This repository has been archived by the owner on Nov 4, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 253
chore: django security patch 3.2.20 upgrade #3999
Merged
grmartin
merged 3 commits into
openedx-unsupported:master
from
UsamaSadiq:django-security-patch-upgrade
Jul 7, 2023
Merged
chore: django security patch 3.2.20 upgrade #3999
grmartin
merged 3 commits into
openedx-unsupported:master
from
UsamaSadiq:django-security-patch-upgrade
Jul 7, 2023
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
salman2013
approved these changes
Jul 5, 2023
grmartin
approved these changes
Jul 7, 2023
mobeenali12
pushed a commit
that referenced
this pull request
Jul 25, 2023
grmartin
added a commit
that referenced
this pull request
Aug 29, 2023
* build: Creating a missing workflow file `self-assign-issue.yml`. The .github/workflows/self-assign-issue.yml workflow is missing or needs an update to stay in sync with the current standard for this workflow as defined in the `.github` repo of the `openedx` GitHub org. * build: Creating a missing workflow file `add-remove-label-on-comment.yml`. The .github/workflows/add-remove-label-on-comment.yml workflow is missing or needs an update to stay in sync with the current standard for this workflow as defined in the `.github` repo of the `openedx` GitHub org. * build: Updating a missing workflow file `add-depr-ticket-to-depr-board.yml`. The .github/workflows/add-depr-ticket-to-depr-board.yml workflow is missing or needs an update to stay in sync with the current standard for this workflow as defined in the `.github` repo of the `openedx` GitHub org. * docs: Remove repo specific CONTRIBUTING.rst We now have a org wide CONTRIBUTING.md that points to our correct general contributing guidelines. We don't need repo specific ones that forward to other contributing docs. * fix: account for refunds in exec ed 2u redemption flow (#3920) * chore: add logging to include fulfillment details upon GEAG allocation exception * chore: quality * fix: Pick the right purchase from ios response (#3921) * fix: Pick the right purchase from ios response iOS response contain multiple purchases, instead of picking the first purchase, pick the one which have given product id and latest date. LEARNER-9261 * feat: Added Android refund api (#3922) * feat: Added Android refund api Like Apple android doesn't have callback for every refund. Therefore we have created an endpoint which we will hit daily through ecommerce worker. Learner-9149 * feat: Error if products in basket are already purchased (#3929) * feat: Error if products in basket are already purchased * refactor: Add tests, Improve error message * refactor: Update docstring * test: Increase coverage * chore: add logging to debug ent-6954 (#3931) * fix: Fix error in checkout api for mobile (#3934) * fix: Fix error in checkout api for mobile * fix: Return error in case of duplicate transaction_id for mobile (#3936) * fix: Return error in case of duplicate transactionID for mobile * refactor: Review feedback, add documentation * feat: Added course and expires field in product form on ecommerce dashboard (#3938) Forked catalogue app from oscar and added course and expire field in ProductForm. This change will enable to add Android sku from a same dashboard page. * fix: reorder JWT decoders (#3941) Reordered the JWT decoders to first use the standard library version, and then use the custom ecommerce decoder which uses multiple issuers. In this way, we can see if any JWTs cannot be decoded by that standard library version, and when and if we are ready to retire the custom JWT decoding code. See DEPR openedx/public-engineering#83 * fix: cached monitoring (#3942) Monitoring features such as use of the increment method, to increment a custom attribute, requires the CachedCustomMonitoringMiddleware. This has been added so the earlier calls to increment will function. * feat: add discount_jwt monitoring (#3944) Add monitoring for the discount JWT. * feat: Added data_share_consent field to order fullfillment notes (#3939) Co-authored-by: IrfanUddinAhmad <irfanahmad@arbisoft.com> * chore: Switch from edx-sphinx-theme to sphinx-book-theme The edx-sphinx theme is being deprecated, and replaced with sphinx-book-theme. This removes references to the deprecated theme and replaces them with the new standard theme for the platform. * test: Add tests for Mobile IAP (#3937) * test: Add tests for mobile In-app purchases This reverts commit 54ea975. * fix: fix codecov error Codecov PyPI package was removed on 12 April and the recommended step is to migrate to codecov Github Action instead. * fix: add an exec ex 2u max application check to the checkout flow. ENT-7059 Also removes codecov from ci.yml workflow. * feat: add product entitlement info api (#3945) * fix: Updated format for data_share_consent field * docs: Update the contributing guidelines link. We're moving towards a single set of guidelines org-wide. * feat!: remove custom JWT decoding (#3943) * feat!: remove custom JWT decoding Removes the ecommerce custom JWT decoding, and replaces with the simple decoding from the edx-drf-extensions library. * fix: drop