Fixes #4022 

Pretty sure the only issue with the
redirects was the `next` variable was never updated to the
`redirect_url` variable. Tested locally it works fine between the
passwordless/passworded logins but couldn't test with social login.
Everything I've seen online indicates this should work fine, though.

Use correct perm check for Administration link in user menu. Use same icon for Administration button as in user menu (#4030)

Fixes #3925.
- Cookie consent preference is now stored in local storage rather than
using cookies
- Improves on the existing cookie banner by adding a `Learn More` option
where users can read more about the essential & analytic cookies, and
toggle analytics specifically.
- If analytics are not used, the user is no longer given the option to
opt out, as Hypha only uses essential cookies by default.
- Added a link/button to the footer default that allows the user to
re-open the cookie prompt without having to clear it from their local
storage.

Fixes #3993

Co-authored-by: Saurabh Kumar <theskumar@users.noreply.github.com>

Fixes #3883  and #3908

Right now, PAF and Contracting information is only editable in Draft
state. But with these changes, PAF and Contracting details are editable
for active projects(*reviewer roles condition applied).

Fixes #4012

Bumps
[djangorestframework](https://github.com/encode/django-rest-framework)
from 3.15.0 to 3.15.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/encode/django-rest-framework/releases">djangorestframework's
releases</a>.</em></p>
<blockquote>
<h2>Version 3.15.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update the message to be consistent with the Django `HttpResponseBa…
by <a href="https://github.com/maycuatroi"><code>@​maycuatroi</code></a>
in <a
href="https://redirect.github.com/encode/django-rest-framework/pull/9287">encode/django-rest-framework#9287</a></li>
<li>Make <code>inflection</code> package truly optional by <a
href="https://github.com/browniebroke"><code>@​browniebroke</code></a>
in <a
href="https://redirect.github.com/encode/django-rest-framework/pull/9303">encode/django-rest-framework#9303</a></li>
<li>Fix broken links in release notes for 3.15 by <a
href="https://github.com/browniebroke"><code>@​browniebroke</code></a>
in <a
href="https://redirect.github.com/encode/django-rest-framework/pull/9305">encode/django-rest-framework#9305</a></li>
<li>TokenAdmin.autocomplete_fields Breaks Some Use Cases, Revert by <a
href="https://github.com/alexdlaird"><code>@​alexdlaird</code></a> in <a
href="https://redirect.github.com/encode/django-rest-framework/pull/9301">encode/django-rest-framework#9301</a></li>
<li>Add drf-sendables to third-party-packages.md by <a
href="https://github.com/amikrop"><code>@​amikrop</code></a> in <a
href="https://redirect.github.com/encode/django-rest-framework/pull/9261">encode/django-rest-framework#9261</a></li>
<li>Revert &quot;feat: Add some changes to ValidationError to support
django style vad…&quot; by <a
href="https://github.com/auvipy"><code>@​auvipy</code></a> in <a
href="https://redirect.github.com/encode/django-rest-framework/pull/9326">encode/django-rest-framework#9326</a></li>
<li>Revert &quot;Re-prefetch related objects after updating&quot; by <a
href="https://github.com/auvipy"><code>@​auvipy</code></a> in <a
href="https://redirect.github.com/encode/django-rest-framework/pull/9327">encode/django-rest-framework#9327</a></li>
<li>Revert <a
href="https://redirect.github.com/encode/django-rest-framework/issues/8863">#8863</a>
by <a
href="https://github.com/tomchristie"><code>@​tomchristie</code></a> in
<a
href="https://redirect.github.com/encode/django-rest-framework/pull/9330">encode/django-rest-framework#9330</a></li>
<li>Revert <a
href="https://redirect.github.com/encode/django-rest-framework/issues/8009">#8009</a>
by <a
href="https://github.com/tomchristie"><code>@​tomchristie</code></a> in
<a
href="https://redirect.github.com/encode/django-rest-framework/pull/9332">encode/django-rest-framework#9332</a></li>
<li>Revert <a
href="https://redirect.github.com/encode/django-rest-framework/issues/9030">#9030</a>
by <a
href="https://github.com/tomchristie"><code>@​tomchristie</code></a> in
<a
href="https://redirect.github.com/encode/django-rest-framework/pull/9333">encode/django-rest-framework#9333</a></li>
<li>Revert &quot;Fix NamespaceVersioning ignoring DEFAULT_VERSION on
