Merge pull request #96 from maykinmedia/prepare-42

Prepare update to Django 4.2

.github/workflows/ci.yml

@@ -19,7 +19,7 @@ jobs:
 
     services:
       postgres:
-        image: postgres:10
+        image: postgres:12
         env:
           POSTGRES_HOST_AUTH_METHOD: trust
         ports:
@@ -28,11 +28,11 @@ jobs:
         options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
         with:
           python-version: '3.10'
-      - uses: actions/setup-node@v2-beta
+      - uses: actions/setup-node@v4
         with:
           node-version: '18'
 
@@ -61,7 +61,7 @@ jobs:
           DB_PASSWORD: ''
 
       - name: Publish coverage report
-        uses: codecov/codecov-action@v1
+        uses: codecov/codecov-action@v4
 
   docker:
     needs: tests
@@ -70,7 +70,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Set tag
         id: vars

.github/workflows/code-quality.yml

@@ -8,11 +8,11 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
         with:
           python-version: '3.10'
-      - uses: isort/isort-action@v0.1.0
+      - uses: isort/isort-action@v1
         with:
           requirementsFiles: requirements/dev.txt
           sortPaths: "src"
@@ -23,8 +23,8 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
         with:
           python-version: '3.10'
       - name: Install dependencies

.github/workflows/generate-postman-collection.yml

@@ -19,9 +19,9 @@ jobs:
     name: Run with version ${{ matrix.version }}
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Use Node.js
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@v4
         with:
           node-version: '18'
       - name: Install dependencies

.github/workflows/generate-sdks.yml

@@ -19,9 +19,9 @@ jobs:
     name: Run with version ${{ matrix.version }}
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Use Node.js
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@v4
         with:
           node-version: '18'
       - name: Install dependencies

.github/workflows/lint-oas.yml

@@ -19,9 +19,9 @@ jobs:
     name: Run with version ${{ matrix.version }}
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Use Node.js
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@v4
         with:
           node-version: '18'
       - name: Install spectral

CHANGELOG.rst

@@ -2,6 +2,18 @@
 Change history
 ==============
 
+2.2.0 (WIP)
+-----------
+
+**Bugfixes and QOL**
+
+* updated to Django 4.2 (objects-api#385)
+
+.. warning::
+
+   Two-factor authentication is enabled by default. The ``DISABLE_2FA`` environment variable
+   can be used to disable it if needed.
+
 2.1.2 (2024-02-06)
 ------------------
 
@@ -10,7 +22,6 @@ Change history
 * added ``USE_X_FORWARDED_HOST`` environment variable (#353)
 * added email environment variables (#366)
 
-
 2.1.1 (2024-02-06)
 ------------------
 

INSTALL.rst

@@ -20,7 +20,7 @@ You need the following libraries and/or programs:
 
 * `Python`_ 3.10 or above
 * Python `Virtualenv`_ and `Pip`_
-* `PostgreSQL`_ 10 or above
+* `PostgreSQL`_ 12 or above
 * `Node.js`_
 * `npm`_
 

requirements/base.in

@@ -7,17 +7,13 @@ python-decouple  # processing of envvar configs
 jsonschema
 
 # Framework libraries
-django
+django~=4.2
 django-admin-index
 django-axes
-django-choices
-django-hijack
 django-jsonsuit
 django-redis
 django-rosetta
-django-sniplates
-maykin-django-two-factor-auth
-maykin-django-two-factor-auth[phonenumbers]
+maykin-2fa
 mozilla-django-oidc-db
 sharing-configs
 

