From bed2f08c24a13831590ae5fc8cefbb1bca300a96 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Mon, 23 Dec 2013 11:57:25 +0000 Subject: Updated release notes --- docs/topics/release-notes.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs/topics') diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index d1ace116..b09bd0be 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -46,6 +46,7 @@ You can determine your currently installed version using `pip freeze`: * Fix compatiblity with newer versions of `django-oauth-plus`. * Bugfix: Refine behavior that calls model manager `all()` across nested serializer relationships, preventing erronous behavior with some non-ORM objects, and preventing unneccessary queryset re-evaluations. * Bugfix: Allow defaults on BooleanFields to be properly honored when values are not supplied. +* Bugfix: Prevent double-escaping of non-latin1 URL query params when appending `format=json` params. ### 2.3.10 -- cgit v1.2.3 From 0672d6de6e47ba0269a58ad0da3cc7ff4c82908e Mon Sep 17 00:00:00 2001 From: Kevin Brown Date: Thu, 2 Jan 2014 16:46:57 -0500 Subject: Fix bugfix note This fixes a bugfix note that was added because of #1293, which pointed out that a change in a bugfix [1] broke backwards compatibility. The bugfix did not work as expected because a variable was quoted when it should not have been. This removes the quotes around the variable, which brings back the expected functionality. --- docs/topics/release-notes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/topics') diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index b09bd0be..ca966d20 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -98,7 +98,7 @@ You can determine your currently installed version using `pip freeze`: class DisablePaginationMixin(object): def get_paginate_by(self, queryset=None): - if self.request.QUERY_PARAMS['self.paginate_by_param'] == '0': + if self.request.QUERY_PARAMS[self.paginate_by_param] == '0': return None return super(DisablePaginationMixin, self).get_paginate_by(queryset) -- cgit v1.2.3 From 78494401c5c45d16d632bb2fa9629678e47a98bc Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 8 Jan 2014 15:22:41 +0000 Subject: Use www.django-rest-framework.org for docs instead of django-rest-framework.org due to issues with naked domains --- docs/topics/2.2-announcement.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/topics') diff --git a/docs/topics/2.2-announcement.md b/docs/topics/2.2-announcement.md index 0f980e1c..a997c782 100644 --- a/docs/topics/2.2-announcement.md +++ b/docs/topics/2.2-announcement.md @@ -151,7 +151,7 @@ From version 2.2 onwards, serializers with hyperlinked relationships *always* re [porting-python-3]: https://docs.djangoproject.com/en/dev/topics/python3/ [python-compat]: https://docs.djangoproject.com/en/dev/releases/1.5/#python-compatibility [django-deprecation-policy]: https://docs.djangoproject.com/en/dev/internals/release-process/#internal-release-deprecation-policy -[credits]: http://django-rest-framework.org/topics/credits +[credits]: http://www.django-rest-framework.org/topics/credits [mailing-list]: https://groups.google.com/forum/?fromgroups#!forum/django-rest-framework [django-rest-framework-docs]: https://github.com/marcgibbons/django-rest-framework-docs [marcgibbons]: https://github.com/marcgibbons/ -- cgit v1.2.3 From 85d74fc86a934309359a437dd487193013055977 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 14 Jan 2014 11:25:44 +0000 Subject: Added write_only and write_only_fields. Refs #1306 --- docs/topics/release-notes.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'docs/topics') diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index ca966d20..cd87c7b2 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -40,8 +40,12 @@ You can determine your currently installed version using `pip freeze`: ## 2.3.x series -### Master +### 2.3.11 +**Date**: 14th January 2014 + +* Added `write_only` serializer field argument. +* Added `write_only_fields` option to `ModelSerializer` classes. * JSON renderer now deals with objects that implement a dict-like interface. * Fix compatiblity with newer versions of `django-oauth-plus`. * Bugfix: Refine behavior that calls model manager `all()` across nested serializer relationships, preventing erronous behavior with some non-ORM objects, and preventing unneccessary queryset re-evaluations. -- cgit v1.2.3 From 71c03b9db97edbde228777981de0ac7b664302de Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 15 Jan 2014 14:27:41 +0000 Subject: Security update to OrderingFilter --- docs/topics/release-notes.md | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docs/topics') diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index