This commit introduces several improvements to the template tags and filters used in Django Rest Framework (DRF). The enhancements focus on code readability, maintainability, efficiency, and security. Key changes include:
### Enhancements:
1. **Regex Precompilation:**
- Moved regular expression compilation outside of functions to avoid recompilation and improve performance.
2. **Simplified Add Class Function:**
- Refactored the `add_class` function for better readability and efficiency, ensuring that CSS classes are added accurately and safely.
3. **Modularized and Documented Code:**
- Broke down larger functions and added detailed comments and docstrings to explain the purpose and functionality of each tag and filter, improving code maintainability.
4. **Security Enhancements:**
- Ensured proper escaping of HTML and judicious use of `mark_safe` to prevent XSS attacks, particularly in functions dealing with user-generated content.
5. **Optimized Markdown Rendering:**
- Added conditional checks for the availability of the `apply_markdown` function and provided safe fallbacks, enhancing the robustness of markdown rendering.
6. **Improved Handling of Dynamic URLs and Headers:**
- Enhanced the logic for handling dynamic URLs and long headers, ensuring that URLs are quoted correctly and headers are broken safely to maintain readability.
### Detailed Changes:
- Precompiled regex patterns for class handling and URL validation.
- Simplified the `add_class` logic by reducing regex operations and ensuring accurate class insertion.
- Added docstrings and inline comments for better code understanding.
- Enhanced security by using `escape` and `mark_safe` appropriately.
- Improved the handling of markdown text rendering by checking for `apply_markdown` and using `mark_safe`.
- Refined the handling of pagination HTML and form rendering for better user experience.
- Optimized functions to ensure better performance and adherence to Django best practices.
These changes aim to enhance the overall functionality, readability, and security of the template tags and filters, contributing to a more robust and maintainable codebase for Django Rest Framework.
The header input is now properly escaped before splitting and joining with <br> tags. This prevents potential XSS attacks if the header contains unsanitized user input.
According to docs:
https://docs.python.org/3/library/unittest.html#unittest.TestCase.addClassCleanup
> Add a function to be called after tearDownClass() to cleanup resources
used during the test class. Functions will be called in reverse order to
the order they are added (LIFO).
This was revealed with recent change in pytest (`8.2.0`):
> pytest-dev/pytest#11728: For unittest-based tests, exceptions during
class cleanup (as raised by functions registered with
TestCase.addClassCleanup) are now reported instead of silently failing.
`check_urlpatterns` is called before `cleanup_url_patterns` and fails
(problem was hidden by `pytest < 8.2.0`).
`doClassCleanups` can be used instead to check after-cleanup state:
https://docs.python.org/3/library/unittest.html#unittest.TestCase.doClassCleanups
> This method is called unconditionally after tearDownClass(), or after
setUpClass() if setUpClass() raises an exception.
It is responsible for calling all the cleanup functions added by
addClassCleanup(). If you need cleanup functions to be called prior to
tearDownClass() then you can call doClassCleanups() yourself.
Fixes: https://github.com/encode/django-rest-framework/issues/9399
Signed-off-by: Stanislav Levin <slev@altlinux.org>
It _looks_ like blacken-docs is failing on this file.
Running black locally fails with a failed to reformat.
This is because it expects python code, and when it
hits the ">", there's invalid python.
* Fix broken links in release notes for 3.15
A few links aren't rendered properly in the docs, seems to be due to extra spaces.
* Remove duplicate mention of PR number
* Make inflection package truly optional
Fix#9291
* Make inflection compat layer consistent with the others
Co-authored-by: T. Franzel <13507857+tfranzel@users.noreply.github.com>
---------
Co-authored-by: T. Franzel <13507857+tfranzel@users.noreply.github.com>
