From Pillow 4.2, it is forbidden to save RGBA images as JPEG
( e4d6223c94 )
A crash was occurring when loading demo JPGs as
image_resize_and_sharpen() was silently changing image mode to RGBA.
Now we ensure that we return the original image mode.
We also avoid crashes when converting from PNG to JPG
Complements the patch in 15583a4813
in order to properly bootstrap a writeable data_dir when it is
(partially) nonexistant.
Depending on the startup parameters the data_dir might otherwise
have ended up read-only, preventing the creation of its necessary
components (session store, file store). Only the `addons` directory
of the data_dir needs to be read-only by default.
As discussed on issue #15225, it should be possible for system administrators
to disable the 1-click installation system.
The plan is to disable the feature by default, but make it relatively easy
to turn on when it is explicitly desired.
1. At the moment we cannot guarantee that all Apps published on the Odoo Apps
Store are safe. And it is a security risk to let end-users deploy Python
code on their Odoo servers without requiring any review/deployment by a
competent system administrator.
We will work on improving the validation process of the Store, but this
will require time, and won't probably be a 100% safe process in any case.
2. The one-click install feature is however really useful to help
non-technical users install Apps, as long as the feature has been
explicitly allowed by the system administrator. This is a common feature
in other software suites as well. So we'd like to keep it as an opt-in
feature.
3. Administrators of multi-tenant servers, cloud hosting services, etc.
understandably expect to be able to turn off the feature for
security/control reasons.
4. By turning off the feature by default, but still exposing it in the UI,
we keep it *discoverable* for users. The error message should be
helpful to direct users to their sysadmins.
5. By using the permissions of the download folder as a flag for turning
off the feature, we avoid introducing an extra server parameter.
The folder is still created (read-only) by default, for the sole purpose
of making it easier to locate.
Fixes#15225
Introduced by python-pillow/Pillow@c3fe5d43 and integrated into pillow 4.0
The size of the image is ignored and must be set using an image or a mask.
This patch is retrocompatible with the previous versions as the changed code was
in the box size computation. With this patch a 4 points box size is given so the
modified code is not executed.
Fixes#14927
Also restrict XML data attribute evaluation context
even for real module data files. This will prevent
accidentally depending on context parameters that
would not be available inside base_import_module.
extract terms in correct folder
If two addons path have a common part in the folder name (e.g. `/home/alice/dev`
and `/home/alice/devodoo`), the `get_module_from_path` method may match the
wrong folder.
A file `/home/alice/devodoo/bob/models.py` would wrongly match `/home/alice/dev`
path (due to the lack of separator) and the returned module would be `odoo`
(`"odoo/bob/models.py".split('/')[0]`).
In such scenario, the translations of files (code, static folder, report) would
not be included in the exported translation file.
Force the module path to ends with a folder separator to avoid wrong matching.
Closes#13363
When a record is exported, an external ID, in the form of __export__.<model>_<id>
is created on this record.
When the translations are generated (e.g. "synchronise terms" wizard), the
translations may be duplicated for records that have been exported. If a
translation is submitted before the export (when the record had no external ID
yet), a new empty translation is created as the module differs in the import.
Creating a new translation may be a problem as the new term (equal to the source
term) will be used as the translation value.
Fixes 9480
According to the RFC1034
https://tools.ietf.org/html/rfc1034
A TLD can use up to 63 octets.
The regex checking that an email address is valid
should there allow emails using a TLD with such a length.
Besides, the use of TLD domains exceeding 6 characters is more
and more common, nowadays.
e.g. using a domain `.amsterdam`
opw-660014
When sending a mail.mail with email_to, the processing split the email_to into
a list of addresses. However if the found addresses use the form name <email>
the name if lost in the process. A new email_split_and_format method is introduced
in tools and used to avoid loosing that information.
This revision back-ports revisions
983d5eb9fa
&
ccbb8e09a6
regarding this signature regex.
Besides, it adds the fact the dashes have to
be at the beginning of the line
to make them detected as a signature.
opw-655834
In case of different directory for stroing po and pot files than 'i18n'
(e.g. 'i18n_extra'), a po could be linked to a wrong pot file.
Use the same folder as the po file to look for pot.
Closes#4323
The "Synchronise translation" wizard almost doubles the number of translated
terms in database.
This is due to the loss of the module reference at the synchronisation
(`module_name` is empty as updating all modules)
Only overwrite the module when it is set (default None)
Fixes#6149
Second part of the patches avoid inserting translations without any module for
locale xml ids.
When exporting the translations, the terms stored in individual files outside of
addons folders (e.g. openerp/models.py) needs to be scanned as well and added in
base translations.
Some folders like osv and report were enough to add these files but with the new
api moving the ORM to openerp folder, a non-recusrive scan needs to be added.
Fixes#7482
Comments in .po(t) files for translations of type "code" (e.g. field labels)
specify the path to the file containing the translation. This path should be
OS-independent to get the same result whatever the plateform the instance is
running on.
Closes#7561