chore(deps): bump django from 4.2.25 to 4.2.26 in /src/backend (#10781 ) (#10790 )

* chore(deps): bump django from 4.2.25 to 4.2.26 in /src/backend Bumps [django](https://github.com/django/django) from 4.2.25 to 4.2.26. - [Commits](https://github.com/django/django/compare/4.2.25...4.2.26) --- updated-dependencies: - dependency-name: django dependency-version: 4.2.26 dependency-type: direct:production ... * fix style * also bump docker version --------- (cherry picked from commit 726e852b7b) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Matthias Mair <code@mjmair.com>
Bump InvenTree software version to 1.1.3 (#10762 )
2025-12-19 13:20:37 -06:00 · 2025-11-08 22:10:19 +01:00 · 2025-11-04 11:00:09 +11:00 · 2025-11-04 10:13:48 +11:00 · 2025-11-04 07:28:09 +11:00 · 2025-11-03 12:35:32 +11:00
12 changed files with 109 additions and 85 deletions
--- a/.github/actions/setup/action.yaml
+++ b/.github/actions/setup/action.yaml
@@ -57,7 +57,7 @@ runs:
        run: |
          python3 -m pip install -U pip
          pip3 install -U invoke wheel
-          pip3 install 'uv>=0.9.4'
+          pip3 install 'uv>=0.9.6'
      - name: Allow uv to use the system Python by default
        run: echo "UV_SYSTEM_PYTHON=1" >> $GITHUB_ENV
        shell: bash
--- a/contrib/container/requirements.txt
+++ b/contrib/container/requirements.txt
@@ -4,9 +4,9 @@ asgiref==3.10.0 \
    --hash=sha256:aef8a81283a34d0ab31630c9b7dfe70c812c95eba78171367ca8745e88124734 \
    --hash=sha256:d89f2d8cd8b56dada7d52fa7dc8075baa08fb836560710d38c292a7a3f78c04e
    # via django
-django==4.2.25 \
-    --hash=sha256:2391ab3d78191caaae2c963c19fd70b99e9751008da22a0adcc667c5a4f8d311 \
-    --hash=sha256:9584cf26b174b35620e53c2558b09d7eb180a655a3470474f513ff9acb494f8c
+django==4.2.26 \
+    --hash=sha256:9398e487bcb55e3f142cb56d19fbd9a83e15bb03a97edc31f408361ee76d9d7a \
+    --hash=sha256:c96e64fc3c359d051a6306871bd26243db1bd02317472a62ffdbe6c3cae14280
    # via
    #   -r contrib/container/requirements.in
    #   django-auth-ldap
@@ -229,26 +229,26 @@ typing-extensions==4.15.0 \
    # via
    #   psycopg
    #   psycopg-pool
-uv==0.9.4 \
-    --hash=sha256:03a85b02e6ccf1b705ce78bd98da78c90d5a0d0f941756ee842825d850cada2f \
-    --hash=sha256:0840346084d28aa5345eeabcb7f9e727448b56b3b399300447a9155066909925 \
-    --hash=sha256:253133f7f2eac8fed10ad601c56ddcd13d8d81d9343ed9e95873d19b149199f2 \
-    --hash=sha256:2feb2adc0a2eb41a757b9cef3226f649452423badf20d68d177b6649342d021d \
-    --hash=sha256:39f6b459fdabc80c0afc080ba8bce86e048afa799bc6c5c372f78b14195cf49c \
-    --hash=sha256:3e1b5df83e96a8128b81a9f2bd72a4db752f691515914471b76df994339d2c35 \
-    --hash=sha256:42012fcfdbaec08e1c009bbdbf96296b05e0e86feb83e1182d9335ae86a288d2 \
-    --hash=sha256:57582a149de7788a83f998ddad2dfc50a328aae7a474fbb1617c73a9e2b42ebf \
-    --hash=sha256:610a219a6d92cc56c1a24888118a5ae1b07233b93dde0565d64fe198a2c7c376 \
-    --hash=sha256:787cf63c2f5c97cc6b30915632351eac655fcd4ec19620bc67cbd6855975817b \
-    --hash=sha256:79efd533016d9bf077056cac72e68fa501e9d0e09576a2c375f7c286d19be9d6 \
-    --hash=sha256:9ee7695b6632b74ea62d67fcef732e519d1fdb3f9ecf81c99bfd5a354ff925fb \
-    --hash=sha256:aa0e144df0276945cbe49e30b577cf51e19b808e5ca55e23b8a1a354857e1629 \
