Chore(deps): Bump the small-changes group across 1 directory with 6 updates (#9921)

* Chore(deps): Bump the small-changes group across 1 directory with 6 updates

Bumps the small-changes group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [concurrent-log-handler](https://github.com/Preston-Landers/concurrent-log-handler) | `0.9.25` | `0.9.26` |
| [django](https://github.com/django/django) | `5.1.8` | `5.2.1` |
| [django-auditlog](https://github.com/jazzband/django-auditlog) | `3.0.0` | `3.1.2` |
| [drf-spectacular-sidecar](https://github.com/tfranzel/drf-spectacular-sidecar) | `2025.4.1` | `2025.5.1` |
| [ocrmypdf](https://github.com/ocrmypdf/OCRmyPDF) | `16.10.0` | `16.10.1` |
| [setproctitle](https://github.com/dvarrazzo/py-setproctitle) | `1.3.5` | `1.3.6` |



Updates `concurrent-log-handler` from 0.9.25 to 0.9.26
- [Release notes](https://github.com/Preston-Landers/concurrent-log-handler/releases)
- [Changelog](https://github.com/Preston-Landers/concurrent-log-handler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Preston-Landers/concurrent-log-handler/compare/0.9.25...0.9.26)

Updates `django` from 5.1.8 to 5.2.1
- [Commits](https://github.com/django/django/compare/5.1.8...5.2.1)

Updates `django-auditlog` from 3.0.0 to 3.1.2
- [Release notes](https://github.com/jazzband/django-auditlog/releases)
- [Changelog](https://github.com/jazzband/django-auditlog/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jazzband/django-auditlog/compare/v3.0.0...v3.1.2)

Updates `drf-spectacular-sidecar` from 2025.4.1 to 2025.5.1
- [Commits](https://github.com/tfranzel/drf-spectacular-sidecar/compare/2025.4.1...2025.5.1)

Updates `ocrmypdf` from 16.10.0 to 16.10.1
- [Release notes](https://github.com/ocrmypdf/OCRmyPDF/releases)
- [Changelog](https://github.com/ocrmypdf/OCRmyPDF/blob/main/docs/release_notes.md)
- [Commits](https://github.com/ocrmypdf/OCRmyPDF/compare/v16.10.0...v16.10.1)

Updates `setproctitle` from 1.3.5 to 1.3.6
- [Changelog](https://github.com/dvarrazzo/py-setproctitle/blob/master/HISTORY.rst)
- [Commits](https://github.com/dvarrazzo/py-setproctitle/compare/version-1.3.5...version-1.3.6)

---
updated-dependencies:
- dependency-name: concurrent-log-handler
  dependency-version: 0.9.26
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: small-changes
- dependency-name: django
  dependency-version: 5.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: small-changes
- dependency-name: django-auditlog
  dependency-version: 3.1.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: small-changes
- dependency-name: drf-spectacular-sidecar
  dependency-version: 2025.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: small-changes
- dependency-name: ocrmypdf
  dependency-version: 16.10.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: small-changes
- dependency-name: setproctitle
  dependency-version: 1.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: small-changes
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fix log matches related to newlines, add newlines to stdout.writelines

* Fix disable api remote auth test, Django 5.2 no longer uses process_request

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shamoon <4887959+shamoon@users.noreply.github.com>

pyproject.toml

@@ -23,9 +23,9 @@ dependencies = [
   "dateparser~=1.2",
   # WARNING: django does not use semver.
   #          Only patch versions are guaranteed to not introduce breaking changes.
-  "django~=5.1.7",
+  "django~=5.2.1",
   "django-allauth[socialaccount,mfa]~=65.4.0",
-  "django-auditlog~=3.0.0",
+  "django-auditlog~=3.1.2",
   "django-celery-results~=2.6.0",
   "django-compression-middleware~=0.5.0",
   "django-cors-headers~=4.7.0",
@@ -37,7 +37,7 @@ dependencies = [
   "djangorestframework~=3.15",
   "djangorestframework-guardian~=0.3.0",
   "drf-spectacular~=0.28",
-  "drf-spectacular-sidecar~=2025.4.1",
+  "drf-spectacular-sidecar~=2025.5.1",
   "drf-writable-nested~=0.7.1",
   "filelock~=3.18.0",
   "flower~=2.0.1",

