commit 5b2293c7785118639cc55e1bc39e4ad98999189d Author: Martin Renvoize Date: Wed Jun 3 16:42:43 2026 +0100 Bug 42764: Fix false positives caused by POD letter-code formatting Two patterns in the codebase produce spurious codespell hits because codespell tokenises word fragments out of formatted letter codes: - B

rovider in C4/Auth_with_shibboleth.pm produces 'rovider' - T(ransit), W(aiting), F(inished), P(rocessing) in C4/Reserves.pm produce 'ransit', 'aiting', 'inished', 'rocessing' For the shibboleth POD line the bold-letter markup cannot be simplified without losing the formatting intent, so a per-line # codespell:ignore comment is the right suppression. For the Reserves.pm status table the fix is made at source: the notation is changed from X(word) to X (Word) so codespell sees the full English word and no fragment is produced. Because the per-line comment on the shibboleth line now suppresses 'rovider' directly, the global .codespell-ignore entry for that fragment is removed as redundant. Test plan: 1. Apply patch 2. prove xt/author/codespell.t => No new codespell failures Signed-off-by: Pedro Amorim commit 04809de849b522d0bd396e1ffb8e8d3dd5e00ac2 Author: Martin Renvoize Date: Wed Jun 3 12:43:43 2026 +0100 Bug 42764: Fix spelling errors across the codebase Correct genuine spelling errors identified by the codespell 2.4.x full scan after the KTD container OS upgrade. Changes are in comments, POD, strings, and template text across 55 files. "SAN Ouest Provence" (the French library co-operative and Koha sponsor) is preserved as a proper noun. Perl copyright lines receive an inline # codespell:ignore annotation; about.tt files (contributor attribution pages) are added to the Koha::Devel::Files codespell exception list so that future uses of "Provence" as a typo for "Province" are still caught in all other files. Notable user-visible fixes: - "submiting" -> "submitting" in authority and bibliographic merge screens - "deleteable" -> "deletable" in patron exception messages - "Acquistions" -> "Acquisitions" in reports dictionary Test plan: 1. Apply patches 2. In the staff interface, go to Cataloguing > Merge records and confirm the submit button reads "Submitting" (not "Submiting") 3. In the staff interface, go to Authorities > Merge and confirm the same correction 4. Attempt to delete a patron with outstanding issues and confirm the error message reads "deletable" (not "deleteable") 5. prove xt/author/codespell.t => All tests pass Signed-off-by: Pedro Amorim commit 7538ee5cf352a0d531d9f14bbb158a3bfa0ef475 Author: Martin Renvoize Date: Wed Jun 3 12:31:14 2026 +0100 Bug 42764: Update .codespell-ignore for valid technical terms Add words to .codespell-ignore that codespell 2.4.x flags but are valid technical terms, domain vocabulary, or proper names: - checkin: core library circulation term (check-in as noun/verb) - plack: Perl PSGI middleware framework (proper software name) - requestor: COUNTER 5 standard term used in ERM usage statistics - laf: EDIFACT 3-letter segment code - vai/lamba: Unicode script and language names in character set data - aas: acronym used in Cypress test support files - carmel: contributor name in about.tt - prfile: legacy variable abbreviation in C4/Creators/PDF.pm Test plan: 1. Apply patch 2. prove xt/author/codespell.t => Test passes (or only genuine spelling errors remain) Signed-off-by: Pedro Amorim commit 8fc481e57a8e60c00533362dcaeccf094371de4e Author: Owen Leonard Date: Wed Apr 22 10:06:47 2026 -0400 Bug 42441: Remove event attributes from authority merge template This patch moves a couple of "onclick" event attributes from the authority merge template, moving the event handling to the JS block. This patch also fixes the behavior that I assume the click handlers are meant to have, changing the framework selection. A mismatch of IDs in the code meant that clicking the radio buttons didn't do anything. To test, apply the patch and go to Authorities. - Perform a search for authority records which will return multiple results, including records with different heading types (e.g. Personal Name, Topical Term, etc.) - In the "Actions" menu for one of the search results, click "Merge" - Do the same with another result which has a different heading type. - On