core: bump black from 22.12.0 to 23.1.0 (#4584)

* core: bump black from 22.12.0 to 23.1.0 Bumps [black](https://github.com/psf/black) from 22.12.0 to 23.1.0. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/compare/22.12.0...23.1.0) --- updated-dependencies: - dependency-name: black dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * re-format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-01 11:31:32 +01:00 · 2023-02-01 11:31:32 +01:00 · 18cfe67719
parent 456da49f36
commit 18cfe67719
317 changed files with 808 additions and 838 deletions
--- a/authentik/blueprints/api.py
+++ b/authentik/blueprints/api.py
@ -58,7 +58,6 @@ class BlueprintInstanceSerializer(ModelSerializer):
        return super().validate(attrs)
    class Meta:
        model = BlueprintInstance
        fields = [
            "pk",
--- a/authentik/blueprints/migrations/0001_initial.py
+++ b/authentik/blueprints/migrations/0001_initial.py
@ -71,7 +71,6 @@ def migration_blueprint_import(apps: Apps, schema_editor: BaseDatabaseSchemaEdit
 class Migration(migrations.Migration):
    initial = True
    dependencies = [("authentik_flows", "0001_initial")]
@ -86,7 +85,12 @@ class Migration(migrations.Migration):
                    "managed",
                    models.TextField(
                        default=None,
-                        help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
+                        help_text=(
                            "Objects which are managed by authentik. These objects are created and"
                            " updated automatically. This is flag only indicates that an object can"
                            " be overwritten by migrations. You can still modify the objects via"
                            " the API, but expect changes to be overwritten in a later update."
                        ),
                        null=True,
                        unique=True,
                        verbose_name="Managed by authentik",
--- a/authentik/blueprints/migrations/0002_blueprintinstance_content.py
+++ b/authentik/blueprints/migrations/0002_blueprintinstance_content.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_blueprints", "0001_initial"),
    ]
--- a/authentik/blueprints/models.py
+++ b/authentik/blueprints/models.py
@ -29,18 +29,15 @@ class ManagedModel(models.Model):
        null=True,
        verbose_name=_("Managed by authentik"),
        help_text=_(
-            (
+            "Objects which are managed by authentik. These objects are created and updated "
-                "Objects which are managed by authentik. These objects are created and updated "
+            "automatically. This is flag only indicates that an object can be overwritten by "
-                "automatically. This is flag only indicates that an object can be overwritten by "
+            "migrations. You can still modify the objects via the API, but expect changes "
-                "migrations. You can still modify the objects via the API, but expect changes "
+            "to be overwritten in a later update."
                "to be overwritten in a later update."
            )
        ),
        unique=True,
    )
    class Meta:
        abstract = True
@ -109,7 +106,6 @@ class BlueprintInstance(SerializerModel, ManagedModel, CreatedUpdatedModel):
        return f"Blueprint Instance {self.name}"
    class Meta:
        verbose_name = _("Blueprint Instance")
        verbose_name_plural = _("Blueprint Instances")
        unique_together = (
--- a/authentik/blueprints/tests/test_v1.py
+++ b/authentik/blueprints/tests/test_v1.py
@ -24,18 +24,14 @@ class TestBlueprintsV1(TransactionTestCase):
        importer = Importer('{"version": 3}')
        self.assertFalse(importer.validate()[0])
        importer = Importer(
-            (
+            '{"version": 1,"entries":[{"identifiers":{},"attrs":{},'
-                '{"version": 1,"entries":[{"identifiers":{},"attrs":{},'
+            '"model": "authentik_core.User"}]}'
                '"model": "authentik_core.User"}]}'
            )
        )
        self.assertFalse(importer.validate()[0])
        importer = Importer(
-            (
+            '{"version": 1, "entries": [{"attrs": {"name": "test"}, '
-                '{"version": 1, "entries": [{"attrs": {"name": "test"}, '
+            '"identifiers": {}, '
-                '"identifiers": {}, '
+            '"model": "authentik_core.Group"}]}'
                '"model": "authentik_core.Group"}]}'
            )
        )
        self.assertFalse(importer.validate()[0])
@ -59,11 +55,9 @@ class TestBlueprintsV1(TransactionTestCase):
        )
        importer = Importer(
-            (
+            '{"version": 1, "entries": [{"attrs": {"name": "test999", "attributes": '
-                '{"version": 1, "entries": [{"attrs": {"name": "test999", "attributes": '
+            '{"key": ["updated_value"]}}, "identifiers": {"attributes": {"other_key": '
-                '{"key": ["updated_value"]}}, "identifiers": {"attributes": {"other_key": '
+            '["other_value"]}}, "model": "authentik_core.Group"}]}'
                '["other_value"]}}, "model": "authentik_core.Group"}]}'
            )
        )
        self.assertTrue(importer.validate()[0])
        self.assertTrue(importer.apply())
--- a/authentik/blueprints/v1/meta/apply_blueprint.py
+++ b/authentik/blueprints/v1/meta/apply_blueprint.py
@ -56,5 +56,4 @@ class MetaApplyBlueprint(BaseMetaModel):
        return ApplyBlueprintMetaSerializer
    class Meta:
        abstract = True
--- a/authentik/blueprints/v1/meta/registry.py
+++ b/authentik/blueprints/v1/meta/registry.py
@ -14,7 +14,6 @@ class BaseMetaModel(Model):
        raise NotImplementedError
    class Meta:
        abstract = True
--- a/authentik/core/api/applications.py
+++ b/authentik/core/api/applications.py
@ -63,7 +63,6 @@ class ApplicationSerializer(ModelSerializer):
        return app.get_launch_url(user)
    class Meta:
        model = Application
        fields = [
            "pk",
--- a/authentik/core/api/authenticated_sessions.py
+++ b/authentik/core/api/authenticated_sessions.py
@ -74,7 +74,6 @@ class AuthenticatedSessionSerializer(ModelSerializer):
        return GEOIP_READER.city_dict(instance.last_ip)
    class Meta:
        model = AuthenticatedSession
        fields = [
            "uuid",
--- a/authentik/core/api/groups.py
+++ b/authentik/core/api/groups.py
@ -29,7 +29,6 @@ class GroupMemberSerializer(ModelSerializer):
    uid = CharField(read_only=True)
    class Meta:
        model = User
        fields = [
            "pk",
@ -56,7 +55,6 @@ class GroupSerializer(ModelSerializer):
    num_pk = IntegerField(read_only=True)
    class Meta:
        model = Group
        fields = [
            "pk",
@ -114,7 +112,6 @@ class GroupFilter(FilterSet):
            return queryset
    class Meta:
        model = Group
        fields = ["name", "is_superuser", "members_by_pk", "attributes", "members_by_username"]
--- a/authentik/core/api/propertymappings.py
+++ b/authentik/core/api/propertymappings.py
@ -49,7 +49,6 @@ class PropertyMappingSerializer(ManagedSerializer, ModelSerializer, MetaNameSeri
        return expression
    class Meta:
        model = PropertyMapping
        fields = [
            "pk",
--- a/authentik/core/api/providers.py
+++ b/authentik/core/api/providers.py
@ -31,7 +31,6 @@ class ProviderSerializer(ModelSerializer, MetaNameSerializer):
        return obj.component
    class Meta:
        model = Provider
        fields = [
            "pk",
--- a/authentik/core/api/sources.py
+++ b/authentik/core/api/sources.py
@ -46,7 +46,6 @@ class SourceSerializer(ModelSerializer, MetaNameSerializer):
        return obj.component
    class Meta:
        model = Source
        fields = [
            "pk",
--- a/authentik/core/api/tokens.py
+++ b/authentik/core/api/tokens.py
@ -39,7 +39,6 @@ class TokenSerializer(ManagedSerializer, ModelSerializer):
        return attrs
    class Meta:
        model = Token
        fields = [
            "pk",
--- a/authentik/core/api/users.py
+++ b/authentik/core/api/users.py
@ -84,7 +84,6 @@ class UserGroupSerializer(ModelSerializer):
    parent_name = CharField(source="parent.name", read_only=True)
    class Meta:
        model = Group
        fields = [
            "pk",
@ -120,7 +119,6 @@ class UserSerializer(ModelSerializer):
        return path
    class Meta:
        model = User
        fields = [
            "pk",
@ -172,7 +170,6 @@ class UserSelfSerializer(ModelSerializer):
        return user.group_attributes(self._context["request"]).get("settings", {})
    class Meta:
        model = User
        fields = [
            "pk",
@ -402,7 +399,7 @@ class UserViewSet(UsedByMixin, ModelViewSet):
                )
                response["token"] = token.key
                return Response(response)
-            except (IntegrityError) as exc:
+            except IntegrityError as exc:
                return Response(data={"non_field_errors": [str(exc)]}, status=400)
    @extend_schema(responses={200: SessionUserSerializer(many=False)})
--- a/authentik/core/migrations/0001_initial.py
+++ b/authentik/core/migrations/0001_initial.py
@ -14,7 +14,6 @@ import authentik.core.models
 class Migration(migrations.Migration):
    initial = True
    dependencies = [
@ -44,7 +43,10 @@ class Migration(migrations.Migration):
                    "is_superuser",
                    models.BooleanField(
                        default=False,
-                        help_text="Designates that this user has all permissions without explicitly assigning them.",
+                        help_text=(
                            "Designates that this user has all permissions without explicitly"
                            " assigning them."
