Skip to content

[DO NOT MERGE]: unstable to hotfixes, Q1 major release #5750

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
marcellamaki wants to merge 617 commits into
base: hotfixes
Choose a base branch
from
+36,489 −17,166
Draft

[DO NOT MERGE]: unstable to hotfixes, Q1 major release #5750

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
617 commits
Select commit Hold shift + click to select a range
d9f08c3
Hide share button in TreeViewBase if user does not have permissions t…
taoerman Nov 12, 2025
8ce7058
Handle deletion of a Channel with a related Community Library Submiss…
taoerman Nov 17, 2025
d9586a6
Merge pull request #5545 from learningequality/dependabot/pip/sentry-…
bjester Nov 17, 2025
1439c02
chore(deps): bump redis from 6.4.0 to 7.0.1
dependabot[bot] Nov 17, 2025
843b791
Merge pull request #5512 from learningequality/dependabot/pip/redis-7…
bjester Nov 17, 2025
62171e4
chore(deps-dev): bump eslint-plugin-jest from 28.14.0 to 29.1.0
dependabot[bot] Nov 19, 2025
c700935
chore(deps): bump sentry-sdk from 2.44.0 to 2.45.0
dependabot[bot] Nov 19, 2025
4acb023
chore(deps): bump mathlive from 0.105.3 to 0.108.2
dependabot[bot] Nov 19, 2025
79ab0d3
chore(deps-dev): bump pip-tools from 7.5.1 to 7.5.2
dependabot[bot] Nov 19, 2025
4180024
[Remove Vuetify from Studio] Send e-mail dialog
Prashant-thakur77 Nov 19, 2025
a1d4c0f
Show resubmit channel to community library CTA after channel publish …
taoerman Nov 20, 2025
72db464
UI improvements for collections pages link
LightCreator1007 Nov 24, 2025
fae142f
[Remove Vuetify from Studio] Channel not found error page
vtushar06 Nov 24, 2025
a97066d
Merge pull request #5560 from learningequality/dependabot/pip/sentry-…
rtibbles Nov 25, 2025
d0f018a
Merge pull request #5558 from learningequality/dependabot/npm_and_yar…
rtibbles Nov 25, 2025
bd94413
Merge pull request #5562 from learningequality/dependabot/pip/pip-too…
rtibbles Nov 25, 2025
e2ecb2f
Create license audit task and special permissions model (#5538)
taoerman Nov 25, 2025
73148b6
chore(deps): bump actions/checkout from 5 to 6 in the github group
dependabot[bot] Nov 26, 2025
4b50d30
chore(deps): bump core-js from 3.44.0 to 3.47.0
dependabot[bot] Nov 26, 2025
5250ec6
chore(deps-dev): bump pre-commit from 4.4.0 to 4.5.0
dependabot[bot] Nov 26, 2025
e5b9ce5
chore(deps): bump redis from 7.0.1 to 7.1.0
dependabot[bot] Nov 26, 2025
a59dd08
chore(deps): bump sentry-sdk from 2.45.0 to 2.46.0
dependabot[bot] Nov 26, 2025
d5468a9
Merge pull request #5570 from learningequality/dependabot/github_acti…
rtibbles Nov 26, 2025
e447340
Merge pull request #5571 from learningequality/dependabot/npm_and_yar…
rtibbles Nov 26, 2025
cf8c2f3
Merge pull request #5572 from learningequality/dependabot/pip/pre-com…
rtibbles Nov 26, 2025
ab1e8e0
Merge pull request #5573 from learningequality/dependabot/pip/redis-7…
rtibbles Nov 26, 2025
6277ec6
Merge pull request #5574 from learningequality/dependabot/pip/sentry-…
rtibbles Nov 26, 2025
5ad3c00
chore(deps-dev): bump pytest from 8.4.2 to 9.0.1
dependabot[bot] Nov 26, 2025
7ce4b4c
[Remove Vuetify from Studio] Channel details in Channels - page layout
vtushar06 Nov 26, 2025
78f03fc
Fixes file uploader showing invalid file modal just one time (#5537)
kart-u Nov 30, 2025
da5fb15
Community Library Notifications Filtering (#5566)
taoerman Dec 1, 2025
38a87a4
chore(deps): bump workbox-core from 7.3.0 to 7.4.0
dependabot[bot] Dec 3, 2025
7ca5338
chore(deps): bump langcodes from 3.5.0 to 3.5.1
dependabot[bot] Dec 3, 2025
47b5fd7
Issue 5449 show license audit and special permissions checks (#5563)
taoerman Dec 3, 2025
be41d75
Merge pull request #5586 from learningequality/dependabot/pip/langcod…
rtibbles Dec 3, 2025
b106569
chore(deps): bump pydantic from 2.12.4 to 2.12.5
dependabot[bot] Dec 3, 2025
6dbfda7
Merge pull request #5585 from learningequality/dependabot/npm_and_yar…
rtibbles Dec 3, 2025
d9c253c
Remove pytest-subtests now that it's included in the main pytest release
rtibbles Dec 4, 2025
8875fe1
Merge pull request #5559 from learningequality/dependabot/pip/pytest-…
rtibbles Dec 4, 2025
4bc6ba3
Merge pull request #5588 from learningequality/dependabot/pip/pydanti…
rtibbles Dec 4, 2025
a4704aa
chore(deps): bump celery from 5.5.3 to 5.6.0
dependabot[bot] Dec 4, 2025
87beccb
Update dev requirements in line with updates in prod requirements.
rtibbles Dec 4, 2025
0c49081
Merge pull request #5587 from learningequality/dependabot/pip/celery-…
