Horilla CRM v1.12.2 – Authentication Security, Activity Workflow & Platform Enhancement Release

Release Date: 19 June 2026
Version: 1.12.2
Status: Security Hardening, Mail System Enhancements, Activity Workflow Improvements & Platform Stability Release

---

Horilla CRM v1.12.2

Horilla CRM v1.12.2 focuses on strengthening platform security, improving mail reliability, enhancing activity workflow navigation, refining user experience, and increasing overall platform stability.

This release introduces login protection against brute-force attacks, forgot-password security improvements, mail content snapshot preservation, activity navigation fixes, forecast performance optimizations, sidebar improvements, attachment sanitization enhancements, and multiple UI consistency updates across the platform.

The result is a more secure, reliable, and maintainable CRM platform with improved workflow continuity and better user experience.

---

This release focuses on:

🔒 Security Hardening & Authentication Protection
📧 Mail System Reliability & Template Improvements
📅 Activity Workflow & Navigation Enhancements
⚡ Performance Optimization & Stability Improvements
🌍 Localization & Translation Updates
🎨 UI/UX Consistency Improvements
🏗️ Platform Architecture & Maintainability

---

The result is a more secure, stable, and user-friendly CRM platform.

---

Highlights

---

🔒 Security Hardening

Brute-Force Login Protection

Added protection against credential stuffing and repeated login attempts:

• Lock an IP address after multiple failed login attempts
• Automatic lockout duration enforcement
• Clear failed-attempt counters after successful authentication
• Audit logging for lockout events

Forgot Password Security Improvements

Improved password reset workflow security:

• Prevent user enumeration attacks
• Return consistent responses regardless of account existence
• Log suspicious password reset attempts internally
• Avoid exposing account information to external users

Attachment Sanitization Enhancements

Strengthened attachment handling:

• Sanitize attachment titles before saving
• Apply HTML allow-list sanitization to attachment descriptions
• Ensure consistent protection across forms, APIs, and admin actions

Mail Preview Security Improvements

Enhanced mail preview validation:

• Improved ownership verification checks
• Prevent unauthorized access to mail previews
• Reduce false-positive security warnings during preview rendering

---

📧 Mail & Notification Enhancements

Rendered Mail Snapshot Storage

Mail content is now preserved exactly as sent:

• Store rendered subject at send time
• Store rendered email body at send time
• Preserve recipient-specific template substitutions
• Ensure accurate future preview and audit history

Mail Template Management Improvements

Improved administration and usability:

• Fixed mail template permission handling
• Corrected edit and delete permission validation
• Improved row navigation behavior in template lists

Mail Preview Experience

• Improved preview rendering consistency
• Fixed context-related rendering issues
• Enhanced modal styling and spacing

---

📅 Activity Workflow Improvements

Improved Tab Navigation

Activity workflows now preserve context correctly:

• Maintain active tabs after creating activities
• Maintain active tabs after deleting activities
• Maintain active tabs after status updates
• Maintain active tabs after bulk actions

Activity List Reliability

• Fixed incorrect tab restoration behavior
• Improved tab-to-activity mapping
• Standardized reload behavior across activity modules

Email Activity Visibility

• Fixed ownership filtering issues that could hide valid email records
• Improved visibility behavior for users with ownership-based permissions

---

⚡ Performance & Stability Improvements

Forecast Performance Optimization

Reduced unnecessary database activity:

• Eliminated multiple N+1 query scenarios
• Added aggregation-based calculations
• Added caching for repeated fiscal-year checks
• Improved chart generation performance

Settings Reliability

Improved configuration loading:

• Ensure local settings load after app extensions
• Allow custom overrides to consistently take precedence

Requirements & Environment Setup

• Added PostgreSQL support through psycopg2-binary
• Simplified dependency management
• Reduced package version pinning conflicts

---

🌍 Internationalization & Localization

Translation Updates

Expanded and refreshed localization resources:

• Updated root translation catalogs across supported locales
• Added forecast translations for Arabic, German, and French
• Expanded booking and CRM translation coverage
• Improved translation consistency across modules

Forecast Localization

• Added localization support for newly introduced forecast labels
• Improved translation coverage in forecast workflows

---

🎨 User Experience Improvements

Sidebar & Navigation

Improved menu behavior and navigation accuracy:

• Fixed active-link detection in sub-sidebars
• Prevent duplicate menu identifiers
• Improved HTMX navigation consistency

Filter Panel Improvements

Resolved filter panel issues in tabbed views:

• Correctly target active filter panels
• Prevent interactions with hidden tab content
• Improve filter behavior across complex interfaces

Keyboard Shortcuts

• Fixed shortcut update errors
• Improved reload handling when shortcut records are unavailable
• Enhanced shortcut management reliability

Mail Interface

• Improved preview modal styling consistency
• Better spacing and layout handling
• Improved visual consistency with platform design standards

---

🏗️ Platform & Architecture

Module Namespace Improvements

Renamed internal web utilities:

• Renamed horilla.http to horilla.web
• Avoid Python standard library naming conflicts
• Improve compatibility with Django management commands

Approval Framework Enhancements

• Added dedicated approval job detail rendering template
• Improved HTMX-based approval workflows
• Enhanced approval page layout consistency

Meeting Module Improvements

• Restricted modal-only views to HTMX requests
• Prevent invalid direct access to partial-render templates

---

📚 Documentation

Updated documentation for:

• Horilla web utility package
• Sidebar menu architecture
• Approval workflow rendering
• Platform configuration handling
• Internal module structure updates

---

🛠️ Major Fixes

Security

• Added brute-force login protection
• Prevented forgot-password user enumeration
• Fixed attachment sanitization gaps
• Improved mail preview access validation

Mail

• Fixed mail template permission checks
• Fixed preview rendering inconsistencies
• Preserved rendered email content snapshots

Activity

• Fixed tab navigation after create, delete, status updates, and bulk actions
• Fixed incorrect activity tab restoration
• Fixed email visibility filtering issues

Forecast

• Fixed active tab selection issues
• Improved forecast localization
• Optimized database queries and chart generation

UI

• Fixed filter panel behavior in tabbed views
• Fixed sidebar active-link detection
• Fixed keyboard shortcut management issues
• Improved mail modal styling consistency

Platform

• Fixed local settings override order
• Resolved package naming conflicts with Python stdlib
• Added PostgreSQL dependency support

---

📜 Changelog Summary

v1.12.2 (19 June 2026)

Added

• IP-based login protection
• Rendered mail subject snapshots
• Rendered mail body snapshots
• Approval job detail partial templates
• PostgreSQL dependency support

Improved

• Activity workflow navigation
• Forecast performance
• Sidebar navigation behavior
• Mail preview experience
• Translation coverage
• Configuration loading reliability

Fixed

• Forgot-password user enumeration vulnerability
• Activity tab restoration issues
• Mail template permission handling
• Mail preview rendering issues
• Forecast tab selection problems
• Filter panel targeting issues
• Shortcut key management errors
• Email ownership filtering behavior

---

🎯 Impact

Horilla CRM v1.12.2 strengthens platform security, improves workflow continuity, and enhances overall reliability.

This release:

• Protects authentication workflows against common attack vectors
• Improves email auditing and historical accuracy
• Reduces workflow interruptions during activity management
• Enhances forecast performance and scalability
• Improves platform navigation consistency
• Expands localization coverage
• Provides a more maintainable and stable platform foundation

---

Overall

v1.12.2 is a security, reliability, and workflow-focused release that strengthens authentication protection, improves mail handling, enhances activity navigation, optimizes platform performance, and delivers a more consistent user experience across the Horilla CRM platform. 🚀

Horilla CRM v1.12.1 — Security, Localization & Platform Reliability Enhancements

Release Date: 12 June 2026
Version: 1.12.1
Status: Security Hardening, Internationalization, Multi-Company Stability & Platform Enhancement Release

---

Horilla CRM v1.12.1

Horilla CRM v1.12.1 focuses on platform stability, security hardening, internationalization, multi-company reliability, and overall user experience improvements.

This release introduces centralized XSS sanitization, CSV/XLSX export protection, expanded localization support across 86 locales, meeting provider enhancements, booking architecture improvements, mail configuration management, reporting enhancements, and numerous fixes for company-aware integrations throughout the platform.

The result is a more secure, globally accessible, and enterprise-ready platform with improved maintainability and consistency across all modules.

---

This release focuses on:

🔒 Security Hardening & XSS Protection
🌍 Internationalization & Localization Expansion
🏢 Multi-Company Stability Improvements
📅 Calendar, Meeting & Booking Enhancements
📧 Mail & Notification Improvements
📊 Reporting & Analytics Improvements
⚡ UI/UX Enhancements & Performance Fixes
📚 Documentation & Platform Standardization

---

The result is a more secure, reliable, and globally-ready CRM platform.

