The header input is now properly escaped before splitting and joining with <br> tags. This prevents potential XSS attacks if the header contains unsanitized user input.
* Make inflection package truly optional
Fix#9291
* Make inflection compat layer consistent with the others
Co-authored-by: T. Franzel <13507857+tfranzel@users.noreply.github.com>
---------
Co-authored-by: T. Franzel <13507857+tfranzel@users.noreply.github.com>
* Release Notes for 3.15
- Add docs/community/3.15-announcement.md
- Update docs/community/release-notes.md
- Update mkdocs.yml
Co-authored-by: Bruno Alla <browniebroke@users.noreply.github.com>
* Release date pending
bump
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Fix typo
* Changes to tests should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to tests should not be included in release notes.
* Changes to tests should not be included in release notes.
* Fix typo in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to tests should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Improve changelog entry
* Changes to docs should not be included in release notes.
* Changes to docs should not be included in release notes.
* Changes to project workflow should not be included in release notes.
* Changes to docs should not be included in release notes.
* Update docs/community/3.15-announcement.md
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
* Update docs/community/3.15-announcement.md
* Update docs/community/3.15-announcement.md
* Update docs/community/release-notes.md
* Update docs/community/release-notes.md
Co-authored-by: Christian Clauss <cclauss@me.com>
* Update docs/community/release-notes.md
Co-authored-by: Christian Clauss <cclauss@me.com>
* Update docs/community/3.15-announcement.md
Co-authored-by: JAEGYUN JUNG <twicegoddessana1229@gmail.com>
* Update docs/community/release-notes.md
* Update docs/community/release-notes.md
Co-authored-by: JAEGYUN JUNG <twicegoddessana1229@gmail.com>
* Update release version
* Update supported Python and Django versions
---------
Co-authored-by: Rodrigo <rodrigo@crowdbotics.com>
Co-authored-by: Bruno Alla <browniebroke@users.noreply.github.com>
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
Co-authored-by: Christian Clauss <cclauss@me.com>
Co-authored-by: JAEGYUN JUNG <twicegoddessana1229@gmail.com>
* refactor removing parameters from kwargs when creating a ListSerializer
* insert child
* small rewrite
---------
Co-authored-by: Willem Van Onsem <willem.vanonsem@prosafco.be>
* Propagate 'default' from model_field to serializer field
Fix#7469.
Co-authored-by: Nikhil Benesch <nikhil.benesch@gmail.com>
* updated field default on serializer according to openapi generation and added that to options action response
* added notes regarding default value propagation from model to serializer field
* updated note
* Update docs/api-guide/fields.md
* Update docs/api-guide/fields.md
* Update docs/api-guide/fields.md
* Update docs/api-guide/fields.md
* Update docs/api-guide/fields.md
* Update docs/api-guide/fields.md
---------
Co-authored-by: John Parton <john.parton.iv@gmail.com>
Co-authored-by: Nikhil Benesch <nikhil.benesch@gmail.com>
Co-authored-by: Rizwan Shaikh <rshaikh@ces-ltd.com>
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
* Use subquery to remove duplicates in SearchFilter
* Align SearchFilter behaviour to django.contrib.admin
* Add compatibility with older django/python versions
* Allow search to split also by comma after smart split
* Use generator to build search conditions to reduce iterations
* Improve search documentation
* Update docs/api-guide/filtering.md
---------
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
* fix OpenAPIRenderer for timedelta
* added test for rendering openapi with timedelta
* fix OpenAPIRenderer for timedelta
* added test for rendering openapi with timedelta
* Removed usage of field.choices that triggered full table load (#8950)
Removed the `{{ field.choices|yesno:",disabled" }}` block because this triggers the loading of full database table worth of objects just to determine whether the multi-select widget should be set as disabled or not.
Since this "disabled" marking feature is not present in the normal select field, then I propose to remove it also from the multi-select.
* Added Deprecation Warnings for CoreAPI (#7519)
* Added Deprecation Warnings for CoreAPI
* Bumped removal to DRF315
* Update rest_framework/__init__.py
* Update rest_framework/filters.py
* Update rest_framework/filters.py
* Update tests/schemas/test_coreapi.py
* Update rest_framework/filters.py
* Update rest_framework/filters.py
* Update tests/schemas/test_coreapi.py
* Update tests/schemas/test_coreapi.py
* Update setup.cfg
* Update rest_framework/pagination.py
---------
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
* Update copy right timeline
* Fix NamespaceVersioning ignoring DEFAULT_VERSION on non-None namespaces (#7278)
* Fix the case where if the namespace is not None and there's no match,
NamespaceVersioning always raises NotFound even if DEFAULT_VERSION
is set or None is in ALLOWED_VERSIONS
* Add test cases
* fix OpenAPIRenderer for timedelta
* added test for rendering openapi with timedelta
* added testcase for rendering yaml with minvalidator for duration field (timedelta)
---------
Co-authored-by: Rizwan Shaikh <rshaikh@ces-ltd.com>
Co-authored-by: Lenno Nagel <lenno@namespace.ee>
Co-authored-by: David Smith <39445562+smithdc1@users.noreply.github.com>
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
Co-authored-by: Konstantin Kuchkov <konstantin.kuchkov@gmail.com>
* Fix the case where if the namespace is not None and there's no match,
NamespaceVersioning always raises NotFound even if DEFAULT_VERSION
is set or None is in ALLOWED_VERSIONS
* Add test cases