rtibbles Dec 4, 2025
9b42068
Merge pull request #5591 from learningequality/hotfixes
marcellamaki Dec 4, 2025
26f117a
Upgrade workflows to .github#35
google-labs-jules[bot] Dec 4, 2025
409a8a6
improve HTML paste handling with sanitization
AllanOXDi Dec 4, 2025
aa3e54d
fix failing test by removing HTML sanitization from markdown preproc…
AllanOXDi Dec 4, 2025
c9e3e4a
Merge pull request #5594 from MisRob/automations
MisRob Dec 5, 2025
8504d85
remove redundant handlePasteNoFormat calls in paste handler
AllanOXDi Dec 5, 2025
5be7cf8
[Remove Vuetify from Studio] Convert Sign In page unit tests to Vue T…
vtushar06 Dec 8, 2025
b317051
chore(deps-dev): bump pytest from 9.0.1 to 9.0.2
dependabot[bot] Dec 10, 2025
ed64e9e
chore(deps): bump sentry-sdk from 2.46.0 to 2.47.0
dependabot[bot] Dec 10, 2025
e19fedb
remove perseus from storage calculations
ozer550 Dec 11, 2025
4d59683
Update KDS to 5.5.0
MisRob Dec 11, 2025
c978f65
Merge pull request #5602 from MisRob/upgrade-kds-550
MisRob Dec 11, 2025
b6c02dc
Merge pull request #5599 from learningequality/dependabot/pip/pytest-…
rtibbles Dec 11, 2025
66cc53c
Merge pull request #5600 from learningequality/dependabot/pip/sentry-…
rtibbles Dec 11, 2025
bd3a55b
chore(deps): bump filelock from 3.16.1 to 3.20.1
dependabot[bot] Dec 16, 2025
246ac1d
chore(deps): bump actions/cache from 4 to 5 in the github group
dependabot[bot] Dec 17, 2025
7c491ad
chore(deps): bump the tiptap group with 7 updates
dependabot[bot] Dec 17, 2025
9bd0eeb
chore(deps): bump sentry-sdk from 2.47.0 to 2.48.0
dependabot[bot] Dec 17, 2025
1870526
chore(deps): bump google-crc32c from 1.7.1 to 1.8.0
dependabot[bot] Dec 17, 2025
d32d910
Merge pull request #5415 from learningequality/dependabot/npm_and_yar…
rtibbles Dec 17, 2025
86b7487
Merge pull request #5606 from learningequality/dependabot/github_acti…
rtibbles Dec 17, 2025
0eb6de6
Merge pull request #5605 from learningequality/dependabot/pip/fileloc…
rtibbles Dec 17, 2025
1dc6482
Merge pull request #5607 from learningequality/dependabot/pip/sentry-…
rtibbles Dec 17, 2025
21f32ec
chore(deps-dev): bump pre-commit from 4.5.0 to 4.5.1
dependabot[bot] Dec 17, 2025
6654e7f
Merge pull request #5608 from learningequality/dependabot/pip/google-…
rtibbles Dec 17, 2025
edf8769
Merge pull request #5609 from learningequality/dependabot/pip/pre-com…
rtibbles Dec 17, 2025
2f2ce9a
chore: update dependabot to monthly schedule with 7-day cooldown
claude Dec 17, 2025
e23f1f0
Merge pull request #5613 from learningequality/claude/update-dependab…
rtibbles Dec 18, 2025
f6564c2
[Remove Vuetify from Studio] Channel collections table
Prashant-thakur77 Dec 18, 2025
e13109c
Fix language dropdown not being displayed correctly
AlexVelezLl Dec 18, 2025
f5dfe6c
Add unit tests
AlexVelezLl Dec 18, 2025
8ebea0b
Add setImmediate that magically makes tests work even though it shoul…
bjester Dec 18, 2025
0b55c35
Merge pull request #5546 from learningequality/dependabot/npm_and_yar…
bjester Dec 18, 2025
1e372fe
Refactor PublishSidePanel
AlexVelezLl Dec 18, 2025
a548354
Merge pull request #5603 from AlexVelezLl/fix-no-language-select
AlexVelezLl Dec 19, 2025
eaba504
optimise query by shuffling cte order
ozer550 Dec 19, 2025
eee1576
[Remove Vuetify from Studio] Side panel (container only) in Content L…
Prashant-thakur77 Dec 19, 2025
fdd5a84
Create ChannelVersion model with token support (#5589)
taoerman Dec 19, 2025
5530d16
Merge pull request #5595 from AllanOXDi/fixformarting
AllanOXDi Dec 29, 2025
3c58c29
chore(deps-dev): bump nodeenv from 1.9.1 to 1.10.0
dependabot[bot] Jan 1, 2026
d509c37
fix failing tests
ozer550 Jan 1, 2026
218f8d7
reuse user_files_cte in staging_files logic
ozer550 Jan 1, 2026
4e8b3a0
implement reviewd comments
ozer550 Jan 8, 2026
addf9f5
Remove call-holiday-message github action post-holiday
LianaHarris360 Jan 8, 2026
637a344
Merge pull request #5625 from LianaHarris360/remove-holiday-message-w…
rtibbles Jan 8, 2026
5008c1e
Review submission side panel
Jakoma02 Jan 8, 2026
ea3f6c9
Merge pull request #5615 from learningequality/hotfixes
bjester Jan 13, 2026
b2f8755
chore(deps): bump virtualenv from 20.26.6 to 20.36.1
dependabot[bot] Jan 13, 2026
11fa0af
chore(deps): bump filelock from 3.20.1 to 3.20.3
dependabot[bot] Jan 13, 2026
2eab0a7
Update lodash imports to avoid unnecessary bundling.
rtibbles Jan 13, 2026
c553c57
Merge pull request #5641 from rtibbles/lodash_loproblems
bjester Jan 13, 2026
ad4d81e
Merge pull request #5601 from ozer550/fix-perseus-storage-calculation