---

Highlights

---

🔒 Security Hardening

CSV/XLSX Export Protection

• Prevent formula injection attacks during CSV and XLSX exports
• Improve exported file safety across spreadsheet applications

Centralized XSS Protection

Introduced shared sanitization infrastructure:

• Added centralized sanitize_html() helper
• Added centralized sanitize_plain_text() helper
• Added bleach-based HTML sanitization with CSS allow-listing
• Integrated DOMPurify sanitization within Summernote editors

Mail & Notification Security

• Sanitize Mail template subjects and bodies
• Sanitize Notification template titles and messages
• Improve validation handling for rejected content
• Ensure safe rendering in previews and detail views

User Privacy Improvements

• Restrict login history visibility to the current user
• Prevent unintended exposure of authentication history records

---

🌍 Internationalization & Localization

Platform-Wide Translation Expansion

Internationalization coverage has been significantly expanded:

• Added translation support across templates, Python modules, forms, and JavaScript
• Internationalized user-facing text throughout CRM workflows
• Added translation support for booking, mail, filters, leads, login flows, import/export, and shared components

Translation Infrastructure

• Refreshed django.po translation catalogs across 12 modules
• Updated translation resources across 86 supported locales
• Added new locale resources for generics framework components

Activity Localization Updates

• Refreshed activity translations for new meeting provider labels
• Updated activity status and meeting-related localization strings

---

🏢 Multi-Company Reliability Improvements

Company-Aware Settings Resolution

Improved company isolation and configuration handling across:

• Google Calendar integrations
• Meeting integrations
• Opportunity settings
• Team selling configuration
• Shortcut key management

Graceful Missing Company Handling

• Prevent failures when active company is unavailable
• Improve resilience during company switching workflows
• Ensure consistent settings retrieval using company-aware lookups

Company Synchronization

• Shortcut keys now remain visible after company changes
• Improved active company consistency across CRM modules

---

📅 Meetings, Calendar & Booking

Meeting Provider Enhancements

Added support for multiple meeting providers:

• Zoom
• Google Meet
• Microsoft Teams

Calendar Improvements

• Improved Google Calendar configuration lookups
• Fixed company switching issues for calendar integrations
• Prevent duplicate configuration creation issues

Booking Architecture Improvements

• Refactored booking views into dedicated modules
• Improved maintainability and future extensibility
• Expanded booking documentation

Branding-Aware Meeting Emails

• Meeting reminders and invitations now use platform branding settings
• Replaced hardcoded product names with dynamic branding values

---

📧 Mail & Notification Enhancements

Mail Configuration Management

Added:

• Mail configuration detail modal
• Channel-specific edit and delete actions
• Improved configuration visibility and management

Template Handling Improvements

• Improved validation workflows
• Better handling of invalid content submissions
• Consistent sanitization behavior across mail and notification systems

---

📊 Reports & Analytics

Pivot Table Improvements

• Added active cell state highlighting
• Added filter badges with quick clear actions
• Improved filtering of empty and null grouped values
• Enhanced report usability and navigation

---

⚡ User Experience Improvements

Leads

• Enhanced Web-to-Lead forms
• Added improved Select2 integration
• Improved spacing and hover state consistency
• Fixed lead conversion success modal navigation

Core UI Improvements

• Improved role empty-state pages with illustrated layouts
• Added clearer role creation guidance
• Improved browser, operating system, and device identification in login history

Generic Components

• Fixed Select2 edit-mode filtering behavior
• Fixed navbar search focus issues
• Improved form rendering consistency across modules

Performance & Stability

• Added debounce protection for active-tab persistence
• Reduced concurrent SQLite write lock scenarios
• Improved HTMX interaction reliability

---

🏗️ Platform & Architecture

Template Builtins

Registered globally available template libraries:

• Django static tags
• Django i18n tags
• Horilla template tags

Benefits:

• Cleaner templates
• Reduced repetitive {% load %} statements
• Easier template maintenance

Platform Standardization

• Replaced CRM-specific branding references with platform-neutral terminology
• Updated extension examples and documentation
• Improved branding consistency across emails and documentation

---

📚 Documentation

Expanded documentation for:

• Booking view architecture
• Template builtins
• Branding-aware email rendering
• Extension framework examples
• Platform-neutral development practices
• Translation infrastructure

---

🛠️ Major Fixes

Security

• Fixed CSV/XLSX formula injection vulnerabilities
• Fixed XSS vulnerabilities in mail and notification templates

CRM

• Fixed lead conversion navigation
• Fixed opportunity company-resolution issues
• Fixed team-selling configuration access

Calendar & Meetings

• Fixed company switching integration issues
• Fixed Google Calendar configuration resolution
• Fixed meeting integration lookup failures

UI

• Fixed navbar search focus loss
• Fixed Select2 edit-mode filtering
• Fixed company selector visibility in user forms

Core

• Fixed login history privacy issue
• Fixed shortcut key visibility across company changes
• Fixed active-tab write-lock scenarios

---

📜 Changelog Summary

v1.12.1 (12 June 2026)

Added

• Zoom meeting provider support
• Microsoft Teams meeting provider support
• Mail configuration detail modal
• Centralized sanitization helpers

Improved

• Internationalization coverage across 86 locales
• Multi-company configuration handling
• Booking architecture
• Reporting experience
• Login history device information
• Platform branding consistency

Fixed

• CSV/XLSX formula injection vulnerabilities
• XSS vulnerabilities in mail and notification templates
• Lead conversion navigation issues
• Google Calendar company resolution issues
• Opportunity settings lookup failures
• Login history privacy concerns
• Select2 filtering issues
• Navbar search focus problems
• SQLite write lock conflicts

---

🎯 Impact

Horilla CRM v1.12.1 strengthens the platform's security, scalability, and global readiness.

This release:

• Improves protection against common web and spreadsheet-based attacks
• Expands localization support across 86 languages
• Enhances multi-company reliability
• Improves calendar, meeting, and booking workflows
• Simplifies administration and mail management
• Increases platform consistency through branding and documentation improvements
• Provides a more stable and maintainable foundation for future releases

---

Overall

v1.12.1 is a stability, security, and internationalization-focused release that significantly improves platform reliability while expanding global language support, strengthening multi-company behavior, enhancing integrations, and refining the overall user experience. 🚀

Horilla CRM v1.12.0 — Extension Framework, Architecture Refactoring & Platform Enhancements

Release Date: 05 June 2026
Version: 1.12.0
Status: Major Feature Release – Extension Framework Expansion, CRM Refactoring, UI Enhancements & Platform Improvements

---

Horilla CRM v1.12.0

Horilla CRM v1.12.0 introduces the next evolution of the Horilla extension architecture, enabling developers to extend forms, lists, cards, filters, navigation, kanban boards, and detail views through a unified inheritance framework.

This release significantly improves platform extensibility while also delivering CRM module refactoring, new phone field components, booking enhancements, sidebar improvements, and numerous reliability fixes across activities, history, meetings, mail templates, and generic views.

The result is a more modular, customizable, and maintainable CRM platform that provides greater flexibility for enterprise implementations and third-party extensions.

---

This release focuses on:

🧩 Advanced Extension Framework Expansion
🏗️ CRM Architecture Refactoring
📱 Phone Field & International Number Support
📋 List, Card, Filter, Kanban & Detail View Inheritance
📅 Booking & Calendar Improvements
⚡ UI Performance & Sidebar Enhancements
🛠️ Reliability & Data Handling Fixes
📚 Documentation Expansion & Developer Experience

---

The result is a more extensible, customizable, and enterprise-ready CRM platform.

---

Highlights

---

🧩 Extension Framework Expansion

v1.12.0 greatly expands Horilla's extension system beyond models.

New Inheritance Types

Added support for:

• _inherit_form
• _inherit_list
• _inherit_card
• _inherit_filter
• _inherit_nav
• _inherit_kanban
• _inherit_detail

These extension systems allow developers to customize and compose CRM functionality without modifying core modules.

Extension Infrastructure

• Added registries, composition engines, bootstrap systems, validation checks, and resolution pipelines
• Added per-request extension resolution
• Added extension caching layers to prevent cyclic imports and improve performance
• Expanded extension documentation and examples
• Added automated test coverage for extension modules

---

🏗️ CRM Architecture Refactoring

Several CRM applications have been reorganized for improved maintainability.

Leads Refactoring

• Split lead views into dedicated modular view packages
• Improved separation of concerns
• Simplified maintenance of lead workflows

Opportunities Refactoring

• Reorganized opportunity stages and split views into dedicated sub-packages
• Improved structure for future feature expansion

Extension Package Reorganization

• Reorganized extension modules into dedicated forms, models, list, card, filter, nav, kanban, and detail packages

---

📱 Phone Number Field Support

New PhoneWidget & PhoneField

Introduced a reusable international phone number component:

• Country dial-code selector with Select2 support
• Phone number validation and formatting
• Stores values using existing model fields
• Automatic integration into supported forms

Documentation

• Added complete developer documentation for PhoneWidget and PhoneField
• Documented automatic field injection behavior

---

📋 Advanced View Customization

List Extensions

• Added _inherit_list composition framework
• Supports per-request list customization
• Allows extension of list columns, actions, and behavior

Card Extensions

• Added _inherit_card support for CRM card views
• Enables extension of card layouts and card actions

Filter Extensions

• Added _inherit_filter support
• Allows dynamic extension of filter sets and filtering logic

Navigation Extensions

• Added _inherit_nav support
• Enables custom navigation components and contextual menus

Kanban & Detail Extensions

• Added inheritance support for kanban boards and detail views
• Allows customization without modifying core application code

---

📅 Booking & Scheduling Improvements

Booking Detail Experience

• Added HorillaModalDetailView support for bookings
• Added clickable rows with modal navigation
• Added previous/next record navigation
• Added integrated status change actions

UI Consistency

• Replaced hardcoded booking colors with Horilla theme variables
• Improved modal styling consistency

---

⚡ User Experience Improvements

Sidebar State Persistence

Fixed sidebar behavior where:

• Sidebar state was previously reset after HTMX swaps
• Sidebar reopened automatically after page refresh

The sidebar now properly remembers the user's selected state.

