Django-polaris

**Features**

- Full SEP-31 support. See the [documentation](https://django-polaris.readthedocs.io/en/stable/sep31/index.html) on the integration constructs provided
- Updates to SEP-12. (See [588](https://github.com/stellar/stellar-protocol/pull/588), [#653](https://github.com/stellar/stellar-protocol/pull/653), [#669](https://github.com/stellar/stellar-protocol/pull/669), [#674](https://github.com/stellar/stellar-protocol/pull/674), and [#681](https://github.com/stellar/stellar-protocol/pull/681))

**Breaking Changes**

- Moved `DepositIntegration.poll_pending_deposits()` to `RailsIntegration.poll_pending_deposits()`
- Replaced `WithdrawalIntegration.process_withdrawal()` with `RailsIntegration.execute_outgoing_transaction()`
- SEP-6 and 24 transactions uses this function now instead of `process_withdrawal`
- Polaris no longer calls the `registered_fee_function` except when requests to `/fee` are made.
- _The anchor is now responsible for calculating the fee in `poll_pending_deposits()` and `execute_outgoing_transaction()`_
- Removed `Transaction.external_extra`
- Removed `Transaction.external_extra_text`

**DB Migrations**

Added SEP-31 columns:

- `Asset.sep31_enabled`: a boolean for whether the asset can be received via SEP-31
- `Asset.send_fee_percent`: the 0-100 percentage value for fees on a transaction
- `Asset.send_fee_fixed`: the fixed fee charged per transaction
- `Asset.send_min_amount`: the minimum amount the anchor accepts in a transaction
- `Asset.send_max_amount`: the maximum amount the anchor accepts in a transaction
- `Transaction.required_info_update`: a text field for describing required updates to the transaction
- `Transaction.required_info_message`: a text field for a human-readable message about updates to the transaction
- `Transaction.send_memo`: the memo used when making the Stellar payment to the receiving anchor
- `Transaction.send_memo_type`: the memo type of the memo used
- `Transaction.send_anchor_account`: the anchor's Stellar address for receiving payments

**Bug Fixes**

- Fixed Polaris' `validate_language()` function to only allow supported languages
- prior to this release Polaris would not automatically return 400 for requests in languages not supported by the anchor

0.11.0 and 0.11.1 releases will be removed from PyPI, since they contain the bugs documented below.

**Features**
- Added endpoint and integrations for SEP-12's new `GET /customer` endpoint

**Dependencies**
- Upgrades `stellar-sdk` from 2.4 to 2.6.1

**Breaking Changes**
- `CustomerIntegration.put` integration now must return a customer ID (string)

**Bug Fixes**
- requests to SEP-12's `DELETE /customer` endpoint no longer causes a 500 Server Error
- removes the fee & total widget on interactive flow UI pages, unless amount field is displayed

**Features**
- No longer requires HTTPS for local deployments
- No longer requires all-origin access to non-Polaris endpoints
- Displays fee amount in real time on SEP-24 transaction amount forms
- Encrypts `Asset.distribution_seed` in the database, decrypts when brought into memory

**Dependencies**
- Removes `sslserver` dependency (make sure to remove from `INSTALLED_APPS`)

**Database Migrations**
- Adds migrations to encrypt `Asset.distribution_seed` values
- Adds `Asset.symbol` for SEP-24 amount form field currency symbol

**Bug Fixes**
- No longer requires withdraw amounts sent to the anchor to match the amount specified in the SEP-24 interactive flow
- No longer returns 500 error for bad account string to SEP-10 `/auth` endpoint

**Miscellaneous**
- Removes `authentication_required` from SEP-24 `/fee` endpoint
- Creates withdrawal memo after SEP-24 interactive flow completes
- Adds `amount_out` field to more_info.html page (amount_in - fee)

**Features**
- Adds SEP-6 and 12 support
- Deploy each supported SEP (1, 6, 10, 12, 24) independently.
- For example, you could run Polaris strictly with SEP-1 and SEP-10