bjester Jan 16, 2026
97e8172
[Remove Vuetify from Studio] Add / remove admin privileges dialogs
rishabhjain1712 Jan 19, 2026
02bb158
Use channelVersion objects instead of special permission ids (#5622)
taoerman Jan 19, 2026
d8f7904
Convert Content Library unit tests to Vue Testing Library
vtushar06 Jan 21, 2026
83dbd8c
Fix prop type check on 'New collection' page
Prashant-thakur77 Jan 21, 2026
a639c35
chore(deps): bump wheel from 0.38.1 to 0.46.2
dependabot[bot] Jan 22, 2026
0e6df46
[Remove Vuetify from Studio] Informative pages in Accounts
AadarshM07 Jan 26, 2026
9b3276e
Fix semantic structure of 'Create an account' page
Rajeev529 Jan 26, 2026
419277c
[Remove Vuetify from Studio] Convert 'Create an account' unit tests t…
abhiraj75 Jan 26, 2026
40081fe
[Remove Vuetify from Studio] Channel details in Channels - content
vtushar06 Jan 27, 2026
0e89c39
Merge branch 'unstable' into review-submission-side-panel
AlexVelezLl Jan 29, 2026
49646dc
Add ChannelVersionViewset
AlexVelezLl Jan 28, 2026
b26645b
Fix admin privilege dialog not opening from actions menu (#5655)
sharma-anushka Jan 29, 2026
635f665
Small refactors
AlexVelezLl Jan 28, 2026
2068975
Use ChannelVersion resource in ReviewSubmissionSidePanel
AlexVelezLl Jan 28, 2026
95896e4
Show SpecialPermissionsList on ReviewSidePanel
AlexVelezLl Jan 29, 2026
6f29e62
updates to the CW scenarios
Jan 29, 2026
85d6fcc
[pre-commit.ci lite] apply automatic fixes
pre-commit-ci-lite[bot] Jan 29, 2026
f21d43c
Merge pull request #5630 from Jakoma02/review-submission-side-panel
AlexVelezLl Jan 29, 2026
56a67de
[Remove Vuetify from Studio] Convert 'Reset password' unit tests to V…
LightCreator1007 Jan 29, 2026
24c820a
Fix misaligned links on About Studio page
sharma-anushka Jan 29, 2026
9589f57
Clearing out useless symlinks.
DXCanas Jan 29, 2026
a6d4ba0
Compute license audit task results during publish workflow (#5665)
taoerman Jan 30, 2026
019ba43
[Remove Vuetify from Studio] Convert collection channels selection un…
abhiraj75 Feb 2, 2026
c114591
Remove hardcoded colors from the bottom bar
Rajeev529 Feb 2, 2026
40b32a2
additional updates and corrections
Feb 2, 2026
ba2c207
[pre-commit.ci lite] apply automatic fixes
pre-commit-ci-lite[bot] Feb 2, 2026
e35d813
[Remove Vuetify from Studio] Convert 'Activation failed' unit tests t…
sharma-anushka Feb 3, 2026
1caaeca
[Remove Vuetify from Studio] Saved searches dialogs
JanaKocakova Feb 3, 2026
84145d2
minor corrections
Feb 3, 2026
b21a6f4
Upgrade KDS to v5.5.2
MisRob Feb 3, 2026
c4add77
[ESoCC] Command to create channel versions (#5660)
nucleogenesis Feb 3, 2026
57bb0cb
[Remove Vuetify from Studio] Policy modals (#5662)
LightCreator1007 Feb 4, 2026
64e0548
Merge pull request #5674 from pcenov/gherkins-cws-3
radinamatic Feb 5, 2026
4c99984
add migration command for versioned channels
ozer550 Feb 6, 2026
d831e0d
chore(deps-dev): bump webpack from 5.99.9 to 5.104.1
dependabot[bot] Feb 7, 2026
7bc2310
Improve alert banner
MisRob Feb 9, 2026
254877f
[Remove Vuetify from Studio] Content Library Catalog - Frequently ask…
yeshwanth235 Feb 9, 2026
5e2b6d1
chore(deps): bump pillow from 12.0.0 to 12.1.1
dependabot[bot] Feb 11, 2026
1ec4cb6
chore(deps): bump axios from 1.12.2 to 1.13.5
dependabot[bot] Feb 11, 2026
d0e98b1
remove ensure_versioned_database_exists calls from tests
ozer550 Feb 12, 2026
b8e5720
Merge pull request #5692 from ozer550/migration-command-for-channel-v…
AlexVelezLl Feb 12, 2026
7140688
Set distributable Special Permissions Licenses (#5681)
taoerman Feb 12, 2026
256e2d8
Merge pull request #5561 from learningequality/dependabot/npm_and_yar…
nucleogenesis Feb 13, 2026
afc7092
Merge pull request #5700 from learningequality/dependabot/npm_and_yar…
rtibbles Feb 13, 2026
5b1cc28
Merge pull request #5699 from learningequality/dependabot/pip/pillow-…
rtibbles Feb 13, 2026
a7d629b
Merge pull request #5693 from learningequality/dependabot/npm_and_yar…
rtibbles Feb 13, 2026
6fb74cf
chore(deps): bump lodash from 4.17.21 to 4.17.23
dependabot[bot] Feb 13, 2026
ade978b
chore(deps): bump qs from 6.14.0 to 6.14.2
dependabot[bot] Feb 13, 2026
eb3c5a3
Merge pull request #5658 from learningequality/dependabot/npm_and_yar…
rtibbles Feb 13, 2026
ceacb29
Merge pull request #5659 from learningequality/dependabot/pip/wheel-0…
rtibbles Feb 13, 2026
6b9a271
Merge pull request #5640 from learningequality/dependabot/pip/fileloc…
rtibbles Feb 13, 2026
f0387e3
Merge pull request #5639 from learningequality/dependabot/pip/virtual…
