Merge branch 'main' into serializable

Author: tim-schilling

.github/workflows/release.yml

@@ -69,7 +69,7 @@ jobs:
         name: python-package-distributions
         path: dist/
     - name: Sign the dists with Sigstore
-      uses: sigstore/[email protected].0
+      uses: sigstore/[email protected].1
       with:
         inputs: >-
           ./dist/*.tar.gz

.pre-commit-config.yaml

@@ -10,7 +10,7 @@ repos:
     -   id: file-contents-sorter
         files: docs/spelling_wordlist.txt
 -   repo: https://github.com/pycqa/doc8
-    rev: v1.1.2
+    rev: v2.0.0
     hooks:
     -   id: doc8
 -   repo: https://github.com/adamchainz/django-upgrade
@@ -29,18 +29,18 @@ repos:
     -   id: rst-backticks
     -   id: rst-directive-colons
 -   repo: https://github.com/biomejs/pre-commit
-    rev: v2.0.0-beta.4
+    rev: v2.0.6
     hooks:
       - id: biome-check
         verbose: true
 -   repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: 'v0.11.10'
+    rev: 'v0.12.2'
     hooks:
       - id: ruff
         args: [--fix, --exit-non-zero-on-fix]
       - id: ruff-format
 -   repo: https://github.com/tox-dev/pyproject-fmt
-    rev: v2.5.1
+    rev: v2.6.0
     hooks:
       - id: pyproject-fmt
 -   repo: https://github.com/abravalheri/validate-pyproject

biome.json

@@ -1,5 +1,5 @@
 {
-    "$schema": "https://biomejs.dev/schemas/2.0.0-beta.2/schema.json",
+    "$schema": "https://biomejs.dev/schemas/2.0.6/schema.json",
     "formatter": {
         "enabled": true,
         "useEditorconfig": true
@@ -15,29 +15,8 @@
         "enabled": true,
         "rules": {
             "recommended": true,
-            "style": {
-                "useLiteralEnumMembers": "error",
-                "noCommaOperator": "error",
-                "useNodejsImportProtocol": "error",
-                "useAsConstAssertion": "error",
-                "useNumericLiterals": "error",
-                "useEnumInitializers": "error",
-                "useSelfClosingElements": "error",
-                "useConst": "error",
-                "useSingleVarDeclarator": "error",
-                "noUnusedTemplateLiteral": "error",
-                "useNumberNamespace": "error",
-                "noInferrableTypes": "error",
-                "useExponentiationOperator": "error",
-                "useTemplate": "error",
-                "noParameterAssign": "error",
-                "noNonNullAssertion": "error",
-                "useDefaultParameterLast": "error",
-                "noArguments": "error",
-                "useImportType": "error",
-                "useExportType": "error",
-                "noUselessElse": "error",
-                "useShorthandFunctionType": "error"
+            "correctness": {
+                "noUndeclaredVariables": "error"
             },
             "suspicious": {
                 "noDocumentCookie": "off"
@@ -46,8 +25,7 @@
     },
     "javascript": {
         "formatter": {
-            "trailingCommas": "es5",
-            "quoteStyle": "double"
+            "trailingCommas": "es5"
         }
     }
 }

debug_toolbar/middleware.py

@@ -31,6 +31,21 @@ def show_toolbar(request):
     if request.META.get("REMOTE_ADDR") in settings.INTERNAL_IPS:
         return True
 
+    # No test passed
+    return False
+
+
+def show_toolbar_with_docker(request):
+    """
+    Default function to determine whether to show the toolbar on a given page.
+    """
+    if not settings.DEBUG:
+        return False
+
+    # Test: settings
+    if request.META.get("REMOTE_ADDR") in settings.INTERNAL_IPS:
+        return True
+
     # Test: Docker
     try:
         # This is a hack for docker installations. It attempts to look

debug_toolbar/static/debug_toolbar/css/toolbar.css

@@ -1,9 +1,10 @@
 /* Variable definitions */
 :root {
     /* Font families are the same as in Django admin/css/base.css */
-    --djdt-font-family-primary: "Segoe UI", system-ui, Roboto, "Helvetica Neue",
-        Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji",
-        "Segoe UI Symbol", "Noto Color Emoji";
+    --djdt-font-family-primary:
+        "Segoe UI", system-ui, Roboto, "Helvetica Neue", Arial, sans-serif,
+        "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol",
+        "Noto Color Emoji";
     --djdt-font-family-monospace:
         ui-monospace, Menlo, Monaco, "Cascadia Mono",
         "Segoe UI Mono", "Roboto Mono", "Oxygen Mono", "Ubuntu Monospace",

docs/changes.rst

@@ -6,6 +6,8 @@ Pending
 
 * Added support for checking if pytest as the test runner when determining
   if tests are running.
+* Added ``show_toolbar_with_docker`` function to check Docker host IP address
+  when running inside Docker containers.
 * Defines the ``BaseStore`` interface for request storage mechanisms.
 * Added the setting ``TOOLBAR_STORE_CLASS`` to configure the request
   storage mechanism. Defaults to ``debug_toolbar.store.MemoryStore``.
@@ -68,6 +70,7 @@ Pending
 * Fix for exception-unhandled "forked" Promise chain in rebound window.fetch
 * Create a CSP nonce property on the toolbar ``Toolbar().csp_nonce``.
 