**Dependencies**
- Removes `django-compressor`, `django-sass-processor`, and `libsass` from requirements
- `sass_processor` should no longer be listed in `INSTALLED_APPS`
- `SASS_PROCESSOR_ROOT` and `STATICFILES_FINDERS` settings are no longer needed
- Upgrades `stellar-sdk` to 2.4.0
- This is necessary to support Protocol 13

**Breaking Changes**
- `ACTIVE_SEPS` must be present in your settings file.
- It must contain the SEPs you wish to run, ex. `["sep-1", "sep-10", "sep-24"]`
- `SIGNING_SEED` environment variable is required
- This used to default to the anchored asset's distribution account
- Custom static assets overriding static assets from Polaris must be placed under a `polaris` subdirectory within your static files directory

**Database Migrations**
- Adds `distribution_seed` column and `distribution_account` property to `Asset` model
- When running migrations, these columns will be populated from the now unused `ASSETS` environment variables, if present
- `sep24_enabled` and `sep6_enabled` columns added to `Asset` model
- All existing assets will be sep-24 enabled when running migrations
- `protocol` column added to `Transaction` model

**Miscellaneous**
- use of `ASSETS`, `*_DISTRIBUTION_ACCOUNT_SEED`, and `*_ISSUER_ACCOUNT_ADDRESS` environment variables are removed
- These have been replaced by the `distribution_seed` and `issuer` database columns
- `DEFAULT_PAGE_SIZE` setting is no longer used
- All SEP-24 endpoints have been moved under a `/sep24` argument path. This was done so they would not conflict with endpoints from SEP-6, which are under a `/sep6` path

**Breaking Changes:**
- The `"form"` key from `content_for_transaction()`'s return value must be an instance of `django.forms.Form`
- `content_for_transaction()` additionally accepts two keyword arguments, `post_data` and `amount`

These change was made so anchors could initialize their own forms. This is particularly useful for pre-populating form fields with values from [SEP-9](https://github.com/stellar/stellar-protocol/blob/master/ecosystem/sep-0009.md).

- `TransactionForm.__init__()` requires a `Transaction` instead of an `Asset`

This fixes a bug. `TransactionForm` was previously validating withdrawal amounts against deposit asset limits.

**Features**
- Adds the integration function `save_sep9_fields()` to both `DepositIntegration` and `WithdrawalIntegration` classes. This function allows anchors to store SEP-9 values passed by the wallet to the `deposit/interactive` and `withdraw/interactive` endpoints.

**DB Changes**
- `Transaction.paging_token` was added as a nullable text field

**Bug Fixes**
- `Transaction.started_at` and `Transaction.completed_at` are now recorded as datetimes in UTC.
- Previously, they were recorded in the time zone specified by the anchor using Django's `USE_TZ` and `TIME_ZONE` settings.
- The `watch_transactions` management command now streams transactions from Horizon starting from the most recently completed withdraw.
- Previously, `watch_transactions` started from `"now"`, which means the anchor could've potentially missed incoming withdrawal transactions if the process went down.
- `Transaction.stellar_transaction_id` is now saved for withdrawal transactions. Previously, it was only saved for deposit transactions.

**Miscellaneous**
- Added `TRANSFER_SERVER_0024` to the stellar.toml file
- Endpoints return 403 on bad or missing JWT tokens, instead of 400

**Breaking Changes:**
- allows anchors to pass arguments for form initialization by adjusting `content_for_transaction()`'s return type

**DB Changes**:
- added the `refunded` column to the `Transaction` model
- fixed `Transaction.to_address` and `Transaction.from_address` population bug

**Bug Fixes:**
- Selecting the `Submit` button on forms no longer submits the request twice
- Decimal values are now always displayed with the correct number of decimal numbers

**Miscellaneous:**
- added human-readable (and translatable) strings for each `Transaction.status` value