[API] Query improvements (#11034 )

* Improve prefetch fields for API * Cache ContentType queryset for getModelsWithMixin - Called a LOT of times for an options request - Store the list in the session cache - Much faster than redis - and expires after the session is complete * Skip optional prefetch for options requests * Custom implementation of DjangoModelPermission - Cache the queryset against the view - Prevents multiple hits for OPTIONS request - Saves > 100ms on /stock/ options request
chore(deps): bump filelock from 3.20.0 to 3.20.1 in /src/backend (#11032 )
2025-12-17 12:25:04 -06:00 · 2025-12-17 20:20:59 +11:00 · 2025-12-17 10:34:10 +11:00 · 2025-12-17 10:20:58 +11:00 · 2025-12-17 07:14:56 +11:00 · 2025-12-16 22:12:35 +11:00
670 changed files with 269610 additions and 213282 deletions
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@@ -18,6 +18,8 @@ services:
      - 6379

  inventree:
+    ports:
+      - 8000:8000
    build:
      context: ..
      dockerfile: .devcontainer/Dockerfile
--- a/.devops/test_stats.yml
+++ b/.devops/test_stats.yml
@@ -14,7 +14,7 @@ pool:
 strategy:
  matrix:
    Python39:
-      PYTHON_VERSION: '3.9'
+      PYTHON_VERSION: '3.11'
  maxParallel: 3

 steps:
--- a/.github/actions/setup/action.yaml
+++ b/.github/actions/setup/action.yaml
@@ -57,7 +57,7 @@ runs:
        run: |
          python3 -m pip install -U pip
          pip3 install -U invoke wheel
-          pip3 install 'uv<0.3.0'
+          pip3 install 'uv>=0.9.6'
      - name: Allow uv to use the system Python by default
        run: echo "UV_SYSTEM_PYTHON=1" >> $GITHUB_ENV
        shell: bash
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,6 +4,8 @@ updates:
    directory: /
    schedule:
      interval: weekly
+    cooldown:
+      default-days: 7
    groups:
      dependencies:
        patterns:
@@ -13,11 +15,15 @@ updates:
    directory: /contrib/container
    schedule:
      interval: weekly
+    cooldown:
+      default-days: 7

  - package-ecosystem: docker
    directory: /.devcontainer
    schedule:
      interval: weekly
+    cooldown:
+      default-days: 7

  - package-ecosystem: pip
    directories:
@@ -28,6 +34,8 @@ updates:
    schedule:
      interval: weekly
      day: friday
+    cooldown:
+      default-days: 7
    groups:
      dependencies:
        patterns:
@@ -41,6 +49,8 @@ updates:
    - /src/frontend
    schedule:
      interval: weekly
+    cooldown:
+      default-days: 7
    groups:
      dependencies:
        patterns:
--- a/.github/scripts/version_check.py
+++ b/.github/scripts/version_check.py
@@ -10,12 +10,14 @@ tagged branch:

 """

+import argparse
 import itertools
 import json
 import os
 import re
 import sys
 from pathlib import Path
+from typing import Optional

 import requests

@@ -23,7 +25,93 @@ REPO = os.getenv('GITHUB_REPOSITORY', 'inventree/inventree')
 GITHUB_API_URL = os.getenv('GITHUB_API_URL', 'https://api.github.com')


-def get_existing_release_tags(include_prerelease=True):
+def get_src_dir() -> Path:
+    """Return the path to the InvenTree source directory."""
+    here = Path(__file__).parent.absolute()
+    src_dir = here.joinpath('..', '..', 'src', 'backend', 'InvenTree', 'InvenTree')
+
+    if not src_dir.exists():
+        raise FileNotFoundError(
+            f"Could not find InvenTree source directory: '{src_dir}'"
+        )
+
+    return src_dir
+
+
+def get_inventree_version() -> str:
+    """Return the InvenTree version string."""
+    src_dir = get_src_dir()
+    version_file = src_dir.joinpath('version.py')
+
+    if not version_file.exists():
+        raise FileNotFoundError(
+            f"Could not find InvenTree version file: '{version_file}'"
+        )
+
+    with open(version_file, encoding='utf-8') as f:
+        text = f.read()
+
+        # Extract the InvenTree software version
+        results = re.findall(r"""INVENTREE_SW_VERSION = '(.*)'""", text)
+
+        if len(results) != 1:
+            raise ValueError(f'Could not find INVENTREE_SW_VERSION in {version_file}')
+
+        return results[0]
+
+
+def get_api_version() -> str:
+    """Return the InvenTree API version string."""
+    src_dir = get_src_dir()
+    api_version_file = src_dir.joinpath('api_version.py')
+
+    if not api_version_file.exists():
+        raise FileNotFoundError(
+            f"Could not find InvenTree API version file: '{api_version_file}'"
+        )
+
+    with open(api_version_file, encoding='utf-8') as f:
+        text = f.read()
+
+        # Extract the InvenTree software version
+        results = re.findall(r"""INVENTREE_API_VERSION = (.*)""", text)
+
+        if len(results) != 1:
+            raise ValueError(
+                f'Could not find INVENTREE_API_VERSION in {api_version_file}'
+            )
+
+        return results[0].strip().strip('"').strip("'")
+
+
+def version_number_to_tuple(version_string: str) -> tuple[int, int, int, str]:
+    """Validate a version number string, and convert to a tuple of integers.
+
+    e.g. 1.1.0
+    e.g. 1.1.0 dev
+    e.g. 1.2.3-rc2
+    """
+    pattern = r'^(\d+)\.(\d+)\.(\d+)[\s-]?(.*)?$'
+
+    match = re.match(pattern, version_string)
+
+    if not match or len(match.groups()) < 3:
+        raise ValueError(
+            f"Version string '{version_string}' did not match required pattern"
+        )
+
+    result = tuple(int(x) for x in match.groups()[:3])
+
+    # Add optional prerelease tag
+    if len(match.groups()) > 3:
+        result += (match.groups()[3] or '',)
+    else:
+        result += ('',)
+
+    return result
+
+
+def get_existing_release_tags(include_prerelease: bool = True):
    """Request information on existing releases via the GitHub API."""
    # Check for github token
    token = os.getenv('GITHUB_TOKEN', None)
@@ -46,16 +134,16 @@ def get_existing_release_tags(include_prerelease=True):

    for release in data:
        tag = release['tag_name'].strip()
-        match = re.match(r'^.*(\d+)\.(\d+)\.(\d+).*$', tag)

-        if len(match.groups()) != 3:
-            print(f"Version '{tag}' did not match expected pattern")
-            continue
+        version_tuple = version_number_to_tuple(tag)

-        if not include_prerelease and release['prerelease']:
-            continue
+        if len(version_tuple) >= 4 and version_tuple[3]:
+            # Skip prerelease tags
+            if not include_prerelease:
+                print('-- skipping prerelease tag:', tag)
+                continue

-        tags.append([int(x) for x in match.groups()])
+        tags.append(tag)

    return tags

@@ -67,15 +155,7 @@ def check_version_number(version_string, allow_duplicate=False):
    """
    print(f"Checking version '{version_string}'")

-    # Check that the version string matches the required format
-    match = re.match(r'^(\d+)\.(\d+)\.(\d+)(?: dev)?$', version_string)
-
-    if not match or len(match.groups()) != 3:
-        raise ValueError(
-            f"Version string '{version_string}' did not match required pattern"
-        )
-
-    version_tuple = [int(x) for x in match.groups()]
+    version_tuple = version_number_to_tuple(version_string)

    # Look through the existing releases
    existing = get_existing_release_tags(include_prerelease=False)
@@ -83,35 +163,68 @@ def check_version_number(version_string, allow_duplicate=False):
    # Assume that this is the highest release, unless told otherwise
    highest_release = True

+    # A non-standard tag cannot be the 'highest' release
+    if len(version_tuple) >= 4 and version_tuple[3]:
+        highest_release = False
+        print(f"-- Version tag '{version_string}' cannot be the highest release")
+
    for release in existing:
-        if release == version_tuple and not allow_duplicate:
+        if version_string == release and not allow_duplicate:
            raise ValueError(f"Duplicate release '{version_string}' exists!")

-        if release > version_tuple:
+        release_tuple = version_number_to_tuple(release)
+
+        if release_tuple > version_tuple:
            highest_release = False
            print(f'Found newer release: {release!s}')

+    if highest_release:
+        print(f"-- Version '{version_string}' is the highest release")
+
    return highest_release


-if __name__ == '__main__':
+def main() -> bool:
+    """Run the version check."""
+    parser = argparse.ArgumentParser(description='InvenTree Version Check')
+    parser.add_argument(
+        '--show-version',
+        action='store_true',
+        help='Print the InvenTree version and exit',
+    )
+    parser.add_argument(
+        '--show-api-version',
+        action='store_true',
+        help='Print the InvenTree API version and exit',
+    )
+    parser.add_argument(
+        '--decrement-api',
+        type=str,
+        default='false',
+        help='Decrement the API version by 1 and print',
+    )
+
+    args = parser.parse_args()
+
+    inventree_version = get_inventree_version()
+    inventree_api_version = int(get_api_version())
+
+    if args.show_version:
+        print(inventree_version)
+        sys.exit(0)
+
+    if args.show_api_version:
+        if str(args.decrement_api).strip().lower() == 'true':
+            inventree_api_version -= 1
+        print(inventree_api_version)
+        sys.exit(0)
+
    # Ensure that we are running in GH Actions
    if os.environ.get('GITHUB_ACTIONS', '') != 'true':
        print('This script is intended to be run within a GitHub Action!')
-        sys.exit(1)
+        return False

-    if 'only_version' in sys.argv:
-        here = Path(__file__).parent.absolute()
-        version_file = here.joinpath(
-            '..', '..', 'src', 'backend', 'InvenTree', 'InvenTree', 'api_version.py'
-        )
-        text = version_file.read_text()
-        results = re.findall(r"""INVENTREE_API_VERSION = (.*)""", text)
-        # If 2. args is true lower the version number by 1
-        if len(sys.argv) > 2 and sys.argv[2] == 'true':
-            results[0] = str(int(results[0]) - 1)
-        print(results[0])
-        exit(0)
+    print('Running InvenTree version check...')

    # GITHUB_REF_TYPE may be either 'branch' or 'tag'
    GITHUB_REF_TYPE = os.environ['GITHUB_REF_TYPE']
@@ -127,26 +240,10 @@ if __name__ == '__main__':
    print(f'GITHUB_REF_TYPE: {GITHUB_REF_TYPE}')
    print(f'GITHUB_BASE_REF: {GITHUB_BASE_REF}')

-    here = Path(__file__).parent.absolute()
-    version_file = here.joinpath(
-        '..', '..', 'src', 'backend', 'InvenTree', 'InvenTree', 'version.py'
+    print(
+        f"InvenTree Version: '{inventree_version}' - {version_number_to_tuple(inventree_version)}"
    )
-
-    version = None
-
-    with open(version_file, encoding='utf-8') as f:
-        text = f.read()
-
-        # Extract the InvenTree software version
-        results = re.findall(r"""INVENTREE_SW_VERSION = '(.*)'""", text)
-
-        if len(results) != 1:
-            print(f'Could not find INVENTREE_SW_VERSION in {version_file}')
-            sys.exit(1)
-
-        version = results[0]
-
-    print(f"InvenTree Version: '{version}'")
+    print(f"InvenTree API Version: '{inventree_api_version}'")

    # Check version number and look for existing versions
    # If a release is found which matches the current tag, throw an error
@@ -161,18 +258,22 @@ if __name__ == '__main__':
    if GITHUB_BASE_REF == 'stable':
        allow_duplicate = True

-    highest_release = check_version_number(version, allow_duplicate=allow_duplicate)
+    highest_release = check_version_number(
+        inventree_version, allow_duplicate=allow_duplicate
+    )

    # Determine which docker tag we are going to use
-    docker_tags = None
+    docker_tags: Optional[list[str]] = None

    if GITHUB_REF_TYPE == 'tag':
        # GITHUB_REF should be of the form /refs/heads/<tag>
-        version_tag = GITHUB_REF.split('/')[-1]
+        version_tag: str = GITHUB_REF.split('/')[-1]
        print(f"Checking requirements for tagged release - '{version_tag}':")

-        if version_tag != version:
-            print(f"Version number '{version}' does not match tag '{version_tag}'")
+        if version_tag != inventree_version:
+            print(
+                f"Version number '{inventree_version}' does not match tag '{version_tag}'"
+            )
            sys.exit

        docker_tags = [version_tag, 'stable'] if highest_release else [version_tag]
@@ -180,20 +281,21 @@ if __name__ == '__main__':
    elif GITHUB_REF_TYPE == 'branch':
        # Otherwise we know we are targeting the 'master' branch
        docker_tags = ['latest']
+        highest_release = False

    else:
        print('Unsupported branch / version combination:')
-        print(f'InvenTree Version: {version}')
+        print(f'InvenTree Version: {inventree_version}')
        print('GITHUB_REF_TYPE:', GITHUB_REF_TYPE)
        print('GITHUB_BASE_REF:', GITHUB_BASE_REF)
        print('GITHUB_REF:', GITHUB_REF)
-        sys.exit(1)
+        return False

    if docker_tags is None:
        print('Docker tags could not be determined')
-        sys.exit(1)
+        return False

-    print(f"Version check passed for '{version}'!")
+    print(f"Version check passed for '{inventree_version}'!")
    print(f"Docker tags: '{docker_tags}'")

    target_repos = [REPO.lower(), f'ghcr.io/{REPO.lower()}']
@@ -208,3 +310,11 @@ if __name__ == '__main__':

        if GITHUB_REF_TYPE == 'tag' and highest_release:
            env_file.write('stable_release=true\n')
+    return True
+
+
+if __name__ == '__main__':
+    rslt = main()
+    if rslt is not True:
+        print('Version check failed!')
+        sys.exit(1)
--- a/.github/workflows/check_translations.yaml
+++ b/.github/workflows/check_translations.yaml
@@ -9,7 +9,7 @@ on:
      - l10

 env:
-  python_version: 3.9
+  python_version: 3.11

 permissions:
  contents: read
@@ -31,7 +31,7 @@ jobs:

    steps:
      - name: Checkout Code
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false

--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -39,7 +39,7 @@ jobs:
      docker: ${{ steps.filter.outputs.docker }}

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # pin@v3.0.2
@@ -55,12 +55,11 @@ jobs:

  # Build the docker image
  build:
+    name: Docker Build Test
    needs: paths-filter
    if: needs.paths-filter.outputs.docker == 'true' || github.event_name == 'release' || github.event_name == 'push' || contains(github.event.pull_request.labels.*.name, 'full-run')
    permissions:
      contents: read
-      packages: write
-      id-token: write
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      python_version: "3.11"
@@ -68,19 +67,9 @@ jobs:

    steps:
      - name: Check out repo
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
-      - name: Set Up Python ${{ env.python_version }}
-        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # pin@v5.6.0
-        with:
-          python-version: ${{ env.python_version }}
-      - name: Version Check
-        run: |
-          pip install --require-hashes -r contrib/dev_reqs/requirements.txt
-          python3 .github/scripts/version_check.py
-          echo "git_commit_hash=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
-          echo "git_commit_date=$(git show -s --format=%ci)" >> $GITHUB_ENV
      - name: Test Docker Image
        id: test-docker
        run: |
@@ -124,22 +113,68 @@ jobs:
      - name: Run Unit Tests
        run: |
          echo "GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> contrib/container/docker.dev.env
-          docker compose --project-directory . -f contrib/container/dev-docker-compose.yml run --rm inventree-dev-server invoke dev.test --check --disable-pty --translations
+          docker compose --project-directory . -f contrib/container/dev-docker-compose.yml run --rm inventree-dev-server invoke dev.test --disable-pty --translations
+
+  # Run migration test
+  migration_test:
+    name: Migration Test
+    needs: paths-filter
+    if: needs.paths-filter.outputs.docker == 'true' || github.event_name == 'release' || github.event_name == 'push'
+    permissions:
+      contents: read
+    env:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      python_version: "3.11"
+    runs-on: ubuntu-latest # in the future we can try to use alternative runners here
+
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
+        with:
+          persist-credentials: false
      - name: Run Migration Tests
        run: |
-          docker compose --project-directory . -f contrib/container/dev-docker-compose.yml run --rm inventree-dev-server invoke dev.test --check --migrations --translations
-      - name: Clean up test folder
+          docker compose --project-directory . -f contrib/container/dev-docker-compose.yml run --rm inventree-dev-server invoke update
+          docker compose --project-directory . -f contrib/container/dev-docker-compose.yml run --rm inventree-dev-server invoke dev.setup-dev
+          docker compose --project-directory . -f contrib/container/dev-docker-compose.yml run --rm inventree-dev-server invoke dev.test --migrations --translations
+
+  # Build and publish
+  publish:
+    name: Publish Docker Image
+    needs: [build, migration_test]
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+    env:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      python_version: "3.11"
+    runs-on: ubuntu-latest # in the future we can try to use alternative runners here
+
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
+        with:
+          persist-credentials: false
+      - name: Set Up Python ${{ env.python_version }}
+        uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # pin@v6.1.0
+        with:
+          python-version: ${{ env.python_version }}
+      - name: Version Check
        run: |
-          rm -rf InvenTree/_testfolder
+          pip install --require-hashes -r contrib/dev_reqs/requirements.txt
+          python3 .github/scripts/version_check.py
+          echo "git_commit_hash=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
+          echo "git_commit_date=$(git show -s --format=%ci)" >> $GITHUB_ENV
      - name: Set up QEMU
        if: github.event_name != 'pull_request'
-        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # pin@v3.6.0
+        uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # pin@v3.7.0
      - name: Set up Docker Buildx
        if: github.event_name != 'pull_request'
        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # pin@v3.11.1
      - name: Set up cosign
        if: github.event_name != 'pull_request'
-        uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # pin@v3.9.2
+        uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # pin@v4.0.0
      - name: Check if Dockerhub login is required
        id: docker_login
        run: |
@@ -150,14 +185,14 @@ jobs:
          fi
      - name: Login to Dockerhub
        if: github.event_name != 'pull_request' && steps.docker_login.outputs.skip_dockerhub_login != 'true'
-        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # pin@v3.5.0
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # pin@v3.6.0
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}

      - name: Log into registry ghcr.io
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # pin@v3.5.0
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # pin@v3.6.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
@@ -166,7 +201,7 @@ jobs:
      - name: Extract Docker metadata
        if: github.event_name != 'pull_request'
        id: meta
-        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # pin@v5.8.0
+        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # pin@v5.10.0
        with:
          images: |
            inventree/inventree
--- a/.github/workflows/qc_checks.yaml
+++ b/.github/workflows/qc_checks.yaml
@@ -9,7 +9,7 @@ on:
    branches-ignore: ["l10*"]

 env:
-  python_version: 3.9
+  python_version: 3.11
  node_version: 20
  # The OS version must be set per job
  server_start_sleep: 60
@@ -41,7 +41,7 @@ jobs:
      requirements: ${{ steps.filter.outputs.requirements }}

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # pin@v3.0.2
@@ -82,11 +82,11 @@ jobs:
    if: needs.paths-filter.outputs.cicd == 'true' || needs.paths-filter.outputs.server == 'true' || needs.paths-filter.outputs.frontend == 'true' || needs.paths-filter.outputs.requirements == 'true' || needs.paths-filter.outputs.force == 'true'

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - name: Set up Python ${{ env.python_version }}
-        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # pin@v5.6.0
+        uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # pin@v6.1.0
        with:
          python-version: ${{ env.python_version }}
          cache: "pip"
@@ -97,6 +97,27 @@ jobs:
          pip install --require-hashes -r contrib/dev_reqs/requirements.txt
          python3 .github/scripts/version_check.py

+  typecheck:
+    name: Style [Typecheck]
+    runs-on: ubuntu-24.04
+    needs: [paths-filter, pre-commit]
+    if: needs.paths-filter.outputs.server == 'true' || needs.paths-filter.outputs.requirements == 'true' || needs.paths-filter.outputs.force == 'true'
+
+    steps:
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
+        with:
+          persist-credentials: false
+      - name: Environment Setup
+        id: setup
+        uses: ./.github/actions/setup
+        with:
+          apt-dependency: gettext poppler-utils
+          dev-install: true
+          update: true
+      - name: Check types
+        run: |
+          ty check --python ${Python_ROOT_DIR}/bin/python3
+
  mkdocs:
    name: Style [Documentation]
    runs-on: ubuntu-24.04
@@ -105,11 +126,11 @@ jobs:

    steps:
      - name: Checkout Code
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - name: Set up Python ${{ env.python_version }}
-        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # pin@v5.6.0
+        uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # pin@v6.1.0
        with:
          python-version: ${{ env.python_version }}
      - name: Check Config
@@ -143,7 +164,7 @@ jobs:
      version: ${{ steps.version.outputs.version }}

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - name: Environment Setup
@@ -155,7 +176,7 @@ jobs:
      - name: Export API Documentation
        run: invoke dev.schema --ignore-warnings --filename src/backend/InvenTree/schema.yml
      - name: Upload schema
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # pin@v4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # pin@v5.0.0
        with:
          name: schema.yml
          path: src/backend/InvenTree/schema.yml
@@ -164,8 +185,8 @@ jobs:
          API: ${{ needs.paths-filter.outputs.api }}
        run: |
          pip install --require-hashes -r contrib/dev_reqs/requirements.txt >/dev/null 2>&1
-          version="$(python3 .github/scripts/version_check.py only_version ${API} 2>&1)"
-          echo "Version: $version"
+          version="$(python3 .github/scripts/version_check.py --show-api-version --decrement-api=${API} 2>&1)"
+          echo "API Version: $version"
          url="https://raw.githubusercontent.com/inventree/schema/main/export/${version}/api.yaml"
          echo "URL: $url"
          code=$(curl -s -o api.yaml $url --write-out '%{http_code}' --silent)
@@ -198,23 +219,23 @@ jobs:
        if: github.ref == 'refs/heads/master' && needs.paths-filter.outputs.api == 'true'
        run: |
          pip install --require-hashes -r contrib/dev_reqs/requirements.txt >/dev/null 2>&1
-          version="$(python3 .github/scripts/version_check.py only_version 2>&1)"
-          echo "Version: $version"
+          version="$(python3 .github/scripts/version_check.py --show-api-version 2>&1)"
+          echo "API Version: $version"
          echo "version=$version" >> "$GITHUB_OUTPUT"
      - name: Extract settings / tags
        run: invoke int.export-definitions --basedir docs
      - name: Upload settings
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # pin@v4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # pin@v5.0.0
        with:
          name: inventree_settings.json
          path: docs/generated/inventree_settings.json
      - name: Upload tags
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # pin@v4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # pin@v5.0.0
        with:
          name: inventree_tags.yml
          path: docs/generated/inventree_tags.yml
      - name: Upload filters
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # pin@v4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # pin@v5.0.0
        with:
          name: inventree_filters.yml
          path: docs/generated/inventree_filters.yml
@@ -228,7 +249,7 @@ jobs:
      version: ${{ needs.schema.outputs.version }}

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        name: Checkout Code
        with:
          repository: inventree/schema
@@ -237,7 +258,7 @@ jobs:
      - name: Create artifact directory
        run: mkdir -p artifact
      - name: Download schema artifact
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # pin@v5.0.0
+        uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # pin@v6.0.0
        with:
          path: artifact
          merge-multiple: true
@@ -254,7 +275,7 @@ jobs:
          echo "after move"
          ls -la artifact
          rm -rf artifact
-      - uses: stefanzweifel/git-auto-commit-action@778341af668090896ca464160c2def5d1d1a3eb0 # pin@v6.0.1
+      - uses: stefanzweifel/git-auto-commit-action@28e16e81777b558cc906c8750092100bbb34c5e3 # pin@v7.0.0
        name: Commit schema changes
        with:
          commit_message: "Update API schema for ${{ env.version }} / ${{ github.sha }}"
@@ -281,9 +302,9 @@ jobs:
      INVENTREE_LOG_LEVEL: WARNING

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
-          persist-credentials: true
+          persist-credentials: false
      - name: Environment Setup
        uses: ./.github/actions/setup
        with:
@@ -313,8 +334,8 @@ jobs:
    continue-on-error: true # continue if a step fails so that coverage gets pushed
    strategy:
      matrix:
-        python_version: [3.9]
-        # python_version: [3.9, 3.12]  # Disabled due to requirement issues
+        python_version: [3.11]
+        # python_version: [3.11, 3.14]  # Disabled due to requirement issues

    env:
      INVENTREE_DB_NAME: ./inventree.sqlite
@@ -325,7 +346,7 @@ jobs:
      python_version: ${{ matrix.python_version }}

