encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-06-08 15:43:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Version 2.2.1

Browse Source
This commit is contained in:
Tom Christie 2013-02-22 20:47:41 +00:00
parent 3357a36e37
commit d44eb20942
2 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
docs/topics/release-notes.md
View File

@ -40,13 +40,22 @@ You can determine your currently installed version using `pip freeze`:
## 2.2.x series ## 2.2.x series
### Master ### 2.2.1
**Date**: 22nd Feb 2013
* Security fix: Use `defusedxml` package to address XML parsing vulnerabilities.
* Raw data tab added to browseable API. (Eg. Allow for JSON input.)
* Added TimeField. * Added TimeField.
* Serializer fields can be mapped to any method that takes no args, or only takes kwargs which have defaults. * Serializer fields can be mapped to any method that takes no args, or only takes kwargs which have defaults.
* Unicode support for view names/descriptions in browseable API.
* Bugfix: request.DATA should return an empty `QueryDict` with no data, not `None`. * Bugfix: request.DATA should return an empty `QueryDict` with no data, not `None`.
* Bugfix: Remove unneeded field validation, which caused extra queries. * Bugfix: Remove unneeded field validation, which caused extra queries.
**Security note**: Following the [disclosure of security vulnerabilities][defusedxml-announce] in Python's XML parsing libraries, use of the `XMLParser` class now requires the `defusedxml` package to be installed.
The security vulnerabilities only affect APIs which use the `XMLParser` class, by enabling it in any views, or by having it set in the `DEFAULT_PARSER_CLASSES` setting. Note that the `XMLParser` class is not enabled by default, so this change should affect a minority of users.
### 2.2.0 ### 2.2.0
**Date**: 13th Feb 2013 **Date**: 13th Feb 2013
@ -389,6 +398,7 @@ This change will not affect user code, so long as it's following the recommended
[cite]: http://www.catb.org/~esr/writings/cathedral-bazaar/cathedral-bazaar/ar01s04.html [cite]: http://www.catb.org/~esr/writings/cathedral-bazaar/cathedral-bazaar/ar01s04.html
[deprecation-policy]: #deprecation-policy [deprecation-policy]: #deprecation-policy
[django-deprecation-policy]: https://docs.djangoproject.com/en/dev/internals/release-process/#internal-release-deprecation-policy [django-deprecation-policy]: https://docs.djangoproject.com/en/dev/internals/release-process/#internal-release-deprecation-policy
[defusedxml-announce]: http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html
[2.2-announcement]: 2.2-announcement.md [2.2-announcement]: 2.2-announcement.md
[staticfiles14]: https://docs.djangoproject.com/en/1.4/howto/static-files/#with-a-template-tag [staticfiles14]: https://docs.djangoproject.com/en/1.4/howto/static-files/#with-a-template-tag
[staticfiles13]: https://docs.djangoproject.com/en/1.3/howto/static-files/#with-a-template-tag [staticfiles13]: https://docs.djangoproject.com/en/1.3/howto/static-files/#with-a-template-tag

2
rest_framework/__init__.py
View File

@ -1,4 +1,4 @@
__version__ = '2.2.0' __version__ = '2.2.1'
VERSION = __version__ # synonym VERSION = __version__ # synonym