fix flake8

src/pretix/api/webhooks.py

@@ -473,7 +473,7 @@ def register_default_webhook_events(sender, **kwargs):
         ),
         ParametrizedGiftcardTransactionWebhookEvent(
             'pretix.giftcards.transaction.*',
-            _('Gift card used in transaction'),
+            _('Gift card used in transcation'),
         )
     )
 

src/pretix/helpers/cookies.py

@@ -34,7 +34,8 @@ def set_cookie_without_samesite(request, response, key, *args, **kwargs):
     if not is_secure:
         # https://www.chromestatus.com/feature/5633521622188032
         return
-    if should_send_same_site_none(request.headers.get('User-Agent', '')):
+    useragent = request.headers.get('User-Agent', '')
+    if should_send_same_site_none(useragent):
         # Chromium is rolling out SameSite=Lax as a default
         # https://www.chromestatus.com/feature/5088147346030592
         # This however breaks all pretix-in-an-iframe things, such as the pretix Widget.
@@ -47,6 +48,18 @@ def set_cookie_without_samesite(request, response, key, *args, **kwargs):
         # CHIPS
         response.cookies[key]['Partitioned'] = True
 
+        if has_safari_partitioned_bug(useragent):
+            # There may be partitioned cookies set from previous sessions, which override
+            # these non-partitioned ones. Delete these partitioned cookies.
+            response.delete_cookie(key)
+            response.cookies[key + ":Partitioned"] = response.cookies[key]
+            del response.cookies[key]
+
+            # re-set the cookie without Partitioned
+            response.set_cookie(key, *args, **kwargs)
+            response.cookies[key]['samesite'] = 'None'
+            response.cookies[key]['secure'] = is_secure
+
 
 # Based on https://www.chromium.org/updates/same-site/incompatible-clients
 # Copyright 2019 Google LLC.
@@ -58,6 +71,25 @@ def should_send_same_site_none(useragent):
     return not has_web_kit_same_site_bug(useragent) and not drops_unrecognized_same_site_cookies(useragent)
 
 
+def has_safari_partitioned_bug(useragent):
+    # Safari currently exhibits a bug where Partitioned cookies (CHIPS) are not
+    # sent back to the originating site after multi-hop cross-site redirects,
+    # breaking SSO login flows in pretix.
+    #
+    # Partitioned cookies were initially introduced in Safari 18.4, removed
+    # again in 18.5 due to a bug, and reintroduced in Safari 26.2, where the
+    # current issue is present.
+    #
+    # Once the Safari issue is fixed, this check should be refined to be
+    # conditional on the affected versions only.
+    #
+    # WebKit issues:
+    #
+    #   - https://bugs.webkit.org/show_bug.cgi?id=292975
+    #   - https://bugs.webkit.org/show_bug.cgi?id=306194
+    return is_safari(useragent)
+
+
 def has_web_kit_same_site_bug(useragent):
     return is_ios_version(12, useragent) or (
         is_macosx_version(10, 14, useragent) and (is_safari(useragent) or is_mac_embedded_browser(useragent))

src/pretix/locale/de/wordlist.txt

@@ -539,7 +539,6 @@ WeChat-Zahlung
 Weiterleitungs-URIs
 Weiterleitungs-URL
 Weiterleitungs-URLs
-WERO
 WhatsApp
 Widget
 Widget-Code

src/pretix/locale/de_Informal/wordlist.txt

@@ -539,7 +539,6 @@ WeChat-Zahlung
 Weiterleitungs-URIs
 Weiterleitungs-URL
 Weiterleitungs-URLs
-WERO
 WhatsApp
 Widget
 Widget-Code

src/pretix/locale/djangojs.pot

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2026-02-20 13:01+0000\n"
+"POT-Creation-Date: 2026-01-26 13:20+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"

src/pretix/locale/nl/LC_MESSAGES/djangojs.po

@@ -7,7 +7,7 @@ msgstr ""
 "Project-Id-Version: 1\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2026-01-26 09:10+0000\n"
-"PO-Revision-Date: 2026-02-19 22:00+0000\n"
+"PO-Revision-Date: 2026-02-05 23:00+0000\n"
 "Last-Translator: Ruud Hendrickx <ruud@leckxicon.eu>\n"
 "Language-Team: Dutch <https://translate.pretix.eu/projects/pretix/pretix-js/"
 "nl/>\n"
@@ -16,7 +16,7 @@ msgstr ""
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=2; plural=n != 1;\n"
-"X-Generator: Weblate 5.16\n"
+"X-Generator: Weblate 5.15.2\n"
 
 #: pretix/plugins/banktransfer/static/pretixplugins/banktransfer/ui.js:56
 #: pretix/plugins/banktransfer/static/pretixplugins/banktransfer/ui.js:62
@@ -674,7 +674,7 @@ msgstr "Zoekopdracht"
 
 #: pretix/static/pretixcontrol/js/ui/main.js:461
 msgid "All"
-msgstr "Allemaal"
+msgstr "Alle"
 
 #: pretix/static/pretixcontrol/js/ui/main.js:462
 msgid "None"

src/pretix/locale/wordlist.txt

@@ -187,7 +187,6 @@ webhooks
 webserver
 Wechat
 WeChat
-WERO
 WhatsApp
 whitespace
 xlsx

src/pretix/plugins/paypal2/payment.py

@@ -786,12 +786,7 @@ class PaypalMethod(BasePaymentProvider):
                 else:
                     pp_captured_order = response.result
 
-            payment.refresh_from_db()
-
-            any_captures = False
-            all_captures_completed = True
-            for purchaseunit in pp_captured_order.purchase_units:
-                if hasattr(purchaseunit, 'payments'):
+                for purchaseunit in pp_captured_order.purchase_units:
                     for capture in purchaseunit.payments.captures:
                         try:
                             ReferencedPayPalObject.objects.get_or_create(order=payment.order, payment=payment, reference=capture.id)
@@ -799,16 +794,14 @@ class PaypalMethod(BasePaymentProvider):
                             pass
 
                         if capture.status != 'COMPLETED':
-                            all_captures_completed = False
-                        else:
-                            any_captures = True
-            if not (any_captures and all_captures_completed):
-                messages.warning(request, _('PayPal has not yet approved the payment. We will inform you as '
-                                            'soon as the payment completed.'))
-                payment.info = json.dumps(pp_captured_order.dict())
-                payment.state = OrderPayment.PAYMENT_STATE_PENDING
-                payment.save()
-                return
+                            messages.warning(request, _('PayPal has not yet approved the payment. We will inform you as '
+                                                        'soon as the payment completed.'))
+                            payment.info = json.dumps(pp_captured_order.dict())
+                            payment.state = OrderPayment.PAYMENT_STATE_PENDING
+                            payment.save()
+                            return
+
+            payment.refresh_from_db()
 
             if pp_captured_order.status != 'COMPLETED':
                 payment.fail(info=pp_captured_order.dict())