Try out servestatic again

.github/workflows/ci-docker.yml

@@ -149,16 +149,15 @@ jobs:
           mkdir -p /tmp/digests
           digest="${{ steps.build.outputs.digest }}"
           echo "digest=${digest}"
-          echo "${digest}" > "/tmp/digests/digest-${{ matrix.arch }}.txt"
+          touch "/tmp/digests/${digest#sha256:}"
       - name: Upload digest
         if: steps.check-push.outputs.should-push == 'true'
         uses: actions/upload-artifact@v7.0.0
         with:
           name: digests-${{ matrix.arch }}
-          path: /tmp/digests/digest-${{ matrix.arch }}.txt
+          path: /tmp/digests/*
           if-no-files-found: error
           retention-days: 1
-          archive: false
   merge-and-push:
     name: Merge and Push Manifest
     runs-on: ubuntu-24.04
@@ -172,7 +171,7 @@ jobs:
         uses: actions/download-artifact@v8.0.0
         with:
           path: /tmp/digests
-          pattern: digest-*.txt
+          pattern: digests-*
           merge-multiple: true
       - name: List digests
         run: |
@@ -218,9 +217,8 @@ jobs:
           tags=$(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "${DOCKER_METADATA_OUTPUT_JSON}")
 
           digests=""
-          for digest_file in digest-*.txt; do
-            digest=$(cat "${digest_file}")
-            digests+="${{ env.REGISTRY }}/${REPOSITORY}@${digest} "
+          for digest in *; do
+            digests+="${{ env.REGISTRY }}/${REPOSITORY}@sha256:${digest} "
           done
 
           echo "Creating manifest with tags: ${tags}"

.github/workflows/pr-bot.yml

@@ -2,24 +2,13 @@ name: PR Bot
 on:
   pull_request_target:
     types: [opened]
+permissions:
+  contents: read
+  pull-requests: write
 jobs:
-  anti-slop:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      issues: read
-      pull-requests: write
-    steps:
-      - uses: peakoss/anti-slop@v0.2.1
-        with:
-          max-failures: 4
-          failure-add-pr-labels: 'ai'
   pr-bot:
     name: Automated PR Bot
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: write
     steps:
       - name: Label PR by file path or branch name
         # see .github/labeler.yml for the labeler config

pyproject.toml

@@ -49,7 +49,6 @@ dependencies = [
   "flower~=2.0.1",
   "gotenberg-client~=0.13.1",
   "httpx-oauth~=0.16",
-  "ijson>=3.2",
   "imap-tools~=1.11.0",
   "jinja2~=3.1.5",
   "langdetect~=1.0.9",
@@ -74,6 +73,7 @@ dependencies = [
   "regex>=2025.9.18",
   "scikit-learn~=1.7.0",
   "sentence-transformers>=4.1",
+  "servestatic>=4",
   "setproctitle~=1.3.4",
   "tika-client~=0.10.0",
   "torch~=2.10.0",
@@ -305,7 +305,6 @@ markers = [
   "greenmail: Tests requiring Greenmail service",
   "date_parsing: Tests which cover date parsing from content or filename",
   "management: Tests which cover management commands/functionality",
-  "profiling: Benchmarks for comparing implementation performance (not assertions, inspect output manually)",
 ]
 
 [tool.pytest_env]

src/documents/management/commands/document_importer.py

@@ -8,7 +8,6 @@ from pathlib import Path
 from zipfile import ZipFile
 from zipfile import is_zipfile
 
-import ijson
 import tqdm
 from django.conf import settings
 from django.contrib.auth.models import Permission
@@ -48,15 +47,6 @@ if settings.AUDIT_LOG_ENABLED:
     from auditlog.registry import auditlog
 
 
-def iter_manifest_records(path: Path) -> Generator[dict, None, None]:
-    """Yield records one at a time from a manifest JSON array via ijson."""
-    try:
-        with path.open("rb") as f:
-            yield from ijson.items(f, "item")
-    except ijson.JSONError as e:
-        raise CommandError(f"Failed to parse manifest file {path}: {e}") from e
-
-
 @contextmanager
 def disable_signal(sig, receiver, sender, *, weak: bool | None = None) -> Generator:
     try:
@@ -157,9 +147,14 @@ class Command(CryptMixin, BaseCommand):
         Loads manifest data from the various JSON files for parsing and loading the database
         """
         main_manifest_path: Path = self.source / "manifest.json"
+
+        with main_manifest_path.open() as infile:
+            self.manifest = json.load(infile)
         self.manifest_paths.append(main_manifest_path)
 
         for file in Path(self.source).glob("**/*-manifest.json"):
+            with file.open() as infile:
+                self.manifest += json.load(infile)
             self.manifest_paths.append(file)
 
     def load_metadata(self) -> None:
@@ -241,6 +236,7 @@ class Command(CryptMixin, BaseCommand):
         self.version: str | None = None
         self.salt: str | None = None
         self.manifest_paths = []
+        self.manifest = []
 
         # Create a temporary directory for extracting a zip file into it, even if supplied source is no zip file to keep code cleaner.
         with tempfile.TemporaryDirectory() as tmp_dir:
@@ -300,9 +296,6 @@ class Command(CryptMixin, BaseCommand):
             else:
                 self.stdout.write(self.style.NOTICE("Data only import completed"))
 
-            for tmp in getattr(self, "_decrypted_tmp_paths", []):
-                tmp.unlink(missing_ok=True)
-
         self.stdout.write("Updating search index...")
         call_command(
             "document_index",
@@ -355,12 +348,11 @@ class Command(CryptMixin, BaseCommand):
                     ) from e
 
         self.stdout.write("Checking the manifest")
-        for manifest_path in self.manifest_paths:
-            for record in iter_manifest_records(manifest_path):
-                # Only check if the document files exist if this is not data only
-                # We don't care about documents for a data only import
-                if not self.data_only and record["model"] == "documents.document":
-                    check_document_validity(record)
+        for record in self.manifest:
+            # Only check if the document files exist if this is not data only
+            # We don't care about documents for a data only import
+            if not self.data_only and record["model"] == "documents.document":
+                check_document_validity(record)
 
     def _import_files_from_manifest(self) -> None:
         settings.ORIGINALS_DIR.mkdir(parents=True, exist_ok=True)
@@ -369,31 +361,23 @@ class Command(CryptMixin, BaseCommand):
 
         self.stdout.write("Copy files into paperless...")
 
-        document_records = [
-            {
-                "pk": record["pk"],
-                EXPORTER_FILE_NAME: record[EXPORTER_FILE_NAME],
-                EXPORTER_THUMBNAIL_NAME: record.get(EXPORTER_THUMBNAIL_NAME),
-                EXPORTER_ARCHIVE_NAME: record.get(EXPORTER_ARCHIVE_NAME),
-            }
-            for manifest_path in self.manifest_paths
-            for record in iter_manifest_records(manifest_path)
-            if record["model"] == "documents.document"
-        ]
+        manifest_documents = list(
+            filter(lambda r: r["model"] == "documents.document", self.manifest),
+        )
 
-        for record in tqdm.tqdm(document_records, disable=self.no_progress_bar):
+        for record in tqdm.tqdm(manifest_documents, disable=self.no_progress_bar):
             document = Document.objects.get(pk=record["pk"])
 
             doc_file = record[EXPORTER_FILE_NAME]
             document_path = self.source / doc_file
 
-            if record[EXPORTER_THUMBNAIL_NAME]:
+            if EXPORTER_THUMBNAIL_NAME in record:
                 thumb_file = record[EXPORTER_THUMBNAIL_NAME]
                 thumbnail_path = (self.source / thumb_file).resolve()
             else:
                 thumbnail_path = None
 
-            if record[EXPORTER_ARCHIVE_NAME]:
+            if EXPORTER_ARCHIVE_NAME in record:
                 archive_file = record[EXPORTER_ARCHIVE_NAME]
                 archive_path = self.source / archive_file
             else:
@@ -434,43 +418,33 @@ class Command(CryptMixin, BaseCommand):
 
             document.save()
 
-    def _decrypt_record_if_needed(self, record: dict) -> dict:
-        for crypt_config in self.CRYPT_FIELDS:
-            if record["model"] == crypt_config["model_name"]:
-                for field in crypt_config["fields"]:
-                    if record["fields"].get(field):
-                        record["fields"][field] = self.decrypt_string(
-                            value=record["fields"][field],
-                        )
-        return record
-
     def decrypt_secret_fields(self) -> None:
         """
-        The converse decryption of some fields out of the export before importing to database.
-        Streams records from each manifest path and writes decrypted content to a temp file.
+        The converse decryption of some fields out of the export before importing to database
         """
-        if not self.passphrase:
-            return
-        # Salt has been loaded from metadata.json at this point, so it cannot be None
-        self.setup_crypto(passphrase=self.passphrase, salt=self.salt)
-        self._decrypted_tmp_paths: list[Path] = []
-        new_paths: list[Path] = []
-        for manifest_path in self.manifest_paths:
-            tmp = manifest_path.with_name(manifest_path.stem + ".decrypted.json")
-            with tmp.open("w", encoding="utf-8") as out:
-                out.write("[\n")
-                first = True
-                for record in iter_manifest_records(manifest_path):
-                    if not first:
-                        out.write(",\n")
-                    json.dump(
-                        self._decrypt_record_if_needed(record),
-                        out,
-                        indent=2,
-                        ensure_ascii=False,
-                    )
-                    first = False
-                out.write("\n]\n")
-            self._decrypted_tmp_paths.append(tmp)
-            new_paths.append(tmp)
-        self.manifest_paths = new_paths
+        if self.passphrase:
+            # Salt has been loaded from metadata.json at this point, so it cannot be None
+            self.setup_crypto(passphrase=self.passphrase, salt=self.salt)
+
+            had_at_least_one_record = False
+
+            for crypt_config in self.CRYPT_FIELDS:
+                importer_model: str = crypt_config["model_name"]
+                crypt_fields: str = crypt_config["fields"]
+                for record in filter(
+                    lambda x: x["model"] == importer_model,
+                    self.manifest,
+                ):
+                    had_at_least_one_record = True
+                    for field in crypt_fields:
+                        if record["fields"][field]:
+                            record["fields"][field] = self.decrypt_string(
+                                value=record["fields"][field],
+                            )
+
+            if had_at_least_one_record:
+                # It's annoying, but the DB is loaded from the JSON directly
+                # Maybe could change that in the future?
+                (self.source / "manifest.json").write_text(
+                    json.dumps(self.manifest, indent=2, ensure_ascii=False),
+                )