non-None namespaces&quot; by <a
href="https://github.com/auvipy"><code>@​auvipy</code></a> in <a
href="https://redirect.github.com/encode/django-rest-framework/pull/9335">encode/django-rest-framework#9335</a></li>
<li><code>SearchFilter.get_search_terms</code> returns list. by <a
href="https://github.com/tomchristie"><code>@​tomchristie</code></a> in
<a
href="https://redirect.github.com/encode/django-rest-framework/pull/9338">encode/django-rest-framework#9338</a></li>
<li>Version 3.15.1 by <a
href="https://github.com/tomchristie"><code>@​tomchristie</code></a> in
<a
href="https://redirect.github.com/encode/django-rest-framework/pull/9339">encode/django-rest-framework#9339</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/maycuatroi"><code>@​maycuatroi</code></a> made
their first contribution in <a
href="https://redirect.github.com/encode/django-rest-framework/pull/9287">encode/django-rest-framework#9287</a></li>
<li><a
href="https://github.com/alexdlaird"><code>@​alexdlaird</code></a> made
their first contribution in <a
href="https://redirect.github.com/encode/django-rest-framework/pull/9301">encode/django-rest-framework#9301</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/encode/django-rest-framework/compare/3.15.0...3.15.1">https://github.com/encode/django-rest-framework/compare/3.15.0...3.15.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/encode/django-rest-framework/commit/c7a7eae551528b6887614df816c8a26df70272d6"><code>c7a7eae</code></a>
Version 3.15.2 (<a
href="https://redirect.github.com/encode/django-rest-framework/issues/9439">#9439</a>)</li>
<li><a
href="https://github.com/encode/django-rest-framework/commit/3b41f0124194430da957b119712978fa2266b642"><code>3b41f01</code></a>
Fix potential XSS vulnerability in break_long_headers template filter
(<a
href="https://redirect.github.com/encode/django-rest-framework/issues/9435">#9435</a>)</li>
<li><a
href="https://github.com/encode/django-rest-framework/commit/fe92f0dd0d4c587eed000c7de611ddbff241bd6a"><code>fe92f0d</code></a>
Add <code>__hash__</code> method for
<code>permissions.OperandHolder</code> class (<a
href="https://redirect.github.com/encode/django-rest-framework/issues/9417">#9417</a>)</li>
<li><a
href="https://github.com/encode/django-rest-framework/commit/fbdab09c776d5ceef041793a7acd1c9e91695e5d"><code>fbdab09</code></a>
docs: Correct some evaluation results and a httpie option in Tutorial1
(<a
href="https://redirect.github.com/encode/django-rest-framework/issues/9421">#9421</a>)</li>
<li><a
href="https://github.com/encode/django-rest-framework/commit/36d5c0e74f562cbe3055f0d20818bd48d3c32359"><code>36d5c0e</code></a>
tests: Check urlpatterns after cleanups (<a
href="https://redirect.github.com/encode/django-rest-framework/issues/9400">#9400</a>)</li>
<li><a
href="https://github.com/encode/django-rest-framework/commit/9d4ed054bf8acfac6209b7e7f837fc97517affcc"><code>9d4ed05</code></a>
Don't use Windows line endings</li>
<li><a
href="https://github.com/encode/django-rest-framework/commit/b34bde47d7fff403df4143a35c71975d7c2e7763"><code>b34bde4</code></a>
Fix typo in setup.cfg setting</li>
<li><a
href="https://github.com/encode/django-rest-framework/commit/ab681f2d5e4a9645aa68eabf1ff18e41d0d5f642"><code>ab681f2</code></a>
Update requirements in docs</li>
<li><a
href="https://github.com/encode/django-rest-framework/commit/22377241a89c8233b45441b5adde5b858edef371"><code>2237724</code></a>
bump pygments (security hygiene)</li>
<li><a
href="https://github.com/encode/django-rest-framework/commit/d58b8da591120abedc94c1b71576cb9afb2d7868"><code>d58b8da</code></a>
Update deprecation hints</li>
<li>Additional commits viewable in <a
href="https://github.com/encode/django-rest-framework/compare/3.15.0...3.15.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=djangorestframework&package-manager=pip&previous-version=3.15.0&new-version=3.15.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/HyphaApp/hypha/network/alerts

).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Fixes #4001

Also fixes one instance of "The `classnames` kwarg for MenuItem is
deprecated - use `classname` instead.".

Fixes #3981

Co-authored-by: Ghulam Murtaza <gmurtaza@opentechstrategies.com>
Co-authored-by: Fredrik Jonsson <frjo@xdeb.org>

Fixes #3947 

An activity and a slack notification are there now for project title
update.

