From b70d96796b8da6c0e4bfb58d569e923c99088c50 Mon Sep 17 00:00:00 2001
From: Stefan Fleckenstein <stefan.fleckenstein@maibornwolff.de>
Date: Mon, 15 Apr 2024 12:36:41 +0200
Subject: [PATCH 01/14] fix: revoke of product_api_token didn't work properly
 (#1388)

* fix: revoke of product_api_token didn't work properly

* chore: pylint
---
 .../services/product_api_token.py             | 22 +++++--
 .../services/test_product_api_token.py        | 57 +++++++++++++------
 2 files changed, 56 insertions(+), 23 deletions(-)

diff --git a/backend/application/access_control/services/product_api_token.py b/backend/application/access_control/services/product_api_token.py
index cc8274caf..813d5091e 100644
--- a/backend/application/access_control/services/product_api_token.py
+++ b/backend/application/access_control/services/product_api_token.py
@@ -14,13 +14,22 @@ def create_product_api_token(product: Product, role: Roles) -> str:
     product_user_name = _get_product_user_name(product)
     user = get_user_by_username(product_user_name)
     if user:
-        raise ValidationError("Only one API token per product is allowed.")
+        try:
+            user.api_token  # pylint: disable=pointless-statement
+            # This statement raises an exception if the user has no API token.
+            raise ValidationError("Only one API token per product is allowed.")
+        except API_Token.DoesNotExist:
+            pass
 
     api_token, api_token_hash = generate_api_token_hash()
 
-    user = User(username=product_user_name, is_active=True)
+    if user:
+        user.is_active = True
+    else:
+        user = User(username=product_user_name, is_active=True)
     user.set_unusable_password()
     user.save()
+
     Product_Member(product=product, user=user, role=role).save()
     API_Token(user=user, api_token_hash=api_token_hash).save()
 
@@ -33,15 +42,18 @@ def revoke_product_api_token(product: Product) -> None:
     if not user:
         return
 
-    api_tokens = API_Token.objects.filter(user=user)
-    for api_token in api_tokens:
+    try:
+        api_token = user.api_token
         api_token.delete()
+    except API_Token.DoesNotExist:
+        pass
 
     product_member = get_product_member(product, user)
     if product_member:
         product_member.delete()
 
-    user.delete()
+    user.is_active = False
+    user.save()
 
 
 @dataclass
diff --git a/backend/unittests/access_control/services/test_product_api_token.py b/backend/unittests/access_control/services/test_product_api_token.py
index 611ea2df8..3dc781e67 100644
--- a/backend/unittests/access_control/services/test_product_api_token.py
+++ b/backend/unittests/access_control/services/test_product_api_token.py
@@ -17,18 +17,46 @@
 class TestProductApiToken(BaseTestCase):
     @patch("application.access_control.services.product_api_token.get_user_by_username")
     def test_create_product_api_token_exists(self, mock):
-        mock.return_value = User()
+        user = User(username="username", full_name="full_name")
+        api_token = API_Token(user=user, api_token_hash="hash")
+        mock.return_value = user
 
-        with self.assertRaises(ValidationError):
+        with self.assertRaises(ValidationError) as e:
             create_product_api_token(self.product_1, Roles.Upload)
             mock.assert_called_with("-product-None-api_token-")
+            self.assertEqual("Only one API token per product is allowed.", str(e))
 
     @patch("application.access_control.services.product_api_token.get_user_by_username")
     @patch("application.access_control.models.API_Token.save")
     @patch("application.access_control.models.User.save")
     @patch("application.core.models.Product_Member.save")
     @patch("application.access_control.models.User.set_unusable_password")
-    def test_create_product_api_token_new(
+    def test_create_product_api_token_with_user(
+        self,
+        set_unusable_password_mock,
+        product_member_save_mock,
+        user_save_mock,
+        api_token_save_mock,
+        user_mock,
+    ):
+        user_mock.return_value = User()
+
+        api_token = create_product_api_token(self.product_1, Roles.Upload)
+
+        self.assertEqual(42, len(api_token))
+
+        user_mock.assert_called_with("-product-None-api_token-")
+        api_token_save_mock.assert_called()
+        user_save_mock.assert_called()
+        product_member_save_mock.assert_called()
+        set_unusable_password_mock.assert_called()
+
+    @patch("application.access_control.services.product_api_token.get_user_by_username")
+    @patch("application.access_control.models.API_Token.save")
+    @patch("application.access_control.models.User.save")
+    @patch("application.core.models.Product_Member.save")
+    @patch("application.access_control.models.User.set_unusable_password")
+    def test_create_product_api_token_without_user(
         self,
         set_unusable_password_mock,
         product_member_save_mock,
@@ -58,38 +86,31 @@ def test_revoke_product_api_token_not_exists(self, filter_mock, user_mock):
         filter_mock.assert_not_called()
 
     @patch("application.access_control.services.product_api_token.get_user_by_username")
-    @patch("application.access_control.models.API_Token.objects.filter")
     @patch("application.access_control.models.API_Token.delete")
-    @patch("application.access_control.models.User.delete")
+    @patch("application.access_control.models.User.save")
     @patch("application.core.models.Product_Member.delete")
     @patch("application.access_control.services.product_api_token.get_product_member")
     def test_revoke_product_api_token(
         self,
         get_product_member_mock,
         product_member_delete_mock,
-        user_delete_mock,
+        user_save_mock,
         api_token_delete_mock,
-        filter_mock,
         user_mock,
     ):
-        user = User()
+        user = User(username="username", full_name="full_name")
+        api_token = API_Token(user=user, api_token_hash="hash")
         user_mock.return_value = user
 
-        none_qs = API_Token.objects.none()
-        api_token_1 = API_Token()
-        api_token_2 = API_Token()
-        qs = list(chain(none_qs, [api_token_1, api_token_2]))
-        filter_mock.return_value = qs
-
         get_product_member_mock.return_value = Product_Member()
 
         revoke_product_api_token(self.product_1)
 
         user_mock.assert_called_with("-product-None-api_token-")
-        filter_mock.assert_called_with(user=user)
-        self.assertEqual(2, api_token_delete_mock.call_count)
-        self.assertEqual(1, product_member_delete_mock.call_count)
-        user_delete_mock.assert_called()
+        api_token_delete_mock.assert_called()
+        get_product_member_mock.assert_called_with(self.product_1, user)
+        product_member_delete_mock.assert_called()
+        user_save_mock.assert_called()
 
     @patch("application.access_control.services.product_api_token.get_user_by_username")
     def test_get_product_api_tokens_no_user(self, user_mock):

From 895ba24da6c9d952ffa28f62a998e601dcbc8a81 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 15 Apr 2024 13:38:33 +0200
Subject: [PATCH 02/14] chore(deps): update
 nginxinc/nginx-unprivileged:stable-alpine3.18 docker digest to a375090
 (#1385)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 docker/frontend/prod/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker/frontend/prod/Dockerfile b/docker/frontend/prod/Dockerfile
index ceeb1410a..deee05608 100644
--- a/docker/frontend/prod/Dockerfile
+++ b/docker/frontend/prod/Dockerfile
@@ -18,7 +18,7 @@ RUN sed -i 's/version_unkown/'"${VERSION}"'/g' ./src/commons/about/About.tsx
 RUN npm run build
 
 # production environment
-FROM nginxinc/nginx-unprivileged:stable-alpine3.18@sha256:4f2f5724aafe32e067b4ea2245c5379f630576a35b6580dbe87cf32a0096b99e
+FROM nginxinc/nginx-unprivileged:stable-alpine3.18@sha256:a3750906c42187288338731393229e7c81d68935d57bd794855b24ed200d71eb
 
 USER root
 

From bff789a202439148c8ffcf63066f2fc03c231231 Mon Sep 17 00:00:00 2001
From: Stefan Fleckenstein <stefan.fleckenstein@maibornwolff.de>
Date: Mon, 15 Apr 2024 18:10:46 +0200
Subject: [PATCH 03/14] feat: bulk assessment in main observation list (#1389)