src/documents/profiling.py

@@ -1,71 +0,0 @@
-"""
-Temporary profiling utilities for comparing implementations.
-
-Usage in a management command or shell::
-
-    from documents.profiling import profile_block
-
-    with profile_block("new check_sanity"):
-        messages = check_sanity()
-
-    with profile_block("old check_sanity"):
-        messages = check_sanity_old()
-
-Drop this file when done.
-"""
-
-from __future__ import annotations
-
-import tracemalloc
-from contextlib import contextmanager
-from time import perf_counter
-from typing import TYPE_CHECKING
-
-if TYPE_CHECKING:
-    from collections.abc import Generator
-
-from django.db import connection
-from django.db import reset_queries
-from django.test.utils import override_settings
-
-
-@contextmanager
-def profile_block(label: str = "block") -> Generator[None, None, None]:
-    """Profile memory, wall time, and DB queries for a code block.
-
-    Prints a summary to stdout on exit. Requires no external packages.
-    Enables DEBUG temporarily to capture Django's query log.
-    """
-    tracemalloc.start()
-    snapshot_before = tracemalloc.take_snapshot()
-
-    with override_settings(DEBUG=True):
-        reset_queries()
-        start = perf_counter()
-
-        yield
-
-        elapsed = perf_counter() - start
-        queries = list(connection.queries)
-
-    snapshot_after = tracemalloc.take_snapshot()
-    _, peak = tracemalloc.get_traced_memory()
-    tracemalloc.stop()
-
-    # Compare snapshots for top allocations
-    stats = snapshot_after.compare_to(snapshot_before, "lineno")
-
-    query_time = sum(float(q["time"]) for q in queries)
-    mem_diff = sum(s.size_diff for s in stats)
-
-    print(f"\n{'=' * 60}")  # noqa: T201
-    print(f"  Profile: {label}")  # noqa: T201
-    print(f"{'=' * 60}")  # noqa: T201
-    print(f"  Wall time:    {elapsed:.4f}s")  # noqa: T201
-    print(f"  Queries:      {len(queries)} ({query_time:.4f}s)")  # noqa: T201
-    print(f"  Memory delta: {mem_diff / 1024:.1f} KiB")  # noqa: T201
-    print(f"  Peak memory:  {peak / 1024:.1f} KiB")  # noqa: T201
-    print("\n  Top 5 allocations:")  # noqa: T201
-    for stat in stats[:5]:
-        print(f"    {stat}")  # noqa: T201
-    print(f"{'=' * 60}\n")  # noqa: T201

src/documents/tests/test_importer_profile_phase4.py

@@ -1,128 +0,0 @@
-"""
-Phase 4 profiling benchmark: ijson streaming parse vs json.load for manifest files.
-
-Run with:
-    uv run pytest src/documents/tests/test_importer_profile_phase4.py \
-        -m profiling --override-ini="addopts=" -s
-"""
-
-import json
-import shutil
-import tempfile
-from pathlib import Path
-
-import pytest
-from django.core.management import call_command
-from django.test import TestCase
-
-from documents.management.commands.document_importer import iter_manifest_records
-from documents.models import CustomField
-from documents.models import CustomFieldInstance
-from documents.profiling import profile_block
-from documents.tests.factories import DocumentFactory
-from documents.tests.utils import DirectoriesMixin
-from documents.tests.utils import SampleDirMixin
-
-
-@pytest.mark.profiling
-class TestImporterProfilePhase4(DirectoriesMixin, SampleDirMixin, TestCase):
-    """
-    Benchmarks streaming ijson parse vs json.load over exported manifest files.
-
-    Creates 200 documents + 1 custom field + 200 custom field instances,
-    exports them, then compares the parse step in isolation.
-
-    Does not assert on results — inspect printed profile_block output manually.
-    """
-
-    def setUp(self) -> None:
-        super().setUp()
-        self.export_dir = Path(tempfile.mkdtemp())
-        self.addCleanup(shutil.rmtree, self.export_dir)
-
-    def _create_test_data(self) -> None:
-        cf = CustomField.objects.create(
-            name="Phase4 Field",
-            data_type=CustomField.FieldDataType.STRING,
-        )
-        docs = DocumentFactory.create_batch(200)
-        for doc in docs:
-            CustomFieldInstance.objects.create(
-                field=cf,
-                document=doc,
-                value_text=f"value for {doc.pk}",
-            )
-
-    def _get_manifest_paths(self) -> list[Path]:
-        paths = [self.export_dir / "manifest.json"]
-        paths += list(self.export_dir.glob("**/*-manifest.json"))
-        return [p for p in paths if p.exists()]
-
-    def test_profile_streaming_vs_json_load(self) -> None:
-        self._create_test_data()
-
-        call_command(
-            "document_exporter",
-            str(self.export_dir),
-            "--no-progress-bar",
-            "--data-only",
-        )
-
-        manifest_paths = self._get_manifest_paths()
-        self.assertTrue(manifest_paths, "No manifest files found after export")
-
-        # Baseline: json.load then iterate (original approach — loads all into memory)
-        with profile_block("baseline: json.load + iterate"):
-            for path in manifest_paths:
-                with path.open() as f:
-                    records = json.load(f)
-                for r in records:
-                    _ = r["model"]  # simulate check_manifest_validity
-
-        # New: ijson streaming without accumulation (mirrors check_manifest_validity)
-        with profile_block("new: ijson streaming (no accumulation)"):
-            for path in manifest_paths:
-                for record in iter_manifest_records(path):
-                    _ = record["model"]  # process one at a time, no list buildup
-
-        # New: ijson stream-decrypt to temp file (mirrors decrypt_secret_fields)
-        tmp_path = self.export_dir / "manifest.bench.json"
-        with profile_block("new: ijson stream to temp file"):
-            for path in manifest_paths:
-                with tmp_path.open("w", encoding="utf-8") as out:
-                    out.write("[\n")
-                    first = True
-                    for record in iter_manifest_records(path):
-                        if not first:
-                            out.write(",\n")
-                        json.dump(record, out, ensure_ascii=False)
-                        first = False
-                    out.write("\n]\n")
-        tmp_path.unlink(missing_ok=True)
-
-        # Baseline: full record list (old _import_files_from_manifest approach)
-        with profile_block("baseline: full record list (doc records only)"):
-            _ = [
-                record
-                for path in manifest_paths
-                for record in iter_manifest_records(path)
-                if record["model"] == "documents.document"
-            ]
-
-        # New: slim dict list (current _import_files_from_manifest approach)
-        from documents.settings import EXPORTER_ARCHIVE_NAME
-        from documents.settings import EXPORTER_FILE_NAME
-        from documents.settings import EXPORTER_THUMBNAIL_NAME
-
-        with profile_block("new: slim dict list (4 keys only)"):
-            _ = [
-                {
-                    "pk": record["pk"],
-                    EXPORTER_FILE_NAME: record[EXPORTER_FILE_NAME],
-                    EXPORTER_THUMBNAIL_NAME: record.get(EXPORTER_THUMBNAIL_NAME),
-                    EXPORTER_ARCHIVE_NAME: record.get(EXPORTER_ARCHIVE_NAME),
-                }
-                for path in manifest_paths
-                for record in iter_manifest_records(path)
-                if record["model"] == "documents.document"
-            ]

src/documents/tests/test_management_importer.py

@@ -119,22 +119,15 @@ class TestCommandImport(
             # No read permissions
             original_path.chmod(0o222)
 
-            manifest_path = Path(temp_dir) / "manifest.json"
-            manifest_path.write_text(
-                json.dumps(
-                    [
-                        {
-                            "model": "documents.document",
-                            EXPORTER_FILE_NAME: "original.pdf",
-                            EXPORTER_ARCHIVE_NAME: "archive.pdf",
-                        },
-                    ],
-                ),
-            )
-
             cmd = Command()
             cmd.source = Path(temp_dir)
-            cmd.manifest_paths = [manifest_path]
+            cmd.manifest = [
+                {
+                    "model": "documents.document",
+                    EXPORTER_FILE_NAME: "original.pdf",
+                    EXPORTER_ARCHIVE_NAME: "archive.pdf",
+                },
+            ]
             cmd.data_only = False
             with self.assertRaises(CommandError) as cm:
                 cmd.check_manifest_validity()
@@ -303,7 +296,7 @@ class TestCommandImport(
         (self.dirs.scratch_dir / "manifest.json").touch()
 
         # We're not building a manifest, so it fails, but this test doesn't care
-        with self.assertRaises(CommandError):
+        with self.assertRaises(json.decoder.JSONDecodeError):
             call_command(
                 "document_importer",
                 "--no-progress-bar",
@@ -332,7 +325,7 @@ class TestCommandImport(
         )
 
         # We're not building a manifest, so it fails, but this test doesn't care
-        with self.assertRaises(CommandError):
+        with self.assertRaises(json.decoder.JSONDecodeError):
             call_command(
                 "document_importer",
                 "--no-progress-bar",

src/paperless/settings/__init__.py

@@ -335,7 +335,7 @@ SCRATCH_DIR = __get_path(
 env_apps = __get_list("PAPERLESS_APPS")
 
 INSTALLED_APPS = [
-    "whitenoise.runserver_nostatic",
+    "servestatic.runserver_nostatic",
     "django.contrib.auth",
     "django.contrib.contenttypes",
     "django.contrib.sessions",
@@ -391,7 +391,7 @@ if DEBUG:
 
 MIDDLEWARE = [
     "django.middleware.security.SecurityMiddleware",
-    "whitenoise.middleware.WhiteNoiseMiddleware",
+    "servestatic.middleware.ServeStaticMiddleware",
     "django.contrib.sessions.middleware.SessionMiddleware",
     "corsheaders.middleware.CorsMiddleware",
     "django.middleware.locale.LocaleMiddleware",
@@ -466,7 +466,7 @@ WHITENOISE_STATIC_PREFIX = "/static/"
 
 STORAGES = {
     "staticfiles": {
-        "BACKEND": "whitenoise.storage.CompressedStaticFilesStorage",
+        "BACKEND": "servestatic.storage.CompressedStaticFilesStorage",
     },
     "default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
 }

src/paperless/tests/test_adapter.py

@@ -1,100 +1,107 @@
-import logging
+from unittest import mock
 
-import pytest
 from allauth.account.adapter import get_adapter
 from allauth.core import context
 from allauth.socialaccount.adapter import get_adapter as get_social_adapter
+from django.conf import settings
 from django.contrib.auth.models import AnonymousUser
 from django.contrib.auth.models import Group
 from django.contrib.auth.models import User
 from django.forms import ValidationError
 from django.http import HttpRequest
+from django.test import TestCase
+from django.test import override_settings
 from django.urls import reverse
-from pytest_django.fixtures import SettingsWrapper
-from pytest_mock import MockerFixture
 from rest_framework.authtoken.models import Token
 
 from paperless.adapter import DrfTokenStrategy
 
 
-@pytest.mark.django_db
-class TestCustomAccountAdapter:
-    def test_is_open_for_signup(self, settings: SettingsWrapper) -> None:
+class TestCustomAccountAdapter(TestCase):
+    def test_is_open_for_signup(self) -> None:
         adapter = get_adapter()
 
