Fixes Python 3.11 incompatibility using ancient lxml binary PyPI built against old libxml2.
This fixes#1442 and closes#1433.
The issue with python3-saml not working is because the binary lxml wheel is built against a different version of libxml2.
``--no-binary lxml`` can be used to fix this and python3-saml will work.
for references check these:
- https://github.com/onelogin/python3-saml/issues/292
- https://bugs.launchpad.net/lxml/+bug/1960668
- https://github.com/open-formulieren/open-forms/pull/2247
```
Tested on:
- ubuntu:23.04 - WORKING
- ubuntu:22.10 - WORKING
- ubuntu:22.04 - WORKING
- ubuntu:20.04 - WORKING
- ubuntu:18.04 - NOT WORKING - pip usage error with -r requirements.txt
- debian:10 - WORKING
- debian:11 - WORKING
- alpine:edge - WORKING
- alpine:3.17 - WORKING
- alpine:3.16 - WORKING
- alpine:3.15 - WORKING
- alpine:3.14 - WORKING
- rockylinux:9 - WORKING
- rockylinux:8 - NOT WORKING - pip usage error with -r requirements.txt
- almalinux:9 - WORKING
- almalinux:8 - NOT WORKING - pip usage error with -r requirements.txt
- fedora:36 - WORKING
- fedora:37 - WORKING
- fedora:38 - WORKING
- fedora:39 - WORKING
```
Convert col-xs-* to just col-* as part of bootstrap v3 -> v4
Convert box-* -> card-* as part of bootstrap v3 -> v4
Moved domain actions on main dashboard to a dropdown menu to avoid clutter
Added "Log Out" to top header left
Hid OTP on admin edit user to only show the disable card & options if the user account has OTP enabled
Increased the version of pytest to make it work with py 3.10 [0].
The GET calls no longer return list but the object itself, fixed the
tests and assertions to account for that. The tests did not account for
the later added `allow_user_remove_domain` setting. And there were
issues with missing and non-stopped patchers/mocks.
Now all tests are at least passing.
[0] https://github.com/pytest-dev/pytest/pull/8540
The Dockerfile did not work as is, because the dependencies in
requirements.txt are newer than the stretch-image with its python v3.5
can support/run. Use stable debian with the lts nodejs instead, plus
had to add some libs to make the wheel build succeed.
jsonschema v4 breaks things, so its version needs to be pinned until
bravado is fixed [0].
[0] https://github.com/Yelp/bravado-core/pull/385/files#r731674447
Setting this attribute on a cookie marks it as non-cross-site, so it
is only send in requests to our own server. It is reasonable that no
one else should need our session or csrf data. Setting it explicitly
also prevents any issues from the ongoing change in browser behaviour [0]
when it is unset.
Seasurf supports the SameSite attribute starting with v0.3. As nothing
obviously broke, I used the opportunity and updated all the way to the
most recent version.
The SeaSurf default for SameSite is already `Lax`, so it only needs to
be set for the session cookie.
[0] https://developers.google.com/search/blog/2020/01/get-ready-for-new-samesitenone-secure
- Fix bug in python requests module missing after delete py3-pip from build stage
- Downgrade the requirement of bcrypt to >=3.1.7 for older python3 version compatibility