+
 5.0.1 (2025-01-13)
 ------------------
 * Fixing the build and release process. No functional changes.

docs/installation.rst

@@ -152,10 +152,11 @@ option.
 
 .. warning::
 
-    If using Docker, the toolbar will attempt to look up your host name
-    automatically and treat it as an allowable internal IP. If you're not
-    able to get the toolbar to work with your docker installation, review
-    the code in ``debug_toolbar.middleware.show_toolbar``.
+    If using Docker you can use
+    ``debug_toolbar.middleware.show_toolbar_with_docker`` as your
+    ``SHOW_TOOLBAR_CALLBACK`` which attempts to automatically look up the
+    Docker gateway IP and treat it as an allowable internal IP so that the
+    toolbar is shown to you.
 
 7. Disable the toolbar when running tests (optional)
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

tests/test_csp_rendering.py

@@ -1,10 +1,6 @@
 from __future__ import annotations
 
-from typing import cast
-from xml.etree.ElementTree import Element
-
 from django.conf import settings
-from django.http.response import HttpResponse
 from django.test.utils import override_settings
 from html5lib.constants import E
 from html5lib.html5parser import HTMLParser
@@ -22,7 +18,7 @@
 MIDDLEWARE_CSP_LAST = settings.MIDDLEWARE + ["csp.middleware.CSPMiddleware"]
 
 
-def get_namespaces(element: Element) -> dict[str, str]:
+def get_namespaces(element):
     """
     Return the default `xmlns`. See
     https://docs.python.org/3/library/xml.etree.elementtree.html#parsing-xml-with-namespaces
@@ -40,9 +36,7 @@ def setUp(self):
         super().setUp()
         self.parser = HTMLParser()
 
-    def _fail_if_missing(
-        self, root: Element, path: str, namespaces: dict[str, str], nonce: str
-    ):
+    def _fail_if_missing(self, root, path, namespaces, nonce):
         """
         Search elements, fail if a `nonce` attribute is missing on them.
         """
@@ -51,7 +45,7 @@ def _fail_if_missing(
             if item.attrib.get("nonce") != nonce:
                 raise self.failureException(f"{item} has no nonce attribute.")
 
-    def _fail_if_found(self, root: Element, path: str, namespaces: dict[str, str]):
+    def _fail_if_found(self, root, path, namespaces):
         """
         Search elements, fail if a `nonce` attribute is found on them.
         """
@@ -60,7 +54,7 @@ def _fail_if_found(self, root: Element, path: str, namespaces: dict[str, str]):
             if "nonce" in item.attrib:
                 raise self.failureException(f"{item} has a nonce attribute.")
 
-    def _fail_on_invalid_html(self, content: bytes, parser: HTMLParser):
+    def _fail_on_invalid_html(self, content, parser):
         """Fail if the passed HTML is invalid."""
         if parser.errors:
             default_msg = ["Content is invalid HTML:"]
@@ -75,10 +69,10 @@ def test_exists(self):
         """A `nonce` should exist when using the `CSPMiddleware`."""
         for middleware in [MIDDLEWARE_CSP_BEFORE, MIDDLEWARE_CSP_LAST]:
             with self.settings(MIDDLEWARE=middleware):
-                response = cast(HttpResponse, self.client.get(path="/csp_view/"))
+                response = self.client.get(path="/csp_view/")
                 self.assertEqual(response.status_code, 200)
 
-                html_root: Element = self.parser.parse(stream=response.content)
+                html_root = self.parser.parse(stream=response.content)
                 self._fail_on_invalid_html(content=response.content, parser=self.parser)
                 self.assertContains(response, "djDebug")
 
@@ -98,10 +92,10 @@ def test_does_not_exist_nonce_wasnt_used(self):
         """
         for middleware in [MIDDLEWARE_CSP_BEFORE, MIDDLEWARE_CSP_LAST]:
             with self.settings(MIDDLEWARE=middleware):
-                response = cast(HttpResponse, self.client.get(path="/regular/basic/"))
+                response = self.client.get(path="/regular/basic/")
                 self.assertEqual(response.status_code, 200)
 
-                html_root: Element = self.parser.parse(stream=response.content)
+                html_root = self.parser.parse(stream=response.content)
                 self._fail_on_invalid_html(content=response.content, parser=self.parser)
                 self.assertContains(response, "djDebug")
 