         # With no accounts, signups should be allowed
-        assert adapter.is_open_for_signup(None)
+        self.assertTrue(adapter.is_open_for_signup(None))
 
         User.objects.create_user("testuser")
 
+        # Test when ACCOUNT_ALLOW_SIGNUPS is True
         settings.ACCOUNT_ALLOW_SIGNUPS = True
-        assert adapter.is_open_for_signup(None)
+        self.assertTrue(adapter.is_open_for_signup(None))
 
+        # Test when ACCOUNT_ALLOW_SIGNUPS is False
         settings.ACCOUNT_ALLOW_SIGNUPS = False
-        assert not adapter.is_open_for_signup(None)
+        self.assertFalse(adapter.is_open_for_signup(None))
 
-    def test_is_safe_url(self, settings: SettingsWrapper) -> None:
+    def test_is_safe_url(self) -> None:
         request = HttpRequest()
-        request.get_host = lambda: "example.com"
+        request.get_host = mock.Mock(return_value="example.com")
         with context.request_context(request):
             adapter = get_adapter()
+            with override_settings(ALLOWED_HOSTS=["*"]):
+                # True because request host is same
+                url = "https://example.com"
+                self.assertTrue(adapter.is_safe_url(url))
 
-            settings.ALLOWED_HOSTS = ["*"]
-            # True because request host is same
-            assert adapter.is_safe_url("https://example.com")
+            url = "https://evil.com"
             # False despite wildcard because request host is different
-            assert not adapter.is_safe_url("https://evil.com")
+            self.assertFalse(adapter.is_safe_url(url))
 
             settings.ALLOWED_HOSTS = ["example.com"]
+            url = "https://example.com"
             # True because request host is same
-            assert adapter.is_safe_url("https://example.com")
+            self.assertTrue(adapter.is_safe_url(url))
 
             settings.ALLOWED_HOSTS = ["*", "example.com"]
+            url = "//evil.com"
             # False because request host is not in allowed hosts
-            assert not adapter.is_safe_url("//evil.com")
+            self.assertFalse(adapter.is_safe_url(url))
 
-    def test_pre_authenticate(
-        self,
-        settings: SettingsWrapper,
-        mocker: MockerFixture,
-    ) -> None:
-        mocker.patch("allauth.core.internal.ratelimit.consume", return_value=True)
+    @mock.patch("allauth.core.internal.ratelimit.consume", return_value=True)
+    def test_pre_authenticate(self, mock_consume) -> None:
         adapter = get_adapter()
         request = HttpRequest()
-        request.get_host = lambda: "example.com"
+        request.get_host = mock.Mock(return_value="example.com")
 
         settings.DISABLE_REGULAR_LOGIN = False
         adapter.pre_authenticate(request)
 
         settings.DISABLE_REGULAR_LOGIN = True
-        with pytest.raises(ValidationError):
+        with self.assertRaises(ValidationError):
             adapter.pre_authenticate(request)
 
-    def test_get_reset_password_from_key_url(self, settings: SettingsWrapper) -> None:
+    def test_get_reset_password_from_key_url(self) -> None:
         request = HttpRequest()
-        request.get_host = lambda: "foo.org"
+        request.get_host = mock.Mock(return_value="foo.org")
         with context.request_context(request):
             adapter = get_adapter()
 
-            settings.PAPERLESS_URL = None
-            settings.ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https"
-            expected_url = f"https://foo.org{reverse('account_reset_password_from_key', kwargs={'uidb36': 'UID', 'key': 'KEY'})}"
-            assert adapter.get_reset_password_from_key_url("UID-KEY") == expected_url
+            # Test when PAPERLESS_URL is None
+            with override_settings(
+                PAPERLESS_URL=None,
+                ACCOUNT_DEFAULT_HTTP_PROTOCOL="https",
+            ):
+                expected_url = f"https://foo.org{reverse('account_reset_password_from_key', kwargs={'uidb36': 'UID', 'key': 'KEY'})}"
+                self.assertEqual(
+                    adapter.get_reset_password_from_key_url("UID-KEY"),
+                    expected_url,
+                )
 
-            settings.PAPERLESS_URL = "https://bar.com"
-            expected_url = f"https://bar.com{reverse('account_reset_password_from_key', kwargs={'uidb36': 'UID', 'key': 'KEY'})}"
-            assert adapter.get_reset_password_from_key_url("UID-KEY") == expected_url
+            # Test when PAPERLESS_URL is not None
+            with override_settings(PAPERLESS_URL="https://bar.com"):
+                expected_url = f"https://bar.com{reverse('account_reset_password_from_key', kwargs={'uidb36': 'UID', 'key': 'KEY'})}"
+                self.assertEqual(
+                    adapter.get_reset_password_from_key_url("UID-KEY"),
+                    expected_url,
+                )
 
-    def test_save_user_adds_groups(
-        self,
-        settings: SettingsWrapper,
-        mocker: MockerFixture,
-    ) -> None:
-        settings.ACCOUNT_DEFAULT_GROUPS = ["group1", "group2"]
+    @override_settings(ACCOUNT_DEFAULT_GROUPS=["group1", "group2"])
+    def test_save_user_adds_groups(self) -> None:
         Group.objects.create(name="group1")
         user = User.objects.create_user("testuser")
         adapter = get_adapter()
-        form = mocker.MagicMock(
+        form = mock.Mock(
             cleaned_data={
                 "username": "testuser",
                 "email": "user@example.com",
@@ -103,81 +110,88 @@ class TestCustomAccountAdapter:
 
         user = adapter.save_user(HttpRequest(), user, form, commit=True)
 
-        assert user.groups.count() == 1
-        assert user.groups.filter(name="group1").exists()
-        assert not user.groups.filter(name="group2").exists()
+        self.assertEqual(user.groups.count(), 1)
+        self.assertTrue(user.groups.filter(name="group1").exists())
+        self.assertFalse(user.groups.filter(name="group2").exists())
 
-    def test_fresh_install_save_creates_superuser(self, mocker: MockerFixture) -> None:
+    def test_fresh_install_save_creates_superuser(self) -> None:
         adapter = get_adapter()
-        form = mocker.MagicMock(
+        form = mock.Mock(
             cleaned_data={
                 "username": "testuser",
                 "email": "user@paperless-ngx.com",
             },
         )
         user = adapter.save_user(HttpRequest(), User(), form, commit=True)
-        assert user.is_superuser
+        self.assertTrue(user.is_superuser)
 
-        form = mocker.MagicMock(
+        # Next time, it should not create a superuser
+        form = mock.Mock(
             cleaned_data={
                 "username": "testuser2",
                 "email": "user2@paperless-ngx.com",
             },
         )
         user2 = adapter.save_user(HttpRequest(), User(), form, commit=True)
-        assert not user2.is_superuser
+        self.assertFalse(user2.is_superuser)
 
 
-class TestCustomSocialAccountAdapter:
-    @pytest.mark.django_db
-    def test_is_open_for_signup(self, settings: SettingsWrapper) -> None:
+class TestCustomSocialAccountAdapter(TestCase):
+    def test_is_open_for_signup(self) -> None:
         adapter = get_social_adapter()
 
+        # Test when SOCIALACCOUNT_ALLOW_SIGNUPS is True
         settings.SOCIALACCOUNT_ALLOW_SIGNUPS = True
-        assert adapter.is_open_for_signup(None, None)
+        self.assertTrue(adapter.is_open_for_signup(None, None))
 
+        # Test when SOCIALACCOUNT_ALLOW_SIGNUPS is False
         settings.SOCIALACCOUNT_ALLOW_SIGNUPS = False
-        assert not adapter.is_open_for_signup(None, None)
+        self.assertFalse(adapter.is_open_for_signup(None, None))
 
     def test_get_connect_redirect_url(self) -> None:
         adapter = get_social_adapter()
-        assert adapter.get_connect_redirect_url(None, None) == reverse("base")
+        request = None
+        socialaccount = None
 
-    @pytest.mark.django_db
-    def test_save_user_adds_groups(
-        self,
-        settings: SettingsWrapper,
-        mocker: MockerFixture,
-    ) -> None:
-        settings.SOCIAL_ACCOUNT_DEFAULT_GROUPS = ["group1", "group2"]
+        # Test the default URL
+        expected_url = reverse("base")
+        self.assertEqual(
+            adapter.get_connect_redirect_url(request, socialaccount),
+            expected_url,
+        )
+
+    @override_settings(SOCIAL_ACCOUNT_DEFAULT_GROUPS=["group1", "group2"])
+    def test_save_user_adds_groups(self) -> None:
         Group.objects.create(name="group1")
         adapter = get_social_adapter()
+        request = HttpRequest()
         user = User.objects.create_user("testuser")
-        sociallogin = mocker.MagicMock(user=user)
+        sociallogin = mock.Mock(
+            user=user,
+        )
 
-        user = adapter.save_user(HttpRequest(), sociallogin, None)
+        user = adapter.save_user(request, sociallogin, None)
 
-        assert user.groups.count() == 1
-        assert user.groups.filter(name="group1").exists()
-        assert not user.groups.filter(name="group2").exists()
+        self.assertEqual(user.groups.count(), 1)
+        self.assertTrue(user.groups.filter(name="group1").exists())
+        self.assertFalse(user.groups.filter(name="group2").exists())
 
-    def test_error_logged_on_authentication_error(
-        self,
-        caplog: pytest.LogCaptureFixture,
-    ) -> None:
+    def test_error_logged_on_authentication_error(self) -> None:
         adapter = get_social_adapter()
-        with caplog.at_level(logging.INFO, logger="paperless.auth"):
+        request = HttpRequest()
+        with self.assertLogs("paperless.auth", level="INFO") as log_cm:
             adapter.on_authentication_error(
-                HttpRequest(),
+                request,
                 provider="test-provider",
                 error="Error",
                 exception="Test authentication error",
             )
-        assert any("Test authentication error" in msg for msg in caplog.messages)
+        self.assertTrue(
+            any("Test authentication error" in message for message in log_cm.output),
+        )
 
 
-@pytest.mark.django_db
-class TestDrfTokenStrategy:
+class TestDrfTokenStrategy(TestCase):
     def test_create_access_token_creates_new_token(self) -> None:
         """
         GIVEN:
@@ -187,6 +201,7 @@ class TestDrfTokenStrategy:
         THEN:
             - A new token is created and its key is returned
         """
+
         user = User.objects.create_user("testuser")
         request = HttpRequest()
         request.user = user
@@ -194,9 +209,13 @@ class TestDrfTokenStrategy:
         strategy = DrfTokenStrategy()
         token_key = strategy.create_access_token(request)
 
