Docassemble

Fixed
- Issue with one of the fixes in 1.4.97.

Added
- The `pdftk` option under `attachment` and `features` for filling in
`pdf template file` attachments using pdftk instead of pikepdf.
Changed
- During the Docker image build process, `pandoc` will run once, so
that the first user to assemble a document with `pandoc` will not
experience slowness due to LaTeX needing to generate files.
- Appearance streams will be generated when using `pdf template file`.
- Error messages related to problems in the source code will no longer
be displayed to the user unless the user is an administrator or
developer. If you want these error messages to appear to all users,
set `debug: True` and `development site is protected: True` in the
Configuration. The error messages will be available in
`docassemble.log`.
Fixed
- Fixed security issue identified by Riyush Ghimire, affecting
versions 1.4.53 to 1.4.96, that could cause contents of files in the
filesystem to be revealed. This is a high severity issue and
upgrading as soon as possible is recommended.
- Fixed security issue identified by Riyush Ghimire, affecting
versions up to 1.4.96, that allowed an open redirect URL to be formed.
- Fixed security issue identified by Riyush Ghimire, affecting
versions up to 1.4.96, that would allow HTML or JavaScript
injection.

Fixed
- Issue with installation of SSL certificates stored on S3.

Fixed
- The `small screen navigation` option under `features` could not be
overridden to `True`.
- The `nice_number()` function sometimes did not properly detect
whether a number was an integer.

Added
- The `raw html` special field type under `fields` and `review`. This
is similar to `html` but allows modification of the structure of the
HTML in the list as a whole.

Added
- The `current_context()` function, which is the new function to use
in place of `user_info()` for attributes that are not related to the
logged in user. The object returned by `current_context()` also has
a new attribute, `inside_of`, which can be used to detect whether
the Python code that is currently executing is executing inside of a
particular type of document assembly process.

Changed
- The `user_info()` function had previously provided much of the
information that the `current_context()` function now
provides. However, the name `user_info()` was not suitable for that
information. A deprecation warning will be logged if code accesses
the attributes of `user_info()` that do not relate to the logged-in
user. In a future version, accessing these attributes will raise an
exception.
- The behavior of the object returned from `user_info()` is different,
which might be a breaking change if you used `user_info()` in a
certain way. Previously, `user_info()` returned an object with
static attributes. Now, the attributes of the object returned by
`user_info()` are dynamic attributes (using the `property`
decorator). If you set `u = user_info()` and `u` becomes a variable
in the interview answers, `u.id` will always return the user id of
the current logged-in user, not necessarily the user who was logged
in when `u` was defined.
- The new function `current_context()` works the same way. If you set
`c = current_context()` then `c.current_section` will be the current
section at the time the attribute was accessed, not the time that
`c` was defined.
- Another difference in the way that `user_info()` operates is that if
the user is not logged in, the attributes other than `first_name`
and `last_name` will exist, but will be `None`. Previously, those
attributes did not exist, and accessing them would raise an
`AttributeError`. If you want to test whether the user is logged in,
use `user_logged_in()`.

Fixed
- A non-`required` boolean field value that was not filled out was set
to `False` instead of `None` as the documentation specified. The
default value is now `None`.
- The `words` directive was unable to load translations from
Playground packages.