The header input is now properly escaped before splitting and joining with <br> tags. This prevents potential XSS attacks if the header contains unsanitized user input.
* Make inflection package truly optional
Fix#9291
* Make inflection compat layer consistent with the others
Co-authored-by: T. Franzel <13507857+tfranzel@users.noreply.github.com>
---------
Co-authored-by: T. Franzel <13507857+tfranzel@users.noreply.github.com>
* Release Notes for 3.15
- Add docs/community/3.15-announcement.md
- Update docs/community/release-notes.md
- Update mkdocs.yml
Co-authored-by: Bruno Alla <browniebroke@users.noreply.github.com>
* Release date pending
bump
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Fix typo
* Changes to tests should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to tests should not be included in release notes.
* Changes to tests should not be included in release notes.
* Fix typo in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to tests should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Improve changelog entry
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Update docs/community/3.15-announcement.md
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
* Update docs/community/3.15-announcement.md
* Update docs/community/3.15-announcement.md
* Update docs/community/release-notes.md
* Update docs/community/release-notes.md
Co-authored-by: Christian Clauss <cclauss@me.com>
* Update docs/community/release-notes.md
Co-authored-by: Christian Clauss <cclauss@me.com>
* Update docs/community/3.15-announcement.md
Co-authored-by: JAEGYUN JUNG <twicegoddessana1229@gmail.com>
* Update docs/community/release-notes.md
* Update docs/community/release-notes.md
Co-authored-by: JAEGYUN JUNG <twicegoddessana1229@gmail.com>
* Update release version
* Update supported Python and Django versions
---------
Co-authored-by: Rodrigo <rodrigo@crowdbotics.com>
Co-authored-by: Bruno Alla <browniebroke@users.noreply.github.com>
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
Co-authored-by: Christian Clauss <cclauss@me.com>
Co-authored-by: JAEGYUN JUNG <twicegoddessana1229@gmail.com>
* refactor removing parameters from kwargs when creating a ListSerializer
* insert child
* small rewrite
---------
Co-authored-by: Willem Van Onsem <willem.vanonsem@prosafco.be>
* Propagate 'default' from model_field to serializer field
Fix#7469.
Co-authored-by: Nikhil Benesch <nikhil.benesch@gmail.com>
* updated field default on serializer according to openapi generation and added that to options action response
* added notes regarding default value propagation from model to serializer field
* updated note
* Update docs/api-guide/fields.md
* Update docs/api-guide/fields.md
* Update docs/api-guide/fields.md
* Update docs/api-guide/fields.md
* Update docs/api-guide/fields.md
* Update docs/api-guide/fields.md
---------
Co-authored-by: John Parton <john.parton.iv@gmail.com>
Co-authored-by: Nikhil Benesch <nikhil.benesch@gmail.com>
Co-authored-by: Rizwan Shaikh <rshaikh@ces-ltd.com>
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
* Use subquery to remove duplicates in SearchFilter
* Align SearchFilter behaviour to django.contrib.admin
* Add compatibility with older django/python versions
* Allow search to split also by comma after smart split
* Use generator to build search conditions to reduce iterations
* Improve search documentation
* Update docs/api-guide/filtering.md
---------
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
* fix OpenAPIRenderer for timedelta
* added test for rendering openapi with timedelta
* fix OpenAPIRenderer for timedelta
* added test for rendering openapi with timedelta
* Removed usage of field.choices that triggered full table load (#8950)
Removed the `{{ field.choices|yesno:",disabled" }}` block because this triggers the loading of full database table worth of objects just to determine whether the multi-select widget should be set as disabled or not.
Since this "disabled" marking feature is not present in the normal select field, then I propose to remove it also from the multi-select.