* feat: bulk assessment in main observation list

* chore: pylint
---
 backend/application/core/api/permissions.py   |  3 +++
 backend/application/core/api/views.py         | 21 +++++++++++++++++
 .../services/observations_bulk_actions.py     | 23 ++++++++++++++-----
 .../test_observations_bulk_actions.py         | 23 ++++++++++++++++++-
 .../ObservationBulkAssessment.tsx             | 12 ++++++++--
 .../src/core/observations/ObservationList.tsx |  9 +++++++-
 6 files changed, 81 insertions(+), 10 deletions(-)

diff --git a/backend/application/core/api/permissions.py b/backend/application/core/api/permissions.py
index 2bd731a87..2dd869f6f 100644
--- a/backend/application/core/api/permissions.py
+++ b/backend/application/core/api/permissions.py
@@ -129,6 +129,9 @@ def has_object_permission(self, request, view, obj):
 
 class UserHasObservationPermission(BasePermission):
     def has_permission(self, request, view):
+        if request.path.endswith("/bulk_assessment/"):
+            return True
+
         return check_post_permission(
             request, Product, "product", Permissions.Observation_Create
         )
diff --git a/backend/application/core/api/views.py b/backend/application/core/api/views.py
index 02547610f..ff35419a2 100644
--- a/backend/application/core/api/views.py
+++ b/backend/application/core/api/views.py
@@ -487,6 +487,27 @@ def remove_assessment(self, request, pk=None):
 
         return Response()
 
+    @extend_schema(
+        methods=["POST"],
+        request=ObservationBulkAssessmentSerializer,
+        responses={HTTP_204_NO_CONTENT: None},
+    )
+    @action(detail=False, methods=["post"])
+    def bulk_assessment(self, request):
+        request_serializer = ObservationBulkAssessmentSerializer(data=request.data)
+        if not request_serializer.is_valid():
+            raise ValidationError(request_serializer.errors)
+
+        observations_bulk_assessment(
+            None,
+            request_serializer.validated_data.get("severity"),
+            request_serializer.validated_data.get("status"),
+            request_serializer.validated_data.get("comment"),
+            request_serializer.validated_data.get("observations"),
+            request_serializer.validated_data.get("vex_justification"),
+        )
+        return Response(status=HTTP_204_NO_CONTENT)
+
 
 class ObservationLogViewSet(GenericViewSet, ListModelMixin, RetrieveModelMixin):
     serializer_class = ObservationLogSerializer
diff --git a/backend/application/core/services/observations_bulk_actions.py b/backend/application/core/services/observations_bulk_actions.py
index 62dc37d87..6f3f4fddd 100644
--- a/backend/application/core/services/observations_bulk_actions.py
+++ b/backend/application/core/services/observations_bulk_actions.py
@@ -1,7 +1,11 @@
+from typing import Optional
+
 from django.db.models.query import QuerySet
 from django.utils import timezone
 from rest_framework.exceptions import ValidationError
 
+from application.access_control.services.authorization import user_has_permission
+from application.access_control.services.roles_permissions import Permissions
 from application.commons.services.global_request import get_current_user
 from application.core.models import Observation, Potential_Duplicate, Product
 from application.core.queries.observation import get_current_observation_log
@@ -15,7 +19,7 @@
 
 
 def observations_bulk_assessment(
-    product: Product,
+    product: Optional[Product],
     new_severity: str,
     new_status: str,
     comment: str,
@@ -88,17 +92,24 @@ def observations_bulk_mark_duplicates(
 
 
 def _check_observations(
-    product: Product, observation_ids: list[int]
+    product: Optional[Product], observation_ids: list[int]
 ) -> QuerySet[Observation]:
     observations = Observation.objects.filter(id__in=observation_ids)
     if len(observations) != len(observation_ids):
         raise ValidationError("Some observations do not exist")
 
     for observation in observations:
-        if observation.product != product:
-            raise ValidationError(
-                f"Observation {observation.pk} does not belong to product {product.pk}"
-            )
+        if product:
+            if observation.product != product:
+                raise ValidationError(
+                    f"Observation {observation.pk} does not belong to product {product.pk}"
+                )
+        else:
+            if not user_has_permission(observation, Permissions.Observation_Assessment):
+                raise ValidationError(
+                    f"First observation without assessment permission: {observation}"
+                )
+
         current_observation_log = get_current_observation_log(observation)
         if (
             current_observation_log
diff --git a/backend/unittests/core/services/test_observations_bulk_actions.py b/backend/unittests/core/services/test_observations_bulk_actions.py
index 1bca4cc0a..24bfccb9f 100644
--- a/backend/unittests/core/services/test_observations_bulk_actions.py
+++ b/backend/unittests/core/services/test_observations_bulk_actions.py
@@ -110,10 +110,31 @@ def test_check_observation_not_in_product(self):
             "[ErrorDetail(string='Observation 1 does not belong to product 2', code='invalid')]",
         )
 
-    def test_check_observation_success(self):
+    def test_check_observation_product_success(self):
         product_1 = Product.objects.get(pk=1)
 
         observations = _check_observations(product_1, [1])
 
         self.assertEqual(len(observations), 1)
         self.assertEqual(observations[0], Observation.objects.get(pk=1))
+
+    @patch("application.core.services.observations_bulk_actions.user_has_permission")
+    def test_check_observation_no_product_no_permission(self, mock_user_has_permission):
+        mock_user_has_permission.return_value = False
+
+        with self.assertRaises(ValidationError) as e:
+            _check_observations(None, [1])
+
+        self.assertEqual(
+            str(e.exception),
+            "[ErrorDetail(string='First observation without assessment permission: db_product_internal / db_observation_internal', code='invalid')]",
+        )
+
+    @patch("application.core.services.observations_bulk_actions.user_has_permission")
+    def test_check_observation_no_product_success(self, mock_user_has_permission):
+        mock_user_has_permission.return_value = True
+
+        observations = _check_observations(None, [1])
+
+        self.assertEqual(len(observations), 1)
+        self.assertEqual(observations[0], Observation.objects.get(pk=1))
diff --git a/frontend/src/core/observations/ObservationBulkAssessment.tsx b/frontend/src/core/observations/ObservationBulkAssessment.tsx
index 568066525..12c1b086f 100644
--- a/frontend/src/core/observations/ObservationBulkAssessment.tsx
+++ b/frontend/src/core/observations/ObservationBulkAssessment.tsx
@@ -31,8 +31,16 @@ const ObservationBulkAssessment = (props: ObservationBulkAssessmentButtonProps)
 
     const observationUpdate = async (data: any) => {
         setLoading(true);
-        const url =
-            window.__RUNTIME_CONFIG__.API_BASE_URL + "/products/" + props.product.id + "/observations_bulk_assessment/";
+        let url = "";
+        if (props.product) {
+            url =
+                window.__RUNTIME_CONFIG__.API_BASE_URL +
+                "/products/" +
+                props.product.id +
+                "/observations_bulk_assessment/";
+        } else {
+            url = window.__RUNTIME_CONFIG__.API_BASE_URL + "/observations/bulk_assessment/";
+        }
         const assessment_data = {
             severity: data.current_severity,
             status: data.current_status,
diff --git a/frontend/src/core/observations/ObservationList.tsx b/frontend/src/core/observations/ObservationList.tsx
index 423e3a4c8..28da207ba 100644
--- a/frontend/src/core/observations/ObservationList.tsx
+++ b/frontend/src/core/observations/ObservationList.tsx
@@ -30,6 +30,7 @@ import {
     OBSERVATION_STATUS_OPEN,
     Observation,
 } from "../types";
+import ObservationBulkAssessment from "./ObservationBulkAssessment";
 import { IDENTIFIER_OBSERVATION_LIST, setListIdentifier } from "./functions";
 
 const listFilters = [
@@ -66,6 +67,12 @@ const ListActions = () => (
     </TopToolbar>
 );
 
+const BulkActionButtons = () => (
+    <Fragment>
+        <ObservationBulkAssessment product={null} />
+    </Fragment>
+);
+
 const ObservationList = () => {
     setListIdentifier(IDENTIFIER_OBSERVATION_LIST);
 