Action Button Improvements

• Prevented text wrapping in action buttons
• Improved usability across detail and modal views

---

🛠️ Reliability & Stability Fixes

Generic View Fixes

• Fixed Prefetch queryset slicing issue causing bulk delete failures
• Improved queryset handling for generic views

Activity & History

• Fixed activity call duration ordering
• Removed redundant validations
• Correctly identifies CallLog entries in history
• Added call status visibility in activity history

Meetings

• Google Meet option now automatically hides when Google Calendar integration is disabled

Mail Templates

• Fixed validation errors when creating mail and notification templates
• Properly assigns audit fields before save operations

Core

• Improved holiday form handling
• Corrected user selection validation logic

---

🧹 Code Quality & Standardization

Database Standardization

• Introduced centralized horilla.db imports
• Standardized transaction and connection access throughout the platform
• Reduced direct dependency on Django database imports

Import Organization

Applied standardized import grouping across:

• Accounts
• Campaigns
• Contacts
• Forecast
• Leads
• Opportunities
• Extension modules

Pylint Compliance

• Fixed multiple pylint warnings and code-style issues
• Improved consistency across the CRM codebase

---

📚 Documentation

Expanded documentation for:

• Form extensions
• List extensions
• Card extensions
• Filter extensions
• Navigation extensions
• Kanban extensions
• Detail extensions
• PhoneWidget & PhoneField
• Extension architecture and inheritance guides
• Coding standards and import conventions

---

🛠️ Major Fixes

Extension Framework

• Added support for list, card, filter, nav, kanban, and detail inheritance
• Added extension caching and resolution improvements

CRM Modules

• Refactored Leads and Opportunities into modular structures
• Improved maintainability and scalability

UI

• Fixed sidebar state persistence
• Fixed action button wrapping
• Improved booking modal styling

Activities & History

• Fixed call duration ordering
• Fixed CallLog display and status visibility

Mail

• Fixed audit field validation failures during template creation

Meetings

• Fixed Google Meet visibility when calendar integration is unavailable

---

📜 Changelog Summary

v1.12.0 (05 June 2026)

Added

• _inherit_list
• _inherit_card
• _inherit_filter
• _inherit_nav
• _inherit_kanban
• _inherit_detail
• PhoneWidget and PhoneField
• Booking modal detail view with navigation
• Extension caching infrastructure
• Extension registries and composition systems

Improved

• CRM architecture and module organization
• Booking UI consistency
• Sidebar state persistence
• Generic view performance and reliability
• Import standardization
• Extension documentation

Fixed

• Bulk delete failures caused by queryset slicing
• Activity call duration ordering
• Call history display issues
• Mail template audit field validation errors
• Google Meet visibility logic
• Holiday form user-selection validation
• Action button wrapping issues
• Multiple pylint and code-quality issues

---

🎯 Impact

Horilla CRM v1.12.0 represents a major step toward a fully extensible CRM architecture.

This release:

• Enables customization of nearly every CRM view layer through inheritance
• Reduces the need for core-code modifications
• Improves long-term maintainability
• Simplifies third-party extension development
• Enhances booking, activity, and communication workflows
• Improves platform consistency and reliability

---

Overall

v1.12.0 is a major architectural release that expands Horilla CRM's extension framework from forms into a complete platform-wide customization system. Combined with CRM refactoring, phone field support, booking enhancements, reliability fixes, and extensive documentation improvements, this release provides a stronger foundation for enterprise deployments and future CRM growth. 🚀

Horilla CRM v1.11.1 — Security, CSRF & Data-Integrity Hardening

Release Date: 29 May 2026
Version: 1.11.1
Status: Security Hardening, CSRF Protection, Data-Integrity Fixes & Form/Stability Maintenance Release

---

Horilla CRM v1.11.1

Horilla CRM v1.11.1 is a focused hardening and maintenance release that builds on the major v1.11.0 platform. It addresses security vulnerabilities in the mail preview pipeline, restores CSRF protection across state-mutating views, fixes a class of data-integrity bugs around protected stage relationships, and resolves multiple form and OAuth crashes — while standardizing internal imports and completing broad pylint compliance.

This release prioritizes safety, correctness, and stability, smoothing out the rough edges introduced by the large 1.11.0 feature drop without changing the platform's behavior or surface.

---

This release focuses on:

🔐 Security Fixes (SSTI, IDOR & Mail Permissions)
🛡️ CSRF Protection Restoration
🗃️ Data-Integrity & Protected-Relationship Fixes
🧾 Form Field-Handling & Multi-Step Crash Fixes
📞 OAuth & Meeting Reliability
📅 Booking Calendar & Timezone UX
🧩 Internal Import Shims & Standardization
🧹 Pylint Compliance & Docstring Coverage
📚 Documentation Expansion

---

The result is a safer, more correct, and production-hardened CRM platform.

---

Highlights

---

🔐 Security Fixes

v1.11.1 closes several security issues discovered in the mail subsystem.

Mail Preview Hardening

• Fixed SSTI (Server-Side Template Injection) information disclosure in the preview endpoint
• Fixed IDOR (Insecure Direct Object Reference) in the preview endpoint
• Blocked dangerous template paths
• Added a per-object permission check before rendering previews

Mail Permission Corrections

• Replaced incorrect admin-config permissions with proper add / view / change / delete own-record permissions

• Applied consistently across:

  • All mail views
  • The activity email tab

---

🛡️ CSRF Protection Restoration

State-mutating views that had been left unprotected are now fully CSRF-guarded.

Restored Protection

• Removed @csrf_exempt from:

  • CreateStageGroupView
  • CreateOppStageGroupView
  • SaveCalendarPreferencesView
  • SaveCustomStagesView
  • SaveCustomOppStagesView

• Added {% csrf_token %} to the corresponding HTMX forms and custom stage templates

• Fixed the resulting 403 errors on those flows

• Retained @csrf_exempt only on the pre-session DB-init wizard views

CSRF Failure Experience

• Added a custom CSRF failure view
• Added csrf_failure.html for DEBUG=False environments

---

🗃️ Data-Integrity & Protected-Relationship Fixes

Safe Stage Saving

• SaveCustomStagesView / SaveCustomOppStagesView now use validate-first, then update-or-create instead of delete-and-recreate

• Stages removed from the form are deleted only if no leads/opportunities reference them

• Prevents the ProtectedError raised by the PROTECT FKs on:

  • Lead.lead_status
  • Opportunity.stage

Bulk Delete Safety

• GENERICS: _bulk_delete_related now skips M2M relations to prevent ProtectedError during cascade traversal

---

🧾 Form & Multi-Step Crash Fixes

HorillaModelForm Field Preservation

Switched the following to fields = "__all__" with field_order (and keep_on_form where needed) so base fields are no longer dropped:

• FiscalYearForm
• RegionalFormattingForm
• CompanyFormClassSingle
• UserFormClass / UserFormSingle (with sensitive fields excluded, is_active reordered to end)
• ApprovalRuleForm (also dropped the unused process_config field)

Multi-Step Form KeyError Fixes

• CRM / COMPANY: Removed/guarded direct created_by / updated_by access that crashed because HorillaMultiStepForm strips fields not listed in step_fields
• Applied across campaign, contact, and company create flows

Review Process Fix

• REVIEWS: Fixed KeyError on review-process create by adding keep_on_form for is_active

Form Cleanup

• Removed redundant fields attributes superseded by form_class across:

  • Activity, Dashboard, Report views
  • Forecast target, Assignment rule, Opportunity team, Scoring rule views

---

📞 OAuth & Meeting Reliability

Meeting Integration

• Fixed MultipleObjectsReturned on the Zoom / Teams OAuth callbacks

Access-Control UI

• Constrained the access-control section to the viewport
• Added a count + eye pill for allowed users/roles
• Clicking the pill opens a HorillaListView modal
• Fixed the card-wide click handler

---

📅 Booking Calendar & UX

Booking Improvements

• Improved booking calendar UX with timezone-aware slot display
• Updated booking confirmation rendering
• Fixed the public date-strip to read date-object properties instead of stale outer-scope day / currentMonth variables
• Updated booking app locale folder

---

🧩 Internal Import Shims & Standardization

New Compatibility Shims

• Added horilla.utils.timezone shim
• Added horilla.db.models.signals shim
• Migrated signal and timezone imports across all apps to the new shims
• Standardized first-party import groups project-wide

Other Core Improvements

• CORE: "Add Business Hour" button now hides immediately after creation without a page reload
• BUSINESS_HOUR: Guarded BusinessHourHolidayModalView with a get() that returns a modal-closing script when the BusinessHour pk no longer exists
• GENERICS: Added cursor-pointer to note/attachment and related-list action buttons

---

🧹 Code Quality & Cleanup

Pylint Compliance

Added missing class and method docstrings across the platform for:

• C0115 (missing class docstring)
• C0116 (missing function/method docstring)

Coverage spans: Activity, Cadences, Core, Dashboard, Meeting, Booking, CRM, sync_db, and all contrib apps.