@@ -119,15 +113,16 @@ def test_does_not_exist_nonce_wasnt_used(self):
     def test_redirects_exists(self):
         for middleware in [MIDDLEWARE_CSP_BEFORE, MIDDLEWARE_CSP_LAST]:
             with self.settings(MIDDLEWARE=middleware):
-                response = cast(HttpResponse, self.client.get(path="/csp_view/"))
+                response = self.client.get(path="/csp_view/")
                 self.assertEqual(response.status_code, 200)
 
-                html_root: Element = self.parser.parse(stream=response.content)
+                html_root = self.parser.parse(stream=response.content)
                 self._fail_on_invalid_html(content=response.content, parser=self.parser)
                 self.assertContains(response, "djDebug")
 
                 namespaces = get_namespaces(element=html_root)
-                nonce = response.context["request"].csp_nonce
+                context = response.context
+                nonce = str(context["toolbar"].csp_nonce)
                 self._fail_if_missing(
                     root=html_root, path=".//link", namespaces=namespaces, nonce=nonce
                 )
@@ -139,15 +134,15 @@ def test_panel_content_nonce_exists(self):
         store = get_store()
         for middleware in [MIDDLEWARE_CSP_BEFORE, MIDDLEWARE_CSP_LAST]:
             with self.settings(MIDDLEWARE=middleware):
-                response = cast(HttpResponse, self.client.get(path="/csp_view/"))
+                response = self.client.get(path="/csp_view/")
                 self.assertEqual(response.status_code, 200)
 
                 request_ids = list(store.request_ids())
                 toolbar = DebugToolbar.fetch(request_ids[-1])
                 panels_to_check = ["HistoryPanel", "TimerPanel"]
                 for panel in panels_to_check:
                     content = toolbar.get_panel_by_id(panel).content
-                    html_root: Element = self.parser.parse(stream=content)
+                    html_root = self.parser.parse(stream=content)
                     namespaces = get_namespaces(element=html_root)
                     nonce = str(toolbar.csp_nonce)
                     self._fail_if_missing(
@@ -165,10 +160,10 @@ def test_panel_content_nonce_exists(self):
 
     def test_missing(self):
         """A `nonce` should not exist when not using the `CSPMiddleware`."""
-        response = cast(HttpResponse, self.client.get(path="/regular/basic/"))
+        response = self.client.get(path="/regular/basic/")
         self.assertEqual(response.status_code, 200)
 
-        html_root: Element = self.parser.parse(stream=response.content)
+        html_root = self.parser.parse(stream=response.content)
         self._fail_on_invalid_html(content=response.content, parser=self.parser)
         self.assertContains(response, "djDebug")
 

tests/test_integration.py

@@ -15,7 +15,11 @@
 from django.test.utils import override_settings
 
 from debug_toolbar.forms import SignedDataForm
-from debug_toolbar.middleware import DebugToolbarMiddleware, show_toolbar
+from debug_toolbar.middleware import (
+    DebugToolbarMiddleware,
+    show_toolbar,
+    show_toolbar_with_docker,
+)
 from debug_toolbar.panels import Panel
 from debug_toolbar.panels.cache import CachePanel
 from debug_toolbar.panels.history import HistoryPanel
@@ -79,7 +83,8 @@ def test_show_toolbar_docker(self, mocked_gethostbyname):
         with self.settings(INTERNAL_IPS=[]):
             # Is true because REMOTE_ADDR is 127.0.0.1 and the 255
             # is shifted to be 1.
-            self.assertTrue(show_toolbar(self.request))
+            self.assertFalse(show_toolbar(self.request))
+            self.assertTrue(show_toolbar_with_docker(self.request))
         mocked_gethostbyname.assert_called_once_with("host.docker.internal")
 
     def test_not_iterating_over_INTERNAL_IPS(self):

tests/test_integration_async.py

@@ -11,7 +11,11 @@
 from django.test.utils import override_settings
 
 from debug_toolbar.forms import SignedDataForm
-from debug_toolbar.middleware import DebugToolbarMiddleware, show_toolbar
+from debug_toolbar.middleware import (
+    DebugToolbarMiddleware,
+    show_toolbar,
+    show_toolbar_with_docker,
+)
 from debug_toolbar.panels import Panel
 from debug_toolbar.panels.history import HistoryPanel
 from debug_toolbar.panels.sql import SQLPanel
@@ -63,7 +67,8 @@ async def test_show_toolbar_docker(self, mocked_gethostbyname):
         with self.settings(INTERNAL_IPS=[]):
             # Is true because REMOTE_ADDR is 127.0.0.1 and the 255
             # is shifted to be 1.
-            self.assertTrue(show_toolbar(self.request))
+            self.assertFalse(show_toolbar(self.request))
+            self.assertTrue(show_toolbar_with_docker(self.request))
         mocked_gethostbyname.assert_called_once_with("host.docker.internal")
 
     async def test_not_iterating_over_INTERNAL_IPS(self):