Anthony LC
95d3a8cd18
✏️ (project) automatic typo correction
...
Fix typos in the project.
2025-05-13 16:00:43 +02:00
renovate[bot]
5848f43cb4
⬆️ (dependencies) update python dependencies ( #956 )
2025-05-12 14:29:04 +00:00
Manuel Raynaud
4b0fd223c8
🐛 (back) override AI feature flag in config test
...
The env.d/development/common file sets
AI_FEATURE_ENABLED=true.
When pytest starts it imports these variables, so
the /api/v1.0/config endpoint returns
AI_FEATURE_ENABLED=True and the test_api_config
assertion fails.
Explicitly overriding AI_FEATURE_ENABLED=False in
test_api_config restores the expected behaviour
and makes the whole test-suite green.
Signed-off-by: ReinforcedKnowledge <reinforced.knowledge@gmail.com >
2025-05-12 15:56:30 +02:00
Manuel Raynaud
31d0733851
🔧 (back) configure cache key prefix
...
We want to change the cache key prefix using an environment variable.
This settings can be changed at every deployment in order to reset to
use a fresh new cache.
2025-05-12 15:56:29 +02:00
Manuel Raynaud
76c28760dc
🔥 (back) remove footer endpoint
...
With the configuration file, the footer endpoint can be removed and will
not be used anymore by the front application.
2025-05-12 15:56:29 +02:00
Manuel Raynaud
d856abb5d8
✨ (back) allow theme customnization using a configuration file
...
We want to customize the theme by using a configuration file. This
configuration file path can be defined using the settings
THEME_CUSTOMIZATION_FILE_PATH. If this file does not exists or is an
invalid json, an empty json object will be added in the config endpoint.
2025-05-12 15:56:26 +02:00
Manuel Raynaud
25abd964de
✨ (backend) manage uploaded file status and call to malware detection
...
In the attachment_upload method, the status in the file metadata to
processing and the malware_detection backend is called. We check in the
media_auth if the status is ready in order to accept the request.
2025-05-12 15:14:09 +02:00
Manuel Raynaud
a070e1dd87
✨ (backend) configure lasuite.malware_detection module
...
We want to use the malware_detection module from lasuite library. We add
a new setting MALWARE_DETECTION to configure the backend we want to use.
The callback is also added. It removes the file if it is not safe or
change it's status in the metadata to set it as ready.
2025-05-12 15:13:33 +02:00
Manuel Raynaud
37d9ae8cca
✨ (backend) force loading celery shared task in libraries
...
Library we are using can have celery shared task. We have to make some
modification to load them earlier when the celery app is configure and
when the impress app is loaded.
2025-05-12 15:13:32 +02:00
renovate[bot]
41e4c45934
⬆️ (dependencies) update django to v5.1.9 [SECURITY] ( #953 )
2025-05-09 16:26:57 +02:00
Anthony LC
6be87ed477
🔖 (patch) release 3.2.1
...
Fixed:
- 🐛 (frontend) fix list copy paste
2025-05-07 10:27:39 +02:00
renovate[bot]
2691cdd4a2
⬆️ (dependencies) update python dependencies ( #934 )
2025-05-06 09:35:31 +00:00
Anthony LC
74165f6890
🔖 (minor) release 3.2.0
...
Added:
- 🚸 (backend) make document search on title
accent-insensitive
- 🚩 add homepage feature flag
- ✨ (settings) Allow configuring PKCE for the SSO
- 🌐 (i18n) activate chinese and spanish languages
- 🔧 (backend) allow overwriting the data directory
- ➕ (backend) add `django-lasuite` dependency
(breaking change)
- ✨ (frontend) advanced table features
Changed:
- ⚡ ️(frontend) reduce unblocking time for config
- ♻️ (frontend) bind UI with ability access
- ♻️ (frontend) use built-in Quote block
Fixed:
- 🐛 (nginx) fix 404 when accessing a doc
- 🔒 ️(drf) disable browsable HTML API renderer
- 🔒 (frontend) enhance file download security
- 🐛 (backend) race condition create doc
- 🐛 (frontend) fix breaklines in custom blocks
2025-05-06 09:33:42 +02:00
Anthony LC
12ef1a2450
🚩 (backend) default enable FRONTEND_HOMEPAGE_FEATURE_ENABLED
...
We decided to enable the FRONTEND_HOMEPAGE_FEATURE_ENABLED
feature flag by default.
It will not be a breaking change like that.
2025-05-05 11:54:26 +02:00
Anthony LC
9b2f7966f6
🌐 (i18n) update translated strings
...
Update translated files with new translations
2025-05-05 11:17:58 +02:00
Anthony LC
5ad30b404d
🌐 (i18n) add PO of new languages
...
New languages were added to Crowdin.
We import the new translations from Crowdin
to version them in the repository.
2025-05-02 16:25:50 +02:00
Anthony LC
12524f35b7
🌐 (i18n) remove chinese language
...
We're going to make languages configurable
per instance, but until we manage that, we're going
to remove Chinese from the default language list.
- Remove the chinese language from the default language
list.
- Change Spanish to Español
2025-05-02 16:25:50 +02:00
Manuel Raynaud
7f0eb9117e
🔒 ️(drf) disable browsable HTML API renderer ( #919 )
...
The `BrowsableAPIRenderer` generates a form to test POST/PUT/... actions
and fill the FK fields with unfiltered data. This issue has been spoted
on visio and fixed suitenumerique/meet#508
2025-04-30 16:23:26 +02:00
Quentin BEY
2557c6bc77
➕ (backend) add django-lasuite dependency
...
Use the OIDC backend from the new library and add settings to setup OIDC
token storage required for later calls to OIDC Resource Servers.
2025-04-29 13:15:43 +02:00
Martin Weinelt
96f6aeea60
🔧 (backend) Allow overwriting the data directory ( #893 )
...
## Purpose
Deployments that don't rely on Docker should be given the option to use
a different data directory.
## Proposal
Allow customization of the `DATA_DIR` through an environment variable of
the same name.
If the environment variable is not set the behaviour remains the same as
before.
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de >
2025-04-28 15:41:28 +00:00
virgile-dev
98f11ff8ac
🌐 (i18n) add spanish and chinese ( #884 )
...
All the spanish and chinese translations are complete on crowdin. We
activate it in django settings and download all translations from
crowdin
Signed-off-by: virgile-deville <virgile.deville@beta.gouv.fr >
2025-04-28 12:36:34 +00:00
renovate[bot]
b29daa2d77
⬆️ (dependencies) update python dependencies ( #847 )
...