the "Merging records" page you should see a frameowrk dropdown. - When you click the radio buttons next to your two records to merge the framework selection should change to match your selection. Sponsored-by: Athens County Public Libraries Signed-off-by: Phil Ringnalda Amended-by: Jonathan Druart Tidy Signed-off-by: Jonathan Druart Signed-off-by: Pedro Amorim commit a3569fe0c27ee397b2297aac008b741f901ee750 Author: Owen Leonard Date: Mon Mar 23 12:26:13 2026 -0400 Bug 42154: Bug 38714 hid the "New match check" link in record matching rules This patch corrects the logic used to determine whether to show the "New match check" link. I mistakenly changed it to check for the matchpoints variable instead of the matchchecks variable. To test, apply the patch and go to Administration -> Record matching rules. - Click "New record matching rule" in the toolbar. - Scroll down to the "Required match checks" section. - You should see a "New match check" link alongside a "Remove this match check" link. - Go back to the record matching rules main page. - If necessary, create a rule which doesn't have any match checks. - In the "Required match checks" section of the edit form you should see a "New match check" link, previously hidden by Bug 388714. Sponsored-by: Athens County Public Libraries Signed-off-by: David Nind Signed-off-by: Marcel de Rooy Signed-off-by: Pedro Amorim commit 6aa37a84300e2b5f85834e4da1208bdd44baa0b1 Author: Marcel de Rooy Date: Fri May 22 10:13:49 2026 +0200 Bug 42084: (QA follow-up) Simplify Since this is an intranet svc script (called in intranet js), there is no need to check the session. Signed-off-by: Marcel de Rooy Signed-off-by: Pedro Amorim commit cb058d68fd1d29b3cc0c251afb3f70dcd5cb8126 Author: Hammat Wele Date: Fri Mar 13 15:33:56 2026 +0000 Bug 42084: Incorrect interface shown in log viewer for system preference changes The log viewer displays the OPAC interface for system preference changes. Since system preferences cannot be modified from the OPAC, the interface displayed in the logs appears to be incorrect. To reproduce: 1- Disables plack 1- sudo koha-plack --disable kohadev 2- sudo koha-plack --stop kohadev 3- sudo service apache2 restart 2- Change a system preference from the staff interface. 1- Go to Administration -> System preferences. 2- Search for a preference such as AcqCreateItem (any system preference will reproduce the issue). 3- Change the value of the preference. 4- Click Save all Acquisitions preferences (or save the preference). 3- Go to the log viewer: 1- Navigate to Tools -> Log viewer. 2- Fill the form as follows: Librarian: leave empty Modules: uncheck everything except System preferences Actions: keep All actions selected Object: leave empty Info: leave empty Interface: keep All interfaces Display from: choose yesterday Display to: leave empty 3- Click Submit. ==>The log entry shows the OPAC interface. 4- Apply the patch 5- Repeat step 1,2,3 ==>The log entry shows the Staff interface. Signed-off-by: David Nind Signed-off-by: Marcel de Rooy Signed-off-by: Pedro Amorim commit 45f091cbce46a889a39cb2d6d1b5ac3c953add9e Author: Jonathan Druart Date: Thu Mar 19 11:05:08 2026 +0100 Bug 42133: Restore plugins when editing items in batch It has been broken then fixed then broken again, several times... This patch fixes 2 problems: 1. The CSRF fix (I think it's coming from there) didn't adjust the 'if show' test and the JS code from plugins was not injected into the template 2. The selector to call the plugin didn't include this view, only the add/edit items Test plan: Confirm that you can now use cataloging plugins when editing items in batch Signed-off-by: Emmi Takkinen Signed-off-by: Marcel de Rooy Signed-off-by: Pedro Amorim commit 66c5eb6f299e9ed5674a3aca9475843d8a88214e Author: Pedro Amorim Date: Wed Jun 3 09:54:33 2026 +0000 Bug 34973: Update yarn.lock Signed-off-by: Pedro Amorim commit cac6637d831d089f3ab45b6468ef0238f2196c7a Author: Owen Leonard Date: Fri May 8 10:09:38 2026 -0400 Bug 34973: (follow-up) Remove old Font Awesome asset references from SCO and SCI The self-checkout and self-checkin templates no longer need explicit inclusion of Font Awesome CSS because it's rolled into _common.scss and thus sco.scss. Signed-off-by: Pedro