Release 0.31.0

[odlbot]

Nathan Levesque

• Fix SCIM view tests (Fix SCIM view tests #2073) (798ef523)
• Added SCIM fields to User and populate (Added SCIM fields to User and populate #2062) (6c9a8d20)
• Fix SCIM search API sort and pagination (Fix SCIM search API sort and pagination #2066) (e394d1dd)

Chris Chudzicki

• Accessibility improvements (Accessibility improvements #2071) (0bed63b3)

Matt Bertrand

• APISIX integration (APISIX integration #2061) (131c04e4)

Arslan Ashraf

• fix: Opensearch container on ARM64 based architecture (fix: opensearch container on ARM64 based architecture #2069) (af38efac)

renovate[bot]

• Update dependency @dnd-kit/sortable to v10 (Update dependency @dnd-kit/sortable to v10 #1974) (aeb59d30)
• Update akhileshns/heroku-deploy digest to e3eb99d (Update akhileshns/heroku-deploy digest to e3eb99d #2068) (be430a1c)
• Update dependency @sentry/nextjs to v9 (Update dependency @sentry/nextjs to v9 #2034) (b3d12422)
• Update dependency @mui/lab to v6.0.0-beta.28 (Update dependency @mui/lab to v6.0.0-beta.28 #2051) (d507c1fb)
• Update dependency tldextract to v5 (Update dependency tldextract to v5 #2031) (d47aa29c)

[gemini-code-assist]

Hello @odlbot, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

Summary of Changes

This pull request bumps the project to version 0.31.0 and includes several updates and fixes. It integrates APISIX for authentication, adds SCIM fields to the User model, and fixes SCIM search API sorting and pagination. It also updates dependencies, improves accessibility, and fixes an issue with the Opensearch container on ARM64 architectures. The changes include updates to Dockerfiles, configuration files, GitHub workflows, and front-end components.

Highlights

• APISIX Integration: Integrates Keycloak and APISIX for authentication, including configuration files and documentation.
• SCIM Updates: Adds SCIM fields to the User model and fixes SCIM search API sorting and pagination.
• Dependency Updates: Updates several dependencies, including @dnd-kit/sortable, @sentry/nextjs, @mui/lab, and tldextract.
• Accessibility Improvements: Includes accessibility improvements in the front end.
• Opensearch ARM64 Fix: Addresses an issue with the Opensearch container on ARM64-based architectures.

