diff options
| author | Carlton Gibson | 2014-11-18 16:42:39 +0100 |
|---|---|---|
| committer | Carlton Gibson | 2014-11-18 16:42:39 +0100 |
| commit | c50a42bddc66e28d624cd3caadd2d63502ac2e6e (patch) | |
| tree | bf03e2dcb23c2e4f372ff00cba4a810a96c24681 /docs/topics/release-notes.md | |
| parent | ba52c0c62762b9976fffa72dde7ce922176e481d (diff) | |
| parent | 080bd3d24e1866df2acc3aae0ec0f97ebe3a8c36 (diff) | |
| download | django-rest-framework-c50a42bddc66e28d624cd3caadd2d63502ac2e6e.tar.bz2 | |
Merge branch 'master' of github.com:tomchristie/django-rest-framework
Diffstat (limited to 'docs/topics/release-notes.md')
| -rw-r--r-- | docs/topics/release-notes.md | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index 16589f3b..88780c3f 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -40,6 +40,16 @@ You can determine your currently installed version using `pip freeze`: ## 2.4.x series +### 2.4.4 + +**Date**: [3rd November 2014](https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%222.4.4+Release%22+). + +* **Security fix**: Escape URLs when replacing `format=` query parameter, as used in dropdown on `GET` button in browsable API to allow explicit selection of JSON vs HTML output. +* Maintain ordering of URLs in API root view for `DefaultRouter`. +* Fix `follow=True` in `APIRequestFactory` +* Resolve issue with invalid `read_only=True`, `required=True` fields being automatically generated by `ModelSerializer` in some cases. +* Resolve issue with `OPTIONS` requests returning incorrect information for views using `get_serializer_class` to dynamically determine serializer based on request method. + ### 2.4.3 **Date**: [19th September 2014](https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%222.4.3+Release%22+). @@ -149,7 +159,7 @@ You can determine your currently installed version using `pip freeze`: * Added `write_only_fields` option to `ModelSerializer` classes. * JSON renderer now deals with objects that implement a dict-like interface. * Fix compatiblity with newer versions of `django-oauth-plus`. -* Bugfix: Refine behavior that calls model manager `all()` across nested serializer relationships, preventing erronous behavior with some non-ORM objects, and preventing unneccessary queryset re-evaluations. +* Bugfix: Refine behavior that calls model manager `all()` across nested serializer relationships, preventing erronous behavior with some non-ORM objects, and preventing unnecessary queryset re-evaluations. * Bugfix: Allow defaults on BooleanFields to be properly honored when values are not supplied. * Bugfix: Prevent double-escaping of non-latin1 URL query params when appending `format=json` params. |