bostame/workdock-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

snapshot: preserve dependency warning cleanup

Browse Source
This commit is contained in:
Md Bayazid Bostame
2026-03-24 14:03:44 +01:00
parent 8aaa408a95
commit f728f7134f
4 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -57,6 +57,7 @@ Notes:
- live introduction protocol PDF
- Remaining bilingual gap is mostly long-form handbook/wiki copy and a few secondary admin/help texts.
- CI now validates that translation catalogs compile successfully on push and pull request.
- Dependency stability hardening pins `chardet==5.2.0` so `requests` runs without compatibility warnings in the Docker stack.
## Current implemented scope
- Onboarding form with labels mapped from your CSV schema.

1
backend/requirements.txt
View File

@@ -4,6 +4,7 @@ redis==5.2.1
psycopg2-binary==2.9.10
python-dotenv==1.0.1
reportlab==4.2.5
chardet==5.2.0
requests==2.32.3
pypdf==5.1.0
jinja2==3.1.4

2
backend/workflows/templates/workflows/developer_handbook.html
View File

@@ -201,6 +201,7 @@ docker compose exec -T web python manage.py run_staging_e2e_check</code></pre>
<li>Run <code>manage.py check</code></li>
<li>Run tests or targeted verification</li>
<li>Run translation compile step</li>
<li>Rebuild containers if Python dependencies changed, then verify <code>python -c "import requests"</code> does not emit a compatibility warning</li>
<li>Generate at least one onboarding/offboarding PDF if PDF templates changed</li>
<li>Verify MailHog or SMTP path if email behavior changed</li>
<li>Verify Nextcloud upload if integration behavior changed</li>
@@ -216,6 +217,7 @@ docker compose exec -T web python manage.py run_staging_e2e_check</code></pre>
<li><strong>Language switch not visible:</strong> verify translation catalog compiled and restart web</li>
<li><strong>Mail not visible:</strong> check MailHog on port <code>8025</code> and test/production mode toggle</li>
<li><strong>Nextcloud sync unclear:</strong> verify config in Integrations page and inspect service logs</li>
<li><strong>Requests dependency warning appears:</strong> verify <code>chardet==5.2.0</code> is installed in the rebuilt image and restart <code>web</code>/<code>worker</code></li>
</ul>
<h2 id="security">14) Security and Maintenance Notes</h2>

1
backend/workflows/templates/workflows/project_wiki.html
View File

@@ -236,6 +236,7 @@
<li><strong>Nextcloud reliability:</strong> retry/backoff on upload errors, bounded timeouts, and graceful failure return instead of crashing flow.</li>
<li><strong>Filename safety:</strong> PDF filenames are sanitized to safe filesystem characters.</li>
<li><strong>Least privilege runtime:</strong> web and worker containers run as non-root <code>app</code> user.</li>
<li><strong>Dependency stability:</strong> the Docker image pins <code>chardet==5.2.0</code> so <code>requests</code> runs without compatibility warnings alongside ReportLab.</li>
</ul>
<div class="note">
Recommended for production: set secure cookies, explicit allowed hosts, CSRF trusted origins, and a strong secret key via environment variables.