@@ -83,7 +90,7 @@ const ObservationList = () => {
                 actions={<ListActions />}
                 sx={{ marginTop: 1 }}
             >
-                <Datagrid size={getSettingListSize()} rowClick="show" bulkActionButtons={false}>
+                <Datagrid size={getSettingListSize()} rowClick="show" bulkActionButtons={<BulkActionButtons />}>
                     <TextField source="product_data.name" label="Product" />
                     <TextField source="product_data.product_group_name" label="Group" />
                     <TextField source="branch_name" label="Branch / Version" />

From 1332c728a74ebb9f05df06c47327e75e607b1fb9 Mon Sep 17 00:00:00 2001
From: Stefan Fleckenstein <stefan.fleckenstein@maibornwolff.de>
Date: Tue, 16 Apr 2024 19:47:06 +0200
Subject: [PATCH 04/14] fix: set theme without reload (#1396)

---
 frontend/src/App.tsx                       |  5 +++--
 frontend/src/commons/layout/AppBar.tsx     | 13 +++++++++++--
 frontend/src/commons/settings/Settings.tsx | 10 ----------
 3 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/frontend/src/App.tsx b/frontend/src/App.tsx
index 9070a6fda..ff7ef44cf 100644
--- a/frontend/src/App.tsx
+++ b/frontend/src/App.tsx
@@ -11,10 +11,10 @@ import authorization_groups from "./access_control/authorization_groups";
 import users from "./access_control/users";
 import englishMessages from "./commons/i18n/en";
 import { Layout } from "./commons/layout";
+import { darkTheme, lightTheme } from "./commons/layout/themes";
 import notifications from "./commons/notifications";
 import drfProvider from "./commons/ra-data-django-rest-framework";
 import Settings from "./commons/settings/Settings";
-import { getTheme } from "./commons/settings/functions";
 import evidences from "./core/evidences";
 import observation_logs from "./core/observation_logs";
 import observations from "./core/observations";
@@ -45,7 +45,8 @@ const App = () => {
                 layout={Layout}
                 i18nProvider={i18nProvider}
                 disableTelemetry
-                theme={getTheme()}
+                theme={lightTheme}
+                darkTheme={darkTheme}
             >
                 <CustomRoutes>
                     <Route path="/access_control/users" element={<AccessControlAdministration />} />
diff --git a/frontend/src/commons/layout/AppBar.tsx b/frontend/src/commons/layout/AppBar.tsx
index 8dc4492c3..e0ee4e876 100644
--- a/frontend/src/commons/layout/AppBar.tsx
+++ b/frontend/src/commons/layout/AppBar.tsx
@@ -3,7 +3,7 @@ import PersonIcon from "@mui/icons-material/Person";
 import SettingsIcon from "@mui/icons-material/Settings";
 import { Box, Divider, ListItemIcon, ListItemText, MenuItem, Theme, Typography, useMediaQuery } from "@mui/material";
 import { forwardRef } from "react";
-import { AppBar, Logout, UserMenu, useUserMenu } from "react-admin";
+import { AppBar, LoadingIndicator, Logout, UserMenu, useUserMenu } from "react-admin";
 import { Link } from "react-router-dom";
 
 import About from "../about/About";
@@ -89,7 +89,16 @@ const CustomUserMenu = () => {
 const CustomAppBar = () => {
     const isLargeEnough = useMediaQuery<Theme>((theme) => theme.breakpoints.up("sm"));
     return (
-        <AppBar color="secondary" elevation={1} userMenu={<CustomUserMenu />}>
+        <AppBar
+            color="secondary"
+            elevation={1}
+            userMenu={<CustomUserMenu />}
+            toolbar={
+                <>
+                    <LoadingIndicator />
+                </>
+            }
+        >
             <Typography
                 variant="h6"
                 color="inherit"
diff --git a/frontend/src/commons/settings/Settings.tsx b/frontend/src/commons/settings/Settings.tsx
index 062195db2..a32d3483c 100644
--- a/frontend/src/commons/settings/Settings.tsx
+++ b/frontend/src/commons/settings/Settings.tsx
@@ -9,32 +9,22 @@ import {
     RadioGroup,
     Stack,
 } from "@mui/material";
-import { useState } from "react";
 import { Title, useTheme } from "react-admin";
 
 import { darkTheme, lightTheme } from "../layout/themes";
 import { getSettingListSize, getSettingTheme, saveSettingListSize, saveSettingTheme } from "./functions";
 
 const Settings = () => {
-    const [previousTheme, setPreviousTheme] = useState(getSettingTheme());
     const [, setTheme] = useTheme();
 
     function setLightTheme() {
         setTheme(lightTheme);
         saveSettingTheme("light");
-        if (previousTheme != "light") {
-            window.location.reload();
-        }
-        setPreviousTheme("light");
     }
 
     function setDarkTheme() {
         setTheme(darkTheme);
         saveSettingTheme("dark");
-        if (previousTheme != "dark") {
-            window.location.reload();
-        }
-        setPreviousTheme("dark");
     }
 
     return (

From 28b7910b8902ebd0b1a575951f265c5a7493cda0 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 16 Apr 2024 20:03:42 +0200
Subject: [PATCH 05/14] chore(deps): update github/codeql-action action to
 v3.25.0 (#1390)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 .github/workflows/scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index d93193082..833dcb917 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -67,6 +67,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
+        uses: github/codeql-action/upload-sarif@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0
         with:
           sarif_file: results.sarif

From 246bf596f94f1ec4cce9ac05b3a954480056a1f1 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 16 Apr 2024 20:07:22 +0200
Subject: [PATCH 06/14] chore(deps): update typescript-eslint monorepo to
 v7.7.0 (#1391)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 frontend/package-lock.json | 88 +++++++++++++++++++-------------------
 frontend/package.json      |  4 +-
 2 files changed, 46 insertions(+), 46 deletions(-)