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [boto3](https://redirect.github.com/boto/boto3 ) | `==1.37.24` ->
`==1.37.33` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
| [celery](https://docs.celeryq.dev/ )
([source](https://redirect.github.com/celery/celery ),
[changelog](https://docs.celeryq.dev/en/stable/changelog.html )) |
`==5.5.0` -> `==5.5.1` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
| [django](https://redirect.github.com/django/django )
([changelog](https://docs.djangoproject.com/en/stable/releases/ )) |
`==5.1.8` -> `==5.2` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
|
[django-extensions](https://redirect.github.com/django-extensions/django-extensions )
([changelog](https://redirect.github.com/django-extensions/django-extensions/blob/main/CHANGELOG.md ))
| `==3.2.3` -> `==4.1` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
|
[django-storages](https://redirect.github.com/jschneier/django-storages )
([changelog](https://redirect.github.com/jschneier/django-storages/blob/master/CHANGELOG.rst ))
| `==1.14.5` -> `==1.14.6` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
|
[drf-spectacular-sidecar](https://redirect.github.com/tfranzel/drf-spectacular-sidecar )
| `==2025.3.1` -> `==2025.4.1` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
| [ipython](https://redirect.github.com/ipython/ipython ) | `==9.0.2` ->
`==9.1.0` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
| [lxml](https://lxml.de/ )
([source](https://redirect.github.com/lxml/lxml ),
[changelog](https://git.launchpad.net/lxml/plain/CHANGES.txt )) |
`==5.3.1` -> `==5.3.2` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
| [markdown](https://redirect.github.com/Python-Markdown/markdown )
([changelog](https://python-markdown.github.io/changelog/ )) | `==3.7` ->
`==3.8` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
| [openai](https://redirect.github.com/openai/openai-python ) |
`==1.70.0` -> `==1.73.0` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
| [pycrdt](https://redirect.github.com/jupyter-server/pycrdt ) |
`==0.12.10` -> `==0.12.12` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
| [pytest-cov](https://redirect.github.com/pytest-dev/pytest-cov )
([changelog](https://pytest-cov.readthedocs.io/en/latest/changelog.html ))
| `==6.0.0` -> `==6.1.1` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
| [pytest-django](https://redirect.github.com/pytest-dev/pytest-django )
([changelog](https://pytest-django.readthedocs.io/en/latest/changelog.html ))
| `==4.10.0` -> `==4.11.1` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
| [ruff](https://docs.astral.sh/ruff )
([source](https://redirect.github.com/astral-sh/ruff ),
[changelog](https://redirect.github.com/astral-sh/ruff/blob/main/CHANGELOG.md ))
| `==0.11.2` -> `==0.11.5` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
| [sentry-sdk](https://redirect.github.com/getsentry/sentry-python )
([changelog](https://redirect.github.com/getsentry/sentry-python/blob/master/CHANGELOG.md ))
| `==2.25.0` -> `==2.25.1` |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
---
### Release Notes
<details>
<summary>boto/boto3 (boto3)</summary>
###
[`v1.37.33`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13733 )
[Compare
Source](https://redirect.github.com/boto/boto3/compare/1.37.32...1.37.33 )
\=======
- api-change:`connect-contact-lens`: \[`botocore`] Making sentiment
optional for ListRealtimeContactAnalysisSegments Response depending on
conversational analytics configuration
- api-change:`datazone`: \[`botocore`] Raise hard limit of authorized
principals per SubscriptionTarget from 10 to 20.
- api-change:`detective`: \[`botocore`] Add support for Detective
DualStack endpoints
- api-change:`dynamodb`: \[`botocore`] Doc only update for API
descriptions.
- api-change:`marketplace-entitlement`: \[`botocore`] Add support for
Marketplace Entitlement Service dual-stack endpoints for CN and GOV
regions
- api-change:`meteringmarketplace`: \[`botocore`] Add support for
Marketplace Metering Service dual-stack endpoints for CN regions
- api-change:`pcs`: \[`botocore`] Changed the minimum length of
clusterIdentifier, computeNodeGroupIdentifier, and queueIdentifier to 3.
- api-change:`verifiedpermissions`: \[`botocore`] Adds deletion
protection support to policy stores. Deletion protection is disabled by
default, can be enabled via the CreatePolicyStore or UpdatePolicyStore
APIs, and is visible in GetPolicyStore.
- bugfix:`download_fileobj`: Fileobj provided in append mode will no
longer allow concurrent writes to preserve data integrity.
###
[`v1.37.32`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13732 )
[Compare
Source](https://redirect.github.com/boto/boto3/compare/1.37.31...1.37.32 )
\=======
- api-change:`application-autoscaling`: \[`botocore`] Application Auto
Scaling now supports horizontal scaling for Elasticache Memcached
self-designed clusters using target tracking scaling policies and
scheduled scaling.
- api-change:`elasticache`: \[`botocore`] AWS ElastiCache SDK now
supports using MemcachedUpgradeConfig parameter with ModifyCacheCluster
API to enable updating Memcached cache node types. Please refer to
updated AWS ElastiCache public documentation for detailed information on
API usage and implementation.
- api-change:`m2`: \[`botocore`] Introduce three new APIs:
CreateDataSetExportTask, GetDataSetExportTask and
ListDataSetExportHistory. Add support for batch restart for Blu Age
applications.
- api-change:`medialive`: \[`botocore`] AWS Elemental MediaLive /
Features : Add support for CMAF Ingest CaptionLanguageMappings,
TimedMetadataId3 settings, and Link InputResolution.
- api-change:`qbusiness`: \[`botocore`] Adds functionality to
enable/disable a new Q Business Hallucination Reduction feature. If
enabled, Q Business will detect and attempt to remove Hallucinations
from certain Chat requests.
- api-change:`quicksight`: \[`botocore`] Add support to analysis and
sheet level highlighting in QuickSight.
###
[`v1.37.31`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13731 )
[Compare
Source](https://redirect.github.com/boto/boto3/compare/1.37.30...1.37.31 )
\=======
- api-change:`controlcatalog`: \[`botocore`] The GetControl API now
surfaces a control's Severity, CreateTime, and Identifier for a
control's Implementation. The ListControls API now surfaces a control's
Behavior, Severity, CreateTime, and Identifier for a control's
Implementation.
- api-change:`dynamodb`: \[`botocore`] Documentation update for
secondary indexes and Create_Table.
- api-change:`glue`: \[`botocore`] The TableOptimizer APIs in AWS Glue
now return the DpuHours field in each TableOptimizerRun, providing
clients visibility to the DPU-hours used for billing in managed Apache
Iceberg table compaction optimization.