rtibbles Feb 13, 2026
311d6a0
Merge pull request #5620 from learningequality/dependabot/pip/nodeenv…
rtibbles Feb 13, 2026
fa86bf8
Merge pull request #5702 from learningequality/dependabot/npm_and_yar…
rtibbles Feb 13, 2026
4a394de
chore(deps-dev): bump workbox-webpack-plugin from 7.3.0 to 7.4.0
dependabot[bot] Feb 13, 2026
64cce0f
Merge pull request #5598 from learningequality/dependabot/npm_and_yar…
rtibbles Feb 13, 2026
ab9bd48
Merge pull request #5676 from DXCanas/studio-infra-file-cleanup
marcellamaki Feb 19, 2026
a0f3e79
Fix channel pdf summary output
MisRob Feb 20, 2026
94417df
[fixes #5698] Switch package and virtualenv management to uv
bjester Feb 24, 2026
266c1b0
[fixes #5697] Upgrade packages to eliminate incompatibility with setu…
bjester Feb 24, 2026
0799417
Add .python-version so uv knows which to use for venv
bjester Feb 24, 2026
8f5ddb3
Switch package ecosystem to uv
bjester Feb 24, 2026
af4223a
Move useFilter and useKeywordSearch to shared folder
AlexVelezLl Dec 16, 2025
99ab4bb
Migrate useFilter to be compatible with KSelect
AlexVelezLl Dec 16, 2025
6cbe9c4
Add initial NotificationsModal implementation + NotificationsFilters
AlexVelezLl Dec 16, 2025
929e49e
Add useCommunityLibraryUpdates to load and process community library …
AlexVelezLl Dec 16, 2025
c3a369e
Add base structure of NotificationsList
AlexVelezLl Dec 16, 2025
a8c5b55
Complete notifications list component
AlexVelezLl Dec 16, 2025
db78166
Fix multiple parallel reloads on admin channels and users table
AlexVelezLl Dec 16, 2025
1a3701d
Connect NotificationModal to Appbar and MainNavigationDrawer
AlexVelezLl Dec 16, 2025
e276410
Add notifications datetimes to User model
AlexVelezLl Dec 16, 2025
661d675
Add red dot on AppBar and MainNavigationDrawer
AlexVelezLl Dec 16, 2025
d55f59a
Add support for unread/all notifications
AlexVelezLl Dec 17, 2025
5dc92e1
Add error handling and add documentation
AlexVelezLl Dec 17, 2025
b3404d9
Pin KDS and small styles updates
AlexVelezLl Dec 17, 2025
ebbf733
Use StudioImmersiveModal instead of FullscreenModal
AlexVelezLl Jan 15, 2026
4f7569e
Miscelaneous fixes
AlexVelezLl Feb 19, 2026
e033d2f
add channel version history to publish side panel
AllanOXDi Feb 27, 2026
f0b08e3
use DjangoJSONEncoder on _json_dumps
AlexVelezLl Feb 27, 2026
8f60d97
Add comment on SESSION addition to ALL_TABLES
AlexVelezLl Feb 27, 2026
3d9cae6
chore(deps): bump jsonschema from 4.25.1 to 4.26.0
dependabot[bot] Mar 1, 2026
fe5ef92
chore(deps): bump packaging from 25.0 to 26.0
dependabot[bot] Mar 1, 2026
327221d
remove channelVersion object and databse with version next when stale
ozer550 Mar 2, 2026
26fa9ec
Merge pull request #5728 from ozer550/remove-unnecessary-draft-channe…
AlexVelezLl Mar 2, 2026
70321ae
Merge pull request #5610 from AlexVelezLl/notifications-page
rtibbles Mar 3, 2026
97bdf41
Merge pull request #5719 from bjester/uv-dep-fixes
bjester Mar 3, 2026
3d240e5
chore(deps-dev): bump the babel group with 4 updates
dependabot[bot] Mar 3, 2026
d861343
Avoid failure on empty/missing cache
bjester Mar 3, 2026
6355010
Merge pull request #5737 from bjester/uv-pre-commit
rtibbles Mar 3, 2026
13813dc
Merge pull request #5722 from learningequality/dependabot/pip/jsonsch…
rtibbles Mar 3, 2026
4f2a12a
Merge pull request #5723 from learningequality/dependabot/npm_and_yar…
rtibbles Mar 3, 2026
53d2043
Merge pull request #5724 from learningequality/dependabot/pip/packagi…
rtibbles Mar 3, 2026
429975a
Account for deleted channels in channels admin filters
AlexVelezLl Mar 4, 2026
e01eee1
Add All Channels channel type filter option
AlexVelezLl Mar 4, 2026
22478ad
Fix filters responsiveness
AlexVelezLl Mar 4, 2026
4aebc0e
build: add tiptap text align dependency
habibayman Jan 30, 2026
e54e72d
feat(texteditor): add basic toggle alignmen functionality
habibayman Jan 30, 2026
baac181
fix(texteditor): toolbar overflow logic after adding alignment button
habibayman Jan 30, 2026
d6b9621
fix(texteditor): disable toggling alignment for code blocks
habibayman Jan 30, 2026
c270ce4
feat(texteditor): add toggling text alignment button to touchscreens …
habibayman Jan 30, 2026
f2aa6e6
fix(texteditor): adjust image extension to account for node alignment
habibayman Jan 30, 2026
74341c4
feat(texteditor): adjust markdown serializer to wrap nodes in html ta…
habibayman Mar 5, 2026
22a5c2d
test(texteditor): cover markdown serializer text alignemnt serializin…
habibayman Mar 5, 2026