-    --hash=sha256:b7f7d3fd51627fbcca06cf75d327e060db924d4ca054e1e934b71682d58f1f51 \
-    --hash=sha256:c353be83686f769bf50e6c6bc8591ad59752b492c6bb51296e378e55521482f5 \
-    --hash=sha256:d89f88df09d571f6d06228b32a6a71100905eb64343247317d363bcd774ee870 \
-    --hash=sha256:dcbcc963232e13e279002844e983cd6d0f53560e75d8a3f7a68e7d68a6021235 \
-    --hash=sha256:df3288f85bd6bfb4b8722bb7223d6723de7c32d213596573d92803f89af9007c \
-    --hash=sha256:fa33399d5e3e31b753910cfaa6f87022736339cadb140c8896dccb7c6a855e32
+uv==0.9.7 \
+    --hash=sha256:0fdbfad5b367e7a3968264af6da5bbfffd4944a90319042f166e8df1a2d9de09 \
+    --hash=sha256:134e0daac56f9e399ccdfc9e4635bc0a13c234cad9224994c67bae462e07399a \
+    --hash=sha256:1aaf79b4234400e9e2fbf5b50b091726ccbb0b6d4d032edd3dfd4c9673d89dca \
+    --hash=sha256:34fe0af83fcafb9e2b786f4bd633a06c878d548a7c479594ffb5607db8778471 \
+    --hash=sha256:555ee72146b8782c73d755e4a21c9885c6bfc81db0ffca2220d52dddae007eb7 \
+    --hash=sha256:56a440ccde7624a7bc070e1c2492b358c67aea9b8f17bc243ea27c5871c8d02c \
+    --hash=sha256:62b315f62669899076a1953fba6baf50bd2b57f66f656280491331dcedd7e6c6 \
+    --hash=sha256:635e82c2d0d8b001618af82e4f2724350f15814f6462a71b3ebd44adec21f03c \
+    --hash=sha256:7019f4416925f4091b9d28c1cf3e8444cf910c4ede76bdf1f6b9a56ca5f97985 \
+    --hash=sha256:777bb1de174319245a35e4f805d3b4484d006ebedae71d3546f95e7c28a5f436 \
+    --hash=sha256:89697fa0d7384ba047daf75df844ee7800235105e41d08e0c876861a2b4aa90e \
+    --hash=sha256:8cf6bc2482d1293cc630f66b862b494c09acda9b7faff7307ef52667a2b3ad49 \
+    --hash=sha256:b5f1fb8203a77853db176000e8f30d5815ab175dc46199db059f97a72fc51110 \
+    --hash=sha256:bb8bfcc2897f7653522abc2cae80233af756ad857bfbbbbe176f79460cbba417 \
+    --hash=sha256:bcf878528bd079fe8ae15928b5dfa232fac8b0e1854a2102da6ae1a833c31276 \
+    --hash=sha256:c9810ee8173dce129c49b338d5e97f3d7c7e9435f73e0b9b26c2f37743d3bb9e \
+    --hash=sha256:d13da6521d4e841b1e0a9fda82e793dcf8458a323a9e8955f50903479d0bfa97 \
+    --hash=sha256:d6e5fe28ca05a4b576c0e8da5f69251dc187a67054829cfc4afb2bfa1767114b \
+    --hash=sha256:edd768f6730bba06aa10fdbd80ee064569f7236806f636bf65b68136a430aad0
    # via -r contrib/container/requirements.in
 wheel==0.45.1 \
    --hash=sha256:661e1abd9198507b1409a20c02106d9670b2576e916d58f520316666abca6729 \
--- a/contrib/install.sh
+++ b/contrib/install.sh
@@ -64,7 +64,7 @@ root_command() {
      Ubuntu)
          if [[ $VER == "24.04" ]]; then
              SUPPORTED=true
-          if [[ $VER == "22.04" ]]; then
+          elif [[ $VER == "22.04" ]]; then
              SUPPORTED=true
          elif [[ $VER == "20.04" ]]; then
              SUPPORTED=true
--- a/contrib/installer/src/root_command.sh
+++ b/contrib/installer/src/root_command.sh
@@ -54,7 +54,7 @@ case "$OS" in
    Ubuntu)
        if [[ $VER == "24.04" ]]; then
            SUPPORTED=true
-        if [[ $VER == "22.04" ]]; then
+        elif [[ $VER == "22.04" ]]; then
            SUPPORTED=true
        elif [[ $VER == "20.04" ]]; then
            SUPPORTED=true
--- a/docs/docs/report/helpers.md
+++ b/docs/docs/report/helpers.md
@@ -273,7 +273,7 @@ To convert a currency value from one currency to another, use the `convert_curre
 !!! info "Data Types"
    The `money` parameter must be `Money` class instance. If not, an error will be raised.