- api-change:`groundstation`: \[`botocore`] Support tagging Agents and
adjust input field validations
- api-change:`transfer`: \[`botocore`] This launch includes 2
enhancements to SFTP connectors user-experience: 1) Customers can
self-serve concurrent connections setting for their connectors, and 2)
Customers can discover the public host key of remote servers using their
SFTP connectors.
###
[`v1.37.30`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13730 )
[Compare
Source](https://redirect.github.com/boto/boto3/compare/1.37.29...1.37.30 )
\=======
- api-change:`bedrock-runtime`: \[`botocore`] This release introduces
our latest bedrock runtime API, InvokeModelWithBidirectionalStream. The
API supports both input and output streams and is supported by only
HTTP2.0.
- api-change:`ce`: \[`botocore`] This release supports Pagination traits
on Cost Anomaly Detection APIs.
- api-change:`cost-optimization-hub`: \[`botocore`] This release adds
resource type "MemoryDbReservedInstances" and resource type
"DynamoDbReservedCapacity" to the GetRecommendation,
ListRecommendations, and ListRecommendationSummaries APIs to support new
MemoryDB and DynamoDB RI recommendations.
- api-change:`iotfleetwise`: \[`botocore`] This release adds the option
to update the strategy of state templates already associated to a
vehicle, without the need to remove and re-add them.
- api-change:`securityhub`: \[`botocore`] Documentation updates for AWS
Security Hub.
- api-change:`storagegateway`: \[`botocore`] Added new
ActiveDirectoryStatus value, ListCacheReports paginator, and support for
longer pagination tokens.
- api-change:`taxsettings`: \[`botocore`] Uzbekistan Launch on
TaxSettings Page
###
[`v1.37.29`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13729 )
[Compare
Source](https://redirect.github.com/boto/boto3/compare/1.37.28...1.37.29 )
\=======
- api-change:`bedrock`: \[`botocore`] New options for how to handle
harmful content detected by Amazon Bedrock Guardrails.
- api-change:`bedrock-runtime`: \[`botocore`] New options for how to
handle harmful content detected by Amazon Bedrock Guardrails.
- api-change:`codebuild`: \[`botocore`] AWS CodeBuild now offers an
enhanced debugging experience.
- api-change:`glue`: \[`botocore`] Add input validations for multiple
Glue APIs
- api-change:`medialive`: \[`botocore`] AWS Elemental MediaLive now
supports SDI inputs to MediaLive Anywhere Channels in workflows that use
AWS SDKs.
- api-change:`personalize`: \[`botocore`] Add support for eventsConfig
for CreateSolution, UpdateSolution, DescribeSolution,
DescribeSolutionVersion. Add support for GetSolutionMetrics to return
weighted NDCG metrics when eventsConfig is enabled for the solution.
- api-change:`transfer`: \[`botocore`] This launch enables customers to
manage contents of their remote directories, by deleting old files or
moving files to archive folders in remote servers once they have been
retrieved. Customers will be able to automate the process using
event-driven architecture.
###
[`v1.37.28`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13728 )
[Compare
Source](https://redirect.github.com/boto/boto3/compare/1.37.27...1.37.28 )
\=======
- api-change:`ds-data`: \[`botocore`] Doc only update - fixed broken
links.
- api-change:`ec2`: \[`botocore`] Doc-only updates for Amazon EC2
- api-change:`events`: \[`botocore`] Amazon EventBridge adds support for
customer-managed keys on Archives and validations for two fields:
eventSourceArn and kmsKeyIdentifier.
- api-change:`s3control`: \[`botocore`] Updated max size of Prefixes
parameter of Scope data type.
###
[`v1.37.27`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13727 )
[Compare
Source](https://redirect.github.com/boto/boto3/compare/1.37.26...1.37.27 )
\=======
- api-change:`bedrock-agent`: \[`botocore`] Added optional
"customMetadataField" for Amazon Aurora knowledge bases, allowing
single-column metadata. Also added optional "textIndexName" for MongoDB
Atlas knowledge bases, enabling hybrid search support.
- api-change:`chime-sdk-voice`: \[`botocore`] Added FOC date as an
attribute of PhoneNumberOrder, added AccessDeniedException as a possible
return type of ValidateE911Address
- api-change:`mailmanager`: \[`botocore`] Add support for Dual_Stack and
PrivateLink types of IngressPoint. For configuration requests, SES Mail
Manager will now accept both IPv4/IPv6 dual-stack endpoints and AWS
PrivateLink VPC endpoints for email receiving.
- api-change:`opensearch`: \[`botocore`] Improve descriptions for
various API commands and data types.
- api-change:`route53`: \[`botocore`] Added us-gov-east-1 and
us-gov-west-1 as valid Latency Based Routing regions for
change-resource-record-sets.
- api-change:`sagemaker`: \[`botocore`] Adds support for i3en, m7i, r7i
instance types for SageMaker Hyperpod
- api-change:`sesv2`: \[`botocore`] This release enables customers to
provide attachments in the SESv2 SendEmail and SendBulkEmail APIs.
- api-change:`transcribe`: \[`botocore`] This Feature Adds Support for
the "zh-HK" Locale for Batch Operations
- enhancement:Eventstream: \[`botocore`] The event streams maximum
payload size is now required to be 24Mb or less.
###
[`v1.37.26`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13726 )
[Compare
Source](https://redirect.github.com/boto/boto3/compare/1.37.25...1.37.26 )
\=======
- api-change:`application-signals`: \[`botocore`] Application Signals
now supports creating Service Level Objectives on service dependencies.
Users can now create or update SLOs on discovered service dependencies
to monitor their standard application metrics.
- api-change:`codebuild`: \[`botocore`] This release adds support for
environment type WINDOWS_SERVER\_2022\_CONTAINER in ProjectEnvironment
- api-change:`ecr`: \[`botocore`] Fix for customer issues related to AWS
account ID and size limitation for token.
- api-change:`ecs`: \[`botocore`] This is an Amazon ECS documentation
only update to address various tickets.
- api-change:`lexv2-models`: \[`botocore`] Release feature of
errorlogging for lex bot, customer can config this feature in bot
version to generate log for error exception which helps debug
- api-change:`medialive`: \[`botocore`] Added support for SMPTE 2110
inputs when running a channel in a MediaLive Anywhere cluster. This
feature enables ingestion of SMPTE 2110-compliant video, audio, and
ancillary streams by reading SDP files that AWS Elemental MediaLive can
retrieve from a network source.