-        assert token_key is not None
-        assert Token.objects.filter(user=user).exists()
-        assert token_key == Token.objects.get(user=user).key
+        # Verify a token was created
+        self.assertIsNotNone(token_key)
+        self.assertTrue(Token.objects.filter(user=user).exists())
+
+        # Verify the returned key matches the created token
+        token = Token.objects.get(user=user)
+        self.assertEqual(token_key, token.key)
 
     def test_create_access_token_returns_existing_token(self) -> None:
         """
@@ -207,6 +226,7 @@ class TestDrfTokenStrategy:
         THEN:
             - The same token key is returned (no new token created)
         """
+
         user = User.objects.create_user("testuser")
         existing_token = Token.objects.create(user=user)
 
@@ -216,8 +236,11 @@ class TestDrfTokenStrategy:
         strategy = DrfTokenStrategy()
         token_key = strategy.create_access_token(request)
 
-        assert token_key == existing_token.key
-        assert Token.objects.filter(user=user).count() == 1
+        # Verify the existing token key is returned
+        self.assertEqual(token_key, existing_token.key)
+
+        # Verify only one token exists (no duplicate created)
+        self.assertEqual(Token.objects.filter(user=user).count(), 1)
 
     def test_create_access_token_returns_none_for_unauthenticated_user(self) -> None:
         """
@@ -228,11 +251,12 @@ class TestDrfTokenStrategy:
         THEN:
             - None is returned and no token is created
         """
+
         request = HttpRequest()
         request.user = AnonymousUser()
 
         strategy = DrfTokenStrategy()
         token_key = strategy.create_access_token(request)
 
-        assert token_key is None
-        assert Token.objects.count() == 0
+        self.assertIsNone(token_key)
+        self.assertEqual(Token.objects.count(), 0)

src/paperless/tests/test_checks.py

@@ -1,15 +1,16 @@
 import os
-from collections.abc import Callable
-from dataclasses import dataclass
 from pathlib import Path
 from unittest import mock
 
 import pytest
 from django.core.checks import Error
 from django.core.checks import Warning
-from pytest_django.fixtures import SettingsWrapper
+from django.test import TestCase
+from django.test import override_settings
 from pytest_mock import MockerFixture
 
+from documents.tests.utils import DirectoriesMixin
+from documents.tests.utils import FileSystemAssertsMixin
 from paperless.checks import audit_log_check
 from paperless.checks import binaries_check
 from paperless.checks import check_deprecated_db_settings
@@ -19,84 +20,54 @@ from paperless.checks import paths_check
 from paperless.checks import settings_values_check
 
 
-@dataclass(frozen=True, slots=True)
-class PaperlessTestDirs:
-    data_dir: Path
-    media_dir: Path
-    consumption_dir: Path
-
-
-# TODO: consolidate with documents/tests/conftest.py PaperlessDirs/paperless_dirs
-#       once the paperless and documents test suites are ready to share fixtures.
-@pytest.fixture()
-def directories(tmp_path: Path, settings: SettingsWrapper) -> PaperlessTestDirs:
-    data_dir = tmp_path / "data"
-    media_dir = tmp_path / "media"
-    consumption_dir = tmp_path / "consumption"
-
-    for d in (data_dir, media_dir, consumption_dir):
-        d.mkdir()
-
-    settings.DATA_DIR = data_dir
-    settings.MEDIA_ROOT = media_dir
-    settings.CONSUMPTION_DIR = consumption_dir
-
-    return PaperlessTestDirs(
-        data_dir=data_dir,
-        media_dir=media_dir,
-        consumption_dir=consumption_dir,
-    )
-
-
-class TestChecks:
+class TestChecks(DirectoriesMixin, TestCase):
     def test_binaries(self) -> None:
-        assert binaries_check(None) == []
+        self.assertEqual(binaries_check(None), [])
 
-    def test_binaries_fail(self, settings: SettingsWrapper) -> None:
-        settings.CONVERT_BINARY = "uuuhh"
-        assert len(binaries_check(None)) == 1
+    @override_settings(CONVERT_BINARY="uuuhh")
+    def test_binaries_fail(self) -> None:
+        self.assertEqual(len(binaries_check(None)), 1)
 
-    @pytest.mark.usefixtures("directories")
     def test_paths_check(self) -> None:
-        assert paths_check(None) == []
+        self.assertEqual(paths_check(None), [])
 
-    def test_paths_check_dont_exist(self, settings: SettingsWrapper) -> None:
-        settings.MEDIA_ROOT = Path("uuh")
-        settings.DATA_DIR = Path("whatever")
-        settings.CONSUMPTION_DIR = Path("idontcare")
+    @override_settings(
+        MEDIA_ROOT=Path("uuh"),
+        DATA_DIR=Path("whatever"),
+        CONSUMPTION_DIR=Path("idontcare"),
+    )
+    def test_paths_check_dont_exist(self) -> None:
+        msgs = paths_check(None)
+        self.assertEqual(len(msgs), 3, str(msgs))
+
+        for msg in msgs:
+            self.assertTrue(msg.msg.endswith("is set but doesn't exist."))
+
+    def test_paths_check_no_access(self) -> None:
+        Path(self.dirs.data_dir).chmod(0o000)
+        Path(self.dirs.media_dir).chmod(0o000)
+        Path(self.dirs.consumption_dir).chmod(0o000)
+
+        self.addCleanup(os.chmod, self.dirs.data_dir, 0o777)
+        self.addCleanup(os.chmod, self.dirs.media_dir, 0o777)
+        self.addCleanup(os.chmod, self.dirs.consumption_dir, 0o777)
 
         msgs = paths_check(None)
+        self.assertEqual(len(msgs), 3)
 
-        assert len(msgs) == 3, str(msgs)
         for msg in msgs:
-            assert msg.msg.endswith("is set but doesn't exist.")
+            self.assertTrue(msg.msg.endswith("is not writeable"))
 
-    def test_paths_check_no_access(self, directories: PaperlessTestDirs) -> None:
-        directories.data_dir.chmod(0o000)
-        directories.media_dir.chmod(0o000)
-        directories.consumption_dir.chmod(0o000)
+    @override_settings(DEBUG=False)
+    def test_debug_disabled(self) -> None:
+        self.assertEqual(debug_mode_check(None), [])
 
-        try:
-            msgs = paths_check(None)
-        finally:
-            directories.data_dir.chmod(0o777)
-            directories.media_dir.chmod(0o777)
-            directories.consumption_dir.chmod(0o777)
-
-        assert len(msgs) == 3
-        for msg in msgs:
-            assert msg.msg.endswith("is not writeable")
-
-    def test_debug_disabled(self, settings: SettingsWrapper) -> None:
-        settings.DEBUG = False
-        assert debug_mode_check(None) == []
-
-    def test_debug_enabled(self, settings: SettingsWrapper) -> None:
-        settings.DEBUG = True
-        assert len(debug_mode_check(None)) == 1
+    @override_settings(DEBUG=True)
+    def test_debug_enabled(self) -> None:
+        self.assertEqual(len(debug_mode_check(None)), 1)
 
 
-class TestSettingsChecksAgainstDefaults:
+class TestSettingsChecksAgainstDefaults(DirectoriesMixin, TestCase):
     def test_all_valid(self) -> None:
         """
         GIVEN:
@@ -107,71 +78,104 @@ class TestSettingsChecksAgainstDefaults:
             - No system check errors reported
         """
         msgs = settings_values_check(None)
-        assert len(msgs) == 0
+        self.assertEqual(len(msgs), 0)
 
 
-class TestOcrSettingsChecks:
-    @pytest.mark.parametrize(
-        ("setting", "value", "expected_msg"),
-        [
-            pytest.param(
-                "OCR_OUTPUT_TYPE",
-                "notapdf",
-                'OCR output type "notapdf"',
-                id="invalid-output-type",
-            ),
-            pytest.param(
-                "OCR_MODE",
-                "makeitso",
-                'OCR output mode "makeitso"',
-                id="invalid-mode",
-            ),
-            pytest.param(
-                "OCR_MODE",
-                "skip_noarchive",
-                "deprecated",
-                id="deprecated-mode",
-            ),
-            pytest.param(
-                "OCR_SKIP_ARCHIVE_FILE",
-                "invalid",
-                'OCR_SKIP_ARCHIVE_FILE setting "invalid"',
-                id="invalid-skip-archive-file",
-            ),
-            pytest.param(
-                "OCR_CLEAN",
-                "cleanme",
-                'OCR clean mode "cleanme"',
-                id="invalid-clean",
-            ),
-        ],
-    )
-    def test_invalid_setting_produces_one_error(
-        self,
-        settings: SettingsWrapper,
-        setting: str,
-        value: str,
-        expected_msg: str,
-    ) -> None:
+class TestOcrSettingsChecks(DirectoriesMixin, TestCase):
+    @override_settings(OCR_OUTPUT_TYPE="notapdf")
+    def test_invalid_output_type(self) -> None:
         """
         GIVEN:
             - Default settings
-            - One OCR setting is set to an invalid value
+            - OCR output type is invalid
         WHEN:
             - Settings are validated
         THEN:
-            - Exactly one system check error is reported containing the expected message
+            - system check error reported for OCR output type
         """
-        setattr(settings, setting, value)
-
         msgs = settings_values_check(None)
+        self.assertEqual(len(msgs), 1)
 
-        assert len(msgs) == 1
-        assert expected_msg in msgs[0].msg
+        msg = msgs[0]
+
+        self.assertIn('OCR output type "notapdf"', msg.msg)
+
+    @override_settings(OCR_MODE="makeitso")
+    def test_invalid_ocr_type(self) -> None:
+        """
+        GIVEN:
+            - Default settings
+            - OCR type is invalid
+        WHEN:
+            - Settings are validated
+        THEN:
+            - system check error reported for OCR type
+        """
+        msgs = settings_values_check(None)
+        self.assertEqual(len(msgs), 1)
+
+        msg = msgs[0]
+
+        self.assertIn('OCR output mode "makeitso"', msg.msg)
+
+    @override_settings(OCR_MODE="skip_noarchive")
+    def test_deprecated_ocr_type(self) -> None:
+        """
+        GIVEN:
+            - Default settings
+            - OCR type is deprecated
+        WHEN:
+            - Settings are validated
+        THEN:
+            - deprecation warning reported for OCR type
+        """
+        msgs = settings_values_check(None)
+        self.assertEqual(len(msgs), 1)
+
+        msg = msgs[0]
+
+        self.assertIn("deprecated", msg.msg)
+
+    @override_settings(OCR_SKIP_ARCHIVE_FILE="invalid")
+    def test_invalid_ocr_skip_archive_file(self) -> None:
+        """
+        GIVEN:
+            - Default settings
+            - OCR_SKIP_ARCHIVE_FILE is invalid
+        WHEN:
+            - Settings are validated
+        THEN:
+            - system check error reported for OCR_SKIP_ARCHIVE_FILE
+        """
+        msgs = settings_values_check(None)
+        self.assertEqual(len(msgs), 1)
+
+        msg = msgs[0]
+
+        self.assertIn('OCR_SKIP_ARCHIVE_FILE setting "invalid"', msg.msg)
+
+    @override_settings(OCR_CLEAN="cleanme")
+    def test_invalid_ocr_clean(self) -> None:
+        """
+        GIVEN:
+            - Default settings
+            - OCR cleaning type is invalid
+        WHEN:
+            - Settings are validated
+        THEN:
+            - system check error reported for OCR cleaning type
+        """
+        msgs = settings_values_check(None)
+        self.assertEqual(len(msgs), 1)
+
+        msg = msgs[0]
+
+        self.assertIn('OCR clean mode "cleanme"', msg.msg)
 