                        ),
                        verbose_name="superuser status",
                    ),
                ),
@ -52,7 +54,9 @@ class Migration(migrations.Migration):
                    "username",
                    models.CharField(
                        error_messages={"unique": "A user with that username already exists."},
-                        help_text="Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.",
+                        help_text=(
                            "Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only."
                        ),
                        max_length=150,
                        unique=True,
                        validators=[django.contrib.auth.validators.UnicodeUsernameValidator()],
@ -83,7 +87,10 @@ class Migration(migrations.Migration):
                    "is_active",
                    models.BooleanField(
                        default=True,
-                        help_text="Designates whether this user should be treated as active. Unselect this instead of deleting accounts.",
+                        help_text=(
                            "Designates whether this user should be treated as active. Unselect"
                            " this instead of deleting accounts."
                        ),
                        verbose_name="active",
                    ),
                ),
--- a/authentik/core/migrations/0002_auto_20200523_1133_squashed_0011_provider_name_temp.py
+++ b/authentik/core/migrations/0002_auto_20200523_1133_squashed_0011_provider_name_temp.py
@ -51,7 +51,6 @@ def create_default_admin_group(apps: Apps, schema_editor: BaseDatabaseSchemaEdit
 class Migration(migrations.Migration):
    replaces = [
        ("authentik_core", "0002_auto_20200523_1133"),
        ("authentik_core", "0003_default_user"),
@ -172,7 +171,10 @@ class Migration(migrations.Migration):
            name="groups",
            field=models.ManyToManyField(
                blank=True,
-                help_text="The groups this user belongs to. A user will get all permissions granted to each of their groups.",
+                help_text=(
                    "The groups this user belongs to. A user will get all permissions granted to"
                    " each of their groups."
                ),
                related_name="user_set",
                related_query_name="user",
                to="auth.Group",
--- a/authentik/core/migrations/0012_auto_20201003_1737_squashed_0016_auto_20201202_2234.py
+++ b/authentik/core/migrations/0012_auto_20201003_1737_squashed_0016_auto_20201202_2234.py
@ -17,7 +17,6 @@ def set_default_token_key(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
 class Migration(migrations.Migration):
    replaces = [
        ("authentik_core", "0012_auto_20201003_1737"),
        ("authentik_core", "0013_auto_20201003_2132"),
--- a/authentik/core/migrations/0017_managed.py
+++ b/authentik/core/migrations/0017_managed.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_core", "0016_auto_20201202_2234"),
    ]
@ -15,7 +14,12 @@ class Migration(migrations.Migration):
            name="managed",
            field=models.TextField(
                default=None,
-                help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
+                help_text=(
                    "Objects which are managed by authentik. These objects are created and updated"
                    " automatically. This is flag only indicates that an object can be overwritten"
                    " by migrations. You can still modify the objects via the API, but expect"
                    " changes to be overwritten in a later update."
                ),
                null=True,
                verbose_name="Managed by authentik",
                unique=True,
@ -26,7 +30,12 @@ class Migration(migrations.Migration):
            name="managed",
            field=models.TextField(
                default=None,
-                help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
+                help_text=(
                    "Objects which are managed by authentik. These objects are created and updated"
                    " automatically. This is flag only indicates that an object can be overwritten"
                    " by migrations. You can still modify the objects via the API, but expect"
                    " changes to be overwritten in a later update."
                ),
                null=True,
                verbose_name="Managed by authentik",
                unique=True,
--- a/authentik/core/migrations/0018_auto_20210330_1345_squashed_0028_alter_token_intent.py
+++ b/authentik/core/migrations/0018_auto_20210330_1345_squashed_0028_alter_token_intent.py
@ -63,7 +63,6 @@ def create_default_user_token(apps: Apps, schema_editor: BaseDatabaseSchemaEdito
 class Migration(migrations.Migration):
    replaces = [
        ("authentik_core", "0018_auto_20210330_1345"),
        ("authentik_core", "0019_source_managed"),
@ -96,7 +95,12 @@ class Migration(migrations.Migration):
            name="managed",
            field=models.TextField(
                default=None,
-                help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
+                help_text=(
                    "Objects which are managed by authentik. These objects are created and updated"
                    " automatically. This is flag only indicates that an object can be overwritten"
                    " by migrations. You can still modify the objects via the API, but expect"
                    " changes to be overwritten in a later update."
                ),
                null=True,
                unique=True,
                verbose_name="Managed by authentik",
@ -110,23 +114,38 @@ class Migration(migrations.Migration):
                    ("identifier", "Use the source-specific identifier"),
                    (
                        "email_link",
-                        "Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.",
+                        (
                            "Link to a user with identical email address. Can have security"
                            " implications when a source doesn't validate email addresses."
                        ),
                    ),
                    (
                        "email_deny",
-                        "Use the user's email address, but deny enrollment when the email address already exists.",
+                        (
                            "Use the user's email address, but deny enrollment when the email"
                            " address already exists."
                        ),
                    ),
                    (
                        "username_link",
-                        "Link to a user with identical username. Can have security implications when a username is used with another source.",
+                        (
                            "Link to a user with identical username. Can have security implications"
                            " when a username is used with another source."
                        ),
                    ),
                    (
                        "username_deny",
-                        "Use the user's username, but deny enrollment when the username already exists.",
+                        (
                            "Use the user's username, but deny enrollment when the username already"
                            " exists."
                        ),
                    ),
                ],
                default="identifier",
-                help_text="How the source determines if an existing user should be authenticated or a new user enrolled.",
+                help_text=(
                    "How the source determines if an existing user should be authenticated or a new"
                    " user enrolled."
                ),
            ),
        ),
        migrations.AlterField(
--- a/authentik/core/migrations/0019_application_group.py
+++ b/authentik/core/migrations/0019_application_group.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_core", "0018_auto_20210330_1345_squashed_0028_alter_token_intent"),
    ]
--- a/authentik/core/migrations/0020_application_open_in_new_tab.py
+++ b/authentik/core/migrations/0020_application_open_in_new_tab.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_core", "0019_application_group"),
    ]
--- a/authentik/core/migrations/0021_source_user_path_user_path.py
+++ b/authentik/core/migrations/0021_source_user_path_user_path.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_core", "0020_application_open_in_new_tab"),
    ]
--- a/authentik/core/migrations/0022_alter_group_parent.py
+++ b/authentik/core/migrations/0022_alter_group_parent.py
@ -5,7 +5,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_core", "0021_source_user_path_user_path"),
    ]
--- a/authentik/core/migrations/0023_source_authentik_c_slug_ccb2e5_idx_and_more.py
+++ b/authentik/core/migrations/0023_source_authentik_c_slug_ccb2e5_idx_and_more.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_core", "0022_alter_group_parent"),
    ]
--- a/authentik/core/migrations/0024_source_icon.py
+++ b/authentik/core/migrations/0024_source_icon.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_core", "0023_source_authentik_c_slug_ccb2e5_idx_and_more"),
    ]
--- a/authentik/core/models.py
+++ b/authentik/core/models.py
@ -129,7 +129,6 @@ class Group(SerializerModel):
        return f"Group {self.name}"
    class Meta:
        unique_together = (
            (
                "name",
@ -255,7 +254,6 @@ class User(SerializerModel, GuardianUserMixin, AbstractUser):
        }
    class Meta:
        permissions = (
            ("reset_user_password", "Reset Password"),
            ("impersonate", "Can impersonate other users"),
@ -382,7 +380,6 @@ class Application(SerializerModel, PolicyBindingModel):
        return str(self.name)
    class Meta:
        verbose_name = _("Application")
        verbose_name_plural = _("Applications")
@ -392,19 +389,15 @@ class SourceUserMatchingModes(models.TextChoices):
    IDENTIFIER = "identifier", _("Use the source-specific identifier")
    EMAIL_LINK = "email_link", _(
-        (
+        "Link to a user with identical email address. Can have security implications "
-            "Link to a user with identical email address. Can have security implications "
+        "when a source doesn't validate email addresses."