###
[`v1.37.25`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13725 )
[Compare
Source](https://redirect.github.com/boto/boto3/compare/1.37.24...1.37.25 )
\=======
- api-change:`cleanrooms`: \[`botocore`] This release adds support for
updating the analytics engine of a collaboration.
- api-change:`sagemaker`: \[`botocore`] Added tagging support for
SageMaker notebook instance lifecycle configurations
</details>
<details>
<summary>celery/celery (celery)</summary>
###
[`v5.5.1`](https://redirect.github.com/celery/celery/blob/HEAD/Changelog.rst#551 )
[Compare
Source](https://redirect.github.com/celery/celery/compare/v5.5.0...v5.5.1 )
\=====
:release-date: 2025-04-08
:release-by: Tomer Nosrati
What's Changed
```
- Fixed "AttributeError: list object has no attribute strip" with quorum queues and failover brokers (#​9657)
- Prepare for release: v5.5.1 (#​9660)
.. _version-5.5.0:
```
</details>
<details>
<summary>django/django (django)</summary>
###
[`v5.2`](https://redirect.github.com/django/django/compare/5.1.8...5.2 )
[Compare
Source](https://redirect.github.com/django/django/compare/5.1.8...5.2 )
</details>
<details>
<summary>django-extensions/django-extensions
(django-extensions)</summary>
###
[`v4.1`](https://redirect.github.com/django-extensions/django-extensions/blob/HEAD/CHANGELOG.md#41 )
[Compare
Source](https://redirect.github.com/django-extensions/django-extensions/compare/4.0...4.1 )
Changes:
- Add: show_permissions command
([#​1920](https://redirect.github.com/django-extensions/django-extensions/issues/1920 ))
- Improvement: graph_models, style per app
([#​1848](https://redirect.github.com/django-extensions/django-extensions/issues/1848 ))
- Fix: JSONField, bulk_update's
([#​1924](https://redirect.github.com/django-extensions/django-extensions/issues/1924 ))
###
[`v4.0`](https://redirect.github.com/django-extensions/django-extensions/blob/HEAD/CHANGELOG.md#40 )
[Compare
Source](https://redirect.github.com/django-extensions/django-extensions/compare/3.2.3...4.0 )
Changes:
- Improvement: Support for Python 3.12 and 3.13
- Improvement: Support for Django 5.x
- Improvement: Switch from setup.{cfg,py} to pyproject.toml
- Improvement: graph_models, Add option to display field choices in
graph_models
([#​1854](https://redirect.github.com/django-extensions/django-extensions/issues/1854 ))
- Improvement: graph_models, Add webp support
([#​1857](https://redirect.github.com/django-extensions/django-extensions/issues/1857 ))
- Improvement: graph_models, Support for ordering edges on
pydot/dot/graphviz
([#​1914](https://redirect.github.com/django-extensions/django-extensions/issues/1914 ))
- Improvement: mail_debug, Update mail_debug command to use aiosmtpd
([#​1880](https://redirect.github.com/django-extensions/django-extensions/issues/1880 ))
- Improvement: shell_plus, Improve error message for missing import
([#​1898](https://redirect.github.com/django-extensions/django-extensions/issues/1898 ))
- Improvement: reset_db, Add reset_db support for django_tenants
([#​1855](https://redirect.github.com/django-extensions/django-extensions/issues/1855 ))
- Improvement: docs, various improvements
([#​1852](https://redirect.github.com/django-extensions/django-extensions/issues/1852 ),
[#​1888](https://redirect.github.com/django-extensions/django-extensions/issues/1888 ),
[#​1882](https://redirect.github.com/django-extensions/django-extensions/issues/1882 ),
[#​1901](https://redirect.github.com/django-extensions/django-extensions/issues/1901 ),
[#​1912](https://redirect.github.com/django-extensions/django-extensions/issues/1912 ),
[#​1913](https://redirect.github.com/django-extensions/django-extensions/issues/1913 ))
- Improvement: jobs, Handle non-package modules when looking for job
definitions
([#​1887](https://redirect.github.com/django-extensions/django-extensions/issues/1887 ))
- Improvement: Add django-prometheus DB backends support
([#​1800](https://redirect.github.com/django-extensions/django-extensions/issues/1800 ))
- Improvement: Call post_command when the command raises an unhandled
exception
([#​1837](https://redirect.github.com/django-extensions/django-extensions/issues/1837 ))
- Fix: sqldiff, do not consider ('serial', 'integer') nor ('bigserial',
'bigint') as a `field-type-differ`
([#​1867](https://redirect.github.com/django-extensions/django-extensions/issues/1867 ))
- Fix: shell_plus, Fix start up order and add history
([#​1869](https://redirect.github.com/django-extensions/django-extensions/issues/1869 ))
- Remove pipchecker and associated tests
([#​1906](https://redirect.github.com/django-extensions/django-extensions/issues/1906 ))
- Following Django's release numbering style more closely (see
https://docs.djangoproject.com/en/5.2/internals/release-process/ )
</details>
<details>
<summary>jschneier/django-storages (django-storages)</summary>
###
[`v1.14.6`](https://redirect.github.com/jschneier/django-storages/compare/1.14.5...1.14.6 )
[Compare
Source](https://redirect.github.com/jschneier/django-storages/compare/1.14.5...1.14.6 )
</details>
<details>
<summary>tfranzel/drf-spectacular-sidecar
(drf-spectacular-sidecar)</summary>
###
[`v2025.4.1`](https://redirect.github.com/tfranzel/drf-spectacular-sidecar/compare/2025.3.1...2025.4.1 )
[Compare
Source](https://redirect.github.com/tfranzel/drf-spectacular-sidecar/compare/2025.3.1...2025.4.1 )
</details>
<details>
<summary>ipython/ipython (ipython)</summary>
###
[`v9.1.0`](https://redirect.github.com/ipython/ipython/compare/9.0.2...9.1.0 )
[Compare
Source](https://redirect.github.com/ipython/ipython/compare/9.0.2...9.1.0 )
</details>
<details>
<summary>lxml/lxml (lxml)</summary>
###
[`v5.3.2`](https://redirect.github.com/lxml/lxml/blob/HEAD/CHANGES.txt#532-2025-04-05 )
[Compare
Source](https://redirect.github.com/lxml/lxml/compare/lxml-5.3.1...lxml-5.3.2 )
\==================
This release resolves CVE-2025-24928 as described in
https://gitlab.gnome.org/GNOME/libxml2/-/issues/847
## Bugs fixed
- Binary wheels use libxml2 2.12.10 and libxslt 1.1.42.