Standardization

• Standardized import organization
• Synced module documentation with the new shim layout

---

📚 Documentation

• Added new docs for: booking, forecast targets, lead assignment rules, opportunity teams, scoring rules
• Expanded docs for: activity, core, dashboard, generics, reports
• Synced module documentation with the new import-shim conventions

---

🛠️ Major Fixes

Security

• Fixed SSTI information disclosure in mail preview
• Fixed IDOR in mail preview endpoint
• Corrected HorillaMail own-record permissions

CSRF

• Restored CSRF protection on stage, stage-group, and calendar-preference views
• Fixed 403 errors on affected HTMX forms

Data Integrity

• Prevented ProtectedError on stage deletion (validate-first / update-or-create)
• Skipped M2M relations in bulk-delete traversal

Forms

• Prevented HorillaModelForm base fields being dropped
• Fixed multi-step create KeyError on created_by / updated_by
• Fixed review-process create KeyError

Meeting / OAuth

• Fixed MultipleObjectsReturned on Zoom/Teams OAuth callbacks

Booking

• Fixed date-strip rendering bug

---

📜 Changelog Summary

v1.11.1 (29 May 2026)

Added

• Custom CSRF failure view and csrf_failure.html for DEBUG=False
• horilla.utils.timezone compatibility shim
• horilla.db.models.signals compatibility shim
• Access-control count + eye pill with HorillaListView modal (Meeting)
• New documentation for booking, forecast targets, lead assignment rules, opportunity teams, and scoring rules

Improved

• Timezone-aware booking slot display and scheduling UX
• HorillaModelForm field handling across fiscal year, regional formatting, company, user, and approval-rule forms
• Standardized first-party imports and signal/timezone shims across all apps
• Business Hour button hides without page reload
• Broad pylint docstring compliance (C0115 / C0116)
• Expanded activity, core, dashboard, generics, and reports documentation

Fixed

• Security: SSTI information disclosure and IDOR in mail preview
• Security: Incorrect HorillaMail permissions (now correct own-record perms)
• CSRF 403 errors on stage, stage-group, and calendar-preference views
• ProtectedError on stage deletion when referenced by leads/opportunities
• ProtectedError from M2M relations during bulk delete
• KeyError on multi-step create forms (created_by / updated_by)
• KeyError on review-process create
• MultipleObjectsReturned on Zoom/Teams OAuth callbacks
• Booking date-strip rendering using stale outer-scope variables
• BusinessHourHolidayModalView crash on deleted records
• HorillaModelForm base fields being dropped from refactored forms

---

🎯 Impact

Horilla CRM v1.11.1 hardens the platform delivered in v1.11.0, prioritizing security, data integrity, and reliability.

This release:

• Closes SSTI and IDOR vulnerabilities in the mail subsystem
• Restores CSRF protection across state-mutating workflows
• Prevents data loss from protected stage relationships
• Fixes multiple form and OAuth crashes
• Standardizes internal imports for long-term maintainability
• Completes broad pylint and documentation coverage

---

Overall

v1.11.1 is a stability and security release that makes the ambitious 1.11.0 feature set production-ready. It resolves the highest-impact bugs and vulnerabilities surfaced after the major release, tightens CSRF and permission handling, and protects against data-integrity failures — delivering a safer, more reliable, and more maintainable CRM platform. 🔒🚀

Horilla CRM v1.11.0 — Workflow Automation, Booking Platform & ERP-Style Extensions

Release Date: 23 May 2026
Version: 1.11.0
Status: Workflow Automation Release, Booking Platform, ERP-Style Extensions & CRM Architecture Enhancements

---

Horilla CRM v1.11.0

Horilla CRM v1.11.0 introduces a powerful new Workflow Automation Engine, a complete Public Booking System, ERP-style _inherit model extension support, Shift Hour scheduling, and major improvements across CRM, permissions, HTMX workflows, and multi-tenant architecture.

This release focuses heavily on automation, extensibility, modularization, and platform scalability while continuing the UI/UX and developer-experience improvements introduced in previous versions.

---

This release focuses on:

⚙️ Workflow Automation Engine & Scheduled Execution
📅 Public Booking & Scheduling Platform
🧩 ERP-Style _inherit Model Extensions
⏰ Shift Hours & Business Hour Improvements
⚡ HTMX UX Enhancements & Dynamic Forms
🏗️ Generics, Forms & Multi-Step Architecture Improvements
🔐 Permissions, Role Handling & Multi-Tenant Refinements
📬 Mail Template Integration & Activity Improvements
🛠️ Stability Fixes, Django 6.0 Compatibility & Pylint Cleanup
📚 Documentation, Refactors & Developer Experience

---

The result is a more extensible, automation-ready, and scalable CRM platform.

---

Highlights

---

⚙️ New Workflow Automation Engine

v1.11.0 introduces a brand-new workflow contrib app that enables rule-based CRM automation directly inside Horilla CRM.

Workflow Features

• WorkflowRule, WorkflowCondition, and WorkflowAction models

• HTMX-powered CRUD workflows

• Dynamic condition evaluation engine

• Automated action dispatch system

• post_save signal-based execution

• Time-triggered workflows using Celery

• WorkflowTimeTriggerAction

• ScheduledWorkflowExecution

• Workflow execution history modal

• Workflow FilterSet support

• Auto-registration of workflow-enabled models

• Workflow-enabled support for:

  • Leads
  • Accounts
  • Campaigns
  • Contacts
  • Opportunities

Workflow Improvements

• Modularized workflow view structure
• Hidden-field action configuration handling
• Workflow detail page restoration
• Improved namespace routing
• Automatic workflow model registration
• Extensive pylint cleanup across workflow modules

---

📅 New Public Booking Platform

v1.11.0 introduces a fully featured public-facing booking app for appointment scheduling and CRM lead generation.

Booking Features

• Public booking pages

• Slot scheduling system

• Booking confirmation flows

• Public cancel/reschedule flows

• Celery-powered reminder emails

• CRM integration with:

  • Leads
  • Contacts
  • Activities

• Booking email template support:

  • Confirmation
  • Cancellation
  • Reschedule

Booking UI Improvements

• Select2 timezone picker

• Arrow-navigated date cards

• Improved booking-page centering/layout

• Dynamic online/offline location controls

• HTMX toggle handling for:

  • allow_cancel
  • allow_reschedule
  • is_online

• Improved brand color widget rendering

• Cleaner public scheduling experience

---

🧩 ERP-Style _inherit Model Extensions

Horilla CRM now supports Odoo-inspired model extensions directly inside third-party apps.

Extension Features

• _inherit model injection support
• InjectField system
• Extension-owned migrations
• Autodetector integration
• Add fields/methods to existing models without creating new tables
• No modification required in core migration folders

Example

_inherit = "leads.Lead"

This allows developers to extend core Horilla models cleanly and modularly.

---

⏰ Shift Hours & Business Hour Enhancements

New ShiftHour Model

Added a new ShiftHour model with:

• Per-day scheduling
• Dynamic break-slot management
• HTMX-driven form interactions
• Admin integration
• Business-hour settings integration

Business Hour Improvements

• One business-hour card per company
• Holiday integration support
• Dedicated holiday management flow
• Session-persisted ordering
• Django-aligned M2M handling
• Shared timing/day constants moved to:
  horilla/utils/choices.py

Admin Improvements

Added filter_horizontal support for:

• BusinessHour
• ShiftHour
• Holiday
• Role
• CRM M2M fields

---

⚡ HTMX & Interactive UX Improvements

Horilla CRM continues expanding its HTMX-first architecture.

Activity & Meeting Improvements

• Tabbed list + kanban views for:

  • Tasks
  • Meetings
  • Calls
  • Events

• Per-type URLs and columns

• Meeting URL rendering in kanban cards

• Modularized activity views/packages

• Calendar event editing via htmx.ajax

• Activity mail-template integration

• Meeting invite rendering using selected templates

Improved Dynamic Forms

• Preserve form values when toggling is_online
• Replaced hx-get with hx-post where full form state was required
• Dynamic field visibility handling
• Better HTMX modal interactions

---

🏗️ Generics & Form Architecture Improvements

Multi-Step Form Enhancements

• Centralized HORILLA_FORM_EXCLUDE
• Added automatic core-field exclusion
• Auto-assign unstepped fields to final form step
• Cleaner multi-step form architecture

Form Refactors

Refactored forms across:

• Leads
• Opportunities
• Accounts
• Forecasts
• Campaigns
• Contacts

Refactor Improvements

• Switched to:

fields = "__all__"

• Added field_order
• Removed redundant created_by / updated_by overrides
• Cleaner field management

---

🌍 Country & Subdivision Improvements

Location Enhancements

• Switched address_country to django-countries
• Added HTMX-powered subdivision loading
• Added reusable helper:

get_subdivision_choices()

Used Across

• Company
• User
• Lead
• Contact

---

🔐 Permissions & Multi-Tenant Improvements

Permissions

• Fixed stale inherited permissions after role removal
• Preserved default view_own_* permissions
• Role assignment now properly applies inherited permissions
• Improved approval-template filtering logic

Shortcut & Menu Improvements

• Normalized shortcut URLs
• Resolved menu titles from full registry
• Fixed non-admin shortcut label rendering
• Added reverse_lazy support for default shortcuts

---

🛠️ Generics, Stability & Django 6.0 Compatibility

Generics Improvements

• Fixed Django 6.0 ManyRelatedManager crashes

• Improved M2M display-column rendering

• Better kanban drag-drop handling

• Proper subclass delegation for update_kanban_item

• Improved _meta.app_label handling for:

  • Kanban
  • Groupby
  • Timeline

Delete Handling Improvements

• Fixed user deletion crashes caused by:

  • ShortcutKey
  • PROTECT FK relations
  • OneToOne dependency traversal

---

📬 Mail Template & Activity Enhancements

Activity Mail Templates

• Added optional mail_template FK on Activity
• Template-filtered querysets
• Fallback HTML rendering support
• Improved meeting invitation rendering

Booking Mail Templates

Added per-booking-page templates for:

• Confirmation emails
• Cancellation emails
• Reschedule emails

---

📚 Documentation & Developer Experience

Documentation

• Added deep-dive documentation for:

  • horilla.contrib.meeting

• Updated:

  • multi_step.md

Developer Improvements

• Improved modularization
• Better package structure
• Cleaner workflow architecture
• Expanded HTMX conventions

---

🛠️ Code Quality & Cleanup

Pylint Cleanup

Resolved pylint warnings across:

• Workflow
• Booking
• Activity
• Scoring Rules

Resolved

• C0115
• C0116
• C0303
• C0304
• W0611
• C0413

Formatting

• Improved imports
• Better modular structure
• Standardized form/view organization

---

🛠️ Major Fixes

Workflow & Generics

• Fixed workflow navbar HTMX access issues
• Fixed scoring-rule HTMX view handling
• Fixed duplicate HTMX drag-drop updates
• Fixed subclass kanban update delegation

Meetings & Activities

• Fixed empty queryset issue in MeetingAccessUsersForm
• Preserved form state when toggling online meetings

Permissions

• Fixed stale role permission inheritance
• Fixed role-unassignment cleanup logic

Booking

• Fixed hidden field toggle behavior
• Fixed online-location rendering
• Fixed brand-color default handling

CRM & Shortcuts

• Fixed shortcut-title resolution for non-admin users
• Fixed normalized default shortcut URLs

Deletes & Dependencies

• Fixed dependency traversal crashes during user deletion

---

📜 Changelog Summary

v1.11.0 (23 May 2026)

Added

• New workflow automation app
• Time-triggered workflow execution
• Workflow execution history
• New public booking app
• ShiftHour scheduling system
• ERP-style _inherit model extensions
• Booking mail-template support
• Activity mail-template support
• Holiday support for BusinessHours
• HTMX-powered dynamic scheduling forms
• get_subdivision_choices() utility
• Admin filter_horizontal improvements

Improved

• Booking UI and scheduling UX
• Multi-step form architecture
• HTMX workflows and modal handling
• Activity kanban/list organization
• Permission inheritance handling
• Generic delete traversal logic
• Country/state subdivision handling
• Django 6.0 M2M compatibility
• Workflow modularization and automatio...

Horilla CRM v1.10.1 Meeting Integration Release, HTMX UX Enhancements, Process Stability & Platform Refinements

Release Date: 18 May 2026
Version: 1.10.1
Status: Meeting Integration Release, HTMX UX Enhancements, Process Stability & Platform Refinements

---

Horilla CRM v1.10.1

Horilla CRM v1.10.1 introduces a brand-new Meeting Integration module with Zoom and Microsoft Teams support, expands HTMX-powered workflows across the platform, improves approvals/reviews process handling, and delivers extensive UI, stability, and code-quality refinements across the Horilla ecosystem.

This release focuses heavily on improving productivity, modularity, and usability while continuing the architectural cleanup introduced in v1.10.0.

---

This release focuses on:

📹 Meeting Integration Module (Zoom & Teams)
⚡ HTMX UX Improvements & Interactive Workflows
🧩 Activity, Mail, Cadence & Process Module Enhancements
🏗️ Template/Layout Refactors with modelcontent_layout
🔐 Approval, Review & Permission Flow Improvements
📬 Mail Tracking, Delivery Lifecycle & Notifications
🛠️ Stability Fixes, Pylint Cleanup & Code Quality
🌍 i18n, Documentation & Release Metadata Updates

---

The result is a more interactive, maintainable, and collaboration-ready CRM platform.

---

Highlights

---

📹 New Meeting Integration Module

v1.10.1 introduces a completely new meeting contrib app that enables meeting-provider integrations and meeting-link management directly inside Horilla CRM.

Meeting Features

• Zoom OAuth integration
• Microsoft Teams OAuth integration
• Personal meeting URL management
• MeetingLink CRUD support
• Company-level meeting provider settings
• User-level provider configuration
• Generate meeting links directly from activities
• Integrated meeting scheduling inside Activity module
• Meeting invites, reminders, and meeting-link display
• Meeting provider cards redesigned with scrollable layout support
• Added meetings.svg static icon
• Added meeting i18n translation catalogs
• Added __version__.py metadata support

---

⚡ HTMX & Interactive Workflow Enhancements

Horilla CRM continues expanding its HTMX-first architecture for smoother, more maintainable interactions.

User Picker Modal

Added a reusable HTMX-powered user-picker modal for many-to-many fields.

Features

• Advanced stacked filters
• Field/operator/value filtering rows
• Dedicated picker views & URLs
• Generic form integration
• Modal-based user selection
• Global JS integration for improved UX

Approval & Review Toggles

• Added HTMX active-status toggles for approval processes
• Added HTMX active-status toggles for review processes
• Auto-deactivate sibling active processes
• Improved duplicate active-process validation
• Added confirmation flows before activation changes

Generics Improvements

• Added disabled_if support for action buttons
• Improved export modal behavior on multi-list pages
• Added export loading-state handling
• Improved JSONField rendering in detail views
• Better readability for dict/list values in generic detail rendering

---

🏗️ Template & Layout Refactor

A major UI/layout modernization continued in v1.10.1 with the rollout of the new modelcontent_layout shell.

Migrated Views

• Calendar
• Dashboard
• Reports
• Approvals
• Global Search
• Detail Views
• Default Home
• Generics Shells

Layout Improvements

• Introduced reusable side_column
• Improved sub-section ordering and HX attribute organization
• Extracted reusable MAIN_CONTENT_HX_ATTRS
• Added template/layout documentation under docs/templates/
• Relocated legacy migration docs into proper documentation structure

---

📬 Mail, Notifications & Cadence Improvements

Mail Lifecycle Tracking

Mail tracking received major improvements in v1.10.1.

Added

• Delivered state tracking
• Opened state tracking
• Bounced state tracking
• Delivery timestamps
• Open-tracking pixel injection
• SMTP bounce handling
• Recipient-domain validation before send

Cadence Improvements

• Cadence tabs now use delivered/opened/bounced aggregates
• Added cadence email stat cards
• Improved follow-up status calculation logic
• Better next-step rendering based on latest mail outcomes

Notifications

• Added per-user sound mute/unmute preference
• Web Audio API notification playback support
• Added NotificationSoundPreference model

---

🔐 Approvals, Reviews & Process Stability

Approval Module

• Generic signal-based approval handlers
• Dynamic approval model registration support
• Safer missing-record handling
• Automatic stale approval cleanup
• Improved detail redirection handling
• Better readable grouped condition layouts

Review Module

• Added global post-save registry synchronization
• Improved detail failure handling
• Added translated modal reload flows
• Enforced one active process per model/company

---

🧩 Activity Module Improvements

Meeting & Tab Persistence

• Activity module now supports meeting integration
• Persist active tabs/sub-tabs in localStorage
• Restore mail/activity sub-tabs after HTMX swaps
• Preserve pending/completed activity state
• Fixed tab conflicts on multi-instance pages
• Scoped tab IDs and JS handlers properly

---

🌍 Internationalization & Documentation

Documentation

• Added .md documentation files
• Added template/layout docs
• Added migration/layout usage documentation

Internationalization

• Added django.po catalogs for configured meeting languages
• Added release metadata updates across modules

---

🛠️ Code Quality, Refactors & Stability

Refactors

• Refactored forms package exports
• Refactored mail package imports
• Refactored notifications package structure
• Refactored generic views package
• Refactored permissions views package
• Split leads models into modular files

Formatting & Cleanup

• Applied Black formatting across contrib and CRM modules

• Resolved pylint warnings:

  • W0611
  • W0404
  • C0114
  • C0115
  • C0116
  • R1710
  • C0303

• Removed trailing whitespace issues

• Standardized template indentation

---

🛠️ Major Fixes

Core

• Fixed password hashing issue causing NULL password saves
• Made profile detail panel vertically scrollable
• Re-enabled theme default seeding via post_migrate

Mail

• Sanitized draft/template previews using bleach
• Restored email sub-tab persistence after delete
• Fixed tracking UID nullability handling

Calendar & Automations

• Fixed Google integration active-company resolution
• Fixed Celery beat task path resolution for automations

Reports & Generics

• Removed stale reports with deleted models
• Fixed export modal clashes on multi-list pages
• Improved JSONField display formatting

CRM & Leads

• Added lead assignment rules
• Auto-assignment using condition-based evaluation
• Added HTMX toggles for active/notify states

---

📜 Changelog Summary

v1.10.1 (18 May 2026)

Added

• New meeting contrib app
• Zoom & Teams OAuth integrations
• MeetingLink CRUD support
• User/company meeting settings
• Meeting scheduling integration
• HTMX user-picker modal
• Approval/review active toggles
• Notification sound preferences
• Mail delivery/open/opened/bounced tracking
• modelcontent_layout shell
• Template/layout documentation
• Lead assignment rule engine
• Meeting i18n catalogs & version metadata

Improved

• HTMX interactions across approvals, reviews, exports, and activities
• Activity tab persistence
• Generic detail rendering for JSONField values
• Mail lifecycle visibility
• Cadence follow-up tracking
• Dashboard and shell layouts
• Template structure and modularization
• Pylint/code-style consistency across contrib apps

Fixed

• Password hashing save issue
• Approval stale object crashes
• Report detail failures on deleted models
• Calendar active-company resolution
• Automation beat task path resolution
• Mail preview sanitization
• Export modal conflicts
• Activity tab restoration after HTMX swap
• Tracking UID null handling
• Multi-instance tab conflicts
• Theme seeding during migrations

---

🎯 Impact

Horilla CRM v1.10.1 significantly improves collaboration workflows, interactivity, and maintainability across the platform.