            "when a source doesn't validate email addresses."
        )
    )
    EMAIL_DENY = "email_deny", _(
        "Use the user's email address, but deny enrollment when the email address already exists."
    )
    USERNAME_LINK = "username_link", _(
-        (
+        "Link to a user with identical username. Can have security implications "
-            "Link to a user with identical username. Can have security implications "
+        "when a username is used with another source."
            "when a username is used with another source."
        )
    )
    USERNAME_DENY = "username_deny", _(
        "Use the user's username, but deny enrollment when the username already exists."
@ -451,10 +444,8 @@ class Source(ManagedModel, SerializerModel, PolicyBindingModel):
        choices=SourceUserMatchingModes.choices,
        default=SourceUserMatchingModes.IDENTIFIER,
        help_text=_(
-            (
+            "How the source determines if an existing user should be authenticated or "
-                "How the source determines if an existing user should be authenticated or "
+            "a new user enrolled."
                "a new user enrolled."
            )
        ),
    )
@ -500,7 +491,6 @@ class Source(ManagedModel, SerializerModel, PolicyBindingModel):
        return str(self.name)
    class Meta:
        indexes = [
            models.Index(
                fields=[
@ -529,7 +519,6 @@ class UserSourceConnection(SerializerModel, CreatedUpdatedModel):
        raise NotImplementedError
    class Meta:
        unique_together = (("user", "source"),)
@ -562,7 +551,6 @@ class ExpiringModel(models.Model):
        return now() > self.expires
    class Meta:
        abstract = True
@ -628,7 +616,6 @@ class Token(SerializerModel, ManagedModel, ExpiringModel):
        return description
    class Meta:
        verbose_name = _("Token")
        verbose_name_plural = _("Tokens")
        indexes = [
@ -671,7 +658,6 @@ class PropertyMapping(SerializerModel, ManagedModel):
        return f"Property Mapping {self.name}"
    class Meta:
        verbose_name = _("Property Mapping")
        verbose_name_plural = _("Property Mappings")
@ -708,6 +694,5 @@ class AuthenticatedSession(ExpiringModel):
        )
    class Meta:
        verbose_name = _("Authenticated Session")
        verbose_name_plural = _("Authenticated Sessions")
--- a/authentik/core/sources/flow_manager.py
+++ b/authentik/core/sources/flow_manager.py
@ -190,11 +190,8 @@ class SourceFlowManager:
        # Default case, assume deny
        error = Exception(
            _(
-                (
+                "Request to authenticate with %(source)s has been denied. Please authenticate "
-                    "Request to authenticate with %(source)s has been denied. Please authenticate "
+                "with the source you've previously signed up with." % {"source": self.source.name}
                    "with the source you've previously signed up with."
                )
                % {"source": self.source.name}
            ),
        )
        return self.error_handler(error)
--- a/authentik/core/tests/test_token_api.py
+++ b/authentik/core/tests/test_token_api.py
@ -80,7 +80,7 @@ class TestTokenAPI(APITestCase):
            identifier="test", expiring=False, user=self.user
        )
        Token.objects.create(identifier="test-2", expiring=False, user=get_anonymous_user())
-        response = self.client.get(reverse(("authentik_api:token-list")))
+        response = self.client.get(reverse("authentik_api:token-list"))
        body = loads(response.content)
        self.assertEqual(len(body["results"]), 1)
        self.assertEqual(body["results"][0]["identifier"], token_should.identifier)
@ -94,7 +94,7 @@ class TestTokenAPI(APITestCase):
        token_should_not: Token = Token.objects.create(
            identifier="test-2", expiring=False, user=get_anonymous_user()
        )
-        response = self.client.get(reverse(("authentik_api:token-list")))
+        response = self.client.get(reverse("authentik_api:token-list"))
        body = loads(response.content)
        self.assertEqual(len(body["results"]), 2)
        self.assertEqual(body["results"][0]["identifier"], token_should.identifier)
--- a/authentik/crypto/api.py
+++ b/authentik/crypto/api.py
@ -143,7 +143,6 @@ class CertificateKeyPairSerializer(ModelSerializer):
        return value
    class Meta:
        model = CertificateKeyPair
        fields = [
            "pk",
--- a/authentik/crypto/migrations/0001_initial.py
+++ b/authentik/crypto/migrations/0001_initial.py
@ -6,7 +6,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    initial = True
    dependencies = []
@ -36,7 +35,10 @@ class Migration(migrations.Migration):
                    models.TextField(
                        blank=True,
                        default="",
-                        help_text="Optional Private Key. If this is set, you can use this keypair for encryption.",
+                        help_text=(
                            "Optional Private Key. If this is set, you can use this keypair for"
                            " encryption."
                        ),
                    ),
                ),
            ],
--- a/authentik/crypto/migrations/0002_create_self_signed_kp.py
+++ b/authentik/crypto/migrations/0002_create_self_signed_kp.py
@ -6,7 +6,6 @@ from authentik.lib.generators import generate_id
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_crypto", "0001_initial"),
    ]
--- a/authentik/crypto/migrations/0003_certificatekeypair_managed.py
+++ b/authentik/crypto/migrations/0003_certificatekeypair_managed.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_crypto", "0002_create_self_signed_kp"),
    ]
@ -15,7 +14,12 @@ class Migration(migrations.Migration):
            name="managed",
            field=models.TextField(
                default=None,
-                help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
+                help_text=(
                    "Objects which are managed by authentik. These objects are created and updated"
                    " automatically. This is flag only indicates that an object can be overwritten"
                    " by migrations. You can still modify the objects via the API, but expect"
                    " changes to be overwritten in a later update."
                ),
                null=True,
                unique=True,
                verbose_name="Managed by authentik",
--- a/authentik/crypto/models.py
+++ b/authentik/crypto/models.py
@ -98,6 +98,5 @@ class CertificateKeyPair(SerializerModel, ManagedModel, CreatedUpdatedModel):
        return f"Certificate-Key Pair {self.name}"
    class Meta:
        verbose_name = _("Certificate-Key Pair")
        verbose_name_plural = _("Certificate-Key Pairs")
--- a/authentik/events/api/events.py
+++ b/authentik/events/api/events.py
@ -25,7 +25,6 @@ class EventSerializer(ModelSerializer):
    """Event Serializer"""
    class Meta:
        model = Event
        fields = [
            "pk",
--- a/authentik/events/api/notification_mappings.py
+++ b/authentik/events/api/notification_mappings.py
@ -10,7 +10,6 @@ class NotificationWebhookMappingSerializer(ModelSerializer):
    """NotificationWebhookMapping Serializer"""
    class Meta:
        model = NotificationWebhookMapping
        fields = [
            "pk",
--- a/authentik/events/api/notification_rules.py
+++ b/authentik/events/api/notification_rules.py
@ -13,7 +13,6 @@ class NotificationRuleSerializer(ModelSerializer):
    group_obj = GroupSerializer(read_only=True, source="group")
    class Meta:
        model = NotificationRule
        fields = [
            "pk",
--- a/authentik/events/api/notification_transports.py
+++ b/authentik/events/api/notification_transports.py
@ -43,7 +43,6 @@ class NotificationTransportSerializer(ModelSerializer):
        return attrs
    class Meta:
        model = NotificationTransport
        fields = [
            "pk",
--- a/authentik/events/api/notifications.py
+++ b/authentik/events/api/notifications.py
@ -25,7 +25,6 @@ class NotificationSerializer(ModelSerializer):
    event = EventSerializer(required=False)
    class Meta:
        model = Notification
        fields = [
            "pk",
--- a/authentik/events/migrations/0001_squashed_0019_alter_notificationtransport_webhook_url.py
+++ b/authentik/events/migrations/0001_squashed_0019_alter_notificationtransport_webhook_url.py
@ -100,7 +100,6 @@ def update_expires(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
 class Migration(migrations.Migration):
    replaces = [
        ("authentik_events", "0001_initial"),
        ("authentik_events", "0002_auto_20200918_2116"),
@ -245,14 +244,19 @@ class Migration(migrations.Migration):
                    models.TextField(
                        choices=[("notice", "Notice"), ("warning", "Warning"), ("alert", "Alert")],
                        default="notice",
-                        help_text="Controls which severity level the created notifications will have.",
+                        help_text=(
                            "Controls which severity level the created notifications will have."
