* fix: remove synchronization with mailman2
* feat: manage non wg mailing lists explicitly
* chore: black
* fix: update tests for new nonwg view
* feat: drop unused models
This change allows password reset with any email address associated with the
account.
The password reset will only be sent to the active email addresses associated
with the account.
Fixes#5057
* feat: insensitive username matching at django authentication
* feat: use iexact when using the User object manager
* fix: more places to ignore username case
* fix: remove unused management command
* fix: avoid get when probing for object existance
* fix: force lowercase new usernames in secr/rolodex
* fix: use explicit arguments when creating user
* fix: Only send password reset email to known, active addresses
Limits password reset to Users with a Person and at least one active
address on file. Avoids the possibility of sending a password reset to
a spoofed address as in CVE-2019-19844.
* test: Use factory instead of explicit construction
* test: Test that a User with no Person cannot reset password
* fix: Fix handling of User.person field when it's null
* test: Test that reset emails are sent to known, active addresses
* chore: Use codespell to fix typos in code.
Second part of replacement of #4651
@rjsparks, I probably need to revert some things here, and I also
still need to add that new migration - how do I do that?
* Revert migrations
* Migrate "Whitelisted" to "Allowlisted"
* TEST_COVERAGE_MASTER_FILE -> TEST_COVERAGE_MAIN_FILE
* Fix permissions
* Add suggestions from @jennifer-richards
* fix: remove help/personal-information and the prompt-for-consent email management command.
* fix: remove gdpr treatment except for consent checkbox. Rename Submit.
* fix: drom the consent column from Person and Person.History
* fix: remove the consent boolean. Reorganize the account info form.
* chore: reorder migrations
* chore: Use URL resolver more
* Use settings.IDTRACKER_BASE_URL
* More fixes
* Use URL resolver for things under /accounts
* Use URL resolver for things under /stream
* Use URL resolver for things under /iesg
* Use URL resolver for things under /meeting
* Fix bugs
* Use URL resolver for things under /help
* Use URL resolver for things under /ipr
* More changes
* Revert vnu.jar
* Fix typos
* Address review comments by @rjsparks
Co-authored-by: Robert Sparks <rjsparks@nostrum.com>
* feat: add pronouns
* fix: include migrations
* fix: correct daggers on person form.
* fix: clean pronouns
* feat: add choices to pronouns
* feat: show pronouns on public profile
* feat: add pronouns to oidc userinfo
* fix: move pronouns to new claim. Add tests.
* fix: improve html generated by new widget
* feat: use a MultiWidget for pronouns
* refactor: use two fields on Person for the two types of pronoun entry.
* chore: update copyrights
From Kesara Rathnayake: Expire password reset links on use, password change through other mechanics, login, or a short configurable time (initially one hour). Patched in at 7.45.0.p2.
- Legacy-Id: 19968
Note: SVN reference [19967] has been migrated to Git commit 682392081bddbd1b8653df9135388e6b7c48ee1c
Remove some clutter from I-D upload page. The information was mived to the Instructions tab, but a higligh to the Note Well and BCP 78 was added. Fixes#2057.
- Legacy-Id: 16151
Note: SVN reference [16144] has been migrated to Git commit 37851b9742