 
-class TestTimezoneSettingsChecks:
-    def test_invalid_timezone(self, settings: SettingsWrapper) -> None:
+class TestTimezoneSettingsChecks(DirectoriesMixin, TestCase):
+    @override_settings(TIME_ZONE="TheMoon\\MyCrater")
+    def test_invalid_timezone(self) -> None:
         """
         GIVEN:
             - Default settings
@@ -181,16 +185,17 @@ class TestTimezoneSettingsChecks:
         THEN:
             - system check error reported for timezone
         """
-        settings.TIME_ZONE = "TheMoon\\MyCrater"
-
         msgs = settings_values_check(None)
+        self.assertEqual(len(msgs), 1)
 
-        assert len(msgs) == 1
-        assert 'Timezone "TheMoon\\MyCrater"' in msgs[0].msg
+        msg = msgs[0]
+
+        self.assertIn('Timezone "TheMoon\\MyCrater"', msg.msg)
 
 
-class TestEmailCertSettingsChecks:
-    def test_not_valid_file(self, settings: SettingsWrapper) -> None:
+class TestEmailCertSettingsChecks(DirectoriesMixin, FileSystemAssertsMixin, TestCase):
+    @override_settings(EMAIL_CERTIFICATE_FILE=Path("/tmp/not_actually_here.pem"))
+    def test_not_valid_file(self) -> None:
         """
         GIVEN:
             - Default settings
@@ -200,22 +205,19 @@ class TestEmailCertSettingsChecks:
         THEN:
             - system check error reported for email certificate
         """
-        cert_path = Path("/tmp/not_actually_here.pem")
-        assert not cert_path.is_file()
-        settings.EMAIL_CERTIFICATE_FILE = cert_path
+        self.assertIsNotFile("/tmp/not_actually_here.pem")
 
         msgs = settings_values_check(None)
 
-        assert len(msgs) == 1
-        assert "Email cert /tmp/not_actually_here.pem is not a file" in msgs[0].msg
+        self.assertEqual(len(msgs), 1)
+
+        msg = msgs[0]
+
+        self.assertIn("Email cert /tmp/not_actually_here.pem is not a file", msg.msg)
 
 
-class TestAuditLogChecks:
-    def test_was_enabled_once(
-        self,
-        settings: SettingsWrapper,
-        mocker: MockerFixture,
-    ) -> None:
+class TestAuditLogChecks(TestCase):
+    def test_was_enabled_once(self) -> None:
         """
         GIVEN:
             - Audit log is not enabled
@@ -224,18 +226,23 @@ class TestAuditLogChecks:
         THEN:
             - system check error reported for disabling audit log
         """
-        settings.AUDIT_LOG_ENABLED = False
-        introspect_mock = mocker.MagicMock()
+        introspect_mock = mock.MagicMock()
         introspect_mock.introspection.table_names.return_value = ["auditlog_logentry"]
-        mocker.patch.dict(
-            "paperless.checks.connections",
-            {"default": introspect_mock},
-        )
+        with override_settings(AUDIT_LOG_ENABLED=False):
+            with mock.patch.dict(
+                "paperless.checks.connections",
+                {"default": introspect_mock},
+            ):
+                msgs = audit_log_check(None)
 
-        msgs = audit_log_check(None)
+                self.assertEqual(len(msgs), 1)
 
-        assert len(msgs) == 1
-        assert "auditlog table was found but audit log is disabled." in msgs[0].msg
+                msg = msgs[0]
+
+                self.assertIn(
+                    ("auditlog table was found but audit log is disabled."),
+                    msg.msg,
+                )
 
 
 DEPRECATED_VARS: dict[str, str] = {
@@ -264,16 +271,20 @@ class TestDeprecatedDbSettings:
     @pytest.mark.parametrize(
         ("env_var", "db_option_key"),
         [
-            pytest.param("PAPERLESS_DB_TIMEOUT", "timeout", id="db-timeout"),
-            pytest.param(
-                "PAPERLESS_DB_POOLSIZE",
-                "pool.min_size / pool.max_size",
-                id="db-poolsize",
-            ),
-            pytest.param("PAPERLESS_DBSSLMODE", "sslmode", id="ssl-mode"),
-            pytest.param("PAPERLESS_DBSSLROOTCERT", "sslrootcert", id="ssl-rootcert"),
-            pytest.param("PAPERLESS_DBSSLCERT", "sslcert", id="ssl-cert"),
-            pytest.param("PAPERLESS_DBSSLKEY", "sslkey", id="ssl-key"),
+            ("PAPERLESS_DB_TIMEOUT", "timeout"),
+            ("PAPERLESS_DB_POOLSIZE", "pool.min_size / pool.max_size"),
+            ("PAPERLESS_DBSSLMODE", "sslmode"),
+            ("PAPERLESS_DBSSLROOTCERT", "sslrootcert"),
+            ("PAPERLESS_DBSSLCERT", "sslcert"),
+            ("PAPERLESS_DBSSLKEY", "sslkey"),
+        ],
+        ids=[
+            "db-timeout",
+            "db-poolsize",
+            "ssl-mode",
+            "ssl-rootcert",
+            "ssl-cert",
+            "ssl-key",
         ],
     )
     def test_single_deprecated_var_produces_one_warning(
@@ -392,10 +403,7 @@ class TestV3MinimumUpgradeVersionCheck:
     """Test suite for check_v3_minimum_upgrade_version system check."""
 
     @pytest.fixture
-    def build_conn_mock(
-        self,
-        mocker: MockerFixture,
-    ) -> Callable[[list[str], list[str]], mock.MagicMock]:
+    def build_conn_mock(self, mocker: MockerFixture):
         """Factory fixture that builds a connections['default'] mock.
 
         Usage::
@@ -415,7 +423,7 @@ class TestV3MinimumUpgradeVersionCheck:
     def test_no_migrations_table_fresh_install(
         self,
         mocker: MockerFixture,
-        build_conn_mock: Callable[[list[str], list[str]], mock.MagicMock],
+        build_conn_mock,
     ) -> None:
         """
         GIVEN:
@@ -434,7 +442,7 @@ class TestV3MinimumUpgradeVersionCheck:
     def test_no_documents_migrations_fresh_install(
         self,
         mocker: MockerFixture,
-        build_conn_mock: Callable[[list[str], list[str]], mock.MagicMock],
+        build_conn_mock,
     ) -> None:
         """
         GIVEN:
@@ -453,7 +461,7 @@ class TestV3MinimumUpgradeVersionCheck:
     def test_v3_state_with_0001_squashed(
         self,
         mocker: MockerFixture,
-        build_conn_mock: Callable[[list[str], list[str]], mock.MagicMock],
+        build_conn_mock,
     ) -> None:
         """
         GIVEN:
@@ -477,7 +485,7 @@ class TestV3MinimumUpgradeVersionCheck:
     def test_v3_state_with_0002_squashed_only(
         self,
         mocker: MockerFixture,
-        build_conn_mock: Callable[[list[str], list[str]], mock.MagicMock],
+        build_conn_mock,
     ) -> None:
         """
         GIVEN:
@@ -496,7 +504,7 @@ class TestV3MinimumUpgradeVersionCheck:
     def test_v2_20_9_state_ready_to_upgrade(
         self,
         mocker: MockerFixture,
-        build_conn_mock: Callable[[list[str], list[str]], mock.MagicMock],
+        build_conn_mock,
     ) -> None:
         """
         GIVEN:
@@ -523,7 +531,7 @@ class TestV3MinimumUpgradeVersionCheck:
     def test_v2_20_8_raises_error(
         self,
         mocker: MockerFixture,
-        build_conn_mock: Callable[[list[str], list[str]], mock.MagicMock],
+        build_conn_mock,
     ) -> None:
         """
         GIVEN:
@@ -550,7 +558,7 @@ class TestV3MinimumUpgradeVersionCheck:
     def test_very_old_version_raises_error(
         self,
         mocker: MockerFixture,
-        build_conn_mock: Callable[[list[str], list[str]], mock.MagicMock],
+        build_conn_mock,
     ) -> None:
         """
         GIVEN:
@@ -577,7 +585,7 @@ class TestV3MinimumUpgradeVersionCheck:
     def test_error_hint_mentions_v2_20_9(
         self,
         mocker: MockerFixture,
-        build_conn_mock: Callable[[list[str], list[str]], mock.MagicMock],
+        build_conn_mock,
     ) -> None:
         """
         GIVEN:

src/paperless/tests/test_utils.py

@@ -9,50 +9,35 @@ from paperless.utils import ocr_to_dateparser_languages
 @pytest.mark.parametrize(
     ("ocr_language", "expected"),
     [
-        pytest.param("eng", ["en"], id="single-language"),
-        pytest.param("fra+ita+lao", ["fr", "it", "lo"], id="multiple-languages"),
-        pytest.param("fil", ["fil"], id="no-two-letter-equivalent"),
-        pytest.param(
-            "aze_cyrl+srp_latn",
-            ["az-Cyrl", "sr-Latn"],
-            id="script-supported-by-dateparser",
-        ),
-        pytest.param(
-            "deu_frak",
-            ["de"],
-            id="script-not-supported-falls-back-to-language",
-        ),
-        pytest.param(
-            "chi_tra+chi_sim",
-            ["zh"],
-            id="chinese-variants-collapse-to-general",
-        ),
-        pytest.param(
-            "eng+unsupported_language+por",
-            ["en", "pt"],
-            id="unsupported-language-skipped",
-        ),
-        pytest.param(
-            "unsupported1+unsupported2",
-            [],
-            id="all-unsupported-returns-empty",
-        ),
-        pytest.param("eng+eng", ["en"], id="duplicates-deduplicated"),
-        pytest.param(
-            "ita_unknownscript",
-            ["it"],
-            id="unknown-script-falls-back-to-language",
-        ),
+        # One language
+        ("eng", ["en"]),
+        # Multiple languages
+        ("fra+ita+lao", ["fr", "it", "lo"]),
+        # Languages that don't have a two-letter equivalent
+        ("fil", ["fil"]),
+        # Languages with a script part supported by dateparser
+        ("aze_cyrl+srp_latn", ["az-Cyrl", "sr-Latn"]),
+        # Languages with a script part not supported by dateparser
+        # In this case, default to the language without script
+        ("deu_frak", ["de"]),
+        # Traditional and simplified chinese don't have the same name in dateparser,
+        # so they're converted to the general chinese language
+        ("chi_tra+chi_sim", ["zh"]),
+        # If a language is not supported by dateparser, fallback to the supported ones
+        ("eng+unsupported_language+por", ["en", "pt"]),
+        # If no language is supported, fallback to default
+        ("unsupported1+unsupported2", []),
+        # Duplicate languages, should not duplicate in result
+        ("eng+eng", ["en"]),
+        # Language with script, but script is not mapped
+        ("ita_unknownscript", ["it"]),
     ],
 )
-def test_ocr_to_dateparser_languages(ocr_language: str, expected: list[str]) -> None:
+def test_ocr_to_dateparser_languages(ocr_language, expected):
     assert sorted(ocr_to_dateparser_languages(ocr_language)) == sorted(expected)
 