                        ),
                    ),
                ),
                (
                    "group",
                    models.ForeignKey(
                        blank=True,
-                        help_text="Define which group of users this notification should be sent and shown to. If left empty, Notification won't ben sent.",
+                        help_text=(
                            "Define which group of users this notification should be sent and shown"
                            " to. If left empty, Notification won't ben sent."
                        ),
                        null=True,
                        on_delete=django.db.models.deletion.SET_NULL,
                        to="authentik_core.group",
@ -261,7 +265,10 @@ class Migration(migrations.Migration):
                (
                    "transports",
                    models.ManyToManyField(
-                        help_text="Select which transports should be used to notify the user. If none are selected, the notification will only be shown in the authentik UI.",
+                        help_text=(
                            "Select which transports should be used to notify the user. If none are"
                            " selected, the notification will only be shown in the authentik UI."
                        ),
                        to="authentik_events.NotificationTransport",
                        blank=True,
                    ),
@ -317,7 +324,10 @@ class Migration(migrations.Migration):
            name="send_once",
            field=models.BooleanField(
                default=False,
-                help_text="Only send notification once, for example when sending a webhook into a chat channel.",
+                help_text=(
                    "Only send notification once, for example when sending a webhook into a chat"
                    " channel."
                ),
            ),
        ),
        migrations.RunPython(
--- a/authentik/events/migrations/0002_alter_notificationtransport_mode.py
+++ b/authentik/events/migrations/0002_alter_notificationtransport_mode.py
@ -3,7 +3,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_events", "0001_squashed_0019_alter_notificationtransport_webhook_url"),
    ]
--- a/authentik/events/models.py
+++ b/authentik/events/models.py
@ -283,7 +283,6 @@ class Event(SerializerModel, ExpiringModel):
        return f"Event action={self.action} user={self.user} context={self.context}"
    class Meta:
        verbose_name = _("Event")
        verbose_name_plural = _("Events")
@ -460,7 +459,6 @@ class NotificationTransport(SerializerModel):
        return f"Notification Transport {self.name}"
    class Meta:
        verbose_name = _("Notification Transport")
        verbose_name_plural = _("Notification Transports")
@ -495,7 +493,6 @@ class Notification(SerializerModel):
        return f"Notification for user {self.user}: {body_trunc}"
    class Meta:
        verbose_name = _("Notification")
        verbose_name_plural = _("Notifications")
@ -507,10 +504,8 @@ class NotificationRule(SerializerModel, PolicyBindingModel):
    transports = models.ManyToManyField(
        NotificationTransport,
        help_text=_(
-            (
+            "Select which transports should be used to notify the user. If none are "
-                "Select which transports should be used to notify the user. If none are "
+            "selected, the notification will only be shown in the authentik UI."
                "selected, the notification will only be shown in the authentik UI."
            )
        ),
        blank=True,
    )
@ -522,10 +517,8 @@ class NotificationRule(SerializerModel, PolicyBindingModel):
    group = models.ForeignKey(
        Group,
        help_text=_(
-            (
+            "Define which group of users this notification should be sent and shown to. "
-                "Define which group of users this notification should be sent and shown to. "
+            "If left empty, Notification won't ben sent."
                "If left empty, Notification won't ben sent."
            )
        ),
        null=True,
        blank=True,
@ -542,7 +535,6 @@ class NotificationRule(SerializerModel, PolicyBindingModel):
        return f"Notification Rule {self.name}"
    class Meta:
        verbose_name = _("Notification Rule")
        verbose_name_plural = _("Notification Rules")
@ -564,6 +556,5 @@ class NotificationWebhookMapping(PropertyMapping):
        return f"Webhook Mapping {self.name}"
    class Meta:
        verbose_name = _("Webhook Mapping")
        verbose_name_plural = _("Webhook Mappings")
--- a/authentik/events/monitored_tasks.py
+++ b/authentik/events/monitored_tasks.py
@ -178,7 +178,7 @@ class MonitoredTask(Task):
        ).save(self.result_timeout_hours)
        Event.new(
            EventAction.SYSTEM_TASK_EXCEPTION,
-            message=(f"Task {self.__name__} encountered an error: {exception_to_string(exc)}"),
+            message=f"Task {self.__name__} encountered an error: {exception_to_string(exc)}",
        ).save()
    def run(self, *args, **kwargs):
--- a/authentik/flows/api/bindings.py
+++ b/authentik/flows/api/bindings.py
@ -13,7 +13,6 @@ class FlowStageBindingSerializer(ModelSerializer):
    stage_obj = StageSerializer(read_only=True, source="stage")
    class Meta:
        model = FlowStageBinding
        fields = [
            "pk",
--- a/authentik/flows/api/flows.py
+++ b/authentik/flows/api/flows.py
@ -53,7 +53,6 @@ class FlowSerializer(ModelSerializer):
        return reverse("authentik_api:flow-export", kwargs={"slug": flow.slug})
    class Meta:
        model = Flow
        fields = [
            "pk",
@ -82,7 +81,6 @@ class FlowSetSerializer(FlowSerializer):
    """Stripped down flow serializer"""
    class Meta:
        model = Flow
        fields = [
            "pk",
--- a/authentik/flows/api/stages.py
+++ b/authentik/flows/api/stages.py
@ -33,7 +33,6 @@ class StageSerializer(ModelSerializer, MetaNameSerializer):
        return obj.component
    class Meta:
        model = Stage
        fields = [
            "pk",
--- a/authentik/flows/migrations/0001_squashed_0007_auto_20200703_2059.py
+++ b/authentik/flows/migrations/0001_squashed_0007_auto_20200703_2059.py
@ -7,7 +7,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    replaces = [
        ("authentik_flows", "0001_initial"),
        ("authentik_flows", "0003_auto_20200523_1133"),
@ -98,7 +97,10 @@ class Migration(migrations.Migration):
                    "re_evaluate_policies",
                    models.BooleanField(
                        default=False,
-                        help_text="When this option is enabled, the planner will re-evaluate policies bound to this.",
+                        help_text=(
                            "When this option is enabled, the planner will re-evaluate policies"
                            " bound to this."
                        ),
                    ),
                ),
                ("order", models.IntegerField()),
--- a/authentik/flows/migrations/0008_default_flows.py
+++ b/authentik/flows/migrations/0008_default_flows.py
@ -4,7 +4,6 @@ from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_flows", "0007_auto_20200703_2059"),
    ]
--- a/authentik/flows/migrations/0009_source_flows.py
+++ b/authentik/flows/migrations/0009_source_flows.py
@ -4,7 +4,6 @@ from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_flows", "0008_default_flows"),
    ]
--- a/authentik/flows/migrations/0010_provider_flows.py
+++ b/authentik/flows/migrations/0010_provider_flows.py
@ -4,7 +4,6 @@ from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_flows", "0009_source_flows"),
    ]
--- a/authentik/flows/migrations/0011_flow_title.py
+++ b/authentik/flows/migrations/0011_flow_title.py
@ -3,7 +3,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_flows", "0010_provider_flows"),
    ]
--- a/authentik/flows/migrations/0012_auto_20200908_1542_squashed_0017_auto_20210329_1334.py
+++ b/authentik/flows/migrations/0012_auto_20200908_1542_squashed_0017_auto_20210329_1334.py
@ -20,7 +20,6 @@ def update_flow_designation(apps: Apps, schema_editor: BaseDatabaseSchemaEditor)
 class Migration(migrations.Migration):
    replaces = [
        ("authentik_flows", "0012_auto_20200908_1542"),
        ("authentik_flows", "0013_auto_20200924_1605"),
@ -79,7 +78,10 @@ class Migration(migrations.Migration):
            name="re_evaluate_policies",
            field=models.BooleanField(
                default=False,
-                help_text="When this option is enabled, the planner will re-evaluate policies bound to this binding.",
+                help_text=(
                    "When this option is enabled, the planner will re-evaluate policies bound to"
                    " this binding."
