🔖(major) release 3.0.0

Added:
- 📄(legal) Require contributors to sign a DCO

Changed:
- ♻️(frontend) Integrate UI kit
- 🏗️(y-provider) manage auth in y-provider app

Fixed:
- 🐛(backend) compute ancestor_links in get_abilities
  if needed
- 🔒️(back) restrict access to document accesses

UPGRADE.md

@@ -16,6 +16,18 @@ the following command inside your docker container:
 
 ## [Unreleased]
 
+## [3.0.0] - 2025-03-28
+
+We are not using the nginx auth request anymore to access the collaboration server (`yProvider`)
+The authentication is now managed directly from the yProvider server. 
+You must remove the annotation `nginx.ingress.kubernetes.io/auth-url` from the `ingressCollaborationWS`.
+
+This means as well that the yProvider server must be able to access the Django server.
+To do so, you must set the `COLLABORATION_BACKEND_BASE_URL` environment variable to the `yProvider`
+service.
+
+## [2.2.0] - 2025-02-10
+
 - AI features are now limited to users who are authenticated. Before this release, even anonymous
   users who gained editor access on a document with link reach used to get AI feature.
   IF you want anonymous users to keep access on AI features, you must now define the