Features
- ✅ Add items and admin tests, and refactor existing ones. PR #2146 by @alejsdev.
- ✨ Add created_at field to User and Item models and update endpoints. PR #2144 by @alejsdev.
- 🔧 Migrate from npm to Bun. PR #2097 by @alejsdev.
- 🔧 Set up node monorepo. PR #2095 by @alejsdev.
- 🧑💻 Implement uv workspaces. PR #2090 by @alejsdev.
- 🔧 Add recommended VS Code extensions. PR #1386 by @tobiase.
- ✨ Use pwdlib with Argon2 by default, adding logic (and tests) to autoupdate old passwords using Bcrypt. PR #2104 by @tiangolo.
- 🔨 Generate frontend SDK on pre-commit, remove custom workflow. PR #2111 by @tiangolo.
Fixes
- 🐛 Add user authentication check in admin route to restrict access for non-superusers. PR #2145 by @alejsdev.
- 🐛 Handle non-existing user IDs in
read_user_by_id. PR #1396 by @saltie2193.
Refactors
- 🔥 Remove debugpy from recommended extensions, it's included by the Python extension. PR #2143 by @tiangolo.
- 🔧 Update the frontend build context for prod with the new top level setup. PR #2108 by @tiangolo.
- 🚚 Rename Docker Compose files to new names,
compose.yml. PR #2106 by @tiangolo. - 🔒️ Ensure authentication takes constant time, to avoid enumeration attacks. PR #2105 by @tiangolo.
- ✅ Fix incorrect mocking in unit tests (issue #1780). PR #1781 by @vicaya.
- 🐛Update
items.pyto return status code403in case of insufficient permissions. PR #1543 by @jpizquierdo. - ✅ Use proper
is_activefield intest_user.py. PR #1479 by @nauanbek. - ♻️ Simplify reset password logic by removing duplicate code. PR #1440 by @youneshenniwrites.
Upgrades
- ⬆ Bump postgres from 17 to 18. PR #1910 by @dependabot[bot].
- ⬆ Bump traefik from 3.0 to 3.6. PR #1973 by @dependabot[bot].
Docs
Internal
- 🎨 Format Python scripts tests. PR #2112 by @tiangolo.
- 🔨 Update generate-client.sh and docs. PR #2110 by @tiangolo.
- 🔥 Remove old unused scripts. PR #2107 by @tiangolo.
- 👷 Add
maybe-aifor issue manager. PR #2103 by @tiangolo. - ⬆️ Bump uv to 0.9.26 in Dockerfile. PR #2102 by @alejsdev.
- ⬆ Bump lucide-react from 0.556.0 to 0.562.0. PR #2101 by @dependabot[bot].
- 🔧 Update dependabot configuration for package ecosystems. PR #2100 by @alejsdev.
- 🔧 Update Biome schema version to 2.3.11. PR #2099 by @alejsdev.
- 🔧 Add tests scripts in
package.json. PR #2098 by @alejsdev. - 🎨 Apply pre-commit fixes. PR #2055 by @GniLudio.
- 👷 Update pre-commit workflow. PR #2096 by @alejsdev.
- 🔧 Update biome.json schema version. PR #2092 by @alejsdev.
- Revert "🔧 Update pre-commit-config.yaml ruff format to use --check". PR #2091 by @alejsdev.
- 🔧 Update pre-commit-config.yaml ruff format to use --check. PR #2077 by @ryansydnor.
- ⬆ Bump actions/checkout from 5 to 6. PR #2074 by @dependabot[bot].
- 👷 Add pre-commit workflow. PR #2056 by @YuriiMotov.
- ⬆ Bump @tanstack/router-devtools from 1.140.0 to 1.142.8 in /frontend. PR #2060 by @dependabot[bot].
- ⬆ Bump @tanstack/react-router from 1.141.2 to 1.142.8 in /frontend. PR #2062 by @dependabot[bot].
- ⬆ Bump @biomejs/biome from 2.3.8 to 2.3.10 in /frontend. PR #2061 by @dependabot[bot].
- ⬆ Bump @tanstack/react-router-devtools from 1.139.12 to 1.142.8 in /frontend. PR #2063 by @dependabot[bot].
- ⬆ Bump zod from 4.1.13 to 4.2.1 in /frontend. PR #2064 by @dependabot[bot].
- 👷 Configure coverage, error on main tests, don't wait for Smokeshow. PR #2054 by @YuriiMotov.
- 👷 Run Smokeshow always, even on test failures. PR #2053 by @YuriiMotov.
- ⬆ Bump @tanstack/react-router from 1.140.0 to 1.141.2 in /frontend. PR #2045 by @dependabot[bot].
- ⬆ Bump actions/download-artifact from 6 to 7. PR #2051 by @dependabot[bot].
- ⬆ Bump actions/upload-artifact from 5 to 6. PR #2050 by @dependabot[bot].
- ⬆ Bump @types/node from 24.10.1 to 25.0.2 in /frontend. PR #2048 by @dependabot[bot].
- ⬆ Bump @tailwindcss/vite from 4.1.17 to 4.1.18 in /frontend. PR #2049 by @dependabot[bot].
- ⬆ Bump vite from 7.2.7 to 7.3.0 in /frontend. PR #2047 by @dependabot[bot].
- ⬆ Bump react-dom from 19.2.1 to 19.2.3 in /frontend. PR #2046 by @dependabot[bot].