Amorim commit bbd56c05d4fe58c813a3a63cb7f6975fe0b65161 Author: Owen Leonard Date: Fri May 8 09:55:54 2026 -0400 Bug 34973: (follow-up) Use lib/fontawesome for font location It makes more sense to use lib/fontawesome/webfonts as the source directory for Font Awesome font files rather than bootstrap/css/fonts. Signed-off-by: Pedro Amorim commit e169d53c584eadce943172939049bb811e4e7a50 Author: Jonathan Druart Date: Thu May 7 11:27:14 2026 +0200 Bug 34973: Adjust opac-curbside-pickups.tt Signed-off-by: Jonathan Druart Signed-off-by: Pedro Amorim commit 1e8c552fa9c5d0425a0caa38b3a83a5c3205e99a Author: Owen Leonard Date: Tue May 5 15:42:55 2026 +0000 Bug 34973: Upgrade Font Awesome in the OPAC to 7.2 We are using Font Awesome 6.3 in the OPAC. The current version is 7.2. Upgrading will eliminate the repeated warnings in the browser console about "Glyph bbox was incorrect." The patch adds Font Awesome to the list of packages in node_modules and moves the Font Awesome SCSS into _common.scss so that it can be bundled along with Bootstrap and other 3rd party assets. Despite the fact that _common.scss grabs FA SCSS files directly from node_modules I've added the FA font files to css/fonts. I was unable to see how to reference the webfonts directory in node_modules/@fortawesome. The many changed .inc and .tt files are a result of a missed aspect of our upgrade to Bootstrap 5. The "sr-only" class was removed in BS5 but the Font Awesome CSS included its own "sr-only" class. This made up for the fact that we missed the required upgrade to BS5's "visually-hidden." As soon as Font Awesome's "sr-only" was gone all these mistakes were made visible. To test, apply the patch and run 'yarn install.' - Rebuild the OPAC SCSS. - Clear your browser cache. - Test many pages in the OPAC to confirm that no icons are missing. - Check changes to the templates to confirm that "sr-only" has been replaced with "visually-hidden." - Places where a broken "sr-only" class would be obvious: Star ratings on the user summary page, s on the search history page. Sponsored-by: Athens County Public Libraries Signed-off-by: David Nind Signed-off-by: Jonathan Druart Signed-off-by: Pedro Amorim commit 1d5c4cf19d1c8dbf1479c8c42587e57dfbc56ddb Author: Martin Renvoize Date: Thu Apr 30 17:30:31 2026 +0100 Bug 41705: (follow-up) Hide receipt page buttons when printing The Print receipt and Close buttons added in the previous patch use class="no-print", but printreceiptinvoice.css had no @media print rule for that class — so they appeared in the printed output (e.g. when saving as PDF or auto-printing in browsers that block popups). Add a @media print rule so the buttons remain visible on screen but disappear from the printed receipt. Test plan: 1. Disable browser popups (Chrome: "Don't allow sites to send pop-ups or use redirects"). 2. Enable FinePaymentAutoPopup. 3. Complete a POS sale. 4. On the receipt page, choose Print to PDF (or trigger auto-print). 5. Verify the printed/PDF output contains only the receipt body — no Print receipt or Close buttons. 6. Verify the buttons remain visible on screen. Signed-off-by: Andrew Fuerste Henry Signed-off-by: Pedro Amorim commit 23320ff13caaad0350bd790cd6adb1e2545ff1fc Author: Martin Renvoize Date: Tue Apr 14 16:18:07 2026 +0100 Bug 41705: Use PRG pattern for POS receipt printing to avoid popup blockers The previous approach triggered popup blockers because the receipt window was opened via JavaScript after a page reload — browsers treat this as a non-user-initiated action. This patch reverses the flow: when FinePaymentAutoPopup is enabled, the payment form submits directly to a new tab via target="_blank" (a user-initiated action that browsers allow), the server processes the payment and redirects (303) to the receipt page, which auto-prints and closes itself, returning focus to the POS tab. When FinePaymentAutoPopup is disabled, the server redirects back to the POS page with payment details in the URL (standard PRG), displaying the existing success banner with print/email receipt buttons. Changes: - pos/pay.pl: Implement PRG redirect for both popup and non-popup flows, URI-encode redirect parameters, remove session-based state management - pos/pay.tt: Add target="_blank" when FinePaymentAutoPopup