- Defensively parse parent_id in _render_htmx_error: coerce to int,
fallback to main form if non-numeric or parent not found
- Rebuild Tailwind CSS to include new utility classes from templates
- Add test for tampered parent_id falling back to main form
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Review blocker A — form error swap and false success:
- Change HTMX contract so forms target their own container (outerHTML)
instead of appending to #comments-list
- Use OOB swaps to append approved comments to the correct target
- Add success/error message display inside form templates
- Remove hx-on::after-request handlers (no longer needed)
Review blocker B — reply rendering shape:
- Create _reply.html partial with compact reply markup
- Approved replies via HTMX now use compact template + OOB swap
into parent's .replies-container
- Reply form errors render inside reply form container
E2E test fixes:
- Update 4 failing tests to wait for inline HTMX messages instead
of redirect-based URL assertions
- Add aria-label='Comment form errors' to form error display
- Rename test_reply_submission_redirects to
test_reply_submission_shows_moderation_message
Mypy internal error workaround:
- Add mypy override for apps.comments.views (django-stubs triggers
internal error on ORM annotate() chain with mypy 1.11.2)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1. Reply HTMX target: server sends HX-Retarget/HX-Reswap headers to
insert replies inside parent comment's .replies-container div
2. Empty thread swap target: always render #comments-list container
even when no approved comments exist
3. Reaction hydration: add _annotate_reaction_counts() helper that
hydrates reaction_counts and user_reacted on comments in
get_context(), comment_poll(), and single-comment responses
4. HTMX error swap: return 200 instead of 422 for form errors since
HTMX 2 doesn't swap 4xx responses by default
5. Vary header: use patch_vary_headers() instead of direct assignment
to avoid overwriting existing Vary directives
Also fixes _get_session_key() to handle missing session attribute
(e.g. from RequestFactory in performance tests).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Gate e2e-admin superuser behind E2E_MODE env var (security)
- Add status and tag filters to ArticleFilterSet
- Set default_ordering to -published_date on listing viewset
- Add summary to ArticlePage.search_fields for search support
- Add 4 new tests for filters, ordering, and search fields
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Add published_date field to ArticlePage with auto-populate from
first_published_at on first publish, plus data migration backfill
- Surface go_live_at/expire_at scheduling fields in editor panels
- Reorganise ArticlePage editor with TabbedInterface (Content,
Metadata, Publishing, SEO tabs)
- Add Articles PageListingViewSet to admin menu with custom columns
(author, category, published date, status) and category/author filters
- Add Articles summary dashboard panel showing drafts, scheduled,
and recently published articles
- Update all front-end queries and RSS feeds to use published_date
- Add 10 unit tests and 4 E2E tests for new admin features
Closes#39
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Use an explicit Wagtail Column for pending_in_article in CommentViewSet list_display and add a regression test for /cms/snippets/comments/comment/.
Fixes#37
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Replace hardcoded /opt/playwright-tools mount with a persistent Docker volume cache and install Chromium into that cache before E2E jobs.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Use category-state-driven queries for nav and category listing routes, and add regression tests for empty but valid categories.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Disable reverse manager generation on ArticlePage.category and switch category selection to id-based queries so CI mypy can resolve models reliably.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Wrap long lines for Ruff and restore a single 'All' tag-reset link to avoid Playwright strict-mode collisions.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Fix article header tag borders: replace broken border-current/20
(Tailwind can't apply opacity to currentColor) with per-tag border
colour classes via new get_tag_border_css filter
- Add calendar icon before article date in article header
- Add clock icon before read time in article header and home featured
- Match article card footer to wireframe (remove extra min-read span)
- Add rounded-md to code block matching wireframe
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Change SocialMediaLink.url and NavigationMenuItem.link_url from
URLField to CharField(max_length=500) to support internal paths
like /feed/ that fail URLField validation
- Replace destructive reverse_seed (deleted ALL rows) with
RunPython.noop to prevent data loss on rollback
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Create a static SVG favicon replicating the nav logo — a forward slash
on a dark (#09090b) square with the brand light (#fafafa) text colour.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Update TagMetadata CSS classes to use brand colours with translucent
backgrounds matching the wireframe design:
- cyan: bg-brand-cyan/10 text-brand-cyan
- pink: bg-brand-pink/10 text-brand-pink
- neutral: bg-zinc-800 text-white (dark: bg-zinc-100 text-black)
Previously used muted Tailwind defaults (bg-cyan-100/text-cyan-900)
which appeared as soft pastels instead of the intended neon look.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Tag colour classes (bg-cyan-100, text-cyan-900, etc.) are generated
dynamically in TagMetadata.get_css_classes() in apps/blog/models.py.
Tailwind's content scanner only covered HTML templates, so these classes
were purged from the CSS build — rendering tags as white-on-white.
Add apps/blog/models.py to the Tailwind content array so the JIT
compiler detects and retains the dynamic colour classes.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Pillow 11.0.x did not include native AVIF support — that was added in
11.1.0. The ~=11.0.0 pin restricted upgrades to 11.0.x, so the
libavif-dev system package installed in the Dockerfile was never used
(pip installs pre-compiled wheels that bundle their own libraries).
Bump to Pillow ~=12.1 which ships native AVIF encoding/decoding in its
PyPI wheels out of the box.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Pillow 11 supports AVIF natively but requires libavif to be installed
at the system level. Without it, uploading AVIF images via Wagtail's
image chooser causes an unhandled 500 error.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The SecurityHeadersMiddleware applied a strict style-src policy to all
responses, blocking inline styles that Wagtail admin relies on for
layout. Skip the custom CSP for /cms/ and /django-admin/ paths.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The Makefile used bare 'docker compose' which picks up the dev
docker-compose.yml when run from the app directory on prod. Point
it at the absolute path to docker-compose.prod.yml instead.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Replace nav inline newsletter form with Subscribe CTA link per wireframe
- Remove newsletter form from footer; add Connect section with social/RSS links
- Fix honeypot inputs using hidden attribute (inline style blocked by CSP)
- Add available_tags to HomePage.get_context for Explore Topics section
- Add data-comment-form attribute to main comment form for reliable locating
- Seed approved comment in E2E content for reply flow testing
- Expand test_comments.py: moderation message, not-immediately-visible,
missing fields, reply form visible, reply submission
- Make COMMENT_RATE_LIMIT_PER_MINUTE configurable; set 100 in dev to prevent
E2E test exhaustion; update rate limit unit test with override_settings
- Update newsletter/home E2E tests to reflect nav form removal
- Update unit test to assert no nav/footer newsletter forms
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Django 5.1+ removes STATICFILES_STORAGE in favour of the STORAGES dict.
The old setting was silently ignored on Django 5.2, causing StaticFilesStorage
(the default) to be used instead of CompressedManifestStaticFilesStorage.
Result: no content-hashed filenames, no staticfiles.json manifest, and
Cloudflare caching /static/css/styles.css indefinitely with no cache
busting on deploy.
Fix: use STORAGES in base.py (CompressedManifestStaticFilesStorage) and
development.py (plain StaticFilesStorage, whitenoise disabled in dev).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