This release:

• Introduces integrated meeting-provider support
• Expands HTMX-driven UI workflows
• Improves approval/review reliability
• Strengthens mail lifecycle tracking
• Modernizes layouts and template architecture
• Improves modularity and code quality across contrib apps
• Delivers a cleaner and more maintainable developer experience

---

Overall

v1.10.1 continues the modernization effort started in v1.10.0 by adding meeting integrations, refining HTMX-powered workflows, improving process reliability, and strengthening the overall platform architecture.

The result is a faster, cleaner, and more collaboration-focused Horilla CRM experience. 🚀

Horilla CRM v1.10.0 — Platform Restructure, Namespace Migration & Database Sync Utility

Release Date: 11 May 2026
Version: 1.10.0
Status: Major Platform Restructure, Namespace Migration, Database Sync Utility & CRM Stability Release

---

Horilla CRM v1.10.0

Horilla CRM v1.10.0 is a major platform restructuring release that consolidates the entire support-app ecosystem under a unified horilla.contrib.* namespace, introduces a dedicated database sync utility for safe v1.9.1 → v1.10.0 upgrades, and ships extensive fixes across CRM modules, generics, permissions, currency handling, and the UI layer.

This update reorganizes the platform into a cleaner, more maintainable architecture while preserving data integrity, hardening permissions, and refining the user experience across every module.

---

This release focuses on:

🏗️ Platform Restructure & horilla.contrib Namespace Migration
🗄️ Database Sync Utility (sync_db) for Safe Upgrades
🔐 Permissions, Feature Registry & Self-Registration
🌐 URL Prefixing, Routing & Navigation Improvements
⚡ HTMX, Generics & List/Filter UX Enhancements
🧩 CRM Module Fixes (Leads, Opportunities, Activity, Cadences, Reports, Reviews, Forecast, Dashboard)
💱 Currency Cascade & Multi-Currency Improvements
📅 Calendar, Channels (Redis) & Infrastructure Updates
🎨 UI/UX Consistency & Delete Confirmation UX
🛠️ Code Quality, Black/djangofmt, Encoding Cleanup & Pylint Fixes

---

The result is a more modular, maintainable, and upgrade-safe CRM platform.

---

Highlights

---

🏗️ Platform Restructure — horilla_* → horilla.contrib.*

The headline change of v1.10.0: 15 support apps moved from top-level horilla_* packages into the unified horilla.contrib.* namespace with new short app labels.

Apps Migrated

Old package	New package	New label
horilla_activity	horilla.contrib.activity	activity
horilla_automations	horilla.contrib.automations	automations
horilla_cadences	horilla.contrib.cadences	cadences
horilla_calendar	horilla.contrib.calendar	calendar
horilla_core	horilla.contrib.core	core
horilla_dashboard	horilla.contrib.dashboard	dashboard
horilla_duplicates	horilla.contrib.duplicates	duplicates
horilla_generics	horilla.contrib.generics	generics
horilla_keys	horilla.contrib.keys	keys
horilla_mail	horilla.contrib.mail	mail
horilla_notifications	horilla.contrib.notifications	notifications
horilla_processes.approvals	horilla.contrib.process.approvals	approvals
horilla_processes.reviews	horilla.contrib.process.reviews	reviews
horilla_reports	horilla.contrib.reports	reports
horilla_theme	horilla.contrib.theme	theme
horilla_utils	horilla.contrib.utils	utils

horilla_crm is out of scope for this migration — its directory and tables are unchanged.

AppLauncher Updates

Every contrib apps.py now sets:

• name = "horilla.contrib.<app>" (dotted path)
• label = "<app>" — explicitly pinned so the app_label is independent of the dotted path
• url_module = "horilla.contrib.<app>.urls"
• url_namespace = "<app>" (short form)
• get_api_paths() rewritten to new dotted paths and namespaces

Codebase-Wide Refactor

• All Python imports rewritten: from horilla_<app>... → from horilla.contrib.<app>...
• INSTALLED_APPS updated in horilla/settings/base.py
• URL reversals, {% url %}, reverse(), and reverse_lazy() calls migrated to new short namespaces
• Template static paths: {% static 'horilla_<app>/...' %} → {% static '<app>/...' %}
• FK string refs updated to new app labels ("core.HorillaUser", not the package path)
• Permission codename strings updated (user.has_perm("activity.view_activity"))
• Hard-to-grep landmines reviewed: string-sender signals, auditlog model lists, fixture files, Celery beat task names, ContentType app_label lookups

---

🗄️ Database Sync Utility — sync_db

A new sync_db management command was added to migrate existing v1.9.1 databases to the v1.10.0 layout safely and idempotently.

What It Rewrites

• django_migrations.app — old labels → new contrib labels
• django_content_type.app_label — propagates automatically to:
  • auth_permission (FK to content type)
  • auth_group_permissions and auth_user_user_permissions (FK IDs preserved — no row changes)
  • CRM FieldPermission and Role tables (FK-based, unaffected)
• Table names where the prefix changed (e.g. horilla_activity_* → activity_*)

Upgrade Path

• Documented in README.md (v1.9 → v1.10.0 upgrade guide)
• Run python manage.py sync_db before starting the v1.10.0 server
• Permission rows preserved by FK integrity — no permissions need to be re-granted

⚠️ Breaking change for existing v1.9.1 deployments. A database migration is required before running v1.10.0.

---

🔐 Permissions, Registration & Feature Registry

Feature Registration Refactor

• Models can now be registered before the feature exists
• Registry keys (e.g. duplicate_models) map back to real feature names
• Explicit-feature registration works even when the feature has a fixed include list
• Hardcoded CRM model lists removed from contrib features — CRM apps now register themselves
• CRM-specific naming replaced with Horilla-neutral wording where the platform is meant
• Hardcoded automation model skips replaced with FEATURE_REGISTRY lookups

Permission Fixes

• Fixed opportunity, opportunity team, and team-member-role permission issues
• Fixed shortcut permissions for users with “own” access
• Improved shortcut settings UI and button visibility

---

🌐 URL & Routing Updates

CRM URL Prefixing

• All CRM module URL paths prefixed with crm/
• Hardcoded URLs replaced with reverse_lazy
• post_migrate shortkey URL migration added for crm-prefixed routes

Navigation & Resolution

• Sidebar active-menu detection fixed by matching sidebar IDs and base app paths
• NoReverseMatch exported from horilla.urls
• Duplicate app shortcut handlers removed; optional shortcuts registered conditionally

---

⚡ HTMX, Generics & List/Filter UX

Queryset & Helper Centralization

• apply_conditions and get_queryset_for_module centralized in queryset_utils
• Redundant dashboard/helper.py removed
• Dashboard charts, dashboard helper, and calendar all wired through centralized utils

List View Improvements

• Fixed cell text wrapping and broken HTML rendering for custom fields
• Drag-handle layout improved for long cell values
• Tooltip on truncated cell text shows only on actual overflow
• Saved-list Edit/Delete button styles updated to primary theme classes
• Delete mode and bulk update POST payloads correctly detected as bulk operations

Select2 & Filter Fixes

• Reinitialized Select2 when opening navbar filter panel (dropdown width fix)
• Applied filters preserved when changing quick filter values
• Select2 false matches fixed by filtering on __str__ instead of all model char fields
• Dynamic approver user field switched to Select2 pagination, scoped by company

Notes Attachment Modal

• Fixed Summernote image upload
• Resolved NoReverseMatch by correcting namespace in attachment reverse URLs

---

🧩 CRM Module Fixes & Enhancements

Leads

• Updated KPI naming for clarity
• Resolved circular import by moving lead-score pre_save handler from models.py to signals.py

Opportunity

• Fixed permissions, team permissions, and team-member-role display in related list & edit form

Activity

• Status filter no longer triggers unintended status updates
• Added shared tab-list col_attrs mixin so task/meeting/call/event rows open detail with referrer and section params for correct breadcrumb navigation
• Prevented spurious Potential Duplicates tab injection by setting self.model on detail tab views
• Fixed Meetings tab click script after delete to return users to the correct tab

Reports

• Fixed report detail rendering when no columns are selected (counts, chart, hide detail table)

Reviews

• Fixed approver field visibility and validation error persistence in ReviewProcessRuleForm
• Suppressed browser focusable errors on hidden fields and prevented HTMX toggle from wiping error messages on re-render

Cadences

• Cadence tab registration moved into each CRM app via register_cadence_tab
• Prevented report page referer from overriding detail back navigation
• Latest runtime activity now surfaces next follow-up type and response in record tabs list view

Duplicates

• Fixed Potential Duplicates tab appearing on unregistered CRM modules

Campaigns

• Default member_type set to lead in add-member form

Dashboard

• Default home chart and table cards now stretch evenly
• Removed responsive height shrink for many charts
• Added table sections for accounts, campaigns, and contacts with section-aware detail URL navigation

Forecast

• Fixed dropdowns covered by sticky table header (z-index)
• Removed forecast auto-recalculation on model save
• Restricted calculator writes to computed fields via update_fields

---

💱 Currency & Core Improvements

Default Currency Cascade

• Optimized default-currency change with bulk exchange-rate fetches and bulk currency/rate updates
• Background CRM amount conversion via signal dispatch

Multi-Currency UI

• Corrected HTMX targets and reload flow after dated rate save
• Inline validation error rendering and value retention in dated conversion rates form
  ...

