action` from 3.3.0 to 3.4.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](d70bba72b1...4fd812986e)

Updates `docker/build-push-action` from 6.2.0 to 6.3.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](15560696de...1a162644f9)

Updates `actions/upload-artifact` from 4.3.3 to 4.3.4
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](65462800fd...0b2256b8c0)

Updates `actions/download-artifact` from 4.1.7 to 4.1.8
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](65a9edc588...fa0a91b85d)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-09 13:35:17 +10:00
Matthias Mair
0a9e63c8f1
Fix schema version commit text (#7576)
* add "pretty" step names

* fix commit name formatting
2024-07-07 19:54:30 +10:00
Matthias Mair
18c7162e53
disable 3.12 testing for now (#7577) 2024-07-07 19:53:45 +10:00
dependabot[bot]
13ee755ad3
Bump the dependencies group with 2 updates (#7541)
Bumps the dependencies group with 2 updates: [docker/build-push-action](https://github.com/docker/build-push-action) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `docker/build-push-action` from 6.1.0 to 6.2.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](31159d49c0...15560696de)

Updates `github/codeql-action` from 3.25.10 to 3.25.11
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](23acc5c183...b611370bb5)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-07 08:07:15 +10:00
Matthias Mair
c9e9ef1754
Bump pre commit versions (#7255)
* bump pre-commit tools

* move uv config to pyproject

* style fix

* bump pre-commit deps again

* add config for code spell

* spelling fixes

* bump regex

* bump pre-commit

* bump versions again

* roll back regex version

* reverse uv bump

* compile for 3.12

* use 3.12 for ci

* remove unused env vars

* only cache main version

* set caching dep path

* remove caching distinction

* pip installl regex

* switch back to 3.9 default

* remove install test

* reset versions

* remove tomli

* Update playwright.config.ts

---------

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2024-06-25 20:52:34 +10:00
dependabot[bot]
c6ad902ccc
Bump docker/build-push-action in the dependencies group (#7502)
Bumps the dependencies group with 1 update: [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `docker/build-push-action` from 6.0.0 to 6.1.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](c382f710d3...31159d49c0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-25 09:27:07 +10:00
Gigahawk
545ab9205b
fix: add .vite folder in frontend releases (fixes #7476) (#7480) 2024-06-20 20:04:28 +10:00
Oliver
432e0c622c
Single table for file attachments (#7420)
* Add basic model for handling generic attachments

* Refactor migration

* Data migration to convert old files across

* Admin updates

* Increase comment field max_length

* Adjust field name

* Remove legacy serializer classes / endpoints

* Expose new model to API

* Admin site list filters

* Remove legacy attachment models

- Add new mixin class to designate which models can have attachments

* Update data migration

- Ensure other apps are at the correct migration state beforehand

* Add migrations to remove legacy attachment tables

* Fix for "rename_attachment" callback

* Refactor model_type field

- ContentType does not allow easy API serialization

* Set allowed options for admin

* Update model verbose names

* Fix logic for file upload

* Add choices for serializer

* Add API filtering

* Fix for API filter

* Fix for attachment tables in PUI

- Still not solved permission issues

* Bump API version

* Record user when uploading attachment via API

* Refactor <AttachmentTable /> for PUI

* Display 'file_size' in PUI attachment table

* Fix company migrations

* Include permission informtion in roles API endpoint

* Read user permissions in PUI

* Simplify permission checks for <AttachmentTable />

* Automatically clean up old content types

* Cleanup PUI

* Fix typo in data migration

* Add reverse data migration

* Update unit tests

* Use InMemoryStorage for media files in test mode

* Data migration unit test

* Fix "model_type" field

- It is a required field after all

* Add permission check for serializer

* Fix permission check for CUI

* Fix PUI import

* Test python lib against specific branch

- Will be reverted once code is merged

* Revert STORAGES setting

- Might be worth looking into again

* Fix part unit test

* Fix unit test for sales order

* Use 'get_global_setting'

* Use 'get_global_setting'

* Update setting getter

* Unit tests

* Tweaks

* Revert change to settings.py

* More updates for get_global_setting

* Relax API query count requirement

* remove illegal chars and add unit tests

* Fix unit tests

* Fix frontend unit tests

* settings management updates

* Prevent db write under more conditions

* Simplify settings code

* Pop values before creating filters

* Prevent settings write under certain conditions

* Add debug msg

* Clear db on record import

* Refactor permissions checks

- Allows extension / customization of permission checks at a later date

* Unit test updates

* Prevent delete of attachment without correct permissions

* Adjust odcker.yaml

* Cleanup data migrations

* Tweak migration tests for build app

* Update data migration

- Handle case with missing data

* Prevent debug shell in TESTING mode

* Update migration dependencies

- Ensure all apps are "up to date" before removing legacy tables

* add file size test

* Update migration tests

* Revert some settings caching changes

* Fix incorrect logic in migration

* Update unit tests

* Prevent create on CURRENCY_CODES

- Seems to play havoc with bootup sequence

* Fix unit test

* Some refactoring

- Use get_global_setting

* Fix typo

* Revert change

* Add "tags" and "metadata"