-#### create_currency
+### create_currency

 Create a `currency` instance using the `create_currency` helper function. This returns a `Money` class instance based on the provided amount and currency type.

@@ -286,12 +286,13 @@ Create a `currency` instance using the `create_currency` helper function. This r

 Simple mathematical operators are available, as demonstrated in the example template below. These operators can be used to perform basic arithmetic operations within the report template.

-### Input Types
-
-These mathematical functions accept inputs of various input types, and attempt to perform the operation accordingly. Note that any inputs which are provided as strings or numbers will be converted to `Decimal` class types before the operation is performed.
+!!! info "Input Types"
+    These mathematical functions accept inputs of various input types, and attempt to perform the operation accordingly. Note that any inputs which are provided as strings or numbers will be converted to `Decimal` class types before the operation is performed.

 ### add

+Add two numbers together using the `add` helper function:
+
 ::: report.templatetags.report.add
    options:
        show_docstring_description: false
@@ -299,6 +300,8 @@ These mathematical functions accept inputs of various input types, and attempt t

 ### subtract

+Subtract one number from another using the `subtract` helper function:
+
 ::: report.templatetags.report.subtract
    options:
        show_docstring_description: false
@@ -306,6 +309,8 @@ These mathematical functions accept inputs of various input types, and attempt t

 ### multiply

+Multiply two numbers together using the `multiply` helper function:
+
 ::: report.templatetags.report.multiply
    options:
        show_docstring_description: false
@@ -313,6 +318,8 @@ These mathematical functions accept inputs of various input types, and attempt t

 ### divide

+Divide one number by another using the `divide` helper function:
+
 ::: report.templatetags.report.divide
    options:
        show_docstring_description: false
@@ -320,6 +327,8 @@ These mathematical functions accept inputs of various input types, and attempt t

 ### modulo

+Perform a modulo operation using the `modulo` helper function:
+
 ::: report.templatetags.report.modulo
    options:
        show_docstring_description: false
--- a/src/backend/InvenTree/InvenTree/AllUserRequire2FAMiddleware.py
+++ b/src/backend/InvenTree/InvenTree/AllUserRequire2FAMiddleware.py
@@ -44,7 +44,9 @@ class AllUserRequire2FAMiddleware(MiddlewareMixin):

    def on_require_2fa(self, request: HttpRequest) -> HttpResponse:
        """Force user to mfa activation."""
-        return JsonResponse({'id': 'mfa_register'}, status=401)
+        return JsonResponse(
+            {'id': 'mfa_register', 'error': self.require_2fa_message}, status=401
+        )

    def is_allowed_page(self, request: HttpRequest) -> bool:
        """Check if the current page can be accessed without mfa."""
--- a/src/backend/InvenTree/InvenTree/setting/markdown.py
+++ b/src/backend/InvenTree/InvenTree/setting/markdown.py
@@ -0,0 +1,44 @@
+"""Configuration options for django-markdownify.
+
+Ref: https://django-markdownify.readthedocs.io/en/latest/settings.html
+"""
+
+
+def markdownify_config():
+    """Return configuration dictionary for django-markdownify."""
+    return {
+        'default': {
+            'BLEACH': True,
+            'WHITELIST_ATTRS': ['href', 'src', 'alt'],
+            'MARKDOWN_EXTENSIONS': ['markdown.extensions.extra'],
+            'WHITELIST_TAGS': [
+                'a',
+                'abbr',
+                'b',
+                'blockquote',
+                'code',
+                'em',
+                'h1',
+                'h2',
+                'h3',
+                'h4',
+                'h5',
+                'hr',
+                'i',
+                'img',
+                'li',
+                'ol',
+                'p',
+                'pre',
+                's',
+                'strong',
+                'table',
+                'thead',
+                'tbody',
+                'th',
+                'tr',
+                'td',
+                'ul',
+            ],
+        }
+    }
--- a/src/backend/InvenTree/InvenTree/settings.py
+++ b/src/backend/InvenTree/InvenTree/settings.py
@@ -42,7 +42,7 @@ from InvenTree.version import (
 from users.oauth2_scopes import oauth2_scopes

 from . import config
-from .setting import locales, storages
+from .setting import locales, markdown, storages

 try:
    import django_stubs_ext
@@ -265,13 +265,9 @@ DBBACKUP_EMAIL_SUBJECT_PREFIX = InvenTree.backup.backup_email_prefix()
 DBBACKUP_CONNECTORS = {'default': InvenTree.backup.get_backup_connector_options()}