 
-def test_ocr_to_dateparser_languages_exception(
-    monkeypatch: pytest.MonkeyPatch,
-    caplog: pytest.LogCaptureFixture,
-) -> None:
+def test_ocr_to_dateparser_languages_exception(monkeypatch, caplog):
     # Patch LocaleDataLoader.get_locale_map to raise an exception
     class DummyLoader:
         def get_locale_map(self, locales=None):

src/paperless/tests/test_views.py

@@ -1,31 +1,24 @@
+import tempfile
 from pathlib import Path
 
-from django.test import Client
-from pytest_django.fixtures import SettingsWrapper
+from django.test import override_settings
 
 
-def test_favicon_view(
-    client: Client,
-    tmp_path: Path,
-    settings: SettingsWrapper,
-) -> None:
-    favicon_path = tmp_path / "paperless" / "img" / "favicon.ico"
-    favicon_path.parent.mkdir(parents=True)
-    favicon_path.write_bytes(b"FAKE ICON DATA")
+def test_favicon_view(client):
+    with tempfile.TemporaryDirectory() as tmpdir:
+        static_dir = Path(tmpdir)
+        favicon_path = static_dir / "paperless" / "img" / "favicon.ico"
+        favicon_path.parent.mkdir(parents=True, exist_ok=True)
+        favicon_path.write_bytes(b"FAKE ICON DATA")
 
-    settings.STATIC_ROOT = tmp_path
-
-    response = client.get("/favicon.ico")
-    assert response.status_code == 200
-    assert response["Content-Type"] == "image/x-icon"
-    assert b"".join(response.streaming_content) == b"FAKE ICON DATA"
+        with override_settings(STATIC_ROOT=static_dir):
+            response = client.get("/favicon.ico")
+            assert response.status_code == 200
+            assert response["Content-Type"] == "image/x-icon"
+            assert b"".join(response.streaming_content) == b"FAKE ICON DATA"
 
 
-def test_favicon_view_missing_file(
-    client: Client,
-    tmp_path: Path,
-    settings: SettingsWrapper,
-) -> None:
-    settings.STATIC_ROOT = tmp_path
-    response = client.get("/favicon.ico")
-    assert response.status_code == 404
+def test_favicon_view_missing_file(client):
+    with override_settings(STATIC_ROOT=Path(tempfile.mkdtemp())):
+        response = client.get("/favicon.ico")
+        assert response.status_code == 404

uv.lock

@@ -1748,73 +1748,6 @@ wheels = [
     { url = "https://files.pythonhosted.org/packages/0e/61/66938bbb5fc52dbdf84594873d5b51fb1f7c7794e9c0f5bd885f30bc507b/idna-3.11-py3-none-any.whl", hash = "sha256:771a87f49d9defaf64091e6e6fe9c18d4833f140bd19464795bc32d966ca37ea", size = 71008, upload-time = "2025-10-12T14:55:18.883Z" },
 ]
 