                ),
            ),
        ),
        migrations.AlterField(
@ -94,7 +96,10 @@ class Migration(migrations.Migration):
            name="evaluate_on_plan",
            field=models.BooleanField(
                default=True,
-                help_text="Evaluate policies during the Flow planning process. Disable this for input-based policies.",
+                help_text=(
                    "Evaluate policies during the Flow planning process. Disable this for"
                    " input-based policies."
                ),
            ),
        ),
        migrations.AddField(
@ -120,7 +125,10 @@ class Migration(migrations.Migration):
                    ("recovery", "Recovery"),
                    ("stage_configuration", "Stage Configuration"),
                ],
-                help_text="Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.",
+                help_text=(
                    "Decides what this Flow is used for. For example, the Authentication flow is"
                    " redirect to when an un-authenticated user visits authentik."
                ),
                max_length=100,
            ),
        ),
--- a/authentik/flows/migrations/0018_oob_flows.py
+++ b/authentik/flows/migrations/0018_oob_flows.py
@ -4,7 +4,6 @@ from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_flows", "0017_auto_20210329_1334"),
    ]
--- a/authentik/flows/migrations/0019_alter_flow_background_squashed_0024_alter_flow_compatibility_mode.py
+++ b/authentik/flows/migrations/0019_alter_flow_background_squashed_0024_alter_flow_compatibility_mode.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    replaces = [
        ("authentik_flows", "0019_alter_flow_background"),
        ("authentik_flows", "0020_flow_compatibility_mode"),
@ -39,7 +38,12 @@ class Migration(migrations.Migration):
                    ("restart_with_context", "Restart With Context"),
                ],
                default="retry",
-                help_text="Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.",
+                help_text=(
                    "Configure how the flow executor should handle an invalid response to a"
                    " challenge. RETRY returns the error message and a similar challenge to the"
                    " executor. RESTART restarts the flow from the beginning, and"
                    " RESTART_WITH_CONTEXT restarts the flow while keeping the current context."
                ),
            ),
        ),
        migrations.AlterField(
@ -58,7 +62,10 @@ class Migration(migrations.Migration):
            name="compatibility_mode",
            field=models.BooleanField(
                default=False,
-                help_text="Enable compatibility mode, increases compatibility with password managers on mobile devices.",
+                help_text=(
                    "Enable compatibility mode, increases compatibility with password managers on"
                    " mobile devices."
                ),
            ),
        ),
    ]
--- a/authentik/flows/migrations/0020_flowtoken.py
+++ b/authentik/flows/migrations/0020_flowtoken.py
@ -5,7 +5,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_core", "0018_auto_20210330_1345_squashed_0028_alter_token_intent"),
        (
--- a/authentik/flows/migrations/0021_auto_20211227_2103.py
+++ b/authentik/flows/migrations/0021_auto_20211227_2103.py
@ -3,7 +3,6 @@ from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_flows", "0020_flowtoken"),
    ]
--- a/authentik/flows/migrations/0022_flow_layout.py
+++ b/authentik/flows/migrations/0022_flow_layout.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_flows", "0021_auto_20211227_2103"),
    ]
--- a/authentik/flows/migrations/0023_flow_denied_action.py
+++ b/authentik/flows/migrations/0023_flow_denied_action.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_flows", "0022_flow_layout"),
    ]
--- a/authentik/flows/migrations/0024_flow_authentication.py
+++ b/authentik/flows/migrations/0024_flow_authentication.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_flows", "0023_flow_denied_action"),
    ]
--- a/authentik/flows/models.py
+++ b/authentik/flows/models.py
@ -135,10 +135,8 @@ class Flow(SerializerModel, PolicyBindingModel):
        max_length=100,
        choices=FlowDesignation.choices,
        help_text=_(
-            (
+            "Decides what this Flow is used for. For example, the Authentication flow "
-                "Decides what this Flow is used for. For example, the Authentication flow "
+            "is redirect to when an un-authenticated user visits authentik."
                "is redirect to when an un-authenticated user visits authentik."
            )
        ),
    )
@ -192,7 +190,6 @@ class Flow(SerializerModel, PolicyBindingModel):
        return f"Flow {self.name} ({self.slug})"
    class Meta:
        verbose_name = _("Flow")
        verbose_name_plural = _("Flows")
@ -216,10 +213,8 @@ class FlowStageBinding(SerializerModel, PolicyBindingModel):
    evaluate_on_plan = models.BooleanField(
        default=True,
        help_text=_(
-            (
+            "Evaluate policies during the Flow planning process. "
-                "Evaluate policies during the Flow planning process. "
+            "Disable this for input-based policies."
                "Disable this for input-based policies."
            )
        ),
    )
    re_evaluate_policies = models.BooleanField(
@ -252,7 +247,6 @@ class FlowStageBinding(SerializerModel, PolicyBindingModel):
        return f"Flow-stage binding #{self.order} to {self.target_id}"
    class Meta:
        ordering = ["target", "order"]
        verbose_name = _("Flow Stage Binding")
@ -271,15 +265,12 @@ class ConfigurableStage(models.Model):
        null=True,
        blank=True,
        help_text=_(
-            (
+            "Flow used by an authenticated user to configure this Stage. "
-                "Flow used by an authenticated user to configure this Stage. "
+            "If empty, user will not be able to configure this stage."
                "If empty, user will not be able to configure this stage."
            )
        ),
    )
    class Meta:
        abstract = True
@ -305,6 +296,5 @@ class FlowToken(Token):
        return f"Flow Token {super().__str__()}"
    class Meta:
        verbose_name = _("Flow Token")
        verbose_name_plural = _("Flow Tokens")
--- a/authentik/flows/planner.py
+++ b/authentik/flows/planner.py
@ -207,10 +207,13 @@ class FlowPlanner:
    ) -> FlowPlan:
        """Build flow plan by checking each stage in their respective
        order and checking the applied policies"""
-        with Hub.current.start_span(
+        with (
-            op="authentik.flow.planner.build_plan",
+            Hub.current.start_span(
-            description=self.flow.slug,
+                op="authentik.flow.planner.build_plan",
-        ) as span, HIST_FLOWS_PLAN_TIME.labels(flow_slug=self.flow.slug).time():
+                description=self.flow.slug,
            ) as span,
            HIST_FLOWS_PLAN_TIME.labels(flow_slug=self.flow.slug).time(),
        ):
            span: Span
            span.set_data("flow", self.flow)
            span.set_data("user", user)
--- a/authentik/flows/tests/test_executor.py
+++ b/authentik/flows/tests/test_executor.py
@ -209,7 +209,6 @@ class TestFlowExecutor(FlowTestCase):
        # Here we patch the dummy policy to evaluate to true so the stage is included
        with patch("authentik.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE):
            exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
            # First request, run the planner
            response = self.client.get(exec_url)
@ -259,7 +258,6 @@ class TestFlowExecutor(FlowTestCase):
        # Here we patch the dummy policy to evaluate to true so the stage is included
        with patch("authentik.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE):
            exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
            # First request, run the planner
            response = self.client.get(exec_url)
@ -319,7 +317,6 @@ class TestFlowExecutor(FlowTestCase):
        # Here we patch the dummy policy to evaluate to true so the stage is included
        with patch("authentik.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE):
            exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
            # First request, run the planner
            response = self.client.get(exec_url)
@ -396,7 +393,6 @@ class TestFlowExecutor(FlowTestCase):
        # Here we patch the dummy policy to evaluate to true so the stage is included
        with patch("authentik.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE):
            exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
            # First request, run the planner
            response = self.client.get(exec_url)
--- a/authentik/outposts/api/outposts.py
+++ b/authentik/outposts/api/outposts.py
@ -56,10 +56,8 @@ class OutpostSerializer(ModelSerializer):
        for provider in providers:
            if not isinstance(provider, type_map[self.initial_data.get("type")]):
                raise ValidationError(
-                    (
+                    f"Outpost type {self.initial_data['type']} can't be used with "
-                        f"Outpost type {self.initial_data['type']} can't be used with "
+                    f"{provider.__class__.__name__} providers."