- Binary wheels for Windows use a patched libxml2 2.11.9 and libxslt
1.1.39.
</details>
<details>
<summary>Python-Markdown/markdown (markdown)</summary>
###
[`v3.8`](https://redirect.github.com/Python-Markdown/markdown/releases/tag/3.8 )
[Compare
Source](https://redirect.github.com/Python-Markdown/markdown/compare/3.7...3.8 )
##### Changed
- DRY fix in `abbr` extension by introducing method `create_element`
([#​1483](https://redirect.github.com/Python-Markdown/markdown/issues/1483 )).
- Clean up test directory by removing some redundant tests and port
non-redundant cases to the newer test framework.
- Improved performance of the raw HTML post-processor
([#​1510](https://redirect.github.com/Python-Markdown/markdown/issues/1510 )).
##### Fixed
- Backslash Unescape IDs set via `attr_list` on `toc`
([#​1493](https://redirect.github.com/Python-Markdown/markdown/issues/1493 )).
- Ensure `md_in_html` processes content inside "markdown" blocks as they
are
parsed outside of "markdown" blocks to keep things more consistent for
third-party extensions
([#​1503](https://redirect.github.com/Python-Markdown/markdown/issues/1503 )).
- `md_in_html` handle tags within inline code blocks better
([#​1075](https://redirect.github.com/Python-Markdown/markdown/issues/1075 )).
- `md_in_html` fix handling of one-liner block HTML handling
([#​1074](https://redirect.github.com/Python-Markdown/markdown/issues/1074 )).
- Ensure `<center>` is treated like a block-level element
([#​1481](https://redirect.github.com/Python-Markdown/markdown/issues/1481 )).
- Ensure that `abbr` extension respects `AtomicString` and does not
process
perceived abbreviations in these strings
([#​1512](https://redirect.github.com/Python-Markdown/markdown/issues/1512 )).
- Ensure `smarty` extension correctly renders nested closing quotes
([#​1514](https://redirect.github.com/Python-Markdown/markdown/issues/1514 )).
</details>
<details>
<summary>openai/openai-python (openai)</summary>
###
[`v1.73.0`](https://redirect.github.com/openai/openai-python/blob/HEAD/CHANGELOG.md#1730-2025-04-12 )
[Compare
Source](https://redirect.github.com/openai/openai-python/compare/v1.72.0...v1.73.0 )
Full Changelog:
[v1.72.0...v1.73.0](https://redirect.github.com/openai/openai-python/compare/v1.72.0...v1.73.0 )
##### Features
- **api:** manual updates
([a3253dd](a3253dd798f79d39fbca28d220de3bhttps://redirect.github.com/openai/openai-python/issues/2295 ))
([0ae783b](0ae783b9912fb7d425cdhttps://redirect.github.com/openai/openai-python/issues/2291 ))
([e020759](e0207598d14e10c96a48https://redirect.github.com/openai/openai-python/blob/HEAD/CHANGELOG.md#1720-2025-04-08 )
[Compare
Source](https://redirect.github.com/openai/openai-python/compare/v1.71.0...v1.72.0 )
Full Changelog:
[v1.71.0...v1.72.0](https://redirect.github.com/openai/openai-python/compare/v1.71.0...v1.72.0 )
##### Features
- **api:** Add evalapi to sdk
([#​2287](https://redirect.github.com/openai/openai-python/issues/2287 ))
([35262fc](35262fcef6https://redirect.github.com/openai/openai-python/issues/2288 ))
([39defd6](39defd61e8https://redirect.github.com/openai/openai-python/issues/2289 ))
([e2c9bce](e2c9bce1f5https://redirect.github.com/openai/openai-python/issues/2284 ))
([746174f](746174fae7https://redirect.github.com/openai/openai-python/issues/2286 ))
([c9dd81c](c9dd81ce02https://redirect.github.com/openai/openai-python/blob/HEAD/CHANGELOG.md#1710-2025-04-07 )
[Compare
Source](https://redirect.github.com/openai/openai-python/compare/v1.70.0...v1.71.0 )
Full Changelog:
[v1.70.0...v1.71.0](https://redirect.github.com/openai/openai-python/compare/v1.70.0...v1.71.0 )
##### Features
- **api:** manual updates
([bf8b4b6](bf8b4b69903e37aa3e15dba9b656faf0c463b478https://redirect.github.com/openai/openai-python/issues/2281 ))
([19c619e](19c619ea95https://redirect.github.com/openai/openai-python/issues/2282 ))
([c3e0927](c3e0927d3fhttps://redirect.github.com/openai/openai-python/issues/2277 ))
([5a21a2d](5a21a2d79923f76eb0b9https://redirect.github.com/jupyter-server/pycrdt/blob/HEAD/CHANGELOG.md#01212 )
[Compare
Source](https://redirect.github.com/jupyter-server/pycrdt/compare/0.12.11...0.12.12 )
- Add doc and shared type `events()` async event iterator.
- Fix deadlock while getting root type from within transaction.
###
[`v0.12.11`](https://redirect.github.com/jupyter-server/pycrdt/blob/HEAD/CHANGELOG.md#01211 )
[Compare
Source](https://redirect.github.com/jupyter-server/pycrdt/compare/0.12.10...0.12.11 )
- Upgrade `pyo3` to v0.24.1.
</details>
<details>
<summary>pytest-dev/pytest-cov (pytest-cov)</summary>
###
[`v6.1.1`](https://redirect.github.com/pytest-dev/pytest-cov/blob/HEAD/CHANGELOG.rst#611-2025-04-05 )
[Compare
Source](https://redirect.github.com/pytest-dev/pytest-cov/compare/v6.1.0...v6.1.1 )
- Fixed breakage that occurs when `--cov-context` and the `no_cover`
marker are used together.
###
[`v6.1.0`](https://redirect.github.com/pytest-dev/pytest-cov/blob/HEAD/CHANGELOG.rst#610-2025-04-01 )
[Compare
Source](https://redirect.github.com/pytest-dev/pytest-cov/compare/v6.0.0...v6.1.0 )
- Change terminal output to use full width lines for the coverage
header.
Contributed by Tsvika Shapira in `#​678
<https://github.com/pytest-dev/pytest-cov/pull/678 >`\_.
- Removed unnecessary CovFailUnderWarning. Fixes `#​675
<https://github.com/pytest-dev/pytest-cov/issues/675 >`\_.
- Fixed the term report not using the precision specified via
`--cov-precision`.