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - name: Environment Setup
@@ -343,13 +364,13 @@ jobs:
      - name: Coverage Tests
        run: invoke dev.test --check --coverage --translations
      - name: Upload raw coverage to artifacts
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # pin@v4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # pin@v5.0.0
        with:
          name: coverage
          path: .coverage
          retention-days: 14
      - name: Upload coverage reports to Codecov
-        uses: codecov/codecov-action@fdcc8476540edceab3de004e990f80d881c6cc00 # pin@v5.5.0
+        uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # pin@v5.5.1
        if: always()
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
@@ -376,7 +397,7 @@ jobs:

    services:
      postgres:
-        image: postgres:14
+        image: postgres:17
        env:
          POSTGRES_USER: inventree
          POSTGRES_PASSWORD: password
@@ -384,12 +405,12 @@ jobs:
          - 5432:5432

      redis:
-        image: redis
+        image: redis:8
        ports:
          - 6379:6379

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - name: Environment Setup
@@ -425,7 +446,7 @@ jobs:

    services:
      mysql:
-        image: mysql:latest
+        image: mysql:9
        env:
          MYSQL_ALLOW_EMPTY_PASSWORD: yes
          MYSQL_DATABASE: ${{ env.INVENTREE_DB_NAME }}
@@ -437,7 +458,7 @@ jobs:
          - 3306:3306

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - name: Environment Setup
@@ -471,7 +492,7 @@ jobs:

    services:
      postgres:
-        image: postgres:14
+        image: postgres:17
        env:
          POSTGRES_USER: inventree
          POSTGRES_PASSWORD: password
@@ -479,7 +500,7 @@ jobs:
          - 5432:5432

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - name: Environment Setup
@@ -492,7 +513,7 @@ jobs:
      - name: Run Tests
        run: invoke dev.test --check --migrations --report --coverage --translations
      - name: Upload coverage reports to Codecov
-        uses: codecov/codecov-action@fdcc8476540edceab3de004e990f80d881c6cc00 # pin@v5.5.0
+        uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # pin@v5.5.1
        if: always()
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
@@ -513,7 +534,7 @@ jobs:
      INVENTREE_PLUGINS_ENABLED: false

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
        name: Checkout Code
@@ -567,7 +588,7 @@ jobs:
    if: needs.paths-filter.outputs.frontend == 'true' || needs.paths-filter.outputs.force == 'true'
    services:
      postgres:
-        image: postgres:15
+        image: postgres:17
        env:
          POSTGRES_DB: inventree
          POSTGRES_USER: inventree_user
@@ -592,7 +613,7 @@ jobs:
      VITE_COVERAGE_BUILD: true

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - name: Environment Setup
@@ -614,7 +635,7 @@ jobs:
      - name: Run Playwright tests
        id: tests
        run: cd src/frontend && npx nyc playwright test
-      - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # pin@v4.6.2
+      - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # pin@v5.0.0
        if: ${{ !cancelled() && steps.tests.outcome == 'failure' }}
        with:
          name: playwright-report
@@ -623,7 +644,7 @@ jobs:
      - name: Report coverage
        run: cd src/frontend && npx nyc report --report-dir ./coverage --temp-dir .nyc_output --reporter=lcov --exclude-after-remap false
      - name: Upload coverage reports to Codecov
-        uses: codecov/codecov-action@fdcc8476540edceab3de004e990f80d881c6cc00 # pin@v5.5.0
+        uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # pin@v5.5.1
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
          slug: inventree/InvenTree
@@ -642,7 +663,7 @@ jobs:
    timeout-minutes: 60

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - name: Environment Setup
@@ -659,7 +680,7 @@ jobs:
        run: |
          cd src/backend/InvenTree/web/static
          zip -r frontend-build.zip web/ web/.vite
-      - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # pin@v4.6.2
+      - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # pin@v5.0.0
        with:
          name: frontend-build
          path: src/backend/InvenTree/web/static/web
@@ -675,7 +696,7 @@ jobs:
      security-events: write
    steps:
      - name: Checkout repository
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - uses: hynek/setup-cached-uv@757bedc3f972eb7227a1aa657651f15a8527c817 # pin@v2
@@ -684,7 +705,7 @@ jobs:
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # pin@v3
+        uses: github/codeql-action/upload-sarif@fdbfb4d2750291e159f0156def62b853c2798ca2 # pin@v3
        with:
          sarif_file: results.sarif
          category: zizmor
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -7,7 +7,7 @@ on:
 permissions:
  contents: read
 env:
-  python_version: 3.9
+  python_version: 3.11

 jobs:
  stable:
@@ -20,7 +20,7 @@ jobs:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
      - name: Checkout Code
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - name: Version Check
@@ -28,7 +28,7 @@ jobs:
          pip install --require-hashes -r contrib/dev_reqs/requirements.txt
          python3 .github/scripts/version_check.py
      - name: Push to Stable Branch
-        uses: ad-m/github-push-action@d91a481090679876dfc4178fef17f286781251df # pin@v0.8.0
+        uses: ad-m/github-push-action@77c5b412c50b723d2a4fbc6d71fb5723bcd439aa # pin@v1.0.0
        if: env.stable_release == 'true'
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
@@ -43,7 +43,7 @@ jobs:
      contents: write
      attestations: write
    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - name: Environment Setup
@@ -55,7 +55,7 @@ jobs:
      - name: Build frontend
        run: cd src/frontend && npm run compile && npm run build
      - name: Create SBOM for frontend
-        uses: anchore/sbom-action@da167eac915b4e86f08b264dbdbc867b61be6f0c # pin@v0
+        uses: anchore/sbom-action@fbfd9c6c189226748411491745178e0c2017392d # pin@v0
        with:
          artifact-name: frontend-build.spdx
          path: src/frontend
@@ -76,7 +76,7 @@ jobs:
          subject-path: "${{ github.workspace }}/src/backend/InvenTree/web/static/frontend-build.zip"

      - name: Upload frontend
-        uses: svenstaro/upload-release-action@81c65b7cd4de9b2570615ce3aad67a41de5b1a13 # pin@2.11.2
+        uses: svenstaro/upload-release-action@6b7fa9f267e90b50a19fef07b3596790bb941741 # pin@2.11.3
        with:
          repo_token: ${{ secrets.GITHUB_TOKEN }}
          file: src/backend/InvenTree/web/static/frontend-build.zip
@@ -84,7 +84,7 @@ jobs:
          tag: ${{ github.ref }}
          overwrite: true
      - name: Upload Attestation
-        uses: svenstaro/upload-release-action@81c65b7cd4de9b2570615ce3aad67a41de5b1a13 # pin@2.11.2
+        uses: svenstaro/upload-release-action@6b7fa9f267e90b50a19fef07b3596790bb941741 # pin@2.11.3
        with:
          repo_token: ${{ secrets.GITHUB_TOKEN }}
          asset_name: frontend-build.intoto.jsonl
@@ -107,7 +107,7 @@ jobs:
      INVENTREE_DEBUG: true

    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
          persist-credentials: false
      - name: Environment Setup
@@ -127,7 +127,7 @@ jobs:
          cd docs/site
          zip -r docs-html.zip *
      - name: Publish documentation
-        uses: svenstaro/upload-release-action@81c65b7cd4de9b2570615ce3aad67a41de5b1a13 # pin@2.11.2
+        uses: svenstaro/upload-release-action@6b7fa9f267e90b50a19fef07b3596790bb941741 # pin@2.11.3
        with:
          repo_token: ${{ secrets.GITHUB_TOKEN }}
          file: docs/site/docs-html.zip
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -32,12 +32,12 @@ jobs:

    steps:
      - name: "Checkout code"
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
        with:
          persist-credentials: false

      - name: "Run analysis"
-        uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
+        uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
        with:
          results_file: results.sarif
          results_format: sarif
@@ -59,7 +59,7 @@ jobs:
      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
      # format to the repository Actions tab.
      - name: "Upload artifact"
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
        with:
          name: SARIF file
          path: results.sarif
@@ -67,6 +67,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.30.0
+        uses: github/codeql-action/upload-sarif@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5
        with:
          sarif_file: results.sarif
--- a/.github/workflows/stale.yaml
+++ b/.github/workflows/stale.yaml
@@ -16,7 +16,7 @@ jobs:
      pull-requests: write

    steps:
-      - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # pin@v9.1.0
+      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # pin@v10.1.1
        with:
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          stale-issue-message: "This issue seems stale. Please react to show this is still important."
--- a/.github/workflows/translations.yaml
+++ b/.github/workflows/translations.yaml
@@ -6,7 +6,7 @@ on:
      - master

 env:
-  python_version: 3.9
+  python_version: 3.11
  node_version: 20

 permissions:
@@ -32,9 +32,9 @@ jobs:

    steps:
      - name: Checkout Code
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6.0.1
        with:
-          persist-credentials: true
+          persist-credentials: false
      - name: Environment Setup
        uses: ./.github/actions/setup
        with:
@@ -56,7 +56,7 @@ jobs:
          echo "Resetting to HEAD~"
          git reset HEAD~ || true
      - name: crowdin action
-        uses: crowdin/github-action@9787f4fcb6a8450929673f1e8db841e8a5c35a2f # pin@v2
+        uses: crowdin/github-action@60debf382ee245b21794321190ad0501db89d8c1 # pin@v2
        with:
          upload_sources: true
          upload_translations: false
--- a/.gitignore
+++ b/.gitignore
@@ -37,6 +37,11 @@ local_settings.py
 *.backup
 *.old

+# Files generated by profiling tools
+*.prof
+*.log
+*.sql
+
 # Files used for testing
 inventree-demo-dataset/
 inventree-data/
--- a/.pkgr.yml
+++ b/.pkgr.yml
@@ -2,10 +2,8 @@ name: inventree
 description: Open Source Inventory Management System
 homepage: https://inventree.org
 notifications: true
-buildpack: https://github.com/mjmair/heroku-buildpack-python#v216-mjmair
+buildpack: https://github.com/matmair/null-buildpack#master
 env:
-  - STACK=heroku-20
-  - DISABLE_COLLECTSTATIC=1
  - INVENTREE_DB_ENGINE=sqlite3
  - INVENTREE_DB_NAME=database.sqlite3
  - INVENTREE_PLUGINS_ENABLED
@@ -22,9 +20,9 @@ before:
  - contrib/packager.io/before.sh
 dependencies:
  - curl
-  - "python3.9 | python3.10 | python3.11"
-  - "python3.9-venv | python3.10-venv | python3.11-venv"
-  - "python3.9-dev | python3.10-dev | python3.11-dev"
+  - "python3.11 | python3.12 | python3.13 | python3.14"
+  - "python3.11-venv | python3.12-venv | python3.13-venv | python3.14-venv"
+  - "python3.11-dev | python3.12-dev | python3.13-dev | python3.14-dev"
  - python3-pip
  - python3-cffi
  - python3-brotli
@@ -37,5 +35,6 @@ dependencies:
  - jq
  - "libffi7 | libffi8"
 targets:
-  ubuntu-20.04: true
-  debian-11: true
+  ubuntu-22.04: true
+  ubuntu-24.04: true
+  debian-12: true
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -10,7 +10,7 @@ exclude: |
    )$
 repos:
 -   repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v5.0.0
+    rev: v6.0.0
    hooks:
    -   id: trailing-whitespace
    -   id: end-of-file-fixer
@@ -18,18 +18,18 @@ repos:
        exclude: mkdocs.yml
    -   id: mixed-line-ending
 -   repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.11.13
+    rev: v0.14.8
    hooks:
    - id: ruff-format
      args: [--preview]
-    - id: ruff
+    - id: ruff-check
      args: [
        --fix,
        # --unsafe-fixes,
        --preview
      ]
 -   repo: https://github.com/astral-sh/uv-pre-commit
-    rev: 0.7.12
+    rev: 0.9.16
    hooks:
      - id: pip-compile
        name: pip-compile requirements-dev.in
@@ -71,16 +71,16 @@ repos:
          src/frontend/vite.config.ts |
      )$
 -   repo: https://github.com/biomejs/pre-commit
-    rev: v2.0.0-beta.5
+    rev: v2.3.8
    hooks:
    -   id: biome-check
        additional_dependencies: ["@biomejs/biome@1.9.4"]
        files: ^src/frontend/.*\.(js|ts|tsx)$
 -   repo: https://github.com/gitleaks/gitleaks
-    rev: v8.27.2
+    rev: v8.30.0
    hooks:
    -   id: gitleaks
-        language_version: 1.23.6
+        language_version: 1.25.4
 #-   repo: https://github.com/jumanjihouse/pre-commit-hooks
 #    rev: 3.0.0
 #    hooks:
--- a/.python-version
+++ b/.python-version
@@ -1 +0,0 @@
-3.9.2
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -11,7 +11,7 @@
      "program": "${workspaceFolder}/src/backend/InvenTree/manage.py",
      "args": [
        "runserver",
-        // "0.0.0.0:8000", // expose server in network (useful for testing with mobile app)
+        "0.0.0.0:8000", // expose server in network (useful for testing with mobile app)
        // "--noreload" // disable auto-reload
      ],
      "django": true,
@@ -35,7 +35,8 @@
      "request": "launch",
      "program": "${workspaceFolder}/src/backend/InvenTree/manage.py",
      "args": [
-        "runserver"
+        "runserver",
+        "0.0.0.0:8000"
      ],
      "django": true,
      "justMyCode": false
@@ -44,7 +45,7 @@
      "name": "InvenTree invoke schema",
      "type": "debugpy",
      "request": "launch",
-      "program": "${workspaceFolder}/.venv/lib/python3.9/site-packages/invoke/__main__.py",
+      "program": "${workspaceFolder}/.venv/lib/python3.11/site-packages/invoke/__main__.py",
      "cwd": "${workspaceFolder}",
      "args": [
        "dev.schema","--ignore-warnings"
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,16 +5,56 @@ All notable changes to this project will be documented in this file (starting wi
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

-## [Unreleased] - yyyy-mm-dd (in UTC)
+## Unreleased - YYYY-MM-DD
+
+### Breaking Changes
+
+- [#10699](https://github.com/inventree/InvenTree/pull/10699) removes the `PartParameter` and `PartParameterTempalate` models (and associated API endpoints). These have been replaced with generic `Parameter` and `ParameterTemplate` models (and API endpoints). Any external client applications which made use of the old endpoints will need to be updated.

 ### Added

+- Adds "Category" columns to BOM and Build Item tables and APIs in [#10722](https://github.com/inventree/InvenTree/pull/10772)
+- Adds generic "Parameter" and "ParameterTemplate" models (and associated API endpoints) in [#10699](https://github.com/inventree/InvenTree/pull/10699)
+- Adds parameter support for multiple new model types in [#10699](https://github.com/inventree/InvenTree/pull/10699)
+- Allows report generator to produce PDF input controls in [#10969](https://github.com/inventree/InvenTree/pull/10969)
+- UI overhaul of parameter management in [#10699](https://github.com/inventree/InvenTree/pull/10699)
+
 ### Changed

+-
+
 ### Removed
+- Removed python 3.9 / 3.10 support as part of Django 5.2 upgrade in [#10730](https://github.com/inventree/InvenTree/pull/10730)
+- Removed the "PartParameter" and "PartParameterTemplate" models (and associated API endpoints) in [#10699](https://github.com/inventree/InvenTree/pull/10699)
+- Removed the "ManufacturerPartParameter" model (and associated API endpoints) [#10699](https://github.com/inventree/InvenTree/pull/10699)
+
+## 1.1.0 - 2025-11-02
+
+### Added
+
+- Added `order_queryset` report helper function in [#10439](https://github.com/inventree/InvenTree/pull/10439)
+- Added `SupplierMixin` to import data from suppliers in [#9761](https://github.com/inventree/InvenTree/pull/9761)
+- Added much more detailed status information for machines to the API endpoint (including backend and frontend changes) in [#10381](https://github.com/inventree/InvenTree/pull/10381)
+- Added ability to partially complete and partially scrap build outputs in [#10499](https://github.com/inventree/InvenTree/pull/10499)
+- Added support for Redis ACL user-based authentication in [#10551](https://github.com/inventree/InvenTree/pull/10551)
+- Expose stock adjustment forms to the UI plugin context in [#10584](https://github.com/inventree/InvenTree/pull/10584)
+- Allow stock adjustments for "in production" items in [#10600](https://github.com/inventree/InvenTree/pull/10600)
+- Adds optional shipping address against individual sales order shipments in [#10650](https://github.com/inventree/InvenTree/pull/10650)
+- Adds UI elements to "check" and "uncheck" sales order shipments in [#10654](https://github.com/inventree/InvenTree/pull/10654)
+- Allow assigning project codes to order line items in [#10657](https://github.com/inventree/InvenTree/pull/10657)
+- Added support for webauthn login for the frontend in [#9729](https://github.com/inventree/InvenTree/pull/9729)
+- Added support for Debian 12, Ubuntu 22.04 and Ubuntu 24.04 in the installer and package in [#10705](https://github.com/inventree/InvenTree/pull/10705)
+- Support for S3 and SFTP storage backends for media and static files ([#10140](https://github.com/inventree/InvenTree/pull/10140))
+- Adds hooks for custom UI spotlight actions in [#10720](https://github.com/inventree/InvenTree/pull/10720)
+- Support uploading attachments against SupplierPart in [#10724](https://github.com/inventree/InvenTree/pull/10724)
+
+### Changed
+
+- Changed site URL check to allow protocol mismatches if `INVENTREE_SITE_LAX_PROTOCOL` is set to `True` (default) in [#10454](https://github.com/inventree/InvenTree/pull/10454)
+- Changed call signature of `get_global_setting` to use `environment_key` instead of `enviroment_key` in [#10557](https://github.com/inventree/InvenTree/pull/10557)


-## [Unreleased - 1.0.0 ] - 2025-07-xx
+## 1.0.0 - 2025-09-15

 The first "stable" release following semver but not extensively other than the previous releases. The use of 1.0 indicates the stability that users already expect from InvenTree.

@@ -22,10 +62,5 @@ An overarching theme of this release is the complete switch to a new UI framewor

 Our blog holds [a few articles](https://inventree.org/blog/2024/09/23/ui-roadmap) on the topic. This journey started in [March 2022](https://github.com/inventree/InvenTree/issues/2789) and was announced [in 2023](https://inventree.org/blog/2023/08/28/react).

-### Added

-
-### Changed
-
-
-### Removed
+Specific entries to the changelog will be kept for all stable channel minor releases, for changes in 1.0 please refer to the [blog posts](https://inventree.org/blog/2025/09/15/1.0.0) and the [milestone](https://github.com/inventree/InvenTree/milestone/17)
--- a/README.md
+++ b/README.md
@@ -130,7 +130,7 @@ Refer to the [getting started guide](https://docs.inventree.org/en/latest/start/
 <!-- Mobile App -->
 ## 	:iphone: Mobile App

-InvenTree is supported by a [companion mobile app](https://docs.inventree.org/app/) which allows users access to stock control information and functionality.
+InvenTree is supported by a [companion mobile app](https://docs.inventree.org/en/latest/app/) which allows users access to stock control information and functionality.

 <div align="center"><h4>
    <a href="https://play.google.com/store/apps/details?id=inventree.inventree_app">Android Play Store</a>
--- a/contrib/container/.env
+++ b/contrib/container/.env
@@ -13,6 +13,11 @@ INVENTREE_SITE_URL="http://inventree.localhost"
 #INVENTREE_SITE_URL="http://192.168.1.2"  # You can specify a local IP address here
 #INVENTREE_SITE_URL="https://inventree.my-domain.com"  # Or a public domain name (which you control)

+# InvenTree proxy forwarding settings
+INVENTREE_USE_X_FORWARDED_HOST=True
+INVENTREE_USE_X_FORWARDED_PORT=True
+INVENTREE_USE_X_FORWARDED_PROTO=True
+
 # Specify the location of the external data volume
 # By default, placed in local directory 'inventree-data'
 INVENTREE_EXT_VOLUME=./inventree-data
@@ -23,7 +28,8 @@ INVENTREE_LOG_LEVEL=WARNING
 # Enable custom plugins?
 INVENTREE_PLUGINS_ENABLED=True

-# Run migrations automatically?
+# Run database migrations automatically?
+# Note: This does not negate the need to run "invoke update"
 INVENTREE_AUTO_UPDATE=True

 # InvenTree superuser account details
--- a/contrib/container/Caddyfile
+++ b/contrib/container/Caddyfile
@@ -30,9 +30,9 @@
 }

 # The default server address is configured in the .env file
-# If not specified, the default address is used - http://inventree.localhost
+# If not specified, the proxy listens for all http/https traffic
 # If you need to listen on multiple addresses, or use a different port, you can modify this section directly
-{$INVENTREE_SITE_URL:http://inventree.localhost} {
+{$INVENTREE_SITE_URL:"http://, https://"} {
 	import log_common inventree

 	encode gzip
--- a/contrib/container/Dockerfile
+++ b/contrib/container/Dockerfile
@@ -149,7 +149,7 @@ COPY --from=builder_stage ${INVENTREE_BACKEND_DIR}/InvenTree/web/static/web ${IN
 COPY --from=builder_stage /root/.local /root/.local

 # Launch the production server
-CMD ["sh", "-c", "exec gunicorn -c ./gunicorn.conf.py InvenTree.wsgi -b 0.0.0.0:8000 --chdir ${INVENTREE_BACKEND_DIR}/InvenTree"]
+CMD ["sh", "-c", "exec gunicorn -c ./gunicorn.conf.py InvenTree.wsgi -b ${INVENTREE_WEB_ADDR}:${INVENTREE_WEB_PORT} --chdir ${INVENTREE_BACKEND_DIR}/InvenTree"]

 FROM builder_stage AS dev

--- a/contrib/container/docker-compose.yml
+++ b/contrib/container/docker-compose.yml
@@ -101,6 +101,7 @@ services:
        restart: unless-stopped

    # caddy acts as reverse proxy and static file server
+    # You can adjust the ports that the proxy listens on via the .env file
    # https://hub.docker.com/_/caddy
    inventree-proxy:
        container_name: inventree-proxy
@@ -109,8 +110,8 @@ services:
        depends_on:
            - inventree-server
        ports:
-            - ${INVENTREE_WEB_PORT:-80}:80
-            - 443:443
+            - ${INVENTREE_HTTP_PORT:-80}:80
+            - ${INVENTREE_HTTPS_PORT:-443}:443
        env_file:
            - .env
        volumes:
--- a/contrib/container/init.sh
+++ b/contrib/container/init.sh
@@ -1,4 +1,4 @@
-#!/bin/ash
+#!/bin/bash

 # exit when any command fails
 set -e
--- a/contrib/container/requirements.in
+++ b/contrib/container/requirements.in
@@ -17,7 +17,7 @@ gunicorn>=22.0.0
 # LDAP required packages
 django-auth-ldap                # Django integration for ldap auth
 python-ldap                     # LDAP auth support
-django<5.0                      # Force lower to match main project
+django<6.0                      # Force lower to match main project