38a9805
fix(texteditor): listItem serializer short-circuiting its paragraph c…
habibayman Mar 5, 2026
c3d1cbe
fix(texteditor): include align in images dual saving syntax
habibayman Mar 5, 2026
2dd5003
feat(texteditor): adjust small text displaying to account for textAli…
habibayman Mar 5, 2026
e19fac7
Merge pull request #5684 from AadarshM07/issue#5632
AadarshM07 Mar 5, 2026
f19d93c
Fix hasMore logic to require a full page before showing Show more.
AllanOXDi Mar 5, 2026
568ae8c
fix hasMore logic
AllanOXDi Mar 5, 2026
d9b3f4d
focus the editor when closing tool modals
nucleogenesis Mar 3, 2026
60bd767
Autofocus TipTap editor when creating new assessment questions
nucleogenesis Mar 3, 2026
83efcdf
feat(a11y): localize mathlive screen reader announcements (#5743)
rtibblesbot Mar 5, 2026
04d114c
refactor: simplify a11y localization internals
rtibblesbot Mar 6, 2026
362e4af
Add workflow for pull request events
MisRob Mar 6, 2026
f8eac9e
Change ChannelVersion viewset to use cursor based pagination
AlexVelezLl Mar 6, 2026
83219f5
Update styles
AlexVelezLl Mar 6, 2026
68f6102
Merge pull request #5721 from AllanOXDi/Ch-version
AlexVelezLl Mar 6, 2026
4665226
Use KCard
MisRob Mar 6, 2026
3818aaa
[Remove Vuetify from Studio] Convert content library filter bar unit …
sharma-anushka Mar 6, 2026
90bdb6a
Add focus trap to studio immersive modal
AlexVelezLl Mar 6, 2026
8339d18
Merge pull request #5745 from MisRob/add-workflow-call
rtibbles Mar 6, 2026
1fba461
set question-text border to value consistent with neighbors
nucleogenesis Mar 6, 2026
f17bbf6
fix(texteditor): inverted disabling condition for overflowed align bu…
habibayman Mar 7, 2026
f3bc749
fix(texteditor): match dimensions for right align SVG with left align
habibayman Mar 7, 2026
dbc30f2
feat(texteditor): detect alignemnt of every node on cursor position
habibayman Mar 7, 2026
c7cf5ee
perf(texteditor): add a safeguard return string for the recursive mar…
habibayman Mar 8, 2026
59a13aa
Don't show pagination when loading
MisRob Mar 9, 2026
00b2506
Add page setup and channel info header
AlexVelezLl Feb 20, 2026
082ed1b
Add Channel details accordion
AlexVelezLl Feb 20, 2026
677893f
Add ActivityHistory component
AlexVelezLl Feb 23, 2026
48db1b7
Add activity line
AlexVelezLl Feb 23, 2026
b143bcd
Polish submission details modal
AlexVelezLl Feb 23, 2026
740ea5d
Display SubmissionDetailsModal on channel admin table
AlexVelezLl Feb 23, 2026
1105aa9
Refactor and rename Accordion component
AlexVelezLl Feb 27, 2026
cb656d2
Fix failing tests
AlexVelezLl Feb 27, 2026
279aa22
Store notifications tab on route
AlexVelezLl Mar 3, 2026
3525f8b
Address PR comments
AlexVelezLl Mar 3, 2026
6bee301
Align with figma specs
AlexVelezLl Mar 6, 2026
eeb8d57
address PR comments
AlexVelezLl Mar 6, 2026
37147dd
Mark distributable descriptions on resolve action rather than on publ…
AlexVelezLl Mar 9, 2026
1cb649a
Merge pull request #5716 from AlexVelezLl/new-channel-details
rtibbles Mar 9, 2026
3c6342c
Fix pending submissions not being shown for live community library ch…
AlexVelezLl Mar 9, 2026
b881d73
Hide draft option from PublishSidePanel if user does not have enabled
AlexVelezLl Mar 2, 2026
045277a
Show draft token in channelEdit view
AlexVelezLl Mar 2, 2026
dfd820f
Use ChannelTypeFilter constant on channelTable tests
AlexVelezLl Mar 10, 2026
04095fa
Merge pull request #5744 from rtibblesbot/issue-5743-4d3394
rtibbles Mar 10, 2026
3061264
Merge pull request #5742 from AlexVelezLl/fix-admin-filters
rtibbles Mar 10, 2026
93c3534
Merge pull request #5739 from nucleogenesis/5720--focus-trappin
rtibbles Mar 10, 2026
6f4929c
Merge pull request #5729 from AlexVelezLl/draft-tokens
rtibbles Mar 10, 2026
a08885e
chore(deps): bump latex2mathml from 3.78.0 to 3.78.1
dependabot[bot] Feb 20, 2026
42d8179
pef(texteditor): add a null guard return value for getEffectiveAlignment
habibayman Mar 11, 2026
4a9a5d6
fix: update test expectations for latex2mathml 3.78.1 block-mode mund…
nucleogenesis Mar 11, 2026
740dca2
test: add regression tests for block vs inline MathML element selection
nucleogenesis Mar 11, 2026
6344d05
Merge pull request #5677 from habibayman/feat/RTE-text-align
nucleogenesis Mar 11, 2026
b57d722
Merge pull request #5361 from learningequality/dependabot/pip/latex2m…
nucleogenesis Mar 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
17 changes: 10 additions & 7 deletions .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,20 +4,22 @@ version: 2
updates:

# Maintain dependencies for Python
- package-ecosystem: "pip"
- package-ecosystem: "uv"
directory: "/"
schedule:
interval: "weekly"
day: "wednesday"
interval: "monthly"
time: "00:00"
cooldown:
default-days: 7

# Maintain dependencies for Javascript
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
day: "wednesday"
interval: "monthly"
time: "00:00"
cooldown:
default-days: 7
groups:
babel:
patterns:
Expand All @@ -33,9 +35,10 @@ updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
day: "wednesday"
interval: "monthly"
time: "00:00"
cooldown:
default-days: 7
groups:
github:
patterns:
Expand Down
12 changes: 12 additions & 0 deletions .github/workflows/call-contributor-pr-reply.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
name: Send reply on a new contributor pull request
on:
pull_request_target:
types: [opened]
jobs:
call-workflow:
name: Call shared workflow
uses: learningequality/.github/.github/workflows/contributor-pr-reply.yml@main
secrets:
LE_BOT_APP_ID: ${{ secrets.LE_BOT_APP_ID }}
LE_BOT_PRIVATE_KEY: ${{ secrets.LE_BOT_PRIVATE_KEY }}
SLACK_COMMUNITY_NOTIFICATIONS_WEBHOOK_URL: ${{ secrets.SLACK_COMMUNITY_NOTIFICATIONS_WEBHOOK_URL }}
Comment on lines +7 to +12