* Include "tags" field in API serializer

* add "metadata" endpoint for attachments
2024-06-19 14:38:46 +10:00
dependabot[bot]
2c50620acc
Bump the dependencies group with 4 updates (#7462)
Bumps the dependencies group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [docker/build-push-action](https://github.com/docker/build-push-action), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `actions/checkout` from 4.1.6 to 4.1.7
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](a5ac7e51b4...692973e3d9)

Updates `docker/build-push-action` from 5.4.0 to 6.0.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](ca052bb54a...c382f710d3)

Updates `codecov/codecov-action` from 4.4.1 to 4.5.0
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](125fc84a9a...e28ff129e5)

Updates `github/codeql-action` from 3.25.8 to 3.25.10
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](2e230e8fe0...23acc5c183)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-18 23:42:05 +10:00
dependabot[bot]
1a57973b4d
Bump the dependencies group across 1 directory with 3 updates (#7427)
Bumps the dependencies group with 3 updates in the / directory: [docker/login-action](https://github.com/docker/login-action), [docker/build-push-action](https://github.com/docker/build-push-action) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `docker/login-action` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](e92390c5fb...0d4c9c5ea7)

Updates `docker/build-push-action` from 5.3.0 to 5.4.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](2cdde995de...ca052bb54a)

Updates `github/codeql-action` from 3.25.6 to 3.25.8
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](9fdb3e4972...2e230e8fe0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-11 23:30:09 +10:00
Matthias Mair
bdebf878c3
Fixes for installer (#7344)
* - move reqs file to contrib
- detect previously used python version
- safe extra requirements to INSTALLER_EXTRA

* add missing fi

* move site setting
2024-05-27 17:49:05 +10:00
dependabot[bot]
1c6e81eae5
--- (#7276)
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-21 15:10:06 +10:00
Oliver
2265055785
Docker fix (#7228)
* Copy requirements file

* Test more files when building docker image

* Refactor install task

* Raise exception

* Run install task

* Fix typos

- The tests work!
2024-05-15 09:19:35 +10:00
Oliver
3eae5096e3
Fix permissions for release.yaml (#7220)
* Fix permissions for release.yaml

- 0.15.0 release currently borked

* Move permissions to individual job targets
2024-05-14 22:04:03 +10:00
dependabot[bot]
90e15b6bf3
Bump the dependencies group with 2 updates (#7213)
Bumps the dependencies group with 2 updates: [ossf/scorecard-action](https://github.com/ossf/scorecard-action) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `ossf/scorecard-action` from 2.3.1 to 2.3.3
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](0864cf1902...dc50aa9510)

Updates `github/codeql-action` from 3.25.3 to 3.25.5
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](d39d31e687...b7cec75265)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-14 09:49:06 +10:00
dependabot[bot]
770dbb9c35
Bump the dependencies group with 2 updates (#7169)
Bumps the dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [codecov/codecov-action](https://github.com/codecov/codecov-action).


Updates `actions/checkout` from 4.1.4 to 4.1.5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](0ad4b8fada...44c2b7a8a4)

Updates `codecov/codecov-action` from 4.3.0 to 4.3.1
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](84508663e9...5ecb98a3c6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-09 07:04:38 +10:00
dependabot[bot]
6837b0e753
Bump the dependencies group across 1 directory with 5 updates (#7134)
Bumps the dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `3.1.0` | `4.1.4` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.2.0` | `3.3.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.1` | `4.3.3` |
| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.4` | `4.1.7` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.25.0` | `3.25.3` |



Updates `actions/checkout` from 3.1.0 to 4.1.4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.1.0...0ad4b8fadaa221de15dcec353f45205ec38ea70b)

Updates `docker/setup-buildx-action` from 3.2.0 to 3.3.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](2b51285047...d70bba72b1)

Updates `actions/upload-artifact` from 4.3.1 to 4.3.3
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](5d5d22a312...65462800fd)

Updates `actions/download-artifact` from 4.1.4 to 4.1.7
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](c850b930e6...65a9edc588)

Updates `github/codeql-action` from 3.25.0 to 3.25.3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](df5a14dc28...d39d31e687)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-30 07:47:18 +10:00
Matthias Mair
a205fd5967
Fixes to make compatible with Python 3.12 (#7112)
* Remove use of deprecated imp.load_source

The entire `imp` module has been removed from Python 3.12. This patch applies the recommended replacement using `importlib`.

