CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity
14,069 Commits 309 Branches 199 Tags
8945e55900ad0b200f86724b13100c2db2e801b9
Commit Graph

12123 Commits

Author SHA1 Message Date
rash
8945e55900 resolve migration TODOs: properly refocus parent on navigations 2026-03-13 13:24:31 +01:00
rash
2dade31f23 Allow gradual rollout of new vite-based widget by adding urls to an allowlist that gets checked against the "Origin" http header of request fetching the widget js 2026-03-10 14:45:00 +01:00
rash
504191c005 fix inconsistencies from automatic migration 2026-03-09 18:31:27 +01:00
rash
00cb77de8f top level await in iife build mode is not supported, so let's do import.meta.glob instead (we just need the build step not to see await, the code doesn't actually ever get loaded because it's DEV only) 2026-02-23 16:43:11 +01:00
rash
b1b2a688a8 working vite widget setup for prod (untested), local dev (with or without dev server) and pytests, with flags for running the old version or the vite version 2026-02-22 17:40:25 +01:00
rash
961253bac4 migrate widget bugfix #5886 2026-02-19 14:13:08 +01:00
rash
f3eb2fba6d Merge branch 'pretix:master' into vite-vue3 2026-02-19 13:40:30 +01:00
luelista
7e45837295 Security hardening for 2FA configuration (#5685) 
* reduce default RecentAuthenticationRequiredMixin timeout to 15 min
* never cache pages with RecentAuthenticationRequiredMixin
* show emergency codes only once after generating
 2026-02-19 12:43:23 +01:00
Lukas Bockstaller
fd9ed15065 include acceptor slug in log/webhook event (#5906) 2026-02-19 10:00:11 +01:00
Richard Schreiber
2df3d9206b Add voucher tag to orderlist positions export 2026-02-19 09:42:00 +01:00
Kian Cross
fbd8bbbeaa Disable partitioned cookies for Safari due to WebKit bugs (#5843) 
Safari currently exhibits a bug where Partitioned cookies (CHIPS) are not
sent back to the originating site after multi-hop cross-site redirects,
breaking SSO login flows in pretix.

Partitioned cookies were initially introduced in Safari 18.4, removed
again in 18.5 due to a bug, and reintroduced in Safari 26.2, where the
current issue is present.

As a mitigation, disable sending the `Partitioned` attribute for Safari
user agents. This is intentionally conservative; once the Safari issue
is fixed, this check should be refined to be conditional on the affected
versions only.

WebKit issues:

  - https://bugs.webkit.org/show_bug.cgi?id=292975
  - https://bugs.webkit.org/show_bug.cgi?id=306194
 2026-02-18 09:19:14 +01:00
Kara Engelhardt
1c305e4b30 Store failed offline checkin if successful online checkin with same nonce exists 2026-02-17 10:41:05 +01:00
KarlKeu00
ea114b4f64 Fix HTML closing tags in pending.html (#5893) 2026-02-17 10:20:28 +01:00
Raphael Michel
8a7f54795e Vouchers: Fix field label inconsistency (Z#23222887) (#5902) 
The field Voucher.price_mode is sometimes called "Price mode" and
sometimes "Price effect" in the UI, which is inconsistent. I think
"price effect" is a little clearer, but I don't really care as long as
it is consistent.
 2026-02-17 10:16:12 +01:00
Raphael Michel
cb464ad597 Remove back link from 404 error page (#23222967) (#5901) 
I've kept it for 400/403/500/csrffail for now, because they also have a
"try again" link. Yes, both things have browser buttons, but they make
it a *little* clearer to technical users what one could to next, and
especially on csrffail, "step back" is always possible and possibly actually
helpful.
 2026-02-17 10:16:05 +01:00
Raphael Michel
119cc50897 Fix inconsistent singular/plural use in text (Z#23223585) 2026-02-17 09:31:08 +01:00
Raphael Michel
61f9cf13b4 Order change: Fix list of unchangeable add-ons not filtered to category (Z#23223330) (#5876) 2026-02-16 15:13:24 +01:00
Raphael Michel
29ed07ccce Merge branch 'pajowu/security-plaintext-placeholder' into 'master' 
SECURITY: Prevent placeholder injection in plaintext emails

See merge request pretix/pretix!21
 2026-02-16 10:59:44 +01:00
Nate Horst
dd0cd7ab0b Translations: Update Thai 
Currently translated at 36.0% (2237 of 6207 strings)

Translation: pretix/pretix
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/th/

powered by weblate
 2026-02-16 10:44:21 +01:00
Nate Horst
d7df906995 Translations: Update Thai 
Currently translated at 36.0% (2237 of 6207 strings)

Translation: pretix/pretix
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/th/

powered by weblate
 2026-02-16 10:44:21 +01:00
Ruud Hendrickx
839f4b4657 Translations: Update Dutch (Belgium) 
Currently translated at 0.1% (12 of 6207 strings)

Translation: pretix/pretix
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/nl_BE/

powered by weblate
 2026-02-16 10:44:21 +01:00
Ruud Hendrickx
74f7e1f61c Translations: Add Dutch (Belgium) 2026-02-16 10:44:21 +01:00
Yasunobu YesNo Kawaguchi
47919afab0 Translations: Update Japanese 
Currently translated at 100.0% (256 of 256 strings)

Translation: pretix/pretix (JavaScript parts)
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix-js/ja/

powered by weblate
 2026-02-16 10:44:21 +01:00
Yasunobu YesNo Kawaguchi
819daa99f7 Translations: Update Japanese 
Currently translated at 100.0% (6207 of 6207 strings)

