Changelog for
python311-djangorestframework-3.15.2-1.1.noarch.rpm :
* Sat Jun 29 2024 Dirk Müller
- update to 3.15.2:
* Fix potential XSS vulnerability in browsable API. #9435
* Revert \"Ensure CursorPagination respects nulls in the ordering field\". #9381
* Use warnings rather than logging a warning for DecimalField.
* Sat Apr 13 2024 John Vandenberg - Disable pytest filterwarnings which is breaking the test suite.
* Sun Apr 07 2024 Dirk Müller - update to 3.15.1:
* Django 5.0 and Python 3.12 support
* Use POST method instead of GET to perform logout in browsable API
* Added jQuery 3.7.1 support & dropped previous version
* Use str as default path converter
* Partial serializer should not have required fields
* Propagate \'default\' from model field to serializer field.
* Allow to override child.run_validation call in ListSerializer
* Align SearchFilter behaviour to django.contrib.admin search
* Class name added to unknown field error
* Fix: Pagination response schemas.
* Fix choices in ChoiceField to support IntEnum
* Fix `SearchFilter` rendering search field with invalid value
* Fix OpenAPI Schema yaml rendering for `timedelta`
* Added Deprecation Warnings for CoreAPI
* Removed usage of `field.choices` that triggered full table load
* Permit mixed casing of string values for `BooleanField` validation
* Fixes `BrowsableAPIRenderer` for usage with `ListSerializer`.
* Change semantic of `OR` of two permission classes
* Remove dependency on `pytz`
* Make set_value a method within `Serializer`
* Fix URLPathVersioning reverse fallback
* Fix mapping for choice values
* Refactor read function to use context manager for file handling
* Fix: fallback on CursorPagination ordering if unset on the view
* Replaced `OrderedDict` with `dict`
* Implement `__eq__` for validators
* Ensure CursorPagination respects nulls in the ordering field
* Use ZoneInfo as primary source of timezone data
* Add username search field for TokenAdmin (#8927)
* Handle Nested Relation in SlugRelatedField when many=False
* Bump version of jQuery to 3.6.4 & updated ref links
* Support UniqueConstraint
* Fix Respect `can_read_model` permission in DjangoModelPermissions
* Add SimplePathRouter
* Re-prefetch related objects after updating
* Fix FilePathField required argument
* Raise ImproperlyConfigured exception if `basename` is not unique
* Use PrimaryKeyRelatedField pkfield in openapi
* replace partition with split in BasicAuthentication
* Fix BooleanField\'s allow_null behavior
* Handle Django\'s ValidationErrors in ListField
* Use autocomplete widget for user selection in Token admin
* Make browsable API compatible with strong CSP
* Avoid inline script execution for injecting CSRF token
* Register Django urls
* Implemented Verbose Name Translation for TokenProxy
* Properly handle OverflowError in DurationField deserialization
* Fix OpenAPI operation name plural appropriately
* Represent SafeString as plain string on schema rendering
* Fix 404 when page query parameter is empty string
* Fixes instance check in ListSerializer.to_representation
* FloatField will crash if the input is a number that is too big
* Add missing DurationField to SimpleMetada label_lookup
* Add support for Python 3.11
* Make request consistently available in pagination classes
* Possibility to remove trailing zeros on DecimalFields representation
* Add a method for getting serializer field name (OpenAPI)
* Add `__eq__` method for `OperandHolder` class
* Avoid importing `django.test` package when not testing
* Preserve exception messages for wrapped Django exceptions
* Include `examples` and `format` to OpenAPI schema of CursorPagination (https://github.>
* Fix infinite recursion with deepcopy on Request
* Refactor: Replace try/except with contextlib.suppress()
* Minor fix to SerializeMethodField docstring
* Minor refactor: Unnecessary use of list() function
* Unnecessary list comprehension
* Use correct class to indicate present deprecation
* Tue Mar 12 2024 Max Lin - ggDo not use python-Markdown in Leap 15
* Leap 15 does not have python 3.11 build of python-Markdown
* Tue Jan 30 2024 Steve Kowalik - Switch to pyproject macros.- Drop core{api,schema} from BuildRequires/Recommends, they are no longer developed, and will be removed.- Switch to psycopg (so version 3).
* Fri Jun 23 2023 Andreas Schneider - Use sle15_python_module_pythons
* Thu Jan 26 2023 John Vandenberg - Skip two tests failing upstream with latest Markdown.
* Sat Sep 24 2022 Markéta Machová - Update to 3.14.0
* Django 2.2 is no longer supported. [#8662]
* Django 4.1 compatibility. [#8591]
* Don\'t evaluate DateTimeField.default_timezone when a custom timezone is set. [#8531]
* Make relative URLs clickable in Browseable API. [#8464]
* Make ReturnDict support dict union operators on Python 3.9 and later. [#8302]- Drop merged patch 8530-update-tests-new-Pygments.patch
* Thu Aug 25 2022 John Vandenberg - Skip two tests, TestPosgresFieldsMapping.test_array_field and TestViewNamesAndDescriptions.test_markdown- Add README.md to package- Be more precise about files included under site-packages
* Mon Jun 20 2022 Matej Cepl - Add 8530-update-tests-new-Pygments.patch to allow working with the current Pygments (gh#encode/django-rest-framework#8160).