 # Upgraded python package installer
 uv
--- a/contrib/container/requirements.txt
+++ b/contrib/container/requirements.txt
@@ -1,12 +1,12 @@
 # This file was autogenerated by uv via the following command:
 #    uv pip compile contrib/container/requirements.in -o contrib/container/requirements.txt --python-version=3.11 --no-strip-extras --generate-hashes -b src/backend/requirements.txt
-asgiref==3.9.1 \
-    --hash=sha256:a5ab6582236218e5ef1648f242fd9f10626cfd4de8dc377db215d5d5098e3142 \
-    --hash=sha256:f3bba7092a48005b5f5bacd747d36ee4a5a61f4a269a6df590b43144355ebd2c
+asgiref==3.10.0 \
+    --hash=sha256:aef8a81283a34d0ab31630c9b7dfe70c812c95eba78171367ca8745e88124734 \
+    --hash=sha256:d89f2d8cd8b56dada7d52fa7dc8075baa08fb836560710d38c292a7a3f78c04e
    # via django
-django==4.2.23 \
-    --hash=sha256:42fdeaba6e6449d88d4f66de47871015097dc6f1b87910db00a91946295cfae4 \
-    --hash=sha256:dafbfaf52c2f289bd65f4ab935791cb4fb9a198f2a5ba9faf35d7338a77e9803
+django==5.2.9 \
+    --hash=sha256:16b5ccfc5e8c27e6c0561af551d2ea32852d7352c67d452ae3e76b4f6b2ca495 \
+    --hash=sha256:3a4ea88a70370557ab1930b332fd2887a9f48654261cdffda663fef5976bb00a
    # via
    #   -r contrib/container/requirements.in
    #   django-auth-ldap
@@ -18,22 +18,24 @@ gunicorn==23.0.0 \
    --hash=sha256:ec400d38950de4dfd418cff8328b2c8faed0edb0d517d3394e457c317908ca4d \
    --hash=sha256:f014447a0101dc57e294f6c18ca6b40227a4c90e9bdb586042628030cba004ec
    # via -r contrib/container/requirements.in
-invoke==2.2.0 \
-    --hash=sha256:6ea924cc53d4f78e3d98bc436b08069a03077e6f85ad1ddaa8a116d7dad15820 \
-    --hash=sha256:ee6cbb101af1a859c7fe84f2a264c059020b0cb7fe3535f9424300ab568f6bd5
+invoke==2.2.1 \
+    --hash=sha256:2413bc441b376e5cd3f55bb5d364f973ad8bdd7bf87e53c79de3c11bf3feecc8 \
+    --hash=sha256:515bf49b4a48932b79b024590348da22f39c4942dff991ad1fb8b8baea1be707
    # via -r contrib/container/requirements.in
-mariadb==1.1.13 \
-    --hash=sha256:0604c57e6f90ff7ef190a56894d2b32ca5f0182924b5159be9319ba243ffbf98 \
-    --hash=sha256:1c9aa9a31f943737c3a58bb4dc9deb9cf2b50b3ec807f90c5c99c7b35f8442bd \
-    --hash=sha256:358ecdc8775f4a97357fc233bb84a1c8d8d52866ee5fe98f2d13e9e58a04b6fb \
-    --hash=sha256:36c644c13ecf3e38cb89f37f9bd054703760b94c881476492fe789801a063ce3 \
-    --hash=sha256:376c0d120e5ac1f172e1498defb395e2420d5e80b3b26a16b58acf831cb4a53a \
-    --hash=sha256:3a0fd24fae2b9990dc13a0a427a43d4a5434cc2a8c3b260a27f40b7824719037 \
-    --hash=sha256:6ec51ad2e33312c397cfcc5e2bca59861f572d5e8880e025d43db9a5d472a3a9 \
-    --hash=sha256:c15ab872f1e951dd1bd4006d2ee2b942156f66c1cd724a1b2992dc02c47dff6a \
-    --hash=sha256:d6fa7f2cdfae762d2d69b71e51f61415d0251118a622a6d06c7f05261579100a \
-    --hash=sha256:d941d5e99cfa86e1f184250fe831f6ee09a103b26675e275186119e455cd95dc \
-    --hash=sha256:f49467e7076819ccf21a7e5ef030761af2160b23ce4484d88d260459809d90ff
+mariadb==1.1.14 \
+    --hash=sha256:0f5fc74023f2e479be159542633f8b5865fee18a36e5a6d4e262387b39a692ee \
+    --hash=sha256:1a50b4612c0dd5b69690cebb34cef552a7f64dcadeb5aa91d70cd99bf01bc5b3 \
+    --hash=sha256:3d2c795cde606f4e12c0d73282b062433f414cae035675b0d81f2d65c9b79ac5 \
+    --hash=sha256:3f6fdc4ded5e0500a6a29bf0c8bf1be94189dcef5a8d5e0e154a4b3456f86bcc \
+    --hash=sha256:4c7f33578da163a1b79929aae241f5f981d7b9d5a94d89e589aad7ec58e313ea \
+    --hash=sha256:55ddbe5272c292cbcb2968d87681b5d2b327e65646a015e324b8eeb804d14531 \
+    --hash=sha256:5b514362ba3ad3ef7ada91bc8a8b3b4c0e5144efce96b5bffa3dbc46b8af7d7a \
+    --hash=sha256:6659725837e48fa6af05e20128fb525029f706f1921d5dbf639a25b2f80b9f93 \
+    --hash=sha256:685a1ad2a24fd0aae1c4416fe0ac794adc84ab9209c8d0c57078f770d39731db \
+    --hash=sha256:7fd603c5cf23c47ef0d28fdc2b4b79919ee7f75d00ed070d3cd1054dcf816aeb \
+    --hash=sha256:932a95016b7e9b8d78893aa5ee608e74199e3c6dd607dbe5e4da2010a4f67b88 \
+    --hash=sha256:98d552a8bb599eceaa88f65002ad00bd88aeed160592c273a7e5c1d79ab733dd \
+    --hash=sha256:e6d702a53eccf20922e47f2f45cfb5c7a0c2c6c0a46e4ee2d8a80d0ff4a52f34
    # via -r contrib/container/requirements.in
 mysqlclient==2.2.7 \
    --hash=sha256:199dab53a224357dd0cb4d78ca0e54018f9cee9bf9ec68d72db50e0a23569076 \
@@ -51,80 +53,77 @@ packaging==25.0 \
    # via
    #   gunicorn
    #   mariadb
-psycopg[binary, pool]==3.2.9 \
-    --hash=sha256:01a8dadccdaac2123c916208c96e06631641c0566b22005493f09663c7a8d3b6 \
-    --hash=sha256:2fbb46fcd17bc81f993f28c47f1ebea38d66ae97cc2dbc3cad73b37cefbff700
+psycopg[binary, pool]==3.2.12 \
+    --hash=sha256:85c08d6f6e2a897b16280e0ff6406bef29b1327c045db06d21f364d7cd5da90b \
+    --hash=sha256:8a1611a2d4c16ae37eada46438be9029a35bb959bb50b3d0e1e93c0f3d54c9ee
    # via -r contrib/container/requirements.in
-psycopg-binary==3.2.9 \
-    --hash=sha256:001e986656f7e06c273dd4104e27f4b4e0614092e544d950c7c938d822b1a894 \
-    --hash=sha256:08bf9d5eabba160dd4f6ad247cf12f229cc19d2458511cab2eb9647f42fa6795 \
-    --hash=sha256:093a0c079dd6228a7f3c3d82b906b41964eaa062a9a8c19f45ab4984bf4e872b \
-    --hash=sha256:0e8aeefebe752f46e3c4b769e53f1d4ad71208fe1150975ef7662c22cca80fab \
-    --hash=sha256:14f64d1ac6942ff089fc7e926440f7a5ced062e2ed0949d7d2d680dc5c00e2d4 \
-    --hash=sha256:166acc57af5d2ff0c0c342aed02e69a0cd5ff216cae8820c1059a6f3b7cf5f78 \
-    --hash=sha256:18ac08475c9b971237fcc395b0a6ee4e8580bb5cf6247bc9b8461644bef5d9f4 \
-    --hash=sha256:1b2cf018168cad87580e67bdde38ff5e51511112f1ce6ce9a8336871f465c19a \
-    --hash=sha256:1ed2bab85b505d13e66a914d0f8cdfa9475c16d3491cf81394e0748b77729af2 \
-    --hash=sha256:1f1736d5b21f69feefeef8a75e8d3bf1f0a1e17c165a7488c3111af9d6936e91 \
-    --hash=sha256:2290bc146a1b6a9730350f695e8b670e1d1feb8446597bed0bbe7c3c30e0abcb \
-    --hash=sha256:24ddb03c1ccfe12d000d950c9aba93a7297993c4e3905d9f2c9795bb0764d523 \
-    --hash=sha256:2504e9fd94eabe545d20cddcc2ff0da86ee55d76329e1ab92ecfcc6c0a8156c4 \
-    --hash=sha256:25ab464bfba8c401f5536d5aa95f0ca1dd8257b5202eede04019b4415f491351 \
-    --hash=sha256:354dea21137a316b6868ee41c2ae7cce001e104760cf4eab3ec85627aed9b6cd \
-    --hash=sha256:387c87b51d72442708e7a853e7e7642717e704d59571da2f3b29e748be58c78a \
-    --hash=sha256:39a127e0cf9b55bd4734a8008adf3e01d1fd1cb36339c6a9e2b2cbb6007c50ee \
-    --hash=sha256:3db3ba3c470801e94836ad78bf11fd5fab22e71b0c77343a1ee95d693879937a \
-    --hash=sha256:413f9e46259fe26d99461af8e1a2b4795a4e27cc8ac6f7919ec19bcee8945074 \
-    --hash=sha256:418f52b77b715b42e8ec43ee61ca74abc6765a20db11e8576e7f6586488a266f \
-    --hash=sha256:4bfec4a73e8447d8fe8854886ffa78df2b1c279a7592241c2eb393d4499a17e2 \
-    --hash=sha256:4c1ab25e3134774f1e476d4bb9050cdec25f10802e63e92153906ae934578734 \
-    --hash=sha256:4df22ec17390ec5ccb38d211fb251d138d37a43344492858cea24de8efa15003 \
-    --hash=sha256:528239bbf55728ba0eacbd20632342867590273a9bacedac7538ebff890f1093 \
-    --hash=sha256:52e239cd66c4158e412318fbe028cd94b0ef21b0707f56dcb4bdc250ee58fd40 \
-    --hash=sha256:587a3f19954d687a14e0c8202628844db692dbf00bba0e6d006659bf1ca91cbe \
-    --hash=sha256:5918c0fab50df764812f3ca287f0d716c5c10bedde93d4da2cefc9d40d03f3aa \
-    --hash=sha256:5be8292d07a3ab828dc95b5ee6b69ca0a5b2e579a577b39671f4f5b47116dfd2 \
-    --hash=sha256:5d2c9fe14fe42b3575a0b4e09b081713e83b762c8dc38a3771dd3265f8f110e7 \
-    --hash=sha256:61d0a6ceed8f08c75a395bc28cb648a81cf8dee75ba4650093ad1a24a51c8724 \
-    --hash=sha256:6a76b4722a529390683c0304501f238b365a46b1e5fb6b7249dbc0ad6fea51a0 \
-    --hash=sha256:6afb3e62f2a3456f2180a4eef6b03177788df7ce938036ff7f09b696d418d186 \
-    --hash=sha256:72691a1615ebb42da8b636c5ca9f2b71f266be9e172f66209a361c175b7842c5 \
-    --hash=sha256:72fdbda5b4c2a6a72320857ef503a6589f56d46821592d4377c8c8604810342b \
-    --hash=sha256:76eddaf7fef1d0994e3d536ad48aa75034663d3a07f6f7e3e601105ae73aeff6 \
-    --hash=sha256:778588ca9897b6c6bab39b0d3034efff4c5438f5e3bd52fda3914175498202f9 \
-    --hash=sha256:791759138380df21d356ff991265fde7fe5997b0c924a502847a9f9141e68786 \
-    --hash=sha256:799fa1179ab8a58d1557a95df28b492874c8f4135101b55133ec9c55fc9ae9d7 \
-    --hash=sha256:7a838852e5afb6b4126f93eb409516a8c02a49b788f4df8b6469a40c2157fa21 \
-    --hash=sha256:7b617b81f08ad8def5edd110de44fd6d326f969240cc940c6f6b3ef21fe9c59f \
-    --hash=sha256:7e4660fad2807612bb200de7262c88773c3483e85d981324b3c647176e41fdc8 \
-    --hash=sha256:7fc2915949e5c1ea27a851f7a472a7da7d0a40d679f0a31e42f1022f3c562e87 \
-    --hash=sha256:95315b8c8ddfa2fdcb7fe3ddea8a595c1364524f512160c604e3be368be9dd07 \
-    --hash=sha256:96a551e4683f1c307cfc3d9a05fec62c00a7264f320c9962a67a543e3ce0d8ff \
-    --hash=sha256:98bbe35b5ad24a782c7bf267596638d78aa0e87abc7837bdac5b2a2ab954179e \
-    --hash=sha256:a1fa38a4687b14f517f049477178093c39c2a10fdcced21116f47c017516498f \
-    --hash=sha256:a3e0f89fe35cb03ff1646ab663dabf496477bab2a072315192dbaa6928862891 \
-    --hash=sha256:a4d76e28df27ce25dc19583407f5c6c6c2ba33b443329331ab29b6ef94c8736d \
-    --hash=sha256:ac2c04b6345e215e65ca6aef5c05cc689a960b16674eaa1f90a8f86dfaee8c04 \
-    --hash=sha256:ad280bbd409bf598683dda82232f5215cfc5f2b1bf0854e409b4d0c44a113b1d \
-    --hash=sha256:b2d7a6646d41228e9049978be1f3f838b557a1bde500b919906d54c4390f5086 \
-    --hash=sha256:b7e4e4dd177a8665c9ce86bc9caae2ab3aa9360b7ce7ec01827ea1baea9ff748 \
-    --hash=sha256:bb37ac3955d19e4996c3534abfa4f23181333974963826db9e0f00731274b695 \
-    --hash=sha256:bc75f63653ce4ec764c8f8c8b0ad9423e23021e1c34a84eb5f4ecac8538a4a4a \
-    --hash=sha256:be7d650a434921a6b1ebe3fff324dbc2364393eb29d7672e638ce3e21076974e \
-    --hash=sha256:cc19ed5c7afca3f6b298bfc35a6baa27adb2019670d15c32d0bb8f780f7d560d \
-    --hash=sha256:cf789be42aea5752ee396d58de0538d5fcb76795c85fb03ab23620293fb81b6f \
-    --hash=sha256:d9ac10a2ebe93a102a326415b330fff7512f01a9401406896e78a81d75d6eddc \
-    --hash=sha256:e0f05b9dafa5670a7503abc715af081dbbb176a8e6770de77bccaeb9024206c5 \
-    --hash=sha256:e4978c01ca4c208c9d6376bd585e2c0771986b76ff7ea518f6d2b51faece75e8 \
-    --hash=sha256:eac3a6e926421e976c1c2653624e1294f162dc67ac55f9addbe8f7b8d08ce603 \
-    --hash=sha256:f0d5b3af045a187aedbd7ed5fc513bd933a97aaff78e61c3745b330792c4345b \
-    --hash=sha256:f34e88940833d46108f949fdc1fcfb74d6b5ae076550cd67ab59ef47555dba95 \
-    --hash=sha256:fa5c80d8b4cbf23f338db88a7251cef8bb4b68e0f91cf8b6ddfa93884fdbb0c1 \
-    --hash=sha256:fb7599e436b586e265bea956751453ad32eb98be6a6e694252f4691c31b16edb
+psycopg-binary==3.2.12 \
+    --hash=sha256:095ccda59042a1239ac2fefe693a336cb5cecf8944a8d9e98b07f07e94e2b78d \
+    --hash=sha256:0afb71a99871a41dd677d207c6a988d978edde5d6a018bafaed4f9da45357055 \
+    --hash=sha256:100fdfee763d701f6da694bde711e264aca4c2bc84fb81e1669fb491ce11d219 \
+    --hash=sha256:13cd057f406d2c8063ae8b489395b089a7f23c39aff223b5ea39f0c4dd640550 \
+    --hash=sha256:15e226f0d8af85cc8b2435b2e9bc6f0d40febc79eef76cf20fceac4d902a6a7b \
+    --hash=sha256:16db2549a31ccd4887bef05570d95036813ce25fd9810b523ba1c16b0f6cfd90 \
+    --hash=sha256:1c1dbeb8e97d00a33dfa9987776ce3d1c1e4cc251dfbd663b8f9e173f5c89d17 \
+    --hash=sha256:1d7cedecbe0bb60a2e72b1613fba4072a184a6472d6cc9aa99e540217f544e3e \
+    --hash=sha256:2598d0e4f2f258da13df0560187b3f1dfc9b8688c46b9d90176360ae5212c3fc \
+    --hash=sha256:26b5927b5880b396231ab6190ee5c8fb47ed3f459b53504ed5419faaf16d3bfb \
+    --hash=sha256:294f08b014f08dfd3c9b72408f5e1a0fd187bd86d7a85ead651e32dbd47aa038 \
+    --hash=sha256:2aa80ca8d17266507bef853cecefa7d632ffd087883ee7ca92b8a7ea14a1e581 \
+    --hash=sha256:2d55009eeddbef54c711093c986daaf361d2c4210aaa1ee905075a3b97a62441 \
+    --hash=sha256:310c95a68a9b948b89d6d187622757d57b6c26cece3c3f7c2cbb645ee36531b2 \
+    --hash=sha256:32b3e12d9441508f9c4e1424f4478b1a518a90a087cd54be3754e74954934194 \
+    --hash=sha256:356b4266e5cde7b5bbcf232f549dedf7fbed4983daa556042bdec397780e044d \
+    --hash=sha256:385c7b5cfffac115f413b8e32c941c85ea0960e0b94a6ef43bb260f774c54893 \
+    --hash=sha256:3c1e38b1eda54910628f68448598139a9818973755abf77950057372c1fe89a6 \
+    --hash=sha256:3e9c9e64fb7cda688e9488402611c0be2c81083664117edcc709d15f37faa30f \
+    --hash=sha256:442f20153415f374ae5753ca618637611a41a3c58c56d16ce55f845d76a3cf7b \
+    --hash=sha256:489b154891f1c995355adeb1077ee3479e9c9bada721b93270c20243bbad6542 \
+    --hash=sha256:48a8e29f3e38fcf8d393b8fe460d83e39c107ad7e5e61cd3858a7569e0554a39 \
+    --hash=sha256:49582c3b6d578bdaab2932b59f70b1bd93351ed4d594b2c97cea1611633c9de1 \
+    --hash=sha256:58ed30d33c25d7dc8d2f06285e88493147c2a660cc94713e4b563a99efb80a1f \
+    --hash=sha256:5b6e505618cb376a7a7d6af86833a8f289833fe4cc97541d7100745081dc31bd \
+    --hash=sha256:66a031f22e4418016990446d3e38143826f03ad811b9f78f58e2afbc1d343f7a \
+    --hash=sha256:6a898717ab560db393355c6ecf39b8c534f252afc3131480db1251e061090d3a \
+    --hash=sha256:7130effd0517881f3a852eff98729d51034128f0737f64f0d1c7ea8343d77bd7 \
+    --hash=sha256:72fd979e410ba7805462817ef8ed6f37dd75f9f4ae109bdb8503e013ccecb80b \
+    --hash=sha256:77690f0bf08356ca00fc357f50a5980c7a25f076c2c1f37d9d775a278234fefd \
+    --hash=sha256:79de3cc5adbf51677009a8fda35ac9e9e3686d5595ab4b0c43ec7099ece6aeb5 \
+    --hash=sha256:7b9a99ded7d19b24d3b6fa632b58e52bbdecde7e1f866c3b23d0c27b092af4e3 \
+    --hash=sha256:802bd01fb18a0acb0dea491f69a9a2da6034f33329a62876ab5b558a1fb66b45 \
+    --hash=sha256:8335d989a4e94df2ccd8a1acbba9d03c4157ea8d73b65b79d447c6dc10b001d8 \
+    --hash=sha256:89b3c5201ca616d69ca0c3c0003ca18f7170a679c445c7e386ebfb4f29aa738e \
+    --hash=sha256:8ffe75fe6be902dadd439adf4228c98138a992088e073ede6dd34e7235f4e03e \
+    --hash=sha256:909de94de7dd4d6086098a5755562207114c9638ec42c52d84c8a440c45fe084 \
+    --hash=sha256:940ac69ef6e89c17b3d30f3297a2ad03efdd06a4b1857f81bc533a9108a90eb9 \
+    --hash=sha256:95f2806097a49bfd57e0c6a178f77b99487c53c157d9d507aee9c40dd58efdb4 \
+    --hash=sha256:9c674887d1e0d4384c06c822bc7fcfede4952742e232ec1e76b5a6ae39a3ddd4 \
+    --hash=sha256:9fdf3a0c24822401c60c93640da69b3dfd4d9f29c3a8d797244fe22bfe592823 \
+    --hash=sha256:ab02b7d138768fd6ac4230e45b073f7b9fd688d88c04f24c34df4a250a94d066 \
+    --hash=sha256:acb1811219a4144539f0baee224a11a2aa323a739c349799cf52f191eb87bc52 \
+    --hash=sha256:bfd632f7038c76b0921f6d5621f5ba9ecabfad3042fa40e5875db11771d2a5de \
+    --hash=sha256:ce68839da386f137bc8d814fdbeede8f89916b8605e3593a85b504a859243af9 \
+    --hash=sha256:d369e79ad9647fc8217cbb51bbbf11f9a1ffca450be31d005340157ffe8e91b3 \
+    --hash=sha256:dc68094e00a5a7e8c20de1d3a0d5e404a27f522e18f8eb62bbbc9f865c3c81ef \
+    --hash=sha256:deeb06b7141f3a577c3aa8562307e2747580ae43d705a0482603a2c1f110d046 \
+    --hash=sha256:e0b5ccd03ca4749b8f66f38608ccbcb415cbd130d02de5eda80d042b83bee90e \
+    --hash=sha256:ea049c8d33c4f4e6b030d5a68123c0ccd2ffb77d4035f073db97187b49b6422f \
+    --hash=sha256:ea9751310b840186379c949ede5a5129b31439acdb929f3003a8685372117ed8 \
+    --hash=sha256:ec82fa5134517af44e28a30c38f34384773a0422ffd545fd298433ea9f2cc5a9 \
+    --hash=sha256:eedc410f82007038030650aa58f620f9fe0009b9d6b04c3dc71cbd3bae5b2675 \
+    --hash=sha256:ef40601b959cc1440deaf4d53472ab54fa51036c37189cf3fe5500559ac25347 \
+    --hash=sha256:ef92d5ba6213de060d1390b1f71f5c3b2fbb00b4d55edee39f3b07234538b64a \
+    --hash=sha256:efab679a2c7d1bf7d0ec0e1ecb47fe764945eff75bb4321f2e699b30a12db9b3 \
+    --hash=sha256:f33c9e12ed05e579b7fb3c8fdb10a165f41459394b8eb113e7c377b2bd027f61 \
+    --hash=sha256:f3bae4be7f6781bf6c9576eedcd5e1bb74468126fa6de991e47cdb1a8ea3a42a \
+    --hash=sha256:f6ba1fe35fd215813dac4544a5ffc90f13713b29dd26e9e5be97ba53482bf6d6 \
+    --hash=sha256:f7c81bc60560be9eb3c23601237765069ebfa9881097ce19ca6b5ea17c5faa8f \
+    --hash=sha256:f8107968a9eadb451cfa6cf86036006fdde32a83cd39c26c9ca46765e653b547 \
+    --hash=sha256:f821e0c8a8fdfddfa71acb4f462d7a4c5aae1655f3f5e078970dbe9f19027386
    # via psycopg
-psycopg-pool==3.2.6 \
-    --hash=sha256:0f92a7817719517212fbfe2fd58b8c35c1850cdd2a80d36b581ba2085d9148e5 \
-    --hash=sha256:5887318a9f6af906d041a0b1dc1c60f8f0dda8340c2572b74e10907b51ed5da7
+psycopg-pool==3.2.7 \
+    --hash=sha256:4b47bb59d887ef5da522eb63746b9f70e2faf967d34aac4f56ffc65e9606728f \
+    --hash=sha256:a77d531bfca238e49e5fb5832d65b98e69f2c62bfda3d2d4d833696bdc9ca54b
    # via psycopg
 pyasn1==0.6.1 \
    --hash=sha256:0d632f46f2ba09143da3a8afe9e33fb6f92fa2320ab7e886e2d0f7672af84629 \
@@ -136,65 +135,85 @@ pyasn1-modules==0.4.2 \
    --hash=sha256:29253a9207ce32b64c3ac6600edc75368f98473906e8fd1043bd6b5b1de2c14a \
    --hash=sha256:677091de870a80aae844b1ca6134f54652fa2c8c5a52aa396440ac3106e941e6
    # via python-ldap
-python-ldap==3.4.4 \
-    --hash=sha256:7edb0accec4e037797705f3a05cbf36a9fde50d08c8f67f2aef99a2628fab828
+python-ldap==3.4.5 \
+    --hash=sha256:b2f6ef1c37fe2c6a5a85212efe71311ee21847766a7d45fcb711f3b270a5f79a
    # via
    #   -r contrib/container/requirements.in
    #   django-auth-ldap
-pyyaml==6.0.2 \
-    --hash=sha256:01179a4a8559ab5de078078f37e5c1a30d76bb88519906844fd7bdea1b7729ff \
-    --hash=sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48 \
-    --hash=sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086 \
-    --hash=sha256:0b69e4ce7a131fe56b7e4d770c67429700908fc0752af059838b1cfb41960e4e \
-    --hash=sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133 \
-    --hash=sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5 \
-    --hash=sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484 \
-    --hash=sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee \
-    --hash=sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5 \
-    --hash=sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68 \
-    --hash=sha256:24471b829b3bf607e04e88d79542a9d48bb037c2267d7927a874e6c205ca7e9a \
-    --hash=sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf \
-    --hash=sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99 \
-    --hash=sha256:39693e1f8320ae4f43943590b49779ffb98acb81f788220ea932a6b6c51004d8 \
-    --hash=sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85 \
-    --hash=sha256:3b1fdb9dc17f5a7677423d508ab4f243a726dea51fa5e70992e59a7411c89d19 \
-    --hash=sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc \
-    --hash=sha256:43fa96a3ca0d6b1812e01ced1044a003533c47f6ee8aca31724f78e93ccc089a \
-    --hash=sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1 \
-    --hash=sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317 \
-    --hash=sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c \
-    --hash=sha256:6395c297d42274772abc367baaa79683958044e5d3835486c16da75d2a694631 \
-    --hash=sha256:688ba32a1cffef67fd2e9398a2efebaea461578b0923624778664cc1c914db5d \
-    --hash=sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652 \
-    --hash=sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5 \
-    --hash=sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e \
-    --hash=sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b \
-    --hash=sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8 \
-    --hash=sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476 \
-    --hash=sha256:82d09873e40955485746739bcb8b4586983670466c23382c19cffecbf1fd8706 \
-    --hash=sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563 \
-    --hash=sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237 \
-    --hash=sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b \
-    --hash=sha256:9056c1ecd25795207ad294bcf39f2db3d845767be0ea6e6a34d856f006006083 \
-    --hash=sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180 \
-    --hash=sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425 \
-    --hash=sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e \
-    --hash=sha256:a8786accb172bd8afb8be14490a16625cbc387036876ab6ba70912730faf8e1f \
-    --hash=sha256:a9f8c2e67970f13b16084e04f134610fd1d374bf477b17ec1599185cf611d725 \
-    --hash=sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183 \
-    --hash=sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab \
-    --hash=sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774 \
-    --hash=sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725 \
-    --hash=sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e \
-    --hash=sha256:d7fded462629cfa4b685c5416b949ebad6cec74af5e2d42905d41e257e0869f5 \
-    --hash=sha256:d84a1718ee396f54f3a086ea0a66d8e552b2ab2017ef8b420e92edbc841c352d \
-    --hash=sha256:d8e03406cac8513435335dbab54c0d385e4a49e4945d2909a581c83647ca0290 \
-    --hash=sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44 \
-    --hash=sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed \
-    --hash=sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4 \
-    --hash=sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba \
-    --hash=sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12 \
-    --hash=sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4
+pyyaml==6.0.3 \
+    --hash=sha256:00c4bdeba853cc34e7dd471f16b4114f4162dc03e6b7afcc2128711f0eca823c \
+    --hash=sha256:0150219816b6a1fa26fb4699fb7daa9caf09eb1999f3b70fb6e786805e80375a \
+    --hash=sha256:02893d100e99e03eda1c8fd5c441d8c60103fd175728e23e431db1b589cf5ab3 \
+    --hash=sha256:02ea2dfa234451bbb8772601d7b8e426c2bfa197136796224e50e35a78777956 \
+    --hash=sha256:0f29edc409a6392443abf94b9cf89ce99889a1dd5376d94316ae5145dfedd5d6 \
+    --hash=sha256:10892704fc220243f5305762e276552a0395f7beb4dbf9b14ec8fd43b57f126c \
+    --hash=sha256:16249ee61e95f858e83976573de0f5b2893b3677ba71c9dd36b9cf8be9ac6d65 \
+    --hash=sha256:1d37d57ad971609cf3c53ba6a7e365e40660e3be0e5175fa9f2365a379d6095a \
+    --hash=sha256:1ebe39cb5fc479422b83de611d14e2c0d3bb2a18bbcb01f229ab3cfbd8fee7a0 \
+    --hash=sha256:214ed4befebe12df36bcc8bc2b64b396ca31be9304b8f59e25c11cf94a4c033b \
+    --hash=sha256:2283a07e2c21a2aa78d9c4442724ec1eb15f5e42a723b99cb3d822d48f5f7ad1 \
+    --hash=sha256:22ba7cfcad58ef3ecddc7ed1db3409af68d023b7f940da23c6c2a1890976eda6 \
+    --hash=sha256:27c0abcb4a5dac13684a37f76e701e054692a9b2d3064b70f5e4eb54810553d7 \
+    --hash=sha256:28c8d926f98f432f88adc23edf2e6d4921ac26fb084b028c733d01868d19007e \
+    --hash=sha256:2e71d11abed7344e42a8849600193d15b6def118602c4c176f748e4583246007 \
+    --hash=sha256:34d5fcd24b8445fadc33f9cf348c1047101756fd760b4dacb5c3e99755703310 \
+    --hash=sha256:37503bfbfc9d2c40b344d06b2199cf0e96e97957ab1c1b546fd4f87e53e5d3e4 \
+    --hash=sha256:3c5677e12444c15717b902a5798264fa7909e41153cdf9ef7ad571b704a63dd9 \
+    --hash=sha256:3ff07ec89bae51176c0549bc4c63aa6202991da2d9a6129d7aef7f1407d3f295 \
+    --hash=sha256:41715c910c881bc081f1e8872880d3c650acf13dfa8214bad49ed4cede7c34ea \
+    --hash=sha256:418cf3f2111bc80e0933b2cd8cd04f286338bb88bdc7bc8e6dd775ebde60b5e0 \
+    --hash=sha256:44edc647873928551a01e7a563d7452ccdebee747728c1080d881d68af7b997e \
+    --hash=sha256:4a2e8cebe2ff6ab7d1050ecd59c25d4c8bd7e6f400f5f82b96557ac0abafd0ac \
+    --hash=sha256:4ad1906908f2f5ae4e5a8ddfce73c320c2a1429ec52eafd27138b7f1cbe341c9 \
+    --hash=sha256:501a031947e3a9025ed4405a168e6ef5ae3126c59f90ce0cd6f2bfc477be31b7 \
+    --hash=sha256:5190d403f121660ce8d1d2c1bb2ef1bd05b5f68533fc5c2ea899bd15f4399b35 \
+    --hash=sha256:5498cd1645aa724a7c71c8f378eb29ebe23da2fc0d7a08071d89469bf1d2defb \
+    --hash=sha256:5cf4e27da7e3fbed4d6c3d8e797387aaad68102272f8f9752883bc32d61cb87b \
+    --hash=sha256:5e0b74767e5f8c593e8c9b5912019159ed0533c70051e9cce3e8b6aa699fcd69 \
+    --hash=sha256:5ed875a24292240029e4483f9d4a4b8a1ae08843b9c54f43fcc11e404532a8a5 \
+    --hash=sha256:5fcd34e47f6e0b794d17de1b4ff496c00986e1c83f7ab2fb8fcfe9616ff7477b \
+    --hash=sha256:5fdec68f91a0c6739b380c83b951e2c72ac0197ace422360e6d5a959d8d97b2c \
+    --hash=sha256:6344df0d5755a2c9a276d4473ae6b90647e216ab4757f8426893b5dd2ac3f369 \
+    --hash=sha256:64386e5e707d03a7e172c0701abfb7e10f0fb753ee1d773128192742712a98fd \
+    --hash=sha256:652cb6edd41e718550aad172851962662ff2681490a8a711af6a4d288dd96824 \
+    --hash=sha256:66291b10affd76d76f54fad28e22e51719ef9ba22b29e1d7d03d6777a9174198 \
+    --hash=sha256:66e1674c3ef6f541c35191caae2d429b967b99e02040f5ba928632d9a7f0f065 \
+    --hash=sha256:6adc77889b628398debc7b65c073bcb99c4a0237b248cacaf3fe8a557563ef6c \
+    --hash=sha256:79005a0d97d5ddabfeeea4cf676af11e647e41d81c9a7722a193022accdb6b7c \
+    --hash=sha256:7c6610def4f163542a622a73fb39f534f8c101d690126992300bf3207eab9764 \
+    --hash=sha256:7f047e29dcae44602496db43be01ad42fc6f1cc0d8cd6c83d342306c32270196 \
+    --hash=sha256:8098f252adfa6c80ab48096053f512f2321f0b998f98150cea9bd23d83e1467b \
+    --hash=sha256:850774a7879607d3a6f50d36d04f00ee69e7fc816450e5f7e58d7f17f1ae5c00 \
+    --hash=sha256:8d1fab6bb153a416f9aeb4b8763bc0f22a5586065f86f7664fc23339fc1c1fac \
+    --hash=sha256:8da9669d359f02c0b91ccc01cac4a67f16afec0dac22c2ad09f46bee0697eba8 \
+    --hash=sha256:8dc52c23056b9ddd46818a57b78404882310fb473d63f17b07d5c40421e47f8e \
+    --hash=sha256:9149cad251584d5fb4981be1ecde53a1ca46c891a79788c0df828d2f166bda28 \
+    --hash=sha256:93dda82c9c22deb0a405ea4dc5f2d0cda384168e466364dec6255b293923b2f3 \
+    --hash=sha256:96b533f0e99f6579b3d4d4995707cf36df9100d67e0c8303a0c55b27b5f99bc5 \
+    --hash=sha256:9c57bb8c96f6d1808c030b1687b9b5fb476abaa47f0db9c0101f5e9f394e97f4 \
+    --hash=sha256:9c7708761fccb9397fe64bbc0395abcae8c4bf7b0eac081e12b809bf47700d0b \
+    --hash=sha256:9f3bfb4965eb874431221a3ff3fdcddc7e74e3b07799e0e84ca4a0f867d449bf \
+    --hash=sha256:a33284e20b78bd4a18c8c2282d549d10bc8408a2a7ff57653c0cf0b9be0afce5 \
+    --hash=sha256:a80cb027f6b349846a3bf6d73b5e95e782175e52f22108cfa17876aaeff93702 \
+    --hash=sha256:b30236e45cf30d2b8e7b3e85881719e98507abed1011bf463a8fa23e9c3e98a8 \
+    --hash=sha256:b3bc83488de33889877a0f2543ade9f70c67d66d9ebb4ac959502e12de895788 \
+    --hash=sha256:b865addae83924361678b652338317d1bd7e79b1f4596f96b96c77a5a34b34da \
+    --hash=sha256:b8bb0864c5a28024fac8a632c443c87c5aa6f215c0b126c449ae1a150412f31d \
+    --hash=sha256:ba1cc08a7ccde2d2ec775841541641e4548226580ab850948cbfda66a1befcdc \
+    --hash=sha256:bdb2c67c6c1390b63c6ff89f210c8fd09d9a1217a465701eac7316313c915e4c \
+    --hash=sha256:c1ff362665ae507275af2853520967820d9124984e0f7466736aea23d8611fba \
+    --hash=sha256:c2514fceb77bc5e7a2f7adfaa1feb2fb311607c9cb518dbc378688ec73d8292f \
+    --hash=sha256:c3355370a2c156cffb25e876646f149d5d68f5e0a3ce86a5084dd0b64a994917 \
+    --hash=sha256:c458b6d084f9b935061bc36216e8a69a7e293a2f1e68bf956dcd9e6cbcd143f5 \
+    --hash=sha256:d0eae10f8159e8fdad514efdc92d74fd8d682c933a6dd088030f3834bc8e6b26 \
+    --hash=sha256:d76623373421df22fb4cf8817020cbb7ef15c725b9d5e45f17e189bfc384190f \
+    --hash=sha256:ebc55a14a21cb14062aa4162f906cd962b28e2e9ea38f9b4391244cd8de4ae0b \
+    --hash=sha256:eda16858a3cab07b80edaf74336ece1f986ba330fdb8ee0d6c0d68fe82bc96be \
+    --hash=sha256:ee2922902c45ae8ccada2c5b501ab86c36525b883eff4255313a253a3160861c \
+    --hash=sha256:efd7b85f94a6f21e4932043973a7ba2613b059c4a000551892ac9f1d11f5baf3 \
+    --hash=sha256:f7057c9a337546edc7973c0d3ba84ddcdf0daa14533c2065749c9075001090e6 \
+    --hash=sha256:fa160448684b4e94d80416c0fa4aac48967a969efe22931448d853ada8baf926 \
+    --hash=sha256:fc09d0aa354569bc501d4e787133afc08552722d3ab34836a80547331bb5d4a0
    # via -r contrib/container/requirements.in
 setuptools==80.9.0 \
    --hash=sha256:062d34222ad13e0cc312a4c02d73f059e86a4acbfbdea8f8f76b28c99f306922 \
@@ -204,32 +223,32 @@ sqlparse==0.5.3 \
    --hash=sha256:09f67787f56a0b16ecdbde1bfc7f5d9c3371ca683cfeaa8e6ff60b4807ec9272 \
    --hash=sha256:cf2196ed3418f3ba5de6af7e82c694a9fbdbfecccdfc72e281548517081f16ca
    # via django
-typing-extensions==4.14.1 \
-    --hash=sha256:38b39f4aeeab64884ce9f74c94263ef78f3c22467c8724005483154c26648d36 \
-    --hash=sha256:d1e1e3b58374dc93031d6eda2420a48ea44a36c2b4766a4fdeb3710755731d76
+typing-extensions==4.15.0 \
+    --hash=sha256:0cea48d173cc12fa28ecabc3b837ea3cf6f38c6d1136f85cbaaf598984861466 \
+    --hash=sha256:f0fa19c6845758ab08074a0cfa8b7aecb71c999ca73d62883bc25cc018c4e548
    # via
    #   psycopg
    #   psycopg-pool
-uv==0.8.6 \
-    --hash=sha256:0b524de39f317bd8733c38cf100b6f8091d44e06b23f7752523ad1ad1454ede3 \
-    --hash=sha256:132e73f1e9fe05edc6c06c00416f7c721c48298786fd7293be6c584793170bbc \
-    --hash=sha256:1913f5627c57076c88dd38b0173bdb006ae9b8dbd92b1798a1acc9d744c1a7cc \
-    --hash=sha256:2ac28509db2e52613a59264bdb150d13274ed13e5b305f7e274da8cd83033985 \
-    --hash=sha256:37227aaf1e41c7eda3d7f0028e747a2a2eed3f3506b0adc121a4366e8281115b \
-    --hash=sha256:4d4e042f6bd9f143094051a05de758684028f451e563846cbc0c6f505b530cca \
-    --hash=sha256:4e81380549151e34ae96d56499438444ba58591ca9f2fc6ba0a867152601849e \
-    --hash=sha256:57a98367bfad38e870e1a8a6626464796ffcee6e937d429fbd7b25ddf46bb36f \
-    --hash=sha256:5b201ebc1c5c76c3a415fa4edcb25a0e06263d2255319d6d52275c775e926e23 \
-    --hash=sha256:6acdc77099906ba64bc1b725bef973c10905d7e9596d1b25f271db772bc9e8e4 \
-    --hash=sha256:7796acc3c5b84d5ee5e10cc6cf92eb61c19f6551855d0aa89ef5925e4a371fbf \
-    --hash=sha256:7c1f48279ff61940143c78b969094e13324988eabcfcd4799f4350d9d36c1d48 \
-    --hash=sha256:993af2c295856c5ca053678a8dadc11ce2f85485513ed1568c16e98d5dfa88bf \
-    --hash=sha256:c9de4adac36a62e4bddd959ce65fb4bb09b0cbfd95946d50390f2a9c186ecb9c \
-    --hash=sha256:d96ff3a1d06a6a00ed94dfb2996228153b3b5bfc892174b7556216ab872a91b1 \
-    --hash=sha256:deab2ce32d2dd7a1c0de459aa23470c60feb0ea24e67c9c5c5988d8bf4eb4a09 \
-    --hash=sha256:e35cc1ef79d3dce2b6aeffbfb280d02d5ad741d4ca07874bdf0a4d85c841d9de \
-    --hash=sha256:ee67acf1b211be2cfbeaec16cde13c8325810d32ff85963a9dedd1f9d7c61ef7 \
-    --hash=sha256:fdceb1ef554df0ddc620bfe83fdcf740829e489c62f78ba1f089abd62c71c63e
+uv==0.9.8 \
+    --hash=sha256:0f03bc413c933dbf850ad0dc2dba3df6b80c860a5c65cd767add49da19dadef0 \
+    --hash=sha256:14670bf55ecb5cfd0f3654fbf51c58a21dec3ad8ab531079b3ed8599271dc77b \
+    --hash=sha256:1b8b5bdcda3e10ea70b618d0609acddc5c725cb58d4caf933030ddedd7c2e98f \
+    --hash=sha256:40253d00c1e900a0a61b132b1e0dd4aa83575cfd5302d3671899b6de29b1ef67 \
+    --hash=sha256:50d130c46d97d7f10675ebea8608b7b4722c84b5745cd1bb0c8ae6d7984c05d5 \
+    --hash=sha256:543693def38fa41b9706aba391111fe8d9dd6be86899d76f9581faf045ac1cb6 \
+    --hash=sha256:5af28f1645eb3c50fd34a78508792db2d0799816f4eb5f55e1e6e2c724dfb125 \
+    --hash=sha256:6a01d7cd41953ffac583139b10ad1df004a67c0246a6b694eb5bcdbc8c99deaf \
+    --hash=sha256:6df2e16f6df32018047c60bab2c0284868ad5c309addba9183ea2eeb71746bf0 \
+    --hash=sha256:7038a552159f2291dd0d1f4f66a36261b5f3ed5fcd92e2869186f8e910b2c935 \
+    --hash=sha256:75671150d6eb9d5ee829e1fdb8cf86b8e44a66d27cbb996fe807e986c4107b5d \
+    --hash=sha256:87c3b65b6d5fcbdeab199d54c74fbf75de19cb534a690c936c5616478a038576 \
+    --hash=sha256:99b18bfe92c33c3862b65d74677697e799763e669e0064685f405e7e27517f25 \
+    --hash=sha256:9f2f3576c4518ff4f15e48dbca70585a513523c4738bc8cc2e48b20fd1190ce3 \
+    --hash=sha256:a4010b3fdabbb3c4f2cf2f7aa3bf6002d00049dcbc54ce0ee5ada32a933b2290 \
+    --hash=sha256:bb0f8e83c2a2fc5a802e930cc8a7b71ab068180300a3f27ba38037f9fcb3d430 \
+    --hash=sha256:cdbfadca9522422ab9820f5ada071c9c5c869bcd6fee719d20d91d5ec85b2a7d \
+    --hash=sha256:d93a2227d23e81ab3a16c30363559afc483e8aca40ea9343b3f326a9a41718c9 \
+    --hash=sha256:f52c6a99197028a314d4c1825f7ccb696eb9a88b822d2e2f17046266c75e543e
    # via -r contrib/container/requirements.in
 wheel==0.45.1 \
    --hash=sha256:661e1abd9198507b1409a20c02106d9670b2576e916d58f520316666abca6729 \
--- a/contrib/dev_reqs/requirements.in
+++ b/contrib/dev_reqs/requirements.in
@@ -1,4 +1,4 @@
 # Packages needed for CI/packages
 requests==2.32.5
-pyyaml==6.0.2
-jc==1.25.5
+pyyaml==6.0.3
+jc==1.25.6
--- a/contrib/dev_reqs/requirements.txt
+++ b/contrib/dev_reqs/requirements.txt
@@ -1,231 +1,287 @@
 # This file was autogenerated by uv via the following command:
 #    uv pip compile contrib/dev_reqs/requirements.in -o contrib/dev_reqs/requirements.txt --no-strip-extras --generate-hashes -b src/backend/requirements.txt
-certifi==2025.8.3 \
-    --hash=sha256:e564105f78ded564e3ae7c923924435e1daa7463faeab5bb932bc53ffae63407 \
-    --hash=sha256:f6c12493cfb1b06ba2ff328595af9350c65d6644968e5d3a2ffd78699af217a5
+certifi==2025.10.5 \
+    --hash=sha256:0f212c2744a9bb6de0c56639a6f68afe01ecd92d91f14ae897c4fe7bbeeef0de \
+    --hash=sha256:47c09d31ccf2acf0be3f701ea53595ee7e0b8fa08801c6624be771df09ae7b43
    # via requests
-charset-normalizer==3.4.2 \
-    --hash=sha256:005fa3432484527f9732ebd315da8da8001593e2cf46a3d817669f062c3d9ed4 \
-    --hash=sha256:046595208aae0120559a67693ecc65dd75d46f7bf687f159127046628178dc45 \
-    --hash=sha256:0c29de6a1a95f24b9a1aa7aefd27d2487263f00dfd55a77719b530788f75cff7 \
-    --hash=sha256:0c8c57f84ccfc871a48a47321cfa49ae1df56cd1d965a09abe84066f6853b9c0 \
-    --hash=sha256:0f5d9ed7f254402c9e7d35d2f5972c9bbea9040e99cd2861bd77dc68263277c7 \
-    --hash=sha256:18dd2e350387c87dabe711b86f83c9c78af772c748904d372ade190b5c7c9d4d \
-    --hash=sha256:1b1bde144d98e446b056ef98e59c256e9294f6b74d7af6846bf5ffdafd687a7d \
-    --hash=sha256:1c95a1e2902a8b722868587c0e1184ad5c55631de5afc0eb96bc4b0d738092c0 \
-    --hash=sha256:1cad5f45b3146325bb38d6855642f6fd609c3f7cad4dbaf75549bf3b904d3184 \
-    --hash=sha256:21b2899062867b0e1fde9b724f8aecb1af14f2778d69aacd1a5a1853a597a5db \
-    --hash=sha256:24498ba8ed6c2e0b56d4acbf83f2d989720a93b41d712ebd4f4979660db4417b \
-    --hash=sha256:25a23ea5c7edc53e0f29bae2c44fcb5a1aa10591aae107f2a2b2583a9c5cbc64 \
-    --hash=sha256:289200a18fa698949d2b39c671c2cc7a24d44096784e76614899a7ccf2574b7b \
-    --hash=sha256:28a1005facc94196e1fb3e82a3d442a9d9110b8434fc1ded7a24a2983c9888d8 \
-    --hash=sha256:32fc0341d72e0f73f80acb0a2c94216bd704f4f0bce10aedea38f30502b271ff \
-    --hash=sha256:36b31da18b8890a76ec181c3cf44326bf2c48e36d393ca1b72b3f484113ea344 \
-    --hash=sha256:3c21d4fca343c805a52c0c78edc01e3477f6dd1ad7c47653241cf2a206d4fc58 \
-    --hash=sha256:3fddb7e2c84ac87ac3a947cb4e66d143ca5863ef48e4a5ecb83bd48619e4634e \
-    --hash=sha256:43e0933a0eff183ee85833f341ec567c0980dae57c464d8a508e1b2ceb336471 \
-    --hash=sha256:4a476b06fbcf359ad25d34a057b7219281286ae2477cc5ff5e3f70a246971148 \
-    --hash=sha256:4e594135de17ab3866138f496755f302b72157d115086d100c3f19370839dd3a \
-    --hash=sha256:50bf98d5e563b83cc29471fa114366e6806bc06bc7a25fd59641e41445327836 \
-    --hash=sha256:5a9979887252a82fefd3d3ed2a8e3b937a7a809f65dcb1e068b090e165bbe99e \
-    --hash=sha256:5baececa9ecba31eff645232d59845c07aa030f0c81ee70184a90d35099a0e63 \
-    --hash=sha256:5bf4545e3b962767e5c06fe1738f951f77d27967cb2caa64c28be7c4563e162c \
-    --hash=sha256:6333b3aa5a12c26b2a4d4e7335a28f1475e0e5e17d69d55141ee3cab736f66d1 \
-    --hash=sha256:65c981bdbd3f57670af8b59777cbfae75364b483fa8a9f420f08094531d54a01 \
-    --hash=sha256:68a328e5f55ec37c57f19ebb1fdc56a248db2e3e9ad769919a58672958e8f366 \
-    --hash=sha256:6a0289e4589e8bdfef02a80478f1dfcb14f0ab696b5a00e1f4b8a14a307a3c58 \
-    --hash=sha256:6b66f92b17849b85cad91259efc341dce9c1af48e2173bf38a85c6329f1033e5 \
-    --hash=sha256:6c9379d65defcab82d07b2a9dfbfc2e95bc8fe0ebb1b176a3190230a3ef0e07c \
-    --hash=sha256:6fc1f5b51fa4cecaa18f2bd7a003f3dd039dd615cd69a2afd6d3b19aed6775f2 \
-    --hash=sha256:70f7172939fdf8790425ba31915bfbe8335030f05b9913d7ae00a87d4395620a \
-    --hash=sha256:721c76e84fe669be19c5791da68232ca2e05ba5185575086e384352e2c309597 \
-    --hash=sha256:7222ffd5e4de8e57e03ce2cef95a4c43c98fcb72ad86909abdfc2c17d227fc1b \
-    --hash=sha256:75d10d37a47afee94919c4fab4c22b9bc2a8bf7d4f46f87363bcf0573f3ff4f5 \
-    --hash=sha256:76af085e67e56c8816c3ccf256ebd136def2ed9654525348cfa744b6802b69eb \
-    --hash=sha256:770cab594ecf99ae64c236bc9ee3439c3f46be49796e265ce0cc8bc17b10294f \
-    --hash=sha256:7a6ab32f7210554a96cd9e33abe3ddd86732beeafc7a28e9955cdf22ffadbab0 \
-    --hash=sha256:7c48ed483eb946e6c04ccbe02c6b4d1d48e51944b6db70f697e089c193404941 \
-    --hash=sha256:7f56930ab0abd1c45cd15be65cc741c28b1c9a34876ce8c17a2fa107810c0af0 \
-    --hash=sha256:8075c35cd58273fee266c58c0c9b670947c19df5fb98e7b66710e04ad4e9ff86 \
-    --hash=sha256:8272b73e1c5603666618805fe821edba66892e2870058c94c53147602eab29c7 \
-    --hash=sha256:82d8fd25b7f4675d0c47cf95b594d4e7b158aca33b76aa63d07186e13c0e0ab7 \
-    --hash=sha256:844da2b5728b5ce0e32d863af26f32b5ce61bc4273a9c720a9f3aa9df73b1455 \