src/documents/management/commands/document_fuzzy_match.py

@@ -125,14 +125,14 @@ class Command(MultiProcessMixin, ProgressBarMixin, BaseCommand):
                 messages.append(
                     self.style.NOTICE(
                         f"Document {result.doc_one_pk} fuzzy match"
-                        f" to {result.doc_two_pk} (confidence {result.ratio:.3f})",
+                        f" to {result.doc_two_pk} (confidence {result.ratio:.3f})\n",
                     ),
                 )
                 maybe_delete_ids.append(result.doc_two_pk)
 
         if len(messages) == 0:
             messages.append(
-                self.style.SUCCESS("No matches found"),
+                self.style.SUCCESS("No matches found\n"),
             )
         self.stdout.writelines(
             messages,

src/documents/tests/test_management_fuzzy.py

@@ -87,7 +87,7 @@ class TestFuzzyMatchCommand(TestCase):
             filename="other_test.pdf",
         )
         stdout, _ = self.call_command()
-        self.assertEqual(stdout, "No matches found\n")
+        self.assertIn("No matches found", stdout)
 
     def test_with_matches(self):
         """
@@ -116,7 +116,7 @@ class TestFuzzyMatchCommand(TestCase):
             filename="other_test.pdf",
         )
         stdout, _ = self.call_command("--processes", "1")
-        self.assertRegex(stdout, self.MSG_REGEX + "\n")
+        self.assertRegex(stdout, self.MSG_REGEX)
 
     def test_with_3_matches(self):
         """
@@ -152,11 +152,10 @@ class TestFuzzyMatchCommand(TestCase):
             filename="final_test.pdf",
         )
         stdout, _ = self.call_command()
-        lines = [x.strip() for x in stdout.split("\n") if len(x.strip())]
+        lines = [x.strip() for x in stdout.splitlines() if x.strip()]
         self.assertEqual(len(lines), 3)
-        self.assertRegex(lines[0], self.MSG_REGEX)
+        for line in lines:
-        self.assertRegex(lines[1], self.MSG_REGEX)
+            self.assertRegex(line, self.MSG_REGEX)
-        self.assertRegex(lines[2], self.MSG_REGEX)
 
     def test_document_deletion(self):
         """
@@ -197,14 +196,12 @@ class TestFuzzyMatchCommand(TestCase):
 
         stdout, _ = self.call_command("--delete")
 
-        lines = [x.strip() for x in stdout.split("\n") if len(x.strip())]
+        self.assertIn(
-        self.assertEqual(len(lines), 3)
-        self.assertEqual(
-            lines[0],
             "The command is configured to delete documents.  Use with caution",
+            stdout,
         )
-        self.assertRegex(lines[1], self.MSG_REGEX)
+        self.assertRegex(stdout, self.MSG_REGEX)
-        self.assertEqual(lines[2], "Deleting 1 documents based on ratio matches")
+        self.assertIn("Deleting 1 documents based on ratio matches", stdout)
 
         self.assertEqual(Document.objects.count(), 2)
         self.assertIsNotNone(Document.objects.get(pk=1))

src/paperless/auth.py

@@ -54,7 +54,7 @@ class HttpRemoteUserMiddleware(PersistentRemoteUserMiddleware):
 
     header = settings.HTTP_REMOTE_USER_HEADER_NAME
 
-    def process_request(self, request: HttpRequest) -> None:
+    def __call__(self, request: HttpRequest) -> None:
         # If remote user auth is enabled only for the frontend, not the API,
         # then we need dont want to authenticate the user for API requests.
         if (
@@ -62,8 +62,8 @@ class HttpRemoteUserMiddleware(PersistentRemoteUserMiddleware):
             and "paperless.auth.PaperlessRemoteUserAuthentication"
             not in settings.REST_FRAMEWORK["DEFAULT_AUTHENTICATION_CLASSES"]
         ):
-            return
+            return self.get_response(request)
-        return super().process_request(request)
+        return super().__call__(request)
 
 
 class PaperlessRemoteUserAuthentication(authentication.RemoteUserAuthentication):

src/paperless/tests/test_remote_user.py

@@ -1,6 +1,7 @@
 import os
 from unittest import mock
 
+from django.conf import settings
 from django.contrib.auth.models import User
 from django.test import override_settings
 from rest_framework import status
@@ -91,6 +92,7 @@ class TestRemoteUser(DirectoriesMixin, APITestCase):
 
     @override_settings(
         REST_FRAMEWORK={
+            **settings.REST_FRAMEWORK,
             "DEFAULT_AUTHENTICATION_CLASSES": [
                 "rest_framework.authentication.BasicAuthentication",
                 "rest_framework.authentication.TokenAuthentication",