Horilla CRM v1.9.1 – Permissions Hardening, HTMX Refinement & Calendar Sync Optimization

Release Date: 25 April 2026
Version: 1.9.1
Status: Stability, Permissions Hardening, HTMX Refinement & Calendar Sync Optimization Release

---

Horilla CRM v1.9.1

Horilla CRM v1.9.1 is a stability-focused release that strengthens the platform’s core by improving permission enforcement, HTMX reliability, calendar synchronization, and overall system consistency.

This update refines existing features introduced in v1.9.0 with better access control, safer workflows, improved UI responsiveness, and cleaner backend architecture, ensuring a more robust and production-ready experience.

---

This release focuses on:

🔐 Advanced Permission & Access Control
⚡ HTMX Stability & Interaction Improvements
📅 Google Calendar Sync Optimization
🧩 CRM, Activity & Cadence Fixes
🎨 UI/UX Consistency & Responsiveness
🛠️ Code Quality, Refactoring & Pylint Fixes

---

The result is a more secure, stable, and predictable CRM experience.

---

Highlights

---

🔐 Permissions & Access Control Hardening

This release introduces strict and consistent permission enforcement across all modules.

Enhancements

• Standardized permission_required_or_denied usage across views

• Enforced access control for:

  • Settings
  • Activities
  • Leads & Opportunities
  • Reviews & Reports
  • Import/Export flows

Object-Level Permissions

• Improved handling of:

  • view_own
  • change_own
  • delete_own

• Bulk operations now respect ownership and permission constraints

• Partial operation warnings for restricted selections

UI-Level Restrictions

• Disabled unauthorized actions (edit, delete, stage changes)
• Read-only UI rendering for restricted users
• Proper 403 handling with consistent templates

---

⚡ HTMX Stability & Workflow Improvements

Major improvements to HTMX-driven interactions for smoother UI behavior.

Fixes & Enhancements

• Fixed spinner targeting issues in forms

• Improved HX-Redirect handling

• Added reliable reload triggers using:

  • #reloadButton
  • dynamic session-based targets

Behavior Improvements

• Prevented stale UI updates after operations

• Better handling of:

  • Missing objects
  • Invalid requests
  • Partial reload failures

Developer Improvements

• Introduced dynamic main_session_id for consistent targeting
• Removed redundant htmx_required decorators
• Simplified HTMX integration across templates

---

📅 Google Calendar Integration Enhancements

Improved reliability and performance of Google Calendar sync system.

Sync Optimization

• Introduced throttled worker queue for API rate limiting

• Added retry handling for:

  • Transient 5xx errors

• Graceful handling of stale IDs:

  • Treat 403 as 404 and auto-recover

System Improvements

• Refetch activities before sync to avoid stale data
• Close DB connections before external API calls
• Improved task creation and update reliability

Admin Controls & UX

• Revoke all integrations when disabled at company level
• Added confirmation before toggling integration
• Improved OAuth setup UI and messaging

---

🧩 CRM, Activities & Cadences Fixes

Significant fixes and validations across CRM workflows.

Cadences

• Improved validation for:

  • Follow-up sequences
  • Stage configurations

• Better error handling for invalid cadence references

• Safer delete and lookup flows with user feedback

Activities

• Preserved form defaults across type changes
• Fixed calendar-aware reload issues
• Improved status update workflows

Leads & Opportunities

• Enforced permission checks for:

  • Stage transitions
  • Drag-and-drop reordering

• Disabled restricted actions at UI level

---

🎨 UI/UX Improvements

Improved overall interface consistency and usability.

Enhancements

• Replaced fixed heights with viewport-based layouts

• Improved scroll handling in:

  • User detail panels
  • Branch detail views

Consistency Updates

• Standardized:

  • Error messages
  • Permission-denied views

• Improved table rendering with table_auto option

• Cleaner Tailwind usage and styling consistency

---

🛠️ Code Quality & Refactoring

Major cleanup to improve maintainability and readability.

Pylint Fixes

Resolved warnings across all modules:

• Formatting issues (C0303, C0304, C0305)
• Import cleanup (W0404, C0411, C0412)
• Missing docstrings (C0114, C0115, C0116)

Refactoring

• Removed duplicate decorators and redundant logic
• Improved generic view handling
• Standardized sorting with _resolve_sort_field
• Added support for model-based SORT_FIELD_MAPPING

---

🛠️ Fixes & Stability

Major Fixes

• Fixed HTMX reload inconsistencies
• Fixed calendar sync edge cases
• Fixed permission leaks in multiple modules
• Fixed invalid object handling across views
• Fixed duplicate decorator issues
• Fixed export/import permission validation

Stability Improvements

• Safer queryset handling
• Improved error responses (UI-friendly instead of raw HTTP)
• Better handling of missing/invalid parameters
• Improved reliability in background processes

---

📜 Changelog Summary

v1.9.1 (24 April 2026)

Added

• Throttled worker queue for Google Calendar sync
• Dynamic main_session_id for HTMX targeting
• table_auto option for flexible table layouts
• Model-based sort field mapping support

Improved

• Permission enforcement across all modules
• HTMX workflows and reload handling
• Google Calendar sync reliability
• CRM workflows (Activities, Cadences, Opportunities)
• UI responsiveness and layout behavior
• Code structure and maintainability

Fixed

• HTMX spinner and reload issues
• Calendar sync edge cases and stale data handling
• Permission-related UI and backend bugs
• Cadence validation and follow-up errors
• Duplicate decorators and redundant logic
• Pylint issues across all modules

---

🎯 Impact

Horilla CRM v1.9.1 is a stability and reliability release that strengthens the foundation of the system.

This release:

• Ensures strict and secure permission handling
• Delivers more reliable HTMX-driven UI interactions
• Improves Google Calendar sync performance and resilience
• Fixes critical workflow and validation issues
• Enhances code quality and long-term maintainability

---

Overall

v1.9.1 makes Horilla CRM more secure, stable, and production-ready, ensuring smoother workflows and a more predictable user experience across all modules. 🚀

Horilla CRM v1.9.0: Multi-Column Sorting, Custom Calendar, Cadences & Google Sync Release

Release Date: 17 April 2026
Version: 1.9.0
Status: Advanced Data Control, Workflow Automation, Calendar Integration & UX Enhancement Release

---

Horilla CRM v1.9.0

Horilla CRM v1.9.0 introduces powerful enhancements focused on data organization, scheduling flexibility, and automated follow-up workflows.

This release brings multi-column sorting, a fully customizable calendar system, a brand-new Cadences module, and real-time Google Calendar integration, along with major improvements to HTMX workflows, UI responsiveness, and backend scalability.

---

This release focuses on:

⚙️ Multi-Column Data Sorting & Generics Enhancements
📅 Custom Calendar Management System
🔁 Cadences (Automated Follow-Up Workflows)
🔗 Google Calendar Integration (Real-Time Sync)
⚡ HTMX Performance & Layout Improvements
🎨 UI/UX Refinements & Responsiveness
🛠️ Stability, Validation & System Improvements

---

The result is a more intelligent, automated, and scalable CRM experience.

---

Highlights

---

⚙️ Horilla Generics: Multi-Column Sorting & Framework Improvements

This release introduces advanced multi-column sorting for better data control and usability.

Multi-Column Sorting

• Added support for sorting by multiple fields in sequence
• New sort_keys parameter replaces single-field-only sorting
• Introduced _apply_multi_sorting() for safe queryset ordering

User Interaction

• Shift + Click → add/remove/toggle sort fields
• Normal Click → reset to single-column sorting
• Dynamic sort icons reflect active sorting state

Backend Enhancements

• Handles:

  • mapped fields
  • invalid sort inputs
  • GenericForeignKey edge cases

• Maintains backward compatibility with existing sorting

Framework Improvements

• Introduced get_layout_url() for backend-driven layout resolution
• Simplified HTMX layout switching and query handling
• Standardized filter trigger propagation
• Reduced template complexity and improved maintainability

---

📅 Horilla Calendar: Custom Calendar System

Horilla Calendar is now fully configurable and extensible.

Custom Calendar Features

• Create and manage custom calendars

• Dynamic field support for flexible configurations

• Full CRUD support:

  • Create
  • Update
  • Delete

Event Enhancements

Supports:

• Custom events
• Activity events
• Unavailability tracking

User Preferences

• Save selected calendars
• Customize event colors
• Improved filtering and interaction UX

UI Improvements

• Enhanced FullCalendar rendering
• Better event visibility and responsiveness

---

🔗 Google Calendar Integration (Major Upgrade)

A major addition enabling real-time calendar synchronization.

Key Features

• One-way and two-way sync support
• Webhook-based real-time updates (replaces polling)
• Automatic watch channel lifecycle management
• OAuth-based setup with improved guidance

Admin Controls

• Company-level enable/disable toggle
• Restricted access when integration is disabled (HTTP 403)
• Clear UI labeling as “Google Calendar Sync”

Performance

• Improved task sync and pagination handling
• Faster and more reliable event synchronization

---

🔁 Cadences Module (New)

Introducing Horilla Cadences – a structured system for automated follow-ups.