-    --hash=sha256:8755483f3c00d6c9a77f490c17e6ab0c8729e39e6390328e42521ef175380ae6 \
-    --hash=sha256:915f3849a011c1f593ab99092f3cecfcb4d65d8feb4a64cf1bf2d22074dc0ec4 \
-    --hash=sha256:926ca93accd5d36ccdabd803392ddc3e03e6d4cd1cf17deff3b989ab8e9dbcf0 \
-    --hash=sha256:982bb1e8b4ffda883b3d0a521e23abcd6fd17418f6d2c4118d257a10199c0ce3 \
-    --hash=sha256:98f862da73774290f251b9df8d11161b6cf25b599a66baf087c1ffe340e9bfd1 \
-    --hash=sha256:9cbfacf36cb0ec2897ce0ebc5d08ca44213af24265bd56eca54bee7923c48fd6 \
-    --hash=sha256:a370b3e078e418187da8c3674eddb9d983ec09445c99a3a263c2011993522981 \
-    --hash=sha256:a955b438e62efdf7e0b7b52a64dc5c3396e2634baa62471768a64bc2adb73d5c \
-    --hash=sha256:aa6af9e7d59f9c12b33ae4e9450619cf2488e2bbe9b44030905877f0b2324980 \
-    --hash=sha256:aa88ca0b1932e93f2d961bf3addbb2db902198dca337d88c89e1559e066e7645 \
-    --hash=sha256:aaeeb6a479c7667fbe1099af9617c83aaca22182d6cf8c53966491a0f1b7ffb7 \
-    --hash=sha256:aaf27faa992bfee0264dc1f03f4c75e9fcdda66a519db6b957a3f826e285cf12 \
-    --hash=sha256:b2680962a4848b3c4f155dc2ee64505a9c57186d0d56b43123b17ca3de18f0fa \
-    --hash=sha256:b2d318c11350e10662026ad0eb71bb51c7812fc8590825304ae0bdd4ac283acd \
-    --hash=sha256:b33de11b92e9f75a2b545d6e9b6f37e398d86c3e9e9653c4864eb7e89c5773ef \
-    --hash=sha256:b3daeac64d5b371dea99714f08ffc2c208522ec6b06fbc7866a450dd446f5c0f \
-    --hash=sha256:be1e352acbe3c78727a16a455126d9ff83ea2dfdcbc83148d2982305a04714c2 \
-    --hash=sha256:bee093bf902e1d8fc0ac143c88902c3dfc8941f7ea1d6a8dd2bcb786d33db03d \
-    --hash=sha256:c72fbbe68c6f32f251bdc08b8611c7b3060612236e960ef848e0a517ddbe76c5 \
-    --hash=sha256:c9e36a97bee9b86ef9a1cf7bb96747eb7a15c2f22bdb5b516434b00f2a599f02 \
-    --hash=sha256:cddf7bd982eaa998934a91f69d182aec997c6c468898efe6679af88283b498d3 \
-    --hash=sha256:cf713fe9a71ef6fd5adf7a79670135081cd4431c2943864757f0fa3a65b1fafd \
-    --hash=sha256:d11b54acf878eef558599658b0ffca78138c8c3655cf4f3a4a673c437e67732e \
-    --hash=sha256:d41c4d287cfc69060fa91cae9683eacffad989f1a10811995fa309df656ec214 \
-    --hash=sha256:d524ba3f1581b35c03cb42beebab4a13e6cdad7b36246bd22541fa585a56cccd \
-    --hash=sha256:daac4765328a919a805fa5e2720f3e94767abd632ae410a9062dff5412bae65a \
-    --hash=sha256:db4c7bf0e07fc3b7d89ac2a5880a6a8062056801b83ff56d8464b70f65482b6c \
-    --hash=sha256:dc7039885fa1baf9be153a0626e337aa7ec8bf96b0128605fb0d77788ddc1681 \
-    --hash=sha256:dccab8d5fa1ef9bfba0590ecf4d46df048d18ffe3eec01eeb73a42e0d9e7a8ba \
-    --hash=sha256:dedb8adb91d11846ee08bec4c8236c8549ac721c245678282dcb06b221aab59f \
-    --hash=sha256:e45ba65510e2647721e35323d6ef54c7974959f6081b58d4ef5d87c60c84919a \
-    --hash=sha256:e53efc7c7cee4c1e70661e2e112ca46a575f90ed9ae3fef200f2a25e954f4b28 \
-    --hash=sha256:e635b87f01ebc977342e2697d05b56632f5f879a4f15955dfe8cef2448b51691 \
-    --hash=sha256:e70e990b2137b29dc5564715de1e12701815dacc1d056308e2b17e9095372a82 \
-    --hash=sha256:e8082b26888e2f8b36a042a58307d5b917ef2b1cacab921ad3323ef91901c71a \
-    --hash=sha256:e8323a9b031aa0393768b87f04b4164a40037fb2a3c11ac06a03ffecd3618027 \
-    --hash=sha256:e92fca20c46e9f5e1bb485887d074918b13543b1c2a1185e69bb8d17ab6236a7 \
-    --hash=sha256:eb30abc20df9ab0814b5a2524f23d75dcf83cde762c161917a2b4b7b55b1e518 \
-    --hash=sha256:eba9904b0f38a143592d9fc0e19e2df0fa2e41c3c3745554761c5f6447eedabf \
-    --hash=sha256:ef8de666d6179b009dce7bcb2ad4c4a779f113f12caf8dc77f0162c29d20490b \
-    --hash=sha256:efd387a49825780ff861998cd959767800d54f8308936b21025326de4b5a42b9 \
-    --hash=sha256:f0aa37f3c979cf2546b73e8222bbfa3dc07a641585340179d768068e3455e544 \
-    --hash=sha256:f4074c5a429281bf056ddd4c5d3b740ebca4d43ffffe2ef4bf4d2d05114299da \
-    --hash=sha256:f69a27e45c43520f5487f27627059b64aaf160415589230992cec34c5e18a509 \
-    --hash=sha256:fb707f3e15060adf5b7ada797624a6c6e0138e2a26baa089df64c68ee98e040f \
-    --hash=sha256:fcbe676a55d7445b22c10967bceaaf0ee69407fbe0ece4d032b6eb8d4565982a \
-    --hash=sha256:fdb20a30fe1175ecabed17cbf7812f7b804b8a315a25f24678bcdf120a90077f
+charset-normalizer==3.4.4 \
+    --hash=sha256:027f6de494925c0ab2a55eab46ae5129951638a49a34d87f4c3eda90f696b4ad \
+    --hash=sha256:077fbb858e903c73f6c9db43374fd213b0b6a778106bc7032446a8e8b5b38b93 \
+    --hash=sha256:0a98e6759f854bd25a58a73fa88833fba3b7c491169f86ce1180c948ab3fd394 \
+    --hash=sha256:0d3d8f15c07f86e9ff82319b3d9ef6f4bf907608f53fe9d92b28ea9ae3d1fd89 \
+    --hash=sha256:0f04b14ffe5fdc8c4933862d8306109a2c51e0704acfa35d51598eb45a1e89fc \
+    --hash=sha256:11d694519d7f29d6cd09f6ac70028dba10f92f6cdd059096db198c283794ac86 \
+    --hash=sha256:194f08cbb32dc406d6e1aea671a68be0823673db2832b38405deba2fb0d88f63 \
+    --hash=sha256:1bee1e43c28aa63cb16e5c14e582580546b08e535299b8b6158a7c9c768a1f3d \
+    --hash=sha256:21d142cc6c0ec30d2efee5068ca36c128a30b0f2c53c1c07bd78cb6bc1d3be5f \
+    --hash=sha256:2437418e20515acec67d86e12bf70056a33abdacb5cb1655042f6538d6b085a8 \
+    --hash=sha256:244bfb999c71b35de57821b8ea746b24e863398194a4014e4c76adc2bbdfeff0 \
+    --hash=sha256:2677acec1a2f8ef614c6888b5b4ae4060cc184174a938ed4e8ef690e15d3e505 \
+    --hash=sha256:277e970e750505ed74c832b4bf75dac7476262ee2a013f5574dd49075879e161 \
+    --hash=sha256:2aaba3b0819274cc41757a1da876f810a3e4d7b6eb25699253a4effef9e8e4af \
+    --hash=sha256:2b7d8f6c26245217bd2ad053761201e9f9680f8ce52f0fcd8d0755aeae5b2152 \
+    --hash=sha256:2c9d3c380143a1fedbff95a312aa798578371eb29da42106a29019368a475318 \
+    --hash=sha256:3162d5d8ce1bb98dd51af660f2121c55d0fa541b46dff7bb9b9f86ea1d87de72 \
+    --hash=sha256:31fd66405eaf47bb62e8cd575dc621c56c668f27d46a61d975a249930dd5e2a4 \
+    --hash=sha256:362d61fd13843997c1c446760ef36f240cf81d3ebf74ac62652aebaf7838561e \
+    --hash=sha256:376bec83a63b8021bb5c8ea75e21c4ccb86e7e45ca4eb81146091b56599b80c3 \
+    --hash=sha256:44c2a8734b333e0578090c4cd6b16f275e07aa6614ca8715e6c038e865e70576 \
+    --hash=sha256:47cc91b2f4dd2833fddaedd2893006b0106129d4b94fdb6af1f4ce5a9965577c \
+    --hash=sha256:4902828217069c3c5c71094537a8e623f5d097858ac6ca8252f7b4d10b7560f1 \
+    --hash=sha256:4bd5d4137d500351a30687c2d3971758aac9a19208fc110ccb9d7188fbe709e8 \
+    --hash=sha256:4fe7859a4e3e8457458e2ff592f15ccb02f3da787fcd31e0183879c3ad4692a1 \
+    --hash=sha256:542d2cee80be6f80247095cc36c418f7bddd14f4a6de45af91dfad36d817bba2 \
+    --hash=sha256:554af85e960429cf30784dd47447d5125aaa3b99a6f0683589dbd27e2f45da44 \
+    --hash=sha256:5833d2c39d8896e4e19b689ffc198f08ea58116bee26dea51e362ecc7cd3ed26 \
+    --hash=sha256:5947809c8a2417be3267efc979c47d76a079758166f7d43ef5ae8e9f92751f88 \
+    --hash=sha256:5ae497466c7901d54b639cf42d5b8c1b6a4fead55215500d2f486d34db48d016 \
+    --hash=sha256:5bd2293095d766545ec1a8f612559f6b40abc0eb18bb2f5d1171872d34036ede \
+    --hash=sha256:5bfbb1b9acf3334612667b61bd3002196fe2a1eb4dd74d247e0f2a4d50ec9bbf \
+    --hash=sha256:5cb4d72eea50c8868f5288b7f7f33ed276118325c1dfd3957089f6b519e1382a \
+    --hash=sha256:5dbe56a36425d26d6cfb40ce79c314a2e4dd6211d51d6d2191c00bed34f354cc \
+    --hash=sha256:5f819d5fe9234f9f82d75bdfa9aef3a3d72c4d24a6e57aeaebba32a704553aa0 \
+    --hash=sha256:64b55f9dce520635f018f907ff1b0df1fdc31f2795a922fb49dd14fbcdf48c84 \
+    --hash=sha256:6515f3182dbe4ea06ced2d9e8666d97b46ef4c75e326b79bb624110f122551db \
+    --hash=sha256:65e2befcd84bc6f37095f5961e68a6f077bf44946771354a28ad434c2cce0ae1 \
+    --hash=sha256:6aee717dcfead04c6eb1ce3bd29ac1e22663cdea57f943c87d1eab9a025438d7 \
+    --hash=sha256:6b39f987ae8ccdf0d2642338faf2abb1862340facc796048b604ef14919e55ed \
+    --hash=sha256:6e1fcf0720908f200cd21aa4e6750a48ff6ce4afe7ff5a79a90d5ed8a08296f8 \
+    --hash=sha256:74018750915ee7ad843a774364e13a3db91682f26142baddf775342c3f5b1133 \
+    --hash=sha256:74664978bb272435107de04e36db5a9735e78232b85b77d45cfb38f758efd33e \
+    --hash=sha256:74bb723680f9f7a6234dcf67aea57e708ec1fbdf5699fb91dfd6f511b0a320ef \
+    --hash=sha256:752944c7ffbfdd10c074dc58ec2d5a8a4cd9493b314d367c14d24c17684ddd14 \
+    --hash=sha256:778d2e08eda00f4256d7f672ca9fef386071c9202f5e4607920b86d7803387f2 \
+    --hash=sha256:780236ac706e66881f3b7f2f32dfe90507a09e67d1d454c762cf642e6e1586e0 \
+    --hash=sha256:798d75d81754988d2565bff1b97ba5a44411867c0cf32b77a7e8f8d84796b10d \
+    --hash=sha256:799a7a5e4fb2d5898c60b640fd4981d6a25f1c11790935a44ce38c54e985f828 \
+    --hash=sha256:7a32c560861a02ff789ad905a2fe94e3f840803362c84fecf1851cb4cf3dc37f \
+    --hash=sha256:7c308f7e26e4363d79df40ca5b2be1c6ba9f02bdbccfed5abddb7859a6ce72cf \
+    --hash=sha256:7fa17817dc5625de8a027cb8b26d9fefa3ea28c8253929b8d6649e705d2835b6 \
+    --hash=sha256:81d5eb2a312700f4ecaa977a8235b634ce853200e828fbadf3a9c50bab278328 \
+    --hash=sha256:82004af6c302b5d3ab2cfc4cc5f29db16123b1a8417f2e25f9066f91d4411090 \
+    --hash=sha256:837c2ce8c5a65a2035be9b3569c684358dfbf109fd3b6969630a87535495ceaa \
+    --hash=sha256:840c25fb618a231545cbab0564a799f101b63b9901f2569faecd6b222ac72381 \
+    --hash=sha256:8a6562c3700cce886c5be75ade4a5db4214fda19fede41d9792d100288d8f94c \
+    --hash=sha256:8af65f14dc14a79b924524b1e7fffe304517b2bff5a58bf64f30b98bbc5079eb \
+    --hash=sha256:8ef3c867360f88ac904fd3f5e1f902f13307af9052646963ee08ff4f131adafc \
+    --hash=sha256:94537985111c35f28720e43603b8e7b43a6ecfb2ce1d3058bbe955b73404e21a \
+    --hash=sha256:99ae2cffebb06e6c22bdc25801d7b30f503cc87dbd283479e7b606f70aff57ec \
+    --hash=sha256:9a26f18905b8dd5d685d6d07b0cdf98a79f3c7a918906af7cc143ea2e164c8bc \
+    --hash=sha256:9b35f4c90079ff2e2edc5b26c0c77925e5d2d255c42c74fdb70fb49b172726ac \
+    --hash=sha256:9cd98cdc06614a2f768d2b7286d66805f94c48cde050acdbbb7db2600ab3197e \
+    --hash=sha256:9d1bb833febdff5c8927f922386db610b49db6e0d4f4ee29601d71e7c2694313 \
+    --hash=sha256:9f7fcd74d410a36883701fafa2482a6af2ff5ba96b9a620e9e0721e28ead5569 \
+    --hash=sha256:a59cb51917aa591b1c4e6a43c132f0cdc3c76dbad6155df4e28ee626cc77a0a3 \
+    --hash=sha256:a61900df84c667873b292c3de315a786dd8dac506704dea57bc957bd31e22c7d \
+    --hash=sha256:a79cfe37875f822425b89a82333404539ae63dbdddf97f84dcbc3d339aae9525 \
+    --hash=sha256:a8a8b89589086a25749f471e6a900d3f662d1d3b6e2e59dcecf787b1cc3a1894 \
+    --hash=sha256:a8bf8d0f749c5757af2142fe7903a9df1d2e8aa3841559b2bad34b08d0e2bcf3 \
+    --hash=sha256:a9768c477b9d7bd54bc0c86dbaebdec6f03306675526c9927c0e8a04e8f94af9 \
+    --hash=sha256:ac1c4a689edcc530fc9d9aa11f5774b9e2f33f9a0c6a57864e90908f5208d30a \
+    --hash=sha256:af2d8c67d8e573d6de5bc30cdb27e9b95e49115cd9baad5ddbd1a6207aaa82a9 \
+    --hash=sha256:b435cba5f4f750aa6c0a0d92c541fb79f69a387c91e61f1795227e4ed9cece14 \
+    --hash=sha256:b5b290ccc2a263e8d185130284f8501e3e36c5e02750fc6b6bdeb2e9e96f1e25 \
+    --hash=sha256:b5d84d37db046c5ca74ee7bb47dd6cbc13f80665fdde3e8040bdd3fb015ecb50 \
+    --hash=sha256:b7cf1017d601aa35e6bb650b6ad28652c9cd78ee6caff19f3c28d03e1c80acbf \
+    --hash=sha256:bc7637e2f80d8530ee4a78e878bce464f70087ce73cf7c1caf142416923b98f1 \
+    --hash=sha256:c0463276121fdee9c49b98908b3a89c39be45d86d1dbaa22957e38f6321d4ce3 \
+    --hash=sha256:c4ef880e27901b6cc782f1b95f82da9313c0eb95c3af699103088fa0ac3ce9ac \
+    --hash=sha256:c8ae8a0f02f57a6e61203a31428fa1d677cbe50c93622b4149d5c0f319c1d19e \
+    --hash=sha256:ca5862d5b3928c4940729dacc329aa9102900382fea192fc5e52eb69d6093815 \
+    --hash=sha256:cb01158d8b88ee68f15949894ccc6712278243d95f344770fa7593fa2d94410c \
+    --hash=sha256:cb6254dc36b47a990e59e1068afacdcd02958bdcce30bb50cc1700a8b9d624a6 \
+    --hash=sha256:cc00f04ed596e9dc0da42ed17ac5e596c6ccba999ba6bd92b0e0aef2f170f2d6 \
+    --hash=sha256:cd09d08005f958f370f539f186d10aec3377d55b9eeb0d796025d4886119d76e \
+    --hash=sha256:cd4b7ca9984e5e7985c12bc60a6f173f3c958eae74f3ef6624bb6b26e2abbae4 \
+    --hash=sha256:ce8a0633f41a967713a59c4139d29110c07e826d131a316b50ce11b1d79b4f84 \
+    --hash=sha256:cead0978fc57397645f12578bfd2d5ea9138ea0fac82b2f63f7f7c6877986a69 \
+    --hash=sha256:d055ec1e26e441f6187acf818b73564e6e6282709e9bcb5b63f5b23068356a15 \
+    --hash=sha256:d1f13550535ad8cff21b8d757a3257963e951d96e20ec82ab44bc64aeb62a191 \
+    --hash=sha256:d9c7f57c3d666a53421049053eaacdd14bbd0a528e2186fcb2e672effd053bb0 \
+    --hash=sha256:d9e45d7faa48ee908174d8fe84854479ef838fc6a705c9315372eacbc2f02897 \
+    --hash=sha256:da3326d9e65ef63a817ecbcc0df6e94463713b754fe293eaa03da99befb9a5bd \
+    --hash=sha256:de00632ca48df9daf77a2c65a484531649261ec9f25489917f09e455cb09ddb2 \
+    --hash=sha256:e1f185f86a6f3403aa2420e815904c67b2f9ebc443f045edd0de921108345794 \
+    --hash=sha256:e824f1492727fa856dd6eda4f7cee25f8518a12f3c4a56a74e8095695089cf6d \
+    --hash=sha256:e912091979546adf63357d7e2ccff9b44f026c075aeaf25a52d0e95ad2281074 \
+    --hash=sha256:eaabd426fe94daf8fd157c32e571c85cb12e66692f15516a83a03264b08d06c3 \
+    --hash=sha256:ebf3e58c7ec8a8bed6d66a75d7fb37b55e5015b03ceae72a8e7c74495551e224 \
+    --hash=sha256:ecaae4149d99b1c9e7b88bb03e3221956f68fd6d50be2ef061b2381b61d20838 \
+    --hash=sha256:eecbc200c7fd5ddb9a7f16c7decb07b566c29fa2161a16cf67b8d068bd21690a \
+    --hash=sha256:f155a433c2ec037d4e8df17d18922c3a0d9b3232a396690f17175d2946f0218d \
+    --hash=sha256:f1e34719c6ed0b92f418c7c780480b26b5d9c50349e9a9af7d76bf757530350d \
+    --hash=sha256:f34be2938726fc13801220747472850852fe6b1ea75869a048d6f896838c896f \
+    --hash=sha256:f820802628d2694cb7e56db99213f930856014862f3fd943d290ea8438d07ca8 \
+    --hash=sha256:f8bf04158c6b607d747e93949aa60618b61312fe647a6369f88ce2ff16043490 \
+    --hash=sha256:f8e160feb2aed042cd657a72acc0b481212ed28b1b9a95c0cee1621b524e1966 \
+    --hash=sha256:f9d332f8c2a2fcbffe1378594431458ddbef721c1769d78e2cbc06280d8155f9 \
+    --hash=sha256:fa09f53c465e532f4d3db095e0c55b615f010ad81803d383195b6b5ca6cbf5f3 \
+    --hash=sha256:faa3a41b2b66b6e50f84ae4a68c64fcd0c44355741c6374813a800cd6695db9e \
+    --hash=sha256:fd44c878ea55ba351104cb93cc85e74916eb8fa440ca7903e57575e97394f608
    # via requests
-idna==3.10 \
-    --hash=sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9 \
-    --hash=sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3
+idna==3.11 \
+    --hash=sha256:771a87f49d9defaf64091e6e6fe9c18d4833f140bd19464795bc32d966ca37ea \
+    --hash=sha256:795dafcc9c04ed0c1fb032c2aa73654d8e8c5023a7df64a53f39190ada629902
    # via requests
-jc==1.25.5 \
-    --hash=sha256:a2ec1e7bcadeb977f278b36a1619d85ea9070ab2b81aba74b7ee2c36470c3f8f \
-    --hash=sha256:f8ac0e4bc427b0ee8a3bdb07a254cc9df6b6036cd440f6c425e2e519cdbda78a
+jc==1.25.6 \
+    --hash=sha256:27f58befc7ae0a4c63322926c5f1ec892e3eac4a065eff3b07cfe420a6924a07 \
+    --hash=sha256:7367b59e6e0da8babeede1e5b0da083f3c5aa6b6e585b4aed28dd7c4b2d76162
    # via -r contrib/dev_reqs/requirements.in
 pygments==2.19.2 \
    --hash=sha256:636cb2477cec7f8952536970bc533bc43743542f70392ae026374600add5b887 \
    --hash=sha256:86540386c03d588bb81d44bc3928634ff26449851e99741617ecb9037ee5ec0b
    # via jc
-pyyaml==6.0.2 \
-    --hash=sha256:01179a4a8559ab5de078078f37e5c1a30d76bb88519906844fd7bdea1b7729ff \
-    --hash=sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48 \
-    --hash=sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086 \
-    --hash=sha256:0b69e4ce7a131fe56b7e4d770c67429700908fc0752af059838b1cfb41960e4e \
-    --hash=sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133 \
-    --hash=sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5 \
-    --hash=sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484 \
-    --hash=sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee \
-    --hash=sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5 \
-    --hash=sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68 \
-    --hash=sha256:24471b829b3bf607e04e88d79542a9d48bb037c2267d7927a874e6c205ca7e9a \
-    --hash=sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf \
-    --hash=sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99 \
-    --hash=sha256:39693e1f8320ae4f43943590b49779ffb98acb81f788220ea932a6b6c51004d8 \
-    --hash=sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85 \
-    --hash=sha256:3b1fdb9dc17f5a7677423d508ab4f243a726dea51fa5e70992e59a7411c89d19 \
-    --hash=sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc \
-    --hash=sha256:43fa96a3ca0d6b1812e01ced1044a003533c47f6ee8aca31724f78e93ccc089a \
-    --hash=sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1 \
-    --hash=sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317 \
-    --hash=sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c \
-    --hash=sha256:6395c297d42274772abc367baaa79683958044e5d3835486c16da75d2a694631 \
-    --hash=sha256:688ba32a1cffef67fd2e9398a2efebaea461578b0923624778664cc1c914db5d \
-    --hash=sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652 \
-    --hash=sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5 \
-    --hash=sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e \
-    --hash=sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b \
-    --hash=sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8 \
-    --hash=sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476 \
-    --hash=sha256:82d09873e40955485746739bcb8b4586983670466c23382c19cffecbf1fd8706 \
-    --hash=sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563 \
-    --hash=sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237 \
-    --hash=sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b \
-    --hash=sha256:9056c1ecd25795207ad294bcf39f2db3d845767be0ea6e6a34d856f006006083 \
-    --hash=sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180 \
-    --hash=sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425 \
-    --hash=sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e \
-    --hash=sha256:a8786accb172bd8afb8be14490a16625cbc387036876ab6ba70912730faf8e1f \
-    --hash=sha256:a9f8c2e67970f13b16084e04f134610fd1d374bf477b17ec1599185cf611d725 \
-    --hash=sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183 \
-    --hash=sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab \
-    --hash=sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774 \
-    --hash=sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725 \