                        f"{provider.__class__.__name__} providers."
                    )
                )
        if self.instance and self.instance.managed == MANAGED_OUTPOST:
            return providers
@ -76,7 +74,6 @@ class OutpostSerializer(ModelSerializer):
        return config
    class Meta:
        model = Outpost
        fields = [
            "pk",
@ -124,7 +121,6 @@ class OutpostFilter(FilterSet):
    )
    class Meta:
        model = Outpost
        fields = {
            "providers": ["isnull"],
--- a/authentik/outposts/api/service_connections.py
+++ b/authentik/outposts/api/service_connections.py
@ -37,7 +37,6 @@ class ServiceConnectionSerializer(ModelSerializer, MetaNameSerializer):
        return obj.component
    class Meta:
        model = OutpostServiceConnection
        fields = [
            "pk",
@ -101,7 +100,6 @@ class DockerServiceConnectionSerializer(ServiceConnectionSerializer):
    """DockerServiceConnection Serializer"""
    class Meta:
        model = DockerServiceConnection
        fields = ServiceConnectionSerializer.Meta.fields + [
            "url",
@ -140,7 +138,6 @@ class KubernetesServiceConnectionSerializer(ServiceConnectionSerializer):
        return kubeconfig
    class Meta:
        model = KubernetesServiceConnection
        fields = ServiceConnectionSerializer.Meta.fields + ["kubeconfig", "verify_ssl"]
--- a/authentik/outposts/migrations/0001_squashed_0017_outpost_managed.py
+++ b/authentik/outposts/migrations/0001_squashed_0017_outpost_managed.py
@ -80,7 +80,6 @@ def update_config_prefix(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
 class Migration(migrations.Migration):
    replaces = [
        ("authentik_outposts", "0001_initial"),
        ("authentik_outposts", "0002_auto_20200826_1306"),
@ -136,7 +135,10 @@ class Migration(migrations.Migration):
                            ("custom", "Custom"),
                        ],
                        default="custom",
-                        help_text="Select between authentik-managed deployment types or a custom deployment.",
+                        help_text=(
                            "Select between authentik-managed deployment types or a custom"
                            " deployment."
                        ),
                    ),
                ),
            ],
@ -158,7 +160,10 @@ class Migration(migrations.Migration):
                    "local",
                    models.BooleanField(
                        default=False,
-                        help_text="If enabled, use the local connection. Required Docker socket/Kubernetes Integration",
+                        help_text=(
                            "If enabled, use the local connection. Required Docker"
                            " socket/Kubernetes Integration"
                        ),
                        unique=True,
                    ),
                ),
@ -207,7 +212,10 @@ class Migration(migrations.Migration):
            field=models.ForeignKey(
                blank=True,
                default=None,
-                help_text="Select Service-Connection authentik should use to manage this outpost. Leave empty if authentik should not handle the deployment.",
+                help_text=(
                    "Select Service-Connection authentik should use to manage this outpost. Leave"
                    " empty if authentik should not handle the deployment."
                ),
                null=True,
                on_delete=django.db.models.deletion.SET_DEFAULT,
                to="authentik_outposts.outpostserviceconnection",
@ -240,7 +248,10 @@ class Migration(migrations.Migration):
            field=authentik.lib.models.InheritanceForeignKey(
                blank=True,
                default=None,
-                help_text="Select Service-Connection authentik should use to manage this outpost. Leave empty if authentik should not handle the deployment.",
+                help_text=(
                    "Select Service-Connection authentik should use to manage this outpost. Leave"
                    " empty if authentik should not handle the deployment."
                ),
                null=True,
                on_delete=django.db.models.deletion.SET_DEFAULT,
                to="authentik_outposts.outpostserviceconnection",
@ -258,7 +269,10 @@ class Migration(migrations.Migration):
            name="kubeconfig",
            field=models.JSONField(
                default=None,
-                help_text="Paste your kubeconfig here. authentik will automatically use the currently selected context.",
+                help_text=(
                    "Paste your kubeconfig here. authentik will automatically use the currently"
                    " selected context."
                ),
            ),
            preserve_default=False,
        ),
@ -272,7 +286,10 @@ class Migration(migrations.Migration):
            field=models.ForeignKey(
                blank=True,
                default=None,
-                help_text="Certificate/Key used for authentication. Can be left empty for no authentication.",
+                help_text=(
                    "Certificate/Key used for authentication. Can be left empty for no"
                    " authentication."
                ),
                null=True,
                on_delete=django.db.models.deletion.SET_DEFAULT,
                related_name="+",
@ -285,7 +302,10 @@ class Migration(migrations.Migration):
            field=models.ForeignKey(
                blank=True,
                default=None,
-                help_text="CA which the endpoint's Certificate is verified against. Can be left empty for no validation.",
+                help_text=(
                    "CA which the endpoint's Certificate is verified against. Can be left empty for"
                    " no validation."
                ),
                null=True,
                on_delete=django.db.models.deletion.SET_DEFAULT,
                related_name="+",
@ -297,7 +317,10 @@ class Migration(migrations.Migration):
            name="local",
            field=models.BooleanField(
                default=False,
-                help_text="If enabled, use the local connection. Required Docker socket/Kubernetes Integration",
+                help_text=(
                    "If enabled, use the local connection. Required Docker socket/Kubernetes"
                    " Integration"
                ),
            ),
        ),
        migrations.RunPython(
@ -310,7 +333,10 @@ class Migration(migrations.Migration):
            model_name="dockerserviceconnection",
            name="url",
            field=models.TextField(
-                help_text="Can be in the format of 'unix://<path>' when connecting to a local docker daemon, or 'https://<hostname>:2376' when connecting to a remote system."
+                help_text=(
                    "Can be in the format of 'unix://<path>' when connecting to a local docker"
                    " daemon, or 'https://<hostname>:2376' when connecting to a remote system."
                )
            ),
        ),
        migrations.AlterField(
@ -318,7 +344,10 @@ class Migration(migrations.Migration):
            name="kubeconfig",
            field=models.JSONField(
                blank=True,
-                help_text="Paste your kubeconfig here. authentik will automatically use the currently selected context.",
+                help_text=(
                    "Paste your kubeconfig here. authentik will automatically use the currently"
                    " selected context."
                ),
            ),
        ),
        migrations.AlterField(
@ -331,7 +360,12 @@ class Migration(migrations.Migration):
            name="managed",
            field=models.TextField(
                default=None,
-                help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
+                help_text=(
                    "Objects which are managed by authentik. These objects are created and updated"
                    " automatically. This is flag only indicates that an object can be overwritten"
                    " by migrations. You can still modify the objects via the API, but expect"
                    " changes to be overwritten in a later update."
                ),
                null=True,
                unique=True,
                verbose_name="Managed by authentik",
--- a/authentik/outposts/migrations/0018_kubernetesserviceconnection_verify_ssl.py
+++ b/authentik/outposts/migrations/0018_kubernetesserviceconnection_verify_ssl.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_outposts", "0001_squashed_0017_outpost_managed"),
    ]
--- a/authentik/outposts/models.py
+++ b/authentik/outposts/models.py
@ -86,7 +86,6 @@ class OutpostModel(Model):
        return [self]
    class Meta:
        abstract = True
@ -119,10 +118,7 @@ class OutpostServiceConnection(models.Model):
    local = models.BooleanField(
        default=False,
        help_text=_(
-            (
+            "If enabled, use the local connection. Required Docker socket/Kubernetes Integration"
                "If enabled, use the local connection. Required Docker "
                "socket/Kubernetes Integration"
            )
        ),
    )
@ -152,7 +148,6 @@ class OutpostServiceConnection(models.Model):
        return ""
    class Meta:
        verbose_name = _("Outpost Service-Connection")
        verbose_name_plural = _("Outpost Service-Connections")
@ -162,10 +157,8 @@ class DockerServiceConnection(SerializerModel, OutpostServiceConnection):
    url = models.TextField(
        help_text=_(
-            (
+            "Can be in the format of 'unix://<path>' when connecting to a local docker daemon, "
-                "Can be in the format of 'unix://<path>' when connecting to a local docker daemon, "
+            "or 'https://<hostname>:2376' when connecting to a remote system."
                "or 'https://<hostname>:2376' when connecting to a remote system."