is enabled, reset form state after submission via same-scope setTimeout - pos/printreceipt.pl: Add error handling for missing receipts, pass autoprint parameter to template - pos/printreceipt.tt: Add conditional auto-print, manual print/close buttons, error display, and IntranetSlipPrinterJS preference support - slip-print.inc: Modernize jQuery to vanilla JS, remove obsolete Chrome setTimeout hack Test plan: 1. Enable FinePaymentAutoPopup system preference 2. Go to Point of Sale, add items, and complete a sale 3. Verify receipt opens in a new tab without popup blocker warnings 4. Verify receipt auto-prints and tab closes after printing 5. Verify original POS tab form is reset for next transaction 6. Disable FinePaymentAutoPopup 7. Complete another sale 8. Verify POS page shows success with Print/Email receipt buttons 9. Test receipt printing from other pages (circulation, fees) to confirm slip-print.inc change causes no regressions Sponsored-by: OpenFifth Signed-off-by: David Nind Signed-off-by: Andrew Fuerste Henry Signed-off-by: Pedro Amorim commit 7bde3cbb797fa6d0a4aaca5a95a813239c937ea5 Author: Owen Leonard Date: Tue May 12 07:05:39 2026 -0400 Bug 42475: (follow-up) Fix a couple more instances of 'opac' Signed-off-by: Laura_Escamilla Signed-off-by: David Nind Signed-off-by: Pedro Amorim commit 93f4a7f65b26eac7a681bed0622a3f8042492ca5 Author: Jonathan Druart Date: Tue May 12 12:22:11 2026 +0200 Bug 42475: Fix opac vs OPAC Correct "opac" with "OPAC" in the pref file Test plan: git grep opac **/*.pref and confirm that there is no relevant occurrences in the output (i.e. no strings displayed on the UI) Signed-off-by: Owen Leonard Signed-off-by: Laura_Escamilla Signed-off-by: David Nind Signed-off-by: Pedro Amorim commit 8c4344cced39cd1c4164eb54eaaca23cd3cf6a76 Author: Pedro Amorim Date: Mon Jun 1 15:03:02 2026 +0000 Bug 42705: Fix SCO spec WebBasedSelfCheck setup cy.login() in beforeEach broke the test in two ways: the intranet staff session cookie bled into the OPAC request (HTTP cookies have no port scope in browsers), and navigating from intranet→OPAC mid-test hit a cross-origin block in Cypress. The afterEach suffered the same race condition - the syspref POST fired before the login redirect completed. Replace with cy.request(), which makes HTTP calls at the runner level without touching the browser's current origin. cy.visitOpac() is then the first browser navigation, so no cross-origin issue arises. A three-step flow satisfies Koha's CSRF middleware: 1) GET the login page to obtain a session and its token 2) POST credentials to authenticate 3) POST to the svc endpoint. This fixes the #barcode and #patronlogin not found issues The CSRF token also requires encodeURIComponent() — base64 uses +, which a URL-encoded form body decodes as a space, silently corrupting the token and causing the login to fail. This resolves the 403 Forbidden issue Everything must pass: $ cypress run --spec t/cypress/integration/OPAC/SCO_spec.ts as well as npm run cypress open (cypress ui) ktd selenium: $ perl /kohadevbox/misc4dev/run_tests.pl --run-only t/cypress/integration/OPAC/SCO_spec.ts squash Signed-off-by: Jonathan Druart Signed-off-by: Pedro Amorim commit d5ae629d8c34411b1fc0347bb3c55b2dacb980f8 Author: Pedro Amorim Date: Mon Jun 1 10:43:49 2026 +0000 Bug 42705: Add HttpClient_spec.ts This fails without the fix patch in this set: cypress run --spec t/cypress/integration/HttpClient_spec.ts It passes with the fix Signed-off-by: Jonathan Druart Signed-off-by: Pedro Amorim commit bdd552a05d4154b4f4183b35e79ee93d002c7c66 Author: Pedro Amorim Date: Mon Jun 1 10:43:33 2026 +0000 Bug 42705: Make http-client.js handle svc endpoint error The afterEach calls cy.login() then immediately posts to the syspref endpoint. On CI, the machine is slow enough that the POST fires before the login redirect completes — no valid session yet — so the endpoint returns a C4::Service auth error in this format: { "type": "auth", "message": "expired" } http-client.js only knew how to parse modern REST API errors (json.error or json.errors[]). Neither field exists here, so json.errors.map(...) crashed with a TypeError instead of surfacing the actual error message. Signed-off-by: Jonathan Druart Signed-off-by: Pedro