Translation: pretix/pretix
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/ja/

powered by weblate
 2026-02-16 10:44:21 +01:00
Ruud Hendrickx
8512e79d68 Translations: Update Dutch (informal) (nl_Informal) 
Currently translated at 100.0% (6207 of 6207 strings)

Translation: pretix/pretix
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/nl_Informal/

powered by weblate
 2026-02-16 10:44:21 +01:00
Ruud Hendrickx
52672ae25b Translations: Update Dutch 
Currently translated at 100.0% (6207 of 6207 strings)

Translation: pretix/pretix
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/nl/

powered by weblate
 2026-02-16 10:44:21 +01:00
Raphael Michel
ad752dc617 Fix placeholder injection with django templates 2026-02-13 13:36:12 +01:00
Raphael Michel
43c6c33bd8 SafeFormatter: Ignore conversion spec 2026-02-13 12:35:49 +01:00
Raphael Michel
88c9f8c047 Remove duplicate rendering of plain content without variables 2026-02-13 12:30:01 +01:00
Raphael Michel
2d2663f15f Mark strings as formatted to prevent double-formatting 2026-02-13 12:28:32 +01:00
Kara Engelhardt
ae6014708b SECURITY: Prevent placeholder injcetion in plaintext emails 2026-02-13 12:28:32 +01:00
Richard Schreiber
d1686df07c Move request.GET.items to ctx (#5889) 2026-02-12 12:05:08 +01:00
Richard Schreiber
4d60d7bfbc Fix widget quantity prefill (#5886) 2026-02-12 12:04:11 +01:00
Phin Wolkwitz
c0b93fedc5 Hide company name field in order info for individual customers (Z#23212149, Z#23216249) (#5887) 2026-02-11 16:15:23 +01:00
rash
333dc56ef7 first draft migrating widget to vue3/vite 2026-02-11 15:12:43 +01:00
Richard Schreiber
2eaa6c3069 Fix address-helper wrong locale (Z#23223920) (#5884) 
* Fix address-helper wrong locale (Z#23223920)

* fix translation for transmission-types names

* use language_code instead
 2026-02-11 13:22:15 +01:00
Phin Wolkwitz
db982c9ef4 Presale: Hide adress info from invisible fields in confirmation step (Z#23212149) (#5649) 
Not all transmission fields are visible to users at all times, depending on whether they are necessary for users to know/change but they are submitted for the backend. This change hides those fields that were hidden before in the confirmation step as well to avoid confusion.
 2026-02-11 13:14:05 +01:00
Raphael Michel
f9f6ee94ae Outgoing mails: Fix wrong filter statement (PRETIXEU-CZZ) 2026-02-11 13:11:21 +01:00
Lukas Bockstaller
99c257d392 adds webhooks for giftcards (Z#23205473) (#5834) 
* adds giftcard webhook events

* maps issuer_id of giftcard to organizer_id for logging

* adds new giftcard logtypes for transactions that aren't manual

* log_action calls cleanup

* drop acceptance webhook

* add acceptor_id to the giftcard transaction webhook event

* add missing log_action statements

* add new webhooks to docs

* fix tests

* fix linting
 2026-02-11 12:51:09 +01:00
Richard Schreiber
e2cb83ce28 Fix marking invoices transmitted for emails with uppercase letters (#5885) 2026-02-11 12:00:54 +01:00
Raffaele Doretto
d7b7d3cc5f Translations: Update Italian 
Currently translated at 67.5% (173 of 256 strings)

Translation: pretix/pretix (JavaScript parts)
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix-js/it/

powered by weblate
 2026-02-10 18:08:28 +01:00
Michele Pagnozzi
721ac8a500 Translations: Update Italian 
Currently translated at 39.5% (2454 of 6207 strings)

Translation: pretix/pretix
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/it/

powered by weblate
 2026-02-10 18:08:28 +01:00
roi belotsercovsky
5796cfe03f Translations: Update Hebrew 
Currently translated at 95.4% (5927 of 6207 strings)

Translation: pretix/pretix
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/he/

powered by weblate
 2026-02-10 18:08:28 +01:00
roi belotsercovsky
63f1c4f793 Translations: Update Hebrew 
Currently translated at 100.0% (256 of 256 strings)

Translation: pretix/pretix (JavaScript parts)
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix-js/he/

powered by weblate
 2026-02-10 18:08:28 +01:00
Raphael Michel
47f409171d Customer accounts: Add security notices (#5705) 
* Customer accounts: Add security notices

* Apply suggestions from code review
 2026-02-10 17:55:53 +01:00
luelista
fb5697a27b Fix is_available on non-event-level plugins (#5878) 2026-02-10 17:49:17 +01:00
roi belotsercovsky
9a9ad6d6d1 Translations: Update Hebrew 
Currently translated at 94.8% (5886 of 6207 strings)

Translation: pretix/pretix
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/he/

powered by weblate
 2026-02-09 12:46:47 +01:00
Ryo Tagami
a05845790e Translations: Update Japanese 
Currently translated at 100.0% (256 of 256 strings)

Translation: pretix/pretix (JavaScript parts)
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix-js/ja/

powered by weblate
 2026-02-09 12:46:47 +01:00
Ryo Tagami
a0830dd033 Translations: Update Japanese 
Currently translated at 100.0% (6207 of 6207 strings)

Translation: pretix/pretix
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/ja/

powered by weblate
 2026-02-09 12:46:47 +01:00
Ruud Hendrickx
dba2529f6b Translations: Update Dutch (informal) (nl_Informal) 
Currently translated at 100.0% (6207 of 6207 strings)

Translation: pretix/pretix
Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/nl_Informal/

powered by weblate
 2026-02-09 12:46:47 +01:00