diff --git a/frontend/package-lock.json b/frontend/package-lock.json
index b3adb457a..ebe55d1bc 100644
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -47,8 +47,8 @@
                 "@types/prop-types": "15.7.12",
                 "@types/react": "18.2.78",
                 "@types/react-dom": "18.2.25",
-                "@typescript-eslint/eslint-plugin": "7.6.0",
-                "@typescript-eslint/parser": "7.6.0",
+                "@typescript-eslint/eslint-plugin": "7.7.0",
+                "@typescript-eslint/parser": "7.7.0",
                 "@vitejs/plugin-react": "4.2.1",
                 "eslint": "8.57.0",
                 "eslint-plugin-react": "7.34.1",
@@ -2632,16 +2632,16 @@
             "dev": true
         },
         "node_modules/@typescript-eslint/eslint-plugin": {
-            "version": "7.6.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-7.6.0.tgz",
-            "integrity": "sha512-gKmTNwZnblUdnTIJu3e9kmeRRzV2j1a/LUO27KNNAnIC5zjy1aSvXSRp4rVNlmAoHlQ7HzX42NbKpcSr4jF80A==",
+            "version": "7.7.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-7.7.0.tgz",
+            "integrity": "sha512-GJWR0YnfrKnsRoluVO3PRb9r5aMZriiMMM/RHj5nnTrBy1/wIgk76XCtCKcnXGjpZQJQRFtGV9/0JJ6n30uwpQ==",
             "dev": true,
             "dependencies": {
                 "@eslint-community/regexpp": "^4.10.0",
-                "@typescript-eslint/scope-manager": "7.6.0",
-                "@typescript-eslint/type-utils": "7.6.0",
-                "@typescript-eslint/utils": "7.6.0",
-                "@typescript-eslint/visitor-keys": "7.6.0",
+                "@typescript-eslint/scope-manager": "7.7.0",
+                "@typescript-eslint/type-utils": "7.7.0",
+                "@typescript-eslint/utils": "7.7.0",
+                "@typescript-eslint/visitor-keys": "7.7.0",
                 "debug": "^4.3.4",
                 "graphemer": "^1.4.0",
                 "ignore": "^5.3.1",
@@ -2667,15 +2667,15 @@
             }
         },
         "node_modules/@typescript-eslint/parser": {
-            "version": "7.6.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-7.6.0.tgz",
-            "integrity": "sha512-usPMPHcwX3ZoPWnBnhhorc14NJw9J4HpSXQX4urF2TPKG0au0XhJoZyX62fmvdHONUkmyUe74Hzm1//XA+BoYg==",
+            "version": "7.7.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-7.7.0.tgz",
+            "integrity": "sha512-fNcDm3wSwVM8QYL4HKVBggdIPAy9Q41vcvC/GtDobw3c4ndVT3K6cqudUmjHPw8EAp4ufax0o58/xvWaP2FmTg==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/scope-manager": "7.6.0",
-                "@typescript-eslint/types": "7.6.0",
-                "@typescript-eslint/typescript-estree": "7.6.0",
-                "@typescript-eslint/visitor-keys": "7.6.0",
+                "@typescript-eslint/scope-manager": "7.7.0",
+                "@typescript-eslint/types": "7.7.0",
+                "@typescript-eslint/typescript-estree": "7.7.0",
+                "@typescript-eslint/visitor-keys": "7.7.0",
                 "debug": "^4.3.4"
             },
             "engines": {
@@ -2695,13 +2695,13 @@
             }
         },
         "node_modules/@typescript-eslint/scope-manager": {
-            "version": "7.6.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.6.0.tgz",
-            "integrity": "sha512-ngttyfExA5PsHSx0rdFgnADMYQi+Zkeiv4/ZxGYUWd0nLs63Ha0ksmp8VMxAIC0wtCFxMos7Lt3PszJssG/E6w==",
+            "version": "7.7.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.7.0.tgz",
+            "integrity": "sha512-/8INDn0YLInbe9Wt7dK4cXLDYp0fNHP5xKLHvZl3mOT5X17rK/YShXaiNmorl+/U4VKCVIjJnx4Ri5b0y+HClw==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/types": "7.6.0",
-                "@typescript-eslint/visitor-keys": "7.6.0"
+                "@typescript-eslint/types": "7.7.0",
+                "@typescript-eslint/visitor-keys": "7.7.0"
             },
             "engines": {
                 "node": "^18.18.0 || >=20.0.0"
@@ -2712,13 +2712,13 @@
             }
         },
         "node_modules/@typescript-eslint/type-utils": {
-            "version": "7.6.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-7.6.0.tgz",
-            "integrity": "sha512-NxAfqAPNLG6LTmy7uZgpK8KcuiS2NZD/HlThPXQRGwz6u7MDBWRVliEEl1Gj6U7++kVJTpehkhZzCJLMK66Scw==",
+            "version": "7.7.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-7.7.0.tgz",
+            "integrity": "sha512-bOp3ejoRYrhAlnT/bozNQi3nio9tIgv3U5C0mVDdZC7cpcQEDZXvq8inrHYghLVwuNABRqrMW5tzAv88Vy77Sg==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/typescript-estree": "7.6.0",
-                "@typescript-eslint/utils": "7.6.0",
+                "@typescript-eslint/typescript-estree": "7.7.0",
+                "@typescript-eslint/utils": "7.7.0",
                 "debug": "^4.3.4",
                 "ts-api-utils": "^1.3.0"
             },
@@ -2739,9 +2739,9 @@
             }
         },
         "node_modules/@typescript-eslint/types": {
-            "version": "7.6.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.6.0.tgz",
-            "integrity": "sha512-h02rYQn8J+MureCvHVVzhl69/GAfQGPQZmOMjG1KfCl7o3HtMSlPaPUAPu6lLctXI5ySRGIYk94clD/AUMCUgQ==",
+            "version": "7.7.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.7.0.tgz",
+            "integrity": "sha512-G01YPZ1Bd2hn+KPpIbrAhEWOn5lQBrjxkzHkWvP6NucMXFtfXoevK82hzQdpfuQYuhkvFDeQYbzXCjR1z9Z03w==",
             "dev": true,
             "engines": {
                 "node": "^18.18.0 || >=20.0.0"
@@ -2752,13 +2752,13 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree": {
-            "version": "7.6.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.6.0.tgz",
-            "integrity": "sha512-+7Y/GP9VuYibecrCQWSKgl3GvUM5cILRttpWtnAu8GNL9j11e4tbuGZmZjJ8ejnKYyBRb2ddGQ3rEFCq3QjMJw==",
+            "version": "7.7.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.7.0.tgz",
+            "integrity": "sha512-8p71HQPE6CbxIBy2kWHqM1KGrC07pk6RJn40n0DSc6bMOBBREZxSDJ+BmRzc8B5OdaMh1ty3mkuWRg4sCFiDQQ==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/types": "7.6.0",
-                "@typescript-eslint/visitor-keys": "7.6.0",
+                "@typescript-eslint/types": "7.7.0",
+                "@typescript-eslint/visitor-keys": "7.7.0",
                 "debug": "^4.3.4",
                 "globby": "^11.1.0",
                 "is-glob": "^4.0.3",
@@ -2780,17 +2780,17 @@
             }
         },
         "node_modules/@typescript-eslint/utils": {
-            "version": "7.6.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.6.0.tgz",
-            "integrity": "sha512-x54gaSsRRI+Nwz59TXpCsr6harB98qjXYzsRxGqvA5Ue3kQH+FxS7FYU81g/omn22ML2pZJkisy6Q+ElK8pBCA==",
+            "version": "7.7.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.7.0.tgz",
+            "integrity": "sha512-LKGAXMPQs8U/zMRFXDZOzmMKgFv3COlxUQ+2NMPhbqgVm6R1w+nU1i4836Pmxu9jZAuIeyySNrN/6Rc657ggig==",
             "dev": true,
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.4.0",
                 "@types/json-schema": "^7.0.15",
                 "@types/semver": "^7.5.8",
-                "@typescript-eslint/scope-manager": "7.6.0",
-                "@typescript-eslint/types": "7.6.0",
-                "@typescript-eslint/typescript-estree": "7.6.0",
+                "@typescript-eslint/scope-manager": "7.7.0",
+                "@typescript-eslint/types": "7.7.0",
+                "@typescript-eslint/typescript-estree": "7.7.0",
                 "semver": "^7.6.0"
             },
             "engines": {
@@ -2805,12 +2805,12 @@
             }
         },
         "node_modules/@typescript-eslint/visitor-keys": {
-            "version": "7.6.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.6.0.tgz",
-            "integrity": "sha512-4eLB7t+LlNUmXzfOu1VAIAdkjbu5xNSerURS9X/S5TUKWFRpXRQZbmtPqgKmYx8bj3J0irtQXSiWAOY82v+cgw==",
+            "version": "7.7.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.7.0.tgz",
+            "integrity": "sha512-h0WHOj8MhdhY8YWkzIF30R379y0NqyOHExI9N9KCzvmu05EgG4FumeYa3ccfKUSphyWkWQE1ybVrgz/Pbam6YA==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/types": "7.6.0",
+                "@typescript-eslint/types": "7.7.0",
                 "eslint-visitor-keys": "^3.4.3"
             },
             "engines": {
diff --git a/frontend/package.json b/frontend/package.json
index 1f104525e..87df5381e 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -56,8 +56,8 @@
         "@types/react-dom": "18.2.25",
         "rewire": "7.0.0",
         "typescript": "5.4.5",
-        "@typescript-eslint/eslint-plugin": "7.6.0",
-        "@typescript-eslint/parser": "7.6.0",
+        "@typescript-eslint/eslint-plugin": "7.7.0",
+        "@typescript-eslint/parser": "7.7.0",
         "eslint": "8.57.0",
         "eslint-plugin-react": "7.34.1",
         "eslint-plugin-security": "3.0.0",