Amorim commit dc59aadc4a4dd7da8c493bb6ca09320c25530595 Author: Pedro Amorim Date: Mon Jun 1 12:44:17 2026 +0000 Bug 42733: Add tests Apply tests patch only, run: yarn cypress run --spec t/cypress/integration/Tools/ManageMarcImport_spec.ts Confirm it fails with the same error as Jenkins: Timed out retrying after 10000ms: `cy.wait()` timed out waiting `10000ms` for the 2nd request to the route: `jobPoll`. No request ever occurred. Apply fix patch. Run again. Signed-off-by: Jonathan Druart Signed-off-by: Pedro Amorim commit b6af7a6c3a77af8dcf11fac294df1115dba47a1e Author: Pedro Amorim Date: Mon Jun 1 13:37:21 2026 +0000 Bug 42733: Job progress fix waitForJobFinished previously had no handling for failed jobs or non-200 responses — if the job API returned anything unexpected, the recursive cy.wait() would silently stall waiting for a 2nd poll that never came, producing a confusing timeout. Adds an explicit "failed" status check and updates the intercept to reproduce the exact CI failure (Apache returning 503 during reset_all). Signed-off-by: Jonathan Druart Signed-off-by: Pedro Amorim commit 726b205be29853b5ec9851cf0cf53d71636c17b3 Author: Martin Renvoize Date: Mon Jun 1 13:48:07 2026 +0100 Bug 42726: Add 26.11 release team Add the 26.11 release team as voted at the development meeting. Pedro Amorim as Release Manager, with Tomás Cohen Arazi and Martin Renvoize as RM Assistants. Lisette Scheer as QA Manager with a 19-person QA team. David Cook as Security Release Manager. Signed-off-by: Martin Renvoize Signed-off-by: Owen Leonard Signed-off-by: Jonathan Druart Signed-off-by: Pedro Amorim commit 3b4c09d753dbe14a10a05e9dec5fa5dbef9bcaaa Author: Martin Renvoize Date: Mon Jun 1 13:47:17 2026 +0100 Bug 42726: Fix 25.11 QA team list to match dashboard Update the 25.11 QA team to reflect the definitive list from the dashboard. Remove Aleisha Amohia and Julian Maurice who did not appear in the final count, and add John Vinke, Matt Blenkinsop, Alex Carver and Victor Grousset who did. Reorder by descending QA count. Signed-off-by: Martin Renvoize Signed-off-by: Owen Leonard Signed-off-by: Jonathan Druart Signed-off-by: Pedro Amorim commit c98e3a8247214e02034535396738eb4493082e1d Author: Pedro Amorim Date: Tue Jun 2 13:58:17 2026 +0000 DBRev 26.06.00.000: Start of a new release cycle Signed-off-by: Pedro Amorim commit e4bb3afa5bc1a9951438c1963b12a27b5d16980c Author: Lucas Gass Date: Tue May 26 17:00:41 2026 +0000 Koha 26.05.00 is here! Signed-off-by: Lucas Gass commit 0a68a90d391f02360e879f30c26a3e56daf89a19 Author: Lucas Gass Date: Tue May 26 17:00:11 2026 +0000 26.05.00: Add release notes Signed-off-by: Lucas Gass commit 394f6690031aeed4349961b78b88c67a5192968b Author: Lucas Gass Date: Tue May 26 10:14:57 2026 -0600 26.05.00: Update kohastructure.sql Signed-off-by: Lucas Gass commit c24ce043dfd0172cb03f73cbdbcad47d7a09f966 Author: Lucas Gass Date: Tue May 26 10:09:43 2026 -0600 26.05.00: Update history.txt Signed-off-by: Lucas Gass commit 49a792d898159df93ad6d445184e7541a8aa3928 Author: Lucas Gass Date: Tue May 26 10:08:46 2026 -0600 26.05:00: Update contributors.yaml Signed-off-by: Lucas Gass commit 147720ca1d5bb098caebc164061b53ad171cc878 Author: Jonathan Druart Date: Tue May 26 11:45:32 2026 +0200 Bug 42606: Add Cypress tests Signed-off-by: Jonathan Druart Signed-off-by: Lucas Gass commit 9066cca3dd9906486b626a0501f9d408861e3683 Author: Jan Kissig Date: Fri May 22 11:23:20 2026 +0000 Bug 42606: (QA follow-up): Fix order of checking for frameworkcode This adds more verbosity to the check for frameworkcode and changes the order of setting a default value '' for it. Signed-off-by: Jonathan Druart Signed-off-by: Lucas Gass commit bb47a5ffe623cdf17b0277433c6ccf53b5c4d141 Author: Nick Clemens Date: Thu May 14 14:25:38 2026 +0000 Bug 42606: Check for default framework earlier The code switches 'Default' to '' - we should just do it immediately after fetching from the template 1 - From the cataloging home page, click "New from Z39.50" without choosing a framework in the dropdown menu. 2 - Perform a Z39.50 search in the popup window, then click "Import" for one of the results. This triggers an error in the parent window: 3 - Error:Can't call method "is_fast_add" on an undefined value at /kohadevbox/koha/cataloguing/addbiblio.pl line 518 4 - Apply patch 5 - Reload and repeat 6 - Success! Signed-off-by: Brendan Lawlor Signed-off-by: Jan Kissig Signed-off-by: Jonathan Druart Signed-off-by: Lucas Gass commit 7cdae514a4db6661ad9f8ad4e07c9a69a543980a Author: Jonathan Druart Date: Mon May 25 06:55:34 2026 +0200 Bug 27826: Turn on WebBasedSelfCheck to fix Cypress tests On Jenkins, SCO is not setup like it is in ktd after a reset_all from insert_data.pl 251 sub configure_selfcheckout { Signed-off-by: Lucas Gass commit 4f58ed8953bb0479bf4c8703e5d47f12f6d9dbb4 Author: Lucas Gass Date: Fri May 22 23:07:47 2026 +0000 Bug 27826: (RM follow-up) Attempt to fix failing test Signed-off-by: Lucas Gass commit 7a7a3ab2c6c81058c88910a3b77f8d779439328a Author: Martin Renvoize Date: Fri May 22 16:24:06 2026 +0100 Bug 40383: (follow-up) Fix EdifactModal Cypress test reliability Three fixes to make all 27 EdifactModal Cypress tests reliably pass: 1. insertData.js: fix currency FK constraint violation (use an existing currency rather than creating an undefined one). 2. Koha/Edifact/File.pm: add missing use statements for File::Basename and File::Temp so the Cypress task can load the module. 3. EdifactModal_spec.ts: - Replace arbitrary cy.wait() calls with condition-based assertions throughout (expand/collapse animations, Bootstrap modal state). - Fix search timing: add cy.intercept + cy.wait("@ediMsg") in the Search Functionality beforeEach so initializeSearch is wired before input events fire; use invoke("val")+trigger("input") instead of type() to bypass the 500ms debounce race. - Fix modal close tests: attach a shown.bs.modal listener before opening the modal so we can wait for Bootstrap's 300ms show animation to complete (_isTransitioning → false) before calling hide(). Without this wait, hide() is silently blocked when the Ajax response is faster than the animation (common in KTD). Use bootstrap.Modal.getInstance().hide() as the programmatic fallback since data-bs-dismiss and keyboard events are unreliable in headless Cypress/Electron. - Fix edifact_interchange.js: remove duplicate &format=json appended to URLs that already contain it. Signed-off-by: Lucas Gass commit 7048a657e7b1380307ddbb94961be04568741525 Author: Martin Renvoize Date: Thu May 21 17:29:45 2026 +0100 Bug 40383: (follow-up) Fix failing EdifactModal Cypress tests Three issues caused the EdifactModal_spec.ts test suite to fail: 1. insertSampleEdifactMessages inserted a vendor with listprice='USD' and invoiceprice='USD', but those columns have FK constraints against the currency table and USD is not pre-populated in KTD's default install. Drop the currency columns from the INSERT so they default to NULL. 2. Koha::Edifact::File::vendor() and basket() called Koha::Acquisition::Bookseller and Koha::Acquisition::Basket without use-ing them. The edifactmsgs.pl table embeds both on every API call, so a missing module caused a 500 and an empty table. 3. showMessage() already appended &format=json before delegating to showMessageFromUrl(), which then appended it a second time. Remove the redundant copy from showMessage(). Signed-off-by: Lucas Gass commit b5efda989faaf02bd80d92cf533667e1e4c8818e Author: Pedro Amorim Date: Thu May 21 16:04:47 2026 +0000 Bug 37762: (QA follow-up): Fix insertData.js cypress run --spec t/cypress/integration/t/insertData.ts Signed-off-by: Lucas Gass commit 171f727734adc288477357097649f38b9dfdcdb6 Author: Roman Dolny Date: Wed Feb 25 19:39:13 2026 +0000 Bug 41940: Remove uninitialized value warnings in circulation.pl The warnings: [WARN] Use of uninitialized value $patron_session_confirmation in split at /kohadevbox/koha/circ/circulation.pl line 493. [WARN] Use of uninitialized value $patron_for_session in numeric eq (==) at /kohadevbox/koha/circ/circulation.pl line 494. [WARN] Use of uninitialized value $session_confirmations in split at /kohadevbox/koha/circ/circulation.pl line 495. appears in the plack-intranet-error.log. Test plan: ========== 1. Use a fresh KTD, observe plack-intranet-error.log. 2. Have a barcode of existing item. 3. Find any patron and go to "Check out" tab. 4. Check out item. ==> Warnings should appear in plack-intranet-error.log 5. Apply the patch; restart_all. 6. Repeat 2-4 with another