Core Features

• Supports:

  • Task follow-ups
  • Call follow-ups
  • Email follow-ups

• Dynamic stage-based workflow management

Workflow Enhancements

• Record-level cadence tracking
• Displays next follow-up metadata
• Signal-based runtime activity execution

Email Automation

• Auto-create cadence-linked email drafts
• Requires configured outgoing mail server
• Shows configuration prompts when missing

UI & UX

• Cadence tabs integrated into:

  • Accounts
  • Contacts
  • Leads
  • Opportunities

• Improved board layout and flow visualization

• Ensures minimum visible follow-up columns

---

📊 Cadence Reports & Analytics

New reporting capabilities for better tracking and insights.

Reports Include

• Task reports
• Call reports
• Email reports

Features

• Metrics dashboards
• HTMX-powered list views
• “View Reports” access from cadence detail

---

⚡ HTMX, Layout & Performance Improvements

Enhancements

• Improved HTMX reload handling and validation
• Optimized backend query handling
• Reduced redundant rendering logic

Layout Improvements

• Centralized layout resolution via backend
• Improved responsive widths for activity views
• Better table and detail view rendering

---

🎨 UI/UX Improvements

Updates

• Improved table designs in detail views
• Better responsive layouts across modules
• Enhanced activity module UI
• Improved scrolling behavior in version detail pages
• Standardized icons and static asset handling

---

🌐 Localization & Assets

• Added initial cadence translations across multiple locales
• Introduced cadence SVG icons
• Organized static assets under namespaced modules

---

🛠️ Fixes & Stability

Major Fixes

• Fixed calendar sync issues and task completion handling
• Fixed HTMX validation and reload issues
• Fixed cadence email configuration actions
• Fixed M2M hidden field validation errors
• Fixed UI inconsistencies in activity and layout rendering

Stability Improvements

• Improved error handling in cadence processing
• Safer per-record processing with on_commit
• Enhanced webhook lifecycle reliability
• Better overall system consistency

---

📜 Changelog Summary

v1.9.0 (17 April 2026)

Added

• Multi-column sorting in HorillaListView
• Custom calendar management system
• Google Calendar integration with webhook sync
• Cadences module (tasks, calls, emails)
• Cadence reports (task, call, email analytics)
• Backend-driven layout resolution (get_layout_url)

Improved

• Horilla Generics framework flexibility
• HTMX workflows and validation handling
• Calendar UI, filtering, and rendering
• Cadence UI, workflow, and reporting
• Activity module responsiveness
• Layout and template maintainability

Fixed

• Calendar sync and task handling issues
• HTMX reload and validation bugs
• Cadence email configuration issues
• M2M hidden field validation errors
• UI inconsistencies across modules

---

🎯 Impact

Horilla CRM v1.9.0 is a feature-rich release that significantly enhances automation, scheduling, and data handling.

This release:

• Enables advanced multi-field sorting for better data control
• Introduces automated follow-up workflows with Cadences
• Adds fully customizable calendar management
• Integrates real-time Google Calendar synchronization
• Improves HTMX performance and UI responsiveness
• Strengthens framework scalability and maintainability

---

Overall

v1.9.0 makes Horilla CRM more powerful, automated, and user-centric, helping teams manage workflows, schedules, and data with greater efficiency and control. 🚀

Horilla CRM v1.8.1: UI Standardization, Generic View Fixes, Dashboard Enhancements & Workflow Improvements

Release Date: 10 April 2026
Version: 1.8.1
Status: UI Standardization, Workflow Stability, Dashboard Enhancements & UX Refinement Release

---

Horilla CRM v1.8.1 focuses on stability, usability, UI consistency, and framework-level improvements across the platform.

This release enhances the Horilla Generics framework, improves workflow and duplicate handling, expands dashboard flexibility, and delivers a more polished HTMX user experience.

This release focuses on:

• 🎨 UI Standardization & Template Cleanup
• ⚙️ Horilla Generics Stability Improvements
• 🔄 Workflow & Approval Enhancements
• 🧩 Duplicate Management Improvements
• 📊 Dashboard Flexibility & Performance
• ⚡ HTMX UX & Interaction Refinements
• 🔐 Security Documentation & Stability Fixes

The result is a more stable, responsive, and maintainable CRM experience.

---

Highlights

🎨 UI Standardization & Template Improvements

This release brings major UI consistency updates across Horilla CRM templates.

Template Standardization

Reformatted and standardized templates for:

• Dashboard
• Calendar
• Notifications
• Mail
• Leads
• Forecast
• Opportunities
• Reviews
• Theme
• Duplicates
• Core shared layouts

UI Enhancements

• Standardized modal button alignment and cancel placement
• Improved table layouts for consistency
• Fixed long title/subtitle overflow in detail views
• Improved viewport-based table height handling
• Better branch list layout and session spacing
• Improved recycle bin UX

---

⚙️ Horilla Generics Framework Enhancements

Significant improvements were made to the Horilla Generics framework to improve reliability and maintainability.

Framework Improvements

• Refactored helper methods from get_context_data()
• Added reusable owner permission helper logic
• Avoided redundant queryset execution
• Fixed manual list view initialization issues
• Improved row action dropdown alignment and z-index
• Applied fixed table layout for stable columns

Quick Filter & Form UX Improvements

• Fixed quick filter bar visibility without page reload

• Added HTMX loading spinner to:

  • quick filter save form
  • single form save actions

• Fixed operator/value cross-row updates

• Standardized ORM operator choices

• Added missing operator/value validation

• Improved spinner visibility during HTMX requests

---

🔄 Workflow & Approval Enhancements

Workflow usability and approval handling are now more robust.

Approval Improvements

• Added delete support in approval history list
• Added standard HTMX modal delete flow
• Fixed HTMX JSON escaping issue in delete action
• Improved approval signals cleanup and readability

Inline Edit Workflow Enforcement

• Approval workflows now apply to inline field edits
• Pending/rejected records are protected from invalid edits
• Improved approval redirect behavior after submission

---

🧩 Duplicate Management Improvements

Duplicate handling has been improved for better usability and accuracy.

Enhancements

• Renamed Clone Management → Duplicate Control
• Removed obsolete merge/update components
• Fixed duplicate detail tab injection issue
• Added duplicate validation for inline field edits
• Added warning modal for duplicate conflicts

---

📊 Dashboard & Leads Improvements

Dashboard flexibility and CRM reporting were expanded.

Dashboard Updates

• Extended dashboard generator to support:

  • multiple charts
  • multiple table widgets
  • custom KPI functions

Leads Dashboard

• Added more KPI widgets
• Added improved charts and reporting components

---

⚡ Forecast & Performance Improvements

Forecast and dynamic UI interactions were optimized.

Forecast Improvements

• Improved forecast page loading performance
• Fixed parameter validation and redirects
• Fixed form state persistence after validation errors
• Prevented duplicate condition rows
• Fixed false required field validation on toggles

Performance Improvements

• Reduced redundant backend calls in generic views
• Improved HTMX interaction smoothness
• Improved viewport handling for better table rendering

---

🏢 Core Module Improvements

Core modules received structural cleanup and UX enhancements.

Core Updates

• Moved Holiday model to dedicated holidays.py

• Improved holiday and business hour list management

• Added bulk select support for:

  • holidays
  • business hours

UI Fixes

• Improved:

  • branch list layout
  • partner role list height
  • customer role list height
  • currency table height
  • review process table height

---

🔔 Notifications Improvements

Updates

• Refactored notification template URLs to follow Django naming standards
• Improved notification template maintainability

---

🔐 Security & Documentation

Security Improvements

• Added SECURITY.md with:

  • supported versions
  • reporting channels
  • disclosure policy
  • CRM security overview

---

🛠️ Fixes & Stability

Major Fixes

• Fixed duplicate tab rendering issues
• Fixed quick filter refresh issue
• Fixed generic save form spinner UX
• Fixed themed icon loading issue
• Fixed branch view design break
• Fixed calendar checkbox default colors
• Fixed list row action dropdown UI issues
• Fixed forecast state and validation issues
• Fixed approval delete modal JSON escaping issue

Stability Improvements

• Improved HTMX request handling
• Better list/detail rendering consistency
• Reduced layout breakage across modules

---

📜 Changelog Summary

v1.8.1 (10 April 2026)

Added

• Approval history delete action
• Duplicate check on inline edits
• Dashboard multi-widget support
• Custom KPI support
• SECURITY.md documentation

Improved

• Horilla Generics framework stability
• Quick filter UX
• HTMX loading indicators
• Template consistency across modules
• Dashboard and leads reporting
• Core module table layouts

Fixed

• Quick filter refresh issues
• Duplicate detail tab injection
• Approval delete modal escaping
• Forecast validation and UI state bugs
• Table layout and viewport issues
• Spinner flicker during HTMX requests

---

🎯 Impact

Horilla CRM v1.8.1 delivers a strong stability and usability release focused on improving the day-to-day CRM experience.

This release:

• Improves UI consistency across the platform
• Strengthens Horilla’s generic framework foundation
• Enhances workflow and duplicate handling
• Expands dashboard flexibility and reporting
• Improves HTMX responsiveness and form interactions
• Adds security documentation and system stability

Overall, v1.8.1 makes Horilla CRM more refined, responsive, and production-ready for modern business teams.