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI 2 days ago

To fix this, explicitly declare permissions for the job (or globally) so the GITHUB_TOKEN is limited to the least privileges needed. Since this workflow only delegates to a reusable workflow and does not itself perform any repository writes, a safe, minimal default is read-only access to repository contents. That both satisfies CodeQL and avoids unintentionally granting write access via inherited defaults.

The best fix, without changing existing functionality, is to add a permissions block under the call-workflow job, e.g.:

jobs:
  call-workflow:
    permissions:
      contents: read
    name: Call shared workflow
    uses: ...

Placing it at the job level ensures the restriction applies specifically to this job, and avoids assumptions about other jobs (there are none currently, but this keeps the change tightly scoped). No imports or additional definitions are needed; this is a pure YAML configuration change within .github/workflows/call-contributor-pr-reply.yml. Insert the new permissions block between call-workflow: and name: with correct indentation.

Suggested changeset 1
.github/workflows/call-contributor-pr-reply.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/call-contributor-pr-reply.yml b/.github/workflows/call-contributor-pr-reply.yml
--- a/.github/workflows/call-contributor-pr-reply.yml
+++ b/.github/workflows/call-contributor-pr-reply.yml
@@ -4,6 +4,8 @@
     types: [opened]
 jobs:
   call-workflow:
+    permissions:
+      contents: read
     name: Call shared workflow
     uses: learningequality/.github/.github/workflows/contributor-pr-reply.yml@main
     secrets:
EOF
@@ -4,6 +4,8 @@
types: [opened]
jobs:
call-workflow:
permissions:
contents: read
name: Call shared workflow
uses: learningequality/.github/.github/workflows/contributor-pr-reply.yml@main
secrets:
Copilot is powered by AI and may make mistakes. Always verify output.
11 changes: 11 additions & 0 deletions .github/workflows/call-pull-request-target.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
name: Handle pull request events
on:
pull_request_target:
types: [review_requested, labeled]
jobs:
call-workflow:
name: Call shared workflow
uses: learningequality/.github/.github/workflows/pull-request-target.yml@main
secrets:
LE_BOT_APP_ID: ${{ secrets.LE_BOT_APP_ID }}
LE_BOT_PRIVATE_KEY: ${{ secrets.LE_BOT_PRIVATE_KEY }}
Comment on lines +7 to +11

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI 2 days ago

In general, the fix is to explicitly declare a permissions block that limits the GITHUB_TOKEN to the least privileges needed. This can be done at the workflow root (applies to all jobs) or at the job level. Because this workflow only has a single job and we want to minimize changes, we can add a root-level permissions block just under the name: line. For a pull_request_target workflow that primarily reads repository contents and PR metadata while deferring actual actions to a reusable workflow using app credentials, a safe minimal baseline is contents: read. If the reusable workflow requires additional scopes, it will typically define them itself; in this caller it is reasonable to keep the token read-only.

Concretely, in .github/workflows/call-pull-request-target.yml, add:

permissions:
  contents: read

between line 1 (name: Handle pull request events) and line 2 (on:). No imports or additional methods are required since this is a YAML configuration change only and does not affect existing behavior, other than constraining the automatically provided GITHUB_TOKEN to read access to contents.

Suggested changeset 1
.github/workflows/call-pull-request-target.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/call-pull-request-target.yml b/.github/workflows/call-pull-request-target.yml
--- a/.github/workflows/call-pull-request-target.yml
+++ b/.github/workflows/call-pull-request-target.yml
@@ -1,4 +1,6 @@
 name: Handle pull request events
+permissions:
+  contents: read
 on:
   pull_request_target:
     types: [review_requested, labeled]
EOF
@@ -1,4 +1,6 @@
name: Handle pull request events
permissions:
contents: read
on:
pull_request_target:
types: [review_requested, labeled]
Copilot is powered by AI and may make mistakes. Always verify output.
7 changes: 5 additions & 2 deletions .github/workflows/update-pr-spreadsheet.yml → .../workflows/call-update-pr-spreadsheet.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,15 @@
name: Update community pull requests spreadsheet
on:
pull_request_target:
types: [assigned,unassigned,opened,closed,reopened]
types: [assigned, unassigned, opened, closed, reopened, edited, review_requested, review_request_removed]

jobs:
call-update-spreadsheet:
call-workflow:
name: Call shared workflow
uses: learningequality/.github/.github/workflows/update-pr-spreadsheet.yml@main
secrets:
LE_BOT_APP_ID: ${{ secrets.LE_BOT_APP_ID }}
LE_BOT_PRIVATE_KEY: ${{ secrets.LE_BOT_PRIVATE_KEY }}
CONTRIBUTIONS_SPREADSHEET_ID: ${{ secrets.CONTRIBUTIONS_SPREADSHEET_ID }}
CONTRIBUTIONS_SHEET_NAME: ${{ secrets.CONTRIBUTIONS_SHEET_NAME }}
GH_UPLOADER_GCP_SA_CREDENTIALS: ${{ secrets.GH_UPLOADER_GCP_SA_CREDENTIALS }}

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}
4 changes: 2 additions & 2 deletions .github/workflows/containerbuild.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout codebase
uses: actions/checkout@v4
uses: actions/checkout@v6

- name: Set up QEMU
uses: docker/setup-qemu-action@v3
Expand Down Expand Up @@ -88,7 +88,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout codebase
uses: actions/checkout@v4
uses: actions/checkout@v6