            )
        )
    )
    tls_verification = models.ForeignKey(
@ -176,10 +169,8 @@ class DockerServiceConnection(SerializerModel, OutpostServiceConnection):
        related_name="+",
        on_delete=models.SET_DEFAULT,
        help_text=_(
-            (
+            "CA which the endpoint's Certificate is verified against. "
-                "CA which the endpoint's Certificate is verified against. "
+            "Can be left empty for no validation."
                "Can be left empty for no validation."
            )
        ),
    )
    tls_authentication = models.ForeignKey(
@ -208,7 +199,6 @@ class DockerServiceConnection(SerializerModel, OutpostServiceConnection):
        return f"Docker Service-Connection {self.name}"
    class Meta:
        verbose_name = _("Docker Service-Connection")
        verbose_name_plural = _("Docker Service-Connections")
@ -218,10 +208,8 @@ class KubernetesServiceConnection(SerializerModel, OutpostServiceConnection):
    kubeconfig = models.JSONField(
        help_text=_(
-            (
+            "Paste your kubeconfig here. authentik will automatically use "
-                "Paste your kubeconfig here. authentik will automatically use "
+            "the currently selected context."
                "the currently selected context."
            )
        ),
        blank=True,
    )
@ -243,7 +231,6 @@ class KubernetesServiceConnection(SerializerModel, OutpostServiceConnection):
        return f"Kubernetes Service-Connection {self.name}"
    class Meta:
        verbose_name = _("Kubernetes Service-Connection")
        verbose_name_plural = _("Kubernetes Service-Connections")
@ -261,10 +248,8 @@ class Outpost(SerializerModel, ManagedModel):
        null=True,
        blank=True,
        help_text=_(
-            (
+            "Select Service-Connection authentik should use to manage this outpost. "
-                "Select Service-Connection authentik should use to manage this outpost. "
+            "Leave empty if authentik should not handle the deployment."
                "Leave empty if authentik should not handle the deployment."
            )
        ),
        on_delete=models.SET_DEFAULT,
    )
@ -315,7 +300,7 @@ class Outpost(SerializerModel, ManagedModel):
                if isinstance(model_or_perm, models.Model):
                    model_or_perm: models.Model
                    code_name = (
-                        f"{model_or_perm._meta.app_label}." f"view_{model_or_perm._meta.model_name}"
+                        f"{model_or_perm._meta.app_label}.view_{model_or_perm._meta.model_name}"
                    )
                    try:
                        assign_perm(code_name, user, model_or_perm)
--- a/authentik/policies/api/bindings.py
+++ b/authentik/policies/api/bindings.py
@ -63,7 +63,6 @@ class PolicyBindingSerializer(ModelSerializer):
    user_obj = UserSerializer(required=False, read_only=True, source="user")
    class Meta:
        model = PolicyBinding
        fields = [
            "pk",
@ -109,7 +108,6 @@ class PolicyBindingFilter(FilterSet):
    policy__isnull = BooleanFilter("policy", "isnull")
    class Meta:
        model = PolicyBinding
        fields = ["policy", "policy__isnull", "target", "target_in", "enabled", "order", "timeout"]
--- a/authentik/policies/api/policies.py
+++ b/authentik/policies/api/policies.py
@ -56,7 +56,6 @@ class PolicySerializer(ModelSerializer, MetaNameSerializer):
        return dict(instance.serializer(instance=instance, resolve_inheritance=False).data)
    class Meta:
        model = Policy
        fields = [
            "pk",
--- a/authentik/policies/dummy/migrations/0001_initial.py
+++ b/authentik/policies/dummy/migrations/0001_initial.py
@ -5,7 +5,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    initial = True
    dependencies = [
--- a/authentik/policies/dummy/migrations/0002_dummypolicy_authentik_p_policy__648f9b_idx.py
+++ b/authentik/policies/dummy/migrations/0002_dummypolicy_authentik_p_policy__648f9b_idx.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies_dummy", "0001_initial"),
    ]
--- a/authentik/policies/dummy/models.py
+++ b/authentik/policies/dummy/models.py
@ -41,6 +41,5 @@ class DummyPolicy(Policy):
        return PolicyResult(self.result, "dummy")
    class Meta(Policy.PolicyMeta):
        verbose_name = _("Dummy Policy")
        verbose_name_plural = _("Dummy Policies")
--- a/authentik/policies/engine.py
+++ b/authentik/policies/engine.py
@ -80,13 +80,16 @@ class PolicyEngine:
    def build(self) -> "PolicyEngine":
        """Build wrapper which monitors performance"""
-        with Hub.current.start_span(
+        with (
-            op="authentik.policy.engine.build",
+            Hub.current.start_span(
-            description=self.__pbm,
+                op="authentik.policy.engine.build",
-        ) as span, HIST_POLICIES_BUILD_TIME.labels(
+                description=self.__pbm,
-            object_pk=str(self.__pbm.pk),
+            ) as span,
-            object_type=f"{self.__pbm._meta.app_label}.{self.__pbm._meta.model_name}",
+            HIST_POLICIES_BUILD_TIME.labels(
-        ).time():
+                object_pk=str(self.__pbm.pk),
                object_type=f"{self.__pbm._meta.app_label}.{self.__pbm._meta.model_name}",
            ).time(),
        ):
            span: Span
            span.set_data("pbm", self.__pbm)
            span.set_data("request", self.request)
--- a/authentik/policies/event_matcher/migrations/0001_squashed_0018_alter_eventmatcherpolicy_action.py
+++ b/authentik/policies/event_matcher/migrations/0001_squashed_0018_alter_eventmatcherpolicy_action.py
@ -5,7 +5,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    replaces = [
        ("authentik_policies_event_matcher", "0001_initial"),
        ("authentik_policies_event_matcher", "0002_auto_20201230_2046"),
@ -81,14 +80,20 @@ class Migration(migrations.Migration):
                            ("update_available", "Update Available"),
                            ("custom_", "Custom Prefix"),
                        ],
-                        help_text="Match created events with this action type. When left empty, all action types will be matched.",
+                        help_text=(
                            "Match created events with this action type. When left empty, all"
                            " action types will be matched."
                        ),
                    ),
                ),
                (
                    "client_ip",
                    models.TextField(
                        blank=True,
-                        help_text="Matches Event's Client IP (strict matching, for network matching use an Expression Policy)",
+                        help_text=(
                            "Matches Event's Client IP (strict matching, for network matching use"
                            " an Expression Policy)"
                        ),
                    ),
                ),
                (
@ -161,7 +166,10 @@ class Migration(migrations.Migration):
                            ("authentik.blueprints", "authentik Blueprints"),
                        ],
                        default="",
-                        help_text="Match events created by selected application. When left empty, all applications are matched.",
+                        help_text=(
                            "Match events created by selected application. When left empty, all"
                            " applications are matched."
                        ),
                    ),
                ),
            ],
--- a/authentik/policies/event_matcher/migrations/0019_alter_eventmatcherpolicy_app.py
+++ b/authentik/policies/event_matcher/migrations/0019_alter_eventmatcherpolicy_app.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies_event_matcher", "0018_alter_eventmatcherpolicy_action"),
    ]
@ -73,7 +72,10 @@ class Migration(migrations.Migration):
                    ("authentik.core", "authentik Core"),
                ],
                default="",
-                help_text="Match events created by selected application. When left empty, all applications are matched.",
+                help_text=(
                    "Match events created by selected application. When left empty, all"
                    " applications are matched."
                ),
            ),
        ),
    ]
--- a/authentik/policies/event_matcher/migrations/0020_eventmatcherpolicy_authentik_p_policy__e605cf_idx.py
+++ b/authentik/policies/event_matcher/migrations/0020_eventmatcherpolicy_authentik_p_policy__e605cf_idx.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies_event_matcher", "0019_alter_eventmatcherpolicy_app"),
    ]
--- a/authentik/policies/event_matcher/migrations/0021_alter_eventmatcherpolicy_app.py
+++ b/authentik/policies/event_matcher/migrations/0021_alter_eventmatcherpolicy_app.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        (
            "authentik_policies_event_matcher",
@ -19,7 +18,10 @@ class Migration(migrations.Migration):
            field=models.TextField(
                blank=True,
                default="",
-                help_text="Match events created by selected application. When left empty, all applications are matched.",
+                help_text=(
                    "Match events created by selected application. When left empty, all"
                    " applications are matched."