* Added Deprecation Warnings for CoreAPI (#7519)
* Added Deprecation Warnings for CoreAPI
* Bumped removal to DRF315
* Update rest_framework/__init__.py
* Update rest_framework/filters.py
* Update rest_framework/filters.py
* Update tests/schemas/test_coreapi.py
* Update rest_framework/filters.py
* Update rest_framework/filters.py
* Update tests/schemas/test_coreapi.py
* Update tests/schemas/test_coreapi.py
* Update setup.cfg
* Update rest_framework/pagination.py
---------
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
* Update copy right timeline
* Fix NamespaceVersioning ignoring DEFAULT_VERSION on non-None namespaces (#7278)
* Fix the case where if the namespace is not None and there's no match,
NamespaceVersioning always raises NotFound even if DEFAULT_VERSION
is set or None is in ALLOWED_VERSIONS
* Add test cases
* fix OpenAPIRenderer for timedelta
* added test for rendering openapi with timedelta
* added testcase for rendering yaml with minvalidator for duration field (timedelta)
---------
Co-authored-by: Rizwan Shaikh <rshaikh@ces-ltd.com>
Co-authored-by: Lenno Nagel <lenno@namespace.ee>
Co-authored-by: David Smith <39445562+smithdc1@users.noreply.github.com>
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
Co-authored-by: Konstantin Kuchkov <konstantin.kuchkov@gmail.com>
* Fix the case where if the namespace is not None and there's no match,
NamespaceVersioning always raises NotFound even if DEFAULT_VERSION
is set or None is in ALLOWED_VERSIONS
* Add test cases
Removed the `{{ field.choices|yesno:",disabled" }}` block because this triggers the loading of full database table worth of objects just to determine whether the multi-select widget should be set as disabled or not.
Since this "disabled" marking feature is not present in the normal select field, then I propose to remove it also from the multi-select.
* fix: Make the instance variable of child serializer point to the correct list object instead of the entire list when validating ListSerializer
* fix formatting issues for list serializer validation fix
* fix imports sorting for list serializer tests
* remove django 2.2 from docs index (#8982)
* Declared Django 4.2 support in README.md (#8985)
* Fix Links in Documentation to Django `reverse` and `reverse_lazy` (#8986)
* Fix Django Docs url in reverse.md
Django URLs of the documentation of `reverse` and `reverse_lazy` were wrong.
* Update reverse.md
* fix URLPathVersioning reverse fallback (#7247)
* fix URLPathVersioning reverse fallback
* add test for URLPathVersioning reverse fallback
* Update tests/test_versioning.py
---------
Co-authored-by: Jorn van Wier <jorn.van.wier@thunderbyte.ai>
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
* Make set_value a method within `Serializer` (#8001)
* Make set_value a static method for Serializers
As an alternative to #7671, let the method be overridden if needed. As
the function is only used for serializers, it has a better place in the
Serializer class.
* Set `set_value` as an object (non-static) method
* Add tests for set_value()
These tests follow the examples given in the method.
* fix: Make the instance variable of child serializer point to the correct list object instead of the entire list when validating ListSerializer
* Make set_value a method within `Serializer` (#8001)
* Make set_value a static method for Serializers
As an alternative to #7671, let the method be overridden if needed. As
the function is only used for serializers, it has a better place in the
Serializer class.
* Set `set_value` as an object (non-static) method
* Add tests for set_value()
These tests follow the examples given in the method.
* fix: Make the instance variable of child serializer point to the correct list object instead of the entire list when validating ListSerializer
* fix: Make the instance variable of child serializer point to the correct list object instead of the entire list when validating ListSerializer
* fix formatting issues for list serializer validation fix
* fix: Make the instance variable of child serializer point to the correct list object instead of the entire list when validating ListSerializer
* fix formatting issues for list serializer validation fix
* fix linting
* Update rest_framework/serializers.py
Co-authored-by: Sergei Shishov <sshishov@users.noreply.github.com>
* Update rest_framework/serializers.py
Co-authored-by: Sergei Shishov <sshishov@users.noreply.github.com>
* fix: instance variable in list serializer, remove commented code
---------
Co-authored-by: Mathieu Dupuy <deronnax@gmail.com>
Co-authored-by: Mehraz Hossain Rumman <59512321+MehrazRumman@users.noreply.github.com>
Co-authored-by: Dominik Bruhn <dominik@dbruhn.de>
Co-authored-by: jornvanwier <mail@jornvanwier.com>
Co-authored-by: Jorn van Wier <jorn.van.wier@thunderbyte.ai>
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
Co-authored-by: Étienne Beaulé <beauleetienne0@gmail.com>
Co-authored-by: Sergei Shishov <sshishov@users.noreply.github.com>
* Make set_value a static method for Serializers
As an alternative to #7671, let the method be overridden if needed. As
the function is only used for serializers, it has a better place in the
Serializer class.
* Set `set_value` as an object (non-static) method
* Add tests for set_value()
These tests follow the examples given in the method.