From a415e6b6d48f95b605100ecb698856fe4e6830ee Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 16 Apr 2024 20:12:43 +0200
Subject: [PATCH 07/14] chore(deps): update dependency @types/react to v18.2.79
 (#1392)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 frontend/package-lock.json | 8 ++++----
 frontend/package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/frontend/package-lock.json b/frontend/package-lock.json
index ebe55d1bc..4613fb78a 100644
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -45,7 +45,7 @@
                 "@types/jest": "29.5.12",
                 "@types/node": "20.12.7",
                 "@types/prop-types": "15.7.12",
-                "@types/react": "18.2.78",
+                "@types/react": "18.2.79",
                 "@types/react-dom": "18.2.25",
                 "@typescript-eslint/eslint-plugin": "7.7.0",
                 "@typescript-eslint/parser": "7.7.0",
@@ -2570,9 +2570,9 @@
             "integrity": "sha512-5zvhXYtRNRluoE/jAp4GVsSduVUzNWKkOZrCDBWYtE7biZywwdC2AcEzg+cSMLFRfVgeAFqpfNabiPjxFddV1Q=="
         },
         "node_modules/@types/react": {
-            "version": "18.2.78",
-            "resolved": "https://registry.npmjs.org/@types/react/-/react-18.2.78.tgz",
-            "integrity": "sha512-qOwdPnnitQY4xKlKayt42q5W5UQrSHjgoXNVEtxeqdITJ99k4VXJOP3vt8Rkm9HmgJpH50UNU+rlqfkfWOqp0A==",
+            "version": "18.2.79",
+            "resolved": "https://registry.npmjs.org/@types/react/-/react-18.2.79.tgz",
+            "integrity": "sha512-RwGAGXPl9kSXwdNTafkOEuFrTBD5SA2B3iEB96xi8+xu5ddUa/cpvyVCSNn+asgLCTHkb5ZxN8gbuibYJi4s1w==",
             "dependencies": {
                 "@types/prop-types": "*",
                 "csstype": "^3.0.2"
diff --git a/frontend/package.json b/frontend/package.json
index 87df5381e..a136923ec 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -52,7 +52,7 @@
         "@types/jest": "29.5.12",
         "@types/node": "20.12.7",
         "@types/prop-types": "15.7.12",
-        "@types/react": "18.2.78",
+        "@types/react": "18.2.79",
         "@types/react-dom": "18.2.25",
         "rewire": "7.0.0",
         "typescript": "5.4.5",

From 2b82df8663baacd73a10e15de9fe8887ff736980 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 16 Apr 2024 20:18:11 +0200
Subject: [PATCH 08/14] chore(deps): update dependency mkdocs-material to
 v9.5.18 (#1393)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 mkdocs_requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mkdocs_requirements.txt b/mkdocs_requirements.txt
index a03ef4b43..920ea67d6 100644
--- a/mkdocs_requirements.txt
+++ b/mkdocs_requirements.txt
@@ -1 +1 @@
-mkdocs-material==9.5.17  # https://github.com/squidfunk/mkdocs-material
+mkdocs-material==9.5.18  # https://github.com/squidfunk/mkdocs-material

From 6b0a111f58ca624bf9393308c31c556bbed57371 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 16 Apr 2024 20:31:52 +0200
Subject: [PATCH 09/14] chore(deps): update dependency vite to v5.2.9 (#1394)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 frontend/package-lock.json | 8 ++++----
 frontend/package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/frontend/package-lock.json b/frontend/package-lock.json
index 4613fb78a..7e8952369 100644
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -57,7 +57,7 @@
                 "prettier": "3.2.5",
                 "rewire": "7.0.0",
                 "typescript": "5.4.5",
-                "vite": "5.2.8"
+                "vite": "5.2.9"
             }
         },
         "node_modules/@aashutoshrathi/word-wrap": {
@@ -7727,9 +7727,9 @@
             "dev": true
         },
         "node_modules/vite": {
-            "version": "5.2.8",
-            "resolved": "https://registry.npmjs.org/vite/-/vite-5.2.8.tgz",
-            "integrity": "sha512-OyZR+c1CE8yeHw5V5t59aXsUPPVTHMDjEZz8MgguLL/Q7NblxhZUlTu9xSPqlsUO/y+X7dlU05jdhvyycD55DA==",
+            "version": "5.2.9",
+            "resolved": "https://registry.npmjs.org/vite/-/vite-5.2.9.tgz",
+            "integrity": "sha512-uOQWfuZBlc6Y3W/DTuQ1Sr+oIXWvqljLvS881SVmAj00d5RdgShLcuXWxseWPd4HXwiYBFW/vXHfKFeqj9uQnw==",
             "dev": true,
             "dependencies": {
                 "esbuild": "^0.20.1",
diff --git a/frontend/package.json b/frontend/package.json
index a136923ec..a8895e311 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -65,7 +65,7 @@
         "@microsoft/eslint-formatter-sarif": "3.1.0",
         "prettier": "3.2.5",
         "@trivago/prettier-plugin-sort-imports": "4.3.0",
-        "vite": "5.2.8",
+        "vite": "5.2.9",
         "@vitejs/plugin-react": "4.2.1"
     }
 }

From 6ec2f334bef4ca2130f6167d356c5597212b20db Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 16 Apr 2024 20:39:30 +0200
Subject: [PATCH 10/14] fix(deps): update dependency react-oidc-context to
 v3.1.0 (#1395)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 frontend/package-lock.json | 8 ++++----
 frontend/package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/frontend/package-lock.json b/frontend/package-lock.json
index 7e8952369..8d3f31b7a 100644
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -33,7 +33,7 @@
                 "react-admin": "4.16.15",
                 "react-chartjs-2": "5.2.0",
                 "react-dom": "18.2.0",
-                "react-oidc-context": "3.0.0",
+                "react-oidc-context": "3.1.0",
                 "react-router": "6.22.3",
                 "react-router-dom": "6.22.3",
                 "runtime-env-cra": "0.2.4",
@@ -6816,9 +6816,9 @@
             "integrity": "sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w=="
         },
         "node_modules/react-oidc-context": {
-            "version": "3.0.0",
-            "resolved": "https://registry.npmjs.org/react-oidc-context/-/react-oidc-context-3.0.0.tgz",
-            "integrity": "sha512-VmSnEGWl3pTMO5zT94pGAwoK58njg6VPVFXbrepUGsLhSM0IVEKN0DtzNJvTtDSUOPA4xnJ6+jiq1fgdrWtHSQ==",
+            "version": "3.1.0",
+            "resolved": "https://registry.npmjs.org/react-oidc-context/-/react-oidc-context-3.1.0.tgz",
+            "integrity": "sha512-ceQztvDfdl28mbr0So31XF/tCJamyF1+nm4AQNIE/nub+Xs9PLtDqLy/+75Yx1ahI0/n3nsq0R2qcP0R2Laa3Q==",
             "engines": {
                 "node": ">=18"
             },
diff --git a/frontend/package.json b/frontend/package.json
index a8895e311..2f14f1f59 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -33,7 +33,7 @@
         "@emotion/styled": "11.11.5",
         "runtime-env-cra": "0.2.4",
         "oidc-client-ts": "3.0.1",
-        "react-oidc-context": "3.0.0"
+        "react-oidc-context": "3.1.0"
     },
     "scripts": {
         "start": "NODE_ENV=development runtime-env-cra --config-name=./public/runtime-env.js && vite",

From ad2cbf37bf45917ced7d84bc20660a5049de1978 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 16 Apr 2024 20:44:37 +0200
Subject: [PATCH 11/14] chore(deps): update keycloak/keycloak docker tag to
 v24.0.3 (#1397)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 docker-compose-dev-keycloak.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose-dev-keycloak.yml b/docker-compose-dev-keycloak.yml
index bb704f497..d38163df1 100644
--- a/docker-compose-dev-keycloak.yml
+++ b/docker-compose-dev-keycloak.yml
@@ -86,7 +86,7 @@ services:
       - "8025:8025"
 
   keycloak:
-    image: keycloak/keycloak:24.0.2
+    image: keycloak/keycloak:24.0.3
     environment:
       - KEYCLOAK_ADMIN=admin
       - KEYCLOAK_ADMIN_PASSWORD=admin