                ),
            ),
        ),
    ]
--- a/authentik/policies/event_matcher/models.py
+++ b/authentik/policies/event_matcher/models.py
@ -26,29 +26,23 @@ class EventMatcherPolicy(Policy):
        choices=EventAction.choices,
        blank=True,
        help_text=_(
-            (
+            "Match created events with this action type. "
-                "Match created events with this action type. "
+            "When left empty, all action types will be matched."
                "When left empty, all action types will be matched."
            )
        ),
    )
    app = models.TextField(
        blank=True,
        default="",
        help_text=_(
-            (
+            "Match events created by selected application. "
-                "Match events created by selected application. "
+            "When left empty, all applications are matched."
                "When left empty, all applications are matched."
            )
        ),
    )
    client_ip = models.TextField(
        blank=True,
        help_text=_(
-            (
+            "Matches Event's Client IP (strict matching, "
-                "Matches Event's Client IP (strict matching, "
+            "for network matching use an Expression Policy)"
                "for network matching use an Expression Policy)"
            )
        ),
    )
@ -75,6 +69,5 @@ class EventMatcherPolicy(Policy):
        return PolicyResult(False)
    class Meta(Policy.PolicyMeta):
        verbose_name = _("Event Matcher Policy")
        verbose_name_plural = _("Event Matcher Policies")
--- a/authentik/policies/expiry/migrations/0001_initial.py
+++ b/authentik/policies/expiry/migrations/0001_initial.py
@ -5,7 +5,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    initial = True
    dependencies = [
--- a/authentik/policies/expiry/migrations/0002_passwordexpirypolicy_authentik_p_policy__cf73a7_idx.py
+++ b/authentik/policies/expiry/migrations/0002_passwordexpirypolicy_authentik_p_policy__cf73a7_idx.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies_expiry", "0001_initial"),
    ]
--- a/authentik/policies/expiry/models.py
+++ b/authentik/policies/expiry/models.py
@ -42,7 +42,7 @@ class PasswordExpiryPolicy(Policy):
                request.user.set_unusable_password()
                request.user.save()
                message = _(
-                    ("Password expired %(days)d days ago. " "Please update your password.")
+                    "Password expired %(days)d days ago. Please update your password."
                    % {"days": days_since_expiry}
                )
                return PolicyResult(False, message)
@ -50,6 +50,5 @@ class PasswordExpiryPolicy(Policy):
        return PolicyResult(True)
    class Meta(Policy.PolicyMeta):
        verbose_name = _("Password Expiry Policy")
        verbose_name_plural = _("Password Expiry Policies")
--- a/authentik/policies/expression/migrations/0001_initial.py
+++ b/authentik/policies/expression/migrations/0001_initial.py
@ -5,7 +5,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    initial = True
    dependencies = [
--- a/authentik/policies/expression/migrations/0002_auto_20200926_1156.py
+++ b/authentik/policies/expression/migrations/0002_auto_20200926_1156.py
@ -16,7 +16,6 @@ def remove_pb_flow_plan(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies_expression", "0001_initial"),
    ]
--- a/authentik/policies/expression/migrations/0003_auto_20201203_1223.py
+++ b/authentik/policies/expression/migrations/0003_auto_20201203_1223.py
@ -18,7 +18,6 @@ def replace_pb_prefix(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies_expression", "0002_auto_20200926_1156"),
    ]
--- a/authentik/policies/expression/migrations/0004_expressionpolicy_authentik_p_policy__fb6feb_idx.py
+++ b/authentik/policies/expression/migrations/0004_expressionpolicy_authentik_p_policy__fb6feb_idx.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies_expression", "0003_auto_20201203_1223"),
    ]
--- a/authentik/policies/expression/models.py
+++ b/authentik/policies/expression/models.py
@ -37,6 +37,5 @@ class ExpressionPolicy(Policy):
        return super().save(*args, **kwargs)
    class Meta(Policy.PolicyMeta):
        verbose_name = _("Expression Policy")
        verbose_name_plural = _("Expression Policies")
--- a/authentik/policies/migrations/0001_initial.py
+++ b/authentik/policies/migrations/0001_initial.py
@ -7,7 +7,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    initial = True
    dependencies = []
--- a/authentik/policies/migrations/0002_auto_20200528_1647.py
+++ b/authentik/policies/migrations/0002_auto_20200528_1647.py
@ -7,7 +7,6 @@ import authentik.lib.models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies", "0001_initial"),
    ]
--- a/authentik/policies/migrations/0003_auto_20200908_1542.py
+++ b/authentik/policies/migrations/0003_auto_20200908_1542.py
@ -7,7 +7,6 @@ import authentik.lib.models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies", "0002_auto_20200528_1647"),
    ]
--- a/authentik/policies/migrations/0004_policy_execution_logging.py
+++ b/authentik/policies/migrations/0004_policy_execution_logging.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies", "0003_auto_20200908_1542"),
    ]
@ -15,7 +14,10 @@ class Migration(migrations.Migration):
            name="execution_logging",
            field=models.BooleanField(
                default=False,
-                help_text="When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.",
+                help_text=(
                    "When this option is enabled, all executions of this policy will be logged. By"
                    " default, only execution errors are logged."
                ),
            ),
        ),
    ]
--- a/authentik/policies/migrations/0005_binding_group.py
+++ b/authentik/policies/migrations/0005_binding_group.py
@ -30,7 +30,6 @@ def migrate_from_groupmembership(apps: Apps, schema_editor: BaseDatabaseSchemaEd
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_core", "0017_managed"),
        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
--- a/authentik/policies/migrations/0006_auto_20210329_1334.py
+++ b/authentik/policies/migrations/0006_auto_20210329_1334.py
@ -4,7 +4,6 @@ from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies", "0005_binding_group"),
    ]
--- a/authentik/policies/migrations/0007_policybindingmodel_policy_engine_mode.py
+++ b/authentik/policies/migrations/0007_policybindingmodel_policy_engine_mode.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies", "0006_auto_20210329_1334"),
    ]
--- a/authentik/policies/migrations/0008_policybinding_authentik_p_policy__534e15_idx_and_more.py
+++ b/authentik/policies/migrations/0008_policybinding_authentik_p_policy__534e15_idx_and_more.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies", "0007_policybindingmodel_policy_engine_mode"),
    ]
--- a/authentik/policies/migrations/0009_alter_policy_name.py
+++ b/authentik/policies/migrations/0009_alter_policy_name.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies", "0008_policybinding_authentik_p_policy__534e15_idx_and_more"),
    ]
--- a/authentik/policies/models.py
+++ b/authentik/policies/models.py
@ -141,7 +141,6 @@ class PolicyBinding(SerializerModel):
        return ""
    class Meta:
        verbose_name = _("Policy Binding")
        verbose_name_plural = _("Policy Bindings")
        unique_together = ("policy", "target", "order")
@ -164,10 +163,8 @@ class Policy(SerializerModel, CreatedUpdatedModel):
    execution_logging = models.BooleanField(
        default=False,
        help_text=_(
-            (
+            "When this option is enabled, all executions of this policy will be logged. "
-                "When this option is enabled, all executions of this policy will be logged. "
+            "By default, only execution errors are logged."
                "By default, only execution errors are logged."
            )
        ),
    )
--- a/authentik/policies/password/migrations/0001_initial.py
+++ b/authentik/policies/password/migrations/0001_initial.py
@ -5,7 +5,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    initial = True
    dependencies = [
--- a/authentik/policies/password/migrations/0002_passwordpolicy_password_field.py
+++ b/authentik/policies/password/migrations/0002_passwordpolicy_password_field.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies_password", "0001_initial"),
    ]
--- a/authentik/policies/password/migrations/0003_passwordpolicy_amount_digits.py
+++ b/authentik/policies/password/migrations/0003_passwordpolicy_amount_digits.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies_password", "0002_passwordpolicy_password_field"),
    ]
--- a/authentik/policies/password/migrations/0004_passwordpolicy_authentik_p_policy__855e80_idx.py
+++ b/authentik/policies/password/migrations/0004_passwordpolicy_authentik_p_policy__855e80_idx.py
@ -4,7 +4,6 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("authentik_policies_password", "0003_passwordpolicy_amount_digits"),
    ]
--- a/Show More
+++ b/Show More