-[[package]]
-name = "ijson"
-version = "3.5.0"
-source = { registry = "https://pypi.org/simple" }
-sdist = { url = "https://files.pythonhosted.org/packages/f4/57/60d1a6a512f2f0508d0bc8b4f1cc5616fd3196619b66bd6a01f9155a1292/ijson-3.5.0.tar.gz", hash = "sha256:94688760720e3f5212731b3cb8d30267f9a045fb38fb3870254e7b9504246f31", size = 68658, upload-time = "2026-02-24T03:58:30.974Z" }
-wheels = [
-    { url = "https://files.pythonhosted.org/packages/65/da/644343198abca5e0f6e2486063f8d8f3c443ca0ef5e5c890e51ef6032e33/ijson-3.5.0-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:5616311404b858d32740b7ad8b9a799c62165f5ecb85d0a8ed16c21665a90533", size = 88964, upload-time = "2026-02-24T03:56:53.099Z" },
-    { url = "https://files.pythonhosted.org/packages/5b/63/8621190aa2baf96156dfd4c632b6aa9f1464411e50b98750c09acc0505ea/ijson-3.5.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:e9733f94029dd41702d573ef64752e2556e72aea14623d6dbb7a44ca1ccf30fd", size = 60582, upload-time = "2026-02-24T03:56:54.261Z" },
-    { url = "https://files.pythonhosted.org/packages/20/31/6a3f041fdd17dacff33b7d7d3ba3df6dca48740108340c6042f974b2ad20/ijson-3.5.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:db8398c6721b98412a4f618da8022550c8b9c5d9214040646071b5deb4d4a393", size = 60632, upload-time = "2026-02-24T03:56:55.159Z" },
-    { url = "https://files.pythonhosted.org/packages/e4/68/474541998abbdecfd46a744536878335de89aceb9f085bff1aaf35575ceb/ijson-3.5.0-cp311-cp311-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:c061314845c08163b1784b6076ea5f075372461a32e6916f4e5f211fd4130b64", size = 131988, upload-time = "2026-02-24T03:56:56.35Z" },
-    { url = "https://files.pythonhosted.org/packages/cd/32/e05ff8b72a44fe9d192f41c5dcbc35cfa87efc280cdbfe539ffaf4a7535e/ijson-3.5.0-cp311-cp311-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:1111a1c5ac79119c5d6e836f900c1a53844b50a18af38311baa6bb61e2645aca", size = 138669, upload-time = "2026-02-24T03:56:57.555Z" },
-    { url = "https://files.pythonhosted.org/packages/49/b5/955a83b031102c7a602e2c06d03aff0a0e584212f09edb94ccc754d203ac/ijson-3.5.0-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:1e74aff8c681c24002b61b1822f9511d4c384f324f7dbc08c78538e01fdc9fcb", size = 135093, upload-time = "2026-02-24T03:56:59.267Z" },
-    { url = "https://files.pythonhosted.org/packages/e8/f2/30250cfcb4d2766669b31f6732689aab2bb91de426a15a3ebe482df7ee48/ijson-3.5.0-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:739a7229b1b0cc5f7e2785a6e7a5fc915e850d3fed9588d0e89a09f88a417253", size = 138715, upload-time = "2026-02-24T03:57:00.491Z" },
-    { url = "https://files.pythonhosted.org/packages/a2/05/785a145d7e75e04e04480d59b6323cd4b1d9013a6cd8643fa635fbc93490/ijson-3.5.0-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:ef88712160360cab3ca6471a4e5418243f8b267cf1fe1620879d1b5558babc71", size = 133194, upload-time = "2026-02-24T03:57:01.759Z" },
-    { url = "https://files.pythonhosted.org/packages/14/eb/80d6f8a748dead4034cea0939494a67d10ccf88d6413bf6e860393139676/ijson-3.5.0-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:6ca0d1b6b5f8166a6248f4309497585fb8553b04bc8179a0260fad636cfdb798", size = 135588, upload-time = "2026-02-24T03:57:03.131Z" },
-    { url = "https://files.pythonhosted.org/packages/aa/17/9c63c7688025f3a8c47ea717b8306649c8c7244e49e20a2be4e3515dc75c/ijson-3.5.0-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:1ebefbe149a6106cc848a3eaf536af51a9b5ccc9082de801389f152dba6ab755", size = 88536, upload-time = "2026-02-24T03:57:06.809Z" },
-    { url = "https://files.pythonhosted.org/packages/6f/dd/e15c2400244c117b06585452ebc63ae254f5a6964f712306afd1422daae0/ijson-3.5.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:19e30d9f00f82e64de689c0b8651b9cfed879c184b139d7e1ea5030cec401c21", size = 60499, upload-time = "2026-02-24T03:57:09.155Z" },
-    { url = "https://files.pythonhosted.org/packages/77/a9/bf4fe3538a0c965f16b406f180a06105b875da83f0743e36246be64ef550/ijson-3.5.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:a04a33ee78a6f27b9b8528c1ca3c207b1df3b8b867a4cf2fcc4109986f35c227", size = 60330, upload-time = "2026-02-24T03:57:10.574Z" },
-    { url = "https://files.pythonhosted.org/packages/31/76/6f91bdb019dd978fce1bc5ea1cd620cfc096d258126c91db2c03a20a7f34/ijson-3.5.0-cp312-cp312-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:7d48dc2984af02eb3c56edfb3f13b3f62f2f3e4fe36f058c8cfc75d93adf4fed", size = 138977, upload-time = "2026-02-24T03:57:11.932Z" },
-    { url = "https://files.pythonhosted.org/packages/11/be/bbc983059e48a54b0121ee60042979faed7674490bbe7b2c41560db3f436/ijson-3.5.0-cp312-cp312-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:f1e73a44844d9adbca9cf2c4132cd875933e83f3d4b23881fcaf82be83644c7d", size = 149785, upload-time = "2026-02-24T03:57:13.255Z" },
-    { url = "https://files.pythonhosted.org/packages/6d/81/2fee58f9024a3449aee83edfa7167fb5ccd7e1af2557300e28531bb68e16/ijson-3.5.0-cp312-cp312-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:7389a56b8562a19948bdf1d7bae3a2edc8c7f86fb59834dcb1c4c722818e645a", size = 149729, upload-time = "2026-02-24T03:57:14.191Z" },
-    { url = "https://files.pythonhosted.org/packages/c7/56/f1706761fcc096c9d414b3dcd000b1e6e5c24364c21cfba429837f98ee8d/ijson-3.5.0-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:3176f23f8ebec83f374ed0c3b4e5a0c4db7ede54c005864efebbed46da123608", size = 150697, upload-time = "2026-02-24T03:57:15.855Z" },
-    { url = "https://files.pythonhosted.org/packages/d9/6e/ee0d9c875a0193b632b3e9ccd1b22a50685fb510256ad57ba483b6529f77/ijson-3.5.0-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:6babd88e508630c6ef86c9bebaaf13bb2fb8ec1d8f8868773a03c20253f599bc", size = 142873, upload-time = "2026-02-24T03:57:16.831Z" },
-    { url = "https://files.pythonhosted.org/packages/d2/bf/f9d4399d0e6e3fd615035290a71e97c843f17f329b43638c0a01cf112d73/ijson-3.5.0-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:dc1b3836b174b6db2fa8319f1926fb5445abd195dc963368092103f8579cb8ed", size = 151583, upload-time = "2026-02-24T03:57:17.757Z" },
-    { url = "https://files.pythonhosted.org/packages/a2/71/d67e764a712c3590627480643a3b51efcc3afa4ef3cb54ee4c989073c97e/ijson-3.5.0-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:e9cedc10e40dd6023c351ed8bfc7dcfce58204f15c321c3c1546b9c7b12562a4", size = 88544, upload-time = "2026-02-24T03:57:21.293Z" },
-    { url = "https://files.pythonhosted.org/packages/1a/39/f1c299371686153fa3cf5c0736b96247a87a1bee1b7145e6d21f359c505a/ijson-3.5.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:3647649f782ee06c97490b43680371186651f3f69bebe64c6083ee7615d185e5", size = 60495, upload-time = "2026-02-24T03:57:22.501Z" },
-    { url = "https://files.pythonhosted.org/packages/16/94/b1438e204d75e01541bebe3e668fe3e68612d210e9931ae1611062dd0a56/ijson-3.5.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:90e74be1dce05fce73451c62d1118671f78f47c9f6be3991c82b91063bf01fc9", size = 60325, upload-time = "2026-02-24T03:57:23.332Z" },
-    { url = "https://files.pythonhosted.org/packages/30/e2/4aa9c116fa86cc8b0f574f3c3a47409edc1cd4face05d0e589a5a176b05d/ijson-3.5.0-cp313-cp313-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:78e9ad73e7be2dd80627504bd5cbf512348c55ce2c06e362ed7683b5220e8568", size = 138774, upload-time = "2026-02-24T03:57:24.683Z" },
-    { url = "https://files.pythonhosted.org/packages/d2/d2/738b88752a70c3be1505faa4dcd7110668c2712e582a6a36488ed1e295d4/ijson-3.5.0-cp313-cp313-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:9577449313cc94be89a4fe4b3e716c65f09cc19636d5a6b2861c4e80dddebd58", size = 149820, upload-time = "2026-02-24T03:57:26.062Z" },
-    { url = "https://files.pythonhosted.org/packages/ed/df/0b3ab9f393ca8f72ea03bc896ba9fdc987e90ae08cdb51c32a4ee0c14d5e/ijson-3.5.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:3e4c1178fb50aff5f5701a30a5152ead82a14e189ce0f6102fa1b5f10b2f54ff", size = 149747, upload-time = "2026-02-24T03:57:27.308Z" },
-    { url = "https://files.pythonhosted.org/packages/cc/a3/b0037119f75131b78cb00acc2657b1a9d0435475f1f2c5f8f5a170b66b9c/ijson-3.5.0-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:0eb402ab026ffb37a918d75af2b7260fe6cfbce13232cc83728a714dd30bd81d", size = 151027, upload-time = "2026-02-24T03:57:28.522Z" },
-    { url = "https://files.pythonhosted.org/packages/22/a0/cb344de1862bf09d8f769c9d25c944078c87dd59a1b496feec5ad96309a4/ijson-3.5.0-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:5b08ee08355f9f729612a8eb9bf69cc14f9310c3b2a487c6f1c3c65d85216ec4", size = 142996, upload-time = "2026-02-24T03:57:29.774Z" },
-    { url = "https://files.pythonhosted.org/packages/ca/32/a8ffd67182e02ea61f70f62daf43ded4fa8a830a2520a851d2782460aba8/ijson-3.5.0-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:bda62b6d48442903e7bf56152108afb7f0f1293c2b9bef2f2c369defea76ab18", size = 152068, upload-time = "2026-02-24T03:57:30.969Z" },
-    { url = "https://files.pythonhosted.org/packages/42/65/13e2492d17e19a2084523e18716dc2809159f2287fd2700c735f311e76c4/ijson-3.5.0-cp313-cp313t-macosx_10_13_universal2.whl", hash = "sha256:4d4b0cd676b8c842f7648c1a783448fac5cd3b98289abd83711b3e275e143524", size = 93019, upload-time = "2026-02-24T03:57:33.976Z" },
-    { url = "https://files.pythonhosted.org/packages/33/92/483fc97ece0c3f1cecabf48f6a7a36e89d19369eec462faaeaa34c788992/ijson-3.5.0-cp313-cp313t-macosx_10_13_x86_64.whl", hash = "sha256:252dec3680a48bb82d475e36b4ae1b3a9d7eb690b951bb98a76c5fe519e30188", size = 62714, upload-time = "2026-02-24T03:57:34.819Z" },
-    { url = "https://files.pythonhosted.org/packages/4b/88/793fe020a0fe9d9eed4c285cf4a5cfdb0a935708b3bde0d72f35c794b513/ijson-3.5.0-cp313-cp313t-macosx_11_0_arm64.whl", hash = "sha256:aa1b5dca97d323931fde2501172337384c958914d81a9dac7f00f0d4bfc76bc7", size = 62460, upload-time = "2026-02-24T03:57:35.874Z" },
-    { url = "https://files.pythonhosted.org/packages/51/69/f1a2690aa8d4df1f4e262b385e65a933ffdc250b091531bac9a449c19e16/ijson-3.5.0-cp313-cp313t-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:7a5ec7fd86d606094bba6f6f8f87494897102fa4584ef653f3005c51a784c320", size = 199273, upload-time = "2026-02-24T03:57:37.07Z" },
-    { url = "https://files.pythonhosted.org/packages/ea/a2/f1346d5299e79b988ab472dc773d5381ec2d57c23cb2f1af3ede4a810e62/ijson-3.5.0-cp313-cp313t-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:009f41443e1521847701c6d87fa3923c0b1961be3c7e7de90947c8cb92ea7c44", size = 216884, upload-time = "2026-02-24T03:57:38.346Z" },
-    { url = "https://files.pythonhosted.org/packages/28/3c/8b637e869be87799e6c2c3c275a30a546f086b1aed77e2b7f11512168c5a/ijson-3.5.0-cp313-cp313t-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:e4c3651d1f9fe2839a93fdf8fd1d5ca3a54975349894249f3b1b572bcc4bd577", size = 207306, upload-time = "2026-02-24T03:57:39.718Z" },
-    { url = "https://files.pythonhosted.org/packages/7f/7c/18b1c1df6951ca056782d7580ec40cea4ff9a27a0947d92640d1cc8c4ae3/ijson-3.5.0-cp313-cp313t-musllinux_1_2_aarch64.whl", hash = "sha256:945b7abcfcfeae2cde17d8d900870f03536494245dda7ad4f8d056faa303256c", size = 211364, upload-time = "2026-02-24T03:57:40.953Z" },