constraints and make upgrade * fix: handle major upgrade of django-crispy-forms The major upgrade of django-crispy-forms called for some changes related to bootstrap3 and dependencies. See https://github.com/django-crispy-forms/django-crispy-forms/blob/main/CHANGELOG.md#major-changes-and-migration-guide * fix: code coverage reporting Codecov no longer exists on PyPI, so switch to github action to run coverage report. --------- Co-authored-by: Muhammad Zubair <syedzubairtahir12@gmail.com> * fix: Course to have multiple seats with certificate_type attribute (#3950) * fix: Course to have multiple seats with certificate_type attribute * refactor: Modify SKU generation hash, add tests * test: Modify tests * temp: update JWT_DECODE_HANDER in devstack.py Jenkins job for building devstack images is temporarily broken. This should fix the devstack settings until this configuration change lands in an updated image: openedx-unsupported/configuration#6921 * feat: add native Dockerfile to create ansible free image * feat: add additional fields to EnterpriseLearnerOfferApiSerializer (#3963) * refactor: add logging to mobile IAP (#3962) * refactor: Improve exception handling for mobile IAP (#3969) * refactor: Improve exception handling for mobile IAP * refactor: pylint fixes * feat: Fix capture_context error on Payment MFE (#3965) * feat: Fix capture_context error on Payment MFE * feat: removed whitespace * feat: removed whitespace * feat: modified test case * feat: modified test case --------- Co-authored-by: Muhammad Zubair <syedzubairtahir12@gmail.com> * feat: Add enterprise_customer_name in the event metadata for offer usage braze emails. (#3972) * feat: Embargo check for subscription Programs (#3960) * fix: Enable TrackingMiddleware for Mobile IAP basket (#3977) * chore: updated Python requirements (edx-ecommerce-worker to version 3.3.3) (#3968) Co-authored-by: Muhammad Zubair <syedzubairtahir12@gmail.com> * fix: schedule upgrade-python-requirements monthly * fix: add edx-revenue-tasks to user_reviewers & remove team_reviewers Will create a Jira ticket instead of tagging all the members of @openedx/revenue-squad. * feat: add sf line item field to enterprise offers ENT-7013 * feat: Added ios refund callback (#3967) * feat: add SDN endpoints (#3985) * feat: add endpoint to run SDN check and return counts * feat: add SDNCheckFailure REST APi * fix: fix 500 on SDN for subscriptions (#3989) * fix: fix 500 on SDN for subscriptions * fix: pytest-selenium, pytest-variables, pyjwkest dependency issues (#3987) * feat: add coupon sf opp line item attribute * feat: Store price and currency for Mobile IAP (#3992) * feat: Store price and currency for mobile IAP * fix: return 200 on embargo failure to prevent downstream error (#3993) * feat: Make mobile IAP execute/ API atomic (#3995) * chore: added CODEOWNERS file (#3970) * refactor: Add logging to mobile IAP checkout/ API (#4000) * chore: django security patch 3.2.20 upgrade (#3999) * feat: Updates opportunity line item regex and tests (#3996) * feat: unenroll refunded android users daily (#4015) * feat: unenroll refunded android users daily Django management command to un-enroll refunded android users. This command will be run by Jenkins job daily. * feat: mail mobile team for a mobile course change in publisher (#4014) * feat: mail mobile team for a mobile course change in publisher This will fix any unknown change from publisher to a course having mobile seats. After this fix mobile team will see mail and adjust price of the course on playstore or appstore. In the longer run we want to replace this solution by changing the course price directly using mobile platform apis. LEARNER-9377 * fix: fixed coverage issue --------- Co-authored-by: Feanil Patel <feanil@tcril.org> Co-authored-by: Adam Stankiewicz <agstanki@gmail.com> Co-authored-by: jawad khan <jawadkhan444@gmail.com> Co-authored-by: Moeez Zahid <moeezzahid1996@gmail.com> Co-authored-by: Robert Raposa <rraposa@edx.org> Co-authored-by: irfanuddinahmad <34648393+irfanuddinahmad@users.noreply.github.com> Co-authored-by: IrfanUddinAhmad <irfanahmad@arbisoft.com> Co-authored-by: Kshitij Sobti <kshitij@sobti.in> Co-authored-by: Mohammad Ahtasham ul Hassan <60315450+aht007@users.noreply.github.com> Co-authored-by: Alex Dusenbery <adusenbery@edx.org> Co-authored-by: Muhammad Zubair <syedzubairtahir12@gmail.com> Co-authored-by: Soban Javed <iamsobanjaved@gmail.com> Co-authored-by: Jade Olivier <jadeolivier95@gmail.com> Co-authored-by: Saleem Latif <saleem-latif@users.noreply.github.com> Co-authored-by: Shahroz Ahmad <97090106+ishahroz@users.noreply.github.com> Co-authored-by: Phillip Shiu <pshiu@users.noreply.github.com> Co-authored-by: Phillip Shiu <pshiu@edx.org> Co-authored-by: Hamzah Ullah <hamzahullah@yahoo.com> Co-authored-by: jawad khan <jawad.khan@arbisoft.com> Co-authored-by: Chris Pappas <christopappas@users.noreply.github.com> Co-authored-by: Usama Sadiq <usama7274@gmail.com>
christopappas
pushed a commit
that referenced
this pull request
Dec 4, 2023
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR created by
arbi-bom
team under issue openedx/public-engineering#202.