* Fix usage of from importlib.metadata.entry_points to work with newer importlib & Python 3.12

* Update registry.py

Fix order of imports

* Use importlib.util.module_from_spec() instead of deprecated load_module()

* auto-fixed import style (isort)

* enable py 12

* run coverage for lower and upper bound

* fix style error

* make import conditional

* fix?

* fix env

* style fix

* only use new loader on 3.12

* fix order

* fix module loading

* reimplement assertDictContainsSubset

* remove old testing alias

---------

Co-authored-by: Thea Flowers <thea@winterbloom.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2024-04-29 20:59:24 +10:00
Matthias Mair
83191d3fbf
Improve reproduciblity of image (#7120)
* hard-pin doc requirements

* update docs and commands

* hard pin container requirements

* check hashes in image build

* remove seperate uv install (is in base_requirements)

* containers already ships 3.11 - adjust packaging

* move build deps to general ci requirements

* install yarn using native tools

Closes https://github.com/inventree/InvenTree/security/code-scanning/95
Closes https://github.com/inventree/InvenTree/security/code-scanning/96

* merge install steps

* adapt install command args to be similar

* adapt docs to suggest safer install arg

* fix install path

* update dependabot settings
2024-04-29 11:04:45 +10:00
Matthias Mair
d2827df3b8
fix ci filters (#7121) 2024-04-27 10:51:42 +10:00
Matthias Mair
938c724395
Pin hashes in requirements (#7081)
* use global pin for requests

* unify on yaml for workflo files

* format workflow files

* pin action versions

* fix pinned version

* use system venv

* switch args

* remove uv for now and add setting for pyyaml

* use requirements file

* also switch on docker flow

* generate hashes

* added hashes to reqs

* add hashes for CI too

* add hash checking

* require hashes everywhere possible

* require hashes where possible in docker
2024-04-23 17:15:52 +10:00
Oliver
8f2ef39282
Remove coveralls integration (#7099) 2024-04-23 08:42:31 +10:00
Matthias Mair
ca03562d25
[CI] Small nitpick changes (#7016)
* use global pin for requests

* unify on yaml for workflo files

* format workflow files

* pin action versions

* fix pinned version

* use system venv

* switch args

* remove uv for now and add setting for pyyaml

* fix qc args

* bix doc paths
2024-04-21 22:20:13 +10:00
Oliver
0ba7f7ece5
[PUI] Session authentication (#6970)
* Adjust backend cookie settings

* Allow CORS requests to /accounts/

* Refactor frontend code

- Remove API token functions
- Simplify cookie approach
- Add isLoggedIn method

* Adjust REST_AUTH settings

* Cleanup auth functions in auth.tsx

* Adjust CSRF_COOKIE_SAMESITE value

* Fix login request

* Prevent session auth on login view

- Existing (invalid) session token causes 403

* Refactor ApiImage

- Point to the right host
- Simplify code
- Now we use session cookies, so it *Just Works*

* Fix download for attachment table

- Now works with remote host

* Cleanup settings.py

* Refactor login / logout notifications

* Update API version

* Update src/frontend/src/components/items/AttachmentLink.tsx

Co-authored-by: Lukas <76838159+wolflu05@users.noreply.github.com>

* fix assert url

* Remove comment

* Add explicit page to logout user

* Change tests to first logout

* Prune dead code

* Adjust tests

* Cleanup

* Direct to login view

* Trying something

* Update CUI test

* Fix basic tests

* Refactoring

* Fix basic checks

* Fix for PUI command tests

* More test updates

* Add speciifc test for quick login

* More cleanup of playwright tests

* Add some missing icons

* Fix typo

* Ignore coverage report for playwright test

* Remove coveralls upload task

---------

Co-authored-by: Lukas <76838159+wolflu05@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-04-17 21:35:20 +10:00
Oliver
b3f6c8f531
Revert to sqren backport action (#7051)
* Revert to sqren backpor action

* Remove invalid option
2024-04-16 15:17:13 +10:00
Oliver
22a25d4387
backport.yml : Fix copy_labels_pattern (#7050) 2024-04-16 15:01:30 +10:00
Oliver
66ed85e0c0
Fix regex (#7048)
* Fix regex

* Fix permission and step condition
2024-04-16 14:46:20 +10:00
Oliver
251029c62e
Change backport action (#7046)
- Change to korthout/backport-action
- More actively maintained
2024-04-16 13:22:52 +10:00
dependabot[bot]
1c67a92958
Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (#7035)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](e1523de757...59acb6260d)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 09:56:34 +10:00
dependabot[bot]
0575c167aa
Bump github/codeql-action from 3.24.10 to 3.25.0 (#7036)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.10 to 3.25.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](4355270be1...df5a14dc28)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 09:56:27 +10:00
dependabot[bot]
5315886fb4
Bump stefanzweifel/git-auto-commit-action from 5.0.0 to 5.0.1 (#7037)
Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases)
- [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md)
- [Commits](8756aa072e...8621497c8c)