-    { url = "https://files.pythonhosted.org/packages/f3/55/e795812e82851574a9dba8a53fde045378f531ef14110c6fb55dbd23b443/ijson-3.5.0-cp313-cp313t-musllinux_1_2_i686.whl", hash = "sha256:0574b0a841ff97495c13e9d7260fbf3d85358b061f540c52a123db9dbbaa2ed6", size = 200608, upload-time = "2026-02-24T03:57:42.272Z" },
-    { url = "https://files.pythonhosted.org/packages/5c/cd/013c85b4749b57a4cb4c2670014d1b32b8db4ab1a7be92ea7aeb5d7fe7b5/ijson-3.5.0-cp313-cp313t-musllinux_1_2_x86_64.whl", hash = "sha256:f969ffb2b89c5cdf686652d7fb66252bc72126fa54d416317411497276056a18", size = 205127, upload-time = "2026-02-24T03:57:43.286Z" },
-    { url = "https://files.pythonhosted.org/packages/7a/93/0868efe753dc1df80cc405cf0c1f2527a6991643607c741bff8dcb899b3b/ijson-3.5.0-cp314-cp314-macosx_10_15_universal2.whl", hash = "sha256:25a5a6b2045c90bb83061df27cfa43572afa43ba9408611d7bfe237c20a731a9", size = 89094, upload-time = "2026-02-24T03:57:46.115Z" },
-    { url = "https://files.pythonhosted.org/packages/24/94/fd5a832a0df52ef5e4e740f14ac8640725d61034a1b0c561e8b5fb424706/ijson-3.5.0-cp314-cp314-macosx_10_15_x86_64.whl", hash = "sha256:8976c54c0b864bc82b951bae06567566ac77ef63b90a773a69cd73aab47f4f4f", size = 60715, upload-time = "2026-02-24T03:57:47.552Z" },
-    { url = "https://files.pythonhosted.org/packages/70/79/1b9a90af5732491f9eec751ee211b86b11011e1158c555c06576d52c3919/ijson-3.5.0-cp314-cp314-macosx_11_0_arm64.whl", hash = "sha256:859eb2038f7f1b0664df4241957694cc35e6295992d71c98659b22c69b3cbc10", size = 60638, upload-time = "2026-02-24T03:57:48.428Z" },
-    { url = "https://files.pythonhosted.org/packages/23/6f/2c551ea980fe56f68710a8d5389cfbd015fc45aaafd17c3c52c346db6aa1/ijson-3.5.0-cp314-cp314-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:c911aa02991c7c0d3639b6619b93a93210ff1e7f58bf7225d613abea10adc78e", size = 140667, upload-time = "2026-02-24T03:57:49.314Z" },
-    { url = "https://files.pythonhosted.org/packages/25/0e/27b887879ba6a5bc29766e3c5af4942638c952220fd63e1e442674f7883a/ijson-3.5.0-cp314-cp314-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:903cbdc350173605220edc19796fbea9b2203c8b3951fb7335abfa8ed37afda8", size = 149850, upload-time = "2026-02-24T03:57:50.329Z" },
-    { url = "https://files.pythonhosted.org/packages/da/1e/23e10e1bc04bf31193b21e2960dce14b17dbd5d0c62204e8401c59d62c08/ijson-3.5.0-cp314-cp314-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:a4549d96ded5b8efa71639b2160235415f6bdb8c83367615e2dbabcb72755c33", size = 149206, upload-time = "2026-02-24T03:57:51.261Z" },
-    { url = "https://files.pythonhosted.org/packages/8e/90/e552f6495063b235cf7fa2c592f6597c057077195e517b842a0374fd470c/ijson-3.5.0-cp314-cp314-musllinux_1_2_aarch64.whl", hash = "sha256:6b2dcf6349e6042d83f3f8c39ce84823cf7577eba25bac5aae5e39bbbbbe9c1c", size = 150438, upload-time = "2026-02-24T03:57:52.198Z" },
-    { url = "https://files.pythonhosted.org/packages/5c/18/45bf8f297c41b42a1c231d261141097babd953d2c28a07be57ae4c3a1a02/ijson-3.5.0-cp314-cp314-musllinux_1_2_i686.whl", hash = "sha256:e44af39e6f8a17e5627dcd89715d8279bf3474153ff99aae031a936e5c5572e5", size = 144369, upload-time = "2026-02-24T03:57:53.22Z" },
-    { url = "https://files.pythonhosted.org/packages/9b/3a/deb9772bb2c0cead7ad64f00c3598eec9072bdf511818e70e2c512eeabbe/ijson-3.5.0-cp314-cp314-musllinux_1_2_x86_64.whl", hash = "sha256:9260332304b7e7828db56d43f08fc970a3ab741bf84ff10189361ea1b60c395b", size = 151352, upload-time = "2026-02-24T03:57:54.375Z" },
-    { url = "https://files.pythonhosted.org/packages/9f/d9/86f7fac35e0835faa188085ae0579e813493d5261ce056484015ad533445/ijson-3.5.0-cp314-cp314t-macosx_10_15_universal2.whl", hash = "sha256:2ea4b676ec98e374c1df400a47929859e4fa1239274339024df4716e802aa7e4", size = 93069, upload-time = "2026-02-24T03:57:57.849Z" },
-    { url = "https://files.pythonhosted.org/packages/33/d2/e7366ed9c6e60228d35baf4404bac01a126e7775ea8ce57f560125ed190a/ijson-3.5.0-cp314-cp314t-macosx_10_15_x86_64.whl", hash = "sha256:014586eec043e23c80be9a923c56c3a0920a0f1f7d17478ce7bc20ba443968ef", size = 62767, upload-time = "2026-02-24T03:57:58.758Z" },
-    { url = "https://files.pythonhosted.org/packages/35/8b/3e703e8cc4b3ada79f13b28070b51d9550c578f76d1968657905857b2ddd/ijson-3.5.0-cp314-cp314t-macosx_11_0_arm64.whl", hash = "sha256:d5b8b886b0248652d437f66e7c5ac318bbdcb2c7137a7e5327a68ca00b286f5f", size = 62467, upload-time = "2026-02-24T03:58:00.261Z" },
-    { url = "https://files.pythonhosted.org/packages/21/42/0c91af32c1ee8a957fdac2e051b5780756d05fd34e4b60d94a08d51bac1d/ijson-3.5.0-cp314-cp314t-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:498fd46ae2349297e43acf97cdc421e711dbd7198418677259393d2acdc62d78", size = 200447, upload-time = "2026-02-24T03:58:01.591Z" },
-    { url = "https://files.pythonhosted.org/packages/f9/80/796ea0e391b7e2d45c5b1b451734bba03f81c2984cf955ea5eaa6c4920ad/ijson-3.5.0-cp314-cp314t-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:22a51b4f9b81f12793731cf226266d1de2112c3c04ba4a04117ad4e466897e05", size = 217820, upload-time = "2026-02-24T03:58:02.598Z" },
-    { url = "https://files.pythonhosted.org/packages/38/14/52b6613fdda4078c62eb5b4fe3efc724ddc55a4ad524c93de51830107aa3/ijson-3.5.0-cp314-cp314t-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:9636c710dc4ac4a281baa266a64f323b4cc165cec26836af702c44328b59a515", size = 208310, upload-time = "2026-02-24T03:58:04.759Z" },
-    { url = "https://files.pythonhosted.org/packages/6a/ad/8b3105a78774fd4a65e534a21d975ef3a77e189489fe3029ebcaeba5e243/ijson-3.5.0-cp314-cp314t-musllinux_1_2_aarch64.whl", hash = "sha256:f7168a39e8211107666d71b25693fd1b2bac0b33735ef744114c403c6cac21e1", size = 211843, upload-time = "2026-02-24T03:58:05.836Z" },
-    { url = "https://files.pythonhosted.org/packages/36/ab/a2739f6072d6e1160581bc3ed32da614c8cced023dcd519d9c5fa66e0425/ijson-3.5.0-cp314-cp314t-musllinux_1_2_i686.whl", hash = "sha256:8696454245415bc617ab03b0dc3ae4c86987df5dc6a90bad378fe72c5409d89e", size = 200906, upload-time = "2026-02-24T03:58:07.788Z" },
-    { url = "https://files.pythonhosted.org/packages/6d/5e/e06c2de3c3d4a9cfb655c1ad08a68fb72838d271072cdd3196576ac4431a/ijson-3.5.0-cp314-cp314t-musllinux_1_2_x86_64.whl", hash = "sha256:c21bfb61f71f191565885bf1bc29e0a186292d866b4880637b833848360bdc1b", size = 205495, upload-time = "2026-02-24T03:58:09.163Z" },
-    { url = "https://files.pythonhosted.org/packages/d9/3b/d31ecfa63a218978617446159f3d77aab2417a5bd2885c425b176353ff78/ijson-3.5.0-pp311-pypy311_pp73-macosx_10_15_x86_64.whl", hash = "sha256:d64c624da0e9d692d6eb0ff63a79656b59d76bf80773a17c5b0f835e4e8ef627", size = 57715, upload-time = "2026-02-24T03:58:24.545Z" },
-    { url = "https://files.pythonhosted.org/packages/30/51/b170e646d378e8cccf9637c05edb5419b00c2c4df64b0258c3af5355608e/ijson-3.5.0-pp311-pypy311_pp73-macosx_11_0_arm64.whl", hash = "sha256:876f7df73b7e0d6474f9caa729b9cdbfc8e76de9075a4887dfd689e29e85c4ca", size = 57205, upload-time = "2026-02-24T03:58:25.681Z" },
-    { url = "https://files.pythonhosted.org/packages/ef/83/44dbd0231b0a8c6c14d27473d10c4e27dfbce7d5d9a833c79e3e6c33eb40/ijson-3.5.0-pp311-pypy311_pp73-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:e7dbff2c8d9027809b0cde663df44f3210da10ea377121d42896fb6ee405dd31", size = 71229, upload-time = "2026-02-24T03:58:27.103Z" },
-    { url = "https://files.pythonhosted.org/packages/c8/98/cf84048b7c6cec888826e696a31f45bee7ebcac15e532b6be1fc4c2c9608/ijson-3.5.0-pp311-pypy311_pp73-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:4217a1edc278660679e1197c83a1a2a2d367792bfbb2a3279577f4b59b93730d", size = 71217, upload-time = "2026-02-24T03:58:28.021Z" },
-    { url = "https://files.pythonhosted.org/packages/3c/0a/e34c729a87ff67dc6540f6bcc896626158e691d433ab57db0086d73decd2/ijson-3.5.0-pp311-pypy311_pp73-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:04f0fc740311388ee745ba55a12292b722d6f52000b11acbb913982ba5fbdf87", size = 68618, upload-time = "2026-02-24T03:58:28.918Z" },
-]
-
 [[package]]
 name = "imagehash"
 version = "4.3.2"
@@ -2818,7 +2751,6 @@ dependencies = [
     { name = "flower", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
     { name = "gotenberg-client", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
     { name = "httpx-oauth", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
-    { name = "ijson", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
     { name = "imap-tools", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
     { name = "jinja2", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
     { name = "langdetect", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
@@ -2843,6 +2775,7 @@ dependencies = [
     { name = "regex", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
     { name = "scikit-learn", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
     { name = "sentence-transformers", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
+    { name = "servestatic", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
     { name = "setproctitle", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
     { name = "tika-client", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
     { name = "torch", version = "2.10.0", source = { registry = "https://download.pytorch.org/whl/cpu" }, marker = "sys_platform == 'darwin'" },
@@ -2966,7 +2899,6 @@ requires-dist = [
     { name = "gotenberg-client", specifier = "~=0.13.1" },
     { name = "granian", extras = ["uvloop"], marker = "extra == 'webserver'", specifier = "~=2.7.0" },
     { name = "httpx-oauth", specifier = "~=0.16" },
-    { name = "ijson", specifier = ">=3.2" },
     { name = "imap-tools", specifier = "~=1.11.0" },
     { name = "jinja2", specifier = "~=3.1.5" },
     { name = "langdetect", specifier = "~=1.0.9" },
@@ -2997,6 +2929,7 @@ requires-dist = [
     { name = "regex", specifier = ">=2025.9.18" },
     { name = "scikit-learn", specifier = "~=1.7.0" },
     { name = "sentence-transformers", specifier = ">=4.1" },
+    { name = "servestatic", specifier = ">=4.0.0" },
     { name = "setproctitle", specifier = "~=1.3.4" },
     { name = "tika-client", specifier = "~=0.10.0" },
     { name = "torch", specifier = "~=2.10.0", index = "https://download.pytorch.org/whl/cpu" },
@@ -4394,6 +4327,18 @@ wheels = [
     { url = "https://files.pythonhosted.org/packages/46/9f/dba4b3e18ebbe1eaa29d9f1764fbc7da0cd91937b83f2b7928d15c5d2d36/sentence_transformers-5.2.3-py3-none-any.whl", hash = "sha256:6437c62d4112b615ddebda362dfc16a4308d604c5b68125ed586e3e95d5b2e30", size = 494225, upload-time = "2026-02-17T14:05:18.596Z" },
 ]
 
+[[package]]
+name = "servestatic"
+version = "4.0.0"
+source = { registry = "https://pypi.org/simple" }
+dependencies = [
+    { name = "asgiref", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" },
+]
+sdist = { url = "https://files.pythonhosted.org/packages/6b/e6/cba9e145d41408d67e73eacdd3dc606317132c66bc536eb336bb3aea504d/servestatic-4.0.0.tar.gz", hash = "sha256:212b80d4b0d07b2ab10e2e4419ed984f5e6ec2fee61b64e9ed1d7740b3c367a5", size = 27495, upload-time = "2026-03-06T00:08:36.51Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/3f/37/b9a329c6fb8c77c7ff8b3119b64fcd8ee91a668fd66b24d4924ed84386d0/servestatic-4.0.0-py3-none-any.whl", hash = "sha256:78756de57908f75a08e5838306f515924c4257434bc72596b8a5c95bc7396b2b", size = 32498, upload-time = "2026-03-06T00:08:35.419Z" },
+]
+
 [[package]]
 name = "service-identity"
 version = "24.2.0"