barcode. ==> No warnings in plack-intranet-error.log. Sponsored-by: Ignatianum University in Cracow Signed-off-by: David Nind Bug 41940: (follow-up) Syntax corrections Signed-off-by: Jonathan Druart Signed-off-by: Baptiste Wojtkowski Signed-off-by: Lucas Gass commit 6572a5aec0da9ccb239e70e1340d8e66836a562c Author: Owen Leonard Date: Mon May 18 14:08:53 2026 -0400 Bug 42638: Cannot delete an identity provider domain This patch updates the identity provider domain page so that clicking the "Delete" button from the list of existing identity providers works correctly. There's a lot of unfinished copy and paste from the SMTP servers page, including a missing chuck of modal dialog HTML. To test, apply the patch and go to Administration -> Identity providers. - If necessary, add at least one identity provider. - Click the "Manage domains" button for an identity provider. - If necessary, add at least one identity provider domain. - Click the delete button corresponding to the domain you added. - A confirmation modal should appear. - Clicking "Close" should close the modal without triggering any action. - Clicking "Delete" should delete the domain. Sponsored-by: Athens County Public Libraries Signed-off-by: Roman Dolny Signed-off-by: Laura_Escamilla Signed-off-by: Lucas Gass commit c1a369d274bfcaff56215e2f658a743464d4f14d Author: Jonathan Druart Date: Tue May 5 14:07:35 2026 +0200 Bug 42467: Init mmtas to an empty array Signed-off-by: Lucas Gass commit 561e8180cea388da3ce1ad8025c206eaa7d6ec34 Author: Owen Leonard Date: Fri Apr 24 07:08:18 2026 -0400 Bug 42467: Remove event attributes from MARC modification templates template This patch removes several "onChange" event attributes from marc_modification_templates.tt and moves the event handlers into marc_modification_templates.js. The patch also corrects a view minor zxlinting errors in the JS file. To test, apply the patch and clear your browser cache if necessary. - Go to Cataloging -> MARC modification templates. - Create a new template if necessary. - Click "New action." - Test the behavior of dropdowns and checkboxes in the new action form. - Fields should be correctly shown or hidden based on the selected actions - Fields should be correctly shown or hidden based on the "RegEx" checkbox. - Text the conditional dropdown along with the "matches" dropdown. - Test that the "matches" regex fields are correctly displayed according to the checkbox. - The browser developer console should show no "Content-Security-Policy" errors. Sponsored-by: Athens County Public Libraries Signed-off-by: Phil Ringnalda Signed-off-by: Lucas Gass commit 754659d9d0eb6e374533967f40418bc639fb196b Author: Owen Leonard Date: Thu Apr 23 10:02:41 2026 -0400 Bug 42448: Staff Interface News (newsfooter) text does not have sufficient color contrast This patch updates the CSS which controls the display of the news item footer ("Posted by" and edit/new links) in order to improve accessibility. To test, apply the patch and rebuild the staff interface CSS. - If necessary, create at least one news item with the display location "Staff interface." - On the staff interface home page, look at the news items in the left-hand sidebar. The "Posted by" line should be clear. A check of the text's contrast should show that the contrast is appropriate. Sponsored-by: Athens County Public Libraries Signed-off-by: Lawrence O'Regan-Lloyd Signed-off-by: Laura_Escamilla Signed-off-by: Lucas Gass commit 1275a24115d3fae32e6cac1b50435d9e8cecd444 Author: Owen Leonard Date: Wed Apr 22 11:59:54 2026 -0400 Bug 42445: Remove event attributes from list creation template This patch removes a couple of "onChange" event attributes from the lists template in favor of defining the event handler in the footer JS. To test, apply the patch and go to Lists -> New list. - Choose "Private" from the public dropdown. - In the "Allow changes to contents from" dropdown select "Permitted staff only" - A note should appear about the setting having no effect. - You should see a similar note displayed when you select "Staff only" or "Anyone seeing this list" Sponsored-by: Athens County Public Libraries Signed-off-by: David Nind Amended-by: Jonathan Druart Tidy Signed-off-by: Jonathan Druart Signed-off-by: Lucas Gass