</details>
<details>
<summary>pytest-dev/pytest-django (pytest-django)</summary>
###
[`v4.11.1`](https://redirect.github.com/pytest-dev/pytest-django/releases/tag/v4.11.1 )
[Compare
Source](https://redirect.github.com/pytest-dev/pytest-django/compare/v4.11.0...v4.11.1 )
https://github.com/pytest-dev/pytest-django/blob/main/docs/changelog.rst#v4111-2025-04-03
###
[`v4.11.0`](https://redirect.github.com/pytest-dev/pytest-django/releases/tag/v4.11.0 )
[Compare
Source](https://redirect.github.com/pytest-dev/pytest-django/compare/v4.10.0...v4.11.0 )
https://github.com/pytest-dev/pytest-django/blob/main/docs/changelog.rst#v4110-2025-04-01
</details>
<details>
<summary>astral-sh/ruff (ruff)</summary>
###
[`v0.11.5`](https://redirect.github.com/astral-sh/ruff/blob/HEAD/CHANGELOG.md#0115 )
[Compare
Source](https://redirect.github.com/astral-sh/ruff/compare/0.11.4...0.11.5 )
##### Preview features
- \[`airflow`] Add missing `AIR302` attribute check
([#​17115](https://redirect.github.com/astral-sh/ruff/pull/17115 ))
- \[`airflow`] Expand module path check to individual symbols (`AIR302`)
([#​17278](https://redirect.github.com/astral-sh/ruff/pull/17278 ))
- \[`airflow`] Extract `AIR312` from `AIR302` rules (`AIR302`, `AIR312`)
([#​17152](https://redirect.github.com/astral-sh/ruff/pull/17152 ))
- \[`airflow`] Update oudated `AIR301`, `AIR302` rules
([#​17123](https://redirect.github.com/astral-sh/ruff/pull/17123 ))
- \[syntax-errors] Async comprehension in sync comprehension
([#​17177](https://redirect.github.com/astral-sh/ruff/pull/17177 ))
- \[syntax-errors] Check annotations in annotated assignments
([#​17283](https://redirect.github.com/astral-sh/ruff/pull/17283 ))
- \[syntax-errors] Extend annotation checks to `await`
([#​17282](https://redirect.github.com/astral-sh/ruff/pull/17282 ))
##### Bug fixes
- \[`flake8-pie`] Avoid false positive for multiple assignment with
`auto()` (`PIE796`)
([#​17274](https://redirect.github.com/astral-sh/ruff/pull/17274 ))
##### Rule changes
- \[`ruff`] Fix `RUF100` to detect unused file-level `noqa` directives
with specific codes
([#​17042](https://redirect.github.com/astral-sh/ruff/issues/17042 ))
([#​17061](https://redirect.github.com/astral-sh/ruff/pull/17061 ))
- \[`flake8-pytest-style`] Avoid false positive for legacy form of
`pytest.raises` (`PT011`)
([#​17231](https://redirect.github.com/astral-sh/ruff/pull/17231 ))
##### Documentation
- Fix formatting of "See Style Guide" link
([#​17272](https://redirect.github.com/astral-sh/ruff/pull/17272 ))
###
[`v0.11.4`](https://redirect.github.com/astral-sh/ruff/blob/HEAD/CHANGELOG.md#0114 )
[Compare
Source](https://redirect.github.com/astral-sh/ruff/compare/0.11.3...0.11.4 )
##### Preview features
- \[`ruff`] Implement `invalid-rule-code` as `RUF102`
([#​17138](https://redirect.github.com/astral-sh/ruff/pull/17138 ))
- \[syntax-errors] Detect duplicate keys in `match` mapping patterns
([#​17129](https://redirect.github.com/astral-sh/ruff/pull/17129 ))
- \[syntax-errors] Detect duplicate attributes in `match` class patterns
([#​17186](https://redirect.github.com/astral-sh/ruff/pull/17186 ))
- \[syntax-errors] Detect invalid syntax in annotations
([#​17101](https://redirect.github.com/astral-sh/ruff/pull/17101 ))
##### Bug fixes
- \[syntax-errors] Fix multiple assignment error for class fields in
`match` patterns
([#​17184](https://redirect.github.com/astral-sh/ruff/pull/17184 ))
- Don't skip visiting non-tuple slice in `typing.Annotated` subscripts
([#​17201](https://redirect.github.com/astral-sh/ruff/pull/17201 ))
###
[`v0.11.3`](https://redirect.github.com/astral-sh/ruff/blob/HEAD/CHANGELOG.md#0113 )
[Compare
Source](https://redirect.github.com/astral-sh/ruff/compare/0.11.2...0.11.3 )
##### Preview features
- \[`airflow`] Add more autofixes for `AIR302`
([#​16876](https://redirect.github.com/astral-sh/ruff/pull/16876 ),
[#​16977](https://redirect.github.com/astral-sh/ruff/pull/16977 ),
[#​16976](https://redirect.github.com/astral-sh/ruff/pull/16976 ),
[#​16965](https://redirect.github.com/astral-sh/ruff/pull/16965 ))
- \[`airflow`] Move `AIR301` to `AIR002`
([#​16978](https://redirect.github.com/astral-sh/ruff/pull/16978 ))
- \[`airflow`] Move `AIR302` to `AIR301` and `AIR303` to `AIR302`
([#​17151](https://redirect.github.com/astral-sh/ruff/pull/17151 ))
- \[`flake8-bandit`] Mark `str` and `list[str]` literals as trusted
input (`S603`)
([#​17136](https://redirect.github.com/astral-sh/ruff/pull/17136 ))
- \[`ruff`] Support slices in `RUF005`
([#​17078](https://redirect.github.com/astral-sh/ruff/pull/17078 ))
- \[syntax-errors] Start detecting compile-time syntax errors
([#​16106](https://redirect.github.com/astral-sh/ruff/pull/16106 ))
- \[syntax-errors] Duplicate type parameter names
([#​16858](https://redirect.github.com/astral-sh/ruff/pull/16858 ))
- \[syntax-errors] Irrefutable `case` pattern before final case
([#​16905](https://redirect.github.com/astral-sh/ruff/pull/16905 ))
- \[syntax-errors] Multiple assignments in `case` pattern
([#​16957](https://redirect.github.com/astral-sh/ruff/pull/16957 ))
- \[syntax-errors] Single starred assignment target
([#​17024](https://redirect.github.com/astral-sh/ruff/pull/17024 ))
- \[syntax-errors] Starred expressions in `return`, `yield`, and `for`
([#​17134](https://redirect.github.com/astral-sh/ruff/pull/17134 ))
- \[syntax-errors] Store to or delete `__debug__`
([#​16984](https://redirect.github.com/astral-sh/ruff/pull/16984 ))
##### Bug fixes
- Error instead of `panic!` when running Ruff from a deleted directory
([#​16903](https://redirect.github.com/astral-sh/ruff/issues/16903 ))
([#​17054](https://redirect.github.com/astral-sh/ruff/pull/17054 ))
- \[syntax-errors] Fix false positive for parenthesized tuple index
([#​16948](https://redirect.github.com/astral-sh/ruff/pull/16948 ))
##### CLI
- Check `pyproject.toml` correctly when it is passed via stdin
([#​16971](https://redirect.github.com/astral-sh/ruff/pull/16971 ))
##### Configuration
- \[`flake8-import-conventions`] Add import `numpy.typing as npt` to
default `flake8-import-conventions.aliases`
([#​17133](https://redirect.github.com/astral-sh/ruff/pull/17133 ))
##### Documentation
- \[`refurb`] Document why `UserDict`, `UserList`, and `UserString` are
preferred over `dict`, `list`, and `str` (`FURB189`)
([#​16927](https://redirect.github.com/astral-sh/ruff/pull/16927 ))
</details>
<details>
<summary>getsentry/sentry-python (sentry-sdk)</summary>
###
[`v2.25.1`](https://redirect.github.com/getsentry/sentry-python/blob/HEAD/CHANGELOG.md#2251 )
[Compare
Source](https://redirect.github.com/getsentry/sentry-python/compare/2.25.0...2.25.1 )
##### Various fixes & improvements
- fix(logs): Add a class which batches groups of logs together.