Also, use `ms-2` on the admin icon margin

Update html for better git diff and readability, linebreak on each
property

Editing a comment which is for internal team changes it's visibility to
applicant + staff

How to reproduce:
- Login as staff
- Add a comment and then edit the same comment
- Refresh the page and see the visibility becomes Applicant + staff

When editing the comment, I didn't see staff getting a UI to update the
visibility so not allowing the visibility change in the commit edit api
seems to be the right thing to do as well

Fixes https://github.com/HyphaApp/hypha/issues/3851


- Update the flagging design slightly (see screenshots)
- Update jquery js to vanilla, for showing if a submission is flagged in
the table row.
- Reuse the submission list view to display user flags and staff flag
pages

Fixes #3987

- Use htmx
- Update/fix behaviour
- code cleanup - js, api, python views/forms

Fixes https://github.com/HyphaApp/hypha/issues/3873


https://github.com/HyphaApp/hypha/assets/236356/befc068a-864e-4ae2-a571-268f3fe288f7

Fixes #3830

This PR allow adding an option prefix to the submission ID's that are
auto generated.

The prefix can be added by going to round or lab settings page. 

This PR also ensure the prefix or application ID displayed along with
title almost everywhere for each reference. Since the title of
application is not unique, this helps add uniqueness to it.

The autolinking of submission ids in communication has be updated to
account for application id prefix

Fixes #3871. Allows partners that are assigned to an application to also
get email notifications when a new comment is made that has applicable
visibility. There was some refactoring that took place to allow for
email messages to be customized on a per-recipient basis rather than
having one be generated for all recipients.

Fixes #3888 


Co-authored-by: Fredrik Jonsson <frjo@xdeb.org>

Fixes #3911

Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to
3.0.3.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d"><code>74b2db2</code></a>
3.0.3</li>
<li><a
href="https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e"><code>88f1429</code></a>
update eslint. lint, fix unit tests.</li>
<li><a
href="https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff"><code>415d660</code></a>
Snyk js braces 6838727 (<a
href="https://redirect.github.com/micromatch/braces/issues/40">#40</a>)</li>
<li><a
href="https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6"><code>190510f</code></a>
fix tests, skip 1 test in test/braces.expand</li>
<li><a
href="https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856"><code>716eb9f</code></a>
readme bump</li>
<li><a
href="https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3"><code>a5851e5</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/braces/issues/37">#37</a>
from coderaiser/fix/vulnerability</li>
<li><a
href="https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538"><code>2092bd1</code></a>
feature: braces: add maxSymbols (<a
href="https://github.com/micromatch/braces/issues/">https://github.com/micromatch/braces/issues/</a>...</li>
<li><a
href="https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3"><code>9f5b4cf</code></a>
fix: vulnerability (<a
href="https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727">https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727</a>)</li>
<li><a
href="https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d"><code>98414f9</code></a>
remove funding file</li>
<li><a
href="https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14"><code>665ab5d</code></a>
update keepEscaping doc (<a
href="https://redirect.github.com/micromatch/braces/issues/27">#27</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micromatch/braces/compare/3.0.2...3.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=braces&package-manager=npm_and_yarn&previous-version=3.0.2&new-version=3.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/HyphaApp/hypha/network/alerts

).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Fixes #3887 

Fixes #3939

Some left/right/top/bottom had slipped past.

Update the Browserslist and the "npx" command is not needed when running
commands in scripts.

Fixes #3895. Quick one I noticed while working on the partner comment
stuff. Comments will now display with the user email where no full name
is set.

- [x] Add approved by staff to the approved invoice pdfs
- [x] Add inovice approver and date

Closes: https://github.com/HyphaApp/hypha/issues/3539

Fixes #3923 

Fixes #3927 

Fixes #3839 

##  Assumptions

An organization only chooses one option either go with PAFReviewerRoles
or without that. Changing in between might cause the issue with
`Internal Approval` status projects. We will fix this in another issue
if needed.

- Rename "Apply Admin" to "Admin" 
- Adds "Admin" icon to the user's profile page along with the
"Dashboard" link, makes it easier to goto admin without going to
dashboard everytime first.
- Update icons for "dashboard" and "Admin" to use heroicons.
- Update activity feed related link icon + it's visuals
- Remove `arrow-head-pixels--solid` icon from the sprite as it's no
longer in use anywhere.


Co-authored-by: Fredrik Jonsson <frjo@xdeb.org>