commit 01a1696058a9840288902a0c7fb4d99d590a4fad Author: Owen Leonard Date: Wed Apr 22 11:20:25 2026 -0400 Bug 42442: Remove event attributes from bibliographic record merge template This patch moves a couple of "onclick" event attributes from the bibliographic record merge template, moving the event handling to the JS block. This patch also makes a minor change to make sure that the framework code dropdown preselects the framework of the first of the records to merge. This brings it in line with the authority merge template. To test, apply the patch and perform a catalog search which will return multiple results including results with different frameworks. In the standard test data a search for "green" will return two results with two different frameworks. - Check the checkbox for at least two records in your search results. - Click "Edit -> Merge records" in the toolbar at the top of the results. - On the "Merging records" page you should see a frameowrk dropdown. It should have preselected the framework corresponding to the first of the records you selected. - When you click the radio buttons next to your records to merge the framework selection should change to match your selection.. Sponsored-by: Athens County Public Libraries Signed-off-by: Phil Ringnalda Signed-off-by: Jonathan Druart Signed-off-by: Lucas Gass commit 00655de4d0becf5623e81f0cf80359d61f01ff4d Author: David Cook Date: Thu Apr 9 02:56:39 2026 +0000 Bug 42317: Update minimum version for MARC::File::XML This patch updates cpanfile to reflect the real minimum version needed for MARC::File::XML. This is particularly important due to vulnerabilities in version 1.0.1 Signed-off-by: David Nind Signed-off-by: Marcel de Rooy Signed-off-by: mason james Signed-off-by: Lucas Gass commit 1ed156ef40de9a760c1030da2b0e3a37a8d4ca07 Author: Lucas Gass Date: Wed May 20 14:48:25 2026 +0000 Bug 42545: (RM follow-up) Tidy test file Signed-off-by: Lucas Gass commit 0a0dcee152093dc98480ecf6349022918006926e Author: Martin Renvoize Date: Mon May 18 18:17:00 2026 +0100 Bug 42545: (QA follow-up) Add unit tests for holiday subtraction when return time is before due time Adds a dedicated subtest covering the specific scenario: daily loans have a due time of 23:59, so a return earlier in the day on a holiday would previously cause days_between to exit its loop before processing the end date, silently skipping the holiday subtraction. Signed-off-by: Lucas Gass commit 6ca7c1118beac573e5ed37dfb64161835e0cf41f Author: Martin Renvoize Date: Mon May 18 18:16:51 2026 +0100 Bug 42545: (QA follow-up) Add POD for _init and _holidays and fix incorrect test expectation The existing 'days: 289 hours, 2 holidays' test asserted 8-1=7 but its own description named 2 holidays. The expected value matched the buggy behaviour (loop exiting before the holiday end date) rather than the correct result. Update to 8-2=6 to reflect the fix. Signed-off-by: Lucas Gass commit 9c38d74c98488cabc882fa180927077d9cc8ec86 Author: apirak Date: Wed May 6 15:05:48 2026 +0700 Bug 42545: Koha::Calendar::days_between skips holiday subtraction for end date if time is early In Koha::Calendar::days_between, the holiday-subtraction loop uses a comparison that includes time. If the end_dt is a holiday and its time is earlier than the start_dt time (common in renewals), the loop terminates before processing the end_dt, leading to an extra fine day. This patch truncates both dates to the beginning of the day after cloning and setting the time zone, ensuring the loop correctly processes all calendar days between the two dates. Test Plan: 1. Set 'finesCalendar' syspref to 'noFinesWhenClosed'. 2. Set 'CalculateFinesOnReturn' syspref to 'Yes'. 3. Set 'finesMode' syspref to 'Production'. 4. Define a special holiday for today in the library calendar. 5. Identify an overdue item for a patron. Manually set its 'date_due' in the database to several days ago with a time of 23:59:00. 6. Renew the item today at any time BEFORE 23:59:00 (e.g., 10:00 AM). 7. Observe that an extra day of fine is charged because today (the holiday) was not subtracted. 8. Apply this patch. 9. Repeat the test and observe that the holiday is now correctly subtracted. Signed-off-by: Martin Renvoize Signed-off-by: Lucas Gass