 # Data storage options
-STORAGES = {
-    'default': {'BACKEND': 'django.core.files.storage.FileSystemStorage'},
-    'staticfiles': {'BACKEND': 'django.contrib.staticfiles.storage.StaticFilesStorage'},
-    'dbbackup': {
-        'BACKEND': InvenTree.backup.get_backup_storage_backend(),
-        'OPTIONS': InvenTree.backup.get_backup_storage_options(),
-    },
+DBBACKUP_STORAGE_CONFIG = {
+    'BACKEND': InvenTree.backup.get_backup_storage_backend(),
+    'OPTIONS': InvenTree.backup.get_backup_storage_options(),
 }

 # Enable django admin interface?
@@ -1403,42 +1399,7 @@ LOGOUT_REDIRECT_URL = get_setting(
 # Markdownify configuration
 # Ref: https://django-markdownify.readthedocs.io/en/latest/settings.html

-MARKDOWNIFY = {
-    'default': {
-        'BLEACH': True,
-        'WHITELIST_ATTRS': ['href', 'src', 'alt'],
-        'MARKDOWN_EXTENSIONS': ['markdown.extensions.extra'],
-        'WHITELIST_TAGS': [
-            'a',
-            'abbr',
-            'b',
-            'blockquote',
-            'code',
-            'em',
-            'h1',
-            'h2',
-            'h3',
-            'h4',
-            'h5',
-            'hr',
-            'i',
-            'img',
-            'li',
-            'ol',
-            'p',
-            'pre',
-            's',
-            'strong',
-            'table',
-            'thead',
-            'tbody',
-            'th',
-            'tr',
-            'td',
-            'ul',
-        ],
-    }
-}
+MARKDOWNIFY = markdown.markdownify_config()

 # Ignore these error types for in-database error logging
 IGNORED_ERRORS = [Http404, HttpResponseGone, django.core.exceptions.PermissionDenied]
@@ -1567,6 +1528,8 @@ if SITE_URL and not TESTING:  # pragma: no cover

 # Storage backends
 STORAGE_TARGET, STORAGES, _media = storages.init_storages()
+if 'dbbackup' not in STORAGES:
+    STORAGES['dbbackup'] = DBBACKUP_STORAGE_CONFIG
 if _media:
    MEDIA_URL = _media
 PRESIGNED_URL_EXPIRATION = 600
--- a/src/backend/InvenTree/InvenTree/version.py
+++ b/src/backend/InvenTree/InvenTree/version.py
@@ -18,7 +18,7 @@ from django.conf import settings
 from .api_version import INVENTREE_API_TEXT, INVENTREE_API_VERSION

 # InvenTree software version
-INVENTREE_SW_VERSION = '1.1.0'
+INVENTREE_SW_VERSION = '1.1.3'


 logger = logging.getLogger('inventree')
--- a/src/backend/InvenTree/InvenTree/views.py
+++ b/src/backend/InvenTree/InvenTree/views.py
@@ -12,6 +12,12 @@ def auth_request(request):

