Add encryption for user PII fields (phone number, name, attributes) and address fields to enhance data security. Introduced timestamped activation tokens for improved validation. Included migrations to encrypt existing plaintext data.
Refactored GraphQL settings to limit query depth and optionally disable introspection for enhanced API defense. Implemented throttling to safeguard API rates.
Improved Dockerfiles for better user management and restored media migration tools for smooth instance upgrades.
Include SCHON_LANGUAGE_CODE as an environment variable in the `storefront.Dockerfile` and `docker-compose.yml`. This allows for configuring the language code dynamically, improving flexibility for multilingual setups.
Updated environment variable names from `EVIBES` to `SCHON` in the storefront Dockerfile and docker-compose configuration. Aligns with new naming conventions used across the project for clarity and consistency.
Upgrade `multidict` package version to 6.7.1 for compatibility and resolve potential dependency issues. Removed `celery-prometheus-exporter` as it is no longer required.
Fixes: 1) No fixes applied;
Extra: 1) Supervisor service configured with environment variables and custom start script; 2) Uses multi-stage build for optimized runtime; 3) Sets up non-root user for security; 4) Exposes port 7777; 5) Depends on app service; 6) Uses default logging config.
1) Add new `test_graphene` test module for expanded testing coverage;
2) Introduce `test_drf` module in `engine/blog` for improved API testing;
Fixes:
1) Remove unnecessary `--extra testing` flag from Dockerfile to streamline dependencies;
2) Update `uv.lock` with newer versions of dependencies (`certifi`, `coverage`, `django-constance`) for enhanced security and functionality;
Extra:
1) Remove deprecated packages (`bandit`, `cfgv`, `distlib`) from `uv.lock` for cleanup;
2) Adjust `uv.lock` content and formatting to be consistent with updated dependencies.
Fixes: 1) Corrected `docker-compose.yml` to reference renamed Dockerfiles for `app`, `worker`, `stock_updater`, and `beat`;
Extra: 1) Renamed Dockerfiles to align with consistent naming convention.
Fixes: 1) Ensure `NODE_ENV` is consistently removed from Dockerfile and docker-compose.
Extra: 1) Simplify `NODE_ENV` handling in docker-compose configuration.
Fixes: 1) Update dependencies in `package-lock.json` with the latest versions to address compatibility issues;
Extra: 1) Remove unused dependencies and redundant package references from `package-lock.json` for optimization; 2) Improve scripts and permission setups in Dockerfile for clarity and security.
Fixes: 1) Update Celery worker configuration in `worker-entrypoint.sh` to optimize worker pool and task limits;
Extra: Refactor `docker-compose.yml` and scripts for improved service management.