---
updated-dependencies:
- dependency-name: stefanzweifel/git-auto-commit-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 09:56:05 +10:00
Oliver
40e867896b
Revert "Trying again to fix backport action (#7018)" (#7021)
This reverts commit bdabdd38cc.
2024-04-14 20:30:08 +10:00
Matthias Mair
f15a3009bb
[PUI] Add more tests (#7010)
* add coverage to PUI

* fix testing command

* always do all steps

* fix test assumptions

* add test for serving and logging into pui from django / cui tech stack

* fix up coverage

* fix intentation

* remove paralell flags

* remove coverage finish step

* remove flag

* change names

* add full clickdown test

* more tests

* more tests

* sprinkle in some timeouts

* try using admin

* disable page 1 tests for now

* remove additional tests for now

* only build sourcemaps if coverage is enabled

* fix sourcemap assumption

* add more tests

* fix test

* Update package.json

* move tests to seperate file

* rename test files

* move defaults to seperate file

* centralise user creds

* lower migration level

* re-add page 1

* rename and split tests

* split out problematic test

* Add thumbnail building step

* remove unneded steps

* fix filename

* add more logging

* add sourounding table

* add missing tabs

* wait instead of click

* fix test

* split tests out more

* disable test for stock

* tes part sub-pages

* split tests more

* add company tests

* more sales testing

* split parts testing

* Add test for settings + admin center
2024-04-14 20:24:22 +10:00
Oliver
bdabdd38cc
Trying again to fix backport action (#7018) 2024-04-13 23:20:14 +10:00
Oliver
83742c01c8
Allow write permission for backport.yml (#7017) 2024-04-13 22:33:22 +10:00
dependabot[bot]
252cc7975a
Bump github/codeql-action from 3.24.9 to 3.24.10 (#6976)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.9 to 3.24.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](1b1aada464...4355270be1)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-12 07:05:07 +10:00
dependabot[bot]
6fe0f746b6
Bump codecov/codecov-action from 4.0.1 to 4.3.0 (#6994)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.1 to 4.3.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v4.0.1...v4.3.0)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-11 20:00:03 +10:00
Matthias Mair
6b858f777b
[CI] Increase migration test coverage (#6995)
* also trigger CI on changes to test files

* dummy change to test file

* fix match pattern
2024-04-11 10:11:12 +10:00
Matthias Mair
0d59f6e8a9
[CI] Re-add playwright reporting (#6992)
* re-add playwright reporting
now a bit more ressource optimised

* only upload if the tests faild
2024-04-11 01:00:30 +10:00
Matthias Mair
80475c57b2
[CI] Optimize runs (#6991)
* only run backend if required

* alwass upload coverage
2024-04-10 18:45:57 +10:00
Oliver
0778a77a41
Revert "Bump sqren/backport-github-action from 8.9.3 to 9.3.1 (#6802)" (#6984)
This reverts commit 34d8f5d65d.
2024-04-09 22:50:06 +10:00
Matthias Mair
8d41234ef7
Use xml for coverage info (#6947)
* append more apps

* set source

* use labels to force full CI suit

* always check for label

* use newer syntax

* remove unneeded carryforward flag

* improve action names

* remove unused upload steps

* enable discovery of locate test

* remove wrong module

* delete all ( :-) )lines for upload

* remove init for now

* add carryfoward back in again

* disable flaky test

* always run finsh step

* deactivate machine test for now

* specify refs explicitly

* add docker exception

* use xml for coverage info

* dummy fix

* remove dummy fix

* dummy change

* always export

* change path to ensure basepath is submitted

* add more paths

* reverst isort change

* remove unused html export

* remove paralell

* add plain InvenTree too

* Update pyproject.toml

* reset paths

* Update qc_checks.yaml

* Update qc_checks.yaml

* fix coverage runner setting

* fix coverage tool path

* use move, not copy

* ignore tmp

* reset isort settings

* use relative files for reporting

* Revert "use relative files for reporting"

This reverts commit 1f662bfb97.

* only run after at least 1 succeeds

* add TODO

* remove coverage subdir run

* also force migrations

* add coverage to migrations

* fix conditional for migration force check

* always upload coverage

* disable flaky test

* fix tests

* wait for migrations

* re-add function arg?

* adjust coverage targets

* add no-cov for fixes of flaky tests

* remove dummy

* revert to "old" upload method"
2024-04-09 10:33:27 +10:00