Changelog

Click here to see the changelog

• .github/workflows/production.yml
  • Updates the akhileshns/heroku-deploy GitHub Action to the latest digest.
• .github/workflows/release-candidate.yml
  • Updates the akhileshns/heroku-deploy GitHub Action to the latest digest.
• .pre-commit-config.yaml
  • Excludes Keycloak TLS and realm configuration files from pre-commit checks.
• .secrets.baseline
  • Excludes Keycloak TLS files from secret scanning.
• Dockerfile
  • Ensures the staticfiles directory is created with -p to avoid errors if parent directories don't exist.
• Dockerfile-litellm
  • Removes the Dockerfile-litellm file.
• README-keycloak.md
  • Adds documentation for Keycloak and APISIX integration, including default settings and instructions for enabling them.
• RELEASE.rst
  • Adds release notes for version 0.31.0, including a list of changes and fixes.
• config/apisix/apisix.yaml
  • Adds configuration for APISIX routes and upstreams, including OpenID Connect plugin settings.
• config/apisix/config.yaml
  • Configures APISIX settings, such as disabling the admin interface and enabling YAML-based configuration.
• config/apisix/debug.yaml
  • Adds debug configuration for APISIX.
• config/keycloak/providers/README.md
  • Adds a README file for the Keycloak providers directory.
• config/keycloak/realms/default-realm.json
  • Adds a default Keycloak realm configuration with users, roles, and clients.
• config/keycloak/tls/README.md
  • Adds a README file for the Keycloak TLS configuration, including instructions for adding custom certificates.
• config/keycloak/tls/tls.crt
  • Adds a default TLS certificate for Keycloak.
• config/keycloak/tls/tls.crt.default
  • Adds a default TLS certificate for Keycloak.
• config/keycloak/tls/tls.key
  • Adds a default TLS key for Keycloak.
• config/keycloak/tls/tls.key.default
  • Adds a default TLS key for Keycloak.
• config/litellm_config.yml
  • Removes the litellm config file.
• config/postgres/init-keycloak.sql
  • Adds SQL script to create the Keycloak database.
• docker-compose.litellm.yml
  • Removes the litellm docker compose file.
• docker-compose.opensearch.base.yml
  • Adds a JAVA option to disable SVE for ARM64.
• docker-compose.services.yml
  • Adds Keycloak and APISIX service definitions to the docker-compose file.
  • Adds a volume mount for postgres init scripts
  • Removes restart policy from qdrant service
• docker-compose.yml
  • Adds env files to docker compose
• env/backend.env
  • Changes the MITOL_COOKIE_NAME from 'discussions' to 'mitlearn'.
• env/backend.local.example.env
  • Adds APISIX/Keycloak settings to the example environment file.
• env/frontend.env
  • Adds MITOL_API_LOGOUT_SUFFIX to the frontend environment variables.
• env/shared.env
  • Adds MITOL_API_LOGOUT_SUFFIX and updates MITOL_API_BASE_URL, and adds ports for keycloak and apisix
• env/shared.local.example.env
  • Adds MITOL_NEW_USER_LOGIN_URL to the example environment file.
• frontends/main/package.json
  • Updates the @sentry/nextjs dependency to version 9.0.0.
• frontends/main/src/app-pages/ChatPage/ChatPage.tsx
  • Adds credentials: 'include' to the fetch request options.
• frontends/main/src/app-pages/ChatSyllabusPage/ChatSyllabusPage.tsx
  • Adds credentials: 'include' to the fetch request options.
• frontends/main/src/app-pages/DashboardPage/DashboardPage.tsx
  • Adds focus-visible styling to the tabs container.
• frontends/main/src/common/urls.ts
  • Updates the LOGOUT URL to include the MITOL_API_LOGOUT_SUFFIX.
• frontends/main/src/page-components/AiChat/AiRecommendationBotDrawer.tsx
  • Adds credentials: 'include' to the fetch request options.
• frontends/main/src/page-components/LearningResourceExpanded/AiChatSyllabusSlideDown.tsx
  • Adds credentials: 'include' to the fetch request options.
• frontends/ol-components/package.json
  • Updates the @dnd-kit/sortable dependency to version 10.0.0 and @mui/lab to beta 28, and @mui/material and system to 6.4.5 and 6.4.3 respectively.
• frontends/ol-components/src/components/Checkbox/Checkbox.tsx
  • Adds focus-visible styling to the checkbox input.
• frontends/ol-components/src/components/Checkbox/CheckboxChoiceField.tsx
  • Fixes type of FormLabel and changes label to a legend
• frontends/ol-components/src/components/SelectField/SelectField.test.tsx
  • Adds tests for the Select component to ensure the pointer-open class is applied correctly.
• frontends/ol-components/src/components/SelectField/SelectField.tsx
  • Adds a workaround for a focus issue in the Select component when opened via pointer.
  • Adds a constant for the pointer classname
• frontends/ol-components/src/components/SimpleSelect/SimpleSelect.tsx
  • Removes the hidden MenuItem from the SimpleSelect component.
• frontends/ol-utilities/package.json
  • Updates the @dnd-kit/sortable dependency to version 10.0.0.
• main/factories.py
  • Adds scim_external_id and scim_username fields to the UserFactory.
  • Imports SelfAttribute
• main/middleware/apisix_user.py
  • Adds middleware to handle APISIX-specific headers for authentication.
• main/middleware/apisix_user_test.py
  • Adds tests for the APISIX middleware.
• main/settings.py
  • Bumps the version to 0.31.0.
  • Adds the ApisixUserMiddleware to the middleware list.
  • Adds Keycloak API settings.
• profiles/admin.py
  • Removes SCIM-related fields from the ProfileAdmin.
• profiles/forms.py
  • Removes SCIM-related fields from the Profile form.
• pyproject.toml
  • Updates the tldextract dependency to version ^5.0.0.
• scim/adapters.py
  • Updates the LearnSCIMUser adapter to use the User model's SCIM fields directly.
  • Removes profile references
  • Removes profile references
• scim/urls.py
  • Updates the URL patterns for the SCIM API, including a search endpoint.
• scim/views.py
  • Adds a SearchView for handling SCIM search requests.
  • Adds a view for the /.search endpoint
• scim/views_test.py
  • Updates tests to use the User model's SCIM fields directly.
  • Adds a fixture for a large user set and tests for the user search endpoint.
  • Adds a large user set fixture
• users/admin.py
  • Adds SCIM-related fields to the UserAdmin.
• users/migrations/0004_add_scim_and_timestamp_fields.py
  • Adds SCIM-related and timestamp fields to the User model.
• users/migrations/0005_set_user_scim_id.py
  • Adds a data migration to set the user scim id
• users/migrations/0006_remove_auth_user_view.py
  • Removes the auth_user view
• users/models.py
  • Updates the User model to inherit from AbstractSCIMUserMixin and TimestampedModel.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

---

Trivia time!

What is the origin of the name 'SCIM'?

Click here for the answer

SCIM stands for System for Cross-domain Identity Management. It is designed to make managing user identities in different applications and services easier.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gitguardian]

⚠️ GitGuardian has uncovered 5 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request

GitGuardian id	GitGuardian status	Secret	Commit	Filename
13777606	Triggered	Generic Private Key	131c04e	config/keycloak/tls/tls.key.default	View secret
13777608	Triggered	Generic High Entropy Secret	131c04e	config/keycloak/realms/default-realm.json	View secret
13777609	Triggered	Generic Password	131c04e	config/keycloak/realms/default-realm.json	View secret
13777610	Triggered	Generic High Entropy Secret	131c04e	config/keycloak/realms/default-realm.json	View secret
10259317	Triggered	Generic Password	131c04e	docker-compose.services.yml	View secret

🛠 Guidelines to remediate hardcoded secrets

1. Understand the implications of revoking this secret by investigating where it is used in your code.
2. Replace and store your secrets safely. Learn here the best practices.
3. Revoke and rotate these secrets.
4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

• following these best practices for managing and storing secrets including API keys and other credentials
• install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.

---

^{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}

[gemini-code-assist]

Code Review

This pull request updates the version number in two files, RELEASE.rst and main/settings.py, to reflect the release of version 0.31.0. The changes are straightforward and necessary for maintaining accurate versioning information.

Summary of Findings

Merge Readiness

The pull request is ready for merging as it simply updates the version number in the release notes and settings file. There are no identified issues that would prevent merging. I am unable to approve the pull request, and recommend that users have others review and approve this code before merging.