requirements/base.txt

@@ -8,6 +8,8 @@ amqp==5.1.1
     # via kombu
 asgiref==3.6.0
     # via django
+asn1crypto==1.5.1
+    # via webauthn
 async-timeout==4.0.2
     # via redis
 attrs==23.1.0
@@ -20,6 +22,8 @@ boltons==23.0.0
     # via
     #   face
     #   glom
+cbor2==5.6.1
+    # via webauthn
 celery==5.2.7
     # via notifications-api-common
 certifi==2023.5.7
@@ -44,30 +48,27 @@ click-plugins==1.1.1
     # via celery
 click-repl==0.2.0
     # via celery
-commonground-api-common==1.10.2
+commonground-api-common==1.13.0
     # via -r requirements/base.in
 coreapi==2.3.3
-    # via drf-yasg
+    # via commonground-api-common
 coreschema==0.0.4
-    # via
-    #   coreapi
-    #   drf-yasg
-cryptography==40.0.2
+    # via coreapi
+cryptography==42.0.2
     # via
     #   django-simple-certmanager
     #   josepy
     #   mozilla-django-oidc
     #   pyopenssl
-django==3.2.20
+    #   webauthn
+django==4.2.11
     # via
     #   -r requirements/base.in
     #   commonground-api-common
     #   django-admin-index
     #   django-axes
-    #   django-choices
     #   django-filter
     #   django-formtools
-    #   django-hijack
     #   django-jsonform
     #   django-jsonsuit
     #   django-otp
@@ -77,14 +78,15 @@ django==3.2.20
     #   django-relativedelta
     #   django-rest-framework-condition
     #   django-rosetta
+    #   django-sendfile2
     #   django-simple-certmanager
-    #   django-sniplates
     #   django-solo
+    #   django-two-factor-auth
     #   djangorestframework
     #   drf-nested-routers
     #   drf-spectacular
     #   drf-yasg
-    #   maykin-django-two-factor-auth
+    #   maykin-2fa
     #   mozilla-django-oidc
     #   mozilla-django-oidc-db
     #   notifications-api-common
@@ -94,18 +96,12 @@ django-admin-index==3.0.0
     # via -r requirements/base.in
 django-axes==5.41.1
     # via -r requirements/base.in
-django-choices==1.7.2
-    # via
-    #   -r requirements/base.in
-    #   commonground-api-common
 django-filter==23.2
     # via
     #   -r requirements/base.in
     #   commonground-api-common
 django-formtools==2.4.1
-    # via maykin-django-two-factor-auth
-django-hijack==3.3.0
-    # via -r requirements/base.in
+    # via django-two-factor-auth
 django-ipware==6.0.3
     # via django-axes
 django-jsonform==2.21.5
@@ -115,9 +111,9 @@ django-jsonsuit==0.5.0
 django-ordered-model==3.7.4
     # via django-admin-index
 django-otp==1.2.0
-    # via maykin-django-two-factor-auth
+    # via django-two-factor-auth
 django-phonenumber-field==5.2.0
-    # via maykin-django-two-factor-auth
+    # via django-two-factor-auth
 django-privates==2.0.0.post0
     # via django-simple-certmanager
 django-redis==5.2.0
@@ -132,16 +128,16 @@ django-sendfile2==0.7.0
     # via django-privates
 django-simple-certmanager==1.3.0
     # via zgw-consumers
-django-sniplates==0.7.1
-    # via -r requirements/base.in
 django-solo==2.0.0
     # via
     #   commonground-api-common
     #   mozilla-django-oidc-db
     #   notifications-api-common
     #   sharing-configs
     #   zgw-consumers
-djangorestframework==3.12.4
+django-two-factor-auth[phonenumberslite,webauthn]==1.16.0
+    # via maykin-2fa
+djangorestframework==3.14.0
     # via
     #   -r requirements/base.in
     #   commonground-api-common
@@ -157,9 +153,9 @@ drf-nested-routers==0.93.4
     # via
     #   -r requirements/base.in
     #   commonground-api-common
-drf-spectacular==0.16.0
+drf-spectacular==0.26.5
     # via -r requirements/base.in
-drf-yasg==1.21.5
+drf-yasg==1.21.7
     # via commonground-api-common
 elastic-apm==6.15.1
     # via -r requirements/base.in
@@ -194,11 +190,11 @@ jsonschema==4.17.3
     # via
     #   -r requirements/base.in
     #   drf-spectacular
-kombu==5.2.4
+kombu==5.3.5
     # via celery
 markupsafe==2.1.2
     # via jinja2
-maykin-django-two-factor-auth[phonenumbers]==2.0.4
+maykin-2fa==1.0.0
     # via -r requirements/base.in
 mozilla-django-oidc==4.0.0
     # via mozilla-django-oidc-db
@@ -210,8 +206,8 @@ oyaml==1.0
     # via commonground-api-common
 packaging==23.1
     # via drf-yasg
-phonenumbers==8.13.11
-    # via maykin-django-two-factor-auth
+phonenumberslite==8.13.30
+    # via django-two-factor-auth
 pillow==9.5.0
     # via -r requirements/base.in
 polib==1.2.0
@@ -226,10 +222,11 @@ pyjwt==2.7.0
     # via
     #   commonground-api-common
     #   gemma-zds-client
-pyopenssl==23.1.1
+pyopenssl==24.0.0
     # via
     #   django-simple-certmanager
     #   josepy
+    #   webauthn
     #   zgw-consumers
 pyrsistent==0.19.3
     # via jsonschema
@@ -247,16 +244,16 @@ pytz==2023.3
     # via
     #   -r requirements/base.in
     #   celery
-    #   django
+    #   djangorestframework
     #   drf-yasg
 pyyaml==6.0
     # via
-    #   commonground-api-common
     #   drf-spectacular
+    #   drf-yasg
     #   gemma-zds-client
     #   oyaml
 qrcode==6.1
-    # via maykin-django-two-factor-auth
+    # via django-two-factor-auth
 redis==4.5.5
     # via django-redis
 requests==2.31.0
@@ -271,18 +268,13 @@ requests==2.31.0
     #   zgw-consumers
 requests-mock==1.10.0
     # via zgw-consumers
-ruamel-yaml==0.17.26
-    # via drf-yasg
-ruamel-yaml-clib==0.2.7
-    # via ruamel-yaml
 sentry-sdk==1.23.1
     # via -r requirements/base.in
 sharing-configs==0.1.2
     # via -r requirements/base.in
 six==1.16.0
     # via
     #   click-repl
-    #   django-choices
     #   isodate
     #   python-dateutil
     #   qrcode
@@ -308,6 +300,8 @@ vine==5.0.0
     #   kombu
 wcwidth==0.2.6
     # via prompt-toolkit
+webauthn==2.0.0
+    # via django-two-factor-auth
 wrapt==1.15.0
     # via elastic-apm
 zgw-consumers==0.26.1