    Useful for (for example) redirecting authentication requests through django's permission framework.
    """
-    if request.user and request.user.is_authenticated:
-        return HttpResponse(status=200)
-    return HttpResponse(status=403)
+    if not request.user or not request.user.is_authenticated:
+        return HttpResponse(status=403)
+
+    if not request.user.is_active:
+        # Reject requests from inactive users
+        return HttpResponse(status=403)
+
+    # User is authenticated and active
+    return HttpResponse(status=200)
--- a/src/backend/requirements-dev.txt
+++ b/src/backend/requirements-dev.txt
@@ -382,9 +382,9 @@ distlib==0.4.0 \
    --hash=sha256:9659f7d87e46584a30b5780e43ac7a2143098441670ff0a49d5f9034c54a6c16 \
    --hash=sha256:feec40075be03a04501a973d81f633735b4b69f98b05450592310c0f401a4e0d
    # via virtualenv
-django==4.2.25 \
-    --hash=sha256:2391ab3d78191caaae2c963c19fd70b99e9751008da22a0adcc667c5a4f8d311 \
-    --hash=sha256:9584cf26b174b35620e53c2558b09d7eb180a655a3470474f513ff9acb494f8c
+django==4.2.26 \
+    --hash=sha256:9398e487bcb55e3f142cb56d19fbd9a83e15bb03a97edc31f408361ee76d9d7a \
+    --hash=sha256:c96e64fc3c359d051a6306871bd26243db1bd02317472a62ffdbe6c3cae14280
    # via
    #   -c src/backend/requirements.txt
    #   django-slowtests
--- a/src/backend/requirements.txt
+++ b/src/backend/requirements.txt
@@ -486,9 +486,9 @@ defusedxml==0.7.1 \
    --hash=sha256:1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69 \
    --hash=sha256:a352e7e428770286cc899e2542b6cdaedb2b4953ff269a210103ec58f6198a61
    # via python3-openid
-django==4.2.25 \
-    --hash=sha256:2391ab3d78191caaae2c963c19fd70b99e9751008da22a0adcc667c5a4f8d311 \
-    --hash=sha256:9584cf26b174b35620e53c2558b09d7eb180a655a3470474f513ff9acb494f8c
+django==4.2.26 \
+    --hash=sha256:9398e487bcb55e3f142cb56d19fbd9a83e15bb03a97edc31f408361ee76d9d7a \
+    --hash=sha256:c96e64fc3c359d051a6306871bd26243db1bd02317472a62ffdbe6c3cae14280
    # via
    #   -r src/backend/requirements.in
    #   django-allauth
Author	SHA1	Message	Date
github-actions[bot]	89287d56ff	chore(deps): bump django from 4.2.25 to 4.2.26 in /src/backend (#10781 ) (#10790 ) * chore(deps): bump django from 4.2.25 to 4.2.26 in /src/backend Bumps [django](https://github.com/django/django) from 4.2.25 to 4.2.26. - [Commits](https://github.com/django/django/compare/4.2.25...4.2.26) --- updated-dependencies: - dependency-name: django dependency-version: 4.2.26 dependency-type: direct:production ... * fix style * also bump docker version --------- (cherry picked from commit `726e852b7b`) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Matthias Mair <code@mjmair.com>	2025-11-08 22:10:19 +01:00
Oliver	1885caa744	Bump InvenTree software version to 1.1.3 (#10762 )	2025-11-04 11:00:09 +11:00
github-actions[bot]	7e2480c4a2	Auth Improvements (#10752 ) (#10761 ) * Return more detail in MFA failure response * Reject auth requests for users who are inactive * Move markdown config out of settings.py (cherry picked from commit `901846272b`) Co-authored-by: Oliver <oliver.henry.walters@gmail.com>	2025-11-04 10:13:48 +11:00
github-actions[bot]	fd4375357f	code (#10751 ) (#10753 ) (cherry picked from commit `39f0054cd5`) Co-authored-by: Lê Hoàng Nam <lehoangnam040@gmail.com>	2025-11-04 07:28:09 +11:00
Oliver	77bc7fd4af	Bump InvenTree software version to 1.1.2 (#10747 )	2025-11-03 12:35:32 +11:00
Oliver	d3a58ea2b1	Bump InvenTree software version to 1.1.1 (#10745 )	2025-11-03 11:14:42 +11:00
github-actions[bot]	555455a9d1	fix: typo ins installer stops script from working (#10744 ) (#10746 ) (cherry picked from commit `e1bf67b32c`) Co-authored-by: Matthias Mair <code@mjmair.com>	2025-11-03 00:43:11 +01:00
github-actions[bot]	e834ea8aa7	Docs fix (#10738 ) (#10739 ) * Fix heading in helpers.md * Helper func docs (cherry picked from commit `46615e447b`) Co-authored-by: Oliver <oliver.henry.walters@gmail.com>	2025-11-03 10:30:08 +11:00
github-actions[bot]	e23e3730b2	fix uv (#10742 ) (#10743 ) https://github.com/inventree/InvenTree/security/dependabot/248 (cherry picked from commit `d7daf660ef`) Co-authored-by: Matthias Mair <code@mjmair.com>	2025-11-03 10:24:45 +11:00