cd87c7b2..14503148 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -40,6 +40,13 @@ You can determine your currently installed version using `pip freeze`: ## 2.3.x series +### 2.3.12 + +**Date**: 15th January 2014 + +* **Security fix**: `OrderingField` now only allows ordering on readable serializer fields, or on fields explicitly specified using `ordering_fields`. This prevents users being able to order by fields that are not visible in the API, and exploiting the ordering of sensitive data such as password hashes. +* Bugfix: `write_only = True` fields now display in the browsable API. + ### 2.3.11 **Date**: 14th January 2014 -- cgit v1.2.3 From 0cb08ac7076da05bec797144263c472f507958b6 Mon Sep 17 00:00:00 2001 From: amatellanes Date: Wed, 12 Feb 2014 23:17:05 +0100 Subject: Fixed Testing docs section --- docs/topics/contributing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/topics') diff --git a/docs/topics/contributing.md b/docs/topics/contributing.md index 30d292f8..5a5d1a80 100644 --- a/docs/topics/contributing.md +++ b/docs/topics/contributing.md @@ -60,7 +60,7 @@ To run the tests, clone the repository, and then: # Setup the virtual environment virtualenv env - env/bin/activate + source env/bin/activate pip install -r requirements.txt pip install -r optionals.txt -- cgit v1.2.3 From 45d89b5d110939ecbbbbc03ee51bd8ea78cc41dd Mon Sep 17 00:00:00 2001 From: Artem Mezhenin Date: Thu, 13 Feb 2014 21:25:35 +0400 Subject: credit, issue #1386, PR #1397 --- docs/topics/credits.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs/topics') diff --git a/docs/topics/credits.md b/docs/topics/credits.md index d4c00bc4..f4a3e655 100644 --- a/docs/topics/credits.md +++ b/docs/topics/credits.md @@ -182,6 +182,7 @@ The following people have helped make REST framework great. * Ian Foote - [ian-foote] * Chuck Harmston - [chuckharmston] * Philip Forget - [philipforget] +* Artem Mezhenin - [amezhenin] Many thanks to everyone who's contributed to the project. -- cgit v1.2.3 From aaa58852326ecf98785de853a71c8a6f19a0cb7e Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 13 Feb 2014 17:40:00 +0000 Subject: Update credits --- docs/topics/credits.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs/topics') diff --git a/docs/topics/credits.md b/docs/topics/credits.md index f4a3e655..5f0dc752 100644 --- a/docs/topics/credits.md +++ b/docs/topics/credits.md @@ -401,3 +401,4 @@ You can also contact [@_tomchristie][twitter] directly on twitter. [ian-foote]: https://github.com/ian-foote [chuckharmston]: https://github.com/chuckharmston [philipforget]: https://github.com/philipforget +[amezhenin]: https://github.com/amezhenin -- cgit v1.2.3 From f5f4c1a837f3ead760742bb8d783eaf78ce389e0 Mon Sep 17 00:00:00 2001 From: Kumar McMillan Date: Fri, 28 Feb 2014 16:34:42 -0600 Subject: strip trailing whitespace my editor does this by default --- docs/topics/contributing.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'docs/topics') diff --git a/docs/topics/contributing.md b/docs/topics/contributing.md index 5a5d1a80..0255c484 100644 --- a/docs/topics/contributing.md +++ b/docs/topics/contributing.md @@ -14,7 +14,7 @@ If you use REST framework, we'd love you to be vocal about your experiences with Other really great ways you can help move the community forward include helping answer questions on the [discussion group][google-group], or setting up an [email alert on StackOverflow][so-filter] so that you get notified of any new questions with the `django-rest-framework` tag. -When answering questions make sure to help future contributors find their way around by hyperlinking wherever possible to related threads and tickets, and include backlinks from those items if relevant. +When answering questions make sure to help future contributors find their way around by hyperlinking wherever possible to related threads and tickets, and include backlinks from those items if relevant. ## Code of conduct @@ -38,7 +38,7 @@ Some tips on good issue reporting: ## Triaging issues -Getting involved in triaging incoming issues is a good way to start contributing. Every single ticket that comes into the ticket tracker needs to be reviewed in order to determine what the next steps should be. Anyone can help out with this, you just need to be willing to +Getting involved in triaging incoming issues is a good way to start contributing. Every single ticket that comes into the ticket tracker needs to be reviewed in order to determine what the next steps should be. Anyone can help out with this, you just need to be willing to * Read through the ticket - does it make sense, is it missing any context that would