-    --hash=sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e \
-    --hash=sha256:d7fded462629cfa4b685c5416b949ebad6cec74af5e2d42905d41e257e0869f5 \
-    --hash=sha256:d84a1718ee396f54f3a086ea0a66d8e552b2ab2017ef8b420e92edbc841c352d \
-    --hash=sha256:d8e03406cac8513435335dbab54c0d385e4a49e4945d2909a581c83647ca0290 \
-    --hash=sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44 \
-    --hash=sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed \
-    --hash=sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4 \
-    --hash=sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba \
-    --hash=sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12 \
-    --hash=sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4
+pyyaml==6.0.3 \
+    --hash=sha256:00c4bdeba853cc34e7dd471f16b4114f4162dc03e6b7afcc2128711f0eca823c \
+    --hash=sha256:0150219816b6a1fa26fb4699fb7daa9caf09eb1999f3b70fb6e786805e80375a \
+    --hash=sha256:02893d100e99e03eda1c8fd5c441d8c60103fd175728e23e431db1b589cf5ab3 \
+    --hash=sha256:02ea2dfa234451bbb8772601d7b8e426c2bfa197136796224e50e35a78777956 \
+    --hash=sha256:0f29edc409a6392443abf94b9cf89ce99889a1dd5376d94316ae5145dfedd5d6 \
+    --hash=sha256:10892704fc220243f5305762e276552a0395f7beb4dbf9b14ec8fd43b57f126c \
+    --hash=sha256:16249ee61e95f858e83976573de0f5b2893b3677ba71c9dd36b9cf8be9ac6d65 \
+    --hash=sha256:1d37d57ad971609cf3c53ba6a7e365e40660e3be0e5175fa9f2365a379d6095a \
+    --hash=sha256:1ebe39cb5fc479422b83de611d14e2c0d3bb2a18bbcb01f229ab3cfbd8fee7a0 \
+    --hash=sha256:214ed4befebe12df36bcc8bc2b64b396ca31be9304b8f59e25c11cf94a4c033b \
+    --hash=sha256:2283a07e2c21a2aa78d9c4442724ec1eb15f5e42a723b99cb3d822d48f5f7ad1 \
+    --hash=sha256:22ba7cfcad58ef3ecddc7ed1db3409af68d023b7f940da23c6c2a1890976eda6 \
+    --hash=sha256:27c0abcb4a5dac13684a37f76e701e054692a9b2d3064b70f5e4eb54810553d7 \
+    --hash=sha256:28c8d926f98f432f88adc23edf2e6d4921ac26fb084b028c733d01868d19007e \
+    --hash=sha256:2e71d11abed7344e42a8849600193d15b6def118602c4c176f748e4583246007 \
+    --hash=sha256:34d5fcd24b8445fadc33f9cf348c1047101756fd760b4dacb5c3e99755703310 \
+    --hash=sha256:37503bfbfc9d2c40b344d06b2199cf0e96e97957ab1c1b546fd4f87e53e5d3e4 \
+    --hash=sha256:3c5677e12444c15717b902a5798264fa7909e41153cdf9ef7ad571b704a63dd9 \
+    --hash=sha256:3ff07ec89bae51176c0549bc4c63aa6202991da2d9a6129d7aef7f1407d3f295 \
+    --hash=sha256:41715c910c881bc081f1e8872880d3c650acf13dfa8214bad49ed4cede7c34ea \
+    --hash=sha256:418cf3f2111bc80e0933b2cd8cd04f286338bb88bdc7bc8e6dd775ebde60b5e0 \
+    --hash=sha256:44edc647873928551a01e7a563d7452ccdebee747728c1080d881d68af7b997e \
+    --hash=sha256:4a2e8cebe2ff6ab7d1050ecd59c25d4c8bd7e6f400f5f82b96557ac0abafd0ac \
+    --hash=sha256:4ad1906908f2f5ae4e5a8ddfce73c320c2a1429ec52eafd27138b7f1cbe341c9 \
+    --hash=sha256:501a031947e3a9025ed4405a168e6ef5ae3126c59f90ce0cd6f2bfc477be31b7 \
+    --hash=sha256:5190d403f121660ce8d1d2c1bb2ef1bd05b5f68533fc5c2ea899bd15f4399b35 \
+    --hash=sha256:5498cd1645aa724a7c71c8f378eb29ebe23da2fc0d7a08071d89469bf1d2defb \
+    --hash=sha256:5cf4e27da7e3fbed4d6c3d8e797387aaad68102272f8f9752883bc32d61cb87b \
+    --hash=sha256:5e0b74767e5f8c593e8c9b5912019159ed0533c70051e9cce3e8b6aa699fcd69 \
+    --hash=sha256:5ed875a24292240029e4483f9d4a4b8a1ae08843b9c54f43fcc11e404532a8a5 \
+    --hash=sha256:5fcd34e47f6e0b794d17de1b4ff496c00986e1c83f7ab2fb8fcfe9616ff7477b \
+    --hash=sha256:5fdec68f91a0c6739b380c83b951e2c72ac0197ace422360e6d5a959d8d97b2c \
+    --hash=sha256:6344df0d5755a2c9a276d4473ae6b90647e216ab4757f8426893b5dd2ac3f369 \
+    --hash=sha256:64386e5e707d03a7e172c0701abfb7e10f0fb753ee1d773128192742712a98fd \
+    --hash=sha256:652cb6edd41e718550aad172851962662ff2681490a8a711af6a4d288dd96824 \
+    --hash=sha256:66291b10affd76d76f54fad28e22e51719ef9ba22b29e1d7d03d6777a9174198 \
+    --hash=sha256:66e1674c3ef6f541c35191caae2d429b967b99e02040f5ba928632d9a7f0f065 \
+    --hash=sha256:6adc77889b628398debc7b65c073bcb99c4a0237b248cacaf3fe8a557563ef6c \
+    --hash=sha256:79005a0d97d5ddabfeeea4cf676af11e647e41d81c9a7722a193022accdb6b7c \
+    --hash=sha256:7c6610def4f163542a622a73fb39f534f8c101d690126992300bf3207eab9764 \
+    --hash=sha256:7f047e29dcae44602496db43be01ad42fc6f1cc0d8cd6c83d342306c32270196 \
+    --hash=sha256:8098f252adfa6c80ab48096053f512f2321f0b998f98150cea9bd23d83e1467b \
+    --hash=sha256:850774a7879607d3a6f50d36d04f00ee69e7fc816450e5f7e58d7f17f1ae5c00 \
+    --hash=sha256:8d1fab6bb153a416f9aeb4b8763bc0f22a5586065f86f7664fc23339fc1c1fac \
+    --hash=sha256:8da9669d359f02c0b91ccc01cac4a67f16afec0dac22c2ad09f46bee0697eba8 \
+    --hash=sha256:8dc52c23056b9ddd46818a57b78404882310fb473d63f17b07d5c40421e47f8e \
+    --hash=sha256:9149cad251584d5fb4981be1ecde53a1ca46c891a79788c0df828d2f166bda28 \
+    --hash=sha256:93dda82c9c22deb0a405ea4dc5f2d0cda384168e466364dec6255b293923b2f3 \
+    --hash=sha256:96b533f0e99f6579b3d4d4995707cf36df9100d67e0c8303a0c55b27b5f99bc5 \
+    --hash=sha256:9c57bb8c96f6d1808c030b1687b9b5fb476abaa47f0db9c0101f5e9f394e97f4 \
+    --hash=sha256:9c7708761fccb9397fe64bbc0395abcae8c4bf7b0eac081e12b809bf47700d0b \
+    --hash=sha256:9f3bfb4965eb874431221a3ff3fdcddc7e74e3b07799e0e84ca4a0f867d449bf \
+    --hash=sha256:a33284e20b78bd4a18c8c2282d549d10bc8408a2a7ff57653c0cf0b9be0afce5 \
+    --hash=sha256:a80cb027f6b349846a3bf6d73b5e95e782175e52f22108cfa17876aaeff93702 \
+    --hash=sha256:b30236e45cf30d2b8e7b3e85881719e98507abed1011bf463a8fa23e9c3e98a8 \
+    --hash=sha256:b3bc83488de33889877a0f2543ade9f70c67d66d9ebb4ac959502e12de895788 \
+    --hash=sha256:b865addae83924361678b652338317d1bd7e79b1f4596f96b96c77a5a34b34da \
+    --hash=sha256:b8bb0864c5a28024fac8a632c443c87c5aa6f215c0b126c449ae1a150412f31d \
+    --hash=sha256:ba1cc08a7ccde2d2ec775841541641e4548226580ab850948cbfda66a1befcdc \
+    --hash=sha256:bdb2c67c6c1390b63c6ff89f210c8fd09d9a1217a465701eac7316313c915e4c \
+    --hash=sha256:c1ff362665ae507275af2853520967820d9124984e0f7466736aea23d8611fba \
+    --hash=sha256:c2514fceb77bc5e7a2f7adfaa1feb2fb311607c9cb518dbc378688ec73d8292f \
+    --hash=sha256:c3355370a2c156cffb25e876646f149d5d68f5e0a3ce86a5084dd0b64a994917 \
+    --hash=sha256:c458b6d084f9b935061bc36216e8a69a7e293a2f1e68bf956dcd9e6cbcd143f5 \
+    --hash=sha256:d0eae10f8159e8fdad514efdc92d74fd8d682c933a6dd088030f3834bc8e6b26 \
+    --hash=sha256:d76623373421df22fb4cf8817020cbb7ef15c725b9d5e45f17e189bfc384190f \
+    --hash=sha256:ebc55a14a21cb14062aa4162f906cd962b28e2e9ea38f9b4391244cd8de4ae0b \
+    --hash=sha256:eda16858a3cab07b80edaf74336ece1f986ba330fdb8ee0d6c0d68fe82bc96be \
+    --hash=sha256:ee2922902c45ae8ccada2c5b501ab86c36525b883eff4255313a253a3160861c \
+    --hash=sha256:efd7b85f94a6f21e4932043973a7ba2613b059c4a000551892ac9f1d11f5baf3 \
+    --hash=sha256:f7057c9a337546edc7973c0d3ba84ddcdf0daa14533c2065749c9075001090e6 \
+    --hash=sha256:fa160448684b4e94d80416c0fa4aac48967a969efe22931448d853ada8baf926 \
+    --hash=sha256:fc09d0aa354569bc501d4e787133afc08552722d3ab34836a80547331bb5d4a0
    # via -r contrib/dev_reqs/requirements.in
 requests==2.32.5 \
    --hash=sha256:2462f94637a34fd532264295e186976db0f5d453d1cdd31473c85a6a161affb6 \
    --hash=sha256:dbba0bac56e100853db0ea71b82b4dfd5fe2bf6d3754a8893c3af500cec7d7cf
    # via -r contrib/dev_reqs/requirements.in
-ruamel-yaml==0.18.14 \
-    --hash=sha256:710ff198bb53da66718c7db27eec4fbcc9aa6ca7204e4c1df2f282b6fe5eb6b2 \
-    --hash=sha256:7227b76aaec364df15936730efbf7d72b30c0b79b1d578bbb8e3dcb2d81f52b7
+ruamel-yaml==0.18.15 \
+    --hash=sha256:148f6488d698b7a5eded5ea793a025308b25eca97208181b6a026037f391f701 \
+    --hash=sha256:dbfca74b018c4c3fba0b9cc9ee33e53c371194a9000e694995e620490fd40700
    # via jc
-ruamel-yaml-clib==0.2.12 \
-    --hash=sha256:040ae85536960525ea62868b642bdb0c2cc6021c9f9d507810c0c604e66f5a7b \
-    --hash=sha256:0467c5965282c62203273b838ae77c0d29d7638c8a4e3a1c8bdd3602c10904e4 \
-    --hash=sha256:0b7e75b4965e1d4690e93021adfcecccbca7d61c7bddd8e22406ef2ff20d74ef \
-    --hash=sha256:11f891336688faf5156a36293a9c362bdc7c88f03a8a027c2c1d8e0bcde998e5 \
-    --hash=sha256:1492a6051dab8d912fc2adeef0e8c72216b24d57bd896ea607cb90bb0c4981d3 \
-    --hash=sha256:20b0f8dc160ba83b6dcc0e256846e1a02d044e13f7ea74a3d1d56ede4e48c632 \
-    --hash=sha256:22353049ba4181685023b25b5b51a574bce33e7f51c759371a7422dcae5402a6 \
-    --hash=sha256:2c59aa6170b990d8d2719323e628aaf36f3bfbc1c26279c0eeeb24d05d2d11c7 \
-    --hash=sha256:32621c177bbf782ca5a18ba4d7af0f1082a3f6e517ac2a18b3974d4edf349680 \
-    --hash=sha256:3bc2a80e6420ca8b7d3590791e2dfc709c88ab9152c00eeb511c9875ce5778bf \
-    --hash=sha256:3eac5a91891ceb88138c113f9db04f3cebdae277f5d44eaa3651a4f573e6a5da \
-    --hash=sha256:4a6679521a58256a90b0d89e03992c15144c5f3858f40d7c18886023d7943db6 \
-    --hash=sha256:4c8c5d82f50bb53986a5e02d1b3092b03622c02c2eb78e29bec33fd9593bae1a \
-    --hash=sha256:4f6f3eac23941b32afccc23081e1f50612bdbe4e982012ef4f5797986828cd01 \
-    --hash=sha256:5a0e060aace4c24dcaf71023bbd7d42674e3b230f7e7b97317baf1e953e5b519 \
-    --hash=sha256:6442cb36270b3afb1b4951f060eccca1ce49f3d087ca1ca4563a6eb479cb3de6 \
-    --hash=sha256:6c8fbb13ec503f99a91901ab46e0b07ae7941cd527393187039aec586fdfd36f \
-    --hash=sha256:749c16fcc4a2b09f28843cda5a193e0283e47454b63ec4b81eaa2242f50e4ccd \
-    --hash=sha256:7dd5adc8b930b12c8fc5b99e2d535a09889941aa0d0bd06f4749e9a9397c71d2 \
-    --hash=sha256:811ea1594b8a0fb466172c384267a4e5e367298af6b228931f273b111f17ef52 \
-    --hash=sha256:932205970b9f9991b34f55136be327501903f7c66830e9760a8ffb15b07f05cd \
-    --hash=sha256:943f32bc9dedb3abff9879edc134901df92cfce2c3d5c9348f172f62eb2d771d \
-    --hash=sha256:95c3829bb364fdb8e0332c9931ecf57d9be3519241323c5274bd82f709cebc0c \
-    --hash=sha256:96777d473c05ee3e5e3c3e999f5d23c6f4ec5b0c38c098b3a5229085f74236c6 \
-    --hash=sha256:a274fb2cb086c7a3dea4322ec27f4cb5cc4b6298adb583ab0e211a4682f241eb \
-    --hash=sha256:a52d48f4e7bf9005e8f0a89209bf9a73f7190ddf0489eee5eb51377385f59f2a \
-    --hash=sha256:a606ef75a60ecf3d924613892cc603b154178ee25abb3055db5062da811fd969 \
-    --hash=sha256:ab007f2f5a87bd08ab1499bdf96f3d5c6ad4dcfa364884cb4549aa0154b13a28 \
-    --hash=sha256:b82a7c94a498853aa0b272fd5bc67f29008da798d4f93a2f9f289feb8426a58d \
-    --hash=sha256:bb43a269eb827806502c7c8efb7ae7e9e9d0573257a46e8e952f4d4caba4f31e \
-    --hash=sha256:bc5f1e1c28e966d61d2519f2a3d451ba989f9ea0f2307de7bc45baa526de9e45 \
-    --hash=sha256:bd0a08f0bab19093c54e18a14a10b4322e1eacc5217056f3c063bd2f59853ce4 \
-    --hash=sha256:beffaed67936fbbeffd10966a4eb53c402fafd3d6833770516bf7314bc6ffa12 \
-    --hash=sha256:bf165fef1f223beae7333275156ab2022cffe255dcc51c27f066b4370da81e31 \
-    --hash=sha256:cf12567a7b565cbf65d438dec6cfbe2917d3c1bdddfce84a9930b7d35ea59642 \
-    --hash=sha256:d84318609196d6bd6da0edfa25cedfbabd8dbde5140a0a23af29ad4b8f91fb1e \
-    --hash=sha256:d85252669dc32f98ebcd5d36768f5d4faeaeaa2d655ac0473be490ecdae3c285 \
-    --hash=sha256:e143ada795c341b56de9418c58d028989093ee611aa27ffb9b7f609c00d813ed \
-    --hash=sha256:e188d2699864c11c36cdfdada94d781fd5d6b0071cd9c427bceb08ad3d7c70e1 \
-    --hash=sha256:e2f1c3765db32be59d18ab3953f43ab62a761327aafc1594a2a1fbe038b8b8a7 \
-    --hash=sha256:e5b8daf27af0b90da7bb903a876477a9e6d7270be6146906b276605997c7e9a3 \
-    --hash=sha256:e7e3736715fbf53e9be2a79eb4db68e4ed857017344d697e8b9749444ae57475 \
-    --hash=sha256:e8c4ebfcfd57177b572e2040777b8abc537cdef58a2120e830124946aa9b42c5 \
-    --hash=sha256:f66efbc1caa63c088dead1c4170d148eabc9b80d95fb75b6c92ac0aad2437d76 \
-    --hash=sha256:fc4b630cd3fa2cf7fce38afa91d7cfe844a9f75d7f0f36393fa98815e911d987 \
-    --hash=sha256:fd5415dded15c3822597455bc02bcd66e81ef8b7a48cb71a33628fc9fdde39df
+ruamel-yaml-clib==0.2.15 \
+    --hash=sha256:014181cdec565c8745b7cbc4de3bf2cc8ced05183d986e6d1200168e5bb59490 \
+    --hash=sha256:04d21dc9c57d9608225da28285900762befbb0165ae48482c15d8d4989d4af14 \
+    --hash=sha256:05c70f7f86be6f7bee53794d80050a28ae7e13e4a0087c1839dcdefd68eb36b6 \
+    --hash=sha256:0ba6604bbc3dfcef844631932d06a1a4dcac3fee904efccf582261948431628a \
+    --hash=sha256:11e5499db1ccbc7f4b41f0565e4f799d863ea720e01d3e99fa0b7b5fcd7802c9 \
+    --hash=sha256:1b45498cc81a4724a2d42273d6cfc243c0547ad7c6b87b4f774cb7bcc131c98d \
+    --hash=sha256:1bb7b728fd9f405aa00b4a0b17ba3f3b810d0ccc5f77f7373162e9b5f0ff75d5 \
+    --hash=sha256:1f66f600833af58bea694d5892453f2270695b92200280ee8c625ec5a477eed3 \
+    --hash=sha256:27dc656e84396e6d687f97c6e65fb284d100483628f02d95464fd731743a4afe \
+    --hash=sha256:2812ff359ec1f30129b62372e5f22a52936fac13d5d21e70373dbca5d64bb97c \
+    --hash=sha256:2b216904750889133d9222b7b873c199d48ecbb12912aca78970f84a5aa1a4bc \
+    --hash=sha256:331fb180858dd8534f0e61aa243b944f25e73a4dae9962bd44c46d1761126bbf \
+    --hash=sha256:3cb75a3c14f1d6c3c2a94631e362802f70e83e20d1f2b2ef3026c05b415c4900 \
+    --hash=sha256:3eb199178b08956e5be6288ee0b05b2fb0b5c1f309725ad25d9c6ea7e27f962a \
+    --hash=sha256:424ead8cef3939d690c4b5c85ef5b52155a231ff8b252961b6516ed7cf05f6aa \
+    --hash=sha256:45702dfbea1420ba3450bb3dd9a80b33f0badd57539c6aac09f42584303e0db6 \
+    --hash=sha256:468858e5cbde0198337e6a2a78eda8c3fb148bdf4c6498eaf4bc9ba3f8e780bd \
+    --hash=sha256:46895c17ead5e22bea5e576f1db7e41cb273e8d062c04a6a49013d9f60996c25 \
+    --hash=sha256:46e4cc8c43ef6a94885f72512094e482114a8a706d3c555a34ed4b0d20200600 \
+    --hash=sha256:480894aee0b29752560a9de46c0e5f84a82602f2bc5c6cde8db9a345319acfdf \
+    --hash=sha256:4b293a37dc97e2b1e8a1aec62792d1e52027087c8eea4fc7b5abd2bdafdd6642 \
+    --hash=sha256:4be366220090d7c3424ac2b71c90d1044ea34fca8c0b88f250064fd06087e614 \
+    --hash=sha256:4d1032919280ebc04a80e4fb1e93f7a738129857eaec9448310e638c8bccefcf \
+    --hash=sha256:4d3b58ab2454b4747442ac76fab66739c72b1e2bb9bd173d7694b9f9dbc9c000 \
+    --hash=sha256:4dcec721fddbb62e60c2801ba08c87010bd6b700054a09998c4d09c08147b8fb \
+    --hash=sha256:512571ad41bba04eac7268fe33f7f4742210ca26a81fe0c75357fa682636c690 \
+    --hash=sha256:542d77b72786a35563f97069b9379ce762944e67055bea293480f7734b2c7e5e \
+    --hash=sha256:56ea19c157ed8c74b6be51b5fa1c3aff6e289a041575f0556f66e5fb848bb137 \
+    --hash=sha256:5d3c9210219cbc0f22706f19b154c9a798ff65a6beeafbf77fc9c057ec806f7d \
+    --hash=sha256:5fea0932358e18293407feb921d4f4457db837b67ec1837f87074667449f9401 \
+    --hash=sha256:617d35dc765715fa86f8c3ccdae1e4229055832c452d4ec20856136acc75053f \
+    --hash=sha256:64da03cbe93c1e91af133f5bec37fd24d0d4ba2418eaf970d7166b0a26a148a2 \
+    --hash=sha256:65f48245279f9bb301d1276f9679b82e4c080a1ae25e679f682ac62446fac471 \
+    --hash=sha256:6f1d38cbe622039d111b69e9ca945e7e3efebb30ba998867908773183357f3ed \
+    --hash=sha256:713cd68af9dfbe0bb588e144a61aad8dcc00ef92a82d2e87183ca662d242f524 \
+    --hash=sha256:71845d377c7a47afc6592aacfea738cc8a7e876d586dfba814501d8c53c1ba60 \
+    --hash=sha256:753faf20b3a5906faf1fc50e4ddb8c074cb9b251e00b14c18b28492f933ac8ef \
+    --hash=sha256:7e74ea87307303ba91073b63e67f2c667e93f05a8c63079ee5b7a5c8d0d7b043 \
+    --hash=sha256:88eea8baf72f0ccf232c22124d122a7f26e8a24110a0273d9bcddcb0f7e1fa03 \
+    --hash=sha256:923816815974425fbb1f1bf57e85eca6e14d8adc313c66db21c094927ad01815 \
+    --hash=sha256:9b6f7d74d094d1f3a4e157278da97752f16ee230080ae331fcc219056ca54f77 \
+    --hash=sha256:a8220fd4c6f98485e97aea65e1df76d4fed1678ede1fe1d0eed2957230d287c4 \
+    --hash=sha256:ab0df0648d86a7ecbd9c632e8f8d6b21bb21b5fc9d9e095c796cacf32a728d2d \
+    --hash=sha256:ac9b8d5fa4bb7fd2917ab5027f60d4234345fd366fe39aa711d5dca090aa1467 \
+    --hash=sha256:badd1d7283f3e5894779a6ea8944cc765138b96804496c91812b2829f70e18a7 \
+    --hash=sha256:bdc06ad71173b915167702f55d0f3f027fc61abd975bd308a0968c02db4a4c3e \
+    --hash=sha256:bf0846d629e160223805db9fe8cc7aec16aaa11a07310c50c8c7164efa440aec \
+    --hash=sha256:bfd309b316228acecfa30670c3887dcedf9b7a44ea39e2101e75d2654522acd4 \
+    --hash=sha256:c583229f336682b7212a43d2fa32c30e643d3076178fb9f7a6a14dde85a2d8bd \
+    --hash=sha256:cb15a2e2a90c8475df45c0949793af1ff413acfb0a716b8b94e488ea95ce7cff \
+    --hash=sha256:d290eda8f6ada19e1771b54e5706b8f9807e6bb08e873900d5ba114ced13e02c \
+    --hash=sha256:da3d6adadcf55a93c214d23941aef4abfd45652110aed6580e814152f385b862 \
+    --hash=sha256:dcc7f3162d3711fd5d52e2267e44636e3e566d1e5675a5f0b30e98f2c4af7974 \
+    --hash=sha256:def5663361f6771b18646620fca12968aae730132e104688766cf8a3b1d65922 \
+    --hash=sha256:e5e9f630c73a490b758bf14d859a39f375e6999aea5ddd2e2e9da89b9953486a \
+    --hash=sha256:e9fde97ecb7bb9c41261c2ce0da10323e9227555c674989f8d9eb7572fc2098d \
+    --hash=sha256:ef71831bd61fbdb7aa0399d5c4da06bea37107ab5c79ff884cc07f2450910262 \
+    --hash=sha256:f4421ab780c37210a07d138e56dd4b51f8642187cdfb433eb687fe8c11de0144 \
+    --hash=sha256:f6d3655e95a80325b84c4e14c080b2470fe4f33b6846f288379ce36154993fb1 \
+    --hash=sha256:fd4c928ddf6bce586285daa6d90680b9c291cfd045fc40aad34e445d57b1bf51 \
+    --hash=sha256:fe239bdfdae2302e93bd6e8264bd9b71290218fff7084a9db250b55caaccf43f
    # via ruamel-yaml
-urllib3==2.5.0 \
-    --hash=sha256:3fc47733c7e419d4bc3f6b3dc2b4f890bb743906a30d56ba4a5bfa4bbff92760 \
-    --hash=sha256:e6b01673c0fa6a13e374b50871808eb3bf7046c4b125b216f6bf1cc604cff0dc
+urllib3==2.6.0 \
+    --hash=sha256:c90f7a39f716c572c4e3e58509581ebd83f9b59cced005b7db7ad2d22b0db99f \
+    --hash=sha256:cb9bcef5a4b345d5da5d145dc3e30834f58e8018828cbc724d30b4cb7d4d49f1
    # via requests
-xmltodict==0.14.2 \
-    --hash=sha256:201e7c28bb210e374999d1dde6382923ab0ed1a8a5faeece48ab525b7810a553 \
-    --hash=sha256:20cc7d723ed729276e808f26fb6b3599f786cbc37e06c65e192ba77c40f20aac
+xmltodict==1.0.2 \
+    --hash=sha256:54306780b7c2175a3967cad1db92f218207e5bc1aba697d887807c0fb68b7649 \
+    --hash=sha256:62d0fddb0dcbc9f642745d8bbf4d81fd17d6dfaec5a15b5c1876300aad92af0d
    # via jc
--- a/contrib/install.sh
+++ b/contrib/install.sh
@@ -1,9 +1,9 @@
 #!/usr/bin/env bash
-# This script was generated by bashly 1.1.1 (https://bashly.dannyb.co)
+# This script was generated by bashly 1.3.3 (https://bashly.dev)
 # Modifying it manually is not recommended