From de49a6d54ce9f4c5c23cdcd58605e1eca9d1dc70 Mon Sep 17 00:00:00 2001
From: Stefan Fleckenstein <stefan.fleckenstein@maibornwolff.de>
Date: Wed, 17 Apr 2024 07:48:02 +0200
Subject: [PATCH 12/14] fix: set theme for oidc users (#1399)

---
 frontend/src/access_control/authProvider.ts |  9 ++-------
 frontend/src/dashboard/Dashboard.tsx        | 14 +++++++++++++-
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/frontend/src/access_control/authProvider.ts b/frontend/src/access_control/authProvider.ts
index 9a57b9638..48eced81e 100644
--- a/frontend/src/access_control/authProvider.ts
+++ b/frontend/src/access_control/authProvider.ts
@@ -4,7 +4,7 @@ import { AuthProvider } from "react-admin";
 
 import { set_settings_in_local_storage } from "../commons/functions";
 import { httpClient } from "../commons/ra-data-django-rest-framework";
-import { getSettingTheme, saveSettingListProperties, setListProperties } from "../commons/settings/functions";
+import { saveSettingListProperties, setListProperties } from "../commons/settings/functions";
 
 const authProvider: AuthProvider = {
     login: ({ username, password }) => {
@@ -85,7 +85,7 @@ const authProvider: AuthProvider = {
             fullName = user_json.full_name;
         } else {
             const userinfo = await getUserInfo();
-            const { id: id, full_name: fullName, username: avatar } = userinfo;
+            const { id: id, full_name: fullName, null: avatar } = userinfo;
             return Promise.resolve({ id, fullName, avatar });
         }
 
@@ -97,14 +97,9 @@ const authProvider: AuthProvider = {
 
 const getUserInfo = async () => {
     return httpClient(window.__RUNTIME_CONFIG__.API_BASE_URL + "/users/me/").then((response) => {
-        const before_theme = getSettingTheme();
         setListProperties(response.json.setting_list_properties);
         delete response.json.setting_list_properties;
         localStorage.setItem("user", JSON.stringify(response.json));
-        const after_theme = getSettingTheme();
-        if (before_theme != after_theme) {
-            window.location.reload();
-        }
         return response.json;
     });
 };
diff --git a/frontend/src/dashboard/Dashboard.tsx b/frontend/src/dashboard/Dashboard.tsx
index 4d1f14758..be0e370e2 100644
--- a/frontend/src/dashboard/Dashboard.tsx
+++ b/frontend/src/dashboard/Dashboard.tsx
@@ -1,8 +1,10 @@
 import { Stack } from "@mui/material";
-import { Fragment } from "react";
+import { Fragment, useEffect, useState } from "react";
+import { useTheme } from "react-admin";
 import { useAuth } from "react-oidc-context";
 
 import { jwt_signed_in } from "../access_control/authProvider";
+import { getSettingTheme, getTheme } from "../commons/settings/functions";
 import ObservationDashboardList from "../core/observations/ObservationDashboardList";
 import MetricsHeader from "../metrics/MetricsHeader";
 import MetricsSeveritiesCurrent from "../metrics/MetricsSeveritiesCurrent";
@@ -11,6 +13,16 @@ import MetricsStatusCurrent from "../metrics/MetricsStatusCurrent";
 
 const Dashboard = () => {
     const auth = useAuth();
+    const [setting_theme, setSettingTheme] = useState("");
+    const [, setTheme] = useTheme();
+
+    if (setting_theme != getSettingTheme()) {
+        setSettingTheme(getSettingTheme());
+    }
+
+    useEffect(() => {
+        setTheme(getTheme());
+    }, [setting_theme, setTheme]);
 
     return (
         (jwt_signed_in() || auth.isAuthenticated) && (

From 4b8b47f0b5946af7059d9869e97df8b0e65d6eff Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 17 Apr 2024 07:54:49 +0200
Subject: [PATCH 13/14] chore(deps): update dependency gunicorn to v22 (#1398)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 backend/poetry.lock    | 13 +++++++------
 backend/pyproject.toml |  2 +-
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/backend/poetry.lock b/backend/poetry.lock
index 8a445f2b0..a68268ac5 100644
--- a/backend/poetry.lock
+++ b/backend/poetry.lock
@@ -952,22 +952,23 @@ test = ["pytest"]
 
 [[package]]
 name = "gunicorn"
-version = "21.2.0"
+version = "22.0.0"
 description = "WSGI HTTP Server for UNIX"
 optional = false
-python-versions = ">=3.5"
+python-versions = ">=3.7"
 files = [
-    {file = "gunicorn-21.2.0-py3-none-any.whl", hash = "sha256:3213aa5e8c24949e792bcacfc176fef362e7aac80b76c56f6b5122bf350722f0"},
-    {file = "gunicorn-21.2.0.tar.gz", hash = "sha256:88ec8bff1d634f98e61b9f65bc4bf3cd918a90806c6f5c48bc5603849ec81033"},
+    {file = "gunicorn-22.0.0-py3-none-any.whl", hash = "sha256:350679f91b24062c86e386e198a15438d53a7a8207235a78ba1b53df4c4378d9"},
+    {file = "gunicorn-22.0.0.tar.gz", hash = "sha256:4a0b436239ff76fb33f11c07a16482c521a7e09c1ce3cc293c2330afe01bec63"},
 ]
 
 [package.dependencies]
 packaging = "*"
 
 [package.extras]
-eventlet = ["eventlet (>=0.24.1)"]
+eventlet = ["eventlet (>=0.24.1,!=0.36.0)"]
 gevent = ["gevent (>=1.4.0)"]
 setproctitle = ["setproctitle"]
+testing = ["coverage", "eventlet", "gevent", "pytest", "pytest-cov"]
 tornado = ["tornado (>=0.2)"]
 
 [[package]]
@@ -2469,4 +2470,4 @@ brotli = ["Brotli"]
 [metadata]
 lock-version = "2.0"
 python-versions = ">= 3.10, < 3.13"
-content-hash = "0438dfa61b411cc3ba9c50f446c8afdc75bccecad270eab6f8ad44c8a55e43bb"
+content-hash = "24574e78262ebf3091ce1de35ffccfa90ac0c8c0c879f22fba6e174965db2671"
diff --git a/backend/pyproject.toml b/backend/pyproject.toml
index 183e76f27..442a25be5 100644
--- a/backend/pyproject.toml
+++ b/backend/pyproject.toml
@@ -78,7 +78,7 @@ types-PyMySQL = "1.1.0.1"  # https://github.com/python/typeshed
 django-extensions = "3.2.3"  # https://github.com/django-extensions/django-extensions
 
 [tool.poetry.group.prod.dependencies]
-gunicorn = "21.2.0"  # https://github.com/benoitc/gunicorn
+gunicorn = "22.0.0"  # https://github.com/benoitc/gunicorn
 
 [tool.poetry.group.unittests.dependencies]
 coverage = "7.4.4"  # https://github.com/nedbat/coveragepy

From 5806faa44767a4e4ef02aa57719dc73e2062312f Mon Sep 17 00:00:00 2001
From: Stefan Fleckenstein <stefan.fleckenstein@maibornwolff.de>
Date: Wed, 17 Apr 2024 09:38:54 +0200
Subject: [PATCH 14/14] chore: prepare for release 1.11.1 (#1400)