* Fri Jan 07 2022 John Vandenberg - Skip Tumbleweed Python 3.6 incompatible with Django 4
* Sat Dec 25 2021 John Vandenberg - Re-activate tests on Leap 15.2- Update to v3.13.1
* Revert schema naming changes with function based `AATTapi_view`
* Fix CursorPagination parameter schema type- from v3.13
* Django 4.0 support
* Fields arguments are now keyword-only
* Thu Sep 09 2021 Matej Cepl - Update to 3.12.4: - Properly handle ATOMIC_REQUESTS when multiple database configurations are used. [#7739] - Bypass COUNT query when LimitOffsetPagination is configured but pagination params are not included on the request. [#6098] - Respect allow_null=True on DecimalField. [#7718] - Allow title cased \"Yes\"/\"No\" values with BooleanField. [#7739] - Add PageNumberPagination.get_page_number() method for overriding behavior. [#7652] - Fixed rendering of timedelta values in OpenAPI schemas, when present as default, min, or max fields. [#7641] - Render JSONFields with indentation in browsable API forms. [#6243] - Remove unnecessary database query in admin Token views. [#7852] - Raise validation errors when bools are passed to PrimaryKeyRelatedField fields, instead of casting to ints. [#7597] - Don\'t include model properties as automatically generated ordering fields with OrderingFilter. [#7609] - Use deque instead of list for tracking throttling .history. [#7849] - Fix issue if rest_framework.authtoken.models is imported, but rest_framework.authtoken is not in INSTALLED_APPS. [#7571] - Ignore subclasses of BrowsableAPIRenderer in OpenAPI schema. [#7497] - Narrower exception catching in serilizer fields, to ensure that any errors in broken get_queryset() methods are not masked. [#7480] - Add TokenProxy migration. [#7557] - Add --file option to generateschema command. [#7130] - Support tags for OpenAPI schema generation. See the schema docs. [#7184] - Support customising the operation ID for schema generation. See the schema docs. [#7190] - Support OpenAPI components for schema generation. See the schema docs. [#7124] - The following methods on AutoSchema become public API: get_path_parameters, get_pagination_parameters, get_filter_parameters, get_request_body, get_responses, get_serializer, get_paginator, map_serializer, map_field, map_choice_field, map_field_validators, allows_filters. See the schema docs - Add support for Django 3.1\'s database-agnositic JSONField. [#7467] - SearchFilter now supports nested search on JSONField and HStoreField model fields. [#7121] - SearchFilter now supports searching on annotate() fields. [#6240] - The authtoken model no longer exposes the pk in the admin URL. [#7341] - Add __repr__ for Request instances. [#7239] - UTF-8 decoding with Latin-1 fallback for basic auth credentials. [#7193] - CharField treats surrogate characters as a validation failure. [#7026] - Don\'t include callables as default values in schemas. [#7105] - Improve ListField schema output to include all available child information. [#7137] - Allow default=False to be included for BooleanField schema outputs. [#7165] - Include \"type\" information in ChoiceField schema outputs. [#7161] - Include \"type\": \"object\" on schema objects. [#7169] - Don\'t include component in schema output for DELETE requests. [#7229] - Fix schema types for DecimalField. [#7254] - Fix schema generation for ObtainAuthToken view. [#7211] - Support passing context=... to view .get_serializer() methods. [#7298] - Pass custom code to PermissionDenied if permission class has one set. [#7306] - Include \"example\" in schema pagination output. [#7275] - Default status code of 201 on schema output for POST requests. [#7206] - Use camelCase for operation IDs in schema output. [#7208] - Warn if duplicate operation IDs exist in schema output. [#7207] - Improve handling of decimal type when mapping ChoiceField to a schema output. [#7264] - Disable YAML aliases for OpenAPI schema outputs. [#7131] - Fix action URL names for APIs included under a namespaced URL. [#7287] - Update jQuery version from 3.4 to 3.5. [#7313] - Fix UniqueTogether handling when serializer fields use source=.... [#7143] - HTTP HEAD requests now set self.action correctly on a ViewSet instance. [#7223] - Return a valid OpenAPI schema for the case where no API schema paths exist. [#7125] - Include tests in package distribution. [#7145] - Allow type checkers to support annotations like ModelSerializer[Author]. [#7385] - Don\'t include invalid charset=None portion in the request Content-Type header when using APIClient. [#7400] - Fix \\Z/\\z tokens in OpenAPI regexs. [#7389] - Fix PrimaryKeyRelatedField and HyperlinkedRelatedField when source field is actually a property. [#7142] - Token.generate_key is now a class method. [#7502] - AATTaction warns if method is wrapped in a decorator that does not preserve information using AATTfunctools.wraps. [#7098]- Skip TestNaiveDayLightSavingTimeTimeZoneDateTimeField.test_invalid_inputs (gh#encode/django-rest-framework#8159)- Skip TestViewNamesAndDescriptions.test_markdown (gh#encode/django-rest-framework#8160).
* Fri Feb 12 2021 Markéta Machová - Update to 3.11.2
* Security: Drop urlize_quoted_links template tag in favour of Django\'s built-in urlize. Removes a XSS vulnerability for some kinds of content in the browsable API. (boo#1177205, CVE-2020-25626)