- name: Set up QEMU
uses: docker/setup-qemu-action@v3
Expand Down
30 changes: 11 additions & 19 deletions .github/workflows/deploytest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,11 @@ jobs:
if: ${{ needs.pre_job.outputs.should_skip != 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v6
- name: Use pnpm
uses: pnpm/action-setup@v4
- name: Use Node.js
uses: actions/setup-node@v4
uses: actions/setup-node@v6
with:
node-version: '20.x'
cache: 'pnpm'
Expand All @@ -47,29 +47,21 @@ jobs:
if: ${{ needs.pre_job.outputs.should_skip != 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.10
uses: actions/setup-python@v5
- uses: actions/checkout@v6
- name: Install uv
uses: astral-sh/setup-uv@v7
with:
python-version: '3.10'
- name: pip cache
uses: actions/cache@v4
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pyprod-${{ hashFiles('requirements.txt') }}
restore-keys: |
${{ runner.os }}-pyprod-
- name: Install pip-tools and python dependencies
activate-environment: "true"
enable-cache: "true"
- name: Install python dependencies with uv
run: |
# Pin pip to 25.2 to avoid incompatibility with pip-tools and 25.3
# see https://github.com/jazzband/pip-tools/issues/2252
python -m pip install pip==25.2
pip install pip-tools
pip-sync requirements.txt
# Use uv to install dependencies directly from requirements files
uv pip sync requirements.txt
- name: Use pnpm
uses: pnpm/action-setup@v4
- name: Use Node.js
uses: actions/setup-node@v4
uses: actions/setup-node@v6
with:
node-version: '20.x'
cache: 'pnpm'
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/frontendtest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,11 @@ jobs:
if: ${{ needs.pre_job.outputs.should_skip != 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v6
- name: Use pnpm
uses: pnpm/action-setup@v4
- name: Use Node.js
uses: actions/setup-node@v4
uses: actions/setup-node@v6
with:
node-version: '20.x'
cache: 'pnpm'
Expand Down
8 changes: 5 additions & 3 deletions .github/workflows/pre-commit.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,14 +31,16 @@ jobs:
if: ${{ needs.pre_job.outputs.should_skip != 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
- uses: actions/checkout@v6
- name: Install uv
uses: astral-sh/setup-uv@v7
with:
python-version: '3.10'
ignore-nothing-to-cache: 'true'
- name: Use pnpm
uses: pnpm/action-setup@v4
- name: Use Node.js
uses: actions/setup-node@v4
uses: actions/setup-node@v6
with:
node-version: '20.x'
cache: 'pnpm'
Expand Down
24 changes: 8 additions & 16 deletions .github/workflows/pythontest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,32 +61,24 @@ jobs:
# Maps port 6379 on service container to the host
- 6379:6379
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v6
- name: Set up minio
run: |
docker run -d -p 9000:9000 --name minio \
-e "MINIO_ROOT_USER=development" \
-e "MINIO_ROOT_PASSWORD=development" \
-e "MINIO_DEFAULT_BUCKETS=content:public" \
bitnamilegacy/minio:2024.5.28
- name: Set up Python 3.10
uses: actions/setup-python@v5
- name: Install uv
uses: astral-sh/setup-uv@v7
with:
python-version: '3.10'
- name: pip cache
uses: actions/cache@v4
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pytest-${{ hashFiles('requirements.txt', 'requirements-dev.txt') }}
restore-keys: |
${{ runner.os }}-pytest-
- name: Install pip-tools and python dependencies
activate-environment: "true"
enable-cache: "true"
- name: Install python dependencies with uv
run: |
# Pin pip to 25.2 to avoid incompatibility with pip-tools and 25.3
# see https://github.com/jazzband/pip-tools/issues/2252
python -m pip install pip==25.2
pip install pip-tools
pip-sync requirements.txt requirements-dev.txt
# Use uv to install dependencies directly from requirements files
uv pip sync requirements.txt requirements-dev.txt
- name: Test pytest
run: |
sh -c './contentcuration/manage.py makemigrations --check'
Expand Down
4 changes: 1 addition & 3 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ var/

# Ignore editor / IDE related data
.vscode/
.claude/

# IntelliJ IDE, except project config
.idea/
Expand Down Expand Up @@ -129,6 +130,3 @@ storybook-static/

# i18n
/contentcuration/locale/**/LC_MESSAGES/*.csv

# pyenv
.python-version
1 change: 1 addition & 0 deletions .python-version
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
3.10
27 changes: 27 additions & 0 deletions contentcuration/contentcuration/constants/community_library_submission.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
STATUS_PENDING = "PENDING"
STATUS_APPROVED = "APPROVED"
STATUS_REJECTED = "REJECTED"
STATUS_SUPERSEDED = "SUPERSEDED"
STATUS_LIVE = "LIVE"

status_choices = (
(STATUS_PENDING, "Pending"),
(STATUS_APPROVED, "Approved"),
(STATUS_REJECTED, "Rejected"),
(STATUS_SUPERSEDED, "Superseded"),
(STATUS_LIVE, "Live"),
)

REASON_INVALID_LICENSING = "INVALID_LICENSING"
REASON_TECHNICAL_QUALITY_ASSURANCE = "TECHNICAL_QUALITY_ASSURANCE"
REASON_INVALID_METADATA = "INVALID_METADATA"
REASON_PORTABILITY_ISSUES = "PORTABILITY_ISSUES"
REASON_OTHER = "OTHER"

resolution_reason_choices = (
(REASON_INVALID_LICENSING, "Invalid Licensing"),
(REASON_TECHNICAL_QUALITY_ASSURANCE, "Technical Quality Assurance"),
(REASON_INVALID_METADATA, "Invalid Metadata"),
(REASON_PORTABILITY_ISSUES, "Portability Issues"),
(REASON_OTHER, "Other"),
)
8 changes: 0 additions & 8 deletions contentcuration/contentcuration/dev_urls.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@
from django.urls import include
from django.urls import path
from django.urls import re_path
from django.views.generic import TemplateView
from drf_yasg import openapi
from drf_yasg.views import get_schema_view
from rest_framework import permissions
Expand Down Expand Up @@ -76,10 +75,3 @@ def file_server(request, storage_path=None):
re_path(r"^api-auth/", include("rest_framework.urls", namespace="rest_framework")),
re_path(r"^content/(?P<storage_path>.+)$", file_server),
]

urlpatterns += [
re_path(
r"^editor-dev(?:/.*)?$",
TemplateView.as_view(template_name="contentcuration/editor_dev.html"),
),
]
Loading
Loading