---
 .github/workflows/scan_sca_current.yml               |  2 +-
 backend/application/__init__.py                      |  2 +-
 backend/pyproject.toml                               |  2 +-
 .../vex/api/files/csaf_given_vulnerability.json      |  2 +-
 .../api/files/csaf_given_vulnerability_update.json   |  2 +-
 .../vex/api/files/csaf_product_branches.json         |  2 +-
 .../vex/api/files/csaf_product_given_branch.json     |  2 +-
 .../vex/api/files/csaf_product_no_branch.json        |  2 +-
 .../vex/api/files/csaf_product_no_branch_update.json |  2 +-
 .../vex/api/files/openvex_given_vulnerability.json   |  2 +-
 .../files/openvex_given_vulnerability_update.json    |  2 +-
 .../vex/api/files/openvex_product_branches.json      |  2 +-
 .../vex/api/files/openvex_product_given_branch.json  |  2 +-
 .../vex/api/files/openvex_product_no_branch.json     |  2 +-
 .../api/files/openvex_product_no_branch_update.json  |  2 +-
 docker-compose-prod-mysql.yml                        |  4 ++--
 docker-compose-prod-postgres.yml                     |  4 ++--
 docs/getting_started/installation.md                 |  4 ++--
 end_to_end_tests/package-lock.json                   |  4 ++--
 end_to_end_tests/package.json                        |  2 +-
 frontend/package-lock.json                           |  4 ++--
 frontend/package.json                                |  2 +-
 so_configuration_sca_current.yml                     | 12 ++++++------
 23 files changed, 33 insertions(+), 33 deletions(-)

diff --git a/.github/workflows/scan_sca_current.yml b/.github/workflows/scan_sca_current.yml
index b04138f6c..b0eebe670 100644
--- a/.github/workflows/scan_sca_current.yml
+++ b/.github/workflows/scan_sca_current.yml
@@ -15,7 +15,7 @@ jobs:
         name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
-          ref: 'v1.11.0'
+          ref: 'v1.11.1'
       -
         name: Run SCA vulnerability scanners
         uses: MaibornWolff/secobserve_actions_templates/actions/vulnerability_scanner@cd1288ce6cb16c1b41bea98f60c275c0fc103166 # main
diff --git a/backend/application/__init__.py b/backend/application/__init__.py
index 09a72695b..41a61a987 100644
--- a/backend/application/__init__.py
+++ b/backend/application/__init__.py
@@ -1,4 +1,4 @@
-__version__ = "1.11.0"
+__version__ = "1.11.1"
 
 import pymysql
 
diff --git a/backend/pyproject.toml b/backend/pyproject.toml
index 442a25be5..936582f9a 100644
--- a/backend/pyproject.toml
+++ b/backend/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "SecObserve"
-version = "1.11.0"
+version = "1.11.1"
 description = "SecObserve is an open source vulnerability management system for software development and cloud environments."
 license = "BSD-3-Clause"
 authors = [
diff --git a/backend/unittests/vex/api/files/csaf_given_vulnerability.json b/backend/unittests/vex/api/files/csaf_given_vulnerability.json
index d334c9833..2964bb2cd 100644
--- a/backend/unittests/vex/api/files/csaf_given_vulnerability.json
+++ b/backend/unittests/vex/api/files/csaf_given_vulnerability.json
@@ -18,7 +18,7 @@
             "generator": {
                 "engine": {
                     "name": "SecObserve",
-                    "version": "1.11.0"
+                    "version": "1.11.1"
                 }
             },
             "id": "CSAF_2024_0001_0001",
diff --git a/backend/unittests/vex/api/files/csaf_given_vulnerability_update.json b/backend/unittests/vex/api/files/csaf_given_vulnerability_update.json
index a0ef7be31..c13993641 100644
--- a/backend/unittests/vex/api/files/csaf_given_vulnerability_update.json
+++ b/backend/unittests/vex/api/files/csaf_given_vulnerability_update.json
@@ -18,7 +18,7 @@
             "generator": {
                 "engine": {
                     "name": "SecObserve",
-                    "version": "1.11.0"
+                    "version": "1.11.1"
                 }
             },
             "id": "CSAF_2024_0001_0002",
diff --git a/backend/unittests/vex/api/files/csaf_product_branches.json b/backend/unittests/vex/api/files/csaf_product_branches.json
index c4d766c8d..72d2a5290 100644
--- a/backend/unittests/vex/api/files/csaf_product_branches.json
+++ b/backend/unittests/vex/api/files/csaf_product_branches.json
@@ -18,7 +18,7 @@
             "generator": {
                 "engine": {
                     "name": "SecObserve",
-                    "version": "1.11.0"
+                    "version": "1.11.1"
                 }
             },
             "id": "CSAF_2024_0001_0001",
diff --git a/backend/unittests/vex/api/files/csaf_product_given_branch.json b/backend/unittests/vex/api/files/csaf_product_given_branch.json
index ccd48b5ad..2eb7b7354 100644
--- a/backend/unittests/vex/api/files/csaf_product_given_branch.json
+++ b/backend/unittests/vex/api/files/csaf_product_given_branch.json
@@ -18,7 +18,7 @@
             "generator": {
                 "engine": {
                     "name": "SecObserve",
-                    "version": "1.11.0"
+                    "version": "1.11.1"
                 }
             },
             "id": "CSAF_2024_0001_0001",
diff --git a/backend/unittests/vex/api/files/csaf_product_no_branch.json b/backend/unittests/vex/api/files/csaf_product_no_branch.json
index 37ae3ba28..0723e2959 100644
--- a/backend/unittests/vex/api/files/csaf_product_no_branch.json
+++ b/backend/unittests/vex/api/files/csaf_product_no_branch.json
@@ -18,7 +18,7 @@
             "generator": {
                 "engine": {
                     "name": "SecObserve",
-                    "version": "1.11.0"
+                    "version": "1.11.1"
                 }
             },
             "id": "CSAF_2024_0001_0001",
diff --git a/backend/unittests/vex/api/files/csaf_product_no_branch_update.json b/backend/unittests/vex/api/files/csaf_product_no_branch_update.json
index 343260283..b2aa1c191 100644
--- a/backend/unittests/vex/api/files/csaf_product_no_branch_update.json
+++ b/backend/unittests/vex/api/files/csaf_product_no_branch_update.json
@@ -18,7 +18,7 @@
             "generator": {
                 "engine": {
                     "name": "SecObserve",
-                    "version": "1.11.0"
+                    "version": "1.11.1"
                 }
             },
             "id": "CSAF_2024_0001_0002",
diff --git a/backend/unittests/vex/api/files/openvex_given_vulnerability.json b/backend/unittests/vex/api/files/openvex_given_vulnerability.json
index a8297cada..b1433e29d 100644
--- a/backend/unittests/vex/api/files/openvex_given_vulnerability.json
+++ b/backend/unittests/vex/api/files/openvex_given_vulnerability.json
@@ -47,6 +47,6 @@
         }
     ],
     "timestamp": "2020-01-01T04:30:00+00:00",
-    "tooling": "SecObserve / 1.11.0",
+    "tooling": "SecObserve / 1.11.1",
     "version": 1
 }
\ No newline at end of file
diff --git a/backend/unittests/vex/api/files/openvex_given_vulnerability_update.json b/backend/unittests/vex/api/files/openvex_given_vulnerability_update.json
index 7009238b9..5a35ea19b 100644
--- a/backend/unittests/vex/api/files/openvex_given_vulnerability_update.json
+++ b/backend/unittests/vex/api/files/openvex_given_vulnerability_update.json
@@ -37,6 +37,6 @@
         }
     ],
     "timestamp": "2020-01-01T04:30:00+00:00",
-    "tooling": "SecObserve / 1.11.0",
+    "tooling": "SecObserve / 1.11.1",
     "version": 2
 }
\ No newline at end of file
diff --git a/backend/unittests/vex/api/files/openvex_product_branches.json b/backend/unittests/vex/api/files/openvex_product_branches.json
index eb6e2cb9a..5dd505ae6 100644
--- a/backend/unittests/vex/api/files/openvex_product_branches.json
+++ b/backend/unittests/vex/api/files/openvex_product_branches.json
@@ -70,6 +70,6 @@
         }
     ],
     "timestamp": "2020-01-01T04:30:00+00:00",
-    "tooling": "SecObserve / 1.11.0",
+    "tooling": "SecObserve / 1.11.1",
     "version": 1
 }
\ No newline at end of file
diff --git a/backend/unittests/vex/api/files/openvex_product_given_branch.json b/backend/unittests/vex/api/files/openvex_product_given_branch.json
index 364cab508..c8948cc7b 100644
--- a/backend/unittests/vex/api/files/openvex_product_given_branch.json
+++ b/backend/unittests/vex/api/files/openvex_product_given_branch.json
@@ -28,6 +28,6 @@
         }
     ],
     "timestamp": "2020-01-01T04:30:00+00:00",
-    "tooling": "SecObserve / 1.11.0",
+    "tooling": "SecObserve / 1.11.1",
     "version": 1
 }
\ No newline at end of file
diff --git a/backend/unittests/vex/api/files/openvex_product_no_branch.json b/backend/unittests/vex/api/files/openvex_product_no_branch.json
index cd1cc532f..199412fbb 100644
--- a/backend/unittests/vex/api/files/openvex_product_no_branch.json
+++ b/backend/unittests/vex/api/files/openvex_product_no_branch.json
@@ -63,6 +63,6 @@
         }
     ],
     "timestamp": "2020-01-01T04:30:00+00:00",
-    "tooling": "SecObserve / 1.11.0",
+    "tooling": "SecObserve / 1.11.1",
     "version": 1
 }
\ No newline at end of file
diff --git a/backend/unittests/vex/api/files/openvex_product_no_branch_update.json b/backend/unittests/vex/api/files/openvex_product_no_branch_update.json
index fcfe3f303..fcbff6324 100644
--- a/backend/unittests/vex/api/files/openvex_product_no_branch_update.json
+++ b/backend/unittests/vex/api/files/openvex_product_no_branch_update.json
@@ -64,6 +64,6 @@
         }
     ],
     "timestamp": "2020-01-01T04:30:00+00:00",
-    "tooling": "SecObserve / 1.11.0",
+    "tooling": "SecObserve / 1.11.1",
     "version": 2
 }
\ No newline at end of file
diff --git a/docker-compose-prod-mysql.yml b/docker-compose-prod-mysql.yml
index 280fed478..ab3c1d9f0 100644
--- a/docker-compose-prod-mysql.yml
+++ b/docker-compose-prod-mysql.yml
@@ -37,7 +37,7 @@ services:
       - traefik
 