([#​4229](https://redirect.github.com/getsentry/sentry-python/issues/4229 ))
by [@​colin-sentry](https://redirect.github.com/colin-sentry )
- fix(logs): Use repr instead of json for message and arguments
([#​4227](https://redirect.github.com/getsentry/sentry-python/issues/4227 ))
by [@​colin-sentry](https://redirect.github.com/colin-sentry )
- fix(logs): Debug output from Sentry logs should always be `debug`
level.
([#​4224](https://redirect.github.com/getsentry/sentry-python/issues/4224 ))
by [@​antonpirker](https://redirect.github.com/antonpirker )
- fix(ai): Do not consume anthropic streaming stop
([#​4232](https://redirect.github.com/getsentry/sentry-python/issues/4232 ))
by [@​colin-sentry](https://redirect.github.com/colin-sentry )
- fix(spotlight): Do not spam sentry_sdk.warnings logger w/ Spotlight
([#​4219](https://redirect.github.com/getsentry/sentry-python/issues/4219 ))
by [@​BYK](https://redirect.github.com/BYK )
- fix(docs): fixed code snippet
([#​4218](https://redirect.github.com/getsentry/sentry-python/issues/4218 ))
by [@​antonpirker](https://redirect.github.com/antonpirker )
- build(deps): bump actions/create-github-app-token from 1.11.7 to
1.12.0
([#​4214](https://redirect.github.com/getsentry/sentry-python/issues/4214 ))
by [@​dependabot](https://redirect.github.com/dependabot )
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "before 7am on monday" (UTC),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions ) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/ ).
View the [repository job
log](https://developer.mend.io/github/suitenumerique/docs ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMjcuMyIsInVwZGF0ZWRJblZlciI6IjM5LjIzOC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJub0NoYW5nZUxvZyJdfQ==-->
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Manuel Raynaud <manu@raynaud.io >
2025-04-28 14:05:52 +02:00
Tom Hubrecht
5cdbdbf215
✨ (settings) Allow configuring PKCE for the SSO ( #886 )
...
C.f.
https://mozilla-django-oidc.readthedocs.io/en/latest/settings.html#OIDC_USE_PKCE
## Purpose
Add pkce settings
## Proposal
Get the settings from the environment
Signed-off-by: Tom Hubrecht <github@mail.hubrecht.ovh >
2025-04-28 12:54:30 +02:00
Anthony LC
4307b4f433
🐛 (backend) race condition create doc
...
When 2 docs are created almost at the same time,
the second one will fail because the first one.
We get a unicity error on the path key already
used ("impress_document_path_key").
To fix this issue, we will lock the table the
time to create the document, the next query will
wait for the lock to be released.
2025-04-22 11:43:29 +02:00
Samuel Paccoud - DINUM
419079ac69
🚸 (backend) make document search on title accent-insensitive
...
This should work in both cases:
- search for "vélo" when the document title contains "velo"
- search for "velo" when the document title contains "vélo"
2025-04-17 20:28:14 +02:00
Anthony LC
67b69d05f7
🚩 (backend) add homepage feature flag
...
Add a homepage feature flag that we will
propagate to the frontend.
It will be used to enable or disable the
homepage at runtime.
2025-04-13 13:25:40 +02:00
Anthony LC
3d5adad227
🔖 (minor) release 3.1.0
...
Added:
- 🚩 (backend) add feature flag for the footer
- 🔧 (backend) add view to manage footer json
- ✨ (frontend) add custom css style
- 🚩 (frontend) conditionally render AI button only
when feature is enabled
Changed:
- 🚨 (frontend) block button when creating doc
Fixed:
- 🐛 (back) validate document content in serializer
- 🐛 (frontend) fix selection click
past end of content
2025-04-08 12:41:38 +02:00
Anthony LC
c11d59c434
🚩 (backend) add feature flag for the footer
...
We added the feature flag `FRONTEND_FOOTER_FEATURE_ENABLED`
to enable or disable the footer in the frontend.
2025-04-04 15:44:38 +02:00
Manuel Raynaud
8836109945
♻️ (back) reset cache after every test
...
We move the cache reset in the global conf test to not have to think
about reseting the cache when we implement test.
2025-04-04 15:44:38 +02:00
Anthony LC
ba136ff82f
🔧 (backend) add view to manage footer json
...
We added the `FRONTEND_URL_JSON_FOOTER` environment
variable. It will give the possibility to generate
your own footer content in the frontend.
If the variable is not set, the footer will not
be displayed.
2025-04-04 15:44:38 +02:00
renovate[bot]
8c42599d0f
⬆️ (dependencies) update django to v5.1.8 [SECURITY]
2025-04-03 10:28:12 +02:00
Manuel Raynaud
e8e9922832
➖ (back) remove url-normalize dependency
...
We have the dependency url-normalize installed but we don't use it in
our codebase.
2025-04-01 09:51:29 +02:00
renovate[bot]
2da4ce4570
⬆️ (dependencies) update python dependencies
2025-04-01 09:51:29 +02:00
Anthony LC
725cae5470
🔧 (backend) add FRONTEND_CSS_URL env var
...