-if [[ "${BASH_VERSINFO:-0}" -lt 4 ]]; then
-  printf "bash version 4 or higher is required\n" >&2
+if ((BASH_VERSINFO[0] < 4 || (BASH_VERSINFO[0] == 4 && BASH_VERSINFO[1] < 2))); then
+  printf "bash version 4.2 or higher is required\n" >&2
  exit 1
 fi

@@ -15,7 +15,7 @@ root_command() {
  no_call=${args[--no-call]}
  dry_run=${args[--dry-run]}

-  REQS="wget apt-transport-https"
+  REQS="wget apt-transport-https curl gpg"

  function do_call() {
      if [[ $dry_run ]]; then
@@ -56,17 +56,16 @@ root_command() {
  get_distribution
  echo "### Detected distribution: $OS $VER"
  SUPPORTED=true          # is this OS supported?
-  NEEDS_LIBSSL1_1=false   # does this OS need libssl1.1?

  DIST_OS=${OS,,}
  DIST_VER=$VER

  case "$OS" in
      Ubuntu)
-          if [[ $VER == "22.04" ]]; then
+          if [[ $VER == "24.04" ]]; then
+              SUPPORTED=true
+          elif [[ $VER == "22.04" ]]; then
              SUPPORTED=true
-              NEEDS_LIBSSL1_1=true
-              DIST_VER="20.04"
          elif [[ $VER == "20.04" ]]; then
              SUPPORTED=true
          else
@@ -75,7 +74,6 @@ root_command() {
          ;;
      "Debian GNU/Linux" | "debian gnu/linux" | Raspbian)
          if [[ $VER == "12" ]]; then
-              DIST_VER="11"
              SUPPORTED=true
          elif [[ $VER == "11" ]]; then
              SUPPORTED=true
@@ -111,15 +109,6 @@ root_command() {
      fi
  done

-  if [[ $NEEDS_LIBSSL1_1 == "true" ]]; then
-      echo "### Installing libssl1.1"
-
-      echo "deb http://security.ubuntu.com/ubuntu focal-security main" | sudo tee /etc/apt/sources.list.d/focal-security.list
-      do_call "sudo apt-get update"
-      do_call "sudo apt-get install libssl1.1"
-      sudo rm /etc/apt/sources.list.d/focal-security.list
-  fi
-
  echo "### Getting and adding key"
  curl -fsSL https://dl.packager.io/srv/$publisher/InvenTree/key | gpg --dearmor | tee /etc/apt/trusted.gpg.d/pkgr-inventree.gpg > /dev/null
  echo "### Adding package source"
@@ -146,15 +135,7 @@ version_command() {
 }

 install.sh_usage() {
-  if [[ -n $long_usage ]]; then
-    printf "install.sh - Interactive installer for InvenTree\n"
-    echo
-
-  else
-    printf "install.sh - Interactive installer for InvenTree\n"
-    echo
-
-  fi
+  printf "install.sh - Interactive installer for InvenTree\n\n"

  printf "%s\n" "Usage:"
  printf "  install.sh [SOURCE] [PUBLISHER] [OPTIONS]\n"
@@ -162,7 +143,7 @@ install.sh_usage() {
  printf "  install.sh --version | -v\n"
  echo

-  if [[ -n $long_usage ]]; then
+  if [[ -n "$long_usage" ]]; then
    printf "%s\n" "Options:"

    printf "  %s\n" "--no-call, -n"
@@ -184,13 +165,13 @@ install.sh_usage() {

    printf "  %s\n" "SOURCE"
    printf "    Package source that should be used\n"
-    printf "    Allowed: stable, master, main\n"
-    printf "    Default: stable\n"
+    printf "    %s\n" "Allowed: stable, master, main"
+    printf "    %s\n" "Default: stable"
    echo

    printf "  %s\n" "PUBLISHER"
    printf "    Publisher that should be used\n"
-    printf "    Default: inventree\n"
+    printf "    %s\n" "Default: inventree"
    echo

    printf "%s\n" "Examples:"
@@ -203,11 +184,14 @@ install.sh_usage() {
 }

 normalize_input() {
-  local arg flags
+  local arg passthru flags
+  passthru=false

  while [[ $# -gt 0 ]]; do
    arg="$1"
-    if [[ $arg =~ ^(--[a-zA-Z0-9_\-]+)=(.+)$ ]]; then
+    if [[ $passthru == true ]]; then
+      input+=("$arg")
+    elif [[ $arg =~ ^(--[a-zA-Z0-9_\-]+)=(.+)$ ]]; then
      input+=("${BASH_REMATCH[1]}")
      input+=("${BASH_REMATCH[2]}")
    elif [[ $arg =~ ^(-[a-zA-Z0-9])=(.+)$ ]]; then
@@ -218,6 +202,9 @@ normalize_input() {
      for ((i = 0; i < ${#flags}; i++)); do
        input+=("-${flags:i:1}")
      done
+    elif [[ "$arg" == "--" ]]; then
+      passthru=true
+      input+=("$arg")
    else
      input+=("$arg")
    fi
@@ -226,37 +213,11 @@ normalize_input() {
  done
 }

-inspect_args() {
-  if ((${#args[@]})); then
-    readarray -t sorted_keys < <(printf '%s\n' "${!args[@]}" | sort)
-    echo args:
-    for k in "${sorted_keys[@]}"; do echo "- \${args[$k]} = ${args[$k]}"; done
-  else
-    echo args: none
-  fi
-
-  if ((${#other_args[@]})); then
-    echo
-    echo other_args:
-    echo "- \${other_args[*]} = ${other_args[*]}"
-    for i in "${!other_args[@]}"; do
-      echo "- \${other_args[$i]} = ${other_args[$i]}"
-    done
-  fi
-
-  if ((${#deps[@]})); then
-    readarray -t sorted_keys < <(printf '%s\n' "${!deps[@]}" | sort)
-    echo
-    echo deps:
-    for k in "${sorted_keys[@]}"; do echo "- \${deps[$k]} = ${deps[$k]}"; done
-  fi
-
-}
-
 parse_requirements() {

  while [[ $# -gt 0 ]]; do
-    case "${1:-}" in
+    key="$1"
+    case "$key" in
      --version | -v)
        version_command
        exit
@@ -301,11 +262,10 @@ parse_requirements() {
      *)

        if [[ -z ${args['source']+x} ]]; then
-
          args['source']=$1
          shift
-        elif [[ -z ${args['publisher']+x} ]]; then

+        elif [[ -z ${args['publisher']+x} ]]; then
          args['publisher']=$1
          shift
        else
@@ -321,7 +281,7 @@ parse_requirements() {
  [[ -n ${args['source']:-} ]] || args['source']="stable"
  [[ -n ${args['publisher']:-} ]] || args['publisher']="inventree"

-  if [[ -n ${args['source']} ]] && [[ ! ${args['source']} =~ ^(stable|master|main)$ ]]; then
+  if [[ -n ${args['source']:-} ]] && [[ ! ${args['source']:-} =~ ^(stable|master|main)$ ]]; then
    printf "%s\n" "source must be one of: stable, master, main" >&2
    exit 1
  fi
@@ -329,18 +289,19 @@ parse_requirements() {
 }

 initialize() {
-  version="2.0"
-  long_usage=''
+  declare -g version="2.0"
  set -e

-
 }

 run() {
-  declare -A args=()
-  declare -A deps=()
-  declare -a other_args=()
-  declare -a input=()
+
+  declare -g long_usage=''
+  declare -g -A args=()
+  declare -g -A deps=()
+  declare -g -a env_var_names=()
+  declare -g -a input=()
+
  normalize_input "$@"
  parse_requirements "${input[@]}"

@@ -349,5 +310,6 @@ run() {
  esac
 }

+command_line_args=("$@")
 initialize
-run "$@"
+run "${command_line_args[@]}"
--- a/contrib/installer/src/root_command.sh
+++ b/contrib/installer/src/root_command.sh
@@ -5,7 +5,7 @@ publisher=${args[publisher]}
 no_call=${args[--no-call]}
 dry_run=${args[--dry-run]}

-REQS="wget apt-transport-https"
+REQS="wget apt-transport-https curl gpg"

 function do_call() {
    if [[ $dry_run ]]; then
@@ -46,17 +46,16 @@ echo "### Installer for InvenTree - source: $publisher/$source_url"
 get_distribution
 echo "### Detected distribution: $OS $VER"
 SUPPORTED=true          # is this OS supported?
-NEEDS_LIBSSL1_1=false   # does this OS need libssl1.1?

 DIST_OS=${OS,,}
 DIST_VER=$VER

 case "$OS" in
    Ubuntu)
-        if [[ $VER == "22.04" ]]; then
+        if [[ $VER == "24.04" ]]; then
+            SUPPORTED=true
+        elif [[ $VER == "22.04" ]]; then
            SUPPORTED=true
-            NEEDS_LIBSSL1_1=true
-            DIST_VER="20.04"
        elif [[ $VER == "20.04" ]]; then
            SUPPORTED=true
        else
@@ -100,15 +99,6 @@ for pkg in $REQS; do
    fi
 done

-if [[ $NEEDS_LIBSSL1_1 == "true" ]]; then
-    echo "### Installing libssl1.1"
-
-    echo "deb http://security.ubuntu.com/ubuntu focal-security main" | sudo tee /etc/apt/sources.list.d/focal-security.list
-    do_call "sudo apt-get update"
-    do_call "sudo apt-get install libssl1.1"
-    sudo rm /etc/apt/sources.list.d/focal-security.list
-fi
-
 echo "### Getting and adding key"
 curl -fsSL https://dl.packager.io/srv/$publisher/InvenTree/key | gpg --dearmor | tee /etc/apt/trusted.gpg.d/pkgr-inventree.gpg > /dev/null
 echo "### Adding package source"
--- a/contrib/packager.io/functions.sh
+++ b/contrib/packager.io/functions.sh
@@ -4,8 +4,8 @@
 #
 Color_Off='\033[0m'
 On_Red='\033[41m'
-PYTHON_FROM=9
-PYTHON_TO=12
+PYTHON_FROM=11
+PYTHON_TO=15

 function detect_docker() {
  if [ -n "$(grep docker </proc/1/cgroup)" ]; then
@@ -61,7 +61,7 @@ function detect_python() {
    echo "# POI07| No python environment found - using environment variable: ${SETUP_PYTHON}"
  fi

-  # Try to detect a python between 3.9 and 3.12 in reverse order
+  # Try to detect a python between lowest and highest supported in reverse order
  if [ -z "$(which ${SETUP_PYTHON})" ]; then
    echo "# POI07| Trying to detecting python3.${PYTHON_FROM} to python3.${PYTHON_TO} - using newest version"
    for i in $(seq $PYTHON_TO -1 $PYTHON_FROM); do
@@ -79,7 +79,7 @@ function detect_python() {
    echo "${On_Red}"
    echo "# POI07| Python ${SETUP_PYTHON} not found - aborting!"
    echo "# POI07| Please ensure python can be executed with the command '$SETUP_PYTHON' by the current user '$USER'."
-    echo "# POI07| If you are using a different python version, please set the environment variable SETUP_PYTHON to the correct command - eg. 'python3.10'."
+    echo "# POI07| If you are using a different python version, please set the environment variable SETUP_PYTHON to the correct command - eg. 'python3.11'."
    echo "${Color_Off}"
    exit 1
  fi
@@ -166,6 +166,18 @@ function detect_envs() {
    export INVENTREE_DB_PASSWORD=$(jq -r '.[].database.PASSWORD' <<< ${INVENTREE_CONF_DATA})
    export INVENTREE_DB_HOST=$(jq -r '.[].database.HOST' <<< ${INVENTREE_CONF_DATA})
    export INVENTREE_DB_PORT=$(jq -r '.[].database.PORT' <<< ${INVENTREE_CONF_DATA})
+
+    # Parse site URL if not already set
+    if [ -z "${INVENTREE_SITE_URL}" ]; then
+      # Try to read out the app config
+      if [ -n "$(inventree config:get INVENTREE_SITE_URL)" ]; then
+        echo "# POI03| Getting site URL from app config"
+        export INVENTREE_SITE_URL=$(inventree config:get INVENTREE_SITE_URL)
+      else
+        echo "# POI03| Getting site URL from config file"
+        export INVENTREE_SITE_URL=$(jq -r '.[].site_url' <<< ${INVENTREE_CONF_DATA})
+      fi
+    fi
  else
    echo "# POI03| No config file found: ${INVENTREE_CONFIG_FILE}, using envs or defaults"

@@ -190,6 +202,8 @@ function detect_envs() {
    export INVENTREE_DB_HOST=${INVENTREE_DB_HOST:-samplehost}
    export INVENTREE_DB_PORT=${INVENTREE_DB_PORT:-123456}

+    export INVENTREE_SITE_URL=${INVENTREE_SITE_URL:-http://${INVENTREE_IP}}
+
    export SETUP_CONF_LOADED=true
  fi

@@ -209,6 +223,7 @@ function detect_envs() {
  fi
  echo "# POI03|    INVENTREE_DB_HOST=${INVENTREE_DB_HOST}"
  echo "# POI03|    INVENTREE_DB_PORT=${INVENTREE_DB_PORT}"
+  echo "# POI03|    INVENTREE_SITE_URL=${INVENTREE_SITE_URL}"
 }

 function create_initscripts() {
@@ -312,8 +327,8 @@ function update_or_install() {

  # Run update as app user
  echo "# POI12| Updating InvenTree"
-  sudo -u ${APP_USER} --preserve-env=$SETUP_ENVS bash -c "cd ${APP_HOME} && pip install wheel"
-  sudo -u ${APP_USER} --preserve-env=$SETUP_ENVS bash -c "cd ${APP_HOME} && invoke update | sed -e 's/^/# POI12| u | /;'"
+  sudo -u ${APP_USER} --preserve-env=$SETUP_ENVS bash -c "cd ${APP_HOME} && pip install wheel python-dotenv"
+  sudo -u ${APP_USER} --preserve-env=$SETUP_ENVS bash -c "cd ${APP_HOME} && set -e && invoke update | sed -e 's/^/# POI12| u | /;'"

  # Make sure permissions are correct again
  echo "# POI12| Set permissions for data dir and media: ${DATA_DIR}"
@@ -373,10 +388,15 @@ function set_site() {

  # Check if INVENTREE_SITE_URL in inventree config
  if [ -z "$(inventree config:get INVENTREE_SITE_URL)" ]; then
-    echo "# POI14| Setting up InvenTree site URL"
-    inventree config:set INVENTREE_SITE_URL=http://${INVENTREE_IP}
+    # Prefer current INVENTREE_SITE_URL if set
+    if [ -n "${INVENTREE_SITE_URL}" ]; then
+      inventree config:set INVENTREE_SITE_URL=${INVENTREE_SITE_URL}
+    else
+      echo "# POI14| Setting up InvenTree site URL"
+      inventree config:set INVENTREE_SITE_URL=http://${INVENTREE_IP}
+    fi
  else
-    echo "# POI14| Site URL already set - skipping"
+    echo "# POI14| Site URL already set to '$INVENTREE_SITE_URL' - skipping"
  fi
 }

@@ -385,11 +405,16 @@ function final_message() {
  echo -e "####################################################################################"
  echo -e "This InvenTree install uses nginx, the settings for the webserver can be found in"
  echo -e "${SETUP_NGINX_FILE}"
-  echo -e "Try opening InvenTree with either\nhttp://localhost/ or http://${INVENTREE_IP}/\n"
-  echo -e "Admin user data:"
-  echo -e "   Email: ${INVENTREE_ADMIN_EMAIL}"
-  echo -e "   Username: ${INVENTREE_ADMIN_USER}"
-  echo -e "   Password: ${INVENTREE_ADMIN_PASSWORD}"
+  echo -e "Try opening InvenTree with any of \n${INVENTREE_SITE_URL} , http://localhost/ or http://${INVENTREE_IP}/ \n"
+  # Print admin user data only if set
+  if [ -n "${INVENTREE_ADMIN_USER}" ]; then
+    echo -e "Admin user data:"
+    echo -e "   Email: ${INVENTREE_ADMIN_EMAIL}"
+    echo -e "   Username: ${INVENTREE_ADMIN_USER}"
+    echo -e "   Password: ${INVENTREE_ADMIN_PASSWORD}"
+  else
+    echo -e "No admin set during this operation - depending on the deployment method a admin user might have been created with an initial password saved in `$SETUP_ADMIN_PASSWORD_FILE`"
+  fi
  echo -e "####################################################################################"
 }

--- a/contrib/packager.io/postinstall.sh
+++ b/contrib/packager.io/postinstall.sh
@@ -14,7 +14,7 @@ echo "# POI01| Importing functions"
 echo "# POI01| Functions imported"

 # Envs that should be passed to setup commands
-export SETUP_ENVS=PATH,APP_HOME,INVENTREE_MEDIA_ROOT,INVENTREE_STATIC_ROOT,INVENTREE_BACKUP_DIR,INVENTREE_SITE_URL,INVENTREE_PLUGINS_ENABLED,INVENTREE_PLUGIN_FILE,INVENTREE_CONFIG_FILE,INVENTREE_SECRET_KEY_FILE,INVENTREE_DB_ENGINE,INVENTREE_DB_NAME,INVENTREE_DB_USER,INVENTREE_DB_PASSWORD,INVENTREE_DB_HOST,INVENTREE_DB_PORT,INVENTREE_ADMIN_USER,INVENTREE_ADMIN_EMAIL,INVENTREE_ADMIN_PASSWORD,SETUP_NGINX_FILE,SETUP_ADMIN_PASSWORD_FILE,SETUP_NO_CALLS,SETUP_DEBUG,SETUP_EXTRA_PIP,SETUP_PYTHON,SETUP_ADMIN_NOCREATION
+export SETUP_ENVS=PATH,APP_HOME,INVENTREE_MEDIA_ROOT,INVENTREE_STATIC_ROOT,INVENTREE_BACKUP_DIR,INVENTREE_PLUGINS_ENABLED,INVENTREE_PLUGIN_FILE,INVENTREE_CONFIG_FILE,INVENTREE_SECRET_KEY_FILE,INVENTREE_DB_ENGINE,INVENTREE_DB_NAME,INVENTREE_DB_USER,INVENTREE_DB_PASSWORD,INVENTREE_DB_HOST,INVENTREE_DB_PORT,INVENTREE_ADMIN_USER,INVENTREE_ADMIN_EMAIL,INVENTREE_ADMIN_PASSWORD,INVENTREE_SITE_URL,SETUP_NGINX_FILE,SETUP_ADMIN_PASSWORD_FILE,SETUP_NO_CALLS,SETUP_DEBUG,SETUP_EXTRA_PIP,SETUP_PYTHON,SETUP_ADMIN_NOCREATION

 # Get the envs
 detect_local_env
@@ -26,17 +26,17 @@ export DATA_DIR=${APP_HOME}/data
 export SETUP_NGINX_FILE=${SETUP_NGINX_FILE:-/etc/nginx/sites-enabled/inventree.conf}
 export SETUP_ADMIN_PASSWORD_FILE=${CONF_DIR}/admin_password.txt
 export SETUP_NO_CALLS=${SETUP_NO_CALLS:-false}
-export SETUP_PYTHON=${SETUP_PYTHON:-python3.9}
+export SETUP_PYTHON=${SETUP_PYTHON:-python3.11}
 export SETUP_ADMIN_NOCREATION=${SETUP_ADMIN_NOCREATION:-false}
 # SETUP_DEBUG can be set to get debug info
 # SETUP_EXTRA_PIP can be set to install extra pip packages
 # SETUP_PYTHON can be set to use a different python version

 # get base info
+detect_ip
 detect_envs
 detect_docker
 detect_initcmd
-detect_ip
 detect_python

 # Check if we are updating and need to alert
--- a/contrib/packager.io/preinstall.sh
+++ b/contrib/packager.io/preinstall.sh
@@ -6,7 +6,7 @@ echo "# PRI01| Running preinstall script - start - $(date)"
 PATH=${APP_HOME}/env/bin:${APP_HOME}/:/sbin:/bin:/usr/sbin:/usr/bin:

 # Envs that should be passed to setup commands
-export SETUP_ENVS=PATH,APP_HOME,INVENTREE_MEDIA_ROOT,INVENTREE_STATIC_ROOT,INVENTREE_BACKUP_DIR,INVENTREE_PLUGINS_ENABLED,INVENTREE_PLUGIN_FILE,INVENTREE_CONFIG_FILE,INVENTREE_SECRET_KEY_FILE,INVENTREE_DB_ENGINE,INVENTREE_DB_NAME,INVENTREE_DB_USER,INVENTREE_DB_PASSWORD,INVENTREE_DB_HOST,INVENTREE_DB_PORT,INVENTREE_ADMIN_USER,INVENTREE_ADMIN_EMAIL,INVENTREE_ADMIN_PASSWORD,SETUP_NGINX_FILE,SETUP_ADMIN_PASSWORD_FILE,SETUP_NO_CALLS,SETUP_DEBUG,SETUP_EXTRA_PIP,SETUP_PYTHON
+export SETUP_ENVS=PATH,APP_HOME,INVENTREE_MEDIA_ROOT,INVENTREE_STATIC_ROOT,INVENTREE_BACKUP_DIR,INVENTREE_PLUGINS_ENABLED,INVENTREE_PLUGIN_FILE,INVENTREE_CONFIG_FILE,INVENTREE_SECRET_KEY_FILE,INVENTREE_DB_ENGINE,INVENTREE_DB_NAME,INVENTREE_DB_USER,INVENTREE_DB_PASSWORD,INVENTREE_DB_HOST,INVENTREE_DB_PORT,INVENTREE_ADMIN_USER,INVENTREE_ADMIN_EMAIL,INVENTREE_ADMIN_PASSWORD,INVENTREE_SITE_URL,SETUP_NGINX_FILE,SETUP_ADMIN_PASSWORD_FILE,SETUP_NO_CALLS,SETUP_DEBUG,SETUP_EXTRA_PIP,SETUP_PYTHON

 if test -f "${APP_HOME}/env/bin/pip"; then
  # Check if clear-generated is available
--- a/docs/README.md
+++ b/docs/README.md
@@ -4,28 +4,104 @@

 This repository hosts the [official documentation](https://inventree.readthedocs.io/) for [InvenTree](https://github.com/inventree/inventree), an open source inventory management system.

