Release Notes

This update provides important bug fixes and improvements.

Canvas Connect

Added a cleanup migration utility for existing orphaned Canvas Connect records (records with no linked PingPong group) so stale links from past deletions can be removed safely.

Fixed: When a PingPong group is deleted, associated linked Canvas Connect course records may remain and the PingPong navigation link in Canvas may become non-functional.
Fixed: LTI launch may reuse an unlinked LTI row from a different registration/client, which might apply stale registration metadata or cause valid institution choices to be rejected.

BaseVideoStore, S3VideoStore, and LocalVideoStore classes for upcoming features.

Schema Upgrade	Migration Script	Permissions Update	Task Definition Update	Configuration Update
YES	YES	No	No	YES

Schema Upgrade: Update lti_classes_class_id_fkey from ondelete="SET NULL" to ondelete="CASCADE".
Migration Script: Added a cleanup command for orphaned LTI class links: python -m pingpong db m06_cleanup_orphaned_lti_classes (supports --dry-run).
Configuration Update: Set up S3VideoStoreSettings or LocalVideoStoreSettings in video_store in Config object. Defaults to None, so no configuration update is immediately required.

feat: (Base/S3/Local)VideoStore class by @SamAnkam in #1351
fix(lti): removing a group doesn't clean up LTI class by @ekassos in #1385
deps(py): bump fastapi from 0.128.5 to 0.128.6 in the production-dependencies group by @dependabot[bot] in #1381
deps(web-dev): bump svelte from 5.50.0 to 5.50.1 in /web/pingpong in the development-dependencies group by @dependabot[bot] in #1380
deps(web): bump isomorphic-dompurify from 2.35.0 to 2.36.0 in /web/pingpong in the production-dependencies group by @dependabot[bot] in #1379
deps(py): bump cryptography from 46.0.4 to 46.0.5 by @dependabot[bot] in #1382

Full Changelog: 1007-srv515-web341...1013-srv519-web343