help explain it better? * Is the ticket reported in the correct place, would it be better suited as a discussion on the discussion group? @@ -130,8 +130,8 @@ There are a couple of conventions you should follow when working on the document Headers should use the hash style. For example: ### Some important topic - -The underline style should not be used. **Don't do this:** + +The underline style should not be used. **Don't do this:** Some important topic ==================== @@ -141,9 +141,9 @@ The underline style should not be used. **Don't do this:** Links should always use the reference style, with the referenced hyperlinks kept at the end of the document. Here is a link to [some other thing][other-thing]. - + More text... - + [other-thing]: http://example.com/other/thing This style helps keep the documentation source consistent and readable. @@ -159,9 +159,9 @@ Linking in this style means you'll be able to click the hyperlink in your markdo If you want to draw attention to a note or warning, use a pair of enclosing lines, like so: --- - + **Note:** A useful documentation note. - + --- # Third party packages -- cgit v1.2.3 From e2857bdcffce612814e4cc35bef6f97ce5f39e77 Mon Sep 17 00:00:00 2001 From: Kumar McMillan Date: Fri, 28 Feb 2014 16:35:03 -0600 Subject: Fix link to tox --- docs/topics/contributing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/topics') diff --git a/docs/topics/contributing.md b/docs/topics/contributing.md index 0255c484..18a05050 100644 --- a/docs/topics/contributing.md +++ b/docs/topics/contributing.md @@ -67,7 +67,7 @@ To run the tests, clone the repository, and then: # Run the tests rest_framework/runtests/runtests.py -You can also use the excellent `[tox][tox]` testing tool to run the tests against all supported versions of Python and Django. Install `tox` globally, and then simply run: +You can also use the excellent [tox][tox] testing tool to run the tests against all supported versions of Python and Django. Install `tox` globally, and then simply run: tox -- cgit v1.2.3 From c1148241eee3df1139f9855ee3220c82f60726d5 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 6 Mar 2014 09:01:05 +0000 Subject: Version 2.3.13 --- docs/topics/release-notes.md | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'docs/topics') diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index 14503148..0010f687 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -40,6 +40,17 @@ You can determine your currently installed version using `pip freeze`: ## 2.3.x series +### 2.3.13 + +**Date**: 6th March 2014 + +* Django 1.7 Support. +* Fix `default` argument when used with serializer relation fields. +* Display the media type of the content that is being displayed in the browsable API, rather than 'text/html'. +* Bugfix for `urlize` template failure when URL regex is matched, but value does not `urlparse`. +* Use `urandom` for token generation. +* Only use `Vary: Accept` when more than one renderer exists. + ### 2.3.12 **Date**: 15th January 2014 -- cgit v1.2.3 From e45e52a255c0dfbecfc5048697534ffbe0e2648e Mon Sep 17 00:00:00 2001 From: Dmitry Mukhin Date: Mon, 7 Apr 2014 20:39:45 +0400 Subject: replace page with page_size to avoide confusion --- docs/topics/release-notes.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs/topics') diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index 0010f687..2bc8b2d6 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -112,11 +112,11 @@ You can determine your currently installed version using `pip freeze`: * Bugfix: `client.force_authenticate(None)` should also clear session info if it exists. * Bugfix: Client sending empty string instead of file now clears `FileField`. * Bugfix: Empty values on ChoiceFields with `required=False` now consistently return `None`. -* Bugfix: Clients setting `page=0` now simply returns the default page size, instead of disabling pagination. [*] +* Bugfix: Clients setting `page_size=0` now simply returns the default page size, instead of disabling pagination. [*] --- -[*] Note that the change in `page=0` behaviour fixes what is considered to be a bug in how clients can effect the pagination size. However if you were relying on this behavior you will need to add the following mixin to your list views in order to preserve the existing behavior. +[*] Note that the change in `page_size=0` behaviour fixes what is considered to be a bug in how clients can effect the pagination size. However if you were relying on this behavior you will need to add the following mixin to your list views in order to preserve the existing behavior. class DisablePaginationMixin(object): def get_paginate_by(self, queryset=None): -- cgit v1.2.3