We added the `FRONTEND_CSS_URL` environment
variable. It will give the possibility to add a
css layer at runtime.
2025-03-31 12:34:04 +02:00
Matthias
f2ed8e0ea1
🐛 (frontend) conditionally render AI button in toolbar
...
Added a feature flag check to ensure the AIGroupButton is only rendered
when AI_FEATURE_ENABLED is explicitly set to "true". This prevents the
AI button from appearing when the feature is not configured or disabled.
Fixes #782
Signed-off-by: Matthias <matthias@universum.com >
2025-03-31 11:04:00 +02:00
Manuel Raynaud
fbe8a26dba
🐛 (back) validate document content in serializer
...
We recently extract images url in the content. For this, we assume that
the document content is always in base64. We enforce this assumption by
checking if it's a valide base64 in the serializer.
2025-03-29 19:08:39 +01:00
Anthony LC
53be6de5f8
🔖 (major) release 3.0.0
...
Added:
- 📄 (legal) Require contributors to sign a DCO
Changed:
- ♻️ (frontend) Integrate UI kit
- 🏗️ (y-provider) manage auth in y-provider app
Fixed:
- 🐛 (backend) compute ancestor_links in get_abilities
if needed
- 🔒 ️(back) restrict access to document accesses
2025-03-28 15:32:08 +01:00
Manuel Raynaud
8bee476b5b
🔥 (back) remove collaboration-auth endpoint
...
We don't need anymore the collaboration-auth endpoint. Every code
related to it is removed.
2025-03-27 18:42:04 +01:00
Manuel Raynaud
a5b9169eb6
♻️ (back) replace Ypy by pycrdt
...
Ypy is deprecated and unmaintained. We have problem with parsing
existing documents. We replace it by pycrdt, library actively maintained
and without the issues we have with Ypy.
2025-03-27 18:27:04 +01:00
Manuel Raynaud
c0dfb4b6b3
♻️ (back) remove filtering on logging handler
...
Level filtering was used on the logging console handler. We remove as it
is not necessary to have it.
2025-03-27 18:27:04 +01:00
Manuel Raynaud
a4452784e1
🔒 ️(back) restrict accesss to document accesses
...
Every user having an access to a document, no matter its role have
access to the entire accesses list with all the user details. Only
owner or admin should be able to have the entire list, for the other
roles, they have access to the list containing only owner and
administrator with less information on the username. The email and its
id is removed
2025-03-26 10:40:53 +01:00
Quentin BEY
2929e98260
♻️ (documents) inherit manager from queryset
...
During a code review, I saw we are overriding the MP_NodeManager and
redefine the queryset filters:
- The MP_NodeManager sorts the queryset by `path` by default and it's
not done on our side, is it on purpose?
- The fact we need to redefine `readable_per_se` as a boilerplate is
surprising.
I suggest we use the Django mechanism to generate the manager from the
queryset.
2025-03-24 15:04:50 +01:00
Manuel Raynaud
a1914c6259
🐛 (backend) compute ancestor_links in get_abilities if needed
...
The refactor made in the tree view caching the ancestors_links to not
compute them again in the document.get_abilities method lead to a bug.
If the get_abilities method is called without ancestors_links, then they
are computed on all the ancestors but not from the highest readable
ancestor for the current user. We have to compute them with this
constraint.
2025-03-24 14:04:46 +01:00
Samuel Paccoud - DINUM
c882f1386c
♻️ (backend) remove lazy from languages field on User model
...
The idea behind wrapping choices in `lazy` function was to allow
overriding the list of languages in tests with `override_settings`.
This was causin makemigrations to keep on including the field in
migrations when it is not needed. Since we finally don't override
the LANGUAGES setting in tests, we can remove it to fix the problem.
2025-03-24 10:43:45 +01:00
Samuel Paccoud - DINUM
c02f19a2cd
✨ (backend) extract attachment keys from updated content for access
...
We can't prevent document editors from copy/pasting content to from one
document to another. The problem is that copying content, will copy the
urls pointing to attachments but if we don't do anything, the reader of
the document to which the content is being pasted, may not be allowed to
access the attachment files from the original document.
Using the work from the previous commit, we can grant access to the readers
of the target document by extracting the attachment keys from the content and
adding themto the target document's "attachments" field. Before doing this,
we check that the current user can indeed access the attachment files extracted
from the content and that they are allowed to edit the current document.
2025-03-24 10:43:45 +01:00
Samuel Paccoud - DINUM
34a208a80d
✨ (backend) add duplicate action to the document API endpoint
...
We took this opportunity to refactor the way access is controlled on
media attachments. We now add the media key to a list on the document
instance each time a media is uploaded to a document. This list is
passed along when a document is duplicated, allowing us to grant
access to readers on the new document, even if they don't have or
lost access to the original document.
We also propose an option to reproduce the same access rights on the
duplicate document as what was in place on the original document.
This can be requested by passing the "with_accesses=true" option in
the query string.
The tricky point is that we need to extract attachment keys from the
existing documents and set them on the new "attachments" field that is
now used to track access rights on media files.
2025-03-24 10:43:45 +01:00
Samuel Paccoud - DINUM
6976bb7c78
✅ (backend) fix migration test using model factory
...
Migration tests should not import and use factories or models
directly from the code because they would not be in sync with
the database in the state that each state needs to test it.
Instead the migrator object passed as argument allows us to
retrieve a minimal version of the models in sync with the state
of the database that we are testing. What we get is a minimal
model and we need to simulate all the methods that we could have
on the real model and that are needed for testing.
2025-03-24 10:43:45 +01:00
Samuel Paccoud - DINUM
621393165f
✅ (backend) add missing test on media-auth and collaboration-auth
...
These methods were involved in a bug that was fixed without first
evidencing the error in a test:
https://github.com/suitenumerique/docs/pull/556
Fixes https://github.com/suitenumerique/docs/issues/567
2025-03-24 10:43:45 +01:00
Samuel Paccoud - DINUM
3e9b530985
✅ (backend) add missing tests for collaboration auth
...
Tests were forgotten. While writing the tests, I fixed
a few edge cases like the possibility to connect to the
collaboration server for an anonymous user.
2025-03-24 10:43:45 +01:00
Samuel Paccoud - DINUM
54f9b3963e
♻️ (backend) refactor media_auth and collaboration_auth for flexibility
...
These 2 actions had factorized code but a few iterations lead to
spaghetti code where factorized code includes "if" clauses.
Refactor abstractions so that code factorization really works.
2025-03-24 10:43:45 +01:00