-To serve this documentation locally (e.g. for development), you will need to have Python 3 installed on your system.
+## Prerequisites

-## Setup
+InvenTree uses [MkDocs](https://www.mkdocs.org/) to convert [Markdown](https://www.mkdocs.org/user-guide/writing-your-docs/#writing-with-markdown) format `.md` files into HTML suitable for viewing in a web browser.

-Run the following commands from the top-level project directory:
+!!! info "Prerequisites"
+    To build and serve this documentation locally (e.g. for development), you will need:
+
+    * Python 3 installed on your system.
+    * An existing InvenTree installation containing the virtual environment that was created during installation.
+
+    These instructions assume you followed the [InvenTree bare metal installation instructions](./docs/start/install.md), so you'll have an `inventree` user, a home directory at `/home/inventree`, the InvenTree source code cloned from [GitHub](https://github.com/inventree/inventree) into `/home/inventree/src`, and a virtual environment at `/home/inventree/env`.  If you installed InvenTree some other way, this might vary, and you'll have to adjust these instructions accordingly.
+
+!!! warning "Your InvenTree install will be updated!"
+    Some of the commands that follow will make changes to your install, for example, by running any pending database migrations.  There's a small risk this may cause issues with your existing installation.  If you can't risk this, consider setting up a separate InvenTree installation specifically for documentation development.
+
+## Building the documentation locally
+
+To build the documentation locally, run these commands as the `inventree` user:

 ```
-$ git clone https://github.com/inventree/inventree
+$ cd /home/inventree
+$ source env/bin/activate
+```
+
+!!! info "(env) prefix"
+    The shell prompt should now display the `(env)` prefix, showing that you are operating within the context of the python virtual environment
+
+You can now install the additional packages needed by mkdocs:
+
+```
+$ cd src
 $ pip install --require-hashes -r docs/requirements.txt
 ```

-## Serve Locally
+## Build Documentation

-To serve the pages locally, run the following command (from the top-level project directory):
+Before serving the documentation, you will need to build the API schema files from the source code, so they can be included in the documentation:
+
+```
+invoke build-docs
+```
+
+!!! tip
+    This command is only required when building the documentation for the first time, or when changes have been made to the API schema.
+
+## Serve Local files
+
+```
+$ invoke build-docs
+```
+
+You will see output similar to this (truncated for brevity):
+```
+Running InvenTree database migrations...
+Exporting definitions...
+Exporting settings definition to '/home/inventree/src/docs/generated/inventree_settings.json'...
+Exported InvenTree settings definitions to '/home/inventree/src/docs/generated/inventree_settings.json'
+Exported InvenTree tag definitions to '/home/inventree/src/docs/generated/inventree_tags.yml'
+Exported InvenTree filter definitions to '/home/inventree/src/docs/generated/inventree_filters.yml'
+Exported InvenTree report context definitions to '/home/inventree/src/docs/generated/inventree_report_context.json'
+Exporting definitions complete
+Exporting schema file to '/home/inventree/src/docs/generated/schema.yml'
+
+Schema export completed: /home/inventree/src/docs/generated/schema.yml
+Documentation build complete, but mkdocs not requested
+```
+
+If that worked, you can now generate the HTML format documentation pages:
+
+```
+$ mkdocs build -f docs/mkdocs.yml
+```
+
+## Viewing the generated output
+
+To view the documentation locally, run the following command to start the MkDocs webpage server:

 ```
 $ mkdocs serve -f docs/mkdocs.yml -a localhost:8080
 ```

-## Edit Documentation Files
+Alternatively, you can use the `invoke` command:

-Once the server is running, it will monitor the documentation files for any changes, and update the served pages.
+```
+invoke dev.docs-server
+```
+
+To see all the available options:
+
+```
+invoke dev.docs-server --help
+```
+
+You can then point your web browser at http://localhost:8080/
+
+## Editing the Documentation Files
+
+Once the server is running, it will monitor the documentation files for any changes, and regenerate the HTML pages.

 ### Admonitions

--- a/docs/docs/api/index.md
+++ b/docs/docs/api/index.md
@@ -106,7 +106,7 @@ response = request.get('http://localhost:8080/api/part/', data=data, headers=hea

 InvenTree has built-in support for using [oAuth2](https://oauth.net/2/) and OpenID Connect (OIDC) for authentication to the API. This enables using the instance as a very limited identity provider.

-A default application using a public client with PKCE enabled ships with each instance. Intended to be used with the python api and configured with very wide scopes this can also be used for quick tests - the cliend_id is `zDFnsiRheJIOKNx6aCQ0quBxECg1QBHtVFDPloJ6`.
+A default application using a public client with PKCE enabled ships with each instance. Intended to be used with the python api and configured with very wide scopes this can also be used for quick tests - the client_id is `zDFnsiRheJIOKNx6aCQ0quBxECg1QBHtVFDPloJ6`.

 #### Managing applications

--- a/docs/docs/api/python/examples.md
+++ b/docs/docs/api/python/examples.md
@@ -67,7 +67,7 @@ print("Minimum stock:", part.minimum_stock)

 ### Adding Parameters

-Each [part](../../part/index.md) can have multiple [parameters](../../part/parameter.md). For the example of the sofa (above) *length* and *weight* make sense. Each parameter has a parameter template that combines the parameter name with a unit. So we first have to create the parameter templates and afterwards add the parameter values to the sofa.
+Each [part](../../part/index.md) can have multiple [parameters](../../concepts/parameters.md). For the example of the sofa (above) *length* and *weight* make sense. Each parameter has a parameter template that combines the parameter name with a unit. So we first have to create the parameter templates and afterwards add the parameter values to the sofa.

 ```python
 from inventree.part import Parameter
--- a/docs/docs/app/barcode.md
+++ b/docs/docs/app/barcode.md
@@ -73,7 +73,7 @@ the *Scan Items Into Location* action allows you to scan items into the selected

 ### Stock Item Actions

-From the [Stock Item detail page](./stock.md#stock-item-detail-view), the following barcode actions may be available:
+From the [Stock Item detail page](./stock.md#details-tab), the following barcode actions may be available:

 {{ image("app/barcode_stock_item_actions.png", "Stock item barcode actions") }}

--- a/docs/docs/assets/images/admin/export.png
+++ b/docs/docs/assets/images/admin/export.png
--- a/docs/docs/assets/images/admin/export_options.png
+++ b/docs/docs/assets/images/admin/export_options.png
--- a/docs/docs/assets/images/barcode/barcode_allocate_stock.png
+++ b/docs/docs/assets/images/barcode/barcode_allocate_stock.png
--- a/docs/docs/assets/images/barcode/barcode_field.png
+++ b/docs/docs/assets/images/barcode/barcode_field.png
--- a/docs/docs/assets/images/barcode/barcode_field_dialog.png
+++ b/docs/docs/assets/images/barcode/barcode_field_dialog.png
--- a/docs/docs/assets/images/barcode/barcode_field_filled.png
+++ b/docs/docs/assets/images/barcode/barcode_field_filled.png
--- a/docs/docs/assets/images/build/build_output_complete.png
+++ b/docs/docs/assets/images/build/build_output_complete.png
--- a/docs/docs/assets/images/build/build_output_scrap.png
+++ b/docs/docs/assets/images/build/build_output_scrap.png
--- a/docs/docs/assets/images/concepts/attachments-tab.png
+++ b/docs/docs/assets/images/concepts/attachments-tab.png
--- a/docs/docs/assets/images/concepts/edit_address.png
+++ b/docs/docs/assets/images/concepts/edit_address.png
--- a/docs/docs/assets/images/concepts/parameter-tab.png
+++ b/docs/docs/assets/images/concepts/parameter-tab.png
--- a/docs/docs/assets/images/concepts/parameter-template.png
+++ b/docs/docs/assets/images/concepts/parameter-template.png
--- a/docs/docs/assets/images/concepts/parametric-parts.png
+++ b/docs/docs/assets/images/concepts/parametric-parts.png
--- a/docs/docs/assets/images/part/import_part.png
+++ b/docs/docs/assets/images/part/import_part.png
--- a/docs/docs/assets/images/part/import_part_wizard.png
+++ b/docs/docs/assets/images/part/import_part_wizard.png
--- a/docs/docs/assets/images/part/import_supplier_part.png
+++ b/docs/docs/assets/images/part/import_supplier_part.png
--- a/docs/docs/assets/images/part/new_part.png
+++ b/docs/docs/assets/images/part/new_part.png
--- a/docs/docs/assets/images/part/new_parts_dropdown.png
+++ b/docs/docs/assets/images/part/new_parts_dropdown.png
--- a/docs/docs/assets/images/purchasing/assign_project_code.png
+++ b/docs/docs/assets/images/purchasing/assign_project_code.png
--- a/docs/docs/assets/images/purchasing/company_disable.png
+++ b/docs/docs/assets/images/purchasing/company_disable.png
--- a/docs/docs/assets/images/purchasing/contact_list.png
+++ b/docs/docs/assets/images/purchasing/contact_list.png
--- a/docs/docs/assets/images/purchasing/disable_supplier_part.png
+++ b/docs/docs/assets/images/purchasing/disable_supplier_part.png
--- a/docs/docs/assets/images/purchasing/disable_supplier_part_edit.png
+++ b/docs/docs/assets/images/purchasing/disable_supplier_part_edit.png
--- a/docs/docs/assets/images/purchasing/filter_by_project.png
+++ b/docs/docs/assets/images/purchasing/filter_by_project.png
--- a/docs/docs/assets/images/purchasing/manufacturer_list.png
+++ b/docs/docs/assets/images/purchasing/manufacturer_list.png
--- a/docs/docs/assets/images/purchasing/po_calendar.png
+++ b/docs/docs/assets/images/purchasing/po_calendar.png
--- a/docs/docs/assets/images/purchasing/po_display.png
+++ b/docs/docs/assets/images/purchasing/po_display.png
--- a/docs/docs/assets/images/purchasing/po_duplicate.png
+++ b/docs/docs/assets/images/purchasing/po_duplicate.png
--- a/docs/docs/assets/images/purchasing/po_duplicate_2.png
+++ b/docs/docs/assets/images/purchasing/po_duplicate_2.png
--- a/docs/docs/assets/images/purchasing/po_duplicate_3.png
+++ b/docs/docs/assets/images/purchasing/po_duplicate_3.png
--- a/docs/docs/assets/images/purchasing/po_list.png
+++ b/docs/docs/assets/images/purchasing/po_list.png
--- a/docs/docs/assets/images/purchasing/supplier_list.png
+++ b/docs/docs/assets/images/purchasing/supplier_list.png
--- a/docs/docs/assets/images/purchasing/supplier_part_availability.png
+++ b/docs/docs/assets/images/purchasing/supplier_part_availability.png
--- a/docs/docs/assets/images/purchasing/update_availability.png
+++ b/docs/docs/assets/images/purchasing/update_availability.png
--- a/docs/docs/assets/images/report/report_merge.png
+++ b/docs/docs/assets/images/report/report_merge.png
--- a/docs/docs/assets/images/sales/complete_shipment.png
+++ b/docs/docs/assets/images/sales/complete_shipment.png
--- a/docs/docs/assets/images/sales/completed_shipments.png
+++ b/docs/docs/assets/images/sales/completed_shipments.png
--- a/docs/docs/assets/images/sales/customers.png
+++ b/docs/docs/assets/images/sales/customers.png
--- a/docs/docs/assets/images/sales/edit_shipment.png
+++ b/docs/docs/assets/images/sales/edit_shipment.png
--- a/docs/docs/assets/images/sales/pending_shipments.png
+++ b/docs/docs/assets/images/sales/pending_shipments.png
--- a/docs/docs/assets/images/sales/return_order_create.png
+++ b/docs/docs/assets/images/sales/return_order_create.png
--- a/docs/docs/assets/images/sales/return_order_detail.png
+++ b/docs/docs/assets/images/sales/return_order_detail.png
--- a/docs/docs/assets/images/sales/return_order_enable.png
+++ b/docs/docs/assets/images/sales/return_order_enable.png
--- a/docs/docs/assets/images/sales/return_order_index.png
+++ b/docs/docs/assets/images/sales/return_order_index.png
--- a/docs/docs/assets/images/sales/return_order_navbar.png
+++ b/docs/docs/assets/images/sales/return_order_navbar.png
--- a/docs/docs/assets/images/sales/ro_calendar.png
+++ b/docs/docs/assets/images/sales/ro_calendar.png
--- a/docs/docs/assets/images/sales/ro_display.png
+++ b/docs/docs/assets/images/sales/ro_display.png
--- a/docs/docs/assets/images/sales/ro_list.png
+++ b/docs/docs/assets/images/sales/ro_list.png
--- a/docs/docs/assets/images/sales/so_calendar.png
+++ b/docs/docs/assets/images/sales/so_calendar.png
--- a/docs/docs/assets/images/sales/so_display.png
+++ b/docs/docs/assets/images/sales/so_display.png
--- a/docs/docs/assets/images/sales/so_list.png
+++ b/docs/docs/assets/images/sales/so_list.png
--- a/docs/docs/assets/images/sales/so_shipment_check.png
+++ b/docs/docs/assets/images/sales/so_shipment_check.png
--- a/docs/docs/assets/images/settings/project_codes.png
+++ b/docs/docs/assets/images/settings/project_codes.png
--- a/docs/docs/assets/images/stock/build_order_allocations.png
+++ b/docs/docs/assets/images/stock/build_order_allocations.png
--- a/docs/docs/assets/images/stock/sales_order_allocations.png
+++ b/docs/docs/assets/images/stock/sales_order_allocations.png
--- a/docs/docs/assets/images/stock/serial_edit.png
+++ b/docs/docs/assets/images/stock/serial_edit.png
--- a/docs/docs/assets/images/stock/serial_edit_error.png
+++ b/docs/docs/assets/images/stock/serial_edit_error.png
--- a/docs/docs/assets/images/stock/stock_detail.png
+++ b/docs/docs/assets/images/stock/stock_detail.png
--- a/docs/docs/assets/images/stock/stock_overview.png
+++ b/docs/docs/assets/images/stock/stock_overview.png
--- a/docs/docs/barcodes/index.md
+++ b/docs/docs/barcodes/index.md
@@ -69,6 +69,27 @@ To access this page, select *Scan Barcode* from the main navigation menu:
 {{ image("barcode/barcode_nav_menu.png", "Barcode menu item") }}
 {{ image("barcode/barcode_scan_page.png", "Barcode scan page") }}

+## Barcodes in Forms
+
+The InvenTree user interface supports direct scanning of barcodes within certain forms in the web UI. This means that any form field which points to a model which supports barcodes can accept barcode input. If barcode scanning is supported for a particular field, a barcode icon will be displayed next to the input field:
+
+{{ image("barcode/barcode_field.png", "Barcode form field") }}
+
+To scan a barcode into a form field, click this barcode icon. A barcode scanning dialog will be displayed, allowing the user to scan a barcode using their preferred input method:
+
+{{ image("barcode/barcode_field_dialog.png", "Barcode field scan dialog") }}
+
+Once scanned, the form field will be automatically populated with the correct item.
+
+{{ image("barcode/barcode_field_filled.png", "Barcode field populated") }}
+
+Any field which supports barcode input will have this functionality, such as allocating stock items to an order:
+
+{{ image("barcode/barcode_allocate_stock.png", "Allocate stock via barcode") }}
+
+### User Configuration
+
+By default, barcode scanning in form fields is disabled. Each user can enable this feature via their [user preferences](../settings/user.md#display-settings).

 ## App Integration

@@ -76,8 +97,15 @@ Barcode scanning is a key feature of the [companion mobile app](../app/barcode.m

 ## Barcode History

-If enabled, InvenTree can retain logs of the most recent barcode scans. This can be very useful for debugging or auditing purpopes.
+If enabled, InvenTree can retain logs of the most recent barcode scans. This can be very useful for debugging or auditing purposes.

 Refer to the [barcode settings](../settings/global.md#barcodes) to enable barcode history logging.

 The barcode history can be viewed via the admin panel in the web interface.
+
+## Barcode Settings
+
+There are a number of settings which control the behavior of barcodes within InvenTree. For more information, refer to the links below:
+
+- [Global Barcode Settings](../settings/global.md#barcodes)
+- [User Preferences for Barcode Scanning](../settings/user.md#display-settings)
--- a/docs/docs/concepts/attachments.md
+++ b/docs/docs/concepts/attachments.md
@@ -0,0 +1,18 @@
+---
+title: Attachments
+---
+
+## Attachments
+
+An *attachment* is a file which has been uploaded and linked to a specific object within InvenTree. Attachments can be used to store additional documentation, images, or other relevant files associated with various InvenTree models.
+
+!!! note "Business Logic"
+    Attachments are not used for any core business logic within InvenTree. They are intended to provide additional metadata for objects, which can be useful for documentation, reference, or reporting purposes.
+
+Parameters can be associated with various InvenTree models.
+
+### Attachments Tab
+
+Any model which supports attachments will have an "Attachments" tab on its detail page. This tab displays all attachments associated with that object:
+
+{{ image("concepts/attachments-tab.png", "Order Attachments Example") }}
--- a/docs/docs/concepts/company.md
+++ b/docs/docs/concepts/company.md
@@ -29,7 +29,7 @@ It is recommended to disable a company rather than deleting it, as this will pre

 To disable a company, simply edit the company details and set the `active` attribute to `False`:

-{{ image("order/company_disable.png", "Disable Company") }}
+{{ image("purchasing/company_disable.png", "Disable Company") }}

 To re-enable a company, simply follow the same process and set the `active` attribute to `True`.

@@ -49,7 +49,7 @@ Each company can have multiple assigned *Contacts*. A contact identifies an indi

 The list of contacts associated with a particular company is available in the <span class='badge inventree nav main'>{{ icon("users") }} Contacts</span> navigation tab:

-{{ image("order/contact_list.png", "Company Contacts") }}
+{{ image("purchasing/contact_list.png", "Company Contacts") }}

 A *contact* can be assigned to orders, (such as [purchase orders](../purchasing/purchase_order.md) or [sales orders](../sales/sales_order.md)).

@@ -58,35 +58,49 @@ A *contact* can be assigned to orders, (such as [purchase orders](../purchasing/
 A company can have multiple registered addresses for use with all types of orders.
 An address is broken down to internationally recognised elements that are designed to allow for formatting an address according to user needs.
 Addresses are composed differently across the world, and InvenTree reflects this by splitting addresses into components:
- Line 1: Main street address
- Line 2: Extra street address line
- Postal Code: Also known as ZIP code, this is normally a number 3-5 digits in length
- City: The city/region tied to the postal code
- Province: The larger region the address is located in. Also known as State in the US
- Country: Country the address is located in, written in CAPS
+
+| Field | Description |
+| ----- | ----------- |
+| Title | A descriptive name for the address (e.g. "Head Office", "Warehouse", etc)
+| Line 1 | Main street address |
+| Line 2 | Extra street address line |
+| Postal Code | Also known as ZIP code, this is normally a number 3-5 digits in length |
+| City | The city/region tied to the postal code |
+| Province | The larger region the address is located in. Also known as State in some countries |
+| Country | Country the address is located in |

 Here are a couple of examples of how the address structure differs by country, but these components can construct a correctly formatted address for any given country.

-UK address format:
+**UK Address Format:**
+
+```
 Recipient
 Line 1
 Line 2
 City
 Postal Code
 Country
+```

-US Address Format:
+**US Address Format:**
+```
 Recipient
 Line 1
 Line 2
 City State Postal Code
 Country
-
-
-Addresses can be accessed by the <span class='badge inventree nav main'>{{ icon("map-2") }} Addresses</span> navigation tab.
+```

 #### Primary Address

 Each company can have exactly one (1) primary address.
 This address is the default shown on the company profile, and the one that is automatically suggested when creating an order.
 Marking a new address as primary will remove the mark from the old primary address.
+
+#### Managing Addresses
+
+Addresses can be accessed by the <span class='badge inventree nav main'>{{ icon("map-2") }} Addresses</span> navigation tab, from the company detail page.
+
+Here, the addresses associated with the company are listed, and can be added, edited, or deleted.
+
+{{ image("concepts/edit_address.png", "Edit Address") }}
--- a/docs/docs/concepts/custom_states.md
+++ b/docs/docs/concepts/custom_states.md
@@ -10,6 +10,10 @@ States can be added in the [Admin Center](../settings/admin.md#admin-center) und

 States need to be assigned to a model, state (for example status on a StockItem) and a logical key - that will be used for business logic. These 3 values combined need to be unique throughout the system.

-Custom states can be used in the following models:
- StockItem
- Orders (PurchaseOrder, SalesOrder, ReturnOrder, ReturnOrderLine)
+Custom states can be defined for the following models:
+
+- [Stock Item](../stock/index.md)
+- [Build Order](../manufacturing/build.md)
+- [Purchase Order](../purchasing/purchase_order.md)
+- [Sales Order](../sales/sales_order.md)
+- [Return Order](../sales/return_order.md)
--- a/Show More
+++ b/Show More