   frontend:
-    image: maibornwolff/secobserve-frontend:1.11.0
+    image: maibornwolff/secobserve-frontend:1.11.1
     container_name: "prod_secobserve_frontend"
     labels:
       - "traefik.enable=true"
@@ -54,7 +54,7 @@ services:
       - traefik
 
   backend:
-    image: maibornwolff/secobserve-backend:1.11.0
+    image: maibornwolff/secobserve-backend:1.11.1
     container_name: "prod_secobserve_backend"
     labels:
       - "traefik.enable=true"
diff --git a/docker-compose-prod-postgres.yml b/docker-compose-prod-postgres.yml
index 075188e1f..6e009310d 100644
--- a/docker-compose-prod-postgres.yml
+++ b/docker-compose-prod-postgres.yml
@@ -37,7 +37,7 @@ services:
       - traefik
 
   frontend:
-    image: maibornwolff/secobserve-frontend:1.11.0
+    image: maibornwolff/secobserve-frontend:1.11.1
     container_name: "prod_secobserve_frontend"
     labels:
       - "traefik.enable=true"
@@ -54,7 +54,7 @@ services:
       - traefik
 
   backend:
-    image: maibornwolff/secobserve-backend:1.11.0
+    image: maibornwolff/secobserve-backend:1.11.1
     container_name: "prod_secobserve_backend"
     labels:
       - "traefik.enable=true"
diff --git a/docs/getting_started/installation.md b/docs/getting_started/installation.md
index 8660f3d05..d9ce51eb2 100644
--- a/docs/getting_started/installation.md
+++ b/docs/getting_started/installation.md
@@ -47,7 +47,7 @@ services:
       - default
 
   frontend:
-    image: maibornwolff/secobserve-frontend:1.11.0
+    image: maibornwolff/secobserve-frontend:1.11.1
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.frontend.rule=Host(`secobserve.localhost`)"
@@ -63,7 +63,7 @@ services:
       - traefik
 
   backend:
-    image: maibornwolff/secobserve-backend:1.11.0
+    image: maibornwolff/secobserve-backend:1.11.1
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.backend.rule=Host(`secobserve-backend.localhost`)"
diff --git a/end_to_end_tests/package-lock.json b/end_to_end_tests/package-lock.json
index 14e4c3a5c..9f1d08c0e 100644
--- a/end_to_end_tests/package-lock.json
+++ b/end_to_end_tests/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "end_to_end_tests",
-  "version": "1.11.0",
+  "version": "1.11.1",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "end_to_end_tests",
-      "version": "1.11.0",
+      "version": "1.11.1",
       "devDependencies": {
         "@playwright/test": "1.43.1",
         "@types/node": "20.12.7"
diff --git a/end_to_end_tests/package.json b/end_to_end_tests/package.json
index b2edd96cd..2fb8e2a34 100644
--- a/end_to_end_tests/package.json
+++ b/end_to_end_tests/package.json
@@ -1,6 +1,6 @@
 {
   "name": "end_to_end_tests",
-  "version": "1.11.0",
+  "version": "1.11.1",
   "private": true,
   "description": "",
   "main": "index.js",
diff --git a/frontend/package-lock.json b/frontend/package-lock.json
index 8d3f31b7a..d175b5e87 100644
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -1,12 +1,12 @@
 {
     "name": "secobserve",
-    "version": "1.11.0",
+    "version": "1.11.1",
     "lockfileVersion": 3,
     "requires": true,
     "packages": {
         "": {
             "name": "secobserve",
-            "version": "1.11.0",
+            "version": "1.11.1",
             "license": "BSD-3-Clause",
             "dependencies": {
                 "@emotion/react": "11.11.4",
diff --git a/frontend/package.json b/frontend/package.json
index 2f14f1f59..090e71bbc 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -1,6 +1,6 @@
 {
     "name": "secobserve",
-    "version": "1.11.0",
+    "version": "1.11.1",
     "license": "BSD-3-Clause",
     "description": "SecObserve is an open source vulnerability management system for software development and cloud environments.",
     "private": true,
diff --git a/so_configuration_sca_current.yml b/so_configuration_sca_current.yml
index 01b0d7eaf..aa50e00dd 100644
--- a/so_configuration_sca_current.yml
+++ b/so_configuration_sca_current.yml
@@ -1,18 +1,18 @@
 trivy_image_backend_current:
   SCANNER: trivy_image
-  TARGET: "maibornwolff/secobserve-backend:1.11.0"
+  TARGET: "maibornwolff/secobserve-backend:1.11.1"
   FURTHER_PARAMETERS: "--vuln-type os" 
   REPORT_NAME: "trivy_backend_image.json"
   SO_ORIGIN_SERVICE: "backend"
-  SO_BRANCH_NAME: "1.11.0"
+  SO_BRANCH_NAME: "1.11.1"
 
 trivy_image_frontend_current:
   SCANNER: trivy_image
-  TARGET: "maibornwolff/secobserve-frontend:1.11.0"
+  TARGET: "maibornwolff/secobserve-frontend:1.11.1"
   FURTHER_PARAMETERS: "--vuln-type os" 
   REPORT_NAME: "trivy_frontend_image.json"
   SO_ORIGIN_SERVICE: "frontend"
-  SO_BRANCH_NAME: "1.11.0"
+  SO_BRANCH_NAME: "1.11.1"
 
 trivy_filesystem_current:
   SCANNER: trivy_filesystem
@@ -20,7 +20,7 @@ trivy_filesystem_current:
   TARGET: "backend/poetry.lock"
   REPORT_NAME: "trivy_backend_poetry.json"
   SO_ORIGIN_SERVICE: "backend"
-  SO_BRANCH_NAME: "1.11.0"
+  SO_BRANCH_NAME: "1.11.1"
 
 trivy_filesystem_frontend_current:
   SCANNER: trivy_filesystem
@@ -28,7 +28,7 @@ trivy_filesystem_frontend_current:
   TARGET: "frontend/package-lock.json"
   REPORT_NAME: "trivy_frontend_npm.json"
   SO_ORIGIN_SERVICE: "frontend"
-  SO_BRANCH_NAME: "1.11.0"
+  SO_BRANCH_NAME: "1.11.1"
 
 importer:
   SO_UPLOAD: "true"